[Samba] Network Associates Webshield - e-mail Content Alert
Network Associates WebShield SMTP V4.5 MR1a on WAR01MAIL1 intercepted a mail from [EMAIL PROTECTED] which caused the Content Filter *.scr to be triggered. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Netlogon script executes randomly
|-Original Message- |From: [EMAIL PROTECTED] [mailto:samba- |[EMAIL PROTECTED] On Behalf Of Gémes Géza |Sent: 26. mars 2004 00:24 |To: Frode Lillerud |Cc: [EMAIL PROTECTED] |Subject: Re: [Samba] Netlogon script executes randomly | |-BEGIN PGP SIGNED MESSAGE- |Hash: SHA1 | |Gerald (Jerry) Carter írta: || Frode Lillerud wrote: || | Hi, I have set up Samba 3.0.2a on my Debian server as a PDC. || | || | I use a Windows XP Pro laptop to log on wirelessly, and things seems to || | be working fine except with the logon.bat script. || | || | I have added logon script = logon.bat and the netlogon share in my || | smb.conf. || | || | The logon.bat has executed a few times (perhaps 10% of || | the times), but there is obviously a problem. The logon.bat || | is created with DOS style CR/LF. || || general this kind of behavior would happen if you were || using cached credentials to logon. You might want to || disable caching of logon credentials temporaily so help || track down the problem. flakey wireless maybe ? || || |I would also recomend to check if you can successfully run the logon |script from command prompt. I've had once problems with a Win2k box |which after installing a program which filled in in the path things like |C:\PROGRA~1\.., failed to find the net command. | I've tried logging in and run: net use k: \\sauroman\netlogon and it seems to be working just fine. The drive is mapped, and I can run the logon.bat manually without any problems. Occationally I also see that C:\Windows\System32\cmd.exe is running, but just shuts down again. This is not the logon-script! I've added a pause statement to it to keep it from closing. I'm also trying to test this from my desktop computer, to see if the wireless connection has any bad sideeffects, but I have thus far been unable to create a new sambauser. See separate mail to sambalist called XP gives Access denied for domain logon. |Cheers | |Geza |-BEGIN PGP SIGNATURE- |Version: GnuPG v1.2.3 (GNU/Linux) |Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org | |iD8DBQFAY2od/PxuIn+i1pIRAloXAJ9Jf51+hCQVdLRdln1/onUWjLOBNACdEd0e |DET5fNRGwqKvjjKDjMBDG1I= |=UNjU |-END PGP SIGNATURE- | |-- |To unsubscribe from this list go to the following URL and read the |instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP gives Access denied for domain logon
Samba 3.0.2a-Debian I have a somewhat working PDC server, but have some difficulties adding more users. I managed to create a user, anna, a couple of days ago, it she works fine from my wireless laptop. To sort out some problems I have with the logon.bat script [see sambalist Netlogon script executes randomly], I am also including my desktop computer to the domain. I've run the following commands on the server: useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s /bin/false frode and smbpasswd -a frode and net groupmap modify ntgroup=Domain Users unixgroup=users When I switch the XP computer from workgroup to domain I get a popup box for username/password for the domain. Here I write username frode, and the password I set with smbpasswd. XP responds with a Access denied message. The samba logfile says: [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [frode] - [frode] - [frode] succeeded [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) Closing connections My smb.conf: # Setting up Samba 3.0 as a Primary Domain Controller [global] # Server settings netbios name = sauroman workgroup = ISENGARD server string = Testing PDC security = user # guest account = smbguest encrypt passwords = yes # PDC settings domain logons = yes logon script = newlog.bat # Browser and WINS settings domain master = yes local master = yes preferred master = yes os level = 255 wins support = yes # Other services time server = yes # Debugging and Logging log level = 2 log file = /tmp/samba_%m.log max log size = 1000 #1MB debug timestamp = yes syslog = 1 [netlogon] path = /var/lib/samba/netlogon browseable = yes writable = yes # set this to no again! [homes] comment = Home for %u writeable = yes browseable = no ; map archive = yes ;? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] some files and dirs dont appear with XP
Hi I have installed Samba 3.0.2a and i have a problem with some files that exist but they dont appear in the XP browser and other files in the same dir are shown I can access that problematic files using win98 and smbclient. Permissions are ok, and if I move the files to other dir they appear. Relevant info from smb.conf [global] preserve case = yes short preserve case = yes case sensitive = no [Clientes] path = /var/samba/Clientes readonly = no browseable = yes create mask = 0777 directory mask = 0777 The files /var/samba/Clientes/MALLA, S.A/MALLA S.A/0011Q-D.TEMPORALES LEAS.2003-1.xls permissions are 777 The dir /var/samba/Clientes/INVERSIONES CIUDAD JARDIN, S.L. permissions are drwxrwxrwx No vetos, and all the files and dirs have the same permissions Thanks in advance -- Celso Gonzalez [EMAIL PROTECTED] signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP gives Access denied for domain logon
Did you apply the SIGN-OR-SEAL-Patch for the registry? Am Freitag, 26. März 2004 10:21 schrieb Frode Lillerud: Samba 3.0.2a-Debian I have a somewhat working PDC server, but have some difficulties adding more users. I managed to create a user, anna, a couple of days ago, it she works fine from my wireless laptop. To sort out some problems I have with the logon.bat script [see sambalist Netlogon script executes randomly], I am also including my desktop computer to the domain. I've run the following commands on the server: useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s /bin/false frode and smbpasswd -a frode and net groupmap modify ntgroup=Domain Users unixgroup=users When I switch the XP computer from workgroup to domain I get a popup box for username/password for the domain. Here I write username frode, and the password I set with smbpasswd. XP responds with a Access denied message. The samba logfile says: [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [frode] - [frode] - [frode] succeeded [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) Closing connections My smb.conf: # Setting up Samba 3.0 as a Primary Domain Controller [global] # Server settings netbios name = sauroman workgroup = ISENGARD server string = Testing PDC security = user # guest account = smbguest encrypt passwords = yes # PDC settings domain logons = yes logon script = newlog.bat # Browser and WINS settings domain master = yes local master = yes preferred master = yes os level = 255 wins support = yes # Other services time server = yes # Debugging and Logging log level = 2 log file = /tmp/samba_%m.log max log size = 1000 #1MB debug timestamp = yes syslog = 1 [netlogon] path = /var/lib/samba/netlogon browseable = yes writable = yes # set this to no again! [homes] comment = Home for %u writeable = yes browseable = no ; map archive = yes ;? -- Mit freundlichen Grüssen Sascha Bieler ___ Radio Gong 2000 GmbH Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 München Tel.: +49 89 38 166 181 Fax.: +49 89 38 166 180 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Resolving computername from ip
I normally use ping -a [IP address] from a Windows DOS session. Not sure if the -a option works from a Linux commend prompt though. - Original Message - From: Torben Thomsen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, March 26, 2004 7:47 AM Subject: [Samba] Resolving computername from ip Hi, Is there, on a intranet, any way to resolve the computername from its ip ? I have a setup where I know which users are on which ip, and I wan't to notify some events to some users with a smbclient -M. But since I don't know the computername, I don't know any way to send the popups... thanks /torben t -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.622 / Virus Database: 400 - Release Date: 15/03/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RECYCLER
hello, is there any way to aktivate using recycler for to samba connected drives ? Or is it always an windows problem with network connected drives and if so someone knows a way to activate in windows? regards Björn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Report to Sender
Incident Information:- Database: E:/lotus/domino/mail1.box Originator:[EMAIL PROTECTED] Recipients:[EMAIL PROTECTED] Subject: Re: Details Date/Time: 26/03/2004 10:08:06 The file attachment my_details.pif you sent to the recipients listed above was infected with the W32/[EMAIL PROTECTED] virus and was not successfully cleaned. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: XP gives Access denied for domain logon
hello as I know right regpatch XP for samba 3 not needed, but did you set up the machine account and did you make the machine known with an sambaadmin account ? sambaadmin account must be user id 0 and group id 0 if I do not fail ;) mit freundlichen Grüssen Björn Frode Lillerud [EMAIL PROTECTED] schrieb im Newsbeitrag news:[EMAIL PROTECTED] Samba 3.0.2a-Debian I have a somewhat working PDC server, but have some difficulties adding more users. I managed to create a user, anna, a couple of days ago, it she works fine from my wireless laptop. To sort out some problems I have with the logon.bat script [see sambalist Netlogon script executes randomly], I am also including my desktop computer to the domain. I've run the following commands on the server: useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s /bin/false frode and smbpasswd -a frode and net groupmap modify ntgroup=Domain Users unixgroup=users When I switch the XP computer from workgroup to domain I get a popup box for username/password for the domain. Here I write username frode, and the password I set with smbpasswd. XP responds with a Access denied message. The samba logfile says: [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [frode] - [frode] - [frode] succeeded [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) Returning domain sid for domain ISENGARD - S-1-5-21-2641962930-4089608471-2571597100 [2004/03/26 10:16:03, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) Closing connections My smb.conf: # Setting up Samba 3.0 as a Primary Domain Controller [global] # Server settings netbios name = sauroman workgroup = ISENGARD server string = Testing PDC security = user # guest account = smbguest encrypt passwords = yes # PDC settings domain logons = yes logon script = newlog.bat # Browser and WINS settings domain master = yes local master = yes preferred master = yes os level = 255 wins support = yes # Other services time server = yes # Debugging and Logging log level = 2 log file = /tmp/samba_%m.log max log size = 1000 #1MB debug timestamp = yes syslog = 1 [netlogon] path = /var/lib/samba/netlogon browseable = yes writable = yes # set this to no again! [homes] comment = Home for %u writeable = yes browseable = no ; map archive = yes ;? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] couldn't find service ?
Hi, Please could someone explain this to me. I have a basic setup with Slackware 8.0 and Samba 2.2.8a running purely as a fileserver for our win2k machines. I've just looked into var/log/samba.mike (that's me) and it shows... [2004/03/26 10:23:10, 0] smbd/service.c:make_connection(252) mike (172.16.15.52) couldn't find service mik I'm mapped to the share mike OK and not having any problems, just wondered what this log entry means. I've looked in other user's logs too and they are also not having problems but show similar entries - each entry just seems to be missing the last character off the share they are accessing. Confused (as usual) !:-) TIA Mike --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.622 / Virus Database: 400 - Release Date: 15/03/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
AW: [Samba] RECYCLER
Hi, yes there is a way. Have a close look at the samba VFS modules. Vfs objects = recycle Recycle: repository = .recyclebin_or_whatever_you_want Recycle: keeptree = yes With this, everything you delete is going to a directory .recyclebin_or_whatever_you_want in the share. Ok, it is not the original recycler of windows, but much better than throwing the files away. Michael -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von dragon Gesendet: Freitag, 26. März 2004 11:16 An: [EMAIL PROTECTED] Betreff: [Samba] RECYCLER hello, is there any way to aktivate using recycler for to samba connected drives ? Or is it always an windows problem with network connected drives and if so someone knows a way to activate in windows? regards Björn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] novell to samba migration
Hi! Maxim Berkman wrote: I am looking for experience with migrating from Novell to Linux.I have Novell 4.2 - file and print server. I am looking for tools to migrate Novell users (and if possible printers) to Samba. Thanks and regards Max . 972-3-9188325 I've done it last friday. I have migrated trustees, users, groups but no printers. Use the JRB tools(http://www.jrbsoftware.com/). I can send you a perl script convert trustees to posix ACLs. A. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Error Message?
On Fri, 2004-03-26 at 01:40, Martin Stacey wrote: I'm running samba-3.0.2-7.FC1 on a Fedora Core 1 box. I see this error message in the log file for each user on my network; [2004/03/26 10:55:35, 0] rpc_server/srv_util.c:get_domain_user_groups(372) get_domain_user_groups: primary gid of user [glen] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that Means that you have not mapped the primary unix group of user glen to a windows group. Use something like: net groupmap add ntgroup=Domain Users unixgroup=groupOfGlen Being groupOfGlen the primary group of user glen. Anyway, read Chapter 12 from Samba-HOWTO (Group mapping MS windows and unix). Hope this helps. -- Fermin Molina Ibarz Tècnic sistemes - ASIC Universitat de Lleida Tel: +34 973 702151 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scandinavian letters or charset problem?
