Re: [Samba] Can you use roaming profile in a workgroup environment?
On Tue, 20 Jan 2004, Philip M Grisedale wrote: All Can you set-up roaming profiles in a workgroup environment? or do I have to migrate to PDC? No. Roaming profiles work only with domain members. Ergo, you need a Domain, for that you need a PDC. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection refused, access denied (Windows XP trying to connect on samba's shared printer)
On Sat, 2004-01-24 at 23:41, Andrew Bartlett wrote: On Sun, 2004-01-25 at 13:17, Craig White wrote: On Sat, 2004-01-24 at 17:30, Mark Hougaard wrote: Jonny, Did you ever get your shared printer issue resolved? If so, how? I'm having exactly the same problem and I didn't see that anyone responded to your request for help on the lists.samba.org group. My setup and problem is pretty much the same as yours was Win XP pro can see printer share on Linux RH9.0 (kernel 2.4.20), but cannot get access once the drivers are configured. Any help would be greatly appreciated. --- I had a bunch of grief setting up HP Laser printers on AS 3 which is virtually identical to RH 9. The first one worked, the second one didn't and then the first one didn't work anymore. Spent a lot of hours on this and finally got it working - here's how I did it, this might not be the 'recommended' way but it worked for me. I can say that this is the pretty standard way of configuring these printers, and that the CUPS web tool is very, very good. (This is the way I manage all my printers). --- well my eyes were rolling around in my head reading and trying to process all of the info on cups in JHT's How-To I'm not smart enough to understand that I guess. Not entirely sure if Red Hat's tool works well enough and the manually copying the PPD's to the /usr/share/cups/model/ppd seemed to be critical element. Red Hat's tool has you picking the printer and the printing type so it should have worked but it didn't. The cups web configuration was easy enough. The 'Add Printer Wizard' implementation to post the drivers on the server is kick butt stuff. Easy, quick, painless and a lot of bang for the amount of time necessary to make it work. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can you use roaming profile in a workgroup environment?
On Sun, 2004-01-25 at 00:42, John H Terpstra wrote: On Tue, 20 Jan 2004, Philip M Grisedale wrote: All Can you set-up roaming profiles in a workgroup environment? or do I have to migrate to PDC? No. Roaming profiles work only with domain members. Ergo, you need a Domain, for that you need a PDC. While we're on the subject... I'm playing with Outlook / IMAP / profiles and reading through Microsoft's IT Pro pages, I am circular referencing and somewhat indecisive about the best plan for roaming profiles. I am in final throws of converting a network over - users were on Outlook 2000 / Win 98 and I never bothered with roaming profiles. I am definitely using roaming profiles on computers to be deployed tomorrow. Some of these users have some very big PST files (big shock - right?) Anyway, I want to move the pst files from %SYSTEM_PROFILE_ROOT%\Local Settings\Microsoft\Outlook because obviously that don't roam. Microsoft suggests that you put them on network share. It's simple enough to move them to %SYSTEM_PROFILE_ROOT%\Application Data\Microsoft\Outlook which does roam. Seems as though the price is paid throughout the day on the former and only at startup and shutdown on the latter. I'm planning on just storing their local PST stuff on the server share and going to beg them to clean it up. It seems silly to pull email from their home share and store the local cache also in their home share - plus I'm gonna have to set up quota's now. Anyone have an opinion here? Lastly I've got Netscape 7.1 weighing in with up to 50 mb of cache in the Application Data tree...run without cache? Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Firewall transparancy?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Anders Norrbring írta: | Hi! | | I was thinking, is there a way to use a linux box with Samba running in the | DMZ of a firewall and to validate logons from the internal network? | | I.e. the users workstations are on the protected net on 192.168.111.xx and | the Samba PDC resides in the DMZ, running subnet 192.168.222.xx. If it's | possible, what ports need to be open? | | Anders Norrbring | | Something a little bit more secure, IMHO would be: | Internet | --- | Firewall |--| DMZ | |/ | / | / | /NMB traffic |/SMB traffic | /CIFS traffic | / | / |/ | LAN |/ On the DMZ network in smb.conf allow only your LAN to access the servers. Make sure, you have forwarding between interfaces disabled on them. Regards, Geza -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAE4OM/PxuIn+i1pIRAtcQAJ9qjAPRwkKKbQ468PIFAc4B4va+QQCfV61V Ssvn/7VCjuC0VbMgHXYWHpY= =AgHW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba compile error
On Fri, 2004-01-23 at 19:02, S D wrote: Hi, I am compiling Samba-3.0.1 on a Solaris 9 machine. I have gcc-3.3.2. Running make fails. Thanks for your advice. PATH=/usr/bin:/usr/local/bin:/usr/ccs/bin # ./configure --with-included-popt --with-gnu-ld I think the problem here is that you need to ensure that the gnu LD is the one actually being used. Try reworking your path again. Where is the gnu ld? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding Samba Domain SIDs...
On Sat, 2004-01-24 at 02:07, Tait Shrum wrote: Our school district is moving to an LDAP database for mail and domain authentication. We are seeing some errors in our logs we don't know how to resolve and need your help. First, let me give a run down of what we have and what we are using: RedHat 9.0 Samba 3.02 Pre 1 OpenLdap 2.1.22-3 Smbldaptools v. 0.83 We have a main campus where our Master LDAP database is located. The Samba domain at this location is called BRYANT. We have four wing locations which have Samba and LDAP installed (versions above). The LDAP database from our main campus is being replicated to these wing locations over our IPSec VPN. When we get Samba authenticating against the LDAP database at these locations - everything works fine except we see this error message in our logs: Jan 23 08:39:05 desproxy smbd[15472]: [2004/01/23 08:39:05.863097, 1, pid=15472, effective(0, 0), real(0, 0)] lib/smbldap.c:add_new_domain_info(1301) Jan 23 08:39:05 desproxy smbd[15472]: failed to add domain dn= sambaDomainName=DES,dc=bryantschools,dc=org with: Internal (implementation specific) error Jan 23 08:39:05 desproxy smbd[15472]: ^Ino structuralObjectClass operational attribute Jan 23 08:39:05 desproxy smbd[15472]: [2004/01/23 08:39:05.863392, 0, pid=15472, effective(0, 0), real(0, 0)] lib/smbldap.c:smbldap_search_domain_info(1350) Jan 23 08:39:05 desproxy smbd[15472]: Adding domain info for DES failed with NT_STATUS_UNSUCCESSFUL Perhaps you have not setup referrals correctly on the slave servers, so they do not tell Samba where it can perform the write. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba and very large files
Hello, Christopher, Samstag, 24. Jänner 2004, 22:43 you wrote: Yeah. As it has been discussed several times on this list, smbfs is limited to 2GB. Please use cifs instead. CL Got it. So that is why I don't have a problem creating a share on the CL Gentoo systems, mapping a drive on the Windows machines to the Gentoo CL system and copying the files that way? You mean, you want to export a file on the Gentoo-System via Samba and copy files onto that share? Yes, this should work out fine. Also smbfs is NOT part of the Samba suite but part of the linux kernel. CL Learn something every day :) That's right. Go on with it ;) -- best regards, Stefan G. Weichinger mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] WinXP dont log out
i have a PDc for 8 WInXP clients, my Problem: If i use w on the Shell i see users, which had loged out for a long time. if i restart samba, all is ok. or i restart the client. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba] Samba3 Printer drivers installation
[Samba] Samba3 Printer drivers installation Andrei Mikhailovsky andrei at arhont.com Tue Jan 20 11:52:41 GMT 2004 Hello, I am having problems installing printer drivers for Samsung ML-4500 printer, so windows workstation can just fetch them from print$ share. When I run rpcclient with -d 4 i get the following error: whale:/home/samba/home# rpcclient -d 4 -Uroot% -c 'adddriver Windows NT x86 SSGK2:ssgk2.cnt:ssgk2.dat:ssgk2.dll:ssgk2.hlp:ssgk2.ini:ssgk2.sdd:ssgk2su.dll:ssgk2ui.dll:ssgk2um.dll' WHALE Your command is wrong. I can see this by just counting the colons in it. There must be exactly 7 colons -- yours has 9! [] result was WERR_INVALID_PARAM Does anyone know what the problem is Yes. and how to fix it? Use the correct syntax :-) It is described here http://samba.vernstok.nl/htmldocs/CUPS-printing.html#id2562523 in very great detail, as well as at many other places, like man rpcclient (search for adddriver). Admittedly, it is not very simple, so I'll try to explain again. The man page quotes this: adddriver arch config [version] arch is the Win architecture family. It may be either Windows NT x86 (which stands for Windows NT 4.0, Windows 2000/2003 and Windows XP) or Windows 4.0 (which represents Windows 95/98/ME). You need to use the quotes because of the spaces in the string. config is the long string, containing 8 separate fields, separated by 7 colons. The last field may contain either NULL, or a list of additional driver files *separated by commas*. All this 8 fields must be filled in, none may be empty (in which case the NULL needs to go in), and they need to be filled in in the correct order. The correct order is this: LongDriverName:DriverFileName:DataFileName:ConfigFileName:HelpFileName:LanguageMonitorName:DefaultDataType:Comma-Separated-list-of-Files The LanguageMonitorName field should contain NULL. The DefaultDataType for Samba and NT72K/XP clients is RAW. To find out which files are which type, use one of these commands to query an existing NT/2000/XP workstation with the same driver installed locally (and sharing the printer): rpcclient -U'Administrator' -c 'enumdrivers 3' name-of-remote-win-workstation rpcclient -U'Administrator' -c 'getdriver printername 3' name-of-remote-win-workstation The output should show you the correct mapping of driver files to the types described above (using similar nomenclatura, albeit not exactly the same, but enough to guess). Note that the list of the Dependent Files is what needs to go, comma-separated, into the last of the 8 mentioned fields in the adddriver subcommand to rpcclient. Lastly (AND VERY IMPORTANT!!): all the files you name in the adddriver command need to be present in [print$]/W32X86/ *before* you run the command. Note, that the successful command will create a sub-directory named 2 (or 3, if you use a version 