[Samba] Mail Delivery Failure
Delivery Failure Report. The following message was incorrectly addressed. Recipient: "neilg" is unrecognised. Please contact "[EMAIL PROTECTED]" for further assistance --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with Filenames
Hi, I've got a problem, in one folder shared with samba 3.0.2a on Suse 9.0 configured as LDAP PDC there are 41155 Files. All of these files have a name-schema like 12345600a2.pdf. But when I connected to this share with smbclient an type: > smbclient server\\pdf -U kuznik Password: Domain=[DOM] OS=[Unix] Server=[Samba 3.0.2a-SuSE] smb: \> cd MH smb: \MH\> ls 8641* 84756300a3.pdf A 106348 Thu Apr 22 16:35:44 2004 37157 blocks of size 1048576. 6900 blocks available smb: \MH\> You'll see this is wrong because there isn't really a file begins with 8641!!! When I use the cmd of w2k I become the same! And this is not the only failure, when typing a 2 digit number like 73* or 82* you become the same garbage! smb: \MH\> ls 73* 7307.pdfA39302 Thu Apr 22 16:25:49 2004 73066000.pdfA39302 Thu Apr 22 16:25:48 2004 71134700a3.pdf A 134871 Thu Apr 22 16:25:47 2004 73061700.pdfA39302 Thu Apr 22 16:25:48 2004 74162800a2.pdf A 167681 Thu Apr 22 16:25:49 2004 74265300a2.pdf A 174921 Thu Apr 22 16:25:55 2004 70247300a2.pdf A 873184 Thu Apr 22 16:25:46 2004 74101100a2.pdf A92476 Thu Apr 22 16:25:49 2004 73000300.pdfA39302 Thu Apr 22 16:25:48 2004 70125200a4.pdf A 110801 Thu Apr 22 16:25:46 2004 73010800a3.pdf A72727 Thu Apr 22 16:25:48 2004 73001000.pdfA39302 Thu Apr 22 16:25:48 2004 70404300a4.pdf A42099 Thu Apr 22 16:25:47 2004 73034400a3.pdf A 301650 Thu Apr 22 16:25:48 2004 73001100.pdfA39302 Thu Apr 22 16:25:48 2004 37157 blocks of size 1048576. 6900 blocks available smb: \MH\> Now I don't have an idea where to search. Can anyone help me? thx Michael -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Migration succesful , but can't add machine to domain
> To rule out the obvious... Did you perform "smbpasswd -a root" on the > PDC? Did you also add "admin users = root" in your global section? Just > curious are you actually using the network address 172.0.0.0 for your > setup? > > Marcus O. No, I didn't add root to smbpasswd, but i don't want to use smbpasswd, I wanna use tdbsam, as well this case there isn't root in smbpasswd, is there? It isn't in global section. Yes, of course, 172.0.0.0, what is wrong, if I know well, it is a private IP range, like 10.x.x.x, well? Regards, Roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] WINBIND HELP!!!!
HI, I am trying to setup winbind on Samba 3.0.2 running on Red Hat AS 3.0. I have completed most of the steps of setting up winbind successfully but when it came for me to login in using the AD account username and password, it didn't allow me to login. the error message i am getting is incorrect password or check username. During the setup i tested the wbinfo -u command and i was successfully able to query the AD username list from the MS PDC server. if anyone is encountered similar problem i would glad to listen in on how fix this issue. thanks, -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Migration succesful , but can't add machine to domain
On Mon, 2004-04-26 at 16:38, LanRol wrote: > from [EMAIL PROTECTED] > > > > What do your logs tell you? > > > > What do you have for your add machine script = ? > > > > Cheers! > > -- > > > my smb.conf is > > [global] > workgroup = SOLARSYSTEM > netbios name= Sedna > server string = Samba szerver > > wins support= yes > name resolve order = wins lmhosts hosts bcast > socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 > os level = 64 > > local master= yes > preferred master= yes > domain master = yes > > domain logons = yes > passdb backend = tdbsam:/etc/samba/passdb.tdb > > dos charset = CP852 > unix charset= ISO8859-2 > case sensitive = no > default case= lower > preserve case = yes > > security= user > encrypt passwords = yes > > log file= /var/log/samba/log.%m > log level = 3 > max log size= 50 > hosts allow = 127.0.0.1 172.0.0.0/255.255.255.0 > interfaces = eth1 172.0.0.0/255.255.255.0 > 127.0.0.1 > > logon path = \\samba\profiles\%U > logon script= %G.cmd > > add user script = /usr/sbin/useradd -s /bin/false > '%u' > add group script= /usr/sbin/groupadd '%g' && getent > group '%g' |awk -F: '{print $3}' > add user to group script= /usr/bin/gpasswd -a '%u' '%g' > add machine script = /usr/sbin/useradd -d /dev/null -g > machines -s /bin/false -M '%u' > set primary group script= /usr/sbin/usermod -g '%g' '%u' > delete user script = /usr/sbin/userdel '%s' > delete group script = /usr/sbin/groupdel '%g' > delete user from group script = /usr/bin/gpasswd -d '%u' '%g' > ... > > > # smbclient -U% -L localhost > Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE] > > Sharename Type Comment > - --- > netlogon Disk login scriptek > installDisk telepitok > works Disk Munkakonyvtar > public Disk Kozos konyvtar > developmentDisk A fejlesztok cuccai > IPC$ IPC IPC Service (Samba szerver) > ADMIN$ IPC IPC Service (Samba szerver) > Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE] > > Server Comment > ---- > SEDNASamba szerver > > WorkgroupMaster > ---- > SOLARSYSTEM SEDNA > > > # smbclient //sedna/netlogon -u admin > session setup failed: NT_STATUS_LOGON_FAILURE > > and log file shows: > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(219) > check_ntlm_password: Checking password for unmapped user > [EMAIL PROTECTED] with the new password interface > [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(222) > check_ntlm_password: mapped user is: [EMAIL PROTECTED] > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 > [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 > [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 > [2004/04/26 21:37:17, 3] auth/auth_sam.c:check_sam_security(200) > check_sam_security: Couldn't find user 'root' in passdb file. > [2004/04/26 21:37:17, 3] auth/auth_winbind.c:check_winbind_security(80) > check_winbind_security: Not using winbind, requested domain [SOLARSYSTEM] > was for this SAM. > [2004/04/26 21:37:17, 2] auth/auth.c:check_ntlm_password(312) > check_ntlm_password: Authentication for user [root] -> [root] FAILED with > error NT_STATUS_NO_S
[Samba] warnings when running configure for samba3.0.2a on FreeBSD 5.2.1 Release
Should I do anything to the following ? And how to do it ? Thanks . ___ configure: WARNING: net/if.h: present but cannot be compiled configure: WARNING: net/if.h: check for missing prerequisite headers? configure: WARNING: net/if.h: proceeding with the preprocessor's result configure: WARNING: rpcsvc/yp_prot.h: present but cannot be compiled configure: WARNING: rpcsvc/yp_prot.h: check for missing prerequisite headers? configure: WARNING: rpcsvc/yp_prot.h: proceeding with the preprocessor's result configure: WARNING: sys/mount.h: present but cannot be compiled configure: WARNING: sys/mount.h: check for missing prerequisite headers? configure: WARNING: sys/mount.h: proceeding with the preprocessor's result configure: WARNING: netinet/ip.h: present but cannot be compiled configure: WARNING: netinet/ip.h: check for missing prerequisite headers? configure: WARNING: netinet/ip.h: proceeding with the preprocessor's result -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't get SWAT to work...