On Fri, 2004-03-26 at 17:56, Pirkka Luukkonen wrote: Hi! This teamware mailclient (teamware.com) that we use at the office has problems adding files as attachments from our Samba 3.0.2a share. The attachment file browser sees the files but fails to add them as attachments (with an error message: valid.stf - file not found regardless of the file name in question). I tracked this thing down to scandinavian letters (if your mail client supports it you should see these åäöÅÄÖ) in directory names. example: g:\some-directory\some-file.pngWorks OK g:\scandiåöä\some-file.png Doesn't work. Anywhere else in Windows XP samba directories work just fine with scandinavian letters. This is the only program that behaves like this and I haven't received any help from vendor or manufacturer and they are as amazed as I am. Server is Samba 3.0.2a with winbind and the charsets are: dos charset = CP850 unix charset = UTF-8 Clients are Windows XP/2k/NT and Teamware Office 5.3/6.0. In the same way that Samba has had to deal with the move to unicode, so have many windows applications. In windows, the transition is to a new collection of 'W' functions, for 'wide' character set. This is a lot of work, and many applications instead convert back and forth to the old ASCII or OEM code page. If your user's profile/localle is incorrect, then this might be part of the issue. The correct solution may be for your application to be at least partially recoded using these functions... How well does this work against a win2k server? If it doesn't fail, then we have something more fishy going on... I tested unix charsets ascii, iso8859-1 and iso8859-15 with Samba and it did no use. I also tried win2k and nt server shares and they worked like a charm. It seems clear, that the problem I have is somewhere between Teamware Office and Samba server. Some exception that it cannot handle, perhaps. Can you make sure this is filed as a bug? If we differ in behaviour from what Win2k does, then it's a bug... If you can get any more detail from the application vendor, then that would be very useful too... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: RECYCLER
hello thats sure ;) Thank you for fast help, working fine okay it's not so simple to recover for the enduser as in windows style but better than loosing by a wrong click ;) thanks again Björn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Auto Change Password
On Tue, 2004-03-16 at 23:47, Marcelo Mercio Dandrea wrote: Hello all, Is it possible to setup Samba to issue an auto-change password on windows machines when the user logs for the first (or in a sense, the next) time ? In LDAP (or tdbsam, but I use ldap and modify the values directly) set the 'must change time' (sambaPwdMustChange I think) to 0, then you force the message for 'must change at next login'. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 0.0.0.0 broadcast
I was wandering if it is possible to disable that 0.0.0.0 broadcast.. somehow, it get's buggy. according to some log's, machines get mapped to this 0.0.0.0 adress. ?? (and remapped to the normal IP later on...) i use 302 version.. - Collen Blijenberg (Systeem/Netwerk Beheerder) Montessori Lyceum Herman Jordan Zeist -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trying to put a MS SQL 7.0 database on a samba share
Hi, I have a linux box set up with Samba 3.0 and have configured my shared drives. What I am trying to do is store a MS SQL data base on my Samba share. I can see the drive from my SQL machine but when I try create the database there I get errors like inconsistent file names etc. Fist can this be done and if so how? Thanx Warren The short answer is no.. Ms SQL requires that its databases are stored on a local disk, This is by design of the application it doesnt matter if its Windows , Samba etc making the shares available. The only way to create a non-local database is through use of specifically crafted drivers which are written in order to make the remote share appear local. This is how appliances such as NetApp work. If you are worried about it for backup purposes simply dump your SQL to disk nightly onto the shared drive. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Machine accounts, Samba 3, NT Domain migration
* Andrew Bartlett [EMAIL PROTECTED] menulis: Well, congratulations. most likely you need to rejoin all of your clients before running rpc vampire. After this step is complete, you can then login from client to samba domain without rejoining again. You should *never* have to rejoin clients. Ever. That is the point of a vampired system. If there are situations where you do have to rejoin Andrew, I'd loved to be wrong here, but i'm afraid not. I've just vampiring again using latest smbldap script, but it still has weird results. Here's the summary, comparing pwdump.exe result vs rpc vampire: 1. Machine has valid passwords (NT+LANMAN) in PWDUMP but only 1 NThash on rpc-Vampire, passwd is different. 2. Valid PWD, only NThash on VMP, but NTHASH in VMP is *same* as LANMANHASH in PWD. 3. No valid hash in PWD (only ), but has valid NTHASH in VMP. 4. Valid PWD, valid VMP and both are same. On rpc-vampire, from total of 638 machine, 448 are only having NTpassword hash entry. Is it ok for machine account to have only one hash? (i can not try it right now because the site is on another city). machines, then this is either a bug, or administrator error (such as not Bug in samba or smb-ldap script? where should I report the bug? having valid machine accounts in /etc/passwd or equiv). I'm afraid not. I've sucessfully migrating hundreds machines, so hopefully I understand what is required ;-) Andrew Bartlett --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Resolving computername from ip
* Torben Thomsen [EMAIL PROTECTED] menulis: Hi, Is there, on a intranet, any way to resolve the computername from its ip ? I have a setup where I know which users are on which ip, and I wan't to notify some events to some users with a smbclient -M. But since I don't know the computername, I don't know any way to send the popups... thanks /torben t nmblookup -A? --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't get user list when i share in win 98
Hello I'm having a problem when i try to share a directory in win98 with user share method. It shows that the user list can't be retrieved now. I'm using Samba 3.0.1 with Openldap 2 in LDAP 3 version on a SuSE Professional 9. Thanks a lot an sorry about the english Marcos -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Resolving computername from ip
Is there, on a intranet, any way to resolve the computername from its ip ? I have a setup where I know which users are on which ip, and I wan't to notify some events to some users with a smbclient -M. But since I don't know the computername, I don't know any way to send the popups... nmblookup -A? Setup an intranet DNS service and propogate WINS information into it with wins hook. If you are using an LDAP passdb bind has a very good ldap-sdb module so you can keep host zone information in the same Dit as well; nice for administration. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbindd/Samba3 on RHEL 3.0
can you provide your smb.conf and krb5.conf.
I just finished battling to get a RHEL 3 samba box going.
smb.conf...
[global]
workgroup = Maharam
server string = Max Samba Server
log file = /var/log/samba/%m.log
max log size = 50
security = domain
password server = *
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
winbind separator = -
winbind cache time = 10
template shell = /bin/bash
template homedir = /home/%D/%U
idmap uid = 1-2
idmap gid = 1-2
#===Share Definitions ===
[tmp]
comment = Temp
path = /tmp
browseable = yes
writable = yes
I never touched the /etc/krb5.conf file, so its the defaults...
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
Thanks,
Chris
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Resolving computername from ip
Is there, on a intranet, any way to resolve the computername from its ip ? I have a setup where I know which users are on which ip, and I wan't to notify some events to some users with a smbclient -M. But since I don't know the computername, I don't know any way to send the popups... nmblookup -A? Setup an intranet DNS service and propogate WINS information into it with wins hook. If you are using an LDAP passdb bind has a very good ldap-sdb module so you can keep host zone information in the same Dit as well; nice for administration. Is this better than dynamic update DNS?, SOL. I suppose it depends on what you want to accomplish. It seems more flexible and extensible to me than raw DDNS, but the big boon is management. Adjusting DNS records can then be done through the same tool/interface you use for user, groups, mail routing, etc Add in the LDAP patch for ISC's DHCP server and you've almost got an end-to-end directory enabled network. Works very well for us; just throwing it out there since I think these solutions get overlooked alot. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RECYCLER
dragon schrieb: hello, is there any way to aktivate using recycler for to samba connected drives ? Or is it always an windows problem with network connected drives and if so someone knows a way to activate in windows? regards Björn Please read the Samba-HowTo-Collection: Stackabble VFS Mudules [share] comment = Shared files path = /samba/daten inherit permissions = yes writeable = yes hide unreadable = yes vfs object = recycle recycle:repository=.recycle/%U recycle:versions=True recycle:keeptree=True matze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] FW: [Veritas-ha] Problems with samba share after failover
Dear all, I asked the following question to Veritas-HA group, but did not recieve any reply. So, I thought would try luck in samba group. Please help -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anidil Rajendran Sent: Thursday, March 25, 2004 5:08 PM To: [EMAIL PROTECTED] Subject: [Veritas-ha] Problems with samba share after failover Hi, I am not sure, if this is the right place to ask this question. scenario : 2 node VCS cluster running on solaris with samba share as resource. We have a problem where we have to perform the following to make the samba share availbale after the fail over from node 1 to 2 1. Remove the cluster group from windows domain 2. Stop Samba services on node1 or node2 3. Add the group back to domain 4. start Samba services on node1 or node2 Did anyone come across this problem with samba. If yes, I would really appreciate the help anidil p rajendran g.e treasury unix admin. ___ Veritas-ha maillist - [EMAIL PROTECTED] http://mailman.eng.auburn.edu/mailman/listinfo/veritas-ha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] add machine script wont add Postfix account
He Guys, When we add a client pc (win2k) to our domain everything goes well except that the add machine script wont run. A computer will be created within the lDAP directory but not with the add machine script. The following is our situation. Fedora Core1 |-samba-3.0.2-7.FC1 |-openldap-2.1.22-8 smb.conf -- # Global parameters [global] workgroup = T3E server string = domeinserver bind interfaces only = Yes passwd program = /usr/sbin/smbldap-passwd.pl %u passwd chat = *new*password* %n *new*password* %n *successfully* passwd chat debug = Yes passdb backend = ldapsam:ldap://localhost #unix password sync = Yes log level = 2 log file = /var/log/samba/samba.log.%m time server = Yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 add user script = /usr/sbin/smbldap-useradd.pl -a -m %u add machine script = /usr/sbin/smbldap-useradd.pl -w %u delete user script = /usr/sbin/smbldap-userdel.pl -r %u add group script = /usr/sbin/smbldap-groupadd.pl %g delete group script = /usr/sbin/smbldap-groupdel.pl %g add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u domain logons = Yes os level = 34 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = o=T3E,c=nl ldap admin dn = cn=Manager,o=T3E,c=nl ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap user suffix = ou=people ldap ssl = no admin users = root hide unreadable = Yes logon path = \\%N\%U\.winprofile logon script = netwerk.bat encrypt passwords = Yes username map = /etc/samba/smbusers -- As you see we use the smbldap-tools to execute when a client logins to the domain. After login the following entry will be made in LDAP: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl uid: tmc-ontwikkelpc$ sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006 sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007 objectClass: sambaSamAccount objectClass: account displayName: TMC-ONTWIKKELPC$ sambaPwdCanChange: 1080312437 sambaPwdMustChange: 2147483647 sambaLMPassword: F64C97556FCFA59023753BB150C8A535 sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27 sambaPwdLastSet: 1080312437 sambaAcctFlags: [W ] -- If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we get the following entry in the LDAP dir: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=test$,ou=computers,o=T3E,c=nl objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1000 gidNumber: 10012 homeDirectory: /dev/null loginShell: /bin/false description: Computer -- This is a really different schema, and this is the one that we need. Anyone sees what were doing wrong? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ERROR SAMBA
HI, RedHat Linux 8.0 error in Serverlease timed out and stop my sharings per some seconds, later return to the normal. need resolv This problem, please help me -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] add machine script wont add Postfix account
Hi! I have the same problem with my PDC. Work fine: Modify the script for add samba attribute ( three lines) Execute manually the entry (with smbldap-useradd.pl -w machine1) Try to join the domain Don't work : Samba call the smbldap-useradd -w %u and the script is not modified. I use samba 3.0.2a RH 8.0 openldap 2.1.25 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Stagiair [EMAIL PROTECTED]| | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 26/03/2004 16:06 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] add machine script wont add Postfix account | ---| He Guys, When we add a client pc (win2k) to our domain everything goes well except that the add machine script wont run. A computer will be created within the lDAP directory but not with the add machine script. The following is our situation. Fedora Core1 |-samba-3.0.2-7.FC1 |-openldap-2.1.22-8 smb.conf -- # Global parameters [global] workgroup = T3E server string = domeinserver bind interfaces only = Yes passwd program = /usr/sbin/smbldap-passwd.pl %u passwd chat = *new*password* %n *new*password* %n *successfully* passwd chat debug = Yes passdb backend = ldapsam:ldap://localhost #unix password sync = Yes log level = 2 log file = /var/log/samba/samba.log.%m time server = Yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 add user script = /usr/sbin/smbldap-useradd.pl -a -m %u add machine script = /usr/sbin/smbldap-useradd.pl -w %u delete user script = /usr/sbin/smbldap-userdel.pl -r %u add group script = /usr/sbin/smbldap-groupadd.pl %g delete group script = /usr/sbin/smbldap-groupdel.pl %g add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u domain logons = Yes os level = 34 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = o=T3E,c=nl ldap admin dn = cn=Manager,o=T3E,c=nl ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap user suffix = ou=people ldap ssl = no admin users = root hide unreadable = Yes logon path = \\%N\%U\.winprofile logon script = netwerk.bat encrypt passwords = Yes username map = /etc/samba/smbusers -- As you see we use the smbldap-tools to execute when a client logins to the domain. After login the following entry will be made in LDAP: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl uid: tmc-ontwikkelpc$ sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006 sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007 objectClass: sambaSamAccount objectClass: account displayName: TMC-ONTWIKKELPC$ sambaPwdCanChange: 1080312437 sambaPwdMustChange: 2147483647 sambaLMPassword: F64C97556FCFA59023753BB150C8A535 sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27 sambaPwdLastSet: 1080312437 sambaAcctFlags: [W ] -- If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we get the following entry in the LDAP dir: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=test$,ou=computers,o=T3E,c=nl objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1000 gidNumber: 10012 homeDirectory: /dev/null loginShell: /bin/false description: Computer -- This is a really different schema, and this is the one that we need. Anyone sees what were doing wrong? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go