3, non-kernel-mode driver for 2000/XP) and move the files there. A partially successful adddriver command could have moved away a part of the files, and therefor you need to put the files again into the original location, before you can try again: Finally, here are 4 examples for a working rpcclient adddriver command: 1 --- rpcclient -U'Administrator%' -c 'adddriver Windows NT x86 \ HP LaserJet 8100:\ cupsdrvr.dll:\ mopi.ppd:\ cupsui.dll:\ cups.hlp:\ NULL:\ RAW:\ NULL'\ TURBO_XP # This command installs the NT/2000/XP CUPS driver into a Windows XP # Professional workstation named TURBO_XP, when it is run from any # Samba machine, and if the files had been placed into (UNC-Notation follows) # \\turbo_xp\print$\W32X86\ previously (by, for example an appropriate # smbclient command) or (path specific to my own system follows) # into C:\WINDOWS\SYSTEM32\SPOOL\drivers\W32X86\ -- - 2 -- rpcclient -U'Administrator%' -c 'adddriver Windows 4.0 \ HP LaserJet 8100:\ ADOBEPS4.DRV:\ mopi.PPD:\ NULL:\ ADOBEPS4.HLP:\ PSMON.DLL:\RAW:\ ADOBEPS4.DRV,mopi.PPD,ADOBEPS4.HLP,PSMON.DLL,ADFONTS.MFM,DEFPRTR2.PPD,ICONLIB.DLL'\ TURBO_XP # This command installs the Win95/98/ME Adobe PostScript driver into the # Windows XP Professional workstation named TURBO_XP, when it is run from # any Samba machine, and if the files had been placed into (UNC-Notation follows) # \\turbo_xp\print$\WIN40\ previously (by, for example an appropriate # smbclient command) or (path specific to my own system follows) # into C:\WINDOWS\SYSTEM32\SPOOL\drivers\WIN40\ -- - 3 -- rpcclient -U'root%' -c 'adddriver Windows NT x86 \ HP LaserJet 8100:\ cupsdrvr.dll:\ mopi.ppd:\ cupsui.dll:\
Re: [Samba] trouble with german special chars on smb shares
Nobody? Absolutely no clue? Need more info? On Fri, 23 Jan 2004 12:55:21 +0100 Dexter Filmore [EMAIL PROTECTED] wrote: Setup: two Slackware9.1 boxen with Samba 3.0.1 (tried 2.2.x as well), where xerxes: is a file server and shodan: is the client on xerxes there are 3 shared vfats (the errors I am going to describe occur on ext2/3 in exactly the same way) When I do: [EMAIL PROTECTED]:/mnt/f/smbtest$ touch Umlaute_öäü I get: [EMAIL PROTECTED]:/mnt/f/smbtest$ ls Umlaute_öäü Just like it should. BUT: on the client machine: shodan:/mnt/xerxes/f/smbtest$ ls Umlaute_:201d:201e:x81* AND shodan:/mnt/xerxes/f/smbtest$ rm Umlaute_\:201d\:201e\:x81 rm: Cannot delete »Umlaute_:201d:201e:x81« : file or directory not found Now I do it the other way round and create the file from the client. shodan:/mnt/xerxes/f/smbtest$ touch Umlaute_öäü shodan:/mnt/xerxes/f/smbtest$ ls Umlaute_öäü Everything fine on the client, but on the server: [EMAIL PROTECTED]:/mnt/f/smbtest$ ls Umlaute_÷õ³ I've been fumbling around with this for bob knows how long and just can't find the error. locales are set like this: [EMAIL PROTECTED] on both server and client Both server and client have defualt remote nls codepage 850 fstab entries on server look like this: /dev/hda6 /mnt/a6 vfat rw,suid,dev,exec,auto,users,umask=002,iocharset=iso8859-1,codepage=850 1 0 fstab entries on client look like this: //xerxes/mm3 /mnt/xerxes/f smbfs credentials=xx,uid=1000,gid=100,rw,iocharset=iso8859-1,codepage=cp8 50,users 0 0 global section on server (3.0.1): unix charset = iso8859-1 dos charset = cp850 client codepage = 850 I'm out of ideas. Dex -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- -BEGIN GEEK CODE BLOCK- Version: 3.12 FGCS d--(+)@ s-:+ a- C+++() UL+ P+++ L+++ E-- W++ N o? K- w--(---) !O M+ V- PS++(+) PE(-) Y+ PGP(-) t++(---)@ 5 X+(++) R+(++) tv--(+)@ b+(+++) DI+++ D G++ e* h++ r%* y? --END GEEK CODE BLOCK-- http://www.againsttcpa.com - nothing fights like the opposition -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Execute .exe files from a Samba share
Hi! I'm experimenting with SuSE Linux and Samba 2.2.5 as a PDC, so far, everything works perfectly well, aside from that if I store an .exe file on a network mapped drive (from the Samba server) it can't be run? The workstation is a Windows XP Pro SP1, connecting to the Samba running as a PDC with LDAP backend. The machine and user logon works perfectly, but I can't execute .exe files residing on the Samba server's shares. Anders Norrbring -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Execute .exe files from a Samba share
Le Dimanche 25 Janvier 2004 17:35, Anders Norrbring a écrit : Hi! I'm experimenting with SuSE Linux and Samba 2.2.5 as a PDC, so far, everything works perfectly well, aside from that if I store an .exe file on a network mapped drive (from the Samba server) it can't be run? The workstation is a Windows XP Pro SP1, connecting to the Samba running as a PDC with LDAP backend. The machine and user logon works perfectly, but I can't execute .exe files residing on the Samba server's shares. Anders Norrbring What's you're smb.conf ? Is there anything in the logs? What are the permissions of the exe file seen from the Windows box? Regards, Fabien Chevalier -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind and Solaris 9 with AD
Hi have resolved the problem as to why getent and samba authentication via winbind were not working. It's really stupid - we were building 64 bit and then copying the 64 bit winbind nss lib into /usr/lib - doh!. So getent ( 32 bit ) would try and load a 64 bit winbind nss lib which obviously could not work , and it was failing silently. Recompiling 32 bit version of library has done the trick and getent works ok and users do not need unix accounts to access samba areas. Will post full build procedure tomorrow and am now trying to get the logging on to the Solaris 9 host using AD account details. Isn't working yet - have redirected all auth.debug to a file and am getting the following: Jan 22 22:02:18 ants725 pam_winbind[21561]: [ID 614614 auth.notice] user 'test7' granted acces Jan 22 22:02:18 ants725 login[21561]: [ID 468494 auth.crit] login account failure: No account present for user i.e. the pam authentication is working but then login doen't appear to be able to find the user's account. Anyway - will have a play and post back if I get any further. thanks to everyone who replied to my post - sorry it was such an idiotic problem in the end. tim *** This communication (including any attachments) contains confidential information. If you are not the intended recipient and you have received this communication in error, you should destroy it without copying, disclosing or otherwise using its contents. Please notify the sender immediately of the error. Internet communications are not necessarily secure and may be intercepted or changed after they are sent. Abbey National Treasury Services plc does not accept liability for any loss you may suffer as a result of interception or any liability for such changes. If you wish to confirm the origin or content of this communication, please contact the sender by using an alternative means of communication. This communication does not create or modify any contract and, unless otherwise stated, is not intended to be contractually binding. Abbey National Treasury Services plc. Registered Office: Abbey National House, 2 Triton Square, Regents Place, London NW1 3AN. Registered in England under Company Registration Number: 2338548. Regulated by the Financial Services Authority (FSA). *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Execute .exe files from a Samba share
On Mon, 2004-01-26 at 03:35, Anders Norrbring wrote: Hi! I'm experimenting with SuSE Linux and Samba 2.2.5 as a PDC, so far, everything works perfectly well, aside from that if I store an .exe file on a network mapped drive (from the Samba server) it can't be run? The workstation is a Windows XP Pro SP1, connecting to the Samba running as a PDC with LDAP backend. The machine and user logon works perfectly, but I can't execute .exe files residing on the Samba server's shares. Ensure you have unix execute permission on the file too. We map from unix to NT execute permissions. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinXP dont log out
On Mon, 2004-01-26 at 00:11, Christian Hennig wrote: i have a PDc for 8 WInXP clients, my Problem: If i use w on the Shell i see users, which had loged out for a long time. if i restart samba, all is ok. or i restart the client. I have found this occurs if you share printers from a Samba server, for some reason this keeps the IPC$ share open forever. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind and Solaris 9 with AD
On Mon, 2004-01-26 at 04:42, Unix Service (ANTS) wrote: Hi have resolved the problem as to why getent and samba authentication via winbind were not working. Jan 22 22:02:18 ants725 pam_winbind[21561]: [ID 614614 auth.notice] user 'test7' granted acces Jan 22 22:02:18 ants725 login[21561]: [ID 468494 auth.crit] login account failure: No account present for user i.e. the pam authentication is working but then login doen't appear to be able to find the user's account. Anyway - will have a play and post back if I get any further. What is your 'template shell'? That is what becomes the shell in the user's passwd entry. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] My story installing Samba-LDAP PDC (it has a happy en ding )
fix the groupmap stuff last - it's one of the least important things. It has nothing to do with whether you can connect a windows computer to the domain. The most important thing is to get LDAP working correctly and if you are trying to learn LDAP and Samba at the same time, why would you not expect your mind to go numb. LDAP is the single hardest thing to configure and you have to make that work first. Learn how to access your LDAP server...how to create new records, delete records and modify records from command line - there are no shortcuts. When you get that under control, set your computer up to do authentication (posix) via LDAP / nsswitch / ldap.conf. When you can access mail, log in at console and via ssh on account that only exists in LDAP (not in /etc/passwd), then you know enough to integrate Samba. This is simply not something that you can fake your way into learning or getting lucky and making it work. Craig i agree with you that ldap is hardest thing i've attmpted to configure. samba is already working in my setup as the pdc for a mixed mode environment, i just wanted to switch the backend to ldap. since i'm attempting this(ldap) for the first time i've set this up on another machine from scratch and already populated the database before i was aware of the gui's (i now use browser). the search functions return everything i've enterd and i'm already at the point you've suggested. i had thought that these nt groups were required to be present for the windows machines to function completly? i'll take another look at my setup with a fresh mind and hopefully i'll find the solution tae -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Execute .exe files from a Samba share
On Mon, 2004-01-26 at 03:35, Anders Norrbring wrote:
Hi!
