[Samba] $BL$5Bz9-9p(#DcMx0lK\2=!*#3#0(B$BF|$GZ6b$rC/$K$bCN$i$l$:2r7h$9$kJ}K!(B
$BAw?.;v6HeLnD.El(B1-26-1011 $B"(J@ $K(B $B!VG[?.ITMW!W$H5-F~$7$F2<5-%"%I%l%9$XAw?.$7$F$/[EMAIL PROTECTED](B $BG[?.Dd;_(B $B"*!!([EMAIL PROTECTED] (BURL$B$h$j2r=|"*!!(Bhttp://www.busiassist.com/kaijo/del.cgi (B $B!y!y(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!y(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!y!y(B (B $B"#DcMx0lK\2=!*#3#0F|$G /$7$G$b%W%i%9$K$J$l$P9,$$$G$9!#(B (B (B (Bhttp://www.tsaxis.com/gokuhi/ (B (B $B(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!y(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(B (B[EMAIL PROTECTED]T(B: $B%]%$%s%H%a!<%k(B $B=;=j(B: $B")(B596-0047$B!!Bg:eI\4_OBED;T>eLnD.El(B1-26-1011 $B1D6H;~4V(B: $B7n!AEZ!!(B($B8aA0#9;~$+$i8a8e#6;~!KF|MKF|!&=K:WF|$O5Y6H(B $B%"%I%l%9(B: [EMAIL PROTECTED] (BURL: http://www.busiassist.com $B(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!y(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(B $BK\%a!<%kITMW$N>l9g2<5-$h$j2r=|$G$-$^$9!#(B (Bhttp://www.busiassist.com/kaijo/del.cgi (B (B-- (BTo unsubscribe from this list go to the following URL and read the (Binstructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] the problem of join samba3.0 to windows2000 doamin
when i want to join the samba3.0 server to the win2k domain, it appear the errors as below: [EMAIL PROTECTED] samba]# net join -S gz -U is2000 is2000's password: ie2003bd [2005/03/29 16:14:58, 0] libads/kerberos.c:ads_kinit_password(146) kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot find KDC for requested realm [2005/03/29 16:14:58, 0] utils/net_ads.c:ads_startup(186) ads_connect: Cannot find KDC for requested realm Unable to find a suitable server Unable to find a suitable server my smb.conf is as below: -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SaveAs Problems
Hy, We've got some weird Problems with SaveAs from all Programs to a Samba Server. The File get's saved but the user get's three Error Messages (Messagebox OK) telling him that the file could not be saved. The Problem is not easily recreateable and appears randomly. Any Pointers?? Bye, robert. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Client Profile mistake
Hello, after our harwarechrash we had to change the serversystem to another hardware. I copied all necessary samba files (I hope I did) to the new hardware and restarted Samba. Now when I try to log on the domain the client ist no longer trusted by the domain. When I add the client to the domain to solve these problem, I get an new profile after login. And this is my problem. All our client-users are mobile user, they all have local profiles. And the need ther profiles back. They don't accept new profiles. So what do I have to do to use our old profiles. Mit freundlichen Grüssen / Kind regards Norman Trapp System Management objective partner GmbH Bergstrasse 45 D-69469 Weinheim Tel. +49 (0)6201 3986 24 Fax. +49 (0)6201 3986 12 ___ objective partner - keep IT in e.motion Diese eMail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese eMail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese eMail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser eMail ist nicht gestattet. This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Client Profile mistake
[EMAIL PROTECTED] wrote: Hello, after our harwarechrash we had to change the serversystem to another hardware. I copied all necessary samba files (I hope I did) to the new hardware and restarted Samba. Now when I try to log on the domain the client ist no longer trusted by the domain. When I add the client to the domain to solve these problem, I get an new profile after login. And this is my problem. All our client-users are mobile user, they all have local profiles. And the need ther profiles back. They don't accept new profiles. So what do I have to do to use our old profiles. http://msmvps.com/clustering/archive/2004/10/06/15096.aspx ? This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Mmm, my bit destroyer is broken, and I'm not sure if I'm the intended recipient, what should I do now? Bye -- Luca Olivetti Wetron Automatización S.A. http://www.wetron.es/ Tel. +34 93 5883004 Fax +34 93 5883007 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba as domain controller
Hey friends, I want to setup Linux(Samba) as Domain Controller means no more Windows NT,2k or 2k3 as domain controller.I have mix of windows and Linux clients and I want these clients to get authentication from the Linux .Can anybody tell me any tutorial or How to do it. Thanks Regards Ankush -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Very HUGE binaries!?
Gerald (Jerry) Carter wrote: Gerald (Jerry) Carter wrote: | Toni Verdu Carbo wrote: | | Hi! | | | | I've been compiling Samba 3.0.x on a Solaris 2.6 | | server using GCC 3.4.1 without any problem until recently... | | The problem started with 3.0.12 version, and reproduced in 3.0.13. | | Doing configure and then make produces with these two | | versions VERY HUGE binaries! | | I've tracked down the change to configure.in that caused this. | YOu can work around it by either (a) stripping the resulting | binaries, (b) manually removing '-g' from the Makefile, or | (c) manually setting CFLAGS to any value before running | configure. | | I'll go ahead and fix this in the SAMBA_3_0 svn tree. Fixed in svn now. The patch is at http://samba.org/~jerry/patches/post-3.0.13/configure_debug.patch Thanks for this fix. However on my FC2 I still get huge binaries and as a consequence huge rpms even after running your patch and then running autogen.sh in the rpm building. I have tried inserting sh autogen.sh into the samba.spec file instead of script/mkversion.h in the %prep stage. Also adding --enable-developer=no to the configure lines in %build was to no avail. It would appear that $RPM_OPT_FLAGS is the one that introduces CFLAGS=-O2 -g -march=i386 -mcpu=i686, so your patch helps set sane defaults for normal compiles but does not fix the problem for a rpm build. Any advice on the cleanest way to reduce the size of the binaries and not have them compiled with -g? Thanks in advance. Regards, Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Very HUGE binaries!?
Urs Rau wrote: It would appear that $RPM_OPT_FLAGS is the one that introduces CFLAGS=-O2 -g -march=i386 -mcpu=i686 Any advice on the cleanest way to reduce the size of the binaries and not have them compiled with -g? For now I have added an ugly 2-liner to the beginning of the %prep and %build sections. (in case rpm builders jump straight to the %build section) # avoid building huge rpms RPM_OPT_FLAGS=`echo $RPM_OPT_FLAGS | sed s/-g//` I know I could have either reset my system wide rpmrc or set my own ~/.rpmrc, but I wanted to make sure that anybody that uses my spec file to rebuild the rpm would also get small binaries and not have to remember to set their own system or personal rpmrc Is this all one can do, it feels like an ugly hack? Regards, Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problems with Excel MS Word files (still)
Jeremy or Nathan, Jeremy Allison wrote: Ok, I have a working theory for this. It concerns ACLs and what happens when excel wants to update the filetime on a file the user doesn't own. Normally you just set the dos filetime parameter to allow this (this causes a timestamp to be updated on a file if you can write to it - normally POSIX only allows this if you're the owner). I've realised the codepath here doesn't check ACL semantics. This is a bug we've had since we introduced ACLs a long time ago but only now seems to have been triggered. Here is a patch to the just released 3.0.13 that causes ACL entries to be properly checked when dos filetime= True has been set. Please try this on top of 3.0.13 and let me know if it fixes the issues. Has this been confirmed, as fixing it? I am rolling a 3.0.13 maintenance release and it would be nice to clear this excel ACL bug. What is the bugzilla entry for this bug, so I can follow it? Thanks a lot. Regards, -- Urs Rau Head of Operations Operation Mobilisation UK National Office -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joining XP machine error
Hi to all. I would like to ask what are the possible or common causes of NT_STATUS_NO_SUCH_USER error? I've been reading other post about the subject but none has definitive answer to this problem. I cant join an XP machine to the domain either manually or thru XP but I can add user account and used the account to logon using SSH. BTW, Im using RH9, Samba ver 3.0.11rc1 and openldap 2.2.23. Many thanks Jan - Yahoo! Messenger - Communicate instantly...Ping your friends today! Download Messenger Now -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Memory Mapped Files
Hi We have a process on Linux (SLES 8.1 AMD64) which is writing data to a memory mapped file created on a samba partition smbmounted from a windows server. The changes show up on the Linux side but are invisible to a process reading the same file on windows. I would be grateful if someone could offer and explanation of this behaviour? Regards Graeme -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: No vscan HOWTOs?
I have been trying to find out how to EXCLUDE certain files from scanning. Appearentlty it works by MIME-type. You have to configure your own mime type in /etc/magic, and then add that mime type to vscan-clamav.conf Has anyone got this working? -Original Message- From: Karl Banasky [mailto:[EMAIL PROTECTED] Sent: 28 March 2005 05:54 To: Jim C. Cc: samba@lists.samba.org Subject: Re: [Samba] Re: No vscan HOWTOs? I have been installing it on my Centos 4 box. Got it working on a quarentine bases. That way I can see if it is working correctly. There are some test Virus sites available to download a test virus to your share and see what happens. Might be dangerous but useful. I worked from src.rpms for all of it except samba-vscan. My issues were: 1) Not having the Samba source (configured and make); Solved it by rpmbuild -bc samba-src.rpm(Source showed in the BUILD directory. 2) Not having the socket configured correctly in the clamd.conf and the vscan-clamav.conf; Solved it by enabling it in the clamd.conf file and verified same location in the vscan-clamav.conf file 3) Build issues with clamav-.src.rpm; solved by yum'ing in sendmail-devel and sendmail-cf Other then that it was straight forward. Jim C. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [chuckle] I think I've got it working. Apparently one just has to add the clamav user to the 'Domain Admins' group so that it can do it's job. I've been googleing around and it looks like a whole lot of people are missing this, i.e. that clamav. I could use some pointers on how to be sure it is working though. I'm not seeing it in my logs, but I'm also not sure where to look. Jim C. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCR1vV57L0B7uXm9oRAs+cAJ0RrLMa6Ou/RehR0dprQkK6Tjg7lgCfXz5j /Mtirt+9h7H6w3joPTw22Dc= =r98u -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A small question on Winbind
On Tuesday 29 March 2005 08:29, Phibee NOC wrote: Hi it's possible with wbinfo that get a information: 1- Get all users of one Active Directory Group this can be done with getent passwd {groupname} - not sure how to do it with wbinfo 2- Get all groups of one username ? Not 100% sure about this, but a start might be getent group | grep {username} - im sure a bit of sed would neaten the results Hope that helps, H pgpqtexElI0DE.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Using Lotus Domino LDAP as Samba Backend
Hello, can I use the Lotus Domino LDAP Server as backend for Samba? Has anyone tried this, or some experiences in that? Mit freundlichen Grüssen / Kind regards Norman Trapp System Management objective partner GmbH Bergstrasse 45 D-69469 Weinheim Tel. +49 (0)6201 3986 24 Fax. +49 (0)6201 3986 12 ___ objective partner - keep IT in e.motion Diese eMail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese eMail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese eMail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser eMail ist nicht gestattet. This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd 100% systemload
hi, i've a debian sarge setup with samba 3.0.10 with ldap as SAM backend. every thing used to work as expected, but last week the machine went down. an analysis of the problem has showen, that with increasing uptime there is a growing number of smbd processes that caus 100% CPU utilation. tests have showen, that i can kill these processes without harming smb conecctivtiy. this is a workaround but no soulution. i've absolutely no idea what causes this and what i can/should do to track this down. any suggestions ? TIA Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP greyed-out Guest user password prompt
On Monday 28 March 2005 20:07, Jules Agee wrote: updates] comment = Software Updates path = /var/local/fileshare/admin/updates browsable = no create mask = 774 group = SystemAdmin directory mask = 0775 nt acl support = no read only = yes guest ok = yes Hi Jules This may be way off, but i know how frustrating it can be not getting any suggestions! I have a samba server with a guest share, the only difference i can see is that i have guest only = yes. Here is one of the read only shares (sanitised): [guests] path = /guest/share guest only = Yes guest ok = Yes This works fine from XPSP2 and SP1 clients, the server is security = domain though, so this may make a difference, although non-domain machines/users connect with no problems to the guest shares. Hope this helps! H pgpSIHb3jtAHD.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] printers detect
Hi! I'm designing a web interface to manage samba server (users, shares, printers) and I would known how i can detect printers available in samba. In that way, admin can set rights and others params of a selected printer. Thanks, Fabio -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A small question on Winbind
Am Dienstag 29 Mrz 2005 13:12 schrieb Hamish: 2- Get all groups of one username ? Maybe I'm oversimplifying, but (given nsswitch and all is in place): # id username ? HTH Dan -- Daniel Amthor Linux LPI Level 2 Administrator Im Brhl 10t: +49-06173-935960 61476 Kronberg e: [EMAIL PROTECTED] ICQ: 196700332 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with wbinfo
Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind:[ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind:[ OK ] # # # winbindd -i -d 4 winbindd version 3.0.0-14.3E started. Copyright The Samba Team 2000-2003 lp_load: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] doing parameter workgroup = REG doing parameter netbios name = Estacao1386000 handle_netbios_name: set global_myname to: ESTACAO1386000 doing parameter security = domain doing parameter password server = * doing parameter winbind uid = 1000-2 doing parameter winbind gid = 1000-2 doing parameter winbind enum users = yes doing parameter winbind enum groups = yes doing parameter winbind separator = + doing parameter winbind cache time = 10 doing parameter template homedir = /home/winnt/%D/%U doing parameter winbind use default domain = yes doing parameter template shell = /bin/bash pm_process() returned Yes adding IPC service adding IPC service added interface ip=10.80.100.98 bcast=10.80.100.255 nmask=255.255.255.0 added interface ip=10.80.100.98 bcast=10.80.100.255 nmask=255.255.255.0 Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED get_dc_list: returning 1 ip addresses in an unordered list get_dc_list: 10.80.100.62:0 nmb packet from 10.80.100.62(137) header: id=2081 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=REG1c rr_type=33 rr_class=1 ttl=0 answers 0 char .PDC hex 09504443202020202020202020202020 answers 10 char .d.PDC hex 00640050444320202020202020202020 answers 20 char .d.PDC hex 20200364005044432020202020202020 answers 30 char d...__MSBRO hex 2020202020640001025F5F4D5342524F answers 40 char WSE__REG hex 5753455F5F0201E40052454720202020 answers 50 char ...REG hex 202020202020202000E4005245472020 answers 60 char .d.REG hex 202020202020202020201B6400524547 answers 70 char ...R hex 2020202020202020202020201CE40052 answers 80 char EG.d hex 45472020202020202020202020201D64 answers 90 char .REG hex 00524547202020202020202020202020 answers a0 char hex 1EE4 answers b0 char hex answers c0 char hex answers d0 char . hex 00 rpc_dc_name: Returning DC PDC (10.80.100.62) for domain REG IPC$ connections done anonymously Connecting to host=PDC Connecting to 10.80.100.62 at port 445 Serverzone is 10800 add_trusted_domain: REG is a mixed (or NT4) mode domain Added domain REG Could not fetch sid for our domain REG scanning trusted domain list rpc: trusted_domains get_dc_list: returning 1 ip addresses in an unordered list get_dc_list: 10.80.100.62:0 nmb packet from 10.80.100.62(137) header: id=30956 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=REG1c rr_type=33 rr_class=1 ttl=0 answers 0 char .PDC hex 09504443202020202020202020202020 answers 10 char .d.PDC hex 00640050444320202020202020202020 answers 20 char .d.PDC hex 20200364005044432020202020202020 answers 30 char d...__MSBRO hex 2020202020640001025F5F4D5342524F answers 40 char WSE__REG hex 5753455F5F0201E40052454720202020 answers 50 char ...REG hex 202020202020202000E4005245472020 answers 60 char .d.REG hex 202020202020202020201B6400524547 answers 70 char ...R hex 2020202020202020202020201CE40052 answers 80 char EG.d hex 45472020202020202020202020201D64 answers 90 char .REG hex 00524547202020202020202020202020 answers a0 char hex 1EE4 answers b0 char hex
Re: [Samba] Problem with wbinfo
On Tuesday 29 March 2005 13:13, Ricardo Maciel wrote: Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind: [ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind: [ OK ] Make sure you do not have nscd running - i had similar problems with it. You should be able to do this with `service nscd stop; chkconfig nscd off` Hope that helps H pgpY3hSJ35I9j.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: Problems with Excel MS Word files (still)
No confirmation over here, havn't had a chance to compile a new copy - rolled back to 3.0.8 for the time being it's been less buggy but still have occasional file(s) locking up. A little unclear here, do I need to add a patch to 3.0.13 before compiling, or simply add 'dos filetime = yes' to the configuration? Lastly, does it matter if I'm not using ACL's? Just using plain old UNIX permissions (750/660 dir/file) and the force-group parameter for most shares - which works quite well thus far. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Urs Rau Sent: Tuesday, March 29, 2005 5:01 AM To: samba@lists.samba.org Subject: [Samba] Re: Problems with Excel MS Word files (still) Jeremy or Nathan, Jeremy Allison wrote: Ok, I have a working theory for this. It concerns ACLs and what happens when excel wants to update the filetime on a file the user doesn't own. Normally you just set the dos filetime parameter to allow this (this causes a timestamp to be updated on a file if you can write to it - normally POSIX only allows this if you're the owner). I've realised the codepath here doesn't check ACL semantics. This is a bug we've had since we introduced ACLs a long time ago but only now seems to have been triggered. Here is a patch to the just released 3.0.13 that causes ACL entries to be properly checked when dos filetime= True has been set. Please try this on top of 3.0.13 and let me know if it fixes the issues. Has this been confirmed, as fixing it? I am rolling a 3.0.13 maintenance release and it would be nice to clear this excel ACL bug. What is the bugzilla entry for this bug, so I can follow it? Thanks a lot. Regards, -- Urs Rau Head of Operations Operation Mobilisation UK National Office -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NFS and ACL
Hi, i still have no response for my problem, so i try again in another way. i have a share on with i set ACLs. This work fine. I mount this share with NFS on another server, but the ACL, can't be seen on the NFS side (i use getfacl) Is there a way to keep the ACL threw a NFS export ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Re: No vscan HOWTOs?
Does anyone have ANY idea what to put in /etc/magic to identify microsoft outlook pst files? scanning larger pst files (100 mb or so) currently raises my clamd cpu processor usage to 90% or higher, and 'locks' ms outlook on the workstation during the scan, so I'd rather not scan them and have mcafee on the workstation take care of that. Insight would really be appreciated. -Original Message- From: heupink, mourik jan c Sent: 29 March 2005 12:56 To: samba@lists.samba.org Subject: RE: [Samba] Re: No vscan HOWTOs? I have been trying to find out how to EXCLUDE certain files from scanning. Appearentlty it works by MIME-type. You have to configure your own mime type in /etc/magic, and then add that mime type to vscan-clamav.conf Has anyone got this working? -Original Message- From: Karl Banasky [mailto:[EMAIL PROTECTED] Sent: 28 March 2005 05:54 To: Jim C. Cc: samba@lists.samba.org Subject: Re: [Samba] Re: No vscan HOWTOs? I have been installing it on my Centos 4 box. Got it working on a quarentine bases. That way I can see if it is working correctly. There are some test Virus sites available to download a test virus to your share and see what happens. Might be dangerous but useful. I worked from src.rpms for all of it except samba-vscan. My issues were: 1) Not having the Samba source (configured and make); Solved it by rpmbuild -bc samba-src.rpm(Source showed in the BUILD directory. 2) Not having the socket configured correctly in the clamd.conf and the vscan-clamav.conf; Solved it by enabling it in the clamd.conf file and verified same location in the vscan-clamav.conf file 3) Build issues with clamav-.src.rpm; solved by yum'ing in sendmail-devel and sendmail-cf Other then that it was straight forward. Jim C. wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [chuckle] I think I've got it working. Apparently one just has to add the clamav user to the 'Domain Admins' group so that it can do it's job. I've been googleing around and it looks like a whole lot of people are missing this, i.e. that clamav. I could use some pointers on how to be sure it is working though. I'm not seeing it in my logs, but I'm also not sure where to look. Jim C. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCR1vV57L0B7uXm9oRAs+cAJ0RrLMa6Ou/RehR0dprQkK6Tjg7lgCfXz5j /Mtirt+9h7H6w3joPTw22Dc= =r98u -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple Domain Controller
Can anyone point me to a howto/tutorial that will help me setup a multiple domain controller ie. one samba server - multiple domains Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba does not 'see' all the cups printers
Hi, all, I have a weird problem; I have 3 working cups printers on Suse linux 9. All 3 are networked printers. I use the following statements in smb.conf : printing = cups load printers = yes printcap name = /etc/printcap [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = yes writeable = no public = yes printable = yes browsable = No printer admin = root, bdridder use client driver = Yes this is the content of /etc/printcap # This file was automatically generated by cupsd(8) from the # /etc/cups/printers.conf file. All changes to this file # will be lost. HP-Laserjet-4000|Developers gelijkvloers - soms platvloers ;-):rm=GOSCINNY:rp=HP-Laserjet-4000: HP-LaserJet-4100|Sales Marketing:rm=GOSCINNY:rp=HP-LaserJet-4100: HPCL2500|Colour Laserjet - use only when needed:rm=GOSCINNY:rp=HPCL2500: If I use printcap name = cups in smb.conf, NO printers show up at all. If I use /etc/printcap, only HPCL2500 shows up in the Printers folder of the server. Does anybody have an idea how this can happen ? Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be John H Terpstra [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 16/03/2005 17:34 Please respond to [EMAIL PROTECTED] To samba@lists.samba.org cc Subject Re: [Samba] Samba and LDAP Base DN Misty, If your binddn has changed you need to re-run: smbpasswd -w 'secret' to update your secrets.tdb file. - John T. On Wednesday 16 March 2005 09:06, Misty Stanley-Jones wrote: More info: I tried deleting ou=corp (after making a backup of course) and still no dice. As soon as I put back ou=corp and make the baseDN in smb.conf ou=corp, everything works. If I take all the entries under ou=corp and copy them one level up, I can't authenticate to Samba anymore. It doesn't make any sense. On Wednesday 16 March 2005 10:57 am, Misty Stanley-Jones wrote: Right now, I have all of my Samba stuff under ou=corp,dc=mycompany,dc=com. I have it this way because there used to also be ou=furn,dc=mycompany,dc=com with a different domain. Now that I only have one domain, I would like to move everything to dc=mycompany,dc=com. So I copy all of the subentries of ou=corp (ou=computers, ou=people, ou=grooups, and the sambaDomainName entries) to dc=mycompany,dc=com. I change the /etc/ldap.conf files to all point to the new OU. Perfect. However when I change the baseDN in my smb.conf, all of a sudden I cannot authenticate. Even when doing smbcontrol smbd reload-config. The only thing I can figure is that it might be doing a 'sub' search and finding two entries for my user, because I left the 'ou=corp' DN as it was. Is it that, or is there something else I have to do in order to restructure my LDAP tree? TIA, Misty -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Vijay - net_r_sam_logon errors.
Hi, We get the following errors in the current samba domain controller : [2005/03/29 06:16:49, 0] rpc_server/srv_netlog.c:api_net_sam_logon(206) api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. [2005/03/29 06:16:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1200) api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. [2005/03/29 06:29:35, 0] lib/util_sock.c:matchname(900) sys_gethostbyname(netapp-ghost): lookup failure. [2005/03/29 06:29:35, 0] lib/util_sock.c:get_socket_name(967) Matchname failed on netapp-ghost 10.10.10.1 [2005/03/29 06:29:35, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(670) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2005/03/29 06:35:26, 0] lib/util_sock.c:matchname(900) sys_gethostbyname(bhim): lookup failure. [2005/03/29 06:35:26, 0] lib/util_sock.c:get_socket_name(967) Matchname failed on bhim 10.10.10.2 [2005/03/29 06:35:43, 0] smbd/service.c:make_connection(248) bhim (172.16.0.196) couldn't find service netlogon [2005/03/29 06:37:51, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer I have tested the service through other commands like smbclient share name -U user name and everything runs perfectly fine. Users are able to login with their ID's without any issues. Please help me to resolve this error. Whats the cause ? Regards, Vijay Kumar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] NFS and ACL
Only NFS v4 have acl support !!! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Patrick DUBAU [EMAIL PROTECTED] sace.iufm.fr A Envoyé par : samba@lists.samba.org samba-bounces+ste cc phane.purnelle=co [EMAIL PROTECTED] Objet ba.org[Samba] NFS and ACL 29/03/2005 15:01 Hi, i still have no response for my problem, so i try again in another way. i have a share on with i set ACLs. This work fine. I mount this share with NFS on another server, but the ACL, can't be seen on the NFS side (i use getfacl) Is there a way to keep the ACL threw a NFS export ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Client Profile mistake
Now when I try to log on the domain the client ist no longer trusted by the domain. When I add the client to the domain to solve these problem, I get an new profile after login. And this is my problem. All our client-users are mobile user, they all have local profiles. And the need ther profiles back. They don't accept new profiles. So what do I have to do to use our old profiles. This sounds a lot like your domain SID changed, if you can find your SID on a machine you can change it back and probably save yourself some headache, assuming you arent already too far converting profiles to go back. For starters, get the SID your server is currently using for comparison: net getlocalsid Search around on some system for the old SID. There's two places I can think of for ease: 1. In the registry, you should see someplace under HKEY-USERS a key tree that starts with a SID looking number, (S-x-x-xx--x-x- or thereabouts). Take this number, and chop off the last - and you have the domain SID of the domain. 2. Look for your c:\Docs and Settings directory and you should see some directories for your old user(s). Look at the properties, security tab and the owner should be a SID like in step 1. Chop off the end - data as above. Once you have the domain SID, issue net setlocalsid S-x-x-xx-x-xxx- restart the samba process and see how logins go on a machine you haven't touched yet. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba as domain controller
I want to setup Linux(Samba) as Domain Controller means no more Windows NT,2k or 2k3 as domain controller.I have mix of windows and Linux clients and I want these clients to get authentication from the Linux .Can anybody tell me any tutorial or How to do it. There are two good ones linked to on the main samba.org webpage. There's a HowTo and a By Example guide for your perusal. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba does not 'see' all the cups printers
Well it seems I can answer my own question here Very weird, but if I recreate the printers with shorter names (HPLJ4000 in stead of HP-LaserJet-4000), Samba 'sees' them Can anyone explain ? Kind regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 29/03/2005 15:09 To samba@lists.samba.org cc Subject [Samba] Samba does not 'see' all the cups printers Hi, all, I have a weird problem; I have 3 working cups printers on Suse linux 9. All 3 are networked printers. I use the following statements in smb.conf : printing = cups load printers = yes printcap name = /etc/printcap [printers] comment = SMB Print Spool path = /var/spool/samba guest ok = yes writeable = no public = yes printable = yes browsable = No printer admin = root, bdridder use client driver = Yes this is the content of /etc/printcap # This file was automatically generated by cupsd(8) from the # /etc/cups/printers.conf file. All changes to this file # will be lost. HP-Laserjet-4000|Developers gelijkvloers - soms platvloers ;-):rm=GOSCINNY:rp=HP-Laserjet-4000: HP-LaserJet-4100|Sales Marketing:rm=GOSCINNY:rp=HP-LaserJet-4100: HPCL2500|Colour Laserjet - use only when needed:rm=GOSCINNY:rp=HPCL2500: If I use printcap name = cups in smb.conf, NO printers show up at all. If I use /etc/printcap, only HPCL2500 shows up in the Printers folder of the server. Does anybody have an idea how this can happen ? Regards, Bert De Ridder PeopleWare NV - Head Office Cdt.Weynsstraat 85 B-2660 Hoboken Tel: +32 3 448.33.38 Fax: +32 3 448.32.66 PeopleWare NV - Branch Office Geel Kleinhoefstraat 5 B-2440 Geel Tel: +32 14 57.00.90 Fax: +32 14 58.13.25 http://www.peopleware.be http://www.mobileware.be John H Terpstra [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 16/03/2005 17:34 Please respond to [EMAIL PROTECTED] To samba@lists.samba.org cc Subject Re: [Samba] Samba and LDAP Base DN Misty, If your binddn has changed you need to re-run: smbpasswd -w 'secret' to update your secrets.tdb file. - John T. On Wednesday 16 March 2005 09:06, Misty Stanley-Jones wrote: More info: I tried deleting ou=corp (after making a backup of course) and still no dice. As soon as I put back ou=corp and make the baseDN in smb.conf ou=corp, everything works. If I take all the entries under ou=corp and copy them one level up, I can't authenticate to Samba anymore. It doesn't make any sense. On Wednesday 16 March 2005 10:57 am, Misty Stanley-Jones wrote: Right now, I have all of my Samba stuff under ou=corp,dc=mycompany,dc=com. I have it this way because there used to also be ou=furn,dc=mycompany,dc=com with a different domain. Now that I only have one domain, I would like to move everything to dc=mycompany,dc=com. So I copy all of the subentries of ou=corp (ou=computers, ou=people, ou=grooups, and the sambaDomainName entries) to dc=mycompany,dc=com. I change the /etc/ldap.conf files to all point to the new OU. Perfect. However when I change the baseDN in my smb.conf, all of a sudden I cannot authenticate. Even when doing smbcontrol smbd reload-config. The only thing I can figure is that it might be doing a 'sub' search and finding two entries for my user, because I left the 'ou=corp' DN as it was. Is it that, or is there something else I have to do in order to restructure my LDAP tree? TIA, Misty -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with wbinfo
Hamish, Thanks, but the nscd service was already stopped. Must be another solution. Any other idea? Ricardo. On Tue, 29 Mar 2005 13:27:16 +0100, Hamish [EMAIL PROTECTED] wrote: On Tuesday 29 March 2005 13:13, Ricardo Maciel wrote: Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind:[ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind:[ OK ] Make sure you do not have nscd running - i had similar problems with it. You should be able to do this with `service nscd stop; chkconfig nscd off` Hope that helps H -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Smbmnt problem with real path
Dear friends, The following command smbmnt //winhost/share /home/myname/share Produces the error Failed to find real path for mount point. What does it mean, and how to fix it. Regards Suren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] wins problem - 2nd and last time post
Hello list I am having the following problem with samba wins server: 1. my servers record are desapearing from wins database. this servers(computers) are never turned off, and once or twice a week the wins records just vanish and I have to restart the server to register itself again with wins. 2. when I install a new workstation I do so in a subnet A where is my support team. Then I send the workstation to it's final place which is a subnet B. while installing it, the workstation register itself on wins server with an IP from subnet A. When I send it to its final location it gets an IP from subnet B but wins server keeps the record from subnet A. It does not update the record. If I stop the server, edit wins.dat and remove the record, restart wins e renew the workstation dhcp net configuration it register itself again with the correct IP. I am using Suse 9.2 professional with samba smbd version 3.0.9-2.3-SUSE. I am not starting smbd. Thanks for any help. -- Att., Flávio Fonseca Equipe Divisão de Redes (DR) Diretoria de Processamento de Dados (DirPD) Universidade Federal de Uberlandia (UFU) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Setup Samba
I have a FC3 box set up with Samba 3.0.13-1 which has PAM and nsswitch setup to use an LDAP server for local authentication. I use the getent passwd command and can see that all of my LDAP users show up with uid and gid's. Each user has a home directory on the computer that they own. My question: is there an easy way to make Samba use the normal UNIX passdb backend with a standalone (no PDC) server for my users? I set my Windows computer to have plain text passwords, but I don't know what settings samba should have to achieve this. I really don't like the idea of LDAP with the idealx documentation because A.) I'm not using a PDC, B.) I don't want to maintain the extra password hashes. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ACL support
Hi, I have download the latest version samba-3.0.13-1.src.rpm, and I have make followings changes: Rpm -i samba-3.0.13-1.src.rpm, so I have created the SPEC file. I have added --with-acl-support in the CFLAGS section in the SPEC file. Rpmbuild -bb specfile.spec. It compile the finally rpm without errors but when I install the package and make ldd /usr/sbin/smbd, I can't see libattr and libacl compiled in ... Where I wrong? Thanks. Marco. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using Lotus Domino LDAP as Samba Backend
On Tuesday 29 March 2005 04:18, [EMAIL PROTECTED] wrote: Hello, can I use the Lotus Domino LDAP Server as backend for Samba? Any LDAP server can be used so long as it has the right schema extensions and uses standard protocols. Has anyone tried this, or some experiences in that? Not with Lotus. - John T. Mit freundlichen Grüssen / Kind regards Norman Trapp System Management objective partner GmbH Bergstrasse 45 D-69469 Weinheim Tel. +49 (0)6201 3986 24 Fax. +49 (0)6201 3986 12 ___ objective partner - keep IT in e.motion Diese eMail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese eMail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese eMail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser eMail ist nicht gestattet. This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd 100% systemload
Heya, the growing number of smbd process and therewith the resulting 100% cpu usage have their reason in samba not killing processes which are not used anymore (since every client causes Samba to spawn a new process). You can resolve this issue by putting deadtime = 60 into your smb.conf. This causes Samba to kill processes which are not used anymore after 60 minutes which should be sufficient. Hope I helped! Have a nice day, Ulrik Matthias Henze wrote: hi, i've a debian sarge setup with samba 3.0.10 with ldap as SAM backend. every thing used to work as expected, but last week the machine went down. an analysis of the problem has showen, that with increasing uptime there is a growing number of smbd processes that caus 100% CPU utilation. tests have showen, that i can kill these processes without harming smb conecctivtiy. this is a workaround but no soulution. i've absolutely no idea what causes this and what i can/should do to track this down. any suggestions ? TIA Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] wins problem - 2nd and last time post
On Tuesday 29 March 2005 06:56, Flavio Fonseca wrote: Hello list I am having the following problem with samba wins server: 1. my servers record are desapearing from wins database. this servers(computers) are never turned off, and once or twice a week the wins records just vanish and I have to restart the server to register itself again with wins. 2. when I install a new workstation I do so in a subnet A where is my support team. Then I send the workstation to it's final place which is a subnet B. while installing it, the workstation register itself on wins server with an IP from subnet A. When I send it to its final location it gets an IP from subnet B but wins server keeps the record from subnet A. It does not update the record. If I stop the server, edit wins.dat and remove the record, restart wins e renew the workstation dhcp net configuration it register itself again with the correct IP. I am using Suse 9.2 professional with samba smbd version 3.0.9-2.3-SUSE. Suggest you update to samba-3.0.13 - if the problem persists please file a bug report at https://bugzilla.samba.org with details of how the bug can be reproduced so that we can schedule to fix this. Thank you. - John T. I am not starting smbd. Thanks for any help. -- Att., Flávio Fonseca Equipe Divisão de Redes (DR) Diretoria de Processamento de Dados (DirPD) Universidade Federal de Uberlandia (UFU) -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL support
On Tuesday 29 March 2005 08:00, Meli Marco wrote: Hi, I have download the latest version samba-3.0.13-1.src.rpm, and I have make followings changes: Rpm -i samba-3.0.13-1.src.rpm, so I have created the SPEC file. I have added --with-acl-support in the CFLAGS section in the SPEC file. Rpmbuild -bb specfile.spec. It compile the finally rpm without errors but when I install the package and make ldd /usr/sbin/smbd, I can't see libattr and libacl compiled in ... Where I wrong? Thanks. Marco. Have the following packages been installed? libacl-devel libxattr-devel The compiler can only use the libraries that exist on the build machine. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] add machine script + ldap doesn't work? Please help!
Hi, I have a pdc on samba 3.0.9 with LDAP as backend. However when I add a machine to domain (via the Windows interface - my computer-properties-network-identification-properties-domain The computer is added to the domain (into ldap), but only via samSambaAccount, and no posix parts. I have tried to use: add machine script = /usr/local/bin/smbldap-useradd.pl -w %u And nothing happened - it works just fine if I run it manually. Than I tried: add machine script = /bin/echo %u /tmp/addmachine.txt and again nothing happened, but the machine account exists in ldap at that point (allthough I deleted it before joining the domain). Is there anything more that one would have to do to make samba execute those scripts (I was joining the domain via root account (uid=0, gid=0)). Please help me if you can, because I do not know what to look for any more (logs also show no errors or clues at this point). Regards, Bostjan -- buhdej evridej -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] iconv not working on Sparc Solaris 8
Hi, Thanks for the feedback. I changed the order of my PATH and added an entry for LD_LIBRARY_PATH and this seems to have solved the problem. Thanks Again Graeme -Original Message- From: Håkan Stefansson [mailto:[EMAIL PROTECTED] Sent: 25 March 2005 18:29 To: Graeme Hindmarsh Cc: 'samba@lists.samba.org' Subject: Re: [Samba] iconv not working on Sparc Solaris 8 Graeme Hindmarsh wrote: Hi, I have installed gettext using the configure --with-libiconv-prefix={dir} I then reinstalled libiconv, following make distclean, but there was no configure option to point to the gettext lib. I then recompiled samba but have had the same result and iconv is still not working. Is there something that I am doing wrong or missing out, do I need to set LDFLAGS or any other environment variables? Any help would be greatly appreciated. Thanks Graeme I see from your configure output below that iconv was found in /usr/lib. This is Sun's iconv, that doesn't work with samba. Was that configure run before or after you installed libiconv in /usr/local? What did your latest samba configure say about this? My samba 3.0.12 with working libiconv support runs under Solaris 7. I am using gcc 3.x.y, GNU make and Sun's linker. I also use LD_LIBRARY_PATH=/usr/local/lib and in my PATH I have /usr/local/bin before /usr/bin and /usr/ccs/bin. I don't remember what configure options I used for libiconv and gettext. I'm afraid I can't give you much better info about my setup until I'm back at work on Tuesday. Håkan -Original Message- From: Håkan Stefansson [mailto:[EMAIL PROTECTED] Sent: 25 March 2005 12:50 To: Graeme Hindmarsh Cc: 'samba@lists.samba.org' Subject: Re: [Samba] iconv not working on Sparc Solaris 8 Graeme Hindmarsh wrote: Hi, I am trying to compile Samba 3.0.13 but when I run configure I get the following in the output. checking for iconv in /usr/lib... yes checking can we convert from CP850 to UCS2-LE?... no checking can we convert from IBM850 to UCS2-LE?... no checking can we convert from ASCII to UCS2-LE?... no checking can we convert from 646 to UCS2-LE?... 646 checking can we convert from UTF-8 to UCS2-LE?... UTF-8 checking for iconv in /usr/local/lib... yes checking can we convert from CP850 to UCS2-LE?... no checking can we convert from IBM850 to UCS2-LE?... no checking can we convert from ASCII to UCS2-LE?... no checking can we convert from 646 to UCS2-LE?... no checking can we convert from UTF-8 to UCS2-LE?... no checking can we convert from UTF8 to UCS2-LE?... no configure: WARNING: Sufficient support for iconv function was not found. Install libiconv from http://freshmeat.net/projects/libiconv/ for better cha rset compatibility! I have compiled from source and installed libiconv-1.9.2 in /usr/local but it just does not seem to work. Without iconv Samba will just fill up its log files with character conversion errors and generally not work. I have tried libiconv-1.9.1, libiconv-1.8 and Samba 3.0.11. GNU gcc 2.95.3 and gcc 3.4.2 Can anybody help? Thanks Graeme There is a mutual dependency between libiconv and GNU gettext. That is, gettext is needed to get libiconv to work while gettext neeeds libiconv. (IIRC this is mentioned in a README or INSTALL file.) I have tested the following procedure on Solaris 7 and 9 with various versions of samba 3.0.x, most recently with samba 3.0.12 under Solaris 7. (Sorry, I don't remember what libiconv and gettext versions I used and can't check now as I'm at home.) 1. Install libiconv from source 2. Install gettext fron source 3. Remove (make distclean) libiconv and reinstall it Then you will need to reinstall samba with the configure parameter --with-libiconv=/usr/local (assuming the libraries are in /usr/local/lib) Håkan Stefansson I -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with pdf printing
Hello, I'm hoping someone can help me. I have several pdf printers set up and when I print to them samba becomes unstable and several errors are dumped to the log. These pdf printers were working when I was using version 3.0.6. When I went to a newer version of samba the queue would not clear on the windows side and no errors were logged. Yesterday I upgraded to version 3.0.13-1 and the errors started and the queue still will not clear. I have deleted several tdb files to no avail. I am using printing = bsd option as I have in the past. Below is a clip from the log. Please let me know if anyone needs more information. [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 1409 ltype=0 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 0 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 295 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 4128 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 3445 ltype=0 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 4128 ltype=0 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 3445 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 1717 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 480 ltype=1 (Bad file descriptor) [2005/03/29 10:49:03, 0] printing/printing.c:print_queue_update_internal(1195) print_queue_update: failed to store MSG_PENDING flag for [IT pdf printer]! [2005/03/29 10:49:03, 0] tdb/tdbutil.c:tdb_log(725) tdb(/var/lib/samba/printing/IT pdf printer.tdb): tdb_lock failed on list 1321 ltype=1 (Bad file descriptor) [2005/03/29 10:49:05, 0] printing/printing_db.c:get_print_db_byname(66) get_print_db: Failed to close tdb for printer IT pdf printer [2005/03/29 10:49:11, 1] smbd/service.c:make_connection_snum(642) bmg2001 (192.168.42.106) connect to service public initially as user NEWYORK+deborahp (uid=10008, gid=10011) (pid 23475) [2005/03/29 10:50:04, 0] lib/fault.c:fault_report(36) === [2005/03/29 10:50:04, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 23459 (3.0.13) Please read the appendix Bugs of the Samba HOWTO collection [2005/03/29 10:50:04, 0] lib/fault.c:fault_report(39) === [2005/03/29 10:50:04, 0] lib/util.c:smb_panic2(1495) PANIC: internal error [2005/03/29 10:50:04, 0] lib/util.c:smb_panic2(1503) BACKTRACE: 14 stack frames: #0 smbd(smb_panic2+0x128) [0x81df9d8] #1 smbd(smb_panic+0x19) [0x81df8a9] #2 smbd [0x81cd252] #3 /lib/tls/libc.so.6 [0x420277b8] #4 smbd(tdb_fetch_int32_byblob+0x45) [0x81f4f75] #5 smbd(tdb_fetch_int32+0x28) [0x81f4fe8] #6 smbd [0x81fb637] #7 smbd [0x81fbe51] #8 smbd [0x81fc06e] #9 smbd(message_dispatch+0x13c) [0x81e823c] #10 smbd(start_background_queue+0x1cd) [0x81fc28d] #11 smbd(main+0x68b) [0x8257abb] #12 /lib/tls/libc.so.6(__libc_start_main+0xe4) [0x42015704] #13 smbd(ldap_msgfree+0x89) [0x80792a1] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Securing machine auth account
On Monday 28 March 2005 23:12, info wrote: Please give me a sanity check here... OK. So please check the chapter on Rights and Privileges in the Samba-HOWTO-Collection. You can obtain the latest build from: http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf If this does not solve your problem in a more sane manner please drop me a line. Ahhh: Samba 3.0.11 introduces support for the Windows privilege model. This model allows certain rights to be assigned to a user or group SID. So I missed it by a .01 release... Thanks (snip) https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-Guide chapter 10
Hi John T. et al., here is my comment about the Samba-Guide chapter 10. In my opinion this chapter is a good place to explain the nature of Samba: joining the unix and the windows world by mapping. In most of the cases discussed on this list a unix server is used only as a container for the windows world. The Samba team tries to smooth the differences between unix and windows and to put windows functionality into unix. For me everything is merged into one big cloud. As an administrator I want to look behind the scene and to understand the different cases which Samba as an all-purpose software can serve for. We don't use Samba as a general tool for everything. For the user and group management we have an external Oracle database. From this database we feed a mixed mode AD for the windows world and a LDAP for the unix world using there nss_ldap. A windowsusername = DOMAIN\unixusername and some windowsgroupname = DOMAIN\unixgroupname, some windowsgroupnames differ from unixgroupnames. Both group membership trees are identical ( LDAP supports nested unix groups). The password entries for unix and windows are managed by the external database. On our NFS and CIFS fileserver both worlds get in touch with the help of winbind: the idmap backend on a LDAP server is also feeded by our database, winbind has only to read the mappings. We don't use winbind for name resolution or automatic creation of uid/gid. In chapter 10 there are some common phrases about the winbind role, but in my opinion we need a more detailed explanation how it manages the mapping in different cases. More general, I would like to have a chapter from the mapping viewpoint. For my particular case I had to read many different places in the documentation (and I'm reading it the third month) to find a working configuration (which I'll send to the list if you would like ), but there are still some open questions: - Must the idmap be a one-to-one mapping or can several sid point to one uid/gid ? or is the username map the only tool in this case (and what about a groupname map ) ? - Why does the user mapping mechanism differ from the group mapping mechanism ? - How is a windows group membership mapped automatically to a unix membership (We do it by the external database) ? - How are the 14 different windows security attributes mapped into the Posix ACLs and how are the Posix ACLs displayed in windows ? I hope this email is not too confusingly, but I tried be short. Regards M.Schlett -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with wbinfo
The wbinfo -t returning an error normally means the machine was not properly joined to the domain. Did you do a net rpc join? Is your smb.conf set up properly to be a member of the domain? Ricardo Maciel wrote: Hamish, Thanks, but the nscd service was already stopped. Must be another solution. Any other idea? Ricardo. On Tue, 29 Mar 2005 13:27:16 +0100, Hamish [EMAIL PROTECTED] wrote: On Tuesday 29 March 2005 13:13, Ricardo Maciel wrote: Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind:[ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind:[ OK ] Make sure you do not have nscd running - i had similar problems with it. You should be able to do this with `service nscd stop; chkconfig nscd off` Hope that helps H -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-Guide chapter 10
On Tuesday 29 March 2005 09:56, Dr. Matthias Schlett (987) wrote: Hi John T. et al., here is my comment about the Samba-Guide chapter 10. The Samba-Guide (Samba-3 by Example) is not intended as a comprehensive technical overview of how Samba works. It is meant as a quick guide that will help our users to create a working network environment. The premise behind the Samba-Guide is learn be seeing Samba work - not see how every nut and bolt of Samba works. The nuts and bolts should be covered in the Samba-HOWTO-Collection. In my opinion this chapter is a good place to explain the nature of Samba: joining the unix and the windows world by mapping. This is handled in the Samba-HOWTO-Collection. Is that the wrong place? In most of the cases discussed on this list a unix server is used only as a container for the windows world. The Samba team tries to smooth the differences between unix and windows and to put windows functionality into unix. For me everything is merged into one big cloud. As an administrator I want to look behind the scene and to understand the different cases which Samba as an all-purpose software can serve for. Right. Refer to the Samba-HOWTO-Collection and if that is deficient it must be updated. We don't use Samba as a general tool for everything. For the user and group management we have an external Oracle database. From this database we feed a mixed mode AD for the windows world and a LDAP for the unix world using there nss_ldap. A windowsusername = DOMAIN\unixusername and some windowsgroupname = DOMAIN\unixgroupname, some windowsgroupnames differ from unixgroupnames. AS shown in the Samba-Guide and as explained in detail in the Samba-HOWTO-Collection a Windows username should be the same as a UNIX username. The 'username map' facility is a kludge for handling out-lying cases where the names must for a particular reason differ, not as a panacea for general use. The 'username map' facility violates one of the principle rules of using Samba - that there must be only unique resolution of login_ID=UID=SID as any ambiguity may end up biting the hand off. The same rules apply to group mappings. The tool for setting up group mappings is: 'net groupmap [add | modify | delete] ntgroup=[...] unixgroup=[...]' Both group membership trees are identical ( LDAP supports nested unix groups). The password entries for unix and windows are managed by the external database. On our NFS and CIFS fileserver both worlds get in touch with the help of winbind: the idmap backend on a LDAP server is also feeded by our database, winbind has only to read the mappings. We don't use winbind for name resolution or automatic creation of uid/gid. What do you see as the role of winbind? In chapter 10 there are some common phrases about the winbind role, but in my opinion we need a more detailed explanation how it manages the mapping in different cases. More general, I would like to have a chapter from the mapping viewpoint. For my particular case I had to read many different places in the documentation (and I'm reading it the third month) to find a working configuration (which I'll send to the list if you would like ), but there are still some open questions: Have you referred to the Samba-HOWTO-Collection? Both the HOWTO and the Guide have recently been significantly updated. They are available on-line at: http://www.samba.org/samba/docs/ - Must the idmap be a one-to-one mapping or can several sid point to one uid/gid ? or is the username map the only tool in this case (and what about IDMAP can handle only single and unambiguous mapping of SID to UID and vica versa. a groupname map ) ? - Why does the user mapping mechanism differ from the group mapping mechanism ? - How is a windows group membership mapped automatically to a unix membership (We do it by the external database) ? Groups are only explicitly mapped since 3.0.0. That is why you need to create the mapping using the 'net groupmap' facility. - How are the 14 different windows security attributes mapped into the Posix ACLs and how are the Posix ACLs displayed in windows ? Perhaps Jeremy can best answer this. I hope this email is not too confusingly, but I tried be short. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Problems with Excel MS Word files (still)
On Tue, Mar 29, 2005 at 11:01:10AM +0100, Urs Rau wrote: Jeremy or Nathan, Jeremy Allison wrote: Ok, I have a working theory for this. It concerns ACLs and what happens when excel wants to update the filetime on a file the user doesn't own. Normally you just set the dos filetime parameter to allow this (this causes a timestamp to be updated on a file if you can write to it - normally POSIX only allows this if you're the owner). I've realised the codepath here doesn't check ACL semantics. This is a bug we've had since we introduced ACLs a long time ago but only now seems to have been triggered. Here is a patch to the just released 3.0.13 that causes ACL entries to be properly checked when dos filetime= True has been set. Please try this on top of 3.0.13 and let me know if it fixes the issues. Has this been confirmed, as fixing it? I am rolling a 3.0.13 maintenance release and it would be nice to clear this excel ACL bug. What is the bugzilla entry for this bug, so I can follow it? Most people have reported this being fixed with dos filetimes=yes and 3.0.13. There are still a few outstanding issues when people are using ACLs I'm looking into right now. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with wbinfo
Michael, Here are my nsswitch.conf and smb.conf (I input the syslog=3): # # /etc/nsswitch.conf # # Example: #passwd:db files nisplus nis #shadow:db files nisplus nis #group: db files nisplus nis passwd: files winbind shadow: files winbind group: files winbind # #--smb.conf # # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/09/17 16:03:56 # Global parameters [global] workgroup = REG netbios name = Estacao1386000 security = domain password server = * winbind uid = 1000-2 winbind gid = 1000-2 winbind enum users = yes winbind enum groups = yes winbind separator = + winbind cache time = 10 template homedir = /home/winnt/%D/%U winbind use default domain = yes template shell = /bin/bash syslog = 3 # what does wbinfo -p return? # # wbinfo -p Ping to winbindd succeeded on fd 4 # What OS is your domain controller? Red Hat Enterprise Linux AS - 2.4.21-4.EL Have you joined the box the domain? Sorry. I didn't understand! Have you turned up logging (syslog = 3) in your smb.conf? Yes (see above). Still Thanking. Ricardo. On Tue, 29 Mar 2005 10:48:05 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Have you already made the changes to nsswitch.conf? passwd: files winbind shadow: files winbind group: files winbind what does wbinfo -p return? What OS is your domain controller? Have you joined the box the domain? Have you turned up logging (syslog = 3) in your smb.conf? Just some thoughts ... good luck. Michael J Barber Computer Services Administrator WPTZ/WNNE Heart-Argyle Television p 518-561- x563 m 518-572-6639 f 518-561-5940 Ricardo Maciel [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/29/2005 10:50 AM Please respond to Ricardo Maciel To:samba@lists.samba.org cc: Subject:Re: [Samba] Problem with wbinfo Hamish, Thanks, but the nscd service was already stopped. Must be another solution. Any other idea? Ricardo. On Tue, 29 Mar 2005 13:27:16 +0100, Hamish [EMAIL PROTECTED] wrote: On Tuesday 29 March 2005 13:13, Ricardo Maciel wrote: Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind:[ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind:[ OK ] Make sure you do not have nscd running - i had similar problems with it. You should be able to do this with `service nscd stop; chkconfig nscd off` Hope that helps H -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using Lotus Domino LDAP as Samba Backend
[EMAIL PROTECTED] wrote on 03/29/2005 09:20:31 AM: On Tuesday 29 March 2005 04:18, [EMAIL PROTECTED] wrote: Hello, can I use the Lotus Domino LDAP Server as backend for Samba? Any LDAP server can be used so long as it has the right schema extensions and uses standard protocols. Has anyone tried this, or some experiences in that? Do a google search for Alan Bell linux lotus domino and see what you get. I know that he had this working at one point, but didn't get the chance to put it into production. There was information also available at www.openntf.org - but I'm not sure if it's there anymore. As John says, it's a matter of adding the right schema extensions. These will be added to the person document on the Domino server. Not with Lotus. - John T. Mit freundlichen Grüssen / Kind regards Norman Trapp System Management objective partner GmbH Bergstrasse 45 D-69469 Weinheim Tel. +49 (0)6201 3986 24 Fax. +49 (0)6201 3986 12 ___ objective partner - keep IT in e.motion -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Problems with Excel MS Word files (still)
On Tue, Mar 29, 2005 at 07:45:53AM -0500, Nathan Vidican wrote: No confirmation over here, havn't had a chance to compile a new copy - rolled back to 3.0.8 for the time being it's been less buggy but still have occasional file(s) locking up. A little unclear here, do I need to add a patch to 3.0.13 before compiling, or simply add 'dos filetime = yes' to the configuration? Lastly, does it matter if I'm not using ACL's? Just using plain old UNIX permissions (750/660 dir/file) and the force-group parameter for most shares - which works quite well thus far. No, you don't need to add a patch. Simply setting dos filetimes should do it. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problems with Excel MS Word files (still)
Jeremy Allison wrote: On Tue, Mar 29, 2005 at 07:45:53AM -0500, Nathan Vidican wrote: No confirmation over here, havn't had a chance to compile a new copy - rolled back to 3.0.8 for the time being it's been less buggy but still have occasional file(s) locking up. A little unclear here, do I need to add a patch to 3.0.13 before compiling, or simply add 'dos filetime = yes' to the configuration? Lastly, does it matter if I'm not using ACL's? Just using plain old UNIX permissions (750/660 dir/file) and the force-group parameter for most shares - which works quite well thus far. No, you don't need to add a patch. Simply setting dos filetimes should do it. Ohh, I have added the patch you emailed to the newsgroup on 24/3/05, in this thread, I guess I should back that out again in my custom rpm? Or is it a fix that will make it into 3.0.14 anyway? (maybe I am confusing people with my question about my self-rolled samba rpm, where I included your newspost as a patch on top of 3.0.13, sorry) -- Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] printers offline in 3.0.13 - is it because they are local printers printing to local ports ?
Maybe my printers being offline with samba 3.0.13 on some xp pro workstations is not a bug after all, maybe it was a (mis)feature in samba-2.2? My problem is that I can't easily test on 3.0.13, because until a few days ago I had been running 2.2.12 and all was fine, then. No printers showed as offlne. But then I upgraded to 3.0.7 for a day or two immediately followed by an upgrade to 3.0.11 and I only held my breadth to check things when I was on 3.0.11 and found that my printers were showing as offline under 3.0.11, but of course maybe that would have been like that even on 3.0.7? We have had 3 good reasons to install samba printers on win xp workstations as local printers printing to local ports (e.g. \\linux\printerqueuename) reason 1 our main email application (pegasus mail) was playing very annoying timeout delays with reading emails and going up or down the email inbox if the default printer was a smb network printer that was unreachable at the time. (for some strange reason pegasus was trying to interact with the printer for every msg) reason 2 just when we thought we should point the finger at pegasus mail for this we found that ms word had a similar problem when it came to a workstation having the default printer as a smb network printer and it wasn't accessible. reason 3 if we installed the samba network printers as local printers printing to a local port (e.g \\linux\printerqueuename then we could install the printer for all users on that workstation and also set the default config for all of those queues once for all, from a script. (so no need to set the network printer settings and defaults once every login.) BUT maybe we have to throw out those gains and stop using printers defined as local printers printing to local ports which are pointed at the samba print queue? Is there a reason why samba changed it's behaviour showing it's printers as being offline if they are accessed in this way? I guess the question to ask is, what status does a win2k3 shared printer show as on a win xp pro workstation if one sets the workstation printer up as a local printer with a local port of the name \\sambaservername\printerqueuename. I hope somebody can tell me that such a setup would result in a printer showing the proper status? Because then I am sure samba could be told the same trick, surely? I am hoping one or two of you can shed some light on this. Regards, Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with wbinfo
In adition, above are the messages that appears at the winbindd.log (at the client), when this service is started: # [2005/03/29 16:30:21, 1] nsswitch/winbindd.c:main(832) winbindd version 3.0.0-14.3E started. Copyright The Samba Team 2000-2003 [2005/03/29 16:30:22, 1] nsswitch/winbindd_util.c:add_trusted_domain(149) Added domain REG [2005/03/29 16:30:22, 1] nsswitch/winbindd_util.c:init_domain_list(284) Could not fetch sid for our domain REG [2005/03/29 16:30:22, 1] nsswitch/winbindd_util.c:add_trusted_domains(206) scanning trusted domain list # Thanks for any help!! Ricardo. On Tue, 29 Mar 2005 14:34:01 -0300, Ricardo Maciel [EMAIL PROTECTED] wrote: Michael, Here are my nsswitch.conf and smb.conf (I input the syslog=3): # # /etc/nsswitch.conf # # Example: #passwd:db files nisplus nis #shadow:db files nisplus nis #group: db files nisplus nis passwd: files winbind shadow: files winbind group: files winbind # #--smb.conf # # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/09/17 16:03:56 # Global parameters [global] workgroup = REG netbios name = Estacao1386000 security = domain password server = * winbind uid = 1000-2 winbind gid = 1000-2 winbind enum users = yes winbind enum groups = yes winbind separator = + winbind cache time = 10 template homedir = /home/winnt/%D/%U winbind use default domain = yes template shell = /bin/bash syslog = 3 # what does wbinfo -p return? # # wbinfo -p Ping to winbindd succeeded on fd 4 # What OS is your domain controller? Red Hat Enterprise Linux AS - 2.4.21-4.EL Have you joined the box the domain? Sorry. I didn't understand! Have you turned up logging (syslog = 3) in your smb.conf? Yes (see above). Still Thanking. Ricardo. On Tue, 29 Mar 2005 10:48:05 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Have you already made the changes to nsswitch.conf? passwd: files winbind shadow: files winbind group: files winbind what does wbinfo -p return? What OS is your domain controller? Have you joined the box the domain? Have you turned up logging (syslog = 3) in your smb.conf? Just some thoughts ... good luck. Michael J Barber Computer Services Administrator WPTZ/WNNE Heart-Argyle Television p 518-561- x563 m 518-572-6639 f 518-561-5940 Ricardo Maciel [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/29/2005 10:50 AM Please respond to Ricardo Maciel To:samba@lists.samba.org cc: Subject:Re: [Samba] Problem with wbinfo Hamish, Thanks, but the nscd service was already stopped. Must be another solution. Any other idea? Ricardo. On Tue, 29 Mar 2005 13:27:16 +0100, Hamish [EMAIL PROTECTED] wrote: On Tuesday 29 March 2005 13:13, Ricardo Maciel wrote: Hello, I'm using a Samba client to access a Samba Server. The smbclient tool is ok, both at the client as at the server. I'm having trouble with the wbinfo command (winbind service) at the client, as you can see below. Can anybody help me? Thanks!!! =Problem== Samba Server: samba-3.0.10-1.fc2 Samba Client: Version 3.0.0-14.3E -- # service winbind start Iniciando serviços Winbind:[ OK ] # # # wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_INTERNAL_ERROR (0xc0e5) Could not check secret # # # wbinfo -u Error looking up domain users # # # wbinfo -g Error looking up domain groups # # # service winbind stop Desligando os serviços Winbind:[ OK ] Make sure you do not have nscd running - i had similar problems with it. You should be able to do this with `service nscd stop; chkconfig nscd off` Hope that helps H -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] apologies for duplicate posts - btw what's the real diff between gmane.network.samba.general and mailing.unix.samba?
Sorry to those of you that have received duplicates of my messages over the easter weekend. I had subscribed to the nntp server of my isp (pipex uk) and searched for samba it showed a few hits but gmane.network.samba.general showed as containing no posts but mailing.unix.samba showed a bit more than 20'000 so I subscribed to that and sent a slurr of messages with questions and followups to that newslist over the weekend, and my questions did show up in mailing.unix.samba. But not having received a single answer by the end of the weekend I thought something was a little strange. So I went to check the samba.org archives and found that my messages had not made it to the official mailing list nor to the email archives. That's when I started resending the relevant messages from the past few days but this time to gmane.network.samba.general. So if some have seen my posts more than once, I am sorry, but at least I corrected my spelling in the second postings and did not resend the level 10 log of 2.4MB. ;-) What is the purpose or function of newsgroup mailing.unix.samba? And is it my ISPs fault that they only offer mailing.unix.samba for subscription and not gmane.network.samba.general and how do the two lists relate to each other? It would appear that at least some of the posts to gmane.network.samba.general do make it to mailing.unix.samba but no messages appear to travel the other way. -- Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problem with pdf printing
Vincent, Vincent Mikalinis wrote: Hello, I'm hoping someone can help me. I have several pdf printers set up and when I print to them samba becomes unstable and several errors are dumped to the log. These pdf printers were working when I was using version 3.0.6. When I went to a newer version of samba the queue would not clear on the windows side and no errors were logged. Yesterday I upgraded to version 3.0.13-1 and the errors started and the queue still will not clear. I have a very similar problem with my pdf printers. I have the following in my [global] section. printcap name = cups printing = cups cups options = raw and my pdf printer share now has [pdf] comment=PostScript to PDF Converter printing=bsd public=no guest ok=no create mode=0600 path=/var/tmp printable=yes print command=. /etc/sysconfig/rc.sysadm; \ ulimit -c 0; \ ulimit -S -d $PDF_MEM_LIMIT; \ ps2pdf %s %H/%J.pdf; \ chmod 640 %H/%J.pdf; \ rm -f %s lppause command= lpresume command= lpq command=lpq -P'%p' lprm command=lprm -P'%p' %j queuepause command= queueresume command= and it now shows the printer as online and the printjobs show up and get removed just as they should. All it took to change the printer status displayed on the windows xp pro workstation from offline to online, was to add a real lpq command line, (lpq -P'%p'). Now all looks fine from the workstations viewpoint. BUT on the server I now have repeated entries of cups telling samba that it does not know the printer 'pdf'. Win one, loose one. ;-) level 3 error msg lpq: Unknown destination pdf! [2005/03/27 22:20:00, 3] printing/print_generic.c:print_run_command(62) Running the command `lpq -P'pdf'' gave 1 I start to wonder what dammage it would do to set lpq to lpq command =/bin/true for my pdf printer? ;-) HTH -- Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Set Samba share permissions...
Hi! I'm relatively new in the Linux world. I use Mandrake 9,1 and I have the following doubt in relation to the Samba: I have the following sharings: [home] read only = yes available = no browseable = no [diretoria] path = /home/diretoria browseable = yes read only = no [pessoal] path = /home/pessoal browseable = yes read only = no [vendas] path = /home/vendas browseable = yes read only = no The question is: how to make so that only the using direction has access to all the sharings and excessively only to its proper ones? In the global section of my smb.conf file, I have guest account = nobody ThanX -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Advice on a samba setup im considering
Hello! Was hoping to get some suggestion and ideas for a samba server I will be implementing here in the next couple of weeks. I have gone through the websites documentation, but I was hoping some of the veterans of samba could maybe lend some ideas, advice and recommendations. I will try to be as detailed as possible. The samba server would server roughly 50-60 people. We have 3, maybe 4 departments that I would need to setup shares for (obviously, not all departments would need access to all the shares.) The other thing im considering is maybe trying to design this with the idea in mind of future expansion of the company (6-12 months down the road possibly) I've already installed the OS and Samba and I am in the process of configuring samba. What would be the recommended method for putting user accounts on the system? I know I have a few options, but is there one I should consider more than the other? All the machines on the network are windows desktop. I would simply just map a drive to the shares needed for each user. I'm not going to setup this up as a PDC at this time. That would be something I may revisit in about 6-12 months as well. I have a lot to consider. Just hoping to get some ideas here. Cheers, Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.13 why is lpq command=%p showing with testparm -v ?
the docs say that all lp commands are ignored if one has printing =cups printcap name=cups in the global section and cups support is compiled in. ldd `which smbd` says I do have cups compiled in and my global section does have the two cups lines. But on 3.0.13 I get testparm -s | grep lp returns no output BUT testparm -s -v | grep lp returns lpq cache time = 30 lpq command = %p lprm command = lppause command = lpresume command = I understand that if I do testparm -v this also shows me the built-in defaults. Why does it only show %p for the lpq command and nothing else for the other lp commands? Regards, Urs Rau -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Errors
I've tried to find a solution on my own to this problem, but have yet to find anything useful. I have a very simple setup where there is only one samba server which is acting as a PDC. I'm getting quite a few errors in smbd.log. Any ideas would be greatly appreciated. [2005/03/29 15:28:22, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected [2005/03/29 15:28:22, 0] lib/access.c:check_access(328) [2005/03/29 15:28:22, 0] lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2005/03/29 15:28:22, 1] smbd/service.c:make_connection_snum(648) everest (192.168.0.90) connect to service everest initially as user icodeeverest (uid=567, gid=100) (pid 8338) write_socket: Error writing 5 bytes to socket 22: ERRNO = Connection reset by peer [2005/03/29 15:28:22, 0] lib/util_sock.c:send_smb(647) Error writing 5 bytes to client. -1. (Connection reset by peer) Here's my smb.conf global section [global] workgroup = B2 netbios name = B2PDC time server = Yes add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = logon.bat logon path = \\%L\profiles\%u\%m logon drive = H: logon home = \\%L\%u\.win_profile\%m domain logons = Yes os level = 70 local master = yes preferred master = Yes domain master = Yes wins support = Yes interfaces = 192.168.0.70 hosts allow = 192.168. 127.0.0.1 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Primard Domain Controller feature not working
Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name= FILESERVER workgroup = USBINGO server string = File Server log file= /var/log/samba/log.%m max log size= 50 time server = yes hide dot files = yes log level = 1 #Security settings security= user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support= yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master= yes preferred master = yes os level= 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path= /files/netlogon writable= no browsable = no Thanks, -Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: No vscan HOWTOs?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 | Does anyone have ANY idea what to put in /etc/magic to identify microsoft outlook pst files? | scanning larger pst files (100 mb or so) currently raises my clamd cpu processor usage to 90% or higher, and 'locks' ms outlook on the workstation during the scan, so I'd rather not scan them and have mcafee on the workstation take care of that. | Insight would really be appreciated. Not sure why this is required. Can't you just use file [filename] to find out what mime type /etc/magic currently thinks it is? Or is it the case that the mime type actually isn't in there? Actually, I use ClamWin on the 'doze side and I was hoping that someday the developers would put in a tool for discovering if the client host was running it. I mean if it has local protection, why burn up the servers CPU cycles, right? Distributed approach for a distributed net. Jim C. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCSb1H57L0B7uXm9oRArtlAJ4znZ47pFfoC6KpKas4GL+uBxTb+ACdFhFw l5jrrRQKv0d6qTPVYvmK92M= =9fIr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: domain admins group in samba 3.0.7 question
Jim C.: ~ What makes you think that? The command should be | net groupmap add unixgroup=whatever group name ntgroup=something | else | where the unixgroup parameter is the name of the existing unix group to | use and ntgroup is the new name that you want the group to display as in | windows. I've thought of doing this also but the problem that I have is that if I put this: net groupmap add unixgroup=whatever group name ntgroup=something | else into a logon script won't it add to the group each time the user logs in? How would duplicate entries be handled? Wouldn't I see an entry for each login or would duplicate entries be dropped? 'net groupmap add' works for Samba 3 (at least from 3.0.7 on, my experience up to 3.0.11). It works once and for all for all workstations, even new ones that you add to the domain - you don't have to keep on doing it. This is where the ldapsam backend and using GQ as an LDAP GUI is such a help; you can see at a glance exactly what you've done and even use GQ and the Samba tools to start all over again if you've made a mistake. Your problem is, that you can't see the results of what you're doing and why it isn't working. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: domain admins group in samba 3.0.7 question
Jim C.: | Why in gods name would you do that? The net groupmap add command is | used to configure the windows group = unixgroup mapping, much like the | username map works. You add users to the ntgroup by adding them to the | aforementioned unixgroup. Well, that's what I get for indiscriminate cut and paste. Right?;-) I'll clarify. I meant the net command on the windows side. It should accomplish more or less the same thing when applied to the local machine via a logon script right? The parameters would have to be different, of course. My bad. Sorry. The net command on Windows workstations often doesn't have the same possibilities as it does on a Samba PDC. The command should be run on a Samba PDC, not the Windows workstation. It is then once and for all. If there is a better tool, (net use perhaps?) I am interested in knowing. I've no idea how to resolve the password issue (I assume there is one) for example. Following the Samba HOWTOs from A to Z is the best alternative. Once you've learned every possibility by heart (take you a month or six ;) you're good to go. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] printers detect
On Tue, 2005-03-29 at 13:43 +0200, Fabio Marcone wrote: Hi! I'm designing a web interface to manage samba server (users, shares, printers) and I would known how i can detect printers available in samba. In that way, admin can set rights and others params of a selected printer. Uh, Fabio have you looked at SWAT? SWAT == Samba Web Administration Tool Or Webmin with SWAT integration? I'd hate to see you make all this fuss for something that is already done and updated every release of Samba as well. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: No vscan HOWTOs? should called how exclude pst files vscan clamav
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi @ll,hi Andrew,Rainer sorry that i renamed the subject, but my intention is to make this part give more notice on the list. I can confirm the scan problem with clamav vfs and bigger pst file. As i just have this problem too, i tried google about faqs about this. I studied the last readme of the vfs and there is just an example that i should use file -i to find out what mime type my system ( suse 9.2 ) means to a pst file - -- pdc:/home/danielop/outlook.pst # file -i ./Outlook.pst ./Outlook.pst: application/octet-stream - - so i included this to vscan-clamav.conf - --- ; exclude files from being scanned based on the MIME-type! Semi-colon ; seperated list (default: empty list). Use this with care! exclude file types = pst - i havent my win test client up, and no big pst around to do some tests but i am nearly sure this entry is not right ( or could it be that easy???), but future tests will show so i will cc the mantainer of vscan to give a more detailed example to us how syntax to exclude is done or perhaps somebody on the list knows more Anyway my thx goes to Rainer for doing such a nice job on vscan cause pst file a comlicated filetypes by their nature. Best Regards Robert Jim C. schrieb: | | Does anyone have ANY idea what to put in /etc/magic to identify | microsoft outlook pst files? | | scanning larger pst files (100 mb or so) currently raises my clamd cpu | processor usage to 90% or higher, and 'locks' ms outlook on the | workstation during the scan, so I'd rather not scan them and have mcafee | on the workstation take care of that. | | Insight would really be appreciated. | | Not sure why this is required. Can't you just use file [filename] to | find out what mime type /etc/magic currently thinks it is? Or is it the | case that the mime type actually isn't in there? | | Actually, I use ClamWin on the 'doze side and I was hoping that someday | the developers would put in a tool for discovering if the client host | was running it. I mean if it has local protection, why burn up the | servers CPU cycles, right? Distributed approach for a distributed net. | | Jim C. - -- Mit freundlichen Gruessen Best Regards Robert Schetterer robert_at_schetterer.org Munich / Bavaria / Germany https://www.schetterer.org \** \* gnupgp \* public key: \* https://www.schetterer.org/public.key \** -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCScht+Jw+56iSjEkRAlyyAJ9tNhMzZmVXMaQ5uMYNJd9suUEs5QCfYXwp wGOD4YWpnWYO8Yon79Bmuvk= =cB+L -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.13 why is lpq command=%p showing with testparm -v ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Urs Rau wrote: | testparm -s -v | grep lp | returns | | lpq cache time = 30 | lpq command = %p | lprm command = | lppause command = | lpresume command = | | I understand that if I do testparm -v this also | shows me the built-in defaults. Why does it only | show %p for the lpq command and nothing else | for the other lp commands? See: printer name is not honored in printing.c https://bugzilla.samba.org/bug/2333 cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCScqNIR7qMdg1EfYRArGIAKCW3zVRUHFZ3pLfuIdTeQjKFL2pvwCg7bzn 7EXTpM/CsXmG3FYbjzhodnY= =bQao -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: No vscan HOWTOs? should called how exclude pst files vscan clamav
On Tue, Mar 29, 2005 at 11:28:13PM +0200, Robert Schetterer wrote: Hi @ll,hi Andrew,Rainer You'd probably shoulnd't bug any Samba people with samba-vscan related configuration issues. They are busy enough :) - -- pdc:/home/danielop/outlook.pst # file -i ./Outlook.pst ./Outlook.pst: application/octet-stream - - So, the MIME-type is actually application/octet-stream, which is a generic type for anything binary and not recognized by file otherwise. Probably someone should try to add a real pattern to detect Outlook PST correctly (the idea has mentioned below already by someone else). so i included this to vscan-clamav.conf - --- ; exclude files from being scanned based on the MIME-type! Semi-colon ; seperated list (default: empty list). Use this with care! exclude file types = pst - pst ist the file extension, not the MIME-type! Keep in mind you should never trust any file extension if you want to achieve virus protection (esp. to block files on SMTP layer). I won't repeat the reasoning behind, just do a google group search for nick fitzgerald file extension (a good hit is http://tinyurl.com/4nkv9). Anyway, samba-vscan 0.3.7 will most likely ship with a feature to exclude files from scanning based on a regexp. The code is basically already in CVS, based on a contribution from a samba-vscan user. Munich / Bavaria / Germany Hum, that's not sooo far away :) HTH best regards Rainer Link -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] upgrading existing tdbsam to ldap
moving a system to SLES9 w/OpenLDAP. Existing system used tdbsam. Set up new server, configured w/openldap and LAM. Things appear to be working fine with the new config, but there are problems in migrating user and machine accounts. The new domain, nor users are recognized in LAM. The machine accounts are listed as existing, but hostnames are not showing. I suppose that this is due to the fact that the migration using the pdbedit -v -i tdbsam -e ldapsam did not properly assign machines to the proper OU, and users to the proper default groups, etc. The pdbedit command was done after the ldap db was populated with the IDEALX smbldap-populate tool. I had built the new server, then simply moved the /etc/samba and /var/lib/samba/*.tdb files into place before doing the pdbedit. Is there a method of moving the existing accounts and machine information into the proper groups, or do I need to start over and do this in a different order? Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Advice on a samba setup im considering
You need to take a look at the Samba 3 By Example guide provided on the www.samba.org web site. It'll step you through much of this. Putting user accounts on the system? If it's only going to be you, you can use the command line tools provided with the operating system and base Samba. If someone else - maybe consider something like easier to use like webmin. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 03/29/2005 02:11:52 PM: Hello! Was hoping to get some suggestion and ideas for a samba server I will be implementing here in the next couple of weeks. I have gone through the websites documentation, but I was hoping some of the veterans of samba could maybe lend some ideas, advice and recommendations. I will try to be as detailed as possible. The samba server would server roughly 50-60 people. We have 3, maybe 4 departments that I would need to setup shares for (obviously, not all departments would need access to all the shares.) The other thing im considering is maybe trying to design this with the idea in mind of future expansion of the company (6-12 months down the road possibly) I've already installed the OS and Samba and I am in the process of configuring samba. What would be the recommended method for putting user accounts on the system? I know I have a few options, but is there one I should consider morethan the other? All the machines on the network are windows desktop. I would simply just map a drive to the shares needed for each user. I'm not going to setup this up as a PDC at this time. That would be something I may revisit in about 6-12 months as well. I have a lot to consider. Just hoping to get some ideas here. Cheers, Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Advice on a samba setup im considering
Jason: [...] I'm not going to setup this up as a PDC at this time. That would be something I may revisit in about 6-12 months as well. Do this first, after thoroughly learning OpenLDAP from first principles. I.e., start thinking if any utility/service doesn't work without the latest, stable LDAP, including Samba, it's useless. Samba does, but so does anything else that dare to call itself a Unix/Linux service: smtp, IMAP, shell and gdbm logins, NF, desktop utilities, etc. All give you a single login ID and password. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: No vscan HOWTOs? should called how exclude pst files vscan clamav
pdc:/home/danielop/outlook.pst # file -i ./Outlook.pst ./Outlook.pst: application/octet-stream - - So, the MIME-type is actually application/octet-stream, which is a generic type for anything binary and not recognized by file otherwise. Probably someone should try to add a real pattern to detect Outlook PST correctly (the idea has mentioned below already by someone else). probably someone who knows how /etc/magic works could do something with the information on this page: http://filext.com/detaillist.php?extdetail=PST There it says: Identifying characters are: Hex: 21 42 44 4E ASCII: !BDN Anyone knows..? Mourik Jan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Primard Domain Controller feature not working
Well, i fixed it. nmbd wasn't working. now i am having another problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I am using 3.0 and i cant add computers to the domain. What is the replacement/workaround for it? On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name= FILESERVER workgroup = USBINGO server string = File Server log file= /var/log/samba/log.%m max log size= 50 time server = yes hide dot files = yes log level = 1 #Security settings security= user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support= yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master= yes preferred master = yes os level= 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path= /files/netlogon writable= no browsable = no Thanks, -Mark -- Mark Ratering A+, CCNP 248-437-1938 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Primard Domain Controller feature not working
problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I A good way to do that would be creating a unix group that you want to be mapped to Domain Admins, map it and assign it the appropriate SID (you can look into the source for the smbldap-tools to get it in plain text). Then you simply add users to it. am using 3.0 and i cant add computers to the domain. Either use root (properly added as a samba user) or another user with uid=0, or use the privilege delegation tools in recent versions. I believe the version that started with them was 3.0.9. The documentation at samba.org (the howto and by example) should be your guide as they are updated for the current version. On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name= FILESERVER workgroup = USBINGO server string = File Server log file= /var/log/samba/log.%m max log size= 50 time server = yes hide dot files = yes log level = 1 #Security settings security= user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support= yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master= yes preferred master = yes os level= 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path= /files/netlogon writable= no browsable = no Thanks, -Mark -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Primard Domain Controller feature not working
I tried using root and i get the error The username could not be found On Tue, 29 Mar 2005 16:31:19 -0600, Paul Gienger [EMAIL PROTECTED] wrote: problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I A good way to do that would be creating a unix group that you want to be mapped to Domain Admins, map it and assign it the appropriate SID (you can look into the source for the smbldap-tools to get it in plain text). Then you simply add users to it. am using 3.0 and i cant add computers to the domain. Either use root (properly added as a samba user) or another user with uid=0, or use the privilege delegation tools in recent versions. I believe the version that started with them was 3.0.9. The documentation at samba.org (the howto and by example) should be your guide as they are updated for the current version. On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name= FILESERVER workgroup = USBINGO server string = File Server log file= /var/log/samba/log.%m max log size= 50 time server = yes hide dot files = yes log level = 1 #Security settings security= user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support= yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master= yes preferred master = yes os level= 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path= /files/netlogon writable= no browsable = no Thanks, -Mark -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- Mark Ratering A+, CCNP 248-437-1938 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Primard Domain Controller feature not working
Mark Ratering wrote: I tried using root and i get the error The username could not be found As root type smbpasswd -a root On Tue, 29 Mar 2005 16:31:19 -0600, Paul Gienger [EMAIL PROTECTED] wrote: problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I A good way to do that would be creating a unix group that you want to be mapped to Domain Admins, map it and assign it the appropriate SID (you can look into the source for the smbldap-tools to get it in plain text). Then you simply add users to it. am using 3.0 and i cant add computers to the domain. Either use root (properly added as a samba user) or another user with uid=0, or use the privilege delegation tools in recent versions. I believe the version that started with them was 3.0.9. The documentation at samba.org (the howto and by example) should be your guide as they are updated for the current version. On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name= FILESERVER workgroup = USBINGO server string = File Server log file= /var/log/samba/log.%m max log size= 50 time server = yes hide dot files = yes log level = 1 #Security settings security= user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support= yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master= yes preferred master = yes os level= 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path= /files/netlogon writable= no browsable = no Thanks, -Mark -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd[616]: Can't become connected user! Error
Greetings, I am hoping that someone can shed some light on this error that is constantly filling up my syslog. This is the error: ar 29 17:39:24 spev smbd[616]: Can't become connected user! Mar 29 17:39:24 spev smbd[616]: [2005/03/29 17:39:24, 0] smbd/service.c:make_connection_snum(570) The error constantly appears in the syslog as people access the server. Access to it works completely fine, but it would be nice to know why this error is always coming up. OS: Slackware 10.0 Samba version: 3.0.10 Here is my smb.conf file: [global] workgroup = SERVERS server string = Samba Fileserver valid users = @techstaff, @childstaff hosts allow = 127.0.0.1, 192.168.0.0/24 hosts deny = 0.0.0.0/0 security = user log level = 2 log file = /var/log/samba.log max log size = 50 debug timestamp = yes [techcenter] comment = Techcenter files path = /fileserver/techcenter read only = No force user = techshare force group = techstaff [gateplex] comment = Gateplex path = /fileserver/gateplex read only = No force user = techshare force group = techstaff [childrens] comment = Childrens files path = /fileserver/childrens read only = No force user = childshare force group = childstaff Any insight will be greatly appreciated. -Bob- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Recycle error - empty file
I set up a recycle VFS for my install of SAMBA and it work great except for one thing. I seem to get empty files created. It creates file.doc with 0 bytes. Anyone know why this is? I have serched for this but I find the search alittle hard to narrow down. Any help would be greatly appreciated. Thanks Karl- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Recycle error - empty file
I set up a recycle VFS for my install of SAMBA and it work great except for one thing. I seem to get empty files created. It creates file.doc with 0 bytes. Anyone know why this is? I have serched for this but I find the search alittle hard to narrow down. Any help would be greatly appreciated. Thanks Karl- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Primard Domain Controller feature not working
I already did that. When i type in a user that does not have root permissions it says Access is denied On Tue, 29 Mar 2005 14:47:50 -0800, Tom Skeren [EMAIL PROTECTED] wrote: Mark Ratering wrote: I tried using root and i get the error The username could not be found As root type smbpasswd -a root On Tue, 29 Mar 2005 16:31:19 -0600, Paul Gienger [EMAIL PROTECTED] wrote: problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I A good way to do that would be creating a unix group that you want to be mapped to Domain Admins, map it and assign it the appropriate SID (you can look into the source for the smbldap-tools to get it in plain text). Then you simply add users to it. am using 3.0 and i cant add computers to the domain. Either use root (properly added as a samba user) or another user with uid=0, or use the privilege delegation tools in recent versions. I believe the version that started with them was 3.0.9. The documentation at samba.org (the howto and by example) should be your guide as they are updated for the current version. On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name = FILESERVER workgroup = USBINGO server string = File Server log file = /var/log/samba/log.%m max log size = 50 time server = yes hide dot files = yes log level = 1 #Security settings security = user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support = yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master = yes preferred master = yes os level = 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path = /files/netlogon writable = no browsable = no Thanks, -Mark -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Systems Architect Fax: 701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- Mark Ratering A+, CCNP 248-437-1938 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] XP Pro and windows 98 clients on single samba 2.2 domain
hi, been running samba 2.2.3 (debian stable) and using it with windows 98 clients no problem. domain logins, logon.bat and config.pol stuff all working. the customer now wants to add XP Pro PC's to the domain. now, after following the instructions in 'Using Samba' I have set up an XP PC to log on to a test server. once the PC has been added to the domain the users can log in no problem. however, how should i run win98 and XP clients at the same time on the main server? should i create 2 logins for each user? one for when they are using a win98 machine and the other for XP. how would i stop users logging in with the wrong login? could the users use a single login? the logon.bat file seems to work the same on both systems. the profile data goes into /home/samba-ntprof for XP and /home/user1/.win_profile for win98 so is kept separate enough. also - since we're using poledit and not group policies i can set the machines up to pickup one config.pol file for win98 and a different one for XP. apparently there will only ever be win98 and XP Pro on the domain - and win98 is being phased out. there are a pair of servers (one acts as a hot-swap backup) so maybe that gives some options. any help/comments gratefully received. -- Kevin Bailey -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Primard Domain Controller feature not working
When i use a username and password that does not have root privilages in the windows that pops up after i try to join the domain on the windows box i get the Access is denied error. On Tue, 29 Mar 2005 15:29:22 -0800, Tom Skeren [EMAIL PROTECTED] wrote: Mark Ratering wrote: I already did that. When i type in a user that does not have root permissions it says Access is denied I don't know what that means. What do you mean by: When i type in a user that does not have root Where is this done? By what user? Please be specific as to what you are doing. On Tue, 29 Mar 2005 14:47:50 -0800, Tom Skeren [EMAIL PROTECTED] wrote: Mark Ratering wrote: I tried using root and i get the error The username could not be found As root type smbpasswd -a root On Tue, 29 Mar 2005 16:31:19 -0600, Paul Gienger [EMAIL PROTECTED] wrote: problem! I am using the 'using samba' book from o'reilly and it says that the parameter domain admin group is obsoleted in samba 3.0 I A good way to do that would be creating a unix group that you want to be mapped to Domain Admins, map it and assign it the appropriate SID (you can look into the source for the smbldap-tools to get it in plain text). Then you simply add users to it. am using 3.0 and i cant add computers to the domain. Either use root (properly added as a samba user) or another user with uid=0, or use the privilege delegation tools in recent versions. I believe the version that started with them was 3.0.9. The documentation at samba.org (the howto and by example) should be your guide as they are updated for the current version. On Tue, 29 Mar 2005 12:35:56 -0800, Mark Ratering [EMAIL PROTECTED] wrote: Hey guys, I configured Samba do be the domain controller for my network and to share folders. the folder sharing works great. The problem is that the domain function does not work at all. I cannot join the domain from any workstation. It just says that the controller cannot be contacted. I ran an Ethereal sniff on the packets and the computer that i want to be PDC is sending ICMP Destination unreachable packets in response to the NBNS Name Query. Here is the packet that the workstation is sending to the server. 00 11 11 ba 82 1a 00 0a e6 d5 fa b4 08 00 45 00 ..E. 0010 00 4e 01 fb 00 00 80 11 b4 53 c0 a8 01 9e c0 a8 .N.. .S.. 0020 01 62 00 89 00 89 00 3a 81 4e 80 63 01 00 00 01 .b.: .N.c 0030 00 00 00 00 00 00 20 46 46 46 44 45 43 45 4a 45 .. F FFDECEJE 0040 4f 45 48 45 50 43 41 43 41 43 41 43 41 43 41 43 OEHEPCAC ACACACAC 0050 41 43 41 43 41 42 4d 00 00 20 00 01 ACACABM. . .. The config file that i am using (not including shares that have nothing to do with the domain controller). I do not want roaming profiles. #NetBIOS settings netbios name = FILESERVER workgroup = USBINGO server string = File Server log file = /var/log/samba/log.%m max log size = 50 time server = yes hide dot files = yes log level = 1 #Security settings security = user domain logons = yes encrypt passwords = yes #Turn on the WINS server wins support = yes #Make sure that Samba is the master browser and domain master browser domain master = yes local master = yes preferred master = yes os level = 65 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u [netlogon] path = /files/netlogon writable = no browsable = no Thanks, -Mark -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Systems Architect Fax: 701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- Mark Ratering A+, CCNP 248-437-1938 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Need some help setting up a Samba server
Hi I am trying to implement a simple Samba server on a Slackware 10.1 machine running for a bunch of Windows users that also have unix accounts on the machine. Using webmin, I did convert the unix users to samba users. A possible problem is that I have very little experience using windows, so please be patient with me. I want them to have read and write permissions only in /home/username. How does one accomplish this ? O/p of smbclient -L localhost -U% : Domain=[MOLECTRON] OS=[Unix] Server=[Samba 3.0.10] Sharename Type Comment - --- IPC$IPC IPC Service (Samba Server on Molectron) ADMIN$ IPC IPC Service (Samba Server on Molectron) Domain=[MOLECTRON] OS=[Unix] Server=[Samba 3.0.10] Server Comment ---- MOLECTRONSamba Server on Molectron WorkgroupMaster ---- MOLECTRON Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows XP greyed-out Guest user password prompt
(replying to self again) Update: The Windows XP (SP2, BTW) client tries three times to log in to the Samba server with the Windows username, which is different from the Samba username. As one would expect, Samba replies to each of the three requests with a STATUS_WRONG_PASSWORD message, and in the same packets the Action segment reads 0x0001 Guest: Logged in as GUEST. If a new XP user is created with the same username and password as the Samba account, the problem goes away. But if either the XP username or the XP password differs from Samba's info, the user is never prompted for the real username or password. Unfortunately, we have situations where the desired behavior is for Windows to allow the Samba username to be different from the Windows XP client username, and prompt for a different username if the currently-logged-in username/pw fails. Instead, XP forces a guest login. I'd think that this is purely a client issue, except that when I try this with a Windows 2000 server or a 2003 server, I'm prompted for a username AND password if the Windows XP uid/pw fails. For what it's worth, Samba returns STATUS_WRONG_PASSWORD errors (even if the Samba user doesn't exist), while the Windows 2000 server returns STATUS_LOGON_FAILURE errors. -Jules Jules Agee wrote: (replying to self) I'd appreciate any response at all (including RTFM, but a pointer to which FM I should R again would be very appreciated). Again, we're running Samba 3.0.7 on Debian Sarge, and this problem doesn't appear when we connect to Windows file servers, so I thought someone here might have some information that might help me track down the solution. Thanks for your time! Jules Agee wrote: Hi, we've been using Samba for a while, and are just now starting to switch our desktop computers to Windows XP. We are having a problem where connections to our Samba server fail, and the user is presented with a password prompt asking for a password for user Guest. They can't select a different user. I've searched the Microsoft knowledgebase, and the Samba list archives, and there are others who have seen this problem, but none of the suggestions presented seem to help. We are currently using security = share because there are some legacy scripts that depend on not getting prompted for a username to access some read-only shares we have set up. But just for troubleshooting, I have tried setting security = user and map to guest = Bad User but XP still presents the guest password prompt and the user still isn't allowed to specify their username. We are not using a domain controller. Everything works great when using a Windows 2000 client. In XP, mapping a drive to the Samba share works fine. From XP's command prompt, if the user's Windows login and password match what's in our LDAP directory (and they usually do), it lets them right in -- the user doesn't even get a password dialog when they do this: net use \\fileserver.example.com\share /user:joebob But if you just set up a shortcut to \\fileserver.example.com\share or if you try to connect from the run line, it fails tries to force them to login with the guest account. If anyone has any suggestions, or can even make a guess at an explanation for this behavior, I'd really appreciate it. Thanks! -Jules [EMAIL PROTECTED] smb.conf, slightly sanitized: [global] admin users = jane,joe,bob security = share encrypt passwords = true ldap suffix = o=internet ldap admin dn=cn=Administrator,o=internet passdb backend = ldapsam:ldaps://ldap1.example.com ldaps://ldap2.example.com guest account = nobody invalid users = root workgroup = IS netbios name = fileserver.example.com server string = File Server name resolve order = host bcast socket options = SO_KEEPALIVE,TCP_NODELAY oplocks = yes kernel oplocks = yes level2 oplocks = no encrypt passwords = yes create mask = 770 directory mask = 0770 log level = 2 log file = /var/log/samba/%m.log max log size = 1 map to guest = Bad Password load printers = no delete veto files = yes hide files = /Icon?/ veto files = /.AppleDouble/.AppleDesktop/Network Trash Folder/TheVolumeSettingsFolder/TheFindByContentFolder/ dns proxy = no log file = /var/log/samba/log.%m. max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d preserve case = yes [private] comment = Your Private Home Directory path = /home/%u group = default writable = yes create mask = 0700 directory mask = 0700 [IS] comment = Information Systems path = /var/local/fileshare/IS nt acl support = no create mask = 777 directory mask = 0777 read only = No group = IS valid users = @IS,@ISAnalyst,@SupportAnalyst,@SystemAdmin [updates]
Re: [Samba] Need some help setting up a Samba server
On Tue, 2005-03-29 at 19:48 -0500, Madhusudan Singh wrote: Hi I am trying to implement a simple Samba server on a Slackware 10.1 machine running for a bunch of Windows users that also have unix accounts on the machine. Using webmin, I did convert the unix users to samba users. A possible problem is that I have very little experience using windows, so please be patient with me. I want them to have read and write permissions only in /home/username. How does one accomplish this ? O/p of smbclient -L localhost -U% : Domain=[MOLECTRON] OS=[Unix] Server=[Samba 3.0.10] Sharename Type Comment - --- IPC$IPC IPC Service (Samba Server on Molectron) ADMIN$ IPC IPC Service (Samba Server on Molectron) Domain=[MOLECTRON] OS=[Unix] Server=[Samba 3.0.10] Server Comment ---- MOLECTRONSamba Server on Molectron WorkgroupMaster ---- MOLECTRON First things first, EVERY NAME must be unique. SO a server name of Molectron and a domain of Molectron just WILL NOT WORK AT ALL. Please change these to be different like this: workgroup = MOLEDOM netbios name = MOLECTRON It'll get you a lot further. Get back to us after you do that, if you have other problems. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Add user to more than one group
Is there a way to modify add user to group script = /usr/sbin/usermod -G %g %u so, while using User Manager for Domains, I can add a single user to more than one group? Regards, Al Miller -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] New Samba Team member: Derrell Lipman
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In case you missed the news item at: http://www.samba.org/samba/news/#welcome_derrell Derrell's been added to the core set of developers to help out with libsmbclient. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFCSg5aIR7qMdg1EfYRAgBpAJ0YYgZCrKXx0vd+09J8uOS+BqBswQCfbMzT EIuonfrzRYGXGAuU8F0f1dY= =XpJD -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] how to relay net send messages across subnets
Hello All, Is there any way of doing this, other than sending the message on a pc connected to all subnets concerns? Thanks. __ Do you Yahoo!? Make Yahoo! your home page http://www.yahoo.com/r/hs -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Adminstrator Domain SID?
In the Samba How-To Chapter 13 it says: The Administrator Domain SID Please note that when configured as a DC, it is now required that an account in the server's passdb backend be set to the domain SID of the default Administrator account. To obtain the domain SID on a Samba DC, run the following command: root# net getlocalsid SID for domain FOO is: S-1-5-21-4294955119-3368514841-2087710299 You may assign the Domain Administrator rid to an account using the pdbedit command as shown here: root# pdbedit -U S-1-5-21-4294955119-3368514841-2087710299-500 -u root -r Question: Is this information still valid after samba 3.0.11? I didn't do this but things seem to be working fine. If the information is still valid, what would not having it affect? BTW, I am using the ldapsam backend. Thanks! Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adminstrator Domain SID?
On Tuesday 29 March 2005 21:57, Doug Campbell wrote: In the Samba How-To Chapter 13 it says: The Administrator Domain SID Please note that when configured as a DC, it is now required that an account in the server's passdb backend be set to the domain SID of the default Administrator account. To obtain the domain SID on a Samba DC, run the following command: root# net getlocalsid SID for domain FOO is: S-1-5-21-4294955119-3368514841-2087710299 You may assign the Domain Administrator rid to an account using the pdbedit command as shown here: root# pdbedit -U S-1-5-21-4294955119-3368514841-2087710299-500 -u root -r Question: Is this information still valid after samba 3.0.11? I didn't do this but things seem to be working fine. If the information is still valid, what would not having it affect? Yes, it is! OK. But what is the name of your administrator account? What is the SID for this account? You do realize, I hope, that the RID=500 means the account is the Administrator for Windows clients. Any other RID will be seen by the Windows workstation (client) as an account other than the real Administrator. What more must we do to clarify the wording so that everyone clearly gets the message? What is not clear in the documentation? Have fun. :) Cheers, John T. BTW, I am using the ldapsam backend. Thanks! Doug -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Vijay - net_r_sam_logon errors.
Hi, Sorry for the re-post. Please give me some pointers ?? I am stuck. Please help. Regards, Vijay Kumar -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vijay Kumar Sent: Tuesday, March 29, 2005 6:52 PM To: samba@lists.samba.org Subject: [Samba] Vijay - net_r_sam_logon errors. Hi, We get the following errors in the current samba domain controller : [2005/03/29 06:16:49, 0] rpc_server/srv_netlog.c:api_net_sam_logon(206) api_net_sam_logon: Failed to marshall NET_R_SAM_LOGON. [2005/03/29 06:16:49, 0] rpc_server/srv_pipe.c:api_rpcTNP(1200) api_rpcTNP: api_netlog_rpc: NET_SAMLOGON failed. [2005/03/29 06:29:35, 0] lib/util_sock.c:matchname(900) sys_gethostbyname(netapp-ghost): lookup failure. [2005/03/29 06:29:35, 0] lib/util_sock.c:get_socket_name(967) Matchname failed on netapp-ghost 10.10.10.1 [2005/03/29 06:29:35, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(670) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. [2005/03/29 06:35:26, 0] lib/util_sock.c:matchname(900) sys_gethostbyname(bhim): lookup failure. [2005/03/29 06:35:26, 0] lib/util_sock.c:get_socket_name(967) Matchname failed on bhim 10.10.10.2 [2005/03/29 06:35:43, 0] smbd/service.c:make_connection(248) bhim (172.16.0.196) couldn't find service netlogon [2005/03/29 06:37:51, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer I have tested the service through other commands like smbclient share name -U user name and everything runs perfectly fine. Users are able to login with their ID's without any issues. Please help me to resolve this error. Whats the cause ? Regards, Vijay Kumar -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: No vscan HOWTOs? should called how exclude pst files vscan clamav
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Rainer, Rainer Link schrieb: | On Tue, Mar 29, 2005 at 11:28:13PM +0200, Robert Schetterer wrote: | | |Hi @ll,hi Andrew,Rainer | | | You'd probably shoulnd't bug any Samba people with samba-vscan | related configuration issues. They are busy enough :) as i am too, but thats a list is for, so its a give and take | |- -- |pdc:/home/danielop/outlook.pst # file -i ./Outlook.pst |./Outlook.pst: application/octet-stream |- - | | | | So, the MIME-type is actually application/octet-stream, which is | a generic type for anything binary and not recognized by file otherwise. | Probably someone should try to add a real pattern to detect Outlook | PST correctly (the idea has mentioned below already by someone else). i thought like this, but where in hell should i define it i found several mime convs on the system perl has one , cups apache etc... , no idea which one is the the right to use it with vscan. | |so i included this to vscan-clamav.conf | |- --- |; exclude files from being scanned based on the MIME-type! Semi-colon |; seperated list (default: empty list). Use this with care! |exclude file types = pst |- | | | | pst ist the file extension, not the MIME-type! Keep in mind you should | never trust any file extension if you want to achieve virus protection | (esp. to block files on SMTP layer). I won't repeat the reasoning | behind, just do a google group search for nick fitzgerald file | extension (a good hit is http://tinyurl.com/4nkv9). yes ,your right but i think this is not the real problem in this case cause in our case ( the outlook hell case ?*g ) we want to exclude one file type and every win client should have ( must ) a antivirus solution have installed by its own anyway.So a virus should be found even vscan fails. So its better to have this filetype excluded and the pst working with outlook typical redirected by group policy to the users home share to make it work with roaming profiles and have the rest risk that a virus stealth itself as pst file. Cause for now there is no other solution as not to use vscan on the whole share, which seems to me the badest option. | | Anyway, samba-vscan 0.3.7 will most likely ship with a feature to | exclude files from scanning based on a regexp. The code is basically | already in CVS, based on a contribution from a samba-vscan user. | thx for making this clear, perhaps i will give 0.3.7 a try on my test system, on produktion i will wait till it is maintained by suse, but its good to here that the solution allready exists. |Munich / Bavaria / Germany | | Hum, that's not sooo far away :) jep the world is village Pfiadi Robert *g | HTH | | best regards | Rainer Link | | - -- Mit freundlichen Gruessen Best Regards Robert Schetterer robert_at_schetterer.org Munich / Bavaria / Germany https://www.schetterer.org \** \* gnupgp \* public key: \* https://www.schetterer.org/public.key \** -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCSkGv+Jw+56iSjEkRAoY3AJ48161ADNFyMhEXBiAMpXF/bCwpPwCbBEvR 87+3maWFhtMZ9gK34M6WKMc= =JZpd -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] This is an alert from eSafe
*** eSafe detected hostile content in this email. *** Time: 30 Mar 2005 09:44:48 Scan result: Mail modified to remove malicious content Protocol: SMTP in File Name\Mail Subject: mail_940701: Hello Source: [EMAIL PROTECTED] Destination: [EMAIL PROTECTED] Details: Notice.zip\Notice.txt .exe Infected with Win32.Netsky.z (Non-Removable), Blocked -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba or Cups-Problem ?
Hi, I'm using some kind of pseudo printer on our samba server to automatically produce PDF files. The smb.conf looks like this (the samba server is successfully conteced to an ADS): [global] workgroup = ADS netbios name = pc103.ads.local realm = ADS.LOCAL security = ADS password server = win2ksrv.ads.local log level = 2 winbind separator = + template homedir = /home/%U idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes winbind enable local accounts = yes template shell = /bin/bash log file = /var/log/samba/log.smb.%U max log size = 500 printing = cups printcap name = cups cups options = raw [pdfprinter] comment = Minolta Color PageWorks/Pro Ps path = /samba/pdfprinter print command = /samba/pdfprinter/pdfscript %s printable = yes public = yes writeable = yes [printers] comment = All Printers load printers = yes browseable = no printable = yes public = yes read only = yes create mode = 0700 directory = /tmp My problem is, that the script doesn't produce any PDF file. In the logfile I find the following message: [2005/03/29 19:31:44, 0] printing/print_cups.c:cups_queue_get(900) Unable to get jobs for ipp://localhost/printers/pdfprinter - client-error-not-found Okay, this is an error from cups, but what has cups to do with it? I don't want to use cups for printing, but a simple script. I have used this construction already about two years ago with older versions of samba and cups and I of course compared the configuration files and all file/dir permissions. Samba is version samba-3.0.9-2.3, cups is version cups-1.1.21-5.6, the system is SuSE 9.2. Do I really have to set up some kind of dummy printer to use a script as a printer in samba? Thanks for any help, Stefan -- * in-put GbR - Das Linux-Systemhaus Stefan-Michael Guenther Moltkestrasse 49 D-76133 Karlsruhe Tel./Fax : +49 (0)721 / 83044 - 98/93 http://www.in-put.de * -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Adminstrator Domain SID?
On Tuesday 29 March 2005 21:57, Doug Campbell wrote: In the Samba How-To Chapter 13 it says: The Administrator Domain SID Please note that when configured as a DC, it is now required that an account in the server's passdb backend be set to the domain SID of the default Administrator account. To obtain the domain SID on a Samba DC, run the following command: root# net getlocalsid SID for domain FOO is: S-1-5-21-4294955119-3368514841-2087710299 You may assign the Domain Administrator rid to an account using the pdbedit command as shown here: root# pdbedit -U S-1-5-21-4294955119-3368514841-2087710299-500 -u root -r Question: Is this information still valid after samba 3.0.11? I didn't do this but things seem to be working fine. If the information is still valid, what would not having it affect? Yes, it is! OK. But what is the name of your administrator account? What is the SID for this account? I currently only have three user accounts named: Administrator, dcampbell and nobody Both Administrator and dcampbell are in the Domain Admins group. The SIDs are as follows: Administrator SID: S-1-5-21-52543480-3766940008-3731351578-2996 dcampbell SID: S-1-5-21-52543480-3766940008-3731351578-3006 nobody SID: S-1-5-21-52543480-3766940008-3731351578-2998 Domain Admins SID: S-1-5-21-52543480-3766940008-3731351578-512 You do realize, I hope, that the RID=500 means the account is the Administrator for Windows clients. Any other RID will be seen by the Windows workstation (client) as an account other than the real Administrator. Doesn't the fact that these accounts are in the Domain Admins group make them real Administrators too? I seem to have Administrative access to my local machine just by being a member of teh Domain Admins group. Just now, I went ahead and set the Administrators account RID to 500 and removed it entirely for the Domain Admins group. I wasn't able to use it anymore to add a machine. I expected this to be the case since being in the Domain Admins group and having assigned it the new SE...Privilege settings was what was allowing it to administrate the domain. What more must we do to clarify the wording so that everyone clearly gets the message? What is not clear in the documentation? I guess for me it would help to know what doing this step is supposed to accomplish. If I can understand what the purpose of this is, I might be able to help in clarifying the wording. Could you explain this in a little more detail, please? Thanks! Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Adminstrator Domain SID?
On Tuesday 29 March 2005 21:57, Doug Campbell wrote: In the Samba How-To Chapter 13 it says: The Administrator Domain SID Please note that when configured as a DC, it is now required that an account in the server's passdb backend be set to the domain SID of the default Administrator account. To obtain the domain SID on a Samba DC, run the following command: root# net getlocalsid SID for domain FOO is: S-1-5-21-4294955119-3368514841-2087710299 You may assign the Domain Administrator rid to an account using the pdbedit command as shown here: root# pdbedit -U S-1-5-21-4294955119-3368514841-2087710299-500 -u root -r Question: Is this information still valid after samba 3.0.11? I didn't do this but things seem to be working fine. If the information is still valid, what would not having it affect? Yes, it is! OK. But what is the name of your administrator account? What is the SID for this account? I currently only have three user accounts named: Administrator, dcampbell and nobody Both Administrator and dcampbell are in the Domain Admins group. The SIDs are as follows: Administrator SID: S-1-5-21-52543480-3766940008-3731351578-2996 dcampbell SID: S-1-5-21-52543480-3766940008-3731351578-3006 nobody SID: S-1-5-21-52543480-3766940008-3731351578-2998 Domain Admins SID: S-1-5-21-52543480-3766940008-3731351578-512 You do realize, I hope, that the RID=500 means the account is the Administrator for Windows clients. Any other RID will be seen by the Windows workstation (client) as an account other than the real Administrator. Doesn't the fact that these accounts are in the Domain Admins group make them real Administrators too? I seem to have Administrative access to my local machine just by being a member of teh Domain Admins group. Just now, I went ahead and set the Administrators account RID to 500 and removed it entirely for the Domain Admins group. I wasn't able to use it anymore to add a machine. I expected this to be the case since being in the Domain Admins group and having assigned it the new SE...Privilege settings was what was allowing it to administrate the domain. What more must we do to clarify the wording so that everyone clearly gets the message? What is not clear in the documentation? I guess for me it would help to know what doing this step is supposed to accomplish. If I can understand what the purpose of this is, I might be able to help in clarifying the wording. Could you explain this in a little more detail, please? Thanks! Doug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] B#8238; alcra#8236; ys Ema#8238; li#8236; Veri#8238; noitacif#8236;
D#8238;ae#8236;r B#8238;ra#8236;clays M#8238;rebme#8236;, T#8238;ih#8236;s em#8238;lia#8236; was se#8238;tn#8236; by the Barc#8238;al#8236;ys s#8238;re#8236;ver to veri#8238;yf#8236; y#8238;ruo#8236; e#8238;liam#8236; add#8238;ser#8236;s. You m#8238;tsu#8236; c#8238;etelpmo#8236; t#8238;sih#8236; proc#8238;se#8236;s by c#8238;kcil#8236;ing on the li#8238;kn#8236; b#8238;le#8236;ow and e#8238;niretn#8236;g in the sm#8238;la#8236;l wind#8238;wo#8236; y#8238;ruo#8236; Barcla#8238;sy#8236; Member#8238;hs#8236;ip nu#8238;rebm#8236;, pa#8238;docss#8236;e and m#8238;barome#8236;le w#8238;ro#8236;d. T#8238;ih#8236;s is d#8238;eno#8236; for yo#8238;ru#8236; p#8238;or#8236;tection - b#8238;ce#8236;ause s#8238;emo#8236; of our m#8238;rebme#8236;s no lo#8238;egn#8236;r ha#8238;ev#8236; acc#8238;sse#8236; to th#8238;ie#8236;r em#8238;ia#8236;l a#8238;sserdd#8236;es and we m#8238;tsu#8236; ve#8238;fir#8236;y it. To veri#8238;yf#8236; y#8238;ruo#8236; e#8238;iam#8236;l addr#8238;se#8236;s and a#8238;ssecc#8236; yo#8238;ru#8236; b#8238;kna#8236; ac#8238;oc#8236;unt , c#8238;il#8236;ck on the l#8238;kni#8236; b#8238;wole#8236;: [input] http://www.barclays.com/?lcQQwu3kC66T_rWx7tcVy9BT10ZcdhtMVoDCHVYo9S7g3hdIKiWqbzG2 - Do you Yahoo!? Yahoo! Small Business - Try our new resources site! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba r6112 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-03-29 08:10:31 + (Tue, 29 Mar 2005) New Revision: 6112 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6112 Log: try to decompress all chunks and put them together it produces the correct DATA_BLOB length, but only the first chunk is successfull decompressed... metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-03-29 06:45:25 UTC (rev 6111) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-03-29 08:10:31 UTC (rev 6112) @@ -25,67 +25,102 @@ #ifdef HAVE_ZLIB #include zlib.h -static NTSTATUS ndr_pull_compression_zlib(struct ndr_pull *subndr, - struct ndr_pull *comndr, - ssize_t decompressed_len) +static NTSTATUS ndr_pull_compression_zlib_chunk(struct ndr_pull *ndrpull, + struct ndr_push *ndrpush, + struct z_stream_s *zs, int i) { - DATA_BLOB inbuf; - DATA_BLOB outbuf = data_blob_talloc(comndr, NULL, decompressed_len); - uint32_t outbuf_len = outbuf.length; - struct z_stream_s zs; + uint8_t *comp_chunk; + uint32_t comp_chunk_offset; + uint32_t comp_chunk_size; + uint8_t *plain_chunk; + uint32_t plain_chunk_offset; + uint32_t plain_chunk_size; + uint16_t unknown_marker; int ret; - ZERO_STRUCT(zs); + /* I don't know why, this is needed... --metze */ + if (i == 5) ndrpull-offset -=4; - if (subndr-data_size 10) { - return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad ZLIB compressed header (PULL) subcontext size %d, - subndr-data_size); + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size)); + if (plain_chunk_size 0x8000) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB plain chunk size %08X 0x8000 (PULL), + plain_chunk_size); } - inbuf.data = subndr-data+10; - inbuf.length = subndr-data_size-10; + NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size)); - zs.avail_in = inbuf.length; - zs.next_in = inbuf.data; - zs.next_out = outbuf.data; - zs.avail_out = outbuf.length; + NDR_CHECK(ndr_pull_uint16(ndrpull, NDR_SCALARS, unknown_marker)); - ret = inflateInit2(zs, -15); - if (ret != Z_OK) { - return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad ZLIB (PULL) inflateInit2 error %d, - ret); - } + DEBUG(10,(plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u) unknown_marker: %04X (%u)\n, + plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size, unknown_marker, unknown_marker)); - while(1) { - ret = inflate(zs, Z_SYNC_FLUSH); + comp_chunk_offset = ndrpull-offset; + NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); + comp_chunk = ndrpull-data + comp_chunk_offset; + + plain_chunk_offset = ndrpush-offset; + NDR_CHECK(ndr_push_zero(ndrpush, plain_chunk_size)); + plain_chunk = ndrpush-data + plain_chunk_offset; + + zs-avail_in = comp_chunk_size; + zs-next_in = comp_chunk; + zs-next_out = plain_chunk; + zs-avail_out = plain_chunk_size; + + while (True) { + ret = inflate(zs, Z_BLOCK); if (ret == Z_STREAM_END) { - - DEBUG(0,(inbuf.length: %d avail_in: %d, avail_out: %d\n, inbuf.length, zs.avail_in, zs.avail_out)); + DEBUG(0,(comp_chunk_size: %u avail_in: %d, plain_chunk_size: %u, avail_out: %d\n, + comp_chunk_size, zs-avail_in, plain_chunk_size, zs-avail_out)); break; } if (ret != Z_OK) { - return ndr_pull_error(subndr, NDR_ERR_COMPRESSION, Bad ZLIB (PULL) inflate error %d, + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB (PULL) inflate error %d, ret); } } - inflateEnd(zs); + if ((plain_chunk_size 0x8000) || (ndrpull-offset+4 = ndrpull-data_size)) { + /* this is the last chunk */ + return NT_STATUS_OK; + } - /* TODO: check if the decompressed_len == outbuf_len */ - outbuf.length = outbuf_len - zs.avail_out; + return NT_STATUS_MORE_PROCESSING_REQUIRED; +} - if (outbuf.length 16) { - return
svn commit: samba r6113 - in branches/SAMBA_4_0/source: . auth auth/gensec auth/kerberos build/smb_build libads libcli/auth
Author: abartlet Date: 2005-03-29 08:24:03 + (Tue, 29 Mar 2005) New Revision: 6113 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6113 Log: Move GENSEC and the kerberos code out of libcli/auth, and into auth/gensec and auth/kerberos. This also pulls the kerberos configure code out of libads (which is otherwise dead), and into auth/kerberos/kerberos.m4 Andrew Bartlett Added: branches/SAMBA_4_0/source/auth/gensec/ branches/SAMBA_4_0/source/auth/gensec/gensec.c branches/SAMBA_4_0/source/auth/gensec/gensec.h branches/SAMBA_4_0/source/auth/gensec/gensec.m4 branches/SAMBA_4_0/source/auth/gensec/gensec.mk branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c branches/SAMBA_4_0/source/auth/gensec/gensec_gsskrb5.c branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c branches/SAMBA_4_0/source/auth/gensec/gensec_ntlmssp.c branches/SAMBA_4_0/source/auth/gensec/ntlmssp.c branches/SAMBA_4_0/source/auth/gensec/ntlmssp.h branches/SAMBA_4_0/source/auth/gensec/ntlmssp_parse.c branches/SAMBA_4_0/source/auth/gensec/ntlmssp_sign.c branches/SAMBA_4_0/source/auth/gensec/schannel.c branches/SAMBA_4_0/source/auth/gensec/schannel.h branches/SAMBA_4_0/source/auth/gensec/schannel_sign.c branches/SAMBA_4_0/source/auth/gensec/schannel_state.c branches/SAMBA_4_0/source/auth/gensec/spnego.c branches/SAMBA_4_0/source/auth/gensec/spnego.h branches/SAMBA_4_0/source/auth/gensec/spnego_parse.c branches/SAMBA_4_0/source/auth/kerberos/ branches/SAMBA_4_0/source/auth/kerberos/clikrb5.c branches/SAMBA_4_0/source/auth/kerberos/gssapi_parse.c branches/SAMBA_4_0/source/auth/kerberos/kerberos.c branches/SAMBA_4_0/source/auth/kerberos/kerberos.h branches/SAMBA_4_0/source/auth/kerberos/kerberos.m4 branches/SAMBA_4_0/source/auth/kerberos/kerberos.mk branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c Removed: branches/SAMBA_4_0/source/libcli/auth/clikrb5.c branches/SAMBA_4_0/source/libcli/auth/gensec.c branches/SAMBA_4_0/source/libcli/auth/gensec.h branches/SAMBA_4_0/source/libcli/auth/gensec.m4 branches/SAMBA_4_0/source/libcli/auth/gensec.mk branches/SAMBA_4_0/source/libcli/auth/gensec_gssapi.c branches/SAMBA_4_0/source/libcli/auth/gensec_gsskrb5.c branches/SAMBA_4_0/source/libcli/auth/gensec_krb5.c branches/SAMBA_4_0/source/libcli/auth/gensec_ntlmssp.c branches/SAMBA_4_0/source/libcli/auth/gssapi_parse.c branches/SAMBA_4_0/source/libcli/auth/kerberos.c branches/SAMBA_4_0/source/libcli/auth/kerberos.h branches/SAMBA_4_0/source/libcli/auth/kerberos_verify.c branches/SAMBA_4_0/source/libcli/auth/ntlmssp.c branches/SAMBA_4_0/source/libcli/auth/ntlmssp.h branches/SAMBA_4_0/source/libcli/auth/ntlmssp_parse.c branches/SAMBA_4_0/source/libcli/auth/ntlmssp_sign.c branches/SAMBA_4_0/source/libcli/auth/schannel.c branches/SAMBA_4_0/source/libcli/auth/schannel.h branches/SAMBA_4_0/source/libcli/auth/schannel_sign.c branches/SAMBA_4_0/source/libcli/auth/schannel_state.c branches/SAMBA_4_0/source/libcli/auth/spnego.c branches/SAMBA_4_0/source/libcli/auth/spnego.h branches/SAMBA_4_0/source/libcli/auth/spnego_parse.c Modified: branches/SAMBA_4_0/source/auth/auth.h branches/SAMBA_4_0/source/build/smb_build/main.pm branches/SAMBA_4_0/source/configure.in branches/SAMBA_4_0/source/libads/config.m4 Changeset: Sorry, the patch is too large (14000 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6113
svn commit: samba r6114 - in branches/SAMBA_4_0/source/librpc/ndr: .
Author: metze Date: 2005-03-29 10:01:34 + (Tue, 29 Mar 2005) New Revision: 6114 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6114 Log: the marker is const and is 0x434B 'CK' metze Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c === --- branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-03-29 08:24:03 UTC (rev 6113) +++ branches/SAMBA_4_0/source/librpc/ndr/ndr_compression.c 2005-03-29 10:01:34 UTC (rev 6114) @@ -35,7 +35,8 @@ uint8_t *plain_chunk; uint32_t plain_chunk_offset; uint32_t plain_chunk_size; - uint16_t unknown_marker; + uint8_t C_CK_marker; + uint8_t K_CK_marker; int ret; /* I don't know why, this is needed... --metze */ @@ -44,15 +45,20 @@ NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, plain_chunk_size)); if (plain_chunk_size 0x8000) { return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB plain chunk size %08X 0x8000 (PULL), - plain_chunk_size); + plain_chunk_size); } NDR_CHECK(ndr_pull_uint32(ndrpull, NDR_SCALARS, comp_chunk_size)); - NDR_CHECK(ndr_pull_uint16(ndrpull, NDR_SCALARS, unknown_marker)); + NDR_CHECK(ndr_pull_uint8(ndrpull, NDR_SCALARS, C_CK_marker)); + NDR_CHECK(ndr_pull_uint8(ndrpull, NDR_SCALARS, K_CK_marker)); + if (!(C_CK_marker == (uint8_t)'C' K_CK_marker == (uint8_t)'K')) { + return ndr_pull_error(ndrpull, NDR_ERR_COMPRESSION, Bad ZLIB invalid CK marker C[%02X] K[%02X] (PULL), + C_CK_marker, K_CK_marker); + } - DEBUG(10,(plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u) unknown_marker: %04X (%u)\n, - plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size, unknown_marker, unknown_marker)); + DEBUG(10,(plain_chunk_size: %08X (%u) comp_chunk_size: %08X (%u)\n, + plain_chunk_size, plain_chunk_size, comp_chunk_size, comp_chunk_size)); comp_chunk_offset = ndrpull-offset; NDR_CHECK(ndr_pull_advance(ndrpull, comp_chunk_size)); @@ -62,6 +68,8 @@ NDR_CHECK(ndr_push_zero(ndrpush, plain_chunk_size)); plain_chunk = ndrpush-data + plain_chunk_offset; + dump_data(10, comp_chunk, 16); + zs-avail_in = comp_chunk_size; zs-next_in = comp_chunk; zs-next_out = plain_chunk;
svn commit: samba r6115 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: metze Date: 2005-03-29 13:07:20 + (Tue, 29 Mar 2005) New Revision: 6115 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6115 Log: don't try to decompress level 7 buffers yet metze Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl === --- branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-03-29 10:01:34 UTC (rev 6114) +++ branches/SAMBA_4_0/source/librpc/idl/drsuapi.idl2005-03-29 13:07:20 UTC (rev 6115) @@ -500,11 +500,17 @@ typedef struct { uint32 decompressed_length; uint32 compressed_length; - [subcontext(4),compression(NDR_COMPRESSION_ZLIB,compressed_length,decompressed_length),flag(NDR_REMAINING)] DATA_BLOB *decompressed; - /*[subcontext(4),compression(NDR_COMPRESSION_ZLIB,compressed_length,decompressed_length)] drsuapi_DsGetNCChangesCtr1 *ctr1;*/ + [subcontext(4),subcontext_size(r-compressed_length),compression(NDR_COMPRESSION_ZLIB,compressed_length,decompressed_length),flag(NDR_REMAINING)] DATA_BLOB *decompressed; + /*[subcontext(4),subcontext_size(r-compressed_length),compression(NDR_COMPRESSION_ZLIB,compressed_length,decompressed_length)] drsuapi_DsGetNCChangesCtr1 *ctr1;*/ } drsuapi_DsGetNCChangesCompressedInfo; typedef struct { + uint32 decompressed_length; + uint32 compressed_length; + [subcontext(4),subcontext_size(r-compressed_length),flag(NDR_REMAINING)] DATA_BLOB *decompressed; + } drsuapi_DsGetNCChangesCompressedInfo_Test; + + typedef struct { drsuapi_DsGetNCChangesCompressedInfo info; } drsuapi_DsGetNCChangesCtr2; @@ -531,7 +537,7 @@ typedef struct { uint32 unknown1; uint16 unknown2; /* enum */ - drsuapi_DsGetNCChangesCompressedInfo info; + drsuapi_DsGetNCChangesCompressedInfo_Test info; } drsuapi_DsGetNCChangesCtr7; typedef [switch_type(int32)] union {