Thanks Paul. That's all it was. :-) Regards, Brad Paul Gienger wrote: Unless you're sitting at the console of the machine and specifying http://localhost:901 you want to take out the only_from line in your config file. You will not see it in your process list. Make sure you restart or HUP your xinetd. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] build flags & profile migration
Hi, I'm having some interesting issues with Samba v3.0.2a and was woundering if anyone has noticed probs in building with the following flags on Redhat 9; --with-ads --with-automount --with-smbmount --with-quotas --with-acl-support --with-msdfs I've also posted this a few times before but was woundering if anyone has figured out a way to gracefully migrate user profiles from a Samba 2.2.7 domain to a Samba 3.0.2a domain (same domain name). -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Performance: Samba 3 vs. Windows 2003
Samba guru's: Our Samba 3 network performance is half that of Windows 2003 Server. I really want to stay with samba/unix, but half the performance? I'm hoping someone can point me in the right direction so we can keep using samba/unix. I'll try to give as much detail without giving pages and pages of benchmark numbers. If someone wants to see numbers, I'll send them: Fileserver is Dell PE2600, Dual Xeon 18GHz, 2GB memory, Gig NIC. System is dual boot RHEL3-AS with an ext3 filesystem and Windows 2003 Server with NTFS. The fileserving disk is a SATA-SCSI RAID enclosure. Bonnie++ and iozone both show that the RAID enclosure can do 80MB/sec writes and 40MB/sec reads on the ext3 in linux. Benchmarks in windows 2003 are very similar. Why it gets faster writes than read, I don't know, and I don't care right now. What I'm worried about is our samba network performance. Clients are Windows XP/2K/NT4 pro with all patches installed and Gig NICs. All the clients can netperf to the server at 60+MB/sec, some even faster. No collisions on the NICs, nothing wrong with the network. There is a cisco Gig switch inbetween the client and the server as well. Here is the bottom line: When the server is running samba 3, the clients get 12-13MB/sec. When the server is running windows 2003, the clients get 24-26MB/sec. Keep in mind the server hardware is exactly the same, the only thing I change is the software. Windows 2003 beets up Samba 3, hands down. However, all this testing is done by just drag and drop, and looking at the clock to time it. Not the best way to do it, but I don't know of another way now, suggestions welcome. The difference is obvious and consistent: 500MB file in samba 3 writes to disk in 42 seconds, but writes to windows 2003 disk in 21 seconds. I can produce the same results on all of our clients any time of the day. I've tried changing the smb.conf socket options (TCP_NODELAY, SO_SNDBUF, etc.) to 65523, 242xxx, whatever. /etc/init.d/smb restart, then try again. No change in performance whatsoever. Still 12-13MB/sec. I've also set other options in smb.conf, such as xmit, write size, read size, but nothing seems to change the fact that samba 3 can't do more than 12-13MB/sec. I've also searched the list, and found some people had success in performance issues by changing the SO_SNDBUF, but they didn't list any benchmark numbers. Maybe they were happy with 12-13MB/sec, but I'm not, especially if something else can get 25MB/sec. Any input is welcome. Alex --- --- Alex Lazarevich | Systems Administrator | Imaging Technology Group Beckman Institute | University of Illinois | www.itg.uiuc.edu --- --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Anyone know where I can get Kerberos 1.3.1 RPMs???
>From what I have read, the default kerberos (v1.2.7) in Red Hat Linux 9 will not work for Windows 2003 AD authentication/Samba. I have looked and searched and googled for the RPMs. I would even settle for Fedora builds, but I cannot even find those. I anyone has a clue as to where I could find them, it would be appreciated. Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] should I use idmap?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Farkas Levente wrote: | hi, | suppose I have a samba 3 server with ldap backend and | all users has both the sambaSamAccount and posixAccount. | than it's enough or should I have to use idmap and create a | new tree on my ldap server for the unix <-> windows id mapping? | thnaks in advance. the idmap options are only used by winbindd for handling trusted users (or possibly the 'winbind enable local accounts' options). I doubt you need them in your case unless you want to support trusts between the Samba domain and other domains. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjYn1IR7qMdg1EfYRAjY0AKDT35MZgQ9MUZ7CDyONo3RiTw15oACgkL/A x/c/XqaAzBwNuc+4lzBtirc= =l2xF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Yet Another LDAP Question
Jean Krebs Fonseca schrieb: Hi All, I know this must have been discussed around here a million times, but I really didn't find this info anywhere else and I'm on a deadline here. I already have an FC1 server with a working LDAP directory in production. The same server runs a Samba PDC, but not with LDAP functionality yet. All I need to know right now is if I have to include some standard user and group accounts, like Adminstrator and such. Also,how do I generate the NT and Lanman password hashes so I can include them in the uses' ldifs? And please, don't point me to that Samba-LDAP howto 'cause it did nothing but confuse me more. Thanks, hi, sorry but you have to mess with ldap, if you have a existing ldap server , you have to integrate samba schema first and then setup users , groups, computers, but this can be done in many ways, i recommend to try ldap tools from idealix also included in the src of samba in a variation, perhaps you can do a dump of your ldap to a testmachine and play around with this scripts having secure your runnig ldap will not be touched. but you will have to read howtos regards -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is it possible to store XP Profiles on Samba 3.0.2 ?
Mac schrieb: Hi all, Can you use Samba to store an XP Pro profile? I'm running Samba 3.0.2a (compiled from source) on Solaris 9. Compiled it against OpenLDAP 2.1.30 and MIT Kerberos 1.3.3 (both compiled from source from fresh downloads today). Am now trying to get Windows XP Pro to store profiles on to this box. The smbd and nmbd seem to run fine. Every time XP Pro goes to create a user's profile it connects (correctly) to:- \\firesun1\profiles\jsmith but then we get:- [2004/04/26 14:54:11, 1] smbd/service.c:make_connection_snum(705) dltest2 (212.219.217.98) connect to service profiles initially as user jsmith (uid=1935, gid=100) (pid 16145) [2004/04/26 14:54:11, 0] smbd/posix_acls.c:create_canon_ace_lists(1380) create_canon_ace_lists: unable to map SID S-1-5-21-973294077-3660535-3933214913-4632 to uid or gid. and an ugly "the security's wrong on the profile" sort of message on the XP Pro client. So, simple question. Can you use Samba to store an XP Pro profile? Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) for sure samba store profiles from xp, your problem is unable to map SID S-1-5-21-973294077-3660535-3933214913-4632 to uid or gid. regards -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Workaround found, .Xauthority and SMB, Mounting home directory
Hi, Finally got this working!! I have found a potential Workaround to the following error: >/etc/X11/gdm/PreSession/Default: Registering your session with wtmp >and > utmp > /etc/X11/gdm/PreSession/Default: running: /usr/bin/X11/sessreg -a >-w /var/log/wtmp -u /var/run/utmp -x "/var/gdm/:0.Xservers" -h "" -1 >":0" >"test" >Xlib: connection to ":0.0" refused by server >Xlib: No protocol specified > Some prerequisites: I'm running Fedora Core 1 ( stock install ) with pam_mount mounting my home directory on the PDC. I'm reluctantly using GDM ( not my favorite but it will do ) Last, I'm using KDE, but GNOME works too. First, I followed suggestions from previous posts, and did a little tweaking on my own, which include the following: a) I've added the following to the user's .bash_profile: export XAUTHORITY=/tmp/.Xauthority export ICEAUTHORITY=/tmp/.ICEauthority b) NOTE: gnome doesn't require this step. I did some editing of my /usr/bin/startkde script to move all .kde and .kderc etc... files OUT of the home directory. From what I can tell, limits in the SMBFS are not allowing kde to start successfully. (sockets??) This is a heavy workaround, but works nicely in our environment. If you would like details on this fix let me know. **Despite these changes, the above mentioned error was still appearing.** **Here is what I've done:** 1) add the following to the file: /etc/X11/gdm/PreSession/Default XHOST=`which xhost 2>/dev/null` if [ "x$XHOST" != "x" ] ; then echo "Executing xhost +localhost.." exec "$XHOST" +localhost fi I think it's important to add this before the following line: SESSREG=`which sessreg 2>/dev/null` ... Essentially, I'm executing the following command: "xhost +localhost". I used their conventions for running a command, hence the if statement etc... 2) I'm pretty sure you need to restart GDM. 3) now go ahead and log in. It will work perfectly!!! I don't know enough about X to give you a complete explanation for the fix, but using xhost in this fashion allows any user on the host "localhost" to connect to the X server. Without it, the connection is refused, hence the error you were getting. I would gladly accept any feedback or comments on this fix. I'm also very curious if anybody else tried running a GUI with their home directory mounted via SMBFS or NFS? I've attempted both and found SMBFS to be a adequate. This issue was the last to get over. Now I must go through and refine different aspects -- Ben Ford Bio-Logic Aqua Technologies 5001 Lower River Rd Grants Pass, OR 97526 800-FOR-MIST (367-6478) [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't get SWAT to work...