I'm experimenting with SuSE Linux and Samba 2.2.5 as a PDC, so far,
everything works perfectly well, aside from that if I store an .exe file
on
a network mapped drive (from the Samba server) it can't be run?
The workstation is a Windows XP Pro SP1, connecting to the Samba running
as
a PDC with LDAP backend. The machine and user logon works perfectly,
but I
can't execute .exe files residing on the Samba server's shares.
Ensure you have unix execute permission on the file too.
We map from unix to NT execute permissions.
Andrew Bartlett
I guess that this list isn't the right place for distribution specific
questions, but as of what my manual for my dist says, it should work as a
PDC fully directly from the box.
It's the SuSE Linux Standard Server 8, based on United Linux 1.0SP3. I've
followed the written manuals to the letter, and all the setup is made by
SuSE's web admin interface. I don't know if it's familiar to you?
Anyway, I attach my smb.conf below, if that can be of any lead.
...
[global]
add user script = /usr/sbin/addsmbmachine2ldap %m
admin users = administrator
character set =
client code page = 437
domain admin group = @ntadmin root
encrypt passwords = Yes
ldap admin dn = uid=cyrus,dc=the-server,dc=net
ldap del only sam attr = Yes
ldap filter = ((uid=%u)(objectclass=sambaAccount))
ldap port = 389
ldap server = localhost
ldap ssl = No
ldap suffix = dc=the-server,dc=net
map to guest = Bad User
os level = 64
printcap name = CUPS
printer admin = @ntadmin
printing = CUPS
security = user
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
time server = Yes
unix extensions = Yes
username map = /etc/samba/smbusers
veto files = /*.eml/*.nws/riched20.dll/*.{*}/
wins support = Yes
workgroup = THE-SERVER
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
browseable = No
[homes]
browseable = No
comment = Home Directories
inherit permissions = Yes
read only = No
valid users = %S
[print$]
comment = Printer Drivers
create mask = 0664
directory mask = 0775
force group = ntadmin
path = /var/lib/samba/drivers
write list = @ntadmin root
[printers]
browseable = No
comment = All Printers
create mask = 0600
path = /var/tmp
printable = Yes
[Users]
comment = Share of all users
path = /home
writeable = Yes
inherit permissions = Yes
veto files = /aquota.user/groups/shares/
[Groups]
comment = Share of all groups
path = /home/groups
writeable = Yes
inherit permissions = Yes
[pdf]
comment = PDF generator
path = /var/tmp
printable = Yes
print command = /usr/bin/smbprngenpdf -J '%J' -c %c -s %s -u '%u' -z %z
create mask = 0600
[info]
comment = info
path = /home/groups/info
writeable = Yes
inherit permissions = Yes
browseable = No
[IT]
comment = IT
path = /home/groups/IT
writeable = Yes
inherit permissions = Yes
browseable = No
[purchase]
comment = purchase
path = /home/groups/purchase
writeable = Yes
inherit permissions = Yes
browseable = No
[sales]
comment = sales
path = /home/groups/sales
writeable = Yes
inherit permissions = Yes
browseable = No
[management]
comment = management
path = /home/groups/management
writeable = Yes
inherit permissions = Yes
browseable = No
[administration]
comment = administration
path = /home/groups/administration
writeable = Yes
inherit permissions = Yes
browseable = No
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Execute .exe files from a Samba share
On Mon, 2004-01-26 at 09:23, Andrew Bartlett wrote: On Mon, 2004-01-26 at 03:35, Anders Norrbring wrote: Hi! I'm experimenting with SuSE Linux and Samba 2.2.5 as a PDC, so far, everything works perfectly well, aside from that if I store an .exe file on a network mapped drive (from the Samba server) it can't be run? The workstation is a Windows XP Pro SP1, connecting to the Samba running as a PDC with LDAP backend. The machine and user logon works perfectly, but I can't execute .exe files residing on the Samba server's shares. Ensure you have unix execute permission on the file too. We map from unix to NT execute permissions. I should make it clear that this is only regarding files copied from the samba server to the client, such as profiles. The client reads the ACL, and copies that locally. When the client then tries to execute the program, it denies itself. If the program is executed directly on the share, only a read check is performed. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Weird problem with ADS support - Samba 3.0.1 - win2k3
