[Samba] Virus Alert
The mail message (file: note.com) you sent to <[EMAIL PROTECTED]> contains a virus. (on smtp1av.net) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] why do occur seg-fault at uicode_to_unix_char() - using remote_change_password function???
Hello everyone. I am writing some program which change password of smb users. so i use remote_change_password function and try it but seg-fault whenever call unicode_to_unix_char() function. blow my code int setsambapassword( const char *remotehost, char *username, const char *smboldpassword, char *password) { char err[1024]; int ret; memset( &err, '\0', sizeof(err)); ret = remote_password_change(remotehost, username, smboldpassword, password, err, sizeof(err)); if( *err) fprintf(stderr, err); return ret; } and compiling with follow option gcc -o testsamba testsamba.c -lsmbclinet /usr/lib/libsmbclinet.a -g and run using gdb gdb ./testsamba gdb> run Program received signal SIGSEGV, Segmentation fault, 0x080850dc in unicode_to_unix_char() gdb) where #0 0x08085dc in unicode_to_unix_char() #1 0x08069a27 in clistr_pull() #2 0x08060a7b in cli_negprot() ... ... why does this problem occur? Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba error message
My smb is up running there are 20 smbd proccesses on the samba server. But w2k clients get remote computer not available while trying to connect to samba server. When the proccess count is lower than 20 they can connect. I don't have any connection limit parameter in smb.conf . Any ideas ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Incorrect permission of mount despite correct options
Hello, this is a problem I have worked on for a very long time. Here begins the story begins when the 2.6.0-testing series of Linux kernels were being released. I had a mount samba mount served by my mac running Mac OS X 10.3 (smbd currently at version 3.0.2) and the client was a x86 based Debian machine running unstable and a custom 2.4.x kernel (currently running 2.6.5 kernel and samba 3.0.2a Debian). While I was using the 2.4.x series kernels the mount worked as expected. No problems here. However back when the 2.6.0-testing (first encountered the problem in 2.6.0-testing4's initial release) series kernel were being released I could not get my mount to continue to work correctly. The problem was that it was/is being mounted under the following permissions: [EMAIL PROTECTED]:~/mount$ ls -l total 0 drwxr-xr-x1 501 dialout 0 Apr 7 20:39 Audio drwxrwxr-x1 501 dialout 0 Apr 9 01:29 Desktop drwx--1 501 dialout 0 Apr 2 15:33 Documents drwxrwxrw-1 501 dialout 0 Feb 19 10:38 Graphics drwxr-xr-x1 501 dialout 0 Apr 8 12:30 Internet drwx--1 501 dialout 0 Apr 1 15:06 Library drwxr-xr-x1 501 dialout 0 Sep 8 2003 Music drwxr-xr-x1 501 dialout 0 Jan 29 19:02 Other Stuff drwxrwxrw-1 501 dialout 0 Sep 25 2003 Pictures drwxr-xr-x1 501 dialout 0 Mar 22 19:55 Productivity drwxr-xr-x1 501 dialout 0 Apr 3 21:34 Utilities drwxr-xr-x1 501 dialout 0 Apr 2 15:35 Video Now I have no user 501 on my system and no dialout group either. Odd. So I revert back to my 2.4 kernel. 2.6.0-testing9 comes out- same results so I continue to use the 2.4 series (all along this mount works under Windows 2k fine and continues to). Finally around kernel version 2.6.3 I take a big stab at the problem. I try mounting it with other systems and they all work. I have been trying to find a live linux distribution based on 2.6 to check if my install is just messed up but I haven't been able to. I have mounted it fine using a knoppix 3.3 live cd running a 2.4 kernel. This share also works fine while using the smbclient tool. I have had numerous conversations with people on IRC only for them to come up stumped. Here is a list of things I've tried: - Mounting with no uid or gid provided doesn't change things - Mounting with numeric uid and gid - Multiple mount points - Different shares on the Mac OS X server - Recompiled kernels and Debian supplied kernels I have not been able to try a few things that I want to, another list: - Using another 2.6 based linux machine - Different version of smbmount on current linux kernel and setup - Different smbd version of OS X machine Unfortunately I cannot do those so I am lost as to what is going on. If it was simply Debian unstable not "liking" the default OS X samba setup I would have imagined there would be more people having this problem. I had found ONE message detailing this problem exactly only the uid it was being mounted under was 504. The post had no follow up and I cannot find the link right now (sorry I did a google search but can't remember the phrase I used, I believe it's actually on the samba list). I am sure I have forgotten important configuration details on both sides, don't hesitate to ask!!! Also I haven't been able to recall EVERY single troubleshooting step I've taken but please feel free to suggest things. Past e-mailing this list I'm lost. Thanks for all of your time, I eagerly await your response. Thank you very much! Also this mount had no problems on a Sun SPARCstation 5 running 2.4 series Linux kernels running debian stable. Other Linux distributions (RedHat I've had access to and Gentoo mount it fine as well but I cannot find another 2.6 based system for the life of me!) Thanks again! -Tim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Shares and Win32 Viruses
Hi Collective users of Samba, (does has a nice ring to it eh?) Recently I found a my samba server being infected by win32 viruses. Though it does not affect the server in any way, I do find them to be an annoyance. I understand also that I can perform "veto" of files like *.exe in smb.conf but find that to be a wee bit restrictive. There are some users who stores valid executables in the shares. http://hr.uoregon.edu/davidrl/samba-unofficial.html "To prevent access to suspicious files (e.g., those that tend to become infected by virus'), use the following. The last bit prevents access to files with a CLSID in the file extension. veto files = /*.exe/*.dll/*.pif/*.com/*.vbs/*.{*}/" I've also read that there is a sort of a plugin for scanning samba shares using an open-sourced virus scanner www.openantivirus.org but upon looking at it, I noticed that development in this stopped like 2 years ago. (based on last date of file release) Also there is a disclaimer in the project page that asks users to not rely on it. So, collective users of SAMBA, what is the best way to mitigate this issue?? I found out that the virus has even been replicated to my rsync snapshots. :( Cheers, .^. Mun Heng, Ow/V\ H/M Engineering /( )\ Western Digital M'sia ^^-^^ DID : 03-7870 5168 The Linux Advocate -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Shares and Win32 Viruses
Hi Collective users of Samba, (does has a nice ring to it eh?) Recently I found a my samba server being infected by win32 viruses. Though it does not affect the server in any way, I do find them to be an annoyance. I understand also that I can perform "veto" of files like *.exe in smb.conf but find that to be a wee bit restrictive. There are some users who stores valid executables in the shares. http://hr.uoregon.edu/davidrl/samba-unofficial.html "To prevent access to suspicious files (e.g., those that tend to become infected by virus'), use the following. The last bit prevents access to files with a CLSID in the file extension. veto files = /*.exe/*.dll/*.pif/*.com/*.vbs/*.{*}/" Cheers, .^. Mun Heng, Ow/V\ H/M Engineering /( )\ Western Digital M'sia ^^-^^ DID : 03-7870 5168 The Linux Advocate -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
Hi Wim Bakker, You have to make sure that LDAP is running withi out any error. Can you do this (note: make sure there is no ACL applied on the slapd.conf else you wont see the out put ofyour DN): # ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts Is there any out put? Can you please show me your smb.conf Globla config Regards, Suhaimi Wim Bakker wrote: On Thursday 08 April 2004 18:00, Paul Gienger wrote: Did you remember to do a "smbpasswd -w " to store the password for the manager's dn in the secrets.tdb file? PS. issuing the following command after changing the ldap admin dn entry in smb.conf gives me this error: [EMAIL PROTECTED]:/install/openldap-2.1.19# smbpasswd -a gerrit New SMB password: Retype new SMB password: failed to add domain dn= sambaDomainName=UNETIX,dc=unetix,dc=nl with: Internal (implementation specific) error index generation failed Adding domain info for UNETIX failed with NT_STATUS_UNSUCCESSFUL Failed to initialise SAM_ACCOUNT for user gerrit. Failed to modify password entry for user gerrit - What may be causing this? TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Deleting of Desktop Icons
It sounds to me as if the roamin profile isn't being overwrittent when updated, so when you log back in your getting the older profile. Check the r/w permissions on the folders that the profiles are saved to on the samba server, The user that the profile is associated with should be the owner of the folder and all files within. "Andrei Mikhailovsky" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > I have the same issue as well, on XP and 2k. > > sometimes it actually deletes icons and folders, but most often they are > recreated after a login. It might be an issue with roaming profiles > from the samba side, I never managed to find an answer. > > - -- > Andrei Mikhailovsky > Arhont Ltd - Information Security > > Web: http://www.arhont.com > Tel: +44 (0)870 4431337 > Fax: +44 (0)117 9690141 > PGP: Key ID - 0xFF67A4F4 > PGP: Server - keyserver.pgp.com > > > Matthias Spork wrote: > | Hello, > | > | I delete some Icons/Documents on my Desktop. After a new login, they > | will be on my Desktop again. > | > | Is this a Windows- or a Samba-Problem? > | > | Environment: Samba 3.02a, Win NT (SP6), 2K (Varius Service Packs) > | > | matze > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.4 (GNU/Linux) > Comment: Using GnuPG with Debian - http://enigmail.mozdev.org > > iD8DBQFAdRZ15bSBOf9npPQRAiZbAKCcdxqXTtBgpbAyORKqLeVeNBmKPACfd+5S > IFldLIjkX5MHLRQ9K7rhYPg= > =GKo1 > -END PGP SIGNATURE- > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Urgent Help Please
I haven't been seeing any more files in the /var/spool/samba directory, but these errors are showing up in my message log file all the time now. Apr 8 15:27:09 fs3 smbd[22335]: register_message_flags: tdb_fetch failed Apr 8 15:41:36 fs3 sshd(pam_unix)[23565]: session opened for user root by (uid=0) Serveral times I've shutdown samba, deleted the tdb file, and restarted samba as some have recommeneded but the errors keep coming back. any idea what can cause such corruption? <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > > I've been having issues with Win98 printing on RedHat ES 3, which is > using > > Samba 3.0.2-6.ES. The WinXP computers print fine, but the Win98 ones > tend > > to lose the print queue and I've noticed that even if they print job > files > > tend to remain in the /var/spool/samba directory. > > Are these zero-byte smbprn files, or is there really print data there > that just doesn't get submitted to cups for some reason? If they are > zero-length then check your samba logs for the client/machine in > question. I've seen zero length smbprn files with corrupted print > tdb's. > > ~ Daniel > > > > > > > > > > > > --- > > This message is the property of Time Inc. or its affiliates. It may be > legally privileged and/or confidential and is intended only for the use > of the addressee(s). No addressee should forward, print, copy, or > otherwise reproduce this message in any manner that would allow it to be > viewed by any individual not originally listed as a recipient. If the > reader of this message is not the intended recipient, you are hereby > notified that any unauthorized disclosure, dissemination, distribution, > copying or the taking of any action in reliance on the information > herein is strictly prohibited. If you have received this communication > in error, please immediately notify the sender and delete this message. > Thank you. > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] IPv6 support in Samba 3.0.2
Hi, Not having performed a source code build for Samba 3.0.2, is there an option in the build to include support for IPv6 ? Or is there something in smbd.conf possibly? Thanks! Randy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: Urgent Help Please
> I've been having issues with Win98 printing on RedHat ES 3, which is using > Samba 3.0.2-6.ES. The WinXP computers print fine, but the Win98 ones tend > to lose the print queue and I've noticed that even if they print job files > tend to remain in the /var/spool/samba directory. Are these zero-byte smbprn files, or is there really print data there that just doesn't get submitted to cups for some reason? If they are zero-length then check your samba logs for the client/machine in question. I've seen zero length smbprn files with corrupted print tdb's. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Urgent Help Please
I've been having issues with Win98 printing on RedHat ES 3, which is using Samba 3.0.2-6.ES. The WinXP computers print fine, but the Win98 ones tend to lose the print queue and I've noticed that even if they print job files tend to remain in the /var/spool/samba directory. "RRuegner" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Jeramy Eling schrieb: > > Hi All, > > > > We have been running Samba (3.0.2), CUPS on SUSE 9 Pro for some time now with no problems. This morning however it all seems to have gone wrong, and the users on site can no longer print. When a user prints a document nothing comes out on the printer and further investigation in the Windows printers folder reveals the printers are sat with 'x' amount of jobs on them and constantly refreshing, opening the print queue on the users window machine reveals no jobs in the queue at all. > > > > I have tried all the usual, restarting the daemons and rebooting the machine, I even considered a removal and reinstall of Samba, the system logs show that the SMBD is having a panic each time a user tries to print or view the print queues. > > > > Does anyone have any suggestions how I can resolve this issue? We migrated this box from Windows due to stability problems, and I really don't want to have to go back to Windows for my print server. > > > > Many Thanks In Advance > > > > Jez. > > > what said your samba and the cups log ,is /var/spool/samba accesible to > everybody > regards > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: printing dead
What OS are your clients running? Running RedHat ES 3 with Samba 3.0.2-6.EL I've been having printing issues with my Win98 clients that do not affect my WinXP clients. RedHat has been working on my problem ticket for a month now. "Simon Leung" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Dear All, > > I am running Samba3.0.2a Domain. For some unknown reason, the printing ( 3 > laserjets running) were mal-function and no-one included the admin account > couldn't send out the print job. While I went through the log, I have found > the following: > > (FYI: I am running lprng for the printing) > > Apr 7 23:00:15 samba3 smbd[12330]: [2004/04/07 23:00:15, 0] > tdb/tdbutil.c:tdb_log(724) > Apr 7 23:00:15 samba3 smbd[12330]: > tdb(/usr/local/samba/var/locks/printing/my-printer.tdb): tdb_oob len > 16909640 beyond eof at 40960 > > > Then I renamed those problem .tdb files and restart samba daemon, they back > to work. BUT...but they died again when I came back to office this > morning. > > I have double checked that I can print directly through the Redhat desktop > but no luck through the samba. Also, I've checked the smb.conf and no > modification since last week. > > So where should I lookup on my system to troubleshoot this? > > Many THX > > Simon > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, need meds?
Haven't we met somewhere before? :))) To be uncertain is to be uncomfortable, but to be certain is to be ridiculous. Samba, searching for a place to shop for medication? The real acid test of courage is to be just your honest self when everybody is trying to be like somebody else. The last refuge of the insomniac is a sense of superiority to the sleeping world. He that hath a beard is more than a youth, and he that hath no beard is less than a man. We ship worldwide The sound of a kiss is not so loud as that of a cannon, but its echo lasts a great deal longer. Your easy-to-use solution is here http://actinometric.we3xe.com/d13/index.php?id=d13 You are completely anonymous! Be ye kind one to another, tenderhearted, forgiving one another, even as God for Christ's sake hath forgiven you. [Ephesians] Flying is hours and hours of boredom sprinkled with a few seconds of sheer terror. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] getpeername/server crash problem
Hi! Before anything, here is my hardware/software informations : Hardware : -IBM x345, 1 CPU, 1G RAM, IBM ServeRAID controlle -6 HD used with LVM, 2 volume group, 12 logical volumes all running ext3 Software : -RedHat Linux Enterprise AS (Academic) 3.0 update 1 -Kernel 2.4.21-4.0.2.EL -samba-3.0.2-6.3E -Running an apache 2 web server -On normal use, there is only 10-15 computers "samba" connected to the server with network drives Recently (this week), I start having problem with a samba server. I kept having like (many times each seconds) : [...] Apr 4 00:14:30 rohan smbd[3170]: write_socket_data: write failure. Error = Connection reset by peer Apr 4 00:14:30 rohan smbd[3170]: [2004/04/04 00:14:30, 0] lib/util_sock.c:write_socket(413) Apr 4 00:14:30 rohan smbd[3170]: write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer Apr 4 00:14:30 rohan smbd[3170]: [2004/04/04 00:14:30, 0] lib/util_sock.c:send_smb(605) Apr 4 00:14:30 rohan smbd[3170]: Error writing 4 bytes to client. -1. (Connection reset by peer) Apr 4 00:46:30 rohan smbd[4201]: [2004/04/04 00:46:30, 0] lib/util_sock.c:get_peer_addr(952) Apr 4 00:46:30 rohan smbd[4201]: getpeername failed. Error was Transport endpoint is not connected Apr 4 00:46:30 rohan smbd[4201]: [2004/04/04 00:46:30, 0] lib/util_sock.c:get_peer_addr(952) Apr 4 00:46:30 rohan smbd[4201]: getpeername failed. Error was Transport endpoint is not connected Apr 4 00:46:30 rohan smbd[4201]: [2004/04/04 00:46:30, 0] lib/util_sock.c:write_socket_data(388) Apr 4 00:46:30 rohan smbd[4201]: write_socket_data: write failure. Error = Connection reset by peer Apr 4 00:46:30 rohan smbd[4201]: [2004/04/04 00:46:30, 0] lib/util_sock.c:write_socket(413) Apr 4 00:46:30 rohan smbd[4201]: write_socket: Error writing 4 bytes to socket 16: ERRNO = Connection reset by peer Apr 4 00:46:30 rohan smbd[4201]: [2004/04/04 00:46:30, 0] lib/util_sock.c:send_smb(605) Apr 4 00:46:30 rohan smbd[4201]: Error writing 4 bytes to client. -1. (Connection reset by peer) [...] At some point, the samba server is going crazy and I have seen up to 11000 "smbd -D" process with a wooping load average of 600 !! Needless to say the server was dying and almost frozen and I had to reboot. I start monitoring more carefully the server and when the # of process was to high (normally there is 8-12 smbd process), I have to "killall -9 smbd" and start over. 3 seconds after I was start, I often saw 200 process and had to kill it again. I added some option in smb.conf : deadtime = 60 debug uid = yes debug pid = yes oplocks = no log level = 1 max connections = 50 max smbd processes = 50 hostname lookups = no socket options = TCP_NODELAY SO_KEEPALIVE With no success! I was surprise to see that "max smbd processes = 50" did not prevent samba to grow up to an amazing number of process very quickly (+1000) I started to log with iptables what was happening on the IP layer (I logged incoming packets matching udp/tcp on port 137/138/139/445). Very quickly, another storm occured and the server was receiveing A LOT of packets : [...] Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=54407 DF PROTO=TCP SPT=3863 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=54408 DF PROTO=TCP SPT=3863 DPT=445 WINDOW=65535 RES=0x00 ACK URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=54410 DF PROTO=TCP SPT=3863 DPT=445 WINDOW=65535 RES=0x00 ACK FIN URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=54411 DF PROTO=TCP SPT=3865 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=54412 DF PROTO=TCP SPT=3865 DPT=445 WINDOW=65535 RES=0x00 ACK URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=54413 DF PROTO=TCP SPT=3866 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 Apr 8 11:19:17 rohan kernel: IN=eth0 OUT= MAC=00:09:6b:f1:49:1e:00:09:97:56:9a:0e:08:00 SRC=x.y.16.19 DST=x.y.15.3 LEN=177 TOS=0x00 PREC=0x00 TTL=127 ID=54414 DF PROTO=TCP SPT=3865 DPT=445 WINDOW=65535 RES=0x00 ACK PSH URGP=0 Apr 8 11:19:17 rohan smbd[5095]: [2004/04/08 11:19:17, 0, pid=5095, effective(0, 0), real(0, 0)] lib/util_sock.c:get_peer_addr(952) Apr 8 11:19:17 rohan smbd[5095]: getpeername failed. Error was Transport endpoint is not connected Apr 8 11:19:17 rohan s
[Samba] RE:Photo document
You have sent a mail to [EMAIL PROTECTED] containing a virus. Please remove the virus and send again. The Postmaster of BIPT -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] permissions to add samba to domain
Hi all, When I run net ads join to join a samba server to an AD domain, the account is created in the OU. However the command just sits there afterwards. If I create the account first then join, the same thing happens. I've tried all sorts of things to find out what's wrong to no avail. Now I'm wondering about the account I'm using to join. The account that I used to join has restrictions. It has the ability to create and delete accounts. Do joining need more permissions than that? Thanks Ted - Do you Yahoo!? Yahoo! Small Business $15K Web Design Giveaway - Enter today -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Setting up Linux and ADS
Hi, I'm sure you've heard this before as I've been searching the net for about a week now with no luck. I am setting up Samba 3.0.2a on a Linux server (I've tried RedHat 9 and Crux distributions). As per the many howto's and docs out there, I installed KRB5 (MIT version) and OpenLDAP required library files. No problems. I've run kinit against the AD here at the office, no problem, got a ticket. I've run net ads join "Operations\City\Data Centre" -U\$adminname, no problem I've run net ads testjoin and it comes back Ok. I've run klist tickets on my local PC, no problem, got a ticket from the server. When it comes time to run smbclient or attempt to mount and Samba shares, I get problems. For example: smbclient -L calnfs01 -k -Ujbennett session setup failed: NT_STATUS_LOGON_FAILURE In Samba log I get: [2004/04/08 11:33:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! When I try to run net use * \\calnfs01\test I get in the log: [2004/04/08 11:34:50, 1] smbd/sesssetup.c:reply_spnego_kerberos(245) Username FGLCORPORATE+jbennett is invalid on this system When I run: net use * \\calnfs01\test /USER:JBENNETT I get in the log: [2004/04/08 11:33:27, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! When I run wbinfo -u and look for my account, I get: FGLCORPORATE+jbennett Any help would be appreicated. Thanks <<...OLE_Obj...>> Jason Bennett Senior Unix Administrator Forzani Group Ltd. Office: 403-717-1400 Ext 1506 Fax: 403-717-1498 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
On Thursday 08 April 2004 18:00, Paul Gienger wrote: > Did you remember to do a "smbpasswd -w " to store the > password for the manager's dn in the secrets.tdb file? > PS. issuing the following command after changing the ldap admin dn entry in smb.conf gives me this error: [EMAIL PROTECTED]:/install/openldap-2.1.19# smbpasswd -a gerrit New SMB password: Retype new SMB password: failed to add domain dn= sambaDomainName=UNETIX,dc=unetix,dc=nl with: Internal (implementation specific) error index generation failed Adding domain info for UNETIX failed with NT_STATUS_UNSUCCESSFUL Failed to initialise SAM_ACCOUNT for user gerrit. Failed to modify password entry for user gerrit - What may be causing this? TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
On Thursday 08 April 2004 18:00, Paul Gienger wrote: > Did you remember to do a "smbpasswd -w " to store the > password for the manager's dn in the secrets.tdb file? > Yes , I did, but no succes, connection failed because of invalid credentials. I changed the following in the example as described in the reference guide though: According to the book: #ldap admin dn = cn=Manager Changed to: #ldap admin dn = "cn=Manager,dc=unetix,dc=nl" And after issuing again the smbpasswd -w : #Setting stored password for "cn=Manager,dc=unetix,dc=nl" in secrets.tdb I get the following error when issuing the follwing command: [EMAIL PROTECTED]:/install/openldap-2.1.19# net groupmap list #[2004/04/08 19:44:27, 0] lib/smbldap.c:smbldap_search_domain_info(1350) # Adding domain info for UNETIX failed with NT_STATUS_UNSUCCESSFUL So, what's wrong next ? TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Accent with winbind and pam_mkhomedir
On Thu, Apr 08, 2004 at 11:59:09AM +0200, Benjamin CLEYET-MARREL wrote: > Hello > > I am using Winbind to authenticate user against an NT Domain. client are > mainly using Win98 > I use pam_mkhomedir to auto create home directory of my users. > everything work fine. even the accents in the shared directory > > but when i try to logon for the first time with an accented username > it create a home directory with strange characters > invitÙ seen from win98 and invi_ seen from linux. > > it seems that the code page and de character set parameter is not passed > to winbind or does not affect > the username dialog. or the pam_mkhomedir... > i am a bit lost there help needed The code that sets home directories (by placing them into 'getpwnam responses') in winbindd strips out 'werid' characters, and replaces them with an _. I'm not sure if this correct behaviour, but when I looked at changing it, it was more difficult than I had hoped. (This change could also break some notion of 'backward compatability'). pam_mkhomedir whould be trying to create the directory reported by winbindd, and so *should* just create it with the _ and everything should be fine. That much is either a pam_mkhomedir bug, or a misconfiguration. However, if you had a username that was all 'werid' characters (like in Japan), then a homedir of /home/DOM/_ is not very useful. So please file a bug on this broken winbind behaviour, so we can look at how to fix it. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
Did you remember to do a "smbpasswd -w " to store the password for the manager's dn in the secrets.tdb file? Wim Bakker wrote: On Wednesday 10 March 2004 16:19, John H Terpstra wrote: The use of these tools is documented in the book version of the Samba-HOWTO-Collection, "The Official Samba-3 HOWTO and Reference Guide" available from Amazon.Com. There are 5 chapters that are not in the HOWTO document - these will be released on April 5th with consent from Prentice-Hall (the book publisher). Hello, I tried the example , chapter 2 from "The Official Samba-3 HOWTO and Reference Guide" , Big Organization , followed exactly the procedure as described in this book and get the following error: failed to bind to server with dn= cn=Manager Error: Invalid credentials Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Failed to add entry for user gerrit. Failed to modify password entry for user gerrit - when trying to add the first user (gerrit). What is making up invalid credentials? I used openldap-2.1.19 , compiled with no options, installed it , edited the /etc/openldap/slapd.conf as described in the reference guide , edited smb.conf as described in the reference guide, (only changed the dc's to the domain the machine is in), added the initial ldif as described in the book, but , no cigar. system is slackware 9.1, db-4.2.52, samba-3.0.2a. TIA Wim Bakker -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Undoing Signorseal registry patch
On Thu, Apr 08, 2004 at 09:35:04AM -0400, [EMAIL PROTECTED] wrote: > We recently migrated to samba 3. All our XP Pro PC's have the Signorseal > patch and, last year, I did not save the registry values before applying > the patch. Does anyone know what the original values were before the > patch? I think you can just reverse them (make it 1, not 0) - or use the local security policy editor. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
On Wednesday 10 March 2004 16:19, John H Terpstra wrote: > The use of these tools is documented in the book version of the > Samba-HOWTO-Collection, "The Official Samba-3 HOWTO and Reference Guide" > available from Amazon.Com. There are 5 chapters that are not in the HOWTO > document - these will be released on April 5th with consent from > Prentice-Hall (the book publisher). Hello, I tried the example , chapter 2 from "The Official Samba-3 HOWTO and Reference Guide" , Big Organization , followed exactly the procedure as described in this book and get the following error: failed to bind to server with dn= cn=Manager Error: Invalid credentials Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Failed to add entry for user gerrit. Failed to modify password entry for user gerrit - when trying to add the first user (gerrit). What is making up invalid credentials? I used openldap-2.1.19 , compiled with no options, installed it , edited the /etc/openldap/slapd.conf as described in the reference guide , edited smb.conf as described in the reference guide, (only changed the dc's to the domain the machine is in), added the initial ldif as described in the book, but , no cigar. system is slackware 9.1, db-4.2.52, samba-3.0.2a. TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba and LDAP backend - howto docs problems?
On Wednesday 10 March 2004 16:19, John H Terpstra wrote: > The use of these tools is documented in the book version of the > Samba-HOWTO-Collection, "The Official Samba-3 HOWTO and Reference Guide" > available from Amazon.Com. There are 5 chapters that are not in the HOWTO > document - these will be released on April 5th with consent from > Prentice-Hall (the book publisher). Hello, I tried the example , chapter 2 from "The Official Samba-3 HOWTO and Reference Guide" , Big Organization , followed exactly the procedure as described in this book and get the following error: failed to bind to server with dn= cn=Manager Error: Invalid credentials Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (unknown) (Invalid credentials) Connection to LDAP Server failed for the 1 try! smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) Failed to add entry for user gerrit. Failed to modify password entry for user gerrit - when trying to add the first user (gerrit). What is making up invalid credentials? I used openldap-2.1.19 , compiled with no options, installed it , edited the /etc/openldap/slapd.conf as described in the reference guide , edited smb.conf as described in the reference guide, (only changed the dc's to the domain the machine is in), added the initial ldif as described in the book, but , no cigar. system is slackware 9.1, db-4.2.52, samba-3.0.2a. TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error building Samba 3.0.2a
While building Samba 3 for SuSE linux 9.0 I have a problem with the AFS component (it builds fine if I omit the --with-afs and --with-fake-kaserver options). During configure I did get a warning: checking whether to use AFS clear-text auth... yes checking whether to use AFS fake-kaserver... yes checking for /usr/include/afs... yes checking afs.h usability... no checking afs.h presence... no checking for afs.h... no checking afs/afs.h usability... no checking afs/afs.h presence... yes configure: WARNING: afs/afs.h: present but cannot be compiled configure: WARNING: afs/afs.h: check for missing prerequisite headers? configure: WARNING: afs/afs.h: proceeding with the preprocessor's result checking for afs/afs.h... yes RPM reports that I have OpenAFS 1.2.10 (I installed SuSE's openafs-devel package) Here are the error messages from make: In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:149: error: redeclaration of `enum xdr_op' /usr/include/afs/rx/xdr.h:150: error: conflicting types for `XDR_ENCODE' /usr/include/rpc/xdr.h:84: error: previous declaration of `XDR_ENCODE' /usr/include/afs/rx/xdr.h:151: error: conflicting types for `XDR_DECODE' /usr/include/rpc/xdr.h:85: error: previous declaration of `XDR_DECODE' /usr/include/afs/rx/xdr.h:153: error: conflicting types for `XDR_FREE' /usr/include/rpc/xdr.h:87: error: previous declaration of `XDR_FREE' /usr/include/afs/rx/xdr.h:169: error: conflicting types for `xdrproc_t' /usr/include/rpc/xdr.h:154: error: previous declaration of `xdrproc_t' /usr/include/afs/rx/xdr.h:179: error: redefinition of `struct xdr_ops' /usr/include/afs/rx/xdr.h:208: error: conflicting types for `XDR' /usr/include/rpc/xdr.h:111: error: previous declaration of `XDR' In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:266:1: warning: "XDR_DESTROY" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:212:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:269:1: warning: "xdr_destroy" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:217:1: warning: this is the location of the previous definition /usr/include/afs/rx/xdr.h:284: error: redefinition of `struct xdr_discrim' In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:304:1: warning: "IXDR_GET_INT32" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:256:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:305:1: warning: "IXDR_PUT_INT32" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:257:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:307:1: warning: "IXDR_GET_BOOL" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:273:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:308:1: warning: "IXDR_GET_ENUM" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:274:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:309:1: warning: "IXDR_GET_U_INT32" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:258:1: warning: this is the location of the previous definition In file included from /usr/include/afs/afs/kautils.h:35, from auth/pass_check.c:39: /usr/include/afs/rx/xdr.h:310:1: warning: "IXDR_GET_SHORT" redefined In file included from /usr/include/rpc/rpc.h:45, from include/includes.h:371, from auth/pass_check.c:24: /usr/include/rpc/xdr.h:275:1: warning: this is the loca
[Samba] Howto eliminate the getpeername failed error message
About 10 days ago, I started looking at the getpeername failed. Error was Transport endpoint is not connected message appearing on our logs. This message was being produced very frequently during the day and somewhat less frequently at night. Our configuration is samba 3.0.2a as a PDC with WINS support. Our network has about 60 XP Pro PCs and 100 W98 PCs. The signorseal registry patch was applied to all the XP Pro PCs last year while we were still running samba 2. It was quickly apparent that this message was only being issued for our XP Pro PCs. Also, at night when the network was pretty idle, the message was being issued only on certain XP PRO PCs, but the PCs varied on a nightly basis. Furthermore, at night, for a particular XP Pro PC, the messages were occurring at intervals that were multiples of 15 minutes. After doing some reading and taking some network traces, I inferred that the XP PRO PCs for which the message occurred at night were backup browsers getting their 15 minute refresh. By disabling the Computer Browsing service on a bunch of the XP Pro PCs, the night time messages were reduced. In any event, I did some more reading and looked at some more network traces, without a real understanding. However, one of the items I read was that the XP Pro PC Client attempts to initially communicate with the server over both ports 445 and 139 and that whichever port responds first is used for further communication. So I decided to try disabling port 445 at the server by using iptables to force all session traffic across port 139. iptables -I INPUT 1 -p tcp --dport 445 -j DROP I did this last night and, since applying this iptables rule, there have been no getpeername failed. Error was Transport endpoint is not connected messages in the log. It is now midmorning with regular network traffic. I regard this as a circumvention rather than a fix. So I suspect that the production of this message is a software issue that is somehow related to the initial communication over both ports 445 and 139 rather than being any type of network hardware issue. If the samba group needs some network traces, I can supply them. Mark Orenstein East Granby School System (Connecticut, USA) > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Tue, 6 Apr 2004, Collen Blijenberg wrote: > >> Just wandering, wether this bug is fixed in the 303 pre 2 ?? >> -- >> [2004/02/19 14:03:00, 0] lib/util_sock.c:read_socket_data(342) >>read_socket_data: recv failure for 4. Error = Connection reset by >> peer >> [2004/02/19 14:06:18, 0] lib/util_sock.c:get_peer_addr(952) >>getpeername failed. Error was Transport endpoint is not connected >> [2004/02/19 14:06:18, 0] lib/util_sock.c:send_smb(605) >>Error writing 4 bytes to client. -1. (Connection reset by peer) >> - > > The client disconnected. This is not a Samba bug. Best to check > for bad network hardware, hubs, switches, mismatched duplex settings on > NICs, etc... > > Now if we did something to cause the client to disconnect (e.g. blue > screen the client), then we would need to fix that. > > > > > > > cheers, jerry > - -- > Hewlett-Packard- http://www.hp.com > SAMBA Team -- http://www.samba.org > GnuPG Key http://www.plainjoe.org/gpg_public.asc > "...a hundred billion castaways looking for a home." --- Sting > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.1 (GNU/Linux) > Comment: For info see http://quantumlab.net/pine_privacy_guard/ > > iD8DBQFAcm+LIR7qMdg1EfYRAiy1AJ9/kHvF125iphdpTpzhOTR3bGIk5wCfQiyC > DfuYD54GBUh+4irRyE/y6fI= > =Y2uI > -END PGP SIGNATURE- > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP violation ?
Hi everybody, Sorry to bother everyone with probs that have certainly been solved a hundred times ...But I'm getting nutz about something not working for several days. The solution may (sure it is, in fact) be easy, but it's not clear anymore for such a Samba newbie like me. Samba version = 3.0.2 Running on Linux Mandrake 10 I went through to whole install process to have my Linux server to behave like a Domain PDC (Bind 9 + Samba + CUPS + OpenLdap). Then I configured Samba (smb.conf) to work with my OpenLdap server (last version). I don't say that it was easy, but everything seem to correctly working. The problem is when I start addind users using the 'smbpasswd' command. I get an objectclass violation which says it cannot modify the 'userPassword' attribute. After some searching, I noticed the 'userPassword' attribute was only defined in the 'PosixAccount' objectclass. If I use a LDAP browser to look what's in my directory, I see the user account, but he only has the 'SambaSamAccount' objectclass. So it seems completly correct : if the 'PosixAccount' objectclass is not added, then how could the 'userPassword' attribute be used in that object ... Then why the command does not add that objectclass ? Here's is the result of a smbpasswd command : ('smbpasswd -a aequoy') New SMB password: Retype new SMB password: ldapsam_modify_entry: LDAP Password could not be changed for user aequoy: Object class violation entry modify failed ldapsam_add_sam_account: failed to modify/add user with uid = aequoy (dn = uid=aequoy,ou=accounts,ou =Samba,dc=Alicante,dc=fr) Failed to add entry for user aequoy. Failed to modify password entry for user aequoy Am I doing something wrong ? Thanx for your help. Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Object class violation
All, I am trying to use our Netscape LDAP server(V4) for username and password authentication. I am successfully connecting to the server but then I get the following messages: [2004/04/07 15:15:48, 2] lib/smbldap.c:smbldap_open_connection(626) smbldap_open_connection: connection opened [2004/04/07 15:15:48, 3] lib/smbldap.c:smbldap_connect_system(793) ldap_connect_system: succesful connection to the LDAP server [2004/04/07 15:15:48, 3] lib/smbldap.c:smbldap_search_domain_info(1342) Got no domain info entries for domain [2004/04/07 15:15:48, 3] lib/smbldap.c:add_new_domain_info(1234) Adding new domain [2004/04/07 15:15:48, 1] lib/smbldap.c:add_new_domain_info(1301) failed to add domain dn= sambaDomainName=SPIKEMAN,o= with: Object class violation [2004/04/07 15:15:48, 0] lib/smbldap.c:smbldap_search_domain_info(1350) Adding domain info for SPIKEMAN failed with NT_STATUS_UNSUCCESSFUL [2004/04/07 15:15:48, 2] passdb/pdb_ldap.c:pdb_init_ldapsam(2361) pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain Do I need to add the amba schema definitions to the ldap server or do I have another problem? TIA Spike -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ACL group permissions only work on primary group
I am currently using Samba 3.0.2 with Fedora Core 1. I have also duplicated the problem on a test environment. Sam -Original Message- From: Radio Gong 2000 GmbH & Co. KG [Technik] [mailto:[EMAIL PROTECTED] Sent: Thursday, April 08, 2004 2:08 AM To: [EMAIL PROTECTED] Cc: Sam Aylestock Subject: Re: [Samba] ACL group permissions only work on primary group Maybe I am wrong now, but as far as I now there have been several bugfixes according ADS, ldap and kerberos. Anyway an alpha-version is not for a production environment, so update to the latest version of samba! Best greetz Sascha Am Mittwoch, 7. April 2004 23:14 schrieb Sam Aylestock: > My apologiesthis is the info from the original post and I am > having the exact problem. The only difference is I am using the > current version of SAMBA(3.02)and Fedora Core 1. The original is as follows... > > Intro: > There have been a few postings on this subject with few answers. If > anyone knows where to point those of us trying to work this out, or > will enlighten us as to the limitations of ACL's and Samba, we would > appreciate your help. So far, acl.bestbits.at does not have any > information on this particular problem. > > Environment: > Samba 3.0 alpha 21 or 23 (I skipped 22, but most likely it had the > same > problem) > Red Hat 8.0 > Kernel 2.4.20 w/ acl patches from acl.bestbits.at > Ext3 filesystem mounted w/ acl option > > Problem: > Samba is successfully authenticating users via a W2K domain using ADS. > Logins and passwords work great, individual file access permissions > work fine. The problem is when setting group file or directory access > permissions, Samba/Linux only recognizes a user's "primary group". > This means if a user is a member of more than one group (by default, > everyone is a member of Domain Users which is also their primary > group) only their primary group is looked at for file/directory access > permissions on the Samba server. > > This causes two problems: > > 1) I have to manually go through every user (250+) a set their default > group to something other than Domain Users (unless, of course, that's > adequate for my needs). This is time consuming, but I can live with it. > > 2) The bigger problem is that a person can only receive access to > files/directories based on membership in only one group. For example, > John is a member of coders and a member of management with coders > being his primary group. Without assigning individual rights, John > will only be able to access the coders directory and will not have > access to the management directory even though the management group > has full access to it. Yes, it would be easy to just assign John > individual rights to the management directory, but this becomes an > exponential headache when you multiply this scenario out across a large company of similar situations. > > > > Sam Aylestock > Sr. Network Administrator > TREEV > Proven Solutions . Real Results .(tm) > Tel: 703-904-3139 > http://www.treev.com/ > > > -Original Message- > From: Radio Gong 2000 GmbH & Co. KG [Technik] > [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 07, 2004 5:09 PM > To: Sam Aylestock; [EMAIL PROTECTED] > Subject: AW: [Samba] ACL group permissions only work on primary group > > Can u please describe ur problem a bit more? > > Regards > > Sascha > > -Ursprungliche Nachricht- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Auftrag von Sam Aylestock > Gesendet: Mittwoch, 7. April 2004 23:02 > An: [EMAIL PROTECTED] > Betreff: [Samba] ACL group permissions only work on primary group > > > I just join this list. Did anyone give a reply to this question? I > have been struggling with this same problem. > > Sam Aylestock > Sr. Network Administrator > TREEV(r) > Proven Solutions . Real Results .(tm) > Tel: 703-904-3139 > http://www.treev.com/ > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Some basic questions about accessing DFS/DCE shares with SAMBA 3.0
Hi Guys- We are a group involved in a project to move an application from Windows to AIX, and part of the application involves reading OSF DFS shares, and making the filesystem available to Windows machines through SAMBA. The conversion of the application has gone well, but it is our first time using SAMBA and I have some questions that hopefully are not too dumb, and if they are, we would gladly appreciate being pointed to any HOWTO's (not that we didn't look for them!) that would explain how to get around our current problems. We installed SAMBA 3.0, and we can see it is working in the sense we can see shares available through our remaining windows boxes, so we know we're at least doing something right! Our questions are: 1) We had made the assumption that SAMBA 3.0 would be able to read the OSF DFS file shares, and make them available as a Windows file share. In effect, it would be a go-between with the two file systems. Are we correct? We can find all kinds of documentation hinting at this but no documentation that spells it out for us (probably too obvious for SAMBA old-timers, but we're just going back to basics in making sure we're operating under the correct assuptions). 2) If question #1 is correct, is there any special configuration, compilation, or invokations we need to do to make SAMBA use the DCE/DFS credentials? For example, on AIX, when we want to use a DFS/DCE file share, we use this command: dce_login dfsuser abc123 (the principal is 'dfsuser', the password 'abc123') and then the directory /.../remoteoffice.ourcompany.com/fs is available to us to work with. When we log in, the DCE principal and password gives us a "invalid password" error, although our regular AIX logins work splendidly (we only get the default permissions available to our logins, which is to browse but not write). Is there a special way to get SAMBA to use the DFS shares using DCE credentials? Any hints on what to watch for in the logs and so on would be appreciated! -Derrick (pancakeshead at yahoo dot com) Here is our complete smb.conf file, just in case there are errors in it that sharp eyes can spot (we connect to the share 'dfssb'): [global] guest account = guest log file = /tmp/samba1.log %m log level = 8 password level = 8 [homes] comment = Home Directories browsable = no read only = no create mode = 0750 [namespace] comment = DCE - DFS Global Root path = /... public = no writable = yes [dfssb] comment = Corporate Cell path = /.../neregion.ourcompany.com/fs browseable = no read only = no This e-mail may contain confidential or privileged information. If you think you have received this e-mail in error, please advise the sender by reply e-mail and then delete this e-mail immediately. Thank you. Aetna -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Undoing Signorseal registry patch
We recently migrated to samba 3. All our XP Pro PC's have the Signorseal patch and, last year, I did not save the registry values before applying the patch. Does anyone know what the original values were before the patch? Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Why samba-3.0.2 give me this error message?
Hi Jerry, I have upgrade to the latest Samba version which is samba-3.0.3.p2,1 on my machine after Timur the samba-devel port maintenance commited the new release. Thanks to Timur for the greate job...:) Then after I have upgrade to samba-3.0.3.p2,1 the "ldapsam_search_one_group: Query was: ou=groups,dc=test,dc=com, (&(objectClass=posixGroup)(gidNumber=4294967295))" GONE from my /var/log/message. Thank to the SAMBA TEAM..:) However below error message still appear in my /var/log/message Apr 8 19:36:12 my-svr smbd[6371]: [2004/04/08 19:36:12, 0] smbd/service.c:make_connection(771) Apr 8 19:36:12 my-svr smbd[6371]: suhaimi-wxp (10.1.6.185) couldn't find service home Apr 8 19:36:12 my-svr smbd[6371]: [2004/04/08 19:36:12, 0] smbd/service.c:make_connection(771) Apr 8 19:36:12 my-svr smbd[6371]: suhaimi-wxp (10.1.6.185) couldn't find service home Apr 8 19:36:12 my-svr kernel: Connection attempt to TCP 10.1.6.111:80 from 10.1.6.185:2334 flags:0x02 Apr 8 19:36:13 my-svr last message repeated 2 times Apr 8 19:38:47 my-svr smbd[6402]: [2004/04/08 19:38:47, 0] lib/smbldap.c:smbldap_open(819) Apr 8 19:38:47 my-svr smbd[6402]: smbldap_open: cannot access LDAP when not root.. Apr 8 19:38:47 my-svr smbd[6402]: [2004/04/08 19:38:47, 0] passdb/pdb_ldap.c:ldapsam_search_one_group(1764) Apr 8 19:38:47 my-svr smbd[6402]: ldapsam_search_one_group: Problem during the LDAP search: LDAP error: (Insufficient access) my-svr# pkg_info | grep samba samba-3.0.3.p2,1A free SMB and CIFS client and server for UNIX OS: FreeBSD 5.2.1-RELEASE-p4 Really appreciate your advice Regards, Suhaimi Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Suhaimi Jamalludin wrote: | Hi All, | | Need your expert advice regarding Samba3 + OpenLDAP. | I have configure openldap and Samba3 on my FreeBSD5.2.1. I have make | Samba3 as a PDC on and Authenticate using LDAP. | Everythings works fine I can login using sambauser1 to my Samba3-PDC | and do profile roaming. However I come accross bellow error message on | my /var/log/message and it's really annoying me. | | Can some body advice me how to make this error go away...I'm in the | final phase to real the system to my user. | | Short Error Message Desc: | --- | failed to decode PDU | process_request_pdu: failed to do schannel processing. | smbldap_open: cannot access LDAP when not root.. | ldapsam_search_one_group: Problem during the LDAP search: LDAP error: | (Insufficient access) | ldapsam_search_one_group: Query was: ou=groups,dc=test,dc=com, (&(objectClass=posixGroup)(gidNumber=4294967295)) Should be fixed in 3.0.3pre2. Related to bug 1023 IIRC. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAc+kBIR7qMdg1EfYRAnujAJ9DAp78gVFHrk6s1vp91sLi5vRfpgCfV9+c /SUOtSSDXJLWJTdwBUZVQlw= =8CyZ -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Sub: INTRODUCTION FOR SUPPLY OF SPECIAL CABLES We have pleasure in introducing ourselves as manufacturer's of specialised cables for over two decades catering to the needs of the Fertilizer, Chemical, Petrochemical, Oil & Gas, Steel, Power, Cement, Ceramic, Glass, Paper, Sugar and other industries. The following are some of the cables made by us: ANY CABLE, ANY TIME, ANY QUANTITY FLEXIBLE WIRES & CABLES Single Core Wire Wires Multicore Flexible Cables Flexible Power Cables FLEXIBLE SHIELDED CABLES DATADSHIELD Foil + Braid Screened SCREENCAB Braid Shielded Cables SHIELDCAB Foil + Braid Shielded TP-SHIELDCAB Foil + Braid Shielded PROCESS CONTROL CABLES POWERCON Copper Cables Control & RTD Cables Instrumentation Signal Cables - Multicore / Multipair / Multitriad Thermocouple Extension Cables Thermocouple Compensating Cables Instrument Tubing Bundles DATA COMMUNICATION CABLES LAN, Computer, Data Cables Coaxial, Twinaxial, Bus Cables UTP Cat 5/6/7, Networking Cables RS 232, 422, 423, 485, etc Cables ELASTOMER CABLES Single Core Flexible, Lead Wires Elastomer Control, Power Cables- VIR, TRS, EPR, PCP, CSP HOFR Portable Power Cables Lift & Elevator Cables SILICONE RUBBER CABLES Single Core Flexible Lead Wires Flexible Multicore Cables Control, Power, Signal Cables SPC-180 Silicone Cables SILCAB-HRP Cables SILCAB-HRLSF Cables FIRE RESISTANT CABLES FRLS Cables Zero Halogen LSF Cables Fire Survival Cables MATERIAL HANDLING CABLES Round & Flat Festoon Cables Crane & Hoist Trailing Cables Reeling Unreeling Cables Composite Reeling Track Cables PTFE TEFLON CABLES Single Core PTFE Wires Control & Power PTFE Cables Screened PTFE Data Cables PTFLEX-HRP Cables PTFE Coaxial Cables HV PTFE Ignition Wires FIBRAFLAME Fire Survival Cables ELECTRONIC WIRES AND CABLES Security & Fire Alarm Cables CCTV Camera, Composite Cables Robot, Servo, VFD Cables Broadcasting, Microphone Cables SPECIAL APPLICATION CABLES CHAINCAB Track Chain Cables MT-FLEX Machine Tool Cables Marine and Offshore Cables Space and Defence Cables F.G, Asbestos, Ceramic Cables ACCESSORIES Steel Wire Reinforced Flexible- PVC Conduits & Hoses High Temperature Sleeves Heat Shrink Sleeves Flexible Copper Braids Flexibusbar Cables We have recently developed manufactured and supplied RADIATION FREE cables to BARC. We shall be pleased to provide further information, samples and technical literature covering the above products. We also manufacture import substitute custom designed cables. Regards Sunil Pagaria Sushil Cables Pvt Ltd, Unit No.1, Plot AH-1, Cama Industrial Estate, Walbhat Road, Goregaon East, Mumbai 400063, India Tel: 022-26852297 / 26852239 Fax: 022-26251359 Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba problem
Hi List, I am new to this group and also samba :) I have setup a samba server on hp-ux 10.20 and 11.00. I have a very basic smb.conf file but when the smbd daemon reaches 20 in the samba server, no W2k client can connect to samba shares. They get "remote computer not available" message ! I am using samba only for file sharing.. Any ideas ? Thanks,regards! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding computer to domain
Hi! I try to add a computer to my domain and I found a problem with samba. I use the IDEALX smbldap script for create entry in LDAP tree. If I uncomment the add_machine_mkntpasswd, the samba faild. If the add_machine_mkntpasswd is commented, I cannot add the computer to, because the SambaSID already exist. I found the problem. The last time that a computer will be added succesfully, samba converted the posixAccount to account schema. And the account schema don't have uid attribute or my configuration is misconfigured. And the script smbldap don't find correcly uid for machine account. Before adding the next machine, I will must export the last added machine to LDIF,n modify it for add posixAccount and some information, re-import to LDAP. I anyone have some information or help me Samba 3.0.2a OpenLDAP 2.1.25 RedHat 8.0 Thank you Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Internal Error and Panic in smbd samba-3.0.2a
Situation: 12 Networkprinters from which 5 are laserjet 4000 printers called: HP_4000_1 till _5 Cups is printer daemon Recently after upgrading to 3.0.2a two workstations create the following panic in smbd when trying to use the HP_4000_2 printer : --- [2004/04/08 11:37:15, 0] smbd/service.c:set_admin_user(321) administrator logged in as admin user (root privileges) [2004/04/08 11:37:16, 0] lib/fault.c:fault_report(36) === [2004/04/08 11:37:16, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 4373 (3.0.2a) Please read the appendix Bugs of the Samba HOWTO collection [2004/04/08 11:37:16, 0] lib/fault.c:fault_report(39) === [2004/04/08 11:37:16, 0] lib/util.c:smb_panic(1400) PANIC: internal error [2004/04/08 11:37:16, 0] lib/util.c:smb_panic(1408) BACKTRACE: 16 stack frames: #0 /usr/local/samba/sbin/smbd(smb_panic+0x195) [0x8180ad1] #1 /usr/local/samba/sbin/smbd [0x8170b4b] #2 /usr/local/samba/sbin/smbd [0x8170bb5] #3 /lib/libc.so.6 [0x401ef288] #4 /usr/local/samba/sbin/smbd(print_queue_status+0x137) [0x819adfb] #5 /usr/local/samba/sbin/smbd [0x8086737] #6 /usr/local/samba/sbin/smbd(api_reply+0x2b4) [0x808c598] #7 /usr/local/samba/sbin/smbd [0x8083f8b] #8 /usr/local/samba/sbin/smbd(reply_trans+0x9b0) [0x8084a90] #9 /usr/local/samba/sbin/smbd [0x80b8b08] #10 /usr/local/samba/sbin/smbd [0x80b8b9e] #11 /usr/local/samba/sbin/smbd(process_smb+0x1be) [0x80b8e8e] #12 /usr/local/samba/sbin/smbd(smbd_process+0x14f) [0x80b98bf] #13 /usr/local/samba/sbin/smbd(main+0x733) [0x81ce8cf] #14 /lib/libc.so.6(__libc_start_main+0xbd) [0x401de17d] #15 /usr/local/samba/sbin/smbd(fsetxattr+0x39) [0x8072771] [2004/04/08 11:37:16, 0] smbd/service.c:set_admin_user(321) -- Rest of the users can print etc. and allso the other HP_4000 printers are no problem , only this one HP_4000_2 printer for only two users. The printer shows itself as offline in the printer settings on those two workstations and when administrator tries to reconnect the printer, the above error occurs. TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Accent with winbind and pam_mkhomedir
Hello I am using Winbind to authenticate user against an NT Domain. client are mainly using Win98 I use pam_mkhomedir to auto create home directory of my users. everything work fine. even the accents in the shared directory but when i try to logon for the first time with an accented username it create a home directory with strange characters invitÙ seen from win98 and invi_ seen from linux. it seems that the code page and de character set parameter is not passed to winbind or does not affect the username dialog. or the pam_mkhomedir... i am a bit lost there help needed do i miss something thanks for your help Benjamin CLEYET-MARREL Open Wide -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Deleting of Desktop Icons
Andrei Mikhailovsky schrieb: | I delete some Icons/Documents on my Desktop. After a new login, they | will be on my Desktop again. | | Is this a Windows- or a Samba-Problem? | | Environment: Samba 3.02a, Win NT (SP6), 2K (Varius Service Packs) I have the same issue as well, on XP and 2k. sometimes it actually deletes icons and folders, but most often they are recreated after a login. It might be an issue with roaming profiles from the samba side, I never managed to find an answer. I've read following: Whenn the client logoff, it copies all of his profile-data to the server as prf*.tmp -files. After succesfull copy of one file, it will be renamed to a properly filename. The old original file on the server will by overwrite. But what happen, when there is still a file on the server, which is just deleted on the client? That's the problem. Is this property also verified under Windows-Server? matze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Deleting of Desktop Icons
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have the same issue as well, on XP and 2k. sometimes it actually deletes icons and folders, but most often they are recreated after a login. It might be an issue with roaming profiles from the samba side, I never managed to find an answer. - -- Andrei Mikhailovsky Arhont Ltd - Information Security Web: http://www.arhont.com Tel: +44 (0)870 4431337 Fax: +44 (0)117 9690141 PGP: Key ID - 0xFF67A4F4 PGP: Server - keyserver.pgp.com Matthias Spork wrote: | Hello, | | I delete some Icons/Documents on my Desktop. After a new login, they | will be on my Desktop again. | | Is this a Windows- or a Samba-Problem? | | Environment: Samba 3.02a, Win NT (SP6), 2K (Varius Service Packs) | | matze -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFAdRZ15bSBOf9npPQRAiZbAKCcdxqXTtBgpbAyORKqLeVeNBmKPACfd+5S IFldLIjkX5MHLRQ9K7rhYPg= =GKo1 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Undeliverable message returned to sender
This message was created automatically by mail delivery software. Delivery failed for the following recipients(s): [EMAIL PROTECTED] The message you sent contained an attachment which the recipient has chosen to block. Usually these sort of attachments are blocked to prevent malicious software from being sent to the recipient in question. The name(s) of the blocked file(s) follow: your_bill.pif To send this file, please place it in a compressed archive using WinZip (http://www.winzip.com) or the archive software of your choice. - Original Message Header - Received: by mail22-haw (MessageSwitch) id 1081412033801886_30664; Thu, 8 Apr 2004 08:13:53 + (UCT) Received: from snapserver.com (unknown [217.77.65.12]) by mail22-haw.bigfish.com (Postfix) with ESMTP id BCDD128E39F for <[EMAIL PROTECTED]>; Thu, 8 Apr 2004 08:13:30 + (UCT) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Your bill Date: Thu, 8 Apr 2004 09:13:22 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_NextPart_000_0014_6077.5EF3" X-Priority: 3 X-MSMail-Priority: Normal Message-Id: <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Deleting of Desktop Icons
Hello, I delete some Icons/Documents on my Desktop. After a new login, they will be on my Desktop again. Is this a Windows- or a Samba-Problem? Environment: Samba 3.02a, Win NT (SP6), 2K (Varius Service Packs) matze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Urgent Help Please
check if the cups demon is still running...! also see what lpq does.. (que status) there was a printer bug prior to version 302...! so you might consider updating to the latest version, where it might be fixed.. l8r. - Collen Blijenberg (Montessori Lyceum Herman Jordan) Wednesday, April 7, 2004, 7:01:36 PM, you wrote: RJ> same problem here (samba 3.0.2a cups 1.1.19, suse9 pro) with win9x RJ> clients. Until we update to 3.0.3pre1 (rpms on RJ> ftp.suse.com/people/gd/) there were no more RJ> "lib/util.c:smb_panic"-messages at all. RJ> bye, RJ> Rainer >> Hi All, >> >> We have been running Samba (3.0.2), CUPS on SUSE 9 Pro for some >> time now with no problems. This morning however it all seems to >> have gone wrong, and the users on site can no longer print. When a >> user prints a document nothing comes out on the printer and further >> investigation in the Windows printers folder reveals the printers >> are sat with 'x' amount of jobs on them and constantly refreshing, >> opening the print queue on the users window machine reveals no jobs >> in the queue at all. >> >> I have tried all the usual, restarting the daemons and >> rebooting the machine, I even considered a removal and reinstall of >> Samba, the system logs show that the SMBD is having a panic each >> time a user tries to print or view the print queues. >> >> Does anyone have any suggestions how I can resolve this issue? >> We migrated this box from Windows due to stability problems, and I >> really don't want to have to go back to Windows for my print server. >> >> Many Thanks In Advance >> >> Jez. >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: http://lists.samba.org/mailman/listinfo/samba >> >> -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba