Re: [Samba] Samba + ACL cosmetic improvement?
Hi, you got the same problem, many win admins have, removing group everyone happens everywhere( in this group is everyone g )in big windows hosting active dir companies, this makes their helpdesks crazy *g. Also deny permissions functions are simply a hoax by ms I know windows book writers which have no real answer and say simply dont use it, maybe you are able to make cosmetic debuging with samba about that but you will see another kind of problem will come up *g So i wouldnt invest to much time in debugging a feature which is simply rubbish from the creators of win and makes trouble in purly win networks too Best Regards Tom Dickson schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My users are complaining that to remove Everyone permissions from a folder's ACL they have to Deny all permissions. This causes a Windows warning to appear: You have denied everyone access to New Folder. No one will be able to access New Folder and only the owner will be bale to change the permissions. Do you wish to continue? This is confusing, because world permissions of --- will NOT prevent other groups assigned either as the default group or in the POSIX ACL from working. What I'd like to see is the following improvements. If the Everyone group is removed by the Windows security editor, Samba sets world permissions to ---. If the Everyone group is added, then Samba modifies world permissions accordingly. And if the world or default group permissions are ---, Samba does not display them in the Windows ~ ACL dialog. Are there any objections why this wouldn't work? I'm tired of explaining that the deny button really isn't denying everybody, and why the Domain Users group cannot be removed, etc. (using 2.4.26 bestbits XFS+ACL, Samba 3.0.2a) - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA8vIN2dxAfYNwANIRAjfoAJ9MtA9WfArfNTbvIZxEKY3OilQbvQCfTBA4 4ey0vJSnA7MF6DBFr5zwU4A= =NayI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10
Hi It gets URGENT (for me) because there i a course which forces this problem twice a day and all other clients crash. Thanks Andreas Grabner -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Errors in log.smbd
hi , i do a small guess only perhaps you should short the comments and get out of that special characters in it, give it a try and lets hear what happend Regards John Clarke schrieb: Am running Samba on SCO 5.0.2 and continually get the following error in this log file from *some* client win pc's only; [2004/07/12 10:02:56, 0] smbd/service.c:(252) wkst7 (192.168.0.119) couldn't find service scotland: Also [2004/07/12 10:02:56, 0] smbd/service.c:(252) wkst7 (192.168.0.119) couldn't find service veta I have around 25 shares available with just these two causing a problem and as I said before, only on some win pc's. These services DO exist. From smb.conf [vetav] comment = Vet Anti Virus Master Install Files for LAN path = /premier/vet/lan read only = no public = yes writable = yes printable = no [scotland] comment = Staff In/Out Software path = /premier/scotland read only = no writable = yes public = yes printable = no They are also viewable in workgroup and are fully functional on client pc's when the executable in each one is run. The PC's ae running Win95, Win Xp and Win98. I can see no commonality with any of the clients Any suggestions to resolve this would be greatly appreciated. Kind regards, John Clarke -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vampire doesn't appear to be working at the moment?
Thankyou Craig, this appears to have worked to a degree, the only thing now is that all the accounts are transferred over but all their passwords are set to; crypt{x} instead of their NT password hashes... I'm not sure why this is? (well, I know why it is, because I had a look at the source for smbldap-useradd, but shouldn't vampire also set the password hashes correctly?) Regards Eric Craig White wrote: On Mon, 2004-07-12 at 22:17, Eric J Bennett wrote: Hello All, Software environment is RedHat 8.0 running Samba 3.0.4 compiled from source downloaded from planetmirror. When I try to run net rpc vampire -S pdc -U administrator%password I get a message like this Cannot import users from ITOUCHAU at this time, as the current domain: ITOUCH-1008: S-1-5-21-3757787686-1591169446-1440766903 conflicts with the remote domain ITOUCHAU: S-1-5-21-991195760-36068510-1124750213 Perhaps you need to set: security=user workgroup=ITOUCHAU in your smb.conf? Itouch-1008 is the name of the server samba is running on.The relevant bits of smb.conf are below, as well as the output of net rpc vampire -U administrator%password -d 4 (without specifying the server) as this did actually appear to do something and come back with NT_STATUS_UNSUCCESSFUL Any ideas, anyone? try net setlocalsid S-1-5-21-991195760-36068510-1124750213 first Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10
Hi, On 3.0.4, I have a similar problem, it's caused by a group which have a user that not exist. Could you verify your user account ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Andreas Grabner [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 13/07/2004 08:46 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10 | ---| Hi It gets URGENT (for me) because there i a course which forces this problem twice a day and all other clients crash. Thanks Andreas Grabner -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Domain logon against a Windows Server 2003 based AD
Hi, I'm trying to configure my Mandrake V10 box to do user authentication against an ActiveDirectory domain hostet on Windows Server 2003. And guess what, I have some problems :) I used drakauth (similar to authconfig on RedHat) to configure the authentication against a windows domain. I was asked some questions concerning domain, domain controller, administrator account and password.. drakauth configured my smb.conf the following way: [global] workgroup = IDEALTEC.LOCAL server string = Samba Server %v security = domain encrypt passwords = Yes password server = * log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 character set = ISO8859-15 os level = 18 local master = No dns proxy = No winbind uid = 1-2 winbind gid = 1-2 winbind separator = + template homedir = /home/%D/%U template shell = /bin/bash winbind use default domain = yes But after a net join, I get the following errors, when I try to logon a domain user on my linux box: Jul 12 16:56:22 linux kde3(pam_unix)[3610]: auth could not identify password for [marcus] Jul 12 16:56:22 linux winbindd[2410]: [2004/07/12 16:56:22, 0] nsswitch/winbindd_util.c:get_trust_pw(951) Jul 12 16:56:22 linux winbindd[2410]: get_trust_pw: could not fetch trust account password for my domain IDEALTEC.LOCAL Jul 12 16:56:22 linux pam_winbind[3610]: request failed: NT_STATUS_CANT_ACCESS_DOMAIN_INFO, PAM error was 4, NT error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO Jul 12 16:56:22 linux pam_winbind[3610]: internal module error (retval = 4, user = `marcus' I even modified in the ActiveDirectory the SecurityPrincipal Everyone to be a member of the pre-windows 2000 authentication group, don't know if the name is right, as I have a german version of Windows :) Last things I modified on my linux box was to change the security = domain to security = ads, as the net join gave me some hints that it could not find the ads realm and had to use RPC for interaction with my domain. According to the man-page I set the following lines: security = ads .nf realm = dc-hh-001.idealtec.local name resolution works, I have checked this, as I know how critical DNS is for ActiveDirectory based domains. Im currently working my way down the Samba-Howto-Collection Chapter 20: Use of Domain Accounts, but currently Im somewhat puzzled, need to get some ground under my feet.. Bye, Marcus -- pedo mellon a minno -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] problem in Trust relation ship
Sir, I have 1 Head office and 2 branches located at one city. I have configured 3 SAMBA PDC at 3 different places. Now I am not able to create the Trust Relationship between this 3 SAMBA PDC Machine. Is it possible to create the Trust relationship between 3 SAMBA PDC , if yes than how?. Plz halp me on this. regds Jeetu Asst. Manage systems Medopharm Chennai India -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] turn off NBT
Thanks Andrew, that solves the problem. (BI don't need legacy NBT support on my network, (Bso I turn off NBT and 137-139 in samba. (B (BOn Sun, 2004-07-11 at 14:57, [EMAIL PROTECTED] wrote: (B Thanks for reply. (B However case doesn't seems to matter. 'Yes/yes' results (Bin the same. (B smbd still haunting on TCP 139. (B I have using a generic samba setup in Fedora 2. (B Any special catchy setup needed in this? (B (B 'smb ports'. This handles the ports we listen too - but (Bwhy do you need (B to disable 139? (B (B Andrew Bartlett (B (B (B (B__ (BDo You Yahoo!? (Bhttp://bb.yahoo.co.jp/ (B (B-- (BTo unsubscribe from this list go to the following URL and read the (Binstructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Different guest account for each sare (sevice)
I have upgraded to samba 3 and having big problems with being unable to set different guest accoutn for each share i have. I use share security and want to have a different guest account for each share. For example, one share contains web data and another contains file exchange data, so the first share must have guest account apache and another one is pcguest. I tried settibfg different 'guest account = '. but samba just ignores it. When i dump config using testparm 'guest account = ' for shares is not even shown and global setting is used. What should i do to do what i want to do? Regards, Artem -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Different guest account for each sare (sevice)
On Tue, 2004-07-13 at 18:55, Artem Koutchine wrote: I have upgraded to samba 3 and having big problems with being unable to set different guest accoutn for each share i have. I use share security and want to have a different guest account for each share. For example, one share contains web data and another contains file exchange data, so the first share must have guest account apache and another one is pcguest. I tried settibfg different 'guest account = '. but samba just ignores it. When i dump config using testparm 'guest account = ' for shares is not even shown and global setting is used. This was removed from Samba 3.0, due to code complexity issues. You could possibly use 'force user'. Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Domain logon against a Windows Server 2003 based AD
hi, did you joined your samba-server to the W2K Domain? yes, more than once, do I need to do more cleanups than deleting the computer account in ads? Jul 12 16:56:22 linux winbindd[2410]: [2004/07/12 16:56:22, 0] nsswitch/winbindd_util.c:get_trust_pw(951) Jul 12 16:56:22 linux winbindd[2410]: get_trust_pw: could not fetch trust account password for my domain IDEALTEC.LOCAL Jul 12 16:56:22 linux pam_winbind[3610]: request failed: NT_STATUS_CANT_ACCESS_DOMAIN_INFO, PAM error was 4, NT error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO this doesn?t look like you did it... did it, and now I get other error codes, as there was a possible mistake in the row with the realm directive. I did remove the .nf in front of realm, as I found an error message about realm in the messages log. And now I get other error messages, that look better/other :) and i hope that password server = * means that you only removed the name for that posting... no, this was unchanged from the configuration drakauth did. I can change this to the server, as my test installation only has one, but I did understand the directive to support several servers when you insert the star. I guessed it would look inside the DNS service for the _msdcs zone, where all those services entries for the ads are being stored. The slightly new errors, after restarting the DC, changed the group membership of Everyone to Pre-Windows 2000 Compatible Access, and restarting smbd, nmbd, and winbind is: Jul 13 11:06:56 linux winbindd[20394]: [2004/07/13 11:06:56, 0] libsmb/cliconnect.c:cli_session_setup_spnego(724) Jul 13 11:06:56 linux winbindd[20394]: Kinit failed: Cannot find KDC for requested realm Jul 13 11:06:56 linux pam_winbind[2634]: request failed: No trusted SAM account, PAM error was 4, NT error was NT_STATUS_NO_TRUST_SAM_ACCOUNT Jul 13 11:06:56 linux pam_winbind[2634]: internal module error (retval = 4, user = `franke' Jul 13 11:06:56 linux login(pam_unix)[2634]: check pass; user unknown Jul 13 11:06:56 linux login(pam_unix)[2634]: authentication failure; logname= uid=0 euid=0 tty=vc/6 ruser= rhost= Jul 13 11:06:56 linux login(pam_unix)[2634]: check pass; user unknown Jul 13 11:06:59 linux winbindd[20394]: [2004/07/13 11:06:59, 0] libsmb/cliconnect.c:cli_session_setup_spnego(724) Jul 13 11:06:59 linux winbindd[20394]: Kinit failed: Cannot find KDC for requested realm Jul 13 11:06:59 linux pam_winbind[2634]: request failed: No trusted SAM account, PAM error was 4, NT error was NT_STATUS_NO_TRUST_SAM_ACCOUNT Jul 13 11:06:59 linux pam_winbind[2634]: internal module error (retval = 4, user = `franke' Jul 13 11:07:01 linux login[2634]: FAILED LOGIN 1 FROM (null) FOR franke, Authentication failure Marcus -- pedo mellon a minno -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Permission error on /etc/samba/private/secrets.tdb
Hi list, I have a strange permission problem with secrets.tdb on an nfs mounted filesystem. A strace of smbd shows the following lines: open(/etc/samba/private/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 4 fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1}, 0xb010) = -1 EACCES (Permission denied) /etc/samba/private/secrets.tdb is a link to /var/etc/samba/private/secrets.tdb which in turn is a link to /cluster/bremerhaven/secrets.tdb, which is on an nfs mounted filesystem. This setup is because the root fs is readonly and /var is volatile (tmpfs). root has full access on /cluster and it also does not help if i set secrets.tdb's permissions to 0666. Are there known issues with the fcntl64 call? Would upgrading to kernel 2.6.x help? Versions: -- smbd: 3.0.4 kernel: 2.4.26 NFS server: FreeBSD 5.2.1 Any help or hints would be appreciated. Grretings, Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] vampire doesn't appear to be working at the moment?