Ok, this one has me stumped... I am implementing 3.0.1 on a new machine - Slackware 9 based. Got everything compiled (OpenLDAP, Kerberos 5) and installed Kerberos pulls the ticket without problem. The samba machine joins the domain without any difficulties. Here is where it gets weird. From the Win2k3 DC, I can not browse the samba machine - won't recognize passwords. However, from the samba client, I can use domain accounts without trouble. In other words, domain user ron can not log into the samba machine from Win2k3, but the same domain user can log in via smbclient on the server hosting samba. I know that it's the domain user too, since I did a password change on the domain user (in win2k3) and the changed password follows to the smbclient. Before anyone asks, yes, I do have client use spnego set to yes in the smb.conf file... I have also tried using both the default winbind separator \ as well as + - no difference. Anyone have any hints on where I should look for this one -- Ron Gage - LPIC1, MCP, A+, Net+ Pontiac, Michigan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can you use roaming profile in a workgroup environment?
I spent hours trying to make Outlook XP work in a networked IMAP / LDAP environment. What I ended up doing is creating PRF files for all users on the network with FoxPro, then calling the PRF file on system login. This doesn't solve the roaming contact issue, however it does solve the I want to log in anywhere see my emails I hope this sample helps someone, even better it would be great if this prompts someone to refine my findings. joe.prf: [General] Custom=1 DefaultProfile=Yes OverwriteProfile=Append ModifyDefaultProfileIfPresent=TRUE [Service List] Service1=LDAP Directory [Internet Account List] Account1=IMAP_I_Mail [Service1] UniqueService=Yes ServerName=mail.lp.com DisplayName=LDAPDirectory ConnectionPort=389 UseSSL=FALSE UserName= SearchBase=ou=people,dc=lp,dc=com SearchTimeout=60 MaxEntriesReturned=100 [Account1] UniqueService=Yes AccountName=IMAP Email IMAPServer=mail.lp.com SMTPServer=mail.lp.com IMAPUserName=joe [EMAIL PROTECTED] IMAPUseSPA=0 DisplayName=Joe LP [EMAIL PROTECTED] SMTPUseAuth=0 SMTPAuthMethod=0 ConnectionType=0 RootFolder= ConnectionOID=MyConnection IMAPPort=143 IMAPUseSSL=0 ServerTimeOut=60 SMTPPort=25 SMTPUseSSL=0 [Personal Folders] ServiceName=MSPST MS Name=PT_STRING8,0x3001 PathToPersonalFolders=PT_STRING8,0x6700 RememberPassword=PT_BOOLEAN,0x6701 EncryptionType=PT_LONG,0x6702 Password=PT_STRING8,0x6703 [Outlook Address Book] ServiceName=CONTAB [LDAP Directory] ServiceName=EMABLT ServerName=PT_STRING8,0x6600 UserName=PT_STRING8,0x6602 UseSSL=PT_BOOLEAN,0x6613 DisplayName=PT_STRING8,0x3001 ConnectionPort=PT_STRING8,0x6601 SearchTimeout=PT_STRING8,0x6607 MaxEntriesReturned=PT_STRING8,0x6608 SearchBase=PT_STRING8,0x6603 [Microsoft Outlook Client] SectionGUID=0a0d0200c046 FormDirectoryPage=PT_STRING8,0x0270 WebServicesLocation=PT_STRING8,0x0271 ComposeWithWebServices=PT_BOOLEAN,0x0272 PromptWhenUsingWebServices=PT_BOOLEAN,0x0273 OpenWithWebServices=PT_BOOLEAN,0x0274 [Personal Address Book] ServiceName=MSPST AB NameOfPAB=PT_STRING8,0x001e3001 Path=PT_STRING8,0x001e6600 ShowNamesBy=PT_LONG,0x00036601 [I_Mail] AccountType=POP3 AccountName=PT_UNICODE,0x0002 DisplayName=PT_UNICODE,0x000B EmailAddress=PT_UNICODE,0x000C POP3Server=PT_UNICODE,0x0100 POP3UserName=PT_UNICODE,0x0101 POP3UseSPA=PT_LONG,0x0108 Organization=PT_UNICODE,0x0107 ReplyEmailAddress=PT_UNICODE,0x0103 POP3Port=PT_LONG,0x0104 POP3UseSSL=PT_LONG,0x0105 SMTPServer=PT_UNICODE,0x0200 SMTPUseAuth=PT_LONG,0x0203 SMTPAuthMethod=PT_LONG,0x0208 SMTPUserName=PT_UNICODE,0x0204 SMTPUseSPA=PT_LONG,0x0207 ConnectionType=PT_LONG,0x000F ConnectionOID=PT_UNICODE,0x0010 SMTPPort=PT_LONG,0x0201 SMTPUseSSL=PT_LONG,0x0202 ServerTimeOut=PT_LONG,0x0209 LeaveOnServer=PT_LONG,0x1000 [IMAP_I_Mail] AccountType=IMAP AccountName=PT_UNICODE,0x0002 DisplayName=PT_UNICODE,0x000B EmailAddress=PT_UNICODE,0x000C IMAPServer=PT_UNICODE,0x0100 IMAPUserName=PT_UNICODE,0x0101 IMAPUseSPA=PT_LONG,0x0108 Organization=PT_UNICODE,0x0107 ReplyEmailAddress=PT_UNICODE,0x0103 IMAPPort=PT_LONG,0x0104 IMAPUseSSL=PT_LONG,0x0105 SMTPServer=PT_UNICODE,0x0200 SMTPUseAuth=PT_LONG,0x0203 SMTPAuthMethod=PT_LONG,0x0208 SMTPUserName=PT_UNICODE,0x0204 SMTPUseSPA=PT_LONG,0x0207 ConnectionType=PT_LONG,0x000F ConnectionOID=PT_UNICODE,0x0010 SMTPPort=PT_LONG,0x0201 SMTPUseSSL=PT_LONG,0x0202 ServerTimeOut=PT_LONG,0x0209 CheckNewImap=PT_LONG,0x1100 RootFolder=PT_UNICODE,0x1101 Craig White wrote: On Sun, 2004-01-25 at 00:42, John H Terpstra wrote: On Tue, 20 Jan 2004, Philip M Grisedale wrote: All Can you set-up roaming profiles in a workgroup environment? or do I have to migrate to PDC? No. Roaming profiles work only with domain members. Ergo, you need a Domain, for that you need a PDC. While we're on the subject... I'm playing with Outlook / IMAP / profiles and reading through Microsoft's IT Pro pages, I am circular referencing and somewhat indecisive about the best plan for roaming profiles. I am in final throws of converting a network over - users were on Outlook 2000 / Win 98 and I never bothered with roaming profiles. I am definitely using roaming profiles on computers to be deployed tomorrow. Some of these users have some very big PST files (big shock - right?) Anyway, I want to move the pst files from %SYSTEM_PROFILE_ROOT%\Local Settings\Microsoft\Outlook because obviously that don't roam. Microsoft suggests that you put them on network share. It's simple enough to move them to
Re: [Samba] Weird problem with ADS support - Samba 3.0.1 - win2k3
Ron Gage wrote: Ok, this one has me stumped... I am implementing 3.0.1 on a new machine - Slackware 9 based. Stop right there :-) I suspect if you open Windows Explorer on your W2K3 machine and put the IP address of your Samba host in, it will open right up. If so, this is a problem that is fixed in the pending 3.0.2 release, so you should try upgrading (even though it has not been officially released yet). If you can't do that, you'll have to back to 3.0.0, but that has other problems to deal with. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with XP - XP shares with Linux Samba PDC 3.0.2pre1 the system cannot find message text for message number 0x in the message file for ...
Hi all I have a 5 machine network with 4 machines running XP Pro SP-1 and one (the server) running Red Hat 9.0 with Samba 3.0.2pre1 Everything seems to run OK except when I try to connect to a shared folder on an XP machine from another XP machine - sometimes this works, sometimes I get the system cannot find message text for message number 0x in the message file for (the share name) or An internal Windows 2000 error occurred. I'm about to back up my smb.conf and rpm -Uvh the latest 3.0.2rc1 (let me know if there's more involved to an upgrade than that!) But does anyone know what this problem is and how to get around it? FYI I have the following partitions on the server: /mp3 (for music) /home (holds user profiles, I have two users) /data (for data) /client (for client websites) And an HP 960c printer My log.machinename files in /var/log/samba have a lot of these errors in them: [2004/01/26 07:34:33, 0] smbd/service.c:make_connection_snum(627) Can't become connected user! My smb.conf looks like this: # Samba config file created using SWAT # from 192.168.0.5 (192.168.0.5) # Date: 2004/01/12 09:20:40 # Global parameters [global] workgroup = MIDDLEEARTH server string = hobbiton passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* unix password sync = Yes log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 addprinter command = /usr/bin/addprinter add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u logon script = logon.bat logon drive = h: domain logons = Yes preferred master = Yes domain master = Yes dns proxy = No ldap ssl = no admin users = @sysadmin hosts allow = 192.168.0., 127. [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = Yes share modes = No [printers] comment = All Printers path = /var/spool/samba guest ok = Yes printable = Yes printer name = raw [mp3] path = /mp3 read only = No guest ok = Yes [client] path = /client valid users = @digitalus read only = No guest ok = Yes [data] path = /data valid users = @digitalus read only = No guest ok = Yes [profile] path = /home/profile read only = No create mask = 0600 directory mask = 0700 profile acls = Yes csc policy = disable [lp0] path = /var/spool/samba printer admin = @digitalus read only = No guest ok = Yes printable = Yes printer name = lp0 use client driver = Yes public=yes browseable=yes guest only=no Any hints as to where I might have gone wrong, or problems with my configuration would be greatly appreciated cheers There are only 10 kinds of people in the world - those who understand binary and those who don't. Lucas Young phone: 04 388 1335 mobular:021 1919 889 e-mail: [EMAIL PROTECTED] www:http://www.digitalus.co.nz/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble migrating user accounts from NT4 to SAMBA 3.0.1 using net vampire
I'm having trouble migrating user account info from NT4 PDC to SAMBA 3.0.1 BDC (running on RedHat 8.0) using the net rpc vampire command. Not all of the accounts will migrate. I cannot see any difference bettween the ones that work and the ones that don't. The ones that do NOT work give this message while running the vampire command: Creating account: hbrendan [2004/01/21 18:56:26, 0] passdb/pdb_smbpasswd.c:build_smb_pass(1150) build_sam_pass: Failing attempt to store user with non-uid based user RID About 40% of the accounts are created properly in /etc/samba/smbpasswd, although all of them are created properly in /etc/passwd. I'm using the smbpasswd backend. I've spent a week trying to find the answer to this puzzle with no success at all. Can someone give me even a little guidance? Thanks, Jimmy Madden [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
CVS update: samba/source/groupdb
Date: Sun Jan 25 10:04:10 2004 Author: vlendec Update of /data/cvs/samba/source/groupdb In directory dp.samba.org:/tmp/cvs-serv14606 Modified Files: Tag: SAMBA_3_0 mapping.c Log Message: On my SuSE 8.2 (glibc 2.3.2) the getpwnam inside pdb_getsampwnam reset the surrounding getpwent loop to the first entry. So smbd went into an endless loop. Volker Revisions: mapping.c 1.33.2.27 = 1.33.2.28 http://www.samba.org/cgi-bin/cvsweb/samba/source/groupdb/mapping.c.diff?r1=1.33.2.27r2=1.33.2.28
CVS update: samba/source/groupdb
Date: Sun Jan 25 10:14:50 2004 Author: vlendec Update of /data/cvs/samba/source/groupdb In directory dp.samba.org:/tmp/cvs-serv16536/groupdb Modified Files: Tag: SAMBA_3_0 mapping.c Log Message: Fix memleak just introduced. Thanks to abartlet :-) Volker Revisions: mapping.c 1.33.2.28 = 1.33.2.29 http://www.samba.org/cgi-bin/cvsweb/samba/source/groupdb/mapping.c.diff?r1=1.33.2.28r2=1.33.2.29
CVS update: samba/source/smbd
Date: Mon Jan 26 02:19:44 2004 Author: abartlet Update of /home/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv18625/smbd Modified Files: Tag: SAMBA_3_0 sesssetup.c Log Message: Patch by Luca Bolcioni [EMAIL PROTECTED]. Ensure we always initialise the session key. Fixes segfaults with security=server, and encrypt passwords = no. Andrew Bartlett Revisions: sesssetup.c 1.50.2.46 = 1.50.2.47 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/sesssetup.c.diff?r1=1.50.2.46r2=1.50.2.47
CVS update: samba/source/smbd
Date: Mon Jan 26 02:22:49 2004 Author: abartlet Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv19454/smbd Modified Files: sesssetup.c Log Message: (merge from 3.0) Patch by Luca Bolcioni [EMAIL PROTECTED]. Ensure we always initialise the session key. Fixes segfaults with security=server, and encrypt passwords = no. Andrew Bartlett Revisions: sesssetup.c 1.117 = 1.118 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/sesssetup.c.diff?r1=1.117r2=1.118
CVS update: cifsvfs/fs/cifs
Date: Mon Jan 26 04:33:05 2004 Author: sfrench Update of /home/cvs/cifsvfs/fs/cifs In directory dp.samba.org:/tmp/cvs-serv8743 Modified Files: cifsglob.h connect.c misc.c smbencrypt.c Log Message: Merge with 2.6 version of cifs vfs versoin 1.0.1 Revisions: cifsglob.h 1.30 = 1.31 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/cifsglob.h.diff?r1=1.30r2=1.31 connect.c 1.47 = 1.48 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/connect.c.diff?r1=1.47r2=1.48 misc.c 1.21 = 1.22 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/misc.c.diff?r1=1.21r2=1.22 smbencrypt.c1.11 = 1.12 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/smbencrypt.c.diff?r1=1.11r2=1.12
