Re: [Samba] kernel oops generated by smbfs module
On Tue, Apr 26, 2005 at 02:37:04PM -0500, Gerald (Jerry) Carter wrote: Just to give credit here, the smbfs code was originally written by Volker Lendecke (of the Samba Team) a *long* time ago. I remember read his description about it in a Dr. Dobb's Journal back in either '97. But the code has a different maintainer these days. Hey Volker, how's this for nostalgia? :-) http://www.ddj.com/documents/s=944/ddj9702g/ Thanks for that reference! I think this was my very first article I wrote for a magazine. I *think* I still have that issue still somewhere in a box! I haven't looked at kernel code for *ages*... Volker pgpiJIehjp5kX.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] accessing windows shares from Linux
hey friends, I have configured samba as BDC to Windows 2003 domain controller which is acting as PDC.Now the problem is that I am able to see the Linux shares from the windows but from the Linux I am not able to see the windows shares. I am using Fedora Core 3 and Windows Clients are Windows XP Pro ,Win 2000 and Windows 2003 . When ever i try to access the windows shares from the linux it says the folder contents cannot be displayed as i don't have permissions. Please guide me how make it working. Thanks Regards Ankush Grover -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] AD Rules in Samba
Hi, Where can I get further information on how to create group policies via samba Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Connection reset by peer
Hi! I always get the following messages. What does this mean? smbd[20233]: [2005/04/27 09:58:13, 0] lib/util_sock.c:read_socket_data(384) smbd[20233]: read_socket_data: recv failure for 4. Error = Connection reset by peer Thanks in advance Annette -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection reset by peer
On Wednesday 27 April 2005 11:00, Annette Bitz wrote: Hi! I always get the following messages. What does this mean? smbd[20233]: [2005/04/27 09:58:13, 0] lib/util_sock.c:read_socket_data(384) smbd[20233]: read_socket_data: recv failure for 4. Error = Connection reset by peer This means that remote host closed TCP connection by sending a RST packet. Normally, when you, for example, download a file via http, remote host closes connection with FIN when it finished sending all data. -- vda -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection reset by peer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Annette, maybe you have problems with your network interface card. Try to exchange this part of hardware. Greets, Holger Annette Bitz wrote: | Hi! | | I always get the following messages. What does this mean? | | smbd[20233]: [2005/04/27 09:58:13, 0] lib/util_sock.c:read_socket_data(384) | smbd[20233]: read_socket_data: recv failure for 4. Error = Connection reset | by peer | | Thanks in advance | Annette -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCb0j+O0QDuZMdP0sRAhXeAJ9Kh9+ruDFsaOo7JeJa4QvII5iT6wCfQUCE 5TDAhTD1vJv/HIu7O1lTGas= =ua37 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RedHat EL 3 rpm spec file and samba 3.0.14a?
Marshall Herington wrote: Is the RedHat RPM spec file included with the samba-3.0.14a.tar.gz source files compatible with RedHat EL 3? In other words, are the locations for the various support directories (/var/lib/samba, /var/cache/samba, etc.) the same between the RedHat EL 3 version of samba (currently stuck at 3.0.9, I think) and the official samba.org http://samba.org versions? I would like to upgrade my installation samba beyond the RedHat sanctioned version in order to take advantage of the new features and significant bug fixes that have come along recently. Does anyone have experience with this type of situation? Thanks, Marshall Hi, look here, http://people.redhat.com/fenlason/.samba/ this is a nonofficial and unsupported 3.0.13 srpm for el3, I took the last 2 patches out (should be in 3.0.14) It compiled cleanly with 3.0.14a. Have this running since then without problem. Rainer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind samba pdc
Hi, I still have my problem that my samba PDC doesnt want to accept winbind queries. wbinfo -u or -g or -t does only generate errors. the logfiles show a blissfull silence. who has a working PDC with winbind in samba? I really need it urgently now! Here is my smb.conf file [global] workgroup = SMB3 netbios name = SMB-TEST add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/groupmod -A %u %g delete user from group script = /usr/sbin/groupmod -R %u %g add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody %u # Note: The following specifies the default logon script. # Per user logon scripts can be specified in the user account using pdbedit logon script = scripts\logon.bat # This sets the default profile path. Set per user paths with pdbedit logon path = \\%L\Profiles\%U logon drive = H: logon home = \\%L\%U domain logons = Yes os level = 35 preferred master = Yes domain master = Yes idmap uid = 15000-2 idmap gid = 15000-2 printing = cups [homes] comment = Home Directories valid users = %S read only = No browseable = No # Printing auto-share (makes printers available thru CUPS) [printers] comment = All Printers path = /var/spool/samba printer admin = root,ramses create mask = 0600 guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers Share path = /var/lib/samba/drivers write list = ramses, root printer admin = ramses, root # Needed to support domain logons [netlogon] comment = Network Logon Service path = /etc/samba/logon admin users = root, ramses guest ok = Yes browseable = No # For profiles to work, create a user directory under the path # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo [Profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes # Other resource (share/printer) definitions would follow below. [All] path = /i read only = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] NT_STATUS_LOGON_FAILURE after a while
Hello everybody, we have a simple file server running samba. (no ldap, etc). The samba version is 3.0.11 running on fedora core1. We access it from NT4 (TSE + Citrix), XP, Win9X and Linux. When we start smbd, all works fine, everybody can conntect to the file server to mount the shares without any problems. After a while, nobody can connect to the server, smbd always answer NT_STATUS_LOGON_FAILURE. But, previously established connections still work since they are closed. Did anybody experienced this problem ? Thanks Best regards. JiB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba as BDC and getting this error NT_STATUS_NO_SUCH_USER
hey, I am getting this error after configuring samba.I have configure samba as BDC to a Win 2003 Domain Controller.I have created the same users as they are on Windows 2003 on my samba server ,now whenever any user clicks on the samba server it sees its home directories and other folders.There is no user who is getting problem,but I am not able to understand why I am getting this error. domain_client_validate: unable to validate password for user Owner in domain SUNUPDELHI to Domain controller \\SERVER1. Error was NT_STATUS_NO_SUCH_USER Thanks Regards Ankush Grover -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind samba pdc
Hi, I notice you have no 'log level' entry under your global section. I think it would be a good idea to add this to increase the verbosity of the logging. See the smb.conf man pages for more details. Regards -- Ian Clancy IT Systems Engineer Connaught Electronics Ltd. Dunmore Rd, Tuam, Co. Galway, Ireland. E : mailto:[EMAIL PROTECTED] W : http://www.cel-europe.com Hi, I still have my problem that my samba PDC doesnt want to accept winbind queries. wbinfo -u or -g or -t does only generate errors. the logfiles show a blissfull silence. who has a working PDC with winbind in samba? I really need it urgently now! Here is my smb.conf file [global] workgroup = SMB3 netbios name = SMB-TEST add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/groupmod -A %u %g delete user from group script = /usr/sbin/groupmod -R %u %g add machine script = /usr/sbin/useradd -s /bin/false -d /var/lib/nobody %u # Note: The following specifies the default logon script. # Per user logon scripts can be specified in the user account using pdbedit logon script = scripts\logon.bat # This sets the default profile path. Set per user paths with pdbedit logon path = \\%L\Profiles\%U logon drive = H: logon home = \\%L\%U domain logons = Yes os level = 35 preferred master = Yes domain master = Yes idmap uid = 15000-2 idmap gid = 15000-2 printing = cups [homes] comment = Home Directories valid users = %S read only = No browseable = No # Printing auto-share (makes printers available thru CUPS) [printers] comment = All Printers path = /var/spool/samba printer admin = root,ramses create mask = 0600 guest ok = Yes printable = Yes browseable = No [print$] comment = Printer Drivers Share path = /var/lib/samba/drivers write list = ramses, root printer admin = ramses, root # Needed to support domain logons [netlogon] comment = Network Logon Service path = /etc/samba/logon admin users = root, ramses guest ok = Yes browseable = No # For profiles to work, create a user directory under the path # shown. i.e., mkdir -p /var/lib/samba/profiles/maryo [Profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes # Other resource (share/printer) definitions would follow below. [All] path = /i read only = yes guest ok = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 'valid users' does not accept my users, but my groups
Hi, I'm using Version 3.0.10-Debian and have winbindd running for auth against our W2K TEST-DOM. I've set up shares which only some groups have access granted. System is runnig fine a few weeks when I now discovered when I want grant access to only one user, it doesn't work. The configuration for this share is: [testshare] path = /data/test public = no writeable = yes browseable = yes create mode = 0777 force directory mode = 0775 force create mode = 0666 force user = www-data force group = www-data valid users = mfischer The logfile tells me: [2005/04/27 10:44:05, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [mfischer] - [mfischer] - [TEST-DOMmfischer] succeeded [2005/04/27 10:44:05, 2] smbd/service.c:make_connection_snum(314) user 'TEST-DOMmfischer' (from session setup) not permitted to access this share (testshare) When I use groups, e.g. valid users = @development and my user 'mfischer' is in this group, it works without problems. I've tried different syntaxes like TEST-DOM\mfischer TEST-DOMmfischer (because it's written this way in the logfile) TEST-DOM+mfischer (because of the winbind separator) TEST-DOM/mfischer none of them worked. My pam.d/samba looks like: # from common-auth authsufficient pam_winbind.so authsufficient pam_unix.so nullok_secure use_first_pass # from common-account account requiredpam_unix.so # from common-session session requiredpam_unix.so session requiredpam_mkhomedir.soskel=/etc/skel/ umask=0002 any suggestions or other information I can provide? thanks, - Markus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NT_STATUS_LOGON_FAILURE after a while
Sorry, I wanted to say But, previously established connections still work until they are closed. I've got a bad english :-( Denis Vlasenko a crit : On Wednesday 27 April 2005 11:53, Jean-Baptiste Estival wrote: Hello everybody, we have a simple file server running samba. (no ldap, etc). The samba version is 3.0.11 running on fedora core1. We access it from NT4 (TSE + Citrix), XP, Win9X and Linux. When we start smbd, all works fine, everybody can conntect to the file server to mount the shares without any problems. After a while, nobody can connect to the server, smbd always answer NT_STATUS_LOGON_FAILURE. But, previously established connections still work since they are closed. Are you saying that closed connections continue to work? -- vda -- Jean-Baptiste ESTIVAL mailto:[EMAIL PROTECTED] /I*ngnieur *//, Centre technologique et informatique/ *Shaktiware http://www.shaktiware.fr* 27 boulevard Charles Moretti, Bat B 13 014 MARSEILLE FRANCE Tel : +33 4 91 10 19 30 Fax : +33 4 91 10 19 34 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problems with Winbind and NTLM Authentication
Hi all! After upgrading from Samba2 to Samba 3.0.10 we have some serious problems with authenticating users with Winbind via NTLM to a NT4 Domain. After working for a while a strange error occurs in the Winbind log. Every authentication attempt ends with a serious error NT_STATUS_PIPE_DISCONNECT. Can anybody tell me what´s happening here? Restarting winbind has no affect. The error keeps coming. After switching back to Samba 2 everything is fine. I´ve searched Goggle and the Mailinglist archive but noone mentioned this error before. Thanks for your help. Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] win xp pro: can't login to samba domain NT_STATUS_WRONG_PASSWORD
Dear List! I am having a problem when trying to login from win xp prof sp 2 to samba 3.0.10 pdc (with ldap) on my Gentoo box: samba log says: check_ntlm_password: mapped user is: [EMAIL PROTECTED] ntlm_password_check: NT MD4 password check failed for user root init_ldap_from_sam: Setting entry for user: root check_ntlm_password: Authentication for user [root] - [root] FAILED with error NT_STATUS_WRONG_PASSWORD Can you tell me what I did wrong? Do I have to path my windows registry for ntlm authentication? Thank you in advance!! my smb.conf # Global parameters [global] dos charset = 850 unix charset = ISO8859-1 workgroup = TUXNT netbios name = SRV server string = SAMBA-LDAP PDC Server %v interfaces = lo, eth0 bind interfaces only = Yes update encrypted = Yes client schannel = Yes server schannel = Yes passdb backend = ldapsam:ldaps://127.0.0.1:636 client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No log level = 3 log file = /var/log/samba/log.%m max log size = 50 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/local/sbin/smbldap-useradd -m add group script = /usr/local/sbin/smbldap-groupadd -p add user to group script = /usr/local/sbin/smbldap-groupmod -m delete user from group script = /usr/local/sbin/smbldap-groupmod -x set primary group script = /usr/local/sbin/smbldap-usermod -g add machine script = /usr/local/sbin/smbldap-useradd -w domain logons = Yes os level = 255 preferred master = Yes domain master = Yes wins proxy = Yes wins support = Yes ldap admin dn = cn=Manager,dc=TUXNT,dc=LOCAL ldap delete dn = Yes ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap passwd sync = Yes ldap suffix = dc=TUXNT,dc=LOCAL ldap ssl = no ldap user suffix = ou=Users vscan-clamav:config-file = /etc/samba/vscan-clamav.conf valid users = root admin users = root guest ok = Yes vfs objects = vscan-clamav _ MSN Hotmail. Anmelden und gewinnen! http://www.msn.de/email/webbased/ Ihre Chance, eines von 10 T-Mobile MDA II zu gewinnen! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Authentication failure when accessing Samba server in a NT domain
Hello Ankush, Thanks for taking a look at this. I tried the two suggestions that you put forward. Neither of them seemed to solve this problem...I increased the logging level and found the following when trying to connect to the Samba share from the WINXP machine. [2005/04/27 05:51:16, 5] auth/auth_util.c:make_user_info_map(224) make_user_info_map: Mapping user [DOMAINNAME]\[akamdar] from workstation [ASHUTOSH] [2005/04/27 05:51:16, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain DOMAINNAME found. [2005/04/27 05:51:16, 5] auth/auth_util.c:make_user_info(132) attempting to make a user_info for akamdar (akamdar) [2005/04/27 05:51:16, 5] auth/auth_util.c:make_user_info(142) making strings for akamdar's user_info struct [2005/04/27 05:51:16, 5] auth/auth_util.c:make_user_info(184) making blobs for akamdar's user_info struct [2005/04/27 05:51:16, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/04/27 05:51:16, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/04/27 05:51:16, 5] lib/util.c:dump_data(1995) [000] 49 59 CB 9A EB 49 C4 0E IY...I.. [2005/04/27 05:51:16, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/04/27 05:51:16, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/04/27 05:51:16, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/04/27 05:51:16, 5] auth/auth_util.c:debug_nt_user_token(485) NT user token: (NULL) [2005/04/27 05:51:16, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/04/27 05:51:16, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/04/27 05:51:16, 5] auth/auth.c:check_ntlm_password(271) check_ntlm_password: winbind authentication for user [akamdar] FAILED with error NT_STATUS_ACCESS_DENIED [2005/04/27 05:51:16, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [akamdar] - [akamdar] FAILED with error NT_STATUS_ACCESS_DENIED [2005/04/27 05:51:16, 5] auth/auth_util.c:free_user_info(1380) attempting to free (and zero) a user_info structure [2005/04/27 05:51:16, 3] smbd/process.c:timeout_processing(1334) timeout_processing: End of file from client (client has disconnected). [2005/04/27 05:51:16, 5] lib/gencache.c:gencache_shutdown(88) Closing cache file [2005/04/27 05:51:16, 5] libsmb/namecache.c:namecache_shutdown(79) namecache_shutdown: netbios namecache closed successfully. [2005/04/27 05:51:16, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/04/27 05:51:16, 5] auth/auth_util.c:debug_nt_user_token(485) NT user token: (NULL) [2005/04/27 05:51:16, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/04/27 05:51:16, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/04/27 05:51:16, 2] smbd/server.c:exit_server(609) Closing connections [2005/04/27 05:51:16, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2005/04/27 05:51:16, 5] smbd/oplock.c:receive_local_message(107) receive_local_message: doing select with timeout of 1 ms [2005/04/27 05:51:16, 3] smbd/server.c:exit_server(652) Server exit (normal exit) Any thoughts? Regards, Ash --Original Message- -From: ankush grover [mailto:[EMAIL PROTECTED] -Sent: Wednesday, April 27, 2005 07:38 AM -To: 'Ashutosh Kamdar' -Subject: Re: [Samba] Authentication failure when accessing Samba server in a NT domain - -On 4/26/05, Ashutosh Kamdar [EMAIL PROTECTED] wrote: - Hello Samba Gurus, - - I have configured my Samba install to be a domain member of a NT4-Style domain. The version of samba used is 3.0.13. The domain joining process worked fine (net rpc join). An excerpt of smb.conf is provided at the end for reference. - - The problem is that when users access this server, they are challenged for the username password. I was of the impression that this process would be seamless to the user. On providing the NT username/password, the login process still fails. It just comes back with the same prompt challenging the user. - - These users are added in /etc/passwd but not in smbpasswd, as per the documentation. - - On using smbclient: - # ./smbclient -d 3 -U akamdar -L localhost - - This was the output obtained: - lp_load: refreshing parameters - Initialising global parameters - params.c:pm_process() - Processing configuration file /usr/local/samba/lib/smb.conf - Processing section [global] - added interface ip=192.168.2.37 bcast=192.168.2.255 nmask=255.255.255.0 - Client started (version 3.0.13). - resolve_lmhosts: Attempting lmhosts
[Samba] smbldap-tools Perl error (FreeBSD)
smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
quote who=Per olof Ljungmark smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. They've probably missed a $ off of print_banner. Have you looked at line 43? Gavin. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 742001 E [EMAIL PROTECTED] Open Source. Open Solutions(tm). http://www.suretecsystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote: quote who=Per olof Ljungmark smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. They've probably missed a $ off of print_banner. Have you looked at line 43? Hi Gavin, 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; Adding a $ does not change much, however, if I comment out use strict; it works. Now, what would be the problem with commenting that out? I suspect this could be FBSD-specific. Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] trusted domain 'disconnected' using winbind
Problem is solved! Actually there were 2 problems. First, I noticed that winbind tried to resolve a servername which is no longer PDC in the trusted domain - we changed PDC and BDC some months ago. Don't know where samba gets this (wrong) information from. So I tried a workaround by adding an entry in lmhosts with the wrong servername (the one winbind is looking for) but the correct ip-address of the PDC. In fact this worked fine with our test system but not with the production server, though configuration was indentical execpt the sw-release of samba itself. Finally I upgraded 3.0.9-2.6 to 3.0.14a-0.1 and now everything is fine! Gerald (Jerry) Carter wrote: Grund, Andreas wrote: I have a problem with winbind resolving global groups on a trusted NT Domain. I want to use SQUID and NTLM Authentification and therefore the external authentification helper needs to check if a user belongs to a given group. When I do 'windbind -r DOMAIN+USER GROUP', only groups of the local domain are listed. It seems as if winbind couldn't find a domain controller for the trusted domain: 'wbinfo --sequence' shows the trusted domain disconnected. Debugging winbindd does show following errors: wbinfo --sequence= [..] bind_rpc_pipe: transfer syntax differs rpc_pipe_bind: check_bind_response failed. [..] This is they key error message. Can you send me a raw ethereal trace and a level 10 debug log surrounduing this error? Thanks. Samba Version: 3.0.9-2.6-SUSE 2 NT4 SP6 Servers acting as PDC for 2 trusted Domains cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Adding local group - Access denied
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi folks, I think, there's something wrong with documentation of the smbldap-scripts. In the doc is said: -t group type:set the NT Group type for the new group. Available values are 2 (domain group), 4 (local group) and 5 (builtin group). The default group type is 2. That's wrong. The parameters are -t domain, -t local or -t builtin. There is a mapping function in smbldap_tools.pm at line 903: sub group_type_by_name { ~ my $type_name = shift; ~ my %groupmap = ( 'domain' = 2, 'local' = 4, 'builtin' = 5 ); ~ return $groupmap{$type_name}; } Okay, that doesn't solve my origin problem, because I still can't create local groups with the NT-Usermanager. Greetings, Holger Holger Wesser wrote: | Hi Paul, | | I tried it on the console and got a: | | /usr/sbin/smbldap-groupadd: unknown group type 4 | | Well, I searched through the perl scripts, but sorry- as a | non-programmer I cannot find anything. | | I set the log level to 3, but the outputs in the logfile seems to me | okay. | | Maybe I made errors when using the smbldap-groupadd command: | | 'smbldap-groupadd -a -g 1038 -t 2 abakus' | | Unfortunately, I couldn't find an example how to use the command exactly. | | Greetings, | Holger | | | Paul Gienger wrote: | | | | short question: I try to add a local group via the NT-Usermanager | | (usrmgr.exe), but everytime I get a Access denied. Adding a global | | group works. I'm logged on as Administrator. I'm running Samba 3.0.14a | | on Debian Sarge (testing) with the smbldap-tools (v0.8.8). | | | | What could I have done wrong? | | | | | | Well, what have you tried to debug this? | | What is the output from running the add group script from the command | | line? Do you have other groupmaps working just fine? | | | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCb4zMO0QDuZMdP0sRAhCmAJ4iWfH5J/f/Gt6PmOpWCDEs+CiM2wCgqpv6 2sXWTOd7jJ+RHE5Snx/lfeQ= =Pi6A -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: nrptiners.tdb and upgrades [was Re: [Samba] Can't Install Samba 3.0.14a]
I have that same problem on a box running 2.2.8a that I was trying to upgrade to 3.0.8 (haven't tried since then). On Tue, 2005-04-19 at 09:33, Paul Gienger wrote: Paul Gienger wrote: | That being said, every time I've done an upgrade on a | linux box my printer drivers have needed rebuilding | even after backing up tdb files, etc. FWIW. Everything | else has gone fine however. Paul, This should not be happening. The nt*tdb files have not changed in format in a long time. Can you give me some details for reproducing this? Saying 'every time' may have been a lot overstated. Now that I remember exactly the situation, it was upgrading a particular FC2 machine from maybe something in the 3.0.9 era to 3.0.11 but another FC2 box worked fine. That machine (or really the users of it) causes me enough problems that it seems like when it breaks that the world stops turning though ;) I'll see what happens on the .14 upgrade, hopefully tonight, and check in again. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- Scott McCallum Sr. Unix Administrator Whitehead Institute (http://wi.mit.edu/) s k m @ w i . m i t . e d u ext 85120 quidquid latine dictum sit altum sonatur -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Guest user?
Hello all, Am trying to set up a guest account for employees from other offices to come in the office to login and do stuff. I want to block access to all public drives so this is what I've done: Consider the SAMBA server in Office A and I want to create a guest account so that people from Office B and C can access. There is a public drive that everyone in Office A can edit, and a drive called Restricted that one person in Office A can edit, but everyone else in Office A can access but not edit. Created a group called everyone and added everyone in Office A to that group Created a group called Restricted and added the person who's allowed to edit this drive to that group Created the following lines in smb.conf file: [public] comment = shared folder writeable = yes path = /home/samba/public write list = @everyone guest ok = no create mode = 0777 directory mode = 0777 [signmatters] comment = shared folder writeable = yes path = /home/samba/restricted write list = @restricted valid users = @everyone @restricted guest ok = no create mode = 0775 directory mode = 0775 guest isn't part of either everyone or restricted groups. The permissions of the 2 folders are: drwxrwx--- 3 root everyone 4096 2005-04-27 14:56 public drwxrwx--- 2 root restricted 4096 2005-04-27 14:56 restricted As it is, guest can't access either drives, everyone in Office A can access the public drive and edit stuff on there, the person who's allowed to edit the restricted files can do so, but no-one in Office A is able to access the restricted files? How do I set it so that guest can't access the restricted files, but everyone in Office A can? Thanks very much for your help in advance Cheers - Piers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Minimal Samba
Nice example John. But, at least in my experience and the smb.conf man page would seem to concur, it won't work at all under Samba 3.x unless you add the line smb ports = 139. The following two sections of the smb.conf man page more or less spell out the problem.. smb ports (G) Specifies which ports the server should listen on for SMB traffic. Default: smb ports = 445 139 %L the NetBIOS name of the server. This allows you to change your config based on what the client calls you. Your server can have a ``dual personality''. This parameter is not available when Samba listens on port 445, as clients no longer send this information. Tom Schaefer On Tue, 26 Apr 2005 08:31:23 -0600 John H Terpstra [EMAIL PROTECTED] wrote: It is possible. Master smb.conf file: [global] workgroup = FORTKNOX security = user netbios name = ARMEDGUARD netbios aliases = BANDIT include = /etc/samba/smb.conf.%L [homes] read only = No Now for the 'bandit' smb.conf: [global] workgroup = FORTKNOX security = share netbios name = BANDIT guest ok = Yes [cashpool] path = /money read only = yes guest only = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question about nss_ldap: could not get LDAP result - Can't contact LDAP server error
Hello We have a OpenLDAP-2.2.23 + Samba 3.0.14a and the system is logging a lot (one to each minute, more or less) of errors like this: server smbd[10799]: [ID 510469 daemon.error] nss_ldap: could not get LDAP result - Can't contact LDAP server Well, I would like to ask to samba specialists if is possible that the problem is this slapd.conf option: idletimeout 30 I´m using it because I was compiled LDAP with wrapper option and wrapper doens´t support more than 256 simultaneous connections. Then, I´m thinking if smbd process is trying to restablish a closed connection and because that generating the error. Is it possible? Thank you very much. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] IPC$ entries not deleted from connections.tdb? [OK]
Hi Jeremy, I've applied the patch and rebuild samba-3.0.11. The results are pretty good as the connections.tdb file is clean and the smbstatus output seems to be ok. I've set the debug level to 10 and the real problem has been corrected by this part, since I'd this debug message in my log file very often @@ -575,6 +575,7 @@ if (!change_to_user(conn, conn-vuid)) { /* No point continuing if they fail the basic checks */ DEBUG(0,(Can't become connected user!\n)); + yield_connection(conn, lp_servicename(snum)); conn_free(conn); *status = NT_STATUS_LOGON_FAILURE; return NULL; Thanx again for your help From: Jeremy Allison [EMAIL PROTECTED] Reply-To: Jeremy Allison [EMAIL PROTECTED] To: Yannick Bergeron [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [Samba] IPC$ entries not deleted from connections.tdb? Date: Tue, 26 Apr 2005 16:51:33 -0700 On Tue, Apr 26, 2005 at 03:33:11PM -0400, Yannick Bergeron wrote: Hi Andrew, I know that you're a very busy guy, but I've CC you on this post a few days ago and didn't get any answer. http://lists.samba.org/archive/samba-technical/2005-April/040377.html http://lists.samba.org/archive/samba-technical/2005-April/040378.html http://lists.samba.org/archive/samba-technical/2005-April/040379.html http://lists.samba.org/archive/samba/2005-April/104135.html I would like to have your impression on this problem or if you can reproduce it. I would be really surprised if I was the only one who has it. The difference is that we're using samba with a lots of users and we've estimated that the file will grow at least 55mb per month. This if for a smbd child that make only one connection. It could be like 20 times bigger (1.1gb) if each smbd child owns 20 connections. There were some codepaths in smbd/service.c that didn't call yield_connection() on an error. But they would only occur in an error case. Do you have any of these in you smbd logs ? Anyway, here is a patch to ensure yield_connection() is always called on error (and also a tidyup of some extraneous macro calls). Jeremy. look -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
quote who=Per olof Ljungmark Gavin Henry wrote: quote who=Per olof Ljungmark smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. They've probably missed a $ off of print_banner. Have you looked at line 43? Hi Gavin, 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; Adding a $ does not change much, however, if I comment out use strict; it works. Now, what would be the problem with commenting that out? I suspect this could be FBSD-specific. Ah, I've just looked at the code in smbldap_tools.pm. It's a call to the print_banner subroutine (http://cvs.idealx.org/cgi-bin/cvsweb/samba/smbldap-tools/smbldap_tools.pm?rev=1.54content-type=text/x-cvsweb-markuponly_with_tag=v0-8-7) Add a on the front of it: 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; This doesn't appear to be fixed in version 0.8.8, so it might be something else. HTH. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 742001 E [EMAIL PROTECTED] Open Source. Open Solutions(tm). http://www.suretecsystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question to the Samba-Developer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there, as mentioned in a thread before, I'm in trouble when trying to add a local group via NT-Usermanager. I think the problem is the following line in the smb.conf: add group script = /usr/local/sbin/smbldap-groupadd -p %g In this case, the only parameter that is handed over to the smbldap-groupadd script is the name of the group (%g). Unfortunately the script doesn't know, which type of group it has to create. By default, it creates a global group. So is there a variable available, that specifies the type of group? I hope, you understand what I mean. Greets, Holger -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCb5rXO0QDuZMdP0sRAoIfAJ4+DSVB4sE1pbKPqVH2IPvxZ6NaoQCfWiwj SKC8zRYmGBPt90mlTzWKt68= =gl1K -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba 3.0.15
Hi... I posted a few days ago that I was having trouble getting samba 3.0.14a to work with ldap. I switched up to 3.0.15pre2 and had much the same trouble. I have been following the instructions in http://www.samba.org/samba/docs/Samba-Guide.pdf, but I am still having troubles. Here is what happens when i run smbldap-populate: mercury:/usr/local/samba/sbin# ./smldap-populate -a root -k 0 -m 0 Populating LDAP directory for domain TESTNET (S-1-5-21-4179843118-1526938909-891067941) (using builtin directory structure) Use of uninitialized value in string ne at ./smbldap-populate line 165 Use of uninitialized value in concactenation (.) or string at ./smbldap-populate line 170 entry o=ssfsnet already exist. adding new entry: ou=People,o=ssfsnet adding new entry: ou=Groups,o=ssfsnet adding new entry: ou=Computers,o=ssfsnet Can't call method dn on an undefined value at ./smbldap-populate line 442, GEN1 line 6. mercury:/usr/local/samba/sbin# I can't figure out what is wrong...The smb.conf is taken straight from the documentation and the smbldap tools should be properly configured. Every thing is by the book but I still can't seem to get it working. Could somebody perhaps post somewhere a working smb.conf and perhaps a slapcat dump (minus users, of course) or even a working smbldap.conf? I know I'm probably just missing something stupid, but I am out of ideas Thanks in advance, Rich -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote: quote who=Per olof Ljungmark Gavin Henry wrote: quote who=Per olof Ljungmark smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. They've probably missed a $ off of print_banner. Have you looked at line 43? Hi Gavin, 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; Adding a $ does not change much, however, if I comment out use strict; it works. Now, what would be the problem with commenting that out? I suspect this could be FBSD-specific. Ah, I've just looked at the code in smbldap_tools.pm. It's a call to the print_banner subroutine (http://cvs.idealx.org/cgi-bin/cvsweb/samba/smbldap-tools/smbldap_tools.pm?rev=1.54content-type=text/x-cvsweb-markuponly_with_tag=v0-8-7) Add a on the front of it: 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; This doesn't appear to be fixed in version 0.8.8, so it might be something else. Then it is something else. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba 3.0.15
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The errors are thrown by the smbldap-scripts. So what version of the smbldap-tools are you using? Did you install the perl modules Net::LDAP and Crypt::SmbHash properly? Greets, Holger rich foo wrote: | Hi... | I posted a few days ago that I was having trouble getting samba 3.0.14a to | work with ldap. I switched up to 3.0.15pre2 and had much the same | trouble. I have been following the instructions in | http://www.samba.org/samba/docs/Samba-Guide.pdf, but I am still having | troubles. | | Here is what happens when i run smbldap-populate: | | mercury:/usr/local/samba/sbin# ./smldap-populate -a root -k 0 -m 0 | Populating LDAP directory for domain TESTNET | (S-1-5-21-4179843118-1526938909-891067941) | (using builtin directory structure) | | Use of uninitialized value in string ne at ./smbldap-populate line 165 | Use of uninitialized value in concactenation (.) or string at | ./smbldap-populate line 170 | entry o=ssfsnet already exist. | adding new entry: ou=People,o=ssfsnet | adding new entry: ou=Groups,o=ssfsnet | adding new entry: ou=Computers,o=ssfsnet | Can't call method dn on an undefined value at ./smbldap-populate line | 442, GEN1 line 6. | mercury:/usr/local/samba/sbin# | | I can't figure out what is wrong...The smb.conf is taken straight from the | documentation and the smbldap tools should be properly configured. Every | thing is by the book but I still can't seem to get it working. Could | somebody perhaps post somewhere a working smb.conf and perhaps a slapcat | dump (minus users, of course) or even a working smbldap.conf? I know I'm | probably just missing something stupid, but I am out of ideas | | Thanks in advance, | | Rich | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCb6HxO0QDuZMdP0sRAvBCAKCwgFXwxIT/Ap1d+h9uRGFQrZ+5ZACfYaqi NSqo67gjN+hNh51Cn1H34nM= =9rmi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Win XP Clients Using Kerberos
I have had quite good luck with Samba 3.0.10PDC/BDC with LDAP backend until about a week ago. For some strange reason, the XP clients have decided to try the Kerberos authentication method first to acccess shares. Since this involves a LENGTHY time out before a reversion to NTLM the clusers are complaining. Anyone know a n easy way to keep the XP machines from doing this? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD Rules in Samba
On Tuesday 26 April 2005 06:37, synchroweb wrote: Hi, Where can I get further information on how to create group policies via samba That all depends on what you want to achieve. Have you read the Samba-HOWTO-Collection chapters on this subject? If not, that is the first place to start. If you have, and it is not enough email me directly so we can tackle this together. Over the next two weeks I will be updating the Samba-HOWTO-Collection in preparation for reprinting of the Official Samba-3 HOWTO and Reference Guide (its published alter-ego). It is my intent to update the profiles and policies chapter before reprinting. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Guest user?
ons, 27.04.2005 kl. 15.04 skrev [EMAIL PROTECTED]: Am trying to set up a guest account for employees from other offices to come in the office to login and do stuff. I want to block access to all public drives so this is what I've done: Consider the SAMBA server in Office A and I want to create a guest account so that people from Office B and C can access. There is a public drive that everyone in Office A can edit, and a drive called Restricted that one person in Office A can edit, but everyone else in Office A can access but not edit. You say nothing of Samba version or platform. I've discovered POSIX ACLs on Red Hat RHAS3 and Samba 3.0.11, and the whole shop's gone wild with joy. Depending on your Samba version, do 'man smb.conf' and search for 'inherit acls'. Maybe something for you. --Tonni Created a group called everyone and added everyone in Office A to that group Created a group called Restricted and added the person who's allowed to edit this drive to that group Created the following lines in smb.conf file: [public] comment = shared folder writeable = yes path = /home/samba/public write list = @everyone guest ok = no create mode = 0777 directory mode = 0777 [signmatters] comment = shared folder writeable = yes path = /home/samba/restricted write list = @restricted valid users = @everyone @restricted guest ok = no create mode = 0775 directory mode = 0775 guest isn't part of either everyone or restricted groups. The permissions of the 2 folders are: drwxrwx--- 3 root everyone 4096 2005-04-27 14:56 public drwxrwx--- 2 root restricted 4096 2005-04-27 14:56 restricted As it is, guest can't access either drives, everyone in Office A can access the public drive and edit stuff on there, the person who's allowed to edit the restricted files can do so, but no-one in Office A is able to access the restricted files? How do I set it so that guest can't access the restricted files, but everyone in Office A can? Thanks very much for your help in advance Cheers - Piers -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They'll love us, won't they? They feed us, don't they? ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Changes to HOWTO and maybe Samba Guide for Solaris patches
Sun has changed the organization of their web site a lot over the years, and I just noticed that a URL included in the HOWTO is broken now. Perhaps there are others as well. In section 39.6.2 Winbind on Solaris 9 (p. 503), Solaris 9 users are directed to download a patch from the following URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=112960;rev=14 But the Sun site redirects users to a newer, longer, mch uglier URL: http://sunsolve.sun.com/search/advsearch.do?collection=PATCHtype=collec tionsmax=50language=enqueryKey5=112960;rev=14toDocument=yes (Yeah, that's all one line.) I just thought I should mention it, in case there are other specific URLs for Sun web pages in the (wonderful!) documentation. -wde -- Will Enestvedt UNIX System Administrator Johnson Wales University -- Providence, RI -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
quote who=Per olof Ljungmark Gavin Henry wrote: quote who=Per olof Ljungmark Gavin Henry wrote: quote who=Per olof Ljungmark smbldap-tools 0.8.7 FreeBSD 5.4-RC2 Samba 3.1.14 Perl 5.8.2 When I try to use any of the tools, the following message appears. Any hints on how to fix it are welcome. Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. They've probably missed a $ off of print_banner. Have you looked at line 43? Hi Gavin, 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; Adding a $ does not change much, however, if I comment out use strict; it works. Now, what would be the problem with commenting that out? I suspect this could be FBSD-specific. Ah, I've just looked at the code in smbldap_tools.pm. It's a call to the print_banner subroutine (http://cvs.idealx.org/cgi-bin/cvsweb/samba/smbldap-tools/smbldap_tools.pm?rev=1.54content-type=text/x-cvsweb-markuponly_with_tag=v0-8-7) Add a on the front of it: 42 if ( (!$ok) || (@ARGV 1) || ($Options{'?'}) ) { 43 print_banner; 44 print Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n; This doesn't appear to be fixed in version 0.8.8, so it might be something else. Then it is something else. Do any other commands work? I think the command can't find smbldap_tools.pm How is it installed? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba=?ISO-8859-1?Q? 3.0.15?=
The ldap tools are 8.8. Previous versions have worked to some extent, but as I posted earlier, I still can't get samba to cooperate. The ldap and crypt perl modules are installed and working. I was having difficulty with 3.0.14a and was told to read the http://www.samba.org/samba/docs/Samba-Guide.pdf book. This is as far as I could get. LDAP authentication is working for unix accounts, but not for samba. Rich -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: kernel oops generated by smbfs module
Greetings, I have run into a kernel oops that I can generate at will, and that hangs my machine. The machine is running Gentoo Linux, 2.6.11 kernel and gcc 3.3.5. I can post more information if needed. The problem arises when I mount an SMB share from a 2000-series Snap server (network appliance); software version 3.4.804, hardware 2.0.3. The mount is fine, and can sit for a long time. However, as soon as I start doing ls in directories on the mount, or tab-completing filenames (i.e. short reads), I get a kernel oops. This invariably happens within 20 seconds of starting to do this. I have tried two separate NICs (one tulip-compatible card and a 3com 905B) both of which have the same problem. The machine hangs whether or not smbfs is a module (although running it as a module makes the source of the oops more obvious). I have never debugged the linux kernel before. What information do you folks need from me? I have at least one of the oopses in /var/log/messages, and can generate more of them. I read some of the kernel documentation but found it a little bit confusing, which is why I'm asking here. Regards, -- Erik Osheim Sorry, I don't have an answer for you. However, I can tell you that I have experienced the exact same problem with two Snap servers (model 4100), using Fedora Core 2/3, kernel 2.6.? through current 2.6.11. One of the Snap servers is running software version 3.4.803, but the other was recently upgraded to version 4.0.855 and the problem still exists. Mounting as a cifs file system, as someone suggested, doesn't really help, at least not for me. I don't get the hard lockups like I do with smbfs, but as soon as I try to browse beyond the root directory of the share the process just hangs; although other applications still function. This seems to be a kernel 2.6 issue, as I have used similar mounts on RedHat 7-9 and Fedora Core 1 systems without any problems. I ended up having to use NFS. If you ever find a solution I would be interested in hearing about it. John Welch -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba 3.0.15
Rich, Instead of assuming the examples in the book are wrong, or do not work, just because you can not get them to work, may I suggest that you work with me to fix the documentation so others can avoid your pain. Please send me direct to [EMAIL PROTECTED] the following: 1. Output of: testparm -s the-smb.conf 2. Your smbldap.conf file. 3. Your /etc/openldap/slapd.conf file 4. Your /etc/ldap.conf file 5. Your /etc/nsswitch.conf file Also, please provide detailed, step-by-step, output of each configuration step in the current on-line PDF from: http://www.samba.org/samba/docs/Samba-Guide.pdf Since this is about to be published I would hate myself every day for producing errant guidance once this is in print. Please help me so I will not hate myself for misguiding people. - John T. On Wednesday 27 April 2005 08:34, rich foo wrote: Hi... I posted a few days ago that I was having trouble getting samba 3.0.14a to work with ldap. I switched up to 3.0.15pre2 and had much the same trouble. I have been following the instructions in http://www.samba.org/samba/docs/Samba-Guide.pdf, but I am still having troubles. Here is what happens when i run smbldap-populate: mercury:/usr/local/samba/sbin# ./smldap-populate -a root -k 0 -m 0 Populating LDAP directory for domain TESTNET (S-1-5-21-4179843118-1526938909-891067941) (using builtin directory structure) Use of uninitialized value in string ne at ./smbldap-populate line 165 Use of uninitialized value in concactenation (.) or string at /smbldap-populate line 170. entry o=ssfsnet already exist. adding new entry: ou=People,o=ssfsnet adding new entry: ou=Groups,o=ssfsnet adding new entry: ou=Computers,o=ssfsnet Can't call method dn on an undefined value at ./smbldap-populate line 442, GEN1 line 6. mercury:/usr/local/samba/sbin# I can't figure out what is wrong...The smb.conf is taken straight from the documentation and the smbldap tools should be properly configured. Every thing is by the book but I still can't seem to get it working. Could somebody perhaps post somewhere a working smb.conf and perhaps a slapcat dump (minus users, of course) or even a working smbldap.conf? I know I'm probably just missing something stupid, but I am out of ideas Thanks in advance, Rich -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win XP Clients Using Kerberos
On Wednesday 27 April 2005 08:40, Tom Skeren wrote: I have had quite good luck with Samba 3.0.10PDC/BDC with LDAP backend until about a week ago. For some strange reason, the XP clients have decided to try the Kerberos authentication method first to acccess shares. Since this involves a LENGTHY time out before a reversion to NTLM the clusers are complaining. Anyone know a n easy way to keep the XP machines from doing this? Tom, You have not really provided enough information to answer your concerns. Perhaps, if this problem persists after updating to samba-3.0.14a, I can help you to resolve this off-line and then report the solution back to this list. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changes to HOWTO and maybe Samba Guide for Solaris patches
Will, Thanks for the heads-up on this. I want updates like this for the HOWTO because over the next two weeks I will be updating it prior to printing of the second edition. So folks, please email me your updates, glitches, wish lists, pet-peeves, etc. this is your chance to help improve the documentations. Cheers, John T. On Wednesday 27 April 2005 08:59, William Enestvedt wrote: Sun has changed the organization of their web site a lot over the years, and I just noticed that a URL included in the HOWTO is broken now. Perhaps there are others as well. In section 39.6.2 Winbind on Solaris 9 (p. 503), Solaris 9 users are directed to download a patch from the following URL: http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=112960;rev=14 But the Sun site redirects users to a newer, longer, mch uglier URL: http://sunsolve.sun.com/search/advsearch.do?collection=PATCHtype=collec tionsmax=50language=enqueryKey5=112960;rev=14toDocument=yes (Yeah, that's all one line.) I just thought I should mention it, in case there are other specific URLs for Sun web pages in the (wonderful!) documentation. -wde -- Will Enestvedt UNIX System Administrator Johnson Wales University -- Providence, RI -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and Windows 2000
Hi Folks, I I have a problem with my Linux machines, (2) to connect to windows 2000 pc on my network. I can see all off the host in the network places on my network. I can connect from any machines towards Linux machines, Compaq-linux and Ibmsambaserver. From XP, windows98 and 2000 machines to Linux, I can seen my shared files on Linux, however when I try to connect from my Linux machines towards the win 2000, I get the following message: The folder contents could not be displayed. You do not have the permissions necessary to view the contents of Windows Network: laptopaurele. I have no problem reaching the windows 98 and XP from both of my linux machines. I have worked at this now for 4 days now without any luck, can someone help me with the SAMBA/win2000 issue. Thanks in advance for your help. Aurele Cheers.. -- Aurele Meilleur [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Commercially supported Samba
Greathouse, Sheri L wrote: Does anyone know of a commercially provided and supported version of Samba in the United States? Sheri Greathouse EDS - Software Services - AIX Capabilities MS 2o 1075 W. Entrance Drive Auburn Hills, MI 48326 + mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Hewlett-Packard supports Samba (as HP product HP CIFS Server) on HP-UX 11i v1 and v2, with full Response Center, Expert Center, and factory lab support. I have worked with EDS on HP-UX CIFS-Samba sites in the past. Eric Roseme Hewlett-Packard -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Le Wed, Apr 27, 2005 at 01:05:05PM +0200, Per olof Ljungmark a ecrit: Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. at the beginning of smbldap_tools.pm, do you have the print_banner function declared ? Like this : @EXPORT = qw( get_user_dn get_group_dn ... print_banner %config ); -- Jerome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question to the Samba-Developer
Le Wed, Apr 27, 2005 at 03:59:51PM +0200, Holger Wesser a ecrit: add group script = /usr/local/sbin/smbldap-groupadd -p %g by default, it creates a global group. So is there a variable available, that specifies the type of group? You can use the -t option of smbldap-groupadd. Available values are: -t group type set the NT Group type for the new group. Available values are 'domain' (group type 2), 'local' (group type 4) and 'builtin' (group type 5). The default group type is domain (type 2). Note that actual documentations are wrong. The value mus be domain, local or builtin (not 2, 4 or 5). -- Jerome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD Rules in Samba
On Tue, 26 Apr 2005, Tony Earnshaw wrote: Actually, that's not quite correct. There is at least one commercial tool available for Samba that makes it possible to use mmc (the Microsoft Management Console) and many of its snapins (especially Group Policy, but some others work too) to write policy to netlogon and read it in at user logon time. Obviously Samba has to support these :) I have seen such a tool at the CeBIT last year - but they had a GPO-like system that worked besides Samba, basically they re-implemented the GPO stuff independantly of a Domain Controller. -- Regards, Schlomo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question to the Samba-Developer
On Wednesday 27 April 2005 09:54, Jerome Tournier wrote: Le Wed, Apr 27, 2005 at 03:59:51PM +0200, Holger Wesser a ecrit: add group script = /usr/local/sbin/smbldap-groupadd -p %g by default, it creates a global group. So is there a variable available, that specifies the type of group? You can use the -t option of smbldap-groupadd. Available values are: -t group type set the NT Group type for the new group. Available values are 'domain' (group type 2), 'local' (group type 4) and 'builtin' (group type 5). The default group type is domain (type 2). Note that actual documentations are wrong. The value mus be domain, local or builtin (not 2, 4 or 5). In respect of Holger's need however, I am not aware of any way that the required information can be passed from Samba to the add group script. I do not kow of any macro that can be used to pass that information across the great divide between Samba and the script. This means that it may be necessary either to default to management only of a domain group, or else to specify the interface script parameters as: add group script = /opt/IDEALX/sbin/smbldap-groupadd -p %g -t domain Does anyone have better insight into this? - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection reset by peer
On Wed, Apr 27, 2005 at 10:00:29AM +0200, Annette Bitz wrote: Hi! I always get the following messages. What does this mean? smbd[20233]: [2005/04/27 09:58:13, 0] lib/util_sock.c:read_socket_data(384) smbd[20233]: read_socket_data: recv failure for 4. Error = Connection reset by peer It means the client (peer) dropped the connection. We (smbd) don't know why. Look at your clients/network hardware etc. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
Hello, Specifications of the environment: Samba 3.0.13 running on Solaris 8. This is configured as a domain member of a NT4 style PDC. The smb.conf file is provided for details. Problem definition: When trying to access the Samba server from a windows machine through network neighborhood, the system challenges the user for their credentials. On providing the username/password the system rejects the combination. The Samba logs suggest that winbind authentication for the user has failed with the error message NT_STATUS_ACCESS_DENIED. A more detailed log follows. The user has an entry in /etc/passwd and the NT PDC. Can someone help me understand what causes the windbind authentication to fail and report NT_STATUS_ACCESS_DENIED? Snippet of the error message in the log (log level = 10): [2005/04/27 06:12:09, 6] param/loadparm.c:lp_file_list_changed(2707) lp_file_list_changed() file /usr/local/samba/lib/smb.conf - /usr/local/samba/lib/smb.conf last mod_time: Wed Apr 27 06:06:29 2005 [2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info_map(224) make_user_info_map: Mapping user [DOMAINNAME]\[akamdar] from workstation [ASHUTOSH] [2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain DOMAINNAME found. [2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info(132) attempting to make a user_info for akamdar (akamdar) [2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info(142) making strings for akamdar's user_info struct [2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info(184) making blobs for akamdar's user_info struct [2005/04/27 06:12:09, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/04/27 06:12:09, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/04/27 06:12:09, 5] lib/util.c:dump_data(1995) [000] D4 E0 B8 07 5D D1 4B FF ].K. [2005/04/27 06:12:09, 8] lib/util.c:is_myname(1815) is_myname(DOMAINNAME) returns 0 [2005/04/27 06:12:09, 6] auth/auth_sam.c:check_samstrict_security(376) check_samstrict_security: DOMAINNAME is not one of my local names (ROLE_DOMAIN_MEMBER) [2005/04/27 06:12:09, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/04/27 06:12:09, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/04/27 06:12:09, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/04/27 06:12:09, 5] auth/auth_util.c:debug_nt_user_token(485) NT user token: (NULL) [2005/04/27 06:12:09, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/04/27 06:12:09, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/04/27 06:12:09, 5] auth/auth.c:check_ntlm_password(271) check_ntlm_password: winbind authentication for user [akamdar] FAILED with error NT_STATUS_ACCESS_DENIED [2005/04/27 06:12:09, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [akamdar] - [akamdar] FAILED with error NT_STATUS_ACCESS_DENIED [2005/04/27 06:12:09, 5] auth/auth_util.c:free_user_info(1380) attempting to free (and zero) a user_info structure [2005/04/27 06:12:09, 6] lib/util_sock.c:write_socket(449) write_socket(25,112) [2005/04/27 06:12:09, 6] lib/util_sock.c:write_socket(452) write_socket(25,112) wrote 112 [2005/04/27 06:12:09, 3] smbd/process.c:timeout_processing(1334) timeout_processing: End of file from client (client has disconnected). [2005/04/27 06:12:09, 5] lib/gencache.c:gencache_shutdown(88) Closing cache file [2005/04/27 06:12:09, 5] libsmb/namecache.c:namecache_shutdown(79) namecache_shutdown: netbios namecache closed successfully. [2005/04/27 06:12:09, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/04/27 06:12:09, 5] auth/auth_util.c:debug_nt_user_token(485) NT user token: (NULL) [2005/04/27 06:12:09, 5] auth/auth_util.c:debug_unix_user_token(506) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2005/04/27 06:12:09, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/04/27 06:12:09, 2] smbd/server.c:exit_server(609) Closing connections [2005/04/27 06:12:09, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2005/04/27 06:12:09, 5] smbd/oplock.c:receive_local_message(107) receive_local_message: doing select with timeout of 1 ms [2005/04/27 06:12:09, 3] smbd/server.c:exit_server(652) Server exit (normal exit) Snippet of the smb.conf file: [global] dns proxy = no debug timestamp = yes encrypt passwords = yes idmap gid = 15000-2 socket options = TCP_NODELAY max log size = 1024 password server = PASSWORDSERVER idmap uid = 15000-2 security = domain
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
[2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info_map(224) make_user_info_map: Mapping user [DOMAINNAME]\[akamdar] from workstation [ASHUTOSH] Snippet of the smb.conf file: [global] workgroup = DOMAINNAME Is DOMAINNAME really the name of your NT domain? Have you joined this machine to the domain at all? The log that I left above seems to state that you haven't. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
Hi, DOMAINNAME is not the real name of the domain I am joining. I have sanitized the logs for obvious reasons. DOMAINNAME = the real name of the DOMAIN being joined by the server. How do I check if the samba server has joined the domain or not? The net roc join command suggested by the documentation was executed with the smbd,nmbd stopped and it worked just fine. No errors reported. Out of curiousity, what part of the log suggested that the server hasn't joined the domain? Regards, Ash --Original Message- -From: Paul Gienger [mailto:[EMAIL PROTECTED] -Sent: Wednesday, April 27, 2005 05:40 PM -To: 'Ashutosh Kamdar' -Cc: samba@lists.samba.org -Subject: Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED - - -[2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info_map(224) - make_user_info_map: Mapping user [DOMAINNAME]\[akamdar] from workstation [ASHUTOSH] - - - -Snippet of the smb.conf file: - -[global] -workgroup = DOMAINNAME - - -Is DOMAINNAME really the name of your NT domain? - -Have you joined this machine to the domain at all? The log that I left -above seems to state that you haven't. - --- -Paul GiengerOffice: 701-281-1884 -Applied Engineering Inc. -Systems Architect Fax:701-281-1322 -URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba=?ISO-8859-1?Q? 3.0.15?=
John, I certainly didn't mean to sound as though I was bashing the documentation, I am only bashing myself for not being able to figure out what I am doing wrong. The only reason I stressed that my config was straight from the documentation was to provide a clearer picture of my setup, and to point out that I was taking your advice and trying to work through the examples given. I have started again from scratch with samba-3.0.15pre2 and I will send you your requested config files shortly. Thanks, and again, I certainly did not mean to bash the documentation. I fully realize that a lot of work goes into it and I am grateful for samba and all it has done for me over the past 10 years since my first install. Rich Rich, Instead of assuming the examples in the book are wrong, or do not work, just because you can not get them to work, may I suggest that you work with me to fix the documentation so others can avoid your pain. Please send me direct to [EMAIL PROTECTED] the following: -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] RE: CRLF -- LF
No, I don't. But I do know that Samba provides transparent file access -- it has no idea what data is in the files it offers to the clients. It could be a database, a JPEG, a text document, or an executable program. What you suggest would be an extremely bad idea. You need better clients -- it is the clients that interpret the contents of the file. Samba is just another file access method. In the future, do not send blanket email to the Samba developers. Post your questions to the public [EMAIL PROTECTED] mailing list, and read previous responses at the list archives. See http://lists.samba.org for details. PG -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 27, 2005 2:22 PM To: [EMAIL PROTECTED] Subject: CRLF -- LF Hi Paul, I'm trying to set up a samba envirment beetwen a PC (Windows 2000) and a server (UNIX solaris 9.0). When a user is copying a text file, Samba should use ASCII when the file is copied so the file will only have LF (LineFeed) when the file is copied to the server. When the user is copy from UNIX to PC the file will have both CR (CarragieReturn) and LF. When images are copied, samba should use Binary mode. Do you know how I shall do to make this work? Best Regards! Magnus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] groups DOMAIN+user doesn't work
Hello, I see in 3.0.15pre2 relnotes: Fix checks for matching groups in an file ACL against the user's primary and supplementary group list. In 3.0.13: BUG 2521: Fix error in access checks when user group ACLs. Could it be one of these fixes my problem? On Wed, 27 Apr 2005 00:12:56 +0300 (EEST) Nerijus Baliunas [EMAIL PROTECTED] wrote: Hello, I am using winbind (samba 3.0.11). A command groups DOMAIN+user doesn't work for some users: # groups DOMAIN+user1 id: cannot find name for group ID 10073 # groups DOMAIN+user2 DOMAIN+user2 : DOMAIN+domain users DOMAIN+apskaita # getent passwd DOMAIN+user1 DOMAIN+user1:*:10042:1:xxx:/home/DOMAIN/user1:/bin/false # getent passwd DOMAIN+user2 DOMAIN+user2:*:10109:1:xxx:/home/DOMAIN/user2:/bin/false # getent group ... DOMAIN+domain users:x:1: ... BUILTIN+users:x:10073: From winbindd.log: nsswitch/winbindd_group.c:winbindd_getgrgid(400) name 'Users' is not a local or domain group: 5 Because of this problem group permissions for such users (like user1) do not work. Regards, Nerijus -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
DOMAINNAME is not the real name of the domain I am joining. I have sanitized the logs for obvious reasons. Maybe I'm crazily niave, but I'll never understand why things need to be santized that much... password hashes, sure; real world IP addresses, you bet; things that don't matter in the world outside of your network, who cares? Anyway, back to the issue at hand, since we've gotten this out of the way. How do I check if the samba server has joined the domain or not? The net roc join command suggested by the documentation was executed with the smbd,nmbd stopped and it worked just fine. No errors reported. Out of curiousity, what part of the log suggested that the server hasn't joined the domain? Oh, I see I left the wrong line of the log... it was this one: [2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain DOMAINNAME found. Not being a winbind-runner here, I can't offer much beyond pointing at the documentation to be sure you've followed all of the steps there to be sure your setup is sane. -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
Paul Gienger wrote: DOMAINNAME is not the real name of the domain I am joining. I have sanitized the logs for obvious reasons. Maybe I'm crazily niave, but I'll never understand why things need to be santized that much... password hashes, sure; real world IP addresses, you bet; things that don't matter in the world outside of your network, who cares? Anyway, back to the issue at hand, since we've gotten this out of the way. How do I check if the samba server has joined the domain or not? net rpc or net ads testjoin The net roc join command suggested by the documentation was executed with the smbd,nmbd stopped and it worked just fine. No errors reported. Out of curiousity, what part of the log suggested that the server hasn't joined the domain? Oh, I see I left the wrong line of the log... it was this one: [2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain DOMAINNAME found. Not being a winbind-runner here, I can't offer much beyond pointing at the documentation to be sure you've followed all of the steps there to be sure your setup is sane. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question to the Samba-Developer
ons, 27.04.2005 kl. 15.59 skrev Holger Wesser: as mentioned in a thread before, I'm in trouble when trying to add a local group via NT-Usermanager. I think the problem is the following line in the smb.conf: add group script = /usr/local/sbin/smbldap-groupadd -p %g In this case, the only parameter that is handed over to the smbldap-groupadd script is the name of the group (%g). Unfortunately the script doesn't know, which type of group it has to create. By default, it creates a global group. So is there a variable available, that specifies the type of group? I hope, you understand what I mean. I think that local groups can only be added on local machines. By definition a Samba (P|B)DC is not a local machine, at any rate the Samba people never designed it as such. The regular Samba tools, plus the official Samba documentation, plus diverse idiot HOWTOs, only make mention of sambaGroupType 2. The reason for that is, that one can't add local groups to a site-wide DOMAIN database. Reasonable, when one thinks about it. Why the smbldap scripts should infer that one can I dunno. They do other useless things, too, that prohibit me from using them at all. --Tonni -- Nothing sucksseeds like a pigeon without a beak ... mail: [EMAIL PROTECTED] http://www.billy.demon.nl They'll love us, won't they? They feed us, don't they? ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as a PDC with LDAP and Kerberos
So I think I have the steps needed to get this all working, but I think I have a chicken/egg problem now. In order to join a machine to the Samba PDC Domain, you need to either use a uid 0 user or one that has the SeMachineAccountPrivilege (3.0.11+) privilege . This user must also be able to read and write to many pieces of the LDAP directory. Now, I really would rather not have uid 0 users in LDAP, so that leaves me with the privileges. However, in order to assign privileges to a user or group, you must login as a Domain Admins user. Now, by default the Domain Admins group doesn't have these privileges by default so you must use a uid 0 user to get these privileges assigned. However, since I don't have a uid 0 user in LDAP, Samba doesn't recognize root as a valid user (passdb backend = ldapsam). And from what I can tell, the updated schema with 3.0.11 got rid of the sambaPrivilegesList has been removed so that privileges can only be assigned using net rpc rights. So, is there a way to get it to a point where a normal user in the Domain Admins group can join machine and add Samba Accounts, etc without requiring a uid 0 user to be in LDAP. Also, what pieces are really needed to join a machine to the Samba Domain. And what and who needs to be able to read/write LDAP for this to happen? Pieces I've identified so far. Things starting with '?' I'm not sure about. - Domain Users, Domain Admins, and Domain Guests groups exist with valid sambaSIDs (posixGroup and sambaGroupMapping) - Domain Admins group has the SeMachineAccountPrivilege privilege - a sambaDomainName object with a valid sambaSID - a user (posixAccount and sambaSamAccount) who has a valid uid, sambaSID, whose SID is in the the Domain Admins sambaSIDList ? A machine user (posixAccount sambaSamAccount) with a valid uid and sambaSID and whose parent LDAP tree is listed as a passwd search path for NSS My last question is this. Does the above user listed above have to have write access to the LDAP directory or does only the samba user whose password is stored in private/secrets.tdb need write access to the directory? Because I'm using Kerberos as my authentication scheme, in order to write to the directory you must have an admin principal (userfoo/admin). However, these principals should not be in LDAP with UIDs because they're never used in that aspect. Does any of this make sense, or am I just thoroughly confused? Let me rephrase a bit. Is there a way to use Samba as a PDC with an LDAP backend and use pam_smbpass to keep the passwords sync'd between the Kerberos side and the Samba side? That way the Windows clients join the domain using only the LDAP information not knowing about the Kerberos side of things? I just removed the Kerberos information from my Windows client and tried only using, as far as I can tell, the LDAP information and the client still comes back saying the user name is unknown. On Sat, 2005-04-23 at 08:07 -0500, Ti Leggett wrote: Ok, so I'm just trying to figure out my options here. I can: - Use local accounts and local passwords - Use Kerberos for authentication, but only with local user accounts - Use a Samba PDC with and LDAP backend for accounts and password if and only if the windows clients are not bound to a Kerberos realm Is this correct? In the third case, let's say I have a way to sync Kerberos passwords and LDAP sambaNTPasswords. Shouldn't it work then? Or what am I missing? I know I can't create an AD domain, but I'm not trying to. AD is combination of a lot more than just Kerberos and LDAP. I'm curios how Apple does what seems to be just this with their OpenDirectory, which is only MIT Kerberos, OpenLDAP, Cyrus SASL, and Samba 3.0 (at least they claim it's only this). On Fri, 2005-04-22 at 18:52 -0500, Franco Sensei wrote: Ti Leggett wrote: I've been searching and researching this and I can't seem to find the answers I'm looking for. I'd like to setup a Samba PDC that Windows clients will join. The PDC will use an LDAP backend to get authorization information (username, home directory, etc). The authentication portion is handled by an MIT Kerberos KDC. I think I'm real close to having it all together but I'm not sure. I have the Windows client setup to point at my KDC so authentication *should* be coming from there once the authorization portion is going. Hehehe, it's been a year trying to do that... but no way! I'm sorry to tell you, but what you want is a replacement of AD... in no way windows will know about ldap and mit, without an AD domain. So first question is, are sambaLMPassword and sambaNTPassword still needed in LDAP for each user? Here's the output from ksetup /dumpstate: Machine is not configured to log on to an external KDC. Probably a workgroup member EXAMPLE.COM: kdc = kdc1 server kdc = kdc2 server kpasswd = kpasswd server Realm Flags = 0x0 none No user mappings defined.
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
On Wednesday 27 April 2005 11:32, Ashutosh Kamdar wrote: Hello, Specifications of the environment: Samba 3.0.13 running on Solaris 8. This is configured as a domain member of a NT4 style PDC. The smb.conf file is provided for details. Problem definition: When trying to access the Samba server from a windows machine through network neighborhood, the system challenges the user for their credentials. On providing the username/password the system rejects the combination. The Samba logs suggest that winbind authentication for the user has failed with the error message NT_STATUS_ACCESS_DENIED. A more detailed log follows. The user has an entry in /etc/passwd and the NT PDC. Have you read out documentation? Did you check chapter 7 of the book Samba-3 by Example? You can download this from: http://www.samba.org/samba/docs/Samba-Guide.pdf The steps described should work on Solaris just as on Linux (the documented case). Did you join the Samba server to the domain? The process for doing that is: net rpc join -S PDC_name -UAdministrator%password Can someone help me understand what causes the windbind authentication to fail and report NT_STATUS_ACCESS_DENIED? Snippet of the error message in the log (log level = 10): [2005/04/27 06:12:09, 6] param/loadparm.c:lp_file_list_changed(2707) lp_file_list_changed() file /usr/local/samba/lib/smb.conf - /usr/local/samba/lib/smb.conf last mod_time: Wed Apr 27 06:06:29 2005 [2005/04/27 06:12:09, 5] auth/auth_util.c:make_user_info_map(224) make_user_info_map: Mapping user [DOMAINNAME]\[akamdar] from workstation [ASHUTOSH] [2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) no entry for trusted domain DOMAINNAME found. The above line would suggest that you did not join the Samba server to the domain. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: =?iso-8859-1?q?smaba=093=2E0=2E15?=
On Wednesday 27 April 2005 12:14, rich foo wrote: John, I certainly didn't mean to sound as though I was bashing the documentation, I am only bashing myself for not being able to figure out what I am doing wrong. The only reason I stressed that my config was straight from the documentation was to provide a clearer picture of my setup, and to point out that I was taking your advice and trying to work through the examples given. I have started again from scratch with samba-3.0.15pre2 and I will send you your requested config files shortly. Thanks, and again, I certainly did not mean to bash the documentation. I fully realize that a lot of work goes into it and I am grateful for samba and all it has done for me over the past 10 years since my first install. Rich, I am not emotionally attached to the documentation, but I do want to get it right. The current documentation update provides numerous checks and balances against common typographic mistakes. Whereever it makes sense in the current documentation update I am adding checks and validation steps to weed-out commonly made mistakes. My approach to the documentation has been shaped by feedback from this list. I know the documentation is mostly correct - we have had enough feedback that it works that I am not in doubt about the documentation. That said, if anyone can justly claim to have followed the documentation, and it did not work, then as far as I am concerned the documentation has failed! No questions - it failed. The documentor's challenge is to write in such a way that every step is designed to catch errors. That means that any error that you make in following the documentation IS my problem. PS: Since Samba is open source, user contributed software, that by definition means that this is a community problem also. In other words, if you allow me to get away with buggy documentation that is your fault as a user, as much as it is my fault as the writer. So, blast away please. Let's get it right! Please give me all the criticism of the documentation you can think of. I want it all and I want it full-on. - John T. Rich Rich, Instead of assuming the examples in the book are wrong, or do not work, just because you can not get them to work, may I suggest that you work with me to fix the documentation so others can avoid your pain. Please send me direct to [EMAIL PROTECTED] the following: -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED
Thank you for pointing this out, Paul. I was assuming this to be some sort of cache for previously accesses to machines in the domain. But, I was wrong. The Samba HOW-TO documentation does not say anything specific about configuring winbind while becoming a part of the NT domain. Are there any tools that the group is aware of to test whether the samba server is indeed a domain member? Any help is appreciated. Thanks, Ash --Original Message- -From: Paul Gienger [mailto:[EMAIL PROTECTED] -Sent: Wednesday, April 27, 2005 06:26 PM -To: 'Ashutosh Kamdar' -Cc: samba@lists.samba.org -Subject: Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED - - -DOMAINNAME is not the real name of the domain I am joining. I have sanitized the logs for obvious reasons. - -Maybe I'm crazily niave, but I'll never understand why things need to be -santized that much... password hashes, sure; real world IP addresses, -you bet; things that don't matter in the world outside of your network, -who cares? Anyway, back to the issue at hand, since we've gotten this -out of the way. - -How do I check if the samba server has joined the domain or not? The net roc join command suggested by the documentation was executed with the smbd,nmbd stopped and it worked just fine. No errors reported. Out of curiousity, what part of the log suggested that the server hasn't joined the domain? - - -Oh, I see I left the wrong line of the log... it was this one: - -[2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) - no entry for trusted domain DOMAINNAME found. - - -Not being a winbind-runner here, I can't offer much beyond pointing at -the documentation to be sure you've followed all of the steps there to -be sure your setup is sane. - --- -Paul GiengerOffice: 701-281-1884 -Applied Engineering Inc. -Systems Architect Fax:701-281-1322 -URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] - - - - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3 performance
Hey Darcy, I'm drooling over your setup. RAID6, way cool. 60MB/sec is double what we are getting. I'm stuck thinking it's some default XP Pro configuration that's keeping us at 30MB/sec. Did you have any trouble getting XP Pro above 30MB/sec? Doesn't sound like it. Anyway, did you enable jumbo frames in your switches and NIC drivers? Also, in your smb.conf, did you try tweeking with the socket options. such as: socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 Hope that helps, but I doubt it, you probably already tried that stuff. Alex On Wed, 27 Apr 2005, Darcy Bangsund wrote: Hey Alexander Having similar issues as you were on the same hardware. I was wondering if you ended up making any progress on this ? and what you ended up doing I've benchmarked my drive arrays at up to 240 GB/sec each and I consistently move only about 60 - 80 MB of data through samba. At the same time I'm able to conduct NFS transfers to clinets up to around 80 MB /sec but samba always stay's around 60ish. I used to get double the performance running a dual 3 ghz XEON on an SGI redhat9 2.4 kernel with drives that would benchmark half as fast. What am I missing ? Server Quad intel nic e1000 fc3 ( admittedly an older kernel but shouldn't matter to much)2.6.9 Opteron 246 on tyan mobo Qlogic 2342 controller 2 fibre chassis/Areca controllers/RAID6/ 16 x SATA RAID XFS fs Workstations W2K service pack 4 Switches 1 x Foundry layer 3 fastiron 3 x Foundry layer 2 edgeiron - Original Message - From: Alexander Lazarevich [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, February 25, 2005 4:42 PM Subject: RE: [Samba] samba 3 performance Marc, Thanks for the feedback. I've got a dual 64-bit opteron system (246), going to run FC3, and I'll try to get 75+MB/sec from samba 3 - windows xp client. I'll let you know the results. Alex On Fri, 25 Feb 2005, Kaplan, Marc wrote: Yes, I get more than 30MB/s performance. The benchmark I use (NetBench) is essentially CPU bound, such that a faster processor = faster performance. With a very fast hardware config (dual 3.2GHz processors), I've been able to hit around 100MB/s. Changing the RAM or other attributes does not buy me much, it seems that processor power is the bottleneck (at least in my case). When doing your speed test, monitor the CPU utilization for smbd, and see if it's at 100% of your linux server. -Marc -Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Alexander Lazarevich Sent: Thursday, February 24, 2005 11:36 AM To: samba@lists.samba.org Subject: [Samba] samba 3 performance Does anyone succesfully get more than 60MB/sec sequential throughput, WITHOUT jumbo frames, with the following configuration: samba 3 on RedHat linux server windows XP Pro workstations GigE NIC's and GigE switches Assuming all the disks/buses on the server and client ends are capable of those speeds. We have that exact setup, and we only get 30MB/sec maximum sequential throughput. In fact our servers and clients disk benchmark at more than 100MB/sec seq. throughput, and our netperf is 100MB/sec as well, but we still only get 30MB/sec when going through samba. Also, we actually do not manage our network switches, and we are told the switches do not support jumbo frames, so changing the MTU on the client NIC's and samba get's us nowhere because the switches won't do it anyway. Mostly I'm just trying to find out if anyone get's decent GigE network throughput through samba 3. I want to rule out that samba is the bottleneck. Thanks, Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as a PDC with LDAP and Kerberos
[EMAIL PROTECTED] wrote: So I think I have the steps needed to get this all working, but I think I have a chicken/egg problem now. snip So, is there a way to get it to a point where a normal user in the Domain Admins group can join machine and add Samba Accounts, etc without requiring a uid 0 user to be in LDAP. The sambaSamAccount entry for root needs to be in the LDAP directory, but the rest of the account doesn't. We have an entry for the root account in our LDAP directory that only has the following non-Samba attributes defined: dn: uid=root,dc=jbc,dc=edu objectClass: account objectClass: sambaSamAccount uid: root displayName: root cn: root Although this technically means that there is a uid 0 user in LDAP, it's only a uid 0 user as far as Samba is concerned; Linux/Unix won't recognize the LDAP portion of the root account as being a valid user. From what I've read, this setup won't work if you set ldapsam:trusted = yes in smb.conf, but it will work long enough to assign privileges then set ldapsam:trusted. Also, what pieces are really needed to join a machine to the Samba Domain. And what and who needs to be able to read/write LDAP for this to happen? Pieces I've identified so far. Things starting with '?' I'm not sure about. - Domain Users, Domain Admins, and Domain Guests groups exist with valid sambaSIDs (posixGroup and sambaGroupMapping) - Domain Admins group has the SeMachineAccountPrivilege privilege Correct. - a sambaDomainName object with a valid sambaSID It's a sambaDomain object, not a sambaDomainName object. I'm pretty sure that Samba will create this for you if it doesn't exist. - a user (posixAccount and sambaSamAccount) who has a valid uid, sambaSID, whose SID is in the the Domain Admins sambaSIDList Correct. ? A machine user (posixAccount sambaSamAccount) with a valid uid and sambaSID and whose parent LDAP tree is listed as a passwd search path for NSS Generally unnecessary. Although you can create it yourself, it's easier to set up an add machine script (such as that provided by the Idealx smbldap-tools, if you're using those) and let it take care of this for you. Chapter 6 of the Samba-HOWTO has more information on how machine trust accounts are created. My last question is this. Does the above user listed above have to have write access to the LDAP directory or does only the samba user whose password is stored in private/secrets.tdb need write access to the directory? Only the Samba user (whoever you specify as the ldap admin dn) needs write access. Because I'm using Kerberos as my authentication scheme, in order to write to the directory you must have an admin principal (userfoo/admin). However, these principals should not be in LDAP with UIDs because they're never used in that aspect. Sorry, I'm not familiar with Kerberos. Josh Kelley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind and NTLM authentication problems =?utf-8?q?-=09NT=5FSTATUS=5FACCESS=5FDENIED?=
On Wednesday 27 April 2005 12:58, Ashutosh Kamdar wrote: Thank you for pointing this out, Paul. I was assuming this to be some sort of cache for previously accesses to machines in the domain. But, I was wrong. The Samba HOW-TO documentation does not say anything specific about configuring winbind while becoming a part of the NT domain. Are there any tools that the group is aware of to test whether the samba server is indeed a domain member? OK - I'll bite. When you have figured out how to solve the problem please, please give me documentation updates so we can fix this glaring deficiency. In the mean time, I would appreciate a pointer the the section numbers of the documentation that you did read and that did not provide the necessary answer. I am in the process of updating the Samba-HOWTO-Collection and would like to close the gap as soon as possible. Thanks for pointing out a problem area. Meanwhile, May I suggest chapter 7 of the book Samba-3 by Example, also known as the Samba-Guide. You can download it from: http://www.samba.org/samba/docs/Samba-Guide.pdf It may help a lot. (Then again, it may not). - John T. Any help is appreciated. Thanks, Ash --Original Message- -From: Paul Gienger [mailto:[EMAIL PROTECTED] -Sent: Wednesday, April 27, 2005 06:26 PM -To: 'Ashutosh Kamdar' -Cc: samba@lists.samba.org -Subject: Re: [Samba] winbind and NTLM authentication problems - NT_STATUS_ACCESS_DENIED - - -DOMAINNAME is not the real name of the domain I am joining. I have sanitized the logs for obvious reasons. - -Maybe I'm crazily niave, but I'll never understand why things need to be -santized that much... password hashes, sure; real world IP addresses, -you bet; things that don't matter in the world outside of your network, -who cares? Anyway, back to the issue at hand, since we've gotten this -out of the way. - -How do I check if the samba server has joined the domain or not? The net roc join command suggested by the documentation was executed with the smbd,nmbd stopped and it worked just fine. No errors reported. Out of curiousity, what part of the log suggested that the server hasn't joined the domain? - - -Oh, I see I left the wrong line of the log... it was this one: - -[2005/04/27 06:12:09, 5] libsmb/trustdom_cache.c:trustdom_cache_fetch(184) - no entry for trusted domain DOMAINNAME found. - - -Not being a winbind-runner here, I can't offer much beyond pointing at -the documentation to be sure you've followed all of the steps there to -be sure your setup is sane. - --- -Paul GiengerOffice: 701-281-1884 -Applied Engineering Inc. -Systems Architect Fax:701-281-1322 -URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] - - - - -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3 performance
Guys, To add to this info. The last benchmarks I did were in 2003. Within the next two months I will benchmark a new system that will have dual 3Ware SATA RAID controllers each with 6 high performance drives in an Opteron system. I am anxious to see the performance stats, particularly compared against the previous stats on an AMD dual CPU system with a single 3Ware IDE RAID controller and 4x60GB WD 7200 rpm drives - 452MBytes/sec peak I/O with samba, and a peak sustainable write rate of 115 MBytes/sec. That write rate nose dives badly with concurrent mutiple file write activity and/or read activity that causes significant seek activity on the drives in the RAID array. In summary: The biggest bottleneck in Samba implementations are: a) CPU bandwith b) Memory c) Disk I/O bandwidth In most cases I have found the default socket options with the 2.4.x and 2.6.x kernels quite adequate. - John T. On Wednesday 27 April 2005 13:00, Alexander Lazarevich wrote: Hey Darcy, I'm drooling over your setup. RAID6, way cool. 60MB/sec is double what we are getting. I'm stuck thinking it's some default XP Pro configuration that's keeping us at 30MB/sec. Did you have any trouble getting XP Pro above 30MB/sec? Doesn't sound like it. Anyway, did you enable jumbo frames in your switches and NIC drivers? Also, in your smb.conf, did you try tweeking with the socket options. such as: socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 Hope that helps, but I doubt it, you probably already tried that stuff. Alex On Wed, 27 Apr 2005, Darcy Bangsund wrote: Hey Alexander Having similar issues as you were on the same hardware. I was wondering if you ended up making any progress on this ? and what you ended up doing I've benchmarked my drive arrays at up to 240 GB/sec each and I consistently move only about 60 - 80 MB of data through samba. At the same time I'm able to conduct NFS transfers to clinets up to around 80 MB /sec but samba always stay's around 60ish. I used to get double the performance running a dual 3 ghz XEON on an SGI redhat9 2.4 kernel with drives that would benchmark half as fast. What am I missing ? Server Quad intel nic e1000 fc3 ( admittedly an older kernel but shouldn't matter to much)2.6.9 Opteron 246 on tyan mobo Qlogic 2342 controller 2 fibre chassis/Areca controllers/RAID6/ 16 x SATA RAID XFS fs Workstations W2K service pack 4 Switches 1 x Foundry layer 3 fastiron 3 x Foundry layer 2 edgeiron - Original Message - From: Alexander Lazarevich [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, February 25, 2005 4:42 PM Subject: RE: [Samba] samba 3 performance Marc, Thanks for the feedback. I've got a dual 64-bit opteron system (246), going to run FC3, and I'll try to get 75+MB/sec from samba 3 - windows xp client. I'll let you know the results. Alex On Fri, 25 Feb 2005, Kaplan, Marc wrote: Yes, I get more than 30MB/s performance. The benchmark I use (NetBench) is essentially CPU bound, such that a faster processor = faster performance. With a very fast hardware config (dual 3.2GHz processors), I've been able to hit around 100MB/s. Changing the RAM or other attributes does not buy me much, it seems that processor power is the bottleneck (at least in my case). When doing your speed test, monitor the CPU utilization for smbd, and see if it's at 100% of your linux server. -Marc -Original Message- From: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] On Behalf Of Alexander Lazarevich Sent: Thursday, February 24, 2005 11:36 AM To: samba@lists.samba.org Subject: [Samba] samba 3 performance Does anyone succesfully get more than 60MB/sec sequential throughput, WITHOUT jumbo frames, with the following configuration: samba 3 on RedHat linux server windows XP Pro workstations GigE NIC's and GigE switches Assuming all the disks/buses on the server and client ends are capable of those speeds. We have that exact setup, and we only get 30MB/sec maximum sequential throughput. In fact our servers and clients disk benchmark at more than 100MB/sec seq. throughput, and our netperf is 100MB/sec as well, but we still only get 30MB/sec when going through samba. Also, we actually do not manage our network switches, and we are told the switches do not support jumbo frames, so changing the MTU on the client NIC's and samba get's us nowhere because the switches won't do it anyway. Mostly I'm just trying to find out if anyone get's decent GigE network throughput through samba 3. I want to rule out that samba is the bottleneck. Thanks, Alex -- To unsubscribe from this list go to the following URL and read the instructions:
Re: [Samba] HELP!! Only some machines connect to samba
What us your backend : - LDAP - smbpasswd If you execute pdbedit -Lv user with a user OK and a bad user, are there some difference. And what is the message from windows client . HAve you some errors message in samba logs. Caroly Arenas a écrit : Sorry, I got Samba 3.0.10-1, in a Fedora Core 3 Linux. Windows 2000 professional... Yes, the same user connect to certain machines, not to all And some users try to connect to that same machine that the earlier user logged in and they can't. What could it be??? On 4/26/05, Stéphane Purnelle [EMAIL PROTECTED] wrote: Please, more information !!! What is the error message It's with the same user - samba version - backend type - OS version (linux, AIX, ...) Caroly Arenas a écrit : Hi list, I got a strange problem here, i got 33 machines, all with Windows 2000. The thing is that some of them connect others don't, all with the exact same configuration. Same thing happen with users, some connect some don't. I have been looking around for a solution and found nothing. Please HELP!!! -- Stéphane Purnelle [EMAIL PROTECTED] Site Web : http://www.linuxplusvalue.be -- Stéphane Purnelle [EMAIL PROTECTED] Site Web : http://www.linuxplusvalue.be -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with performance since replacing mainserver
Last week I lost my main samba server on my network. It was a domain server with 20 users on it and it was working like a champ till it lost its main drive. I was backing up the data and pertinent config files on a backup server. This server was not a backup domain server. I was just storing data and these files on it. The files consisted of passwd, group, shadow, smb.conf, secrets.tdb smbusers and smbpasswd. I copied all these files in the right places in /etc and /etc/samba and then had to rebuild my windows groups using net groupmap modify. I used rsync to mirror the servers so the permissions and file locations were the same as the original server. When I brought the backupserver up as the mainserver, I had to have each user rejoin the domain. But since I have done this, the performance has be horrible. I know I have probably messed up some important tdb files. here is my smb.conf below. Any help would be appreciated. # Global parameters [global] log level = 3 log file = /var/log/smb.log workgroup = Keysystems netbios name = mainserver encrypt passwords = Yes username map = /etc/samba/smbusers passdb backend = tdbsam, smbpasswd server string = Domain master = Yes local master = Yes preferred master = Yes os level = 65 time server = Yes domain logons = Yes logon path = \\%L\profiles\%U logon script = logon.bat logon drive = H: add user script = /usr/sbin/useradd -d /data/home/%u %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -d /dev/null -g 529 -s /bin/false -M %u browsable = Yes oplocks = No level2 oplocks = No security = user lock spin count = 30 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n *Password*changed* unix password sync = yes passwd program = /usr/bin/passwd %u wins support = yes name resolve order = wins lmhosts hosts bcast [netlogon] path = /data/netlogon guest ok = Yes browseable = Yes [profiles] path = /data/profiles browseable = Yes read only = no create mask = 600 directory mask = 700 profile acls = yes [home] browsable = yes read only = No writable = Yes path = /data2/home/%u create mask = 0664 directory mode = 0774 force group = everyuser [sbt] read only = No writable = Yes valid users = @sbt path = /data/sbt browsable = yes force group = sbt force user = geckerdt create mask = 664 force directory mode = 774 [act] read only = No writable = Yes valid users = @act path = /data/act browsable = yes force group = act force user = geckerdt create mask = 664 force directory mode = 774 [sharedir] read only = No writable = Yes valid users = @shared path = /data/shareddir browsable = yes force group = shared create mask = 0664 directory mode = 0774 [testdir] read only = No writable = Yes valid users = @shared path = /data/test browsable = yes force group = shared create mask = 0664 directory mode = 0774 [everyuser] read only = No writable = Yes valid users = @everyuser path = /data2/home force group = everyuser browsable = yes create mask = 0664 directory mode = 0774 [webpages] readonly = No writable = Yes valid users = @keysys path = /www force group = keysys force user = keysys create mask = 0664 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Installing network printers for roaming users
Hi, I'm configuring a network with RH9(samba 2.2.7) and Windows XP SP2 clients. All my users are roaming users and they login/logou without problems. I have 2 printers in one Windows XP workstation thar are shared. I login as a local (administrator) user in another workstation, install the network printers. Then, I logout from the local user and when I login with the roaming users, the network printers does not appears. If I login again with the local user, the printers are installed. So, my question is, how do I configure network printers for roaming users? Many thanks, Oliver -- Oliver Schulze L. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind can't differ ramifications in a Active Directory forest
This has really been a problem to me. I'm currently working in an AD forest with about 12 ramifications, all of them with at least 2 DC (some of them have more). The problem is: although I did set my local DC's in password server, in the smb.conf, after I start the winbindd daemon, my linux client starts comunicating with all DC's over the forest. wbinfo -t, -g, -u and so on... they all take an average of 20 minutes to give me the answer (although they do give me the right answers). I can't manage to login either because of timeout, most probably. I tried everywhere, and didn't manage to get my answers. I'm almost giving up. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] =?iso-8859-1?q?=A1Ofertas_en_Equipo_Armado=2C_Impresora_?= =?iso-8859-1?q?Laser_Samsung_y_productos_Wireless_3COM!?=
si no puede ver este email, ingrese aquiacute; *Disponibilidad y precio de los productos puacute;blicados en este email pueden variar sin previo aviso. PRECIOS SON VALIDOS SOLAMENTE POR PAGO EN EFECTIVO O CHEQUE AL DIA. www.bip.cl - [EMAIL PROTECTED] Casa Matriz Avda. Pocuro 2114, Providencia Fono: 3813030 Fax 3813040 [EMAIL PROTECTED] Sucursal Santiago Centro Moneda 772 Local 102-D Fono: 3801516 Concepcion San Martin 1380 Fono: 41-226265 Sucursal Temuco Andres Bello 844 Fono: 45-744801 / 45-744802 Fax: 45-731018 Sucursal Puerto Montt Baquedano 119 Local 2 Fono: 65-285600 Si no desea seguir recibiendo noticias nuestras, por favor responda este mail a la direccioacute;n: [EMAIL PROTECTED] indicando borrar de lista en el Asunto o Referencia del mensaje y automaacute;ticamente seraacute; removido de nuestra base de datos. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba + Clipper too slow
Hi everybody! We've a legacy application based on Clipper, very important for the company. And we want to share the database and program files through a samba server with Gentoo Linux. But, when the users mapping the resource with a Windows 98, 2K or XP client, the application run VERY VERY slow. This application has been shared with Windows 98, 2K or XP and run too much faster than Samba. We tried tuning the smb.conf modifying parameters: oplock, lock spin time, etc... We have read the documentation about SAMBA in: http://www.oreilly.com/catalog/samba/chapter/book/appb_02.html http://www.drouillard.ca/TipsTricks/Samba/Oplocks.htm We've tried with different schemas: Filesystems: ext3, reiserfs, xfs, vfat with and without LVM2 and tried again, but with the same result: the application run VERY slow. Any clues on what could be the problem? and how to solve them? Beforehand thanks! The hardware in the server is: Processor Intel Pentium 4 HT @ 2.80GHz RAM 512MB DDR HDD 80GB SATA NIC Broadcom NetXtreme BCM5751 Gigabit Ethernet samba version: 3.0.10 Gentoo version: 2005.0 kernel version: 2.6.11 and the last smb.conf version: # Global Settings == [global] # Server Naming Options workgroup = WORLD netbios name = myserver server string = This is my Server in Linux %v # Messaging Options # message command = sh -c '/usr/local/bin/wmpopup samba %s %f;rm %s' # message command = echo %f %m %s |/usr/bin/smbclient -M anymachine # message command = cat %s |/usr/bin/smbclient -M anymachine # preexec = echo Welcome %u to MyServer |/usr/bin/smbclient -M %m # Logging Options log file = /var/log/samba/%m.log max log size = 50 log level = 1 # Performance Options getwd cache = yes use sendfile = no # lock spin time = 15 # lock spin time = 30 # Netperf - 5s # lock spin time = 45 # Netperf - 4s # lock spin time = 60 # Netperf - 4s lock spin time = 45 lock spin count = 10 dos filetimes = yes oplocks = no level2 oplocks = no change notify timeout = 300 lpq cache time = 30 # max xmit = 32768 # more than 5:55 # read raw = yes # write raw = yes # max xmit = 65535 # dead time = 60 # shared mem size = 6291456 # No se reconoce # read prediction = no # No se reconoce # Security and Domain Membership Options security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd #hosts allow = 192.168.1.0/255.255.255.0 # Networking Options interfaces = eth0 lo bind interfaces only = yes socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY # Browser Option domain master = no preferred master = no os level = 64 local master = no remote browse sync = 192.168.1.255 dns proxy = no wins proxy = no wins server = 192.168.1.10 name resolve order = lmhosts hosts wins bcast # Administration Options admin users = admin map to guest = bad user # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes create mask = 0644 directory mask = 0775 # [netlogon] # comment = Network Logon Service # path = /var/lib/samba/netlogon # guest ok = yes # writable = no # [Profiles] # path = /var/lib/samba/profiles # browseable = no # guest ok = yes [MyClipperApp] comment = The Clipper App path = /home/clipper writable = yes browseable = yes # Security valid users = clipper @users write list = clipper @users admin users = clipadm create mask = 0664 directory mask = 0775 delete readonly = yes force user = clipper force group = users # Tuning oplocks = no level2 oplocks = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SOS (seting up SWAP)
Hi: My english is very bad but I will try to explain that it We need. We work at Library of Ministry of Economy. We use one Linux Server with Samba 3.07 (mainly it has data files, CDS/ISIS databases and It application (from Unesco)). Right now, the administrator are Information System's people from Ministry.We need in some case not only to track what user are connected and what files they are using, we need in special case to unconneted (o cut off the connection) because we need to up date some databases and If it is in use we couldn't to do this. So, The Information System's people set up SWAT for us, but this tool don't allow to unconnected users. It only allow to see the Home, Status, View ans Password. My question is: Is it possible, by configuration, to allow us to unconnected user from some files at option Status. If it is yes, please, tell us how they can do that. And talking about Status: is possible to change the Refresh Interval´s seconds amonut??. And when one make Refresh why the date and time doesn't change. Thank you in advance for your answer. Best Regards -- Marta R. Lozano -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Unable to get PDC to authenticate id for access
I am in the process of upgrading Samba from version 3.0.1 to 3.0.14a. The AIX team applied maintenance that sent the samba processes into some sort of loop which was impacting the machines. We were able to upgrade one of the unix servers with no issues but I cannot get the other one to work. We have 3 unix machines with samba that are working properly within this domain (the other 2 are still at 3.0.1 and did not have the AIX maintenance applied) but one of them is causing me problems. Here is a small excerpt from the log: [2005/04/27 15:27:20, 0] auth/auth_domain.c:connect_to_domain_password_server(118) connect_to_domain_password_server: unable to setup the NETLOGON credentials to machine GDVP7SSTDC03. Error was : NT_STATUS_ACCESS_DENIED. [2005/04/27 15:27:20, 3] libsmb/cliconnect.c:cli_start_connection(1406) Connecting to host=GDVP7SSTDC03 [2005/04/27 15:27:20, 3] lib/util_sock.c:open_socket_out(752) Connecting to 10.85.96.117 at port 445 [2005/04/27 15:27:20, 3] rpc_client/cli_netlogon.c:cli_nt_setup_creds(290) cli_nt_setup_creds: auth2 challenge failed NT_STATUS_ACCESS_DENIED [2005/04/27 15:27:20, 0] auth/auth_domain.c:connect_to_domain_password_server(118) connect_to_domain_password_server: unable to setup the NETLOGON credentials to machine GDVP7SSTDC03. Error was : NT_STATUS_ACCESS_DENIED. [2005/04/27 15:27:20, 0] auth/auth_domain.c:domain_client_validate(170) domain_client_validate: Domain password server not available. [2005/04/27 15:27:20, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [spincia] - [spincia] FAILED with error NT_STATUS_TRUSTED_RELATIONSHIP_FAILURE It appears to block access to the NT machine to authenticate the ID. I have re-joined the domain multiple times with no luck. It is configured to use security = domain and use NT authentication. We have been successfully using Samba with this config for a few years and this is the first time we are running out of ideas to get around this problem. Any ideas to assist in troubleshooting this issue would be greatly appreciated. Steve Pinciak Ingenix This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any dissemination, distribution or copying of this e-mail is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SOS (seting up SWAP)
Hi, We saw your question from the first posting. This is a user-supported list. We are all rather busy with our normal work. If your need is urgent you may want to consider paid support. Details of paid for support providers are available from the Samba web site. On Wednesday 27 April 2005 14:23, Marta R. Lozano wrote: Hi: My english is very bad but I will try to explain that it We need. We work at Library of Ministry of Economy. We use one Linux Server with Samba 3.07 (mainly it has data files, CDS/ISIS databases and It application (from Unesco)). Right now, the administrator are Information System's people from Ministry.We need in some case not only to track what user are connected and what files they are using, we need in special case to unconneted (o cut off the connection) because we need to up date some databases and If it is in use we couldn't to do this. So, The Information System's people set up SWAT for us, but this tool don't allow to unconnected users. It only allow to see the Home, Status, View ans Password. My question is: Is it possible, by configuration, to allow us to unconnected user from Yes, if you log into SWAT as the 'root' account. You will need to kill connections, not users. some files at option Status. If it is yes, please, tell us how they can do that. See above. And talking about Status: is possible to change the Refresh Interval´s seconds amonut??. And when one make Refresh why the date and time doesn't change. That will require some diagnostics work to find the answer. Your information is not sufficient to provide a meaningful answer at this time. - John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with performance since replacing mainserver
Richmond Dyes wrote: I think I may have figured out the problem. I found the name of the backupserver in the host file pointing to 127.0.0.1. I changed the field to mainserver and it seems to have fixed the problem. Last week I lost my main samba server on my network. It was a domain server with 20 users on it and it was working like a champ till it lost its main drive. I was backing up the data and pertinent config files on a backup server. This server was not a backup domain server. I was just storing data and these files on it. The files consisted of passwd, group, shadow, smb.conf, secrets.tdb smbusers and smbpasswd. I copied all these files in the right places in /etc and /etc/samba and then had to rebuild my windows groups using net groupmap modify. I used rsync to mirror the servers so the permissions and file locations were the same as the original server. When I brought the backupserver up as the mainserver, I had to have each user rejoin the domain. But since I have done this, the performance has be horrible. I know I have probably messed up some important tdb files. here is my smb.conf below. Any help would be appreciated. # Global parameters [global] log level = 3 log file = /var/log/smb.log workgroup = Keysystems netbios name = mainserver encrypt passwords = Yes username map = /etc/samba/smbusers passdb backend = tdbsam, smbpasswd server string = Domain master = Yes local master = Yes preferred master = Yes os level = 65 time server = Yes domain logons = Yes logon path = \\%L\profiles\%U logon script = logon.bat logon drive = H: add user script = /usr/sbin/useradd -d /data/home/%u %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -d /dev/null -g 529 -s /bin/false -M %u browsable = Yes oplocks = No level2 oplocks = No security = user lock spin count = 30 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 passwd chat = *New*Password* %n\n *Re-enter*new*password* %n\n *Password*changed* unix password sync = yes passwd program = /usr/bin/passwd %u wins support = yes name resolve order = wins lmhosts hosts bcast [netlogon] path = /data/netlogon guest ok = Yes browseable = Yes [profiles] path = /data/profiles browseable = Yes read only = no create mask = 600 directory mask = 700 profile acls = yes [home] browsable = yes read only = No writable = Yes path = /data2/home/%u create mask = 0664 directory mode = 0774 force group = everyuser [sbt] read only = No writable = Yes valid users = @sbt path = /data/sbt browsable = yes force group = sbt force user = geckerdt create mask = 664 force directory mode = 774 [act] read only = No writable = Yes valid users = @act path = /data/act browsable = yes force group = act force user = geckerdt create mask = 664 force directory mode = 774 [sharedir] read only = No writable = Yes valid users = @shared path = /data/shareddir browsable = yes force group = shared create mask = 0664 directory mode = 0774 [testdir] read only = No writable = Yes valid users = @shared path = /data/test browsable = yes force group = shared create mask = 0664 directory mode = 0774 [everyuser] read only = No writable = Yes valid users = @everyuser path = /data2/home force group = everyuser browsable = yes create mask = 0664 directory mode = 0774 [webpages] readonly = No writable = Yes valid users = @keysys path = /www force group = keysys force user = keysys create mask = 0664 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbfs locking
I have samba 3.0.10 running on a Debian server. I have other Debian machines which use smbfs (also 3.0.10) to mount the share. Every now and again, the mount will lock and an ls inside it produces an i/o error. If i try to umount the share, it gives me a share busy error. Now, there is no real i/o error on the server. I have ten client machines total which mount shares from the server, and even when one's locked I can access the information from the others. The client machines in use are in a Real Estate company, which needs to keep certain documents open for sometimes the entire day. I think that might be where the problem lies (timeout or some such problem). As long as documents dont stay open for hours, this problem doesn't happen. Any ideas on what could be going wrong and what I could try? Thanks for your help. Marcos Pinto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Slightly OT: smbldap-tools/perl problem
Hello, I'm running CentoOS4 and installed smbldap-tools from Dag's repository. I configured smbldap.conf, but get the following error trying to poplulate the directroy. Anyone seen this before or have any suggestions? I tried uninstalling perl-Convert-ASN1 and reinstalling, but it didn't help. smbldap-populate -a root -k 0 -m 0 Populating LDAP directory for domain TESTDOM (S-1-5-21-230766447-445193678-2399177566) (using builtin directory structure) Use of uninitialized value in string at /usr/sbin///smbldap_tools.pm line 260. Use of uninitialized value in string at /usr/sbin///smbldap_tools.pm line 260. Bad ASN PDU at /usr/lib/perl5/vendor_perl/5.8.5/Convert/ASN1/IO.pm line 178, GEN1 line 2. Thanks, Matt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Jerome Tournier wrote: Le Wed, Apr 27, 2005 at 01:05:05PM +0200, Per olof Ljungmark a ecrit: Bareword print_banner not allowed while strict subs in use at /usr/local/sbin/smbldap-useradd line 43. Execution of /usr/local/sbin/smbldap-useradd aborted due to compilation errors. at the beginning of smbldap_tools.pm, do you have the print_banner function declared ? Like this : @EXPORT = qw( get_user_dn get_group_dn ... print_banner %config ); Yes, it's there. smbldap-tools are installed from the FreeBSD ports system If I remove user_strict; the commands will at least show the options but not complete tasks. How do the scripts locate smbldap_tools.pm? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
Gavin Henry wrote: Do any other commands work? I think the command can't find smbldap_tools.pm How is it installed? Exactly. I had used the ports system (usually works well) but grabbed the .tgz off idealx instead and that worked. Thanks, Per olof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] File extensions through Samba
I'm hoping this is on topic or has been solved by someone on this list. This involves Samba, Fedora Core 2 and Gnome Nautilus 2.6.0 When I see a .JPG (upper case) file using Samba on my win2k machine frim my Linux box, I am not able to see a thumbnail or open with the default program. I also am not able to associate it with a program through Gnome. If I change the extention to .jpg (lower case), on the Samba share, I can see a thumbnail and Eye of Gnome will open it with a double click. However...If I drag the file to my home directory on the local Linux computer, it will show a thumbnail and open even if the extention is upper case. Does anyone know how I can make the Win2k .JPG files behave the same as the .jpg files without changing the names of thousands of files? Thanks for your time, Bradley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem using roaming profiles with wireless clients
Hello, I have a Linux server acting as a Windows PDC and we're using roaming profiles. Wired clients connect fine and upload/download their profiles. Wireless clients do not. I also have RADIUS running on the Linux server and the Wireless AP is configured to authenticate against the RADIUS server as well, using the windows login information. I enabled verbose debugging on the RADIUS server, so I could see exactly what is happening. When the wireless clients try to login to the domain and download their roaming profiles, the client will hang at the login sceen for a few minutes, then report that it could not connect to the server hosting the roaming profile. Only after I click ok does the client send the username and password to the RADIUS server for authentication. The problem seems to be timing, so I was hoping someone may know if and how I can configure the XP clients to bring up it's wireless interface before attempting to download it's roaming profile. I know this isn't a samba issue, but was hoping someone might know a Windows fix. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools Perl error (FreeBSD)
On Apr 27, Per olof Ljungmark wrote: How is it installed? Exactly. I had used the ports system (usually works well) but grabbed the .tgz off idealx instead and that worked. It sounds like a very old smbldap_tools.pm is in use on your system and the new (current) one gets ignored. For it to work, my rpms (linux) install it in /usr/lib/perl5/site_perl/smbldap_tools.pm This means that you may have to find any occurrence of the smbldap_tools.pm module and replace it with the latest one. tom. Consultant AUSSECPhone: 61 4 1768 2202 339 Blaxland Rd., Ryde NSW 2112 Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question about nss_ldap: could not get LDAP result - Can't contact LDAP server error
On Apr 27, Luiz Alfredo Baggiotto wrote: We have a OpenLDAP-2.2.23 + Samba 3.0.14a and the system is logging a lot (one to each minute, more or less) of errors like this: server smbd[10799]: [ID 510469 daemon.error] nss_ldap: could not get LDAP result - Can't contact LDAP server Are you using start tls? If yes, are you using self-signed certificates? I´m using it because I was compiled LDAP with wrapper option and wrapper doens´t support more than 256 simultaneous connections. Then, I´m thinking if smbd process is trying to restablish a closed connection and because that generating the error. Is it possible? Possible. But look at it from this angle: Is there a need for you to restrict this? - As in how many active ldap clients will there be at any one time? Of course there is the other issue of just turning it off to test/verify the system and then seeing whether it is necessary and then turning it back on. tom. Consultant AUSSECPhone: 61 4 1768 2202 339 Blaxland Rd., Ryde NSW 2112 Email: [EMAIL PROTECTED]-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't get samba 3.0.14a to work with ldap..part 2: smaba 3.0.15
On Apr 27, rich foo wrote: mercury:/usr/local/samba/sbin# ./smldap-populate -a root -k 0 -m 0 ... Use of uninitialized value in string ne at ./smbldap-populate line 165 Use of uninitialized value in concactenation (.) or string at ./smbldap-populate line 170 this happens when smbldap.conf does not have a valid `suffix=dc=...' line entry o=ssfsnet already exist. adding new entry: ou=People,o=ssfsnet ... Can't call method dn on an undefined value at ./smbldap-populate line 442, GEN1 line 6. Similar to above. Sounds like you may have a misconfigured smbldap.conf file. tom. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] accessing windows shares from Linux
ankush grover wrote: hey friends, I have configured samba as BDC to Windows 2003 domain controller which is acting as PDC. I hope that's only for migration. Samba can't be a permanent BDC to anything except a samba PDC Now the problem is that I am able to see the Linux shares from the windows but from the Linux I am not able to see the windows shares. You need to refer this to the linux.cifs mailing list. They will help you with your problem. Regards Geoff Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows Server 2003 SP1 Issues (3.0.15pre2)
Hi All, I'm running into some issues accessing a Samba server that's in turn authenticating against a Win2k3-SP1 domain controller (security=ads). I understand there were some known issues corrected in a patch, and I'm currently running 3.0.15pre2, which I understand includes that patch. (http://samba.org/~jerry/patches/post-3.0.13/winbindd_2k3sp1.patch) All was working fine before the Win2k3 server was upgraded with the SP1 service pack. The `net ads join`, `wbinfo -t`, `wbinfo -u`, `wbinfo -p`, `getent passwd`, and `getent group` commands all still work fine, but users can't authenticate against the Samba box and view available shares. For example, here's a local smbclient connection from the local console: [EMAIL PROTECTED] samba]# smbclient -L 192.168.0.52 -U polorx added interface ip=192.168.0.52 bcast=192.168.0.255 nmask=255.255.255.0 Client started (version 3.0.15pre2). Connecting to 192.168.0.52 at port 445 Password: Doing spnego session setup (blob length=112) got OID=1 2 840 113554 1 2 2 got OID=1 2 840 48018 1 2 2 got OID=1 3 6 1 4 1 311 2 2 10 got [EMAIL PROTECTED] Got challenge flags: Got NTLMSSP neg_flags=0x60890215 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 SPNEGO login failed: Logon failure session setup failed: NT_STATUS_LOGON_FAILURE [EMAIL PROTECTED] samba]# I have attached the Samba server's configuration file, and I can also provide detailed logs upon request. Does anyone have any ideas on this? Thanks, in advance, for any insights you can offer! -- William R. Lorenz [EMAIL PROTECTED] -- http://www.express.org/~wrl/ ; Every revolution was first -- a thought in one man's mind. - Ralph Waldo Emerson[global] netbios name= linux-test workgroup = MFERRY realm = tcb.internal server string = linux-test security= ads encrypt passwords = Yes log file= /var/log/samba/%m.log log level = 10 max log size= 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain logons = No os level= 10 preferred master= No domain master = No dns proxy = No hosts allow = 192.168. password server = 192.168.0.239 interfaces = 192.168.0.52 bind interfaces only= yes case sensitive = no default case= lower preserve case = yes short preserve case = yes add share command = /usr/local/samba/bin/share.pl change share command= /usr/local/samba/bin/share.pl delete share command= /usr/local/samba/bin/share.pl admin users = @MFERRY+Administrators announce as = NT Server announce version= 9.3 blocking locks = yes browse list = yes deadtime= 15 debug timestamp = yes debug hires timestamp = yes debug pid = yes default service = public dont descend= /proc,/dev,/tmp,/usr getwd cache = yes hide dot files = yes invalid users = root shutdown halt service mysql apache rpm kernel oplocks = yes load printers = no locking = yes max disk size = 5000 message command = /var/log/samba %s %t %f nt acl support = yes nt pipe support = yes null passwords = no obey pam restrictions = yes strict allocate = yes winbind separator = + winbind cache time = 10 idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind enum users = yes winbind enum groups = yes template shell = /bin/false template homedir= /home/%U -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ips and netbios name on the logs
Hi people, does someone know how to only log the name of the machine and not the name of the machine AND the ip? Let me explain this: -rw-r--r-- 1 root root0 Apr 28 02:47 0.0.0.0.log -rw-r--r-- 1 root root0 Apr 28 02:49 10.3.0.10.log -rw-r--r-- 1 root root0 Apr 28 02:47 10.3.0.21.log -rw-r--r-- 1 root root0 Apr 28 02:46 10.3.0.22.log -rw-r--r-- 1 root root0 Apr 28 02:48 10.3.0.23.log -rw-r--r-- 1 root root0 Apr 28 02:47 10.3.0.24.log -rw-r--r-- 1 root root0 Apr 28 02:47 10.3.0.25.log -rw-r--r-- 1 root root0 Apr 28 02:54 10.3.1.27.log -rw-r--r-- 1 root root0 Apr 28 02:54 127.0.0.1.log -rw-r--r-- 1 root root0 Apr 28 02:49 avserver03.log -rw-r--r-- 1 root root 527 Apr 28 02:47 beruti-ts1.log -rw-r--r-- 1 root root0 Apr 28 02:46 beruti-ts2.log -rw-r--r-- 1 root root 1.1K Apr 28 02:54 beruti-ts3.log -rw-r--r-- 1 root root 1.1K Apr 28 02:54 beruti-ts4.log -rw-r--r-- 1 root root 527 Apr 28 02:48 beruti-ts5.log -rw-r--r-- 1 root root0 Apr 28 02:54 dr.taratutto.log -rw-r--r-- 1 root root 4.8K Apr 28 02:53 log.nmbd -rw-r--r-- 1 root root 554 Apr 28 02:53 log.smbd -rw-r--r-- 1 root root0 Apr 28 02:54 server.log -rw-r--r-- 1 root root 516 Apr 28 02:54 smbd.log I have a log of every machine name and every ip of this machines. I just want this: -rw-r--r-- 1 root root0 Apr 28 02:49 avserver03.log -rw-r--r-- 1 root root 527 Apr 28 02:47 beruti-ts1.log -rw-r--r-- 1 root root0 Apr 28 02:46 beruti-ts2.log -rw-r--r-- 1 root root 1.1K Apr 28 02:54 beruti-ts3.log -rw-r--r-- 1 root root 1.1K Apr 28 02:54 beruti-ts4.log -rw-r--r-- 1 root root 527 Apr 28 02:48 beruti-ts5.log -rw-r--r-- 1 root root0 Apr 28 02:54 dr.taratutto.log -rw-r--r-- 1 root root 4.8K Apr 28 02:53 log.nmbd -rw-r--r-- 1 root root 554 Apr 28 02:53 log.smbd -rw-r--r-- 1 root root0 Apr 28 02:54 server.log -rw-r--r-- 1 root root 516 Apr 28 02:54 smbd.log Anything to change on the smb.conf? Im using samba 3.0.10 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
svn commit: samba-web r647 - in trunk/cifs: .
Author: sfrench Date: 2005-04-27 16:22:47 + (Wed, 27 Apr 2005) New Revision: 647 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=647 Log: Update link to current manpages for cifs client Modified: trunk/cifs/cifs_download.html Changeset: Modified: trunk/cifs/cifs_download.html === --- trunk/cifs/cifs_download.html 2005-04-27 00:03:25 UTC (rev 646) +++ trunk/cifs/cifs_download.html 2005-04-27 16:22:47 UTC (rev 647) @@ -15,7 +15,7 @@ H1CIFS DownloadBR /H1 /DIV -DIV style=top : 69px;left : 23px; +DIV style=top : 66px;left : 30px; position : absolute; z-index : 2; id=Layer2 @@ -71,7 +71,8 @@ TDman pages/TD TDsame/TD TDsame/TD - TD/TD + TDA href=http://samba.org/samba/docs/man/mount.cifs.8.html;mount.cifs/ABR + A href=http://samba.org/samba/docs/man/umount.cifs.8.html;umount.cifs/A/TD /TR /TBODY /TABLE @@ -97,7 +98,7 @@ Historical versions can be found at http://pserver.samba.org/samba/ftp/cifs-cvs/BR including a 2.4 kernel port A href=http://us1.samba.org/samba/ftp/cifs-cvs/cifs-1.20c-2.4.tar.gz;: Latest 2.4 Release (gz containing cifs vfs source files and patch for kernel makefile and configure)/Anbsp;nbsp;/DIV -DIV style=top : 519px;left : 130px; +DIV style=top : 519px;left : 140px; position : absolute; z-index : 4; id=Layer4
svn commit: samba-docs r511 - in trunk/manpages: .
Author: sfrench Date: 2005-04-27 17:17:26 + (Wed, 27 Apr 2005) New Revision: 511 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=511 Log: Update cifs man page and add new umount.cifs man page Added: trunk/manpages/umount.cifs.8.xml Modified: trunk/manpages/mount.cifs.8.xml Changeset: Modified: trunk/manpages/mount.cifs.8.xml === --- trunk/manpages/mount.cifs.8.xml 2005-04-27 03:22:00 UTC (rev 510) +++ trunk/manpages/mount.cifs.8.xml 2005-04-27 17:17:26 UTC (rev 511) @@ -314,6 +314,10 @@ listitempara(default) The program accessing a file on the cifs mounted file system will not hang when the server crashes and will return errors to the user application./para/listitem /varlistentry +varlistentry +term--verbose/term +listitemparaprint additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:/paraparamount -t cifs //server/share /mnt --verbose -o user=username/para/listitem +/varlistentry varlisstentry termnoacl/term @@ -357,12 +361,12 @@ /varlistentry varlistentry - termrsize/term + termrsize=replaceablearg/replaceable/term listitemparadefault network read size/para/listitem /varlistentry varlistentry - termwsize/term + termwsize=replaceablearg/replaceable/term listitemparadefault network write size/para/listitem /varlistentry Added: trunk/manpages/umount.cifs.8.xml === --- trunk/manpages/umount.cifs.8.xml2005-04-27 03:22:00 UTC (rev 510) +++ trunk/manpages/umount.cifs.8.xml2005-04-27 17:17:26 UTC (rev 511) @@ -0,0 +1,134 @@ +?xml version=1.0 encoding=iso-8859-1? +!DOCTYPE refentry PUBLIC -//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN http://www.samba.org/samba/DTD/samba-doc; +refentry id=umount.cifs.8 + +refmeta + refentrytitleumount.cifs/refentrytitle + manvolnum8/manvolnum +/refmeta + + +refnamediv + refnameumount.cifs/refname + refpurposefor normal, non-root users, to unmount their own Common Internet File System (CIFS) mounts/refpurpose +/refnamediv + +refsynopsisdiv + cmdsynopsis + + commandumount.cifs/command + arg choice=reqmount-point/arg + arg choice=opt-nVvhfle/arg + /cmdsynopsis +/refsynopsisdiv + +refsect1 + titleDESCRIPTION/title + + paraThis tool is part of the citerefentryrefentrytitlesamba/refentrytitle + manvolnum7/manvolnum/citerefentry suite./para + + paraumount.cifs unmounts a Linux CIFS filesystem. It can be invoked +indirectly by the +citerefentryrefentrytitleumount/refentrytitlemanvolnum8/manvolnum/citerefentry command +when using the -i option. The umount.cifs command only works in Linux, and the kernel must +support the cifs filesystem. The CIFS protocol is the successor to the +SMB protocol and is supported by most Windows servers and many other +commercial servers and Network Attached Storage appliances as well as +by the popular Open Source server Samba. + /para + + para + The umount.cifs utility detaches the local directory emphasismount-point/emphasisfrom the corresponding UNC name (exported network resource) and frees the associated kernel resources. +It is possible to set the mode for umount.cifs to +setuid root (or equivalently update the /etc/permissions file) to allow non-root users to umount shares to directories for which they have write permission. The umount.cifs utility is typically +not needed if unmounts need only be performed by root users, or if user mounts and unmounts +can rely on specifying explicit entries in /etc/fstab See/para +paraciterefentryrefentrytitlefstab/refentrytitle +manvolnum5/manvolnum/citerefentry/para +/refsect1 + +refsect1 + titleOPTIONS/title + variablelist +varlistentry +term--verbose/term +listitemparaprint additional debugging information/para/listitem +/varlistentry +varlistentry +term--no-mtab/term +listitemparaDo not update the mtab even if unmount completes successfully (/proc/mounts will still display the correct information)/para/listitem +/varlistentry + + /variablelist +/refsect1 + +refsect1 + titleNOTES/title + + paraThis command is normally intended to be installed setuid (since root users can already run unmount). An alternative to using umount.cifs is to add specfic entries for the user mounts that you wish a particular user or users to mount and unmount to /etc/fstab/para +/refsect1 + +refsect1 + titleCONFIGURATION/title +
svn commit: samba r6502 - in branches/SAMBA_3_0/source: include lib locking smbd
Author: herb Date: 2005-04-27 18:32:37 + (Wed, 27 Apr 2005) New Revision: 6502 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6502 Log: add LOCKING debug class - pull PRINTINGDB class definition from trunk so our numbers don't get out of sync Modified: branches/SAMBA_3_0/source/include/debug.h branches/SAMBA_3_0/source/lib/debug.c branches/SAMBA_3_0/source/lib/util.c branches/SAMBA_3_0/source/locking/brlock.c branches/SAMBA_3_0/source/locking/locking.c branches/SAMBA_3_0/source/locking/posix.c branches/SAMBA_3_0/source/smbd/reply.c Changeset: Modified: branches/SAMBA_3_0/source/include/debug.h === --- branches/SAMBA_3_0/source/include/debug.h 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/include/debug.h 2005-04-27 18:32:37 UTC (rev 6502) @@ -94,6 +94,8 @@ #define DBGC_IDMAP 13 #define DBGC_QUOTA 14 #define DBGC_ACLS 15 +#define DBGC_PRINTERDB 16 +#define DBGC_LOCKING 17 /* So you can define DBGC_CLASS before including debug.h */ #ifndef DBGC_CLASS Modified: branches/SAMBA_3_0/source/lib/debug.c === --- branches/SAMBA_3_0/source/lib/debug.c 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/lib/debug.c 2005-04-27 18:32:37 UTC (rev 6502) @@ -164,6 +164,8 @@ idmap, /* DBGC_IDMAP*/ quota, /* DBGC_QUOTA*/ acls, /* DBGC_ACLS */ + printerdb, /* DBGC_PRINTERDB*/ + locking, /* DBGC_LOCKING */ NULL }; Modified: branches/SAMBA_3_0/source/lib/util.c === --- branches/SAMBA_3_0/source/lib/util.c2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/lib/util.c2005-04-27 18:32:37 UTC (rev 6502) @@ -1793,6 +1793,9 @@ SAFE_FREE(name_array); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + / Simple routine to do POSIX file locking. Cruft in NFS and 64-32 bit mapping is dealt with in posix.c @@ -1843,6 +1846,9 @@ return(True); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /*** Is the name specified one of my netbios names. Returns true if it is equal, false otherwise. Modified: branches/SAMBA_3_0/source/locking/brlock.c === --- branches/SAMBA_3_0/source/locking/brlock.c 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/locking/brlock.c 2005-04-27 18:32:37 UTC (rev 6502) @@ -27,6 +27,9 @@ #include includes.h +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + #define ZERO_ZERO 0 /* This contains elements that differentiate locks. The smbpid is a Modified: branches/SAMBA_3_0/source/locking/locking.c === --- branches/SAMBA_3_0/source/locking/locking.c 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/locking/locking.c 2005-04-27 18:32:37 UTC (rev 6502) @@ -37,6 +37,9 @@ #include includes.h uint16 global_smbpid; +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /* the locking database handle */ static TDB_CONTEXT *tdb; Modified: branches/SAMBA_3_0/source/locking/posix.c === --- branches/SAMBA_3_0/source/locking/posix.c 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/locking/posix.c 2005-04-27 18:32:37 UTC (rev 6502) @@ -24,6 +24,9 @@ #include includes.h +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /* * The POSIX locking database handle. */ Modified: branches/SAMBA_3_0/source/smbd/reply.c === --- branches/SAMBA_3_0/source/smbd/reply.c 2005-04-27 14:05:02 UTC (rev 6501) +++ branches/SAMBA_3_0/source/smbd/reply.c 2005-04-27 18:32:37 UTC (rev 6502) @@ -2129,6 +2129,9 @@ return -1; } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + / Reply to a lockread (core+ protocol). / @@ -,6 +2225,9 @@ return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + / Reply to a read. / @@ -2610,6 +2616,9 @@ return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING +
svn commit: samba r6503 - in trunk/source: include lib locking smbd
Author: herb Date: 2005-04-27 18:43:43 + (Wed, 27 Apr 2005) New Revision: 6503 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6503 Log: pull change 6502 from samba_3_0 (add LOCKING debug class) Modified: trunk/source/include/debug.h trunk/source/lib/debug.c trunk/source/lib/util.c trunk/source/locking/brlock.c trunk/source/locking/locking.c trunk/source/locking/posix.c trunk/source/smbd/reply.c Changeset: Modified: trunk/source/include/debug.h === --- trunk/source/include/debug.h2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/include/debug.h2005-04-27 18:43:43 UTC (rev 6503) @@ -95,6 +95,7 @@ #define DBGC_QUOTA 14 #define DBGC_ACLS 15 #define DBGC_PRINTERDB 16 +#define DBGC_LOCKING 17 /* So you can define DBGC_CLASS before including debug.h */ #ifndef DBGC_CLASS Modified: trunk/source/lib/debug.c === --- trunk/source/lib/debug.c2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/lib/debug.c2005-04-27 18:43:43 UTC (rev 6503) @@ -165,6 +165,7 @@ quota, /* DBGC_QUOTA*/ acls, /* DBGC_ACLS */ printerdb, /* DBGC_PRINTERDB*/ + locking, /* DBGC_LOCKING */ NULL }; Modified: trunk/source/lib/util.c === --- trunk/source/lib/util.c 2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/lib/util.c 2005-04-27 18:43:43 UTC (rev 6503) @@ -1793,6 +1793,9 @@ SAFE_FREE(name_array); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + / Simple routine to do POSIX file locking. Cruft in NFS and 64-32 bit mapping is dealt with in posix.c @@ -1843,6 +1846,9 @@ return(True); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + /*** Is the name specified one of my netbios names. Returns true if it is equal, false otherwise. Modified: trunk/source/locking/brlock.c === --- trunk/source/locking/brlock.c 2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/locking/brlock.c 2005-04-27 18:43:43 UTC (rev 6503) @@ -27,6 +27,9 @@ #include includes.h +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + #define ZERO_ZERO 0 /* This contains elements that differentiate locks. The smbpid is a Modified: trunk/source/locking/locking.c === --- trunk/source/locking/locking.c 2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/locking/locking.c 2005-04-27 18:43:43 UTC (rev 6503) @@ -37,6 +37,9 @@ #include includes.h uint16 global_smbpid; +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /* the locking database handle */ static TDB_CONTEXT *tdb; Modified: trunk/source/locking/posix.c === --- trunk/source/locking/posix.c2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/locking/posix.c2005-04-27 18:43:43 UTC (rev 6503) @@ -24,6 +24,9 @@ #include includes.h +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + /* * The POSIX locking database handle. */ Modified: trunk/source/smbd/reply.c === --- trunk/source/smbd/reply.c 2005-04-27 18:32:37 UTC (rev 6502) +++ trunk/source/smbd/reply.c 2005-04-27 18:43:43 UTC (rev 6503) @@ -2129,6 +2129,9 @@ return -1; } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + / Reply to a lockread (core+ protocol). / @@ -,6 +2225,9 @@ return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + / Reply to a read. / @@ -2610,6 +2616,9 @@ return(outsize); } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_LOCKING + / Reply to a writeunlock (core+). / @@ -2674,6 +2683,9 @@ return outsize; } +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL + / Reply to a write. / @@ -3121,6 +3133,9 @@ return(outsize); } +#undef
svn commit: samba-web r649 - in trunk/support: .
Author: deryck Date: 2005-04-27 19:06:28 + (Wed, 27 Apr 2005) New Revision: 649 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=649 Log: Adding support provider per his request. Modified: trunk/support/italy.html Changeset: Modified: trunk/support/italy.html === --- trunk/support/italy.html2005-04-27 17:59:14 UTC (rev 648) +++ trunk/support/italy.html2005-04-27 19:06:28 UTC (rev 649) @@ -141,4 +141,20 @@ /small/pre +!-- Added: 27 April 2005 -- +hr / +h3Torino/h3 +presmall +Linuz.it +Corso Ferrucci, 87 +10129 Torino +Italy +Tel. +39 011-4337431 + +39 011-4332892 +Contact: Ing. Jean Franois Panico +e-mail: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a +a href=http://www.linuz.it/;http://www.linuz.it//a +Power and reliability for your servers +/small/pre + !--#include virtual=footer_support.html --
Build status as of Thu Apr 28 00:00:02 2005
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2005-04-27 00:00:22.0 + +++ /home/build/master/cache/broken_results.txt 2005-04-28 00:00:29.0 + @@ -1,18 +1,19 @@ -Build status as of Wed Apr 27 00:00:01 2005 +Build status as of Thu Apr 28 00:00:02 2005 Build counts: Tree Total Broken Panic ccache 37 3 0 distcc 37 2 0 ppp 21 1 0 -rsync37 1 0 +rsync37 2 0 samba1 1 1 samba-docs 0 0 0 samba4 39 20 0 -samba_3_039 11 0 +samba_3_039 8 0 Currently broken builds: Host Tree Compiler Status +cyberone rsyncgccok/ok/ok/ 2 fusberta samba4 gccok/ 2/?/? samba-s390 samba4 gccok/ 2/?/? rhonwynsamba4 gcc-4.0ok/ 2/?/? @@ -28,7 +29,6 @@ ragnarok samba4 gcc 1/?/?/? ragnarok samba_3_0gcc 1/?/?/? smartserv1 samba4 gccok/ 1/?/? -smartserv1 samba_3_0gccok/ok/ok/ 10 smartserv1 samba4 gcc-4.0ok/ 1/?/? smartserv1 samba_3_0gcc-4.0ok/ 1/?/? gwen distcc cc ok/ 1/?/? @@ -42,9 +42,7 @@ shubnigurath samba4 cc ok/ 1/?/? gc20 samba4 gccok/ 2/?/? sun1 samba4 cc ok/ 2/?/? -sun1 samba_3_0cc ok/ok/ok/ 1 sun1 samba4 gccok/ 2/?/? -sun1 samba_3_0gccok/ok/ok/ 1 m30ccache gccok/ok/ok/ 2 m30rsyncgccok/ok/ok/ 2 m30samba4 gccok/ 2/?/?
svn commit: samba r6504 - in branches/SAMBA_4_0/source/librpc/idl: .
Author: tpot Date: 2005-04-28 00:51:57 + (Thu, 28 Apr 2005) New Revision: 6504 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=6504 Log: Fix incorrect value for SERVICE_STATE_ALL found by Karl Melcher. Modified: branches/SAMBA_4_0/source/librpc/idl/svcctl.idl Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/svcctl.idl === --- branches/SAMBA_4_0/source/librpc/idl/svcctl.idl 2005-04-27 18:43:43 UTC (rev 6503) +++ branches/SAMBA_4_0/source/librpc/idl/svcctl.idl 2005-04-28 00:51:57 UTC (rev 6504) @@ -44,7 +44,7 @@ const int SERVICE_STATE_ACTIVE = 0x01; const int SERVICE_STATE_INACTIVE = 0x02; - const int SERVICE_STATE_ALL = 0x00; + const int SERVICE_STATE_ALL = 0x03; typedef [public,bitmap32bit] bitmap { SV_TYPE_WORKSTATION = 0x0001,
svn commit: samba-web r650 - in trunk/download: .
Author: sfrench Date: 2005-04-28 02:17:26 + (Thu, 28 Apr 2005) New Revision: 650 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=650 Log: Fix typo debain instead of Debian Modified: trunk/download/index.html Changeset: Modified: trunk/download/index.html === --- trunk/download/index.html 2005-04-27 19:06:28 UTC (rev 649) +++ trunk/download/index.html 2005-04-28 02:17:26 UTC (rev 650) @@ -37,7 +37,7 @@ that the latest version may not always be available for every platform. pa href=http://enterprisesamba.com/;http://enterprisesamba.com//a - offers Samba packages for SLES, RHEL, and Debain./p + offers Samba packages for SLES, RHEL, and Debian./p /td td /td
svn commit: samba-docs r512 - in trunk/manpages: .
Author: sfrench Date: 2005-04-28 02:32:55 + (Thu, 28 Apr 2005) New Revision: 512 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=512 Log: Fix build break of mount.cifs.8 man page Modified: trunk/manpages/mount.cifs.8.xml Changeset: Modified: trunk/manpages/mount.cifs.8.xml === --- trunk/manpages/mount.cifs.8.xml 2005-04-27 17:17:26 UTC (rev 511) +++ trunk/manpages/mount.cifs.8.xml 2005-04-28 02:32:55 UTC (rev 512) @@ -276,8 +276,7 @@ varlistentry termmapchars/term -listitemparaTranslate six of the seven reserved characters (not backslash) -*?|: +listitemparaTranslate six of the seven reserved characters (not backslash, but including the colon, question mark, pipe, asterik, greater than and less than characters) to the remap range (above 0xF000), which also allows the CIFS client to recognize files created with such characters by Windows's POSIX emulation. This can @@ -319,7 +318,7 @@ listitemparaprint additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:/paraparamount -t cifs //server/share /mnt --verbose -o user=username/para/listitem /varlistentry - varlisstentry + varlistentry termnoacl/term listitemparaDo not allow POSIX ACL operations even if server would support them./parapara The CIFS client can get and set POSIX ACLs (getfacl, setfacl) to Samba servers
svn commit: samba-docs r513 - in trunk/manpages: .
Author: sfrench Date: 2005-04-28 03:45:26 + (Thu, 28 Apr 2005) New Revision: 513 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=513 Log: Fix mount.cifs man page build break part 2. Modified: trunk/manpages/mount.cifs.8.xml Changeset: Modified: trunk/manpages/mount.cifs.8.xml === --- trunk/manpages/mount.cifs.8.xml 2005-04-28 02:32:55 UTC (rev 512) +++ trunk/manpages/mount.cifs.8.xml 2005-04-28 03:45:26 UTC (rev 513) @@ -284,7 +284,7 @@ (which also forbids creating and opening files whose names contain any of these seven characters). This has no effect if the server does not support -Unicode on the wire.para/listitem +Unicode on the wire./para/listitem /varlistentry varlistentry @@ -352,6 +352,7 @@ termnoserverino/term listitemparaclient generates inode numbers (rather than using the actual one from the server) by default. + /para/listitem /varlistentry varlistentry
svn commit: samba-docs r514 - in trunk/manpages: .
Author: sfrench Date: 2005-04-28 04:10:56 + (Thu, 28 Apr 2005) New Revision: 514 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=514 Log: Fixed typos, minor spelling mistakes Modified: trunk/manpages/mount.cifs.8.xml Changeset: Modified: trunk/manpages/mount.cifs.8.xml === --- trunk/manpages/mount.cifs.8.xml 2005-04-28 03:45:26 UTC (rev 513) +++ trunk/manpages/mount.cifs.8.xml 2005-04-28 04:10:56 UTC (rev 514) @@ -49,7 +49,7 @@ para Options to emphasismount.cifs/emphasis are specified as a comma-separated list of key=value pairs. It is possible to send options other -than those listed here, assuming that cifs filesystem supports them. +than those listed here, assuming that the cifs filesystem kernel module (cifs.ko) supports them. Unrecognized cifs mount options passed to the cifs vfs kernel code will be logged to the kernel log. @@ -95,7 +95,7 @@ character (i.e. a comma ',') will fail to be parsed correctly on the command line. However, the same password defined in the PASSWD environment variable or via a credentials file (see -below) will be read correctly. +below) or entered at the password prompt will be read correctly. /para /listitem/varlistentry @@ -230,7 +230,7 @@ on newly created files, directories, and devices (create, mkdir, mknod) which will result in the server setting the uid and gid to the default (usually the server uid of the -usern who mounted the share). Letting the server (rather than +user who mounted the share). Letting the server (rather than the client) set the uid and gid is the default. This parameter has no effect if the CIFS Unix Extensions are not negotiated./para/listitem @@ -266,7 +266,7 @@ client (e.g. when the application is doing large sequential reads bigger than page size without rereading the same data) this can provide better performance than the default -behavior which caches reads (reaadahead) and writes +behavior which caches reads (readahead) and writes (writebehind) through the local Linux client pagecache if oplock (caching token) is granted and held. Note that direct allows write operations larger than page size @@ -315,7 +315,7 @@ varlistentry term--verbose/term -listitemparaprint additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:/paraparamount -t cifs //server/share /mnt --verbose -o user=username/para/listitem +listitemparaPrint additional debugging information for the mount. Note that this parameter must be specified before the -o. For example:/paraparamount -t cifs //server/share /mnt --verbose -o user=username/para/listitem /varlistentry varlistentry @@ -331,20 +331,22 @@ varlistentry termserverino/term -listitemparaUse servers inode numbers instead of generating automatically -incrementing inode numbers on the client. Although this will +listitemparaUse inode numbers (unique persistent file identifiers) + returned by the server instead of automatically generating +temporary inode numbers on the client. Although server inode numbers make it easier to spot hardlinked files (as they will have -the same inode numbers) and inode numbers may be persistent, -note that the server does not guarantee that the inode numbers +the same inode numbers) and inode numbers may be persistent (which is + userful for some sofware), +the server does not guarantee that the inode numbers are unique if multiple server side mounts are exported under a single share (since inode numbers on the servers might not be unique if multiple filesystems are mounted under the same -shared higher level directory). Note that this requires that -the server support the CIFS Unix Extensions as other servers -do not return a unique IndexNumber on SMB FindFirst (most -servers return zero as the IndexNumber). Parameter has no -effect to Windows servers and others which do not support the -CIFS Unix Extensions. +shared higher level directory). Note that not all +servers support returning server inode numbers, although + those that support the CIFS Unix Extensions, and Windows 2000 and + later servers
svn commit: samba-docs r515 - in trunk/manpages: .
Author: sfrench Date: 2005-04-28 04:21:42 + (Thu, 28 Apr 2005) New Revision: 515 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=515 Log: Fix umount.cifs.8 build break Modified: trunk/manpages/umount.cifs.8.xml Changeset: Modified: trunk/manpages/umount.cifs.8.xml === --- trunk/manpages/umount.cifs.8.xml2005-04-28 04:10:56 UTC (rev 514) +++ trunk/manpages/umount.cifs.8.xml2005-04-28 04:21:42 UTC (rev 515) @@ -86,7 +86,7 @@ paraAt this time umount.cifs does not lock the mount table using the same lock as the umount utility does, so do not attempt to do multiple unmounts from different processes (unmounts of a cifs mount and another type of filesystem mount at the same time. /para - paraIf the same mount point is mounted multiple times by cifs, umount.cifs will remove all of the matching entries from the mount table (although only actually unmount the last one), rather than only removing the last matching entry in /etc/mtab. The pseudofile /proc/mounts will display correct information though, and the lack of an entry in /etc/mtab does not prevent subsequent unmounts. + paraIf the same mount point is mounted multiple times by cifs, umount.cifs will remove all of the matching entries from the mount table (although only actually unmount the last one), rather than only removing the last matching entry in /etc/mtab. The pseudofile /proc/mounts will display correct information though, and the lack of an entry in /etc/mtab does not prevent subsequent unmounts./para para Note that the typical response to a bug report is a suggestion
svn commit: samba-docs r516 - in trunk/manpages: .
Author: sfrench Date: 2005-04-28 04:38:39 + (Thu, 28 Apr 2005) New Revision: 516 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-docsrev=516 Log: Fix some typos in the umount.cifs.8 man page Modified: trunk/manpages/umount.cifs.8.xml Changeset: Modified: trunk/manpages/umount.cifs.8.xml === --- trunk/manpages/umount.cifs.8.xml2005-04-28 04:21:42 UTC (rev 515) +++ trunk/manpages/umount.cifs.8.xml2005-04-28 04:38:39 UTC (rev 516) @@ -39,7 +39,7 @@ /para para - The umount.cifs utility detaches the local directory emphasismount-point/emphasisfrom the corresponding UNC name (exported network resource) and frees the associated kernel resources. + The umount.cifs utility detaches the local directory emphasismount-point/emphasis from the corresponding UNC name (exported network resource) and frees the associated kernel resources. It is possible to set the mode for umount.cifs to setuid root (or equivalently update the /etc/permissions file) to allow non-root users to umount shares to directories for which they have write permission. The umount.cifs utility is typically not needed if unmounts need only be performed by root users, or if user mounts and unmounts @@ -83,16 +83,16 @@ refsect1 titleBUGS/title - paraAt this time umount.cifs does not lock the mount table using the same lock as the umount utility does, so do not attempt to do multiple unmounts from different processes (unmounts of a cifs mount and another type of filesystem mount at the same time. + paraAt this time umount.cifs does not lock the mount table using the same lock as the umount utility does, so do not attempt to do multiple unmounts from different processes (and in particular unmounts of a cifs mount and another type of filesystem mount at the same time). /para - paraIf the same mount point is mounted multiple times by cifs, umount.cifs will remove all of the matching entries from the mount table (although only actually unmount the last one), rather than only removing the last matching entry in /etc/mtab. The pseudofile /proc/mounts will display correct information though, and the lack of an entry in /etc/mtab does not prevent subsequent unmounts./para + paraIf the same mount point is mounted multiple times by cifs, umount.cifs will remove all of the matching entries from the mount table (although umount.cifs will actually only unmount the last one), rather than only removing the last matching entry in /etc/mtab. The pseudofile /proc/mounts will display correct information though, and the lack of an entry in /etc/mtab does not prevent subsequent unmounts./para para Note that the typical response to a bug report is a suggestion to try the latest version first. So please try doing that first, and always include which versions you use of relevant software -when reporting bugs (minimum: mount.cifs (try mount.cifs -V), kernel (see /proc/version) and +when reporting bugs (minimum: umount.cifs (try umount.cifs -V), kernel (see /proc/version) and server type you are trying to contact. /para /refsect1 @@ -124,7 +124,7 @@ paraThe syntax was loosely based on the umount utility and the manpage was loosely based on that of mount.cifs.8. The man page was created by Steve French/para paraThe maintainer of the Linux cifs vfs and the userspace - tool emphasismount.cifs/emphasis is ulink url=mailto:[EMAIL PROTECTED]Steve French/ulink. + tool emphasisumount.cifs/emphasis is ulink url=mailto:[EMAIL PROTECTED]Steve French/ulink. The ulink url=mailto:[EMAIL PROTECTED]Linux CIFS Mailing list/ulink is the preferred place to ask questions regarding these programs. /para