Re: [Samba] printing impossible on win98 and samba 3.0.10
On Mon, 31 Jan 2005 08:35:23 +0100 Erik Thiele [EMAIL PROTECTED] wrote: i now emergency downgraded to 3.0.9 and everything is working. unfortunately it is a production system :) tell me if i can do anything to supply more information to debug the problem. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] mount a share on a W2k server
Hi everybody, excuse me when I ask something maybe 100 times discussed in this newsgroup, I try to mount a share on a W2k server box with samba (from a Fedora 2.6.5 machine) without success. Doing the same with a NT Server machine in the same LAN works perfectly. It seems that it's a problem of the password (encryption ?? digitally sign communications are disabled !!). [EMAIL PROTECTED] root]# mount -t smb -o username=myname //w2kserver/bck Password: 32546: session setup failed: ERRDOS - ERRnoaccess (Access denied.) SMB connection failed [EMAIL PROTECTED] root]# But anonymous login works: [EMAIL PROTECTED] root]# smbclient -L //10.1.1.123 -N Anonymous login successful Domain=[IST] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] Sharename Type Comment - --- Error returning browse list: NT_STATUS_ACCESS_DENIED session request to 10.1.1.123 failed (Called name not present) session request to 10 failed (Called name not present) Anonymous login successful Domain=[IST] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] Server Comment ---- BELL IG DB1 Any ideas ??? -- ___ Dr. Marcus Hoffmann System Engineer / Software Developer Institute of Earth Sciences - SUPSI Via Trevano C.P. 72 CH-6952 Canobbio-Lugano Ticino-SWITZERLAND Direct:Tel +41 (0)58 / 666 62 13 Secretary: Tel +41 (0)58 / 666 62 00 Fax: +41 (0)58 / 666 62 09 eMail: [EMAIL PROTECTED] Internet: http://www.ist.supsi.ch -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount across networks
Hi, I'm still having problem with smbmount across two different networks. My server has a few shares with the guest access enabled, and in the same network of the server, I can mount those shares in guest mode. Nevertheless, in another network I cannot mount the share in guest mode (I get a ERRNOACCESS), and I have to specify a username/password (even the guest one). I cannot understand why, anybody has an idea? I'm using samba 3.0.9. Thanks, Luca -- Luca Ferrari, [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and distribution groups
Hello, Gerald (Jerry) Carter wrote: Peter Kruse wrote: | | Say, I create a distribution group on Windows ADS named | distgroup add as a member a security group named secgroup with a | user robert in it. Then when I look at the groups robert belongs | to, the group distgroup is not listed (checked with wbinfo -r). | Even after winbind cache time has long expired ;) this is the different between a distribution group and a security group from what I understand. The behavior is by design. are you sure? That means if I add read permissions (via ACL) to a directory for group distgroup then the user robert still has no access rights. Although he is member of secgroup which is a member of distgroup. This behaviour is intentionally by design? What are distribution groups then good for? Peter -- Peter Kruse [EMAIL PROTECTED], Chief Software Architect Q-Leap Networks GmbH phone: +497071-703171, mobile: +49172-6340044 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analysis and report
Hi Tony, Thanks for your reply. Ok, that's excellent ! I will look into setting that up. Does anyone know of some reporting tool that generates web-based reports from Samba logs ? Or perhaps a way to get it to log to NT's event viewer ? Perhaps a plug in for Awstats (http://www.awstats.org) ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: Tony Breeds [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Monday, January 31, 2005 9:09 AM Subject: Re: [Samba] Samba log analysis and report On Mon, Jan 31, 2005 at 09:02:28AM +0200, David Wilson wrote: Hi guys, Does anyone know of some decent Samba log analysis software that will report things like user logon/logoff times, computer names etc. ? Thanks in advance. Enabling wtmp should give you the basics of what you're after. see: http://us1.samba.org/samba/docs/man/smb.conf.5.html#WTMPDIRECTORY Yours Tony linux.conf.au http://linux.conf.au/ || http://lca2005.linux.org.au/ Apr 18-23 2005 The Australian Linux Technical Conference! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Veto files applied per group
ReHi, You could also include just a students.conf or students-home.conf in the [home] Definition: [home] path=/home ... include %G-home.conf If there is no %G-home.conf e.g. teachers-home.conf, then nothing is included. Otherwise the definitions are overwritten or extended by the %G-home.conf. You just have to write less lines. HTH, Malte Mueller David Wilson schrieb: Hi guys, I use veto files = /.mp3/.mpg/ etc. on the [homes] share to prevent users from storing media files on a Samba server in the home directories. My client now wishes to make this restriction apply to users who are members of only certain groups. E.g. This restriction must apply to users who are members of the Students group and not apply to users in the Teachers group. I was thinking of having a blank smb.conf file with only the following in it: include = /etc/samba/smb.conf.%G Then having two smb.conf files, namely smb.conf.Teachers and smb.conf.Students. The smb.conf.Students file would have the entire config file and the veto files parameter. The smb.conf.Teachers file would have the entire config file but without the veto files parameter. Makes sense ? Is there perhaps a better way to do this ? Many thanks Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analysis and report
Hi, you could also use the [netlogon] and execute a preexec script there that writes %U, %I and whatever in a database. You will never get logoff times reliably, only if you could convince all your users to allways shutdown their PC and not simply switch it off. Kind regards, Malte Mueller David Wilson schrieb: Hi guys, Does anyone know of some decent Samba log analysis software that will report things like user logon/logoff times, computer names etc. ? Thanks in advance. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Veto files applied per group
Brilliant ! Thanks Malte. That does make sense and seems to be the best route to follow. Thank you for your assistance, greatly appreciated. Keep well. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: M. Müller [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED]; samba@lists.samba.org Sent: Monday, January 31, 2005 11:56 AM Subject: Re: [Samba] Veto files applied per group ReHi, You could also include just a students.conf or students-home.conf in the [home] Definition: [home] path=/home ... include %G-home.conf If there is no %G-home.conf e.g. teachers-home.conf, then nothing is included. Otherwise the definitions are overwritten or extended by the %G-home.conf. You just have to write less lines. HTH, Malte Mueller David Wilson schrieb: Hi guys, I use veto files = /.mp3/.mpg/ etc. on the [homes] share to prevent users from storing media files on a Samba server in the home directories. My client now wishes to make this restriction apply to users who are members of only certain groups. E.g. This restriction must apply to users who are members of the Students group and not apply to users in the Teachers group. I was thinking of having a blank smb.conf file with only the following in it: include = /etc/samba/smb.conf.%G Then having two smb.conf files, namely smb.conf.Teachers and smb.conf.Students. The smb.conf.Students file would have the entire config file and the veto files parameter. The smb.conf.Teachers file would have the entire config file but without the veto files parameter. Makes sense ? Is there perhaps a better way to do this ? Many thanks Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analysis and report
Hi Malte, Thanks for your reply. That sounds like another good way to do things. Thank you for your help again. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: M. Müller [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED]; samba@lists.samba.org Sent: Monday, January 31, 2005 12:01 PM Subject: Re: [Samba] Samba log analysis and report Hi, you could also use the [netlogon] and execute a preexec script there that writes %U, %I and whatever in a database. You will never get logoff times reliably, only if you could convince all your users to allways shutdown their PC and not simply switch it off. Kind regards, Malte Mueller David Wilson schrieb: Hi guys, Does anyone know of some decent Samba log analysis software that will report things like user logon/logoff times, computer names etc. ? Thanks in advance. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Flaky connection
Good morning all, We use Samba over a VPN to mount a remote share on a local machine. Local clients then connect to that. From time to time the connection is lost, causing the local clients to hang. Is there any way to unmount the remote share, or drop the local connections, after a given timeout? My other idea was to have a script regularly ping the VPN connection and unmount the remote share if the connection fails. Thanks in advance, Tom Weissmann -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP clients unable to read user profiles (2.2.3a-14.1)
Hi everyone, thanks to John Terpstra's hint (teh old thread started with Msg [EMAIL PROTECTED]), our xp clients now do join the domain :-). However, they still fail to read user profiles which were created by the old Win98 clients. The relevant parts of smb.conf look like this: begien smb.conf [global] domain master = yes printing = bsd encrypt passwords = yes socket options = TCP_NODELAY kernel oplocks = false wins support = yes printcap name = /etc/printcap case sensitive = no logon script = %U.bat interfaces = 192.168.10.10/255.255.255.0 keep alive = 30 writeable = yes map to guest = Bad User security = user preserve case = yes domain logons = yes workgroup = zentrum load printers = yes os level = 2 logon home = \\%L\%U\profile debuglevel = 4 [netlogon] path = /netlogon writeable = yes guest ok = no [homes] comment = Heimatverzeichnis browseable = yes read only = no writeable = yes create mode = 0750 end smb.conf ... and here's a snip form log.smbd: begin log.smbd unix_clean_name [/profile/xpsp2res.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/xpsp2res.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 125 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 126 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) end log.smbd There are lots of similar messages some of which make sense to me (e.g. I don't have a logon script) . But I am suspicious of things like profile/xpsp2res.dll failed (No such file or directory) File permissions are 755 throughout my user profile (located, of course, in $HOME/profile). Any ideas what's wrong? TIA, Martin -- Dr. Martin Pauly Fax:49-6421-28-26994 HRZ Univ. MarburgPhone: 49-6421-28-23527 Hans-Meerwein-Str. E-Mail: [EMAIL PROTECTED] D-35032 Marburg -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP clients unable to read user profiles (2.2.3a-14.1)
Hello, However, they still fail to read user profiles which were created by the old Win98 clients. Only NT, 2K and XP-Profiles are compatible. Win 95/98 has only rudimental Profiles. matze Martin Pauly schrieb: Hi everyone, thanks to John Terpstra's hint (teh old thread started with Msg [EMAIL PROTECTED]), our xp clients now do join the domain :-). However, they still fail to read user profiles which were created by the old Win98 clients. The relevant parts of smb.conf look like this: begien smb.conf [global] domain master = yes printing = bsd encrypt passwords = yes socket options = TCP_NODELAY kernel oplocks = false wins support = yes printcap name = /etc/printcap case sensitive = no logon script = %U.bat interfaces = 192.168.10.10/255.255.255.0 keep alive = 30 writeable = yes map to guest = Bad User security = user preserve case = yes domain logons = yes workgroup = zentrum load printers = yes os level = 2 logon home = \\%L\%U\profile debuglevel = 4 [netlogon] path = /netlogon writeable = yes guest ok = no [homes] comment = Heimatverzeichnis browseable = yes read only = no writeable = yes create mode = 0750 end smb.conf ... and here's a snip form log.smbd: begin log.smbd unix_clean_name [/profile/xpsp2res.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/xpsp2res.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 125 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 126 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) end log.smbd There are lots of similar messages some of which make sense to me (e.g. I don't have a logon script) . But I am suspicious of things like profile/xpsp2res.dll failed (No such file or directory) File permissions are 755 throughout my user profile (located, of course, in $HOME/profile). Any ideas what's wrong? TIA, Martin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] reload configuration without a stop ?
Hello, i am planning to use samba in my company, first on a test system and later on operational. I have a question about reloading the configuration file. When i do some changes in the configuration file about mappings etc for new users, new folders on request etc and i have to reload the configuration, is that a problem for the connected users ? Will they lose their connection while they are writing or saving or whatever ? cheers, Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Migrating from NT4 to Samba - correct strategy
Thanks for replying. There´s just 20 clients on each domain and they have the same name and password on both domain. I could simply change the domain name on each station but all users will loose their local profiles. So I imagine that it is more productive to simply change the domain name and turn off the old NT server. Is there any pitfall that I can encounter ? Simply changing the domain name in the smb.conf is enough ? It´s easy as that ? Thanks in advance, Josir Gomes Josir Gomes wrote: Hi folks, I have 2 domains: LX01 (WinNT) e LX04 (Samba) and I want consolidate them into one domain LX01. All the stations is looking for LX01. All users are equal on both servers. Can I just turn the WinNT off and rename the Samba server to LX01 ? Is there any problem ? you forgot to mention how many clients on each domain, sometime when clients is less than 50, starting new domain from scartch is the 'correct' way. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] bug in 3.0.11rc1 was not in 3.0.11pre2
hi, it seems there is a bug in 3.0.11rc1 which was not present in 3.0.11pre2. in rc1 only the second net join command is successful ie: -- # net rpc join PDC -U Administrator; net rpc join PDC -U Administrator Password: Create of workstation account failed User specified does not have administrator privileges Unable to join domain KONYVKLUB. Password: Joined domain KONYVKLUB. -- which is strange since nothing happend between the two command! what's more this was good in 3.0.11pre2 (if i downgrade to 3.0.11pre2 the first command is successful). yours. -- Levente Si vis pacem para bellum! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] lost connection to w2k3 - very slow system
Hello I am using samba 3.0.10 connected to w2k3 (domain member) via winbind. Everythings works ok, but when linux (winbind) lost connection to w2k3 system works very slow. e. g. Loging to console - 1min 10sec Apache server - I cannot refresh web site usage cpu is ok - about 5% usage mem is ok too, When I restart winbind or kill them everything works good. What is wrong??? I have the same problem when I connected to w2k3 using 'net ads join' (kerberos) and when I using 'net rpc join'. -- halemb [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How does the UNIX end work?
Hi, I've been trying to find something on this in the docs but have failed so far - perhaps I'm just looking in the wrong place and if so please feel free to reply with a link. My issue is that files create on a samba share in windows are fine. The file is created and is accessible by everyone straight away. But, if I have a unix script create a file on the samba share at the server end it seems to take some time (varies up to a minute) to become available to the windows clients. This has led me to think that there is a list of files which is updated either at the request of smbd (due to access by a windows machine) or after a periodic (every 1 minute?) scan of the files at the UNIX end. Is there a way to shrink or remove this refresh time at all? Cheers Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] WU-FTPD and pam_winbind
Hello, i have some troubles when running wu-ftpd under Solaris 8 with authentication by winbind (pam_winbind). No domain-user can be authenticated by wu-ftpd, error- message in syslog is: Jan 30 15:41:07 sunserv ftpd[2990]: [ID 401707 daemon.error] open_module: /usr/lib/security/pam_winbind.so.1 failed: ld.so.1: in.ftpd: fatal: relocation error: file /usr/lib/security/pam_winbind.so.1: symbol main: referenced symbol not found Jan 30 15:41:07 sunserv ftpd[2990]: [ID 487707 daemon.error] load_modules: can not open module /usr/lib/security/pam_winbind.so.1 but domain-users can login via telnet so it connection to domain is ok and also is authentication. what could be the problem? any additional libs to link with pam_winbind? or with wu-ftpd? thanks a lot, christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux server client in Win2k3 AD domain
How are the time clocks synchronized? - John T. The Linux host is synced with my local server. The Win2k3 I don't know ;) But they stay +/-30s synced! Some wabbling due to VMWare cause clock drift... Did you follow the guidelines in the Samba-Guide Chapter 9? You can obtain it from: http://www.samba.org/samba/docs/Samba-Guide.pdf If any of it does not work please let me know so I can fix it. - John T. Yes, I did follow those guidelines. And I got as far as described. Well, I did spend a few seconds wondering what the '%not2forget' following ... -UAdministrator ... was. But then I am slow at times, I just never tell anyone. (oups!) ... ;) /Jonas P ---8 Jonas Printzén schrieb: Hello folks! I am trying to make sure we can use Linux/Win2k3 mix in my company. After reading up in the documentation I fealt it sounded so good I would propably get there with little effort... Well, halfway there I got fast enough. But that won't do... I have successfully joined the AD-Domain from my Linux host. And I also can authenticate a AD user in the Linux host. I used nsswitch and pam.d/system-auth with winbind... However I can't get to the shared files from a Windows client. I can browse, with a LOT of waiting, so I can see the machine and shares. But I can't login and access files. I tried this both from the Win2k3 AD machine and from my XP desktop. Windows client says the user/password is wrong. In the /var/log/samba/machine logfile i get: [2005/01/29 15:21:48, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! Painfull as it is I have to admit I don't know enough to get any further. Please advice!! -- Jonas Printzén [EMAIL PROTECTED] 'Linux, because reboots are for HW upgrade' still applies.. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] server replication
Hello, I have a new file server and i want it automattically to replicate with another server so if one fails, the other one takes over immediatelly! can i do this with samba as file server ? And what other software do i need ? cheers, Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and distribution groups - solved
This is for the record, thanks for your patience. Gerald (Jerry) Carter wrote: Peter Kruse wrote: | | Say, I create a distribution group on Windows ADS named | distgroup add as a member a security group named secgroup with a | user robert in it. Then when I look at the groups robert belongs | to, the group distgroup is not listed (checked with wbinfo -r). | Even after winbind cache time has long expired ;) this is the different between a distribution group and a security group from what I understand. The behavior is by design. are you sure? That means if I add read permissions (via ACL) to a directory for group distgroup then the user robert still has no access rights. Although he is member of secgroup which is a member of distgroup. This behaviour is intentionally by design? What are distribution groups then good for? Because our domain controller did not run in native mode, I was not able to add a group to a security group. And I thought I can only add groups to distribution groups. This is not true which I found out after switching to native mode. Indeed distribution groups are different: In http://windows.microsoft.com/windows2000/en/server/help/sag_ADgroups_1intro.htm it says: Distribution groups are not security-enabled. They cannot be listed in DACLs. So my fault, there wasn't a problem to begin with. cheers, Peter -- Peter Kruse [EMAIL PROTECTED], Chief Software Architect Q-Leap Networks GmbH phone: +497071-703171, mobile: +49172-6340044 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] reload configuration without a stop ?
You can send all the processes a HUP and they will reload the config. Ordinarily this should not affect them (unless the config change is, for instance, the suppression of a share they happen to be using). smbstatus -p | tail +5 | awk '{print $1}' | xargs kill -HUP The above should do the trick. Yes, there are probably killall or killproc commands that do this, but they have the same name from one OS or distro to another. David On Mon, 31 Jan 2005 11:46:21 +0100, fluppe [EMAIL PROTECTED] wrote: Hello, i am planning to use samba in my company, first on a test system and later on operational. I have a question about reloading the configuration file. When i do some changes in the configuration file about mappings etc for new users, new folders on request etc and i have to reload the configuration, is that a problem for the connected users ? Will they lose their connection while they are writing or saving or whatever ? cheers, Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrade path from 3.0.0 - 3.0.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brent Smith wrote: | | I have just taken over a redhat system with Samba 3.0.0 configured | with security = user, and domain logins enabled. I've included the | smb.conf at the end of this message. | | I would like to upgrade to 3.0.10 for a numbers of reasons, one | being security and one being that password changes don't work | from workstation machines because of the Windows KB828741 | patch. What I want to know, is if I should expect any | incompatibilities between versions or if my existing config | files will work with the new version? This is a mission | critical system, so I really don't want to upgrade unless | there are going to be very minimal issues. | | Will a simple rpm -Uvh ./samba-3.0.10-1_rh9.i386.rpm put me | in the clear? Should be fairly painless. However, make sure you read the WHATSNEW for 3.0.10 and earlier release to review any semantics changes (particularly the ones in 3.0.2a re: the password LCT). Also make sure you backup the necessary files in $(lockdir)/*tdb prior to the upgrade just in case you need to rollback. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/jjcIR7qMdg1EfYRAk91AKC51I0v+MblEUwsBkY1eZDgW6nXeACeKdy7 uYpNUv/gxhUJLC6u/1IM2h0= =/FLt -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to use ldapsam backend without storing any user SID?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dominique Petitpierre wrote: | Hello, | | When Samba is configured to use smbpasswd as a backend, | it uses an algorithm to construct SIDs from uid/gids. | The SIDs are not stored anywhere. | | But when ldapsam is used as a backend, | without changing anything else to the configuration, | a SID *has to* be stored in the entry of each user. | I don't need nor want that. | | - Is it possible to have a LDAP backend but still use | the algorithm to construct SIDs? How? Not currently. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/jlNIR7qMdg1EfYRAmqAAJ47zbl5kJt1dnLAmV1EBlfbaAJrpwCgtZgE Z/JvByAanAQrwofL311RXcY= =ApOE -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] variable substitution broken in 3.0.11pre2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, i upgraded my server from 3.0.10 to 3.0.11pre2 on friday. today i recognized, that the variable substitution isn't working correctly. my smb.conf file containes the following two lines: include = smb.conf.%G include = smb.conf.%U this was working fine with previous samba versions (up to 3.0.10) the included files contained special shares which were accessable by the group members. with 3.0.11pre2 the %U substitution seams to work correctly, but %G isn't working correctly. sometimes the substitution is working, but at the next connect the situation can turn to the complete different. Accessing such a share with smbclient returns NT_STATUS_BAD_NEWTORK_NAME. is it possible that activating substitutions for LDAP directories broke the normal substitutions? any thoughts/solutions would be appreciated. Joerg - -- The beginning is the most important part of the work. -Plato -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB/jl0SPOsGF+KA+MRAlWHAKCVGV3MHPl9HHJqnslZo7CpKzHwiQCgqZ3u sulWvyVbTFGbKKquukImNtg= =snpA -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] variable substitution broken in 3.0.11pre2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joerg Pulz wrote: | Hi, | | i upgraded my server from 3.0.10 to 3.0.11pre2 | on friday. today i recognized, that the variable | substitution isn't working correctly. | | my smb.conf file containes the following two lines: | include = smb.conf.%G | include = smb.conf.%U | ... | is it possible that activating substitutions for LDAP | directories broke the normal substitutions? Can you send me alevel 10 debug logg off list ? I'll try to reproduce this here in the meantime. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/jp2IR7qMdg1EfYRAnROAKC+ZMRsc85IAN5hD0QZo/h/D0CteACbBG25 TrP3IvVLkwDV/O40kOXaD5o= =VrRN -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbstatus not working as non-root user
Hi all, I haven't found any clear information yet about that problem. I'm trying the following workaround, however. If anybody believes it's not the Right Way To Do It, please do not hesitate to tell me. What I need: regular users to be able to use smbstatus, because they need to know what files are in use What I did: I changed the group of smbstatus to smbnull, put its setid bit on, changed the group and permissions on the locks directory and all the .lck files to be writable by smbstatus. This makes smbstatus work for regular users as it did before the upgrade. Is it a security issue? Laurent -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] server replication
Hello, fluppe schrieb: Hello, I have a new file server and i want it automattically to replicate with another server so if one fails, the other one takes over immediatelly! can i do this with samba as file server ? And what other software do i need ? You can use rsync for replication. matze -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] endless loop when searching ldap backend
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, since last week i noticed very strange smbd behaviour. i have one samba PDC and three BDC's all connected to LDAP. the PDC is the LDAP master and the BDC have their own replicated LDAP database. since last week i notced that there are smbd processes on every DC which perform never-ending LDAP searches for ((objectClass=sambaDomain)(sambaDomainName=MY_DOMAIN)) the slapd logfile told me that everytime an entry was returned. later i saw that there are also never-ending searches for (((uid=user)(objectClass=sambaSamAccount))(objectClass=sambaSamAccount)) in this case an entry is returned too. i get a whole lofgfile from smbd conatining these lines: [2005/01/31 15:25:35, 0] smbd/server.c:open_sockets_smbd(388) open_sockets_smbd: accept: Software caused connection abort for every search request, smbd is opening a new LDAP connection, so i have now about 800 smbd - LDAP connections on every DC as there are a lot of LDAP search request per second!!! i have not seen this before samba-3.0.10. on friday i upgraded to samba-3.0.11pre2 but it did not help anything. the latest release notes did not point to any change in the ldapsearch code. is there a new virus that i have not found which causes samba to perform these LDAP searches or is this a serious bug? thanks for any suggestions Joerg - -- The beginning is the most important part of the work. -Plato -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB/kWjSPOsGF+KA+MRAhHAAJwKL1cYU5HcCgRqme34RvHHPFjD/QCfViw0 GfrHCrXnTRTKuu+1IDQX8LE= =PwDv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How does the UNIX end work?
Andrew Edmondson [EMAIL PROTECTED] wrote: I've been trying to find something on this in the docs but have failed so far - perhaps I'm just looking in the wrong place and if so please feel free to reply with a link. My issue is that files create on a samba share in windows are fine. The file is created and is accessible by everyone straight away. But, if I have a unix script create a file on the samba share at the server end it seems to take some time (varies up to a minute) to become available to the windows clients. The question is: how does Windows work ? ;-))) And the answer - it caches. The view of the underlying drive is cached on the Windows side and it takes a few seconds it notices a change. This has led me to think that there is a list of files which is updated either at the request of smbd (due to access by a windows machine) or after a periodic (every 1 minute?) scan of the files at the UNIX end. Is there a way to shrink or remove this refresh time at all? I don't think so. -- Michal Kurowski [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem accessing from windows xp
Hi, I've got a problem with my samba server: all machines (windows xp or not) can access a guest ok share without problem, but one cannot, since a username/password is required. Of course, it should be a problem of the client, but what is the option I'd look for? Thanks, Luca -- Luca Ferrari, [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profile problems
SABINE ZARABIAN wrote: Hi, we are using samba 3.0.10-17 with openlddap 2.2.6-37.22 as backend. We use roaming profiles, but because of problems with different operating systems and the profile size, we want to use locale profiles. I tried to change logon path in smb.conf in an emty string, but no changes, if I delete this entry in smb.conf, samba use a default value and this is on the server. So I tried to change sambaProfilePath in ldap, I tried an emty string, I tried to delete this entry but no changes. I still have roaming profiles. Is there anyone having a good idea to solve me problem ? Sabine Sabine I would first make a local user on the machine instead of the server. I would then go to my computer and properties and copy my roaming profile that is on the server to the profile of the local person you just made. See if that works. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP clients unable to read user profiles (2.2.3a-14.1)
On Monday 31 January 2005 03:26, Martin Pauly wrote: Hi everyone, thanks to John Terpstra's hint (teh old thread started with Msg [EMAIL PROTECTED]), our xp clients now do join the domain :-). However, they still fail to read user profiles which were created by the old Win98 clients. Windows 9x/Me profiles are not compatible with Windows NT4/2000/XP protfiles and can not be shared. - John T. The relevant parts of smb.conf look like this: begien smb.conf [global] domain master = yes printing = bsd encrypt passwords = yes socket options = TCP_NODELAY kernel oplocks = false wins support = yes printcap name = /etc/printcap case sensitive = no logon script = %U.bat interfaces = 192.168.10.10/255.255.255.0 keep alive = 30 writeable = yes map to guest = Bad User security = user preserve case = yes domain logons = yes workgroup = zentrum load printers = yes os level = 2 logon home = \\%L\%U\profile debuglevel = 4 [netlogon] path = /netlogon writeable = yes guest ok = no [homes] comment = Heimatverzeichnis browseable = yes read only = no writeable = yes create mode = 0750 end smb.conf ... and here's a snip form log.smbd: begin log.smbd unix_clean_name [/profile/xpsp2res.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/xpsp2res.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 125 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) error string = No such file or directory [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(103) error packet at smbd/trans2.c(1636) cmd=50 (SMBtrans2) NT_STATUS_NO_SUCH_FILE [2005/01/30 23:35:28, 3] smbd/process.c:process_smb(860) Transaction 126 of length 99 [2005/01/30 23:35:28, 3] smbd/process.c:switch_message(667) switch message SMBtrans2 (pid 7193) [2005/01/30 23:35:28, 4] smbd/uid.c:change_to_user(118) change_to_user: Skipping user change - already user [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1613) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 257 [2005/01/30 23:35:28, 3] lib/util.c:unix_clean_name(387) unix_clean_name [/profile/shell32.dll] [2005/01/30 23:35:28, 3] smbd/trans2.c:call_trans2qfilepathinfo(1634) call_trans2qfilepathinfo: vfs_stat of profile/shell32.dll failed (No such file or directory) [2005/01/30 23:35:28, 3] smbd/error.c:error_packet(91) end log.smbd There are lots of similar messages some of which make sense to me (e.g. I don't have a logon script) . But I am suspicious of things like profile/xpsp2res.dll failed (No such file or directory) File permissions are 755 throughout my user profile (located, of course, in $HOME/profile). Any ideas what's wrong? TIA, Martin -- Dr. Martin Pauly Fax:49-6421-28-26994 HRZ Univ. MarburgPhone: 49-6421-28-23527 Hans-Meerwein-Str. E-Mail: [EMAIL PROTECTED] D-35032 Marburg -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP-Clients loose file permissions
Hello, we are using a Samba 2.0.7 on AIX. Our XP (SP 1) clients can connect to the server, they are able to create and delete files. In the evening the clients are powered off. When these clients reconnect in the morning, using the same login name as the day before, they are not allowed to delete files they have created the day before. The logfile says: Permission denied. The ownership and rights of this file on the filesystem are the same on both days. Thanks for any ideas or help, Stefan -- * in-put GbR - Das Linux-Systemhaus Stefan-Michael Günther Moltkestraße 49 D-76133 Karlsruhe Tel./Fax : +49 (0)721 / 83044 - 98/93 http://www.in-put.de * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] mass user creation
Hi, i plan to mass creat user in ldap to use with samba I tried with ldiff like the structure below, the user is created but no home directory is created, user in not member on any groups. 1) how to do with ldiff file to put a user member of a group ? So i plan to use smbldap-useradd = home drectorie is created with the appropriated rights, user is member of Domain Users : Great ! My goal is to creat a script that will, for each user in a text file, call smbldap-useradd. I think that this won't be too difficult (any hint will be apreciated) My problem is that i also want to generate a password with smbldap-passwd. But this script doesn't accept any parameters. It prompts for a password ... 2) Is there a solution to avoid this problem so that i also can generate mass user password ? Thanks Here's my ldiff : dn:uid=pat.dub,ou=People,dc=samba,dc=alsace,dc=iufm,dc=fr changetype: add objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSAMAccount cn: Pat Dub sn: pat.dub uid: pat.dub uidNumber: 1001 gidNumber: 513 homeDirectory: /home/admin/strasbourg/pat.dub loginShell: /bin/false gecos: Pat DUB description: Pat DUB sambaPwdLastSet: 1106131176 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2052116073 displayName: Pat DUB sambaAcctFlags: [UX] sambaSID: S-1-5-21-3283536956-439905991-814256716-5000 sambaPrimaryGroupSID: S-1-5-21-3283536956-439905991-814256716-513 sambaNTPassword: 9ABB609276FF0C69184CC4766A8ED206 sambaLogonScript: logon.bat userPassword: {SSHA}bgyoqB7fFClEfmqdPaZnIZh/41t6xJO3 sambaHomeDrive: p: -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mass user creation
You could edit the script to run mkntpwd to generate the passwords yourself. I used the following perl code in my scripts... #!/usr/local/bin/perl -Tw # use File::Temp qw/ tempfile /; #... ...Some code # # # create a temp file and write the users new password into it, file is automtically deleted. my $password = $_; my ($fh, $filename) = tempfile(UNLINK = 1); print $fh $password; # Run mkntpasswd reading the password from file, this is the secure way i think... my $winpass = `/usr/sbin/mkntpwd -f $filename`; #The output is 2 passwords joined by a :, split them into 2 varibles my ($LANpass, $NTpass) = split /:/, $winpass; # So you have the Lan Man password in $LANpass and Your NT Password in $NTpass. Update LDAP with the values from the variables. hope this helps Patrick DUBAU wrote: Hi, i plan to mass creat user in ldap to use with samba I tried with ldiff like the structure below, the user is created but no home directory is created, user in not member on any groups. 1) how to do with ldiff file to put a user member of a group ? So i plan to use smbldap-useradd = home drectorie is created with the appropriated rights, user is member of Domain Users : Great ! My goal is to creat a script that will, for each user in a text file, call smbldap-useradd. I think that this won't be too difficult (any hint will be apreciated) My problem is that i also want to generate a password with smbldap-passwd. But this script doesn't accept any parameters. It prompts for a password ... 2) Is there a solution to avoid this problem so that i also can generate mass user password ? Thanks Here's my ldiff : dn:uid=pat.dub,ou=People,dc=samba,dc=alsace,dc=iufm,dc=fr changetype: add objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount objectClass: sambaSAMAccount cn: Pat Dub sn: pat.dub uid: pat.dub uidNumber: 1001 gidNumber: 513 homeDirectory: /home/admin/strasbourg/pat.dub loginShell: /bin/false gecos: Pat DUB description: Pat DUB sambaPwdLastSet: 1106131176 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2052116073 displayName: Pat DUB sambaAcctFlags: [UX] sambaSID: S-1-5-21-3283536956-439905991-814256716-5000 sambaPrimaryGroupSID: S-1-5-21-3283536956-439905991-814256716-513 sambaNTPassword: 9ABB609276FF0C69184CC4766A8ED206 sambaLogonScript: logon.bat userPassword: {SSHA}bgyoqB7fFClEfmqdPaZnIZh/41t6xJO3 sambaHomeDrive: p: -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] mass user creation
1) how to do with ldiff file to put a user member of a group ? You have the gid specified so that will get your primary group, adding secondary groups is not as easy though. The secondary groups you are a member of is stored in the group, via the multi-value property memberUID. You'll have to ldapmodify the groups you want to be a member of with the appropriate member's uid. 2) Is there a solution to avoid this problem so that i also can generate mass user password ? You could pipe your script, depending on the language, into the smbpasswd command. I believe Jerry has posted something like this for a shell language: echo $pass $pass smbpasswd -a $username Also, you may want to leave off your samba parameters in the ldif, they will get added by the smbpasswd command. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profile problems
I tried to change logon path in smb.conf in an emty string, but no changes, if I delete this entry in smb.conf, samba use a default value and this is Make sure you also don't have a profile share if you're using something like \server\profiles\%U, which is the default. Setting a blank string should also work here. Remember that your clients will probably remember what the profile path was for an account, so be sure to try with a fresh user. Check the output of pdbedit -v username to be sure the server won't be giving out a (valid) default path. on the server. So I tried to change sambaProfilePath in ldap, I tried an emty string, I tried to delete this entry but no changes. I still have roaming profiles. This one won't work. An empty string in ldap, as far as I've found, is a deleted attribute, so it will default to the server setting. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap smbpasswd
I think I got passed this by uncommenting a lot of stuff in samba.schema ( smbpasswd error messages were informative enough, thank you ). Now I'm stuck with this when trying smpasswd -a to add samba attributes to ldap account. it seems like smbpasswd is trying to add an entry, instead of updating it. I don't see any switches to smbpasswd to modify its behavior. Any thoughts ? ldapsam_modify_entry: Failed to add user dn= uid=username,ou=People,dc=edpausa,dc=com with: Already exists synrat wrote: freebsd 5.3, samba 3.10 I get this far with LDAP/Samba integrationg. Stuck on creating users/machines with smbpasswd -a (-m) username command. schema files weren't modified, everything else is pretty much at defaults. First the relevant config parts: passdb backend = ldapsam_compat:ldap://localhost/ ldap suffix = dc=company,dc=com ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap admin dn = cn=Manager,dc=company,dc=com - include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema access to attrs=userPassword,sambaLMPassword,sambaNTPassword by self write by anonymous auth by * none access to * by * read -- bash-2.05b# smbpasswd -D 256 -a username Netbios name list:- my_netbios_names[0]=SKYWALKER Trying to load: ldapsam_compat:ldap://localhost/ Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam_compat:ldap://localhost/ (ldapsam_compat) Found pdb backend ldapsam_compat pdb backend ldapsam_compat:ldap://localhost/ has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init New SMB password: Retype new SMB password: smbldap_search: base = [dc=company,dc=com], filter = [((uid=username)(objectclass=sambaAccount))], scope = [2]smbldap_open_connection: ldap://localhost/ smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://localhost/ as cn=Manager,dc=company,dc=com ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesfully connected ldapsam_getsampwnam: Unable to locate user [username] count=0 Finding user username Trying _Get_Pwnam(), username as lowercase is username Get_Pwnam_internals did find user [username]! pdb_set_username: setting username username, was element 12 - now SET pdb_set_full_name: setting full name User Name, was element 13 - now SET pdb_set_unix_homedir: setting home dir /home/username, was NULL element 22 - now SET pdb_set_domain: setting domain SKYWALKER, was element 14 - now DEFAULT pdb_set_user_sid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 element 18 - now SET pdb_set_user_sid_from_rid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 from rid 3008 smbldap_search: base = [dc=company,dc=com], filter = [((objectClass=sambaGroupMapping)(gidNumber=1004))], scope = [2] smbldap_open: already connected to the LDAP server ldapsam_getgroup: Did not find group pdb_set_group_sid: setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009 element 19 - now SET pdb_set_group_sid_from_rid: setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009 from rid 3009 Home server: skywalker pdb_set_profile_path: setting profile path \\skywalker\username\profile, was element 2 - now DEFAULT Home server: skywalker pdb_set_homedir: setting home dir \\skywalker\username, was element 1 - now DEFAULT pdb_set_dir_drive: setting dir drive , was NULL element 3 - now DEFAULT pdb_set_logon_script: setting logon script , was element 4 - now DEFAULT element 20 - now DEFAULT pdb_init_sam_new: no RID specified. Generating one via old algorithm pdb_set_user_sid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 element 18 - now SET pdb_set_user_sid_from_rid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 from rid 3008 element 20 - now CHANGED element 20 - now CHANGED element 33 - now CHANGED element 32 - now CHANGED element 11 - now CHANGED element 21 - now CHANGED account_policy_get: maximum password age:-1 element 10 - now CHANGED account_policy_get: minimum password age:0 element 9 - now CHANGED account_policy_get: password history:0 element 34 - now CHANGED
Re: [Samba] RID/SIDs
Unfortunatly its in spanish On Sat, 29 Jan 2005 17:06:59 +0100 (CET), Tony Earnshaw [EMAIL PROTECTED] wrote: Daniel Corbe: The smbldap-adduser function works fantastically for adding new accounts to the system. I already have existing accounts though in LDAP that I need to add all the Samba attributes to. I was just going to write a quick and dirty little perl script for it; however I need to understand how the individual users are assigned SIDs first. The info in this entire thread, plus the answer to what you ask, is included in the Samba (v.3) PDC LDAP howto by Ignacio Coupeau, CTI, University of Navarra, http://www.unav.es/. Obviously the RID/SID stuff has to be known, to enable meaningful LDAP administration. I'm an utter newbie to Samba (o.k., v 3.0.9 works fine for me as an XP/2000 PDC with openldap 2.2.17), but I'm still finding things out at the rate of knots, after a couple of weeks from scratch. Surprisingly enough, the help facility on my single home Windows XP workstation is a gem on RID/SID information, well written too. No, I do not normally like Windows (or Microsoft in general). --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] abonnement
je m'abonne = ya moto te 0815060564 Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba authentication slow against PDC
Just an update on what the fix for this problem was. It was an entry called username level which in our smb.conf file was set to 8. This caused the samba server to query ldap 256 times per user which caused the CPU on our PDC/LDAP server to peg. After setting this entry to 0 everything is working as it should. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Folder Redirection, Roaming Profiles and Working Offline
HI, Sorry boring you, but I readed an article about Samba and Folder redirection. I have a problem about Samba and Active Directory (server 2003) authentication. I use de FreeBSD 4.10. Can you help me about that? Thanks MN -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] print queue problems
I have Samba 3.0.7 on a Solaris 9 box. I have a printer share and can print to the printer. However, my Windows XP client does not remove the print job from its print queue after the job has printed. Also, the icon for the printer in the Printers and Faxes window shows 5 where you would expect to see the number of print jobs, and hovering the mouse over it brings up: Status: Ready Documents: 5 There are no jobs in the print queue on the Solaris system (lpstat -oprinter). Where should I start looking to find out what is wrong? It would help to know how Windows gets the number of documents and what it checkes so that it can remove the document from its list of print jobs. Phil. --- Phil Chambers ([EMAIL PROTECTED]) University of Exeter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind: SID_TO_UID not working for trusted domains?
Hi all, I have a problem with the mapping sid - uid. Setup: * Samba 3.0.10, security = ads, role is ads member server. * Several trusted domains * ADS is in sync with an Openldap server (posixAccount) * winbind must not use idmap (Because every Winuser already has an uid which is in ADs and on the Ldap server) Lets say we have one global domain GLOBAL and several subdomains A,B,C and D. Samba is member of A (workgroup = A) and B,C and D are all trusted. I test sid to uid mapping using wbinfo: wbinfo -S sid only works for users in domain A. if I try wbinfo -S sid of user in B I get this: Could not convert sid users sid to uid As a result, users in other domains than A cannot be added to file ACLs because Samba cannot find the correct uid belonging to a sid. Can this be related to the following? wbinfo -n user only works for domain A. to get wbinfo -n user in B working I have to tell the domain like: wbinfo -n 'B\user in B' Any hints? Thanks in advance! I have tested several setting, but I am clueless now.. :-( And please tell me if you need further infos.. This is the smb.conf's global section: [global] netbios aliases = some aliases password server = pdc01, pdc02, * workgroup = A security = ads realm = A.GLOBAL interfaces = 127.0.0.1 eth0 bind interfaces only = true load printers = no unix charset = LOCALE domain master = no local master = no # smb ports: default is 139 445 # but: if we listen on 445, %L is not available smb ports = 139 wins server = 193.197.136.66 193.195.151.104 193.196.151.66 name resolve order = wins bcast ldap filter = ((uid=%u)(objectclass=posixAccount)) ldap admin dn = admin dn winbind trusted domains only = yes winbind use default domain = no winbind cache time = 0 -Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] print queue problems
Where should I start looking to find out what is wrong? It would help to know how Windows gets the number of documents and what it checkes so that it can remove the document from its list of print jobs. Not sure of the versions affected, but there are several bugs related to this in the latest stable (.10) that are supposed to be fixed in the next release (.11) currently in pre status. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] reload configuration without a stop ?
By default Samba will read the configuration file every 60 seconds so no HUP is needed. I have however done this without affecting currently connected users. The caveat is that if configuration changes are made to shares that users are already connected to, those changes will not be seen. If changes to the underlying UNIX file system is changed(protectecions primarily) then another set of problems may occur. HTH, spike David Landgren wrote: You can send all the processes a HUP and they will reload the config. Ordinarily this should not affect them (unless the config change is, for instance, the suppression of a share they happen to be using). smbstatus -p | tail +5 | awk '{print $1}' | xargs kill -HUP The above should do the trick. Yes, there are probably killall or killproc commands that do this, but they have the same name from one OS or distro to another. David On Mon, 31 Jan 2005 11:46:21 +0100, fluppe [EMAIL PROTECTED] wrote: Hello, i am planning to use samba in my company, first on a test system and later on operational. I have a question about reloading the configuration file. When i do some changes in the configuration file about mappings etc for new users, new folders on request etc and i have to reload the configuration, is that a problem for the connected users ? Will they lose their connection while they are writing or saving or whatever ? cheers, Phil. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap smbpasswd UH???
I can't really guess the point of your intelligent answer from this. If I have to assume you're surprised, I guess I am too. The cn exists in ldap, with all the attributes that I imported from other databases, the message given by smbpasswd suggests that it either tried to create an entry or update it with sambaaccount attributes ( which it didn't ), neither of which are the expected results. can you be more specific? maybe I'm misunderstanding how this should work alltogether. thanx in advance Ruth Chaplin wrote: WHAT?? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of synrat Sent: 31 January 2005 16:13 To: samba@lists.samba.org Subject: Re: [Samba] ldap smbpasswd I think I got passed this by uncommenting a lot of stuff in samba.schema ( smbpasswd error messages were informative enough, thank you ). Now I'm stuck with this when trying smpasswd -a to add samba attributes to ldap account. it seems like smbpasswd is trying to add an entry, instead of updating it. I don't see any switches to smbpasswd to modify its behavior. Any thoughts ? ldapsam_modify_entry: Failed to add user dn= uid=username,ou=People,dc=edpausa,dc=com with: Already exists synrat wrote: freebsd 5.3, samba 3.10 I get this far with LDAP/Samba integrationg. Stuck on creating users/machines with smbpasswd -a (-m) username command. schema files weren't modified, everything else is pretty much at defaults. First the relevant config parts: passdb backend = ldapsam_compat:ldap://localhost/ ldap suffix = dc=company,dc=com ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap admin dn = cn=Manager,dc=company,dc=com - include /usr/local/etc/openldap/schema/core.schema include /usr/local/etc/openldap/schema/cosine.schema include /usr/local/etc/openldap/schema/nis.schema include /usr/local/etc/openldap/schema/inetorgperson.schema include /usr/local/etc/openldap/schema/samba.schema access to attrs=userPassword,sambaLMPassword,sambaNTPassword by self write by anonymous auth by * none access to * by * read -- bash-2.05b# smbpasswd -D 256 -a username Netbios name list:- my_netbios_names[0]=SKYWALKER Trying to load: ldapsam_compat:ldap://localhost/ Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend guest Successfully added passdb backend 'guest' Attempting to find an passdb backend to match ldapsam_compat:ldap://localhost/ (ldapsam_compat) Found pdb backend ldapsam_compat pdb backend ldapsam_compat:ldap://localhost/ has a valid init Attempting to find an passdb backend to match guest (guest) Found pdb backend guest pdb backend guest has a valid init New SMB password: Retype new SMB password: smbldap_search: base = [dc=company,dc=com], filter = [((uid=username)(objectclass=sambaAccount))], scope = [2]smbldap_open_connection: ldap://localhost/ smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://localhost/ as cn=Manager,dc=company,dc=com ldap_connect_system: succesful connection to the LDAP server The LDAP server is succesfully connected ldapsam_getsampwnam: Unable to locate user [username] count=0 Finding user username Trying _Get_Pwnam(), username as lowercase is username Get_Pwnam_internals did find user [username]! pdb_set_username: setting username username, was element 12 - now SET pdb_set_full_name: setting full name User Name, was element 13 - now SET pdb_set_unix_homedir: setting home dir /home/username, was NULL element 22 - now SET pdb_set_domain: setting domain SKYWALKER, was element 14 - now DEFAULT pdb_set_user_sid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 element 18 - now SET pdb_set_user_sid_from_rid: setting user sid S-1-5-21-2472404719-3990724825-3229645963-3008 from rid 3008 smbldap_search: base = [dc=company,dc=com], filter = [((objectClass=sambaGroupMapping)(gidNumber=1004))], scope = [2] smbldap_open: already connected to the LDAP server ldapsam_getgroup: Did not find group pdb_set_group_sid: setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009 element 19 - now SET pdb_set_group_sid_from_rid: setting group sid S-1-5-21-2472404719-3990724825-3229645963-3009 from rid 3009 Home server: skywalker pdb_set_profile_path: setting profile path \\skywalker\username\profile, was element 2 - now DEFAULT Home server: skywalker pdb_set_homedir: setting home dir \\skywalker\username, was element 1 - now DEFAULT pdb_set_dir_drive: setting dir drive , was NULL element 3 - now DEFAULT
Re: [Samba] Write list access to Read only share
Thanks for the tip. I tried it for a user/password that was installed in smbpasswd and it worked just like you suggested. However, I am trying to setup a samba system that can painless plug into small workgroup networks. I want users to be able to access the system without having to set up a username/ password, except for write access to the read only share. (I have another share which is guest ok, guest only for public use). When I tried to access the server from a user/password that was not installed in the smbpasswd file, I get a prompt for a username/password just connecting to the IPC. So security = user, doesn't seem to work. I experimented some with Windows sharing and I am not sure that I could setup the Windows shares the way I wanted to setup Samba either. So my conclusion is that I am not sure that Samba currently can do what I hoped. I am still not sure whether the fact that it doesn't work is a bug or a lack of functionality... I thought this should work based on all of the documentation I have gone through. A simple version of my smb.conf (with extraneous stuff to this issue stripped out looks like this: [GLOBAL] . . . security = share guest account = smbuser [SHARE] path = /mnt/win/Share read only = no guest ok = yes guest only = yes [CONTENT] path = /mnt/win/Content read only = yes guest ok = yes write list = ... Thanks Tony Gaddis remote [EMAIL PROTECTED] wrote: Had a similar problem a few weeks ago. I found out that your config only works if you have set security = user in the global section. Then, a login box should pop up the first time you try to access the share. For some reason, Windows remembers what you enter in this box, even if you don´t check Remember Username/Password, so be careful with it. Good Luck, Jörg - Original Message - From: Tony Gaddis To: Sent: Friday, January 28, 2005 9:47 AM Subject: [Samba] Write list access to Read only share I have been at this problem for almost a week on my own... I am running Samba 3.0.4 on a linux 2.4.26 kernel. I have a share that I want to be read only to the world and writable by members of the write list: [Content] path = /mnt/win/Content read only = yes quest ok = yes write list = sam I set a password for sam using smbpasswd. I believe all of the UNIX permissions are set correctly. I can access the share fine in read only mode. But as user sam on a Windows machine, I try to copy a file to the share and on the first attempt, I get a message Invalid MS-DOS function. On the second attempt, I get the message Access is denied. By looking at the logs, I see that I get an NT_STATUS_WRONG_PASSWORD for sam; since the Windows share password has no value yet, nothing is sent during the session setup. I see that I am connected as the guest user, initially during the session setup and when I try to copy the file. The guest user then gets a Permission denied message when open_file is called which makes sense because guest has only read privilege. Shouldn't I see a prompt on my Windows system to provide a share password? And then once I provide a share password, I should be connected as sam? (I have another share which is accessible only by a valid user list and that is the behavior when I first try to connect to it). Thanks Tony Gaddis - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Too many groups?
Hi list. When I execute net groupmap list I get many many groups. Lot of them has the same name (for example Domain Admins). Is this normal? What could be wrong? I run a samba with an ADS (win2k3). I login correctly in the AD, I can get the list of users and groups (wbinfo -u/-g). Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] What's the deal with connecting back to the client on port 445?
hi list, I'm a bit of an old skool Samba user, have started using it back in the dark 0.9-ish days. To that end, the ports 137, 138 and 139 and burned deep into my neurons. I've just recently upgraded everything to 3.0.10 (the oldest Samba installation running was 2.2.3). I've seen a lot of garbage disappear from the Network Neighborhood, which is a good thing. One thing, however, has been puzzling me. If I try to browse the printers on another subnet, the server immediately comes back to me and tries to start talking to my client on port 445 (I'm aware that it's the AD service port). The firewall silently discards the packet, the connection eventually times out, and then proceeds on the older Netbios ports and stuff starts to work. I'm looking for best practices with port 445. Can I open just this port, and close down the 137-139 ports, or open it in addition, or do something else so that Samba doesn't try to attempt the initial connection? (Considering that I have only XP clients, WinNT 200x and Samba 3.0.10+ servers)? I can understand why the client might try to see whether 445 is open, I'm a bit puzzled as to why the servers do. The main point is that I want to kill the initial delay as the 445 connection times out. Thanks, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11rc1 Available for Download
On Fri, 28 Jan 2005 15:15:07 -0600, Gerald Carter [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This is a release candidate of the Samba 3.0.11 code base and is provided for testing only. While close to the final stable release, this snapshot is *not* intended for production servers. If all goes well, this this version will become the final 3.0.11 stable release (with possible minor changes). Common bugs fixed in 3.0.11rc1 include: Light testing here appears to indicate that it has fixed the bug of ever-increasing number of documents appearing in Printer job windows. thanks, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: 2 Domains on one server (browse.dat location) (3.0.9)
On a related issue - has anyone gotten the Samba server to run in 2 different domains using the SAME lock dir parameter? My purpose is to have a share in 2 different domains. It seems to work in limited testing without nmbd or winbind which I can live without if needed. Config is similar to the one below except both smb.conf's have the same lock dir parameter. Samba 2.2.7a on RH9, planning to try 3.0.10 on Solaris 9. Thanks! - Ken Bourque -Forwarded Message- dbb at st-andrews.ac.uk dbb at st-andrews.ac.uk Fri Jan 28 00:31:20 GMT 2005 Hi, Thanks again. Config was simply ./configure --with-acl-support --disable-static --with-pam --with-msdfs --wi th-krb5=/usr/local --with-ads=no I'm using smbd/nmbd -D -s /path/to/config1/2 Config was being picked up as I could see the 2nd domain and it worked if it was the only one running. Having just fired this up at the command line, both daemons seem to be writing to seperate browse.dat files as you said. Possibly I was blinded by the obvious earlier and just didn't see the 2nd browse.dat, since the .tdb files were there. Both browse.dat files look sane now where as before the one file didn't. Can't currently query the domain, I should be able to have a look at this again Friday PM when I'm back at work. One step forward, two back :) Good to know someone's done it though. Cheers, Duncan [global] log level = 3 log file = /samba/domain2/var/log.%M[%m][%I] lock dir = /samba/domain2/var/locks pid directory = /samba/domain2/var/locks private dir = /samba/domain2/var/locks ;Basic Server Settings netbios name = SAMBA2 workgroup = DOMAIN2 bind interfaces only = True interfaces = X.Y.Z.4/24 #The first domain listens on 127.0.0.1 also socket address = X.Y.Z.4 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain users are not able to login through ftp.
Hi, I have successfully setup a Solaris 8 server that allows Windows AD Users to login to it (through winbind). The problem is that ALL such users can now do so. Is there a way to control which users are allowed to login while others are denied access? I have tried adding valid users = user and deny to specific users via invalid users = user It's not working. One more problem is Domain users are able to login through telnet but domain users are not able to login through ftp. Please help me to resolve these problems Please find my smb.conf and pam.conf bash-2.03# /usr/local/samba/bin/testparm Load smb config files from /usr/local/samba/lib/smb.conf Processing section [homes] Processing section [printers] Loaded services file OK. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = EX-DOM realm = EX.EXAMPLE.COM server string = Samba Server security = ADS obey pam restrictions = Yes password server = 10.81.0.1 log file = /usr/local/samba/var/log.%m max log size = 50 dns proxy = No idmap uid = 1-2 idmap gid = 1-2 template homedir = /export/home/%U template shell = /bin/bash winbind separator = # winbind cache time = 10 winbind use default domain = Yes [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /usr/spool/samba printable = Yes browseable = No bash-2.03# cat /etc/pam.conf # #ident @(#)pam.conf 1.1499/09/16 SMI # # Copyright (c) 1996-1999, Sun Microsystems, Inc. # All Rights Reserved. # # PAM configuration # # Authentication management # login auth required /usr/lib/security/pam_winbind.so login auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass login auth required /usr/lib/security/$ISA/pam_dial_auth.so.1 try_first_pass # rlogin auth sufficient /usr/lib/security/pam_winbind.so rlogin auth sufficient /usr/lib/security/$ISA/pam_rhosts_auth.so.1 rlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass # dtlogin auth sufficient /usr/lib/security/pam_winbind.so dtlogin auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass # rsh auth required /usr/lib/security/$ISA/pam_rhosts_auth.so.1 other auth sufficient /usr/lib/security/pam_winbind.so other auth required /usr/lib/security/$ISA/pam_unix.so.1 try_first_pass # # Account management # login account sufficient /usr/lib/security/pam_winbind.so login account requisite /usr/lib/security/$ISA/pam_roles.so.1 login account required/usr/lib/security/$ISA/pam_unix.so.1 # dtlogin account sufficient /usr/lib/security/pam_winbind.so dtlogin account requisite /usr/lib/security/$ISA/pam_roles.so.1 dtlogin account required/usr/lib/security/$ISA/pam_unix.so.1 # other account sufficient /usr/lib/security/pam_winbind.so other account requisite /usr/lib/security/$ISA/pam_roles.so.1 other account required/usr/lib/security/$ISA/pam_unix.so.1 # # Session management # other session required/usr/lib/security/$ISA/pam_unix.so.1 # # Password management # #other password sufficient /usr/lib/security/pam_winbind.so other password required /usr/lib/security/$ISA/pam_unix.so.1 dtsession auth required /usr/lib/security/$ISA/pam_unix.so.1 # # Support for Kerberos V5 authentication (uncomment to use Kerberos) # #rlogin auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #login auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #dtloginauth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #other auth optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass #dtloginaccount optional /usr/lib/security/$ISA/pam_krb5.so.1 #other account optional /usr/lib/security/$ISA/pam_krb5.so.1 #other session optional /usr/lib/security/$ISA/pam_krb5.so.1 #other password optional /usr/lib/security/$ISA/pam_krb5.so.1 try_first_pass Thanks Regards subbu +91-80-57596014 DISCLAIMER: This message contains privileged and confidential information and is intended only for the individual named.If you are not the intended recipient you should not disseminate,distribute,store,print, copy or deliver this message.Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain viruses.The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a
Re: [Samba] Veto files applied per group
Hi Malte, Sorry to bug you with this, but I've tried it and it does not seem to work - perhaps something I've missed ? Running testparm gives me the following error: Can't find include file /usr/local/samba/lib/%g-smb.conf In my smb.conf I have the following: comment = Home Directories read only = no create mask = 0600 directory mask = 0700 browseable = no include = /usr/local/samba/lib/%g-smb.conf In the /usr/local/samba/lib/students-smb.conf file I have only the following: veto files = /*.mp3/*.avi/*.mpg/ Running smbmount and mounting the share as the user who is a student and writing a .mp3 file to the share works perfectly when it should be denied. When I do this I get the same can't find include file... error before smbmount actually mounts the share. I've tried various things including %G instead of %g etc. It just seems that Samba is not expanding the %G or %g variables. Any ideas ? Thank you for your assistance. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: M. Müller [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED]; samba@lists.samba.org Sent: Monday, January 31, 2005 11:56 AM Subject: Re: [Samba] Veto files applied per group ReHi, You could also include just a students.conf or students-home.conf in the [home] Definition: [home] path=/home ... include %G-home.conf If there is no %G-home.conf e.g. teachers-home.conf, then nothing is included. Otherwise the definitions are overwritten or extended by the %G-home.conf. You just have to write less lines. HTH, Malte Mueller David Wilson schrieb: Hi guys, I use veto files = /.mp3/.mpg/ etc. on the [homes] share to prevent users from storing media files on a Samba server in the home directories. My client now wishes to make this restriction apply to users who are members of only certain groups. E.g. This restriction must apply to users who are members of the Students group and not apply to users in the Teachers group. I was thinking of having a blank smb.conf file with only the following in it: include = /etc/samba/smb.conf.%G Then having two smb.conf files, namely smb.conf.Teachers and smb.conf.Students. The smb.conf.Students file would have the entire config file and the veto files parameter. The smb.conf.Teachers file would have the entire config file but without the veto files parameter. Makes sense ? Is there perhaps a better way to do this ? Many thanks Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analysis and report
Hi Malte, Thanks for helping me out with this. My preexec script on netlogon is working well for logging logins etc. Any ideas how I could log logoffs ? If I get users to always shutdown their PCs ? Thank you for all your assistance so far. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: M. Müller [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED]; samba@lists.samba.org Sent: Monday, January 31, 2005 12:01 PM Subject: Re: [Samba] Samba log analysis and report Hi, you could also use the [netlogon] and execute a preexec script there that writes %U, %I and whatever in a database. You will never get logoff times reliably, only if you could convince all your users to allways shutdown their PC and not simply switch it off. Kind regards, Malte Mueller David Wilson schrieb: Hi guys, Does anyone know of some decent Samba log analysis software that will report things like user logon/logoff times, computer names etc. ? Thanks in advance. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Account controls: T
What does the T option, Temporary duplicate of other account, do precisely? I've been searching around and haven't been able to find any information on it. In the samaba 2.2.X days I used copy a users password hash, change their password so I could use their account, and then put the hash back in to the password file. This way I don't have to track users' passwords and can still use their account. Now that I'm using samba 3.0.10 with tdbsam I'm looking for similar functionality. Any suggestions? Thanks. -- Steven Kurylo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11rc1 Available for Download
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Landgren wrote: |Common bugs fixed in 3.0.11rc1 include: | | | Light testing here appears to indicate that it has fixed the | bug of ever-increasing number of documents appearing | in Printer job windows. kewl. Thanks for the feedback. We're working towards 3.0.11-final at the end of this week if all continues to goes well. We did just fix a a problem with wbinfo -m and security = ads this morning though. Hopefully just a few more small patches. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/oZ1IR7qMdg1EfYRAuPQAJ9x5MgNFNDEO54RJcYYbD1NfzoA7gCePRTC iEah7plkgZUoLtJ15iFSBxo= =2QJP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Upgrade...
Sorry if this is a dup. I sent right before I subscribed to the list, so I'm not sure if it made it. I have just taken over a redhat system with Samba 3.0.0 configured with security = user, and domain logins enabled. I've included the smb.conf at the end of this message. I would like to upgrade to 3.0.10 for a numbers of reasons, one being security and one being that password changes don't work from workstation machines because of the Windows KB828741 patch. What I want to know, is if I should expect any incompatibilities between versions or if my existing config files will work with the new version? This is a mission critical system, so I really don't want to upgrade unless there are going to be very minimal issues. Will a simple rpm -Uvh ./samba-3.0.10-1_rh9.i386.rpm put me in the clear? Thanks for your help. Here is some information about the system: - OLD RPM PACKAGE - $ rpm -qi samba Name: sambaRelocations: /usr Version : 3.0.0 Vendor: (none) Release : 2 Build Date: Thu 09 Oct 2003 05:12:20 PM PDT Install date: Sat 11 Oct 2003 10:41:04 PM PDT Build Host: *removed* Group : NetworkingSource RPM: samba-3.0.0-2.src.rpm Size: 46416163 License: GNU GPL version 2 Packager: Gerald Carter [Samba-Team] [EMAIL PROTECTED] Summary : Samba SMB client and server - NEW RPM PACKAGE - $ rpm -qpi ./samba-3.0.10-1_rh9.i386.rpm Name: sambaRelocations: /usr Version : 3.0.10Vendor: Samba Team Release : 1 Build Date: Wed 15 Dec 2004 02:04:19 PM PST Install date: (not installed) Build Host: rh9 Group : NetworkingSource RPM: samba-3.0.10-1.src.rpm Size: 45453218 License: GNU GPL version 2 Packager: Gerald Carter [Samba-Team] [EMAIL PROTECTED] Summary : Samba SMB client and server - smb.conf file - [global] netbios name = *removed* workgroup = *removed* preferred master = yes domain master = yes wins support = yes os level = 85 encrypt passwords = yes interfaces = eth0 hosts allow = *removed* invalid users = bin daemon adm sync shutdown logon path = logon drive = U: logon script = logon-%G.bat add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false -c 'Machine Account' -M %u admin users = @smbadmin printer admin = @smbadmin domain logons = Yes min protocol = NT1 [homes] comment = User Directory path = /usr/export/home/%U read only = NO browseable = NO # only user = %S [netlogon] comment = Network Logon Service path = /etc/samba/netlogon guest ok = yes browseable = no [print$] path = /var/samba/printers write list = @smbadmin guest ok = yes [printers] comment = All Printers path = /tmp guest ok = Yes printable = yes printing = lprng browseable = No -- Brent Smith [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Upgrade...
Brent Smith wrote: Sorry if this is a dup. I sent right before I subscribed to the list, so I'm not sure if it made it. I have just taken over a redhat system with Samba 3.0.0 configured with security = user, and domain logins enabled. I've included the smb.conf at the end of this message. I would like to upgrade to 3.0.10 for a numbers of reasons, one being security and one being that password changes don't work from workstation machines because of the Windows KB828741 patch. What I want to know, is if I should expect any incompatibilities between versions or if my existing config files will work with the new version? This is a mission critical system, so I really don't want to upgrade unless there are going to be very minimal issues. Will a simple rpm -Uvh ./samba-3.0.10-1_rh9.i386.rpm put me in the clear? Thanks for your help. Here is some information about the system: - OLD RPM PACKAGE - $ rpm -qi samba Name: sambaRelocations: /usr Version : 3.0.0 Vendor: (none) Release : 2 Build Date: Thu 09 Oct 2003 05:12:20 PM PDT Install date: Sat 11 Oct 2003 10:41:04 PM PDT Build Host: *removed* Group : NetworkingSource RPM: samba-3.0.0-2.src.rpm Size: 46416163 License: GNU GPL version 2 Packager: Gerald Carter [Samba-Team] [EMAIL PROTECTED] Summary : Samba SMB client and server - NEW RPM PACKAGE - $ rpm -qpi ./samba-3.0.10-1_rh9.i386.rpm Name: sambaRelocations: /usr Version : 3.0.10Vendor: Samba Team Release : 1 Build Date: Wed 15 Dec 2004 02:04:19 PM PST Install date: (not installed) Build Host: rh9 Group : NetworkingSource RPM: samba-3.0.10-1.src.rpm Size: 45453218 License: GNU GPL version 2 Packager: Gerald Carter [Samba-Team] [EMAIL PROTECTED] Summary : Samba SMB client and server - smb.conf file - [global] netbios name = *removed* workgroup = *removed* preferred master = yes domain master = yes wins support = yes os level = 85 encrypt passwords = yes interfaces = eth0 hosts allow = *removed* invalid users = bin daemon adm sync shutdown logon path = logon drive = U: logon script = logon-%G.bat add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false -c 'Machine Account' -M %u admin users = @smbadmin printer admin = @smbadmin domain logons = Yes min protocol = NT1 [homes] comment = User Directory path = /usr/export/home/%U read only = NO browseable = NO # only user = %S [netlogon] comment = Network Logon Service path = /etc/samba/netlogon guest ok = yes browseable = no [print$] path = /var/samba/printers write list = @smbadmin guest ok = yes [printers] comment = All Printers path = /tmp guest ok = Yes printable = yes printing = lprng browseable = No If you are going from a Red Hat supplied Samba release to one released by samba.org various things will be in different places. /etc/samba/ will remain the same however and your config files should translate over. Also keep in mind that Red Hat has split it's Samba package into three groups (samba, samba-client, samba-common). My advice is to remove all of your existing samba packages (backing up your config files of course) and then doing a clean install if this is the case. Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] How to support idmap_rid on Fedora Core 3?- RESOLVED
Resolved: I was not able to compile then make install and have work so I ended up using the FC3 packages and adding only the freshly compiled idmap_rid module. Thanks for the help. Brian Hoover MailLists wrote: John, sorry I did not mean to reply directly, I hate MS-Outlook! John H Terpstra wrote: On Sunday 30 January 2005 09:17, MailLists wrote: Hello, Please forgive me if this has been discussed, I did not find any references when I searched. I'm trying to replace a W2K server with a samba member server in a single ADS domain. It seems that the Fedora rpms do not support idmap_rid so I am trying to compile from the Fedora SRPM. After following the docs for building and configuring idmap_rid I get no ADS users from `getent passwd`. wbinfo -u returns the user list without the DOMAIN\ prefix. When I try to connect to the samba share I am confronted with an auth box that I have not been able to satisfy. /var/log/samba/winbindd includes: idmap_init: using 'idmap_rid' as remote backend Can anyone help? As one of the arguments to the 'configure' command add: --with-shared-modules=idmap_rid \ Then rebuild. Make sure you add the idmap_rid module to the /usr/lib/samba/idmap directory. - John T. I compiled with: ./configure --with-shared-modules=idmap_rid --with-ads --with-pam --with-pam_smbpass --with-logbasedir=/var/log/samba Then created the dir: /usr/lib/samba/idmap then added the symlink: /usr/lib/samba/idmap/idmap_rid.so - /usr/local/samba/lib/idmap/idmap_rid.so Restarted the daemons - nmbd then winbond then smbd But getent passwd still gives no ADS users. Brian Thanks, Brian Hoover /*/*/*/*/* smb.conf /*/*/*/*/*/* [global] unix charset = LOCALE workgroup = VIDAR realm = VIDAR.CORP server string = BIS05 security = ADS allow trusted domains = No log level = 10 syslog = 0 log file = /var/log/samba/%m max log size = 50 ldap ssl = no idmap backend = idmap_rid:VIDAR=1-2 idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind enum users = No winbind enum groups = No winbind use default domain = Yes winbind nested groups = Yes [users] comment = User Folders path = /smb/users admin users = root, 'Domain Admins' read only = No guest ok = Yes /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* /*/*/*/*/* config.log SNIPPED /*/*/*/*/*/* $ ./configure --with-shared-modules=idmap_rid --with-ads --with-pam --with_pamsmbpass #define HAVE_LDAP 1 #define HAVE_KRB5 1 /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* /*/*/*/*/* nsswitch.conf /*/*/*/*/*/* passwd: files winbind shadow: files winbind group: files winbind hosts: files dns wins bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: files publickey: nisplus automount: files aliases:files nisplus /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* /*/*/*/*/* nsswitch.conf /*/*/*/*/*/* #%PAM-1.0 authrequired /lib/security/$ISA/pam_env.so authsufficient/lib/security/$ISA/pam_unix.so likeauth nullok authsufficient/lib/security/$ISA/pam_winbind.so use_first_pass authrequired /lib/security/$ISA/pam_deny.so account required /lib/security/$ISA/pam_unix.so account sufficient/lib/security/$ISA/pam_winbind.so use_first_pass passwordrequired /lib/security/$ISA/pam_cracklib.so retry=3 type= # Note: The above line is complete. There is nothing following the '=' passwordsufficient/lib/security/$ISA/pam_unix.so \ nullok use_authtok md5 shadow passwordsufficient/lib/security/$ISA/pam_winbind.so use_first_pass passwordrequired /lib/security/$ISA/pam_deny.so session required /lib/security/$ISA/pam_limits.so session sufficient/lib/security/$ISA/pam_unix.so session sufficient/lib/security/$ISA/pam_winbind.so use_first_pass /*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/* -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbcquotas (Need help with command syntax)
I need to setup quota on //server/home for user a to 1GB and on //server/client (for all users on this share) to 10GB May you please let me know the exact command to be used for this? Also, do I need to add any other parameter in smb.conf in order to make quotas work? I have compiled samba with quotas option. Thank you. - Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] share mounted MANY times...
I've been searching for a solution to this problem for a few hours now, but google searches are coming up empty. I have 3 Linux boxes all running Suse 9.1 and samba 3.0.2a. The 3 systems are: Novi - the samba server Newberry - mounting novi Sagola - mounting novi This work great, until mount -a is run. Each time mount -a is run, we get another mount of novi. When I type mount, I get the usual /, /var, etc... mounts, and then the following: //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) //novi/pub on /novi/pub type smbfs (0) I've also seen this behavior on our redhat 7.3 system when it mounts a windows XP system. Does anybody have any ideas? Is there a doc that I missed that covers this very thing? Any help (even a Read the bloody man page here! is appreciated. Thanks. -- Brian Johnson Systems Administrator ThermoAnalytics, Inc. Ph: 906-482-9560 x210 Fax: 906-482-9755 http://www.thermoanalytics.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11rc1 Available for Download
Gerald (Jerry) Carter wrote: | Light testing here appears to indicate that it has fixed the | bug of ever-increasing number of documents appearing | in Printer job windows. kewl. Thanks for the feedback. I'm waiting for one last feedback about this. Hopefully it will come this week. If it is really fixed - what was the crucially change in 3.0.11rc1? der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] documentation patch for winbindd (3.0.11rc1)
Just spotted a minor typo in winbindd: s/privilage/privilege/ . The attached patch corrects this. David --- winbindd.8.orig 2005-01-31 23:02:11.67846 +0100 +++ winbindd.8 2005-01-31 23:02:46.803379000 +0100 @@ -289,8 +289,8 @@ The UNIX pipe over which clients communicate with the \fBwinbindd\fR program\. For security reasons, the winbind client will only attempt to connect to the winbindd daemon if both the \fI/tmp/\.winbindd\fR directory and \fI/tmp/\.winbindd/pipe\fR file are owned by root\. .TP -$LOCKDIR/winbindd_privilaged/pipe -The UNIX pipe over which 'privilaged' clients communicate with the \fBwinbindd\fR program\. For security reasons, access to some winbindd functions \- like those needed by the \fBntlm_auth\fR utility \- is restricted\. By default, only users in the 'root' group will get this access, however the administrator may change the group permissions on $LOCKDIR/winbindd_privilaged to allow programs like 'squid' to use ntlm_auth\. Note that the winbind client will only attempt to connect to the winbindd daemon if both the \fI$LOCKDIR/winbindd_privilaged\fR directory and \fI$LOCKDIR/winbindd_privilaged/pipe\fR file are owned by root\. +$LOCKDIR/winbindd_privileged/pipe +The UNIX pipe over which 'privileged' clients communicate with the \fBwinbindd\fR program\. For security reasons, access to some winbindd functions \- like those needed by the \fBntlm_auth\fR utility \- is restricted\. By default, only users in the 'root' group will get this access, however the administrator may change the group permissions on $LOCKDIR/winbindd_privileged to allow programs like 'squid' to use ntlm_auth\. Note that the winbind client will only attempt to connect to the winbindd daemon if both the \fI$LOCKDIR/winbindd_privileged\fR directory and \fI$LOCKDIR/winbindd_privileged/pipe\fR file are owned by root\. .TP /lib/libnss_winbind\.so\.X-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11rc1 Available for Download
On Mon, 31 Jan 2005 13:26:45 -0600, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Landgren wrote: |Common bugs fixed in 3.0.11rc1 include: | | | Light testing here appears to indicate that it has fixed the | bug of ever-increasing number of documents appearing | in Printer job windows. kewl. Thanks for the feedback. We're working towards 3.0.11-final at the end of this week if all continues to goes well. We did just fix a a problem with wbinfo -m and security = ads this morning though. Hopefully just a few more small patches. Me again. Don't know if this is related, but I'm experiencing extreme slowness in session setups. Doing an smbclient on localhost (ok, so it *is* Solaris, but all the same...) # time smbclient //jersey/dsvi -U david%foobar -c 'exit' creating lame upcase table creating lame lowcase table Domain=[BPINET] OS=[Unix] Server=[Samba 3.0.11rc1] real0m8.817s user0m0.180s sys 0m0.020s Not sure where those lame tables are coming from, but whatever. This is on a machine with no-one else online, debug level set to zero. Turning the debug level up doesn't show anything in particular. The user and system is pretty negligeable anyway. Authentication is done via ldap on another server (running Samba 3.0.10) on the same network segment. I've cut the global section down to [global] unix charset = CP850 workgroup = BPINET server string = jersey security = DOMAIN log file = /var/log/samba/%m.log socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = No domain master = No wins server = 172.17.0.8 hide dot files = No Don't know if I've left something crucial out, or done something silly with what's left, but I'm at a bit of a loss as to why this is occurring. Any clues will be gratefully received, otherwise I expect I shall hear a lot of users moaning tomorrow. Thanks, David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11rc1 Available for Download
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Landgren wrote: | Not sure where those lame tables are coming from, but whatever. This | is on a machine with no-one else online, debug level set to zero. | Turning the debug level up doesn't show anything in particular. The | user and system is pretty negligeable anyway. Authentication is done | via ldap on another server (running Samba 3.0.10) on the same network | segment. So are you running with security = user or security = domain here ? I think the former Try testing the times for 'getent passwd david'. How responsive it the LDAP server ? cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/rHAIR7qMdg1EfYRAr98AKC8+vieIj2Vj6BOjdhOxsfnIsdhsQCfexlu jPwFxyG1nuEjQn9BQDOn99Q= =1PhM -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question
Is performance still a issue with QuickBooks and samba? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Ver 3.0.4 Anonymous access, no Password required
I have searched the Docs, How-to's, and this news group/ Mailing list and still haven't found what I am looking for, at least not an answer. I am simply trying to allow access to public shares on my Linux PC (slackware 10). I have a directory setup but the only way to get in is to send a Username and Password. I am setting it up for WinXP and Win2K PC's to access. I have set up the nobody account, even gave it a password of nothing and enabled it. Still WinXP requests a userID and password. I do have a mildly, but not outrageous, custom setting. I have 2 nics and only want one of them to be accessed by windows request. I am not sure what account the WinXP tries to connect with by default. I can make a share on Windows and tell it to allow read access by anyone, so no one has to enter an ID or password. Is this possible in Samba and I passed some critical information to make this work? ~ ; /etc/smb.conf ; ; Make sure and restart the server after making changes to this file, ex: ; /etc/rc.d/init.d/smb stop ; /etc/rc.d/init.d/smb start [global] ; Uncomment this if you want a guest account workgroup = Trigun server string = Niles Server guest account = nobody log file = /var/log/samba/samba-log.%m lock directory = /var/lock/samba share modes = yes interfaces = X.X.X.225/29 ; 1 of 5 Statics, Subnet 255.255.255.248 encrypt passwords = yes smb passwd file = /etc/smbpasswd ; valid users = %s [Upload] comment = Upload Area path = /var/ftp/pub/uploaded read only = no public = yes writable = yes printable = no ;[homes] ; comment = Home Directories ; browseable = no ; read only = no ; create mode = 0750 [Pub] comment = Public Folder path = /var/ftp/pub public = yes writable = no printable = no write list = midnight ~ Any help would be appriciate, and sorry if seems I'm upset, frustrated is more like it. Every post I've seen has a couple of suggestions and then no yes it worked, no it didn't. And there are only 3 or so I could find in the archive. --Zane P.S. On a side not, I would love to have the Homes sections un commented but if I use an ID with no password for the time being, it gives the home directory of the ID. I hope if there is a solution to the no password dialog box, that it will allow homes to be opened. If not, any suggestions? All suggestions are welcome, as well as any improvements to this config are welcome. I know so little, I'm amazed I got samba to work, last time and 1 week later I had nothing working. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] documentation patch for winbindd (3.0.11rc1)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Landgren wrote: | Just spotted a minor typo in winbindd: s/privilage/privilege/ . | The attached patch corrects this. Thanks David. I'll check this in. In the future, it is better to send a diff against the XML source from the samba-docs/trunk svn respository. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB/rQtIR7qMdg1EfYRAvsCAJ98jBXQQptlM27nrg1pkHK+poE6gQCgw5DB gM+E6SnOiky7DvaHIVb39yE= =WSP5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba on HP Itanium
I've down loaded Samba from HP's web sight and installed according to instructions. Loaded all support files and programs, but still when I try to start Samba up the libdld.so file says it can't find libldap.so. Which is true, it is no where on the system. Although other linldap files are. If I do a search for libldap.so I can't find it per say. Put it does refer to other apps. which don't have libldap.so in them. HP is no help, is there anyone else who can put any light on this. Don Dukelow -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with patch ms04-044 breaking SMB printer shares
We recently discovered after applying Microsoft Windows 2000 patch ms04-044 to our computers we can no longer communicate with our samba server we use for spooling printers. Symptoms: - when trying to display printer queue status, we get a Failed to open, retrying message across the top of the queue window - from within various applications, trying to open a printer dialog box using File-Print will cause the application to hang (presumably when trying to get printer information); eventually a list of printers will be displayed, but will then hang when the user tries to print a job...the job never actually prints Backing out the patch allows SMB printing via the samba server to work properly again, but obviously the patched vulnerability still exists. Has anyone else run up against this? Are there known fixes for this problem? -- John Perkins | University of Wisconsin-Madison Associate Researcher | Department of Computer Science [EMAIL PROTECTED] | 1210 W. Dayton St. 608-262-0438/608-262-6626 FAX | Madison, WI 53706-1685 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question
David Pfeiffer wrote: Is performance still a issue with QuickBooks and samba? I've had no complaints from users. After the file is initially opened which takes a second or two, reaction time of the program seems like a local connection. And the open time would be equivilent to it being on a windows share. I'm running - Samba 3.10 on FreeBSD 5.3. HTH Jeff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re:
#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#= o e! ke o eo ca? oe na o no ko? aee ak o o ce eo, c e oo? ac n eo o, ea a o! ~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~!~! e noc ne o a no eeo 8 905 2O3 9 72 e c oo eo. no ee - 95 I44 53 I8, 92 21l 54 8, 9l6 0l9 20 5 #=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#=#= -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap smbpasswd
On 1 Feb 2005, at 03:12, synrat wrote: ... when trying smpasswd -a to add samba attributes to ldap account. it seems like smbpasswd is trying to add an entry ... That is what the '-a' option does - tells smbpasswd to add the account, as documented in the man page. In my setup, if I add a user (using smbldap-tools collection) I can then set the passwd using smbpasswd username. Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL not working
Got it ! turns out I need to install a package called kernel-source before I can edit the /etc/fstab, I can set ACL now thank you for your help, seriously, thank you - Original Message - From: Travis Bullock [EMAIL PROTECTED] To: 'Adi Nugraha' [EMAIL PROTECTED] Sent: Monday, January 31, 2005 10:34 PM Subject: RE: [Samba] ACL not working Sure. Let me know when have it back up and running. Wierd that you couldn't find the kernel config. Maybe Mandrake is different but isn't Mandrake a version of Linux? Maybe you should give Fedora Core 3 a shot? Cheers, Travis -Original Message- From: Adi Nugraha [mailto:[EMAIL PROTECTED] Sent: Sunday, January 30, 2005 11:31 PM To: Travis Bullock Subject: Re: [Samba] ACL not working well, I still couldn't find the config file anyway, so I think I'm going to try rebuilding the kernel or reinstalling the whole thing again, good thing it's a test environment ;- - Original Message - From: Travis Bullock [EMAIL PROTECTED] To: 'Adi Nugraha' [EMAIL PROTECTED] Sent: Friday, January 28, 2005 11:40 PM Subject: RE: [Samba] ACL not working Well the 'kernel-2.6.5-i686-smp.config' is the kernel off my Fedora Core 2you are probably running a different kernel and also when you execute the grep FS_SECURITY kernel*** command you have to be in the directory that the kernel is in.so for example for me to find my kernel i do: [EMAIL PROTECTED] Planning]# find / -name configs /usr/src/linux-2.6.5-1.358/configs /usr/src/linux-2.6.5-1.358/arch/sh/configs /usr/src/linux-2.6.5-1.358/arch/ia64/configs /usr/src/linux-2.6.5-1.358/arch/mips/configs /usr/src/linux-2.6.5-1.358/arch/ppc64/configs /usr/src/linux-2.6.5-1.358/arch/ppc/configs /usr/src/linux-2.6.5-1.358/arch/parisc/configs /usr/src/linux-2.6.5-1.358/arch/arm/configs /usr/share/doc/rp-pppoe-3.5/configs [EMAIL PROTECTED] Planning]# cd /usr/src/linux-2.6.5-1.358/configs/ [EMAIL PROTECTED] configs]# pwd /usr/src/linux-2.6.5-1.358/configs The kernel configuration file is in /usr/src/linux-2.6.5-1.358/configs. [EMAIL PROTECTED] configs]# uname -m i686 This says that the CPU is an i686. [EMAIL PROTECTED] configs]# uname -r 2.6.5-1.358smp The kernel the machine is running on is 2.6.5-1 So those grep commands should work as long as you grep your own kernel and make sure you are in the proper directory when you execute. If when you do this it doesn't show the extended attribs then you will probably have to recompile the kernel..i would be of no help to you at that pointi am terrible at recompiling the kernel... Cheers, Travis -Original Message- From: Adi Nugraha [mailto:[EMAIL PROTECTED] Sent: Thursday, January 27, 2005 9:06 PM To: Travis Bullock Subject: Re: [Samba] ACL not working I tried grep FS_SECURITY kernel-2.6.5-i686-smp.config but it returns no such file, where is the file located ??, I tried cahnging the fstab but it seem the acl and user_xattr is not a known option, does this mean that the kernel doesn't support ACL ? - Original Message - From: Travis Bullock [EMAIL PROTECTED] To: 'Adi Nugraha' [EMAIL PROTECTED] Sent: Thursday, January 27, 2005 11:06 PM Subject: RE: [Samba] ACL not working I encountered this problem as well. Firstly you have to determine whether your Kernel was compiled with extended attributes. Here is what my Kernel looks like as far as having the extended attributes compiled: [EMAIL PROTECTED] configs]# grep FS_SECURITY kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_SECURITY=y CONFIG_EXT3_FS_SECURITY=y CONFIG_XFS_SECURITY=y CONFIG_DEVPTS_FS_SECURITY=y [EMAIL PROTECTED] configs]# grep XATTR kernel-2.6.5-i686-smp.config CONFIG_EXT2_FS_XATTR=y CONFIG_EXT3_FS_XATTR=y CONFIG_DEVPTS_FS_XATTR=y If your kernel was compiled with the xattr support then maybe your fstab doesn't have the xattr enabled on your file system. Here is my fstab entry to enable xattr. My file system is on a Volume Disk so you won't see any /dev/hd0etc typ entries: Before: /dev/Goliath/root / ext3 defaults 1 1 After : /dev/Goliath/root / ext3 acl,user_xattr 1 1 See if these things help you out. Cheers, Travis -Original Message- From: Adi Nugraha [mailto:[EMAIL PROTECTED] Sent: Thursday, January 27, 2005 4:08 AM To: Travis Bullock Subject: Re: [Samba] ACL not working I tried setting acl from the linu xbut it keeps returning operation not supported, does it mean Mandarake doesn't support acl ?? what can I do to make it work ? I tried looking at few(hard to find) documents about acl but it only tells how to set them without any clue on what my error meant, - Original Message - From: Travis Bullock [EMAIL
Re: [Samba] Re: Migrating from NT4 to Samba - correct strategy
Hi, Just changing the domain name might not work. From what I can tell, all your client machines are joined to the NT domain. These are not part of the samba domain and so nobody will be able to log in from them. You would have to create machine accounts for all the client machines, remove them from the domain and then rejoin them to the domain. Or you could use pwdump2.exe to get the machine trust account passwords for the NT domain. The output of this command could be dumped directly into the smbpasswd file (but I dont know if that still holds) and you should have all the machine accounts. However, there is one issue you'll have to look out forNT machines automatically change their machine trust passwords every week and so this swap can't be done over a long period or the passwords would have changed. Hope this helps Sridhar Josir Gomes wrote Thanks for replying. There´s just 20 clients on each domain and they have the same name and password on both domain. I could simply change the domain name on each station but all users will loose their local profiles. So I imagine that it is more productive to simply change the domain name and turn off the old NT server. Is there any pitfall that I can encounter ? Simply changing the domain name in the smb.conf is enough ? It´s easy as that ? Thanks in advance, Josir Gomes Josir Gomes wrote: Hi folks, I have 2 domains: LX01 (WinNT) e LX04 (Samba) and I want consolidate them into one domain LX01. All the stations is looking for LX01. All users are equal on both servers. Can I just turn the WinNT off and rename the Samba server to LX01 ? Is there any problem ? you forgot to mention how many clients on each domain, sometime when clients is less than 50, starting new domain from scartch is the 'correct' way. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analysis and report
Hi Steven, Thanks for your reply. That sounds like a good idea. When you say connects at logon do you mean users map a drive to the time share ? What would prevent a user from manually disconnecting the mapped drive ? This will be implemented in a school, you know how kids are ? :) Thank you for your assistance so far, greatly appreciated. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: Steven Kurylo [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED] Sent: Monday, January 31, 2005 11:20 PM Subject: Re: [Samba] Samba log analysis and report David Wilson wrote: Hi Malte, Thanks for helping me out with this. My preexec script on netlogon is working well for logging logins etc. Any ideas how I could log logoffs ? If I get users to always shutdown their PCs ? For windows XP I've added a user logoff script which disconnects from the share time (which they connect to on log on). The share time has pre/post scripts attached to it which log the user, time, and machine. The share isn't used for anything else. Its working well for us. -- Steven Kurylo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ver 3.0.4 Anonymous access, no Password required
Hi ! What is the setting for your security level ? From the look of your smb.conf, you have security=user, which means only users known to Samba (with smbpasswd -a) can even access the server, let alone write on its shares. Maybe you should switch to security=share, this might work. I wouldn´t apply this to the homes share, though. Jörg - Original Message - From: Zane Minninger [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, January 31, 2005 11:41 PM Subject: [Samba] Ver 3.0.4 Anonymous access, no Password required I have searched the Docs, How-to's, and this news group/ Mailing list and still haven't found what I am looking for, at least not an answer. I am simply trying to allow access to public shares on my Linux PC (slackware 10). I have a directory setup but the only way to get in is to send a Username and Password. I am setting it up for WinXP and Win2K PC's to access. I have set up the nobody account, even gave it a password of nothing and enabled it. Still WinXP requests a userID and password. I do have a mildly, but not outrageous, custom setting. I have 2 nics and only want one of them to be accessed by windows request. I am not sure what account the WinXP tries to connect with by default. I can make a share on Windows and tell it to allow read access by anyone, so no one has to enter an ID or password. Is this possible in Samba and I passed some critical information to make this work? ~ ; /etc/smb.conf ; ; Make sure and restart the server after making changes to this file, ex: ; /etc/rc.d/init.d/smb stop ; /etc/rc.d/init.d/smb start [global] ; Uncomment this if you want a guest account workgroup = Trigun server string = Niles Server guest account = nobody log file = /var/log/samba/samba-log.%m lock directory = /var/lock/samba share modes = yes interfaces = X.X.X.225/29 ; 1 of 5 Statics, Subnet 255.255.255.248 encrypt passwords = yes smb passwd file = /etc/smbpasswd ; valid users = %s [Upload] comment = Upload Area path = /var/ftp/pub/uploaded read only = no public = yes writable = yes printable = no ;[homes] ; comment = Home Directories ; browseable = no ; read only = no ; create mode = 0750 [Pub] comment = Public Folder path = /var/ftp/pub public = yes writable = no printable = no write list = midnight ~ Any help would be appriciate, and sorry if seems I'm upset, frustrated is more like it. Every post I've seen has a couple of suggestions and then no yes it worked, no it didn't. And there are only 3 or so I could find in the archive. --Zane P.S. On a side not, I would love to have the Homes sections un commented but if I use an ID with no password for the time being, it gives the home directory of the ID. I hope if there is a solution to the no password dialog box, that it will allow homes to be opened. If not, any suggestions? All suggestions are welcome, as well as any improvements to this config are welcome. I know so little, I'm amazed I got samba to work, last time and 1 week later I had nothing working. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba + linux subdirectory 'other' permissions
Hi All I'm sure this is a fairly basic question out there for someone however I haven't had much luck googling for an answer hence I thought I'd try here. I'm having issues getting the correct permissions on a directory for the 'other' users. Each time a file is created in this subdirectory the permissions are set as -rw-rw and what I want to achieve is -rwxrwx-r-x In other words, read/write/execute for user and group but read only for other users. I have one parent directory shared as follows: [public] comment = Staff file sharing folders path = /home/public create mask = 0660 directory mask = 770 force create mode = 020 force directory mode = 020 read only = no writeable = yes guest ok = yes I want to create a sub directory under this parent directory with the permissions as indicated in my opening paragraph. Is that possible? TIA, Justin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Migrating from NT4 to Samba - correct strategy
Josir Gomes wrote: Thanks for replying. There´s just 20 clients on each domain and they have the same name and password on both domain. I could simply change the domain name on each station but all users will loose their local profiles. So I imagine that it is more productive to simply change the domain name and turn off the old NT server. Is there any pitfall that I can encounter ? Simply changing the domain name in the smb.conf is enough ? It´s easy as that ? You have to match the domain SID and machine/user SID also. Once matched, client will not able to see that they're login to samba instead of old NT. You can use net rpc vampire to obtain all information about SID and password. -- --beast -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profile problems
Richmond Dyes wrote: SABINE ZARABIAN wrote: Hi, we are using samba 3.0.10-17 with openlddap 2.2.6-37.22 as backend. We use roaming profiles, but because of problems with different operating systems and the profile size, we want to use locale profiles. I tried to change logon path in smb.conf in an emty string, but no changes, if I delete this entry in smb.conf, samba use a default value and this is on the server. So I tried to change sambaProfilePath in ldap, I tried an emty string, I tried to delete this entry but no changes. I still have roaming profiles. Is there anyone having a good idea to solve me problem ? Sabine Sabine I would first make a local user on the machine instead of the server. I would then go to my computer and properties and copy my roaming profile that is on the server to the profile of the local person you just made. See if that works. Hi Richmond, thanks for your answer. It is no problem creating local users, or configure local profiles on every computer. But the probleme we have is, that we have nearly 300 computer and about 400 users, this is to much to make changes on every machine. So I need a server based solution. Sabine -- Sabine Zarabian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r5123 - in branches/SAMBA_4_0/source/lib: .
Author: tridge Date: 2005-01-31 08:18:52 + (Mon, 31 Jan 2005) New Revision: 5123 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5123 Log: fixed a bug in the timed events handling. It was possible for a timed event handler to trigger a free that could cause a timer to be triggered twice. This changs fixes it properly by marking timer events to be removed using a zero next_event time. I also changed the default timeout for events.c to be infinite, so if there are no events to handle then smbd will sit forever doing nothing. That allows it to be swapped out completely when idle. Modified: branches/SAMBA_4_0/source/lib/events.c branches/SAMBA_4_0/source/lib/time.c Changeset: Modified: branches/SAMBA_4_0/source/lib/events.c === --- branches/SAMBA_4_0/source/lib/events.c 2005-01-31 07:24:00 UTC (rev 5122) +++ branches/SAMBA_4_0/source/lib/events.c 2005-01-31 08:18:52 UTC (rev 5123) @@ -221,7 +221,7 @@ fd_set r_fds, w_fds; struct fd_event *fe; struct loop_event *le; - struct timed_event *te; + struct timed_event *te, *te_next; int selrtn; struct timeval tval, t; uint32_t destruction_count = ev-destruction_count; @@ -253,13 +253,24 @@ } /* start with a reasonable max timeout */ - tval.tv_sec = 600; + tval.tv_sec = 0; tval.tv_usec = 0; /* work out the right timeout for all timed events */ - for (te=ev-timed_events;te;te=te-next) { - struct timeval tv = timeval_diff(te-next_event, t); - tval = timeval_min(tv, tval); + for (te=ev-timed_events;te;te=te_next) { + struct timeval tv; + te_next = te-next; + if (timeval_is_zero(te-next_event)) { + talloc_free(te); + continue; + } + + tv = timeval_diff(te-next_event, t); + if (timeval_is_zero(tval)) { + tval = tv; + } else { + tval = timeval_min(tv, tval); + } } /* only do a select() if there're fd_events @@ -316,18 +327,14 @@ for (te=ev-timed_events;te;) { struct timed_event *next = te-next; if (timeval_compare(te-next_event, t) = 0) { + te-next_event = timeval_zero(); te-handler(ev, te, t); if (destruction_count != ev-destruction_count) { break; } - if (timeval_compare(te-next_event, t) = 0) { - /* the handler didn't set a time for the - next event - remove the event */ - talloc_free(te); - } } te = next; - } + } return 0; } Modified: branches/SAMBA_4_0/source/lib/time.c === --- branches/SAMBA_4_0/source/lib/time.c2005-01-31 07:24:00 UTC (rev 5122) +++ branches/SAMBA_4_0/source/lib/time.c2005-01-31 08:18:52 UTC (rev 5123) @@ -402,6 +402,14 @@ } /* + return True if a timeval is zero +*/ +BOOL timeval_is_zero(struct timeval *tv) +{ + return tv-tv_sec == 0 tv-tv_usec == 0; +} + +/* return a timeval for the current time */ struct timeval timeval_current(void)
svn commit: samba r5124 - in trunk/source/rpc_parse: .
Author: vlendec Date: 2005-01-31 08:29:40 + (Mon, 31 Jan 2005) New Revision: 5124 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5124 Log: Fix bug 2113 -- thanks to [EMAIL PROTECTED] Modified: trunk/source/rpc_parse/parse_lsa.c Changeset: Modified: trunk/source/rpc_parse/parse_lsa.c === --- trunk/source/rpc_parse/parse_lsa.c 2005-01-31 08:18:52 UTC (rev 5123) +++ trunk/source/rpc_parse/parse_lsa.c 2005-01-31 08:29:40 UTC (rev 5124) @@ -214,16 +214,12 @@ static BOOL lsa_io_obj_attr(const char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps, int depth) { - uint32 start; - prs_debug(ps, depth, desc, lsa_io_obj_attr); depth++; if(!prs_align(ps)) return False; - start = prs_offset(ps); - /* these pointers had _better_ be zero, because we don't know what they point to! */ @@ -240,15 +236,6 @@ if(!prs_uint32(ptr_sec_qos , ps, depth, attr-ptr_sec_qos )) /* security quality of service (pointer) */ return False; - /* code commented out as it's not necessary true (tested with hyena). JFM, 11/22/2001 */ -#if 0 - if (attr-len != prs_offset(ps) - start) { - DEBUG(3,(lsa_io_obj_attr: length %x does not match size %x\n, -attr-len, prs_offset(ps) - start)); - return False; - } -#endif - if (attr-ptr_sec_qos != 0) { if (UNMARSHALLING(ps)) if (!(attr-sec_qos = PRS_ALLOC_MEM(ps,LSA_SEC_QOS,1)))
svn commit: samba r5125 - in branches/SAMBA_3_0/source/rpc_parse: .
Author: vlendec Date: 2005-01-31 08:29:51 + (Mon, 31 Jan 2005) New Revision: 5125 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5125 Log: Fix bug 2113 -- thanks to [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/source/rpc_parse/parse_lsa.c Changeset: Modified: branches/SAMBA_3_0/source/rpc_parse/parse_lsa.c === --- branches/SAMBA_3_0/source/rpc_parse/parse_lsa.c 2005-01-31 08:29:40 UTC (rev 5124) +++ branches/SAMBA_3_0/source/rpc_parse/parse_lsa.c 2005-01-31 08:29:51 UTC (rev 5125) @@ -214,16 +214,12 @@ static BOOL lsa_io_obj_attr(const char *desc, LSA_OBJ_ATTR *attr, prs_struct *ps, int depth) { - uint32 start; - prs_debug(ps, depth, desc, lsa_io_obj_attr); depth++; if(!prs_align(ps)) return False; - start = prs_offset(ps); - /* these pointers had _better_ be zero, because we don't know what they point to! */ @@ -240,15 +236,6 @@ if(!prs_uint32(ptr_sec_qos , ps, depth, attr-ptr_sec_qos )) /* security quality of service (pointer) */ return False; - /* code commented out as it's not necessary true (tested with hyena). JFM, 11/22/2001 */ -#if 0 - if (attr-len != prs_offset(ps) - start) { - DEBUG(3,(lsa_io_obj_attr: length %x does not match size %x\n, -attr-len, prs_offset(ps) - start)); - return False; - } -#endif - if (attr-ptr_sec_qos != 0) { if (UNMARSHALLING(ps)) if (!(attr-sec_qos = PRS_ALLOC_MEM(ps,LSA_SEC_QOS,1)))
svn commit: samba r5126 - in branches/SAMBA_4_0/source: include libcli/composite libcli/nbt libcli/raw libcli/resolve nbt_server ntvfs/cifs torture/raw
Author: tridge Date: 2005-01-31 08:30:44 + (Mon, 31 Jan 2005) New Revision: 5126 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5126 Log: the composite code is no longer client specific or smb specific, so rename the core structure to composite_context and the wait routine to composite_wait() (suggestion from metze) Modified: branches/SAMBA_4_0/source/include/structs.h branches/SAMBA_4_0/source/libcli/composite/composite.c branches/SAMBA_4_0/source/libcli/composite/composite.h branches/SAMBA_4_0/source/libcli/composite/connect.c branches/SAMBA_4_0/source/libcli/composite/fetchfile.c branches/SAMBA_4_0/source/libcli/composite/loadfile.c branches/SAMBA_4_0/source/libcli/composite/savefile.c branches/SAMBA_4_0/source/libcli/composite/sesssetup.c branches/SAMBA_4_0/source/libcli/nbt/nameregister.c branches/SAMBA_4_0/source/libcli/raw/clisocket.c branches/SAMBA_4_0/source/libcli/resolve/bcast.c branches/SAMBA_4_0/source/libcli/resolve/host.c branches/SAMBA_4_0/source/libcli/resolve/nbtlist.c branches/SAMBA_4_0/source/libcli/resolve/resolve.c branches/SAMBA_4_0/source/libcli/resolve/wins.c branches/SAMBA_4_0/source/nbt_server/register.c branches/SAMBA_4_0/source/ntvfs/cifs/vfs_cifs.c branches/SAMBA_4_0/source/torture/raw/composite.c Changeset: Sorry, the patch is too large (1036 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5126
svn commit: samba r5127 - in branches/SAMBA_3_0/source/lib: .
Author: vlendec Date: 2005-01-31 09:27:12 + (Mon, 31 Jan 2005) New Revision: 5127 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5127 Log: Fix Bug 2289 -- thanks to [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/source/lib/system_smbd.c Changeset: Modified: branches/SAMBA_3_0/source/lib/system_smbd.c === --- branches/SAMBA_3_0/source/lib/system_smbd.c 2005-01-31 08:30:44 UTC (rev 5126) +++ branches/SAMBA_3_0/source/lib/system_smbd.c 2005-01-31 09:27:12 UTC (rev 5127) @@ -111,13 +111,12 @@ static int sys_getgrouplist(const char *user, gid_t gid, gid_t *groups, int *grpcnt) { - char *p; int retval; DEBUG(10,(sys_getgrouplist: user [%s]\n, user)); /* see if we should disable winbindd lookups for local users */ - if ( (p = strchr(user, *lp_winbind_separator())) == NULL ) { + if (strchr(user, *lp_winbind_separator()) == NULL) { if ( !winbind_off() ) DEBUG(0,(sys_getgroup_list: Insufficient environment space for %s\n, WINBINDD_DONT_ENV));
svn commit: samba r5128 - in trunk/source/lib: .
Author: vlendec Date: 2005-01-31 09:27:53 + (Mon, 31 Jan 2005) New Revision: 5128 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5128 Log: Fix Bug 2289 -- thanks to [EMAIL PROTECTED] Modified: trunk/source/lib/system_smbd.c Changeset: Modified: trunk/source/lib/system_smbd.c === --- trunk/source/lib/system_smbd.c 2005-01-31 09:27:12 UTC (rev 5127) +++ trunk/source/lib/system_smbd.c 2005-01-31 09:27:53 UTC (rev 5128) @@ -111,13 +111,12 @@ static int sys_getgrouplist(const char *user, gid_t gid, gid_t *groups, int *grpcnt) { - char *p; int retval; DEBUG(10,(sys_getgrouplist: user [%s]\n, user)); /* see if we should disable winbindd lookups for local users */ - if ( (p = strchr(user, *lp_winbind_separator())) == NULL ) { + if (strchr(user, *lp_winbind_separator()) == NULL) { if ( !winbind_off() ) DEBUG(0,(sys_getgroup_list: Insufficient environment space for %s\n, WINBINDD_DONT_ENV));
svn commit: samba r5129 - in branches/SAMBA_4_0/source/lib: .
Author: tridge Date: 2005-01-31 09:53:21 + (Mon, 31 Jan 2005) New Revision: 5129 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5129 Log: make sure we don't spin chewing CPU time due to my last change Modified: branches/SAMBA_4_0/source/lib/events.c Changeset: Modified: branches/SAMBA_4_0/source/lib/events.c === --- branches/SAMBA_4_0/source/lib/events.c 2005-01-31 09:27:53 UTC (rev 5128) +++ branches/SAMBA_4_0/source/lib/events.c 2005-01-31 09:53:21 UTC (rev 5129) @@ -290,7 +290,11 @@ * sys_select() with something in the events * structure - for now just use select() */ - selrtn = select(ev-maxfd+1, r_fds, w_fds, NULL, tval); + if (timeval_is_zero(tval)) { + selrtn = select(ev-maxfd+1, r_fds, w_fds, NULL, NULL); + } else { + selrtn = select(ev-maxfd+1, r_fds, w_fds, NULL, tval); + } t = timeval_current();
svn commit: samba r5130 - in branches/SAMBA_4_0/source/torture: . nbt
Author: tridge Date: 2005-01-31 09:54:39 + (Mon, 31 Jan 2005) New Revision: 5130 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5130 Log: added a single NBT name query benchmark. It keeps 10 queries in flight at a time. Added: branches/SAMBA_4_0/source/torture/nbt/ branches/SAMBA_4_0/source/torture/nbt/query.c Modified: branches/SAMBA_4_0/source/torture/config.mk branches/SAMBA_4_0/source/torture/torture.c Changeset: Modified: branches/SAMBA_4_0/source/torture/config.mk === --- branches/SAMBA_4_0/source/torture/config.mk 2005-01-31 09:53:21 UTC (rev 5129) +++ branches/SAMBA_4_0/source/torture/config.mk 2005-01-31 09:54:39 UTC (rev 5130) @@ -167,6 +167,16 @@ # # +# Start SUBSYSTEM TORTURE_NBT +[SUBSYSTEM::TORTURE_NBT] +ADD_OBJ_FILES = \ + torture/nbt/query.o +REQUIRED_SUBSYSTEMS = \ + LIBSMB +# End SUBSYSTEM TORTURE_NBT +# + +# # Start BINARY smbtorture [BINARY::smbtorture] OBJ_FILES = \ @@ -182,6 +192,7 @@ TORTURE_LOCAL \ TORTURE_NBENCH \ TORTURE_LDAP \ + TORTURE_NBT \ CONFIG \ LIBCMDLINE \ LIBBASIC Added: branches/SAMBA_4_0/source/torture/nbt/query.c === --- branches/SAMBA_4_0/source/torture/nbt/query.c 2005-01-31 09:53:21 UTC (rev 5129) +++ branches/SAMBA_4_0/source/torture/nbt/query.c 2005-01-31 09:54:39 UTC (rev 5130) @@ -0,0 +1,130 @@ +/* + Unix SMB/CIFS implementation. + + NBT name query testing + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include includes.h +#include libcli/nbt/libnbt.h +#include librpc/gen_ndr/ndr_nbt.h + +struct result_struct { + int num_pass; + int num_fail; +}; + +static void increment_handler(struct nbt_name_request *req) +{ + struct result_struct *v = talloc_get_type(req-async.private, struct result_struct); + if (req-state != NBT_REQUEST_DONE) { + v-num_fail++; + } else { + v-num_pass++; + } + talloc_free(req); +} + +/* + benchmark simple name queries +*/ +static BOOL bench_namequery(TALLOC_CTX *mem_ctx, struct nbt_name *name, const char *address) +{ + struct nbt_name_socket *nbtsock = nbt_name_socket_init(mem_ctx, NULL); + int num_sent=0; + struct result_struct *result; + struct nbt_name_query io; + struct timeval tv = timeval_current(); + BOOL ret = True; + int timelimit = lp_parm_int(-1, torture, timelimit, 10); + + io.in.name = *name; + io.in.dest_addr = address; + io.in.broadcast = False; + io.in.wins_lookup = False; + io.in.timeout = 1; + + result = talloc_zero(mem_ctx, struct result_struct); + + printf(Running for %d seconds\n, timelimit); + while (timeval_elapsed(tv) timelimit) { + while (num_sent - (result-num_pass+result-num_fail) 10) { + struct nbt_name_request *req; + req = nbt_name_query_send(nbtsock, io); + if (req == NULL) { + printf(Failed to setup request!\n); + ret = False; + goto failed; + } + req-async.fn = increment_handler; + req-async.private = result; + num_sent++; + if (num_sent % 100 == 0) { + printf(%.1f queries per second (%d failures) \r, + result-num_pass / timeval_elapsed(tv), + result-num_fail); + } + } + + event_loop_once(nbtsock-event_ctx); + } + + while (num_sent != (result-num_pass + result-num_fail)) { + event_loop_once(nbtsock-event_ctx); + } + + printf(%.1f queries per second (%d failures) \n, + result-num_pass /
svn commit: samba r5131 - in branches/SAMBA_3_0/examples/VFS: .
Author: jerry Date: 2005-01-31 13:17:49 + (Mon, 31 Jan 2005) New Revision: 5131 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5131 Log: BUG 2290: don;t call mkversion.sh since we don't have it in this directory Modified: branches/SAMBA_3_0/examples/VFS/autogen.sh Changeset: Modified: branches/SAMBA_3_0/examples/VFS/autogen.sh === --- branches/SAMBA_3_0/examples/VFS/autogen.sh 2005-01-31 09:54:39 UTC (rev 5130) +++ branches/SAMBA_3_0/examples/VFS/autogen.sh 2005-01-31 13:17:49 UTC (rev 5131) @@ -47,9 +47,6 @@ exit 1 fi -echo $0: running script/mkversion.sh -./script/mkversion.sh || exit 1 - rm -rf autom4te*.cache echo $0: running $AUTOHEADER
svn commit: samba r5132 - in branches/SAMBA_3_0/examples/LDAP: .
Author: jerry Date: 2005-01-31 13:26:00 + (Mon, 31 Jan 2005) New Revision: 5132 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5132 Log: netscape DS 5.2 schema update from Richard Renard [EMAIL PROTECTED] Modified: branches/SAMBA_3_0/examples/LDAP/samba-schema-netscapeds5.x Changeset: Modified: branches/SAMBA_3_0/examples/LDAP/samba-schema-netscapeds5.x === --- branches/SAMBA_3_0/examples/LDAP/samba-schema-netscapeds5.x 2005-01-31 13:17:49 UTC (rev 5131) +++ branches/SAMBA_3_0/examples/LDAP/samba-schema-netscapeds5.x 2005-01-31 13:26:00 UTC (rev 5132) @@ -2,6 +2,9 @@ ## Darren Chew darren.chew at vicscouts dot asn dot au ## Andre Fiebach andre dot fiebach at stud dot uni-rostock dot de ## Thomas Mueller 12.04.2003, [EMAIL PROTECTED] +## Richard Renard [EMAIL PROTECTED] 2005-01-28 +## - added support for MungedDial, BadPasswordCount, BadPasswordTime, PasswordHistory, LogonHours +## - in Sun One 5.2 copy it as 99samba-schema-netscapeds5.ldif ## ## Samba 3.0 schema file for Netscape DS 5.x ## @@ -9,22 +12,22 @@ # Sun One DS do not load the schema without this lines # Andr Fiebach [EMAIL PROTECTED] -dn: cn=schema -objectClass: top -objectClass: ldapSubentry -objectClass: subschema -cn: schema -aci: (target=ldap:///cn=schema;)(targetattr !=aci)(version 3.0;acl anonymo - us, no acis; allow (read, search, compare) userdn = ldap:///anyone;;) -aci: (targetattr = *)(version 3.0; acl Configuration Administrator; allow - (all) userdn = ldap:///uid=admin,ou=Administrators, ou=TopologyManagement, - o=NetscapeRoot;) -aci: (targetattr = *)(version 3.0; acl Local Directory Administrators Group - ; allow (all) groupdn = ldap:///cn=Directory Administrators, dc=samba,dc=org;) -aci: (targetattr = *)(version 3.0; acl SIE Group; allow (all)groupdn = ld - ap:///cn=slapd-sambaldap, cn=iPlanet Directory Server, cn=Server Group, cn=iPlanetDirectory.samba.org, ou=samba.org, o=NetscapeRoot;) - -objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY DESC 'Samba 3.0 Auxilary SAM Account' MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGroupSID $ sambaDomainName ) X-ORIGIN 'user defined' ) +dn: cn=schema +objectClass: top +objectClass: ldapSubentry +objectClass: subschema +cn: schema +aci: (target=ldap:///cn=schema;)(targetattr !=aci)(version 3.0;acl anonymo + us, no acis; allow (read, search, compare) userdn = ldap:///anyone;;) +aci: (targetattr = *)(version 3.0; acl Configuration Administrator; allow + (all) userdn = ldap:///uid=admin,ou=Administrators, ou=TopologyManagement, + o=NetscapeRoot;) +aci: (targetattr = *)(version 3.0; acl Local Directory Administrators Group + ; allow (all) groupdn = ldap:///cn=Directory Administrators, dc=samba,dc=org;) +aci: (targetattr = *)(version 3.0; acl SIE Group; allow (all)groupdn = ld + ap:///cn=slapd-sambaldap, cn=iPlanet Directory Server, cn=Server Group, cn=iPlanetDirectory.samba.org, ou=samba.org, o=NetscapeRoot;) + +objectClasses: ( 1.3.6.1.4.1.7165.2.2.6 NAME 'sambaSamAccount' SUP top AUXILIARY DESC 'Samba 3.0 Auxilary SAM Account' MUST ( uid $ sambaSID ) MAY ( cn $ sambaLMPassword $ sambaNTPassword $ sambaPwdLastSet $ sambaLogonTime $ sambaLogoffTime $ sambaKickoffTime $ sambaPwdCanChange $ sambaPwdMustChange $ sambaAcctFlags $ displayName $ sambaHomePath $ sambaHomeDrive $ sambaLogonScript $ sambaProfilePath $ description $ sambaUserWorkstations $ sambaPrimaryGroupSID $ sambaDomainName $ sambaMungedDial $ sambaBadPasswordCount $ sambaBadPasswordTime $ sambaPasswordHistory $ sambaLogonHours) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.2.2.4 NAME 'sambaGroupMapping' SUP top AUXILIARY DESC 'Samba Group Mapping' MUST ( gidNumber $ sambaSID $ sambaGroupType ) MAY ( displayName $ description ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.2.2.5 NAME 'sambaDomain' SUP top STRUCTURAL DESC 'Samba Domain Information' MUST ( sambaDomainName $ sambaSID ) MAY ( sambaNextRid $ sambaNextGroupRid $ sambaNextUserRid $ sambaAlgorithmicRidBase ) X-ORIGIN 'user defined' ) objectClasses: ( 1.3.6.1.4.1.7165.1.2.2.7 NAME 'sambaUnixIdPool' SUP top AUXILIARY DESC 'Pool for allocating UNIX uids/gids' MUST ( uidNumber $ gidNumber ) X-ORIGIN 'user defined' ) @@ -45,6 +48,11 @@ attributeTypes: ( 1.3.6.1.4.1.7165.2.1.36 NAME 'sambaUserWorkstations' DESC 'List of user workstations the user is allowed to logon to' EQUALITY
svn commit: samba-web r535 - in trunk/news/advocacy: .
Author: deryck Date: 2005-01-31 15:18:13 + (Mon, 31 Jan 2005) New Revision: 535 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=535 Log: Adding news item on ZDNet UK's Microsoft won't dance with Samba story. deryck Added: trunk/news/advocacy/ms_samba_dance.html Changeset: Added: trunk/news/advocacy/ms_samba_dance.html === --- trunk/news/advocacy/ms_samba_dance.html 2005-01-30 03:34:51 UTC (rev 534) +++ trunk/news/advocacy/ms_samba_dance.html 2005-01-31 15:18:13 UTC (rev 535) @@ -0,0 +1,18 @@ +h3a name=ms_samba_danceZDNet UK on FSF, Microsoft, and Samba/a/h3 + +div class=article +pa href=http://www.zdnet.co.uk/;ZDNet UK/a is reporting that the +a href=http://www.gnu.org/fsf/fsf.html;Free Software Foundation/a is/p + +blockquotelobbying the European government to reject the server licence +that Microsoft has proposed following the European Commission's +antitrust ruling. Microsoft's terms, says the FSF, will mean that open +source software such as the widely-used Samba file and print server +software, will not be included in the interoperability measures +intended by the EU./blockquote + +pFor more, see the full article, +a href=http://news.zdnet.co.uk/software/developer/0,39020387,39185562,00.htm;Microsoft won't dance with Samba/a./p +/div + +
svn commit: samba r5133 - in branches/SAMBA_4_0/source/build/pidl: .
Author: metze Date: 2005-01-31 15:54:42 + (Mon, 31 Jan 2005) New Revision: 5133 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5133 Log: fix type mapping to internal types metze Modified: branches/SAMBA_4_0/source/build/pidl/parser.pm Changeset: Modified: branches/SAMBA_4_0/source/build/pidl/parser.pm === --- branches/SAMBA_4_0/source/build/pidl/parser.pm 2005-01-31 13:26:00 UTC (rev 5132) +++ branches/SAMBA_4_0/source/build/pidl/parser.pm 2005-01-31 15:54:42 UTC (rev 5133) @@ -818,8 +818,9 @@ { my($enum) = shift; my($type_fn) = util::enum_type_fn($enum); + my($type_v_decl) = util::map_type(util::enum_type_fn($enum)); - pidl \t$type_fn v;\n; + pidl \t$type_v_decl v;\n; start_flags($enum); pidl \tNDR_CHECK(ndr_pull_$type_fn(ndr, v));\n; pidl \t*r = v;\n; @@ -874,8 +875,9 @@ { my($bitmap) = shift; my($type_fn) = util::bitmap_type_fn($bitmap); + my($type_decl) = util::bitmap_type_decl($bitmap); - pidl \t$type_fn v;\n; + pidl \t$type_decl v;\n; start_flags($bitmap); pidl \tNDR_CHECK(ndr_pull_$type_fn(ndr, v));\n; pidl \t*r = v;\n; @@ -1298,7 +1300,7 @@ } if ($e-{DATA}-{TYPE} eq BITMAP) { - my $type_decl = util::bitmap_type_fn($e-{DATA}); + my $type_decl = util::bitmap_type_decl($e-{DATA}); pidl $static . NTSTATUS ndr_push_$e-{NAME}(struct ndr_push *ndr, $type_decl r); pidl \n{\n; ParseTypePush($e-{DATA}); @@ -1349,7 +1351,7 @@ } if ($e-{DATA}-{TYPE} eq BITMAP) { - my $type_decl = util::bitmap_type_fn($e-{DATA}); + my $type_decl = util::bitmap_type_decl($e-{DATA}); pidl $static . NTSTATUS ndr_pull_$e-{NAME}(struct ndr_pull *ndr, $type_decl *r); pidl \n{\n; ParseTypePull($e-{DATA}); @@ -1393,7 +1395,7 @@ } if ($e-{DATA}-{TYPE} eq BITMAP) { - my $type_decl = util::bitmap_type_fn($e-{DATA}); + my $type_decl = util::bitmap_type_decl($e-{DATA}); pidl void ndr_print_$e-{NAME}(struct ndr_print *ndr, const char *name, $type_decl r); pidl \n{\n; ParseTypePrint($e-{DATA});
svn commit: samba r5134 - in branches/SAMBA_4_0/source: include lib/registry lib/registry/common lib/registry/tools
Author: metze Date: 2005-01-31 15:58:54 + (Mon, 31 Jan 2005) New Revision: 5134 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5134 Log: - fix types to always use _t types - add #include system/filesys.h where needed metze Modified: branches/SAMBA_4_0/source/include/registry.h branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c branches/SAMBA_4_0/source/lib/registry/common/reg_util.c branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c branches/SAMBA_4_0/source/lib/registry/reg_backend_w95.c branches/SAMBA_4_0/source/lib/registry/tools/regpatch.c Changeset: Modified: branches/SAMBA_4_0/source/include/registry.h === --- branches/SAMBA_4_0/source/include/registry.h2005-01-31 15:54:42 UTC (rev 5133) +++ branches/SAMBA_4_0/source/include/registry.h2005-01-31 15:58:54 UTC (rev 5134) @@ -138,7 +138,7 @@ WERROR (*flush_key) (struct registry_key *); /* Value management */ - WERROR (*set_value)(struct registry_key *, const char *name, uint32 type, void *data, int len); + WERROR (*set_value)(struct registry_key *, const char *name, uint32_t type, void *data, int len); WERROR (*del_value)(struct registry_key *, const char *valname); }; @@ -153,7 +153,7 @@ * contains zero or more hives */ struct registry_context { void *backend_data; - WERROR (*get_predefined_key) (struct registry_context *, uint32 hkey, struct registry_key **); + WERROR (*get_predefined_key) (struct registry_context *, uint32_t hkey, struct registry_key **); }; struct reg_init_function_entry { Modified: branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c === --- branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c 2005-01-31 15:54:42 UTC (rev 5133) +++ branches/SAMBA_4_0/source/lib/registry/common/reg_interface.c 2005-01-31 15:58:54 UTC (rev 5134) @@ -426,7 +426,7 @@ return WERR_OK; } -WERROR reg_val_set(struct registry_key *key, const char *value, uint32 type, void *data, int len) +WERROR reg_val_set(struct registry_key *key, const char *value, uint32_t type, void *data, int len) { /* A 'real' set function has preference */ if (key-hive-functions-set_value) @@ -470,7 +470,7 @@ return WERR_OK; } -WERROR reg_key_subkeysizes(struct registry_key *key, uint32 *max_subkeylen, uint32 *max_subkeysize) +WERROR reg_key_subkeysizes(struct registry_key *key, uint32_t *max_subkeylen, uint32_t *max_subkeysize) { int i = 0; struct registry_key *subkey; @@ -495,7 +495,7 @@ return WERR_OK; } -WERROR reg_key_valuesizes(struct registry_key *key, uint32 *max_valnamelen, uint32 *max_valbufsize) +WERROR reg_key_valuesizes(struct registry_key *key, uint32_t *max_valnamelen, uint32_t *max_valbufsize) { int i = 0; struct registry_value *value; Modified: branches/SAMBA_4_0/source/lib/registry/common/reg_util.c === --- branches/SAMBA_4_0/source/lib/registry/common/reg_util.c2005-01-31 15:54:42 UTC (rev 5133) +++ branches/SAMBA_4_0/source/lib/registry/common/reg_util.c2005-01-31 15:58:54 UTC (rev 5134) @@ -25,7 +25,7 @@ #define DBGC_CLASS DBGC_REGISTRY static const struct { - uint32 id; + uint32_t id; const char *name; } reg_value_types[] = { { REG_SZ, REG_SZ }, @@ -122,9 +122,9 @@ (*value)-data_len = convert_string_talloc(mem_ctx, CH_UNIX, CH_UTF16, data_str, strlen(data_str), (*value)-data_blk); break; case REG_DWORD: - (*value)-data_len = sizeof(uint32); - (*value)-data_blk = talloc(mem_ctx, uint32); - *((uint32 *)(*value)-data_blk) = strtol(data_str, NULL, 0); + (*value)-data_len = sizeof(uint32_t); + (*value)-data_blk = talloc(mem_ctx, uint32_t); + *((uint32_t *)(*value)-data_blk) = strtol(data_str, NULL, 0); break; case REG_NONE: @@ -269,7 +269,7 @@ return error; } -WERROR reg_key_add_abs(TALLOC_CTX *mem_ctx, struct registry_context *ctx, const char *path, uint32 access_mask, struct security_descriptor *sec_desc, struct registry_key **result) +WERROR reg_key_add_abs(TALLOC_CTX *mem_ctx, struct registry_context *ctx, const char *path, uint32_t access_mask, struct security_descriptor *sec_desc, struct registry_key **result) { struct registry_key *parent; const char *n; Modified: branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c === --- branches/SAMBA_4_0/source/lib/registry/reg_backend_nt4.c2005-01-31 15:54:42 UTC (rev 5133)
svn commit: samba r5135 - in branches/SAMBA_4_0/source/lib/cmdline: .
Author: metze Date: 2005-01-31 16:01:22 + (Mon, 31 Jan 2005) New Revision: 5135 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5135 Log: I prepare a clean up in includes.h metze Modified: branches/SAMBA_4_0/source/lib/cmdline/popt_common.c branches/SAMBA_4_0/source/lib/cmdline/readline.c Changeset: Modified: branches/SAMBA_4_0/source/lib/cmdline/popt_common.c === --- branches/SAMBA_4_0/source/lib/cmdline/popt_common.c 2005-01-31 15:58:54 UTC (rev 5134) +++ branches/SAMBA_4_0/source/lib/cmdline/popt_common.c 2005-01-31 16:01:22 UTC (rev 5135) @@ -23,6 +23,7 @@ #include includes.h #include version.h #include dynconfig.h +#include system/filesys.h #include system/passwd.h #include lib/cmdline/popt_common.h @@ -403,7 +404,7 @@ snprintf(cmdline_auth_info.username, sizeof(cmdline_auth_info.username), %s$, lp_netbios_name()); pstrcpy(cmdline_auth_info.password,opt_password); - SAFE_FREE(opt_password); + free(opt_password); cmdline_auth_info.got_pass = True; pstrcpy(cmdline_auth_info.domain, lp_workgroup()); Modified: branches/SAMBA_4_0/source/lib/cmdline/readline.c === --- branches/SAMBA_4_0/source/lib/cmdline/readline.c2005-01-31 15:58:54 UTC (rev 5134) +++ branches/SAMBA_4_0/source/lib/cmdline/readline.c2005-01-31 16:01:22 UTC (rev 5135) @@ -21,6 +21,8 @@ #include includes.h +#include unistd.h + #ifdef HAVE_LIBREADLINE # ifdef HAVE_READLINE_READLINE_H #include readline/readline.h
svn commit: samba r5136 - in branches/SAMBA_4_0/source/libcli/auth: .
Author: metze Date: 2005-01-31 16:02:58 + (Mon, 31 Jan 2005) New Revision: 5136 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5136 Log: fix types metze Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.c branches/SAMBA_4_0/source/libcli/auth/gensec.h branches/SAMBA_4_0/source/libcli/auth/gssapi_parse.c branches/SAMBA_4_0/source/libcli/auth/spnego.h Changeset: Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.c === --- branches/SAMBA_4_0/source/libcli/auth/gensec.c 2005-01-31 16:01:22 UTC (rev 5135) +++ branches/SAMBA_4_0/source/libcli/auth/gensec.c 2005-01-31 16:02:58 UTC (rev 5136) @@ -487,7 +487,7 @@ */ void gensec_want_feature(struct gensec_security *gensec_security, -uint32 feature) +uint32_t feature) { gensec_security-want_features |= feature; } @@ -498,7 +498,7 @@ */ BOOL gensec_have_feature(struct gensec_security *gensec_security, -uint32 feature) +uint32_t feature) { if (!gensec_security-ops-have_feature) { return False; Modified: branches/SAMBA_4_0/source/libcli/auth/gensec.h === --- branches/SAMBA_4_0/source/libcli/auth/gensec.h 2005-01-31 16:01:22 UTC (rev 5135) +++ branches/SAMBA_4_0/source/libcli/auth/gensec.h 2005-01-31 16:02:58 UTC (rev 5136) @@ -58,7 +58,7 @@ struct gensec_security_ops { const char *name; const char *sasl_name; - uint8 auth_type; /* 0 if not offered on DCE-RPC */ + uint8_t auth_type; /* 0 if not offered on DCE-RPC */ const char *oid; /* NULL if not offered by SPENGO */ NTSTATUS (*client_start)(struct gensec_security *gensec_security); NTSTATUS (*server_start)(struct gensec_security *gensec_security); @@ -93,7 +93,7 @@ NTSTATUS (*session_info)(struct gensec_security *gensec_security, struct auth_session_info **session_info); BOOL (*have_feature)(struct gensec_security *gensec_security, - uint32 feature); + uint32_t feature); BOOL enabled; }; @@ -109,7 +109,7 @@ struct gensec_target target; enum gensec_role gensec_role; BOOL subcontext; - uint32 want_features; + uint32_t want_features; }; /* this structure is used by backends to determine the size of some critical types */ Modified: branches/SAMBA_4_0/source/libcli/auth/gssapi_parse.c === --- branches/SAMBA_4_0/source/libcli/auth/gssapi_parse.c2005-01-31 16:01:22 UTC (rev 5135) +++ branches/SAMBA_4_0/source/libcli/auth/gssapi_parse.c2005-01-31 16:02:58 UTC (rev 5136) @@ -31,7 +31,7 @@ /* generate a krb5 GSS-API wrapper packet given a ticket */ -DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8 tok_id[2]) +DATA_BLOB gensec_gssapi_gen_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *ticket, const uint8_t tok_id[2]) { struct asn1_data data; DATA_BLOB ret = data_blob(NULL,0); @@ -63,7 +63,7 @@ /* parse a krb5 GSS-API wrapper packet giving a ticket */ -BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8 tok_id[2]) +BOOL gensec_gssapi_parse_krb5_wrap(TALLOC_CTX *mem_ctx, const DATA_BLOB *blob, DATA_BLOB *ticket, uint8_t tok_id[2]) { BOOL ret; struct asn1_data data; Modified: branches/SAMBA_4_0/source/libcli/auth/spnego.h === --- branches/SAMBA_4_0/source/libcli/auth/spnego.h 2005-01-31 16:01:22 UTC (rev 5135) +++ branches/SAMBA_4_0/source/libcli/auth/spnego.h 2005-01-31 16:02:58 UTC (rev 5136) @@ -49,7 +49,7 @@ }; struct spnego_negTokenTarg { - uint8 negResult; + uint8_t negResult; const char *supportedMech; DATA_BLOB responseToken; DATA_BLOB mechListMIC;
svn commit: samba r5137 - in branches/SAMBA_4_0/source: auth libcli/ldap libcli/security librpc/rpc ntvfs/common ntvfs/posix torture/rpc
Author: metze Date: 2005-01-31 16:06:21 + (Mon, 31 Jan 2005) New Revision: 5137 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5137 Log: fix types metze Modified: branches/SAMBA_4_0/source/auth/auth.h branches/SAMBA_4_0/source/auth/auth_util.c branches/SAMBA_4_0/source/libcli/ldap/ldap.c branches/SAMBA_4_0/source/libcli/security/security_descriptor.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c branches/SAMBA_4_0/source/ntvfs/common/brlock.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_fileinfo.c branches/SAMBA_4_0/source/torture/rpc/testjoin.c Changeset: Modified: branches/SAMBA_4_0/source/auth/auth.h === --- branches/SAMBA_4_0/source/auth/auth.h 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/auth/auth.h 2005-01-31 16:06:21 UTC (rev 5137) @@ -85,10 +85,10 @@ NTTIME allow_password_change; NTTIME force_password_change; - uint16 logon_count; - uint16 bad_password_count; + uint16_t logon_count; + uint16_t bad_password_count; - uint32 acct_flags; + uint32_t acct_flags; BOOL authenticated; }; Modified: branches/SAMBA_4_0/source/auth/auth_util.c === --- branches/SAMBA_4_0/source/auth/auth_util.c 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/auth/auth_util.c 2005-01-31 16:06:21 UTC (rev 5137) @@ -273,7 +273,7 @@ ***/ NTSTATUS make_server_info_netlogon_validation(TALLOC_CTX *mem_ctx, const char *account_name, - uint16 validation_level, + uint16_t validation_level, union netr_Validation *validation, struct auth_serversupplied_info **_server_info) { Modified: branches/SAMBA_4_0/source/libcli/ldap/ldap.c === --- branches/SAMBA_4_0/source/libcli/ldap/ldap.c2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/libcli/ldap/ldap.c2005-01-31 16:06:21 UTC (rev 5137) @@ -1220,7 +1220,7 @@ } BOOL ldap_parse_basic_url(TALLOC_CTX *mem_ctx, const char *url, - char **host, uint16 *port, BOOL *ldaps) + char **host, uint16_t *port, BOOL *ldaps) { int tmp_port = 0; char protocol[11]; Modified: branches/SAMBA_4_0/source/libcli/security/security_descriptor.c === --- branches/SAMBA_4_0/source/libcli/security/security_descriptor.c 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/libcli/security/security_descriptor.c 2005-01-31 16:06:21 UTC (rev 5137) @@ -194,7 +194,7 @@ */ BOOL security_descriptor_mask_equal(const struct security_descriptor *sd1, const struct security_descriptor *sd2, - uint32 mask) + uint32_t mask) { if (sd1 == sd2) return True; if (!sd1 || !sd2) return False; Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc.c 2005-01-31 16:06:21 UTC (rev 5137) @@ -1328,7 +1328,7 @@ /* get the dcerpc auth_level for a open connection */ -uint32 dcerpc_auth_level(struct dcerpc_connection *c) +uint32_t dcerpc_auth_level(struct dcerpc_connection *c) { uint8_t auth_level; Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_schannel.c 2005-01-31 16:06:21 UTC (rev 5137) @@ -501,7 +501,7 @@ } static BOOL dcerpc_schannel_have_feature(struct gensec_security *gensec_security, - uint32 feature) + uint32_t feature) { if (feature (GENSEC_FEATURE_SESSION_KEY | GENSEC_FEATURE_SIGN | Modified: branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c === --- branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c 2005-01-31 16:02:58 UTC (rev 5136) +++ branches/SAMBA_4_0/source/librpc/rpc/dcerpc_smb.c 2005-01-31 16:06:21 UTC
svn commit: samba r5138 - in branches/SAMBA_4_0/source/nsswitch: .
Author: metze Date: 2005-01-31 16:07:56 + (Mon, 31 Jan 2005) New Revision: 5138 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5138 Log: don't create prototypes for samba3's winbind client lib they're in hand declared metze Modified: branches/SAMBA_4_0/source/nsswitch/config.mk Changeset: Modified: branches/SAMBA_4_0/source/nsswitch/config.mk === --- branches/SAMBA_4_0/source/nsswitch/config.mk2005-01-31 16:06:21 UTC (rev 5137) +++ branches/SAMBA_4_0/source/nsswitch/config.mk2005-01-31 16:07:56 UTC (rev 5138) @@ -2,6 +2,6 @@ # Start SUBSYSTEM LIB_WINBIND_CLIENT [SUBSYSTEM::LIB_WINBIND_CLIENT] ADD_OBJ_FILES = nsswitch/wb_common.o - +NOPROTO=YES # End SUBSYSTEM LIB_WINBIND_CLIENT #