[Samba] Trouble joining a W2K3 Native Mode Domain
Hi Guys, I'm having trouble with joining a W2K3 Native Mode Domain. Can anyone point me in the right direction to look for answers? I intslled from rc3 SRPM. When I do: net ads join DOMAIN -U [EMAIL PROTECTED] -d10 I get this error towards the end. Thanks, Dulantha. [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) got OID=1 2 840 113554 1 2 2 3 [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) got OID=1 3 6 1 4 1 311 2 2 10 [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(191) got principal=machine$@REALM [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) krb5_cc_get_principal failed (No credentials cache found) [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) krb5_get_credentials failed for machine$@REALM (KRB5 error code 52) [2003/09/10 17:48:27, 1] utils/net_ads.c:ads_startup(181) ads_connect: Operations error [2003/09/10 17:48:27, 2] utils/net.c:main(758) return code = -1 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba3Rc3_LDAP search failed: Insufficient access
From: Gerald (Jerry) Carter [EMAIL PROTECTED] To: Mimic Mimicmike [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [Samba] samba3Rc3_LDAP search failed: Insufficient access Date: Tue, 9 Sep 2003 12:43:03 -0500 (CDT) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 9 Sep 2003, Mimic Mimicmike wrote: (I saw some one post this (BUG) in previous version, but I see at bugzilla.samba.org this bug is FIXED ) It's seems there are several instances of this bug. We fixed all the ones we could reproduce. Can you give me some more details? For example, * smb.conf * operation you are trying to perform when you see the failure (including client details such as OS and SP) * any error messages you see on the client [2003/09/09 16:09:33, 0] lib/smbldap.c:smbldap_open(801) Sep 9 16:09:33 rod smbd[18078]: smbldap_open: cannot access LDAP when not root.. Sep 9 16:09:33 rod smbd[18078]: [2003/09/09 16:09:33, 0] passdb/pdb_ldap.c:ldapsam_setsamgrent(2085) Sep 9 16:09:33 rod smbd[18078]: LDAP search failed: Insufficient access Sep 9 16:09:33 rod smbd[18078]: [2003/09/09 16:09:33, 0] passdb/pdb_ldap.c:ldapsam_enum_group_mapping(2150) Sep 9 16:09:33 rod smbd[18078]: Unable to open passdb Sep 9 16:09:33 rod smbd[18078]: [2003/09/09 16:09:33, 0] lib/smbldap.c:smbldap_open(801) cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) Hi, My Samba PDC is Redhat9.0 Client both XPsp1 and win2k Pro. sp3 this error will occure when I find user(and group) for seting security for User in samba domain, on client no error message but quite slow (samba search 10sec. compare with w2kserv. 1-2 sec.) but It can search in finally. smb.conf - [global] netbios name = rod passdb backend = ldapsam, guest ldap suffix = dc=abc,dc=net ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap admin dn = cn=admin,dc=abc,dc=net idmap backend = ldap:ldap://xxx.xx.x.xxx ldap idmap suffix = ou=idmap,dc=abc,dc=net workgroup = abc server string = Samba admin test Server allow trusted domains = yes log file = /var/log/samba/log.%m max log size = 50 security = user password server = * password level = 8 username level = 8 encrypt passwords = yes username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 65 logon drive = U: logon path = domain logons = yes add machine script = /usr/sbin/useradd -d /dev/null -g 1000 -s /bin/false -M %u wins server = 172.xx.x.x time server = yes winbind separator = + idmap uid = 3-4 idmap gid = 3-4 winbind enum users = yes winbind enum groups = yes [homes] comment = Home Directories browseable = no writable = yes [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writable = no _ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble joining a W2K3 Native Mode Domain
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did you get a ticket with kinit? See http://us2.samba.org/samba/devel/docs/html/Samba-HOWTO-Collection.html#ads-member Hope this helps. :) - -Tom Dulantha Peiris wrote: | Hi Guys, | | I'm having trouble with joining a W2K3 Native Mode Domain. | Can anyone point me in the right direction to look for answers? | | I intslled from rc3 SRPM. When I do: | net ads join DOMAIN -U [EMAIL PROTECTED] -d10 | | I get this error towards the end. | | Thanks, | Dulantha. | | | | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) | got OID=1 2 840 113554 1 2 2 3 | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) | got OID=1 3 6 1 4 1 311 2 2 10 | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(191) | got principal=machine$@REALM | [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) | krb5_cc_get_principal failed (No credentials cache found) | [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) | krb5_get_credentials failed for machine$@REALM (KRB5 error code 52) | [2003/09/10 17:48:27, 1] utils/net_ads.c:ads_startup(181) | ads_connect: Operations error | [2003/09/10 17:48:27, 2] utils/net.c:main(758) | return code = -1 | | | | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/Xp7xRliD/69byygRAopMAKCBRtbCwrfhXpd9TSqkvq0LMShTDgCfTaBN iXdLlAs1Tyf9xHAQHE1CQ1c= =o6YI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] string to long for hosts allow in smb.conf
We have found that a number of users (especially notebook user with Win95) try to change their IP-address to get more permissions when they login to the network. Since we have a database with all of the systems registered and we already automatically build our configuration files when something changing in this database (MySql), we tried to block the unregistered IP number by expanding the hosts allow option in the smb.conf with all the IP number in the database. Original Entry: hosts allow = 195.193.119. localhost changed to include = /usr/local/samba/lib/include/hosts_allow119.smb (all parts of the smb.conf file created by an update in the database have an include line in the smb.conf file, therefor not the smb.conf is updated but the include files are updated) the include file for the hosts allow looks like: hosts allow = 195.193.119.1 \ 195.193.119.10 \ 195.193.119.11 \ . . . . . . . . 195.193.119.201 \ localhost Using this generated an error indicating that the string was to long. We have also tried to put de line hosts allow directly into the smb.conf, but also this generated the same error. We are not using NIS and can not use the netgroup option. We also have tried to replace the C class part of the IP number with an environment variable, but cannot find a variable with this value. How can we overcome this string to long error? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] roaming profiles
Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the files' ownership to Administrator does not help - I have to restart the machine completely. I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. Any ideas? André de Koning IT Manager Softline VIP Payroll Tel: +27 12 420 7000 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Not sure if samba really not responding
Hello, We are using samba 2.2.8a on AIX 5.2 ML1 download from: ftp://aixpdslib.seas.ucla.edu/pub/samba/RISC/5.1/exec/samba.2.2.8a.tar.Z The server works fine initially. However, after it had run for some time, we hit the problem that samba not responding to the command smbclient -L NB name. We have done some isolation as below: 1) Trace of the system calls under abnormal scenerio and see something like: getsockopt(3, 65535, 4104, 0x2FF21294, 0x2FF21290) = 0 connext(3, 0x2FF212F0, 16) Err#55 EINPROGRESS 2) When this problem occur, the already connected clients can still work fine. 3) We use the smbcontrol PID of smbd ping number of packet to test ALL the active smbd processes (ps -aef | grep smbd) and see if the smbd response. smbd.log logged something: [2003/09/10 11:21:25, 1] lib/messages.c:ping_message(85) INFO: Received PING message from PID 92566 [none] Seems that the smbd responses but ONLY not responding to smbclient -L. Do you have any hints on how to debug the problem ? Welcome to advise if the above information is not sufficient. Thanks and Regards, Alex Fung -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Installing additional features after install
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 9 Sep 2003 [EMAIL PROTECTED] wrote: How can i install features for samba3.0rc2 after installing with rpm?? I want to have the feature disk quota. You cannot install features that are not compiled into the binary. If quota support isn't included in your rpm, you will have to get the SRPM from http://at.samba.org/ftp/Binary_Packages/RedHat/SRPMS/ then run configure with the appropriate switches and recompile. I dont'know how to automatically build RPMs, but http://www.rpm.org/RPM-HOWTO/build-it.html knows. You might also have a look at http://at.samba.org/samba/devel/docs/html/Samba-HOWTO-Collection.html#compiling regards Alex - -- Life is what happens to you while you're busy making other plans. --John Lennon -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/XtJwNf7NP+s4C+YRAvmFAJ4s8nU4QUCJUVueC5b6tqxOUf47cACgogI8 G98SuIVc8ICbfiw8j6lhn84= =WiIR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble joining a W2K3 Native Mode Domain
Thanks Tom, I did a kinit with [EMAIL PROTECTED] (before trying the net ads join) and it didnt give any errors. 'klist tickets' gives me: klist: No credentials cache found (ticket cache FILE:tickets) - Original Message - From: Tom Dickson [EMAIL PROTECTED] To: Dulantha Peiris [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 3:48 PM Subject: Re: [Samba] Trouble joining a W2K3 Native Mode Domain -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did you get a ticket with kinit? See http://us2.samba.org/samba/devel/docs/html/Samba-HOWTO-Collection.html#ads-m ember Hope this helps. :) - -Tom Dulantha Peiris wrote: | Hi Guys, | | I'm having trouble with joining a W2K3 Native Mode Domain. | Can anyone point me in the right direction to look for answers? | | I intslled from rc3 SRPM. When I do: | net ads join DOMAIN -U [EMAIL PROTECTED] -d10 | | I get this error towards the end. | | Thanks, | Dulantha. | | | | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) | got OID=1 2 840 113554 1 2 2 3 | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(184) | got OID=1 3 6 1 4 1 311 2 2 10 | [2003/09/10 17:48:27, 3] libads/sasl.c:ads_sasl_spnego_bind(191) | got principal=machine$@REALM | [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) | krb5_cc_get_principal failed (No credentials cache found) | [2003/09/10 17:48:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) | krb5_get_credentials failed for machine$@REALM (KRB5 error code 52) | [2003/09/10 17:48:27, 1] utils/net_ads.c:ads_startup(181) | ads_connect: Operations error | [2003/09/10 17:48:27, 2] utils/net.c:main(758) | return code = -1 | | | | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/Xp7xRliD/69byygRAopMAKCBRtbCwrfhXpd9TSqkvq0LMShTDgCfTaBN iXdLlAs1Tyf9xHAQHE1CQ1c= =o6YI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] rc3 net groupmap add fails (more information)
This fails on rc2 as well, sorry don't have rc1 to try. But if disable ldap it works, is there a bug in ldap backend? Godfrey John H Terpstra wrote: On Tue, 9 Sep 2003 [EMAIL PROTECTED] wrote: Sorry it still does no work Linux version is Mandrake 8.2 I made rc3 rpm using mandrake samba3 src rpm with necessary minnor modifications Listed all groups so you can see rid not problem [EMAIL PROTECTED] migration]# net3 groupmap list Administrators (S-1-5-21-1617713866-2789119093-1479812082-512) - root Backup Operators (S-1-5-21-1617713866-2789119093-1479812082-1003) - bin Replicators (S-1-5-21-1617713866-2789119093-1479812082-1005) - daemon System Operators (S-1-5-21-1617713866-2789119093-1479812082-1007) - sys Print Operators (S-1-5-21-1617713866-2789119093-1479812082-1015) - lp Domain Admins (S-1-5-21-1617713866-2789119093-1479812082-21003) - ntadmin Staff (S-1-5-21-1617713866-2789119093-1479812082-22001) - staff Accounts (S-1-5-21-1617713866-2789119093-1479812082-22005) - accounts Family (S-1-5-21-1617713866-2789119093-1479812082-22007) - family Domain Guests (S-1-5-21-1617713866-2789119093-1479812082-514) - nogroup [EMAIL PROTECTED] migration]# net3 groupmap add ntgroup=Power Users unixgroup=sys type=d rid=1008 [2003/09/09 20:05:24, 0] passdb/pdb_ldap.c:ldapsam_add_group_mapping_entry(1911) Group 3 already exists in LDAP adding entry for group Power Users failed! It does not seem to like multiple ntgroups to single unix group Not quite! You can not have more than one NT Domain Group per UNIX Group. But you can have more than on NT Local Group per UNIX group. Try: net groupmap add ntgroup=Flying Pigs unixgroup=sys type=l net groupmap list Here's my output: - frodo:~ # net groupmap modify ntgroup=Replicators unixgroup=sys Updated mapping entry for Replicators frodo:~ # net groupmap list System Operators (S-1-5-32-549) - sys Replicators (S-1-5-32-552) - sys Guests (S-1-5-32-546) - nobody Domain Users (S-1-5-21-1593769616-160655940-3590153233-513) - users Domain Admins (S-1-5-21-1593769616-160655940-3590153233-512) - root Domain Guests (S-1-5-21-1593769616-160655940-3590153233-514) - nobody Power Users (S-1-5-32-547) - sys Master (S-1-5-21-1593769616-160655940-3590153233-2345) - master Print Operators (S-1-5-32-550) - lp Administrators (S-1-5-32-544) - root Account Operators (S-1-5-32-548) - root Backup Operators (S-1-5-32-551) - bin Users (S-1-5-32-545) - users - John T. Many Thanks Godfrey [SNIP] Try: net groupmap add ntgroup=Power Users unixgroup=sys type=d rid=1008 Can multiple ntgroups map to a single unix group? Yes. - John T. [SNIP] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] roaming profiles
hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba 2.2.8a *without* 'NT ACL SUPPORT = no' on the profile share w2k sp4 ('NT ACL SUPPORT = no' was not running in this case, but i can't remind the symptoms.) i hope it helped. - let me know gk Any ideas? André de Koning IT Manager Softline VIP Payroll Tel: +27 12 420 7000 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Netware CIFS nlm - linux samba
I posted this question on 15/8/03 - almost a month ago. Since I've had no response, I assume that very few people have seen the problem. So I'll tell what we have discovered in the meantime. Here's the original post: --- From: Glen Davison ([EMAIL PROTECTED]) Subject: [Samba] Netware CIFS nlm - linux samba Date: 2003-08-15 01:40:06 PST Dear Gurus, We're having bizarre problems/behaviour. Admittedly we have an unusual set-up: - users on linux desktops (RedHat/KDE) mounting files over SMB using samba-2.2.5-10 -client and -common rpms. - files are on a SAN, clustered behind 2 netware servers (6.5), wihch run the cifs.nlm (netware guy has gone home - can't tell you the version just now ) Files are spontaneously changing modification timestamps - anywhere between about 1930 and 2040 (AD, not hours). Or more likely *presenting* those timestamps most of the time, though now and then the correct timestamp will swim into view briefly. example: [EMAIL PROTECTED] glen]$ ls -l home/test333* -rwxr-xr-x1 glen users 0 Aug 12 16:44 home/test3332 -rwxr-xr-x1 glen users 11 Aug 12 16:43 home/test [EMAIL PROTECTED] glen]$ ls -l home/test -rwxr-xr-x1 glen users 11 Sep 2 1992 home/test [EMAIL PROTECTED] glen]$ ls -l home/test3332 -rwxr-xr-x1 glen users 0 Oct 26 1992 home/test3332 [home is the mount-point, or rather a symlink down thru the mount a little way] Most newly created files seem to have the problem straight away. (But the bulk of the files were rsync'd across from a Tru64 filesystem a month ago) We have tried versions 2.2.8a and 3.0.0beta of smbclient / smbmount; 2.2.8a was the same; 3.0.0 started with promising results, but it eventually did the same timestamp trick (maybe less frequent??) but it also dies somehow after about 30 mins and has to be remounted. We believe we have narrowed this behaviour down to only linux samba clients talking to the netware cifs nlm. To add to the pot: we have also had a handful of files apparently change filename spontaneously - so that they start with '..' In most cases, they started as .xyz and became ..xyz The only processes which touched those files should have been reads - no writes. This may be a red herring - may not be samba-related. The timestamp issue is wide-spread, the filename problem is rare. So, has anyone seen anything like this? Can you explain what causes it? And is there a solution? TIA Glen --- What we have been able to discover since then, by experiment, research and guesswork follows. Note: a lot of this was worked out by a colleague, including ripping off half this email itself. It seems that netware NSS stores modification ( other?) time-stamps in the directory-file (the file which *is* the containing directory) like windows does, whereas unix filsystems store this info in the file's inode. When the CIFS nlm on netware receives a file query, it looks at the file itself which doesn't have the timestamp, and hence it returns some sort of bogus/semi-random/null result, and we see the stupid timestamp. But if samba (or cifs.nlm) gets a directory query, then a file query, within a time-window smaller than the time that it caches results for (1 second by default I think) then the file query gets the correct time, remembered from the directory query. This explains the behaviour seen above - `ls -l x*` does a directory query for the glob expansion, then a file query on each resulting file, and hence the correct time! More examples of successes and failures: ls -l file* -- correct timestamp ls -l file1 -- wrong timestamp ls -l $(echo file*) -- correct timestamp ls /dev/null; ls -l file1 -- correct timestamp ls /dev/null; sleep 2; ls -l file1 -- random timestamp By extending smbmount's ttl (length of cache) option, there are obviously poor results: -bash-2.05b# ls -l ? -rwx--1 root root6 Aug 20 16:10 x -bash-2.05b# ls -l x -rwx--1 root root6 Aug 20 16:10 x -bash-2.05b# touch x -bash-2.05b# ls -l x -rwx--1 root root6 Nov 24 1922 x So here a file was modified and the kernel smb cache now forgot the timestamp (due to modification) and assigns another random timestamp. This is not good at all. Further, when first you mount a file system and try to access a file, you may well get the message that the file does not exist! In C, unix uses the 'stat()' system call for the file query. To get correct timestamps, do a opendir(), readdir() beforehand. Attached is C source to see the difference. The opendir code is currently commented out, so it will give bad timestamps as is. To get correct NSS timestamps in
AW: [Samba] Allow copy and deny delete
Hi, You can use the sticky bit on directories (like /tmp is setup), so you can grant write access for any user, but they can't remove files owned by different uids. But Users can remove there own files anyway. Jürgen -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Josué Maldonado Gesendet: Dienstag, 9. September 2003 18:27 An: [EMAIL PROTECTED] Betreff: [Samba] Allow copy and deny delete Hello list, I need to setup a shared dir that allow users from my LAN to copy files to it, but deny them from deleting. I searched if that could be done with Unix permissions but so far it seems is not possible, so, is there way to setup such share in samba. Thanks in advance -- Josué Maldonado. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sun, Sybase and SPSS invite you to a Web Seminar
SPSS Sun and Sybase Present FRAUD DETECTION: MEETING THE DEMANDS OF REGULATORY COMPLIANCE Date: Tuesday, September 23, 2003 Time: 10:00 a.m. PDT/1:00 p.m. EDT Duration: One hour Are new federal compliance regulations creating new sources of stress for you and additional challenges for your enterprise? As if staying competitive in this economy isn't tough enough, the government is now requiring organizations to detect and report various types of fraud to meet new regulations and standards...or face the consequences for non-compliance. Join Keynote Andrew Braunberg, regarded senior analyst for Current Analysis, in this interactive Web Seminar as he discusses how to design an effective and cost-efficient fraud detection system. THEN, stay tuned as senior experts from Sybase, Sun and SPSS unite with Braunberg for a live, expanded interactive panel discussion, which includes: 1. new developments in compliance issues that every corporate decision-maker should be aware of...and tips on how to address them 2. strategies to minimize risk, lower operational costs and increase profitability while implementing an advanced fraud detection system register now at - http://www.dmreview.com/eletters/clickReg.cfm?URLID=3498 To unsubscribe please contact [EMAIL PROTECTED] and put unsubscribe Web seminar in the subject line. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] string to long for hosts allow in smb.conf
h p. why u're not using a combination between hosts allow and hosts deny also use bind interfaces... P. Bruggink schrieb: We have found that a number of users (especially notebook user with Win95) try to change their IP-address to get more permissions when they login to the network. Since we have a database with all of the systems i cannot follow: how do they get *more* permissions on samba? are u not using 'security=user || security=domain' ? also, maybe there's a possibility with DHCP to prevent this? registered and we already automatically build our configuration files when something changing in this database (MySql), we tried to block the unregistered IP number by expanding the hosts allow option in the smb.conf with all the IP number in the database. maybe i cannot follow u. but why u try to block ip's dynamically with samba. (a.f.a.i.k. u have to restart samba to make effect hosts allow) why u're not simply using iptables or ipchains? i think, thats the best way... Original Entry: hosts allow = 195.193.119. localhost changed to include = /usr/local/samba/lib/include/hosts_allow119.smb (all parts of the smb.conf file created by an update in the database have an include line in the smb.conf file, therefor not the smb.conf is updated but the include files are updated) the include file for the hosts allow looks like: hosts allow = 195.193.119.1 \ 195.193.119.10 \ 195.193.119.11 \ . . . . . . . . 195.193.119.201 \ localhost Using this generated an error indicating that the string was to long. We have also tried to put de line hosts allow directly into the smb.conf, but also this generated the same error. We are not using NIS and can not use the netgroup option. We also have tried to replace the C class part of the IP number with an environment variable, but cannot find a variable with this value. How can we overcome this string to long error? maybe with hosts deny that will be less adresses... i hope it helpes, let me know gk -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] roaming profiles
I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba 2.2.8a *without* 'NT ACL SUPPORT = no' on the profile share w2k sp4 ('NT ACL SUPPORT = no' was not running in this case, but i can't remind the symptoms.) i hope it helped. - let me know gk Any ideas? André de Koning IT Manager Softline VIP Payroll Tel: +27 12 420 7000 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] This should be a simple issue!
I must be missing something here. I am trying to set up a Samba share called Samba on \\Spear (as my win2k sees it). However, I intermittently get the following errors when I try to access: SAMBA Not Accessible. The list of servers for this workgroup is not currently available -or- \\Spear not accessible. The network path was not found I remember getting welcomed to the SAMBA workgroup, and under the little comments section in the win2k network neighbood, I could see that it was reading the Server Comments, so I know it is seeing the NETBIOS information. I can ping the system from the win2k box via ip address, but not system name. Both systems are under home.net domain. I am using the samba that came with Redhat 9. I think it is 2.2.8, definitely not RC3. Attached is the smb.conf file trimmed of most of the comments. It was created by using webmin. If anyone can give some direction, I would appreciate it. I'm a bit dense the first couple of times working with something new to me. I also need to adapt this to sharing to a Win2k3 server that is on a Domain (at another job). It can see the Workgroup and system, but can't authenticate. Thanks! Ross smb_conf_trimmed.txt [global] log file = /var/log/samba/%m.log smb passwd file = /etc/samba/smbpasswd load printers = yes passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 obey pam restrictions = yes guest ok = yes username map = /etc/samba/user.map hosts allow = 192.168.0.120 127. encrypt passwords = yes passwd program = /usr/bin/passwd %u dns proxy = no netbios name = Spear server string = samba server printing = cups password server = Spear default = samba unix password sync = yes remote announce = 192.168.0.120/SAMBA workgroup = SAMBA os level = 20 printcap name = /etc/printcap security = user max log size = 0 pam password change = yes [homes] comment = Home Directories browseable = no writeable = yes valid users = %S create mode = 0664 directory mode = 0775 [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print printable = yes [samba] create mask = 0765 comment = Samba_Logs printable = no writeable = yes valid users = ross,root,cheryl path = /var/log/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] roaming profiles
Andre de Koning schrieb: yeah, i did check the profile's perms. No name still the same - I did however upgrade the samba version to .2.8a - It started before this though - the closest event I can think of was upgrading the linux box from redhat 7.1 to redhat 8.0 which I think upgraded samba to 2.2.5. look at 'smbstatus -b' for your version check, if there's different versions of files on your machine (smbd,nmbd). what does the logscripts say? is the problem on a special machine or is it on a special user? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 11:43 To: Andre de Koning Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied - chown user and chmod 0700 -R on the users profile on the server ? - did u change the netbios name of the server? - which smb version u are running now? I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba 2.2.8a *without* 'NT ACL SUPPORT = no' on the profile share w2k sp4 ('NT ACL SUPPORT = no' was not running in this case, but i can't remind the symptoms.) i hope it helped. - let me know gk Any ideas? André de Koning IT Manager Softline VIP Payroll Tel: +27 12 420 7000 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] roaming profiles
Ahh ... there seems to be a problem here: I install 2.2.8a this morning but smbstatus still says 2.2.5 Can I rpm -Uvh --force samba? Would this fix version prob and would my configs etc. stay intact? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 01:16 To: Andre de Koning; Samba List Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: yeah, i did check the profile's perms. No name still the same - I did however upgrade the samba version to .2.8a - It started before this though - the closest event I can think of was upgrading the linux box from redhat 7.1 to redhat 8.0 which I think upgraded samba to 2.2.5. look at 'smbstatus -b' for your version check, if there's different versions of files on your machine (smbd,nmbd). what does the logscripts say? is the problem on a special machine or is it on a special user? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 11:43 To: Andre de Koning Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied - chown user and chmod 0700 -R on the users profile on the server ? - did u change the netbios name of the server? - which smb version u are running now? I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba 2.2.8a *without* 'NT ACL SUPPORT = no' on the profile share w2k sp4 ('NT ACL SUPPORT = no' was not running in this case, but i can't remind
RE: [Samba] roaming profiles
I just did rpm -Uvh --force to reinstall wint 2.2.8a but smbstatus -b still says 2.2.5? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 01:16 To: Andre de Koning; Samba List Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: yeah, i did check the profile's perms. No name still the same - I did however upgrade the samba version to .2.8a - It started before this though - the closest event I can think of was upgrading the linux box from redhat 7.1 to redhat 8.0 which I think upgraded samba to 2.2.5. look at 'smbstatus -b' for your version check, if there's different versions of files on your machine (smbd,nmbd). what does the logscripts say? is the problem on a special machine or is it on a special user? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 11:43 To: Andre de Koning Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied - chown user and chmod 0700 -R on the users profile on the server ? - did u change the netbios name of the server? - which smb version u are running now? I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba 2.2.8a *without* 'NT ACL SUPPORT = no' on the profile share w2k sp4 ('NT ACL SUPPORT = no' was not running in this case, but i can't remind the symptoms.) i hope it helped. - let me know gk Any ideas? André de Koning IT Manager Softline VIP Payroll
Re: [Samba] roaming profiles
it seems, u have installed samba with a different type (source package?) try to clean all binaries (find / -name smbd a.s.o.) after deinstall it over rpm. then try to reinstall. but first save smb.conf and write out your SID, will be healthy :-) Andre de Koning schrieb: I just did rpm -Uvh --force to reinstall wint 2.2.8a but smbstatus -b still says 2.2.5? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 01:16 To: Andre de Koning; Samba List Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: yeah, i did check the profile's perms. No name still the same - I did however upgrade the samba version to .2.8a - It started before this though - the closest event I can think of was upgrading the linux box from redhat 7.1 to redhat 8.0 which I think upgraded samba to 2.2.5. look at 'smbstatus -b' for your version check, if there's different versions of files on your machine (smbd,nmbd). what does the logscripts say? is the problem on a special machine or is it on a special user? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 11:43 To: Andre de Koning Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied - chown user and chmod 0700 -R on the users profile on the server ? - did u change the netbios name of the server? - which smb version u are running now? I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the profile share to prevent us from this issue. in samba 2.2.8a all is running fine without this switch. but we've allready installed sp4 on *all* our w2k clients. files' ownership to Administrator does not help - I have to restart the machine completely. restarting the client helps? I was originally runnig samba 2.2.1a and tried upgrading to 2.2.3, 2.2.5 and this morning to 2.2.8a. I also upgraded from redhat 6 to 7 to 7.1 and last week to 8.0 but this does not make any difference. I've tried service pack 2 and 3 on the w2k boxes but to 4 - some of my software does not work when 4 is loaded. i've only checked this two configurations: samba 2.2.2 with 'NT ACL SUPPORT = no' on the profile share w2k sp2 and sp3 samba
RE: [Samba] roaming profiles
I got that fixed - the original samba was installed from source (cvs) and this one I used the rpm - they installed in different locations. I now have another, more pressing, problem though: To try to fix the profile problem I took the machine (w2k terminal server) off the domain and install sp4. After the required reboot it now refuses to join the domain again!! Other terminal servers and w2k prof machines on the domain still allow me to log on - is there something special you need to do when you install sp4? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 01:36 To: Andre de Koning Cc: 'Samba List' Subject: Re: [Samba] roaming profiles it seems, u have installed samba with a different type (source package?) try to clean all binaries (find / -name smbd a.s.o.) after deinstall it over rpm. then try to reinstall. but first save smb.conf and write out your SID, will be healthy :-) Andre de Koning schrieb: I just did rpm -Uvh --force to reinstall wint 2.2.8a but smbstatus -b still says 2.2.5? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 01:16 To: Andre de Koning; Samba List Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: yeah, i did check the profile's perms. No name still the same - I did however upgrade the samba version to .2.8a - It started before this though - the closest event I can think of was upgrading the linux box from redhat 7.1 to redhat 8.0 which I think upgraded samba to 2.2.5. look at 'smbstatus -b' for your version check, if there's different versions of files on your machine (smbd,nmbd). what does the logscripts say? is the problem on a special machine or is it on a special user? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 11:43 To: Andre de Koning Subject: Re: [Samba] roaming profiles Andre de Koning schrieb: I managed to delete the temporary cached profile on one of the windows boxes but when I now log onto that machine with the user in question if get: Windows cannot log you on because the profile cannot be loaded. Contact your network administrator DETAIL - Access denied - chown user and chmod 0700 -R on the users profile on the server ? - did u change the netbios name of the server? - which smb version u are running now? I haven't tried w2k sp4 yet - downloading now but what bugs me is that it did work before and only gave me problems from time to time - now it constantly does it! any ideas? Andre -Original Message- From: kurt weiss [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 09:50 To: Andre de Koning Cc: [EMAIL PROTECTED] Subject: Re: [Samba] roaming profiles hi andre see below for my comments. Andre de Koning schrieb: Hi all. I'm runnig samba as a DC with win2k clients using roaming profiles. Since installation I have been experiencing problems with users unable to log in due to their profiles not loading - some users are on w2k prof end some use w2k terminal services. It maily complains about not being able to load (or copy) files like prf23.tmp - access denied etc. Most of the time if I delete the file in question in eg. profiledir/Nethood, profiledir/Application Data/Microsoft/Office/Recent en when I log on again it works. It now started the profile cannot be loaded bacause some file cannot be copied and when I go delete the file in the profile dir in the samba box and try again as usual it still tells me that the profile cannot be loaded - logging you in with a temporary profile - when I click OK a box just pops up saying profile cannot be loaded - access denied. This seems to be entirely random - different client machines and terminal servers and different user accounts every time. Sometimes I have to restart the w2k terminal server for the problem to go away and sometimes I have to restart smb on the linux box. This always only fixes some of the users' logins but others can't log in again - it also only lasts for about 3 hours that were back when we started. Sometimes I have to completely delete a user's profile and log into w2k for it to be recreated before it works again. I also noticed than if I try to delete the temporary copy of the user's profile in Documents and Settings just after I got the problem I get Access Denied or Cannot delete, directory not empty messages from windows. When this happens, changing the permissions or ever changing the this is the problem... your client-side copy is damaged. u *must* get ownership for the broken files as administrator, then u can correct the rights. this u have to do with *every* broken file. (sh.. i know...) we had the same problems. for me it seems, that it's a w2k problem. especially therefore, that ms has corrected such failures in sp4. as far as we used samba 2.2.2 we used the switch NT ACL SUPPORT = no in smb.conf for the
[Samba] one user from only one workstation at the same time
Hi, I have a problem, I cannot set the samba as it allows users to log on only from one workstation at the same time. Anyone can tell me please how can i solve this problem with samba. The system is Debian GNU Linux woody, samba's version is: 2.2.3a-12.3 The samba is working as PDC well, i only need this option. Thank you in advance. -[Rocky]---[ Poos Krisztian ]---[ Linux / Debian 2.2 ]---[ F-S-F ]- ---[ Email : [EMAIL PROTECTED] ]--- [ www : http://rocky.modultechnika.hu ] [ ICQ uin# : 33461141 ] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Joining to Windows 2000 domain
Hi I am trying to join Samba 2.23 to W2K domain. After creating a computer account on the PDC I run: sudo smbpasswd -j THEFORWARDGROUP -r PDF -D 4 But it doesn¹t connect and I get the following: added interface ip=192.168.1.51 bcast=192.168.1.255 nmask=255.255.255.0 resolve_lmhosts: Attempting lmhosts lookup for name PDF0x20 startlmhosts: Can't open lmhosts file /etc/lmhosts. Error was No such file or directory resolve_hosts: Attempting host lookup for name PDF0x20 Connecting to 192.168.1.25 at port 445 resolve_lmhosts: Attempting lmhosts lookup for name PDF0x20 startlmhosts: Can't open lmhosts file /etc/lmhosts. Error was No such file or directory resolve_hosts: Attempting host lookup for name PDF0x20 Connecting to 192.168.1.25 at port 445 cli_net_req_chal: LSA Request Challenge from PDF to SERVER1: F2972C23FA8C8474 cred_session_key cred_create cli_net_auth2: srv:\\PDF acct:SERVER1$ sc:2 mc: SERVER1 chal F96E881045A228F4 neg: 1ff cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine PDF. Error was : NT_STATUS_ACCESS_DENIED. 2003/09/10 14:27:30 : change_trust_account_password: Failed to change password for domain THEFORWARDGROUP. Unable to join domain THEFORWARDGROUP. ON the PDC I get the following message: The session setup from the computer SERVER1 failed to authenticate. The name of the account referenced in the security database is SERVER1$. The following error occurred: Access is denied. Anyone have any ideas why I am getting access denied from the PDC. I checked allow pre-W2K computers to use the computer account when I created it Thanks Craig -- Craig Taylor IT Director Forward Ltd 84-86 Regent Street London W1B 5DD Telephone: +44 (0)20 7734 2303 Fax: +44 (0)20 7494 2570 http://www.theforwardgroup.com *** Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Forward Ltd *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Iconv support - Samba 3.0rc2/Solaris 9 (sparc)
Chew, Darren a écrit : 500 Server Error chdir failed - the server is not configured correctly Hi, Same problem with Samba 3.0rc3/Solaris 8 (sparc) Thanks for any help. Guy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can't change password : PANIC failed to set gid
Hi ! When trying to change users password from NT or XP workstations (using CTRl-ALT-DEL), I get an error under Windows and this in my samba logs: Sep 10 16:15:08 testbox kernel: pid 2709 (smbd), uid 1: exited on signal 6 Sep 10 16:15:08 testbox smbd[2709]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2709]: Failed to set gid privileges to (0,1) now set to (1,1) uid=(0,1) Sep 10 16:15:08 testbox smbd[2709]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2709]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2709]: Sep 10 16:15:08 testbox smbd[2709]: Sep 10 16:15:08 testbox kernel: pid 2710 (smbd), uid 1: exited on signal 6 Sep 10 16:15:08 testbox smbd[2710]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2710]: Failed to set gid privileges to (0,1) now set to (1,1) uid=(0,1) Sep 10 16:15:08 testbox smbd[2710]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2710]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2710]: Sep 10 16:15:08 testbox smbd[2710]: Sep 10 16:15:08 testbox smbd[2711]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2711]: Failed to set gid privileges to (0,1) now set to (1,1) uid=(0,1) Sep 10 16:15:08 testbox smbd[2711]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2711]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2711]: Sep 10 16:15:08 testbox smbd[2711]: Sep 10 16:15:08 testbox kernel: pid 2711 (smbd), uid 1: exited on signal 6 Sep 10 16:15:08 testbox kernel: pid 2712 (smbd), uid 65534: exited on signal 6 Sep 10 16:15:08 testbox smbd[2712]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2712]: Failed to set gid privileges to (0,65534) now set to (65534,65534) uid=(0,65534) Sep 10 16:15:08 testbox smbd[2712]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2712]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2712]: Sep 10 16:15:08 testbox smbd[2712]: Sep 10 16:15:08 testbox kernel: pid 2713 (smbd), uid 65534: exited on signal 6 Sep 10 16:15:08 testbox smbd[2713]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2713]: Failed to set gid privileges to (0,65534) now set to (65534,65534) uid=(0,65534) Sep 10 16:15:08 testbox smbd[2713]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2713]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2713]: Sep 10 16:15:08 testbox smbd[2713]: Sep 10 16:15:08 testbox kernel: pid 2714 (smbd), uid 65534: exited on signal 6 Sep 10 16:15:08 testbox smbd[2714]: [2003/09/10 16:15:08, 0] lib/util_sec.c:assert_gid(114) Sep 10 16:15:08 testbox smbd[2714]: Failed to set gid privileges to (0,65534) now set to (65534,65534) uid=(0,65534) Sep 10 16:15:08 testbox smbd[2714]: [2003/09/10 16:15:08, 0] lib/util.c:smb_panic(1094) Sep 10 16:15:08 testbox smbd[2714]: PANIC: failed to set gid Sep 10 16:15:08 testbox smbd[2714]: Sep 10 16:15:08 testbox smbd[2714]: Do you have any idea what could cause this ? I didn't set the unix password sync option yet, so the problem does not comes from there. I'm using FreeBSD-5.1+samba-2.2.8a (with Unix accounts, no ldap). Thanks in advance for your help. Regards, Antoine -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba3.0.0rc3 - charset
I am seeing the same slowdown problem, and have found a couple of other things. The problem began for me after doing a CVS update and installing on the evening of 7 Sep. Reverting to my previous build of 31 Aug eliminates the problem. smbd is in constant run state, but strace shows no system calls. A new smbd starts up every few minutes (as if XP is trying to reconnect) and exhibits the same problems. The previous smbd processes continue to run. I'm running XP Pro with latest updates. Samba is running on RH 7.2 and kernel 2.4.22. Here is the relevant section of my log: [2003/09/09 20:23:29, 4] smbd/vfs.c:vfs_ChDir(611) vfs_ChDir to //home/rkshull/windows [2003/09/09 20:23:29, 3] smbd/trans2.c:call_trans2qfilepathinfo(1901) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 [2003/09/09 20:23:29, 3] lib/charcnv.c:convert_string_internal(194) convert_string_internal: Conversion error: Incomplete multibyte sequence(^E| ) [2003/09/09 20:23:29, 5] smbd/filename.c:unix_convert(114) unix_convert called on file \~P^A^H [2003/09/09 20:23:29, 3] lib/charcnv.c:convert_string_internal(209) convert_string_internal: Conversion error: Illegal multibyte sequence(~P^A^H) [2003/09/09 20:23:29, 3] lib/util.c:unix_clean_name(580) unix_clean_name [/Æ~P^H] [2003/09/09 20:23:29, 3] lib/charcnv.c:convert_string_internal(199) convert_string_internal: Required 2048, available 1024 [2003/09/09 20:23:29, 10] smbd/statcache.c:stat_cache_lookup(251) stat_cache_lookup: lookup failed for name [Æ~P^H] [2003/09/09 20:23:29, 5] smbd/filename.c:unix_convert(188) unix_convert begin: name = Æ~P^H, dirpath = , start = Æ~P^H Thanks, Robert -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0rc3 - German Umlauts
Hi, i have still the same problem. I use 3.0RC3 with lib/charcnv.c of the actual CVS (Sep 10 15:19). I works not realy: I can create (Windows XP + Explorer) the filename Lösung.txt but not ösung.txt. -- Greetings M. Ungermann -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Accessing Samba Shares with AD usernames
I'm sorry if this post came through already ... Hi, I'm working on a project where the plan is to place a number of Samba servers on different locations as file and print servers. The samba server is supposed to be a part of the AD, which is easily done, but the samba servers are to contain a number of shares that only people with a valid logon on the AD will be able to access. How can this be achieved? Do I have to promote each Samba server to becoma a Domain Controller and create a trust between the DC and the Samba DC? I'm hoping there is a way to make Samba check the login on the DC and based on that give access to the share. I hope I am being clear enough. In short: An AD user wishes to access a Samba share, but needs to be authenticated somehow. I hope you can help me out. -- Lars Wiberg -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba3.0.0rc3 - charset
On Wed, Sep 10, 2003 at 09:29:30AM -0500, Robert Shull wrote: I am seeing the same slowdown problem, and have found a couple of other things. The problem began for me after doing a CVS update and installing on the evening of 7 Sep. Reverting to my previous build of 31 Aug eliminates the problem. smbd is in constant run state, but strace shows no system calls. A new smbd starts up every few minutes (as if XP is trying to reconnect) and exhibits the same problems. The previous smbd processes continue to run. I'm running XP Pro with latest updates. Samba is running on RH 7.2 and kernel 2.4.22. I just fixed this bug in CVS (last night). Try another update, people have reported this fixes the problem. Cheers, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble building samba-3.0.0rc3 on Red Hat Linux AMD64 machine
It the Makefile, the installclientlib target calls -$(INSTALLCLIENTCMD_SH) bin/[EMAIL PROTECTED]@ $(DESTDIR)${prefix}/lib and -$(INSTALLCLIENTCMD_A) bin/libsmbclient.a $(DESTDIR)${prefix}/lib However, on the AMD64 platform, ${prefix}/lib (/usr/lib) is reserved for 32-bit compatability libraries, and these 64-bit libraries should be installed in /usr/lib64/ To make matters more confusing, my build environment doesn't have a /usr/lib directory, so these libraries get installed on top of each other as a file named lib in the /usr directory. @libdir@ is set to /usr/lib64/samba (because --with-fhs is set) so we can't simply use it here. I don't see any convenient macros that expand to /usr/lib64, which is probably why /usr/lib was hardcoded there. My current workaround is to rm -f /usr/lib and install the libraries by hand in the correct location in my Red Hat samba.spec file. It's ugly. Can someone come up with a better fix? -- JF -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Simple configuration and not working.
Can you retest against RC3. There was a change in the NTLMv2 behavior that might help. Thank you for your response!! I checked with rc3, and now this work with such a smb.conf. I tried to join AD domain, as this will our final use, with a modified smb.conf. Somme error occured when attempting to join, but it succeded. I can list domain users and groups. Then i can't connect with my domain account. With a windows client, it ask me to enter a username and password again and again. I increase the log verbose and saw that auth suceeded, and just after, a new auth attemp with empty domain/username so i don't understand why this happen. I noticed that this didn't occured when i was with 2.2.x. I can provide the log connection attemp if needed Thank for your help and for your excellent work!! Vincent smb.conf [global] workgroup = MYAD realm = MYAD.AD.MYDOMAIN.COM netbios name = FRMASSMEP03 server string = %h server (Samba %v) security = DOMAIN update encrypted = Yes password server = ip.of.my.dc passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . client lanman auth = No client plaintext auth = No log level = 3 passdb:5 auth:10 winbind:2 syslog = 0 log file = /var/log/samba/log.%m max log size = 8000 preferred master = No local master = No domain master = No dns proxy = No wins server = ip.of.my.dc ldap ssl = no idmap uid = 1-2 idmap gid = 1-2 winbind separator = + invalid users = root [myshare] path = /mnt/alcanet/mastw2k valid users = MYAD+mylogon admin users = MYAD+mylogon read only = No Somes lines of the log : [2003/09/10 16:18:26, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] [2003/09/10 16:18:26, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(286) Got user=[mylogon] domain=[MYAD] workstation=[MYHOSTNAME] len1=24 len2=24 [2003/09/10 16:18:26, 5] auth/auth_util.c:make_user_info_map(216) make_user_info_map: Mapping user [MYAD]\[mylogon] from workstation [MYHOSTNAME] [2003/09/10 16:18:26, 3] auth/auth.c:check_ntlm_password(265) check_ntlm_password: winbind authentication for user [mylogon] succeeded [2003/09/10 16:18:26, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(476) Doing spnego session setup [2003/09/10 16:18:26, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] [2003/09/10 16:18:26, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(286) Got user=[] domain=[] workstation=[MYHOSTNAME] len1=1 len2=0 [2003/09/10 16:18:26, 5] auth/auth_util.c:make_user_info_map(216) make_user_info_map: Mapping user []\[] from workstation [MYHOSTNAME] [2003/09/10 16:18:26, 5] auth/auth_util.c:make_user_info(132) attempting to make a user_info for () -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount/smbclient and Kanji
Hello, I have a problem trying to access a file with a Japanese Kanji name on a remote SMB share. When I smbmount the share the file name contains '?' symbols instead of Kanji characters. When using smbclient it seems to work OK and I can see the symbols in the filename using ls. What I need is to be able to access the file from a mounted filesystem. Any idea why this works OK using smbclient but not smbmount? I'm using samba 3.00 RC3. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.515 / Virus Database: 313 - Release Date: 01/09/2003 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and CUPS Config Issue
No takers. Shoot. Is this a better question for the CUPS group? I'm more than happy to go elsewhere if I need to. I don't want to be obnoxious. ;) Thanks! -- Jason Lee - Programmer Hobby Lobby Stores, Inc. -Original Message- From: Jason D. Lee [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 10:22 AM To: '[EMAIL PROTECTED]' Subject: [Samba] Samba and CUPS Config Issue We are trying to migrate from Samba/LPRng to Samba/CUPS and have hit some snags. We're using the Samba box as a print server for our corporate network, and have a variety of Windows versions on the network. The problem we're having is with our Windows 95 clients. Win95 uses the printer comment when it maps to the printer on the server. However, when we connect to a printer, we no longer see the printer comment. That is to say, if we browse the printers available on the box, we'll see print ISLJ4100 with the comment I/S Printer but when we connect to it, the printer shows up in our Printers control panel with no comment. This works fine on our Win2K boxes, but is a show stopper for our Win9x boxes. We're running Samba 3.0 RC2 and CUPS 1.1.19. Any ideas where things are breaking down? Thanks a lot! -- Jason Lee - Programmer Hobby Lobby Stores, Inc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Simple configuration and not working.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 10 Sep 2003 [EMAIL PROTECTED] wrote: I checked with rc3, and now this work with such a smb.conf. Excellent! Then i can't connect with my domain account. With a windows client, it ask me to enter a username and password again and again. I increase the log verbose and saw that auth suceeded, and just after, a new auth attemp with empty domain/username so i don't understand why this happen. I noticed that this didn't occured when i was with 2.2.x. Does this apply to you? (From WHATSNEW): Changes in Behavior - --- The following issues are known changes in behavior between Samba 2.2 and Samba 3.0 that may affect certain installations of Samba. 1) When operating as a member of a Windows domain, Samba 2.2 would map any users authenticated by the remote DC to the 'guest account' if a uid could not be obtained via the getpwnam() call. Samba 3.0 rejects the connection as NT_STATUS_LOGON_FAILURE. There is no current work around to re-establish the 2.2 behavior. [global] workgroup = MYAD realm = MYAD.AD.MYDOMAIN.COM netbios name = FRMASSMEP03 server string = %h server (Samba %v) security = DOMAIN I would expect this to be 'security = ads' since you've specified a realm. [2003/09/10 16:18:26, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(500) NativeOS=[Windows 2002 2600 Service Pack 1] NativeLanMan=[Windows 2002 5.1] [2003/09/10 16:18:26, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(286) Got user=[mylogon] domain=[MYAD] workstation=[MYHOSTNAME] len1=24 len2=24 [2003/09/10 16:18:26, 5] auth/auth_util.c:make_user_info_map(216) make_user_info_map: Mapping user [MYAD]\[mylogon] from workstation [MYHOSTNAME] [2003/09/10 16:18:26, 3] auth/auth.c:check_ntlm_password(265) check_ntlm_password: winbind authentication for user [mylogon] succeeded I expect that getpwnam() failed for the user. does getent passwd MYAD+mylogon succeed? cheers, jerry -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc You can never go home again, Oatman, but I guess you can shop there. --John Cusack - Grosse Point Blank (1997) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/X0/QIR7qMdg1EfYRAuMRAJ0WVsyL/Igh/vH3kZC8z1i7W6d0TgCfUjRn RqIQjsBnwau/rCm44l5FOow= =fYsC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] domain controller = in packaging/RedHat/smb.conf in samba-3.0.0rc3
Can someone remove this obsolete parameter from packaging/RedHat/smb.conf before it confuses more people? -- JF -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RC2: Cannot join domain
We've been working with Samba for the last years. Most ( if not all ) of it has worked as documented. Stability is much better than M$ Windows' and it is roughly an order of magnitude better on the same hardware ( you can add this to you customer quotes, Jerry ;) ) We have recently upgraded to RC2 from beta2, and we found this behaviour: while the File Server functions work perfectly well ( as always ), we have lost the ability to join machines to the domain, which get rejected with username not found message. Using LDAP backend. We did a quite big test yesterday, were we joined 32 machines to the domain, and we only succeeded using smbpasswd backend. LDAP backend wouldn't let us join machines to the domain. We suspected a corrupted installation or defective hardware... A couple hours before we had upgraded our main domain controllers to RC2 and everything seemed to work fine... until this morning, when we needed to join a machine to this domain. It has all worked flawlessly for the last two months, with big sustained workloads. So.. What changed in RC2 which has to do with domain joining? Release notes do not show anything relevant ( or so it seems ) Anything needs to change in SMB.CONF and/or the LDAP DIT, or we just found a bug? Hardware: Dell 2600SC, 2xXeon 2.4GHz, 1GB ECC DDRAM, very recently purchased Software: Debian Woody base, Samba3.0.0beta2+3.0.0rc2-1 and OpenLDAP 2.1.22-1 from Sid, plus their dependencies. Clients: W2K and WXP Pro, plus some NT4 ( not relevant ) Note: we have an administrator account with UID 0, Primary group SID DOMAIN-544, member of group with SID DOMAIN-512 ( both mappings checked with net groupmap ) --8 smb.conf 8-- [global] workgroup = CNSR server string = Servidor (%h) ;netbios name = SERVIDOR load printers = no ; printing = bsd ; printcap name = /etc/printcap ; printing = cups ; printcap name = cups ; guest account = nobody invalid users = root log file = /var/log/samba/log.%m max log size = 1000 syslog only = no syslog = 0 security = user encrypt passwords = true passdb backend = ldapsam:ldap://localhost, tdbsam, guest algorithmic rid base = 1000 ldap suffix = dc=,dc=xxx ldap admin dn = uid=samba,ou=daemons,dc=recuerdo,dc=net ldap delete dn = no ldap user suffix = ou=people ldap group suffix = ou=groups ldap idmap suffix = ou=idmap,ou=samba ldap machine suffix = ou=machines ldap filter = (uid=%u) idmap only = no idmap backend = winbind ldap idmap suffix = ou=idmap,ou=samba,dc=recuerdo,dc=net winbind use default domain = yes idmap uid = 5-55000 idmap gid = 5-55000 #winbind separator = + username map = /etc/samba/smbusers ; include = /home/samba/etc/smb.conf.%m socket options = TCP_NODELAY local master = yes os level = 20 domain master = yes preferred master = auto wins support = no dns proxy = no name resolve order = lmhosts host wins bcast ; preserve case = yes ; short preserve case = yes ; unix password sync = true passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword :* %n\n . pam password change = no ; message command = /bin/sh -c '/usr/bin/linpopup %f %m %s; rm %s' obey pam restrictions = no domain logons = yes logon script = netlogon.bat logon drive = H: logon path = \\%L\Profiles\%u panic action = /usr/share/samba/panic-action %d #=== Share Definitions === [homes] comment = Home Directories browseable = no writeable = yes read only = no csc policy = disable force create mode = 0640 force directory mode = 2750 [netlogon] comment = Network Logon Service path = /profiles/netlogon guest ok = yes writable = no share modes = no [Profiles] comment = Directorio de perfiles path = /profiles browseable = no guest ok = yes writeable = yes ;nt acl support = no profile acls = yes create mask = 0600 directory mask = 0700 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: RC2: Cannot join domain (more info)
At 12:47 10/09/2003 +0200, you wrote: We have recently upgraded to RC2 from beta2, and we found this behaviour: while the File Server functions work perfectly well ( as always ), we have lost the ability to join machines to the domain, which get rejected with username not found message. Using LDAP backend. It seems it was beta1 it worked with: We managed to downgrade to beta1 ( by overwriting smbd and nmbd with the binaries from a machine with beta1-1, since we can't find the binaries for beta1 in the mirrors ). Beta1 worked joining the machines to the domain at first try. Is there any additional info i can provide so that this issue can be tracked down? Thanks in advanceagain! Regards, J.L. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Fwd: Re: [Samba] Samba writes in wrong file]
On Wed, Sep 10, 2003 at 06:17:43PM +0200, Markus Ungermann wrote: Hello, i have this problem again. I have samba logs, from log.smbd, inside my Wordperfect-Document: [2003/09/09 16:42:33, 2] smbd/close.c:close_normal_file(229) markus closed file SftemBASIC/Testprogramme/2.9_Structure.b~RFf12cf7.TMP (numopen=4) [2003/09/09 16:42:33, 2] smbd/open.c:open_file(246) markus opened file SftemBASIC/test/m3/M3/workbench/EMBWorkBench.exe read=Yes write=No (numopen=5) [2003/09/09 16:42:33, 2] smbd/close.c:close_normal_file(229) markus closed file SftemBASIC/test/m3/M3/workbench/EMBWorkBench.exe (numopen=4) ä ì D ô L ¤/ ÓÔ2 ÔÔ3 ÔÓ The last 3 Lines are the Wordperfect lines. This is right, the samba logs before are wrong. We've seen this on a couple of systems, SuSE and now Debian. We've never been able to reproduce it reliably. Our current best guess is it might be a glibc bug. What version of glibc do you have ? Can you reproduce this ? If so, can you get an strace ? Jeremy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0rc3 - German Umlauts
On Wed, Sep 10, 2003 at 04:05:36PM +0200, Markus Ungermann wrote: Hi, i have still the same problem. I use 3.0RC3 with lib/charcnv.c of the actual CVS (Sep 10 15:19). I works not realy: I can create (Windows XP + Explorer) the filename Lösung.txt but not ösung.txt. Found it - expect a fix within a few minutes ! Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0rc3 - German Umlauts
On Wed, Sep 10, 2003 at 04:05:36PM +0200, Markus Ungermann wrote: Hi, i have still the same problem. I use 3.0RC3 with lib/charcnv.c of the actual CVS (Sep 10 15:19). I works not realy: I can create (Windows XP + Explorer) the filename Lösung.txt but not ösung.txt. Here's the fix (also checked into CVS). My stupid, stupid bug, sorry :-(. Jeremy. Index: lib/util_str.c === RCS file: /data/cvs/samba/source/lib/util_str.c,v retrieving revision 1.47.2.41 diff -u -r1.47.2.41 util_str.c --- lib/util_str.c 5 Sep 2003 19:59:53 - 1.47.2.41 +++ lib/util_str.c 10 Sep 2003 17:56:27 - @@ -1189,6 +1189,7 @@ while (*s (((unsigned char)s[0]) 0x80)) { if (*s == c) return s; + s++; } if (!*s) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Doesn't require a password
Here is my problem: Previously, I was using Samba as a PDC and everybody logged in with WXP and then they had roaming profiles and all was grand, except sometimes my students had really big pictures and such being saved to their My Documents. That's bad. When it came time to log off, other students sometimes had to wait 20 minutes. A Bad thing. So, this year, I scrapped the roaming profiles and got some XP Home Edition machines. I simply shared files on the server using Samba. It's fine. All the machines have a mapped network drive to the homes directory. When they click it, they are prompted for a username and password. They gain access to the server. They can do things exactly as I want them to be able to do things. One little problem. A student pointed out that if he didn't enter a password, it worked just the same. A user can enter any username and as long as it is a user on the server, they have access to that file without supplying a password or supplying a bogus password. It's a bad thing. Can anybody help? Keep in mind that this is a modified smb.conf. I previously had it when I had the samba as a PDC and some of the settings while seemingly illogical are carryovers. Me not sharp enough or have enough time to bother with trying to change them. Here is my smb.conf: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2003/09/10 12:54:53 # Global parameters [global] netbios name = WALDO encrypt passwords = Yes update encrypted = Yes null passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* log file = /var/log/samba/%m.log max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u domain logons = Yes os level = 255 domain master = Yes wins support = Yes default service = homes path = /home guest account = root read only = No printing = lprng browseable = No locking = No [homes] comment = Home Directories guest account = %S valid users = %S browseable = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes [lab] path = /var/spool/samba printable = Yes printer name = lab oplocks = No -- James Bear www.montpelier.k12.nd.us God is good...all the time. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] print driver options different on samba
Jason Balicki wrote: What subsystem and on what OS are you running Samba? I'd bet that it's not an issue with Samba, per se, but an issue with the underlying printing system. If you're using CUPS, check to see if CUPS sees all the options. ok, redhat 7.3, samba 2.2.7, and i've switched from lprng to CUPS 1.1.14. both samba and cups are the latest updated version from redhat. Also, if you are using CUPS, you can probably just use the PPD that's on the Windows machines. i used the PPD from the windows machine to configure the CUPS printer. this worked fine, CUPS see's all the configurable options, all 13 different paper sizes. but still when i configure on the win2k client i only get 5 paper sizes. One more if: If you find that your underlying printing system (be it CUPS or whatever) does not see all the options, you need to fix that first, before you can ask for more help here. Contact your friendly neighborhood print system mailing list. i can make avialable the PPD and .inf if necessary. -- Darin Perusich Unix Systems Administrator Cognigen Corp. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Doesn't require a password
Hi, James, you wrote: JB One little problem. A student pointed out that if he didn't enter a JB password, it worked just the same. A user can enter any username and as JB long as it is a user on the server, they have access to that file JB without supplying a password or supplying a bogus password. It's a bad JB thing. null passwords = Yes Just guessing (and looking up the option in the docs): Remove that line ... best regards Stefan G. Weichinger mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RESOLVED: winbindd instability, inconsistent handling of Domain name
On Mon, 8 Sep 2003, Alexander List wrote: After a while, wbinfo [-u|-g] returns server:/var/log/samba# wbinfo -g Error looking up domain groups winbindd issue solved in 3.0.0rc3. The problem with smbd persists, will try to debug a little more and post a bug to bugzilla. Alex -- Life is what happens to you while you're busy making other plans. --John Lennon -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Doesn't require a password
James Bear írta: Here is my problem: Previously, I was using Samba as a PDC and everybody logged in with WXP and then they had roaming profiles and all was grand, except sometimes my students had really big pictures and such being saved to their My Documents. That's bad. When it came time to log off, other students sometimes had to wait 20 minutes. A Bad thing. So, this year, I scrapped the roaming profiles and got some XP Home Edition machines. I simply shared files on the server using Samba. It's fine. All the machines have a mapped network drive to the homes directory. When they click it, they are prompted for a username and password. They gain access to the server. They can do things exactly as I want them to be able to do things. One little problem. A student pointed out that if he didn't enter a password, it worked just the same. A user can enter any username and as long as it is a user on the server, they have access to that file without supplying a password or supplying a bogus password. It's a bad thing. Can anybody help? Keep in mind that this is a modified smb.conf. I previously had it when I had the samba as a PDC and some of the settings while seemingly illogical are carryovers. Me not sharp enough or have enough time to bother with trying to change them. Here is my smb.conf: # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2003/09/10 12:54:53 # Global parameters [global] netbios name = WALDO encrypt passwords = Yes update encrypted = Yes null passwords = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* log file = /var/log/samba/%m.log max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u domain logons = Yes os level = 255 domain master = Yes wins support = Yes default service = homes path = /home guest account = root read only = No printing = lprng browseable = No locking = No [homes] comment = Home Directories guest account = %S valid users = %S browseable = Yes [printers] comment = All Printers path = /var/spool/samba printable = Yes [lab] path = /var/spool/samba printable = Yes printer name = lab oplocks = No I think instead of guest account = root you should definitely use guest account = nobody Or you will give root access to your every badly authenticated user :-( Which looks strange to me is the fact that I haven't seen a map to guest statement in your smb.conf. You could also solve your problem, with map to guest = never. Good Luck! Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Accessing Samba Shares with AD usernames
On Wed, 10 Sep 2003, Lars Wiberg wrote: I'm sorry if this post came through already ... Hi, I'm working on a project where the plan is to place a number of Samba servers on different locations as file and print servers. The samba server is supposed to be a part of the AD, which is easily done, but the samba servers are to contain a number of shares that only people with a valid logon on the AD will be able to access. How can this be achieved? Do I have to promote each Samba server to becoma a Domain Controller and create a trust between the DC and the Samba DC? I'm hoping there is a way to make Samba check the login on the DC and based on that give access to the share. I hope I am being clear enough. Chapter 14, File, Directory and Share Access Controls, Samba-HOWTO-Collection.pdf. This document ships with Samba-3.0.0, in the ~samba/docs directory. Available from links on the samba web site under documentation. I hope I am being clear enough also. If this does not solve your problem please let us know. - John T. In short: An AD user wishes to access a Samba share, but needs to be authenticated somehow. I hope you can help me out. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba and CUPS Config Issue
On Wed, 10 Sep 2003, Jason D. Lee wrote: No takers. Shoot. Is this a better question for the CUPS group? I'm more than happy to go elsewhere if I need to. I don't want to be obnoxious. ;) Thanks! If this is not sufficiently covered in the CUPS chapter in the Samba-HOWTO-Collection.pdf that ships with Samba-3.0.0RC3 please let me know. There are links to this document on the Samba web site under documentation. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain unavaliable
All the WINS server parametes are set correctly on all the machines. I just finished checking them. I've also got lmhosts enabled, and I need to check that the entries in that file are correct. I'm sure they are, as I made a new one and imported it to all the machines just before we shutdown for the move. -Jim * Jim Kreuziger [EMAIL PROTECTED] * On Tue, 9 Sep 2003, Tom Dickson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 If you can't find the DOMAIN, I would suspect a WINS server issue. Look both at the log.nmbd file in /var/log/samba, and also check that your windows clients have their wins server set correctly: either ipconfig under Windows NT and sons, or winipcfg under Windows 95 and its, uh, heirs. Both can be run from a command (DOS command.com or cmd.exe) window. If the WINS server is wrong, then network browsing will go all to h*ck! James Kreuziger wrote: | First off, I'd like to give all the people involved | with the development of Samba a big thanks. I'd have | to say that Samba is probably the single most important | piece of software that we run in our research lab. | I'd also like to say that I have had so few problems that | I probably haven't written about one in 3 years. | | With that being said, I'm having problems with my | Samba PDC. I'm running Samba 2.2.8a on a Solaris 8 | box. We have recently moved our lab from one | facilty to another, which forced us to change all | of our system names and IP's. Luckily, only the | domain part of the name changed, as well as the IP's. | | I updated the smb.conf to reflect the new subnet and IP's. However, | I have recently noticed that people are getting alot of | Domain LABDOM is unavailable messages when trying to | logon from Win2k. This may last anywhere from 2 minutes to 30 | minutes. Then, for no apparent reason, they will be able to logon. | | I'm thinking that it has to do with my hosts allow and | hosts deny settings. Before the move, we were on a subnet | with a netmask setting of 255.255.255.0. So my hosts allow | setting were this (IP's have been changed to protect the innocent): | | hosts allow = 10.0.33. 127.0.0.1 | host deny = ALL EXCEPT 10.0.33. 127.0.0.1 | | We are now on a much more restricted subnet, and | can't have the full range to ourselves. Consequently, | our subnet mask is now 255.255.255.224, and the IP | address space is from 10.0.236.38 - 10.0.236.61 | (this takes into account the network devices). | | I'm wondering if my problem is related to this. | I'm thinking that that I should restrict my hosts | allow with the network/netmask combo: | | hosts allow = 10.0.236.32/255.255.255.224 | | Is this what I'm looking for? I've included the | global part of my conf below. | | Thanks, | | -Jim | | * | Jim Kreuziger | [EMAIL PROTECTED] | * | | [global] | workgroup = LABDOM | preexec = csh -c `echo /usr/local/samba/bin/smbclient \ | -M %m -I %I` | server string = Samba %v on (%L) | security = user | domain logons = yes | domain admin group = @domadm | encrypt passwords = Yes | password level = 3 | log level = 2 | log file = /samba/current/var/log.smbd.%m | max log size = 2000 | wins support = Yes | name resolve order = lmhosts wins hosts bcast | dns proxy = yes | deadtime = 0 | keepalive = 3600 | client code page = 437 | os level = 65 | preferred master = Yes | domain master = Yes | guest account = samba | invalid users = daemon bin sys lp smtp uucp nuucp listen dcs consult dumper nobody | hosts allow = 10.0.236. 10.0.33. 10.0.126. 127.0.0.1 | hosts deny = ALL EXCEPT 10.0.236. 10.0.33. 10.0.126. 127.0.0.1 | veto oplock files = /*.mdb/*.dbm/*.doc/*.xls | socket options = TCP_NODELAY IPTOS_LOWDELAY | getwd cache = yes | logon script = %U.bat | logon path = \\ralopib\profile\%U | remote announce = 10.0.126.208/IMHH | utmp = True | username map = /samba/current/lib/usermap.txt -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/XnnVRliD/69byygRAo/CAJ9y5rLSgSSxcMDS9+xeEDZqAYYFrACfTV+S hHGUn+KMrUfcB6HniziLTjg= =HWTX -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help using multiple file servers
I am trying to setup samba so that I can authenticate users from a single server, but use multiple file servers to server the home directories and user profiles. How would I go about doing this? Rob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Opening files issue.
Hi all. I've looked, and I do recall a posting from earlier addressing this, but I can't get the right combo of key-words to google up the solution. If I open a file (say a .doc) from windows explorer, the program launches and that file loads quickly. If I use the open dialogue from the application, the file loads slowly. Looking in performnce monitor I see that if I load the file from explorer, there is a quick exchange of received bytes from the samba server, and nearly none sent. If I open from the open dialogue, I see an almost equal amount of sent and received bytes. I've seen this behaviour before in all circumstances if I've set veto oplocks for the file type. Using Mandrake 9.1 Samba 2.2.7a (the mandrake install) Win2000SP4 and WINXP sp1 Thanks for any info Hans Rasmussen Drafting/GIS Coordinator SBS Forestry Inc. 250-561-1140 ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] file locking on Samba
DELAYED TRANSMISSION !!! Hi, many questions about locking have already been posted to the list, and since I could not find the answer to this one, allow me to pose mine. Samba version samba-2.2.7a-8.9.0 as a RedHat package All clients Windows 2k pro. The office is an architect, who uses Bentley MicroStation SE. They write their design files over the network to the Samba server. When user A opens a file he can write to it. When user B opens the same file from another stations as user A is working on it, user B can also write to it. Is there no way to lock the file for writing as soon as one user has opened it, so that others have only read access? Thank you, Arjen. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Help using multiple file servers
I would also like the answer to that question. The only way I could find thus far is using LDAP but I'm not quite ready to migrate samba to ldap yet. Andre -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Robert Rati Sent: 10 September 2003 11:06 To: [EMAIL PROTECTED] Subject: [Samba] Help using multiple file servers I am trying to setup samba so that I can authenticate users from a single server, but use multiple file servers to server the home directories and user profiles. How would I go about doing this? Rob -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help using multiple file servers
Hi, the best way, I think, is to use LDAP for authenticating. So you've one server, which does all the stuff for you. The other way is to write a little and simple script, which keeps the passwordfiles in sync: #!/bin/sh # 08-30-2000 # Synchronize the user accounts every night scp /etc/passwd 192.168.10.2:/etc/passwd scp /etc/shadow 192.168.10.2:/etc/shadow scp /etc/group 192.168.10.2:/etc/group scp /etc/gshadow 192.168.10.2:/etc/gshadow scp /etc/samba/smbpasswd 192.168.10.2:/etc/samba/smbpasswd cp -v /etc/passwd /data/backup/user/ cp -v /etc/shadow /data/backup/user/ cp -v /etc/group /data/backup/user/ cp -v /etc/gshadow /data/backup/user/ cp -v /etc/samba/smbpasswd /data/backup/user/ # END I installed an ssh-key, so a cronjob can do the job for me... Makes no sense but it's nice... :-) Greetings Sascha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help using multiple file servers
I'm not sure this will solve the problem I am looking at. I can see an LDAP server for authentication (although I currently don't have one setup and would prefer not to have to set one up), but how does an LDAP server help with the home directory and profile serving? If a user logs onto machine A which is on subnet A, then samba server A would authenticate against the LDAP server and serve the home dir and profile. What happens if the same user logs onto machine B which is on subnet B? The samba server B would authenticate with the LDAP server, but would the user's home directory and profile be served from server A? Will the LDAP solution you suggest provide this ability? Ideally, I'd like all the users to be authenticated through one samba server (let's say server A), and the home directories and profiles for those users to be served from the authenticating server (server A) or an alternate samba server (server B). Rob Radio Gong 2000 GmbH Co. KG [Technik] wrote: Hi, the best way, I think, is to use LDAP for authenticating. So you've one server, which does all the stuff for you. The other way is to write a little and simple script, which keeps the passwordfiles in sync: #!/bin/sh # 08-30-2000 # Synchronize the user accounts every night scp /etc/passwd 192.168.10.2:/etc/passwd scp /etc/shadow 192.168.10.2:/etc/shadow scp /etc/group 192.168.10.2:/etc/group scp /etc/gshadow 192.168.10.2:/etc/gshadow scp /etc/samba/smbpasswd 192.168.10.2:/etc/samba/smbpasswd cp -v /etc/passwd /data/backup/user/ cp -v /etc/shadow /data/backup/user/ cp -v /etc/group /data/backup/user/ cp -v /etc/gshadow /data/backup/user/ cp -v /etc/samba/smbpasswd /data/backup/user/ # END I installed an ssh-key, so a cronjob can do the job for me... Makes no sense but it's nice... :-) Greetings Sascha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] net view can see server, but nmblookup '*' can't find it!
I have an XP Pro box on my LAN, and I'm trying to figure out why nmblookup '*' can't see it. I'm writing a script that finds all the shares on the LAN and mounts them, and it works great except for this one box. On another windows box, when I run net view, the XP box is listed as I expect. On my linux box, when I run nmblookup -A 192.168.0.111 it returns with the correct data about the XP box's shares. But on the linux box, when I run nmblokup '*', it returns all the other boxes, linux and windows, except for this one XP box. Here is the output from nmblookup -d 10 -A 192.168.0.111. Can you see anything that might prevent this box from showing up in nmblookup '*'? Initialising global parameters params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] doing parameter workgroup = BFNX doing parameter hosts allow = 192.168.0. 10.2. 127. doing parameter log file = /var/log/samba/%m.log doing parameter max log size = 0 doing parameter security = share doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 doing parameter socket address = 192.168.0.150 doing parameter local master = no doing parameter username map = /etc/samba/smbusers doing parameter dns proxy = no doing parameter encrypt passwords = yes doing parameter null passwords = yes doing parameter domain master = no doing parameter local master = no doing parameter preferred master = no doing parameter server string = rave doing parameter netbios name = rave handle_netbios_name: set global_myname to: RAVE doing parameter interfaces = 192.168.0.150/24 192.168.254.1/24 172.16.50.1/24 10.2.0.1/15 pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: ROLE_STANDALONE added interface ip=192.168.0.150 bcast=192.168.0.255 nmask=255.255.255.0 added interface ip=192.168.254.1 bcast=192.168.254.255 nmask=255.255.255.0 added interface ip=172.16.50.1 bcast=172.16.50.255 nmask=255.255.255.0 added interface ip=10.2.0.1 bcast=10.3.255.255 nmask=255.254.0.0 bind succeeded on port 0 socket option SO_KEEPALIVE = 0 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 1 Could not test socket option TCP_NODELAY. socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 65535 socket option SO_RCVBUF = 65535 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 Socket opened. Looking up status of 192.168.0.111 Sending a packet of len 50 to (192.168.0.111) on port 137 read_udp_socket: lastip 192.168.0.111 lastport 137 read: 193 parse_nmb: packet id = 32431 Received a packet of len 193 from (192.168.0.111) port 137 nmb packet from 192.168.0.111(137) header: id=32431 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=*00 rr_type=33 rr_class=1 ttl=0 answers 0 char .SPACEINVADERS hex 045350414345494E5641444552532020 answers 10 char .D.SPACEINVADERS hex 0044005350414345494E564144455253 answers 20 charD.BFNX hex 2020204400524F4B5520202020202020 answers 30 char ...BFNXhex 2020202000C400524F4B552020202020 answers 40 char ..[R.. hex 2020202020201EC40BDB5B521F00 answers 50 char hex answers 60 char hex answers 70 char ... hex 00 SPACEINVADERS 00 - M ACTIVE SPACEINVADERS 20 - M ACTIVE BFNX00 - GROUP M ACTIVE BFNX1e - GROUP M ACTIVE -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help using multiple file servers
I think taht we re doing something similar to what you want here. One server is acting as a PDC, the other server uses NIS to replicate the users and groups. Using pam, I create home dirs based on /etc/skel on login to the second server. On the first server I direct the home directory using full UNC paths to the second server. This seems to do the trick. Hans - Original Message - From: Robert Rati [EMAIL PROTECTED] To: Radio Gong 2000 GmbH Co. KG [Technik] [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 3:02 PM Subject: Re: [Samba] Help using multiple file servers I'm not sure this will solve the problem I am looking at. I can see an LDAP server for authentication (although I currently don't have one setup and would prefer not to have to set one up), but how does an LDAP server help with the home directory and profile serving? If a user logs onto machine A which is on subnet A, then samba server A would authenticate against the LDAP server and serve the home dir and profile. What happens if the same user logs onto machine B which is on subnet B? The samba server B would authenticate with the LDAP server, but would the user's home directory and profile be served from server A? Will the LDAP solution you suggest provide this ability? Ideally, I'd like all the users to be authenticated through one samba server (let's say server A), and the home directories and profiles for those users to be served from the authenticating server (server A) or an alternate samba server (server B). Rob Radio Gong 2000 GmbH Co. KG [Technik] wrote: Hi, the best way, I think, is to use LDAP for authenticating. So you've one server, which does all the stuff for you. The other way is to write a little and simple script, which keeps the passwordfiles in sync: #!/bin/sh # 08-30-2000 # Synchronize the user accounts every night scp /etc/passwd 192.168.10.2:/etc/passwd scp /etc/shadow 192.168.10.2:/etc/shadow scp /etc/group 192.168.10.2:/etc/group scp /etc/gshadow 192.168.10.2:/etc/gshadow scp /etc/samba/smbpasswd 192.168.10.2:/etc/samba/smbpasswd cp -v /etc/passwd /data/backup/user/ cp -v /etc/shadow /data/backup/user/ cp -v /etc/group /data/backup/user/ cp -v /etc/gshadow /data/backup/user/ cp -v /etc/samba/smbpasswd /data/backup/user/ # END I installed an ssh-key, so a cronjob can do the job for me... Makes no sense but it's nice... :-) Greetings Sascha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help using multiple file servers
Am Donnerstag, 11. September 2003 00:02 schrieb Robert Rati: I'm not sure this will solve the problem I am looking at. I can see an LDAP server for authentication (although I currently don't have one setup and would prefer not to have to set one up), but how does an LDAP server help with the home directory and profile serving? If a user logs onto machine A which is on subnet A, then samba server A would authenticate against the LDAP server and serve the home dir and profile. What happens if the same user logs onto machine B which is on subnet B? The samba server B would authenticate with the LDAP server, but would the user's home directory and profile be served from server A? Will the LDAP solution you suggest provide this ability? Didn't really try it, but on the wire you can read: YES Ideally, I'd like all the users to be authenticated through one samba server (let's say server A), and the home directories and profiles for those users to be served from the authenticating server (server A) or an alternate samba server (server B). You can do this with my little script... Rob Radio Gong 2000 GmbH Co. KG [Technik] wrote: Hi, the best way, I think, is to use LDAP for authenticating. So you've one server, which does all the stuff for you. The other way is to write a little and simple script, which keeps the passwordfiles in sync: #!/bin/sh # 08-30-2000 # Synchronize the user accounts every night scp /etc/passwd 192.168.10.2:/etc/passwd scp /etc/shadow 192.168.10.2:/etc/shadow scp /etc/group 192.168.10.2:/etc/group scp /etc/gshadow 192.168.10.2:/etc/gshadow scp /etc/samba/smbpasswd 192.168.10.2:/etc/samba/smbpasswd cp -v /etc/passwd /data/backup/user/ cp -v /etc/shadow /data/backup/user/ cp -v /etc/group /data/backup/user/ cp -v /etc/gshadow /data/backup/user/ cp -v /etc/samba/smbpasswd /data/backup/user/ # END I installed an ssh-key, so a cronjob can do the job for me... Makes no sense but it's nice... :-) Greetings Sascha -- ___ Radio Gong 2000 GmbH Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 München -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Help using multiple file servers
What samba gives you is the ability to specify different profile paths for different users - you could thus split your user load between say 10 servers with their profiles located on their own servers. It does not however solve the problem of the profile only being available on one server. If you want the users' profiles to follow them around and always be serverd from the local server they log onto, user something like rsync - or a central nfs store on a seperate server that just stores profiles. I assume you want the same server (eg. server A) to always server say user A's profile - no matter which dc he logs onto - this ldap will do. Andre -Original Message- From: Robert Rati [mailto:[EMAIL PROTECTED] Sent: 11 September 2003 12:03 To: Radio Gong 2000 GmbH Co. KG [Technik] Cc: Andre de Koning; [EMAIL PROTECTED] Subject: Re: [Samba] Help using multiple file servers I'm not sure this will solve the problem I am looking at. I can see an LDAP server for authentication (although I currently don't have one setup and would prefer not to have to set one up), but how does an LDAP server help with the home directory and profile serving? If a user logs onto machine A which is on subnet A, then samba server A would authenticate against the LDAP server and serve the home dir and profile. What happens if the same user logs onto machine B which is on subnet B? The samba server B would authenticate with the LDAP server, but would the user's home directory and profile be served from server A? Will the LDAP solution you suggest provide this ability? Ideally, I'd like all the users to be authenticated through one samba server (let's say server A), and the home directories and profiles for those users to be served from the authenticating server (server A) or an alternate samba server (server B). Rob Radio Gong 2000 GmbH Co. KG [Technik] wrote: Hi, the best way, I think, is to use LDAP for authenticating. So you've one server, which does all the stuff for you. The other way is to write a little and simple script, which keeps the passwordfiles in sync: #!/bin/sh # 08-30-2000 # Synchronize the user accounts every night scp /etc/passwd 192.168.10.2:/etc/passwd scp /etc/shadow 192.168.10.2:/etc/shadow scp /etc/group 192.168.10.2:/etc/group scp /etc/gshadow 192.168.10.2:/etc/gshadow scp /etc/samba/smbpasswd 192.168.10.2:/etc/samba/smbpasswd cp -v /etc/passwd /data/backup/user/ cp -v /etc/shadow /data/backup/user/ cp -v /etc/group /data/backup/user/ cp -v /etc/gshadow /data/backup/user/ cp -v /etc/samba/smbpasswd /data/backup/user/ # END I installed an ssh-key, so a cronjob can do the job for me... Makes no sense but it's nice... :-) Greetings Sascha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain unavaliable
On Tue, 9 Sep 2003, James Kreuziger wrote: With that being said, I'm having problems with my Samba PDC. I'm running Samba 2.2.8a on a Solaris 8 box. We have recently moved our lab from one facilty to another, which forced us to change all of our system names and IP's. Luckily, only the domain part of the name changed, as well as the IP's. I updated the smb.conf to reflect the new subnet and IP's. However, I have recently noticed that people are getting alot of Domain LABDOM is unavailable messages when trying to logon from Win2k. This may last anywhere from 2 minutes to 30 minutes. Then, for no apparent reason, they will be able to logon. What about a broken cable, a defect switch port, a loose NIC ? These things may work for some time and suddenly stop or the other way round. You could take a laptop and try to track down the weak point in your lan . Regards, Uli. I'm thinking that it has to do with my hosts allow and hosts deny settings. Before the move, we were on a subnet with a netmask setting of 255.255.255.0. So my hosts allow setting were this (IP's have been changed to protect the innocent): hosts allow = 10.0.33. 127.0.0.1 host deny = ALL EXCEPT 10.0.33. 127.0.0.1 We are now on a much more restricted subnet, and can't have the full range to ourselves. Consequently, our subnet mask is now 255.255.255.224, and the IP address space is from 10.0.236.38 - 10.0.236.61 (this takes into account the network devices). I'm wondering if my problem is related to this. I'm thinking that that I should restrict my hosts allow with the network/netmask combo: hosts allow = 10.0.236.32/255.255.255.224 Is this what I'm looking for? I've included the global part of my conf below. Thanks, -Jim * Jim Kreuziger [EMAIL PROTECTED] * [global] workgroup = LABDOM preexec = csh -c `echo /usr/local/samba/bin/smbclient \ -M %m -I %I` server string = Samba %v on (%L) security = user domain logons = yes domain admin group = @domadm encrypt passwords = Yes password level = 3 log level = 2 log file = /samba/current/var/log.smbd.%m max log size = 2000 wins support = Yes name resolve order = lmhosts wins hosts bcast dns proxy = yes deadtime = 0 keepalive = 3600 client code page = 437 os level = 65 preferred master = Yes domain master = Yes guest account = samba invalid users = daemon bin sys lp smtp uucp nuucp listen dcs consult dumper nobody hosts allow = 10.0.236. 10.0.33. 10.0.126. 127.0.0.1 hosts deny = ALL EXCEPT 10.0.236. 10.0.33. 10.0.126. 127.0.0.1 veto oplock files = /*.mdb/*.dbm/*.doc/*.xls socket options = TCP_NODELAY IPTOS_LOWDELAY getwd cache = yes logon script = %U.bat logon path = \\ralopib\profile\%U remote announce = 10.0.126.208/IMHH utmp = True username map = /samba/current/lib/usermap.txt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] file locking on Samba
On Wed, 10 Sep 2003, Arjen Van Drie (E-mail) wrote: DELAYED TRANSMISSION !!! Hi, many questions about locking have already been posted to the list, and since I could not find the answer to this one, allow me to pose mine. Samba version samba-2.2.7a-8.9.0 as a RedHat package All clients Windows 2k pro. The office is an architect, who uses Bentley MicroStation SE. They write their design files over the network to the Samba server. When user A opens a file he can write to it. When user B opens the same file from another stations as user A is working on it, user B can also write to it. Is there no way to lock the file for writing as soon as one user has opened it, so that others have only read access? How would you do this in a pure MS Windows server environment? Do you have a pure Windows environment solution for this? If you can not propose how you might do this in a pure MS Windows world, please can you propose a method that is known to the MS Windows client so that you can achieve the desired result? Samba mirrors the way the MS Windows Servers function. Samba aims to be transparent compared with a Windows Server 200x machine. In other words it aims to be no different. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Strange messages while accessing UTF8 coded filenames
On Mon, Sep 01, 2003 at 09:17:55PM +0200, [EMAIL PROTECTED] wrote: Hi Jeremy, Platform is: V480/UltraSparc III, Solaris 8 2/02 with latest patches Samba: 3.0.0rc2 LibIconv: 1.9.1 MIT Kerberos-5: 1.3.1 OpenLDAP: 2.1.22 Compiler: Forte 6 Update 2 Client: Windows XP Client-Application: Catia V4 The ? is the mathematical +- character (+ over -), in Hex: 0xb1. All files written by Catia V4 will have this character in their names. I'm pretty sure I've now fixed this. Can you CVS update and test the code ? Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.0rc3 : HPUX Makefile problem
How does one get past this problem, which is the one that stalls my compile: Linking shared library bin/pam_smbpass.sl /usr/ccs/bin/ld: DP relative code in file /var/tmp//ccqbI3id.o - shared library must be position independent. Use +z or +Z to recompile. collect2: ld returned 1 exit status *** Error exit code 1 Stop. Where would this +z or +Z even go? Part of CFLAGS? _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Wed, 10 Sep 2003, Peter Van Biesen wrote: Hello, there's still a small problem when compiling on hpux, after running configure the variable AR is not set in the Makefile. The compilation fails because it tries to run $(AR) -rc and thus tries to run '-rc' ... Adding AR=ar in the Makefile fixes the problem, but I suppose there must be a better way ? Thanks and keep up the good work ! Peter. -- Peter Van Biesen Adj. Sysadmin V.F.S.I.P.H. tel: +32 (0) 2 225 85 70 fax: +32 (0) 2 225 85 88 e-mail: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] OT: Win2k ts - cannot start microsft outlook
This is off-topic so please let me know if it is inappropriate. I thought i'd post here as a lot of people on the list seem to be using samba with ms terminal server. I have profile problem ito roaming profiles from my samba dc not loading when you log onto w2k terminal server. I reloaded one of the servers, installed sp4 and installed ms office 2000 using the termsrvr.mst file. When a normal user now logs in it says : Cannot start microsoft outlook. If I add that user to the administrators group it works fine. It looks like it's trying to create registry entries in the global registry in stead of that specific user's registry file that is saved in his profile. I had this on NT4 t/s but can't remember the solution and M$ is, as usual, not very helpfull. Does anybody have the solution for this? André de Koning IT Manager Softline VIP Payroll Tel: +27 12 420 7000 [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Accessing Samba Shares with AD usernames
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just an add-on note: if you put valid users = write list = guest = no in your smb.conf for a given share, this seems to give write access to anyone who can authenticate with the domain. Hope this helps (we use it here - it seems to be the equivalent of Authenticated Users under Windows 2000). - -Tom Dickson John H Terpstra wrote: | On Wed, 10 Sep 2003, Lars Wiberg wrote: | | |I'm sorry if this post came through already ... | |Hi, | |I'm working on a project where the plan is to place a number of Samba |servers on different locations as file and print servers. The samba server |is supposed to be a part of the AD, which is easily done, but the samba |servers are to contain a number of shares that only people with a valid |logon on the AD will be able to access. | |How can this be achieved? Do I have to promote each Samba server to becoma a |Domain Controller and create a trust between the DC and the Samba DC? I'm |hoping there is a way to make Samba check the login on the DC and based on |that give access to the share. | |I hope I am being clear enough. | | | Chapter 14, File, Directory and Share Access Controls, | Samba-HOWTO-Collection.pdf. This document ships with Samba-3.0.0, in the | ~samba/docs directory. Available from links on the samba web site under | documentation. | | I hope I am being clear enough also. If this does not solve your problem | please let us know. | | | - John T. | |In short: An AD user wishes to access a Samba share, but needs to be |authenticated somehow. | |I hope you can help me out. | | | | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/X50+RliD/69byygRAhS9AJ4vJ8S3fsdUANaxN2etO1Pf81SpSwCfRvH5 4FsSjQxsfXmCNmRRzE/pKAA= =Q06J -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem using smbmount
I have a configuration where I'm using Mandrake 9.1 and I have another computer on a very small network that is running Windows ME. The windows machine is (I think) set up to allow sharing of the 'My Documents' folder and its referred to as 'MYDOCUEMENTS'. I've tried to connect the Linux machine to that folder with no success. I get bad password. On the last attempt I was using: smbmount //ME machine name/MYDOCUMENTS /mnt/MYDOCUMENTS -o credentials=credential file,ip=192.168.0.3,rw I saw something in the documentation that mentioned something about there being a bug in the use of password and that's the reason for the credential file. I tried setting up a username and password for the Linux machine on the ME that didn't work. I tried using the username and the password associated with that folder, that didn't work. Where am I going wrong? Tom Williams -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can't login to domain errors
This is very strange. I have 2 DC's (different locations) that have the samba smb.conf (change in workgroup/netbios name). One network/DC works just fine. On the other setup, We can login to the local machine, map drives over as the user, all looks good. We then join the domain, and that works fine. Then when you reboot the windows box, you can't login to the domain because it gives that generic error Windows cannot connect to the domain, either because the domain controller is down or unavailable, or because your computer account was not found. This is with XP Pro, but NT 4 seems to work just fine (except the login script didn't run right, but that's another issue). Ideas ??? Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Opening files issue.
Other than IPTOS_LOWDELAY, that's pretty much what I have. I did veto oplocks Access MDB files on all shares, but that was it. I'm just confused as to the difference in behavior between opening via Windows Explorer and opening via the Open dialogue. - Original Message - From: Radio Gong 2000 GmbH Co. KG [Technik] [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 2:25 PM Subject: Re: [Samba] Opening files issue. I've the following setting in my smb.conf: socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 locking = 1 kernel oplocks = yes blocking locks = yes oplocks = yes level2 oplocks = yes And it works wonderful for me... Greetz Sascha Am Mittwoch, 10. September 2003 23:17 schrieb [EMAIL PROTECTED]: Hi all. I've looked, and I do recall a posting from earlier addressing this, but I can't get the right combo of key-words to google up the solution. If I open a file (say a .doc) from windows explorer, the program launches and that file loads quickly. If I use the open dialogue from the application, the file loads slowly. Looking in performnce monitor I see that if I load the file from explorer, there is a quick exchange of received bytes from the samba server, and nearly none sent. If I open from the open dialogue, I see an almost equal amount of sent and received bytes. I've seen this behaviour before in all circumstances if I've set veto oplocks for the file type. Using Mandrake 9.1 Samba 2.2.7a (the mandrake install) Win2000SP4 and WINXP sp1 Thanks for any info Hans Rasmussen Drafting/GIS Coordinator SBS Forestry Inc. 250-561-1140 ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. -- ___ Radio Gong 2000 GmbH Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 München ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't login to domain errors
sign or seal reg patch. - Original Message - From: Daniel Wittenberg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 8:19 AM Subject: [Samba] can't login to domain errors This is very strange. I have 2 DC's (different locations) that have the samba smb.conf (change in workgroup/netbios name). One network/DC works just fine. On the other setup, We can login to the local machine, map drives over as the user, all looks good. We then join the domain, and that works fine. Then when you reboot the windows box, you can't login to the domain because it gives that generic error Windows cannot connect to the domain, either because the domain controller is down or unavailable, or because your computer account was not found. This is with XP Pro, but NT 4 seems to work just fine (except the login script didn't run right, but that's another issue). Ideas ??? Dan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. ___ All emails incoming and outgoing from SBS Forestry Inc. are scanned by F-Prot Antivirus. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] WinXP missing profile
Samba 2.5 setup as a domain server. WinXP was connected to it and had written a profile back to the server. One day I get a call, All my documents are gone. I go and look and there is a completely clean local profile with none of his documents. I looked all over his computer and looked at 7 days of backups and no documents of any kind but then he wasn't in the habit of logging off. He had a Win2k system that he was logged on to at the time. With a completely different set of documents on it but no profile for it either. Any possibility that the profile was corrupted somehow and WinXP deleted it and created a new one with nothing in it? Tim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
CVS update: samba/source/utils
Date: Wed Sep 10 06:15:07 2003 Author: tpot Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv18450 Modified Files: Tag: SAMBA_3_0 net_help.c Log Message: Formatting fixups for help output. Revisions: net_help.c 1.2.2.12 = 1.2.2.13 http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/net_help.c.diff?r1=1.2.2.12r2=1.2.2.13
CVS update: samba/source/utils
Date: Wed Sep 10 06:49:13 2003 Author: tpot Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv22502 Modified Files: Tag: SAMBA_3_0 net_rpc_samsync.c Log Message: Use opt_target_workgroup instead of lp_workgroup() in vampire code so we can override the value in smb.conf with the -w option. Migrating accounts from another domain can now be done like: # bin/net join bdc -w nt4dom -Uadministrator%password # bin/net rpc vampire -w nt4dom -U administrator%password Revisions: net_rpc_samsync.c 1.8.2.31 = 1.8.2.32 http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/net_rpc_samsync.c.diff?r1=1.8.2.31r2=1.8.2.32
CVS update: samba/source/utils
Date: Wed Sep 10 06:58:41 2003 Author: tpot Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv23475 Modified Files: Tag: SAMBA_3_0 net_rpc_samsync.c Log Message: Fix error return path memory leaks in vampire code for creating users. Display an error if we can't create a posix account for the user (e.g no add user/machine script was specified; bug #323). Revisions: net_rpc_samsync.c 1.8.2.32 = 1.8.2.33 http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/net_rpc_samsync.c.diff?r1=1.8.2.32r2=1.8.2.33
CVS update: samba/source
Date: Wed Sep 10 14:03:08 2003 Author: ab Update of /home/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv7979 Modified Files: configure.in Log Message: Support for CAN-2003-0689 port from SAMBA_3_0 Revisions: configure.in1.475 = 1.476 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.475r2=1.476
Re: CVS update: samba/source/utils
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 10 Sep 2003 [EMAIL PROTECTED] wrote: Date: Wed Sep 10 06:15:07 2003 Author: tpot Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv18450 Modified Files: Tag: SAMBA_3_0 net_help.c Log Message: Formatting fixups for help output. Don't forget your janitor duties wrt to HEAD :-) cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/XziiIR7qMdg1EfYRAgraAJsHlLo12PKtxTSUMit6l/mPm/USXACdFakC Bo4fTlPHCymKJkA79YOIMtQ= =VCLo -END PGP SIGNATURE-
CVS update: samba/source
Date: Wed Sep 10 15:39:21 2003 Author: ab Update of /home/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv18769 Modified Files: Tag: SAMBA_3_0 configure.in Log Message: Back out --with-good-getgrouplist patch Revisions: configure.in1.300.2.164 = 1.300.2.165 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.300.2.164r2=1.300.2.165
CVS update: samba/source
Date: Wed Sep 10 15:41:07 2003 Author: ab Update of /home/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv19126 Modified Files: configure.in Log Message: Back out --with-good-getgrouplist patch Revisions: configure.in1.476 = 1.477 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.476r2=1.477
CVS update: samba/source/lib
Date: Wed Sep 10 18:03:16 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv1920/lib Modified Files: Tag: SAMBA_3_0_RELEASE util_str.c Log Message: Fix stupid typo bug causing CPU spin. Spotted by Markus Ungermann [EMAIL PROTECTED] Jeremy. Revisions: util_str.c 1.94.2.6 = 1.94.2.7 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/util_str.c.diff?r1=1.94.2.6r2=1.94.2.7
CVS update: samba/source/lib
Date: Wed Sep 10 18:03:24 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv2585/lib Modified Files: Tag: SAMBA_3_0 util_str.c Log Message: Fix stupid typo bug causing CPU spin. Spotted by Markus Ungermann [EMAIL PROTECTED] Jeremy. Revisions: util_str.c 1.47.2.41 = 1.47.2.42 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/util_str.c.diff?r1=1.47.2.41r2=1.47.2.42
CVS update: samba/source/smbd
Date: Wed Sep 10 18:34:54 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv5636/smbd Modified Files: Tag: SAMBA_3_0_RELEASE change_trust_pw.c Log Message: Fix for bug #273 - smbd crash on machine account change. Someone only half changed the code to use dc_name instead of remote machine... Found via back trace from Dariush Forouher [EMAIL PROTECTED]. Jeremy. Revisions: change_trust_pw.c 1.11.2.3 = 1.11.2.4 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/change_trust_pw.c.diff?r1=1.11.2.3r2=1.11.2.4
CVS update: samba/source/smbd
Date: Wed Sep 10 18:34:57 2003 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv5658/smbd Modified Files: Tag: SAMBA_3_0 change_trust_pw.c Log Message: Fix for bug #273 - smbd crash on machine account change. Someone only half changed the code to use dc_name instead of remote machine... Found via back trace from Dariush Forouher [EMAIL PROTECTED]. Jeremy. Revisions: change_trust_pw.c 1.2.2.11 = 1.2.2.12 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/change_trust_pw.c.diff?r1=1.2.2.11r2=1.2.2.12
CVS update: samba/source/sam
Date: Wed Sep 10 19:47:13 2003 Author: jelmer Update of /home/cvs/samba/source/sam In directory dp.samba.org:/tmp/cvs-serv14080/sam Removed Files: SAM-interface_handles.txt get_set_account.c get_set_domain.c get_set_group.c sam_ads.c sam_plugin.c sam_skel.c Log Message: Remove obsolete files. Revisions: SAM-interface_handles.txt 1.1 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/SAM-interface_handles.txt?rev=1.1 get_set_account.c 1.3 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/get_set_account.c?rev=1.3 get_set_domain.c1.5 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/get_set_domain.c?rev=1.5 get_set_group.c 1.3 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/get_set_group.c?rev=1.3 sam_ads.c 1.7 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/sam_ads.c?rev=1.7 sam_plugin.c1.4 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/sam_plugin.c?rev=1.4 sam_skel.c 1.2 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/sam_skel.c?rev=1.2
CVS update: samba/source/include
Date: Wed Sep 10 19:47:13 2003 Author: jelmer Update of /home/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv14080/include Removed Files: sam.h Log Message: Remove obsolete files. Revisions: sam.h 1.15 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/include/sam.h?rev=1.15
CVS update: samba/source/torture
Date: Wed Sep 10 19:47:13 2003 Author: jelmer Update of /home/cvs/samba/source/torture In directory dp.samba.org:/tmp/cvs-serv14080/torture Removed Files: cmd_sam.c samtest.c Log Message: Remove obsolete files. Revisions: cmd_sam.c 1.13 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/torture/cmd_sam.c?rev=1.13 samtest.c 1.16 = NONE http://www.samba.org/cgi-bin/cvsweb/samba/source/torture/samtest.c?rev=1.16
CVS update: samba/source/lib
Date: Wed Sep 10 22:33:03 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv31947/lib Modified Files: Tag: SAMBA_3_0_RELEASE smbldap.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: smbldap.c 1.1.4.4 = 1.1.4.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/smbldap.c.diff?r1=1.1.4.4r2=1.1.4.5
CVS update: samba/source/libads
Date: Wed Sep 10 22:33:03 2003 Author: jra Update of /data/cvs/samba/source/libads In directory dp.samba.org:/tmp/cvs-serv31947/libads Modified Files: Tag: SAMBA_3_0_RELEASE ldap.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: ldap.c 1.105.2.5 = 1.105.2.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/libads/ldap.c.diff?r1=1.105.2.5r2=1.105.2.6
CVS update: samba/source/passdb
Date: Wed Sep 10 22:33:03 2003 Author: jra Update of /data/cvs/samba/source/passdb In directory dp.samba.org:/tmp/cvs-serv31947/passdb Modified Files: Tag: SAMBA_3_0_RELEASE pdb_ldap.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: pdb_ldap.c 1.116.2.8 = 1.116.2.9 http://www.samba.org/cgi-bin/cvsweb/samba/source/passdb/pdb_ldap.c.diff?r1=1.116.2.8r2=1.116.2.9
CVS update: samba/source/printing
Date: Wed Sep 10 22:33:03 2003 Author: jra Update of /data/cvs/samba/source/printing In directory dp.samba.org:/tmp/cvs-serv31947/printing Modified Files: Tag: SAMBA_3_0_RELEASE nt_printing.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: nt_printing.c 1.251.2.7 = 1.251.2.8 http://www.samba.org/cgi-bin/cvsweb/samba/source/printing/nt_printing.c.diff?r1=1.251.2.7r2=1.251.2.8
CVS update: samba/source/lib
Date: Wed Sep 10 22:33:06 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv31959/lib Modified Files: Tag: SAMBA_3_0 smbldap.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: smbldap.c 1.1.2.12 = 1.1.2.13 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/smbldap.c.diff?r1=1.1.2.12r2=1.1.2.13
CVS update: samba/source/printing
Date: Wed Sep 10 22:33:06 2003 Author: jra Update of /data/cvs/samba/source/printing In directory dp.samba.org:/tmp/cvs-serv31959/printing Modified Files: Tag: SAMBA_3_0 nt_printing.c Log Message: Fix a nasty mess, and also bug #296. passdb/pdb_ldap.c was not converting to/from utf8 for some calls. The libads code gets this right. Wonder why the passdb code doesn't use it ? Jeremy. Revisions: nt_printing.c 1.204.2.41 = 1.204.2.42 http://www.samba.org/cgi-bin/cvsweb/samba/source/printing/nt_printing.c.diff?r1=1.204.2.41r2=1.204.2.42
CVS update: samba/source/lib
Date: Wed Sep 10 23:14:11 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv4459/lib Modified Files: Tag: SAMBA_3_0_RELEASE smbldap.c Log Message: Still on my mb rampage. Ensure smbldap_make_mod() correctly detects old values. Jeremy. Revisions: smbldap.c 1.1.4.5 = 1.1.4.6 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/smbldap.c.diff?r1=1.1.4.5r2=1.1.4.6
CVS update: samba/source/lib
Date: Wed Sep 10 23:14:18 2003 Author: jra Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv4494/lib Modified Files: Tag: SAMBA_3_0 smbldap.c Log Message: Still on my mb rampage. Ensure smbldap_make_mod() correctly detects old values. Jeremy. Revisions: smbldap.c 1.1.2.13 = 1.1.2.14 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/smbldap.c.diff?r1=1.1.2.13r2=1.1.2.14
CVS update: samba/source/sam
Date: Wed Sep 10 23:49:23 2003 Author: jra Update of /data/cvs/samba/source/sam In directory dp.samba.org:/tmp/cvs-serv7967/sam Modified Files: Tag: SAMBA_3_0 idmap_ldap.c Log Message: Ensure we consistantly translate to/from utf8 for talking to LDAP. Jeremy. Revisions: idmap_ldap.c1.1.2.16 = 1.1.2.17 http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/idmap_ldap.c.diff?r1=1.1.2.16r2=1.1.2.17
CVS update: samba/source/sam
Date: Wed Sep 10 23:49:25 2003 Author: jra Update of /data/cvs/samba/source/sam In directory dp.samba.org:/tmp/cvs-serv7897/sam Modified Files: Tag: SAMBA_3_0_RELEASE idmap_ldap.c Log Message: Ensure we consistantly translate to/from utf8 for talking to LDAP. Jeremy. Revisions: idmap_ldap.c1.1.4.4 = 1.1.4.5 http://www.samba.org/cgi-bin/cvsweb/samba/source/sam/idmap_ldap.c.diff?r1=1.1.4.4r2=1.1.4.5
CVS update: samba/source/utils
Date: Thu Sep 11 01:57:08 2003 Author: tpot Update of /data/cvs/samba/source/utils In directory dp.samba.org:/tmp/cvs-serv20828 Modified Files: Tag: SAMBA_3_0 net_groupmap.c Log Message: Fix error message when calling namedtogid() fails adding a group map entry. Bug #431. Revisions: net_groupmap.c 1.1.2.17 = 1.1.2.18 http://www.samba.org/cgi-bin/cvsweb/samba/source/utils/net_groupmap.c.diff?r1=1.1.2.17r2=1.1.2.18