Unless you're sitting at the console of the machine and specifying http://localhost:901 you want to take out the only_from line in your config file. You will not see it in your process list. Make sure you restart or HUP your xinetd. Brad wrote: I have a Red Hat 9 file server and I have been unable to use swat to configure the smb.conf file. I have samba-swat installed and the following in /etc/xintetd: = # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { disable = no port= 901 socket_type = stream wait= no only_from = 127.0.0.1 user= root server = /usr/sbin/swat log_on_failure += USERID = I have restarted xinetd. Should I be able to see swat in the process list? # ps ax|grep swat 24560 pts/1S 0:00 grep swat When I go to a browser and go to: http://:901 nothing happens at all. It just sits there. There is nothing in /var/log/messages or /var/log/messages/samba/* Can anyone shed any light on this? Regards, Brad -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Yet Another LDAP Question
The UNIX passwords are stored with one-way encryption, so unless you want to brute force them all, there's really no good way to get them from the system. If you have their passwords stored in samba someplace already, like tdbsam or smbpasswd, then you can use the pdbedit command with import and export flags to move the accounts over to ldap. I did this with my 2.2.8a smbpasswd file for testing. In that case I pulled my line out into a temporary passwd file on my testbox and ran something like pdbedit --import=smbpasswd --export=ldap and my user gained the new object class and also had the password set. I would imagine you can do the same with tdbsam, although not on a user-by user basis like I did, but that was for testing anyway. Michal Kurowski wrote: Paul Gienger [EMAIL PROTECTED] wrote: I believe the README is out of date. Their website says that something like .80 and up work on 3.x. I have used .84 to populate a 3.0.2 server just fine making only configuration changes like server locations, containers, and domain SID. I did have to hack one script for my purposes, but that was only because my primary ldap server is over a greater-latency-than-local-lan link and replication takes a couple seconds. It relates to my last question: is there any way to for unix->NT password conversion ? I need to create ntAccounts from my shadow passwords (crypt-ed) in the Ldap server. It seems there's no supported way but two problems emerge in here: 1) you have to ask lots of people to type their passwords again 2) you have no control maintain same password policy Cheers, -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't get SWAT to work...
I have a Red Hat 9 file server and I have been unable to use swat to configure the smb.conf file. I have samba-swat installed and the following in /etc/xintetd: = # default: off # description: SWAT is the Samba Web Admin Tool. Use swat \ # to configure your Samba server. To use SWAT, \ # connect to port 901 with your favorite web browser. service swat { disable = no port= 901 socket_type = stream wait= no only_from = 127.0.0.1 user= root server = /usr/sbin/swat log_on_failure += USERID = I have restarted xinetd. Should I be able to see swat in the process list? # ps ax|grep swat 24560 pts/1S 0:00 grep swat When I go to a browser and go to: http://:901 nothing happens at all. It just sits there. There is nothing in /var/log/messages or /var/log/messages/samba/* Can anyone shed any light on this? Regards, Brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Yet Another LDAP Question
Paul Gienger [EMAIL PROTECTED] wrote: > I believe the README is out of date. Their website says that something > like .80 and up work on 3.x. I have used .84 to populate a 3.0.2 server > just fine making only configuration changes like server locations, > containers, and domain SID. I did have to hack one script for my > purposes, but that was only because my primary ldap server is over a > greater-latency-than-local-lan link and replication takes a couple seconds. > It relates to my last question: is there any way to for unix->NT password conversion ? I need to create ntAccounts from my shadow passwords (crypt-ed) in the Ldap server. It seems there's no supported way but two problems emerge in here: 1) you have to ask lots of people to type their passwords again 2) you have no control maintain same password policy Cheers, -- Michal Kurowski perl -e '$_=q#: 13_2: 12/o{>: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#; y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print' -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Migration succesful , but can't add machine to domain
from [EMAIL PROTECTED] > > What do your logs tell you? > > What do you have for your add machine script = ? > > Cheers! > -- my smb.conf is [global] workgroup = SOLARSYSTEM netbios name= Sedna server string = Samba szerver wins support= yes name resolve order = wins lmhosts hosts bcast socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level= 64 local master= yes preferred master= yes domain master = yes domain logons = yes passdb backend = tdbsam:/etc/samba/passdb.tdb dos charset = CP852 unix charset= ISO8859-2 case sensitive = no default case= lower preserve case = yes security= user encrypt passwords = yes log file= /var/log/samba/log.%m log level = 3 max log size= 50 hosts allow = 127.0.0.1 172.0.0.0/255.255.255.0 interfaces = eth1 172.0.0.0/255.255.255.0 127.0.0.1 logon path = \\samba\profiles\%U logon script= %G.cmd add user script = /usr/sbin/useradd -s /bin/false '%u' add group script= /usr/sbin/groupadd '%g' && getent group '%g' |awk -F: '{print $3}' add user to group script= /usr/bin/gpasswd -a '%u' '%g' add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M '%u' set primary group script= /usr/sbin/usermod -g '%g' '%u' delete user script = /usr/sbin/userdel '%s' delete group script = /usr/sbin/groupdel '%g' delete user from group script = /usr/bin/gpasswd -d '%u' '%g' ... # smbclient -U% -L localhost Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE] Sharename Type Comment - --- netlogon Disk login scriptek installDisk telepitok works Disk Munkakonyvtar public Disk Kozos konyvtar developmentDisk A fejlesztok cuccai IPC$ IPC IPC Service (Samba szerver) ADMIN$ IPC IPC Service (Samba szerver) Domain=[SOLARSYSTEM] OS=[Unix] Server=[Samba 3.0.2-SuSE] Server Comment ---- SEDNASamba szerver WorkgroupMaster ---- SOLARSYSTEM SEDNA # smbclient //sedna/netlogon -u admin session setup failed: NT_STATUS_LOGON_FAILURE and log file shows: [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2004/04/26 21:37:17, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2004/04/26 21:37:17, 3] smbd/uid.c:push_conn_ctx(287) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/04/26 21:37:17, 3] auth/auth_sam.c:check_sam_security(200) check_sam_security: Couldn't find user 'root' in passdb file. [2004/04/26 21:37:17, 3] auth/auth_winbind.c:check_winbind_security(80) check_winbind_security: Not using winbind, requested domain [SOLARSYSTEM] was for this SAM. [2004/04/26 21:37:17, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [root] -> [root] FAILED with error NT_STATUS_NO_SUCH_USER [2004/04/26 21:37:17, 3] smbd/process.c:timeout_processing(1104) timeout_processing: End of file from client (client has disconnected). [2004/04/26 21:37:17, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/04/26 21:37:17, 2] s
Re: [Samba] locking files error
Hello Jim. I server access files from 2.2.8 also here. I have oplocks = no for the share i have them on. This will let more then one open the file but only one can write to it the others have read only access. as far as i know only one person here writes to the file at a time an the others can read/ pull info from the file into other files ect ect. hope this helps. jack malone network admin horizon industries At 09:47 AM 4/21/2004, tom wrote: I have moved my Access DB to Mandrake 9.2 running Samba 2.2.8 I can access the data base from one of my WinXp boxes, but if I try to access it at the same time from another WinXP boxes I get "Could Not Lock File" I am running a Peer To Peer network not a domain. Any one know how to get around this problem. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migration succesful , but can't add machine to domain
On Mon, Apr 26, 2004 at 12:27:11AM +0200, LanRol wrote: > Hi all, > > I migrate NT4 PDC to SAmba3 tdbsam backend. All users, groups, machineboxes > are ok. > > When I am try to add Win2k to domain, popup the a windows, I type the DOMAIN > ADMIN username, password, and I get a failer message: > Bad user or password. > > I think my samba doesn't know where is passwd.tdb > > in my smb.conf: > passdb backend = tdbsam:/etc/samba/passdb.tdb > > Any idea what is wrong? What do your logs tell you? What do you have for your add machine script = ? Cheers! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Unable to browse workgroup, shares otherwise accessible
