[Samba] You wouldn't believe, he would say to his brother, what a pleasure thi...

[Rodd Richardson]

bridling recommender sta

Audio (Miusic) Intejrnet Gamies Businjess ... Order ajny soft yjou need for a low 
pirice . For exaimple: shop - 299$ , us - 30$ .

http://geocities.com/low_armstrong_34/

ffs browbeaten purged hampered classified approbation risked jure expeditious postal 
clone i

Take jusit a candy and bvecomie ready for 36 hxours of lvove

http://geocities.com/dyster_tanners_73/

nterchanging pheasants Langford wallowing squads Holmd

This is moxst modern and sxafe way not to caover with shiame Only 15 mvinutes to waait 
FDA Approvecd

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Authentication woes

[Brian Witowski]

Hello,

I have a perplexing problem.  Im running Mandrake 10.0 and samba 3.0 setup
as a domain controller.  My client machines are XP Pro.  I can join the
domain and my "Homes" directory connects as it should.  But that's all I can
do.  I have other shares that I can't access.  For instance, I have a
"downloads" share.  Ive tried every conceivable setting but when I try to
access that share, it prompts for my username and password.  I enter it but
it doesn't take.  It just asks again.  I've tried different logins and get
the same result.  Ive tried setting "guest=yes and that didn't help. Ive set
the attributes to 777 and that didn't help.

Evidently it doesn't see my netlogon share either because my logon script
never runs.  Ive included my samba.conf for inspection.  Keep in mind this
is only one of MANY configurations I've tried.  Any help would be greatly
appreciated.

Brian

---

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/10/07 07:23:18

# Global parameters
[global]
workgroup = PYRAMID
netbios name = SERVER
interfaces = eth1, lo
bind interfaces only = Yes
username map = /etc/samba/smbusers
log level = 31
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
add user script = /usr/sbin/useradd -m %u
delete user script = /usr/sbin/userdel -r %u
add group script = /usr/sbin/groupadd %g
delete group script = /usr/sbin/groupdel %g
add user to group script = /usr/sbin/usermod -G %g %u
add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u
shutdown script = /var/lib/samba/scripts/shutdown.sh
abort shutdown script = /sbin/shutdown -c
logon script = \\%L\netlogon\default.bat
logon path = \\server\profiles\%U
logon drive = X:
logon home = \\%L\%U
domain logons = Yes
ldap ssl = no
default service = Downloads
winbind use default domain = Yes

[downloads]
path = /mnt/hda3/downloads
read only = No
create mask = 0777
force create mode = 0777
directory mask = 0777
force directory mode = 0777

[netlogon]
comment = Network Logon Service
path = /mnt/hda3/home/netlogon
read only = No

[brianw]
path = /mnt/hda3/home/brianw
read only = No
guest ok = Yes

[laptop]
path = /home/laptop
read only = No
guest ok = Yes

[profiles]
path = /mnt/hda3/home/samba/profiles
read only = No
guest ok = Yes

[homes]
path = /mnt/hda3/home
read only = No

[jan]
path = /mnt/hda3/home/jan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Firefox overwrites links?

[Jim C.]

I use firefox over a Samba share mapped to a network drive.
If samba had interpreted the link correctly, then shouldn't an attempt 
to write to it have written the file it points to, specifically the 
bookmarks file?

Jim C.
--
-
| I can be reached on the following Instant Messenger services: |
|---|
| MSN: [EMAIL PROTECTED]  AIM: WyteLi0n  ICQ: 123291844 |
|---|
| Y!: j_c_llings   Jabber: [EMAIL PROTECTED]|
-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] looking for your help

[Siva S Prasad V]

Dear sir,
 
v installed Linux Domain Named System in  Enterprise Linux release ES 3, now
v r not facing any problem in Win98 client joining in DNS, but v are facing
problem in Window XP OS
 
Cld u pl suggest me How can i join in DNS sys with  Windows XP OS client.
 
i extract some information from manual and done all modification in Register
(XP sys) and Local Policies, those are
 
In registry:
 
Hkey_local_machine\system\currentControlSet\\parameters
"RequireSignorseal"= Dword..."0"
 
In Local policies:
 
Local Security Settings
Local Policies
Security Options
Domain number: Digitally encript or sign secure channel dat (
always)= Disable
 
 
in the same they are mentioning "uidnumber=0", Where can i get this option
in XP or Linux PC
 
 
Pl suggest me through mailto:[EMAIL PROTECTED]
 
 
 
thanking you,
 
varaprasad M S
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] rpcclient shutdown with -m

[Flavio Fonseca]

Hello All,

  I used the command rpcclient shutdowninit -m MESSAGE ... 
  to shutdown windows workstations and it used to work just fine.
  After an online update the shutdown script stopped working.
  Trying the command manually I got this return error:
  result was NT code 0x0057

  when I cutoff -m MESSAGE from the script it works fine, but I can't display 
any message to the user on the workstation.

  anyone can help?
-- 
Att.

Flavio Fonseca
Administrador de Redes
Divisao de Redes
Universidade Federal de Uberlandia
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Small bug with Samba 3.0.7's smbd process (or just a bad compilation)???

[Marcello Melfi]

Hi James,

Thanks for taking the time to reply!

You are right about one smbd process listening and the other one handling a
share being accessed by a client workstation (like a Windows XP machine).
However, if no client workstation is connected to a share, there should be
only one smbd process running. This is not my case... I have two of then
right from the start and it should not be so. At least, it was not the case
when I installed and tested successfully Samba 3.0.2a a few months ago.

As for Winbindd, I am still not sure about it... (maybe I do not understand
it as it should be!). I was able to have Samba 3.0.7 running in ADS security
mode. I only started the smbd and nmbd processes. Prior to that, I joined
the Samba machine to the AD server (a Windows 2000 server) with the "net ads
join -U [admin_user]%[password]" command. When I ran the "klist" command, I
did see a ticket for Kerberos 5, although I am not an expert on this
subject. I was able to connect to a share from a Windows XP machine.
However, it always fails at the first attempt (after a reboot, because I
wanted to make sure the cache was flushed), like if the username or the
password was wrong. The Windows XP machine is in the same domain as the AD
server (which is also the KDC server) and I am logged in with the Windows
username authorized (via the Samba's lib/usermap.txt file, i.e. the Windows
username is associated to a Unix username) to access the share.

Any thought on this?

Regards,
 
Marcello
 

-Original Message-
From: James Mauser [mailto:[EMAIL PROTECTED] 
Sent: October 7, 2004 9:21
To: 'Marcello Melfi'
Subject: RE: [Samba] Small bug with Samba 3.0.7's smbd process (or just a
bad compilation)???

Marcello,
 I am not completely sure however, I believe the 2 smbd process span 2 of
them so that one will listening the other will handle the actual processing
of the request.  (Efficiency is what I think I read) 

Winbindd will be used if you want to have user names and password from your
AD to authenticate  to your samba shares.  Also if you are goining the AD
then winbind will need to be running so that the smb box can pass it's id
information to the AD. 
If you have gotten to the point where the samba box will join the AD then it
rather trivial not having to create another UNIX user and another password),
so winbindd would need to be running if you did not want to create a 2nd set
of user names and passwords. 


PAM would be used only if you wanted to have the user log into the Solaris
machine, which is what you said you did not want/need so PAM in your case
would not need to be installed.

Hope this helps a little
James Mauser
College of Engineering
Florida Atlantic University
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marcello
Melfi
Sent: Wednesday, October 06, 2004 10:31 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [Samba] Small bug with Samba 3.0.7's smbd process (or just a bad
compilation)???

Hi,
 
I have compiled and installed Samba 3.0.7 with MIT Kerberos 1.3.5 and
OpenLDAP 2.2.17. The reason for it is that I need to authenticate Windows'
user accesses to a Samba share via the Samba's ADS security mode.
 
I found out one potential problem with Samba 3.0.7 and I have one general
question:
 
Problem

 
Normally, when Samba is started, there should be one smbd process and one
nmbd process up and running. Then, one additional smbd process is started
for each share established with a client pc. However, this is not the case
here. When I start Samba 3.0.7, I get two (instead of one) smbd processes
and one nmbd process. Other then that, everything seems to work ok (although
I did nor had the time to perform a lot of testing...). Is this a new Samba
feature or is there something wrong here?
 
Please note that I started Samba 3.0.7 with the same smb.conf file I used
with Samba 3.0.2a. It is setup in Domain security mode because I wanted
first to make sure that the binaries I created was at least functional.
 
Question
-
 
Whether I use the Domain or ADS security mode, my requirements with Samba is
to have a network share from a Sun Solaris machine to be accessible to a few
(about 15) Windows 2000 machines so that the main application running on
these machines can export many data files on the Sun Solaris machine in a
transparent manner, i.e. thinking it is a Windows server.
 
I do not need (and do not want...) to have users logging on the Sun Solaris
machine and I do not have a need to provide a kind of general file server
service to many Windows users through Samba, nor do I need to implement a
SSO to users having both Windows and UNIX accounts.
 
I was able to implement successfully Samba 3.0.2a in DOMAIN security mode
that way. I need to do it in ADS security mode. The question is: do I really
need Winbindd, PAM, etc. for this? I do not think so in my particular
situation, but I would like to have this confirmed by someone from the Samba
team. Th

[Samba] Help - error on upgrade from samba 2.2.7 to 2.2.12

[bill eight]

Hi!

Summary - 2.2.12 rpm package from us1.samba.org
failed on my redhat 7.3 system

Installing stack version of /etc/pam.d/samba...
error: execution of %postun scriptlet from
samba-2.2.7-3.7.3 failed, exit status 1

looks like the samba server is dead
now.

I stopped and restarted the smb process,
and now people can connect..sort of..
but a few errors at this stage.

What do I do now??

thanks


Ok - looking at adding winXP pro systems
into my old samba server, I noticed that
some of the erratum mentions dealing with
new patches to winXP clients..

so.. I decided time to upgrade from
samba 2.2.3 to 2.2.12 ..

well I found a 2.2.7 rpm at redhat,
and did that (rpm -Fvh samba*). worked.

then I picked up a 2.2.12 rpm from 
us1.samba.org

ftped it..

ftp> mget sam*
mget samba-2.2.12-1_rh73.i386.rpm? y
 
but then got a problem:

[EMAIL PROTECTED] sambadownload]# rpm -Fvh
samba-2.2.12-1_rh73.i386.rpm
Preparing...   
### [100%]
   1:samba  warning:
/etc/samba/smb.conf created as
/etc/samba/smb.conf.rpmnew
### [100%]
Looking for old /etc/smb.conf...
Looking for old /etc/smbusers...
Looking for old /etc/lmhosts...
Looking for old /etc/MACHINE.SID...
Looking for old /etc/smbpasswd...
Moving tdb files in /var/lock/samba/*.tdb to
/var/cache/samba/*.tdb
Installing stack version of /etc/pam.d/samba...
error: execution of %postun scriptlet from
samba-2.2.7-3.7.3 failed, exit status 1
[EMAIL PROTECTED] sambadownload]# smbstatus
/var/cache/samba/connections.tdb not initialized.
This is normal if an SMB client has never connected to
your server.
[EMAIL PROTECTED] sambadownload]#


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] username map for ADS groups

[Greg Adams]

I'm having some kind of trouble mapping all users in an ADS group to a Unix id.

I'm running Samba 3.0.7 on Solaris 9 as a member of a Windows 2000 ADS Domain.

Here's my smb.conf:

[global]

workgroup = ADSDOM
realm = ADSDOM.MY.COM

server string = Samba 3.0.7 Test Server

log level = 2

max log size = 100

security = ADS

local master = no

os level = 0

domain master = no

preferred master = no

wins server = ###.###.###.###
dns proxy = no

encrypt passwords = yes

idmap uid = 6-7
idmap gid = 8-9

winbind enum users = yes
winbind enum groups = yes

winbind separator = +

winbind use default domain = no

username map = /opt/samba/lib/username.map
[space]
comment = Space Partition Share
path = /space
public = no
writable = yes
printable = no
browsable = no
create mask = 0777

and here's /opt/samba/lib/username.map

!smbadmin = @"ADSDOM\Domain Admins"
!smbuser = @"ADSDOM\Domain Users"
smbguest = '*'

I know of a user that is in the "ADSDOM\Domain Users" group, called
imguser... if I do
getent passwd | grep imguser
I get
ADSDOM+imguser:x:60001:8:imguser Imaging
User:/home/EDSADDDM/imguser:/bin/false

so, that user is in group 8, so I do
getent group 8
and get
EDSADDDM+Domain Users:x:8:

Now... If I map the space share from a Windows XP client, I get the
following lines in log.smbd:
[2004/10/08 15:16:54, 2] smbd/sesssetup.c:setup_new_vc_session(608)
  setup_new_vc_session: New VC == 0, if NT4.x compatible we would
close all old resources.
[2004/10/08 15:16:54, 2] auth/auth.c:check_ntlm_password(305)
  check_ntlm_password:  authentication for user [imguser] ->
[smbguest] -> [smbguest] succeeded
[2004/10/08 15:16:54, 1] smbd/service.c:make_connection_snum(648)
  mule (199.42.192.45) connect to service space initially as user
smbguest (uid=689013, gid=2503) (pid 1108)


I get the same thing,... where the user gets mapped to smbguest, no
matter what user I use. Winbind isn't correctly determining the group
for the ADS domain users.

Also, another problem that might be related... getent group doesn't
show all the groups I expect it to show. The ADS domain has trusts to
another ADS domain, and also to an NT4 domain. I know for certain that
not all of the NT4 domains show up in wbinfo -g, and even fewer show
up in getent group. And the output of wbinfo -g and getent group are
both not consistent. Sometimes no domain groups at all show up in
getent group.

Anybody have any ideas? I desperately need this functionality to work.

Greg Adams
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Compiling Samba 3.0.7 on AIX

[Doug VanLeuven]

Heath Mason wrote:
I am getting the following errors, when I attempt to compile Samba 3.0.7 on AIX 5.1:
Compiling nsswitch/winbind_nss_aix.c with -O2
nsswitch/winbind_nss_aix.c: In function `wb_aix_init':
nsswitch/winbind_nss_aix.c:980: structure has no member named `method_version'
nsswitch/winbind_nss_aix.c:980: `SECMETHOD_VERSION_520' undeclared (first use in
this function)
nsswitch/winbind_nss_aix.c:980: (Each undeclared identifier is reported only once
nsswitch/winbind_nss_aix.c:980: for each function it appears in.)
make: 1254-004 The error code from the last command is 1.
Stop.
Does anyone have any ideas on how I can get around this error.
 

This was fixed by patch 2759 which isn't in any official release yet.
SECMETHOD_VERSION_520 is for AIX 5.2.
For the time being, until the next release source, you can just delete 
the line.
Regards, Doug

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Can join domain; can't logon

[Chris St. Pierre]

That code hack was designed to be temporary, so that I could make sure
everything else worked (it didn't) in the mean time before I got a fix
for this problem.

Anyhow, that looks like it could work.  In the upgrade from 2.2.8, I
had left  that attribute as just "acctFlags".  Unfortunately, I can't
test for the moment, since, after the upgrade, I've been unable to
join the domain.  Ironically, my problem is now reversed: I can't
join the domain, but if I could, I could probably login.

Thanks for all your help; I'm going to grind away at my current
problem for a while.

Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University

On Fri, 8 Oct 2004, Igor Belyi wrote:

>Chris St. Pierre wrote:
>
>> I did some further investigation, and it appears that in the
>> conditional on lines 250-254 of rpc_server/srv_netlog_nt.c in
>> get_md4pw() is where the failure point is.  Namely, the account is not
>> disabled, and the pass is not null, but none of the trust checks pass.
>> (acct_ctrl == 16).  I put a quick hack in pdb_get_acct_ctrl() on line
>> 45 of passdb/pdb_get_set.c ("return ACB_WSTRUST;") to get past this
>> immediate problem; it worked, but logins still don't work.  There's
>> some sort of problem with credentials that I've been trying to work
>> out.
>>  
>I would recommend to change account to be Workstation account instead of
>hacking the code. :o)
>
>> ldapmodify
>dn: uid=guinea-pig$,ou=people,o=nebrwesleyan.edu,o=isp
>changetype: modify
>replace: sambaAcctFlags
>sambaAcctFlags: [W  ]
>
>Just a note: when creating machine account with smbldap-useradd.pl by hand use
>-w option instead of -a - just like the one used in your smb.conf.
>Another note: despite what you heard it's quite possible to put machine
>accounts in a separate LDAP directory.
>
>Let me know if you still have problems.
>Igor
>
>-- 
>To unsubscribe from this list go to the following URL and read the
>instructions:  http://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Users can delete a file they don't have permition in the public share

[Guenther Deschner]

On Fri, Oct 08, 2004 at 04:31:16PM -0400, Igor Belyi wrote:
> To prevent deletion you should remove write access on the directory 
> containing the file: chmod a-w /home/samba/public
> 
> Igor

This a known bug. See https://bugzilla.samba.org/show_bug.cgi?id=1886

Thanks,
Guenther
-- 
Guenther Deschner, SerNet Service Network GmbH
Phone: +49-(0)551-37-0,  Fax: +49-(0)551-37-9


pgp9iOvSNT6xY.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Users can delete a file they don't have permition in the public share

[Igor Belyi]

To prevent deletion you should remove write access on the directory 
containing the file: chmod a-w /home/samba/public

Igor
Bruno Gimenes Pereti wrote:
Hi!
I'll try to explain all the situation to help you understand the 
problem. I have a Samba 3.0.4 + LDAP + ACL PDC and I use poledit to 
define the background image of the users to \\PDC\public\background.bmp, 
this file:

-rw-r--r--1 Administrator root   787510 09-23 17:34 background.bmp
Yes, the acl is not used in this file. This is the public share in 
smb.conf:

[public]
  comment = Compartilhamento Público
  path = /home/samba/public
#   public = yes
#   guest ok = yes
  writable = yes
  create mask = 0666
  directory mask = 777
  printable = no
  invalid users = prova
yesterday one of the users (students) deleted this file and I thought 
they shouldn't have permission to do this because they don't have write 
permission in the file.

I tried every thing I know about permition (that's not much) and 
couldn't find a solution. What can I do to prevent the students to 
delete this file?

Thanks,
Bruno Pereti.
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Users can delete a file they don't have permition in the public share

[Bruno Gimenes Pereti]

Hi!
I'll try to explain all the situation to help you understand the problem. I 
have a Samba 3.0.4 + LDAP + ACL PDC and I use poledit to define the 
background image of the users to \\PDC\public\background.bmp, this file:

-rw-r--r--1 Administrator root   787510 09-23 17:34 background.bmp
Yes, the acl is not used in this file. This is the public share in smb.conf:
[public]
  comment = Compartilhamento Público
  path = /home/samba/public
#   public = yes
#   guest ok = yes
  writable = yes
  create mask = 0666
  directory mask = 777
  printable = no
  invalid users = prova
yesterday one of the users (students) deleted this file and I thought they 
shouldn't have permission to do this because they don't have write 
permission in the file.

I tried every thing I know about permition (that's not much) and couldn't 
find a solution. What can I do to prevent the students to delete this file?

Thanks,
Bruno Pereti. 

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] WinXP SP2 machines disappear from the workgroup controlled by Samba

[Modestas Vainius]

Hi,

I have a problem which I couldn't solve myself thus decided to ask here. My 
setup is rather basic. There are over 20 PCs in the network, most of them 
running WinXP Home SP2 and WinXP Pro SP2, a few Windows 98 SE and the Linux 
(Debian) server running samba 3.0.7(-1). They all are in the same subnet. 
Windows clients and samba are configured to participate in the same 
workgroup. WINS is disabled. I want samba host to be a local master for the 
workgroup, thus I set the following options in the smb.conf:

local master = yes
preffered master = yes
os level = 65

Everything works as expected for approx. 30 mins since samba was started: 
samba wins browser elections and becomes a local master for the workgroup. 
All PCs are visible (either in "My Network Places" or smbclient -L) and 
accessible. However, WinXP machines just disappear from the list of known 
servers after ~30 mins (they are still accessible directly 
via //netbiosname/, but they are missing from "smbclient -L localmaster" or 
"My Network Places"). Win98SE clients and samba server stay in the list all 
the time though.

The situation turns completely different way if I let WinXP to win the 
elections. Then none of hosts disappear including WinXP PCs. However, I want 
the linux box to be local master, but not WinXP.

With the help of ethereal and after looking up in the samba source I 
discovered that samba maintains the server list relying on BROWSER Host 
Announcements from other network hosts. However, WinXP doesn't send them on 
regular basis. WinXP sends one on boot and one on shutdown. Irregularly 
several announcements slip through approx. two times a day, but, obviously, 
that's not enough, so samba just expires not-responding hosts after ~30 mins. 
MS docs claim that Windows XP PCs should announce about themselves every 12 
minutes, but that's not true in my case for some reason. BTW, win98SEs send 
host announcements every 4 minutes, so they don't disappear.

When Windows XP is operating as the local master, other WinXP hosts don't send 
announcements either. However, it seems WinXP uses another way to check which 
hosts are still alive...

How could I solve this issue? I imagine, a solution would be to enable WINS 
server in smb.conf and all clients or to setup a domain (but XP Homes can't 
join it). Maybe I miss an option in smb.conf? or do I need to change some 
deeply hidden registry setting in WinXP?

P.S. It doesn't matter if Windows XP SP2 firewall is enabled (with appropriate 
exceptions of cource) or disabled. I haven't tested with SP1 though, thus 
this issue may be related to WinXP SP2 Home/Pro Editions only.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] ads_connect: Connection refused

[Jason Pyeron]

I was trudging around the source to understand this, and now I am really 
confused.

It is the case that we are not using LDAP right now.

if "Connected to LDAP server ..." does not show up in the log then either 
"ads_find_dc: no realm or workgroup! Don't know what to do" or 
"ads_find_dc: looking for ..." MUST show up.

but why don't they?

full details and logs at:
http://projects.pyerotechnics.com/show_bug.cgi?id=197#c10

Sincerely,

Jason Pyeron

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron  PD Inc. http://www.pdinc.us -
- Partner & Sr. Manager  #1 2739 Saint Paul Street  -
- +1 (410) 808-6646 (c)  Baltimore, Maryland 21218  -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba with winbindd AD Group access limit problem

[Andreas]

On Thu, Oct 07, 2004 at 04:22:04PM -0400, [EMAIL PROTECTED] wrote:
> I'm running Samba 3.0.2 on Solaris using winbindd to allow me to security
> tailor access to subdirectories on a Samba share. We assign the
> subdirectories within a Samba share to an Active Directory group name. This
> generally works fine but I am having user access issues from the Win2K / Win
> XP workstations that have mapped the share. The problem seems to be related
> to the number of groups / total length of group names the user is assigned
> to in Active Directory. If there are too many groups (or the aggregate
> length of all group names is too long), the user cannot access the secured
> directories even though they are a member of the group in AD. If I keep
> reducing the number of assigned groups in AD, the user can, at some point,
> gain access to the directories.
> 
> Can someone tell me the following:
> 1. What limitation is causing this problem?
> 2. How to I remove the limitation?

I had this problem. Try this patch (for 3.0.7, I don't know if it applies to 3.0.2):


--- branches/SAMBA_3_0/source/nsswitch/winbind_nss_linux.c  2004/04/04 10:42:06
 3
+++ branches/SAMBA_3_0/source/nsswitch/winbind_nss_linux.c  2004/09/20 20:18:19
 2451
@@ -833,25 +833,38 @@
 
/* Skip primary group */
 
-   if (gid_list[i] == group) continue;
+   if (gid_list[i] == group) {
+   continue;
+   }
 
-   /* Add to buffer */
+   /* Filled buffer ? If so, resize. */
 
-   if (*start == *size && limit <= 0) {
-   (*groups) = realloc(
-   (*groups), (2 * (*size) + 1) * 
sizeof(**groups));
-   if (! *groups) goto done;
-   *size = 2 * (*size) + 1;
+   if (*start == *size) {
+   long int newsize;
+   gid_t *newgroups;
+
+   newsize = 2 * (*size);
+   if (limit > 0) {
+   if (*size == limit) {
+   goto done;
+   }
+   newsize = newsize < limit ? newsize : limit;
+   }
+
+   newgroups = realloc((*groups), newsize * 
sizeof(**groups));
+   if (!newgroups) {
+   *errnop = ENOMEM;
+   ret = NSS_STATUS_NOTFOUND;
+   goto done;
+   }
+   *groups = newgroups;
+   *size = newsize;
}
 
-   if (*start == *size) goto done;
+   /* Add to buffer */
 
(*groups)[*start] = gid_list[i];
*start += 1;
-
-   /* Filled buffer? */
-
-   if (*start == limit) goto done;
}
}

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Trust between two samba

[Igor Belyi]

"security = DOMAIN" means that server is a member of a domain and not a 
PDC. To set servera as a PDC you will need to use "security = USER" 
(which is the default). Please, read Samba-HOWTO.

Igor
Šopík Bronislav wrote:
Hi,
it is my project in the school, I need to create this trust between two domains.
 My smb.conf are follow:
In servera:
[global]
   workgroup = DOMAINA
   netbios name = SERVERA
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3 
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes
serverb>
[global]
   workgroup = DOMAINB
   netbios name = SERVERB
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3 
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes
IPaddresses are:
servera 192.168.100.10
serverb 192.168.100.11
If can someone help my, I will be very happy. 
Thank you.

Best regards
Citace z emailu od rruegner <[EMAIL PROTECTED]>:

Šopík Bronislav schrieb:
I have a problem with Samba:
I want to make trust between two Samba domains. I have setup the trust on
the
DOMAINB server then on the Samba DOMAINA server  "net rpc
trustdom establish DOMAINB"  I then get the following:
Password: [entered password]
Could not connect to server SERVERB[this is the PDC for the DOMAINB
domain]
Trust to domain DOMAINB established
When I then try to logon to the DOMAINB domain from XP computers in
DOMAINA
domain, I always get a fail with bad password.
Please can someone help me.
Sopik Brona
hi,
this normally is a network problem for establish the trust
a good connection and wins browsing must work
but there may be also some other issues which bug your trust, what are 
the log talking of?
Regards



--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Tandem / ServerNet 74000

[Bernard J Bradford]

Im unable to install SAMBA on my 74000 ServerNet Tandem system. Im
currently running OSS under G06.11 OS. None of the of the instructions in
the  many help HTML file are working for me. After running the command
"make installbin  and  make installman" I was able to read SAMBA man pages
via the man command but the
output looks bad. Files and directories described do not match the what on
the system. Thinking is to delete it all and start over. But without
instruction that specific to Tandem OSS I little hope of success.

Can you Help?


-
The information contained in this electronic mail message, and any and all
accompanying documents, constitutes confidential information.  If you are
not the intended recipient of this information, any disclosure, copying,
distribution, or the taking of any action in reliance on it is strictly
prohibited.  If you received this information in error, please notify the
sender immediately and destroy this communication.  Messages sent via this
medium may be subject to delays and/or unauthorized alteration.  Neither
The Bank of Tokyo-Mitsubishi, Ltd. nor any of its affiliates shall be held
liable for the contents of this message.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: NT 4 Client, Samba user w/no password

[Igor Belyi]

M Middleton wrote:
I've got several users I created with a blank password (only temporary
until I can get the system fully operational, long story behind that),
but for some reason when I try to access a share that a user with no
password is authorized for, NT 4 won't let me in to the share.
Any and all assistance is greatly appreciated!
You need to verify that "Account Policy" for your NT4 domain in "Minimum 
Password Length" properties has "Permit Blank Passwords" checked.

Igor
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] something

[Jason Pyeron]

what are the permissions on the mount point?

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron  PD Inc. http://www.pdinc.us -
- Partner & Sr. Manager  #1 2739 Saint Paul Street  -
- +1 (410) 808-6646 (c)  Baltimore, Maryland 21218  -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: smbfs timestamp problem

[Igor Belyi]

smbfs is not the same as Samba - they use although the same net 
protocol. You can try to put files into share with smbclient to see if 
Samba also has the same problem, but if it's smbfs specific you will 
need to go to the correct maintainer. You can also try to mount share 
with CIFS - they say it provides much better results than smbfs.

Igor
Nigel Roberts wrote:
Here's a curly one.
I have a share mounted via smbfs on my linux desktop. This share is on
a NetApp filer somewhere, but I've also tried this on a an old linux
server as well, and I have the same problem. 

Basically, since day light savings came into effect here (NZDT or
+13), any file I create on the share gets a time creation timestamp
that is way out (approximately 12 hours and 48 minutes behind). This
really confuses applications that rely on these times for normal
operation, such as emacs.
If I create a file on the local file system, it gets the correct date.
Here's an example:
first local:
$ date && touch new && ls -l new
Tue Oct  5 17:18:41 NZDT 2004
-rw-r--r--  1 nigelr nigelr 0 2004-10-05 17:18 new
$
and then the remote samba share:
$ date && touch new && ls -l new
Tue Oct  5 17:17:22 NZDT 2004
-rwxr--r--  1 nigelr nigelr 0 2004-10-05 04:30 new
$
The date on both the servers are correct as they are using the same
ntp time source as my desktop. If I create a file using windows to
access the share, it get's the correct date (and it reads as the
correct date using linux as well).
I'm using version 3.0.7 of the samba tools and I have a linux 2.6.8.1
kernel.
Anyone seen anything like this before? Any suggestions?
Regards,
Nigel
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] something

[lyubo hristov]

Hello ,
 I write this letter 'cas i have a problem and I dont know how to fix It! I can share 
folder without problem, but if they are on the linux file system. If I try to share 
something whitch is on a fat partition, this share want root account to connect in ! 
How to change this .. Is there a option that can aply share like guest ok 
even the filesystem ! I will be very happy if you answer me ! Good bye for now 

-
http://www.atol.bg - Намери бившите си съученици и стари приятели !
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Re: Connecting to Samba from an external subnet

[Jay B Knotts]

Make sure "hosts.allow" gives permission to the external ip address too.

-Original Message-
From: Igor Belyi [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 07, 2004 10:26 PM
To: [EMAIL PROTECTED]
Subject: [Samba] Re: Connecting to Samba from an external subnet


Gary Green wrote:
> I'm new to samba, but I've been reading a few guides and I think I 
> have
> it set up somewhat correct.  Connecting to it via linux or windows on 
> the local lan is no problem, as long as the personal firewall settings 
> are allowing it.
> 
> Problem is I still can't get any computer off the LAN to connect to 
> it.
> At first I thought maybe it was the server's firewall settings, so I 
> pretty much dropped all protection and made it as open as possible:
> 
> $IPTABLES -P INPUT ACCEPT
> $IPTABLES -F INPUT
> $IPTABLES -P OUTPUT ACCEPT
> $IPTABLES -F OUTPUT
> $IPTABLES -P FORWARD DROP
> $IPTABLES -F FORWARD
> 
> Obviously a security risk, but I just wanted to find the problem.
> Unfortunately this didn't solve the problem.  I didn't see much about 
> what I can set in smb.conf to address external networks.  The only thing 
> I added was "hosts allow = ALL" but again, no luck.
> 
> Is there something specific I need to do to make samba work over the
> internet?
> 
> Thanks for any help

Does your Samba listen on "off the LAN" interface? Check your 
"interfaces" and "bind interfaces only" parameters in smb.conf

Igor

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] ads_connect: Connection refused

[Jason Pyeron]

when I exec the net group command to list the groups, i get a cryptic 
error message, the a group listing.

what is ads_connect, and what would an error from it mean?

then I can work on fixing it.

[EMAIL PROTECTED] /]# net group
root's password:
[2004/10/08 11:44:46, 0] utils/net_ads.c:ads_startup(183)
  ads_connect: Connection refused
Linux Admins
Domain Admins
Domain Guests
Domain Users
System Operators
Replicators
Guests
Power Users
Print Operators
Administrators
Account Operators
Backup Operators
Users


full story and files at:

http://projects.pyerotechnics.com/show_bug.cgi?id=197

-- 
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron  PD Inc. http://www.pdinc.us -
- Partner & Sr. Manager  #1 2739 Saint Paul Street  -
- +1 (410) 808-6646 (c)  Baltimore, Maryland 21218  -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

This message is for the designated recipient only and may contain 
privileged, proprietary, or otherwise private information. If you 
have received it in error, purge the message from your system and 
notify the sender immediately.  Any other use of the email by you 
is prohibited.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Question about FileSystemWatcher

[Polonski, Nathan]

Has anyone ever tried to use .net FileSystemWatcher against a Samba server?
Microsoft says that FileSystemWatcher commands only work against Win2k or
greater servers. 

Does anyone know if Samba can emulate this support?

FileSystemWatcher is a component of .net that let's the program listen for
File system change alerts, such as when a file is written, changed, deleted,
etc. 

Any help would be greatly appreciated! I couldn't find anything in the
archives anywhere. 

--Nathan
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Can join domain; can't logon

[Igor Belyi]

Chris St. Pierre wrote:
I did some further investigation, and it appears that in the
conditional on lines 250-254 of rpc_server/srv_netlog_nt.c in
get_md4pw() is where the failure point is.  Namely, the account is not
disabled, and the pass is not null, but none of the trust checks pass.
(acct_ctrl == 16).  I put a quick hack in pdb_get_acct_ctrl() on line
45 of passdb/pdb_get_set.c ("return ACB_WSTRUST;") to get past this
immediate problem; it worked, but logins still don't work.  There's
some sort of problem with credentials that I've been trying to work
out.
 

I would recommend to change account to be Workstation account instead of 
hacking the code. :o)

> ldapmodify
dn: uid=guinea-pig$,ou=people,o=nebrwesleyan.edu,o=isp
changetype: modify
replace: sambaAcctFlags
sambaAcctFlags: [W  ]
Just a note: when creating machine account with smbldap-useradd.pl by 
hand use -w option instead of -a - just like the one used in your smb.conf.
Another note: despite what you heard it's quite possible to put machine 
accounts in a separate LDAP directory.

Let me know if you still have problems.
Igor
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] (retry) 3.0.7: 'map to guest' incomplete behavior

[Heath Kehoe]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(my first attempt got mangled because of the attachments, so I'm 
reposting)

I have a 3.0.7 server that is part of an active directory domain, and I
have a problem where 'map to guest = Bad User' doesn't do what I expect.
On this system, unix users are a subset of AD users.  Those users who
have accounts on both unix and AD can access the Samba server; but users
who have an AD account but not a unix account can not.  What I want is
for those users without a unix account to still be able to access the
world-readable shares as 'guest'.
In my smb.conf, I have 'map to guest = Bad User' and
'guest account = guest'.  But even with those settings, we still
get an error in the smb log: "Username DOMAIN\blah is invalid on this
system".
However, if a user specifies a bogus username when setting up the drive
map (i.e., a username that does not exist in AD) then Samba will
proceed to connect that user as 'guest'.  In other words, 'map to guest'
only works if the given username is not in AD.
I modified reply_spnego_kerberos() in smbd/sesssetup.c so that it would
use the guest user if the user is not in the unix password db and
'map to guest' is on.  The patch is available here:
http://www.avalon.net/~hakehoe/diff2.txt
If the developers have a problem with extending the 'map to guest'
functionality in this way, then I suggest you add a new option
('unix map to guest' or something).
I know that there's a hook to have smbd create user accounts on the
fly, but that is not an acceptable solution in my environment.  I
need to have unknown (but valid) AD accounts map to 'guest'.
- - heath
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFBZrsh4uXPAG0A1J4RAtW2AKDEsOTml5wkHaZQLqn7TtODEO5EHwCgi8O9
A39HNsOJIeCwUI12hMsMyVo=
=kj+J
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] (retry) 3.0.7: username map doesn't work with security=ADS

[Heath Kehoe]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(OK, my first message got mangled because of the attachments, so I'm 
reposting)

I've got a samba 3 box that's part of an AD domain.  It works correctly
for most users; but there was a problem where certain users couldn't
connect.  We'd get a log message that looks like this:
Username SAMPLE.COM\pcuser is invalid on this system
It turns out that the users who could not connect are those who have a
different unix username then their AD username.  Even though I have a
username map file set up, samba didn't seem to be using it.
This bug appeared somewhere between 3.0.2a and 3.0.6.  When we were on
3.0.2a, the username map worked.
I looked at the code, and found a problem in smbd/sesssetup.c:
reply_spnego_kerberos() calls map_username() with "DOMAIN\username"
but map_username() expects the username without the domain.
So, as a workaround, I could change my usermap file to include the
domain with the usernames; e.g.,
unixuser = pcuser SAMPLE.COM\pcuser
but that's kind of clunky.  So instead I created a patch for
source/smbd/sesssetup.c, which I put here:
http://www.avalon.net/~hakehoe/diff1.txt
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFBZrp64uXPAG0A1J4RAoNFAJwMH1iAArYJA6RIDIECNIIsgl6q+ACcCtcK
c1R0Xg1ureKLzMobLB4P+sE=
=ghP7
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] authentication failed

[Steven J. Backus]

  Pre compiled solaris x86 binaries, can't log in from Windows
2000.  Here's my smb.conf:

[global]
workgroup = WORKGROUP
netbios name = ANYNAME
encrypt passwords = no
[9gb]
path = /anal4/9gb

Can log in fine using a Mac OSX or Unix smbclient.  Also tried

encrypt passwords = yes

and creating password file with smbpasswd, same results.  Log file
says:

[2004/10/08 09:36:35, 1] smbd/reply.c:(925)
  Rejecting user 'backus': authentication failed
[2004/10/08 09:36:35, 3] smbd/error.c:(127)
  32 bit error packet at line 639 cmd=115 (SMBsesssetupX) eclass=c06d [Error: 
Unknown error (109,49152)]
[2004/10/08 09:36:35, 3] smbd/error.c:(143)
  error string = No such file or directory

Windows says:

System error 1326 has occurred.
Logon failure: unknown user name or bad password

Help, thanks.

Steve
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Printer Device Modes

[Ryan Suarez]

Greetings Admins,
The howto details setting the device mode using a windows client:
http://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/printing.html#id2552900
Is there a way to script this process?  We support 260+ printers and 
it's a pain in the ass.  (My wrist is hurting!)

regards,
Ryan
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.6 and OpenLDAP performance problem

[rruegner]

Marcel de Riedmatten schrieb:
Le jeu 07/10/2004 à 23:05, Tomasz Finke a écrit :
Marcel de Riedmatten wrote:

You aren't running winbind aren't you ?
No, I'm not, just slapd, nscd and Samba.

I have looked in my log and i see something similar as you, except this
append after the logon script is closed. I see at least three time the
same enumeration request:
Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SRCH
base="dc=nofida,dc=ch" scope=2
filter="(&(uid=*)(objectClass=sambaSamAccount))"
Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SRCH attr=uid
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
displayName sambaHomeDrive sambaHomePath sambaLogonScript
sambaProfilePath description sambaUserWorkstations sambaSID
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount
sambaBadPasswordTime
Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SEARCH RESULT
tag=101 err=0 nentries=37 text=

With 37 entries i don't see performance issue. This is with samba 3.05
(debian). I'all check later if this is realy has to do with the logon
process. 

Another question: have you replicated your ldap server ?

there were failures with 3.06 and ldap update to 3.07
Regards
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Trouble compiling pam_winbind 3.0.8pre1 on Solaris 9

[Chew, Darren]

Hi All,

I am having trouble compiling Samba 3.0.8pre1 with pam_winbind. I am using 
the following configure string.

./configure --prefix=/usr/local/samba --exec-prefix=/usr/local/samba 
--with-libiconv=/usr/local/lib --with-ldap=/opt/csw
--with-krb5=/usr/local/krb5 --with-automount --with-pam --with-ldapsam 
--with-utmp --with-libsmbclient --with-winbind

... and I get the following output

checking security/pam_modules.h usability... no
checking security/pam_modules.h presence... yes
configure: WARNING: security/pam_modules.h: present but cannot be compiled
configure: WARNING: security/pam_modules.h: check for missing 
prerequisite headers?
configure: WARNING: security/pam_modules.h: see the Autoconf documentation
configure: WARNING: security/pam_modules.h: section "Present But 
Cannot Be Compiled"
configure: WARNING: security/pam_modules.h: proceeding with the 
preprocessor's result
configure: WARNING: security/pam_modules.h: in the future, the compiler 
will take precedence
configure: WARNING: ## -- ##
configure: WARNING: ## Report this to the AC_PACKAGE_NAME lists.  ##
configure: WARNING: ## -- ##
checking for security/pam_modules.h... yes
checking security/_pam_macros.h usability... no
checking security/_pam_macros.h presence... no
checking for security/_pam_macros.h... no

Any help much appreciated.

Darren

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.7 on Linix/Sparc

[Jeremy Allison]

On Fri, Oct 08, 2004 at 12:33:49AM -0400, Jason McCormick wrote:
> Tony Breeds wrote:
> 
> >I was told to experiment with the following settings
> >
> >use sendfile = no
> >large readwrite = no
> >max xmit = 16644
> >
> >For me the sendfile option was the correct answer.
> 
> 'use sendfile = no' appears to be the winner for me as well.  Is this a 
> bug or expected behavior?  Thanks for the help!

It's a Linux kernel bug I think although I'm not 100% sure.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] smbmount equiv. to mount -o hard,intr?

[Les Schaffer]

i checked the FAQ and newsgroup archives, maybe i missed this, but. is there
a way to to mount an smbfs so that if the remote machine goes down or
offline, the local machine does not hang processs waiting for it to return?

for NFS it would be:

mount -t nfs -o hard,intr

but i do not see any equivalent for smbfs. for example, smb4k hangs hard
when the remote machine get turned off and smb4k had mounted windows
partitions.

thanks

les schaffer


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Can join domain; can't logon

[Chris St. Pierre]

On the LDAP server:

> ldapsearch -b "ou=people,o=nebrwesleyan.edu,o=isp" "uid=guinea-pig$" \
sambaSID
uid=guinea-pig$,ou=people,o=nebrwesleyan.edu,o=isp
sambaSID=S-1-5-21-2507527290-1625623118-1076039497-3002

On the Samba server:

> /usr/local/samba/bin/net getlocalsid
SID for domain TESTERATOR is: S-1-5-21-2507527290-1625623118-1076039497

So yes, they match.

I did some further investigation, and it appears that in the
conditional on lines 250-254 of rpc_server/srv_netlog_nt.c in
get_md4pw() is where the failure point is.  Namely, the account is not
disabled, and the pass is not null, but none of the trust checks pass.
(acct_ctrl == 16).  I put a quick hack in pdb_get_acct_ctrl() on line
45 of passdb/pdb_get_set.c ("return ACB_WSTRUST;") to get past this
immediate problem; it worked, but logins still don't work.  There's
some sort of problem with credentials that I've been trying to work
out.

Anyhow, that's everything I know about the problem; here's the smbd
log.  Thanks for looking at this.

[...snip...]
[2004/10/07 16:14:09, 5] lib/smbldap.c:smbldap_search(963)
  smbldap_search: base => [o=nebrwesleyan.edu,o=isp], filter => 
[(&(uid=GUINEA-PIG$)(objectclass=sambaSamAccount))], scope => [2]
[2004/10/07 16:14:09, 2] passdb/pdb_ldap.c:init_sam_from_ldap(485)
  init_sam_from_ldap: Entry found for user: guinea-pig$
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_username(625)
  pdb_set_username: setting username guinea-pig$, was 
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 12 -> now SET
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_domain(652)
  pdb_set_domain: setting domain NWU_TEST, was 
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_nt_username(679)
  pdb_set_nt_username: setting nt username guinea-pig$, was 
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 15 -> now SET
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_user_sid_from_string(565)
  pdb_set_user_sid_from_string: setting user sid 
S-1-5-21-2507527290-1625623118-1076039497-3002
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_user_sid(552)
  pdb_set_user_sid: setting user sid S-1-5-21-2507527290-1625623118-1076039497-3002
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 18 -> now SET
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaPrimaryGroupSID] = []
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_group_sid(588)
  pdb_set_group_sid: setting group sid S-1-5-21-2507527290-1625623118-1076039497-513
[2004/10/07 16:14:09, 10] passdb/pdb_compat.c:pdb_set_group_sid_from_rid(100)
  pdb_set_group_sid_from_rid:
setting group sid S-1-5-21-2507527290-1625623118-1076039497-513 from rid 513
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaPwdLastSet] = []
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaLogonTime] = []
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaLogoffTime] = []
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaKickoffTime] = []
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaPwdCanChange] = []
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaPwdMustChange] = []
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_fullname(706)
  pdb_set_full_name: setting full name guinea-pig$, was 
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_init_flags(525)
  element 13 -> now SET
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaHomeDrive] = []
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_dir_drive(787)
  pdb_set_dir_drive: setting dir drive , was NULL
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaHomePath] = []
[2004/10/07 16:14:09, 4] lib/substitute.c:automount_server(323)
  Home server: testerator
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_homedir(814)
  pdb_set_homedir: setting home dir \\testerator\guinea-pig_, was 
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaLogonScript] = []
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_logon_script(733)
  pdb_set_logon_script: setting logon script scripts\logon.bat, was 
[2004/10/07 16:14:09, 10] lib/smbldap.c:smbldap_get_single_attribute(309)
  smbldap_get_single_attribute: [sambaProfilePath] = []
[2004/10/07 16:14:09, 10] passdb/pdb_get_set.c:pdb_set_profile_path(760)
  pdb_set_profile_path: setting profile path \\testerator\profiles\guinea-pig_, was 
[2004/10/07 16:14:09, 10] lib

[Samba] XP SP2 and Samba 3.0.7 - Printing very slow

[Walter Willmertinger]

As mentioned in some other threads, printing is very slow with 
samba-printers after applying XSP2 to XP.
What is especially slow is the point, when you press ctrl-p after 
working with some document in e.g. MS Word.
It takes about 20 seconds on a fast 3 GHZ computer, before you see the 
printer dialogue.

After setting log level to 10, I noticed some error message in the log 
file, as
 error packet at smbd/ipc.c(99) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW
this message repeats 22 times for one pressing of ctrl-p

If someone is interested, here is a small part of the debug log:
 send_trans_reply: buffer 1024 too 
large  
[2004/10/08 15:36:28, 3] 
smbd/error.c:error_packet(129)
 error packet at smbd/ipc.c(99) cmd=37 (SMBtrans) 
STATUS_BUFFER_OVERFLOW  
[2004/10/08 15:36:28, 5] 
smbd/ipc.c:copy_trans_params_and_data(62) 
 copy_trans_params_and_data: params[0..0] 
data[0..1024]   
[2004/10/08 15:36:28, 5] 
lib/util.c:show_msg(439)  
[2004/10/08 15:36:28, 5] 
lib/util.c:show_msg(449)  
 
size=1080 

 
smb_com=0x25  

 
smb_rcls=5

 
smb_reh=0 

 
smb_err=32768 

 
smb_flg=136   

 
smb_flg2=51201

 
smb_tid=1 

 
smb_pid=1560  

 
smb_uid=100   

 
smb_mid=62977 

 
smt_wct=10

 smb_vwv[ 0]=0 
(0x0)  
 smb_vwv[ 1]= 1024 
(0x400)
 smb_vwv[ 2]=0 
(0x0)  
 smb_vwv[ 3]=0 
(0x0)  
 smb_vwv[ 4]=   56 
(0x38) 
 smb_vwv[ 5]=0 
(0x0)  
 smb_vwv[ 6]= 1024 
(0x400)
 smb_vwv[ 7]=   56 
(0x38) 
 smb_vwv[ 8]=0 
(0x0)  
 smb_vwv[ 9]=0 
(0x0)  
 
smb_bcc=1025  

[2004/10/08 15:36:28, 10] 
lib/util.c:dump_data(1835)   
 [000] 00 05 00 02 03 10 00 00  00 B4 04 00 00 03 00 00   

 [010] 00 9C 04 00 00 00 00 00  00 B8 BF D9 00 8C 04 00   

 [020] 00 70 04 00 00 64 04 00  00 00 00 00 00 00 00 00  .p...d.. 

 [030] 00 00 00 00 00 D4 07 0A  00 05 00 08 00 0D 00 24   
...$
 [040] 00 1C 00 00 00 1B 03 00  00 00 00 00 00 05 00 93   

 [050] 08 01 00 00 00 00 00 00  00 00 00 00 00 1B 03 00   

 [060] 00 00 00 00 00 00 00 00  00 00 00 00 00 01 00 00   

 [070] 00 4A 02 00 00 00 00 00  00 00 00 00 00 00 00 00  .J.. 


Maybe this helps someone, as it is very boring to wait for 
printing!

--
Regards
Walter
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Strange performance issue with Dreamweaver and Samba

[Jeremy Allison]

On Sat, Oct 02, 2004 at 11:49:22PM -0600, [EMAIL PROTECTED] wrote:
> Hi folks.  When using Dreamweaver MX 2004 on a Win2k machine talking to 
> a Samba machine I have a strange problem.
> 
> For every key stroke or mouse event within the Dreamweaver window I see 
> a flurry of SMB packets
> 
> Mostly
> 
> SMB Packet: SMBsesssetupX (REQUEST)
> SMB Packet: SMBsesssetupX (REPLY)
> 
> Flags=0x0
> Length=71   or Length=175
> 
> This obviously causes significant performance issues.

We'll need much more info than this I'm afraid. What Samba
version, do you have a network trace etc.

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Removing a Point And Print printer

[Martin Zielinski]

Hello,

I assume, that the BusinessJet is an ink printer.
Many of the Deskjet drivers need a device mode to function.
Try setting "default devmode = yes" in your smb.conf.

To remove your driver you could use the Windows Gui.
(The remove button in the Drivers tab on your samba server).
Completely removing your printer is more complex. It should be enaugh to 
remove it from your spooler and to restart samba (remove the driver bindings 
before that).
If you want, you can look at the "nt*.tdb" files, to see, what remains.

Bye,
Martin

On Friday 08 October 2004 14:47, Stanley Tim wrote:
> I have a Samba 3.0.4 server that has several point and print printers which
> are functioning just fine.
>
> I have added another printer, an HP BusinessJet 1100d, and attempted to
> load the drivers on the Samba server for that printer (for WinNT, Win2K and
> WinXP). However, now, when attempting to check the properties of that
> printer from a WinXP client (pre SP2) I only get an error and the
> properties box will not display. (Error is Function address 0x60649f55
> caused a protection fault.)
>
> I simply removed that printer, and attempted to install it again. But, I
> continually get the same error.
>
> I tried removing the driver files associated with that printer via the
> PRINT$ share, and loading the drivers again. But, that didn't help.
>
> One thing I noticed, if I check the properties of a working printer, and
> view the drivers available on that server, the BusinessJet printer is still
> a choice, even though I've removed those files. So, I'm wondering if there
> is a file in Linux/Samba that maintains a list of those drivers which I can
> edit?
>
> Any help on completely removing a PointAndPrint printer would be greatly
> appreciated.
>
> Thanks,
> Tim Stanley

-- 
Martin Zielinski                       [EMAIL PROTECTED]
Software Development
SEH Computertechnik GmbH     www.seh.de
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba and printer problem

[Martin Zielinski]

Just to give you an answere at least (you're asking again).
I experienced, that this depends on the printer and the driver.
Some drivers put the number of copies into PJL commands, others may send the 
document multiple times or do different tricks. 

It's definitly no option, that Samba gives cups.

Sometimes it simply doesn't work since not all registry entries for this 
printer are created on the Samba server as they would on a local machine (I 
never saw real driver code...)

You might have to track down, what the reason is. Perhaps take a look at the 
memory settigs in your driver GUI. You could try to reduce the expected 
memory size to force the driver to send the document more than once. 

Bye,

Martin

On Friday 08 October 2004 14:26, Fabio Codecà wrote:
> Hi to all.
> I have a samba PDC that shares correctlly two printers and that have
> never given any problem. Yesterday however I have tryed to print a
> document in more copies and the printer has made only one.
>
> Is it a normal thing or is it a printer setting problem?
>
> Thanks
>
> Ps: I'm using samba 3.0.7, cups 1.1.17

-- 
Martin Zielinski                       [EMAIL PROTECTED]
Software Development
SEH Computertechnik GmbH     www.seh.de
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Contents of samba digest...

[ARamos]

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Thursday, October 07, 2004 2:44 AM
To: [EMAIL PROTECTED]
Subject: samba Digest, Vol 22, Issue 10


Send samba mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.samba.org/mailman/listinfo/samba
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of samba digest..."
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.6 and OpenLDAP performance problem

[Andrew Bartlett]

On Wed, 2004-10-06 at 21:06, Tomasz Finke wrote:
> Hello,
> 
> I'm running Samba 3.0.6 PDC with OpenLDAP 2.1.25 backend on a Linux
> machine with RedHat 3.0 ES installed.  This is a large installation
> with separate Samba BDC and 2 file servers.  The BDC server uses a 
> replica LDAP server, working as slave for the master LDAP server
> installed at PDC.  The number of domain accounts is about 1850 and
> at the moment about 500 machines are added to the Samba domain.  The
> number of machines increased slowly since April and for the last few
> weeks we observed large delays during the domain logons.
> 
> The logon process for some Windows machines takes as much as 10-20
> minutes (!)  For most of the users these times are of course
> unacceptable.

I looked at deploying Samba 3.0.6 at my site, and found that I could not
upgrade past the particular Samba 3.0.3 pre-release that we had at the
time.  

I found that certain windows clients would want to know who was in
certain groups, and if there were a lot of people in those groups, then
all hell broke loose.  On the samba-technical list, we have been looking
at one potential solution, but I think the patch needs more work to make
it robust.

Part of the problem is that it looked for 'primary' group members, by
scanning the entire password database.  This, and possibly the gid->sid
lookups, cause the performance issues.

At one point I thought that get_sid_list_of_group() in groupdb/mapping.c
was the problem, but it's unused now, so you could try current SVN. 
Really, we need to look at the incoming SMB requests, and what LDAP
traffic it produces.  With that data, we should be able to pin down
what's killing things at your site (which may very well be different to
what my problems were).

Andrew Bartlett

-- 
Andrew Bartlett [EMAIL PROTECTED]
Authentication Developer, Samba Teamhttp://samba.org
Student Network Administrator, Hawker College   [EMAIL PROTECTED]


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba as a member of the W2K ADS domain using Kerberos

[Hirantha Wijayawardena]

Dear All,

This is my problem; I have successfully joined the samba server to ADS
domain W2k server: net ads join [EMAIL PROTECTED] without any
errors & ran tests:  wbinfo -u, wbinfo -g, getent passwd, getent group,
without any errors too.

# net ads info - shows:
LDAP server: 10.1.1.70
LDAP server name: dc1
Realm: DOMAIN.COM
Bind Path: dc=DOMAIN,dc=COM
LDAP port: 389
Server time: Fri, 08 Oct 2004 17:03:52 GMT
KDC server: 10.1.1.70

>From windows client machines (Win98/XP) I can access the samba machine
which is logged on to the AD server; but when I try to access the user's
folder at samba server- it won't allow & error message triggered in
/var/log/message:

Oct  8 17:15:34 smb-3 smbd[1920]:   Failed to verify incoming ticket!
Oct  8 17:15:35 smb-3 smbd[1920]: [2004/10/08 17:15:35, 1]
smbd/sesssetup.c:reply_spnego_kerberos(173)
Oct  8 17:15:35 smb-3 smbd[1920]:   Failed to verify incoming ticket!

I so many posts posted with referring to this issue, but I couldn't fine
the exact solution for this. Initially I tried from samba-3.0.2 with
krb5-1.3.3 & I upgraded to samba-3.0.7 & krb5-1.3.4 but no luck. Here
are my .conf files

Distro: Fedora 2

smb.conf file:

[global]
unix charset = LOCALE
workgroup = DOMAIN2K
realm = DOMAIN.COM
server string = Samba 3.0.7
security = ADS
password server = dc1.domain.com
username map = /etc/samba/smbusers
log level = 1
syslog = 9
log file = /var/log/samba/%m
encrypt passwords = yes
max log size = 50
ldap ssl = no
idmap uid = 1-2
idmap gid = 1-2
template primary group = "Domain Users"
template shell = /bin/bash
winbind separator = +
[Homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No


krb5.conf file:

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = DOMAIN.COM
 dns_lookup_realm = true
 dns_lookup_kdc = true

[realms]
 CRESACT.COM = {
  kdc = dc1.domain.com:88
  admin_server = dc1.domain.com:749
  default_domain = domain.com
 }

[domain_realm]
 .crescat.com = DOMAIN.COM
 crescat.com = DOMAIN.COM

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false

Any advice is much appreciate & thanks in advance 

- Hirantha


--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Removing a Point And Print printer

[Stanley Tim]

I have a Samba 3.0.4 server that has several point and print printers which
are functioning just fine.

I have added another printer, an HP BusinessJet 1100d, and attempted to load
the drivers on the Samba server for that printer (for WinNT, Win2K and
WinXP). However, now, when attempting to check the properties of that
printer from a WinXP client (pre SP2) I only get an error and the properties
box will not display. (Error is Function address 0x60649f55 caused a
protection fault.)

I simply removed that printer, and attempted to install it again. But, I
continually get the same error.

I tried removing the driver files associated with that printer via the
PRINT$ share, and loading the drivers again. But, that didn't help.

One thing I noticed, if I check the properties of a working printer, and
view the drivers available on that server, the BusinessJet printer is still
a choice, even though I've removed those files. So, I'm wondering if there
is a file in Linux/Samba that maintains a list of those drivers which I can
edit?

Any help on completely removing a PointAndPrint printer would be greatly
appreciated.

Thanks,
Tim Stanley
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba and printer problem

[Fabio Codecà]

Hi to all.
I have a samba PDC that shares correctlly two printers and that have
never given any problem. Yesterday however I have tryed to print a
document in more copies and the printer has made only one.

Is it a normal thing or is it a printer setting problem?

Thanks

Ps: I'm using samba 3.0.7, cups 1.1.17
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Trust between two samba domains

[Šopík Bronislav]

I have a problem with Samba:
 
I want to make trust between two Samba domains. I have setup the trust on
the DOMAINB server then on the Samba DOMAINA server  "net rpc
trustdom establish DOMAINB"  I then get the following:
 
Password: [entered password]
Could not connect to server SERVERB[this is the PDC for the DOMAINB domain]
Trust to domain DOMAINB established
 
When I then try to logon to the DOMAINB domain from XP computers in
DOMAINA domain, I always get a fail with bad password.

it is my project in the school, I need to create this trust between two
domains.
 My smb.conf are follow:
In servera:
[global]
   workgroup = DOMAINA
   netbios name = SERVERA
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes

serverb>
[global]
   workgroup = DOMAINB
   netbios name = SERVERB
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes

IPaddresses are:
servera 192.168.100.10
serverb 192.168.100.11

Can you help me please?

Best regards
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.6 and OpenLDAP performance problem

[Marcel de Riedmatten]

Le ven 08/10/2004 à 11:01, Tomasz Finke a écrit :
> Marcel de Riedmatten wrote:
> 
> > Another question: have you replicated your ldap server ?
> 
> Yes, I have BDC server with Samba and slave slapd installed.  But
> more than 90% of users choose PDC as their logon server.  The
> "os level" at PDC is set to 255 and on the BDC to 33.  Perhaps
> I should set equal values for both servers?

I made some search on that one. You should probably use a 2 PDC setup
like the one discribed at 

http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html 

toward the end of the page. Both PDC have 

domain master = yes
local master = yes
preferred master = yes
os level = 255

What change is the netbios name and the ldapsam entry doesn't have the
same order. 

-- 
Marcel de Riedmatten



signature.asc
Description: Ceci est une partie de message	=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?=
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: is there log analyzer software for samba ?

[Xavier]

Hi Jim,

I think you can do that with "webmin" and "Webalizer Logfile Analysis"
I have not done for myself with samba , but done this with squid with good
results.

Hope this helps

Xavier


Selon "Jim C." <[EMAIL PROTECTED]>:

> >> MACHINE : aaaUSER : bbbACTION : login/logoutDATE: 01/01/04
> >> 11:11:11
>
> A tool like that would be quite wonderful. :-)
>
> Jim C.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>


--
Xavier
mailto: [EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Samba trust

[Šopík Bronislav]

I have a problem with Samba:
 
I want to make trust between two Samba domains. I have setup the trust on
the DOMAINB server then on the Samba DOMAINA server  "net rpc
trustdom establish DOMAINB"  I then get the following:
 
Password: [entered password]
Could not connect to server SERVERB[this is the PDC for the DOMAINB domain]
Trust to domain DOMAINB established
 
When I then try to logon to the DOMAINB domain from XP computers in
DOMAINA domain, I always get a fail with bad password.

it is my project in the school, I need to create this trust between two
domains.
 My smb.conf are follow:
In servera:
[global]
   workgroup = DOMAINA
   netbios name = SERVERA
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes

serverb>
[global]
   workgroup = DOMAINB
   netbios name = SERVERB
   security = DOMAIN
   encrypt passwords = yes
   local master = yes
   domain logons = yes
   os level = 33
   domain master = yes
   preferred master = yes
   dns proxy = no
   log level = 3
 allow trusted domains = yes

[netlogon]
   comment = Network Logon Service
   path = /home/samba/netlogon
   guest ok = yes

IPaddresses are:
servera 192.168.100.10
serverb 192.168.100.11

Can you help me please? 

Best regards
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Help - Adding winXP pro clients to win95 and Samba 2.2.x setup

[bill eight]

Hi!

Questions.

1) Do I have to upgrade to Samba 3.x
to support winXP pro clients
(NO PDC)

2) What are the complications of adding
WinXP pro clients to an existing win95/samba 2.2.x
network

3) IF i have to upgrade to Samba 3.x,
is it easy, or do I have to plan to
do a bit or a lot of work.

-- background --

I am looking for the easier/quickest way
to do this.

the boss man is happy with the old ways,
and doesn't want a PDC of automounted
home directories.

currently the office has about 6-8 
win95 pcs, using a rh 7.3 linux
file server w/samba 2.2.x

I'm replaced 1/2 of the systems with
winXP pro, and during the initial
test had complications. A winXP pro
clients didn't see or attach to the 
file server. 

I don't know why...

thanks
b




__
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] finally adding winXP pro systems into a win95/samba 2.2.x network

[bill eight]

Hi!

Questions.

1) Do I have to upgrade to Samba 3.x
to support winXP pro clients
(NO PDC)

2) What are the complications of adding
WinXP pro clients to an existing win95/samba 2.2.x
network

-- background --

I am looking for the easier/quickest way
to do this.

the boss man is happy with the old ways,
and doesn't want a PDC of automounted
home directories.

currently the office has about 6-8 
win95 pcs, using a rh 7.3 linux
file server w/samba 2.2.x

I'm replaced 1/2 of the systems with
winXP pro, and during the initial
test had complications. A winXP pro
clients didn't see or attach to the 
file server. 

I don't know why...

thanks
b




___
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba 3.0.6 and OpenLDAP performance problem

[Marcel de Riedmatten]

Le jeu 07/10/2004 à 23:05, Tomasz Finke a écrit :
> Marcel de Riedmatten wrote:
> 
> > You aren't running winbind aren't you ?
> 
> No, I'm not, just slapd, nscd and Samba.


I have looked in my log and i see something similar as you, except this
append after the logon script is closed. I see at least three time the
same enumeration request:


Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SRCH
base="dc=nofida,dc=ch" scope=2
filter="(&(uid=*)(objectClass=sambaSamAccount))"

Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SRCH attr=uid
uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange
sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn
displayName sambaHomeDrive sambaHomePath sambaLogonScript
sambaProfilePath description sambaUserWorkstations sambaSID
sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName
objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount
sambaBadPasswordTime

Oct  8 09:56:08 sarge slapd[25437]: conn=266107 op=401 SEARCH RESULT
tag=101 err=0 nentries=37 text=



With 37 entries i don't see performance issue. This is with samba 3.05
(debian). I'all check later if this is realy has to do with the logon
process. 


Another question: have you replicated your ldap server ?

-- 
Marcel 



signature.asc
Description: Ceci est une partie de message	=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?=
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba