AW: [Samba] Samba - NT ACL implemented by Unix Posix ACL via Samb a

2005-03-02 Thread brennion 
I'm not an expert on that, but did you tried the following settings on
smb.conf for your share :

admin users = NTDOMAIN+Administrator
valid users = .

I think this is necessary to use ACL with samba and ntdomain...


-Ursprüngliche Nachricht-
Von: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 28. Februar 2005 16:43
An: Juer Lee
Cc: samba@lists.samba.org
Betreff: Re: [Samba] Samba - NT ACL implemented by Unix Posix ACL via
Samba


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Juer Lee wrote:

| 1.   Why Samba always think the owner always
| has 'READ' access right on a file, 'READ and WRITE' access
| rights on a directory? I checked the code of
| posix_acls.c, those bits are OR-ed by default

It was a workaround for some empty nttrans_set_security_descriptor()
requests IIRC.  Mostly had problems with profiles becoming
unusable.

| 2.   Try to create a folder via the Samba
| Win2k client(make sure there are only base permissions
| on it - no any ACLs), right click on the folder and go
| to 'Security' tab, choose the owner in the name table,
| tick some check-boxes in column 'Allow' and
| click 'Apply', you will see two more entries 'CREATOR OWNER'
| and 'CREATOR GROUP' are displayed - I understand this
| is caused  by that the default ACLs are created.
| ut why the default ACLs for the owner is NOT created??
| The default ACLs can only be created when the
| former steps are repeated.

If I understand your question correctly, it is because Samba
only translates the acls as they exist on disk.  You can
setup the default acls from a shell prompt if you like.





cheers, jerry
=
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCIzwHIR7qMdg1EfYRAv+BAJ4hWjAvMlVGM8Vp89l3FIQLFBd8ywCfdCE8
qYbhIRHEYjY1oUWVI1Ifaas=
=5jPt
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba - NT ACL implemented by Unix Posix ACL via Samba

2005-03-02 Thread Juer Lee 
This issue is not caused by that the client user doesn't have privilege to
set ACLs. 'admin users' won't help

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, March 02, 2005 16:00
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: samba@lists.samba.org
Subject: AW: [Samba] Samba - NT ACL implemented by Unix Posix ACL via Samba

I'm not an expert on that, but did you tried the following settings on
smb.conf for your share :

admin users = NTDOMAIN+Administrator
valid users = .

I think this is necessary to use ACL with samba and ntdomain...


-Ursprüngliche Nachricht-
Von: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 28. Februar 2005 16:43
An: Juer Lee
Cc: samba@lists.samba.org
Betreff: Re: [Samba] Samba - NT ACL implemented by Unix Posix ACL via
Samba


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Juer Lee wrote:

| 1.   Why Samba always think the owner always
| has 'READ' access right on a file, 'READ and WRITE' access
| rights on a directory? I checked the code of
| posix_acls.c, those bits are OR-ed by default

It was a workaround for some empty nttrans_set_security_descriptor()
requests IIRC.  Mostly had problems with profiles becoming
unusable.

| 2.   Try to create a folder via the Samba
| Win2k client(make sure there are only base permissions
| on it - no any ACLs), right click on the folder and go
| to 'Security' tab, choose the owner in the name table,
| tick some check-boxes in column 'Allow' and
| click 'Apply', you will see two more entries 'CREATOR OWNER'
| and 'CREATOR GROUP' are displayed - I understand this
| is caused  by that the default ACLs are created.
| ut why the default ACLs for the owner is NOT created??
| The default ACLs can only be created when the
| former steps are repeated.

If I understand your question correctly, it is because Samba
only translates the acls as they exist on disk.  You can
setup the default acls from a shell prompt if you like.





cheers, jerry
=
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCIzwHIR7qMdg1EfYRAv+BAJ4hWjAvMlVGM8Vp89l3FIQLFBd8ywCfdCE8
qYbhIRHEYjY1oUWVI1Ifaas=
=5jPt
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Authentication via both domain controller and local Sambapassword file

2005-03-02 Thread Juer Lee 
Thanks, Jerry.

It works with the method net use * \\server\share /user:SERVER\user, I
have forgotten to add leading 'SERVER\' when I was prompted to enter
username and password.

Juer

-Original Message-
From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, March 02, 2005 1:37
To: Kaplan, Marc
Cc: Juer Lee; samba@lists.samba.org
Subject: Re: [Samba] Authentication via both domain controller and local
Sambapassword file

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Kaplan, Marc wrote:
| Try setting auth methods = sam winbind. IIRC
| when in domain authentication auth methods
| does not include users in the local sam, but
| my knowledge could be based upon an older
| version of samba, so you'll have to try it out.

your memory is off a little Marc :-)
The default in security = domain is set to
'guest sam winbind:ntdomain'.  This issue is that the
'sam' method will only handle those requests that
match the SERVER\user format.  An explicit

net use * \\server\share /user:SERVER\user

will connect using a local account from smbpasswd.









cheers, jerry
=
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCJKhHIR7qMdg1EfYRAmLnAJ0f4ShLTJ4fzcScW34tlng4fkojTgCeLDV4
V9IPvagjkqGLNMq4Y5JOhNA=
=GMv5
-END PGP SIGNATURE-


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Trust relationship problem [repost]

2005-03-02 Thread Didier ALBENQUE 

Hello,

I have a problem with trust relationship between W2003 AD and samba
3.0.6 (Mandrake Corporate Server 3.0) and W98 machines.

Samba is the trusted domain and W2003 the trusting domain.
All the clients (w98 and Win XP) are in the samba domain.

The win XP clients can access the shares of the W2003, but the w98
clients cannot. They have this error : error 55 saying the ressource is
not available.

I have installed a NT4 in place of the samba, and all clients work
perfect.

UPDATE : I have installed samba 3.0.11 from the SRPMS found at
samba.org, and still have the problem.

Any help would be greatly appreciated.

Best regards,

-- 
 Didier ALBENQUE
 DAG/DSI/BME
-10. Heard at my workplace when I found emacs wouldn't run :
 Oh I took that thing off, it was huge and nobody uses it. It's
 a stupid editor anyway. --Spoken by an MS-DOS programmer

--Top 100 things you don't want the sysadmin to say
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: smb_proc_readX_data

2005-03-02 Thread Michael Gasch 
i have the same problems on SuSE and debian systems with shipped kernels 
(2.6)

i was wondering why the samba team didn't respond to those mails from 
you and tried smbclient, because smbfs ist not maintained by them
smbclient didn't show those problems (btw: cifs has not these problems 
but produces some weird messages, too -  CIFS VFS: Error 0xfff3 or 
on cifs_get_inode_info in lookup)

hope this helps a little bit
cheerz


Ognyan Kulev wrote:
/* Cc: samba list */
Vincent Marty wrote:
Hi Ogi !
Did you find a solution to the problem you described in a post in 
linux.samba in dec 2004 ?
I get the same messages from Fedora Core 3 when accessing to a iMax 
under Mac Os 10.3.

Hi!
Since I started to use Debian kernel 2.6.10 (in unstable), the problem 
disappeared.  Fedora Core 3 uses 2.6.10 too so I don't know what to tell 
you.  Debian kernels have many patches applied though.  BTW this problem 
is filed in Debian BTS: 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=289690

---
I'm using Debian unstable, with kernel-image-2.6.8-1-686-smp 2.6.8-10, 
and samba 3.0.10-1.  I smbmount a Windows 2003 share with MP3s.  The 
DC is Windows 2003 in mixed mode.  When playing many of these MP3s, 
there is a noticable delay and the following messages are logged into 
/var/log/message:

Dec 22 13:03:24 roller kernel: smb_add_request: request [c0b0f660, 
mid=22535] timed out!
Dec 22 13:03:24 roller kernel: smb_proc_readX_data: *offset* is 
*larger* than SMB_READX_MAX_PAD or negative!
Dec 22 13:03:24 roller kernel: smb_proc_readX_data: -59  64 || -59  0

Every minute there is such message!  I couldn't find anything with 
Google :-( Can you help me?

Regards,
ogi


--
 Michael Gasch
   - Central IT Department -
Max Planck Institute for Evolutionary Anthropology
Deutscher Platz 6
04103 Leipzig
Germany
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Problems with Starting Winbind after upgrading!

2005-03-02 Thread Rainer Budde 
Hi,

first ive installed SuSE 9.1 with the default rpms (heimdal 0.9.1rc3, samba 
3.0.2a with winbind). Ive configured the system with winbind to the user 
accounts from my Win2003 Server. All this works always max. 1 day. After this 
day I cant connect to my shares on the samba server. After this I upgraded to 
3.0.11 with the RPMs from de.samba.org for SuSE. I installed this rpms but 
Winbind fails to start. The error message in log.winbindd looks like this:

--
[2005/03/02 10:24:40, 3] nsswitch/winbindd_cm.c:cm_get_ipc_userpass(109)
  IPC$ connections done anonymously
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(708)
  Doing spnego session setup (blob length=108)
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(733)
  got OID=1 2 840 48018 1 2 2
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(733)
  got OID=1 2 840 113554 1 2 2
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(733)
  got OID=1 2 840 113554 1 2 2 3
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(733)
  got OID=1 3 6 1 4 1 311 2 2 10
[2005/03/02 10:24:40, 3] libsmb/cliconnect.c:cli_session_setup_spnego(740)
  got [EMAIL PROTECTED]
[2005/03/02 10:24:40, 0] lib/fault.c:fault_report(36)
  ===
[2005/03/02 10:24:40, 0] lib/fault.c:fault_report(37)
  INTERNAL ERROR: Signal 11 in pid 23268 (3.0.11-2.1-SUSE)
  Please read the appendix Bugs of the Samba HOWTO collection
[2005/03/02 10:24:40, 0] lib/fault.c:fault_report(39)
  ===
[2005/03/02 10:24:40, 0] lib/util.c:smb_panic2(1495)
  PANIC: internal error
[2005/03/02 10:24:40, 0] lib/util.c:smb_panic2(1503)
  BACKTRACE: 18 stack frames:
   #0 /usr/sbin/winbindd(smb_panic2+0x1ec) [0x80d63b5]
   #1 /usr/sbin/winbindd(smb_panic+0x25) [0x80d61c3]
   #2 /usr/sbin/winbindd [0x80c1527]
   #3 /usr/sbin/winbindd [0x80c159d]
   #4 [0xe420]
   #5 /usr/lib/libkrb5.so.17 [0x400a2d12]
   #6 /usr/sbin/winbindd(kerberos_kinit_password+0x9d) [0x819a4e8]
   #7 /usr/sbin/winbindd(cli_session_setup_spnego+0x35d) [0x80f5f92]
   #8 /usr/sbin/winbindd [0x8081ca5]
   #9 /usr/sbin/winbindd [0x8082b78]
   #10 /usr/sbin/winbindd(cm_fresh_connection+0x33) [0x8082bef]
   #11 /usr/sbin/winbindd [0x8089d80]
   #12 /usr/sbin/winbindd [0x807caff]
   #13 /usr/sbin/winbindd [0x80770b8]
   #14 /usr/sbin/winbindd(init_domain_list+0x147) [0x80774c8]
   #15 /usr/sbin/winbindd(main+0x5e3) [0x807115e]
   #16 /lib/tls/libc.so.6(__libc_start_main+0xe0) [0x40249500]
   #17 /usr/sbin/winbindd [0x806f541]
--

Whats wrong! Can anybody help me?

Best Regards

Rainer Budde

_ 
 __ 
/_/\ 
\ \ \ 
  __ \ \ \Rainer Budde
 / /\ \ \ \   
/ / /  \ \ \   - Software-Developer -  
   / / / __ \ \ \
  / / / /_/\ \ \ \   ProDas Datensysteme GmbH 
 / / /  \ \ \ \ \ \   Johannes-Gutenberg-Str. 4 
/ / / __ \ \ \ \ \ \   49632 Essen (Oldb.) 
   / / / / /\ \ \ \ \ \ \   Tel.: 05434 / 94 20 -0 
  / / / / / /  \ \ \ \ \ \   Fax.: 05434 / 94 20 -45 
 /_/_/ /_/_/   / / / / / /  e-mail: [EMAIL PROTECTED] 
 \ \ \ \ \ \  / / / / / /  
  \ \ \ \ \ \/ / / / / /  Homepage: http://www.prodas.de 
   \ \ \ \_\/ / / / / /  Online-Shopping: http://www.prodas.de/shop
\ \ \  /_/ / / / /  Lokalmarkt24: http://www.lokalmarkt24.de 
 \ \ \ \_\/ / / /  
  \ \ \/ / /  + Internet Service Provider (ISP) 
   \ \ \  / / /  + Microsoft Certified Partner 2004 
\_\/ / / /  + HP Business Partner 2004 
/_/ /  + HP Mobile Focus Partner Level II 
\_\/ 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Building two redundant servers without clustering

2005-03-02 Thread Michael Gasch 
hi,
well, i was also wondering how to build up a very redundant solution for 
my samba installations

at the moment i'm using rsync twice a day to sync about 2TB amount of 
data between two hardware raids (both raid5 with 2 hot spare)

advantage: if filesystem is corrupt on one raid, the other raid is 
normaly not affected

disadvantage: because analyzing data to sync by rsync takes time it's 
senseless to sync every our so you have no realtime backup (only 12h before)

how do you avoid this filesystem issue with drbd? doing rsync every 
night seperatly? i don't know of statistics about filesystem damages

cheerz
--
 Michael Gasch
   - Central IT Department -
Max Planck Institute for Evolutionary Anthropology
Deutscher Platz 6
04103 Leipzig
Germany
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Netbench controller crashs

2005-03-02 Thread Denis Vlasenko 
On Wednesday 02 March 2005 02:28, Ephi Dror wrote:
 Hi All,
  
 I'm running netbench against our samba based filer and having I believe
 a controller problem.
  
 When I configure the test to run multiple engines per client (about 5 in
 my case) and about 20 clients so all together I  have 100 engines, the
 controller  crashes. 

What is a 'controller'?
--
vda

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] listing group members (ADS)

2005-03-02 Thread halemb 
Hello

I have connected samba-3.0.11 to domain via ads. Samba using users from this 
domain (winbind). 

When I try getent group, it lists group members, but only when they have not 
set up primary group in this group. 
c.a.
100 users have set up primary group (in windows) on 'domain users'
2 users have set up primary group on 'domain admins' and secondary group on 
'domain users'.
getent group|grep 'domain users' lists only this 2 users, which have set up 
secondary group on 'domain users'

It works good when samba is connected to windows using 'net rpc'. It lists all 
group members (102 users).

How I can list properly all group members from all groups when I'm cennected 
via ads?

-- 
best regards
HALEMB
[EMAIL PROTECTED]
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Request to update slapd.conf and OpenLDAP info for Samba-Guide/happy.html

2005-03-02 Thread Gavin Henry 
Dear Team,

The OpenLDAP stuff on this page:

http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html

is not the preferred backend, i.e. ldbm, it really, really needs to be bdb.

See:

http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbmfile=1085

ldbm uses a neutral storage interface which in principle could wrap dbm,
ndbm, gdbm or sleepycat as underlying storage; however, only Sleepycat is
considered a reliable choice, so bdb offers more interesting features
(ACID). Eventually it will disappear.

And:

http://www.openldap.org/faq/data/cache/756.html

With back-ldbm, there is no fine-grain database locking. This means write
operations are serialized. And while multiple read operations may be
performed concurrently, they cannot be performed concurrently with any
write operation. Additionally, LDBM databases cannot be accessed by only
one program at a time (generally at the file level). (While one may be
able to bypass the locking mechanism, you will likely corrupt the database
(and/or obtain bogus information).)

With back-bdb, databases are locked on a page level, which means that
multiple threads (and processes) can operate on the databases
concurrently. In OpenLDAP 2.1.4 we lifted the restriction against using
the slap tools while slapd is running on back-bdb. You can perform online
backups using slapcat or BDB's db_dumputility without interrupting your
LDAP service. You still must not use slapadd or slapindex while slapd is
running (due to application-level caching in slapd(8)).


Point to highlight for disaster recovery:

You can perform online backups using slapcat or BDB's db_dumputility
without interrupting your LDAP service.

Therefore,
can we update it for this and all the configuration that goes with using a
bdb backend?

I feel we are not doing the Samba community justice, if we are telling
them to use lbdm.

Thanks.

-- 
Kind Regards,

Gavin Henry.
Managing Director.

T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 742001
E [EMAIL PROTECTED]

Open Source. Open Solutions(tm).

http://www.suretecsystems.com/


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] AD group membership limits?

2005-03-02 Thread Gibbs, Simon 
Hi,

I'm running Samba 3.0.11 on RedHat ES 3 kernel version 2.4.21-15.0.4.ELsmp
and have a quick question about AD group membership limits

Am I right in assuming that Samba is limited by the group membership
parameters (ie NGROUP = 32) imposed by the Linux kernel? Is there any
workaround in Samba for this?

At the moment if a user is a member of more then 32 domain groups they
cannot access any shares. If I remove some of the groups to below the 32
group limit everything is fine.

If there isn't a workaround in Samba has anyone reliably recompiled the
kernel and run Samba after changing the group parameters?
I guess this must be a fairly common problem in a lot of sites?

Any help with this much appreciated.

Cheers,

Simon





The information contained in this email message may be confidential. If you are 
not the intended recipient, any use, interference with, disclosure or copying 
of this material is unauthorised and prohibited. Although this message and any 
attachments are believed to be free of viruses, no responsibility is accepted 
by TF Informa for any loss or damage arising in any way from receipt or use 
thereof.  Messages to and from the company are monitored for operational 
reasons and in accordance with lawful business practices. 
If you have received this message in error, please notify us by return and 
delete the message and any attachments.  Further enquiries/returns can be sent 
to [EMAIL PROTECTED]

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] can print test page in the redhat, but can't print through the samba share print,why?

2005-03-02 Thread Hamish 
On Wed, 2005-03-02 at 15:24 +0800, [EMAIL PROTECTED] wrote:
 i can print test page in the redhat, but when i use the samba shared
 printer to print test page,
 
 it is said test page failed to print  why?
 
I had this recently, try to follow your samba log file (tail
-f /var/log/samba/samba.log on my box) and print from a windows box, and
you will see that there is an access denied (or similar) on a directory
when a samba user tries to print. Just adjust the permissions on it and
you're good to go.
PS. I am assuming you already have the drivers etc set up.


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Clement DIEBOLD 
I have recently configured two servers to be controlers of my domain.
The first one is the PDC and is configured like :
  domain master = yes
  prefered master = yes
  local master = yes
  domain logons = yes
  security = user
  os level = 99
And the second, the BDC like :
  domain master = no
  prefered master = no
  local master = no
  domain logons = yes
  security = user
  password server = PDC BDC
  os level = 40
When the two servers are started, i see in the logs :
DOMAIN(1) current master browser = PDC
   BDC 40009a03 (BDC)
   PDC 400c9b0b (PDC)
but my clients (windows 2000 and XP) are authenticated by the BDC.
I don't unterstand why it's working like this !! The PDC becomes the 
master if I set the domain logons option to no.

Thanks.
--
Clément DIEBOLD
Service Informatique
LMARC Université de Franche-Comté
24, chemin de l'Epitaphe
25000 Besançon
Tel : 03 81 66 60 53
Fax : 03 81 66 67 00
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] WINS-Server != PDC ?

2005-03-02 Thread Stefan G. Weichinger 

Hello,

I have tried to find that info, but couldn't yet find it in TOSHARG or
Samba-3 By Example :

A client has one NT-PDC running without WINS-service and a
Samba-Domain-Member-Server that is currently the WINS-Server.

I have

 [global]
workgroup = MYWG
netbios name = MAIL
interfaces = eth* lo
map to guest = Bad User
security = domain
password server = NTSERVER
encrypt passwords = yes
passdb backend = tdbsam
server string = Samba
add machine script = /usr/sbin/useradd  -c Machine -d /var/lib/nobody -s 
 /bin/false %m$
name resolve order = wins host bcast
domain master = no
domain logons = no
local master = no
preferred master = no
os level = 0
load printers = no
hosts allow = 192.168.86. 172.32.99. 127.0.0.1
wins support =  yes
log level = 2
oplocks = no
level2 oplocks = no
kernel oplocks = no

so Samba does not get Master Browser.

NTSERVER is #1c, #1b and #1d ...

My question:

Does the WINS-Server also have to be the Master Browser?
Would it be better to enable WINS on the PDC and let Samba use it via
wins server=NTSERVER ?

Samba-3.0.9-Suse, BTW.

-- 
Thanks,
Stefan

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Multiple IP subnets and WINS server

2005-03-02 Thread Dani Camps 
I have a Linux box with two interfaces for the private
LAN (eth0,eth1) and another one connected to the
Internet. I have two subnets in my LAN (192.168.0.0/24
and 192.168.1.0/24) and eth0 and eth1 are the
gateways of either subnet (192.168.0.1, 192.168.1.1).
I have a Samba server running in the Linux box, and
this Samba server is at the same time the local master
browser and a WINS server, there is only one
WINS server in the net.

I am having some problems when trying to do SMB
browsing between the two subnets, here I attach some
of the relevant parts of my smb.conf in the Linux box:

-
hosts allow=127. 192.168.0. 192.168.1.
...
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
...
interfaces=192.168.0.1/24 192.168.1.1/24 127.0.0.1/8
bind interfaces only=yes
...
#To be the LMB
local master = yes
os level = 255
preferred master = yes
...
#To be the WINS server
name resolve order = wins lmhosts bcast
wins support = yes
dns proxy = no
---

Since in the Linux box Samba is binded to both
interfaces, .1.1 and .0.1, should  I specify as a WINS
server for the clients of each subnet the gateway, so
192.168.0.1 as a WINS server of 192.168.0.0/24 and
192.168.1.1 as a WINS server of 192.168.1.0/24 ? Or I
could say in both WINS server 192.168.0.1 for instance
? Or this simply doesn't matter ?

The IP routing is working perfectly between the two
subnets, so I don't know why am I having problems, do
u see any mistake in the configuration or sth that
maybe I could have missed ?

Thanks





__ 
Celebrate Yahoo!'s 10th Birthday! 
Yahoo! Netrospective: 100 Moments of the Web 
http://birthday.yahoo.com/netrospective/
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Misty Stanley-Jones 
On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote:


 And the second, the BDC like :
domain master = no
prefered master = no
local master = no
domain logons = yes
security = user

I think this needs to be security = server but correct me if I am wrong.  On 
your BDC do testparm and it will show you the role of the server.

Misty

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Mccrory, Kevin B 
This is the way it should be working. The BDC handles authentication
requests for the domain unless it becomes overloaded at which time the PDC
steps in to take over. 
Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference
Guide that explains Domain Control.

Kevin B. McCrory
Network Engineer - COPS
US Government Solutions
13600 EDS Drive
Mail stop:  A4S-B21
Herndon, VA 20171
* phone: +01-703-733-3255
* mailto:[EMAIL PROTECTED]
* AKO mailto:[EMAIL PROTECTED]



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Clement DIEBOLD
Sent: Wednesday, March 02, 2005 8:14 AM
To: samba@lists.samba.org
Subject: [Samba] Samba as PDC and BDC on the same network.


I have recently configured two servers to be controlers of my domain. The
first one is the PDC and is configured like :
   domain master = yes
   prefered master = yes
   local master = yes
   domain logons = yes
   security = user
   os level = 99

And the second, the BDC like :
   domain master = no
   prefered master = no
   local master = no
   domain logons = yes
   security = user
   password server = PDC BDC
   os level = 40

When the two servers are started, i see in the logs :
DOMAIN(1) current master browser = PDC
BDC 40009a03 (BDC)
PDC 400c9b0b (PDC)

but my clients (windows 2000 and XP) are authenticated by the BDC.

I don't unterstand why it's working like this !! The PDC becomes the 
master if I set the domain logons option to no.

Thanks.

-- 
Clément DIEBOLD
Service Informatique
LMARC Université de Franche-Comté
24, chemin de l'Epitaphe
25000 Besançon
Tel : 03 81 66 60 53
Fax : 03 81 66 67 00
--

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba failed to authenticate to openLDAP

2005-03-02 Thread Paul Gienger 

2: doing that nearly fscked up my already existent DIT for always;
 

I'd be very interested in hearing how this happened and what almost got 
borked.  I can't for the life of me think of anything that the 
smbldap-tools package should have done above just adding random 
attributes and entries in a lot of places if badly configured.  The 
worst (again, that I can imagine) that you would have had to do would be 
clean with a fine tooth scrub brush.

I haven't delved deep into the code, so I don't doubt that things could 
be pretty powerful, just that I haven't seen how they could go far 
enough to completely bork up a whole LDAP database.

--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] 3.0.11 pthread_once errors

2005-03-02 Thread Daniel Ramaley 
I never got a response to this, but i found the solution: don't use MIT 
Kerberos 1.4. After downgrading to 1.3.6 and rebuilding Samba, i no 
longer get pages of pthread error messages.


On Monday 28 February 2005 04:35 pm, Daniel Ramaley wrote:
I have installed Samba 3.0.11 on OpenBSD 3.6. It is linked with MIT
Kerberos 1.4, which was installed to /usr/local/kerberos. Whenever i
run a Samba application (any of them; i get these messages when
starting any of the smbd, nmbd, or winbindd daemons, as well as user
applications such as smbclient) i get a screen full of errors.
Everything so far seems to be working, but the errors are a bit
disturbing. Here is a sample of the messages:

/usr/local/samba/bin/smbclient:/usr/local/kerberos/lib/libcom_err.so.3
.0: undefined symbol 'pthread_once'
/usr/local/samba/bin/smbclient:
/usr/local/kerberos/lib/libcom_err.so.3.0: can't resolve reference
'pthread_once'
/usr/local/samba/bin/smbclient:/usr/local/kerberos/lib/libkrb5support.
so.0.0: undefined symbol 'pthread_once'
/usr/local/samba/bin/smbclient:
/usr/local/kerberos/lib/libkrb5support.so.0.0: can't resolve reference
'pthread_once'
/usr/local/samba/bin/smbclient:/usr/local/kerberos/lib/libk5crypto.so.
3.0: undefined symbol 'pthread_once'
/usr/local/samba/bin/smbclient:
/usr/local/kerberos/lib/libk5crypto.so.3.0: can't resolve reference
'pthread_once'
/usr/local/samba/bin/smbclient:/usr/local/kerberos/lib/libkrb5.so.3.2:
undefined symbol 'pthread_once'
/usr/local/samba/bin/smbclient:
 /usr/local/kerberos/lib/libkrb5.so.3.2: can't resolve reference
 'pthread_once'
/usr/local/samba/bin/smbclient:/usr/local/kerberos/lib/libgssapi_krb5.
so.2.2: undefined symbol 'pthread_once'
/usr/local/samba/bin/smbclient:
/usr/local/kerberos/lib/libgssapi_krb5.so.2.2: can't resolve reference
'pthread_once'

I tried a few Google searches but wasn't able to locate anything
relevant. Any ideas how to fix this?

--
-- Dan Ramaley
Digital Media Library Specialist
(515) 271-1934
Cowles Library 140, Drake University

-- 

Dan Ramaley
Digital Media Library Specialist
(515) 271-1934
Cowles Library 140, Drake University

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] To the ones who may concern :: German Translation of the Samba-Docs SOON AVAILABLE AS BOOK.

2005-03-02 Thread Stefan G. Weichinger 

Hello to all Samba-users, and,
in particular,
Hallo an die deutschsprachigen Anwender von Samba !

It has been quite a while since I announced the complete translation
of The Official Samba-3 HOWTO And Reference Guide (aka TOSHARG).

I have received some requests for a printed version of the german
documentation, this means to me that it has to be announced again that
there will be a book available soon, containing the full german
version of TOSHARG.

It is called Samba 3, das offizielle Handbuch and should be released
this month.

Have a look at http://gertranssmb3.berlios.de/ where I placed a link
to the upcoming book.

Thanks a lot,
best regards,
Stefan G. Weichinger.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Links followed to my local filesystem

2005-03-02 Thread Pablo García 
Hi All, I was using samba client 3.0.0-15 on fedora core 1, accesing a
samba server 3.0.4 with an exported folder wich had a linked directory
named web within the same server to /usr/local/apache/htdocs.
when I accessed that directory I could saw the contents of the
destination directory . (fine)
After upgrading to fedora core 3 and therefore to samba 3.0.10 I found
that the link in the samba folder is broken because it's pointing to a
non existen directory in my machine instead of pointing to the
directory located in the server.
Anyone has any idea of why is this ? and how can i go back to my usual
behavior ?

Regards, Pablo
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Two smbd daemons and clustered environment

2005-03-02 Thread Buozis, Martynas 
Hello

Sorry if I repeating myself, but I am not sure, that my email was sent
to the list. I hope, that somebody has bad or good experience in running
2 Samba services on one host or running parallel 2 Samba instances in
Veritas Cluster Server environment.

With best regards
Martynas 


My previous email :

Hello

I have a question about running two SMBD daemons on one host. Background
for this request is Samba failover in parallel services mode. The actual
requirement is to start Samba processes bind to specific IP address.
This can be done by specifying following parameters in smb.conf file :

interfaces = 192.168.100.1/24
bind interfaces only = yes

But nmbd process always is listening on *, instead of specific
interface. So does it mean, that nmbd should be started once on a hosts
event two smbd daemons will run ?  Maybe running two smbd's on one node
is not a good idea at all ? But how to deal with failovering IP address
in case of one smbd process ?

Does anybody have experience in running two smbd daemons with different
configuration options on one host and can share his/her experience ? Or
running smbd service as parallel service in clustered environment on two
nodes ?


Thank you for any tips and/or advises.

With best regards
Martynas

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Links followed to my local filesystem

2005-03-02 Thread Paul Gienger 

After upgrading to fedora core 3 and therefore to samba 3.0.10 I found
 

Who did you upgrade? client or server? 

that the link in the samba folder is broken because it's pointing to a
non existen directory in my machine instead of pointing to the
directory located in the server.
 

Try looking for the follow symlinks options, they may be your key.
--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Links followed to my local filesystem

2005-03-02 Thread Pablo García 
I upgraded the client, (from 3.0.0-15 to 3.0.10) the server remains
the same (3.0.4)

Regards, Pablo

On Wed, 02 Mar 2005 08:42:35 -0600, Paul Gienger
[EMAIL PROTECTED] wrote:
 
 After upgrading to fedora core 3 and therefore to samba 3.0.10 I found
 
 
 Who did you upgrade? client or server?
 
 that the link in the samba folder is broken because it's pointing to a
 non existen directory in my machine instead of pointing to the
 directory located in the server.
 
 
 Try looking for the follow symlinks options, they may be your key.
 
 --
 Paul GiengerOffice: 701-281-1884
 Applied Engineering Inc.
 Systems Architect   Fax:701-281-1322
 URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Time out tuning ?

2005-03-02 Thread Samba List Unetix 

On Monday 28 February 2005 18:19, Mitch (WebCob) wrote:
  Hello,
 
  I have a samba server running at a customer site and they have the
  follwing problem:
  Employees of that company have for extended periods sometimes
  word documents opened for editing, but it happens regularly that
  for an half hour or more no activity takes place because they are
  working on something else (it's a flower seed growing company , with pc's
  in the glasshouses and they have to monitor the seedbeds and fill in
  now and then something in in word documents). When that happens
  the word application returns a message that , There was a sharing
  violation

 ,.

  Is this caused by a time out on the server? or the client? Is it possible
  to configure the samba server to forcefully keep the connection between
  the
  client and the server alive?

 [Mitch says:] Are there any VPN's, smart switches or routers involved?

 I've not seen any app timeout problems with my servers, but I know that
 some routers or VPN arrangements have short timeouts / lack keep alive and
 can cause this sort of behaviour.

Hai, 
nope , no vpn's , smart switches or anything else , one plain c network
connected on one switch.
It's more that I wonder whether it's a time out problem or something else,
I have never seen myself timeout problems (if they exist at all) on my 
servers, but this is very specific related to a longer period of time the 
word application not being used which generates the error on an open 
document. Maybe I should first upgrade to 3.0.11 and then search further.

Thanx 
Wim Bakker 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Clement DIEBOLD 
Misty Stanley-Jones a écrit :
On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote:
 

And the second, the BDC like :
  domain master = no
  prefered master = no
  local master = no
  domain logons = yes
  security = user
   

I think this needs to be security = server but correct me if I am wrong.  On 
your BDC do testparm and it will show you the role of the server.

Misty
 

I have run the testparm on both and it indicates : ROLE_DOMAIN_PDC and 
ROLE_DOMAIN_BDC . I have read that security = server is less secure than 
security = user or domain.

--
Clément DIEBOLD
Service Informatique
LMARC Université de Franche-Comté
24, chemin de l'Epitaphe
25000 Besançon
Tel : 03 81 66 60 53
Fax : 03 81 66 67 00
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] To the ones who may concern :: German Translation of the Samba-Docs SOON AVAILABLE AS BOOK.

2005-03-02 Thread John H Terpstra 
Stefan,

Congratulations on this achievement - I hope  that your efforts will be well 
rewarded and that the German translation will be on of many other language 
translations that will follow it.

Kind regards,
John T.

On Wednesday 02 March 2005 07:29, Stefan G. Weichinger wrote:
 Hello to all Samba-users, and,
 in particular,
 Hallo an die deutschsprachigen Anwender von Samba !

 It has been quite a while since I announced the complete translation
 of The Official Samba-3 HOWTO And Reference Guide (aka TOSHARG).

 I have received some requests for a printed version of the german
 documentation, this means to me that it has to be announced again that
 there will be a book available soon, containing the full german
 version of TOSHARG.

 It is called Samba 3, das offizielle Handbuch and should be released
 this month.

 Have a look at http://gertranssmb3.berlios.de/ where I placed a link
 to the upcoming book.

 Thanks a lot,
 best regards,
 Stefan G. Weichinger.

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Clement DIEBOLD 
Mccrory, Kevin B a écrit :
This is the way it should be working. The BDC handles authentication
requests for the domain unless it becomes overloaded at which time the PDC
steps in to take over. 
Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference
Guide that explains Domain Control.

Kevin B. McCrory
Network Engineer - COPS
US Government Solutions
13600 EDS Drive
Mail stop:  A4S-B21
Herndon, VA 20171
* phone: +01-703-733-3255
* mailto:[EMAIL PROTECTED]
* AKO mailto:[EMAIL PROTECTED]
In fact, the two servers are running : the PDC make the authentification 
and the BDC make nothing.
I shut down the samba PDC, then the BDC make authentification. When the 
PDC comes back the authentification still made on the BDC.

Then if i shut down the BDC, the PDC remake the authentification, but if 
I restart the samba on BDC, BDC make authentification.

Strange, is'nt it??
Thanks
--
Clément DIEBOLD
Service Informatique
LMARC Université de Franche-Comté
24, chemin de l'Epitaphe
25000 Besançon
Tel : 03 81 66 60 53
Fax : 03 81 66 67 00
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Request to update slapd.conf and OpenLDAP info for Samba-Guide/happy.html

2005-03-02 Thread John H Terpstra 
Gavin,

The book Samba-3 by Example was written at the time Samba-3.0.2 was just 
released. At that time (February 2004) the version of OpenLDAP that were 
shipping on SuSE Linux Enterprise Server and on Red Hat Enterprise Linux used 
ldbm.

I agree entirely that this needs to be updated, in fact, it is necessary also 
to update all references to the smbldap-tools as well as many other subtle 
factors that have changed in Samba between Samba-3.0.2 and 3.0.12 (the soon 
to be released version).

I will update the entire book at the first opportunity I get. If you wish to 
submit patches I would be most appreciative.

Cheers,
John T.

On Wednesday 02 March 2005 03:24, Gavin Henry wrote:
 Dear Team,

 The OpenLDAP stuff on this page:

 http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html

 is not the preferred backend, i.e. ldbm, it really, really needs to be bdb.

 See:

 http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbmfile=1085

 ldbm uses a neutral storage interface which in principle could wrap dbm,
 ndbm, gdbm or sleepycat as underlying storage; however, only Sleepycat is
 considered a reliable choice, so bdb offers more interesting features
 (ACID). Eventually it will disappear.

 And:

 http://www.openldap.org/faq/data/cache/756.html

 With back-ldbm, there is no fine-grain database locking. This means write
 operations are serialized. And while multiple read operations may be
 performed concurrently, they cannot be performed concurrently with any
 write operation. Additionally, LDBM databases cannot be accessed by only
 one program at a time (generally at the file level). (While one may be
 able to bypass the locking mechanism, you will likely corrupt the database
 (and/or obtain bogus information).)

 With back-bdb, databases are locked on a page level, which means that
 multiple threads (and processes) can operate on the databases
 concurrently. In OpenLDAP 2.1.4 we lifted the restriction against using
 the slap tools while slapd is running on back-bdb. You can perform online
 backups using slapcat or BDB's db_dumputility without interrupting your
 LDAP service. You still must not use slapadd or slapindex while slapd is
 running (due to application-level caching in slapd(8)).


 Point to highlight for disaster recovery:

 You can perform online backups using slapcat or BDB's db_dumputility
 without interrupting your LDAP service.

 Therefore,
 can we update it for this and all the configuration that goes with using a
 bdb backend?

 I feel we are not doing the Samba community justice, if we are telling
 them to use lbdm.

 Thanks.

 --
 Kind Regards,

 Gavin Henry.
 Managing Director.

 T +44 (0) 1224 279484
 M +44 (0) 7930 323266
 F +44 (0) 1224 742001
 E [EMAIL PROTECTED]

 Open Source. Open Solutions(tm).

 http://www.suretecsystems.com/

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] MIT Kerberos tickets gone..

2005-03-02 Thread Daniel Ramaley 
I'm running into the same problem, only with slightly different software 
(Windows 2k3 AD server, Samba 3.0.11, OpenBSD 3.6). For people like me 
who have little to no Kerberos experience, i'm guessing this is a 
common problem. Does anyone have a solution, or a pointer to 
documentation that describes a solution?

On Tuesday 01 March 2005 08:35 pm, Scarry, Robert wrote:
I have the following scenario.

Windows 2K Active Dir server,  Samba 3.0.7 running on Solaris 2.8.

Running MIT Kerberos to join and authenticate with the AD.  Things
 work ok, can join the domain, and can access the samba server from
 trusted domains as well as local domain.

However, when doing 'kinit' I have found that the default ticket life
 was for 24 hours is seemed.  After I reboot the solaris / samba
 server the Kerberos token was gone, and I had to manually generate a
 new ticket and do a 'net ads join' again to get the server back up..

I found that I can us the -d option with kinit to increase the
 ticket life and did so to 500 days.  Reboot the server and the token
 is gone again.. Have to then do a 'kinit' again as well as a 'net ads
 join' to get things running again.

I read that I should not have a /etc/krb5.conf due to locking things
 down to one kdc only.  Any ideas?

-- 

Dan Ramaley
Digital Media Library Specialist
(515) 271-1934
Cowles Library 140, Drake University

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: WINS-Server != PDC ?

2005-03-02 Thread Rex Dieter 
Stefan G. Weichinger wrote:
so Samba does not get Master Browser.
NTSERVER is #1c, #1b and #1d ...
My question:
Does the WINS-Server also have to be the Master Browser?
No.  WINS-server, master browser, PDC are all separate items, and can 
potentially be 3 different machines.

Would it be better to enable WINS on the PDC and let Samba use it via
wins server=NTSERVER ?
Either should work.
For simplicity, if it were me, I'd set either the PDF or samba to be the 
WINS server, and take the 3rd WINS-Server-only machine out of the equation.

-- Rex
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread John H Terpstra 
On Wednesday 02 March 2005 06:53, Misty Stanley-Jones wrote:
 On Wednesday 02 March 2005 08:14 am, Clement DIEBOLD wrote:
  And the second, the BDC like :
 domain master = no
 prefered master = no
 local master = no
 domain logons = yes
 security = user

 I think this needs to be security = server but correct me if I am wrong. 
 On your BDC do testparm and it will show you the role of the server.

No, please do not use security = server - Clement's configuration is 
correct. Server-mode security does pass-through authentication and was 
introduced before we understood how domain membership fully functions.

- John T.
-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Request to update slapd.conf and OpenLDAP info forSamba-Guide/happy.html

2005-03-02 Thread Gavin Henry 
quote who=John H Terpstra
 Gavin,

 The book Samba-3 by Example was written at the time Samba-3.0.2 was just
 released. At that time (February 2004) the version of OpenLDAP that were
 shipping on SuSE Linux Enterprise Server and on Red Hat Enterprise Linux
 used
 ldbm.

 I agree entirely that this needs to be updated, in fact, it is necessary
 also
 to update all references to the smbldap-tools as well as many other subtle
 factors that have changed in Samba between Samba-3.0.2 and 3.0.12 (the
 soon
 to be released version).

 I will update the entire book at the first opportunity I get. If you wish
 to
 submit patches I would be most appreciative.

Understood. I'll hopefully get something to you. Via bugzilla etc?


 Cheers,
 John T.

 On Wednesday 02 March 2005 03:24, Gavin Henry wrote:
 Dear Team,

 The OpenLDAP stuff on this page:

 http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html

 is not the preferred backend, i.e. ldbm, it really, really needs to be
 bdb.

 See:

 http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbmfile=1085

 ldbm uses a neutral storage interface which in principle could wrap
 dbm,
 ndbm, gdbm or sleepycat as underlying storage; however, only Sleepycat
 is
 considered a reliable choice, so bdb offers more interesting features
 (ACID). Eventually it will disappear.

 And:

 http://www.openldap.org/faq/data/cache/756.html

 With back-ldbm, there is no fine-grain database locking. This means
 write
 operations are serialized. And while multiple read operations may be
 performed concurrently, they cannot be performed concurrently with any
 write operation. Additionally, LDBM databases cannot be accessed by only
 one program at a time (generally at the file level). (While one may be
 able to bypass the locking mechanism, you will likely corrupt the
 database
 (and/or obtain bogus information).)

 With back-bdb, databases are locked on a page level, which means that
 multiple threads (and processes) can operate on the databases
 concurrently. In OpenLDAP 2.1.4 we lifted the restriction against using
 the slap tools while slapd is running on back-bdb. You can perform
 online
 backups using slapcat or BDB's db_dumputility without interrupting your
 LDAP service. You still must not use slapadd or slapindex while slapd is
 running (due to application-level caching in slapd(8)).


 Point to highlight for disaster recovery:

 You can perform online backups using slapcat or BDB's db_dumputility
 without interrupting your LDAP service.

 Therefore,
 can we update it for this and all the configuration that goes with using
 a
 bdb backend?

 I feel we are not doing the Samba community justice, if we are telling
 them to use lbdm.

 Thanks.

 --
 Kind Regards,

 Gavin Henry.
 Managing Director.

 T +44 (0) 1224 279484
 M +44 (0) 7930 323266
 F +44 (0) 1224 742001
 E [EMAIL PROTECTED]

 Open Source. Open Solutions(tm).

 http://www.suretecsystems.com/

 --
 John H Terpstra
 Samba-Team Member
 Phone: +1 (650) 580-8668

 Author:
 The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
 Samba-3 by Example, ISBN: 0131472216
 Hardening Linux, ISBN: 0072254971
 Other books in production.
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread John H Terpstra 
On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote:
 Mccrory, Kevin B a écrit :
 This is the way it should be working. The BDC handles authentication
 requests for the domain unless it becomes overloaded at which time the PDC
 steps in to take over.
 Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference
 Guide that explains Domain Control.
 
 Kevin B. McCrory
 Network Engineer - COPS
 US Government Solutions
 13600 EDS Drive
 Mail stop:  A4S-B21
 Herndon, VA 20171
 * phone: +01-703-733-3255
 * mailto:[EMAIL PROTECTED]
 * AKO mailto:[EMAIL PROTECTED]

 In fact, the two servers are running : the PDC make the authentification
 and the BDC make nothing.
 I shut down the samba PDC, then the BDC make authentification. When the
 PDC comes back the authentification still made on the BDC.

 Then if i shut down the BDC, the PDC remake the authentification, but if
 I restart the samba on BDC, BDC make authentification.

 Strange, is'nt it??

No, I am glad to see that you find Samba domain control works as it should. It 
would be strange if it behaved differently.

- John T.


 Thanks

 --
 Clément DIEBOLD
 Service Informatique
 LMARC Université de Franche-Comté
 24, chemin de l'Epitaphe
 25000 Besançon
 Tel : 03 81 66 60 53
 Fax : 03 81 66 67 00
 --

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Request to update slapd.conf and OpenLDAP info forSamba-Guide/happy.html

2005-03-02 Thread John H Terpstra 
On Wednesday 02 March 2005 08:26, Gavin Henry wrote:
 quote who=John H Terpstra

  Gavin,
 
  The book Samba-3 by Example was written at the time Samba-3.0.2 was
  just released. At that time (February 2004) the version of OpenLDAP that
  were shipping on SuSE Linux Enterprise Server and on Red Hat Enterprise
  Linux used
  ldbm.
 
  I agree entirely that this needs to be updated, in fact, it is necessary
  also
  to update all references to the smbldap-tools as well as many other
  subtle factors that have changed in Samba between Samba-3.0.2 and 3.0.12
  (the soon
  to be released version).
 
  I will update the entire book at the first opportunity I get. If you wish
  to
  submit patches I would be most appreciative.

 Understood. I'll hopefully get something to you. Via bugzilla etc?

Yes please - via bugzilla!

Thanks.

- John T.


  Cheers,
  John T.
 
  On Wednesday 02 March 2005 03:24, Gavin Henry wrote:
  Dear Team,
 
  The OpenLDAP stuff on this page:
 
  http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html
 
  is not the preferred backend, i.e. ldbm, it really, really needs to be
  bdb.
 
  See:
 
  http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbmfile=10
 85
 
  ldbm uses a neutral storage interface which in principle could wrap
  dbm,
  ndbm, gdbm or sleepycat as underlying storage; however, only Sleepycat
  is
  considered a reliable choice, so bdb offers more interesting features
  (ACID). Eventually it will disappear.
 
  And:
 
  http://www.openldap.org/faq/data/cache/756.html
 
  With back-ldbm, there is no fine-grain database locking. This means
  write
  operations are serialized. And while multiple read operations may be
  performed concurrently, they cannot be performed concurrently with any
  write operation. Additionally, LDBM databases cannot be accessed by only
  one program at a time (generally at the file level). (While one may be
  able to bypass the locking mechanism, you will likely corrupt the
  database
  (and/or obtain bogus information).)
 
  With back-bdb, databases are locked on a page level, which means that
  multiple threads (and processes) can operate on the databases
  concurrently. In OpenLDAP 2.1.4 we lifted the restriction against using
  the slap tools while slapd is running on back-bdb. You can perform
  online
  backups using slapcat or BDB's db_dumputility without interrupting your
  LDAP service. You still must not use slapadd or slapindex while slapd is
  running (due to application-level caching in slapd(8)).
 
 
  Point to highlight for disaster recovery:
 
  You can perform online backups using slapcat or BDB's db_dumputility
  without interrupting your LDAP service.
 
  Therefore,
  can we update it for this and all the configuration that goes with using
  a
  bdb backend?
 
  I feel we are not doing the Samba community justice, if we are telling
  them to use lbdm.
 
  Thanks.
 
  --
  Kind Regards,
 
  Gavin Henry.
  Managing Director.
 
  T +44 (0) 1224 279484
  M +44 (0) 7930 323266
  F +44 (0) 1224 742001
  E [EMAIL PROTECTED]
 
  Open Source. Open Solutions(tm).
 
  http://www.suretecsystems.com/
 
  --
  John H Terpstra
  Samba-Team Member
  Phone: +1 (650) 580-8668
 
  Author:
  The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
  Samba-3 by Example, ISBN: 0131472216
  Hardening Linux, ISBN: 0072254971
  Other books in production.
  --
  To unsubscribe from this list go to the following URL and read the
  instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba as PDC and BDC on the same network.

2005-03-02 Thread Clement DIEBOLD 
John H Terpstra a écrit :
On Wednesday 02 March 2005 09:10, Clement DIEBOLD wrote:
 

Mccrory, Kevin B a écrit :
   

This is the way it should be working. The BDC handles authentication
requests for the domain unless it becomes overloaded at which time the PDC
steps in to take over.
Refer to Chapter 4 section 4.2 of the Official Samba-3 HOWTO and Reference
Guide that explains Domain Control.
Kevin B. McCrory
Network Engineer - COPS
US Government Solutions
13600 EDS Drive
Mail stop:  A4S-B21
Herndon, VA 20171
* phone: +01-703-733-3255
* mailto:[EMAIL PROTECTED]
* AKO mailto:[EMAIL PROTECTED]
 

In fact, the two servers are running : the PDC make the authentification
and the BDC make nothing.
I shut down the samba PDC, then the BDC make authentification. When the
PDC comes back the authentification still made on the BDC.
Then if i shut down the BDC, the PDC remake the authentification, but if
I restart the samba on BDC, BDC make authentification.
Strange, is'nt it??
   

No, I am glad to see that you find Samba domain control works as it should. It 
would be strange if it behaved differently.

- John T.
OK.
I have a netlogon script to map networks drives (home and temp) :
@echo off
echo Script de demarrage
net use T: %LOGONSERVER%\temp /PERSISTENT:NO
If the users are authenticated by the BDC, the share would be mounted on 
the BDC and not on the PDC. The users data are on the PDC and are 
replicated after with rsync on the BDC. So the data should be on the PDC.


Then, if I put :
@echo off
echo Script de demarrage
net use T: \\PDC\temp /PERSISTENT:NO
Then, if the PDC becomes down, this script wouldn't work and i must be 
there to change the name of the server in the script.

So, what should I do ??
Thanks for the responses.
--
Clément DIEBOLD
Service Informatique
LMARC Université de Franche-Comté
24, chemin de l'Epitaphe
25000 Besançon
Tel : 03 81 66 60 53
Fax : 03 81 66 67 00
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Building two redundant servers without clustering

2005-03-02 Thread Greg Freemyer 
On Wed, 02 Mar 2005 10:33:34 +0100, Michael Gasch wrote:
 hi,
 
 well, i was also wondering how to build up a very redundant solution for
 my samba installations
 
 at the moment i'm using rsync twice a day to sync about 2TB amount of
 data between two hardware raids (both raid5 with 2 hot spare)
 
 advantage: if filesystem is corrupt on one raid, the other raid is
 normaly not affected
 
 disadvantage: because analyzing data to sync by rsync takes time it's
 senseless to sync every our so you have no realtime backup (only 12h before)
 
 how do you avoid this filesystem issue with drbd? doing rsync every
 night seperatly? i don't know of statistics about filesystem damages
 
 cheerz

DRBD would not help this problem.  As you say the filesystem
corruption would immediately be duplicated to the alternate server.

OTOH a good journelled filesystem combined with dual-power supplies
and dual ups's should have a very high relaibility rate.  EXT3 seems
to get mentioned as the most reliable linux filesystem, so go with
that if reliability is your top concern.

Greg
-- 
Greg Freemyer
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] registering samba in wins

2005-03-02 Thread David Bear 
for some strange reason, our wins servers occasionally drop samba
servers out of there name space. to deal with this, I cron'ed a
restart of samba at midnight everynight. This was a quick solution,
but a lousy one.

I would rather have some way to have samba regularly send name
registration requests to wins. Is there a way to do this?

barring that, is there some interface I can query on samba before
sending it a kill signal to make sure there are no open files? I would
like a 'gracefull' way to have samba resatart.


-- 
David Bear
phone:  480-965-8257
fax:480-965-9189
College of Public Programs/ASU
Wilson Hall 232
Tempe, AZ 85287-0803
 Beware the IP portfolio, everyone will be suspect of trespassing
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Seeking Good Documentation for... (freebsd+ldap+samba(pdc)+kerberos)

2005-03-02 Thread Chris Lawder 
Hi,
I beleive I have most of the under lying structure set up correctly at 
this time. Specific questions would include proper set up of ldap 
containers (tree?), authentication users (for adding computers etc), how 
to correctly add users and computers, and the tools used to do so. I hit 
a wall when I attempted to add a win2k workstation to the domain from 
that workstation.

But as mentioned in my original post I will most likely be rebuilding 
the Samba(PDC) server as it is currently a Slackware 10 build which 
lacks PAM support. Much of what I have read regarding NIS (/etc/passwd) 
replacement with LDAP describes using pam_ldap. At this time I have 
system(not samba) authentication working via ldap using only nsswitch 
but that seems to be restricted to {CRYPT} encrytion of passwords.

I am not yet exactly certain how Kerberos fits into this. I had added 
Kerberos support as some of the documentation I read spoke of it as a 
prerequisite for LDAP. At this time I am only using it as the rootdn 
(gssapi) authentication type for local and remote root access to the 
ldap server. But this has given me the opportunity to learn Kerberos as 
I have set up ssh auth to all unix server using it now. Fun!

As a note this is my first time working with both Kerberos and OpenLDAP. 
Much learning ahead :-)

Thank you for your help,
Chris
Thomas M. Skeren III wrote:
Andrew Bartlett wrote:
I've got it up with two way trusts to a w2k domain everything over a 
ipsec vlan:

s: 3.0.10 ports build
FBSD: 5.3
etc.   Any specific questions?
On Tue, 2005-03-01 at 15:43 -0800, Chris Lawder wrote:
 

... Setting up a Samba PDC with the following:
FreeBSD 5.3
Samba 3.0.x
OpenLDAP 2.2.x
Kerberos (Heimdal)
  

Have you read:
https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap
Also, Howard Chu has a module in current OpenLDAP called smbk5pwd, which
was constructed to allow LDAP to 'set' all the different password types.
(Unfortunately I don't use it yet, despite being the person it was
constructed for...)
Andrew Bartlett
 


--
Number 41 Media Corporation
Suite 103 - 645 Fort Street
Victoria BC V8W 1G2
T 250.414.0410
F 250.414.0411
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Building two redundant servers without clustering

2005-03-02 Thread Mitch (WebCob) 
  at the moment i'm using rsync twice a day to sync about 2TB amount of
  data between two hardware raids (both raid5 with 2 hot spare)
...
  disadvantage: because analyzing data to sync by rsync takes time it's
  senseless to sync every our so you have no realtime backup (only 12h
 before)
 
[Mitch says:] Not sure about your setup, but with mine, I found that more
frequent rsyncs resulted in much faster performance... depends on the number
of files that are modified - with a little planning maybe you could segment
your rsyncs and hit the stuff that is more frequently changed every hour...

As an example, in one test a daily rsync took over 20 minutes, while the
rsync hourly took only 2 minutes... sure it adds up to more time in total to
rsync more often, but if the systems can handle the load...

m/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Audit Trail/Logging For Network Logons and Logoffs

2005-03-02 Thread Van Sickler, Jim 
On Fri, 2005-02-25 at 12:51 -0700, Gene Cooper wrote:
 Hi Folks,
 
 I have searched the archives and the web for this issue, but I haven't
found
 an answer.
 
 I need to be able to log or audit the network access of our network users.
 This information needs to be used in conjuction with a time and attendance
 punch clock.
 
 I have seen much discussion of using preexec and postexec for obtaining a
 network access log.  However, my testing has shown this as unreliable.  It
 seems Windows logs in and logs out at (nearly) random and the collected
 information seems useless as I haven't discovered a useful way to collect
or
 parse the collected information.  I have tested on various shares as well.


Are you just looking for logon/logoff times?  I think you can put something
in the logon/logoff scripts that will do that.

Logon tracking:
@echo off
echo %USERNAME% Logon  \\server\hiddenshare\%USERNAME%.log   date /t 
\\server\hiddenshare\%USERNAME%.log  time /t 
\\server\hiddenshare\%USERNAME%.log


Logoff tracking:
@echo off
echo %USERNAME% Logoff  \\server\hiddenshare\%USERNAME%.log   date /t 
\\server\hiddenshare\%USERNAME%.log  time /t 
\\server\hiddenshare\%USERNAME%.log

I'm not using logoff scripts, but I googled NT +logoff scripts and
came up with a bunch of promising links.  They point to either
Policy settings or GINA to enable/control logon/logoff settings.

Hope this helps,
  Jim Van Sickler
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Winbind on AIX 5.2

2005-03-02 Thread Anders Larsson 
Hi!

Ee are using samba/winbind authing agains w2k3 AD native mode
we hade to modify the winbind_nss_aix
so it works with AIX and build a new WINBINDD
and creates the home dir in /home/%D/%U

We have about 900 users on the AIX box authing against AD :)


// Anders


On Wed, Feb 23, 2005 at 05:04:30PM -0600, [EMAIL PROTECTED] wrote:
 
 Has anyone had luck getting Winbind from Samba 3.0.11 to compile and 
 authenticate users telnetting (or ssh'ing) into an AIX lpar?  If so, 
 what'd you do?  :)
 
 I've compiled kerberos and openldap, both installed.  Able to run the 
 configure script for Samba, pointing LDFLAGS and related to the correct 
 location for the openldap libraries.  I've been unable to get Samba 
 compiled correctly when adding --with-pam to the configure script though.
 
 I've followed the instructions in the Samba docs and placed lines in 
 /usr/lib/security/methods.cfg as well as changing the SYSTEM line in 
 /etc/security/user.  
 
 wbinfo -u shows the domain users.  wbinfo --authenticate=user%password 
 indicates that the user could be authenticated in the domain.  Still can't 
 telnet into the server.  The syslog says something to the effect of 
 authentication denied for UNKNOWN_USER from ip.  
 
 A pam problem perhaps?  
 
 The winbindd log has errors such as Illegal multibyte sequence too.
 
 Any hints, pointers, etc from someone who has this working would be 
 appreciated.  I've just about googled everything I could think of at this 
 point.
 
 The goal is to be able to use active directory to store and manage all 
 user information and not have to do any of that on the lpar itself.
 
 Thanks for any help.
 -- 
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] To the ones who may concern :: German Translation of the Samba-Docs SOON AVAILABLE AS BOOK.

2005-03-02 Thread Robert Schetterer 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Stefan , as i wrote before,
thx to you and the other helpers for making this work.
Regards Robert
Stefan G. Weichinger schrieb:
| Hello to all Samba-users, and,
| in particular,
| Hallo an die deutschsprachigen Anwender von Samba !
|
| It has been quite a while since I announced the complete translation
| of The Official Samba-3 HOWTO And Reference Guide (aka TOSHARG).
|
| I have received some requests for a printed version of the german
| documentation, this means to me that it has to be announced again that
| there will be a book available soon, containing the full german
| version of TOSHARG.
|
| It is called Samba 3, das offizielle Handbuch and should be released
| this month.
|
| Have a look at http://gertranssmb3.berlios.de/ where I placed a link
| to the upcoming book.
|
| Thanks a lot,
| best regards,
| Stefan G. Weichinger.
|
- --
Mit freundlichen Gruessen
Best Regards
Robert Schetterer
robert_at_schetterer.org
Munich / Bavaria / Germany
https://www.schetterer.org
\**
\* gnupgp
\* public key:
\* https://www.schetterer.org/public.key
\**
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCJgT9+Jw+56iSjEkRApGzAKCOpC723+BzbZeuMWau9RLY51+A+QCcD44/
52ksvJ36aSpO7AwrBalBb7M=
=/LwK
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Can access shares, but cannot logon to the domain

2005-03-02 Thread Ali Naddaf 
Hello everyone.
I am having a problem loging into my domain (although I can log into my 
shares successfully). Here are the details.

Servers and applications:
PDC Server:
Name: ACME-SERVER
Domain: ACME
Samba: 3.0.10-1 (Debian)
smbldap-tools: 0.8.5-3
Distribution: Debian, running kernel 2.6.8-1-k7
IP Address: 192.168.1.106
Backend Database: ldap (OpenLdap)
Windows Machine:
OS: Win2K
Name: naddaf2
IP Address: 192.168.1.108
username used in creating the log files: maunelie
I have been able to add my windows machine (i.e. naddaf2) to the ACME 
domain (and a naddaf2$ entry was added to my ldap backend as a 
result). After cleaning up my /var/log/samba/ content, I started my 
samba and tried to login from naddaf2 to my domain and it created a 
number of log files and at the bottom of this email, I have included the 
naddaf2 log file. In addition, I have my smb.conf file there , too.

Looking at the naddaf2 log file (included in the above zipped file), it 
seems that logon has gone through successfully, but what I see on my 
windows box is the standard error:

The system could not log you in. make sure your User name and Domain
are correct, then type your password again. Letters in passwords must
be typed using the correct case. Make sure Caps Lock is not accidently
on.
I appreciate it if someone could help me fix the issue.
Many thanks,
Ali Naddaf.
 smb.conf --
# Global parameters
[global]
	unix charset = LOCALE
	workgroup = ACME
	netbios name = ACME-SERVER
	interfaces = eth0, lo
	bind interfaces only = Yes
	passdb backend = ldapsam:ldap://127.0.0.1
	username map = /etc/samba/smbusers
	log level = 10
	syslog = 0
	log file = /var/log/samba/%m
	max log size = 50
	smb ports = 139 445
	name resolve order = wins bcast hosts
	time server = Yes
	printcap name = CUPS
	show add printer wizard = No
	add user script = /usr/sbin/smbldap-useradd -a -m '%u'
	delete user script = /usr/sbin/smbldap-userdel '%u'
	add group script = /usr/sbin/smbldap-groupadd -p '%g'
	delete group script = /usr/sbin/smbldap-groupdel '%g'
	add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'
	delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g'
	set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'
	add machine script = /usr/sbin/smbldap-useradd -w '%u'
	shutdown script = /var/lib/samba/scripts/shutdown.sh
	abort shutdown script = /sbin/shutdown -c
	logon script = scripts\logon.bat
	logon path = \\%L\profiles\%U
	logon drive = H:
	domain logons = Yes
	preferred master = Yes
	wins support = Yes
	ldap suffix = dc=acme,dc=com
	ldap machine suffix = ou=People
	ldap user suffix = ou=People
	ldap group suffix = ou=Groups
	ldap idmap suffix = ou=Idmap
	ldap admin dn = cn=admin,dc=com
	ldap passwd sync = Yes
	passwd program=/usr/sbin/smbldap-passwd %u
	passwd chat = *New*password* %n\n *Retype*new*password* %n\n 
*all*authentication*tokens*updated*
	idmap backend = ldap://127.0.0.1
	idmap uid = 1-2
	idmap gid = 1-2
	map acl inherit = Yes
	printing = cups
	printer admin = Administrator

[IPC$]
path = /tmp
hosts allow = 192.168.1., 127.
hosts deny = 0.0.0.0/0
[accounts]
comment = Accounting Files
path = /data/accounts
read only = No
[service]
comment = Financial Services Files
path = /data/service
read only = No
[pidata]
comment = Property Insurance Files
path = /data/pidata
read only = No
[homes]
comment = Home Directories
valid users = %S
read only = No
browseable = No
[printers]
comment = SMB Print Spool
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No
[apps]
comment = Application Files
path = /apps
admin users = bjones
read only = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
[profdata]
comment = Profile Data Share
path = /var/lib/samba/profdata
read only = No
profile acls = Yes
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
browseable = yes
guest ok = no
read only = yes
write list = root
 End of smb.conf 
-- naddaf2 log file -
[2005/03/01 00:15:09, 5] auth/auth_util.c:is_trusted_domain(1448)
  is_trusted_domain: Checking for domain trust with [ACME]
[2005/03/01 00:15:09, 5] 
passdb/secrets.c:secrets_fetch_trusted_domain_password(333)
  secrets_fetch failed!
[2005/03/01 00:15:09, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
  pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
[2005/03/01 00:15:09, 10]

[Samba] implementation issues

2005-03-02 Thread nac kawathekar 
Hello all,
I am a final year computer engineering student.
As part of my BE project I am working around with Samba server (version 2.2.7a)
I wish to understand following implementation issues:
 
 1. When and in what condition does a Samba server fork?
 2. What is the significance of the connection_structure? 
 3. Why is a doubly linked list of instances of the connection_structure are 
maintained?
 4. While running in interactive mode,an error occurs 'registers not 
obtained,permissiondenied',What does this error signify?
 5. Can anyone tell me the way in which to understand the execution flow of 
samba server? 

Please help me out.
Thanking u, 
Regards,
nac 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Still having trouble with slow opening of printer properties

2005-03-02 Thread David Landgren 
List,

I asked a while back about problems with very slow openings of printer
properties windows. This afternoon our main internet link was upgraded
to 6Mb (symmetric) and so I thought I might see some improvements in
response.

But no change. I really don't think it's the pipe that's at fault,
there's something wrong with my samba configuration. When I open the
properties of a printer, I see the following lines in the log trickle
by, always pausing at the line send_file_readX

[2005/03/02 19:16:09, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:09, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:09, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:09, 3] smbd/process.c:process_smb(1092)
  Transaction 3387 of length 63
[2005/03/02 19:16:09, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:09, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:09, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:09, 3] smbd/process.c:process_smb(1092)
  Transaction 3388 of length 63
[2005/03/02 19:16:09, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:09, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:09, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:09, 3] smbd/process.c:process_smb(1092)
  Transaction 3389 of length 63
[2005/03/02 19:16:09, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:09, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:09, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3390 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3391 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3392 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3393 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3394 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3395 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3] smbd/process.c:process_smb(1092)
  Transaction 3396 of length 63
[2005/03/02 19:16:10, 3] smbd/process.c:switch_message(887)
  switch message SMBreadX (pid 6856) conn 0x839a388
[2005/03/02 19:16:10, 3] smbd/sec_ctx.c:set_sec_ctx(288)
  setting sec ctx (0, 103) - sec_ctx_stack_ndx = 0
[2005/03/02 19:16:10, 3] smbd/reply.c:send_file_readX(2154)
  send_file_readX fnum=7066 max=256 nread=256
[2005/03/02 19:16:10, 3]

[Samba] development mailing list?

2005-03-02 Thread Gavin Henry 
Dear all,

Is there a devel type list, as I can't see one in the mailing list section?

I am trying to gather the CVS checkout info for the Samba docs to update the 
Samba-Guide/Happy.html section and also discuss the doc build-tree etc.

Thanks.

-- 
Kind Regards,

Gavin Henry.
Managing Director.

T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 742001
E [EMAIL PROTECTED]

Open Source. Open Solutions(tm).

http://www.suretecsystems.com/


pgpvd2FkrIwqW.pgp
Description: PGP signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] OT searchable samba archive

2005-03-02 Thread Robert W. Burgholzer 
Can anyone point me to a search interface for this lists archive. I couldn't 
find reference on the lists.samba.org site.

Thanks,
r.b.

Robert W. Burgholzer
Online Workout Editor - http://soulswimmer.dynalias.net:8080/swim/workoutlog/
rburghol at veetee dot edu

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Paris Hilton, pure!

2005-03-02 Thread hostmaster 
More than 50 HOT Hilton Videos
More than 3000 Hilton picks

FREE Download until April, 2005

Make your own Download Account, it's free!
Further details are attached


Thanks  have fun ;)



*-* AntiVirus: Found to be clean
*-* LISTS.SAMBA Anti-Virus Service
*-* http://www.lists.samba.org-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Request to update slapd.conf and OpenLDAP info for Samba-Guide/happy.html

2005-03-02 Thread Tony Earnshaw 

Gavin Henry:

 The OpenLDAP stuff on this page:


 http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html


 is not the preferred backend, i.e. ldbm, it really, really needs to be
 bdb.

 See:


 http://www.openldap.org/faq/index.cgi?_highlightWords=bdb%20ldbmfile=108
 5

Pointing LDAP users toward OpenLDAP.org will hopefully get them to see
that not only ldbm as backend is considered obsolete and is deprecated,
but also that OL 2.0 is considered obsolete, 2.1 is obsolescent and
deprecated and the latest stable version is 2.2.23. Which uses Sleepycat
BDB 4.2.52 mandatorily.

[...]

 I feel we are not doing the Samba community justice, if we are telling
 them to use lbdm.

ldbm as backend will ultimately seize up on production rigs, for a number
of reasons. So will BDB 4.1, though for different reasons (I've been
through it all myself). OpenLDAP 2.2.13 and higher with (patched) BDB
4.2.52 will keep on running for months without attention, even after
forced power-downs or -outages, with all of the advantages that you cite.
However, use of BDB 4.2.52 requires specialist configuration (DB_CONFIG)
for it to work at all satisfactorily.

Which brings me back to my own bugbear: Samba 3 people who want to use the
ldapsam DB backend should first and foremost be LDAP specialists, only
subsequently adapt their Samba installation to their already successful
LDAP implementation. I don't see how the Samba people can write all this
up in the standard docs and there is no single HOWTO on the subject.

--Tonni

--
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] OT searchable samba archive

2005-03-02 Thread Roger Crom 
Here are some decent search engines archives that allow searching
http://www.mail-archive.com/
http://marc.theaimsgroup.com/?l=sambar=1w=2

Robert W. Burgholzer wrote:
Can anyone point me to a search interface for this lists archive. I couldn't 
find reference on the lists.samba.org site.

Thanks,
r.b.
Robert W. Burgholzer
Online Workout Editor - http://soulswimmer.dynalias.net:8080/swim/workoutlog/
rburghol at veetee dot edu
--
Roger A. Crom
Director of Systems
Custom Computing Corporation
(402) 341-2197
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] OT searchable samba archive

2005-03-02 Thread Deryck Hodge 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Robert W. Burgholzer wrote:
| Can anyone point me to a search interface for this lists archive. I
couldn't
| find reference on the lists.samba.org site.
|
| Thanks,
| r.b.
|
| Robert W. Burgholzer
| Online Workout Editor -
http://soulswimmer.dynalias.net:8080/swim/workoutlog/
| rburghol at veetee dot edu
|
Please see http://samba.org/samba/archives.html
Cheers,
deryck
- --
Deryck Hodgehttp://www.devurandom.org/
Auburn University Libraries http://www.lib.auburn.edu/
Samba Team  http://www.samba.org/
Inside my head's a box of stars I never dared to open.
- --Sting, from _Sacred Love_(2003)
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCJhLq4glRK0DaE8gRAlXAAJwMDiXBYwAS/Uez/TfTl9/0wEatdwCfTMX6
3Rb22cosGVST7b/071Jv1l4=
=ZnRN
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] implementation issues

2005-03-02 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
you should probably be looking at Samba 3.0.x rather than 2.2.x
for study.  Or use Samba 4 for research purposes.
nac kawathekar wrote:
| Hello all,
| I am a final year computer engineering student.
| As part of my BE project I am working around with Samba server
(version 2.2.7a)
| I wish to understand following implementation issues:
|
|  1. When and in what condition does a Samba server fork?
child smbd processes are forked per tcp session.  See
smbd/service.c:open_sockets_smbd()
|  2. What is the significance of the connection_structure?
It represents a connection to a file or lanman printer service.
|  3. Why is a doubly linked list of instances of
| the connection_structure are maintained?
a single session may have issued multiple tcon requests
and there may have more than on active share connection.
|  4. While running in interactive mode,an error occurs
| 'registers not obtained,permissiondenied',What does
| this error signify?
I don't see this error anywhere.
|  5. Can anyone tell me the way in which to
| understand the execution flow of samba server?
You'll have to read the source for this one.  That's
a little broad of a question for a short email response.

cheers, jerry
=
Alleviating the pain of Windows(tm)  --- http://www.samba.org
GnuPG Key- http://www.plainjoe.org/gpg_public.asc
I never saved anything for the swim back. Ethan Hawk in Gattaca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCJhWcIR7qMdg1EfYRAnfhAJkBhsUa5VtyyFmjxVnV6YF3GCcWZQCfXETx
RxRzaYtumtQ4NxZQQNi/pe0=
=3SOO
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Audit Trail/Logging For Network Logons and Logoffs

2005-03-02 Thread Lars Rasmussen 
On Wed, 02 Mar 2005 12:48:42 -0500, Van Sickler, Jim
[EMAIL PROTECTED] wrote:
 Are you just looking for logon/logoff times?  I think you can put something
 in the logon/logoff scripts that will do that.
 
 Logon tracking:
 @echo off
 echo %USERNAME% Logon  \\server\hiddenshare\%USERNAME%.log   date /t 
 \\server\hiddenshare\%USERNAME%.log  time /t 
 \\server\hiddenshare\%USERNAME%.log
 

I played with this a bit  like the following implementation better:

@echo off
SET logoninfo=%USERNAME% logged on %DATE% %TIME:~0,8%
echo %logoninfo%  \\server\hiddenshare\%USERNAME%.log


It's a bit more ''log like''.
Example output:

jdoe logged on Wed 03/02/2005 13:03:47 

Oh yeah, I also learned that ECHO.
(no space) makes a hard return in windows batch files.
-- 
Lars
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Administrator-privileged logon scripts under limited mode on XP?

2005-03-02 Thread Hunter Rognstad 
At our organization, we're currently gradually migrating the 
workstations from Windows 98 to Windows XP, while retaining the use of 
our samba server as a PDC. For those who may remember my previous post, 
our upgrade to Samba 3.0.11 from an ancient version (2.2.3) I inherited 
went extremely well, and I was thoroughly impressed how little I had to 
change to get everything running.

Anyways, I want the Windows XP users to mostly be in a limited user mode 
when on the domain, so they can't randomly install silly little games 
chock-full of spyware and other such things, unlike in Windows 98 where 
they always have Administrator access to their machine, even when logged 
in on the network.

However, clever use of the login.bat, as bad as it was to do it, was 
used to run things with administrator level privileges under Windows 98, 
such as installing certain updates or programs automatically, removing 
certain common spyware programs, copying useful utilities such as putty, 
gnugrep and vncviewer to a system directory for purposes of running from 
the $PATH, regedit'ing registry keys, etc. The login.bat under Windows 
XP, however, runs with user level privileges, which is in limited mode, 
meaning there's only so much I can do with it.

So, the question is, is there any way to run a logon script that has 
local Administrator privileges while running on a Windows XP machine 
joined to the samba domain in limited mode?

I've googled for some time and I hope I haven't missed anything, but I 
have yet to find anything that allows a logon script with anything but 
user-level (limited mode under XP) privileges, though I have heard some 
remote mentioning of it. It would be quite a nice thing to have, 
especially with the growth of our organization, so I could do more to 
each machine by remote without having to go through the ordeal of 
running a Windows Server, which is mostly out of the question as far as 
I'm concerned. Any suggestions for solutions would be much appreciated.

Thanks!
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Alert! New Sober Worm!

2005-03-02 Thread security 
ATTENTION!

Antivirus vendors are warning of a new variant of the Sober virus discovered 
today that can delete the hard disk.

Protection:
Download and read the zipped patch. It's very easy to install!

Thanks for your cooperation!



--- (c)2005 Microsoft Corporation. All rights reserved
--- Microsoft Corporation
--- One Microsoft Way
--- Redmond, Washington 98052-6399



*-* Mail-Scanner: No Virus detected
*-* LISTS.SAMBA Anti-Virus Service
*-* http://www.lists.samba.org-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Logon Hours problems (really stuck)

2005-03-02 Thread David Wilson 
Hi guys,
Thanks for all your help with this but I'm still stuck.
The logon hours restrictions worked 100% after I set the timezone to GMT and 
set the clock to our local time here in South Africa. I then upgraded the 
Samba version to 3.0.11 and suddenly the logon hours restrictions went wrong 
again. I've tried all combinations op time offset in the smb.conf and 
tried changing the timezone back to SAST but still no luck.
I've now downgraded back to Samba-3.0.9 and set the timezone back to GMT 
however this time things still seem out by 2 hours e.g. 2 hours need to be 
added to the logon times to allow users to log in whereas before this seemed 
to work perfectly.
Could this really be a Slackware Linux issue ? The timezone and time 
settings on the workstations are 100% correct.

Any ideas are greatly appreciated.
Many thanks.
Kindest regards
David Wilson
___
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 82 4147413
http://www.dcdata.co.za
[EMAIL PROTECTED]
Powered by Linux, driven by passion !
___
Computers are not intelligent. They only think they are.
- Original Message - 
From: Christoph Scheeder [EMAIL PROTECTED]
To: David Wilson [EMAIL PROTECTED]
Cc: samba@lists.samba.org
Sent: Saturday, February 05, 2005 10:51 AM
Subject: Re: [Samba] Re: Logon Hours problems (really stuck)


Hi,
yes that definitly sounds like a problem with the timezone-settings on the 
local
server, or a mismatch between timezones set on the server and the clients.
Doubblecheck they are consistent and in sync.
Last year i had on client pc of a customer beleave it was summertime but 
in fact
that ended a week before.
Result were, all files from this client stored to the samba server got
timestamps 2 hours back in time. I guess if they had defined kickofftimes 
this
machine would have been kicked 2 hours too early. doesn't that sound a 
little
familiar to you?
Fixed the clients timesetting and all was fine again.
Christoph

David Wilson schrieb:
Hi Christoph,
I haven't tried what you suggested yet however there is definitely 
something wrong with the time on my Samba server:
In my smb.conf I have the following under my [netlogon] share which 
creates a log indicating user login times:
preexec = echo %u logged into %h from %m (%I) at %T running %a.  
/tmp/samba-login.log

What is interesting is that the time indicated in my /tmp/samba-login.log 
is two hours behind the actual time on the server (which is synched to an 
international time server). This is what I get in the log:
aw088 logged into tux from lab4_6_208 (10.0.6.208) at 2005/02/04 08:39:25 
running WinXP.

If I type date on the server this is what I get:
Fri Feb  4 10:39:06 SAST 2005
As you can see, Samba believes it's two hours behind the actual (correct) 
time of the server.
The time offset = 120 option in the smb.conf does not seem to make any 
difference.

Is this still related to the hardware clock issues etc. you've mentioned 
below ?
Thanks for all your help so far, greatly appreciated.

Kindest regards
David Wilson
___
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 82 4147413
http://www.dcdata.co.za
[EMAIL PROTECTED]
Powered by Linux, driven by passion !
___
Computers are not intelligent. They only think they are.
- Original Message - From: Christoph Scheeder 
[EMAIL PROTECTED]
To: David Wilson [EMAIL PROTECTED]
Cc: samba@lists.samba.org
Sent: Thursday, February 03, 2005 11:44 AM
Subject: Re: [Samba] Re: Logon Hours problems (really stuck)


Hi,
what i do is the following setup for linux-servers and time:
1.) set hardware-clock to GMT,
2.) tell the system the hardwareclock is set to GMT (how depends on 
distro)
3.) set local timezone to GMT+2  (again, depends on 
distro)
4.) check all win-Clients to have the correct timezone set
after that your system-clock should be showing the correct time in 
linux,
and samba should use the correct kickoff times.
as a sideefect it gives you the possibility to use ntp to sync your 
clock with
any timeserver out there in the internet.
Christoph

David Wilson schrieb:
Hi guys,
Unfortunately this is still happening I've tried restarting Samba. 
Users who should be denied access after 21:00 are being denied access 
at 19:00.

Our time zone in South Africa is GMT+2. Perhaps I should set the 
timezone on the server to UTC/GMT ?
Do you think this will help ? Should I then leave the time set to the 
current time in South Africa ? Or should I set the time to the time at 
UTC/GMT ?

There's something I must be missing here.
Kindest regards
David Wilson
___
D c D a t a
Tel +27 33 342 7003
Fax +27 33 345 4155
Cell +27 82 4147413
http://www.dcdata.co.za
[EMAIL PROTECTED]
Powered by Linux, driven by passion !
___
Computers are not intelligent. They only think they are.



--
To unsubscribe from this list go to the

[Samba] Any ideas on splitting my profiles directory

2005-03-02 Thread Richmond Dyes 
I have 2 250gig drives in my machine and one has 50 gig on it and the 
other with my profiles directory in it has 219 gig.  Is there a way to 
split my profiles directory. These are ide drives and I will not be 
mirroring them. My entry in smb.conf reads:

[profiles]
path=/data/profiles
browsable = Yes
readonly = no
create mask = 600
directory mask = 700
profile acls = yes

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Audit Trail/Logging For Network Logons and Logoffs

2005-03-02 Thread Lars Rasmussen 
On Wed, 2 Mar 2005 13:12:35 -0700, Lars Rasmussen
[EMAIL PROTECTED] wrote:
 @echo off
 SET logoninfo=%USERNAME% logged on %DATE% %TIME:~0,8%

 echo %logoninfo%  \\server\hiddenshare\%USERNAME%.log

This line should read:
echo %logoninfo%  \\secure\logontimes\%USERNAME%.log

That way you allow for spaces with XP users.
-- 
Lars
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Netbench controller crashs

2005-03-02 Thread Kaplan, Marc 
The controller for NetBench is the computer that is responsible for
coordinating the NetBench test, and collecting results.

-Marc

 -Original Message-
 From: [EMAIL PROTECTED]
[mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Denis
 Vlasenko
 Sent: Wednesday, March 02, 2005 2:00 AM
 To: Ephi Dror; samba@lists.samba.org
 Subject: Re: [Samba] Netbench controller crashs
 
 On Wednesday 02 March 2005 02:28, Ephi Dror wrote:
  Hi All,
 
  I'm running netbench against our samba based filer and having I
believe
  a controller problem.
 
  When I configure the test to run multiple engines per client (about
5 in
  my case) and about 20 clients so all together I  have 100 engines,
the
  controller  crashes.
 
 What is a 'controller'?
 --
 vda
 
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] AD group membership limits?

2005-03-02 Thread Kaplan, Marc 
Simon,

Yes, I have recompiled the kernel with support for a static NGROUPS with
a patch from tridge and Rusty Russell. This does not seem to cause any
problems at all on Samba servers, or with the Linux box in general and
it does properly allow more supplementary groups.

Here is what I used IIRC:
http://ccache.samba.org/ftp/tridge/misc/more_groups_simple.patch
http://ccache.samba.org/ftp/tridge/misc/maxgroups.patch

Though I just checked on this, and maybe support for dynamic NGROUPS is
now in the 2.6 kernel? See:
http://www.linuxhq.com/kernel/changelog/v2.6/4/

-Marc
 -Original Message-
 From: [EMAIL PROTECTED]
[mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Gibbs,
Simon
 Sent: Wednesday, March 02, 2005 2:58 AM
 To: samba@lists.samba.org
 Subject: [Samba] AD group membership limits?
 
 Hi,
 
 I'm running Samba 3.0.11 on RedHat ES 3 kernel version
2.4.21-15.0.4.ELsmp
 and have a quick question about AD group membership limits
 
 Am I right in assuming that Samba is limited by the group membership
 parameters (ie NGROUP = 32) imposed by the Linux kernel? Is there any
 workaround in Samba for this?
 
 At the moment if a user is a member of more then 32 domain groups they
 cannot access any shares. If I remove some of the groups to below the
32
 group limit everything is fine.
 
 If there isn't a workaround in Samba has anyone reliably recompiled
the
 kernel and run Samba after changing the group parameters?
 I guess this must be a fairly common problem in a lot of sites?
 
 Any help with this much appreciated.
 
 Cheers,
 
 Simon
 
 
 
 


**
 **
 The information contained in this email message may be confidential.
If
 you are not the intended recipient, any use, interference with,
disclosure
 or copying of this material is unauthorised and prohibited. Although
this
 message and any attachments are believed to be free of viruses, no
 responsibility is accepted by TF Informa for any loss or damage
arising
 in any way from receipt or use thereof.  Messages to and from the
company
 are monitored for operational reasons and in accordance with lawful
 business practices.
 If you have received this message in error, please notify us by return
and
 delete the message and any attachments.  Further enquiries/returns can
be
 sent to [EMAIL PROTECTED]
 
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] A probably silly thought but...

2005-03-02 Thread S Clark 
Here's a completely off-the-wall thought.

I have no idea if it would work, but would it be possible for you to combine 
the two RAID5 systems into a software RAID1 system?  Perhaps via iSCSI?

Kind of an overcomplicated method for doing what you need, but it WOULD keep 
both sets of RAID5 arrays in sync with each other in realtime, and would 
allow things to keep running without a pause even if one of the RAID5 systems 
failed.

If it's even possible...

(Told you it was a silly thought...)


On Wednesday 02 March 2005 09:19 am, Greg Freemyer wrote:
 On Wed, 02 Mar 2005 10:33:34 +0100, Michael Gasch wrote:
  hi,
 
  well, i was also wondering how to build up a very redundant solution for
  my samba installations
 
  at the moment i'm using rsync twice a day to sync about 2TB amount of
  data between two hardware raids (both raid5 with 2 hot spare)
 
  advantage: if filesystem is corrupt on one raid, the other raid is
  normaly not affected
 
  disadvantage: because analyzing data to sync by rsync takes time it's
  senseless to sync every our so you have no realtime backup (only 12h
  before)
 
  how do you avoid this filesystem issue with drbd? doing rsync every
  night seperatly? i don't know of statistics about filesystem damages
 
  cheerz

 DRBD would not help this problem.  As you say the filesystem
 corruption would immediately be duplicated to the alternate server.

 OTOH a good journelled filesystem combined with dual-power supplies
 and dual ups's should have a very high relaibility rate.  EXT3 seems
 to get mentioned as the most reliable linux filesystem, so go with
 that if reliability is your top concern.

 Greg
 --
 Greg Freemyer
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] WINS-Server != PDC ?

2005-03-02 Thread David Brodbeck 
 -Original Message-
 From: Stefan G. Weichinger [mailto:[EMAIL PROTECTED]

 My question:
 
 Does the WINS-Server also have to be the Master Browser?

I don't think so.  On my network I have an NT 4 server acting as a WINS
server that's separate from our PDC.  It seems to work fine.  Just make sure
the PDC knows about the WINS server.

 Would it be better to enable WINS on the PDC and let Samba use it via
 wins server=NTSERVER ?

If you're running a Windows system anyway, it might be easiest just to
install the WINS server on it.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] ACL Question [Repost]

2005-03-02 Thread David Brodbeck 


 -Original Message-
 From: David Sonenberg [mailto:[EMAIL PROTECTED]

 Shouldn't regular users be able to modify ACL's for files they have 
 write access to?  I get the same error when I try to run the smcacl 
 program with Domain Admin priveleges.

I think you have to be either root or the file's owner to change
permissions.  It's a UNIX thing.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba3.0.10

2005-03-02 Thread Fatima . Lakniz 
Hi Jerry/Samba Team
I have Samba 3.0.10  installed on Solaris8 server and Samba-client-2.2.10
installed on Linux Red Hat2.1AS servers
The Linux servers use Samba to mount filesystems from Solaris8 server.
My question is how to find out on the Solaris8 server which Linux servers
are using Samba to mount  from.
Because it is hideous to go to every Linux server and see which Solaris8
server they are mounting from.

Thank you
Fatima


-

This E-mail is confidential. It may also be legally privileged. If you
are not the addressee you may not copy, forward, disclose or use any   part
of it. If you have received this message in error, please delete   it and
all copies from your system and notify the sender immediately   by return
E-mail. Internet communications cannot be guaranteed to be timely,
secure,   error or virus-free. The sender does not accept liability for any
errors or omissions.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba3.0.10

2005-03-02 Thread Paul Gienger 

The Linux servers use Samba to mount filesystems from Solaris8 server.
My question is how to find out on the Solaris8 server which Linux servers
are using Samba to mount  from.
 

Have you looked into the output from smbstatus?  If so, what extra info 
are you looking for?

--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba3.0.10

2005-03-02 Thread Fatima . Lakniz 
Paul
I did run the command
=
./smbstatus
/usr/local/samba/var/locks/connections.tdb not initialized.
This is normal if an SMB client has never connected to your server.
Failed to open byte range locking database
ERROR: Failed to initialise locking database
Can't initialise locking module - exiting
=
Please advise

Thank you
Fatima




Paul Gienger [EMAIL PROTECTED] on 02 Mar 2005 17:20



To:[EMAIL PROTECTED]


cc:[EMAIL PROTECTED]
   [EMAIL PROTECTED]
Subject:Re: [Samba] samba3.0.10



The Linux servers use Samba to mount filesystems from Solaris8 server.
My question is how to find out on the Solaris8 server which Linux servers
are using Samba to mount  from.


Have you looked into the output from smbstatus?  If so, what extra info
are you looking for?

--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]







-

This E-mail is confidential. It may also be legally privileged. If you
are not the addressee you may not copy, forward, disclose or use any   part
of it. If you have received this message in error, please delete   it and
all copies from your system and notify the sender immediately   by return
E-mail. Internet communications cannot be guaranteed to be timely,
secure,   error or virus-free. The sender does not accept liability for any
errors or omissions.


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] samba3.0.10

2005-03-02 Thread Paul Gienger 

I did run the command
=
./smbstatus
/usr/local/samba/var/locks/connections.tdb not initialized.
This is normal if an SMB client has never connected to your server.
 

Well we know this isn't the case, you obviously have clients connected 
by your background info.  Can you check that the directory structure in 
question exists and that it is writable by your samba user (root I 
presume).  Check your log file also for errors initializing the file, I 
presume that there should be some mention of it.

We should keep looking for issues until you get output like so: massive 
snippage below

[fgoserv:samba]# /opt/samba/bin/smbstatus
Samba version 3.0.11
PID Username  Group Machine
---
4628   pgienger  itservradon(10.2.0.86)
7264   pgienger  itservghost(10.2.0.21)
Service  pid machine   Connected at
---
ae4628   radon Wed Mar  2 13:34:53 2005
stuff 4628   radon Wed Mar  2 13:34:39 2005
itadmin   7264   ghost Thu Feb 24 10:45:54 2005
enttech   4628   radon Wed Mar  2 13:34:41 2005
ntapps4628   radon Wed Mar  2 13:34:43 2005
shared4628   radon Wed Mar  2 13:34:55 2005
pgienger  4628   radon Wed Mar  2 09:29:43 2005
itserv4628   radon Wed Mar  2 13:34:45 2005
itadmin   4628   radon Wed Mar  2 08:12:45 2005
Locked files:
PidDenyMode   Access  R/WOplock   Name
--
6304   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/icudt22l.dll   Wed Mar  2 16:22:48 2005
6275   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/icudt22l.dll   Wed Mar  2 15:42:31 2005
6304   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/tl645mi.dll   Wed Mar  2 16:22:48 2005
6275   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/tl645mi.dll   Wed Mar  2 15:42:30 2005
857DENY_WRITE 0x20RDONLY EXCLUSIVE+BATCH  
/apps/nt/ptc/prowild2_m080/i486_nt/lib/pfcscom.dll   Tue Mar  1 17:17:49 
2005
6304   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/svl645mi.dll   Wed Mar  2 16:22:48 2005
6275   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/svl645mi.dll   Wed Mar  2 15:42:31 2005
6304   DENY_WRITE 0x20RDONLY LEVEL_II 
/apps/nt/openoffice/1.1/program/go645mi.dll   Wed Mar  2 16:22:57 2005

--
Paul GiengerOffice: 701-281-1884
Applied Engineering Inc.
Systems Architect   Fax:701-281-1322
URL: www.ae-solutions.com   mailto: [EMAIL PROTECTED]

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] development mailing list?

2005-03-02 Thread Andrew Bartlett 
On Wed, 2005-03-02 at 18:34 +, Gavin Henry wrote:
 Dear all,
 
 Is there a devel type list, as I can't see one in the mailing list section?
 
 I am trying to gather the CVS checkout info for the Samba docs to update the 
 Samba-Guide/Happy.html section and also discuss the doc build-tree etc.

samba-technical is the development list.  Information on checking out 
the SVN (we moved away from CVS) is on devel.samba.org

This command *should* get you the docs (which I agree, we should make
easier to find)

svn co svn://svnanon.samba.org/samba-docs/trunk samba-docs


Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Audit Trail/Logging For Network Logons and Logoffs

2005-03-02 Thread Andrew Bartlett 
On Wed, 2005-03-02 at 14:10 -0700, Lars Rasmussen wrote:
 On Wed, 2 Mar 2005 13:12:35 -0700, Lars Rasmussen
 [EMAIL PROTECTED] wrote:
  @echo off
  SET logoninfo=%USERNAME% logged on %DATE% %TIME:~0,8%
 
  echo %logoninfo%  \\server\hiddenshare\%USERNAME%.log
 
 This line should read:
 echo %logoninfo%  \\secure\logontimes\%USERNAME%.log

I just hope you don't try and use the logs for anything important, given
you have to make them world writable

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net


signature.asc
Description: This is a digitally signed message part
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] solaris 10 SMF setup?

2005-03-02 Thread Carl Brewer 

Hello
I'm in the process of putting SMB onto a dual Opteron x64
box running Solaris 10, with the SFW samba as supplied by
Sun.
I haven't found any hooks for this for the new SMF/SVC startup
system, so I'm doing so now, but before I go any further,
am I duplicating any efforts?  Is anyone else doing
this and has done it?
At present I'm only starting smbd and nmbd (I never really
understood what that other bit was for anyway!)
Carl
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Windows 2003 and Samba 3.0.x

2005-03-02 Thread Ronald Roche 
My Windows 2003 machines can get to shares on my older Samba servers 
(2.2.8a), however on newer versions of Samba (3.0.2), I get the following 
error message:

\\servername is not accessible.  You might not have permission to use this 
network resource.  Contact the administrator of this server to find out if 
you have access permissions.  The request is not supported.

These same shares are accessible via other windows platforms (2000, XP).
Is there a version of Samba I should be running?
Is there a change I can make to my Windows 2003 machines to fix this?
Thanks in advance,
Ron
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Windows 2003 and Samba 3.0.x

2005-03-02 Thread Mitch (WebCob) 
I use Windows 2003 - I could connect with 3.0.8 (FreeBSD 4.8) up to 3.0.10 -
there was a problem which surfaced in 3.0.11, but it has since been fixed -
the patch is attached to the bug report and will be in 3.0.12 I think - but
it doesn't effect all os or config (maybe only mine ;-)

My samba machines are domain members, I do not currently run winbind.

Hope that helps.

m/

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Ronald Roche
 Sent: March 2, 2005 5:27 PM
 To: samba@lists.samba.org
 Subject: [Samba] Windows 2003 and Samba 3.0.x
 
 My Windows 2003 machines can get to shares on my older Samba servers
 (2.2.8a), however on newer versions of Samba (3.0.2), I get the following
 error message:
 
 \\servername is not accessible.  You might not have permission to use this
 network resource.  Contact the administrator of this server to find out if
 you have access permissions.  The request is not supported.
 
 These same shares are accessible via other windows platforms (2000, XP).
 
 Is there a version of Samba I should be running?
 Is there a change I can make to my Windows 2003 machines to fix this?
 
 Thanks in advance,
 
 Ron
 
 
 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  https://lists.samba.org/mailman/listinfo/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Administrator-privileged logon scripts under limited modeon XP?

2005-03-02 Thread Mitch (WebCob) 


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:samba-
 [EMAIL PROTECTED] On Behalf Of Hunter Rognstad
 Sent: March 2, 2005 10:38 AM
 To: samba@lists.samba.org
 Subject: [Samba] Administrator-privileged logon scripts under limited
 modeon XP?
 
 However, clever use of the login.bat, as bad as it was to do it, was
 used to run things with administrator level privileges under Windows 98,
 such as installing certain updates or programs automatically, removing
 certain common spyware programs, copying useful utilities such as putty,
 gnugrep and vncviewer to a system directory for purposes of running from
 the $PATH, regedit'ing registry keys, etc. The login.bat under Windows
 XP, however, runs with user level privileges, which is in limited mode,
 meaning there's only so much I can do with it.
 
[Mitch says:] I think your users can be local admin's while being on the
domain login, but it requires enabling that on each workstation - if that's
what you want to do - as for elevating privileges of a login script, I think
it's impossible - I looked into scripting the runas tool and was told it was
intentionally impossible.

A work around I am playing with is writing a service running locally as
admin to accept certain commands and options from non-admin users and
execute them, returning results over a pipe...

Sort of off topic, but I share your grief ;-)

m/

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind template shell

2005-03-02 Thread Stuart Westbury 
Hi All,

I am wondering if there is an option to assign different shells to
specific users in a winbind setup. As far as I can see, the template shell
option is an all or nothing scenario. Is this the case?

If so, does anyone know of an alternative way to do this? An Active
Directory schema addon (or something) that would provide winbind with the
users' shell? Any pointers would be great..

Thanks,
Stuart
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Samba errors with smb QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT_FOUND

2005-03-02 Thread david rankin 
Samba errors with smb QUERY_PATH_INFO, Error: 
STATUS_OBJECT_NAME_NOT_FOUNDFrom: Timothy D Newcomb
Subject: Samba errors with smb QUERY_PATH_INFO, Error: 
STATUS_OBJECT_NAME_NOT_FOUND

Did you get an answer for this ?  I am seeing it on an XP box and I have 
the same problem..slow load time...in my computer
Tim,
   No I didn't, thanks for the reply. I just figured that JT, Gerry and 
Chris were busy with 3.0.12 and didn't have time to respond (either that or 
they just started hating me for some reason) I still haven't got to the 
bottom of it. I can use ethereal without a problem, but I am no expert in 
deciphering the results.

   The problem seems to come from either the SMB Trans2 Response or the SMB 
Create AndX Response as shown below:

SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: 
\personal\soccer\foo
SMB Trans2 Response, QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT_FOUND
3 second snip
SMB NT Create AndX Request, Path: \personal\soccer\wiashext.dll
SMB NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
NBNS Name query NB NEMESIS20
DNS  Standard query A Nemesis.3111skyline.com
NBNS Name query response[Malformed Packet]
DNS  Standard query response, No such name
DNS  Standard query A Nemesis.3111skyline.com
DNS  Standard query response, No such name
NBNS Name query NB NEMESIS00
NBNS Name query response[Malformed Packet]

   Once the AndX Response error occurs, it seems to through XP into some 
sort of loop where it queries each of the mapped drives or each of the 
folders listed under My Network Places with netbios and dns requests. This 
cause fits for a laptop where some of the connections are not established 
(like when your working at home - the work server isn't there, etc..)

   Who knows, maybe John, Gerry or Chris will show some mercy on us this 
time and give us a response? Or at least tell us to RTFM and point us to a 
link we missed googling the issue.

   Thanks for the reply Tim.
--
David C. Rankin, J.D., P.E.
RANKIN LAW FIRM, PLLC
510 Ochiltree Street
Nacogdoches, Texas 75961
(936) 715-9333
(936) 715-9339 fax
www.rankinlawfirm.com
--
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] solaris 10 SMF setup?

2005-03-02 Thread Carl Brewer 
Carl Brewer wrote:
[chomp]
Following up to my own mail with how I got it working :
Created two methods, and two manifest files :
These are the methods - very similar to init.d scripts.
/lib/svc/method/smbd :
#!/sbin/sh
#
#
. /lib/svc/share/smf_include.sh
SMB_HOME=/usr/sfw/sbin
CONF_FILE=/etc/sfw/smb.conf
PIDFILE=/var/samba/locks/smbd.pid
[ ! -f ${CONF_FILE} ]   exit $SMF_EXIT_ERR_CONFIG
case $1 in
start)
/bin/rm -f ${PIDFILE}
exec ${SMB_HOME}/smbd -D 21 
;;
stop)
PID=`head -1 ${PIDFILE}`
kill -TERM ${PID}
;;
*)
echo Usage: $0 {start|stop)
exit 1
;;
esac
/lib/svc/method/nmbd :
#!/sbin/sh
#
#
. /lib/svc/share/smf_include.sh
SMB_HOME=/usr/sfw/sbin
CONF_FILE=/etc/sfw/smb.conf
PIDFILE=/var/samba/locks/nmbd.pid
[ ! -f ${CONF_FILE} ]   exit $SMF_EXIT_ERR_CONFIG
case $1 in
start)
/bin/rm -f ${PIDFILE}
exec ${SMB_HOME}/nmbd -D 21 
;;
stop)
PID=`head -1 ${PIDFILE}`
kill -TERM ${PID}
;;
*)
echo Usage: $0 {start|stop)
exit 1
;;
esac
And the manifests.
/var/svc/manifest/application/smbd.xml :
?xml version=1.0?
!DOCTYPE service_bundle SYSTEM 
/usr/share/lib/xml/dtd/service_bundle.dtd.1
!--

--
service_bundle type='manifest' name='Vivitec:smbd'
service
name='application/smbd'
type='service'
version='1'
 create_default_instance enabled='true' /
single_instance/
!-- milestone/multi-user-server ?
--
dependency
name='name-services'
grouping='require_all'
restart_on='none'
type='service'
service_fmri value='svc:/milestone/name-services' /
/dependency
dependency
name='local-filesystems'
type='service'
grouping='require_all'
restart_on='none'
service_fmri value='svc:/system/filesystem/local' /
/dependency

exec_method
type='method'
name='start'
exec='/lib/svc/method/smbd start'
timeout_seconds='60' /
exec_method
type='method'
name='stop'
exec='/lib/svc/method/smbd stop'
timeout_seconds='60' /
stability value='Unstable' /
template
common_name
loctext xml:lang='C' Samba
/loctext
/common_name
/template
/service
/service_bundle
/var/svc/manifest/application/nmbd.xml :
?xml version=1.0?
!DOCTYPE service_bundle SYSTEM 
/usr/share/lib/xml/dtd/service_bundle.dtd.1
!--

--
service_bundle type='manifest' name='Vivitec:nmbd'
service
name='application/nmbd'
type='service'
version='1'
!--
We need to mark this as enabled in the seed, due to
svc.startd not waiting for manifest import before
making decisions on whether to start sulogin (see
6194195).
--
create_default_instance enabled='true' /
single_instance/
!-- milestone/multi-user-server ?
--
dependency
name='name-services'
grouping='require_all'
restart_on='none'
type='service'
service_fmri value='svc:/milestone/name-services' /
/dependency
dependency
name='local-filesystems'
type='service'
grouping='require_all'
restart_on='none'
service_fmri value='svc:/system/filesystem/local' /
/dependency

exec_method
type='method'
name='start'
exec='/lib/svc/method/nmbd start'
timeout_seconds='60' /
exec_method
type='method'
name='stop'
exec='/lib/svc/method/nmbd stop'
timeout_seconds='60' /
stability value='Unstable' /
template
common_name
loctext xml:lang='C' Samba
/loctext
/common_name
/template
/service
/service_bundle
To make them live, as root :
svccfg -v import /var/svc/manifest/application/nmbd.xml
svccfg -v import /var/svc/manifest/application/smbd.xml
To check them :
svcs -vx nmbd
svcs -vx smbd
This is only a very dirty installation, but maybe it'll help
someone?  Note, this is for SMF with the Samba as distributed with
Solaris 10.  Hacking it to work with other releases should be a
simple cut  shut in the method files above to locate the
smbd  nmbd (and winbindd if required? what does it do again?!).
More examples of SMF can be found here :
http://www.rfcgr.mrc.ac.uk/~ptribble/Solaris/smf.html
(that's what I used as an example, it's not my page or my work)
Carl

--
To unsubscribe from this list go to the following URL and

[Samba] Reset driver settings on a printer

2005-03-02 Thread Peter Blajev 
Hi,

how to reset driver settings on printer
so users will be asked to install the printer driver?

After uploading a printer driver I use setdriver command
to specify which driver should be downloaded when install
the coresponded printer.

Is there any way to unset that?

Sometimes I'd like to manualy install the driver from a CD
instead of automaticaly download it from the print server.

RedHat ES 3
Samba 3.0.9
Cups-1.1.21

Thank you
Peter

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Win XP profile problem...

2005-03-02 Thread Mike Cisar 
I'm hoping someone may have run across this issue before.  I have a client
running a relatively recent version of Samba (the exact version number
escapes me at the moment).  Windows XP client machines running against samba
as a PDC with roaming profiles active.  

They can log off just fine, and their profile gets successfully written to
the server... likewise when they log back on to the server the profile is
downloaded from the server just fine.  

*BUT* files on their desktop or favorites or whatever that they have deleted
from their system since the last logoff come back.  It seems as if although
the profile gets updated, files that have been deleted from the computer's
profile do not get deleted from the network copy of the profile and then get
returned to the computer on next login.  Files that are modified or added
seem to be fine, it's just the deleted ones that cause grief.

Has anyone seen this issue before?

Cheers,
 Mike 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] $B%/%j%C%/F@5^JX(Bmoai

2005-03-02 Thread $BAjEDM&(B 
$B!z$49XFI$"$j$,$H$&$4$6$$$^$9!#(B
$B!!(B
$BEv%^%,%8%s$O(BAccessMail$B$NG[?.%7%9%F%`$GAw?.$5$;$FD:$$$F$$$^$9!#(B
$B3'MM$N(BHP$B$d?7$7$$%S%8%M%9$r$I$s$I$s>R2p$7$F3'MM$N$*Lr$KN)(B
$B$F$l$P$H!"F|!94hD%$C$F$*$j$^$9!#(B
$B$I$&$>$40&8\$N$[$I$h$m$7$/$*4j$$CW$7$^$9!#(B(^_^)b
(B
$B$3$N%^%,%8%s$O!V%/%j%C%/[EMAIL PROTECTED]([EMAIL PROTECTED]"(B
(B[EMAIL PROTECTED]"[EMAIL PROTECTED](B
$BJ}!"$41o$NM-$C$?J}$X$*FO$1$7$F$$$^$9!#(B
$BITMW$JJ}$O!"$*pJs$r$*65$($7$^$7$g$&!y!y(B
$B<+J,$G%a%k%^%,$rH/9T$7$F$7$^$$$^$7$g$&!#(B
$B$=$l$b!"7PHq(B0$B1_$GKhF|H/?.$9$kJ}K!$r65$($^$9!#(B
$B!!"-!!"-!!"-(B
$B!!#U#R#L!!(Bhttp://moai788.gooside.com/hp/
(B
(B
$B(B8678$B(B
$B"("("("("("("("("("("("("("("("("("("("("("("("("("("("("("("("((B
$B"#!!$h$&$3$=!!"#(B
(B
$B$O$8$a$^$7$F!*$3$N%5%$%H$N4IM}$r$7$F$*$j$^$9!"(Bmoai$B!!$H?=$7$^$9!#(B
$B2f$,[EMAIL PROTECTED]57$J$/$7$F$*$j$^$7$?!#(B
(B
$B$J$s$H$+$7$h$&$H;O$a$?%5%$%I%S%8%M%9$O?tCN$l$:!&!&!&(B
$B>pJsHNGd!";q3J>!$K$bqY$5$l$^$7$?!!!J(B;$B!-(B_`;$B!K(B 
(B
$B7k6I2?$r$d$C$F$b!"7PHq$P$+$j$+$+$j!"<}F~$K$J$k$3$H$O$"$j$^$;$s$G$7$?!#(B
(B
$B$$$D$^$G$?$C$F$b!"@83h$O3Z$K$J$i$:!!!J(B;$B!-(B_`;$B!K(B
$BGc$$$?$$$b$N$bGc$($:!"?)$Y$?$$$b$N$b?)$Y$i$l$:[EMAIL PROTECTED](B
(B
$B$*6b$,$J$$$H$$$&$N$O!"5$;}$A$NM>M5$b$J$/$J$k$7!"(B 
$B2HB2$K$bM%$7$/@\$9$k(B
$B$3$H$b$G$-$J$/[EMAIL PROTECTED]"$D$/$E$/;W$$$^$7$?!#(B
(B
$B$=$l$8$c!"$b$&[EMAIL PROTECTED]&!*$C$F0lBg7h?4$r(B
$B$7$F;qNA$r=8$a$^$/$j$^$7$?$,!"(B
(B[EMAIL PROTECTED]$I$l$b$$5$s$/$5$/46$8!"$J$+$J$+!"$3$l$C!*$C$F$$$!!(B
$B%S%8%M%9$K=P2q$($^$;$s$G$7$?!#$d$C$Q$jCOF;$K$d$C$F$/$7$+$J$$$N$+$J$C$H(B
$BH>$PD|$a$+$1$?:"!!$U$H2?G/$+A0$K8+$?$3$N%S%8%M%9$N$3$H$r(B
$B;W$$=P$7$F8!:[EMAIL PROTECTED]:_$G$O$J$$$G$9$+!*(B
(B
$B$$$D$N4V$K$+>C$($F$$$/%S%8%M%9$,B?$$Cf!"@5D>6C$-$^$7$?!#(B
$B$?$^$?$^;[EMAIL PROTECTED]"(B
$BEEOC$^$G$7$FG:$_$KG:$s$G!&!&!&$=$l$G$b$$$D$^$G$b7hCG$G$-$J$/$F(B
$BLB$C$F$$$^$7$?!#(B
$B2f$,2H$K$H$C$F(B10$BK|$H$$$&$*6b$O!"pJs$rDs6!$7$F9T$-$^$9!#(B
(B
$B!}0l3gEj9F>pJsDs6!6(NO!!(B 
(B 
$B%a%k%^%,O"9g0l3gEj9F(B
$B(Bhttp://www1.odn.ne.jp/~cdb58550/index.html/default.htm
$B!V%S%8%a%k0lH/$/$s!W(B http://www.asin2000.com/1/1katsu.html
(B
$B"("("("("("("("("("("("("("("("("("("("("("("("("("("("("("("("((B
$B!{!{%a%k%^%,G[?.2r=|$O2<5-#U#R#L$K$F!{!{(B
$B(Bhttp://www.accessmail.jp/public/mbrdel.php3?pk=moai7888[EMAIL 
(BPROTECTED](B
$B!!(B
$B!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g!g(B
(B
$B!!H/9T85!!!'!!%/%j%C%/[EMAIL PROTECTED](Bmoai
$B!!#M#A#I#L!'!!([EMAIL PROTECTED]
(B  $B#U#R#L(B  $B!'!!(Bhttp://moai788.gooside.com/melmaga
(B
(B
$B:[EMAIL PROTECTED]"$"$j$,$H$&$4$6$$$^$9!#(B
(B
(B
(B
(B
(B
(B
(B
(B-- 
(BTo unsubscribe from this list go to the following URL and read the
(Binstructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] root access

2005-03-02 Thread Dennis Olvany 
I'm attempting to provide root access to the entire file system over the 
network. Having much trouble getting it working. My first time attempting 
samba configuration. Anyone have any ideas?

/etc/samba/smbusers:
root = root

/etc/samba/smbpasswd:
root:0:..

/etc/samba/smb.conf::
[root]
path = /
writeable = yes
valid users = root 



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Re: Samba errors with smb QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT_FOUND

2005-03-02 Thread John H Terpstra 
Tim/David,

What version of Samba? I saw a similar failure with 3.0.12pre code about a 
week back, however Jeremy applied a patch last Thursday that apparently fixed 
this. Suggest you try current SVN code tree for 3.0.12.

- John T.


On Wednesday 02 March 2005 19:44, david rankin wrote:
 Samba errors with smb QUERY_PATH_INFO, Error:
 STATUS_OBJECT_NAME_NOT_FOUNDFrom: Timothy D Newcomb
 Subject: Samba errors with smb QUERY_PATH_INFO, Error:
 STATUS_OBJECT_NAME_NOT_FOUND

  Did you get an answer for this ?  I am seeing it on an XP box and I have
  the same problem..slow load time...in my computer

 Tim,

 No I didn't, thanks for the reply. I just figured that JT, Gerry and
 Chris were busy with 3.0.12 and didn't have time to respond (either that or
 they just started hating me for some reason) I still haven't got to the
 bottom of it. I can use ethereal without a problem, but I am no expert in
 deciphering the results.

 The problem seems to come from either the SMB Trans2 Response or the
 SMB Create AndX Response as shown below:

 SMB Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path:
 \personal\soccer\foo
 SMB Trans2 Response, QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT_FOUND
 3 second snip
 SMB NT Create AndX Request, Path: \personal\soccer\wiashext.dll
 SMB NT Create AndX Response, Error: STATUS_OBJECT_NAME_NOT_FOUND
 NBNS Name query NB NEMESIS20
 DNS  Standard query A Nemesis.3111skyline.com
 NBNS Name query response[Malformed Packet]
 DNS  Standard query response, No such name
 DNS  Standard query A Nemesis.3111skyline.com
 DNS  Standard query response, No such name
 NBNS Name query NB NEMESIS00
 NBNS Name query response[Malformed Packet]

 Once the AndX Response error occurs, it seems to through XP into some
 sort of loop where it queries each of the mapped drives or each of the
 folders listed under My Network Places with netbios and dns requests.
 This cause fits for a laptop where some of the connections are not
 established (like when your working at home - the work server isn't there,
 etc..)

 Who knows, maybe John, Gerry or Chris will show some mercy on us this
 time and give us a response? Or at least tell us to RTFM and point us to a
 link we missed googling the issue.

 Thanks for the reply Tim.

 --
 David C. Rankin, J.D., P.E.
 RANKIN LAW FIRM, PLLC
 510 Ochiltree Street
 Nacogdoches, Texas 75961
 (936) 715-9333
 (936) 715-9339 fax
 www.rankinlawfirm.com
 --

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO  Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
Other books in production.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Re: root access

2005-03-02 Thread Dennis Olvany 
Thanks.

Got it working.

I still don't know why root wouldn't work. I kept getting login errors on 
the smb client.


Config:

/etc/samba/smbusers:
jackass = jackass

/etc/samba/smbpasswd:
jackass:0:..

/etc/samba/smb.conf::
[root]
path = /
writeable = yes
admin users = jackass



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Any ideas on splitting my profiles directory

2005-03-02 Thread Matthew Easton 
On Wednesday 02 March 2005 13:05, Richmond Dyes wrote:
 I have 2 250gig drives in my machine and one has 50 gig on it and the
 other with my profiles directory in it has 219 gig.  Is there a way to
 split my profiles directory. These are ide drives and I will not be
 mirroring them. My entry in smb.conf reads:

 [profiles]

 path=/data/profiles
 browsable = Yes
 readonly = no
 create mask = 600
 directory mask = 700
 profile acls = yes

Mirroring would not solve your problem, I think you meant striping.

From your post it sounds like the secondary drive is mounted on a directory 
called /data on the first drive. I'm going to imagine you have /dev/hda1 for 
/, /dev/hda2 for swap and /dev/hdc1 is your second drive

So your /etc/fstab might have something like these three entries (and some 
others, not relevant here)

/dev/hda1/   ext3defaults1 1
/dev/hda2  swapswapdefaults0 0
/dev/hdc1   /data   ext3defaults1 1

Perhaps you can split your profiles by primary group:
Change the profile path to something like /profiles/%g/
Make subdirectories to /profiles corresponding to group name.
Mount the secondary drive on the subdirectory corresponding to the group who 
uses the largest amount of disk space. (don't forget to update /etc/fstab),
and finally, move the other groups over to their proper directories on the 
primary drive.

(test on a non-production system first!)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

svn commit: samba r5617 - in trunk/source: include rpc_server

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 15:30:21 + (Wed, 02 Mar 2005)
New Revision: 5617

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5617

Log:
event log patches from Marcin Porwit
Added:
   trunk/source/include/rpc_eventlog.h
   trunk/source/rpc_server/srv_eventlog.c


Changeset:
Sorry, the patch is too large (410 lines) to include; please use WebSVN to see 
it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5617

svn commit: samba r5618 - in trunk/source/rpc_server: .

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 15:32:17 + (Wed, 02 Mar 2005)
New Revision: 5618

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5618

Log:
ensure that dnsdomain is initialized (patch from Marcin Porwit)
Modified:
   trunk/source/rpc_server/srv_lsa_ds_nt.c


Changeset:
Modified: trunk/source/rpc_server/srv_lsa_ds_nt.c
===
--- trunk/source/rpc_server/srv_lsa_ds_nt.c 2005-03-02 15:30:21 UTC (rev 
5617)
+++ trunk/source/rpc_server/srv_lsa_ds_nt.c 2005-03-02 15:32:17 UTC (rev 
5618)
@@ -46,6 +46,9 @@
return NT_STATUS_NO_MEMORY;
}
 
+   get_mydnsdomname(dnsdomain);
+   strlower_m(dnsdomain);
+
switch ( lp_server_role() ) {
case ROLE_STANDALONE:
basic-machine_role = DSROLE_STANDALONE_SRV;
@@ -58,16 +61,12 @@
basic-flags = 
DSROLE_PRIMARY_DS_RUNNING|DSROLE_PRIMARY_DS_MIXED_MODE;
if ( secrets_fetch_domain_guid( lp_workgroup(), 
basic-domain_guid ) )
basic-flags |= 
DSROLE_PRIMARY_DOMAIN_GUID_PRESENT;
-   get_mydnsdomname(dnsdomain);
-   strlower_m(dnsdomain);
break;
case ROLE_DOMAIN_PDC:
basic-machine_role = DSROLE_PDC;
basic-flags = 
DSROLE_PRIMARY_DS_RUNNING|DSROLE_PRIMARY_DS_MIXED_MODE;
if ( secrets_fetch_domain_guid( lp_workgroup(), 
basic-domain_guid ) )
basic-flags |= 
DSROLE_PRIMARY_DOMAIN_GUID_PRESENT;
-   get_mydnsdomname(dnsdomain);
-   strlower_m(dnsdomain);
break;
}

svn commit: samba r5619 - in trunk/source/rpc_parse: .

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 15:49:58 + (Wed, 02 Mar 2005)
New Revision: 5619

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5619

Log:
event log patches from Marcin Porwit
Added:
   trunk/source/rpc_parse/parse_eventlog.c


Changeset:
Sorry, the patch is too large (462 lines) to include; please use WebSVN to see 
it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5619

svn commit: samba r5620 - in trunk/source/rpc_server: .

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 16:03:51 + (Wed, 02 Mar 2005)
New Revision: 5620

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5620

Log:
event log patches from Marcin Porwit (getting into so I can work on clean up 
without loosing work)
Added:
   trunk/source/rpc_server/srv_eventlog_nt.c


Changeset:
Sorry, the patch is too large (903 lines) to include; please use WebSVN to see 
it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5620

svn commit: samba r5621 - in trunk/source: . include param registry rpc_parse rpc_server smbd

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 16:46:23 + (Wed, 02 Mar 2005)
New Revision: 5621

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5621

Log:
finish commiting eventlog patches from Marcin; still not totally sure about the 
loadparm.c options and the reg_eventlog code, but its in as a marker.  Now to 
clean it up some
Added:
   trunk/source/registry/reg_eventlog.c
Modified:
   trunk/source/Makefile.in
   trunk/source/configure.in
   trunk/source/include/ntdomain.h
   trunk/source/include/rpc_reg.h
   trunk/source/include/smb.h
   trunk/source/param/loadparm.c
   trunk/source/registry/reg_frontend.c
   trunk/source/rpc_parse/parse_rpc.c
   trunk/source/rpc_server/srv_eventlog.c
   trunk/source/rpc_server/srv_pipe.c
   trunk/source/smbd/nttrans.c


Changeset:
Sorry, the patch is too large (699 lines) to include; please use WebSVN to see 
it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5621

svn commit: samba r5622 - in trunk/source: include lib rpc_client rpc_parse rpc_server rpcclient

2005-03-02 Thread jerry 
Author: jerry
Date: 2005-03-02 17:19:29 + (Wed, 02 Mar 2005)
New Revision: 5622

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5622

Log:
additional client registry calls (patch from Jeremy Cooper [EMAIL PROTECTED])
Modified:
   trunk/source/include/rpc_reg.h
   trunk/source/lib/util.c
   trunk/source/lib/util_sock.c
   trunk/source/lib/util_unistr.c
   trunk/source/rpc_client/cli_reg.c
   trunk/source/rpc_parse/parse_reg.c
   trunk/source/rpc_server/srv_reg.c
   trunk/source/rpc_server/srv_reg_nt.c
   trunk/source/rpcclient/cmd_reg.c


Changeset:
Sorry, the patch is too large (1539 lines) to include; please use WebSVN to see 
it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5622

svn commit: samba r5624 - in trunk/source/smbd: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 18:19:38 + (Wed, 02 Mar 2005)
New Revision: 5624

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5624

Log:
Horrible band-aid patch to fix Blue-Arc torture tester.
I know this isn't right but will work until I can refactor
the deny mode code with the Samba4 algorithm.
Jeremy.

Modified:
   trunk/source/smbd/open.c


Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-03-02 18:19:32 UTC (rev 5623)
+++ trunk/source/smbd/open.c2005-03-02 18:19:38 UTC (rev 5624)
@@ -491,7 +491,13 @@
unix_ERR_class = ERRDOS;
unix_ERR_code = ERRbadshare;
unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION;
+   return False;
+   }
 
+   if (deny_mode == DENY_ALL || old_deny_mode == DENY_ALL) {
+   unix_ERR_class = ERRDOS;
+   unix_ERR_code = ERRbadshare;
+   unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION;
return False;
}
 
@@ -502,7 +508,7 @@
 
if ( !(desired_access  
(FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
!(share-desired_access  
(FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
-   DEBUG(5,(check_share_mode: Allowing open on file %s as desired 
access (0x%x) doesn't conflict with\
+   DEBUG(5,(check_share_mode: Allowing open on file %s as desired 
access (0x%x) doesn't conflict with \
 existing desired access (0x%x).\n, fname, (unsigned int)desired_access, 
(unsigned int)share-desired_access ));
return True;
}

svn commit: samba r5623 - in branches/SAMBA_3_0/source/smbd: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 18:19:32 + (Wed, 02 Mar 2005)
New Revision: 5623

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5623

Log:
Horrible band-aid patch to fix Blue-Arc torture tester.
I know this isn't right but will work until I can refactor
the deny mode code with the Samba4 algorithm.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/smbd/open.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/open.c
===
--- branches/SAMBA_3_0/source/smbd/open.c   2005-03-02 17:19:29 UTC (rev 
5622)
+++ branches/SAMBA_3_0/source/smbd/open.c   2005-03-02 18:19:32 UTC (rev 
5623)
@@ -491,7 +491,13 @@
unix_ERR_class = ERRDOS;
unix_ERR_code = ERRbadshare;
unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION;
+   return False;
+   }
 
+   if (deny_mode == DENY_ALL || old_deny_mode == DENY_ALL) {
+   unix_ERR_class = ERRDOS;
+   unix_ERR_code = ERRbadshare;
+   unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION;
return False;
}
 
@@ -502,7 +508,7 @@
 
if ( !(desired_access  
(FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ||
!(share-desired_access  
(FILE_READ_DATA|FILE_WRITE_DATA|FILE_APPEND_DATA|FILE_EXECUTE)) ) {
-   DEBUG(5,(check_share_mode: Allowing open on file %s as desired 
access (0x%x) doesn't conflict with\
+   DEBUG(5,(check_share_mode: Allowing open on file %s as desired 
access (0x%x) doesn't conflict with \
 existing desired access (0x%x).\n, fname, (unsigned int)desired_access, 
(unsigned int)share-desired_access ));
return True;
}

svn commit: samba r5625 - in branches/SAMBA_3_0/source/locking: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 20:19:10 + (Wed, 02 Mar 2005)
New Revision: 5625

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5625

Log:
Reformat (tidy).

Modified:
   branches/SAMBA_3_0/source/locking/posix.c


Changeset:
Modified: branches/SAMBA_3_0/source/locking/posix.c
===
--- branches/SAMBA_3_0/source/locking/posix.c   2005-03-02 18:19:38 UTC (rev 
5624)
+++ branches/SAMBA_3_0/source/locking/posix.c   2005-03-02 20:19:10 UTC (rev 
5625)
@@ -563,9 +563,9 @@
 * and the underlying system can handle 64 bit signed locks.
 */
 
-SMB_OFF_T mask2 = ((SMB_OFF_T)0x4)  (SMB_OFF_T_BITS-4);
-SMB_OFF_T mask = (mask21);
-SMB_OFF_T max_positive_lock_offset = ~mask;
+   SMB_OFF_T mask2 = ((SMB_OFF_T)0x4)  (SMB_OFF_T_BITS-4);
+   SMB_OFF_T mask = (mask21);
+   SMB_OFF_T max_positive_lock_offset = ~mask;
 
 #else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */
 
@@ -575,7 +575,7 @@
 * All offsets  counts must be 2^31 or less.
 */
 
-SMB_OFF_T max_positive_lock_offset = 0x7FFF;
+   SMB_OFF_T max_positive_lock_offset = 0x7FFF;
 
 #endif /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */

svn commit: samba r5626 - in trunk/source/locking: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 20:19:21 + (Wed, 02 Mar 2005)
New Revision: 5626

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5626

Log:
Reformat (tidy).

Modified:
   trunk/source/locking/posix.c


Changeset:
Modified: trunk/source/locking/posix.c
===
--- trunk/source/locking/posix.c2005-03-02 20:19:10 UTC (rev 5625)
+++ trunk/source/locking/posix.c2005-03-02 20:19:21 UTC (rev 5626)
@@ -563,9 +563,9 @@
 * and the underlying system can handle 64 bit signed locks.
 */
 
-SMB_OFF_T mask2 = ((SMB_OFF_T)0x4)  (SMB_OFF_T_BITS-4);
-SMB_OFF_T mask = (mask21);
-SMB_OFF_T max_positive_lock_offset = ~mask;
+   SMB_OFF_T mask2 = ((SMB_OFF_T)0x4)  (SMB_OFF_T_BITS-4);
+   SMB_OFF_T mask = (mask21);
+   SMB_OFF_T max_positive_lock_offset = ~mask;
 
 #else /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */
 
@@ -575,7 +575,7 @@
 * All offsets  counts must be 2^31 or less.
 */
 
-SMB_OFF_T max_positive_lock_offset = 0x7FFF;
+   SMB_OFF_T max_positive_lock_offset = 0x7FFF;
 
 #endif /* !LARGE_SMB_OFF_T || HAVE_BROKEN_FCNTL64_LOCKS */

svn commit: samba r5627 - in trunk/source/param: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 20:30:29 + (Wed, 02 Mar 2005)
New Revision: 5627

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5627

Log:
Deprecate the write cache parameter - this code will go away soon.
Jeremy.

Modified:
   trunk/source/param/loadparm.c


Changeset:
Modified: trunk/source/param/loadparm.c
===
--- trunk/source/param/loadparm.c   2005-03-02 20:19:21 UTC (rev 5626)
+++ trunk/source/param/loadparm.c   2005-03-02 20:30:29 UTC (rev 5627)
@@ -967,7 +967,7 @@
{use mmap, P_BOOL, P_GLOBAL, Globals.bUseMmap, NULL, NULL, 
FLAG_ADVANCED}, 
{use sendfile, P_BOOL, P_LOCAL, sDefault.bUseSendfile, NULL, NULL, 
FLAG_ADVANCED | FLAG_SHARE}, 
{hostname lookups, P_BOOL, P_GLOBAL, Globals.bHostnameLookups, NULL, 
NULL, FLAG_ADVANCED}, 
-   {write cache size, P_INTEGER, P_LOCAL, sDefault.iWriteCacheSize, 
NULL, NULL, FLAG_ADVANCED | FLAG_SHARE}, 
+   {write cache size, P_INTEGER, P_LOCAL, sDefault.iWriteCacheSize, 
NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_DEPRECATED}, 
 
{name cache timeout, P_INTEGER, P_GLOBAL, 
Globals.name_cache_timeout, NULL, NULL, FLAG_ADVANCED},

svn commit: samba r5628 - in branches/SAMBA_3_0/source/param: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 20:30:37 + (Wed, 02 Mar 2005)
New Revision: 5628

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5628

Log:
Deprecate the write cache parameter - this code will go away soon.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/param/loadparm.c


Changeset:
Modified: branches/SAMBA_3_0/source/param/loadparm.c
===
--- branches/SAMBA_3_0/source/param/loadparm.c  2005-03-02 20:30:29 UTC (rev 
5627)
+++ branches/SAMBA_3_0/source/param/loadparm.c  2005-03-02 20:30:37 UTC (rev 
5628)
@@ -953,7 +953,7 @@
{use mmap, P_BOOL, P_GLOBAL, Globals.bUseMmap, NULL, NULL, 
FLAG_ADVANCED}, 
{use sendfile, P_BOOL, P_LOCAL, sDefault.bUseSendfile, NULL, NULL, 
FLAG_ADVANCED | FLAG_SHARE}, 
{hostname lookups, P_BOOL, P_GLOBAL, Globals.bHostnameLookups, NULL, 
NULL, FLAG_ADVANCED}, 
-   {write cache size, P_INTEGER, P_LOCAL, sDefault.iWriteCacheSize, 
NULL, NULL, FLAG_ADVANCED | FLAG_SHARE}, 
+   {write cache size, P_INTEGER, P_LOCAL, sDefault.iWriteCacheSize, 
NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_DEPRECATED}, 
 
{name cache timeout, P_INTEGER, P_GLOBAL, 
Globals.name_cache_timeout, NULL, NULL, FLAG_ADVANCED},

svn commit: samba r5629 - in trunk/source/smbd: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-02 21:43:48 + (Wed, 02 Mar 2005)
New Revision: 5629

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5629

Log:
This may be a mistake ... needs more cthon investigation.
Jeremy.

Modified:
   trunk/source/smbd/open.c


Changeset:
Modified: trunk/source/smbd/open.c
===
--- trunk/source/smbd/open.c2005-03-02 20:30:37 UTC (rev 5628)
+++ trunk/source/smbd/open.c2005-03-02 21:43:48 UTC (rev 5629)
@@ -494,12 +494,15 @@
return False;
}
 
+#if 0
+   /* Bluarc test may need this ... needs further investigation. */
if (deny_mode == DENY_ALL || old_deny_mode == DENY_ALL) {
unix_ERR_class = ERRDOS;
unix_ERR_code = ERRbadshare;
unix_ERR_ntstatus = NT_STATUS_SHARING_VIOLATION;
return False;
}
+#endif
 
/*
 * If desired_access doesn't contain READ_DATA,WRITE_DATA,APPEND_DATA 
or EXECUTE

svn commit: samba r5632 - in branches/SAMBA_3_0/source/smbd: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-03 02:04:36 + (Thu, 03 Mar 2005)
New Revision: 5632

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5632

Log:
Fix infinite looping bug found by nasty BlueArc test :-).
When finding a singleton directory remember that we're
at the end and don't continuously return the same name.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/smbd/dir.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/dir.c
===
--- branches/SAMBA_3_0/source/smbd/dir.c2005-03-03 02:04:34 UTC (rev 
5631)
+++ branches/SAMBA_3_0/source/smbd/dir.c2005-03-03 02:04:36 UTC (rev 
5632)
@@ -525,10 +525,17 @@
pstring pathreal;
 
ZERO_STRUCTP(pst);
+
if (dptr-has_wild) {
return dptr_normal_ReadDirName(dptr, poffset, pst);
}
 
+   /* If poffset is -1 then we know we returned this name before and we 
have
+  no wildcards. We're at the end of the directory. */
+   if (*poffset == -1) {
+   return NULL;
+   }
+
/* We know the stored wcard contains no wildcard characters. See if we 
can match
   with a stat call. If we can't, then set has_wild to true to
   prevent us from doing this on every call. */
@@ -540,6 +547,9 @@
}
 
if (VALID_STAT(*pst)) {
+   /* We need to set the underlying dir_hdn offset to -1 also as
+  this function is usually called with the output from 
TellDir. */
+   dptr-dir_hnd-offset = *poffset = -1;
return dptr-wcard;
}
 
@@ -548,11 +558,17 @@
pstrcat(pathreal,dptr-wcard);
 
if (SMB_VFS_STAT(dptr-conn,pathreal,pst) == 0) {
+   /* We need to set the underlying dir_hdn offset to -1 also as
+  this function is usually called with the output from 
TellDir. */
+   dptr-dir_hnd-offset = *poffset = -1;
return dptr-wcard;
} else {
/* If we get any other error than ENOENT or ENOTDIR
   then the file exists we just can't stat it. */
if (errno != ENOENT  errno != ENOTDIR) {
+   /* We need to set the underlying dir_hdn offset to -1 
also as
+  this function is usually called with the output from 
TellDir. */
+   dptr-dir_hnd-offset = *poffset = -1;
return dptr-wcard;
}
}
@@ -563,6 +579,9 @@
   with a stat we will fail. */
 
if (dptr-conn-case_sensitive) {
+   /* We need to set the underlying dir_hdn offset to -1 also as
+  this function is usually called with the output from 
TellDir. */
+   dptr-dir_hnd-offset = *poffset = -1;
return NULL;
} else {
return dptr_normal_ReadDirName(dptr, poffset, pst);
@@ -1033,6 +1052,7 @@
*poffset = e-offset= dirp-offset;
return e-name;
}
+   dirp-offset = -1;
return NULL;
 }

svn commit: samba r5633 - in trunk/source/locking: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-03 02:06:50 + (Thu, 03 Mar 2005)
New Revision: 5633

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5633

Log:
Fix 64-bit overflow problems found by BlueArc torture tester.
We still have a few strange bugs with 64-bit locking values. I will
get traces.
Jeremy.

Modified:
   trunk/source/locking/brlock.c


Changeset:
Modified: trunk/source/locking/brlock.c
===
--- trunk/source/locking/brlock.c   2005-03-03 02:04:36 UTC (rev 5632)
+++ trunk/source/locking/brlock.c   2005-03-03 02:06:50 UTC (rev 5633)
@@ -132,11 +132,6 @@
return False;
}
 
-   if (lck1-start = (lck2-start + lck2-size) ||
-   lck2-start = (lck1-start + lck1-size)) {
-   return False;
-   }
-   
return brl_overlap(lck1, lck2);
 } 
 
@@ -193,10 +188,6 @@
return False;
}
 
-   if (lck1-start = (lck2-start + lck2-size) ||
-   lck2-start = (lck1-start + lck1-size))
-   return False;
-   
return brl_overlap(lck1, lck2);
 }

svn commit: samba r5634 - in branches/SAMBA_3_0/source/locking: .

2005-03-02 Thread jra 
Author: jra
Date: 2005-03-03 02:07:00 + (Thu, 03 Mar 2005)
New Revision: 5634

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5634

Log:
Fix 64-bit overflow problems found by BlueArc torture tester.
We still have a few strange bugs with 64-bit locking values. I will 
get traces.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/locking/brlock.c


Changeset:
Modified: branches/SAMBA_3_0/source/locking/brlock.c
===
--- branches/SAMBA_3_0/source/locking/brlock.c  2005-03-03 02:06:50 UTC (rev 
5633)
+++ branches/SAMBA_3_0/source/locking/brlock.c  2005-03-03 02:07:00 UTC (rev 
5634)
@@ -132,11 +132,6 @@
return False;
}
 
-   if (lck1-start = (lck2-start + lck2-size) ||
-   lck2-start = (lck1-start + lck1-size)) {
-   return False;
-   }
-   
return brl_overlap(lck1, lck2);
 } 
 
@@ -193,10 +188,6 @@
return False;
}
 
-   if (lck1-start = (lck2-start + lck2-size) ||
-   lck2-start = (lck1-start + lck1-size))
-   return False;
-   
return brl_overlap(lck1, lck2);
 }

  1   2   >