Hi, Thanks for the responses. I did a testparm, which is OK, workgroup is identical, and I do not have to add the "3" to the command names in my case. I have researched this problem some more and I think it might have something to do with my guest account settings. Under Mandrake 9.2 I never setup a guest account explicitly, it just worked without it. I do not have a "nobody" account, which is the default samba guest account, so I setup a "smbguest" account and I set "guest account = smbguest" with no samba password required. This did not help but I increased the log level to 3 and got among others the following log output: ... [2004/04/26 21:00:53, 3] smbd/password.c:register_vuid(240) UNIX uid 503 is UNIX user smbguest, and will be vuid 101 ... [2004/04/26 21:00:53, 2] lib/access.c:check_access(324) Allowed connection from (192.168.1.30) [2004/04/26 21:00:53, 3] smbd/service.c:make_connection_snum(543) Connect path is '/var/tmp' for service [IPC$] [2004/04/26 21:00:53, 3] lib/util_seaccess.c:se_access_check(251) [2004/04/26 21:00:53, 3] lib/util_seaccess.c:se_access_check(252) se_access_check: user sid is S-1-5-21-824483728-3943587780-1468999615-501 se_access_check: also S-1-5-21-824483728-3943587780-1468999615-514 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-32-546 se_access_check: also S-1-5-21-824483728-3943587780-1468999615-2009 [2004/04/26 21:00:53, 3] smbd/vfs.c:vfs_init_default(203) Initialising default vfs hooks [2004/04/26 21:00:53, 2] smbd/uid.c:change_to_user(141) change_to_user: Invalid vuid used 101 or vuid not permitted access to share. [2004/04/26 21:00:53, 0] smbd/service.c:make_connection_snum(627) Can't become connected user! [2004/04/26 21:00:53, 3] smbd/error.c:error_packet(118) error packet at smbd/reply.c(286) cmd=117 (SMBtconX) NT_STATUS_LOGON_FAILURE [2004/04/26 21:00:53, 3] smbd/process.c:process_smb(890) Transaction 9 of length 43 [2004/04/26 21:00:53, 3] smbd/process.c:switch_message(685) switch message SMBulogoffX (pid 18085) [2004/04/26 21:00:53, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/04/26 21:00:53, 3] smbd/reply.c:reply_ulogoffX(1108) ulogoffX vuid=101 See the attached file for a more complete log output. I think the key to my problem is in the log entry: [2004/04/26 21:00:53, 2] smbd/uid.c:change_to_user(141) change_to_user: Invalid vuid used 101 or vuid not permitted access to share. I also found that browse problems can be caused by several things, but they should often be related to guest access problems to IPC$. Do not know if this is the case here but it seems so even though my guest account should be setup now. I have not yet been able to find any relevant information on this, but I hope someone can help. Until then I will continue digging and there are others that can benefit from an answer to this problem... Cheers, Stalkerbrother -Original Message- From: Matthew J. DiBattista [mailto:[EMAIL PROTECTED] Sent: 26. april 2004 17:35 To: 'Stalkerbrother' Subject: RE: [Samba] Unable to browse workgroup, shares otherwise accessible Are the workgroup name the same? I upgraded Samba 2.28 to 3.02 on mdk 9.2 and I have to add a 3 at the end of testparm3, samba3 status, samba3 start Did u do testparm Sincerely, Matthew J. DiBattista Information Technology Technicians -Original Message- From: Stalkerbrother [mailto:[EMAIL PROTECTED] Sent: Saturday, April 24, 2004 4:38 PM To: [EMAIL PROTECTED] Subject: [Samba] Unable to browse workgroup, shares otherwise accessible Hi, After upgrading from Mandrake Linux 9.2 to Mandrake Linux 10 I can no longer browse my workgroup domain in "My Network Places" from my XP Pro clients. However, I can still access the shares on my Samba server without problem using either "Add Network Place" or by entering the path directly in Explorer. Another symptom is found in my Samba log where a lot of the following messages are being produced: [2004/04/24 22:18:13, 0] smbd/service.c:make_connection_snum(627) Can't become connected user! Everything worked perfectly prior to the upgrade, and currently everything besides the workgroup browsing issue still works. I am not a Samba expert, and I searched the net without any decisive results, so I would really appreciate if someone could help me out here. Below you will find essential smb.conf data. Samba version is 3.0.2a. Cheers, Stalkerbrother [global] log file = /var/log/samba/log.%m smb passwd file = /etc/samba/smbpasswd interfaces = eth1 lo bind interfaces only = yes load printers = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 map to guest = bad user encrypt passwords = yes user = stalkerbrother printer admin = @adm dns proxy = no netbios name =
[Samba] 3454 Abends when transferring files to Mapped Samba Drive
Hi, We have a Windows 2000 Server setup to be our FTP server. On the FTP server we have created a MAPPED drive for a AIX 5.1 server using SAMBA.. We are trying to take files from the mainframe (Z/os) to the SAMBA (AIX 5.1) mapped drive on Windows 2000 server. We get a 3454 abend when we submit a FTP job, but if we submit the job immediately after the primary 3454 abend the FTP works OK. In fact we could submit the FTP job 100 times one right after the other and they would all work. But as soon as we leave the drive idle for 10 or 15 minutes we will get a 3454 abend on the next FTP job. Any help would be appreciated. I need a direction to go. Thanks Debbie Reed ** The information contained in this message is confidential and is intended for the addressee(s) only. If you have received this message in error or there are any problems please notify the originator immediately. The unauthorized use, disclosure, copying or alteration of this message is strictly forbidden. Motorists Insurance Group will not be liable for direct, special, indirect or consequential damages arising from the alteration of the contents of this message by a third party or as a result of any virus being passed on. ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] create_canon_ace_lists: unable to map SID
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mac wrote: | [2004/04/23 10:22:32, 0] smbd/posix_acls.c:create_canon_ace_lists(1380) | create_canon_ace_lists: unable to map SID | S-1-5-21-973294077-3660535-3933214913-1177 to uid or gid. Sounds like bug 1139 which was fixed in 3.0.3rc1. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjWN7IR7qMdg1EfYRAjM7AJ0cU81QBdVFKGXWT4aBgd9sZ52P2wCeNObi AOpZtRqgKZ2n7hRO1Smx7D8= =oouU -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Yet Another LDAP Question
I believe the README is out of date. Their website says that something like .80 and up work on 3.x. I have used .84 to populate a 3.0.2 server just fine making only configuration changes like server locations, containers, and domain SID. I did have to hack one script for my purposes, but that was only because my primary ldap server is over a greater-latency-than-local-lan link and replication takes a couple seconds. Jean Krebs Fonseca wrote: I have downloaded the updated set of scripts, but the readme file says they should be modified to work with Samba 3 (I have 3.0.2), since they have been made for Samba 2.2 Is this information outdated? On Monday 26 April 2004 15:44, you wrote: I don't think you 'have' to, but you'll get more functionality if you do. You should go grab the newest idealx LDAP management scripts, you don't say what version of samba you have, but the scripts are probably newer than what you have if you installed from the RPM that came with the base Fedora install. There's a script in that set called something like smbldap-populate that will create all the users and groups you need for Windows equivilency. You will also want to delete the old ones when you put the new in place. At some point they changed from *.pl to just * for the script names. Make sure you edit the config files in the smbldap-tools package before you start monkeying with them, particularly the LDAP container names and your domain SID. Jean Krebs Fonseca wrote: Hi All, I know this must have been discussed around here a million times, but I really didn't find this info anywhere else and I'm on a deadline here. I already have an FC1 server with a working LDAP directory in production. The same server runs a Samba PDC, but not with LDAP functionality yet. All I need to know right now is if I have to include some standard user and group accounts, like Adminstrator and such. Also,how do I generate the NT and Lanman password hashes so I can include them in the uses' ldifs? And please, don't point me to that Samba-LDAP howto 'cause it did nothing but confuse me more. Thanks, -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Message ("The distribution of your message dated Mon, 26...")