Re: [Samba] winbindd/Samba3 on RHEL 3.0 [RESOLVED]
Samba 3.0.2 Red Hat Enterprise Linux ES 3.0 I'm trying to set up winbind and all of the wbinfo commands are failing. I was able to join the domain with this command... [EMAIL PROTECTED] samba# net join -S typhoon -U Administrator Administrator password: [2004/03/25 16:53:46, 0] libads/kerberos.c:ads_kinit_password(133) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot find KDC for requested realm Joined domain FOO. ...but all of the wbinfo commands fail.. [EMAIL PROTECTED] samba# wbinfo -u Error looking up domain users [EMAIL PROTECTED] samba# wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc233) Could not check secret [EMAIL PROTECTED] samba# wbinfo -a jdoe%password plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc064) error messsage was: No such user Could not authenticate user jdoe%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_LOGON_SERVERS (0xc05e) error messsage was: No logon servers Could not authenticate user jdoe with challenge/response getent passwd and getent group DO work though. I've done this before in the past on Red Hat 9 machines and it worked everytime. Maybe this problem has something to do with the fact that this server is on a different subnet from the domain controllers? Thanks, Chris I fixed this problem by running this command... net rpc join -U Administrator Before that, I was using net join -S PDC -U Administrator, which seemed to work, but didn't. Can someone please tell me why this worked to begin with? I'm not sure what the difference is. Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 2003 Active Directory Native Mode
Does Samba 3.0.2a release integrate with Windows Active Directory running in 2003 Native Mode? The situation is that two corporate departments are joining their network infrastructure. One department runs several Samba 2.2 servers and the other is a 2003 Native Mode Active Directory. I understand that if you upgrade to Samba 3.0 this supports Windows 2000 AD, but it is unclear to me if Samba will integrate seamlessly with 2003 Native Mode AD environment. I'm looking for a straight forward non biased, no BS answer. If it works cool, I'm not afraid of the overall work involved. Any help would be greatly appreciated. David Morse Network Administrator Purchaser (703) 904-3132 (571) 214-7098 TREEV, LLC 13454 Sunrise Valley Drive Suite 400 Herndon,Va 20171 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ERROR SAMBA
Sounds like an kernel problem, did you update to the latest stable version??? Am Freitag, 26. März 2004 16:16 schrieb Cesar Ruiz: error in Server lease timed out -- Mit freundlichen Grüssen Sascha Bieler ___ Radio Gong 2000 GmbH Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 München Tel.: +49 89 38 166 181 Fax.: +49 89 38 166 180 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0 2003 Active Directory Native Mode
Exactly the question that I am trying to get answered, too. What I was able to accomplish: I setup Samba 3.0.2a and it was able to see the AD (users/groups) and join into the AD. BUT... I was not able to get people to authenticate against Samba. I kept getting a Kerberos ticket error, and I tried several configs that I found through Google, none worked. I am in the process of re-installing my AD (lab setup) into Mixed Mode to see if Native Mode was my problem. It seems as though finding a straight answer to this ? is not easy! Thanks, Scott Moseman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Morse Sent: Friday, March 26, 2004 10:22 AM To: [EMAIL PROTECTED] Subject: [Samba] Samba 3.0 2003 Active Directory Native Mode Does Samba 3.0.2a release integrate with Windows Active Directory running in 2003 Native Mode? The situation is that two corporate departments are joining their network infrastructure. One department runs several Samba 2.2 servers and the other is a 2003 Native Mode Active Directory. I understand that if you upgrade to Samba 3.0 this supports Windows 2000 AD, but it is unclear to me if Samba will integrate seamlessly with 2003 Native Mode AD environment. I'm looking for a straight forward non biased, no BS answer. If it works cool, I'm not afraid of the overall work involved. Any help would be greatly appreciated. David Morse --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.642 / Virus Database: 410 - Release Date: 3/24/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc vampire case sensitivity problem
On Thu, 2004-03-25 at 16:47, Ed Ravin wrote: On Fri, Mar 26, 2004 at 10:39:16AM +1100, Daniel Kasak wrote: Interesting. I remember have case sensitivity problems ( among others ) when using 'net rpc vampire' with 3.0.1-rc-something. Actually I had such a hard time that I decided to hold off until the process went a little smoother. Yeah I also remember hand-editing /etc/passwd entries ( sometimes unsucessfully - I rooted some guy's account good ! ). Have there been any bug fixes to the 'vampire' function since 3.0.1? Craig's post suggests that this isn't a bug, just a difference between Unix and NT. I suppose you could rename the NT users to all lower case before migrating, that should make things go smoother. In my case, I really didn't want to migrate all the users, just some of them, but net rpc vampire doesn't give you a choice, it's all or nothing. Here's a thought: how about an option to the vampire to spit out commands to import the users rather than doing it itself. Then you could save the output, edit it if needed for case problems or removing users that you don't want to import, then run it. The only catch is that some of the backend data isn't accessible via pdbedit - in particular, you can't provide the password hash or the Unix username. Easy enough to fix. It would also be nice if you could tell pdbedit not to check for the existence of a Unix user before creating an account, i.e. trust me I'll add it later. Personally, I think this is the best idea of all, but of course, I have no way of knowing how difficult this would be to accomplish since it is samba that connects with the net rpc vampire and the concept of putting the hashed password into a file is not exactly a secure one. Perhaps we should bugzilla it as a feature request. Anyway, this is the procedure I used to 'migrate' my /etc/passwd, /etc/group/ /etc/services /etc/protocols /etc/hosts into ldap and I found it extremely useful, editable and repeatable which allowed me to wipe out my ldap db's and start over until I got exactly what I wanted from the net rpc vampire - MANY MANY tries. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Roaming Profiles with WinXP and Samba PDC
On Fri, 26 Mar 2004, John H Terpstra wrote: On Thu, 25 Mar 2004, Alex Forrow wrote: Unless I'm mistaken this is just a typo: logon path = \\L%\profiles\%U Surely 'L%' should be '%L'? Correct. Would testparm pick this up? Probably not Testparm does not psycho-analyze the intent of the administrator to this extent. :) It assumes that the path specified is valid. - John T. Neither does it check the Linux/Unix directory access permissions for the chain of subdirectories that contain the directory which you identify as the profiles share in smb.conf. -- *** .~. Jerry Winegarden / v \ OIT/Technical Support, Duke University /( _ )\ [EMAIL PROTECTED], http://www-jerry.oit.duke.edu ^ ^ *** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems installing SAMBA
Dear All, following the instructions in the manual ,HOWTO , written by David Lechnyr, arriving at the point ./configure --prefix=/usr --localstatedir=/var --with-configdir=/etc/samba --with-privatedir=/etc/samba/private --with-lockdir=/var/lock --with-piddir=/var/run --with-logfilebase=/var/log --with-smbmount --with-utmp --with-syslog checking for gcc... no checking for cc... no checking for cc... no checking for cl... no configure: error: no acceptable C compiler found in $PATH What happen? Thanks in advance Paolo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems installing SAMBA
Looks like none of the compilers are on your path or they are not installed. Have you compiled stuff before? What OS are you using? Try the following (This is on Solaris 9 just in case you wonder why cc is in /opt/SUNWpro/bin :) math209:/home/dijuremo % which gcc /usr/local/bin/gcc math209:/home/dijuremo % which cc /opt/SUNWspro/bin/cc math209:/home/dijuremo % which TEST_DOES_NOT_EXIST TEST_DOES_NOT_EXIST: Command not found. If you get command not found then you need to make sure you have a compiler installed and you have the PATH set to include the location of the binarie: In tcsh: setenv PATH /usr/bin:/urs/local/bin:/opt/local/bin:/path/to/your/other/bin/directories In bash: export PATH=/usr/bin:/urs/local/bin:/opt/local/bin:/path/to/your/other/bin/directories HTH, Diego On Fri, 26 Mar 2004, gils wrote: Dear All, following the instructions in the manual ,HOWTO , written by David Lechnyr, arriving at the point ./configure --prefix=/usr --localstatedir=/var --with-configdir=/etc/samba --with-privatedir=/etc/samba/private --with-lockdir=/var/lock --with-piddir=/var/run --with-logfilebase=/var/log --with-smbmount --with-utmp --with-syslog checking for gcc... no checking for cc... no checking for cc... no checking for cl... no configure: error: no acceptable C compiler found in $PATH What happen? Thanks in advance Paolo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: unknown
From: [EMAIL PROTECTED] Subject: Férias Olá. Neste momento encontro-me de férias por questões de saúde. Alguma urgência será respondida. Os restantes mails como entenderá poderam demorar um pouco a ser respondidos. Até lá Melhores cumprimentos: Ciberjohn Original Message reply -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] XP gives Access denied for domain logon
I tried adding the SIGN-OR-SEAL patch (WinXP_SignOrSeal.reg - thanks Sascha), but I still get the same Access Denied when I try to change from Workgroup to Domain, and log on from my desktop machine. I've also tried to log on with the new user (frode) from my laptop, but get the message: A device attached to the system is not functioning. As I wrote earlier I have a working another domain user (anna) on the laptop, but am unsuccessful in adding more. Any more suggestions? Could it be something with using a samba-command to add the machine? Frode System Administrator |-Original Message- |From: [EMAIL PROTECTED] [mailto:samba- |[EMAIL PROTECTED] On Behalf Of Radio Gong 2000 |GmbH Co. KG [Technik] |Sent: 26. mars 2004 10:29 |To: [EMAIL PROTECTED] |Subject: Re: [Samba] XP gives Access denied for domain logon | |Did you apply the SIGN-OR-SEAL-Patch for the registry? | |Am Freitag, 26. März 2004 10:21 schrieb Frode Lillerud: | Samba 3.0.2a-Debian | | I have a somewhat working PDC server, but have some difficulties adding | more users. I managed to create a user, anna, a couple of days ago, it | she works fine from my wireless laptop. | | To sort out some problems I have with the logon.bat script [see | sambalist Netlogon script executes randomly], I am also including my | desktop computer to the domain. | | I've run the following commands on the server: | useradd -m -k /home/samba/skeleton/ -d /home/samba/frode -g users -s | /bin/false frode | and | smbpasswd -a frode | and | net groupmap modify ntgroup=Domain Users unixgroup=users | | When I switch the XP computer from workgroup to domain I get a popup box | for username/password for the domain. Here I write username frode, and | the password I set with smbpasswd. | | XP responds with a Access denied message. | | The samba logfile says: | [2004/03/26 10:16:02, 2] auth/auth.c:check_ntlm_password(305) | check_ntlm_password: authentication for user [frode] - [frode] - | [frode] succeeded | [2004/03/26 10:16:03, 2] | rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) | Returning domain sid for domain ISENGARD - | S-1-5-21-2641962930-4089608471-2571597100 | [2004/03/26 10:16:03, 2] | rpc_server/srv_samr_nt.c:access_check_samr_object(93) | _samr_open_domain: ACCESS DENIED (requested: 0x0211) | [2004/03/26 10:16:03, 2] | rpc_server/srv_samr_nt.c:_samr_lookup_domain(2461) | Returning domain sid for domain ISENGARD - | S-1-5-21-2641962930-4089608471-2571597100 | [2004/03/26 10:16:03, 2] | rpc_server/srv_samr_nt.c:access_check_samr_function(115) | _samr_create_user: ACCESS DENIED (granted: 0x0201; required: | 0x0010) | [2004/03/26 10:16:03, 2] smbd/server.c:exit_server(558) | Closing connections | | My smb.conf: | # Setting up Samba 3.0 as a Primary Domain Controller | | [global] | # Server settings | netbios name = sauroman | workgroup = ISENGARD | server string = Testing PDC | security = user | # guest account = smbguest | encrypt passwords = yes | | # PDC settings | domain logons = yes | logon script = newlog.bat | | # Browser and WINS settings | domain master = yes | local master = yes | preferred master = yes | os level = 255 | wins support = yes | | # Other services | time server = yes | | # Debugging and Logging | log level = 2 | log file = /tmp/samba_%m.log | max log size = 1000 #1MB | debug timestamp = yes | syslog = 1 | | [netlogon] | path = /var/lib/samba/netlogon | browseable = yes | writable = yes # set this to no again! | | [homes] | comment = Home for %u | writeable = yes | browseable = no | ; map archive = yes ;? | |-- |Mit freundlichen Grüssen | |Sascha Bieler |___ |Radio Gong 2000 GmbH Co. KG |Sascha Bieler |Technischer Leiter |Franz-Joseph-Strasse 14 |80801 München | |Tel.: +49 89 38 166 181 |Fax.: +49 89 38 166 180 |-- |To unsubscribe from this list go to the following URL and read the |instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] nmbd dying
nmbd has been dying on me occasionally. I'm running mandrake 9.2 with
samba3-server-3.0.0-2mdk. We've got our users in ldap but I'd seen this
symptom previously when I was using an earlier version of samba that didn't
support ldap. There is nothing useful in the logs and a PS shows a nmb
process still running.
This last time around, I had a ptrace running on both nmbd processes and found
that the parent process was the one still running, but the child process
had died. Here's the end of the ptrace of the child:
poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(9, FIONREAD, [81])= 0
recvfrom(9, \t\1\201\200\0\1\0\2\0\0\0\0\vBORDER-ACCT\tbordere..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)}, [16]) = 81
close(9)= 0
write(5, BORDER-ACCT\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 88) = 88
read(6, ACCTMAX\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 88) = 88
open(/etc/hosts, O_RDONLY)= 9
fcntl64(9, F_GETFD) = 0
fcntl64(9, F_SETFD, FD_CLOEXEC) = 0
fstat64(9, {st_mode=S_IFREG|0644, st_size=154, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(9, # Generated automatically from h..., 4096) = 154
read(9, , 4096) = 0
close(9)= 0
munmap(0x40018000, 4096)= 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 9
connect(9, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)},
28) = 0
send(9, \t\2\1\0\0\1\0\0\0\0\0\0\7ACCTMAX\tborderent\3c..., 39, 0) = 39
gettimeofday({1080304120, 623860}, NULL) = 0
poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(9, FIONREAD, [55])= 0
recvfrom(9, \t\2\201\200\0\1\0\1\0\0\0\0\7ACCTMAX\tborderent\3c..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)}, [16]) = 55
close(9)= 0
write(5, ACCTMAX\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 88) = 88
read(6, BARBARA3\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 88) = 88
open(/etc/hosts, O_RDONLY)= 9
fcntl64(9, F_GETFD) = 0
fcntl64(9, F_SETFD, FD_CLOEXEC) = 0
fstat64(9, {st_mode=S_IFREG|0644, st_size=154, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40018000
read(9, # Generated automatically from h..., 4096) = 154
read(9, , 4096) = 0
close(9)= 0
munmap(0x40018000, 4096)= 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 9
connect(9, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)},
28) = 0
send(9, \t\3\1\0\0\1\0\0\0\0\0\0\10BARBARA3\tborderent\3..., 40, 0) = 40
gettimeofday({1080325192, 628139}, NULL) = 0
poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(9, FIONREAD, [40])= 0
recvfrom(9, \t\3\205\203\0\1\0\0\0\0\0\0\10BARBARA3\tborderent\3..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)}, [16]) = 40
close(9)= 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 9
connect(9, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)},
28) = 0
send(9, \t\4\1\0\0\1\0\0\0\0\0\0\10BARBARA3\10trinsics\3c..., 39, 0) = 39
gettimeofday({1080325192, 680132}, NULL) = 0
poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(9, FIONREAD, [39])= 0
recvfrom(9, \t\4\205\203\0\1\0\0\0\0\0\0\10BARBARA3\10trinsics\3c..., 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)}, [16]) = 39
close(9)= 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 9
connect(9, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)},
28) = 0
send(9, \t\5\1\0\0\1\0\0\0\0\0\0\10BARBARA3\0\0\1\0\1, 26, 0) = 26
gettimeofday({1080325192, 698896}, NULL) = 0
poll([{fd=9, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
ioctl(9, FIONREAD, [26])= 0
recvfrom(9, \t\5\205\203\0\1\0\0\0\0\0\0\10BARBARA3\0\0\1\0\1, 1024, 0,
{sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr(127.0.0.1)}, [16]) = 26
close(9)= 0
rt_sigprocmask(SIG_BLOCK, [PIPE], [FPE USR2], 8) = 0
getpid()= 15056
geteuid32() = 0
getpid()= 15056
geteuid32() = 0
time(NULL) = 1080325192
write(8, 0o\2\1\4cj\4\34ou=Hosts,dc=borderent,d..., 113) = 113
select(1024, [8], [], NULL, NULL) = 1 (in [8])
read(8, , 8) = 0
write(8, 0\5\2\1\5B\0, 7) = -1 EPIPE (Broken pipe)
shutdown(8, 2 /* send and receive */) = -1 ENOTCONN (Transport endpoint is not
connected)
close(8)= 0
time([1080325192]) =
[Samba] Cluster Samba print servers
Hello there, I've asked this question before but unfortunately I haven't recieved any responses (except one asking that if the answer was found that it be shared with the list). Basically, I want to load balance SAMBA print servers (or use Veritas's VCS to cluster two Nodes with SAMBA.)These will be replacement servers for our windows 2000 print servers and will be serving our windows printing clients. I have two sun V 480 servers running Solaris 8. That's all I have. Just looking for a how to, some success stories, a that can't be done statementJust looking for some feedback. Thanks, Tim - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Cluster Samba print servers
I should add that we have no intention of using these servers for file sharing (except for the hidden print$ share). These are strictly print servers. I noticed Red Hat Cluster Manager states it doesn't support failover of printer shareshow come? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] home - own - profile
hello I did set up an PDC and its working fine only it set windows own data path same as unix home path for user so I had all data in unix homeoath of the user I changed [homes] path = /home/%U/own now the profile path is in /home/'username'/own/profile but what I wish to get is a structure on the linux mashine like this /home/'username'/own /home/'username'/profile I tryed [global] logon path = \\%N\%U\profile but same than I tryed [global] logon path = \\%N\profile [profile] path = /home/%u/profile but always the same someone an idea how to work out? thanks in advance Björn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Standard procedure for changing smb.conf
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is the standard procedure for making edits of smb.conf take hold? For example, what I'm seeing is a share that has given R/W access to a user named Tom, when I change Tom to read only, he is still able to write to that share until I stop Samba and restart it. The documentation seems to refer to a 1 minute reread of smb.conf, but I don't seem to see that taking hold. Thank you! - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAZIve2dxAfYNwANIRAiH6AJ9HSZ6KlzBQYA+bZPjNeGTW5HH9+gCeOm/3 OLLvb9WyE2kyR+BJt6l712U= =OBG+ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Standard procedure for changing smb.conf
Sometimes you need to reboot the workstation to flush it's cached data. Tom Dickson ([EMAIL PROTECTED]) wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is the standard procedure for making edits of smb.conf take hold? For example, what I'm seeing is a share that has given R/W access to a user named Tom, when I change Tom to read only, he is still able to write to that share until I stop Samba and restart it. The documentation seems to refer to a 1 minute reread of smb.conf, but I don't seem to see that taking hold. Thank you! - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAZIve2dxAfYNwANIRAiH6AJ9HSZ6KlzBQYA+bZPjNeGTW5HH9+gCeOm/3 OLLvb9WyE2kyR+BJt6l712U= =OBG+ -END PGP SIGNATURE- -- Assured Computing, Inc. When you need to be sure. http://www.assuredcomp.com/ P.O. Box 40814 Eugene, OR 97404 Voice - 541-868-0331 FAX - 541-463-1627 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RID to SID Bug? Share ACL Access Denied
Hello, I have been trying to work through an Access Denied problem and have found that the user rid is not getting mapped properly. I have yet to figure out where the assigned rid is coming from, but I know is that is incorrect. In the log (level 10) for the connecting computer, I see: pdb_set_user_sid_from_rid: setting user sid S-1-5-21-74637098-2648309090-13861X-21006 from rid 21006 There are two problems here. One the rid should be 1586 as verified with rpcclient. Also the remainder of the sid does not match the W2K ADS domain the samba server has been joined to. Instead it is the SID of the domain for the samba server as verified with net getlocalsid: SID for domain SAMBASERVER is: S-1-5-21-74637098-2648309090-13861X net ads status shows the SID for the SAMBASERVER: distinguishedName: CN=sambaserver,CN=Computers,DC=domain,DC=com objectSid: S-1-5-21-1202660629-1292428093-18016X-1588 The Winbind log shows the correct lookup of the user and sid from the W2K ADS domain. Since the sid doesn't actually represent the user, the share acl's do not match and causes denial to the share. Tdbdump of the winbindd_idmap.tdb shows the user's UID and actual SID. The UID matches what is listed using getent passwd. The commands wbinfo, getent, smbclient -k all work. I can kinit a user and access Windows shares from the Samba server, but users cannot connect to the Samba server by name from a Windows client. They can access by ip address, but as I understand it, that method does not use kerberos. This is 3.0.2a-1 on Redhat 9.0 with security = ADS. I have searched the Samba list archives and read man pages and the HOWTO, but haven't been able find an answer to why this is happening. Any help would be greatly appreciated. Thank you, Steve Aden Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Opinions, conclusions and other information contained in this message that do not relate to official business shall be understood as neither given nor endorsed by ITS -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Connection reset by peer / The network is busy
I have seen posts concerning this in the archives, but with no real solution. I've seen it first-hand twice now. I am running Debian Woody, with us3.samba.org's Samba 3 sources added to my apt-sources. 3.0.2a was the first version of Samba installed. The SMB.conf is used off of a previous Test system, then updated to reflect changes in the network as it stands now. The server is fairly bare, with just minimal packages installed. It's only use is for file-sharing and one Access database sharing. (Soon it will also host a MySQL database, hence the horsepower.) It is on a Tyan 2880S motherboard with dual Broadcom GbE ethernet cards, TG3 module. Kernel is 2.4.25-K7-SMP custom, Samba is 3.0.2a I went to copy files over from our old server to the new one via the network... System 1 (pdr, Win98SE) Select files, copy, select new directory on new server, paste. Files copy, re-map network drive, everything's happy. System 2 (My computer, Win2k Pro) Same as above. Slower because my laptop is a piece of garbage, but it's always been that way, even copying local to server. System 3 (Server, Win2k Pro) Same as above for programs share, used for network copies of various programs we use. (ACT, MS Office, etc.) 5.7GB worth of information. Was doubling as a test to make sure the two systems can see each other, as the old server will be used as a jury-rigged nightly-updated mirror in case of panic. System 4 (lab, Win98SE, Via Rhine II NIC) Same as above. Gets about 1/2 way through copying files (800MB of Excel files), and the following occurs: Client beeps: Cannot create or replace [filename]: The network is busy. Server log: [2004/03/26 15:06:23, 0] lib/util_sock.c:read_socket_data(342) read_socket_data: recv failure for 4. Error = Connection reset by peer At which point, the client needs to be completely rebooted before it will re-connect to the server. Added the new server to the WINS list of the client, and started using a domain logon. Error persisted. On this last try, I decided to monitor the progress with smbstatus while the files copied over. First time I ran smbstatus, the client beeped, and the error occured immediately, much sooner in the process than normal. I've tried everything I can think of. We don't have problems of this nature with that system connecting to the old server (Win2k Pro. We were a tiny company then.) I would just break it up into smaller sections, but I would rather fix the problem than workaround if possible. Right now I'm moving over less-used information. However, we are stretching the limits of the old server rapidly, and need to finish the transition soon. The last time I noticed this problem was using Samba 2.999 on Xandros 1.0. Same network, using it as a testbed. Reformatting the system and re-installing Xandros from scratch worked like a charm. Purge / re-install of Samba did not. However, at this point a purge/reinstall of the OS is not an option. Going back to Xandros is also not an option, as it was causing other problems. Also, last time stress-testing Samba by streaming an MP3/OGG playlist would cause this several times a day. I tried the same earlier with no problems from pdr. I'm not ruling out a network problem, but it would be nice to find out more about the specific error so I know where to focus my troubleshooting. ***Begin smb.conf*** [global] workgroup=DM.NET server string=%h server (Samba %v) load printers=no printcap name=cups printing=cups print command=lp -d %p %s; rm %s # invalid users=root log file=/var/log/samba/log.%m max log size= syslog=0 security=USER encrypt passwords=yes socket options=TCP_NODELAY dns proxy=no passwd program=/usr/bin/passwd %u passwd chat=*EntersnewsUNIXspassword:* %nn *RetypesnewsUNIXspassword:* %nn . obey pam restrictions=yes preserve case=yes case sensitive=no short preserve case=yes os level=65 domain master=yes prefered master=yes wins support=yes local master=yes domain logons=yes name resolve order=lmhosts wins bcast host add user script=/usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u veto oplock files=/*.mdb/*.xls/*.mp3/*.ogg/ passdb backend = tdbsam guest username map = /etc/samba/users.map interfaces = eth0 [lab] public=no browseable=yes path=/shared/lab writeable=yes write list=[userlist removed] valid users=[userlist removed] max connections=0 available=yes create mask=0666 directory mask=0777 Chad Vincent Owner RhiannonWEB Phone: 330-283-4681 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Changing permissions on shared directory
To Whom it May Concern I am a linux newbie and need some help with my installation of Samba on Mandrake 9.2. Below is a copy of the smb.conf file global] workgroup = PDC_A server string = Samba Server %v printcap name = cups load printers = yes printing = cups printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 map to guest = bad user security = domain password server = * encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd winbind uid = 1-2 winbind gid = 1-2 winbind separator = + winbind use default domain = yes template homedir = /home/%D/%U socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = no [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no At the moment we have a NT4.0 server that is our file server as well as our PDC. I am trying to introduce the Samba server to take over the file and print share role. I have managed to set it to to where I can see both the individual shares as well as the public dir. but at intermittent times the permissions on the /home/public directory change. I have to use chmod 777 /home/public to allow users to see the directory. How do I stop the permissions changing once I open up that directory for all users to read and write to it? Regards Tony From the desk of.. Tony Branco NRG Industries 2405 McIver Lane Carrollton Texas 75006 Tel: 972 247 7447 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't re-add NT box to domain
While I wait for an answer to my last question, allow me to ask another. When we upgraded a samba server from 2.x to 3.0.0-2mdk using LDAP, we managed to change the domain SID. Instead of fixing the SIDs on the sever, I re-added the hosts to the domain. Although it was a lot of work, it was successful on most of the systems on the network. However, we have one old NT4 box on the network which will not rejoin the domain. Instead it reports: This computer name is already configured as a domain controller on the domain. We've deleted and re-added the user object for the machine several times. This is what it currently looks like: [EMAIL PROTECTED] samba3]# pdbedit3 -u ntbox$ -v Unix username:ntbox$ NT username: ntbox$ Account Flags:[ ] User SID: S-1-5-21-3970570929-2603547963-1902127304-2152 Primary Group SID:S-1-5-21-3970570929-2603547963-1902127304-513 Full Name:nt computer Home Directory: \\border\ntbox_ HomeDir Drive:U: Logon Script: login.bat Profile Path: \\border\profiles\ntbox_ Domain: BORDERENT Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 21:14:07 GMT Kickoff time: Mon, 18 Jan 2038 21:14:07 GMT Password last set:0 Password can change: 0 Password must change: Mon, 18 Jan 2038 21:14:07 GMT I'm suspecting that the old SID is cached on the NT box somewhere, probably in the registry, but I have no idea where to look. Any ideas? Chris -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ Trinsic Solutions http://www.trinsics.com 1611-B West 6th Street Austin, TX 78703-5074 512-322-0180 If you don't apply what you've learned, you haven't learned anything. pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0 2003 Active Directory Native Mode
hi, i did make it work, i use winbind to validate users on my ADS in native and mixed mode all i have to do is give config the smb.conf and then follow the steps on the manual. if you need more info just tellme and i put the files for you see ya!! On Friday 26 March 2004 08:39, Scott Moseman wrote: Exactly the question that I am trying to get answered, too. What I was able to accomplish: I setup Samba 3.0.2a and it was able to see the AD (users/groups) and join into the AD. BUT... I was not able to get people to authenticate against Samba. I kept getting a Kerberos ticket error, and I tried several configs that I found through Google, none worked. I am in the process of re-installing my AD (lab setup) into Mixed Mode to see if Native Mode was my problem. It seems as though finding a straight answer to this ? is not easy! Thanks, Scott Moseman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Morse Sent: Friday, March 26, 2004 10:22 AM To: [EMAIL PROTECTED] Subject: [Samba] Samba 3.0 2003 Active Directory Native Mode Does Samba 3.0.2a release integrate with Windows Active Directory running in 2003 Native Mode? The situation is that two corporate departments are joining their network infrastructure. One department runs several Samba 2.2 servers and the other is a 2003 Native Mode Active Directory. I understand that if you upgrade to Samba 3.0 this supports Windows 2000 AD, but it is unclear to me if Samba will integrate seamlessly with 2003 Native Mode AD environment. I'm looking for a straight forward non biased, no BS answer. If it works cool, I'm not afraid of the overall work involved. Any help would be greatly appreciated. David Morse --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.642 / Virus Database: 410 - Release Date: 3/24/2004 -- -- Ing. Daniel Magaa Molina Gnovus Networks Software www.gnovus.com [EMAIL PROTECTED] Merida, Yuc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbindd/Samba3 on RHEL 3.0 [RESOLVED]
on your smb.conf put this encrypt passwords = yes becouse you are sending the pass on a plain text format On Friday 26 March 2004 07:21, Chris Purcell wrote: Samba 3.0.2 Red Hat Enterprise Linux ES 3.0 I'm trying to set up winbind and all of the wbinfo commands are failing. I was able to join the domain with this command... [EMAIL PROTECTED] samba# net join -S typhoon -U Administrator Administrator password: [2004/03/25 16:53:46, 0] libads/kerberos.c:ads_kinit_password(133) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot find KDC for requested realm Joined domain FOO. ...but all of the wbinfo commands fail.. [EMAIL PROTECTED] samba# wbinfo -u Error looking up domain users [EMAIL PROTECTED] samba# wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc233) Could not check secret [EMAIL PROTECTED] samba# wbinfo -a jdoe%password plaintext password authentication failed error code was NT_STATUS_NO_SUCH_USER (0xc064) error messsage was: No such user Could not authenticate user jdoe%password with plaintext password challenge/response password authentication failed error code was NT_STATUS_NO_LOGON_SERVERS (0xc05e) error messsage was: No logon servers Could not authenticate user jdoe with challenge/response getent passwd and getent group DO work though. I've done this before in the past on Red Hat 9 machines and it worked everytime. Maybe this problem has something to do with the fact that this server is on a different subnet from the domain controllers? Thanks, Chris I fixed this problem by running this command... net rpc join -U Administrator Before that, I was using net join -S PDC -U Administrator, which seemed to work, but didn't. Can someone please tell me why this worked to begin with? I'm not sure what the difference is. Thanks, Chris -- -- Ing. Daniel Magaña Molina Gnovus Networks Software www.gnovus.com [EMAIL PROTECTED] Merida, Yuc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] pam_smbpass on HP-UX 11i
I have been trying to use the PAM module for password syncing on HP-UX 11i. I am using the 3.0.2a source distribution, and when built, I get the following error upon access of the module: Mar 26 15:37:07 beta syslog: load_modules: can not open module /usr/lib/security/pam_smbpass.sl ...the module is there, so that is not the issue. I believe I had this problem with an older v3.x source distribution, but as I recall, I built --without-ads to turn off the krb5 modules and everything began to work alright. Can anyone help me even figure out where to begin here or how to troubleshoot? I am using HP's AnsiC compiler package. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind + ads: only works for 10 hours?
I run FreeBSD 5.2.1 and recently configured Samba 3.0.2a (from ports)
for ADS using the FreeBSD-bundled krb5 (Heimdal 0.6, I believe) and
OpenLDAP 2.1.28 (from ports). It is setup to authenticate off a Windows
2000 Domain Controller and is primarily used to provide proxy
authentication for Squid. I will share more about my configuration if
asked, but as it works flawlessly at first I think it's something minor.
Everything works quite well until 10 hours after winbindd was started.
Then requests get denied. I set up a cron job to demonstrate this. The
cron job just logs the time and the output of wbinfo -t every five
minutes:
**
started winbindd
2004/03/26 02:50:00| checking the trust secret via RPC calls succeeded
2004/03/26 02:55:00| checking the trust secret via RPC calls succeeded
snip
2004/03/26 12:45:00| checking the trust secret via RPC calls succeeded
2004/03/26 12:50:00| checking the trust secret via RPC calls failed
error code was NT_STATUS_ACCESS_DENIED (0xc022)
Could not check secret
2004/03/26 12:55:00| checking the trust secret via RPC calls failed
error code was NT_STATUS_ACCESS_DENIED (0xc022)
Could not check secret
**
Some research showed this was probably kerberos tickets expiring or not
being renewed. I looked up the ticket lifetimes for Windows 2000 and
plugged those into my krb5.conf (hostnames changed):
**
$ less /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5.log
[libdefaults]
default_realm = EXAMPLE.ORG
default_etypes = des-cbc-crc
default_etypes_des = des-cbc-crc
ticket_lifetime = 36000
renew_lifetime = 604800
[realms]
EXAMPLE.ORG = {
kdc = dc1.example.org
kdc = dc2.example.org
admin_server = dc1.example.org
default_domain = example.org
}
[domain_realms]
.example.org = EXAMPLE.ORG
example.org = EXAMPLE.ORG
**
I then tested whether renewing worked (hostnames changed):
**
$ kinit
[EMAIL PROTECTED]'s Password:
$ klist -v
Credentials cache: FILE:/tmp/krb5cc_1001
Principal: [EMAIL PROTECTED]
Cache version: 4
Server: krbtgt/[EMAIL PROTECTED]
Ticket etype: des-cbc-crc
Auth time: Mar 26 15:29:19 2004
End time: Mar 27 01:29:19 2004
Renew till: Apr 2 15:29:19 2004
Ticket flags: renewable, initial, pre-authenticated
Addresses: IPv4:10.0.0.2
$ kinit -R
$ klist -v
Credentials cache: FILE:/tmp/krb5cc_1001
Principal: [EMAIL PROTECTED]
Cache version: 4
Server: krbtgt/[EMAIL PROTECTED]
Ticket etype: des-cbc-crc
Auth time: Mar 26 15:29:19 2004
Start time: Mar 26 15:29:26 2004
End time: Mar 27 01:29:26 2004
Renew till: Apr 2 15:29:19 2004
Ticket flags: renewable, initial, pre-authenticated
Addresses: IPv4:10.0.0.2
**
In any case, I still see the exact same behavior (death after 10 hours).
There is nothing in /var/log/krb5.log. Can anyone shed some light on
this for me? I suppose I could restart winbindd every 9 hours...
Thanks,
Jon Noack
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrading LDAP entries from 2.2.7 for Samba 3 not happening
I know I'm not the only person to upgrade from 2.2.7 to 3.0. Some one PLEASE chime in. I have 600+ users coming back from spring break Monday! PLEASE PLEASE PLEASE HELP! jamie On 3/25/04 4:44 PM, jamie [EMAIL PROTECTED] wrote: We have been using samba 2.2.7 for awhile now with ldap no problem. We are ready to move to Samba 3 though, and this is where the trouble begins. We do not have a domain set up. We have a few samba boxes and they just use the ldap servers to get their passwords from. (no roaming desktops or anything like that.) I did a bit of reading up and see that I need to run the convertSambaAccount script against an ldif export. So here's what I did ldapsearch -LL -x -h localhost -D uid=root,ou=People,dc=newberg,dc=k12,dc=or,dc=us -b ou=People,dc=newberg,dc=k12,dc=or,dc=us -w old.ldif I got an ldif no problem. I don't really know what a SID is or what's it for. Something to do with having a domain (which we don't) So I try this [EMAIL PROTECTED] /]# net getlocalsid bash: net: command not found So i can't get the SID from this machine. I decide to just make one up and try that. /convertSambaAccount --input=old.ldif --output new.ldif --changetype=modify --sid=S-1-0-0 I end up with this! Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1008. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1009. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1009. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1010. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1010. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1011. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1011. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1012. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1012. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1013. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1013. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 172, GEN0 line 1014. Use of uninitialized value in concatenation (.) or string at /convertSambaAccount line 176, GEN0 line 1014. ugh! Any ideas? Thanks, Jamie -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can Desktop.ini files be made to work on samba shares?
Is it possible to make Desktop.ini files active on samba shares? Ideally I would like to do two things: 1. make certain shares display special icons Desktop.ini: [.ShellClassInfo] IconFile=C:\WINDOWS\system32\SHELL32.dll IconIndex=27 ConfirmFileOp=0 2. have exploratory texts pop-up when users explore certain shares (similar to the messages that pop up when users go to the windows directory. Desktop.ini: [.ShellClassInfo] IconFile=C:\WINDOWS\system32\SHELL32.dll IconIndex=27 ConfirmFileOp=0 InfoTip=this is a warning text Using these files on local folders works jsut fine but on a samba share I can't get it to take effect. Thanks for any help with this. Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Automount from Windows w/o logging in first?
I am trying to do something which should seem very straightforward, not to mention, not unusual for load-balanced web servers, namely: providing a faceless/login-less mounting of SMB shares from NT4 and Win2K servers. Yes, I accept that I will need to stash a plaintext login key in some script or registry key. The security impacts are acceptable. I have the latest Samba 2.2.x server, and a bunch of NT4 (soon to be Windows 2000 Server) web-servers from which I'd like to serve IISROOT directories residing on a samba share. I've tried NTResKit srvany.exe'ing a net use command and lots of other hacks to wire in a service which provides a complete net use W: \\server\WEB\ webpassword /user:weblogin sort of thing. No dice. Soo how DO you automatically mount shares without having to login at the console, so that IIS/Cold-Fusion can serve content out of the Samba share? Thanks! M.B. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Réf. : [Samba] add machine script wont add Postfix account
On Fri, Mar 26, 2004 at 04:14:27PM +0100, [EMAIL PROTECTED] wrote: I have the same problem with my PDC. Work fine: Modify the script for add samba attribute ( three lines) Execute manually the entry (with smbldap-useradd.pl -w machine1) Try to join the domain Don't work : Samba call the smbldap-useradd -w %u and the script is not modified. How about this: add machine script = smbldap-useradd -w %u (i.e. add the quotes, shouldn't matter but it sometimes does) Also, try adding the commands below near the top of your add machine script: exec /tmp/smbldap.debug 21 set -x And see what turns up in the debug file the next time you try to add a machine. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0 2003 Active Directory Native Mode
First i must say that i use SuSE 9.0 so i download the rpm's for SuSE libsmbclient-3.0.2a-30.i586.rpm libsmbclient-devel-3.0.2a-30.i586.rpm samba3-3.0.2a-30.i586.rpm samba3-client-3.0.2a-30.i586.rpm samba3-doc-3.0.2a-30.i586.rpm samba3-winbind-3.0.2a-30.i586.rpm and i got a GUI ksambaplugin-0.5-1.i386.rpm then i put this on my smb.conf [global] winbind separator = + winbind cache time = 10 winbind uid = 1-2 winbind gid = 1-2 template homedir = /home/winnt/%D/%U template shell = /bin/bash workgroup = THO security = domain restrict anonymous = no domain master = no preferred master = no max protocol = NT ldap ssl = No server signing = Auto encrypt passwords = yes add user script = /usr/sbin/useradd -d /home/winnt/%D/%U -s /bin/false -M %U #--end globals then you havee to start your samba server rcsmb start and then start the winbind server winbindd and the you just have to join the domain net rpc join -U Administrator%password now you can try to reed the user list from the win server wbinfo -u or the group list wbinfo -g if evreriting goes ok so far you can import the users from the server getent passwd and the groups getent group so far you already got the users an groups list from the win server, now you have to create the service in this case i will put the ssh daemon to validate users the file /etc/pam.d/sshd shuld look like this #%PAM-1.0 auth sufficient /lib/security/pam_winbind.so account sufficient /lib/security/pam_winbind.so password sufficient /lib/security/pam_winbind.so session sufficient /lib/security/pam_winbind.so session required pam_unix2.sonone # trace or debug session required pam_limits.so # Enable the following line to get resmgr support for # ssh sessions (see /usr/share/doc/packages/resmgr/README.SuSE) #session optional pam_resmgr.so fake_ttyname and thast is all, if you need more inf. just let me know On Friday 26 March 2004 08:22, David Morse wrote: Does Samba 3.0.2a release integrate with Windows Active Directory running in 2003 Native Mode? The situation is that two corporate departments are joining their network infrastructure. One department runs several Samba 2.2 servers and the other is a 2003 Native Mode Active Directory. I understand that if you upgrade to Samba 3.0 this supports Windows 2000 AD, but it is unclear to me if Samba will integrate seamlessly with 2003 Native Mode AD environment. I'm looking for a straight forward non biased, no BS answer. If it works cool, I'm not afraid of the overall work involved. Any help would be greatly appreciated. David Morse Network Administrator Purchaser (703) 904-3132 (571) 214-7098 TREEV, LLC 13454 Sunrise Valley Drive Suite 400 Herndon,Va 20171 -- -- Ing. Daniel Magaña Molina Gnovus Networks Software www.gnovus.com [EMAIL PROTECTED] Merida, Yuc. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0 2003 Active Directory Native Mode
Well, my Red Hat box is joined to the AD and I am able to login to my box using AD accounts. They are both talking. My problem is that I cannot get Windows clients to see the Samba shares without getting a Access denied message, in the logs it shows a bunch of Kerberos/ticket errors. I am running krb5 1.2.4 and it appears that it is going to be too much of a pain to upgrade to 1.3 without just going to a new version of Red Hat (maybe Fedora, I guess). That is going to be my next step, download and install Fedora. Thanks, Scott Moseman -Original Message- From: [EMAIL PROTECTED] Sent: Friday, March 26, 2004 5:20 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Samba 3.0 2003 Active Directory Native Mode hi, i did make it work, i use winbind to validate users on my ADS in native and mixed mode all i have to do is give config the smb.conf and then follow the steps on the manual. if you need more info just tellme and i put the files for you see ya!! On Friday 26 March 2004 08:39, Scott Moseman wrote: Exactly the question that I am trying to get answered, too. What I was able to accomplish: I setup Samba 3.0.2a and it was able to see the AD (users/groups) and join into the AD. BUT... I was not able to get people to authenticate against Samba. I kept getting a Kerberos ticket error, and I tried several configs that I found through Google, none worked. I am in the process of re-installing my AD (lab setup) into Mixed Mode to see if Native Mode was my problem. It seems as though finding a straight answer to this ? is not easy! Thanks, Scott Moseman -Original Message- From: [EMAIL PROTECTED] Sent: Friday, March 26, 2004 10:22 AM To: [EMAIL PROTECTED] Subject: [Samba] Samba 3.0 2003 Active Directory Native Mode Does Samba 3.0.2a release integrate with Windows Active Directory running in 2003 Native Mode? The situation is that two corporate departments are joining their network infrastructure. One department runs several Samba 2.2 servers and the other is a 2003 Native Mode Active Directory. I understand that if you upgrade to Samba 3.0 this supports Windows 2000 AD, but it is unclear to me if Samba will integrate seamlessly with 2003 Native Mode AD environment. I'm looking for a straight forward non biased, no BS answer. If it works cool, I'm not afraid of the overall work involved. Any help would be greatly appreciated. David Morse -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Finding users in trusting/trusted domains
We're currently migrating from Exchange 5.5 to Exchange 2003. Exchange 5.5 is in a Samba3 domain (DOM1), and Exchange 2003 is in a 2000 mixed-mode domain (DOM2), and trusts are active in both directions. Part of the process requires that we grant users in the DOM2 domain admin rights to the LDAP server on the Exchange server in DOM1. When we try, we're able to browse the DOM2 userlist and select the users, but when we hit 'apply' the username changes from 'DOM2\exchange' to '\Unknown Account'. Samba logs the following: [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam(288) Finding user DOM2\exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(223) Trying _Get_Pwnam(), username as lowercase is dom2\exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(230) Trying _Get_Pwnam(), username as given is DOM2\exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(239) Trying _Get_Pwnam(), username as uppercase is DOM2\EXCHANGE [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(247) Checking combinations of 0 uppercase letters in dom2\exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(251) Get_Pwnam_internals didn't find user [DOM2\exchange]! [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam(288) Finding user exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(223) Trying _Get_Pwnam(), username as lowercase is exchange [2004/03/26 16:16:45, 5] lib/username.c:Get_Pwnam_internals(251) Get_Pwnam_internals did find user [exchange]! [2004/03/26 16:16:45, 5] auth/auth_util.c:fill_sam_account(975) fill_sam_account: located username was [exchange] Why is it looking for DOM2 users internally? Shouldn't it contact the DC for DOM2 instead? -- Michael D. Jurney [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net rpc vampire case sensitivity problem
On Thu, 2004-03-25 at 16:34, Ed Ravin wrote: We just migrated a small network from a Win2K PDC to Samba, using net rpc vampire into a tdbsam backend on a Samba 3.0.2a Linux box. One of the users, let's call him Jon Harker, had the NT username JHarker. When we ran pdbedit -v jharker, we saw this: Unix username:JHarker NT username: JHarker Well, that looks wrong - the NT username can be mixed case for all I care, but shouldn't the Unix name be all lower case? The rule I've been working with is that they must be in the same case. The reason is simple - it is a matter of performance. There were times that we allowed usernames to differ in case, but we make the lookup from passdb - getpwnam() quite often, so I decided that as we always add the username in the 'right' case, and that we should trust that case when looking up users. (Looking up users in mixed case can cause 2+2^N getpwnam() lookups, where N is the value of 'username level'). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0 2003 Active Directory Native Mode
On Sat, 2004-03-27 at 09:22, Scott Moseman wrote: Well, my Red Hat box is joined to the AD and I am able to login to my box using AD accounts. They are both talking. My problem is that I cannot get Windows clients to see the Samba shares without getting a Access denied message, in the logs it shows a bunch of Kerberos/ticket errors. I am running krb5 1.2.4 and it appears that it is going to be too much of a pain to upgrade to 1.3 without just going to a new version of Red Hat (maybe Fedora, I guess). That is going to be my next step, download and install Fedora. That tends to be the solution - without krb5 1.3.1 there are just nasty bugs. It is meant to work, but... (And I am not a sufficient kerberos guru to understand exactly why) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind + ads: only works for 10 hours?
On Sat, 2004-03-27 at 08:42, Jon Noack wrote: I run FreeBSD 5.2.1 and recently configured Samba 3.0.2a (from ports) for ADS using the FreeBSD-bundled krb5 (Heimdal 0.6, I believe) and OpenLDAP 2.1.28 (from ports). It is setup to authenticate off a Windows 2000 Domain Controller and is primarily used to provide proxy authentication for Squid. I will share more about my configuration if asked, but as it works flawlessly at first I think it's something minor. Everything works quite well until 10 hours after winbindd was started. Then requests get denied. I set up a cron job to demonstrate this. The cron job just logs the time and the output of wbinfo -t every five minutes: I suppose I could restart winbindd every 9 hours... Fixes for this are in the current CVS tree. We now fetch a new ticket as the old ticket expires. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Machine accounts, Samba 3, NT Domain migration
On Sat, 2004-03-27 at 00:36, Beast wrote: * Andrew Bartlett [EMAIL PROTECTED] menulis: Well, congratulations. most likely you need to rejoin all of your clients before running rpc vampire. After this step is complete, you can then login from client to samba domain without rejoining again. You should *never* have to rejoin clients. Ever. That is the point of a vampired system. If there are situations where you do have to rejoin Andrew, I'd loved to be wrong here, but i'm afraid not. I've just vampiring again using latest smbldap script, but it still has weird results. Here's the summary, comparing pwdump.exe result vs rpc vampire: 1. Machine has valid passwords (NT+LANMAN) in PWDUMP but only 1 NThash on rpc-Vampire, passwd is different. 2. Valid PWD, only NThash on VMP, but NTHASH in VMP is *same* as LANMANHASH in PWD. 3. No valid hash in PWD (only ), but has valid NTHASH in VMP. 4. Valid PWD, valid VMP and both are same. On rpc-vampire, from total of 638 machine, 448 are only having NTpassword hash entry. Is it ok for machine account to have only one hash? (i can not try it right now because the site is on another city). Only the NT password matters, except on 3.0.2 and 3.0.2a. Later CVS fixed an issue where the NT password not being present caused a bug (account would be marked disabled). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrading LDAP entries from 2.2.7 for Samba 3 not happening
On Sat, 2004-03-27 at 08:47, jamie wrote: I know I'm not the only person to upgrade from 2.2.7 to 3.0. Some one PLEASE chime in. I have 600+ users coming back from spring break Monday! PLEASE PLEASE PLEASE HELP! jamie On 3/25/04 4:44 PM, jamie [EMAIL PROTECTED] wrote: We have been using samba 2.2.7 for awhile now with ldap no problem. We are ready to move to Samba 3 though, and this is where the trouble begins. We do not have a domain set up. We have a few samba boxes and they just use the ldap servers to get their passwords from. (no roaming desktops or anything like that.) I did a bit of reading up and see that I need to run the convertSambaAccount script against an ldif export. So here's what I did ldapsearch -LL -x -h localhost -D uid=root,ou=People,dc=newberg,dc=k12,dc=or,dc=us -b ou=People,dc=newberg,dc=k12,dc=or,dc=us -w old.ldif I got an ldif no problem. I don't really know what a SID is or what's it for. Something to do with having a domain (which we don't) So I try this [EMAIL PROTECTED] /]# net getlocalsid bash: net: command not found So i can't get the SID from this machine. I decide to just make one up and try that. /convertSambaAccount --input=old.ldif --output new.ldif --changetype=modify --sid=S-1-0-0 That is a *really* bad idea. There is a SID, and you can find it out. Use the 'net' command from 3.0, it does not exist in 2.2. There is also an smbpasswd option I think. If you want to keep your existing Samba 2.2 schema in LDAP, that is supported. Simply use ldapsam_compat, or configure --with-ldapsam (which enables the compatibility modes by default) If you want to move to the 3.0 schema, you will find that there is a one-domain per LDAP subtree restriction, that is, all the machines talking to those entries in LDAP must agree to be part of a single domain. Simply nominate a master box as PDC, and the rest as There is no need to have actual clients in the domain. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] FreeBSD + samba + winbind
People I'm trying to make a file server that authenticate on Primary Domain Controller NT 4.0. I've read that samba can do it, yes i could see. Unhappy i've observed that is need to create an account for each user that i want autenticate in the Samba. Searching for a solution for these, i've found that winbind can do it, ok, but i'm having some troubles running winbind to authenticate it transparently. Anyone can help me, or send-me some documentation as how to configure winbind on the FreeBSD server. I'm trying to configure pam.d and nsswitch but i dont know how to... Some Informations About My Systems: Windows NT 4.0 SP6a as Primary Domain Controller FreeBSD 5.2.1 Release Samba 3.0.2 from ports (19/03/2004) with Winbind, LDAP, krb5 ( as Heimdal ) thanks for all ¨Unix is user friendly. It's just selective about who its friends are¨ __ Acabe com aquelas janelinhas que pulam na sua tela. AntiPop-up UOL - É grátis! http://antipopup.uol.com.br/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] scandinavian letters or charset problem?
On 2004-03-26 at 08:56 +0200 Pirkka Luukkonen sent off: I tested unix charsets ascii, iso8859-1 and iso8859-15 with Samba and it did no use. I also tried win2k and nt server shares and they worked like a charm. It seems clear, that the problem I have is somewhere between Teamware Office and Samba server. Some exception that it cannot handle, perhaps. what operating system and what filesystem are you using on the server which runs Samba? Some well known filesystems are known to be broken or very fussy with non-ASCII filenames. Bjoern pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Account with no lanman hash [ was Re: [Samba] Machine accounts, Samba 3, NT Domain migration
* Andrew Bartlett [EMAIL PROTECTED] menulis: 1. Machine has valid passwords (NT+LANMAN) in PWDUMP but only 1 NThash on rpc-Vampire, passwd is different. 2. Valid PWD, only NThash on VMP, but NTHASH in VMP is *same* as LANMANHASH in PWD. 3. No valid hash in PWD (only ), but has valid NTHASH in VMP. 4. Valid PWD, valid VMP and both are same. On rpc-vampire, from total of 638 machine, 448 are only having NTpassword hash entry. Is it ok for machine account to have only one hash? (i can not try it right now because the site is on another city). Only the NT password matters, except on 3.0.2 and 3.0.2a. Later CVS fixed an issue where the NT password not being present caused a bug (account would be marked disabled). 1. In which tools we trust the output? pwdump or rpc vampire? why the output is different? 2. Is this mean I can not use 3.0.2 or 3.0.2a if I don't have LANMAN hash? Note: this 'feature' is mark as 'bug' by jerry and has been fixed. Is it safe to have NT hash only on production? http://lists.samba.org/archive/samba/2004-March/082989.html 3. Thanks. Andrew Bartlett --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Avoiding users change permissions
Hi, I finally set up samba 3 with ads, and acl support and everything works just great. The server is an AMD Duron 1200Mhz, 256Mb 266Mhz Ram, 2 ATA100 disks 10 Gb RAID1, 2 ATA133 200Gb RAID1 disks each one master on a separate ide port. Forgive my english, it's my 17th consecutive hour at work and I'm pretty tired. This server, that it's going to replace a win2k box, it's a fileserver, member of the active directory and has many shares that all users of the domain can access and modify. I would like to avoid people to accidentally change permissions, while Domain Admins should be able to do it. Here my smb.conf: [data] path = /samba/shares/data comment = data folder read only = no browseable = yes valid users = '@DOMAIN\Domain Users' create mask = 0770 directory mask = 0770 directory security mask = security mask = inherit acls = yes admin users = '@Domain Admins' In this case no one can change permissions, not even the Admins Group. If users try to do it they can only add new users to the share and finally end up being unable to get into the share again. Before bothering you with this, I red the smb.conf man but couldn't completely figure out all the parameters that decide permissions (directory mask and security mask are clear but I've seen the parameter security mode and I couldn't undestrand how to use it since the example given is to allow everyone to change permissions and I have not been able to find any other example googlingmy fault probably). I know I've been a bit confusing, but in the end I think you understood what is my goal. I'm going on experimenting and googling, but if there's anyone that already fixed this, I would really appreciate to be pointed in the right direction. (docs or whatever can help). Another couple question, I'm moving all users share 12Gb from the win2k server to samba and I'm seeing an heavy memory load while cpu is never more than 40% with an average of 10%, is it normal? here's result of free: [EMAIL PROTECTED] root]# free total used free shared buffers cached Mem: 255872 253464 2408 0 7548 90280 -/+ buffers/cache: 155636 100236 Swap: 522040 36556 485484 Last question, I can choose Fedora or Slackware 9.1 (both already set up) and choose between kernel 2.4 and 2.6 (already compiled in both distro's). Would I have any appreciable benefit from using 2.6.4 kernel (apart from ACL native support) or is better to go for a more stable 2.4 kernel? Are you still there??? Well, thanks for going this far. If anyone has any suggestion that would be very appreciated, it's my first server... Have a nice day --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.642 / Virus Database: 410 - Release Date: 25/03/2004 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't re-add NT box to domain
On Fri, 2004-03-26 at 14:10, Chris Garrigues wrote: While I wait for an answer to my last question, allow me to ask another. When we upgraded a samba server from 2.x to 3.0.0-2mdk using LDAP, we managed to change the domain SID. Instead of fixing the SIDs on the sever, I re-added the hosts to the domain. Although it was a lot of work, it was successful on most of the systems on the network. However, we have one old NT4 box on the network which will not rejoin the domain. Instead it reports: This computer name is already configured as a domain controller on the domain. We've deleted and re-added the user object for the machine several times. This is what it currently looks like: [EMAIL PROTECTED] samba3]# pdbedit3 -u ntbox$ -v Unix username:ntbox$ NT username: ntbox$ Account Flags:[ ] User SID: S-1-5-21-3970570929-2603547963-1902127304-2152 Primary Group SID:S-1-5-21-3970570929-2603547963-1902127304-513 Full Name:nt computer Home Directory: \\border\ntbox_ HomeDir Drive:U: Logon Script: login.bat Profile Path: \\border\profiles\ntbox_ Domain: BORDERENT Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: Mon, 18 Jan 2038 21:14:07 GMT Kickoff time: Mon, 18 Jan 2038 21:14:07 GMT Password last set:0 Password can change: 0 Password must change: Mon, 18 Jan 2038 21:14:07 GMT I'm suspecting that the old SID is cached on the NT box somewhere, probably in the registry, but I have no idea where to look. Any ideas? samba can't operate as a DC in conjunction with Windows based DC's - With samba 3.0 - 3.0.3pre1 - you can have multiple samba BDC's with a samba PDC but in no other fashion. Perhaps that is targeted for the future - but it is not possible in the present. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Automount from Windows w/o logging in first?
On Fri, 2004-03-26 at 14:53, Malcolm Baldridge wrote: I am trying to do something which should seem very straightforward, not to mention, not unusual for load-balanced web servers, namely: providing a faceless/login-less mounting of SMB shares from NT4 and Win2K servers. Yes, I accept that I will need to stash a plaintext login key in some script or registry key. The security impacts are acceptable. I have the latest Samba 2.2.x server, and a bunch of NT4 (soon to be Windows 2000 Server) web-servers from which I'd like to serve IISROOT directories residing on a samba share. I've tried NTResKit srvany.exe'ing a net use command and lots of other hacks to wire in a service which provides a complete net use W: \\server\WEB\ webpassword /user:weblogin sort of thing. No dice. Soo how DO you automatically mount shares without having to login at the console, so that IIS/Cold-Fusion can serve content out of the Samba share? why not use dfs? Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Account with no lanman hash [ was Re: [Samba] Machine accounts, Samba 3, NT Domain migration
On Sat, 2004-03-27 at 13:12, Beast wrote: * Andrew Bartlett [EMAIL PROTECTED] menulis: 1. Machine has valid passwords (NT+LANMAN) in PWDUMP but only 1 NThash on rpc-Vampire, passwd is different. 2. Valid PWD, only NThash on VMP, but NTHASH in VMP is *same* as LANMANHASH in PWD. 3. No valid hash in PWD (only ), but has valid NTHASH in VMP. 4. Valid PWD, valid VMP and both are same. On rpc-vampire, from total of 638 machine, 448 are only having NTpassword hash entry. Is it ok for machine account to have only one hash? (i can not try it right now because the site is on another city). Only the NT password matters, except on 3.0.2 and 3.0.2a. Later CVS fixed an issue where the NT password not being present caused a bug (account would be marked disabled). 1. In which tools we trust the output? pwdump or rpc vampire? why the output is different? Well, I understand how 'net rpc vampire' functions, and as it makes *exactly* the same calls that an NT BDC makes, I consider it to be the 'correct' output. I have not looked at the pwdump source, nor had any experience using it, so I don't know why it's output would differ. 2. Is this mean I can not use 3.0.2 or 3.0.2a if I don't have LANMAN hash? This is correct. Note: this 'feature' is mark as 'bug' by jerry and has been fixed. Is it safe to have NT hash only on production? http://lists.samba.org/archive/samba/2004-March/082989.html It is safe to have NT hash only in production, on versions of Samba the support this, because for many account types (machine accounts in particular, also accounts with strlen(pw) 14) the NT hash is the only valid hash. The practise (on machine accounts) of setting the NT and LM passwords to the same value derives from the need to avoid having a NULL LM password, where that might mean 'all passwords'. Samba no longer makes those assumptions, and has not for a long time, so in the very near future, this will be removed. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Automount from Windows w/o logging in first?
On Fri, 2004-03-26 at 19:45, Malcolm Baldridge wrote: why not use dfs? I know nothing about it, really. The main file repository must be a unix system because I have automated revision control and backup regimes for that, but not for Windows. Some givens: 1) File servers are not Windows machines. 2) File clients are Windows NT4 and 2000 Server machines, some of which run under vmWare, some of which run natively on the hardware. I'm shifting away from natively-run Windows systems altogether due to support hassles. --- let's stay on the list. DFS is windows version of nfs exports/mounts Samba 3 supports dfs. I don't think 2.2.x does. Microsoft offers Services for Unix for free - you can mount nfs shares on Windows. Windows share mounts in user space don't work because someone has to log in to Windows machine - it's something that has to run as a service as you have discovered. The systems running vmware should have no problem whatsoever mounting the shares from UNIX repositories via nfs. In my mind it's either nfs mounts or dfs or you have to 're-think' your options (i.e. rsync files on each windows server from 'master') Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Account with no lanman hash [ was Re: [Samba] Machine accounts, Samba 3, NT Domain migration
* Andrew Bartlett [EMAIL PROTECTED] menulis: 1. In which tools we trust the output? pwdump or rpc vampire? why the output is different? Well, I understand how 'net rpc vampire' functions, and as it makes *exactly* the same calls that an NT BDC makes, I consider it to be the'correct' output. Just a wishes, is it possible to get pwdump.exe version of net rpc vampire? so we can get hashses output without installing full blown of samba and *script? It then up to administrator what to do with the output, this is the cleanest soulution if you already have existing account in ldap. Also, net rpc vampire has few advantage over pwdump, it can retrieve groups where pwdump can not. I have not looked at the pwdump source, nor had any experience using it, so I don't know why it's output would differ. 2. Is this mean I can not use 3.0.2 or 3.0.2a if I don't have LANMAN hash? This is correct. Sorry for asking again here, can I use samba 3.0.3pre1? sincei can't use older version of samba. Just to make sure... Note: this 'feature' is mark as 'bug' by jerry and has been fixed. Is it safe to have NT hash only on production? http://lists.samba.org/archive/samba/2004-March/082989.html It is safe to have NT hash only in production, on versions of Samba the support this, because for many account types (machine accounts in particular, also accounts with strlen(pw) 14) the NT hash is the only valid hash. The practise (on machine accounts) of setting the NT and LM passwords to the same value derives from the need to avoid having a NULL LM password, where that might mean 'all passwords'. Samba no longer makes those assumptions, and has not for a long time, so in the very near future, this will be removed. Thanks, you really save my life ;-) --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Friendly coexistance with FTP?
Hi folks, I need to provide FTP access (through PureFTPd) to a directory that is currently a Samba share. The idea is to operate both services at the same time, so hosts without SMB capabilities can still access the files. I imagine that locking may become a problem if the a file is simultaneously accessed through both programs. I'm willing to accept this risk, as I expect relatively low volume through the FTP. But other than this problem, are there other issues I should address before doing this? I did RTFM, but couldn't find the details I need. Or perhaps someone has another idea on how I can offer the same files through different protocols... Thanks in advance for any input you might offer. -Nathaniel G H __ Do you Yahoo!? Yahoo! Finance Tax Center - File online. File on time. http://taxes.yahoo.com/filing.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Account with no lanman hash [ was Re: [Samba] Machine accounts, Samba 3, NT Domain migration
On Sat, 2004-03-27 at 15:55, Beast wrote: * Andrew Bartlett [EMAIL PROTECTED] menulis: 1. In which tools we trust the output? pwdump or rpc vampire? why the output is different? Well, I understand how 'net rpc vampire' functions, and as it makes *exactly* the same calls that an NT BDC makes, I consider it to be the'correct' output. Just a wishes, is it possible to get pwdump.exe version of net rpc vampire? so we can get hashses output without installing full blown of samba and *script? It then up to administrator what to do with the output, this is the cleanest soulution if you already have existing account in ldap. 'net rpc samdump' should do what you need Also, net rpc vampire has few advantage over pwdump, it can retrieve groups where pwdump can not. pwdump was a quick hack, from what I understand... I have not looked at the pwdump source, nor had any experience using it, so I don't know why it's output would differ. 2. Is this mean I can not use 3.0.2 or 3.0.2a if I don't have LANMAN hash? This is correct. Sorry for asking again here, can I use samba 3.0.3pre1? sincei can't use older version of samba. Just to make sure... You can. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Account with no lanman hash [ was Re: [Samba] Machine accounts, Samba 3, NT Domain migration
* Andrew Bartlett [EMAIL PROTECTED] menulis: 'net rpc samdump' should do what you need Wew, it can dump all sam without asking for admin password ;-) However, it always gives segmentation fault error after retrieveing groups. Nevermind, it already get all acounts anyway... I'll try it on client and let you know. Also, net rpc vampire has few advantage over pwdump, it can retrieve groups where pwdump can not. pwdump was a quick hack, from what I understand... I wish i knew this tool before ;-(. However i can confirm that pwdump was able to get 100% of correct account if client is joined recently. Tested on hundreds clients on different domain. --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Quarantine Attachments
Your message with subject Re: Proof of concept sent on 03/26/2004, 01:45:01 PM contained one or more attachments not allowed by ChevronTexaco and was blocked. CAUTION - ChevronTexaco Corporation has detected one or more computer viruses in an Email message sent through our Email system. The infected message was blocked and will not be delivered to recipients hosted by ChevronTexaco computer systems. Please run an antivirus application to ensure your computer is free from viruses prior to sending additional Email. Information about the affected message follows: Message Date: 03/26/2004, 01:45:01 PM Message Subject: Re: Proof of concept Message Recipients: [EMAIL PROTECTED] Reason: Virus Scanner found the W32/[EMAIL PROTECTED] virus in the attached file: part_01.zip PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
CVS update: samba/source/client
Date: Fri Mar 26 15:40:06 2004 Author: jerry Update of /data/cvs/samba/source/client In directory dp.samba.org:/tmp/cvs-serv23693/client Modified Files: Tag: SAMBA_3_0 client.c Log Message: source code fix for bug 1095 -- honor the '-l' option Revisions: client.c1.209.2.53 = 1.209.2.54 http://www.samba.org/cgi-bin/cvsweb/samba/source/client/client.c.diff?r1=1.209.2.53r2=1.209.2.54
CVS update: samba/source/lib
Date: Fri Mar 26 15:40:06 2004 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv23693/lib Modified Files: Tag: SAMBA_3_0 debug.c popt_common.c Log Message: source code fix for bug 1095 -- honor the '-l' option Revisions: debug.c 1.49.2.12 = 1.49.2.13 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/debug.c.diff?r1=1.49.2.12r2=1.49.2.13 popt_common.c 1.2.2.11 = 1.2.2.12 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/popt_common.c.diff?r1=1.2.2.11r2=1.2.2.12
CVS update: samba/source/lib
Date: Fri Mar 26 15:42:19 2004 Author: jerry Update of /data/cvs/samba/source/lib In directory dp.samba.org:/tmp/cvs-serv24676/lib Modified Files: debug.c popt_common.c Log Message: source code fix for bug 1095 -- honor the '-l' option Revisions: debug.c 1.74 = 1.75 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/debug.c.diff?r1=1.74r2=1.75 popt_common.c 1.17 = 1.18 http://www.samba.org/cgi-bin/cvsweb/samba/source/lib/popt_common.c.diff?r1=1.17r2=1.18
CVS update: samba/source/client
Date: Fri Mar 26 15:42:19 2004 Author: jerry Update of /data/cvs/samba/source/client In directory dp.samba.org:/tmp/cvs-serv24676/client Modified Files: client.c Log Message: source code fix for bug 1095 -- honor the '-l' option Revisions: client.c1.263 = 1.264 http://www.samba.org/cgi-bin/cvsweb/samba/source/client/client.c.diff?r1=1.263r2=1.264
CVS update: samba-docs/docbook
Date: Fri Mar 26 15:43:12 2004 Author: jerry Update of /data/cvs/samba-docs/docbook In directory dp.samba.org:/tmp/cvs-serv24802/docbook Modified Files: global.ent Log Message: clarify the -l common option Revisions: global.ent 1.31 = 1.32 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/global.ent.diff?r1=1.31r2=1.32
CVS update: samba-docs/docbook/manpages
Date: Fri Mar 26 15:43:12 2004 Author: jerry Update of /data/cvs/samba-docs/docbook/manpages In directory dp.samba.org:/tmp/cvs-serv24802/docbook/manpages Modified Files: ntlm_auth.1.xml rpcclient.1.xml smbclient.1.xml smbcquotas.1.xml smbsh.1.xml vfstest.1.xml Log Message: clarify the -l common option Revisions: ntlm_auth.1.xml 1.6 = 1.7 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/ntlm_auth.1.xml.diff?r1=1.6r2=1.7 rpcclient.1.xml 1.4 = 1.5 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/rpcclient.1.xml.diff?r1=1.4r2=1.5 smbclient.1.xml 1.2 = 1.3 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/smbclient.1.xml.diff?r1=1.2r2=1.3 smbcquotas.1.xml1.5 = 1.6 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/smbcquotas.1.xml.diff?r1=1.5r2=1.6 smbsh.1.xml 1.2 = 1.3 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/smbsh.1.xml.diff?r1=1.2r2=1.3 vfstest.1.xml 1.2 = 1.3 http://www.samba.org/cgi-bin/cvsweb/samba-docs/docbook/manpages/vfstest.1.xml.diff?r1=1.2r2=1.3
CVS update: samba/source/msdfs
Date: Fri Mar 26 17:58:30 2004 Author: vlendec Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv19548 Modified Files: Tag: SAMBA_3_0 msdfs.c Log Message: After briefly talking to jerry, commit this: Redirect clients to shares based on the the client's IP address. The msdfs link has the following form: temp1 - msdfs:@/data/tmp/[EMAIL PROTECTED] The file /data/tmp/redir has the contents: 192.168.234.128 closest 192.168.234 close default Everything in between the @-signs in the link target is replaced by the substituion in the file. Jerry, errors in the filename expansion are now answered with NT_STATUS_OBJECT_NAME_NOT_FOUND Volker Revisions: msdfs.c 1.28.2.26 = 1.28.2.27 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.28.2.26r2=1.28.2.27
CVS update: samba/source/msdfs
Date: Fri Mar 26 17:59:14 2004 Author: vlendec Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv19672 Modified Files: msdfs.c Log Message: After briefly talking to jerry, commit this: Redirect clients to shares based on the the client's IP address. The msdfs link has the following form: temp1 - msdfs:@/data/tmp/[EMAIL PROTECTED] The file /data/tmp/redir has the contents: 192.168.234.128 closest 192.168.234 close default Everything in between the @-signs in the link target is replaced by the substituion in the file. Jerry, errors in the filename expansion are now answered with NT_STATUS_OBJECT_NAME_NOT_FOUND Volker Revisions: msdfs.c 1.50 = 1.51 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.50r2=1.51
CVS update: samba/source/msdfs
Date: Fri Mar 26 20:40:29 2004 Author: jra Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv17586/msdfs Modified Files: msdfs.c Log Message: Always use strchr_m, not strchr on unix character sets. Jeremy. Revisions: msdfs.c 1.51 = 1.52 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.51r2=1.52
CVS update: samba/source/msdfs
Date: Fri Mar 26 20:40:30 2004 Author: jra Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv17741/msdfs Modified Files: Tag: SAMBA_3_0 msdfs.c Log Message: Always use strchr_m, not strchr on unix character sets. Jeremy. Revisions: msdfs.c 1.28.2.27 = 1.28.2.28 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.28.2.27r2=1.28.2.28
CVS update: samba/source
Date: Fri Mar 26 22:26:33 2004 Author: vlendec Update of /data/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv5810 Modified Files: Tag: SAMBA_3_0 Makefile.in configure.in Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: Makefile.in 1.468.2.222 = 1.468.2.223 http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in.diff?r1=1.468.2.222r2=1.468.2.223 configure.in1.300.2.218 = 1.300.2.219 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.300.2.218r2=1.300.2.219
CVS update: samba/source/modules
Date: Fri Mar 26 22:26:33 2004 Author: vlendec Update of /data/cvs/samba/source/modules In directory dp.samba.org:/tmp/cvs-serv5810/modules Added Files: Tag: SAMBA_3_0 vfs_expand_msdfs.c Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: vfs_expand_msdfs.c NONE = 1.1.2.1 http://www.samba.org/cgi-bin/cvsweb/samba/source/modules/vfs_expand_msdfs.c?rev=1.1.2.1
CVS update: samba/source/msdfs
Date: Fri Mar 26 22:26:34 2004 Author: vlendec Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv5810/msdfs Modified Files: Tag: SAMBA_3_0 msdfs.c Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: msdfs.c 1.28.2.28 = 1.28.2.29 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.28.2.28r2=1.28.2.29
CVS update: samba/source
Date: Fri Mar 26 22:29:09 2004 Author: vlendec Update of /data/cvs/samba/source In directory dp.samba.org:/tmp/cvs-serv6087 Modified Files: Makefile.in configure.in Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: Makefile.in 1.762 = 1.763 http://www.samba.org/cgi-bin/cvsweb/samba/source/Makefile.in.diff?r1=1.762r2=1.763 configure.in1.532 = 1.533 http://www.samba.org/cgi-bin/cvsweb/samba/source/configure.in.diff?r1=1.532r2=1.533
CVS update: samba/source/modules
Date: Fri Mar 26 22:29:09 2004 Author: vlendec Update of /data/cvs/samba/source/modules In directory dp.samba.org:/tmp/cvs-serv6087/modules Added Files: vfs_expand_msdfs.c Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: vfs_expand_msdfs.c 1.1 = 1.2 http://www.samba.org/cgi-bin/cvsweb/samba/source/modules/vfs_expand_msdfs.c.diff?r1=1.1r2=1.2
CVS update: samba/source/msdfs
Date: Fri Mar 26 22:29:09 2004 Author: vlendec Update of /data/cvs/samba/source/msdfs In directory dp.samba.org:/tmp/cvs-serv6087/msdfs Modified Files: msdfs.c Log Message: Move the Client-IP based msdfs target expansion to a VFS module. Volker Revisions: msdfs.c 1.52 = 1.53 http://www.samba.org/cgi-bin/cvsweb/samba/source/msdfs/msdfs.c.diff?r1=1.52r2=1.53
CVS update: samba/source/smbd
Date: Fri Mar 26 23:02:53 2004 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv12204/smbd Modified Files: Tag: SAMBA_3_0 server.c Log Message: Fix bug #1211. Ensure accept socket is in non-blocking state in case of network error after select() returns true. (See accept man page on Linux). Patch from [EMAIL PROTECTED] (Richard Garnish). Jeremy. Revisions: server.c1.372.2.39 = 1.372.2.40 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/server.c.diff?r1=1.372.2.39r2=1.372.2.40
CVS update: samba/source/smbd
Date: Fri Mar 26 23:02:55 2004 Author: jra Update of /data/cvs/samba/source/smbd In directory dp.samba.org:/tmp/cvs-serv12178/smbd Modified Files: server.c Log Message: Fix bug #1211. Ensure accept socket is in non-blocking state in case of network error after select() returns true. (See accept man page on Linux). Patch from [EMAIL PROTECTED] (Richard Garnish). Jeremy. Revisions: server.c1.434 = 1.435 http://www.samba.org/cgi-bin/cvsweb/samba/source/smbd/server.c.diff?r1=1.434r2=1.435
CVS update: samba/source/libsmb
Date: Sat Mar 27 02:13:55 2004 Author: jra Update of /data/cvs/samba/source/libsmb In directory dp.samba.org:/tmp/cvs-serv12057/libsmb Modified Files: clifile.c Log Message: Working (tested) client code for setting EA's by filename and fnum. Now for parsing out the retrieved EA's. Jeremy. Revisions: clifile.c 1.52 = 1.53 http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/clifile.c.diff?r1=1.52r2=1.53
CVS update: samba/source/include
Date: Sat Mar 27 02:13:55 2004 Author: jra Update of /data/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv12057/include Modified Files: smb.h Log Message: Working (tested) client code for setting EA's by filename and fnum. Now for parsing out the retrieved EA's. Jeremy. Revisions: smb.h 1.507 = 1.508 http://www.samba.org/cgi-bin/cvsweb/samba/source/include/smb.h.diff?r1=1.507r2=1.508
CVS update: samba/source/torture
Date: Sat Mar 27 02:13:55 2004 Author: jra Update of /data/cvs/samba/source/torture In directory dp.samba.org:/tmp/cvs-serv12057/torture Modified Files: torture.c Log Message: Working (tested) client code for setting EA's by filename and fnum. Now for parsing out the retrieved EA's. Jeremy. Revisions: torture.c 1.111 = 1.112 http://www.samba.org/cgi-bin/cvsweb/samba/source/torture/torture.c.diff?r1=1.111r2=1.112
CVS update: samba/source/include
Date: Sat Mar 27 02:13:58 2004 Author: jra Update of /data/cvs/samba/source/include In directory dp.samba.org:/tmp/cvs-serv12068/include Modified Files: Tag: SAMBA_3_0 smb.h Log Message: Working (tested) client code for setting EA's by filename and fnum. Now for parsing out the retrieved EA's. Jeremy. Revisions: smb.h 1.424.2.65 = 1.424.2.66 http://www.samba.org/cgi-bin/cvsweb/samba/source/include/smb.h.diff?r1=1.424.2.65r2=1.424.2.66