On Tue, 2004-07-13 at 00:01, Eric J Bennett wrote: Thankyou Craig, this appears to have worked to a degree, the only thing now is that all the accounts are transferred over but all their passwords are set to; crypt{x} instead of their NT password hashes... I'm not sure why this is? (well, I know why it is, because I had a look at the source for smbldap-useradd, but shouldn't vampire also set the password hashes correctly?) - Indeed it should. I think that this occurs when the NT4 PDC doesn't entirely trust the 'BDC' trying to do the vampire (like a setting isn't right). I would wipe out the users/machine accounts that were imported and try again. Make sure that samba is set up like a BDC (and I am doing this from memory from more than 6 months ago)... security = domain domain master = yes preferred master = no net join etc... net rpc vampire etc... Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Hello ! I have problem using run kinit (kerberos) on Solaris client against Windows2003 for auth a Samba-Share. When I use the command 'kinit [EMAIL PROTECTED]' I keep getting a 'kinit: KDC reply did not match expectations while getting initial credentials' error message. I know that I am getting connected and that the password is correct and received by the Windows 2003 Server because I get different error messages when that happens. # kinit username Password for [EMAIL PROTECTED]: kinit: KDC reply did not match expectations while getting initial credentials # krb5.conf [libdefaults] default_realm = domain.local default_tkt_enctypes = des-cbc-md5 default_tgs_enctypes = des-cbc-md5 [realms] domain.local = { kdc = srv100.domain.local admin_server = srv100.domain.local default_domain = domain.local } [domain_realm] .domain.local = domain.local [logging] default = FILE:/var/krb5/kdc.log kdc = FILE:/var/krb5/kdc.log kdc_rotate = { # How often to rotate kdc.log. Logs will get rotated no more # often than the period, and less often if the KDC is not used # frequently. period = 1d # how many versions of kdc.log to keep around (kdc.log.0, kdc.log.1, ...) versions = 10 } [appdefaults] kinit = { renewable = true forwardable= true } gkadmin = { help_url = http://docs.sun.com:80/ab2/coll.384.1/SEAM/@AB2PageVi ew/1195 } Best regards, Hendrik Pieper -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.4 ACL problem
Hi, I have done a migration from Samba 2 to 3.0.4; and i have a very big problem with ACL. I have a file own by a user drif and group informatique with ACL attributes and unix attributes rwxrwx--- : -rwxrwx---+ 1 drif informatique68096 2004-07-13 11:01 fiche de migration.xls When an other user which is in informatique group modify this file, the new file is own by this user, but unix attribute for the user is set to read-only : -r--rwx---+ 1 jokic informatique68096 2004-07-13 11:01 fiche de migration.xls This problem appear only with files that have ACL attribute. In my smb.conf i have set for shares create mask = 0770 and force create mode = 0770, and with samba 2 it was working !! Please help me with this very big problem, .. after modification users can only read there files !! Thanks a lot for your help. Regards, -- Christophe Suire [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Domain logon against a Windows Server 2003 based AD
Hi, Jul 13 11:06:56 linux winbindd[20394]: [2004/07/13 11:06:56, 0] libsmb/cliconnect.c:cli_session_setup_spnego(724) Jul 13 11:06:56 linux winbindd[20394]: Kinit failed: Cannot find KDC for requested realm I did some further investigations into this direction and found some possible misconfiguration in the krb5-workstation/server package config. my /etc/krb5.conf looks like this (looks good for my eyes): Interesting is, there are no logfiles in /var/log/kerberos Tought about touching them, but I don't know which rights and set of user.group for the files, so I did not do it. [logging] default = FILE:/var/log/kerberos/krb5libs.log kdc = FILE:/var/log/kerberos/krb5kdc.log admin_server = FILE:/var/log/kerberos/kadmind.log [libdefaults] ticket_lifetime = 24000 default_realm = IDEALTEC.LOCAL default_tgs_enctypes = des-cbc-md5 default_tkt_enctypes = des-cbc-md5 permitted_enctypes = des3-hmac-sha1 des-cbc-crc dns_lookup_realm = false dns_lookup_kdc = false kdc_req_checksum_type = 2 checksum_type = 2 ccache_type = 1 forwardable = true proxiable = true [realms] IDEALTEC.LOCAL = { kdc = dc-hh-001.idealtec.local:88 admin_server = dc-hh-001.idealtec.local:749 default_domain = idealtec.local } These parameters seem to be right, because in my dns zone there is a _kerberos._tcp.dc._msdcs.idealtec.local entry pointing to port 88. kdc is avail and working, as my two windows test clients can use the domain with no problem :( but, admin_server isnt quite clear to me, what does it mean? [domain_realm] .idealtec.local = IDEALTEC.LOCAL [kdc] profile = /etc/kerberos/krb5kdc/kdc.conf in this file, there was a small error, as there was still MANDRAKESOFT.COM as default domain, but I changed this to the correct value, but no change.. [pam] debug = true ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false [login] krb4_convert = false krb4_get_tickets = false Bye, Marcus -- pedo mellon a minno -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-3.0.x: Strange problems with roaming profiles
Hello I've got some strange problems with Samba-3.0.4. When using roaming profiles, keyboard layout is set to english (instead of norwegian) and a lot of programs wont load correctly. Setting log level = 3 revealed a lot of errors after the netlogon-script had executed (and all shares correctly set up). I switched to log level = 10 to get a more detailed view of these errors (show below). Most of the errors were for a lot of *.com, *.exe or *.dll files. There were multiple error for desktop.ini and wdmaud.drv. I've attached my previous post (to [EMAIL PROTECTED]) below. I can provide more logs if needed. In the meantime I'll keep browsing the logs. Erlend Aasland --- begin log -- change_to_user uid=(0,0) gid=(0,200) vfs_ChDir to /home/erlend-a call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 unix_convert called on file SETUPAPI.DLL stat_cache_lookup: lookup failed for name [SETUPAPI.DLL] unix_convert begin: name = SETUPAPI.DLL, dirpath = , start = SETUPAPI.DLL is_mangled SETUPAPI.DLL ? is_mangled_component SETUPAPI.DLL (len 12) ? is_mangled SETUPAPI.DLL ? is_mangled_component SETUPAPI.DLL (len 12) ? is_in_path: src is_in_path: no name list. is_in_path: .bash_history is_in_path: no name list. is_in_path: PUTTY.RND is_in_path: no name list. is_in_path: .ssh is_in_path: no name list. is_in_path: .viminfo is_in_path: no name list. is_in_path: .tcshrc is_in_path: no name list. is_in_path: wordlist is_in_path: no name list. is_in_path: .links is_in_path: no name list. is_in_path: shares is_in_path: no name list. is_in_path: log is_in_path: no name list. is_in_path: snmp is_in_path: no name list. is_in_path: snmp-manager is_in_path: no name list. is_in_path: .DS_Store is_in_path: no name list. is_mangled SETUPAPI.DLL ? is_mangled_component SETUPAPI.DLL (len 12) ? New file SETUPAPI.DLL is_in_path: SETUPAPI.DLL is_in_path: no name list. call_trans2qfilepathinfo: SMB_VFS_STAT of SETUPAPI.DLL failed (No such file or directory) set_bad_path_error: err = 2 bad_path = 0 error string = No such file or directory error packet at smbd/trans2.c(2219) cmd=50 (SMBtrans2) NT_STATUS_OBJECT_NAME_NOT_FOUND size=35 --- end log --- - Forwarded message from myself - Date: Mon, 12 Jul 2004 09:55:51 +0200 From: Erlend Aasland [EMAIL PROTECTED] Subject: Strange language problems with roaming profiles To: [EMAIL PROTECTED] Hello, I've just upgraded from Samba-2.2.8a to Samba 3.0.4. After tuning some charset variables in smb.conf and downloading convmv I finally solved some profile problems. All seem to work well now; I can log on to the domain and the logon-script execute correctly. But one strange problem remains: The keyboard layout is set to english (instead of norwegian) when roaming profiles is used. It seems that some other language settings are affected as well, since MS Office wants to install some extra language settings when I start it. It seems like the registry might be affected. Local login (e.g. Administrator login) works perfect: No language problems - all programs behave normal. I've googled without much luck, so I really hope that some of you might point me in the right direction or give me some clues! The Samba server is configured as a PDC. Erlend Aasland - End forwarded message - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Profile Problem with ldap backend
The Samba 3.0.5rc1 server is configured as a PDC. [global] # client code page = 866 # NetBIOS name of that comp netbios name = TOLTEC #Name of Domain workgroup = liin #Comment server string = Samba PDC %v #Interface where samba works interfaces = 10.0.0.4/24 127.0.0.1/24 bind interfaces only = yes hosts allow = 10.0.0. name resolve order = hosts bcast #DOMAIN CONFIG encrypt passwords = Yes domain master = Yes local master = Yes prefered master = Yes security = user domain logons = yes # ONLY FOR 2K/XP! client ntlmv2 auth = Yes # NO WIN9X IN OUR DOMAIN! client lanman auth = no client plaintext auth = no #TEst this disable netbios = no #OS level!!! os level = 65 #ALL about Loggin ^) log level = 10 log file = /var/log/samba/%m.log max log size = 2000 #WINBIND CONFIG winbind separator = + winbind use default domain = Yes winbind uid =1-2 winbind gid =1-2 #If i comment it then #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(560) # winbindd: idmap uid range missing or invalid #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(561) # winbindd: cannot continue, exiting. # Could not init idmap -- netlogon proxy only # strange thing on 3.0.4 i don't need to write it winbind enum users = yes winbind enum groups = yes password server= localhost logon path = \\%L\profiles\%u logon script = logon.bat logon drive = H: # logon home = \\%L\%u\.win_profile\%m # NO 9X HERE!!! time server = yes #LDAP STARTS HERE passdb backend = ldapsam:ldap://localhost ldap admin dn = cn=Manager,dc=liin,dc=org ldap server = localhost ldap port = 389 ldap suffix = dc=liin,dc=org ldap machine suffix = ou=people ldap user suffix = ou=people ldap group suffix = ou=groups # ldap filter = ((uid%=%U)(ObjectClass=sambaSamAccount)) #LDAP continue ldap idmap suffix = ou=Idmap idmap backend = ldap:ldap//localhost idmap uid = 1 - 2 idmap gid = 1 - 2 #what is it? map acl inherit = yes # printing = cups # printer admin = Administrator #IDEALx SCRIPT's Rulezz add user script = /usr/sbin/smbldap-useradd -a -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u # socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # load printers = No # dns proxy = No guest account = nobody [netlogon] path = /usr/local/netlogon writable = no browsable = no [profiles] path = /home/nt-prof browsable = no writable = yes create mask = 0600 directory mask = 0700 guest ok = yes profile acl = no [homes] read only = no browsable = no guest ok = no map archive = yes When i try to logon WinXP(pro) says: Windows cannot find the server profile and is logging you on with a temporart profile. or somenthing like that. I have russian copy of winxp. Next hi says: Windows cannot find the local profile and is logging you on with a temporart profile. (it because i removed c:\Documents and Settings\Default User) And now the strange thing begin: It logons and download default profile from samba netlogon share(!!!) I waste a week about this problem i try tdb backend and all works fine when i back to ldap backend things go wrong OS RH8 OPENLDAP 2.2.14 Samba tested 3.0.4-3.0.5rc1 Problem n2: Problem With Winbind(or not?) [2004/07/14 01:59:55, 3] sam/idmap.c:idmap_init(131) idmap_init: using 'ldap' as remote backend [2004/07/14 01:59:55, 5] lib/smbldap.c:smbldap_search(931) smbldap_search: base = [ou=Idmap,dc=liin,dc=org], filter = [(objectclass=sambaUnixIdPool)], scope = [2] [2004/07/14 01:59:55, 10] lib/smbldap.c:smbldap_open_connection(543) smbldap_open_connection: ldap//localhost [2004/07/14 01:59:55, 0] lib/smbldap.c:smbldap_open_connection(546) ldap_initialize: Time limit exceeded [2004/07/14 01:59:55, 1] lib/smbldap.c:smbldap_retry_open(908) Connection to LDAP Server failed for the 1 try! [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1646) fcntl_lock 7 13 0 1 1 [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1681) fcntl_lock: Lock call successful I use idealx smbldap-populate to fill ldap directory -- To unsubscribe from this list go to the following URL
Re: [Samba] Samba 3.0.4 ACL problem
Hi again, I have just see, that the problem is not link with the modification of the file. In fact this problem appear when Windows change ACL attribute, and i have found an other strange thing : A user jokic create a new text file. On the server i have : -rwxrwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt This file as no ACL, but first strange thing is own by root !!! On a second time, user jokic modify the attribute of the file and add a new user delestre to read this one. Now i have : -r--rwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt # file: Nouveau\040Texte\040seulement.txt # owner: root # group: informatique user::r-- user:delestre:r-x group::--- mask::rwx other::--- So the modification of the ACL attributes, add the new user with the correct right, but remove the write attribute to the primary user, and remove write and read to the primary group of the file !!! Please help me ! Hi, I have done a migration from Samba 2 to 3.0.4; and i have a very big problem with ACL. I have a file own by a user drif and group informatique with ACL attributes and unix attributes rwxrwx--- : -rwxrwx---+ 1 drif informatique68096 2004-07-13 11:01 fiche de migration.xls When an other user which is in informatique group modify this file, the new file is own by this user, but unix attribute for the user is set to read-only : -r--rwx---+ 1 jokic informatique68096 2004-07-13 11:01 fiche de migration.xls This problem appear only with files that have ACL attribute. In my smb.conf i have set for shares create mask = 0770 and force create mode = 0770, and with samba 2 it was working !! Please help me with this very big problem, .. after modification users can only read there files !! Thanks a lot for your help. Regards, -- Christophe Suire [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.4 ACL problem
You should set profile acls = no from smb.conf Here you are a tipical share: [FOO] profile acls = no path = /opt/foo write list = @, @bbb, @Administrators create mask = 660 directory mask = 770 comment = Foo share valid users = @aaa, @bbb, @Administrators inherit acls = yes map acl inherit = yes You have to launch winbind if the PDC is another SAMBA o WINDOWS server and do the rights configurations on /etc/nsswitch.conf. smb.conf winbind trusted domains only = yes idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes Il mar, 2004-07-13 alle 14:22, Christophe SUIRE ha scritto: Hi again, I have just see, that the problem is not link with the modification of the file. In fact this problem appear when Windows change ACL attribute, and i have found an other strange thing : A user jokic create a new text file. On the server i have : -rwxrwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt This file as no ACL, but first strange thing is own by root !!! On a second time, user jokic modify the attribute of the file and add a new user delestre to read this one. Now i have : -r--rwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt # file: Nouveau\040Texte\040seulement.txt # owner: root # group: informatique user::r-- user:delestre:r-x group::--- mask::rwx other::--- So the modification of the ACL attributes, add the new user with the correct right, but remove the write attribute to the primary user, and remove write and read to the primary group of the file !!! Please help me ! Hi, I have done a migration from Samba 2 to 3.0.4; and i have a very big problem with ACL. I have a file own by a user drif and group informatique with ACL attributes and unix attributes rwxrwx--- : -rwxrwx---+ 1 drif informatique68096 2004-07-13 11:01 fiche de migration.xls When an other user which is in informatique group modify this file, the new file is own by this user, but unix attribute for the user is set to read-only : -r--rwx---+ 1 jokic informatique68096 2004-07-13 11:01 fiche de migration.xls This problem appear only with files that have ACL attribute. In my smb.conf i have set for shares create mask = 0770 and force create mode = 0770, and with samba 2 it was working !! Please help me with this very big problem, .. after modification users can only read there files !! Thanks a lot for your help. Regards, -- Christophe Suire [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ Umberto Zanatta linuxDidattica tel: +39 (335) 54 71 385 email: [EMAIL PROTECTED] web: http://linuxdidattica.org ___ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Port 445 Port 139 banned
Wang.Hua wrote: Because of security reasons, my school has blocked tcp port 445 and 139. This make it impossible to for my window xp desktop to the remote samba service on Linux. Although the samba sercie on Linux and change its port by a -p option. But windows always look for 445 and 139 port. I've tried a lot of ways to work it out including local port redirection but none of them works. Is there a way for window xp to use a different port for smb service lookup. Any help is apprieciated. I'm assuming you're talking about within a college level campus here. You could always try to plug in a consumer router box to the school network and then put your machines behind it, it'd just be easier, and less of a hack to your systems. That would probably keep you away from both the rampant hax0r wannabes on most college campuses (at least around here) and an overly ambitious IT department that likes to think they own every student machine like they're on a corporate network. -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.4 ACL problem
The file server is the same as the PDC : linux / samba 3.0.4 So why i need to use winbind ? I need to use roming profile so i need to have profile acls = yes ? no ? Thanks a lot. -- Christophe Suire [EMAIL PROTECTED] Le 13 juil. 04, à 14:39, Umberto Zanatta a écrit : You should set profile acls = no from smb.conf Here you are a tipical share: [FOO] profile acls = no path = /opt/foo write list = @, @bbb, @Administrators create mask = 660 directory mask = 770 comment = Foo share valid users = @aaa, @bbb, @Administrators inherit acls = yes map acl inherit = yes You have to launch winbind if the PDC is another SAMBA o WINDOWS server and do the rights configurations on /etc/nsswitch.conf. smb.conf winbind trusted domains only = yes idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes Il mar, 2004-07-13 alle 14:22, Christophe SUIRE ha scritto: Hi again, I have just see, that the problem is not link with the modification of the file. In fact this problem appear when Windows change ACL attribute, and i have found an other strange thing : A user jokic create a new text file. On the server i have : -rwxrwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt This file as no ACL, but first strange thing is own by root !!! On a second time, user jokic modify the attribute of the file and add a new user delestre to read this one. Now i have : -r--rwx---+ 1 root informatique 62 2004-07-13 14:13 Nouveau Texte seulement.txt # file: Nouveau\040Texte\040seulement.txt # owner: root # group: informatique user::r-- user:delestre:r-x group::--- mask::rwx other::--- So the modification of the ACL attributes, add the new user with the correct right, but remove the write attribute to the primary user, and remove write and read to the primary group of the file !!! Please help me ! Hi, I have done a migration from Samba 2 to 3.0.4; and i have a very big problem with ACL. I have a file own by a user drif and group informatique with ACL attributes and unix attributes rwxrwx--- : -rwxrwx---+ 1 drif informatique68096 2004-07-13 11:01 fiche de migration.xls When an other user which is in informatique group modify this file, the new file is own by this user, but unix attribute for the user is set to read-only : -r--rwx---+ 1 jokic informatique68096 2004-07-13 11:01 fiche de migration.xls This problem appear only with files that have ACL attribute. In my smb.conf i have set for shares create mask = 0770 and force create mode = 0770, and with samba 2 it was working !! Please help me with this very big problem, .. after modification users can only read there files !! Thanks a lot for your help. Regards, -- Christophe Suire [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ Umberto Zanatta linuxDidattica tel: +39 (335) 54 71 385 email: [EMAIL PROTECTED] web: http://linuxdidattica.org ___ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profile Problem with ldap backend
[EMAIL PROTECTED] wrote: The Samba 3.0.5rc1 server is configured as a PDC. snip #WINBIND CONFIG winbind separator = + winbind use default domain = Yes winbind uid =1-2 winbind gid =1-2 #If i comment it then #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(560) # winbindd: idmap uid range missing or invalid #[2004/07/14 01:30:40, 0] nsswitch/winbindd_util.c:winbindd_param_init(561) # winbindd: cannot continue, exiting. # Could not init idmap -- netlogon proxy only # strange thing on 3.0.4 i don't need to write it winbind enum users = yes winbind enum groups = yes Firstoff, is there someplace that people get confused about the use of winbind/idmap? It is strictly for use ONLY with a windows AD server as your primary directory... well I guess maybe it would be used if you wanted to do some kind of wierd authentication against a different samba server, but why?!?! Anyways, start by removing all your idmap entries and that will clear up some log entries. password server= localhost This one too. This is for authenticating against some other server, like if you were simply a member of a domain using domain security. snip #LDAP STARTS HERE passdb backend = ldapsam:ldap://localhost ldap admin dn = cn=Manager,dc=liin,dc=org ldap server = localhost ldap port = 389 ldap suffix = dc=liin,dc=org ldap machine suffix = ou=people ldap user suffix = ou=people ldap group suffix = ou=groups # ldap filter = ((uid%=%U)(ObjectClass=sambaSamAccount)) #LDAP continue ldap idmap suffix = ou=Idmap idmap backend = ldap:ldap//localhost idmap uid = 1 - 2 idmap gid = 1 - 2 The 4 lines above should go too. snip the rest of smb.conf When i try to logon WinXP(pro) says: Windows cannot find the server profile and is logging you on with a temporart profile. or somenthing like that. I have russian copy of winxp. Next hi says: Windows cannot find the local profile and is logging you on with a temporart profile. (it because i removed c:\Documents and Settings\Default User) Problem n2: Problem With Winbind(or not?) [2004/07/14 01:59:55, 3] sam/idmap.c:idmap_init(131) idmap_init: using 'ldap' as remote backend [2004/07/14 01:59:55, 5] lib/smbldap.c:smbldap_search(931) smbldap_search: base = [ou=Idmap,dc=liin,dc=org], filter = [(objectclass=sambaUnixIdPool)], scope = [2] [2004/07/14 01:59:55, 10] lib/smbldap.c:smbldap_open_connection(543) smbldap_open_connection: ldap//localhost [2004/07/14 01:59:55, 0] lib/smbldap.c:smbldap_open_connection(546) ldap_initialize: Time limit exceeded [2004/07/14 01:59:55, 1] lib/smbldap.c:smbldap_retry_open(908) Connection to LDAP Server failed for the 1 try! Looks like you're failing to connect to your local server. You've got some confusion because of the multiple specifications here. Notice that this failure is complaining about being able to connect to ldap//localhost (see the missing colon?) You need to roto-till your smb.conf then try again. Get the idmap stuff out and see if your errors are more specific. Assuming you do all that and still have issues: Have you verified that your ldap setup is correct? That is: does your system authenticate fine against ldap or are you just trying to store samba in ldap? If you're just setting up one linux server then ldap is overkill for both system auth and samba, in that case stick to tdb. [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1646) fcntl_lock 7 13 0 1 1 [2004/07/14 01:59:55, 8] lib/util.c:fcntl_lock(1681) fcntl_lock: Lock call successful I use idealx smbldap-populate to fill ldap directory -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.4 ACL problem
Ok it works !! Thanks a lot ! Permissions are set correctly but i steel have a strange thing .. User which are Domains admins like root, when they create a new file, it's own by root. -- Christophe Suire [EMAIL PROTECTED] Le 13 juil. 04, à 14:56, Umberto Zanatta a écrit : Il mar, 2004-07-13 alle 14:46, Christophe SUIRE ha scritto: The file server is the same as the PDC : linux / samba 3.0.4 So why i need to use winbind ? You don't. I need to use roming profile so i need to have profile acls = yes ? no ? Actually, you're working in domain mode; I had same problem, and now the permissions are working. Thanks a lot. ___ Umberto Zanatta linuxDidattica tel: +39 (335) 54 71 385 email: [EMAIL PROTECTED] web: http://linuxdidattica.org ___ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Enabling account lockouts
The release notes indicate support for bad password lockout policy starting with version 3.0.3 but I can't figure out how to enable it. I didn't see anything in the docs about turning it on. I also tried looking through all the options by using swat in advanced mode. How do I enable bad password lockout policy? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winnt Scopy
Hallo Gurus! Sorry my English. I've got some strange problems with Samba-3.0.4. Wenn I try to copy Files from NT (with Scopy.exe) to one Mointmount on Samba, that provide error Invalid Destination X:\ I tested with fstype = ntfs or so but no way :( I see with Explorer the Mount Drive. Thanks for one Tip. Greetings Ruben Moretti -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.4 ACL problem
Did you have installed samba + ldap? It isn't strange; 'cos samba maps groups and users from Windows to Unix. when yuo map group Domain Admins - root or Administrators - root, it will map to uid = 0 and gid = 0; because user is unix administrator himself! You should try samba + ldap and do a difference uid from users Administrator and root (uid), so you'll haven't problem anymore. some people (me too, sic!) built administrator (into ldap) with uid=0 and gid=512 (ldap) and root with uid=0 and gid =0 (into passwd). The administrator should have SID: S--500 (root isn't a windows user), but if uid=0, It will be root and no administrator! Samba's working fine, but you need to use the groups Administrators or Domain Admins to modify acl. Don't worry about; because you should do 'setfacl' and modify the default mode, groups and users will have right access, even if root create the file. Il mar, 2004-07-13 alle 15:22, Christophe SUIRE ha scritto: Ok it works !! Thanks a lot ! Permissions are set correctly but i steel have a strange thing .. User which are Domains admins like root, when they create a new file, it's own by root. ___ Umberto Zanatta linuxDidattica tel: +39 (335) 54 71 385 email: [EMAIL PROTECTED] web: http://linuxdidattica.org ___ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Hello, I had the same problem as you and it took me a while to figure it out exactly. Ive now a RHL9 server running with Samba 3.0.4 as a domain member of a W2k3 realm. Actually I updated Kerberos to version 1.3.1-7 on my RHL9 server to achieve this; otherwise samba cant verify the incoming ticket. You are right; if you install the Kerberos 1.3.1 rpms with --force --nodeps, it will break the dependencies, but this is the only way to do it. After the update of the krb5 packages the libcom_err.so.3 dependency of other packages (example: httpd-2.0.40-21) is broken. A TEMPORARY workaround is to change to the /lib directory and make the following symbolic link: ln -fs libcom_err.so.2.0 libcom_err.so.3 (This restores the libcom_err.so.3 dependency of other packages after the krb5 update.) Now you can see if Samba 3.0.4 is working properly in a W2k3 realm. What you should do afterwards is to recompile all the packages (on the machine with the Kerberos 1.3.1 rpms installed) that had a dependency with the old Kerberos packages and install those new recompiled packages. Now all the packages (that had a dependency with the old Kerberos packages) have a new dependency to Kerberos 1.3.1. After that you can remove the symbolic link with libcom_err.so.3. This cost me several headaches too ;-) Regards, Alex. _ Play online games with your friends with MSN Messenger http://messenger.msn.nl/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winnt Scopy
Hi, On Tue, Jul 13, 2004 at 03:32:08PM +0200, Ruben Moretti wrote: Hallo Gurus! Sorry my English. I've got some strange problems with Samba-3.0.4. Wenn I try to copy Files from NT (with Scopy.exe) to one Mointmount on Samba, that provide error Invalid Destination X:\ I tested with fstype = ntfs or so but no way :( I see with Explorer the Mount Drive. This is fixed in 3.0.5rc1. Bye, Guenther -- Guenther Deschner, SerNet Service Network GmbH Phone: +49-(0)551-37-0, Fax: +49-(0)551-37-9 pgpFK7zQHgsdc.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.4 and kerberos 1.3.1
Hello, I had the same problem as you and it took me a while to figure it out exactly. Ive now a RHL9 server running with Samba 3.0.4 as a domain member of a W2k3 realm. Actually I updated Kerberos to version 1.3.1-7 on my RHL9 server to achieve this; otherwise samba cant verify the incoming ticket. You are right; if you install the Kerberos 1.3.1 rpms with --force --nodeps, it will break the dependencies, but this is the only way to do it. After the update of the krb5 packages the libcom_err.so.3 dependency of other packages (example: httpd-2.0.40-21) is broken. A TEMPORARY workaround is to change to the /lib directory and make the following symbolic link: ln -fs libcom_err.so.2.0 libcom_err.so.3 (This restores the libcom_err.so.3 dependency of other packages after the krb5 update.) Now you can see if Samba 3.0.4 is working properly in a W2k3 realm. What you should do afterwards is to recompile all the packages (on the machine with the Kerberos 1.3.1 rpms installed) that had a dependency with the old Kerberos packages and install those new recompiled packages. Now all the packages (that had a dependency with the old Kerberos packages) have a new dependency to Kerberos 1.3.1. After that you can remove the symbolic link with libcom_err.so.3. This cost me several headaches too ;-) Regards, Alex. _ Talk with your online friends with MSN Messenger http://messenger.msn.nl/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Permissions problem...I must be overlooking *something*...
I have a share I can't seem to create files on, and I can't figure out why. I get Access denied from Windows, and the samba log shows this: [2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293) open_directory: failing create on read-only share [2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293) open_directory: failing create on read-only share The share has the following definition: [webfiles] path = /var/www force group = INTERCLEAN+Domain Admins valid users = @INTERCLEAN+Domain Admins writable = yes read only = no Here are the permissions on /var/www: # file: www # owner: root # group: INTERCLEAN+Domain Admins user::rwx group::rwx other::r-x I'm in the Domain Admins group. Why doesn't this work? I'm sure there's something silly I'm overlooking, but I can't see what it is right now. --- David Brodbeck, System Administrator InterClean Equipment, Inc. 3939 Bestech Drive Suite B Ypsilanti, MI 48197 (734) 975-2967 x221 (734) 975-1646 (fax) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Join domain as BDC: could not get CRED
Greetings, I am following Tournier's Howto to configure Samb 3.x as domain controller. I use net rpc getsid -S pdc-name -W domain name to obtain the domain SID and configure smbldap-tools and created the backend database. (The SID is also saved on secrets.db on local machine) I joint this server to the domain successfully using, net rpc join -Uadministrator%password The srvmgr.exe can see it joined the domain as a BDC. But when I try to synchronize the domain controllers using net rpc vampire -Uadministratorpassword It faied with Can not get CRED or something like it. Waht did I do wrong? Please reply to my E-mail account at [EMAIL PROTECTED] -- Kang -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.5pre1 - 3.0.5rc1 breaks winbindd group lookup with spaces
When upgrading our test system from 3.0.5pre1 to 3.0.5rc1 with identical configurations we found that one share using a group name with an embedded space was no longer accessible after the upgrade. Here's an example of the logged error message: [2004/07/13 10:50:07, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298) group 'Domain in domain TESTDOM does not exist That's coming from a service specified thusly in smb.conf: [sdisk$] path = /disk1/sdisk writable = yes admin users = @'Domain Users' It appears that the group name is being broken apart at the embedded space in 3.0.5rc1 but when we revert to 3.0.5pre1 things work nicely again. -Matt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Permissions problem...I must be overlooking *something*...
Hi David, First of all I'll suggest the obvious (probably not your problem here, but it's worth a shot). You've probably only put them in because of the problem you're having, but writeable/writable and read only are actually the same setting but reversed. E.g. writeable/writable = yes is the same as read only = no. Therefore you only need to put one or the other. If you stick to only using one it can make your smb.conf easier to read. This won't be causing the problem, it's just a bit of config file snobbery ;) Anyway, onto my suggestion. Have you restarted samba since you made the share writeable? Also, if you're forcing group INTERCLEAN+Domain Admins and setting valid users to the same, won't everyone be able to write to the share as a domain admin? Seems a bit like a security risk to me, but then I'm sure you've a good reason why you've done this. I hope this helps, Mark Lidstone IT and Network Support Administrator BMT SeaTech Ltd Grove House, Meridians Cross, 7 Ocean Way Ocean Village, Southampton. SO14 3TJ. UK Tel: +44 (0)23 8063 5122 Fax: +44 (0)23 8063 5144 E-Mail: mailto:[EMAIL PROTECTED] Website: www.bmtseatech.co.uk == Confidentiality Notice and Disclaimer: The contents of this e-mail and any attachments are intended only for the use of the e-mail addressee(s) shown. If you are not that person, or one of those persons, you are not allowed to take any action based upon it or to copy it, forward, distribute or disclose the contents of it and you should please delete it from your system. BMT SeaTech Limited does not accept liability for any errors or omissions in the context of this e-mail or its attachments which arise as a result of Internet transmission, nor accept liability for statements which are those of the author and not clearly made on behalf of BMT SeaTech Limited. == -Original Message- From: David Brodbeck [mailto:[EMAIL PROTECTED] Sent: 13 July 2004 15:56 To: '[EMAIL PROTECTED]' Subject: [Samba] Permissions problem...I must be overlooking *something*... I have a share I can't seem to create files on, and I can't figure out why. I get Access denied from Windows, and the samba log shows this: [2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293) open_directory: failing create on read-only share [2004/07/13 10:52:26, 2] smbd/open.c:open_directory(1293) open_directory: failing create on read-only share The share has the following definition: [webfiles] path = /var/www force group = INTERCLEAN+Domain Admins valid users = @INTERCLEAN+Domain Admins writable = yes read only = no Here are the permissions on /var/www: # file: www # owner: root # group: INTERCLEAN+Domain Admins user::rwx group::rwx other::r-x I'm in the Domain Admins group. Why doesn't this work? I'm sure there's something silly I'm overlooking, but I can't see what it is right now. --- David Brodbeck, System Administrator InterClean Equipment, Inc. 3939 Bestech Drive Suite B Ypsilanti, MI 48197 (734) 975-2967 x221 (734) 975-1646 (fax) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
FW: [Samba] Re: Access Denied touching shared CUPS printer
After much trying I have finally got this to work and I'm slightly embarassed to admit that the old RTFM tripped me up. In the Samba 3 HOWTO - the official one, rather than the draft I was originally using - it states quite clearly that to get point 'n' print to work use client driver needs to be set to no in the [global] section of smb.conf, and the samba daemons restarted so that the APW will work. However you will need to change this back to yes on completion and restart the daemons again. During this process you may get Access Denied errors. I'm not sure if the rpcclient method works but it was pleasing to get point 'n' print to work as smoothly as it should. Apart from this difficulty, raw printing via Cups is very reliable, the only problem we seem to have is with a Tally printer's internal print server which is flaky under both NT and Samba. Regards, Chris Christopher Moss Murray McIntosh O'Brien Wellesley House 204 London Road Waterlooville PO7 7AN 023 9223 1006 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Lueck Sent: 09 July 2004 18:43 To: [EMAIL PROTECTED] Subject: [Samba] Re: Access Denied touching shared CUPS printer Most Ugly! In Google'ing around it seems this Access Denied is a known issue with Win2K/XP clients, CUPS printers, etc... So, use printerui.dll to force install the printer driver and assign to a local LPT1 port. Add a port registry key, and the update the port in two spots under the printer instance. Finally stop/start the spooler task. Scrptable yet ugly. Most Ugly! Ah, Samba team... does this topic need some pizza applied to it? Please advise. What's the bug anyway? Something to do with CUPS? It seems there are not lots of people bumping into this, thus makes me think other printing methods are not affected. I was quite pleased with HOW EASY this setup was going along, until slamming into the Access Denied issue. RAW spooling looked way cool, Samba enum'ing the CUPS queues, etc... -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Disclaimer Privileged or confidential information may be contained in this message. If you are not the addressee of this message please notify the sender by return and delete it, and you may not use, copy, disclose or rely on the information contained in it. Internet e-mail may be susceptible to data corruption, interception and unauthorised amendment for which Murray McIntosh O'Brien does not accept liability. Likewise whilst we have taken reasonable precautions to ensure that this e-mail and any attachments have been swept for viruses, Murray McIntosh O'Brien does not accept liability for any losses caused as a result of viruses. Statements in this message that do not relate to the business of Murray McIntosh O'Brien are neither given nor endorsed by it or the Directors of Murray McIntosh O'Brien. A list of the Directors of Murray McIntosh O'Brien is available for inspection at our offices. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Permissions problem...I must be overlooking *somethin g*...
-Original Message- From: Mark Lidstone [mailto:[EMAIL PROTECTED] You've probably only put them in because of the problem you're having, but writeable/writable and read only are actually the same setting but reversed. E.g. writeable/writable = yes is the same as read only = no. Therefore you only need to put one or the other. Yes, I know. I originally only had writable = yes, but I added the other out of frustration with Samba insisting the share is read-only. Anyway, onto my suggestion. Have you restarted samba since you made the share writeable? Yes, I sent the HUP signal to the daemon to tell it to re-load its configuration file. Also, if you're forcing group INTERCLEAN+Domain Admins and setting valid users to the same, won't everyone be able to write to the share as a domain admin? Would they? I figured only Domain Admins would be allowed to access the share at all, then the force group would take effect after that. I took the force group line out, but it made no difference, I still can't create any files. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: FW: Re: Access Denied touching shared CUPS printer
Are you refering to the printed book John Terpstra put out? OK, so I allow it to download the driver, then I don't get the error? And for what support exactly do I need to change it back to to = yes? Flipping this on the server from this to that to break one thing and fix another seems more than a bit annoying... especially when I like to work myself out of manual administrative tasks! ;-) -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error loading LDAP functions, even though they are compiled in
Hi, I'm trying to use LDAP as my passdb backend, but having no luck, seemingly because the LDAP code doesn't load, even though I have compiled in LDAP support. I am getting the following error: [2004/07/13 07:58:29, 2] passdb/pdb_interface.c:make_pdb_methods_name(654) No builtin backend found, trying to load plugin [2004/07/13 07:58:29, 3] lib/module.c:do_smb_load_module(46) Error loading module '/usr/lib/samba/pdb/ldap.so': /usr/lib/samba/pdb/ldap.so: cannot open shared object file: No such file or directory [2004/07/13 07:58:29, 0] passdb/pdb_interface.c:make_pdb_methods_name(664) No builtin nor plugin backend for ldap found [2004/07/13 07:58:29, 1] passdb/pdb_interface.c:make_pdb_context_list(765) Loading ldap:ldaps://ldap3 failed! It seems to say that builtin support isn't found, even though I compiled it in. I was originally using the Fedora RPM, but have also tried compiling myself using --with-ldap. In either case, smbd reports that it is built in. A snippet from smbd -b: Builtin modules: pdb_ldap pdb_smbpasswd pdb_tdbsam pdb_guest rpc_lsa rpc_reg rpc_lsa_ds rpc_wks rpc_net rpc_dfs rpc_srv rpc_spoolss rpc_samr idmap_ldap idmap_tdb auth_rhosts auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin I think that pdb_ldap is what should be giving me this support, but to no avail so far. The RPM version I'm using was 3.0.3, and I compiled myself using 3.0.4. Does anyone have any ideas? I'm having no luck. Any help would be greatly appreciated. Thanks, Kyle -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permission error on /etc/samba/private/secrets.tdb
On Tue, Jul 13, 2004 at 11:16:23AM +0200, Heinrich Rebehn wrote: Hi list, I have a strange permission problem with secrets.tdb on an nfs mounted filesystem. A strace of smbd shows the following lines: open(/etc/samba/private/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 4 fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1}, 0xb010) = -1 EACCES (Permission denied) /etc/samba/private/secrets.tdb is a link to /var/etc/samba/private/secrets.tdb which in turn is a link to /cluster/bremerhaven/secrets.tdb, which is on an nfs mounted filesystem. This setup is because the root fs is readonly and /var is volatile (tmpfs). root has full access on /cluster and it also does not help if i set secrets.tdb's permissions to 0666. Are there known issues with the fcntl64 call? Would upgrading to kernel 2.6.x help? Try not to put tdb files on an nfs mount. Some servers (Solaris as I remember) have issues with doing fcntl locks on an mmapped file. By issues I mean it doesn't work :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with 3.0.5 rc1
Hi All, I have been having problems with the known issue on 3.0.4 with NTBackup and a DFS related issue. Therefore I decided to give 3.0.5rc1 a go, as SuSE have released the rpms on their website. Once I installed the rpms, I found that all daemons started correctly, but all domain authentication failed (I am running a samba server as a member server against a Windows 2000 mixed mode domain). 'getent group' did return a correct list of all the groups, so there was at least some level of connectivity (nscd was stopped). I tried to rejoin the domain, but now joining the domain failed. When I reverted back to 3.0.4, I joined the domain with no troubles, but back to my old problem with NTbackup. [global] workgroup = FOO server string = Samba Server security = DOMAIN map to guest = Bad User obey pam restrictions = Yes restrict anonymous = 2 log level = 8 time server = Yes socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY os level = 2 local master = No domain master = No ldap ssl = no host msdfs = Yes idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind use default domain = No admin users = '@Foo\Domain mailto:'@Foo\Domain Admins' veto files = /*.eml/*.nws/riched20.dll/*.{*}/ The bits of the log which seem relevant are below, but I can send a whole log if necessary: [2004/07/13 12:37:41, 5] rpc_client/cli_pipe.c:rpc_auth_pipe(212) rpc_auth_pipe: pkt_type: 2 len: 80 auth_len: 32 NTLMSSP No schannel Yes sign Y es seal No [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_debug(82) 00 smb_io_rpc_hdr_auth auth_hdr [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8(577) auth_type : 44 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8(577) 0001 auth_level : 05 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8(577) 0002 padding : 00 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8(577) 0003 reserved : 00 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint32(635) 0004 auth_context : 0001 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_debug(82) 08 smb_io_rpc_auth_netsec_chk schannel_auth_sign [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8s(722) 0008 sig : 77 00 ff ff ff ff 00 00 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8s(722) 0010 seq_num: 76 e0 83 6f 0c f0 2a 4d [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8s(722) 0018 packet_digest: 1c 0f 31 ef 79 43 0d 03 [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint8s(722) 0020 confounder: 00 00 00 00 00 00 00 00 [2004/07/13 12:37:41, 6] rpc_client/cli_pipe.c:rpc_api_pipe(525) rpc_api_pipe: fragment first and last both set [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_debug(82) 18 lsa_io_r_enum_trust_dom [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint32(635) 0018 enum_context : [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint32(635) 001c num_domains : [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_uint32(635) 0020 ptr_enum_domains: [2004/07/13 12:37:41, 5] rpc_parse/parse_prs.c:prs_ntstatus(665) linux:/home/susie # vi /var/log/samba/log.winbindd [2004/07/13 12:18:57, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(290) cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED [2004/07/13 12:18:57, 6] lib/util_sock.c:write_socket(449) write_socket(22,45) [2004/07/13 12:18:57, 6] lib/util_sock.c:write_socket(452) write_socket(22,45) wrote 45 [2004/07/13 12:18:57, 5] lib/util.c:show_msg(443) [2004/07/13 12:18:57, 5] lib/util.c:show_msg(453) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=18433 smb_pid=2395 smb_uid=28673 smb_mid=8 smt_wct=0 smb_bcc=0 [2004/07/13 12:18:57, 3] nsswitch/winbindd_cm.c:cm_open_connection(367) schannel refused - continuing without schannel (NT_STATUS_ACCESS_DENIED) Thanks in advance Olly -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.5pre1 - 3.0.5rc1 breaks winbindd group lookup with spaces
On Tue, Jul 13, 2004 at 11:26:45AM -0400, Matthew Moffitt wrote: When upgrading our test system from 3.0.5pre1 to 3.0.5rc1 with identical configurations we found that one share using a group name with an embedded space was no longer accessible after the upgrade. Here's an example of the logged error message: [2004/07/13 10:50:07, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298) group 'Domain in domain TESTDOM does not exist That's coming from a service specified thusly in smb.conf: [sdisk$] path = /disk1/sdisk writable = yes admin users = @'Domain Users' It appears that the group name is being broken apart at the embedded space in 3.0.5rc1 but when we revert to 3.0.5pre1 things work nicely again. Quick fix - change the ' characters to characters. I know what this change was. I'll take a look at what needs to change for 3.0.5 final. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with 3.0.5 rc1
On Tue, Jul 13, 2004 at 05:09:00PM +0100, olly wrote: Hi All, I have been having problems with the known issue on 3.0.4 with NTBackup and a DFS related issue. Therefore I decided to give 3.0.5rc1 a go, as SuSE have released the rpms on their website. Once I installed the rpms, I found that all daemons started correctly, but all domain authentication failed (I am running a samba server as a member server against a Windows 2000 mixed mode domain). 'getent group' did return a correct list of all the groups, so there was at least some level of connectivity (nscd was stopped). I tried to rejoin the domain, but now joining the domain failed. When I reverted back to 3.0.4, I joined the domain with no troubles, but back to my old problem with NTbackup. [global] workgroup = FOO server string = Samba Server security = DOMAIN map to guest = Bad User obey pam restrictions = Yes restrict anonymous = 2 log level = 8 time server = Yes socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY os level = 2 local master = No domain master = No ldap ssl = no host msdfs = Yes idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind use default domain = No admin users = '@Foo\Domain mailto:'@Foo\Domain Admins' veto files = /*.eml/*.nws/riched20.dll/*.{*}/ The bits of the log which seem relevant are below, but I can send a whole log if necessary: Quick test - try changing ' character separators to in the smb.conf. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Migrating from a WinNT 4 PDC to Samba 3 PDC Troubles
Craig, Following your response as well as your response to Eric, I've tried changing a few things in my config as well as the order of the steps. Unfortunately I'm still having problems. Clearing my .tdbs (w/o Samba running) I've done: * net rpc setsid -S MABSERVE1 -W MAB -UAdministrator%secret (and the SID shows up in secrets.tdb). * net rpc join -S MABSERVE1 -W MAB -UAdministrator%secret (and the machine successfully adds to the domain; looking at secrets.tdb we have a number of things including the domain SID and the Machine trust account hash) *If I then run net rpc vampire -S MABSERVE1 -UAdministrator%secret -d 4 I get the following (clipped following the parsing of the smb.conf) output: [2004/07/13 11:56:30, 4] param/loadparm.c:lp_load(3917) pm_process() returned Yes [2004/07/13 11:56:30, 2] lib/interface.c:add_interface(79) added interface ip=192.168.1.251 bcast=192.168.1.255 nmask=255.255.255.0 [2004/07/13 11:56:30, 3] libsmb/namequery.c:resolve_lmhosts(857) resolve_lmhosts: Attempting lmhosts lookup for name MABSERVE10x20 [2004/07/13 11:56:30, 4] libsmb/namequery.c:startlmhosts(547) startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory [2004/07/13 11:56:30, 3] libsmb/namequery.c:resolve_wins(755) resolve_wins: Attempting wins lookup for name MABSERVE10x20 [2004/07/13 11:56:30, 3] libsmb/namequery.c:resolve_wins(758) resolve_wins: WINS server resolution selected and no WINS servers listed. [2004/07/13 11:56:30, 3] libsmb/namequery.c:resolve_hosts(902) resolve_hosts: Attempting host lookup for name MABSERVE10x20 [2004/07/13 11:56:31, 3] libsmb/namequery.c:name_resolve_bcast(697) name_resolve_bcast: Attempting broadcast lookup for name MABSERVE10x20 [2004/07/13 11:56:31, 4] libsmb/nmblib.c:debug_nmb_packet(109) nmb packet from 192.168.1.253(137) header: id=30028 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=MABSERVE120 rr_type=32 rr_class=1 ttl=30 answers 0 char `. hex 6000C0A801FD [2004/07/13 11:56:31, 2] libsmb/namequery.c:name_query(491) Got a positive name query response from 192.168.1.253 ( 192.168.1.253 ) [2004/07/13 11:56:31, 3] libsmb/cliconnect.c:cli_start_connection(1373) Connecting to host=MABSERVE1 [2004/07/13 11:56:31, 3] lib/util_sock.c:open_socket_out(735) Connecting to 192.168.1.253 at port 445 [2004/07/13 11:56:31, 2] lib/util_sock.c:open_socket_out(772) error connecting to 192.168.1.253:445 (Connection refused) [2004/07/13 11:56:31, 3] lib/util_sock.c:open_socket_out(735) Connecting to 192.168.1.253 at port 139 [2004/07/13 11:56:31, 4] lib/time.c:get_serverzone(122) Serverzone is 14400 Cannot import users from MAB at this time, as the current domain: MABSERVE3: S-1-5-21-763135753-2099275703-424145120 conflicts with the remote domain MAB: S-1-5-21-1430529950-745024717-1233803906 Perhaps you need to set: security=user workgroup=MAB in your smb.conf? [2004/07/13 11:56:31, 1] utils/net_rpc.c:run_rpc_command(141) rpc command function failed! (NT_STATUS_UNSUCCESSFUL) [2004/07/13 11:56:31, 2] utils/net.c:main(792) return code = 1 * If I run net setlocalsid S-1-5-21-1430529950-745024717-1233803906 and then * net rpc vampire -S MABSERVE1 -UAdministrator%secret -d 4 I get the following output (again starting after processing of smb.conf; also I've x'd out the challenge/response strings) [2004/07/13 11:58:41, 4] param/loadparm.c:lp_load(3917) pm_process() returned Yes [2004/07/13 11:58:41, 2] lib/interface.c:add_interface(79) added interface ip=192.168.1.251 bcast=192.168.1.255 nmask=255.255.255.0 [2004/07/13 11:58:41, 3] libsmb/cliconnect.c:cli_start_connection(1373) Connecting to host=MABSERVE1 [2004/07/13 11:58:41, 3] lib/util_sock.c:open_socket_out(735) Connecting to 192.168.1.253 at port 445 [2004/07/13 11:58:41, 2] lib/util_sock.c:open_socket_out(772) error connecting to 192.168.1.253:445 (Connection refused) [2004/07/13 11:58:41, 3] lib/util_sock.c:open_socket_out(735) Connecting to 192.168.1.253 at port 139 [2004/07/13 11:58:41, 4] lib/time.c:get_serverzone(122) Serverzone is 14400 [2004/07/13 11:58:41, 4] passdb/secrets.c:secrets_fetch_trust_account_password(260) Using cleartext machine password [2004/07/13 11:58:41, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45) cli_net_req_chal: LSA Request Challenge from MABSERVE3 to MABSERVE1: [2004/07/13 11:58:41, 4] libsmb/credentials.c:cred_session_key(59) cred_session_key [2004/07/13 11:58:41, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/07/13 11:58:41, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102) cli_net_auth2: srv:\\MABSERVE1 acct:MABSERVE3$ sc:2 mc: MABSERVE3 chal neg: [2004/07/13 11:58:41, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/07/13 11:58:41, 4]
Re: [Samba] 3.0.5pre1 - 3.0.5rc1 breaks winbindd group lookup with spaces
Perfect. I guess updating the man page would suffice if the code changes are complex. Switching to double quotes is working for me, thanks, -Matt Jeremy Allison wrote: On Tue, Jul 13, 2004 at 11:26:45AM -0400, Matthew Moffitt wrote: When upgrading our test system from 3.0.5pre1 to 3.0.5rc1 with identical configurations we found that one share using a group name with an embedded space was no longer accessible after the upgrade. Here's an example of the logged error message: [2004/07/13 10:50:07, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298) group 'Domain in domain TESTDOM does not exist That's coming from a service specified thusly in smb.conf: [sdisk$] path = /disk1/sdisk writable = yes admin users = @'Domain Users' It appears that the group name is being broken apart at the embedded space in 3.0.5rc1 but when we revert to 3.0.5pre1 things work nicely again. Quick fix - change the ' characters to characters. I know what this change was. I'll take a look at what needs to change for 3.0.5 final. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind?
I've been fighting with winbind for several months now have yet to get it to work according to the documentation. I've got a Samba 3.0.4 PDC, named PDC, running on a Debian linux box, and I'm trying to add a second linux box, FCSPRTSRV. I can successful join the domain using net rpc join -U dharknes and at the point I can access the samba server resources, I can do a ntlm_auth --username dharknes and that works, and wbinfo -t succeeds. But if I try to use winbind in pam or nss then it fails. wbinfo -u or -g both fail and wbinfo -m lists BUILTIN and FCSPRTSRV but not the UMD domain. If I do a winbind -i then I get the following out put. Added domain UMD S-0-0 Added domain BUILTIN S-1-5-32 Added domain FCSPRTSRV S-1-5-21-3155517584-1503604126-1704732448 I'm just guessing but shouldn't the first line list the sid for the domain? Here is the PDC config. [global] workgroup = UMD netbios name = PDC password server = * nt status support = yes lanman auth = no wide links = no time server = Yes server signing = auto load printers = No add machine script = /usr/sbin/dadduser %m$ domain logons = Yes os level = 36 security = user local master = Yes preferred master = Yes domain master = Yes wins server = x1d.its.umd.umich.edu idmap uid = 10-20 idmap gid = 10-20 winbind trusted domains only = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 Here is the domain member server config. [global] workgroup = UMD wins server = x1d.its.umd.umich.edu name resolve order = host wins encrypt passwords = yes security = DOMAIN password server = PDC invalid users = root printing = cups printcap name = cups socket options = TCP_NODELAY idmap uid = 10-20 idmap gid = 10-20 winbind enum users = yes winbind enum groups = yes winbind separator = + winbind cache time = 15 winbind use default domain = yes template shell = /bin/bash It is easier to fix Unix than to live with NT. PGP.sig Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP and Domain
Hi to all, I'm configuring a samba server to act as Windows Domain Server through ldap, I've created the users for the domain, and seems to work fine when I'm not trying to log against the domain, (I tried with smbclient and mac os x). The problem is when I'm trying to add a windows machine to the domain, it ask me the login/password, I give one of administrator (smbportia), but reading the ldap debug (slapd -d 255) I think it's not matching the administrator group type or somehing, my data: dn: uid=smbportia,ou=People,dc=deimos,dc=danguer,dc=com uid: smbportia cn: smbportia objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount objectClass: sambaSamAccount userPassword:: e2NyeXB0fSQxJDhuQlozZVhRJENxR0VCdG1uZXdxbms3U2hjWTFMMS4= shadowLastChange: 12612 shadowMax: 9 shadowWarning: 7 loginShell: /bin/bash uidNumber: 1002 homeDirectory: /home/smbportia gecos: ,,, structuralObjectClass: account entryUUID: bddf3fa4-6938-1028-91b2-88a002fe7a63 creatorsName: cn=admin,dc=deimos,dc=danguer,dc=com createTimestamp: 20040713165216Z sambaSID: S-1-0-0-3004 displayName: ,,, sambaPwdCanChange: 1089737666 sambaPwdMustChange: 2147483647 sambaLMPassword: 837FF6FF6B2CD9BBAAD3B435B51404EE sambaNTPassword: BF375DCCA5C6EC78C4E0DE1C2728DEEB sambaPwdLastSet: 1089737666 sambaDomainName: DANGUERTONIA gidNumber: 1002 sambaPrimaryGroupSID: S-1-5-21-0-512 sambaAcctFlags: [UX ] entryCSN: 2004071317:29:49Z#0x0001#0# modifiersName: cn=admin,dc=deimos,dc=danguer,dc=com modifyTimestamp: 20040713172949Z dn: cn=smbadmins,ou=Group,dc=deimos,dc=danguer,dc=com objectClass: posixGroup objectClass: top objectClass: sambaGroupMapping cn: smbadmins userPassword:: e2NyeXB0fXg= structuralObjectClass: posixGroup entryUUID: d7a87806-6938-1028-91b3-88a002fe7a63 creatorsName: cn=admin,dc=deimos,dc=danguer,dc=com createTimestamp: 20040713165300Z description: Local Unix group gidNumber: 1002 displayName: Domain Admins sambaSID: S-1-5-21-0-512 sambaGroupType: 2 memberUid: S-1-0-0 entryCSN: 2004071317:44:51Z#0x0001#0# modifiersName: cn=admin,dc=deimos,dc=danguer,dc=com modifyTimestamp: 20040713174451Z I added the memberUID trying to get the domain: dn: sambaDomainName=DANGUERTONIA,dc=deimos,dc=danguer,dc=com objectClass: sambaDomain sambaDomainName: DANGUERTONIA sambaSID: S-1-0-0 structuralObjectClass: sambaDomain entryUUID: e2832e72-68ef-1028-9b3e-b3f540fb5850 creatorsName: cn=admin,dc=deimos,dc=danguer,dc=com createTimestamp: 20040713081045Z entryCSN: 2004071308:10:45Z#0x0001#0# modifiersName: cn=admin,dc=deimos,dc=danguer,dc=com modifyTimestamp: 20040713081045Z any suggestions? (I'm using samba 3.0a in a Debian testing box) Thanks in advance +-+-+-+-+-+-+-+-+-+-+-+-+-+ No te pido que hagas una búsqueda en Google por mi. Eso ya lo hice!!! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Antwort: Re: [Samba] 3.0.4: smbd's + nscd's = 100% CPU; load 4
Bingo! It is exactly the same case. Two user names were spelled out slightly wrong in the /etc/group. As a consequence, under certain circumstances the smbd process keeps trying to resolve the name and doesn't take no from nscd for an answer. Each smbd process is looping around these 5 system calls: 1) create a socket, 2) connect to nscd's socket, 3) write the mis-spelled name, 4) read negative answer 5) close socket: socket(PF_UNIX,SOCK_STREAM,0)=26 connect(26,{sa_family=AF_UNIX,path=/var/run/.nscd_socket},110)=0 writev(26,[{\2\0...\0\22\0...,12},{GeorgeDubbyaBusch\0,18}],2)=30 read(26,\2\0\0\...\0\377\377\377\377\377\377...,36)=36 close(26)=0 and the nscds spin like this poll({fd=3,events=POLLRDNORM,revents=POLLRDNORM}],1,-1)=1 accept(3,,NULL)=9 read(9,\2\0\0\0\0\0\0\0\22\0\0\0,12)=12 read(9,GeorgeDubbyaBusch\0,18)=18 write(9,\2\0\...\0\377\377\377\377\377\377...,36=36 close(9)=0 Since both mis-spelled names are among the earliest user names in 2 most frequently used groups (one is users), it's hard to tell why the smbd processes spin out of control so infrequently. Jeremy will know more about that. Ok, looking at the code in 3.0 there is no loop around the lookup for a bad user name. The code in question is here: for (gr = grp-gr_mem; (*gr != NULL) ((*gr)[0] != '\0'); gr += 1) { struct passwd *pw = getpwnam(*gr); if (pw == NULL) continue; add_uid_to_array_unique(pw-pw_uid, uids, num); } Note that if pw == NULL then the name should be skipped and the next entry examined. This code is not looping on bad lookups within smbd. Is it possible to attach to the smbd in question with gdb and walk through this code with a bad username in the group entry list and see if the getpwnam call ever returns NULL or just loops inside glibc ? I checked my /etc/group for irregular entries and repaired all of them. Since then the problem didn't occur any more. Even so it wasn't very frequent. I still have a bunch of strace logs of smbd and of nscd. Cann I upload it somewhere for you if you can use it? Or do you suggest to replant the erroneous entries and wait for the loop ? Cheers - Diese E-Mail könnte vertrauliche und/oder rechtlich geschützte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-3.0.4 - PANIC: Could not generate a machine SID
Searching the archives for a solution to this problem revealed no solution. Recently I built Samba-3.0.4 from downloaded source on a computer running Solaris 8. I wish to have this computer join a Windows NT 4.0 domain (as only a member.) I have another computer currently running Samba-2.0.7 as a member in this domain. (The goal is to have Samba-3.0.4 replace Samba-2.0.7.) After a successful build, I copied the Samba-2.0.7 smb.conf to Samba-3.0.4 and changed the necessary identification statements. (testparm runs clean.) If needed, I will post smb.conf. Key smb.conf statements: security = domain encrypt passwords = yes password server = xyzzy Samba is started via (complete path not shown): .../nmbd -D .../smbd -D # ls -ald /usr/local/samba/private drwxr-xr-x 2 root other 4096 Jul 12 17:23 /usr/local/samba/private # ls -l /usr/local/samba/private/secrets.tdb -rw--- 1 root root8192 Jul 13 13:32 /usr/local/samba/private/secrets.tdb smbd repeatedly fails producing the following messages in the log: [2004/07/13 12:50:24, 0] tdb/tdbutil.c:tdb_log(725) tdb(/SOURCES/samba-3.0.4/private/secrets.tdb): tdb_lock failed on list 30 ltype=1 (Resource temporarily unavailable) [2004/07/13 12:50:24, 0] tdb/tdbutil.c:tdb_log(725) tdb(/SOURCES/samba-3.0.4/private/secrets.tdb): tdb_lock failed on list 30 ltype=2 (Resource temporarily unavailable) [2004/07/13 12:50:24, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176) pdb_generate_sam_sid: Failed to store generated machine SID. [2004/07/13 12:50:24, 0] lib/util.c:smb_panic2(1398) PANIC: Could not generate a machine SID [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(36) === [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 6 in pid 24581 (3.0.4) Please read the appendix Bugs of the Samba HOWTO collection [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(39) === [2004/07/13 12:50:24, 0] lib/util.c:smb_panic2(1398) PANIC: internal error Thanks, in advance, for any help that you may offer. Mike Box -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permission error on /etc/samba/private/secrets.tdb
Jeremy Allison wrote: On Tue, Jul 13, 2004 at 11:16:23AM +0200, Heinrich Rebehn wrote: Hi list, I have a strange permission problem with secrets.tdb on an nfs mounted filesystem. A strace of smbd shows the following lines: open(/etc/samba/private/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600) = 4 fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1}, 0xb010) = -1 EACCES (Permission denied) /etc/samba/private/secrets.tdb is a link to /var/etc/samba/private/secrets.tdb which in turn is a link to /cluster/bremerhaven/secrets.tdb, which is on an nfs mounted filesystem. This setup is because the root fs is readonly and /var is volatile (tmpfs). root has full access on /cluster and it also does not help if i set secrets.tdb's permissions to 0666. Are there known issues with the fcntl64 call? Would upgrading to kernel 2.6.x help? Try not to put tdb files on an nfs mount. Some servers (Solaris as I remember) have issues with doing fcntl locks on an mmapped file. By issues I mean it doesn't work :-). Jeremy. Thanks for your reply. Unfortunately i do not have any other option on a diskless machine. I could copy it to tmpfs at boot time, but that would require copying it back on shutdown. The good news, however, is that it works with kernel 2.6.7, so maybe it's not a server's problem but a linux problem (or both). Yet smbd still complains that it can't set permission 0600 on secrets.tdb which still does not make sense. Anyhow, samba does work now. --Heinrich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with Authnication from NT
Hi Samba Guru's... I have a problem connecting from a windows NT workstation to Samba server. It is working fine for Windows XP and Windows 2000. Samba not logging any information about that Windows NT m/c. Here i am giving the smb.conf file. Please try to help me to work it for Win NT also. Here is my Configuration file. Thanks in advance for any help. # Global Parameters [global] netbios name = avengr03 workgroup = avengr03 map to guest = Bad User passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password %n\n *passwd:*all*authentication*tokens*updated*sucessfully* # Debug Logging Information Log Level = 2 max log size = 1000 # log file = /var/log/samba/samba.log.%m socket options = TCP_NODELAY IPTOS_LOWDELAY wins support = yes # Networking configuration Options Hosts Allow = *.*.*.* [Proj1] comment = Proj1 directory path = /engr/proj1 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins [Proj2] comment = Proj2 directory path = /engr/proj2 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] posixAccount for Machines in LDAP?
Hello, I have a question about machine accounts. I using Samba 3.0, OpenLDAP 2.1.30 and Berkeley 4.2.52 on backend on RedHat machines. I also have 3 slave/BDC's and 1 master/PDC Right now all of my users and groups exist entirely in the LDAP directory. I have a few accounts in addition to the normal system accounts that are used for emergency access. All authention and group enumeration uses PAM_LDAP with NSS_LDAP. My question is that when I have a machine join the domain, in the LDAP directory an objectclass Account and sambaSAMAccount are created. I still need to create a machine account in /etc/passwd for this to happen. Is there anyone out there that is first creating a posixAccount with appropriate attributes in LDAP then using the Samba/Windows to generate the sambaSAMAccount object and attributes in LDAP also? I was so happy to get all of the user/group stuff consolidated into the directory. Now I see that this is a possibility also but I haven't tried it. Kent N Wareham Public Schools -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] posixAccount for Machines in LDAP?
[EMAIL PROTECTED] wrote: Hello, I have a question about machine accounts. I using Samba 3.0, OpenLDAP 2.1.30 and Berkeley 4.2.52 on backend on RedHat machines. I also have 3 slave/BDC's and 1 master/PDC Right now all of my users and groups exist entirely in the LDAP directory. I have a few accounts in addition to the normal system accounts that are used for emergency access. All authention and group enumeration uses PAM_LDAP with NSS_LDAP. My question is that when I have a machine join the domain, in the LDAP directory an objectclass Account and sambaSAMAccount are created. I still need to create a machine account in /etc/passwd for this to happen. Is there anyone out there that is first creating a posixAccount with appropriate attributes in LDAP then using the Samba/Windows to generate the sambaSAMAccount object and attributes in LDAP also? You shouldn't need anything in /etc/passwd. Perhaps by posting an smb.conf you could be pointed in the right direction. I was so happy to get all of the user/group stuff consolidated into the directory. Now I see that this is a possibility also but I haven't tried it. Kent N Wareham Public Schools -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Antwort: Re: [Samba] 3.0.4: smbd's + nscd's = 100% CPU; load 4
On Tue, Jul 13, 2004 at 07:52:30PM +0200, [EMAIL PROTECTED] wrote: I checked my /etc/group for irregular entries and repaired all of them. Since then the problem didn't occur any more. Even so it wasn't very frequent. I still have a bunch of strace logs of smbd and of nscd. Cann I upload it somewhere for you if you can use it? Or do you suggest to replant the erroneous entries and wait for the loop ? Actually if you could add one erroneous entry and catch it in gdb in the act of looping that would be very helpful. I'm still trying to determine if the bug is in glibc or smbd. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Odd Access Denied which does not get logged even at log level 100
I'm still working on this Access Denied with CUPS, etc... I have a little command line utility written which uses the AddPrinterA function of WinSpool.drv to add a printer instance for a driver which has already been installed on the system. If I add the port to the UNC of the printer and restart the spooler task I no longer get the Access Denied error. However, trying to have AddPrinterA do the entire job returns an Access Denied, I was thinking from SMB. But I have cranked up the server logging to 100 and do not catch a think when I run the utility, nadda! Simply adding the ports and restarting the spooler before AddPrinterA is a lot better than the extent I have had to code to... AddPrinterA to LPT1: and then hack the settings of each printer... yuck! Am I appraoching time for a sniffer to debug this one, or should I set additional logging somehow? Also, when I add the port and successfully then use AddPrinterA, I do not get anything in the log for porinting a printer at the network printer. So, error or successful, nothing logged at log level 100. -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Migration: Failed to setup BDC creds
Greetings I configured a BDC with Samba 3.0.3. When I try to synchronize it with a PDC using net rpc vampire -Uadministrator%password I got Failed to setup BDC creds. With deugger on the got the following information: [2004/07/13 16:19:11, 4] param/loadparm.c:lp_load(3918) pm_process() returned Yes [2004/07/13 16:19:11, 2] lib/interface.c:add_interface(79) added interface ip=10.50.30.32 bcast=10.50.255.255 nmask=255.255.0.0 [2004/07/13 16:19:11, 3] libsmb/cliconnect.c:cli_start_connection(1369) Connecting to host=127.0.0.1 [2004/07/13 16:19:11, 3] lib/util_sock.c:open_socket_out(733) Connecting to 127.0.0.1 at port 445 [2004/07/13 16:19:11, 4] lib/time.c:get_serverzone(122) Serverzone is 14400 [2004/07/13 16:19:11, 4] passdb/secrets.c:secrets_fetch_trust_account_password(261) Using cleartext machine password [2004/07/13 16:19:11, 4] rpc_client/cli_netlogon.c:cli_net_req_chal(45) cli_net_req_chal: LSA Request Challenge from PDC to 127.0.0.1: 2AAEDE6146FC2E56 [2004/07/13 16:19:11, 4] libsmb/credentials.c:cred_session_key(59) cred_session_key [2004/07/13 16:19:11, 4] libsmb/credentials.c:cred_create(90) cred_create [2004/07/13 16:19:11, 4] rpc_client/cli_netlogon.c:cli_net_auth2(102) cli_net_auth2: srv:\\127.0.0.1 acct:PDC$ sc:6 mc: PDC chal E5403E5FCF950D4F neg: 400701ff [2004/07/13 16:19:11, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(283) cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED Failed to setup BDC creds [2004/07/13 16:19:11, 1] utils/net_rpc.c:run_rpc_command(141) rpc command function failed! (NT_STATUS_ACCESS_DENIED) [2004/07/13 16:19:11, 2] utils/net.c:main(792) return code = 1 What went wrong? Thanks! -- Kang Sun -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Fwd: Re: [Samba] posixAccount for Machines in LDAP?]
Original Message Subject: Re: [Samba] posixAccount for Machines in LDAP? From:[EMAIL PROTECTED] Date:Tue, July 13, 2004 4:54 pm To: Paul Gienger [EMAIL PROTECTED] -- Thanks for getting back to me, Paul. Here's the domain controllers smb.conf [global] workgroup = WarehamPS encrypt passwords = Yes time server = Yes socket options = TCP_NODELAY security = user logon script = whs1.bat writable = Yes dns proxy = no directory mask = 02770 preferred master = yes netbios name = WHS1 server string = RedHat 8.0 LDAP Server passdb backend = ldapsam ldap passwd sync = Yes machine password timeout = 604800 passwd program = /usr/local/samba/bin/smbpasswd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUnix\spassword:* %n\n log file = /var/log/samba.%m debug level = 2 max log size = 50 add user script = /usr/local/sbin/smbldap-useradd.pl %u delete user script = /usr/local/sbin/smbldap-useradd.pl %u add group script = /usr/local/sbin/smbldap-groupadd.pl delete group script = /usr/local/sbin/smbldap-groupdel.pl add machine script = /usr/sbin/useradd -c Computer -d /dev/null -s /bin/false -g 502 -M %u; /usr/local/samba/bin/smbpasswd -a -m %u logon script = whs1.bat logon path = logon drive = H: logon home = domain logons = Yes os level = 64 domain master = Yes dns proxy = Yes admin users = @domain_admins wins support = Yes name resolve order = wins hosts bcast ldap suffix = dc=tow,dc=net ldap machine suffix = ou=Computers ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap admin dn = cn=admin,dc=tow,dc=net ldap ssl = no [homes] comment = Home Directories read only = no browseable = no writable = yes path = %H hide files = /.*/ [netlogon] comment = Netlogon share root preexec = /usr/local/samba/sbin/prelogon.pl %U path = /usr/local/samba/netlogon locking = no browseable = no read only = yes hide files = /*.dll/*.rap/*.kix/*.bat/ [staff] comment = Staff Directory path = /accounts/common browseable = no create mode = 0660 valid users = @whsstaff write list = @whsstaff force group = whsstaff [programs] comment = Programs path = /accounts/programs valid users = @whsstaff browseable = no [adm-pgms$] comment = Admin Programs path = /accounts/adm_pgms browseable = no valid users = @techstaff write list = @techstaff force group = techstaff create mode = 0660 [images$] comment = Ghost image files path = /accounts/images browseable = no force group = techstaff create mode = 0660 valid users = @techstaff write list = @techstaff [cafeteria] path = /accounts/cafeteria/data browseable = no valid users = @whs-cafe force group = whs-cafe create mode = 0660 directory mode = 0770 [printers] comment = All Printers path = /var/spool/samba valid users = @whsstaff, @techstaff read only = Yes printable = Yes browseable = No [hp8100] path = /tmp comment = HP8100 Laser browseable = yes writable = no printable = yes printer name = hp8100 [tricker] path = /accounts/whsart/tricker comment = WHS Art students browseable = No valid users = +tricker write list = +tricker force group = tricker create mode = 0660 directory mode = 0770 [gunnels] path = /accounts/whsart/gunnels comment = WHS Art students browseable = No valid users = +gunnels write list = +gunnels force group = gunnels create mode = 0660 directory mode = 0770 [einstein] path = /accounts/whsart/einstein comment = WHS Art students browseable = No valid users = +einstein write list = +einstein force group = einstein create mode = 0660 [PCA] comment = PC Analyzer files path = /usr/local/samba/PCAnalyser browseable = no force group = techstaff directory mode = 0770 create mode = 0770 Kent Wareham Public Schools [EMAIL PROTECTED] wrote: Hello, I have a question about machine accounts. I using Samba 3.0, OpenLDAP 2.1.30 and Berkeley 4.2.52 on backend on RedHat machines. I also have 3 slave/BDC's and 1 master/PDC Right now all
[Samba] XP to Samba PDC, permissions. Please give me a hand.
Hello list readers, After setting up a Samba PDC on Suse Linux prof. 9.1. I succeeded in making my Windows XP prof. workstation a member of the Samba domain. When I, after succesfully logging in to the domain from XP, create or copy a file in my own user directory (guus) permissions on te linux machine are set right, like here: -rwxrwxr--+ 1 guus users 4 2004-07-13 23:16 /home/guus/test However, when I create or copy a file in the share pub the rights look like this: -rwx-- 1 guus users 4 2004-07-13 23:19 /home/pub/test Although the create mask for the share pub is set to 0775 so the rights should look like -rwxrwxr-x+. The directories where these files are in have rights -rwxrwxr-x+ for user guus en group users. I tried almost everything including reading the official Samba 3 howto reader and tried various configurations in smb.conf. Both by editing by hand and by using the swat tool and restart Samba each time, renew login etc. Unfortunately I couldn't solve this problem. Can anyone give me a hand please? Here is a listing of my smb.conf: # Samba config file created using SWAT # from localhost (127.0.0.1) # Date: 2004/07/13 22:20:22 # Global parameters [global] workgroup = THNET server string = Samba interfaces = eth0, 10.0.0.130/24, lo bind interfaces only = Yes map to guest = Bad User passdb backend = smbpasswd:/etc/samba/smbpasswd guest account = guest passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *changed* passwd chat debug = Yes username map = /etc/samba/smbusers unix password sync = Yes log level = 1 log file = /var/log/samba/log.%m debug uid = Yes name resolve order = dns wins bcast host lmhosts socket options = SO_KEEPALIVE TCP_NODELAY IPTOS_LOWDELAY hostname lookups = Yes printcap name = /etc/printcap add user script = ldapsmb -a -u delete user script = ldapsmb -d -u add group script = ldapsmb -a -g delete group script = ldapsmb -d -g add user to group script = ldapsmb -j -u delete user from group script = ldapsmb -j -u set primary group script = ldapsmb -m -u add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ shutdown script = ldapsmb --shutdown= abort shutdown script = ldapsmb --abortshutdown logon script = start.bat logon path = \\%L\profiles\%u logon drive = P: domain logons = Yes os level = 65 domain master = Yes wins support = Yes ldap suffix = dc=domain, dc=com ldap ssl = no add share command = /var/lib/samba/scripts/modify_samba_config.pl delete share command = /var/lib/samba/scripts/modify_samba_config.pl socket address = 10.0.0.130 write list = guus printer admin = @ntadmin, root, administrator create mask = 0777 force create mode = 0775 force security mode = 0770 directory mask = 0777 force directory mode = 0775 force directory security mode = 0770 hosts allow = 10.0.0.0/24, 127.0.0.1/24 hosts deny = ALL printing = lprng print command = lpr -r -P'%p' %s lpq command = lpq -P'%p' lprm command = lprm -P'%p' %j lppause command = lpc hold '%p' %j lpresume command = lpc release '%p' %j queuepause command = lpc stop '%p' queueresume command = lpc start '%p' [profiles] path = /var/lib/samba/profiles read only = No create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon browseable = No [homes] comment = Home Directories read only = No create mask = 0755 directory mask = 0755 browseable = No [users] comment = All users path = /home read only = No create mask = 0744 directory mask = 0744 inherit permissions = Yes guest ok = Yes veto files = /aquota.user/groups/shares/ [pdf] comment = PDF creator path = /var/tmp create mask = 0600 guest ok = Yes printable = Yes [printers] comment = All Printers path = /var/spool/samba guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin, root force group = ntadmin create mask = 0664 directory mask = 0775 printable = Yes [pub] comment = pub path = /home/pub read only = No create mask = 0775 security mask = 0775 directory mask = 0775 inherit permissions = Yes guest ok = Yes [linux_docs] comment = Linux docs path = /usr/share/doc/ [mfc3820cn] path = /var/tmp printable = Yes Thanks you very much in advance. Guus -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Any known issues with using @groupname syntax in smb.conf?
I was trying to get fancy and specify a group name vs a list of users via the @groupname syntax for a valid group in /etc/group and the users in that group no longer had their admin rights in this case. I've dropped back to listing all of the admin user ID's for now while I research this. TIA! -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] posixAccount for Machines in LDAP?
Thanks, I'll give this a try tomorrow and let you know how things go. I really appreciate your help. This is the last major hurdle that I can see. Kent N Changes below: [EMAIL PROTECTED] wrote: Thanks for getting back to me, Paul. Here's the domain controllers smb.conf [global] workgroup = WarehamPS encrypt passwords = Yes time server = Yes socket options = TCP_NODELAY security = user logon script = whs1.bat writable = Yes dns proxy = no directory mask = 02770 preferred master = yes netbios name = WHS1 server string = RedHat 8.0 LDAP Server passdb backend = ldapsam ldap passwd sync = Yes machine password timeout = 604800 passwd program = /usr/local/samba/bin/smbpasswd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUnix\spassword:* %n\n log file = /var/log/samba.%m debug level = 2 max log size = 50 add user script = /usr/local/sbin/smbldap-useradd.pl %u delete user script = /usr/local/sbin/smbldap-useradd.pl %u add group script = /usr/local/sbin/smbldap-groupadd.pl delete group script = /usr/local/sbin/smbldap-groupdel.pl add machine script = /usr/sbin/useradd -c Computer -d /dev/null -s /bin/false -g 502 -M %u; /usr/local/samba/bin/smbpasswd -a -m %u Change these scripts to be liks so: add user script = /usr/sbin/smbldap-useradd -a -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u add machine script = /usr/sbin/smbldap-useradd -w %u make sure the paths line up of course. The quotes are important in case you get spaces in the parameters. logon script = whs1.bat logon path = logon drive = H: logon home = domain logons = Yes os level = 64 domain master = Yes dns proxy = Yes admin users = @domain_admins wins support = Yes name resolve order = wins hosts bcast ldap suffix = dc=tow,dc=net ldap machine suffix = ou=Computers Make ldap machine suffix match ldap user suffix. Known bug. ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap admin dn = cn=admin,dc=tow,dc=net ldap ssl = no shares defs deleted Of course, make sure your smbldap config file matches the above LDAP dn information for users, computers. Check back after trying it out. Paul Kent Wareham Public Schools [EMAIL PROTECTED] wrote: Hello, I have a question about machine accounts. I using Samba 3.0, OpenLDAP 2.1.30 and Berkeley 4.2.52 on backend on RedHat machines. I also have 3 slave/BDC's and 1 master/PDC Right now all of my users and groups exist entirely in the LDAP directory. I have a few accounts in addition to the normal system accounts that are used for emergency access. All authention and group enumeration uses PAM_LDAP with NSS_LDAP. My question is that when I have a machine join the domain, in the LDAP directory an objectclass Account and sambaSAMAccount are created. I still need to create a machine account in /etc/passwd for this to happen. Is there anyone out there that is first creating a posixAccount with appropriate attributes in LDAP then using the Samba/Windows to generate the sambaSAMAccount object and attributes in LDAP also? You shouldn't need anything in /etc/passwd. Perhaps by posting an smb.conf you could be pointed in the right direction. I was so happy to get all of the user/group stuff consolidated into the directory. Now I see that this is a possibility also but I haven't tried it. Kent N Wareham Public Schools -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Cell:701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] from suha
hi ihab, can you call me at the worthans at (615)665-0124? suha -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] missing docs on smb.conf
trying to look at smb.conf reference and I get --- EXPLANATION OF EACH PARAMETER xi:include/xi:include -- anyone know where all parameters' info can be found? -- David Bear phone: 480-965-8257 fax:480-965-9189 College of Public Programs/ASU Wilson Hall 232 Tempe, AZ 85287-0803 Beware the IP portfolio, everyone will be suspect of trespassing -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] time server.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alex Satrapa wrote: | On 13 Jul 2004, at 10:12, henrique paiva wrote: | | Can i just add time server = True and logon script = logon.bat lines | in global conf? or should i add [netlogon] sharing too? | | | You can't have a logon script without a netlogon share. From the manual: | | The script must be a relative path to the [netlogon] service. If | the [netlogon] service specifies a path of /usr/local/samba/net- | logon, and logon script = STARTUP.BAT, then the file that will | be downloaded is: | | /usr/local/samba/netlogon/STARTUP.BAT | | | HTH | Alex Satrapa | I made something that i realy don't know if it's a good idea. I just put ~ a bat file in the startmenu/startup. wich the content is : net time \\server /set /yes it's working fine. but, is it a good idea ? or is better use the [netlogon] way? - -- ~ ___ ~| henrique paiva | ~|___| ~| email: [EMAIL PROTECTED] | ~|___| ~| icq: 320094827 | ~|___| Este email foi assinado pelo Gnupg http://www.gnupg.com e ~ Mozilla Thunderbird Enigmail http://enigmail.mozdev.org Solicite minha chave pública. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA9GXUeE6sZ+g/aaURAmuSAJsHWf+ql18pEVstZ3E6j9BYMkRGqwCfX+VI hJDLpdYh4FLYn2gQTC/DynI= =Gq5E -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] missing docs on smb.conf
Hi David, I've just fixed this in current SVN. Should be fixed on the web (http://us1.samba.org/samba/docs/man/smb.conf.5.html) soon. Cheers, Jelmer On Wed, 2004-07-14 at 00:27, David Bear wrote: trying to look at smb.conf reference and I get --- EXPLANATION OF EACH PARAMETER xi:include/xi:include -- anyone know where all parameters' info can be found? -- David Bear phone:480-965-8257 fax: 480-965-9189 College of Public Programs/ASU Wilson Hall 232 Tempe, AZ 85287-0803 Beware the IP portfolio, everyone will be suspect of trespassing -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Antwort: Re: Antwort: Re: [Samba] 3.0.4: smbd's + nscd's = 100% CPU; load 4
I checked my /etc/group for irregular entries and repaired all of them. Since then the problem didn't occur any more. Even so it wasn't very frequent. I still have a bunch of strace logs of smbd and of nscd. Cann I upload it somewhere for you if you can use it? Or do you suggest to replant the erroneous entries and wait for the loop ? Actually if you could add one erroneous entry and catch it in gdb in the act of looping that would be very helpful. I'm still trying to determine if the bug is in glibc or smbd. Noblesse oblige. OK. I've never debugged runaway programs. Does it stay still when I attach it? Should I compile a debug version for that? Can you be just a little more specific as to what I should try to clarify? You seem to believe, that it is not looping in samba sources, because you can't see where it possibly could. So probably, if the attached process can be stepped, I should step a full circle between two socket calls and see if it ever lands back in samba code. Is that it? Cheers - Diese E-Mail könnte vertrauliche und/oder rechtlich geschützte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] time server.
On 14 Jul 2004, at 08:44, henrique paiva wrote: I made something that i realy don't know if it's a good idea. I just put ~ a bat file in the startmenu/startup. wich the content is : net time \\server /set /yes it's working fine. but, is it a good idea ? or is better use the [netlogon] way? The advantage of having the logon script in the netlogon share is that if you want to make a change to it sometime, you edit it in one place. Using the netlogon share makes maintenance much easier. With the script installed in 5 users' accounts, you'd have at least 5 places to edit the script. Just set up the netlogon share, copy the logon.bat to that share, set the logon script parameter, and relax :) Alex -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Strangeness with computer account layout in LDAP Schema?
Hello All, I've been trying to migrate an NT 4 domain from a PDC to samba using net rpc vampire, ran into various hitches along the way which now appear to be mostly sorted, but the created machine accounts do not appear to be in the correct format. Checking ou=Computers under the main tree, no entry under this branch has any space for an NT / LM password, here is an ldif dump of the main branch and one entry; dn: ou=Computers,dc=itouchaudev,dc=com objectClass: organizationalUnit ou: Computers dn: uid=LBLIGH$,ou=Computers,dc=itouchaudev,dc=com objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: LBLIGH$ sn: LBLIGH$ uid: LBLIGH$ uidNumber: 1129 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer I'm not certain if it's just a feature of the client, but also a lot of additional blank fields are displayed under the GQ ldap client, (x121 address, registered address, etc) Is this schema correct? I used to idealx smbldap tools 0.5 to create it with smbldap-populate Regards Eric -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LDAP and Domain
On 14 Jul 2004, at 03:39, Daniel Guerrero wrote: dn: uid=smbportia,ou=People,dc=deimos,dc=danguer,dc=com sambaSID: S-1-0-0-3004 That doesn't seem right to me - for the Windows Administrator, the sambaSID and sambaPrimaryGroupSID should look something like sambaSID: S-1-5-21-XX-XX-XX- sambaPrimaryGroupSID: S-1-5-21-XX-XX-XX-512 Where the XX-XX-XX is the same string of numbers from your domain's sambaSID (the domain's sambaSID is stored in an object with objectClass=sambaDomain): [EMAIL PROTECTED] ldapsearch -h ldapserver -b dc=x,dc=com,dc=au -D \ cn=admin,dc=x,dc=com,dc=au -x -W sambaDomainName=DOMAIN dn: sambaDomainName=DOMAIN,o=smb,dc=x,dccom,dc=au sambaDomainName: DOMAIN sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaSID: S-1-5-21-XX-XX-XX Hope this helps Alex -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Strangeness with computer account layout in LDAP Schema?
On Wed, 2004-07-14 at 09:35, Eric J Bennett wrote: Hello All, I've been trying to migrate an NT 4 domain from a PDC to samba using net rpc vampire, ran into various hitches along the way which now appear to be mostly sorted, but the created machine accounts do not appear to be in the correct format. Checking ou=Computers under the main tree, no entry under this branch has any space for an NT / LM password, here is an ldif dump of the main branch and one entry; dn: ou=Computers,dc=itouchaudev,dc=com objectClass: organizationalUnit ou: Computers dn: uid=LBLIGH$,ou=Computers,dc=itouchaudev,dc=com objectClass: top objectClass: inetOrgPerson objectClass: posixAccount So, it looks like your smbldap scripts had a 'machine account suffix' set, but Samba is trying to add everything under ou=Users. Check to see if you have the 'other half' of the account there. Then re-do the migration, but with the 'ldap suffix' in smb.conf as 'dc=itouchaudev,dc=com'. Andrew Bartlett signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trusting Multiple Domains NT4 and a AD Domain
Background: We are migrating from our NT4 domain, to a new Windows2003 Active Directory domain, so our Linux samba server is joined the the NT4 domain where most the users live. But we are now starting to migrate (Using MS built in Migration tool) users from the NT4 domain to the Active Directory. Once the users are migrated they are not able to access shares on samba 3 file server The samba 3 box is joined to an NT4 domain. Using winbind. That NT4 domain has a trust with a Active Directory domain. Since the accounts have been migrated from the NT4 domain to the new Active Directory domain their NT4 domain account and Active Directory account share the same SID.. Could this be causing my problems? If so, how do I fix this? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Antwort: Re: Antwort: Re: [Samba] 3.0.4: smbd's + nscd's = 100% CPU; load 4
On Wed, Jul 14, 2004 at 12:57:22AM +0200, [EMAIL PROTECTED] wrote: I checked my /etc/group for irregular entries and repaired all of them. Since then the problem didn't occur any more. Even so it wasn't very frequent. I still have a bunch of strace logs of smbd and of nscd. Cann I upload it somewhere for you if you can use it? Or do you suggest to replant the erroneous entries and wait for the loop ? Actually if you could add one erroneous entry and catch it in gdb in the act of looping that would be very helpful. I'm still trying to determine if the bug is in glibc or smbd. Noblesse oblige. OK. I've never debugged runaway programs. Does it stay still when I attach it? Should I compile a debug version for that? Can you be just a little more specific as to what I should try to clarify? You seem to believe, that it is not looping in samba sources, because you can't see where it possibly could. So probably, if the attached process can be stepped, I should step a full circle between two socket calls and see if it ever lands back in samba code. Is that it? Yes, that's the idea. You need to compile with -g option and then to attach to the process once it's looping. Then set a breakpoint in the smbd code at the point I referred to and see if it ever arrives there. If it does follow it along until it loops again. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Solution! CUPS Printing / Win2K with Access Denied
Hey Samba team... I'll still buy you pizza! Anyway, trying to be good security folks, we had tossed in a global setting in smb.conf that root was an invalid user. No Windows client will ever have an account named that which they need to touch Samba with, and everyone knows it is bad bad bad to logon to your Linux box with root... but anyway, Samba sure seems to have an opinion about doing this... JUST DON'T DO IT! (I defer to the pizza fed Samba team to explain why, I DON'T KNOW!) Between the three books I have, and that setting, it now works! I successfully right clicked the printer without getting an error, finally! I uploaded the driver! I used printui.dll to command line attach the workstation to the printer! OK, now ONE question. What methods exist to associate multiple drivers with a single printer for a single OS and thus create multiple printer icons on the client side. Such as a PCL6, PCL5e and PS driver option for the same printer? I am guessing that other methods I was trying to touch the printer will now work as well, so I will be trying them. As long as there are command line solutions to the suggestion(s) I am more than happy to consider them. Everything must be scriptable... we administrators / engineers have better things to do for job security than set up printers for users, right?! -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba performance/stability issue...
Hi, I have installed Samba 3.0.2a on a Sun Solaris 8 system using a binary package (which was compiled with no particlar option) downloaded from the www.sunfreeware.com web site. The Samba server is installed and configured with the Domain security level and has joined a Windows 2003 AD server (in native mode). I have created a share and a unix logon. The unix logon is associated to that share and is the same as the windows logon on the client box (which runs Windows XP). Anyway, even if it was not, I am using the usermaps.txt file to make sure that no matter the windows logon used, it will be associated to the already defined unix logon. I know, this may not be very secure for now, but it is only for testing purposes. I am performing some benchmarks that will reflect the way I am going to use Samba. Basically, I am copying/creating, via a simple C++ program running on the client box, the same 50 K-Bytes file about 10,000 times on the Samba share. Of course, the file is renamed with a sequence number so that at the end there are 10,000 newly created files on the share. As you might have guessed by now, I am not using Samba to simply replace a file server for windows users. I am using Samba so that a windows application (running in the background) can export files to another unix applications. NFS could have been an alternative, but Samba will integrate this export mechanism in a more transparent fashion. The problem I have right now is that sometime it takes about 350 sec to perform that test and a lot more times it takes about 700 sec. Each time, I am performing the same test without anything different. I noticed that when it performs faster, the smbd % CPU utilization is 5 to 8% and when it is slower, the smbd % CPU utilization is about 25 to 35%. When using a windows share on a windows server instead of Samba on an unix server, it consistently takes about 485 sec. Note 1: The network is not on any particular pre-existing load when performing the test. The same goes for the CPU. Note 2: Why not using Samba 3.0.4? Simply because there is no binary available for Solaris 8 and because compiling it is not working for us right now. Note 3: Why not using the ADS security level? For the same reason as note 2 : the ADS security level requires compilation with Kerberos and OpenLDAP development libraries. Any idea to help resolve this performance/stability issue? Regards, Marcello -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba performance/stability issue...
On Tue, Jul 13, 2004 at 09:43:02PM -0400, Marcello Melfi wrote: I am performing some benchmarks that will reflect the way I am going to use Samba. Basically, I am copying/creating, via a simple C++ program running on the client box, the same 50 K-Bytes file about 10,000 times on the Samba share. Of course, the file is renamed with a sequence number so that at the end there are 10,000 newly created files on the share. As you might have guessed by now, I am not using Samba to simply replace a file server for windows users. I am using Samba so that a windows application (running in the background) can export files to another unix applications. NFS could have been an alternative, but Samba will integrate this export mechanism in a more transparent fashion. Are you creating all these files in the same directory ? If so, that's your answer for why things are slow. Samba has to provide a case-insensitive lookup for a case-sensitive filesystem. Every time you try and create a file that doesn't exist Samba has to do a directory scan to see if the file exists in a different case. This is slow. Fix your app to create into different directories and you'll find it gets much faster. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP - samba 1.1.9 slow file transfer problem
I'm experiencing a problem with slow file transfer from a Solaris 2.6 Samba 1.1.9 server to Windows XP clients. This problem does not occur for Windows 2000 clients. In attempting to troubleshoot the problem, I've run Ethereal on both clients and noticed a marked difference in the logs of a transfer of the same file from the server. The Windows 2000 logs shows AndX SMB requests and responses with various sizes ranging around 1000-8000 bytes. The number of packets in the TCP conversation to transfer the file is 42 packets. With Windows XP the logs show AndX SMB requests and responses around 2 to 4 bytes long. The number of packets required for that transfer is 571. The time to transfer is 3 seconds on Windows 2000 and 30 seconds on Windows XP. A notable factor is that this SMB file transfer is occuring over a WAN connection, so the long ACK delay may be the problem factor, but I don't see how it would become a problem on Windows XP clients, but not on Windows 2000 clients. I've already tried changing the socket options parameter in the global section of the smb.conf file on the server. It previously was set to TCP_NODELAY, and I tried a setting of IPTOS_THROUGHPUT SO_SNDBUFF=8192 SO_RCVBUFF=8192. Any suggestions? Would upgrading to Samba 3.x resolve this issue? Thanks for any input. Greg Adams -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba performance/stability issue...
Hi Jeremy, The C++ application was for testing purposes only. However, the real application we are using is a commercial package for which I do not have any control. In real life, that application will run on a few windows workstations and should export about 3000 to 4000 files per workstation. We were planning to have one directory per worstation within the samba share. Can't do it otherwise... Regardless of the above, why is it that sometimes I get very good results and many other times bad ones? I would expect that this case-insensitive thing be consistent and therefore always generates bad results. Do you have an explanation for this behavior! In any case, is there a way to stop this lookup? For example, always use uppercase or something like that... Note: I really appreciate you for taking the time to respond! Bye, Marcello -Original Message- From: Jeremy Allison [mailto:[EMAIL PROTECTED] Sent: July 13, 2004 21:50 To: Marcello Melfi Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Samba performance/stability issue... On Tue, Jul 13, 2004 at 09:43:02PM -0400, Marcello Melfi wrote: I am performing some benchmarks that will reflect the way I am going to use Samba. Basically, I am copying/creating, via a simple C++ program running on the client box, the same 50 K-Bytes file about 10,000 times on the Samba share. Of course, the file is renamed with a sequence number so that at the end there are 10,000 newly created files on the share. As you might have guessed by now, I am not using Samba to simply replace a file server for windows users. I am using Samba so that a windows application (running in the background) can export files to another unix applications. NFS could have been an alternative, but Samba will integrate this export mechanism in a more transparent fashion. Are you creating all these files in the same directory ? If so, that's your answer for why things are slow. Samba has to provide a case-insensitive lookup for a case-sensitive filesystem. Every time you try and create a file that doesn't exist Samba has to do a directory scan to see if the file exists in a different case. This is slow. Fix your app to create into different directories and you'll find it gets much faster. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] system freeze
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I have a samba server 3.0.2a running in mandrake10 dell power edge server as a file server with clipper 5.3 application. I have 20 clients running win98/95. Normaly in the afternoon (once a day), sometimes the system just freeze, all the clipper sessions just freeze, and when i do smb restart, everything goes fine. what is wrong with my system? - -- ~ ___ ~| henrique paiva | ~|___| ~| email: [EMAIL PROTECTED] | ~|___| ~| icq: 320094827 | ~|___| Este email foi assinado pelo Gnupg http://www.gnupg.com e ~ Mozilla Thunderbird Enigmail http://enigmail.mozdev.org Solicite minha chave pública. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFA9KjieE6sZ+g/aaURAoRzAKCjdCBNZHI0rmnV8w4nLfpCgX0megCfQeQ1 mUkd6BXvwHXzFpiQ5UhFydU= =SK5e -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help! Add samba server to Win2000 Domain
Hi, I am trying to add samba server(3.0.4) in Solaris to win2000 domain, then all PC in the domain can see the share drive in Solaris. Followed the manual: root# groupadd machines root# /usr/sbin/useradd -g machines -d /dev/null -c machine nickname -s /bin/false machine_name$ root# passwd -l machine_name$ root# smbpasswd -a -m machine_name 1. On the MS Windows NT Domain Controller, using the Server Manager, add a machine account for the Samba server. 2. On the UNIX/Linux system execute: root# net rpc join -U administrator%password successfully. But when I tried to from the Win2000 pc to access the samba server, it failed. Did I miss something? Please help!! Here is the smb.conf Load smb config files from /usr/local/samba/lib/smb.conf Processing section [homes] Processing section [netlogon] Processing section [printers] Processing section [ImageShare] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = MYDOMAIN server string = My Samba Server security = DOMAIN unix password sync = Yes encrypt passwords = yes password server = * log level = 5 log file = /usr/local/samba/var/log.%m max log size = 50 deadtime = 15 dns proxy = No hosts allow = 192.168.17., 192.168.18., 127. [homes] comment = Home Directories read only = No [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = Yes share modes = No [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No [ImageShare] comment = Share images path = /temp write list = @staff read only = No guest ok = Yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] cannot join win2k to samba domain
hi, i 've problem when i try to join win2k prof into samba domain i use samba ver 2.2.1a i add admin user as domain admin group=admin in global sections but when i type user name and pass error message appear the spesified user doesn't exist. any one can help mehow to solve my problem?! === Gabung INSTANIA, dapatkan XENIA. Daftar di www.telkomnetinstan.com, langsung dapat akses Internet Gratis.. Dan ..ikuti Instan Smile berhadiah Xenia,Tour S'pore, Komputer,dll, info hub : TELKOM Jatim 0-800-1-467826 === -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba performance/stability issue...
On Tue, Jul 13, 2004 at 11:06:28PM -0400, Marcello Melfi wrote: Regardless of the above, why is it that sometimes I get very good results and many other times bad ones? I would expect that this case-insensitive thing be consistent and therefore always generates bad results. Do you have an explanation for this behavior! No, sorry, I missed that. If it's a case insensitive problem yes it should be constant if the files are always being created as new. In any case, is there a way to stop this lookup? For example, always use uppercase or something like that... Yes, set case sensitive = yes, preserve case = no, short preserve case = no, default case = lower in the share you need this behaviour. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP - samba 1.1.9 slow file transfer problem
On Tue, Jul 13, 2004 at 07:50:27PM -0700, Greg Adams wrote: I'm experiencing a problem with slow file transfer from a Solaris 2.6 Samba 1.1.9 server to Windows XP clients. This problem does not occur for Windows 2000 clients. In attempting to troubleshoot the problem, I've run Ethereal on both clients and noticed a marked difference in the logs of a transfer of the same file from the server. Samba 1.1.x is *very* old. Please upgrade if just for securitys sake. Any suggestions? Would upgrading to Samba 3.x resolve this issue? Samba 3.0.x has been tuned to provide the same defaults to the client as Windows 2000 - so hopefully you shouldn't get this problem. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
svn commit: samba r1476 - branches/SAMBA_4_0/source/libcli/auth
Author: abartlet Date: 2004-07-13 06:39:55 + (Tue, 13 Jul 2004) New Revision: 1476 Modified: branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c Log: Don't print messages about the CCACHE not being found - this is normal. Andrew Bartlett WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1476nolog=1
svn commit: samba r1477 - trunk/source/torture
Author: vlendec Date: 2004-07-13 09:25:44 + (Tue, 13 Jul 2004) New Revision: 1477 Modified: trunk/source/torture/mangle_test.c Log: Merge 100% fix.. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1477nolog=1
svn commit: samba-web r148 - trunk
Author: deryck Date: 2004-07-13 11:52:15 + (Tue, 13 Jul 2004) New Revision: 148 Modified: trunk/samba.html Log: Add link to SuSE RPMs for current release announcement. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=148nolog=1
svn commit: samba r1478 - branches/SAMBA_3_0/source/utils
Author: idra Date: 2004-07-13 12:39:38 + (Tue, 13 Jul 2004) New Revision: 1478 Modified: branches/SAMBA_3_0/source/utils/pdbedit.c Log: Useful patch from Tom Alsberg [EMAIL PROTECTED], to export a single user from a backend. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1478nolog=1
svn commit: samba-web r149 - trunk
Author: jerry Date: 2004-07-13 14:11:21 + (Tue, 13 Jul 2004) New Revision: 149 Modified: trunk/samba.html Log: adding link to the original mail Lars sent to the samba-binaries list WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=149nolog=1
svn commit: samba-web r150 - trunk
Author: jerry Date: 2004-07-13 14:14:18 + (Tue, 13 Jul 2004) New Revision: 150 Modified: trunk/samba.html Log: removing old news WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=150nolog=1
svn commit: samba r1479 - branches/SAMBA_4_0/source/smb_server
Author: metze Date: 2004-07-13 17:40:28 + (Tue, 13 Jul 2004) New Revision: 1479 Modified: branches/SAMBA_4_0/source/smb_server/reply.c Log: print out domain too WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1479nolog=1
svn commit: samba r1480 - branches/SAMBA_4_0/source/gtk
Author: metze Date: 2004-07-13 17:52:29 + (Tue, 13 Jul 2004) New Revision: 1480 Modified: branches/SAMBA_4_0/source/gtk/config.m4 Log: gwsam has unresolved symbols in it (on my SuSE 9.1) so I disable it for now metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1480nolog=1
svn commit: samba r1481 - in branches/SAMBA_4_0/source: librpc librpc/idl torture torture/rpc
Author: metze Date: 2004-07-13 18:05:02 + (Tue, 13 Jul 2004) New Revision: 1481 Added: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl branches/SAMBA_4_0/source/torture/rpc/drsuapi.c Modified: branches/SAMBA_4_0/source/librpc/config.m4 branches/SAMBA_4_0/source/torture/config.mk branches/SAMBA_4_0/source/torture/torture.c Log: add idl file and torture test dummies for DRSUapi (the Active Directory Replication Protocol) I'll try to fill the idl file as part of a study project together with some other students... metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/sourcerev=1481nolog=1
svn commit: samba r1482 - branches/SAMBA_4_0/source/librpc/idl
Author: metze Date: 2004-07-13 18:10:11 + (Tue, 13 Jul 2004) New Revision: 1482 Modified: branches/SAMBA_4_0/source/librpc/idl/dcerpc.idl Log: today I saw DCERPC_AUTH_TYPE 16(0x10) and it seems to be raw krb5, but I need to do some tests metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1482nolog=1
svn commit: samba r1483 - branches/SAMBA_4_0/source/build/smb_build
Author: metze Date: 2004-07-13 18:41:08 + (Tue, 13 Jul 2004) New Revision: 1483 Modified: branches/SAMBA_4_0/source/build/smb_build/makefile.pl Log: build dynconfig.c also with PICFLAGS metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1483nolog=1
svn commit: samba r1484 - branches/SAMBA_3_0/source/rpc_server
Author: jerry Date: 2004-07-13 19:20:37 + (Tue, 13 Jul 2004) New Revision: 1484 Modified: branches/SAMBA_3_0/source/rpc_server/srv_spoolss_nt.c Log: BUG 1520: work around bug in xp sp2 rc2 where the client sends a fnpcn() request without previously sending a ffpcn(). Return what win2k sp4 does WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1484nolog=1
svn commit: samba r1485 - branches/tmp/SAMBA_3_2_MERGE/source
Author: jerry Date: 2004-07-13 20:30:59 + (Tue, 13 Jul 2004) New Revision: 1485 Modified: branches/tmp/SAMBA_3_2_MERGE/source/Makefile.in Log: These binaries are building now... $ ls bin nmbd* nmblookup* smbclient* smbspool* testparm* testprns* WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1485nolog=1
svn commit: samba r1486 - in branches/SAMBA_4_0/source: auth include ntvfs/cifs param rpc_server smb_server smbd
Author: metze Date: 2004-07-13 21:04:56 + (Tue, 13 Jul 2004) New Revision: 1486 Added: branches/SAMBA_4_0/source/smbd/server.h branches/SAMBA_4_0/source/smbd/service.c branches/SAMBA_4_0/source/smbd/service.h Modified: branches/SAMBA_4_0/source/auth/auth.c branches/SAMBA_4_0/source/include/includes.h branches/SAMBA_4_0/source/include/local.h branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c branches/SAMBA_4_0/source/param/loadparm.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c branches/SAMBA_4_0/source/smb_server/connection.c branches/SAMBA_4_0/source/smb_server/negprot.c branches/SAMBA_4_0/source/smb_server/reply.c branches/SAMBA_4_0/source/smb_server/request.c branches/SAMBA_4_0/source/smb_server/service.c branches/SAMBA_4_0/source/smb_server/smb_server.c branches/SAMBA_4_0/source/smb_server/smb_server.h branches/SAMBA_4_0/source/smbd/config.m4 branches/SAMBA_4_0/source/smbd/config.mk branches/SAMBA_4_0/source/smbd/process_model.c branches/SAMBA_4_0/source/smbd/process_model.h branches/SAMBA_4_0/source/smbd/process_single.c branches/SAMBA_4_0/source/smbd/process_standard.c branches/SAMBA_4_0/source/smbd/process_thread.c branches/SAMBA_4_0/source/smbd/rewrite.c branches/SAMBA_4_0/source/smbd/server.c Log: commit the start of the generic server infastructure the idea is to have services as modules (smb, dcerpc, swat, ...) the process_model don't know about the service it self anymore. TODO: - the smbsrv should use the smbsrv_send function - the service subsystem init should be done like for other modules - we need to have a generic socket subsystem, which handle stream, datagram, and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server , or for smb or dcerpc or whatever to connect to a server wide auth service) - and other fixes... NOTE: process model pthread seems to be broken( but also before this patch!) metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/sourcerev=1486nolog=1
Re: svn commit: samba r1486 - in branches/SAMBA_4_0/source: auth include ntvfs/cifs param rpc_server smb_server smbd
[EMAIL PROTECTED] schrieb: Author: metze Date: 2004-07-13 21:04:56 + (Tue, 13 Jul 2004) New Revision: 1486 Added: branches/SAMBA_4_0/source/smbd/server.h branches/SAMBA_4_0/source/smbd/service.c branches/SAMBA_4_0/source/smbd/service.h Modified: branches/SAMBA_4_0/source/auth/auth.c branches/SAMBA_4_0/source/include/includes.h branches/SAMBA_4_0/source/include/local.h branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c branches/SAMBA_4_0/source/param/loadparm.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h branches/SAMBA_4_0/source/rpc_server/dcerpc_tcp.c branches/SAMBA_4_0/source/smb_server/connection.c branches/SAMBA_4_0/source/smb_server/negprot.c branches/SAMBA_4_0/source/smb_server/reply.c branches/SAMBA_4_0/source/smb_server/request.c branches/SAMBA_4_0/source/smb_server/service.c branches/SAMBA_4_0/source/smb_server/smb_server.c branches/SAMBA_4_0/source/smb_server/smb_server.h branches/SAMBA_4_0/source/smbd/config.m4 branches/SAMBA_4_0/source/smbd/config.mk branches/SAMBA_4_0/source/smbd/process_model.c branches/SAMBA_4_0/source/smbd/process_model.h branches/SAMBA_4_0/source/smbd/process_single.c branches/SAMBA_4_0/source/smbd/process_standard.c branches/SAMBA_4_0/source/smbd/process_thread.c branches/SAMBA_4_0/source/smbd/rewrite.c branches/SAMBA_4_0/source/smbd/server.c Log: commit the start of the generic server infastructure the idea is to have services as modules (smb, dcerpc, swat, ...) the process_model don't know about the service it self anymore. TODO: - the smbsrv should use the smbsrv_send function - the service subsystem init should be done like for other modules - we need to have a generic socket subsystem, which handle stream, datagram, and virtuell other sockets( e.g. for the ntvfs_ipc module to connect to the dcerpc server , or for smb or dcerpc or whatever to connect to a server wide auth service) - and other fixes... NOTE: process model pthread seems to be broken( but also before this patch!) ...and also remove the build options -b option from smbd this stuff should be handle by the build system in future... -- metze Stefan Metzmacher metze at samba.org www.samba.org signature.asc Description: OpenPGP digital signature
CVS update: cifsvfs/fs/cifs
Date: Tue Jul 13 21:56:57 2004 Author: sfrench Update of /home/cvs/cifsvfs/fs/cifs In directory dp.samba.org:/tmp/cvs-serv20324 Modified Files: cifsfs.c inode.c Log Message: Fix 2.6 to 2.4 backport break for cifs vfs Revisions: cifsfs.c1.46 = 1.47 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/cifsfs.c?r1=1.46r2=1.47 inode.c 1.41 = 1.42 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/inode.c?r1=1.41r2=1.42
CVS update: cifsvfs/fs/cifs
Date: Tue Jul 13 22:19:52 2004 Author: sfrench Update of /home/cvs/cifsvfs/fs/cifs In directory dp.samba.org:/tmp/cvs-serv26157 Modified Files: CHANGES README TODO asn1.c cifs_debug.c cifs_uniupr.h cifssmb.c connect.c dir.c file.c inode.c misc.c Log Message: Finish 2.6 backport to 2.4 of 1.20 version of cifs vfs Revisions: CHANGES 1.52 = 1.53 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/CHANGES?r1=1.52r2=1.53 README 1.23 = 1.24 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/README?r1=1.23r2=1.24 TODO1.19 = 1.20 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/TODO?r1=1.19r2=1.20 asn1.c 1.6 = 1.7 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/asn1.c?r1=1.6r2=1.7 cifs_debug.c1.22 = 1.23 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/cifs_debug.c?r1=1.22r2=1.23 cifs_uniupr.h 1.2 = 1.3 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/cifs_uniupr.h?r1=1.2r2=1.3 cifssmb.c 1.61 = 1.62 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/cifssmb.c?r1=1.61r2=1.62 connect.c 1.56 = 1.57 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/connect.c?r1=1.56r2=1.57 dir.c 1.23 = 1.24 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/dir.c?r1=1.23r2=1.24 file.c 1.61 = 1.62 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/file.c?r1=1.61r2=1.62 inode.c 1.42 = 1.43 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/inode.c?r1=1.42r2=1.43 misc.c 1.24 = 1.25 http://www.samba.org/cgi-bin/cvsweb/cifsvfs/fs/cifs/misc.c?r1=1.24r2=1.25
svn commit: samba-docs r172 - in trunk: . xslt
Author: jelmer Date: 2004-07-13 22:47:11 + (Tue, 13 Jul 2004) New Revision: 172 Modified: trunk/Makefile.in trunk/README trunk/xslt/pearson.xsl Log: Fix explanation of each parameter Work on the pearson XSL script a bit more WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/trunkrev=172nolog=1
svn commit: samba r1487 - branches/SAMBA_3_0/source/libsmb
Author: abartlet Date: 2004-07-14 01:20:50 + (Wed, 14 Jul 2004) New Revision: 1487 Modified: branches/SAMBA_3_0/source/libsmb/cliconnect.c branches/SAMBA_3_0/source/libsmb/clientgen.c branches/SAMBA_3_0/source/libsmb/smb_signing.c Log: Remove unused parameter for the client-side signing functions. Andrew Bartlett WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1487nolog=1
svn commit: samba r1488 - trunk/source/libsmb
Author: jra Date: 2004-07-14 01:33:00 + (Wed, 14 Jul 2004) New Revision: 1488 Modified: trunk/source/libsmb/cliconnect.c trunk/source/libsmb/clientgen.c trunk/source/libsmb/smb_signing.c Log: Janitor work for Mr. Bartlett :-). Remove unused parameter for the client-side signing functions. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1488nolog=1