The distribution of your message dated Mon, 26 Apr 2004 16:25:09 -0300 with subject "Your information" has been postponed because the JAVA-AWT list is held. No action is required from you; your message will be reprocessed automatically once the list owner releases the list. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Yet Another LDAP Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jean Krebs Fonseca írta: | Hi All, | | I know this must have been discussed around here a million times, but I really | didn't find this info anywhere else and I'm on a deadline here. | | I already have an FC1 server with a working LDAP directory in production. The | same server runs a Samba PDC, but not with LDAP functionality yet. | | All I need to know right now is if I have to include some standard user and | group accounts, like Adminstrator and such. Also,how do I generate the NT and | Lanman password hashes so I can include them in the uses' ldifs? | | And please, don't point me to that Samba-LDAP howto 'cause it did nothing but | confuse me more. | | Thanks, | You can use mkntpwd tool to generate LMPassword and NTPassword hashes, I do so. Attached you will find my root accounts ldif (Passwords removed ;-) ). You will find that it has lots of Objectclasses not necessarily needed for Unix shell or Samba. Take care to use the Samba3 schema /usr/share/doc/samba/examples/LDAP/ Anyway if you configure the ldap backend in Samba and SmbLDAP tools, then a simple pdbedit operation could do the migration to ldapsam. Cheers Geza -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjVdV/PxuIn+i1pIRAtWAAJ0fMwkhFRsx5wcFQ6bVI1yAFi+n7gCfQik2 7ha1Kgx+WzSrJn6907RnO4w= =nkZG -END PGP SIGNATURE- dn: uid=root,ou=People,dc=kzsdabas,dc=hu mailHost: mail.kzsdabas.sulinet.hu objectClass: mailRecipient objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top objectClass: kerberosSecurityObject objectClass: shadowAccount objectClass: sambaSamAccount shadowMax: 60 shadowWarning: 7 shadowInactive: 30 loginShell: /bin/bash uidNumber: 0 homeDirectory: /root cn: LDAP's Fake root Account cn: root sn: LDAP's Fake root Account displayName: LDAP's Fake root Account gecos: LDAP's Fake root Account shadowLastChange: 12013 sambaPwdMustChange: 2147483647 sambaAcctFlags: [U ] sambaPwdCanChange: 1080799858 sambaLogonTime: 2147483647 sambaNTPassword: **REMOVED* sambaPwdLastSet: 1080799858 sambaLogoffTime: 2147483647 sambaLMPassword: **REMOVED* sambaKickoffTime: 2147483647 gidNumber: 4 sambaSID: S-1-5-21-2107120446-224765601-1821260193-500 mail: [EMAIL PROTECTED] mailForwardingAddress: [EMAIL PROTECTED] uid: root krbName: [EMAIL PROTECTED] sambaPrimaryGroupSID: S-1-5-21-2107120446-224765601-1821260193-512 userPassword: {CRYPT}$1$**REMOVED* -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-3 by Example
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ernst Pehl wrote: | Hi, | | the Samba-3 by Example-Book should be appear on the | Samba web site by April 14th under the documentation page. But | there is nothing. Where can I get the pdf-file? The PDF is available now. We had some mirroring problems after the server upgrade. I'm working out the last issue with the HTLM version today. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjVqKIR7qMdg1EfYRAqA0AJ98sQrckcpCoZwPLT9Br6ciuuL4kwCg86V1 /HROQh4wyXXKkgDl+a9Z67k= =R4/z -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Verified bug in Woody Samba
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 blfs wrote: | OK, so I go to this page: | | https://bugzilla.samba.org/enter_bug.cgi | | Now what? | | Samba 2.2 is not listed. Sorry. Thought you were on 3.0. There is no further development going on for the 2.2 branch. If you can reproduce this against 3.0.x, then let us know. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjVmpIR7qMdg1EfYRAn6GAJ4gFWmwCHMaECTlBELJEkJQk5Ah8wCgt0Qg /600h394hWThqbgbOs2ixko= =B7zT -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joe Schmigel wrote: | noticed when I run wbinfo -u, it not only returns the users | on the active directory domain controller, but also the | computer accounts. . Is this an added | feature to Samba 3 or do I have the configuration wrong? It was a necessary change in the winbindd code. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAjVlMIR7qMdg1EfYRAsIfAKCk+e6LQCfTASU5MBqjsDySM+/rcQCfVA5A O1IQXXoEmwmmfChm5VjKws0= =VYWw -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Yet Another LDAP Question
I don't think you 'have' to, but you'll get more functionality if you do. You should go grab the newest idealx LDAP management scripts, you don't say what version of samba you have, but the scripts are probably newer than what you have if you installed from the RPM that came with the base Fedora install. There's a script in that set called something like smbldap-populate that will create all the users and groups you need for Windows equivilency. You will also want to delete the old ones when you put the new in place. At some point they changed from *.pl to just * for the script names. Make sure you edit the config files in the smbldap-tools package before you start monkeying with them, particularly the LDAP container names and your domain SID. Jean Krebs Fonseca wrote: Hi All, I know this must have been discussed around here a million times, but I really didn't find this info anywhere else and I'm on a deadline here. I already have an FC1 server with a working LDAP directory in production. The same server runs a Samba PDC, but not with LDAP functionality yet. All I need to know right now is if I have to include some standard user and group accounts, like Adminstrator and such. Also,how do I generate the NT and Lanman password hashes so I can include them in the uses' ldifs? And please, don't point me to that Samba-LDAP howto 'cause it did nothing but confuse me more. Thanks, -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Domain Admin Group privaleges
I thought this was the problem also, but adding the user to the root group did not yield any change. I'm kind of baffled on this one. > It sounds as it has to do with the Linux privileges. Try this: > > When you create a Samba user, the equivalent account is created in the > /etc/passwd file. Add the Linux user account to the Linux root group. > This will give the user root previliges. Here is some info. from the Samba > How To: > > There is no safe way to provide access on a UNIX/Linux system without > providing root level privilege. Provision of root privileges can be done > wither by logging onto the Domain as the user root, or by permitting > particular users to use a UNIX account that is a member of the UNIX group > that has a GID=0 as the primary group in the /etc/passwd database. Users of > such accounts can use tools like the NT4 Domain User Manager, and the NT4 > Domain Server Manager to manage user and group accounts as well as Domain > Member server and client accounts. This level of privilege is also needed to > manage share level ACLs. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Migration succesful , but can't add machine to domain
Well, can anybody help me? > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > LanRol > Sent: Monday, April 26, 2004 12:27 AM > To: samba > Subject: [Samba] Migration succesful , but can't add machine to domain > > > Hi all, > > I migrate NT4 PDC to SAmba3 tdbsam backend. All users, groups, > machineboxes > are ok. > > When I am try to add Win2k to domain, popup the a windows, I type > the DOMAIN > ADMIN username, password, and I get a failer message: > Bad user or password. > > I think my samba doesn't know where is passwd.tdb > > in my smb.conf: > passdb backend = tdbsam:/etc/samba/passdb.tdb > > Any idea what is wrong? > > regards, roland -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Yet Another LDAP Question
Hi All, I know this must have been discussed around here a million times, but I really didn't find this info anywhere else and I'm on a deadline here. I already have an FC1 server with a working LDAP directory in production. The same server runs a Samba PDC, but not with LDAP functionality yet. All I need to know right now is if I have to include some standard user and group accounts, like Adminstrator and such. Also,how do I generate the NT and Lanman password hashes so I can include them in the uses' ldifs? And please, don't point me to that Samba-LDAP howto 'cause it did nothing but confuse me more. Thanks, -- Jean Krebs Fonseca [EMAIL PROTECTED] Total Data Information Solutions www.totaldata.com.br -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Printing in 3.0.1
> thx, > will update to 3.0.2a and report Unfortunately there is a print segfault bug in 3.0.2a. The 3.0.3pre's and rc's have the patches in if you are so inclined :). If not, this is a post-3.0.2a patch that fixes a common printing crash in 3.0.2a: https://bugzilla.samba.org/attachment.cgi?id=420&action=view (bug 1147) ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Netbios Aliases -- problem with too many?
I have inherited a Samba 2.2.8a server with 12 NetBIOS aliases along with a normal NetBIOS name. This was thought to be a good method of partitioning the shares and a way for logical referencing by a project. Admirable goals. However, I am noticing that the WINS registration for some of these NetBIOS aliases seems to get dropped at times. I have people using the alias saying that their share cannot be accessed at times. When I check indeed this is the case the NetBIOS alias does not respond at all. Restarting the samba server seems to correct the problem. In fact, I am having to resort to restarting the server twice a day to prevent this problem. Any ideas as to how to resolve this situation. Thanks Mike Parker Systems Administrator [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows 2003 Active Directory and Group Access
Hi, thanks for your help - now it works :-))) But there is a new problem. We log on to the linux machine for email and ssh and so on. So the new problem is that a user is now AMATEC+testuser instead simple testuser (for the pam module). But I think we can make a hack to the pam_winbind.so file to add "AMATEC+" to the entered username (so a user has not to enter AMATEC+testuser but only testuser). Or is there a better way? Kind regards -Ursprüngliche Nachricht- Von: Alex de Vaal [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. April 2004 10:40 An: [EMAIL PROTECTED] Betreff: [Samba] Windows 2003 Active Directory and Group Access Hello Franz, I had the same problem with Wk3 groups as valid users on my shares; remove "winbind use default domain = yes" or set it to "winbind use default domain = no" Because "winbind separator = +" your valid group will be "valid users = @AMATEC.LOCAL+"GG_Entwicklung" If you remove "winbind separator = +" your valid group will be "valid users = @AMATEC.LOCAL\"GG_Entwicklung" I prefer the last one, because my ADS users don't have to logon on the Linux server. My Samba server just acts as a Windows domain member server in ADS. -- Regards, Alex de Vaal. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is it possible to store XP Profiles on Samba 3.0.2 ?
>>Can you use Samba to store an XP Pro profile? >> >> >Yep. Take a look at this: > >http://samba.idealx.org/samba-ldap-howto.pdf Thanks for the pointers. However, as far as I can see that info is for situations where the XP Pro clients are using the Samba box as the PDC. I'm not. The XP Pro client PC is a member of an AD domain. It's just the profiles that are being stored on Samba. Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is it possible to store XP Profiles on Samba 3.0.2 ?
