[Samba] Re: Samba openldap client installation howtows
Peter Nyberg [EMAIL PROTECTED] wrote: Does anyone know a nice howto about different client single sign on setup for samba openldap. I'm intrested in all types of os accept old windows systems. Unix Windows 2000/XP GINA - http://pgina.xpasystems.com/ Macintosh classic (not appletalk) if possible. Macintosh OS X Not available, AFAIK. Cheers, -- Michal Kurowski [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] errors while doing make of samba on AIX
Hi all, I am trying to install samba on AIX. I have done a configure, but while running make it gives the following error. Compiling nsswitch/pam_winbind.c with -O2 nsswitch/pam_winbind.c: In function `converse': nsswitch/pam_winbind.c:67: warning: passing arg 3 of `pam_get_item' from incompa nsswitch/pam_winbind.c:70: warning: passing arg 2 of pointer to function from in nsswitch/pam_winbind.c: In function `_make_remark': nsswitch/pam_winbind.c:85: warning: assignment discards qualifiers from pointer nsswitch/pam_winbind.c: In function `_winbind_read_password': nsswitch/pam_winbind.c:297: warning: passing arg 3 of `pam_get_item' from incomp nsswitch/pam_winbind.c:309: error: `PAM_AUTHTOK_RECOVER_ERR' undeclared (first u nsswitch/pam_winbind.c:309: error: (Each undeclared identifier is reported only nsswitch/pam_winbind.c:309: error: for each function it appears in.) nsswitch/pam_winbind.c:330: warning: assignment discards qualifiers from pointer nsswitch/pam_winbind.c:338: warning: assignment discards qualifiers from pointer nsswitch/pam_winbind.c:344: warning: assignment discards qualifiers from pointer nsswitch/pam_winbind.c:402: warning: passing arg 3 of `pam_get_item' from incomp nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:417: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_authenticate': nsswitch/pam_winbind.c:428: warning: passing arg 2 of `pam_get_user' from incomp nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:461: error: syntax error before int nsswitch/pam_winbind.c:472: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_acct_mgmt': nsswitch/pam_winbind.c:482: warning: passing arg 2 of `pam_get_user' from incomp nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:518: error: syntax error before int nsswitch/pam_winbind.c:528: error: syntax error before int nsswitch/pam_winbind.c:540: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_chauthtok': nsswitch/pam_winbind.c:559: warning: passing arg 2 of `pam_get_user' from incomp nsswitch/pam_winbind.c:636: warning: passing arg 3 of `pam_get_item' from incomp make: 1254-004 The error code from the last command is 1. Please let me know if some one has any clue how to go about solving this error. Thanks in advance. Chandana DISCLAIMER: This message contains privileged and confidential information and is intended only for the individual named.If you are not the intended recipient you should not disseminate,distribute,store,print, copy or deliver this message.Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain viruses.The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Migrating from Workgoup to Domain
Hi all, I have a network spanning over 3 subnets, connected by routers (approx. 150 Win 9X/NT/XP machines). Currently we are running a large workgroup, and I am considering migrating it to a domain. Since the users are always complaining about the browsing problem (long time in connecting to share, slow in browsing etc), so I would like to know if migrating to a domain will somhow help in the efficiency of browsing? Besides, if I turn on the domain settings in the Samba server (i.e. domain master = yes, domain logons = yes, and some create user/machine netlogon share stuff), will there be a great influence in current users? Thanks, Guang Zhu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] syncing passwords
does ldap passwd sync = yes work in both directions? i mean, if i change password on ldap is also changed the samba one? thx abo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] syncing passwords
On Mon, 2005-02-07 at 10:16 +0100, abo wrote: does ldap passwd sync = yes work in both directions? i mean, if i change password on ldap is also changed the samba one? depends I guess on which client you use to do that with. ldapmodify ? No webmin ldap users and groups ? Yes LAM ? Yes Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Printer queue problem
I upgraded this weekend one of my sambaservers to 3.0.11 and the printer queue problem seems to have gone. Great work samba team Thanx Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Impossible to get folders in windows
Im using mandrake10.1 wiht kde in my notebook, and i got windowsXP in other desktop machine. Im able to mount linux folders in smb4k, and (this in windows machine) appears listed Workgroup/Localhost/Samba Server 3.0.10, and when i click in folder Samba Server 3.0.10 appears a window to enter user, but as soon i type the user/pass i get saying: \\Localhost is not accessible. You may not have permissions to use thos network resource. contact the network administrator to know if you have permissions. No matter what i do i get always this message. All goes ok when sharing folders in linux, but in windows Anyone knows whats wrong? greets, Zé -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RPM Build error for Samba-3.0.10-1.src.rpm
Hi, I am trying to install samba 3 on RH Enterprise Linux AS with LDAP and SMBLDapTools. I hv downloaded the Samba-3.0.10-1.src.rpm from Samba site. I want my samba to support ACLs, Profiles, LDAPSAM etc. To make it work i edited the SPECS file and added the following entries - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam After adding the above entries i tried to build the new rpm. While doing so got the following error Config,status:Creating include /config.h + - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam ' ' /var/tmp/rpm-tmp.40956:line 69: - - with-acl-support : command not found error: Bad exit status from /var/tmp/rpm-tmp.40956 Can any one tell me where i am going wrong?? Thanks Regards Mandar Kulkarni -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[samba] 3.0.11 Ignoring unknown parameter privileges
Hi, i have just compliled 3.0.11 (configure --prefix=/usr/local/ --with-ldapsm; make make install) i added to smb.conf privileges = yes but when i do a testparm i get Ignoring unknown parameter privileges which will mean i cant use net rpc rights commands! Any ideas -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] password ldap clarification requested...
thanks very much for the replies. this helps! and for the Heimdal Kerberos stuff: I'm very much trying to stick to the KISS principle, so that might be something for later. :) Thanks, mourik jan -Original Message- From: Gémes Géza [mailto:[EMAIL PROTECTED] Sent: 06 February 2005 21:47 To: [EMAIL PROTECTED] Cc: mourik jan c heupink; samba@lists.samba.org Subject: Re: [Samba] password ldap clarification requested... Adam Tauno Williams írta: I would like to know if the following statements are true, just to make sure that my understanding of passwords/ldap stuff is correct... Vampireing passwords from an nt4 pdc only populates the ldap server with windows passwords, and not the (linux) userPassword. Yes. Authenticating linux logons against this ldap server is therefore only possible using winbind. Not entirely true. 'Normal' ldap enabled software can NOT authenticate against this ldap, because they expect a userPassword, and by simply vampireing this password is left blank. Yes, but recent OpenLDAP servers support authenticating binds against a LANMAN hash. And what could be more inetresting, you could have a Heimdal Kerberos authenticating against the NT hash, see https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap for the details The ldap passwd sync = yes smb.conf option makes sure that when updating the 'windows' password (via idealx scripts, for example) the (linux) userPassword get's updated as well. Yep, via password-modify extended operation. So: suppose I migrate our domain to samba, and on the first samba day, I set all accounts to 'required to change password upon first login' I would end up having new passwords for everybody, both for windows and linux. Yes. And all normal ldap enabled software would then be able to use that ldap directory to authenticate to. Yes. Are these assumptions correct? Thanks very much for feedback. More or less. Cheers Geza -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Migrating from Workgoup to Domain
Hi, simply switching to domain does not help you out about browsing problems, of course some of the needed entries which you need to use will help you ( wins server etc ). Read the chapters in the samba faqs about wins browsing dns,dhcp this will help you out. You should also check the quality of your switches , routers, firewalls , nics etc to pump up your network speed. Regards Guang Zhu schrieb: Hi all, I have a network spanning over 3 subnets, connected by routers (approx. 150 Win 9X/NT/XP machines). Currently we are running a large workgroup, and I am considering migrating it to a domain. Since the users are always complaining about the browsing problem (long time in connecting to share, slow in browsing etc), so I would like to know if migrating to a domain will somhow help in the efficiency of browsing? Besides, if I turn on the domain settings in the Samba server (i.e. domain master = yes, domain logons = yes, and some create user/machine netlogon share stuff), will there be a great influence in current users? Thanks, Guang Zhu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How does the UNIX end work?
Andrew Edmondson [EMAIL PROTECTED] wrote: I've been trying to find something on this in the docs but have failed so far - perhaps I'm just looking in the wrong place and if so please feel free to reply with a link. My issue is that files create on a samba share in windows are fine. The file is created and is accessible by everyone straight away. But, if I have a unix script create a file on the samba share at the server end it seems to take some time (varies up to a minute) to become available to the windows clients. The question is: how does Windows work ? ;-))) And the answer - it caches. The view of the underlying drive is cached on the Windows side and it takes a few seconds it notices a change. This has led me to think that there is a list of files which is updated either at the request of smbd (due to access by a windows machine) or after a periodic (every 1 minute?) scan of the files at the UNIX end. Is there a way to shrink or remove this refresh time at all? I don't think so. Figured this out in the end - it was a combination of 2 things. One, I had the files on one server and [nfs] mounted to the box running samba which then served the files out to the windows network. This introduced a delay of about 20 seconds so I had to move some data to the server running samba. The second thing was the 'change notify timeout' needed to be changed from its default 60 seconds. Works great now, cheers for the input Michal. -- Michal Kurowski [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cann't get cups printrers visible to windows XP
tj: [...] So, how do I get the samba printer seen by Windows? Did you say you were using Cups? What does 'smbclient -L YOURNETBIOSNAME -U%' tell you? What does Swat tell you? F.ex. on this test rig, 'smbclient -L TRU -U%' gives me: Epson Printer Epson Stylus Epson_Samba Printer Epson_Samba for my printer. These are as I installed them for Cups. I haven't told Samba (3.0.9 in this case) to use Cups, that's the default - and it looks for Cups printers using libcups.so.2. How do I know (I'm relatively new to Samba)? It says so in the docs. Yes, I can see my printer in XP's Control Panel. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem joining Windows machine to domain managed by Samba PDC
Martin Gilchrist: [...] The more detailed error message says: The error was: DNS name does not exist. (error code 0x232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.MYDOMAIN Common causes of this error include the following:... My impression is that a lot of people hit this problem, but after reading FAQs and googling, I don't understand what the solution is: I think I don't have a good conceptual map of what needs to be fixed. I have tried to follow suggestions such as to fix various settings such as WINS and DNS, but to no avail. 1: You have to set up a KerberosV KDC on some machine (preferably your Samba server; 2: You have to set up a working DNS on some machine, preferably your Samba server. Can someone give me a step-by-step approach to fixing this? Turbo Fredriksson has gone a long way toward this with his HOWTO at www.bayour.com. However, it's going to take you a longish time - however you look at it. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
Tony Earnshaw: [...] Hope this helps someone, it cost me enough pain before it worked properly for me. Oh yes - regular (existing or new) Posix group users can be anywhere in your DSA, in any group (though it makes sense to put computer trusts under ou=smb). Simply run smbpasswd or pdbedit (can be done from a script) on each one to add them to the domain. Personally I don't use the IDEALX scripts, I write my own awk and shell scripts. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
John H Terpstra: [...] The Samba-HOWTO-Collection is literally intended to be correct and capable of being followed literally! Please document what sucks and help us to improve our documentation. I encourage you to file a bug report with details of what needs to be fixed. You can file a bug report on https://bugzilla.samba.org On the basis of what the Samba team has done over the years, its availability and quality, it would be my bounden duty to do so. However, this would mean a complete rewrite, producing a parallel doc that omitted all reference to Samba V2 (with which I'm not familiar) My basic point of criticism (I started with Samba 3.0.7, Openldap V2.2.20) after following the HOWTO, finding out that it crippled my system and asking myself how Samba/LDAP should be configured. For all of what follows I used GQ 1.0.b1 (jump from www.biot.com), since it gives a graphical representation of the DSA, drag'n drop is possible, making experimenting a breeze, shows *all* mandatory and optional attributes in different colors and gives sensible error reports when you do something wrong: 1: under ou=smb, *no* groups called (cn=)Domain Admins, Domain Guests or Domain Users should be set up. cns with spaces in are not liked by Openldap 2.2 and Samba makes a hash of them; furthermore Linux doesn't like them . Anyway, these groups are NT groups and not Posix groups and are defined in the *record* for the group, as defined in the displayName attribute. Instead, under ou=smb, define 3 Posix groups domadm, domguest and domuser. Give them regular, unique gidNumbers. For domadm, set attribute displayName to Domain Admins, for domguest set displayName to Domain Guests and domuser set displayName to Domain Users. Make each group an objectClass member of sambaGroupMapping. Get your local SID using 'net getlocalsid' Give each group its SID as defined in the regular Samba HOWTO. Into domadm, put cn=Administrator and cn=root as described in the HOWTO. objectClasses top, person, organizationalPerson, inetOrgPerson, posixAccount and sambaSamAccount, Administrator can have any uidNumber (I use a Red Hat system number, 16( and his gidNumber will be that of domadm. root has to have uidNumber=0 and domadm's gidNumber. Administrator's sambaSID is localsid+calculated RID as in the Samba HOWTO docs, sambaPrimaryGroupSID=localsid+512; root\s sambaSID=localsid+502, primary group SID=localsid+512. When following the Navarra HOWTO, 'net groupmap list' didn't work at all, nor could I do a 'net rpc join'; that was what started me experimenting. now it works as it should and I can do a 'net rpc join'. Hope this helps someone, it cost me enough pain before it worked properly for me. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RPM Build error for Samba-3.0.10-1.src.rpm
Hi, how is the exact line from your spec-file? is it like in your mail with the spaces?? or ist it like that: --with-acl-support if there are the spaces between - - then is there the error Mandar Kulkarni/PUN/IN/STTL schrieb: Hi, I am trying to install samba 3 on RH Enterprise Linux AS with LDAP and SMBLDapTools. I hv downloaded the Samba-3.0.10-1.src.rpm from Samba site. I want my samba to support ACLs, Profiles, LDAPSAM etc. To make it work i edited the SPECS file and added the following entries - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam After adding the above entries i tried to build the new rpm. While doing so got the following error Config,status:Creating include /config.h + - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam ' ' /var/tmp/rpm-tmp.40956:line 69: - - with-acl-support : command not found error: Bad exit status from /var/tmp/rpm-tmp.40956 Can any one tell me where i am going wrong?? Thanks Regards Mandar Kulkarni -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How does the UNIX end work?
Andrew Edmondson [EMAIL PROTECTED] wrote:
Figured this out in the end - it was a combination of 2 things. One, I had
the files on one server and [nfs] mounted to the box running samba which
then served the files out to the windows network. This introduced a delay
of about 20 seconds so I had to move some data to the server running
samba.
I'd recommend against serving files taken from NFS anyway.
The second thing was the 'change notify timeout' needed to be
changed from its default 60 seconds.
Interesting. To what value you changed it ?
Works great now, cheers for the input Michal.
That's great it's sorted out.
--
Michal Kurowski
perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#;
y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
Hope this helps someone, it cost me enough pain before it worked properly for me. Oh yes - regular (existing or new) Posix group users can be anywhere in your DSA, I think you mean anywhere in your Dit; anywhere in your DSA doesn't make much sense, in any group (though it makes sense to put computer trusts under ou=smb). I think you mean in any container. And you're wrong, they need to be below the search base used by NSS for the appropriate object type - groups, person, etc... You can only put them anywhere if you are using the root of the Dit as your search base which is generally inadvisable for a number of reasons. Simply run smbpasswd or pdbedit (can be done from a script) on each one to add them to the domain. Personally I don't use the IDEALX scripts, I write my own awk and shell scripts. Same, we've written .NET (Mono) 'scripts' for doing this. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: How does the UNIX end work?
Andrew Edmondson [EMAIL PROTECTED] wrote:
Figured this out in the end - it was a combination of 2 things. One, I
had
the files on one server and [nfs] mounted to the box running samba which
then served the files out to the windows network. This introduced a delay
of about 20 seconds so I had to move some data to the server running
samba.
I'd recommend against serving files taken from NFS anyway.
Why would you recommend against combining NFS and Samba ?
Just out of curiosity...
The second thing was the 'change notify timeout' needed to be
changed from its default 60 seconds.
Interesting. To what value you changed it ?
Works great now, cheers for the input Michal.
That's great it's sorted out.
--
Michal Kurowski
perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m
m::#;
y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] possible to not have a password?
For what i have seen, where i enter a user with no password, or the password field in blank, then i it becomes impossible to have it in windows machine or mount it. So what i ask is what is needed to set and how to be able to share without the need of a password. greets, Zé -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RPM Build error for Samba-3.0.10-1.src.rpm
The exact line is similar to following --with-acl-support \ Thanks Regards Mandar Kulkarni Arno Seidel [EMAIL PROTECTED] agTo Sent by: samba-bounces+mku cc lkarni=softcell.c samba@lists.samba.org [EMAIL PROTECTED] Subject org Re: [Samba] RPM Build error for Samba-3.0.10-1.src.rpm 07/02/2005 06:04 PM Hi, how is the exact line from your spec-file? is it like in your mail with the spaces?? or ist it like that: --with-acl-support if there are the spaces between - - then is there the error Mandar Kulkarni/PUN/IN/STTL schrieb: Hi, I am trying to install samba 3 on RH Enterprise Linux AS with LDAP and SMBLDapTools. I hv downloaded the Samba-3.0.10-1.src.rpm from Samba site. I want my samba to support ACLs, Profiles, LDAPSAM etc. To make it work i edited the SPECS file and added the following entries - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam After adding the above entries i tried to build the new rpm. While doing so got the following error Config,status:Creating include /config.h + - - with-acl-support - - with-profile - - disable-static - - with-msdfs - -with-ldapsam ' ' /var/tmp/rpm-tmp.40956:line 69: - - with-acl-support : command not found error: Bad exit status from /var/tmp/rpm-tmp.40956 Can any one tell me where i am going wrong?? Thanks Regards Mandar Kulkarni -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [samba] 3.0.11 Ignoring unknown parameter privileges
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | Hi, | | i have just compliled 3.0.11 (configure --prefix=/usr/local/ | --with-ldapsm; make make install) | | i added to smb.conf | privileges = yes it's enable privileges = yes. See smb.conf(5). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB2zoIR7qMdg1EfYRAu7/AKClzZVAIg0K70oy7K4GuRIkSOGqswCff0vA vKW0Va53eBO0Rl6J3eotOXQ= =/+Hx -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [samba] 3.0.11 Ignoring unknown parameter privileges
oopss sorry i thought you had to enable privileges=yes not enable enable privileges=yes, miss read it, thanks for your help! BTW, We are just about ready to use samba to serve about 1,500-2,000 Staff and 10,000 - 15,000 students at our university. ;) is there anyway to use syslogd with samba? Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | Hi, | | i have just compliled 3.0.11 (configure --prefix=/usr/local/ | --with-ldapsm; make make install) | | i added to smb.conf | privileges = yes it's enable privileges = yes. See smb.conf(5). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB2zoIR7qMdg1EfYRAu7/AKClzZVAIg0K70oy7K4GuRIkSOGqswCff0vA vKW0Va53eBO0Rl6J3eotOXQ= =/+Hx -END PGP SIGNATURE- -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [samba] 3.0.11 Ignoring unknown parameter privileges
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | BTW, We are just about ready to use samba to | serve about 1,500-2,000 Staff and 10,000 - 15,000 | students at our university. ;) is there anyway to | use syslogd with samba? There is. It's a little rudimentary though. See - --with-syslog and the 'syslog' and 'syslog only' smb.conf options. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB3GHIR7qMdg1EfYRAr3uAKCk4SQFb6czXh/3LTAhE87925miSwCeOEOT DViOryv3rqMGdYZWl/Fjf/U= =3r3h -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RPM Build error for Samba-3.0.10-1.src.rpm
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mandar Kulkarni/PUN/IN/STTL wrote: | The exact line is similar to following | | --with-acl-support \ | You are probably missing the '\' line continuation character on the previous line. For RHAS, you might want to use the Fedora SRPM since it is more in line with RedHat's package layout. Eventually, i'll stop building in the single package format (once I stop building RH 9 packages. not date on this yet though). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB3KrIR7qMdg1EfYRArJ9AKDxH8WL0FyfbEwtIhSzILaRDNw+GACgo2Hm z0ZCZDc1X25vSzotvMP3HHk= =m2LJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike wrote: | So does this mean Samba can't be an AD domain member | on a BSD machine? No. It will work. You just have to get the compile right. Did you export the CPPFLAGS and LDFLAGS variables before running configure ? What does the failure look like in the config.log ? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB3QeIR7qMdg1EfYRAkKsAJ9xXzHfS/bfdFRakQQElhxuli8aMwCdFGaQ Tz8aodNaeiKqAVFwFMmmC6Y= =foBd -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap passwd sync not working
On Saturday 05 February 2005 02:17 pm, Alexander Zubkov wrote: In debug mode smbpasswd say this: samba 3.0.11 ... smbldap_check_root_dse: Expected one rootDSE, got 0 ldap_connect_system: succesful connection to the LDAP server ldap_connect_system: LDAP server does not support paged results smbldap_check_root_dse: Expected one rootDSE, got 0 ldap password change requested, but LDAP server does not support it -- ignoring ldapsam_update_sam_account: successfully modified uid = test in the LDAP database Why samba-3.0.6 can sync password and samba-3.0.11 say that may LDAP server does not support it? Any ideas? Alexander Zubkov I am guessing that Samba is using a different criteria/mechanism to change the passwords now. Perhaps it has to do with increasing support for non-openLDAP implementations. One thing I noticed is that your rootDSE is not readable. The rootDSE contains information about your LDAP server that some applications (such as addressbooks that need to automatically determine the baseDN) need. Info about the rootDSE can be found at http://www.techgalaxy.net/Docs/Dev/LDAPv3 RootDSE Overview.htm. For OpenLDAP you need an ACL like this: access to attrs=namingcontexts by anonymous read (or lock it down by IP range or some other way to make it more secure) Correcting your LDAP config to include the above may keep Samba from being confused -- just a thought. Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] FC3 trying to install it's own Samba
I instaled latest Samba from source: ./configure --enable-debug. FC3 doesn't believe me. That's your problem right there. RPM systems should have software installed by RPM only or you end up with situations like this. When you install from source the package manager doesn't have the proper entries placed in its databases. RPM doesn't search for the existance of a particular file, it searches for the existance of a particular package. rpm -q samba gives package not installed, As it should. How do I convince it? Go download a .src.rpm file for samba and install that, which will give you the setup for making a custom RPM file. Now edit the spec file for the changes you would like to make. Just to be safe you should probably also increment the build number, that way you'll be sure that you don't get overwritten by an older but higher-than-default revisioned build from the official yum/up2date archives Build the rpm and install that package. This should make sure that the entries are in the PM database. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] privileges in 3.11?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dmitry Melekhov wrote: | I found a reason. | Problem is that I created tdbsam from smbpasswd | using pdbedit. Now I tried to reproduce this and | here is pdbedit output: | | Processing account root | tdb_update_sam: Failing to store a SAM_ACCOUNT for [root] without a | primary group RID | pdb_getsampwent | | And then I can't modify or add root account with the same result: | | tdb_update_sam: Failing to store a SAM_ACCOUNT for [root] without a | primary group RID | | This problem appears only if groupmap to unixgroup exists: | | ./net groupmap list | | Domain Admins (S-1-5-21-2314933419-357499204-1604414191-512) - root The problem is actually that Windows does not allow a user and group to have the same name. You must assign a different display name to group map entry. This is strange though. I'll look into it some more. | Then if I add groupmapping all works: | | [EMAIL PROTECTED] bin]# ./net groupmap modify | sid=S-1-5-21-1953428550-3027608681-49554636-512 unixgroup=root | Updated mapping entry for Domain Admins | [EMAIL PROTECTED] bin]# ./net rpc rights grant 'TEST\dm' SePrintOperatorPrivilege | Password: | Successfully granted rights. Thanks for the feedback. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB3grIR7qMdg1EfYRAt1sAJ4i42y7L77l8lJsscUf/f8jF6zpoACg7Jkq alziuwles1xVL46cOdzCciA= =22Dj -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike wrote: | Gerald (Jerry) Carter wrote: | | Here's my build script. You can modify it for you needs. | | Hope this helps. | | Thanks. | | ## | ## required library paths | ## | DIRPATH= | for dir in $DIRPATH ; do | CPPFLAGS=$CPPFLAGS -I$dir/include | CFLAGS=$CFLAGS -Wl,-rpath,$dir/lib | LDFLAGS=$LDFLAGS -L$dir/lib | done | | Sorry, I'm not that good with scripting. What is the | purpose of DIRPATH for? I'm not sure what to set it to. DIRPATH=/opt/openldap and you'll need to update the CFLAGS and LDFLAGS to use 'libraries' instead of lib since you have a non-default install. | I noticed the autogen.sh line in that script and tried | to manually run it. I get this error: | | ./autogen.sh | ./autogen.sh[25]: [: ,: unexpected operator/operand | ./autogen.sh[39]: [: ,: unexpected operator/operand | ./autogen.sh: need autoconf 2.53 or later to build samba from SVN Looks like a bash'ism crept in. Try this patch. But truthfully, you don't need to run autogen unless you modify configure.in or are building from SVN (i know this was part of the original script I sent you). Sorry for the confusion. You can just comment it out. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB3mlIR7qMdg1EfYRAuKtAJ0Xz8bvwyXv7XLUYGwgyCx3tLd8bwCgvF36 YKMhVbf5nZmFCQ8FkS7UGlc= =IAC8 -END PGP SIGNATURE- Index: autogen.sh === --- autogen.sh (revision 5261) +++ autogen.sh (working copy) @@ -16,7 +16,7 @@ ## for i in $TESTAUTOHEADER; do if which $i /dev/null 21; then - if [ `$i --version | head -n 1 | cut -d. -f 2 | tr -d [:alpha:]` -ge 53 ]; then + if test `$i --version | head -n 1 | cut -d. -f 2 | tr -d [:alpha:]` -ge 53; then AUTOHEADER=$i AUTOHEADERFOUND=1 break @@ -30,7 +30,7 @@ for i in $TESTAUTOCONF; do if which $i /dev/null 21; then - if [ `$i --version | head -n 1 | cut -d. -f 2 | tr -d [:alpha:]` -ge 53 ]; then + if test `$i --version | head -n 1 | cut -d. -f 2 | tr -d [:alpha:]` -ge 53; then AUTOCONF=$i AUTOCONFFOUND=1 break @@ -42,7 +42,7 @@ ## ## do we have it? ## -if [ $AUTOCONFFOUND = 0 -o $AUTOHEADERFOUND = 0 ]; then +if test $AUTOCONFFOUND = 0 -o $AUTOHEADERFOUND = 0; then echo $0: need autoconf 2.53 or later to build samba from SVN 2 exit 1 fi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Limit user groups
Hello, I'm trying to add a user to big list of Samba groups, 74 groups to be precise. The problem is that when the user reaches around 65 to 70 groups, it starts giving errors in User Manager for Domains, and causes a panic in Samba. Is there a limit for how many groups a user may belong? I'm using Samba-3.0.10 with openldap. This is what I get in the logs. [2005/02/07 13:22:42, 0] lib/util.c:smb_panic2(1482) PANIC: internal error [2005/02/07 13:22:42, 0] lib/util.c:smb_panic2(1490) BACKTRACE: 28 stack frames: #0 smbd(smb_panic2+0x111) [0x81d8c01] #1 smbd(smb_panic+0x1a) [0x81d8aea] #2 smbd [0x81c6558] #3 /lib/tls/libc.so.6 [0x2aef48] #4 /lib/tls/libc.so.6(__libc_free+0x8b) [0x2ea72b] #5 /lib/tls/libc.so.6(initgroups+0x16f) [0x30bbdf] #6 smbd [0x8242cb4] #7 smbd(sys_getgrouplist+0x54) [0x8242e84] #8 smbd(getgroups_user+0x71) [0x8243001] #9 smbd(get_domain_user_groups+0x47) [0x8151967] #10 smbd(_samr_query_usergroups+0x18b) [0x814531b] #11 smbd [0x813d1f0] #12 smbd(api_rpcTNP+0x16c) [0x815611c] #13 smbd(api_pipe_request+0xba) [0x8155eca] #14 smbd [0x814f9d8] #15 smbd [0x814fd4f] #16 smbd [0x814ff44] #17 smbd [0x81501a3] #18 smbd(write_to_pipe+0xfb) [0x81500eb] #19 smbd [0x808c3ea] #20 smbd(reply_trans+0x54e) [0x808cdfe] #21 smbd [0x80d1ab6] #22 smbd [0x80d1d40] #23 smbd(process_smb+0x8c) [0x80d1f4c] #24 smbd(smbd_process+0x168) [0x80d2c88] #25 smbd(main+0x4ea) [0x824d08a] #26 /lib/tls/libc.so.6(__libc_start_main+0xe4) [0x29cad4] #27 smbd [0x8078961] Best regards, Bruno Guerreiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] syncing passwords
Craig White: does ldap passwd sync = yes work in both directions? i mean, if i change password on ldap is also changed the samba one? depends I guess on which client you use to do that with. ldapmodify ? No webmin ldap users and groups ? Yes LAM ? Yes And smbpasswd and pdbedit, of course. Hmmm ... it works with the NT user manager, too. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] syncing passwords
Tony Earnshaw wrote: Craig White: does ldap passwd sync = yes work in both directions? i mean, if i change password on ldap is also changed the samba one? depends I guess on which client you use to do that with. ldapmodify ? No webmin ldap users and groups ? Yes LAM ? Yes And smbpasswd and pdbedit, of course. Hmmm ... it works with the NT user manager, too. Here's the part I don't understand. How can this work with the NT user manager, if it doesn't transmit the clear text password to samba? How is the Unix password updated? My understanding is that you have to have the cleartext password to updat the Unix password. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] nbns broadcast problem *000000000000000000000000000000
I have a samba server that intermittently broadcasts netbios name queries for *00 for around 3 seconds, taking out virtually all other network communication. Here is one of the packets: No. TimeSourceDestination Protocol Info 2385639 1531.790940 192.168.5.200 192.168.5.255 NBNS Name query NB *00 Frame 2385639 (92 bytes on wire, 92 bytes captured) Ethernet II, Src: 00:c0:49:d8:da:3c, Dst: ff:ff:ff:ff:ff:ff Internet Protocol, Src Addr: 192.168.5.200 (192.168.5.200), Dst Addr: 192.168.5.255 (192.168.5.255) User Datagram Protocol, Src Port: 32944 (32944), Dst Port: netbios-ns (137) NetBIOS Name Service Any help would be much appreciated. Lee Baker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba linux printing problem
I have a Fedora 3 core system with cups and samba installed I have an HP deskjet 5740 on usb port 1 that prints just fine. the cups install and print test pages work and print. the installation of the printers on Windows XP goes just fine and I can print to the printer, however nothing ever prints on the printer here is the log from /var/log/samba/smbd.log [2005/02/07 10:27:15, 3] printing/printing.c:print_queue_update_internal(1023) 0 jobs in queue for dj5740 however /var/spool/cups simple seems to stack up jobs to print. I also have a user called guest with a password. Any ideas Below is my smb.conf [global] workgroup = home server string = Samba Server printcap name = /etc/printcap printing = cups guest account = guest log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 browse list = yes local master = yes dns proxy = no log level = 5 browseable = yes # Share Definitions == idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/false username map = /etc/samba/smbusers password server = None guest ok = yes # winbind use default domain = no [homes] comment = Home Directories browseable = yes writeable = yes # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba read only = yes printable = yes browseable = yes guest ok = yes use client driver = Yes public =yes # Set public = yes to allow user 'guest account' to print # This one is useful for people to share files [tmp] comment = Temporary file space path = /tmp writeable = yes browseable = yes browseable =yes guest ok = yes guest ok = yes - smb.conf starts up just fine -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.11 Fedora Core 2 RPM?
Looking ... can't find. Anyone? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Error message in smbd.log.
Hello, We use CIFS(2.2.12) on HPUX 11.00 and users are able to use the shared directories but we saw a lot of error message in log file like: [2005/02/07 11:26:50, 0] rpc_client/cli_netlogon.c:(246) cli_net_req_chal: Error NT_STATUS_INVALID_COMPUTER_NAME [2005/02/07 11:26:50, 0] rpc_client/cli_login.c:(47) cli_nt_setup_creds: request challenge failed [2005/02/07 11:26:50, 0] rpc_client/cli_trust.c:(141) modify_trust_password: unable to setup the PDC credentials to machine x.x.x.x. Error was : NT_STATUS_UNSUCCESSFUL. [2005/02/07 11:26:50, 0] rpc_client/cli_trust.c:(247) 2005/02/07 11:26:50 : change_trust_account_password: Failed to change password for domain COF. [2005/02/07 11:30:23, 0] rpc_client/cli_netlogon.c:(246) cli_net_req_chal: Error NT_STATUS_INVALID_COMPUTER_NAME [2005/02/07 11:30:23, 0] rpc_client/cli_login.c:(47) cli_nt_setup_creds: request challenge failed [2005/02/07 11:30:23, 0] rpc_client/cli_trust.c:(141) modify_trust_password: unable to setup the PDC credentials to machine x.x.x.x. Error was : NT_STATUS_UNSUCCESSFUL. [2005/02/07 11:30:23, 0] rpc_client/cli_trust.c:(247) 2005/02/07 11:30:23 : change_trust_account_password: Failed to change password for domain COF. The smb.conf is: [global] workgroup = COF netbios name = vobs1tst security = DOMAIN encrypt passwords = Yes password server = x.x.x.x username map = /etc/opt/samba/users.map wins server = x.x.x.x create mask = 0775 directory mask = 0775 oplocks = No kernel oplocks = No case sensitive = No preserve case = Yes local master = No [S1] comment = Storage Directory path = /S1 read only = No [$IPC] hosts deny = 0.0.0.0/0 Can anyone give me a clue why we saw those repeated messages? Thanks a lot, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Netbios name queries on ports 32944, 33169 and 33171
I've had to set up an iptables filter to drop packets originating from ports 32944, 33169 and 33171 on a samba 3 server as broadcast 'storms' lasting ~3seconds have intermittently been taking down all net communication. Can anyone shed any light on this? The packet capured in ethereal is below. Lee Baker Sorry for not trimming - not sure what's important: No. TimeSourceDestination Protocol Info 60621 2047.389515 192.168.5.200 192.168.5.255 NBNS Name query NB *00 Frame 60621 (92 bytes on wire, 92 bytes captured) Arrival Time: Feb 7, 2005 17:03:26.942953000 Time delta from previous packet: 0.07000 seconds Time since reference or first frame: 2047.389515000 seconds Frame Number: 60621 Packet Length: 92 bytes Capture Length: 92 bytes Ethernet II, Src: 00:c0:49:d8:db:36, Dst: ff:ff:ff:ff:ff:ff Destination: ff:ff:ff:ff:ff:ff (Broadcast) Source: 00:c0:49:d8:db:36 (192.168.45.200) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.5.200 (192.168.5.200), Dst Addr: 192.168.5.255 (192.168.5.255) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 78 Identification: 0x (0) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 61 Protocol: UDP (0x11) Header checksum: 0xb087 (correct) Source: 192.168.5.200 (192.168.5.200) Destination: 192.168.5.255 (192.168.5.255) User Datagram Protocol, Src Port: 33171 (33171), Dst Port: netbios-ns (137) Source port: 33171 (33171) Destination port: netbios-ns (137) Length: 58 Checksum: 0xaf64 (correct) NetBIOS Name Service Transaction ID: 0x0199 Flags: 0x0110 (Name query) 0... = Response: Message is a query .000 0... = Opcode: Name query (0) ..0. = Truncated: Message is not truncated ...1 = Recursion desired: Do query recursively ...1 = Broadcast: Broadcast packet Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries *00: type NB, class inet Name: *00 (Workstation/Redirector) Type: NB Class: inet ## This is the response from a workstation: No. TimeSourceDestination Protocol Info 60622 2047.389527 192.168.5.100 192.168.5.200 NBNS Name query response NB 192.168.5.100 Frame 60622 (104 bytes on wire, 104 bytes captured) Arrival Time: Feb 7, 2005 17:03:26.942965000 Time delta from previous packet: 0.12000 seconds Time since reference or first frame: 2047.389527000 seconds Frame Number: 60622 Packet Length: 104 bytes Capture Length: 104 bytes Ethernet II, Src: 00:07:e9:1a:80:74, Dst: 00:0b:db:90:9f:0b Destination: 00:0b:db:90:9f:0b (192.168.5.200) Source: 00:07:e9:1a:80:74 (192.168.5.100) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.5.100 (192.168.5.100), Dst Addr: 192.168.5.200 (192.168.5.200) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 90 Identification: 0x6c52 (27730) Flags: 0x00 0... = Reserved bit: Not set .0.. = Don't fragment: Not set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 128 Protocol: UDP (0x11) Header checksum: 0x41c4 (correct) Source: 192.168.5.100 (192.168.5.100) Destination: 192.168.5.200 (192.168.5.200) User Datagram Protocol, Src Port: netbios-ns (137), Dst Port: 33171 (33171) Source port: netbios-ns (137) Destination port: 33171 (33171) Length: 70 Checksum: 0xf1fe (correct) NetBIOS Name Service Transaction ID: 0x0199 Flags: 0x8500 (Name query response, No error) 1... = Response: Message is a response .000 0... = Opcode: Name query (0) .1.. = Authoritative: Server is an authority for domain ..0. = Truncated: Message is not truncated ...1 = Recursion desired: Do query recursively 0... = Recursion available: Server can't do recursive queries ...0 = Broadcast: Not a
[Samba] smbpasswd -w
Hi, I try to set up samba (latest) to use LDAP. I get # smbpasswd -w secret -w not available unless configured --with-ldapsam I xompiled with LDAP support. Any hints? -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printer queue problem
I noticed this too, on my test box. I will upgrade in production and see if it helps there... _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 7 Feb 2005, Samba List Unetix wrote: I upgraded this weekend one of my sambaservers to 3.0.11 and the printer queue problem seems to have gone. Great work samba team Thanx Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbpasswd -w
I xompiled with LDAP support. Any hints? Are you sure? The binaries very seldom lie. Check the output of smbd -b |grep LDAP You should see the following: (for example) [fgoserv:/]# /opt/samba/sbin/smbd -b |grep LDAP HAVE_LDAP_H HAVE_LDAP HAVE_LDAP_DOMAIN2HOSTLIST HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SET_REBIND_PROC HAVE_LIBLDAP LDAP_SET_REBIND_PROC_ARGS -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [samab] 3.0.11 privileges where do they live
Hi, which file do all the privileges live which have been created.i want to be able to copy it to my BDC so it can take over if the PDC crashed?? regards -- Daniel Wilson Systems Administrator IT Communications Service University of Sunderland Unit1 Technology Park Chester Road Sunderland SR2 7PT Tel: 0191 515 2695 This e-mail contains information which is confidential and may be privileged and is for the exclusive use of the recipient. It is the responsibility of the recipient to ensure that this message and its attachments are virus free. Any views or opinions presented are solely those of the author and do not necessarily represent those of the University, unless otherwise specifically stated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | Hi, | | which file do all the privileges live which have | been created.i want to be able to copy it to my BDC | so it can take over if the PDC crashed?? $(lockdir)/account_pol.tdb We're working on a means of replicating them between DC's (hopefully for 3.0.12). cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB6jzIR7qMdg1EfYRApn5AKDFg1DFdxLj2iym5cs1f2+mpHGZdwCfZfLx UAPhInf2Ss0Q3giqGB4wBco= =hfxF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 Fedora Core 2 RPM?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kel Way wrote: | Looking ... can't find. Anyone? I only build for FC3 on samba.org. You can however just rebuild the FC3 SRPMS. It was created on an FC1 box. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB6klIR7qMdg1EfYRAkKCAKCnFs+1NwFST1oazTR9k7jkypZmpQCgjIkz 3UkCF6et2VnhAE9uCvEMwl8= =SuZ2 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] deleting a file
Trying to post again... Eric Biggs -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Biggs, Eric J [ITS] Sent: Friday, February 04, 2005 4:18 PM To: samba@lists.samba.org Subject: [Samba] deleting a file Has anyone observed this behavior when deleting a file? I had a user map a Samba share to his WIN2K machine and use the Windows Explorer delete function to delete a rather large file (600M). Windows prompted him in the usual manner: 'Are you sure you want to delete this file?' (By the way it was the actual delete warning, not the recycle bin warning.) In the Explorer window, the file disappeared. When he refreshed the window, the file reappeared. It hadn't been deleted at all. I investigated from the Linux side and determined that his userid didn't have appropriate authority to delete the file. We changed the permissions accordingly, went back to Explorer, and successfully deleted the file. That explains why he couldn't delete it, but why didn't Samba prompt him with some sort of access violation, or some other message? Is this working as designed, or is there some parameter that I can turn on to fix this? We're using Red Hat AS 3.0, Samba Version: 3.0.4 (Red Hat RPM), Release: 6.3E. We're not part of any domain controller or active directory, just plain Linux authentication. Thanks, Eric Biggs -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] poor performances at the end of the day
hello list here is the setup: a domain controller with ldap backend. os is debian testing with custom 2.6.9 kernel samba version 3.0.10-1 openldap version 2.1.30-3 local profiles only clients are mainly nt4 sp6, some win xp pro approximately 30 win users + 1 or 2 diskless linux station for testing purpose (ltsp ). 16 directories shared by server, including homedirs, with acl support ( 20GO og data ) here is the setup: users experience network slowdown at the end of the work day ( slow transfer, slow win epxlorer operations ... ). cpu and net load on server side is insignifiant ( it is an oversized dual p4 w/ giga ethernet and 4 Gig of ram ). i dont even know if the problem is related to samba, i am just expecting some idea as to where/what to look at. relevant portion of smb.conf: netbios name = server server string = controleur du domaine workgroup = gr_travail domain logons = true domain master = true os level = 35 prefered master = yes encrypt passwords = true socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 127.0.0.1 192.168.1.2 passdb backend = ldapsam ldap ssl = No ldap admin dn = cn=admin,dc=gr_travail ldap suffix = dc=rgr_travail ldap machine suffix = ou=machines ldap user suffix = ou=utilisateurs ldap group suffix = ou=groupes log file = /var/log/samba/samba.log log level = 0 load printers = yes printing = cups printcap name = cups dos charset = cp850 unix charset = iso8859-1 relevant portions of slapd.conf: backendbdb database bdb checkpoint 1 5 cachesize 10 idletimeout 20 index objectClass,uid,uidNumber,gidNumber,memberUid eq index cn,mail,surname,givenname eq,subinitial thanks for your patience and your aswers -- Thomas Constans http://www.opendoor.fr 04 78 68 17 34 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] deleting a file
Which service pack? I think that this is a known Windows bug... Biggs, Eric J [ITS] [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 02/07/05 12:44 PM To: samba@lists.samba.org cc: Subject:RE: [Samba] deleting a file Trying to post again... Eric Biggs -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Biggs, Eric J [ITS] Sent: Friday, February 04, 2005 4:18 PM To: samba@lists.samba.org Subject: [Samba] deleting a file Has anyone observed this behavior when deleting a file? I had a user map a Samba share to his WIN2K machine and use the Windows Explorer delete function to delete a rather large file (600M). Windows prompted him in the usual manner: 'Are you sure you want to delete this file?' (By the way it was the actual delete warning, not the recycle bin warning.) In the Explorer window, the file disappeared. When he refreshed the window, the file reappeared. It hadn't been deleted at all. I investigated from the Linux side and determined that his userid didn't have appropriate authority to delete the file. We changed the permissions accordingly, went back to Explorer, and successfully deleted the file. That explains why he couldn't delete it, but why didn't Samba prompt him with some sort of access violation, or some other message? Is this working as designed, or is there some parameter that I can turn on to fix this? We're using Red Hat AS 3.0, Samba Version: 3.0.4 (Red Hat RPM), Release: 6.3E. We're not part of any domain controller or active directory, just plain Linux authentication. Thanks, Eric Biggs -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printer queue problem
Is there an rpm package someplace where I can 3.0.11 in rpm format for fecora core 3 or do I have to download the source? Chip Samba List Unetix wrote: I upgraded this weekend one of my sambaservers to 3.0.11 and the printer queue problem seems to have gone. Great work samba team Thanx Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
On Monday 07 February 2005 03:43, Tony Earnshaw wrote: John H Terpstra: [...] The Samba-HOWTO-Collection is literally intended to be correct and capable of being followed literally! Please document what sucks and help us to improve our documentation. I encourage you to file a bug report with details of what needs to be fixed. You can file a bug report on https://bugzilla.samba.org On the basis of what the Samba team has done over the years, its availability and quality, it would be my bounden duty to do so. However, this would mean a complete rewrite, producing a parallel doc that omitted all reference to Samba V2 (with which I'm not familiar) What in goodness name are you referring to? The current Samba-3 HOWTO Collection is NOT written around Samba-2. The Samba-3 by Example book (Samba-Guide on the Samba Web Site) is entirely based on Samba-3. I must be missing something very seriously and must be completely confused. Please help me to understand your point. If the documentation is as bad as you say it is we should withdraw it at once and not release it again until it is fixed. What are others opinions of this situation? Should we withdraw it at once? My basic point of criticism (I started with Samba 3.0.7, Openldap V2.2.20) after following the HOWTO, finding out that it crippled my system and If the documentation is causing people to suffer crippled systems please accept my fullest apologies. That is really bad. Is this a generic problem? Have others suffered the same crippling because of misleading and bad documentation? Wow! This blows my mind! asking myself how Samba/LDAP should be configured. For all of what follows I used GQ 1.0.b1 (jump from www.biot.com), since it gives a graphical representation of the DSA, drag'n drop is possible, making experimenting a breeze, shows *all* mandatory and optional attributes in different colors and gives sensible error reports when you do something wrong: OK. Please give me wording to add to the documentation - or to replace bad and misleading sections of the existing documentation. All contributions will be gladly received. 1: under ou=smb, *no* groups called (cn=)Domain Admins, Domain Guests or Domain Users should be set up. cns with spaces in are not liked by Openldap 2.2 and Samba makes a hash of them; furthermore Linux doesn't like them . Anyway, these groups are NT groups and not Posix groups and are defined in the *record* for the group, as defined in the displayName attribute. Instead, under ou=smb, define 3 Posix groups domadm, domguest and domuser. Give them regular, unique gidNumbers. For domadm, set attribute displayName to Domain Admins, for domguest set displayName to Domain Guests and domuser set displayName to Domain Users. Make each group an objectClass member of sambaGroupMapping. Get your local SID using 'net getlocalsid' Give each group its SID as defined in the regular Samba HOWTO. Is this really necessary? Why? How does this advice affect the greater picture? Have you discussed this advice with Idealx? I am sure they would love to hear from you. My intent so far as documentation goes is to document what works and how it works. I am not out to write a full LDAP management system. Idealx are working on that - as are others. Into domadm, put cn=Administrator and cn=root as described in the HOWTO. Do not use both Administrator and 'root' - The current advice is to use only 'root' or 'Administrator' as the Windows and UNIX local admin account. Having both will result in ambiguous names that will break the ability to administer Samba. i.e.: If both Administrator and root have UID=0 (so both are UNIX admins) then Samba will not be able to resolve who is the real UID=0 owner. objectClasses top, person, organizationalPerson, inetOrgPerson, posixAccount and sambaSamAccount, Administrator can have any uidNumber (I use a Red Hat system number, 16( and his gidNumber will be that of domadm. root has to have uidNumber=0 and domadm's gidNumber. Administrator's sambaSID is localsid+calculated RID as in the Samba HOWTO docs, sambaPrimaryGroupSID=localsid+512; root\s sambaSID=localsid+502, primary group SID=localsid+512. Whatever you call the Windows domain administrator account, it must have the correct RID=500. If it has anything else it will NOT be the domain administrator on the windows client. For the domain administrator on the Windows client to have UNIX admin rights the POSIX account must have UID=0. Translation from UID-SID, from SID-login_name, from login_name-UID, etc. must be unambiguous. New to Samba-3.0.11, it is now possible to assign some administrative rights to users who are not administrator on either platform - but that is not at issue here. When following the Navarra HOWTO, 'net groupmap list' didn't work at all, nor could I do a 'net rpc join'; that was what started me experimenting. now it works as it should and I can do a 'net rpc join'. The
Re: [Samba] Printing problems
Gerald (Jerry) Carter wrote: Another oddity: We'd been getting hundreds or thousands of these error messages each day, then our server crashed yesterday morning for as-yet-undetermined reasons. Since the reboot, I've been seeing neither the old print jobs aren't cleared bug nor the too many handles messages. hmm...bad tdb somewhere ? ANy error messages about that ? I'm seeing some tdb errors, although there doesn't appear to be much of a correlation between them and the too many handles errors: [2005/02/01 12:50:57, 0] smbd/connection.c:register_message_flags(220) register_message_flags: tdb_fetch failed (We're using per-host logging. I'm only checking for tdb errors in the logs of hosts that were having too many handles errors; if I should be checking somewhere else, please let me know.) We're happily running Samba 3.0.11 now, and I'm hoping that that will fix the too many handles errors. I'll post again if I continue to have problems. Thanks for your help. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Wilson wrote: | Hi, | | which file do all the privileges live which have | been created.i want to be able to copy it to my BDC | so it can take over if the PDC crashed?? $(lockdir)/account_pol.tdb We're working on a means of replicating them between DC's (hopefully for 3.0.12). to store them in the ldap server or in local files? -- Levente Si vis pacem para bellum! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] can delet NTFS files, but cant delet NTFS folders
I mounted in smb4k a machine that haves windowsXP. In konqueror i can delet files from the windows machine, but when deleting folders i get an error window message like this: Cannot change name of /home/mmodem/mnt/P3/R-Studio folder. Build 121029 Retail. Why cant i delet folders if i can delet files? greetz, Zé -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient recursive get skips files (rarely)
We seem to have stumbled onto an intermittant bug using smbclient to retrieve files from a W2000 server. Every so often it just ignores some files on a recursive mget. When it ignores files it always ignores the same files. The exact same command repeated again may (or may not) pick up that file. Running a DIR on the directory in question shows the same defect, sometimes the cursed file is listed, other times it isn't. This bug just appeared recently, nothing has changed on the Windows side. On the linux side it is running Mandrake 10.0 and one of the samba updates may have triggered this. Any suggestions? Details follow my signature. Thanks, David Mathog [EMAIL PROTECTED] % smbclient -V Version 3.0.6 (just updated to 3.0.10, and same problem is still present) The command is like this: % smbclient '\\3730workstation\E$' -U 'Administrator%thepassword' -D 'AppliedBiosystems\UDC\DataCollection\Data' -d 4 -c prompt ; recurse; mget WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891 ; exit /tmp/foo.txt 21 In this case the file: 02_04_05a_G07_zylka_7301_t3.ab1 may or may not transfer. Here are some parts of the -d 4 log in an instance where it did NOT transfer: Doing spnego session setup (blob length=16) server didn't supply a full spnego negprot Got challenge flags: Got NTLMSSP neg_flags=0x608a0215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH Domain=[3730WORKSTATION] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] session setup ok tconx ok dos_clean_name [\AppliedBiosystems\UDC\DataCollection\Data\] dos_clean_name [\AppliedBiosystems\UDC\DataCollection\Data\\] prompting is now off directory recursion is now on received 1 entries (eos=1) received 27 entries (eos=0) received 26 entries (eos=0) received 26 entries (eos=0) received 17 entries (eos=1) getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_A01_lo_1366_tents1.ab1 of size 316705 as 02_04_05a_A01_lo_1366_tents1.ab1 (3681.9 kb/s) (average 3681.9 kb/s) SNIP getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G05_lerchner_tf6_sp6.seq of size 2501 as 02_04_05a_G05_lerchner_tf6_sp6.seq (488.5 kb/s) (average 3575.1 kb/s) getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G07_zylka_7301_t3.seq of size 1381 as 02_04_05a_G07_zylka_7301_t3.seq (674.3 kb/s) (average 3573.5 kb/s) getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G09_ariele_v46r4_t7.ab1 of size 329012 as 02_04_05a_G09_ariele_v46r4_t7.ab1 (3610.1 kb/s) (average 3574.4 kb/s) getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G05_lerchner_tf6_sp6.seq of size 2501 as 02_04_05a_G05_lerchner_tf6_sp6.seq (488.5 kb/s) (average 3575.1 kb/s) getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G07_zylka_7301_t3.seq of size 1381 as 02_04_05a_G07_zylka_7301_t3.seq (674.3 kb/s) (average 3573.5 kb/s) SNIP getting file \AppliedBiosystems\UDC\DataCollection\Data\WEAPON_OF_MASS_DESTRUCTION_2005-02-04_0891\02_04_05a_G09_ariele_v46r4_t7.ab1 of size 329012 as 02_04_05a_G09_ariele_v46r4_t7.ab1 (3610.1 kb/s) (average 3574.4 kb/s) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Fedora SRPM and cups-devel
Why doesn't samba.org's source RPM for Fedora list cups-devel as a BuildRequires? Red Hat's/Fedora's version of the source RPM does require it. Not requiring it and leaving --enable-cups as auto means that the resulting RPM's features depend on which machine it's built on; that seems incorrect to me. I've noticed that some RPMs control which features are built into the RPM by putting defines and conditionals into the spec file; that seems to me like a cleaner way to support people who don't want to use CUPS. I upgraded our print server to Samba 3.0.11 this weekend to fix some of the print server bugs we've been seeing, but I accidentally built the RPM on a machine that didn't have cups-devel installed and broke printing completely. If cups-devel was listed as under BuildRequires, that would have caught my mistake and saved me some embarrassment. Thanks. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printer queue problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralph Blach wrote: | Is there an rpm package someplace where I can 3.0.11 | in rpm format for fecora core 3 or do I have to download | the source? http://download.samba.org/samba/ftp/Binary_Packages/ cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD4DBQFCB759IR7qMdg1EfYRAp5IAJjBpV0VhzWZEGqdqJsKyjCv8ZVkAJ0eP9VC ujwgTgFv3WT8PmmORFNztw== =7n0Q -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cant handle files correctly in linux like i do in windows
I mounted in smb4k a machine that haves windowsXP. In konqueror i can delet files from the windows machine, but when deleting folders i get an error window message like this: Cannot change name of /home/mmodem/mnt/P3/R-Studio folder. Build 121029 Retail. Why cant i delet folders if i can delet files? Other thing that doesnt let me work in linux is that when i copy/move files that have accents/chars in some words like ' ~ ^ ' ` , when arrives that file withthat chars it stops the current copy/move command. Any help? greetz, Zé -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Fedora SRPM and cups-devel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh Kelley wrote: | Why doesn't samba.org's source RPM for Fedora list | cups-devel as a BuildRequires? It was a bug. Fixed in svn now. Thanks. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB8QPIR7qMdg1EfYRAjYDAJ4udMWAGoqdvo7QIoyQlacAHfVTzACgmTd6 f/bJqWqbbGI1et4JnwNDHpk= =xBus -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba benchmark tool
Hello, I am trying to measure and comapre the samba performance between - PC/Window to PC/Window - PC/Window to Linux Are there any benchmark tool? I have been trying to use iometer but it has some bugs and could not get any reasonable results. Thanks in advance, Bo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How does the UNIX end work?
Andrew Edmondson [EMAIL PROTECTED] wrote:
Figured this out in the end - it was a combination of 2 things. One, I
had
the files on one server and [nfs] mounted to the box running samba which
then served the files out to the windows network. This introduced a
delay
of about 20 seconds so I had to move some data to the server running
samba.
I'd recommend against serving files taken from NFS anyway.
It's a semi-necessity at the moment (i.e. I'd have a lot of work to change
it) but I would very much like to understand why since I might decide the
work is justified.
The second thing was the 'change notify timeout' needed to be
changed from its default 60 seconds.
Interesting. To what value you changed it ?
Actually I found that this was a red-herring, sorry. I had changed it to 5.
Works great now, cheers for the input Michal.
That's great it's sorted out.
--
Michal Kurowski
perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m
m::#;
y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Farkas Levente wrote: | Gerald (Jerry) Carter wrote: | -BEGIN PGP SIGNED MESSAGE- | Hash: SHA1 | | Daniel Wilson wrote: | | Hi, | | | | which file do all the privileges live which have | | been created.i want to be able to copy it to my BDC | | so it can take over if the PDC crashed?? | | $(lockdir)/account_pol.tdb | | We're working on a means of replicating them between DC's | (hopefully for 3.0.12). | | to store them in the ldap server or in local files? IMO the privileges should be stored in local tdb files. I'm working on trying to get enough of the SAM replication protocol working to replicate the privilege assignments working. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB8cPIR7qMdg1EfYRArzYAJ0fBUHw5deukNmYxpdI5tvFzlxS3wCguS64 KyfEFmpwyTGoEfrCZTUEo6g= =3xlS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
Gerald (Jerry) Carter wrote:
Did you export the CPPFLAGS and LDFLAGS variables before
running configure ?
Yes I did but it still fails though in a different way. I broke your
compile script down to a simple form and this is what I found to be the
cause. If I set export CPPFLAGS, configure will fail with this:
# CPPFLAGS=/usr/src/openldap-2.2.23/include
# export CPPFLAGS
# ./configure
SAMBA VERSION: 3.0.11
checking for gcc... gcc
checking for C compiler default output file name... configure: error: C
compiler cannot create executables
See `config.log' for more details.
What does the failure look like in the config.log ?
Here is a relevant snippit:
configure: failed program was:
| /* confdefs.h. */
|
| #define PACKAGE_NAME
| #define PACKAGE_TARNAME
| #define PACKAGE_VERSION
| #define PACKAGE_STRING
| #define PACKAGE_BUGREPORT
| /* end confdefs.h. */
|
| int
| main ()
| {
|
| ;
| return 0;
| }
configure:2118: error: C compiler cannot create executables
Do you need to see the whole thing?
--
Regards,
Mike
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike wrote: | Gerald (Jerry) Carter wrote: | | Did you export the CPPFLAGS and LDFLAGS variables before | running configure ? | | Yes I did but it still fails though in a different way. I broke your | compile script down to a simple form and this is what I found to be the | cause. If I set export CPPFLAGS, configure will fail with this: | | # CPPFLAGS=/usr/src/openldap-2.2.23/include should be CPPFLAGS=-I/usr/src/openldap-2.2.23/include cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB8vFIR7qMdg1EfYRAsaWAKDNIidkcLKcXowNYKVFlPWx+vr4WwCfS6U6 7XJMwpC/3++WCehRYYzDcjk= =Vtz+ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
On Mon, 7 Feb 2005, Gerald (Jerry) Carter wrote: IMO the privileges should be stored in local tdb files. I'm working on trying to get enough of the SAM replication protocol working to replicate the privilege assignments working. Out of curiosity, is there a reason why they shouldn't be stored in the LDAP directory when using ldapsam? -- Michael D. Jurney [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba-3.0.10 bug
Installing and probing samba-3.0.10 stable like fileserver (and 3.0.11stable too), we´ve registered impossibility to login us into a PDC samba using the [EMAIL PROTECTED] format. The validation was successfully using user_domain format. The PDC samba (version 2.2.12) is running over a Freebsd 4.10-RELEASE-p5 Have anyone some news related? Greetings. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: How does the UNIX end work?
remote [EMAIL PROTECTED] wrote:
Why would you recommend against combining NFS and Samba ?
Just out of curiosity...
No.
I'm just saying that serving files from a NFS *client* is a bad
idea - specially when the ethernet latency / (sun) rpc / disks
performance might not be brilliant.
--
Michal Kurowski
perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#;
y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | On Mon, 7 Feb 2005, Gerald (Jerry) Carter wrote: | |IMO the privileges should be stored in local tdb files. I'm working on |trying to get enough of the SAM replication protocol working to |replicate the privilege assignments working. | | Out of curiosity, is there a reason why they shouldn't | be stored in the LDAP directory when using ldapsam? IMO there is no advantage. The privileges would be separate entries that would be stored as a bitmask or an octet-string. Nothing that you would be editing via LDAP tools. The main advantage of LDAP is to consolidate information that is shared by 2 or more applications. Storing users makes sense. Storing privileges is just using LDAP like a database. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9CZIR7qMdg1EfYRArhhAJ9dNFa2ADjfAXpfrvKYM76yb7tzoQCg4ToI TUo/qs2IlcuSBm4R/XcqZ0U= =TrUd -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike wrote: | Gerald (Jerry) Carter wrote: | | Did you export the CPPFLAGS and LDFLAGS variables before | running configure ? | | Yes I did but it still fails though in a different way. I broke your | compile script down to a simple form and this is what I found to be the | cause. If I set export CPPFLAGS, configure will fail with this: | | # CPPFLAGS=/usr/src/openldap-2.2.23/include should be CPPFLAGS=-I/usr/src/openldap-2.2.23/include Bah, I missed that. Ok, that is corrected, but now it is back to the original problem of 'configure' not being able to see the ldap.h file. Here is the entire script: #!/bin/sh ## ## compiler and flags ## CC=gcc CFLAGS= CPPFLAGS=-I/usr/src/openldap-2.2.23/ LDFLAGS=-L/usr/src/openldap-2.2.23/libraries ## ## required library paths ## DIRPATH=/usr/local/openldap for dir in $DIRPATH ; do CPPFLAGS=$CPPFLAGS -I$dir/include CFLAGS=$CFLAGS -Wl,-rpath,$dir/libraries LDFLAGS=$LDFLAGS -L$dir/libraries done export CPPFLAGS CFLAGS LDFLAGS CC echo CPPFLAGS=$CPPFLAGS echo CFLAGS=$CFLAGS echo LDFLAGS=$LDFLAGS echo CC=$CC ## configure build ## ./autogen.sh ./configure --with-ldap \ --with-ads \ --with-krb5=/etc/kerberosV if [ $? -ne 0 ]; then echo configure failed. Exiting exit 1 fi make showlayout make everything Thank you for the time you're spending on this. -- Regards, Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | Installing and probing samba-3.0.10 stable like fileserver | (and 3.0.11stable too), we´ve registered impossibility | to login us into a PDC samba using the [EMAIL PROTECTED] | format. The validation was successfully using | user_domain format. The PDC samba (version 2.2.12) | is running over a Freebsd 4.10-RELEASE-p5 | Have anyone some news related? | Greetings. Samba acts as an NT4 DC , not an AD DC. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9DUIR7qMdg1EfYRAk1lAJ0WludOkx5nuyHXOMJviL/eM14RNwCcCTjn ZwoWETsacCr3p+dx0EfudAk= =Dtd6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [samab] 3.0.11 privileges where do they live
On Mon, 7 Feb 2005, Gerald (Jerry) Carter wrote: IMO there is no advantage. The privileges would be separate entries that would be stored as a bitmask or an octet-string. Nothing that you would be editing via LDAP tools. The main advantage of LDAP is to consolidate information that is shared by 2 or more applications. Storing users makes sense. Storing privileges is just using LDAP like a database. You would be able to easily guarantee that privs are identical across all controllers in a domain. -- Michael D. Jurney [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba for solaris
Hi: I need install in one solaris9-sparc Samba, but in the http://us4samba.org/ftp/Binary_Packages/solaris/ http://us4samba.org/ftp/Binary_Packages/solaris/ I dont see the binaries. Somebody could please help me to find samba for solaris sparc. Thanks a lot E. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
Nevertheless with a file server samba-3.0.7, drawback is not present. Greetings, Daniel. Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | Installing and probing samba-3.0.10 stable like fileserver | (and 3.0.11stable too), we´ve registered impossibility | to login us into a PDC samba using the [EMAIL PROTECTED] | format. The validation was successfully using | user_domain format. The PDC samba (version 2.2.12) | is running over a Freebsd 4.10-RELEASE-p5 | Have anyone some news related? | Greetings. Samba acts as an NT4 DC , not an AD DC. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9DUIR7qMdg1EfYRAk1lAJ0WludOkx5nuyHXOMJviL/eM14RNwCcCTjn ZwoWETsacCr3p+dx0EfudAk= =Dtd6 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | Nevertheless with a file server samba-3.0.7, drawback | is not present. Greetings, Daniel. File Server vs. PDC are different things. You cannot logon to a Samba Domain using [EMAIL PROTECTED] syntax from a Windows client. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9fOIR7qMdg1EfYRAo2kAKDHvSZoF9s3uv4oG3r9U5T5LiKV+ACg8zUX vSDy60kRKJfjpBfkCvIRDNY= =dpq7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mike wrote:
| should be
|
| CPPFLAGS=-I/usr/src/openldap-2.2.23/include
|
| Bah, I missed that. Ok, that is corrected, but now it
| is back to the original problem of 'configure' not
| being able to see the ldap.h file. Here is the entire script:
|
| #!/bin/sh
|
| ##
| ## compiler and flags
| ##
| CC=gcc
| CFLAGS=
| CPPFLAGS=-I/usr/src/openldap-2.2.23/
| LDFLAGS=-L/usr/src/openldap-2.2.23/libraries
|
| ##
| ## required library paths
| ##
| DIRPATH=/usr/local/openldap
| for dir in $DIRPATH ; do
| CPPFLAGS=$CPPFLAGS -I$dir/include
| CFLAGS=$CFLAGS -Wl,-rpath,$dir/libraries
| LDFLAGS=$LDFLAGS -L$dir/libraries
| done
Mike. Did you actually run make install in the
openldap/ directory?
Look at your script:
CPPFLAGS=-I/usr/src/openldap-2.2.23/
why would *.h files be there ?
And then you tell the build script to look in
/usr/local/openldap/.
I'm confused at your setup here.
Make sure you run make install in the openldap source tree. That will
install the headers and libs in /usr/local/{include,lib}
Your compiler will normally pick that up by default but if
not then set DIRPATH=/usr/local in the script I sent you.
cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCB9mgIR7qMdg1EfYRAuEHAJ0bbfzTCK3u9h8us8cBj+fr4/o1+QCg1cfP
L35CigxakjfdVyvGr/NPUzI=
=Ob3q
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Printing problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh Kelley wrote: | I'm seeing some tdb errors, although there doesn't appear | to be much of a correlation between them and the | too many handles errors: | | [2005/02/01 12:50:57, 0] smbd/connection.c:register_message_flags(220) | register_message_flags: tdb_fetch failed That should have been fixed in 3.0.11. | (We're using per-host logging. I'm only checking for | tdb errors in the logs of hosts that were having | too many handles errors; if I should be | checking somewhere else, please let me know.) | | We're happily running Samba 3.0.11 now, and I'm | hoping that that will fix the too many handles | errors. I'll post again if I continue to have problems. | Thanks for your help. Thanks. let me know if you find any bugs. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9pxIR7qMdg1EfYRArskAKCkmuAn8kAVx0ChZ1Jqyn5Nl7GwCgCg5HcC Nlu6qq3S8McbRXZBeH7KYis= =pCOC -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
We did it and we do it translating @ to _ in /usr/local/samba/private/username.map (user_domain = [EMAIL PROTECTED]) in the PDCserver (Linux and BSD) and Fileservers (microsoft and unix´s family), but the question is other: Until samba-3.0.7 it´s possible. Anything have changed. Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | Nevertheless with a file server samba-3.0.7, drawback | is not present. Greetings, Daniel. File Server vs. PDC are different things. You cannot logon to a Samba Domain using [EMAIL PROTECTED] syntax from a Windows client. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB9fOIR7qMdg1EfYRAo2kAKDHvSZoF9s3uv4oG3r9U5T5LiKV+ACg8zUX vSDy60kRKJfjpBfkCvIRDNY= =dpq7 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 privileges where do they live
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | You would be able to easily guarantee that privs are | identical across all controllers in a domain. The main problem I have with it is that it really is the lazy man's way of handling replication. There's no real advantage to storing the assigned rights in the directory. The searches are better, the data is not shared nor used with other applications. IMO this is the reason why we did not implement SAM replication in Samba3. There was no need because we could just shove it off to LDAP. And believe me, I've spent my time with directories. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB98TIR7qMdg1EfYRAukiAJ93KHRfCTvNgosYk1NOm2XU6+udmwCfd3XS 72mlYKaTOOt4NhymwySn8PM= =xHit -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] is security = share maintained in 3.0.x?
Hi, I've been having a problem in Samba version 3, using security = share. When you have a share that you want to be read-only to one group, and read-write to another. It ends up being read-write for both groups. This behavior seems inconsistent with Samba 2.2.x behavior. Have the configuration options changed, or is this a bug? This issue is listed on Samba's bugzilla site: https://bugzilla.samba.org/show_bug.cgi?id=1844 and so far, the only reaction I've seen by talking to Samba people about it, is that security = share is major pain, and nobody wants to deal with it's problems. Is share level security being phased out of Samba, or am I just missing the right configuration options? Thanks! Carlos PS: here's my config file. --smb.conf-- [global] read raw = yes guest account = nobody socket options = TCP_NODELAY SO_SNDBUF=16384 null passwords = yes map to guest = bad user encrypt passwords = yes level2 oplocks = yes lock directory = /var/lock/subsys netbios name = fsix-Server write cache size = 16384 server string = fsix Server default = user min passwd length = 0 unix password sync = yes workgroup = fsix os level = 20 comment = FSIX Server security = share getwd cache = yes dont descend = /proc,/dev,/etc,/usr max log size = 2000 log level = 2 [share] writeable = yes read list = user user = user,cknowlton write list = cknowlton path = /home/users/share -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | We did it and we do it translating @ to _ in | /usr/local/samba/private/username.map | (user_domain = [EMAIL PROTECTED]) in the PDCserver (Linux | and BSD) and Fileservers (microsoft and unix´s family), Ahh... I see. I had not considered that. In fact it does work. :-) | but the question is other: Until samba-3.0.7 it´s possible. | Anything have changed. I don't understand this statement. Do you mean that the changes to the username map semantics in Samba 3.0.8 broke your servers ? I added a line 'jerry = [EMAIL PROTECTED]' and the logon worked fine. That's a little misleading thought. But it does work. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB+E0IR7qMdg1EfYRAmjjAJ9QhY+DqKGMrzuZuGvLr7uyMrSR1wCeKcV0 jELRNvXcK7/08Ok6iSnN30Q= =bOTr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.10 bug
I don't understand this statement. Do you mean that the changes to the username map semantics in Samba 3.0.8 broke your servers ? I simply say that its not functionally after 3.0.7 (only work with the user_domain format, in all clients), I added a line 'jerry = [EMAIL PROTECTED]' and the logon worked fine. That's a little misleading thought. But it does work. Moreover, you must be touching the windows`s registry in specific place, in case the Microsoft products. Daniel. Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Daniel Romeo wrote: | We did it and we do it translating @ to _ in | /usr/local/samba/private/username.map | (user_domain = [EMAIL PROTECTED]) in the PDCserver (Linux | and BSD) and Fileservers (microsoft and unix´s family), Ahh... I see. I had not considered that. In fact it does work. :-) | but the question is other: Until samba-3.0.7 it´s possible. | Anything have changed. I don't understand this statement. Do you mean that the changes to the username map semantics in Samba 3.0.8 broke your servers ? I added a line 'jerry = [EMAIL PROTECTED]' and the logon worked fine. That's a little misleading thought. But it does work. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB+E0IR7qMdg1EfYRAmjjAJ9QhY+DqKGMrzuZuGvLr7uyMrSR1wCeKcV0 jELRNvXcK7/08Ok6iSnN30Q= =bOTr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] root user in smbldap...how to change home
Hi, I finally have my profiles problem squared away I've done away with the Administrator user in smbldap-tools by running smbldap-populate -a root instead of just plain smbldap-populate Thus root is now the samba admin. BUTwhen I run getent passwd my system shows the home directory as /home/root instead of /roothow can I change this...or better yet how can I have my cake and eat it too in the sense that when I set up my Samba/LDAP server that the root user has the /root directory as home by default? David N. Trask Technology Teacher/Coordinator Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
On Monday 07 February 2005 15:20, David Trask wrote: Hi, I finally have my profiles problem squared away I've done away with the Administrator user in smbldap-tools by running smbldap-populate -a root instead of just plain smbldap-populate Thus root is now the samba admin. BUTwhen I run getent passwd my system shows the home directory as /home/root instead of /roothow can I change this...or better yet how can I have my cake and eat it too in the sense that when I set up my Samba/LDAP server that the root user has the /root directory as home by default? The way I have resolved this is by way of a symbolic link from /home/root - /root The other way you can solve this is my changing the actual home directory for root using the smbldap-usermod tool. - John T. David N. Trask Technology Teacher/Coordinator Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
On Mon, 2005-02-07 at 17:20 -0500, David Trask wrote: Hi, I finally have my profiles problem squared away I've done away with the Administrator user in smbldap-tools by running smbldap-populate -a root instead of just plain smbldap-populate Thus root is now the samba admin. BUTwhen I run getent passwd my system shows the home directory as /home/root instead of /roothow can I change this...or better yet how can I have my cake and eat it too in the sense that when I set up my Samba/LDAP server that the root user has the /root directory as home by default? you're the one in control and can write whatever value you want to LDAP. probably best to do it outside of your mass populate script Personally, I find it easier for my state of being NOT to have root in LDAP but have Administrator with uid=0 Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
On Monday 07 February 2005 15:42, Craig White wrote: On Mon, 2005-02-07 at 17:20 -0500, David Trask wrote: Hi, I finally have my profiles problem squared away I've done away with the Administrator user in smbldap-tools by running smbldap-populate -a root instead of just plain smbldap-populate Thus root is now the samba admin. BUTwhen I run getent passwd my system shows the home directory as /home/root instead of /roothow can I change this...or better yet how can I have my cake and eat it too in the sense that when I set up my Samba/LDAP server that the root user has the /root directory as home by default? you're the one in control and can write whatever value you want to LDAP. probably best to do it outside of your mass populate script Personally, I find it easier for my state of being NOT to have root in LDAP but have Administrator with uid=0 Craig, Please note that a side effect of Administrator with UID=0 as well as root with UID=0 is that login name to UID and login name to SID resolution is no longer unambiguous. This will break winbindd big time in critical situations. The best advice is to have just 'root' with UID=0 and use 'root' as the domain administrator account. The new privileges capability can be used to delegate some administrative functions, such as adding machines to the domain, to accounts other than 'root'. Please do not recommend what you are doing personally as it will break Samba for some users. I too am guilty of this advice and am struggling to update the documentation to remove this advice and to clarify the importance of unambiguous user name|UID|SIG resolution. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
Adam Tauno Williams: [...] Oh yes - regular (existing or new) Posix group users can be anywhere in your DSA, I think you mean anywhere in your Dit; anywhere in your DSA doesn't make much sense, Yep. in any group (though it makes sense to put computer trusts under ou=smb). I think you mean in any container. Nope, Posix group - though it can also be a container, I guess. However, leaves in that container may have other primary groups than that of the container itself - in which Openldap is more flexible than, f.ex. Novell's eDirectory. And you're wrong, they need to be below the search base used by NSS for the appropriate object type - groups, person, etc... You can only put them anywhere if you are using the root of the Dit as your search base which is generally inadvisable for a number of reasons. I can only tell you what works for me (remember I write that I hate the word HOWTO and all it implies). What I meant was, that users don't have to be in the smb tree/hierarchy - they may be in any hierarchy in the DIT. Simply run smbpasswd or pdbedit (can be done from a script) on each one to add them to the domain. Personally I don't use the IDEALX scripts, I write my own awk and shell scripts. Same, we've written .NET (Mono) 'scripts' for doing this. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
On Mon, 2005-02-07 at 15:53 -0700, John H Terpstra wrote: On Monday 07 February 2005 15:42, Craig White wrote: On Mon, 2005-02-07 at 17:20 -0500, David Trask wrote: Hi, I finally have my profiles problem squared away I've done away with the Administrator user in smbldap-tools by running smbldap-populate -a root instead of just plain smbldap-populate Thus root is now the samba admin. BUTwhen I run getent passwd my system shows the home directory as /home/root instead of /roothow can I change this...or better yet how can I have my cake and eat it too in the sense that when I set up my Samba/LDAP server that the root user has the /root directory as home by default? you're the one in control and can write whatever value you want to LDAP. probably best to do it outside of your mass populate script Personally, I find it easier for my state of being NOT to have root in LDAP but have Administrator with uid=0 Craig, Please note that a side effect of Administrator with UID=0 as well as root with UID=0 is that login name to UID and login name to SID resolution is no longer unambiguous. This will break winbindd big time in critical situations. The best advice is to have just 'root' with UID=0 and use 'root' as the domain administrator account. The new privileges capability can be used to delegate some administrative functions, such as adding machines to the domain, to accounts other than 'root'. Please do not recommend what you are doing personally as it will break Samba for some users. I too am guilty of this advice and am struggling to update the documentation to remove this advice and to clarify the importance of unambiguous user name|UID|SIG resolution. 1 - if you have root user in both /etc/passwd and DSA, you get errors in ldap logs. You seem to have seized upon a configuration that is knowingly imperfect but expedient for samba use. What happens if you change root's password? which gets changed? who knows...probably depends upon what client package is used to make the change. I only see confusion here. 2 - if I don't recommend what I am doing personally, then I would be of no help to anyone anywhere so I guess I don't understand the admonition. if the admonition is the advice I am giving goes against the current state of the How-to 'then' yes, I may be guilty as I am not always aware of the current state of the How-to and occasionally reference my v2 of the bound version that I bought at the store if the admonition is that I am not looking at setup with only the tunnel vision of making samba happy, yes, I am guilty. if the admonition is that I don't consider winbindd, yes, I am guilty because I don't use winbindd anywhere, never have so I am never cognizant of the implications when using winbindd Why is everyone so touchy today? Super Bowl hangover? ;-) Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
Craig White [EMAIL PROTECTED] on Monday, February 7, 2005 at 5:42 PM + wrote: you're the one in control and can write whatever value you want to LDAP. good pointjust after I posted my request I figured it out :-) probably best to do it outside of your mass populate script Amen Personally, I find it easier for my state of being NOT to have root in LDAP but have Administrator with uid=0 Actually that was causing problems for meso I changed from smbldap-populate to using smbldap-populate -a root and that made a world of difference. Essentially it's going back to the old days of smbldap-tools when you had to make a fake user root. David N. Trask Technology Teacher/Coordinator Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
[EMAIL PROTECTED] on Monday, February 7, 2005 at 5:53 PM + wrote: smbldap-populate -a root instead of just plain smbldap-populate John, Actually it was your advice from a much earlier post that I was usingthanks! :-) (It cleared up a lot of little quirky behaviors) David N. Trask Technology Teacher/Coordinator Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Craig White wrote: | 1 - if you have root user in both /etc/passwd and DSA, | you get errors in ldap logs. You seem to have seized upon | a configuration that is knowingly imperfect but expedient | for samba use. What happens if you change root's password? | which gets changed? who knows...probably depends | upon what client package is used to make the change. | I only see confusion here. I'll just point out that you don't need root anymore :-) Maybe we should be axe that section anyways. I'll have to agree with craig, system accounts should never go into the directory IMO. But this was the beauty of the separation between NSS and the passdb backend. root can stay in /etc/passwd and the samba attributes go to LDAP. But not I'm just digressing Seriously though, we need to move people away from using root to join domains admins. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCB/sZIR7qMdg1EfYRAsNHAJ92JJmt7iVWCAMdPFecypr038AudwCggC6B e/I/RVYM4T54v2OauoaFqSU= =iJ7S -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
Gerald (Jerry) Carter wrote:
Mike. Did you actually run make install in the
openldap/ directory?
Look at your script:
CPPFLAGS=-I/usr/src/openldap-2.2.23/
why would *.h files be there ?
And then you tell the build script to look in
/usr/local/openldap/.
I'm confused at your setup here.
Make sure you run make install in the openldap source tree. That will
install the headers and libs in /usr/local/{include,lib}
Your compiler will normally pick that up by default but if
not then set DIRPATH=/usr/local in the script I sent you.
I'm sorry. I'm making mistakes because I don't understand the build
process that well or the overall picture with Samba3 and Win2K3 AD. I
did all this easily with Samba2 in an NT4 environment. It's been
frustrating to me how much more it seems has to be done to do the same
thing as smb2/nt4. Reading the Samba docs is like picking bits of
information off several pages to put the pieces together. While I know
what I want to do, the doc's speak too generally for me.
I didn't know OpenLDAP had to be built and installed. I thought Samba
only needed to support it and thus needed a few files from it. And I'm
sure admitting that will make me look wonderful. I just want a Samba
client to a Win2K3 domain that auth's users from accounts on the Win2K3
server. And for the life of me I can't find a tut anywhere to help
guide me. It seems like a popular config.
As my luck would have it, OpenLDAP won't configure now.
configure: error: BDB/HDB: BerkeleyDB version incompatible
I will just keep going through the docs I guess and try to get a better
handle on what I need. I appreciated the time you've spent trying to
help me.
--
Regards,
Mike
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
Craig White [EMAIL PROTECTED] on Monday, February 7, 2005 at 6:27 PM + wrote: 1 - if you have root user in both /etc/passwd and DSA, you get errors in ldap logs. You seem to have seized upon a configuration that is knowingly imperfect but expedient for samba use. What happens if you change root's password? which gets changed? who knows...probably depends upon what client package is used to make the change. I only see confusion here. 2 - if I don't recommend what I am doing personally, then I would be of no help to anyone anywhere so I guess I don't understand the admonition. if the admonition is the advice I am giving goes against the current state of the How-to 'then' yes, I may be guilty as I am not always aware of the current state of the How-to and occasionally reference my v2 of the bound version that I bought at the store In all fairness to you, Craig, (and me) the guys at IDEALX who are putting together smbldap-tools actually wrote the Administrator user right into the default ldif that is populated when you run smbldap-populate. It actually creates the Administrator user. Running it with -a root changes that user to rootwhich is proving to be a good thing. So although it may be naughty a LOT of folks are handing out that advice and even building it into scripts. I wanted to NOT have that be the thing that was causing problems in the smbldap-installer script we wrote. Latest version (corrected the bugs) is located here (still gamma as it needs updated docs) http://majen.net/smbldap-installer-1.2-gamma.tgz(FC3 or K12LTSP 4.2 only at this point) if the admonition is that I am not looking at setup with only the tunnel vision of making samba happy, yes, I am guilty. if the admonition is that I don't consider winbindd, yes, I am guilty because I don't use winbindd anywhere, never have so I am never cognizant of the implications when using winbindd me neither! :-) Why is everyone so touchy today? Super Bowl hangover? hangover? The Patriots WON! (that's a good thing...I'm here in Maine...however, CraigI did used to live in Tempe, AZ!) Red Sox and Pats...and now Linux World is coming next week to Bostonall is right with the world :-) David N. Trask Technology Teacher/Coordinator Vassalboro Community School [EMAIL PROTECTED] (207)923-3100 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] rpcclient error / printer driver issue
SUSE 9.1 samba-3.0.9-2.6 samba-client-3.0.9-2.6 I am getting some errors that I can't seem to track down in any of the archives. I came across this problem when trying to delete a driver none of the printers are listed in the smb.conf - it is all being generated from the cups and the printcap that cups makes on load First enumprinters works: rpcclient $ enumprinters flags:[0x80] name:[\\prupref-print\ccc-tosh35] description:[\\prupref-print\ccc-tosh35,TOSHIBA e-STUDIO28-45 GL-PSL3,Call Center Toshiba 35] comment:[Call Center Toshiba 35] flags:[0x80] name:[\\prupref-print\hin-magi2300] description:[\\prupref-print\hin-magi2300,magicolor 2300 DL,Hinsdale Magicolor 2300] comment:[Hinsdale Magicolor 2300] any combination of the getdriver returns: rpcclient $ getdriver ccc-tosh35 Error opening printer handle for \\.\ccc-tosh35! result was WERR_INVALID_PRINTER_NAME rpcclient $ getdriver \\prupref-print\ccc-tosh35 Error opening printer handle for \\.\\\prupref-print\ccc-tosh35! result was WERR_INVALID_PRINTER_NAME also enumdrivers: rpcclient $ enumdrivers result was WERR_UNKNOWN_PRINTER_DRIVER -- finally - if I were to even get the getdriver to work, how would I disassociate the driver with the printer so: rpcclient $ deldriver magicolor 2300 DL Failed to remove driver magicolor 2300 DL for arch [Windows NT x86] - error 0xbb9! Failed to remove driver magicolor 2300 DL for arch [Windows NT x86] - error 0xbb9! result was WERR_UNKNOWN_PRINTER_DRIVER -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] root user in smbldap...how to change home
On Mon, 2005-02-07 at 18:43 -0500, David Trask wrote: Craig White [EMAIL PROTECTED] on Monday, February 7, 2005 at 6:27 PM + wrote: 1 - if you have root user in both /etc/passwd and DSA, you get errors in ldap logs. You seem to have seized upon a configuration that is knowingly imperfect but expedient for samba use. What happens if you change root's password? which gets changed? who knows...probably depends upon what client package is used to make the change. I only see confusion here. In all fairness to you, Craig, (and me) the guys at IDEALX who are putting together smbldap-tools actually wrote the Administrator user right into the default ldif that is populated when you run smbldap-populate. It actually creates the Administrator user. Running it with -a root changes that user to rootwhich is proving to be a good thing. again though...a choice of expediency when considering ldap in a context for primarily for use with samba and not a choice that facilitates a good design for using ldap So although it may be naughty a LOT of folks are handing out that advice and even building it into scripts. people sell guns but they don't intend for people to shoot themselves. I wanted to NOT have that be the thing that was causing problems in the smbldap-installer script we wrote. Latest version (corrected the bugs) is located here (still gamma as it needs updated docs) http://majen.net/smbldap-installer-1.2-gamma.tgz(FC3 or K12LTSP 4.2 only at this point) Every time I don't do something the right way, it invariably ends up biting me later on. If JHT recalls, shortly after samba 3.0.0 and RHEL 3.0 were released, I endeavored to 'vampire' an NT4 server and take control over the existing domain and asked tons of questions - most of them really dumb. JHT was invaluable with his support. I ended up creating a methodology to dump the ldap data after each vampire attempt, adjusting the IDEALX scripts and running again. It probably took 25 or 30 takes on it until I got it right. Adjusting the items after the fact is really dicey. To me, it is far more important to have a properly designed ldap setup with effective acl's, the right settings for users, the right settings for groups, that extends to other services such as mail, mod_authz_ldap, etc. than it is to set the root user up in ldap with Administrator SID because you haven't figured out how to make the permissions work for joining systems to the domain or setting up service shares such as profiles. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Ver 3.0.4 Anonymous access, no Password required
On Wed, 2 Feb 2005 11:52:18 -0700, John H Terpstra [EMAIL PROTECTED] wrote: Zane, In your original post you asserted that the documentation is deficient. In what way are you offering to rectify the deficiency? I have found, that my original question, was from lack of understaning security. It was to get users to view the public directories on my Samba box without a password. I believe remote fixed that by telling me I should have Security = share in the global. That part, I did find in the documentation, particularly the Samba-guide.pdf, which I hadn't seen or found before you mentioned it. This caused my other desired function, to fail. (Samba based permissions to give a user write access, and allow others only read) In the open source world there are many deficiencies - its just a fact of life. The rule with open source is that because you have the source you can fix the deficiency. That is something of an unwritten responsibility - when you find a problem you fix it so that the next person does not have to go through the same pain you did. I know, and I would be glad to help in any way possible. I love finding solutions and posting them in an effort to help other resolve their problems. I unfortunantly I haven't gotten into installing/usering the C++ compiler yet, although I think my 2 years of programing would be highly inadequite to even attemt to fix a problem (unless Very minor or small), I wouldn't be able to repair the source code. So please help sort out the deficiencies. There are two official Samba documents: The Samba-HOWTO-Collection and the Samba-Guide. I welcome your documentation updates in any form you can provide them. You have my total attention and my commitment to fix the gaping holes. On Wednesday 02 February 2005 04:01, Zane Minninger wrote: Ok, I have read that PDF, and is doesn't look like it goes into what I want, but there is SO much info there, I'll be taking it to bed a for a few nights. Here is the basics that I have been able to understand--- I would like to have no username/password box appear when users on Win2000 and WinXP browse to \\server\ I would also like certain folders (\\server\pub\) to not require a username/password and only have Read access. Windows opens a secure channel to a server. It authenticates only the first time that secure channel is opened. Subsequent connections from the client use only already established credentials. You therefore can not do what you want. In Windows NT4/200x/XPP an authentication failure may result in a pop-up asking for new credentials but you should not depend on that for access control as in many situations the client will not permit you access anyhow. I agree, and concur. If you use the same loging session on the client box, the credientials are cached. I have been re-logging in each time after a successful attaching to the share, which does clear the credentials. The original though was if I needed to have write access to a folder, before making any connection to it, I could map a drive with crendentials and have the full access I needed. If I didn't, I just browse and could only read the data. The next step is the trick. Is there a way where in Windows I can Map a network drive and choose a different Username/password to connect to the \\server\pub share to give me permissions to add/delete. You just need to set your permissions and privileges in UNIX/Linux to work correctly, or create additional shares for the same directory share point. That was the other way I was going to look into it. I do have the correct rights on the Unix system. The default / generic user has read to all folders in data (he has no rights but security is 775 for all files / folders in the shared directory. That should allow him read and execute, and it does if security = Share is turned on. OR Is there a way I can setup one share to not prompt for a Username/password and set another folder to prompt for a Username/Password. Show me how you would do this in Windows - Samba works that same way that Windows does. In windows, I have tested this just now, My 2003 domain server (The pc is not attached, never has been, and there is no user accounts on it, app testing box only) I created a share, data. I gave permissions to the share of User1 and everyone. Everyone only has read. User1 has full control. I further went into the file system properties, stipped out all of MS's permissions and set User1 full control of all files and everyone read, read execute, and List folder contents. I created 2 direcory below that. One private, one public. I kept the same permissions on public, giving user1 full and everyone read, readexecute, and list folder contents. I took out the everyone access to the private share and gave user1 full access. So, in a Linux based system, it would should look like this (correct me if I'm wrong) DATA (755) (I'm setting group
[Samba] Operation not permitted mounting samba-share via cifs
Hi everybody, I want to use my samba-shared Homedirectory from my Linux-Server on my Linux-workstation. I was using smbfs until now, but since i upgraded my hardware i'm not any more able to use smbfs, i get error-messages (timeouts) in the kernel logs and I/O-Errors on the console. Having this problems i read about cifs and that's much better, nicer, sexyer and faster than smbfs. The two public-accesible shares runs very nice and very performant, much better than ever. I'm mounting them as user 'chris' having the following lines in my /etc/fstab: //serv01.kdorf.local/Fileman /mnt/Filemanagement cifs user,noauto,guest,uid=501,gid=100 0 0 //serv01.kdorf.local/Ablage /mnt/Ablage cifs user,noauto,guest,uid=501,gid=100 0 0 Now i'm wanting to mount //serv01/chris on /mnt/chris on my machine, also using cifs. I'm trying as root with the following command: mount -t cifs //serv01/chris /mnt/temp -o user=chris,password=password,uid=501,gid=100 and get: mount error 1 = Operation not permitted Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) The samba-log looks something like this: schnipp --- [2005/02/07 17:05:27, 3] smbd/oplock.c:init_oplocks(1302) open_oplock_ipc: opening loopback UDP socket. [2005/02/07 17:05:27, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(303) Linux kernel oplocks enabled [2005/02/07 17:05:27, 3] smbd/oplock.c:init_oplocks(1333) open_oplock ipc: pid = 22435, global_oplock_port = 33239 [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 0 of length 51 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBnegprot (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_negprot(457) Requested protocol [NT LM 0.12] [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_nt1(323) not using SPNEGO [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_negprot(545) Selected protocol NT LM 0.12 [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 1 of length 242 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBsesssetupX (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=13 flg2=0xc001 [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(789) Domain=[] NativeOS=[Linux version 2.6.10-gentoo-r7] NativeLanMan=[CIFS VFS Client for Linux] PrimaryDomain=[] [2005/02/07 17:05:27, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(804) sesssetupX:[EMAIL PROTECTED] [2005/02/07 17:05:27, 3] smbd/sesssetup.c:check_guest_password(116) Got anonymous request [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(268) check_ntlm_password: guest authentication for user [] succeeded [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 2 of length 84 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBtconX (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/service.c:find_service(145) checking for home directory chris gave /home/chris [2005/02/07
Re: [Samba] root user in smbldap...how to change home
On Monday 07 February 2005 16:33, David Trask wrote: [EMAIL PROTECTED] on Monday, February 7, 2005 at 5:53 PM + wrote: smbldap-populate -a root instead of just plain smbldap-populate John, Actually it was your advice from a much earlier post that I was usingthanks! :-) (It cleared up a lot of little quirky behaviors) Acknowledged. I struggle with keeping the documentation up to date and really would like to see a lot more activity and feedback in that area. I am not sensitive to criticism - rather I believe it is the best way to make progress. If I am wrong I am happy to stand corrected. Together, when we work as a team we make much faster progress. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NTLM hash
I'm looking at the NTLM hash, I need to make my own. I was going to look at somehow using libsmb or something but don't really know how to. Can I do this in perl? I can make Unicode scalars and send those to md4_hex() to get the output, but I cannot get something to match what shows up in the /etc/samba/private/smbpasswd file. Ideas? Currently I try this: #!/usr/bin/perl -w use strict; use Digest::MD4 qw(md4_hex); use Unicode::Map; my $map = new Unicode::Map(ISO-8859-1); print md4_hex($map-to_unicode(password)); print \n; # end /djb -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbtoture for Win32
Hi, Are there smbtorture binary which can run on Window environment? Is it available to build the binary for Win32 from the source? Bo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User Migration question
Hello, I would like to migrate my user-accounts from a Samba 2 to a Samba 3 setup. Old Setup: Samba 2 with PAM support. PAM uses LDAP to store PosixAccounts New Setup: Samba 3 with native LDAP. PosixAccounts are already migrated to my new LDAP server. I tried pdbedit with my old smbpasswd file: ---snip--- # pdbedit -i smbpasswd:./smbpasswd build_sam_account: smbpasswd database is corrupt! username jwitte with uid 1000 is not in unix passwd database! ---snip--- But: ---snip--- # getent passwd|grep jwitte jwitte:x:1000:1000:Jochen Witte:/home/jwitte:/bin/bash ---snip--- Any hints? Regards Jochen -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] logon to samba server from win98
It looks like you are missing the logon path: - Original Message - From: gerald marewo [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Thursday, February 03, 2005 5:40 AM Subject: [Samba] logon to samba server from win98 dear all, i have a new samba server running on: - SuSE Linux 9.0 - version 2.2.8a although i had no problem logging on from winxp/2k machines after joining the server's domain, i am failing to do the same from win98 machines. entered the appropriate domain in control panel. error message: - INCORRECT PARAMETER i have searched on the web but got no useful help. the relevant part of my smb.conf follows: [global] workgroup = maths netbios name = maths domain logons = yes security = user os level = 64 local master = yes preferred master = yes domain master = yes log file = /var/log/samba/%u.log debug level = 3 allow hosts = 10.3. deny hosts = all encrypt passwords = yes logon home = \\%L\%u socket options = TCP_NODELAY server string = Maths add user script = /usr/sbin/useradd -d /dev/null -g users -s /bin/false %u logon drive = H: logon script = logon.bat time server = yes log file = /usr/lib/samba/log/%m.log [netlogon] comment = Domain Logon service path = /usr/lib/samba/netlogon public = no writeable = no browsable = yes please help. bye for now. -- gerald marewo gerald_at_maths_dot_uz_dot_ac_dot_zw -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