>> >> Can you use Samba to store an XP Pro profile? > >Yes, you can. Your error message suggests that the profile you are trying to >overwrite does not belong to the current domain. ie: The user SID inside the >NTUser.DAT file for the current user does not match the current SID. > This sounds highly likely. The question in my mind though is where the Samba server gets a SID from? The XP Pro client is authenticating into a AD domain, which is telling it to store its profile on the Samba server. I have joined the Samba server to the AD domain in an attempt to coax this into working. But to no avail. (i.e. the join worked and Samba is now authenticating from the Windows server ('security=domain') but the SID error still occurs) Do I need to set some sort of SID on the Samba server to match the domain portion of the SID in the error message? (which I'm assuming is the domain SID for the AD domain?) Can I use 'net getsid' (or somesuch)? (side question: when using tdbtool's "dump" command, how can I convert the SIDs from secrets.tdb into SID-1-. format?) Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Usermapping with 3.0.3pre2
Hi, I just installed samba 3.0.3pre2 on a FreeBSD 5.2.1-RELEASE Box. It's a ActiveDirectory Member-Server and works so far - with an exception: It seems to me, that the "!"-Syntax in the user mapping file doesn't work any more. The man-page says, that samba will stop on a matching "!=" line, but all my users (even if successfully authenticated) are mapped to the last default-entry "smb=*". So to have my users working, I have to have all Shares completely open for "all authenticated users"... that's not what was intended :-} Is it my fault? I'm new to Samba 3, but with 2.2.8a it worked perfectly... -- Ciao/BSD - Matthias Matthias Schuendehuette , Berlin (Germany) PGP-Key at and ID: 0xDDFB0A5F -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind issues
I just moved from Samba 2.2 to Samba 3. I made the necessary changes to the smb.conf file to work with the new version. Everything works but I noticed when I run wbinfo -u, it not only returns the users on the active directory domain controller, but also the computer accounts. For example, a computer named Admin17 appears as a user under Samba now. This did not happen in version 2.2. The computer accounts also appear when the getent passwd command is run. There are around 200 machines in our domain so this adds quite a bit of listings. Is this an added feature to Samba 3 or do I have the configuration wrong? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is it possible to store XP Profiles on Samba 3.0.2 ?
Hello, Can you use Samba to store an XP Pro profile? Yep. Take a look at this: ftp://de.samba.org/samba.org/docs/ http://samba.idealx.org/samba-ldap-howto.pdf matze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] should I use idmap?
hi, suppose I have a samba 3 server with ldap backend and all users has both the sambaSamAccount and posixAccount. than it's enough or should I have to use idmap and create a new tree on my ldap server for the unix <-> windows id mapping? thnaks in advance. -- Levente "Si vis pacem para bellum!" -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing problem, only XP-PRO
Hi, I share a printer and some shares on my samba 3.0.2a-debian server. No fancy domain-logon, just plain workgroup connect (smb.conf below). The problem is, sometimes when i choose to print from my XP-pro machine, the printer don't react... The shares work fine, and i read/write from them, but i can't print. Neither cups, samba or syslog throws any error in the log, and the printjob just halts in the systray. The printer shows itself as ready, but if I try to change any options in the printer preferences, I get a CAN'T SAVE CONFIGURATION error! The problem is solved only upon a samba-restart, and then I print and change options without any problems... until next time I can't print (The log below is from samba after a restart) From XP-home, where i type passwd on each connection to the shares, I print everytime without any problems. Please help Thanks Torben --- smb.conf --- [global] netbios name = SERVER workgroup = NR4 server string = server security = user encrypt passwords = true passdb backend = smbpasswd socket options = IPTOS_LOWDELAY TCP_NODELAY SO_RCVBUF=4096 SO_SNDBUF=4096 dns proxy = no load printers = yes printing = cups printcap name = cups log file = /var/log/samba/samba.log log level = 2 [printers] comment = Printere path = /tmp browseable = yes public = yes guest ok = yes writable = yes printable = yes printer admin = @lpadmin SAMBA LOG [2004/04/26 16:05:54, 2] smbd/reply.c:reply_special(105) netbios connect: name1=NR4 name2=XPPRO [2004/04/26 16:05:54, 2] smbd/reply.c:reply_special(112) netbios connect: local=server remote=xppro, name type = 0 [2004/04/26 16:05:54, 2] smbd/sesssetup.c:setup_new_vc_session(591) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/04/26 16:05:54, 2] smbd/sesssetup.c:setup_new_vc_session(591) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2004/04/26 16:05:54, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [torben] -> [torben] -> [torben] succeeded -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Is it possible to store XP Profiles on Samba 3.0.2 ?
Hi all, Can you use Samba to store an XP Pro profile? I'm running Samba 3.0.2a (compiled from source) on Solaris 9. Compiled it against OpenLDAP 2.1.30 and MIT Kerberos 1.3.3 (both compiled from source from fresh downloads today). Am now trying to get Windows XP Pro to store profiles on to this box. The smbd and nmbd seem to run fine. Every time XP Pro goes to create a user's profile it connects (correctly) to:- \\firesun1\profiles\jsmith but then we get:- [2004/04/26 14:54:11, 1] smbd/service.c:make_connection_snum(705) dltest2 (212.219.217.98) connect to service profiles initially as user jsmith (uid=1935, gid=100) (pid 16145) [2004/04/26 14:54:11, 0] smbd/posix_acls.c:create_canon_ace_lists(1380) create_canon_ace_lists: unable to map SID S-1-5-21-973294077-3660535-3933214913-4632 to uid or gid. and an ugly "the security's wrong on the profile" sort of message on the XP Pro client. So, simple question. Can you use Samba to store an XP Pro profile? Mac Assistant Systems Adminstrator @nibsc.ac.uk [EMAIL PROTECTED] Work: +44 1707 641565 Everything else: +44 7956 237670 (anytime) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Force user and force group?
Jose Martinez schrieb: What does the Force user and Force Group option do under the homes and profiles section of the smb.conf file do? Jose hi, per "default" a file is created with the permissions of the creator in a samba share, with force user you can force the creator to be a different user or group, this is helpfull in a few cases i.e if youre using a smb share for apache ( user wwwrun etc ), but use this parameter with care it can break your security and result in miracle permissions behavior. i recommend to read the samba faq, and man smb.conf Regards -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Issues with Samba 3.0.2 on OSX using ADS.
Can anyone help me with this? -Original Message- From: Huyler, Christopher M Sent: Friday, April 23, 2004 3:47 PM To: [EMAIL PROTECTED] Subject: [Samba] Issues with Samba 3.0.2 on OSX using ADS. We have a Win2K network at work and I've been trying to integrate my Mac 10.3 machine into the network. It seems that once one thing is working, something else is not. I have read through various Mac tutorials found on the web but none seem to solve my problem. Right now I have Active Directory Domain Logons working successfully but Samba will not allow anyone (from Mac/Unix/Windows) to connect. I keep getting the following entries in the /var/log/samba/log.smbd log: [2004/04/23 15:07:03, 0] /SourceCache/samba/samba-56/samba/source/smbd/server.c:main(747) smbd version 3.0.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2004 [2004/04/23 15:07:19, 1] /SourceCache/samba/samba-56/samba/source/smbd/sesssetup.c:reply_spnego_k erberos(173) Failed to verify incoming ticket! I can't figure it out. I'm positive that Kerberos is configured correctly because I can run kinit and klist successfully and I can log in using my domain account. Here is some more info: [EMAIL PROTECTED] root]# net ads leave -S usildc03 -U huych02% Removed 'USFROSX1' from realm 'CA.COM' [EMAIL PROTECTED] root]# net ads testjoin -S usildc03 -U huych02% [2004/04/23 15:33:27, 0] /SourceCache/samba/samba-56/samba/source/libads/kerberos.c:ads_kinit_pas sword(133) kerberos_kinit_password [EMAIL PROTECTED] failed: Client not found in Kerberos database Join to domain is not valid [EMAIL PROTECTED] root]# net ads join -S usildc03 -U huych02% [2004/04/23 15:33:42, 0] /SourceCache/samba/samba-56/samba/source/libads/ldap.c:ads_add_machine_a cct(1086) Warning: ads_set_machine_sd: Unexpected information received Using short domain name -- TANT-A01 Joined 'USFROSX1' to realm 'CA.COM' [EMAIL PROTECTED] root]# net ads testjoin -S usildc03 -U huych02% Join is OK After all that, I still get the reply_spnego_kerberos(173) errors. Any help would be appreciated, I have searched the net up and down and nothing seems to help. Below is a copy of my smb.conf file for reference: [global] netbios name = usfrosx1 workgroup = TANT-A01 server string = Mac OS X security = ads realm = CA.COM password server = USILDC03 USILDC05 encrypt passwords = yes use spnego = yes client use spnego = yes printer admin = @admin, @staff unix charset = UTF-8-MAC display charset = UTF-8-MAC dos charset = 437 guest account = unknown level2 oplocks = no [homes] comment = User Home Directories browseable = no read only = no [public] path = /tmp public = yes writable = no printable = no [printers] path = /tmp printable = yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 PDC+LDAP questions
I waited for Samba 3 to come out to use the PDC+LDAP functionality and I'm glad I did. What an improvement! I have it installed and is working quite well except for a few things. 1. With Samba 2, you couldn't use the Crtl-Alt-Del password change feature. If I remember right, there wasn't a way that Samba could get the old password clear text to check for against the Samba's current password. Is this still true for Samba 3? After logging in, I tried change the password but it said the domain was unavailable but if I logout and try to log back in, I have to use the new password. So, it works but Windows doesn't seem to get the correct response back from the Samba server to know that it worked. It seems like I probably missed a configuration setting. 2. I am using the idealx scripts. I also use Kerberos for storing passwords for the users to be able to login using a shell or imap. They only thing I don't like is have to enable the admin dn in openldap and then putting the password in plain text in the smbldap_conf.pm file. Is there a way around having to do this? Other than that, everything works very well! Keep up the good work! Thanks, Doug -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Force user and force group?
What does the Force user and Force Group option do under the homes and profiles section of the smb.conf file do? Jose -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, best meds
Do you mind? :))) One of the most feared expressions in modern times is ''The computer is down'' The life of man is a journey a journey that must be traveled, however bad the roads or the accommodation. Samba, need cheap super-VIA? http://outsoles.gfd-online.com/cia/?dcent commensurability You can't learn less. When a blind man bears the standard, pity those who follow. http://mesognathic.cheappillz.biz/zz.html tubbed Science is nothing, but trained and organized common sense. Show me someone who has done something worthwhile, and I'll show you someone who has overcome adversity. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] missing files with linux CIFS client, smbclient OK
In a directory with approximately 300 files, several (dozens) files are missing if the directory is mounted with /sbin/mount.cifs via the Linux CIFS module kernel/fs/cifs/cifs.o. We are using a Redhat Linux Workstation Version 3 with kernel 2.4.21-9.0.3.EL including cifs-1.0.2b. The problem occurs on a Samba server 3.0.2a running Solaris 2.8 as well as using the precompiled Redhat Linux Samba server. If the samba client is changed from CIFS kernel module to smbclient, all files are listed as expected. As far as we can see, the string "get_lanman2_dir_entry: out of space" is printed in the samba server debug log (only one time using the CIFS module leading to missing files, several times using smbclient where everything is OK). Thanks in advance for a reply. Joerg Behrend University of Cologne Institute of Mathematics -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing in 3.0.1
thx, will update to 3.0.2a and report regards manfred Am Montag, 26. April 2004 14:43 schrieb [EMAIL PROTECTED]: > > Client: > > add new printer -> network printer -> browse for network printers , > > and > > > here > > is the problem, the samba isn't shown as a print server, it's > > displayed in > > > the network browser but not if want to add a new printer. the printers > > are > > > shown in the "normal" network browser if I click on the samba server. > > This was fixed with 3.0.2. From WHATSNEW: > > * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement > packet. > > ~ Daniel > > > > > > > > > > > > --- > > This message is the property of Time Inc. or its affiliates. It may be > legally privileged and/or confidential and is intended only for the use > of the addressee(s). No addressee should forward, print, copy, or > otherwise reproduce this message in any manner that would allow it to be > viewed by any individual not originally listed as a recipient. If the > reader of this message is not the intended recipient, you are hereby > notified that any unauthorized disclosure, dissemination, distribution, > copying or the taking of any action in reliance on the information > herein is strictly prohibited. If you have received this communication > in error, please immediately notify the sender and delete this message. > Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Printing in 3.0.1
> Client: > add new printer -> network printer -> browse for network printers , and > here > is the problem, the samba isn't shown as a print server, it's displayed in > the network browser but not if want to add a new printer. the printers are > shown in the "normal" network browser if I click on the samba server. This was fixed with 3.0.2. From WHATSNEW: * BUG 101: set the SV_TYPE_PRINTQ_SERVER flag in host announcement packet. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't add Win2k machine to Samba domain (PDC+LDAP)
Hi When I am try to add Win2k to domain, I get a error message: "Error when attempting to join the domain MyDOMAIN" "No mapping between account names and security IDs was done" (such messages were in spanish. My Win2k is spanish version) I have the following setup - Linux Red Hat 9 (kernel-2.4.20-8) - Samba 2.2.7a - Samba as PDC using LDAP Already I have done all the instructions in "SMB-LDAP PDC HOWTO" from IDEALX (http://www.idealx.org/prj/samba/index.en.html) But I have the same trouble. I thin'k this is the relevant logs entries [2004/04/21 21:12:32, 3] rpc_server/srv_pipe.c:api_rpcTNP(1180) api_rpcTNP: pipe 29832 rpc command: SAMR_CREATE_USER [2004/04/21 21:12:32, 3] smbd/sec_ctx.c:push_sec_ctx(282) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2004/04/21 21:12:32, 3] smbd/uid.c:push_conn_ctx(286) push_conn_ctx(100) : conn_ctx_stack_ndx = 0 [2004/04/21 21:12:32, 3] smbd/sec_ctx.c:set_sec_ctx(314) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:ldap_open_connection(216) ldap_open_connection: connection opened [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:ldap_connect_system(250) ldap_connect_system: succesful connection to the LDAP server [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:ldap_search_one_user(262) ldap_search_one_user: searching for:[(&(uid=revillam$)(objectclass=sambaAccount))] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [uid] = [revillam$] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:init_sam_from_ldap(495) Entry found for user: revillam$ [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [pwdLastSet] = [1082585220] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [logonTime] = [0] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [logoffTime] = [2147483647] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [kickoffTime] = [2147483647] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [pwdCanChange] = [1] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [pwdMustChange] = [2147483647] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [cn] = [revillam$] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(354) get_single_attribute: [homeDrive] = [] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(354) get_single_attribute: [smbHome] = [] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(354) get_single_attribute: [scriptPath] = [] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(354) get_single_attribute: [profilePath] = [] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [description] = [Computer] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(354) get_single_attribute: [userWorkstations] = [] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [rid] = [3424] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [primaryGroupID] = [1201] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:init_sam_from_ldap(593) init_sam_from_ldap: User [revillam$] does not ave a uid! I can't understand this last line, because in the previous lines I can read: for:[(&(uid=revillam$)(objectclass=sambaAccount))] [2004/04/21 21:12:32, 2] passdb/pdb_ldap.c:get_single_attribute(360) get_single_attribute: [uid] = [revillam$] It seems like the uid exits, Or maybe I'm doing something really wrong. Does anyone idea how to solve this ?? By the moment we are not planing a migration to Samba 3.0 stuff. Best regards -- Hardy Beltran Monasterios [EMAIL PROTECTED] Usuario Linux #50949 - http://counter.li.org La Paz, Bolivia -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Software
Microsoft Windows XP Professiornal 2002 Retail price: $270.99 Our low PricGe: $50.00 You Save: $220.00 Adobe Photoshvop 7.0 Retail price: $609.99 Our low Price: $60.00 You Savqe: $550.00 Microsoft Office XP Professional 2002 Retail price: $579.99 Our low Price: $60.00 You SavRe: $510.00 Adobe Illustrator 10 Retainl price: $270.99 Our low Price: $60.00 You Savke: $210.00 Corel Draw Graphics Suite 11 ReFtail price: $270.99 Our low Pricqe: $60.00 You Save: $210.00 Delphi 7 RetaiNl price: $404.99 Our low Price: $60.00 You Save: $335.00 And more!!! Why so cheap? All the software is OEM- MeaninAg that you don't get the box and the manual with your software. All you will receivle is the actual software and your unique registration code. All the softwarce is in the English language for PC. Our offers are unbeatablje and we always update our prices to make sure we provide you with the besVt possible offers. Hurry up and place your ordper, because our supplies are limited. VisiFt us now! http://XLANDA.BIZ/OE017/?affiliate_id=233763&campaign_id=601 KTGjxJ EdRQTtr XAZt QRTdxZRYl UthjNT eudCfTF YAzgRxGQ QyIzBh zufKnn RzcKDxO gCxK AXkGOTmHA LqZnyy TEiXRcx VNarDhUa RvXebM LoumbL lojKXOV UTXq DLrVozPpr knwmbi CwxEtIT tuQtoLQm euawpo WhGotU LGVWiqt MAcH TxycMkTbo nbLEqT LXYfQJL MHVfaIFd qzBPBn bvppIq cnTKbGI gxuR jbNpcyVfP uGGWVH rkYbDbp lLqRwypP qBRgQU FLZvhG bdBIvMH xpTN CvgvQFKHW lAceuH PucYaeb CMxouVGd IiyPEo vpXqDy uHRcylf wliy NXVerPJvA UUpzjK OtdrGxa yAyKFVXO tLLoQf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 in ADS
Hi list -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] member server is not resolving usernames anymore
Dear List, from one day to the next I am experiencing problems with my Samba/LDAP-Setup. We have one PDC (Master LDAP), a Slave LDAP and a fileserver. The problem is that I can not change the access rights of a file from a windows client. The fileserver a) does not resolve the SIDs anymore b) does not find the username (if e.g. entered one for adding) The problem seems to be that the fileserver does not resolves via LDAP anymore, but local as the shown search path for the user object is \\fileserver. The weird is that the basic access functionality is still there, so the problem is just with changing a files (or directory) access attributes. Thank you very much for any input and help! Matthias --- /etc/samba/smb.conf (fileserver) [global] workgroup = KERNZEIT netbios name = FILESERVER server string = %h announce version = 5.0 os level = 20 passdb backend = ldapsam:"ldap://10.1.1.1 ldap://10.1.1.10"; ldap suffix = dc=kernzeit,dc=com ldap machine suffix = "ou=smb-machines,ou=NSS,dc=kernzeit,dc=com" ldap admin dn = "cn=admin,dc=kernzeit,dc=com" ldap ssl = no ldap user suffix = "dc=kernzeit,dc=com" ldap group suffix = ou=groups,ou=nss #LOG STUFF log file = /var/log/samba/log.%m max log size = 1000 log level = 3 syslog = 0 #NETWORK interfaces = 10.1.1.20/16 hosts allow = 10.1. 10.99. bind interfaces only = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #SECURITY null passwords = no #admin users = @domadmins encrypt passwords = true guest account = nobody obey pam restrictions = no security = domain #password server = LOGIN, APPSERVER password server = LOGIN #FEATURES panic action = /usr/share/samba/panic-action %d nt acl support = yes wins support = no wins proxy = no wins server = 10.1.1.1 dns proxy = no local master = no preferred master = no #DOMAIN STUFF domain master = no domain logons = no #INTERNATIONALIZATION unix charset = iso8859-15 dos charset = cp850 #=== Share Definitions === [temp] path = /data/temp browsable = yes writable = yes directory mask = 770 create mask = 770 nt acl support = yes vfs objects = recycle --- --- /var/log/samba/log.client [2004/04/23 14:42:47, 3] rpc_server/srv_pipe.c:api_rpcTNP(1509) api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX checking name: \\fileserver\lf [2004/04/23 14:42:47, 3] rpc_server/srv_spoolss_nt.c:set_printer_hnd_printertype(447) Setting printer type=\\fileserver\lf [2004/04/23 14:42:47, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200) Closed policy [2004/04/23 14:42:47, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) free_pipe_context: destroying talloc pool of size 68 [2004/04/23 14:42:47, 3] smbd/process.c:process_smb(890) Transaction 1717 of length 104 [2004/04/23 14:42:47, 3] smbd/process.c:switch_message(685) switch message SMBntcreateX (pid 582) [2004/04/23 14:42:47, 3] smbd/error.c:error_packet(118) error packet at smbd/nttrans.c(498) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_NAME_NOT_FOUND [2004/04/23 14:42:47, 3] smbd/process.c:process_smb(890) Transaction 1718 of length 104 [2004/04/23 14:42:47, 3] smbd/process.c:switch_message(685) switch message SMBntcreateX (pid 582) [2004/04/23 14:42:47, 3] smbd/error.c:error_packet(118) error packet at smbd/nttrans.c(498) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_NAME_NOT_FOUND [2004/04/23 14:43:47, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 --- -- Matthias Eichler <[EMAIL PROTECTED]> kernzeit AG -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] Machine Accounts in Samba3 and OpenLDAP
Hi, I know, I put a bug with no response, normaly, if you uncomment the part of code ... script adds sambaSamAccount atribute, you can adding computers on two step : first step : you have : windows message is same "The user name could be not find" -> samba try to add the machine account because not found the entry second step : the connection work fine -> samba found entry and modify correcly entry (sambaNTPassword, ) --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+-> | | "Ruslanas Cechovskis" <[EMAIL PROTECTED]>| | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 26/04/2004 11:15 | | | | |-+-> >---| | | |Pour : <[EMAIL PROTECTED]> | |cc : | |Objet : [Samba] Machine Accounts in Samba3 and OpenLDAP | >---| Hi, Trying to run Samba3 and OpenLDAP.. and have a problem with adding computers to domain while checking logs i found that samba is doing such search : smbldap_search: base => [dc=forbis,dc=lt], filter => [(&(uid=test$)(objectclas s=sambaSamAccount))], scope => [2] [2004/04/26 09:45:46, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1062) ldapsam_getsampwnam: Unable to locate user [test$] count=0 i use smbldap-useradd script to add computers .. and entry is without sambaSamAccount atribute in smbldap-useradd.pl i found comented entry that samba add sambaSamAccoun atribute automaticaly... somehow it do not happens.. Also i tryed to put ldap filter = (uid=%u) entry in my smb.conf file ..also nothing happend samba still searchs in sambaSamAccount Tryed to uncoment this part of code ... script adds sambaSamAccount atribute .. but still cant join domain.. windows message is same "The user name could be not find" And right now im out of ideas ... any help ? Su pagarba, Ruslanas Cechovskis UAB "Forbis" inzinerius -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Machine Accounts in Samba3 and OpenLDAP
Hi, Trying to run Samba3 and OpenLDAP.. and have a problem with adding computers to domain while checking logs i found that samba is doing such search : smbldap_search: base => [dc=forbis,dc=lt], filter => [(&(uid=test$)(objectclas s=sambaSamAccount))], scope => [2] [2004/04/26 09:45:46, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1062) ldapsam_getsampwnam: Unable to locate user [test$] count=0 i use smbldap-useradd script to add computers .. and entry is without sambaSamAccount atribute in smbldap-useradd.pl i found comented entry that samba add sambaSamAccoun atribute automaticaly... somehow it do not happens.. Also i tryed to put ldap filter = (uid=%u) entry in my smb.conf file ..also nothing happend samba still searchs in sambaSamAccount Tryed to uncoment this part of code ... script adds sambaSamAccount atribute .. but still cant join domain.. windows message is same "The user name could be not find" And right now im out of ideas ... any help ? Su pagarba, Ruslanas Cechovskis UAB "Forbis" inzinerius -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Printing in 3.0.1
Hi, I'm running samba 3.0.1 on SuSE9, server is configured as member server in a NT4 controlled domain. now the problem: it's possible to upload drivers; it's possible to set default settings/ setting printer configuration; Client: add new printer -> network printer -> browse for network printers , and here is the problem, the samba isn't shown as a print server, it's displayed in the network browser but not if want to add a new printer. the printers are shown in the "normal" network browser if I click on the samba server. regards manfred here is the smb.conf [global] server string = something version x-x netbios name = NBNAME workgroup = DOMANI domain master = no local master = no security = domain domain logons = no #log file = /var/log/samba/log.%m #log level = 3 password server = DOMANICTRL encrypt passwords = yes obey pam restrictions = No winbind separator = + idmap backend = idmap uid = 1-2 idmap gid = 1-2 printing = cups load printers = yes use client driver = no printer admin = @ntadmin,DOMANI+Administrator,root [print$] comment = Printer Driver Download Area path = /var/lib/samba/drivers browsable = yes guest ok = yes read only = yes write list = @ntadmin,DOMANI+Administrator,root force create mode = 0660 force group = root [printers] comment = All printers printable = yes path = /var/spool/samba browseable = no guest ok = yes public = yes read only = yes writable = no printer admin = @ntadmin,DOMANI+Administrator,root [hp LaserJet 2200 Series PCL6] printable = yes path = /var/spool/samba browseable = yes guest ok = yes public = yes read only = yes writable = no printer name = laser2200 printer admin = @ntadmin,DOMANI+Administrator,root [HP LaserJet 5Si] printable = yes path = /var/spool/samba browseable = yes guest ok = yes public = yes read only = yes writable = no printer name = HPLaserJ printer admin = @ntadmin,DOMANI+Administrator,root [HP LaserJet 1300n] printable = yes path = /var/spool/samba browseable = yes guest ok = yes public = yes read only = yes writable = no printer name = hpLaser1300 printer admin = @ntadmin,DOMANI+Administrator,root [HP LaserJet 4050 Series] printable = yes path = /var/spool/samba browseable = yes guest ok = yes public = yes read only = yes writable = no printer name = HP4050 printer admin = @ntadmin,DOMANI+Administrator,root [work] admin users = DOMANI+Administrator path = /work/work browsable = yes create mask = 0660 directory mask = 0770 force create mode = 0600 read only = no writeable = yes [somethingother] admin users = DOMANI+Administrator path = /work/elsewhere browsable = yes create mask = 0660 directory mask = 0770 read only = no writeable = yes force create mode = 0600 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba