Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Oliver Schulze L. 

Hi Jerry,
I checked the latest rpm (samba-3.0.10-1.4E.2.i386.rpm) for RHEL 4.2,
extracted the /usr/sbin/smbd file from the .rpm and run this:
$ strings smbd | grep /var/lib/samba
(no output)

$strings smbd |grep /var/cache/samba
/var/cache/samba

RedHat is using /var/cache/samba/ in RHEL4.2

HTH
Oliver

Gerald (Jerry) Carter wrote:

 You could
probably check the stock Fedora RPMs and see what they use.  IIRC
they are using /var/lib/samba/ as well.
  

--
Oliver Schulze L.
<[EMAIL PROTECTED]>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Tip for modifying vfs_recycle.c

2006-02-15 Thread Oliver Schulze L. 

Hi,
I'm seeking a little assistance for modifying vfs_recycle.c

What I want to do is that any user can write to the recycle.
But, the deleted file should maintain the owner.group of the user
that deleted the file.

So, I searched a way to pass the SMB_VFS_NEXT_UTIME() define,
but searching the code I noted that the process is already running as
the user who deleted the file.

I mainly want to modify the recycle vfs module because I have problems
when 1 user delete a file and later another user delete the same file.
Or I also have problems when a user first create a directory in the
recycle directory(by deleting a file), later another user deleting the a 
file in

the same directory can not access that directory in the recycle.

maybe I can solve the problem using unix permisions too.

Thanks
Oliver

--
Oliver Schulze L.
<[EMAIL PROTECTED]>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Patch for vfs_extd_audit.c

2006-02-15 Thread Oliver Schulze L. 

Hi,
just created:
https://bugzilla.samba.org/show_bug.cgi?id=3518

Should I announce here when I post a patch in bugzilla?

Thanks
Oliver

--
Oliver Schulze L.
<[EMAIL PROTECTED]>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] VFS audit

2006-02-15 Thread Oliver Schulze L. 

Which version of samba are you using?
In samba 3.0.21b,
syslog = 0
is working as expected.

HTH
Oliver

Ryan Taylor wrote:

I have it set now as:
...
log level = 0 vfs:2
syslog = 0
...
  


--
Oliver Schulze L.
<[EMAIL PROTECTED]>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Rejoining Computers to the domain

2006-02-15 Thread mallapadi niranjan 
Hi list

I have a query, I have a samba 3.0.21 with openldap, all my windows clients
are joined to PDC.
but suddenly  now , all my windows clients uanble to login
 but when i do getent passwd on the server , i could see all my computer
accounts . even
when i do ldapsearch -x -b "ou=Computers,dc=msdpl,dc=com" , i could see the
list of computer account names
but my windows clients report error message that " the compter name is
missing from the domain" .
all the systems had to rejoin to the domain. even having the computer
account names in the ldap database.
what could be the problem . Please  guid me

Regards
Niranjan
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] hiding dot files and the printer

2006-02-15 Thread Peter 

--- Adam Nielsen <[EMAIL PROTECTED]> wrote:

> > I cannot hide my unix dot files (.bash_history) using the 'hide
> > files' or 'veto files' settings:
> 
> Err... "hide dot files = yes"?  "man smb.conf" is most informative ;-)

Nope, as stated in a previous post, this setting is not working.  Unless I
need to reboot a few more times.  I also tried to hide other files with
'hide files' and that doesn't work either.

Do you know how I can get rid of the Printers share?  Already set it
'browseable = no'.






__ 
Find your next car at http://autos.yahoo.ca
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] hiding dot files and the printer

2006-02-15 Thread Adam Nielsen 
> > I cannot hide my unix dot files (.bash_history) using the 'hide
> > files' or 'veto files' settings:
> 
> Err... "hide dot files = yes"?  "man smb.conf" is most informative ;-)

Okay, so I should read other posts before responding ;-)  At any rate,
I think I've discovered the problem - both "hide dot files = yes" and
"hide files = /.*/" work, but I think you're expecting them to be
removed from the directory list given to the Windows box - they're not,
they're just assigned the hidden attribute - so if you've got hidden
files visible in Windows Explorer then they'll still be visible, albeit
with a semi-transparent icon...but if you tell Windows not to show
hidden files then they'll go away.

As to the printers thing that's not really a Samba issue, Windows
displays it for all PCs that support a certain RPC - it may disappear
if you do something like "load printers = no", but I'm not sure.

Cheers,
Adam.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] hiding dot files and the printer

2006-02-15 Thread Adam Nielsen 
> I cannot hide my unix dot files (.bash_history) using the 'hide
> files' or 'veto files' settings:

Err... "hide dot files = yes"?  "man smb.conf" is most informative ;-)

Cheers,
Adam.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Disabling locking for DLL files

2006-02-15 Thread Adam Nielsen 
> I'm trying to run a program off a network drive, however it insists on
> locking the DLL files it loads, so that no other process can access
> them (even read-only.)  This means that only one person can run the
> program at a time, as opposed to the entire office running it at the
> same time.

Well, interestingly enough, it seems that adding this line to the share
section was enough:

  veto oplock files = /*.dll/

I didn't have to mess with the 'share modes' after all, which was good!

Cheers,
Adam.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] about upgrade samba from 3.0.11

2006-02-15 Thread Lee Rocky 
Dear all

my samba version is 3.0.11,
but there's compatible issue with join windows 2003 domain.

is it anything need to check before upgrade to 3.0.20b?
or it's better to upgrade to 3.0.14a?

Thank you
Rocky
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Is there a way to map user ids to the same rid on every smb box

2006-02-15 Thread Craig White 
On Wed, 2006-02-15 at 09:38 -0500, Parker, Michael wrote:
> I know the documentation talks about using a backend ldap server which I
> don't have, nor do I want to dig into figuring out how to setup.  Are
> there other easy methods, such as replicate a file among all my smb
> servers.  If so, what is the file?

given that you've asked the list this question in this manner, I would
venture to say that it's smbpasswd but had you read the documentation,
you would also know why this is going to be a problem too.

rather than tell you what the next problem and likely, your next
question will be, let me suggest that you read through the excellent
official documentation that is provided to you free of charge...

http://www.samba.org/samba/docs

and suggest that for the acutely impatient, the 'By Example'
documentation is worth looking at - just a few chapters should be
sufficient.

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] How to Make SMB server authenticate against multiple ADserver

2006-02-15 Thread Trimble, Ronald D 
This is from Using Samba...
http://www.oreilly.com/catalog/samba/chapter/book/ch06_03.html


You can configure Samba to use a separate password server under
server-level security with the use of the password server global
configuration option, as follows:


[global]
security = server
password server = PHOENIX120 HYDRA134

Note that you can specify more than one machine as the target of the
password server ; Samba will move down the list of servers in the event
that its first choice is unreachable. The servers identified by the
password server option are given as NetBIOS names, not their DNS names
or equivalent IP addresses. Also, if any of the servers reject the given
password, the connection will automatically fail - Samba will not
attempt another server.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Parker, Michael
Sent: Wednesday, February 15, 2006 9:35 AM
To: samba@lists.samba.org
Subject: [Samba] How to Make SMB server authenticate against multiple
ADserver

I'm new to samba and I'm still trying to figure out the workings.  I
currently have a few servers setup to authenticate with AD (2003 domain)
with winbind.  Right now, I have a line in my smb.conf file that states
password server = alg-conyers-ad1.  I assume this tells it to
authenticate against this server only.  How do I make it choose a server
from DNS or at the least tell it to use other AD servers if this one is
offline?  My fear is that we'll rely on these servers more, AD1 will
fail, and then I'll have to scramble to point my smb servers to use
other AD servers.

 

Thanks in advance for your help.

 

Michael

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] Is there a way to map user ids to the same rid on eve ry smbbox

2006-02-15 Thread Geoffrey Scott 
IN an AD domain? 

-Original Message-
Subject: [Samba] Is there a way to map user ids to the same rid on every
smbbox

I know the documentation talks about using a backend ldap server which I
don't have, nor do I want to dig into figuring out how to setup.  Are there
other easy methods, such as replicate a file among all my smb servers.  If
so, what is the file?

 

Thanks in advance for the help.

 

Michael

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] How to Make SMB server authenticate against multiple AD server

2006-02-15 Thread Parker, Michael 
I'm new to samba and I'm still trying to figure out the workings.  I
currently have a few servers setup to authenticate with AD (2003 domain)
with winbind.  Right now, I have a line in my smb.conf file that states
password server = alg-conyers-ad1.  I assume this tells it to
authenticate against this server only.  How do I make it choose a server
from DNS or at the least tell it to use other AD servers if this one is
offline?  My fear is that we'll rely on these servers more, AD1 will
fail, and then I'll have to scramble to point my smb servers to use
other AD servers.

 

Thanks in advance for your help.

 

Michael

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba does not work with new AD groups

2006-02-15 Thread Parker, Michael 
Hi all,

 

I've configured a system to authenticate with an AD 2k3 domain (all
domain controllers have SP1) using winbind.  I have joined the server to
the domain as well. I created some shares to work with AD groups.
Here's a quick snippet of a share from my smb.conf file:

 

[test]

comment = test share for winbind testing

path = /u01/test

write list = @ll_main/rhmps

 

The problem I have is if I tell the write list command to use an
existing AD group which I am already a member of, I can write to the
share.  If on the other hand, I create a new AD group, add my user
account to the group, then tell the write list to use the new group, I
cannot write to the share.  I have rebooted my test workstations, tried
writing to the share from multiple XP (SP2), workstations logged out/in,
and rebooted my smb server.  Nothing seems to help and I'm not seeing
anything in any logs to explain the problem.

 

Any help would be greatly appreciated.  If I can get it to work, I plan
to put this into production.  Do you think it would be wise?  

 

My samba server is a redat 3.0 box with update 5.  The samba version is
samba-3.0.9-1.3E.5

 

Thanks in advance for the help.

 

Michael

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Is there a way to map user ids to the same rid on every smb box

2006-02-15 Thread Parker, Michael 
I know the documentation talks about using a backend ldap server which I
don't have, nor do I want to dig into figuring out how to setup.  Are
there other easy methods, such as replicate a file among all my smb
servers.  If so, what is the file?

 

Thanks in advance for the help.

 

Michael

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] FW: Help required on Samba software

2006-02-15 Thread Khawade, Kirtikumar \(GE Infra, Transportation\) 


>  -Original Message-
> From: Khawade, Kirtikumar (GE Infra, Transportation)  
> Sent: Wednesday, February 15, 2006 7:49 PM
> To:   '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'; '[EMAIL 
> PROTECTED]'
> Cc:   Pai, Usha S (GE Infra, Transportation); Khadmale, Subodh (GE Infra, 
> Transportation); Nk, Radha (GE Infra, Transportation); KL, Viswanathan (GE 
> Infra, Transportation)
> Subject:  Help required on Samba software
> 
> Team,
>  We are part of GE Transportation Erie USA, our group is located at JFWTC 
> Bangalore.
>  Currently we are facing some issues with our Source code control system 
> P4Win which is configured on Windows to access file system on QNX through 
> SAMBA.
>  SAMBA is installed on QNX. We are not sure problem is there with SAMBA or 
> P4Win we are trying to analyse the same, in this regard we request ur help.
>  Pl do let me know whether you can offer some help to us.
>  Attached is our setup brief,
>  > >  <> 
> 
> Regards & Thanks
> Kirtikumar A. Khawade | Embedded Software Engineer 
> GE Transportation Systems, John F. Welch Technology Centre,Bangalore.
> (+91-80-25031335(DID) | 28412050Ext. 1335 
> DialCom: 8*901-1335 
> 1 Fax : 91 (80) 28411649
> [EMAIL PROTECTED];
> 
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] need information!!!

2006-02-15 Thread Claudio M. Souza Junior 
I am Brazilian.
I speak dont english. Forgive my english.
I need informations about libsmbclient.h.
I found flowing error to call smbc_intit_context(smb_context)
params.c:OpenConfFile() - Unable to open configuration file
"/home/claudio/.smb/smb.conf.append":
No such file or directory

how to pogramming with libsmbclient?
Thank
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Increasing samba performance

2006-02-15 Thread John McCain 
You are definately getting sub-par performance.  The difference between
where you are and where you need to be is not tweaking.  We run Samba right
"out of the box" for a high-speed realtime requirement, and we don't have to
tweak it at all to get 40 or so megabytes/sec out of it with properly
configured servers and gigabit networking.  And we could probably push it
harder if we want to  - we're getting high responsiveness at that level.

I would look at the client side of the problem - try a newer kernel.  We had
performance problems using 2 Linux boxes in past kernels - I don't remember
when it was solved, but it works beautifully now.


On 2/1/06, James Lamanna <[EMAIL PROTECTED]> wrote:
>
> Hi.
>
> Between 2 linux (2.6.11 client and 2.6.14 server) machines connected by
> a 100Mb link I get samba performance copying a file from the client to
> the server through a smbmounted share of around 4.2MB/s
> Is this to be expected? Or can it be improved (and if so, how?) I've
> tried tweaking SO_(SND/RCV)BUF (after reading numerous articles on
> samba performance...), but it doesn't seem to have any effect.
> Unfortunately, I can't use jumbo frames at this moment either.
>
> I've tried this with shares on ReiserFS and XFS and there is no
> difference in the transfer rate.
> Both machines are not even close to maxxed on cpu (both are at around
> 10-15% cpu when the transfer is running).
>
> Thanks.
>
> -- James
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] samba setup in win2k A.D.

2006-02-15 Thread Michael Andrewjeski 
First of all,

The docs you read don't have anything to do with AD.

John Terpstra has written some very good docs and they are available for
your use:

http://us3.samba.org/samba/docs/man/Samba-Guide/


My response isn't intended to be terse rather to let you know you've a
bit more work to do.

I don't know what OS you're running but firstly you'll need to get some
recent Kerberos release
Working, and a ticket created against the AD. 
Once that is done then you'll need to join the AD: net ads join.

It's in Docs, have a read.

After which time if you still need help, then post to this list with
your OS version, Samba version
Kerberos version and smb.conf and someone will help.


HTH

Mike

 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Richard Verdugo
Sent: Wednesday, February 15, 2006 2:46 PM
To: samba@lists.samba.org
Subject: [Samba] samba setup in win2k A.D.

Please help, I'm having this problem at my job and it really needs to
get solved.

I'm trying to setup samba 3.0 to be a member fileserver in my Windows
2000 active directory domain.
I followed the instruction on this website:
http://www.linux-sxs.org/networking/nt4dom_samba.html#win_sysreq
net RPC join  -W   -U  works
wbinfo -t   works
wbinfo -G works
wbinfo -U fails with the error: Error looking up domain users

When I try to access the samba share from a windows network browser
window it fails with the error:
Logon Failure: The target account name is incorrect


Any guidance you can offer will be repayed ten fold, thank you so much.

Rich
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [SOLVED] Re: [Samba] VFS recycle - doesn't work for some users

2006-02-15 Thread Gunther Schlegel 

Patrick,

just came across that problem in my installation. This is a limitation 
in the vfs recycle module that has been addressen in samba 3.0.14a by 
introducing the directory_mode parameter to the recycle module.


Your manual fix ( changing access rights ) does only work because you 
are not using the keeptree feature. See bugzilla 2978 for further 
information.


best regards, Gunther

Patrick DUBAU wrote:

Strange thing : my .corbeille folder had the following rights
  drwx--S---   2 patrick.dubau   INFORMATIQUE   4096 2005-09-29 11:00 
.corbeille
With these rights only patrick.dubau  deleted  files  are put  in  
.corbeille


I changed the rights to drwxrws---   2 patrick.dubau   INFORMATIQUE   
4096 2005-09-29 17:05 .corbeille

and now it works for any one.



Hi,

configured samba to handle the deletded files in the recycle directory.
My problem : for some users the deleted files go into the specified 
directory for other the files are just deleted and no  put  in the 
recycle directory.

Does someone already had this problem ?

My configuration
[info]
path = /samba/info
write list = @informatique
directory mask = 2770
create mask = 0770
browseable = yes

vfs objects = recycle
recycle:repository = .corbeille
recycle:keeptree = no
recycle:versions = yes
recycle:touch = yes
recycle:exclude = ~$*|*.tmp

samba 3.0.14a-3

Thanks for any help




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] hiding dot files and the printer

2006-02-15 Thread Peter 

--- Anthony Messina <[EMAIL PROTECTED]> wrote:

> Peter wrote:
> > Hi.  Running Samba 3.0.20 on Slackware 10.2.
> > 
> > I cannot hide my unix dot files (.bash_history) using the 'hide files'
> or
> > 'veto files' settings:
> > 
> > hide files = /.*/ { or just .* }
> > 
> > Also, how do I get rid of the printer folder in the top level of my
> share?
> > 
> > --
> > Peter
> 
> for the "dot" files...
> how about "hide dot files = yes" in the shares you want them hidden.
> 
> man smb.conf

This doesn't work either.

Observation: output to testparm shows this parameter set to "yes" but it
is in the global section.  The man page shows it to be a share setting
(and that is where I put it - the homes share).






__ 
Find your next car at http://autos.yahoo.ca
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] hiding dot files and the printer

2006-02-15 Thread Peter 

--- Daniel Northam <[EMAIL PROTECTED]> wrote:

> Might try /\.\*/  if this argument takes regular expressions. Your using
> special characters there.
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Peter
> Sent: Wednesday, February 15, 2006 3:03 PM
> To: samba
> Subject: [Samba] hiding dot files and the printer
> 
> Hi.  Running Samba 3.0.20 on Slackware 10.2.
> 
> I cannot hide my unix dot files (.bash_history) using the 'hide files'
> or
> 'veto files' settings:
> 
> hide files = /.*/ { or just .* }
> 
> Also, how do I get rid of the printer folder in the top level of my
> share?


Nope.  It still doesn't work.  Surely someone has encountered this before?






__ 
Find your next car at http://autos.yahoo.ca
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] hiding dot files and the printer

2006-02-15 Thread Anthony Messina 

Peter wrote:

Hi.  Running Samba 3.0.20 on Slackware 10.2.

I cannot hide my unix dot files (.bash_history) using the 'hide files' or
'veto files' settings:

hide files = /.*/ { or just .* }

Also, how do I get rid of the printer folder in the top level of my share?

--
Peter


for the "dot" files...
how about "hide dot files = yes" in the shares you want them hidden.

man smb.conf

--
My Website: http://messinet.com
My Online Gallery: 
http://messinet.com/modules.php?name=Web_Links&l_op=visit&lid=3

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] samba setup in win2k A.D.

2006-02-15 Thread Don Meyer 
Furthermore, have you verified that your time is properly 
synchronized with your AD's DC(s)?


And is your krb5.conf file properly configured on your linux system?

-D


At 04:51 PM 2/15/2006, James Taylor wrote:

Maybe this will help...

Have you verified that all you AD controllers have replicated their info?  I
had similar issues to this back when I was using AD with Microsoft.  You can
force replication to occur but going to sites and services of your AD.  You
should be able to find all the AD replication partners and force a
replication.

James

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Richard Verdugo
Sent: Wednesday, February 15, 2006 2:46 PM
To: samba@lists.samba.org
Subject: [Samba] samba setup in win2k A.D.

Please help, I'm having this problem at my job and it really needs to get
solved.

I'm trying to setup samba 3.0 to be a member fileserver in my Windows 2000
active directory domain.
I followed the instruction on this website:
http://www.linux-sxs.org/networking/nt4dom_samba.html#win_sysreq
net RPC join  -W   -U  works
wbinfo -t   works
wbinfo -G works
wbinfo -U fails with the error: Error looking up domain users

When I try to access the samba share from a windows network browser window
it fails with the error:
Logon Failure: The target account name is incorrect


Any guidance you can offer will be repayed ten fold, thank you so much.

Rich
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


Don Meyer   <[EMAIL PROTECTED]>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services

  "They that can give up essential liberty to obtain a little 
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759 


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] hiding dot files and the printer

2006-02-15 Thread Daniel Northam 
Might try /\.\*/  if this argument takes regular expressions. Your using
special characters there.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Peter
Sent: Wednesday, February 15, 2006 3:03 PM
To: samba
Subject: [Samba] hiding dot files and the printer

Hi.  Running Samba 3.0.20 on Slackware 10.2.

I cannot hide my unix dot files (.bash_history) using the 'hide files'
or
'veto files' settings:

hide files = /.*/ { or just .* }

Also, how do I get rid of the printer folder in the top level of my
share?

--
Peter






__ 
Find your next car at http://autos.yahoo.ca
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] hiding dot files and the printer

2006-02-15 Thread Peter 
Hi.  Running Samba 3.0.20 on Slackware 10.2.

I cannot hide my unix dot files (.bash_history) using the 'hide files' or
'veto files' settings:

hide files = /.*/ { or just .* }

Also, how do I get rid of the printer folder in the top level of my share?

--
Peter






__ 
Find your next car at http://autos.yahoo.ca
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] samba setup in win2k A.D.

2006-02-15 Thread James Taylor 
Maybe this will help...

Have you verified that all you AD controllers have replicated their info?  I
had similar issues to this back when I was using AD with Microsoft.  You can
force replication to occur but going to sites and services of your AD.  You
should be able to find all the AD replication partners and force a
replication.

James

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Richard Verdugo
Sent: Wednesday, February 15, 2006 2:46 PM
To: samba@lists.samba.org
Subject: [Samba] samba setup in win2k A.D.

Please help, I'm having this problem at my job and it really needs to get
solved.

I'm trying to setup samba 3.0 to be a member fileserver in my Windows 2000
active directory domain.
I followed the instruction on this website:
http://www.linux-sxs.org/networking/nt4dom_samba.html#win_sysreq
net RPC join  -W   -U  works
wbinfo -t   works
wbinfo -G works
wbinfo -U fails with the error: Error looking up domain users

When I try to access the samba share from a windows network browser window
it fails with the error:
Logon Failure: The target account name is incorrect


Any guidance you can offer will be repayed ten fold, thank you so much.

Rich
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] samba setup in win2k A.D.

2006-02-15 Thread Richard Verdugo 
Please help, I'm having this problem at my job and it really needs to get
solved.

I'm trying to setup samba 3.0 to be a member fileserver in my Windows 2000
active directory domain.
I followed the instruction on this website:
http://www.linux-sxs.org/networking/nt4dom_samba.html#win_sysreq
net RPC join  -W   -U  works
wbinfo -t   works
wbinfo -G works
wbinfo -U fails with the error: Error looking up domain users

When I try to access the samba share from a windows network browser window
it fails with the error:
Logon Failure: The target account name is incorrect


Any guidance you can offer will be repayed ten fold, thank you so much.

Rich
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba + LDAP Windows Join Domain

2006-02-15 Thread James Taylor 
Hello all,

 

I have been working on this issue for some time and I know I am close to a
solution.  

 

I am currently running samba 3.0.13.  I have set the samba server up as a
NT4 Domain controller and I have also integrated my LDAP configuration with
samba.  When I try to join the samba domain from any Windows 2000 or Windows
XP machine I get the error message "The user could not be found".  My
smbldap-tools scripts are working in the sense that the Machine Add script
is adding the machinename$ domain account.  I have read several different
Samba Windows Join Domain documents and have tried different variations of
my config's to see if I can resolve this issue.

 

I know my Samba LDAP configuration is good as I am able to authenticate to
SMB file shares on the samba server with groups mapped to my LDAP database.
I am also seeing successful LDAP binds as well in the logs.  

 

Any pointers on things I may be able to try would be great.  

 

Configs as follows:

# Global parameters

[global]

workgroup = MYDOMAIN

realm = MYDOMAIN.COM

server string = Samba Server %v

interfaces = 192.168.0.8/16

min password length = 3

map to guest = Bad User

passdb backend = ldapsam:ldap://myldapsvr/

enable privileges = Yes

passwd program = /usr/sbin/smbldap-passwd

username map = /etc/samba/smbusers

client NTLMv2 auth = No

client lanman auth = No

client plaintext auth = No

syslog = 7

log file = /var/log/samba/log.%m

max log size = 10

smb ports = 135 445

min protocol = NT1

time server = Yes

deadtime = 10

socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

add user script = /usr/sbin/smbldap-useradd -m '%u'

delete user script = /usr/sbin/smbldap-userdel '%u'

add group script = /usr/sbin/smbldap-groupadd -p '%g' &&
/usr/sbin/smbldap-groupshow %g|awk '/^gidNumber:/ {print $2}'

delete group script = /usr/sbin/smbldap-groupdel '%g'

add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g'

delete user from group script = /usr/sbin/smbldap-groupmod -x '%u'
'%g'

set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u'

add machine script = /usr/sbin/smbldap-useradd -w -d /dev/null -c
'Machine Account' -s /bin/false '%u'

logon script = logon.bat

logon path =

logon drive = H:

logon home =

domain logons = Yes

os level = 65

preferred master = Yes

domain master = Yes

dns proxy = No

wins support = Yes

ldap admin dn = cn=Manager,dc=mydomain,dc=com

ldap delete dn = Yes

ldap group suffix = ou=Groups

ldap idmap suffix = ou=Users

ldap machine suffix = ou=Computers

ldap passwd sync = Yes

ldap suffix = dc=mydomain,dc=com

ldap ssl = no

ldap user suffix = ou=Users

printer admin = @adm, root

create mask = 0755

directory mask = 0750

hosts allow = 192.168., 127.

nt acl support = No

case sensitive = No

dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd

 

[printers]

comment = All Printers

path = /var/spool/samba

create mask = 0700

guest ok = Yes

printable = Yes

browseable = No

 

[print$]

path = /var/lib/samba/printers

write list = @adm, root

inherit permissions = Yes

guest ok = Yes

 

[admin]

path = /

valid users = @adm, root, jtaylor

admin users = @adm, root, jtaylor

read only = No

browseable = No

 

Thank you all

 

James Taylor

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Craig White 
On Wed, 2006-02-15 at 14:42 -0600, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Don Meyer wrote:
> > At 08:24 AM 2/15/2006, Gerald (Jerry) Carter wrote:
> >> Oliver Schulze L. wrote:
> >> > Hi,
> >> > I use CentOS4 (RHEL4) and it seems that I was using /var/lib/samba
> >> > for storing the .tdb files. Then I compilled the fedora .src.rpm from
> >> > samba.org
> >> > and it points now to /var/cache/samba
> >>
> >> This was a mistake introduced into the RPM specfile during a
> >> recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
> >> pulled from samba.org and a new set of RPMs posted.  The tdb files
> >> should live in /var/lib/samba/
> > 
> > Actually, stock RHEL4 rpms for their 3.0.10-1.4E.2 version use
> > /var/cache/samba/.
> > 
> > Does this change in the packaging reflect a "sea change" towards use of
> > /var/lib/samba/ for the future?(I.E. Can we "expect" future
> > RHEL-distributed packagings to adopt use of /var/lib/samba/ as well?)
> 
> IMO.  They should have always been in /var/lib/samba/.
> I can't guess what RedHat would do, but SuSE and most other
> distros I can think of use /var/lib/samba/.  You could
> probably check the stock Fedora RPMs and see what they use.  IIRC
> they are using /var/lib/samba/ as well.

if this helps...

# ls -l /var/cache/samba/
total 72
-rw---  1 root root  8192 Jun  8  2004 gencache.tdb
-rw---  1 root root   696 Feb 14  2005 messages.tdb
-rw---  1 root root   696 Feb 14  2005 netsamlogon_cache.tdb
-rw---  1 root root 20172 Feb 14  2005 winbindd_cache.tdb
-rw-r--r--  1 root root  8192 Feb 14  2005 winbindd_idmap.tdb
drwxr-x---  2 root root  4096 May  2  2005 winbindd_privileged

# uname -a
Linux lin-workstation.azapple.com 2.6.15-1.1830_FC4 #1 Thu Feb 2
17:23:41 EST 2006 i686 athlon i386 GNU/Linux

# cat /etc/redhat-release
Fedora Core release 4 (Stentz)

Craig

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] configure can't find ldap_initialize on HP-UX 11i

2006-02-15 Thread Michael Langas 
I'm basically using the instructions found in the HP-UX readme with the
exception that I am trying to use the version of openldap that is in
iexpress instead of the one from hpux.cs.utah.edu.

 

The recommendations listed in the doc are:

 

HP-UX 11.00 and 11.11:
OpenLdap 2.1.3  (http://hpux.cs.utah.edu)
OpenSSL  0.9.7d (http://hpux.cs.utah.edu)
 
  HP-UX 11.23 only:
ixOpenLdapA.04.00-2.2.15.003  (http://software.hp.com
 )
 
 
I would prefer to use ixOpenLdap from HP if possible.  The errors I get
from configure are:
 
configure:32100: checking for ldap_initialize
configure:32157: gcc -o conftest -O -DWITH_SYSLOG
-DGUEST_ACCOUNT=\"smbnull\" -D
_SAMBA_BUILD_ -I/opt/iexpress/openldap/include -D_HPUX_SOURCE
-D_POSIX_SOURCE -D
_LARGEFILE64_SOURCE -D_ALIGNMENT_REQUIRED=1 -D_MAX_ALIGNMENT=4
-DMAX_POSITIVE_LO
CK_OFFSET=0x1ffLL -DLDAP_DEPRECATED -L/opt/iexpress/openldap/lib
conftes
t.c -lldap  -lsec -lnsl  >&5
ld: Unsatisfied symbol "ldap_initialize" in file /var/tmp//ccAi63yk.o
1 errors.
collect2: ld returned 1 exit status
configure:32163: $? = 1
configure: failed program was:
| /* confdefs.h.  */
 
As you can see, the include file location is correct, and
ldap_initialize is found in ldap.h so I'm not sure what is causing the
unsatisfied symbol error.
 
Any suggestions?
 
Thanks,
 
ML

 

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Don Meyer wrote:
> At 08:24 AM 2/15/2006, Gerald (Jerry) Carter wrote:
>> Oliver Schulze L. wrote:
>> > Hi,
>> > I use CentOS4 (RHEL4) and it seems that I was using /var/lib/samba
>> > for storing the .tdb files. Then I compilled the fedora .src.rpm from
>> > samba.org
>> > and it points now to /var/cache/samba
>>
>> This was a mistake introduced into the RPM specfile during a
>> recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
>> pulled from samba.org and a new set of RPMs posted.  The tdb files
>> should live in /var/lib/samba/
> 
> Actually, stock RHEL4 rpms for their 3.0.10-1.4E.2 version use
> /var/cache/samba/.
> 
> Does this change in the packaging reflect a "sea change" towards use of
> /var/lib/samba/ for the future?(I.E. Can we "expect" future
> RHEL-distributed packagings to adopt use of /var/lib/samba/ as well?)

IMO.  They should have always been in /var/lib/samba/.
I can't guess what RedHat would do, but SuSE and most other
distros I can think of use /var/lib/samba/.  You could
probably check the stock Fedora RPMs and see what they use.  IIRC
they are using /var/lib/samba/ as well.





cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD85I0IR7qMdg1EfYRAi8hAJ9A3mI+Ti+pj9RWBgrkLoYlbfwRFwCgnVk/
2WhY5+z930dQTD6plNfKlIA=
=tMO0
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread James Kosin 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Gavin Simpson wrote:
>> Thanks for the help. I just removed the file and tried a restart. Same
>> problem as before and same messages in smbd.log. No secrets.tdb created.
>> I changed write permissions on this directory temporarily to make it
>> world writable and tried again - with the same results.
> 
>> I'm basically only using samba for the print serving, so I'm not worried
>> about the SID.
> 
>> Any other suggestions I can try?

Try running testparm, it could just be a mis-configured system.

Check the logs also in /var/log/samba and /var/log/messages to see if
you get any light at the end of the tunnel clues.

James

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD845vjNkgON6wBZARApaWAKCF7EtDDyJdC22cMMppvfNdAzEXJACfcTd0
dCmiyM2ut9vrfD7vzL6aw3o=
=w+13
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] SAMBA Home Directories with AD authentication

2006-02-15 Thread Matt Smith 
that would work, but then the home directories would be valid only to
users specified , i'd basically have to create a seperate samba share
for each user then.

basically what i'm hoping for is something along the lines of

valid users = %ActiveDirectoryUsername





On 2/15/06, Daniel Northam <[EMAIL PROTECTED]> wrote:
> Try specifying the users such as :
>
> Valid users = jondoe
>
> Or to specify a group use,
>
> Valid users = @"Domain Admins"
>
> Comma separated values,
>
> Valid users = jondoe,janedoe,@"Domain Admins",@"XP_Power_Users"
>
> Documentation is at:
> http://www.oreilly.com/catalog/samba/chapter/book/ch06_01.html
>
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of Matt Smith
> Sent: Wednesday, February 15, 2006 12:05 PM
> To: samba@lists.samba.org
> Subject: [Samba] SAMBA Home Directories with AD authentication
>
> Ok, question ...
>
>
> I have a linux box running samba with AD authentication and its all
> working fine, home directories get created the first time a user logs
> into the box etc.
>
> But ...
>
> I can't get the valid users =   to work with domain authentication
> using %S %U or whichever
>
> what I have to do is manually chmod g-rx  and then it restricts it so
> only the owner can access it, but I was hoping I could get samba to
> recognize this on its own.
>
> Any Ideas?
>
> Thanks
>
> M.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] SAMBA Home Directories with AD authentication

2006-02-15 Thread Daniel Northam 
Try specifying the users such as :

Valid users = jondoe

Or to specify a group use,

Valid users = @"Domain Admins"

Comma separated values,

Valid users = jondoe,janedoe,@"Domain Admins",@"XP_Power_Users"

Documentation is at:
http://www.oreilly.com/catalog/samba/chapter/book/ch06_01.html



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Matt Smith
Sent: Wednesday, February 15, 2006 12:05 PM
To: samba@lists.samba.org
Subject: [Samba] SAMBA Home Directories with AD authentication

Ok, question ...


I have a linux box running samba with AD authentication and its all
working fine, home directories get created the first time a user logs
into the box etc.

But ...

I can't get the valid users =   to work with domain authentication
using %S %U or whichever

what I have to do is manually chmod g-rx  and then it restricts it so
only the owner can access it, but I was hoping I could get samba to
recognize this on its own.

Any Ideas?

Thanks

M.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] SAMBA Home Directories with AD authentication

2006-02-15 Thread Matt Smith 
Ok, question ...


I have a linux box running samba with AD authentication and its all
working fine, home directories get created the first time a user logs
into the box etc.

But ...

I can't get the valid users =   to work with domain authentication
using %S %U or whichever

what I have to do is manually chmod g-rx  and then it restricts it so
only the owner can access it, but I was hoping I could get samba to
recognize this on its own.

Any Ideas?

Thanks

M.
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Don Meyer 

At 08:24 AM 2/15/2006, Gerald (Jerry) Carter wrote:

Oliver Schulze L. wrote:
> Hi,
> I use CentOS4 (RHEL4) and it seems that I was using /var/lib/samba
> for storing the .tdb files. Then I compilled the fedora .src.rpm from
> samba.org
> and it points now to /var/cache/samba

This was a mistake introduced into the RPM specfile during a
recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
pulled from samba.org and a new set of RPMs posted.  The tdb files
should live in /var/lib/samba/


Actually, stock RHEL4 rpms for their 3.0.10-1.4E.2 version use 
/var/cache/samba/.


Does this change in the packaging reflect a "sea change" towards use 
of /var/lib/samba/ for the future?(I.E. Can we "expect" future 
RHEL-distributed packagings to adopt use of /var/lib/samba/ as well?)


-D


Don Meyer   <[EMAIL PROTECTED]>
Network Manager, ACES Academic Computing Facility
Technical System Manager, ACES TeleNet System
UIUC College of ACES, Information Technology and Communication Services

  "They that can give up essential liberty to obtain a little 
temporary safety,
deserve neither liberty or safety." -- Benjamin Franklin, 1759 


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread Gavin Simpson 
On Wed, 2006-02-15 at 13:06 -0600, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Gavin Simpson wrote:
> 
> >> Thanks for your reply. I noted that in the log, so tried to copy across
> >> the secrets.tbd file from the previous installation. Once I got it there
> >> I restarted smb but I get the same error message.
> > 
> >> These are the contents of /etc/samba:
> > 
> >> # ls -l /etc/samba
> >> total 24
> >> -rw---  1 root root 8192 Aug 30 15:15 secrets.tdb
> >> -rw-r--r--  1 root root0 Feb 15 15:30 smb.conf
> >> -rw-r--r--  1 root root   97 May  2  2005 smbusers
> > 
> >> Are the permissions correct? I used rsync to back these things up and
> >> the rsync arguments I used should have preserved them.
> > 
> >> How do I go about getting the secrets.tdb file back then. Is this
> >> distributed with Samba, or can I create an empty file of this name?
> 
> if you remove the file, smbd should just create a new on
> on startup.  Of course this will also generate a new MACHINE/Domain
> SID which could be a problem if this is a domain controller.

Hi Jerry,

Thanks for the help. I just removed the file and tried a restart. Same
problem as before and same messages in smbd.log. No secrets.tdb created.
I changed write permissions on this directory temporarily to make it
world writable and tried again - with the same results.

I'm basically only using samba for the print serving, so I'm not worried
about the SID.

Any other suggestions I can try?

All the best,

Gav

> 
> 
> 
> 
> cheers, jerry
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFD83ubIR7qMdg1EfYRAuzHAJ47Ou5ZvuSCbJukrQhwB/XZMS/mMACfWDr5
> SUaaXyrW5NBHnbp7JA+gSnE=
> =Md2q
> -END PGP SIGNATURE-
-- 
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%
Gavin Simpson [T] +44 (0)20 7679 5522
ENSIS Research Fellow [F] +44 (0)20 7679 7565
ENSIS Ltd. & ECRC [E] gavin.simpsonATNOSPAMucl.ac.uk
UCL Department of Geography   [W] http://www.ucl.ac.uk/~ucfagls/cv/
26 Bedford Way[W] http://www.ucl.ac.uk/~ucfagls/
London.  WC1H 0AP.
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Gavin Simpson wrote:

>> Thanks for your reply. I noted that in the log, so tried to copy across
>> the secrets.tbd file from the previous installation. Once I got it there
>> I restarted smb but I get the same error message.
> 
>> These are the contents of /etc/samba:
> 
>> # ls -l /etc/samba
>> total 24
>> -rw---  1 root root 8192 Aug 30 15:15 secrets.tdb
>> -rw-r--r--  1 root root0 Feb 15 15:30 smb.conf
>> -rw-r--r--  1 root root   97 May  2  2005 smbusers
> 
>> Are the permissions correct? I used rsync to back these things up and
>> the rsync arguments I used should have preserved them.
> 
>> How do I go about getting the secrets.tdb file back then. Is this
>> distributed with Samba, or can I create an empty file of this name?

if you remove the file, smbd should just create a new on
on startup.  Of course this will also generate a new MACHINE/Domain
SID which could be a problem if this is a domain controller.





cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD83ubIR7qMdg1EfYRAuzHAJ47Ou5ZvuSCbJukrQhwB/XZMS/mMACfWDr5
SUaaXyrW5NBHnbp7JA+gSnE=
=Md2q
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] winbind and pam and ssh that's pam enabled

2006-02-15 Thread David Shapiro 
Okay,
 
winbind works and I can su - DOMAIN+user now.  When I try to log in
with ssh (pam enabled), however,  I see in the log it accepts my
password, but then the session closes.  My pam.conf has;
 
su  authsufficient 
/usr/lib/security/pam_winbind.so
login   authsufficient 
/usr/lib/security/pam_winbind.so debug
sshdauthsufficient 
/usr/lib/security/pam_winbind.so debug
OTHER   authrequired/usr/lib/security/pam_aix
 
su  account sufficient 
/usr/lib/security/pam_winbind.so
login   account sufficient 
/usr/lib/security/pam_winbind.so debug
sshdaccount sufficient 
/usr/lib/security/pam_winbind.so debug
OTHER   account required/usr/lib/security/pam_aix
 
su  passwordsufficient 
/usr/lib/security/pam_winbind.so
login   passwordsufficient 
/usr/lib/security/pam_winbind.so debug
sshdpasswordsufficient 
/usr/lib/security/pam_winbind.so debug
OTHER   passwordrequired/usr/lib/security/pam_aix
 
sshdsession sufficient  /usr/lib/security/pam_aix
debug
OTHER   session required/usr/lib/security/pam_aix

 
I read that winbind is providing just auth, ccount, and password
capabilities, so I guess pam_aix is what is dropping the session.  Do I
need to do some voodoo to get from auth, account, password to session? 
My /usr/lib/security/methods.cfg file has:
 
NIS:
program = /usr/lib/security/NIS
program_64 = /usr/lib/security/NIS_64
 
DCE:
program = /usr/lib/security/DCE
 
NISPLUS:
program = /usr/lib/security/NISPLUS
 
KRB5:
program = /usr/lib/security/KRB5
 
KRB5A:
program = /usr/lib/security/KRB5A
 
WINBIND:
program = /usr/lib/security/WINBIND

 
 
 
 
 
David Shapiro
Unix Team Lead
919-765-2011
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread Gavin Simpson 
On Wed, 2006-02-15 at 12:43 -0600, Gerald (Jerry) Carter wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> Gavin Simpson wrote:
> 
> >   Failed to open /etc/samba/secrets.tdb
> > [2006/02/15 15:47:21, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176)
> >   pdb_generate_sam_sid: Failed to store generated machine SID.
> > [2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1517)
> >   PANIC: Could not generate a machine SID
> > 
> > [2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1525)
> >   BACKTRACE: 7 stack frames:
> >#0 smbd(smb_panic2+0x8a) [0x31c07c]
> >#1 smbd(smb_panic+0x19) [0x31c2c2]
> >#2 smbd(get_global_sam_sid+0x2bc) [0x2d484c]
> >#3 smbd(init_guest_info+0x65) [0x3626be]
> >#4 smbd(main+0x2a7) [0x39dfb3]
> >#5 /lib/libc.so.6(__libc_start_main+0xdf) [0x6a5d5f]
> >#6 smbd [0x19c4f1]
> 
> Either /etc/samba/secrets.tdb does not exist and you don't have the
> permission to create it or else possible /etc/samba/ itself does
> not exist.

Hi Jerry, 

Thanks for your reply. I noted that in the log, so tried to copy across
the secrets.tbd file from the previous installation. Once I got it there
I restarted smb but I get the same error message.

These are the contents of /etc/samba:

# ls -l /etc/samba
total 24
-rw---  1 root root 8192 Aug 30 15:15 secrets.tdb
-rw-r--r--  1 root root0 Feb 15 15:30 smb.conf
-rw-r--r--  1 root root   97 May  2  2005 smbusers

Are the permissions correct? I used rsync to back these things up and
the rsync arguments I used should have preserved them.

How do I go about getting the secrets.tdb file back then. Is this
distributed with Samba, or can I create an empty file of this name?

Thanks in advance

G

> 
> 
> 
> 
> cheers, jerry
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFD83ZkIR7qMdg1EfYRAlDoAJ9jfvB+y77TC21wYu/1xPPIH0MFvACgjq7E
> p9/gVWRzoZHAUISZdK5NN9Q=
> =Ef2M
> -END PGP SIGNATURE-
-- 
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%
Gavin Simpson [T] +44 (0)20 7679 5522
ENSIS Research Fellow [F] +44 (0)20 7679 7565
ENSIS Ltd. & ECRC [E] gavin.simpsonATNOSPAMucl.ac.uk
UCL Department of Geography   [W] http://www.ucl.ac.uk/~ucfagls/cv/
26 Bedford Way[W] http://www.ucl.ac.uk/~ucfagls/
London.  WC1H 0AP.
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Gavin Simpson wrote:

>   Failed to open /etc/samba/secrets.tdb
> [2006/02/15 15:47:21, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176)
>   pdb_generate_sam_sid: Failed to store generated machine SID.
> [2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1517)
>   PANIC: Could not generate a machine SID
> 
> [2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1525)
>   BACKTRACE: 7 stack frames:
>#0 smbd(smb_panic2+0x8a) [0x31c07c]
>#1 smbd(smb_panic+0x19) [0x31c2c2]
>#2 smbd(get_global_sam_sid+0x2bc) [0x2d484c]
>#3 smbd(init_guest_info+0x65) [0x3626be]
>#4 smbd(main+0x2a7) [0x39dfb3]
>#5 /lib/libc.so.6(__libc_start_main+0xdf) [0x6a5d5f]
>#6 smbd [0x19c4f1]

Either /etc/samba/secrets.tdb does not exist and you don't have the
permission to create it or else possible /etc/samba/ itself does
not exist.




cheers, jerry


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD83ZkIR7qMdg1EfYRAlDoAJ9jfvB+y77TC21wYu/1xPPIH0MFvACgjq7E
p9/gVWRzoZHAUISZdK5NN9Q=
=Ef2M
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Oliver Schulze L. wrote:
> Gerald (Jerry) Carter wrote:
>> This was a mistake introduced into the RPM specfile during a
>> recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
>> pulled from samba.org and a new set of RPMs posted.  The tdb files
>> should live in /var/lib/samba/
>>   
> Thanks for the explanation Jerry,
> I noted that 3.0.21b-3 src.rpm for fedora is out, will compile it in
> RHEL4(CentOS4) and test it.
> 
> BTW, the rpms for RHEL4 from http://ftp.sernet.de/pub/samba/rhel/rhel4/
> have
> more pakages and different names that the .rpm shipped in RHEL4.
> For example, the packages are called samba3-* and in RHEL4 are called
> samba-*
> Also, packages libsmbclient and libsmbclient-devel does not exits in RHEL4,
> so, upgrading is not straightforward.

Those packages are specifically handled by SerNet.  So you would
need to discuss any concerns or questions with them.






cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD83XBIR7qMdg1EfYRAjwQAKDbyVzVNXIOtdbRO7Yl1p3b4+m4PgCgupEE
lFLIFPxMc+mzHKWSNb9I+4I=
=wozF
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Oliver Schulze L. 

Gerald (Jerry) Carter wrote:

This was a mistake introduced into the RPM specfile during a
recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
pulled from samba.org and a new set of RPMs posted.  The tdb files
should live in /var/lib/samba/
  

Thanks for the explanation Jerry,
I noted that 3.0.21b-3 src.rpm for fedora is out, will compile it in
RHEL4(CentOS4) and test it.

BTW, the rpms for RHEL4 from http://ftp.sernet.de/pub/samba/rhel/rhel4/ have
more pakages and different names that the .rpm shipped in RHEL4.
For example, the packages are called samba3-* and in RHEL4 are called 
samba-*

Also, packages libsmbclient and libsmbclient-devel does not exits in RHEL4,
so, upgrading is not straightforward.

Regards,
Oliver

--
Oliver Schulze L.
<[EMAIL PROTECTED]>

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Winbind/Samba Setup on RHEL 4

2006-02-15 Thread Tim Evans 
I've been through Samba 3 HOWTO and the RedHat Knowledge Base, and can't quite
get everything going with winbind and Samba.  Redhat is RHEL Version 3, update
2 (Version 3.0.9-1.3E.5, per RPM); Domain controller is running in  "Mixed" 
mode.

First, the setup:

>From smb.conf:

workgroup = JJS-SDM
netbios name = geneva
server string = geneva
security = domain
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
winbind separator = +
idmap uid = 15000-2
idmap gid = 15000-2
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = no
template homedir = /home/winnt/%D/%U
template shell = /bin/bash

>From nsswitch.conf:

passwd: files winbind
group:  files winbind

Domain join (via net rpc join...) succeeded.

[EMAIL PROTECTED] samba]#  net rpc info
Domain Name: JJS-SDM
Domain SID: S-1-5-21-116647-260255602-710412178
Sequence number: 13801
Num users: 150
Num domain groups: 0
Num local groups: 12

[EMAIL PROTECTED] samba]# wbinfo -g
BUILTIN#System Operators
BUILTIN#Replicators
BUILTIN#Guests
BUILTIN#Power Users
BUILTIN#Print Operators
BUILTIN#Administrators
BUILTIN#Account Operators
BUILTIN#Backup Operators
BUILTIN#Users

[EMAIL PROTECTED] samba]# wbinfo -u
Error looking up domain users   <--no domain users

[EMAIL PROTECTED] samba]# getent group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
... rest of UNIX groups...
BUILTIN#System Operators:x:10012:
BUILTIN#Replicators:x:10013:
BUILTIN#Guests:x:10014:
BUILTIN#Power Users:x:10015:
BUILTIN#Print Operators:x:10016:
BUILTIN#Administrators:x:10017:
BUILTIN#Account Operators:x:10018:
BUILTIN#Backup Operators:x:10019:
BUILTIN#Users:x:10020:

[EMAIL PROTECTED] samba]# getent passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
... rest of UNIX users ...
[ No domain users ]

[EMAIL PROTECTED] samba]# tail winbindd.log

[2006/02/14 19:55:23, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
spnego_gen_negTokenTarg failed: No credentials cache found
[2006/02/14 19:55:23, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain JJS-SDM failed: Cannot read password

Where to look for what I've missed?  Thanks.

--
Tim Evans, TKEvans.com, Inc.|5 Chestnut Court
[EMAIL PROTECTED] |Owings Mills, MD 21117
http://www.tkevans.com/ |443-394-3864
http://www.come-here.com/News/  |

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ldap

2006-02-15 Thread Márcio Luciano Donada 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


Staff, question of two last days I had my configured PDC twirling with
the LDAP and now I do not obtain more to add schemes to my domain,
verifying logs I arrive below at the errors, somebody can give an aid
to me?


 Samba server PDC-SRV is now a domain master browser for workgroup
AURORA on subnet UNICAST_SUBNET

  *
[2006/02/15 16:09:25, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(282)
  become_domain_master_browser_bcast:
  Attempting to become domain master browser on workgroup AURORA on
subnet 121.1.16.245
[2006/02/15 16:09:25, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_browser_bcast(295)
  become_domain_master_browser_bcast: querying subnet 121.1.16.245 for
domain master browser on workgroup AURORA
[2006/02/15 16:09:25, 0]
nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 121.1.16.69 rejected our name
registration of AURORA<00> IP 121.1.16.245 with error code 6.
[2006/02/15 16:09:25, 0] nmbd/nmbd_workgroupdb.c:fail_register(228)
  fail_register: Failed to register name AURORA<00> on subnet
121.1.16.245.
[2006/02/15 16:09:25, 0]
nmbd/nmbd_namelistdb.c:standard_fail_register(283)
  standard_fail_register: Failed to register/refresh name AURORA<00>
on subnet 121.1.16.245
[2006/02/15 16:09:25, 0]
nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 121.1.16.69 rejected our name
registration of AURORA<1e> IP 121.1.16.245 with error code 6.
[2006/02/15 16:09:25, 0] nmbd/nmbd_workgroupdb.c:fail_register(228)
  fail_register: Failed to register name AURORA<1e> on subnet
121.1.16.245.
[2006/02/15 16:09:25, 0]
nmbd/nmbd_namelistdb.c:standard_fail_register(283)
  standard_fail_register: Failed to register/refresh name AURORA<1e>
on subnet 121.1.16.245
[2006/02/15 16:09:25, 0]
nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 121.1.16.69 rejected our name
registration of AURORA<1c> IP 121.1.16.245 with error code 6.
[2006/02/15 16:09:25, 0]
nmbd/nmbd_logonnames.c:become_logon_server_fail(65)
  become_logon_server_fail: Failed to become a domain master for
workgroup AURORA on subnet 121.1.16.245. Couldn't register name
AURORA<1c>.
[2006/02/15 16:09:25, 0]
nmbd/nmbd_namelistdb.c:standard_fail_register(283)
  standard_fail_register: Failed to register/refresh name AURORA<1c>
on subnet 121.1.16.245
[2006/02/15 16:09:29, 0]
nmbd/nmbd_nameregister.c:register_name_response(130)
  register_name_response: server at IP 121.1.16.69 rejected our name
registration of AURORA<1b> IP 121.1.16.245 with error code 6.
[2006/02/15 16:09:29, 0]
nmbd/nmbd_become_dmb.c:become_domain_master_fail(70)
  become_domain_master_fail: Failed to become a domain master browser
for workgroup AURORA on subnet 121.1.16.245. Couldn't register name
AURORA<1b>.
[2006/02/15 16:09:29, 0]
nmbd/nmbd_namelistdb.c:standard_fail_register(283)
  standard_fail_register: Failed to register/refresh name AURORA<1b>
on subnet 121.1.16.245


thank's

- --
Atenciosamente,
Márcio Luciano Donada
T.I. Aurora Alimentos - Chapecó(SC)
Cooperativa Central Oeste Catarinense
mdonada at auroraalimentos dot com dot br
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFD828tyJq2hZEymxcRAlA/AJ47xuLT9XETFejI5cXUA4l4YVLrxQCbBobC
2WC78z+aSrB7GvxyfUHMHBc=
=hWMo
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] ADS and RPC

2006-02-15 Thread Trimble, Ronald D 
I have the same exact problem as Mike, so if anyone has a solution, I
too could use the help.  

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Collins, Mike
Sent: Wednesday, February 15, 2006 12:31 PM
To: samba@lists.samba.org
Subject: [Samba] ADS and RPC

I have a problem that recently appeared with ADS authentication.
I have a samba server that is an AD member on our domain, ourdomain.edu.
We are under a domain that is an empty root, call it 'theirdomain.net'.
Also under this root is another domain, call it 'theirdomain.edu.  I
have found that RPC access has been disabled on the DC's in
theirdomain.edu and my samba server can no longer authenticate users on
theirdomain.edu.  Is there some workaround for this?

Samba version 3.0.14a

-- 
Mike Collins
Sr. Programmer/Analyst
TTUHSC Information Technology
806-743-2870 ext. 271

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ADS and RPC

2006-02-15 Thread Collins, Mike 
I have a problem that recently appeared with ADS authentication.
I have a samba server that is an AD member on our domain, ourdomain.edu.
We are under a domain that is an empty root, call it 'theirdomain.net'.
Also under this root is another domain, call it 'theirdomain.edu.  I
have found that RPC access has been disabled on the DC's in
theirdomain.edu and my samba server can no longer authenticate users on
theirdomain.edu.  Is there some workaround for this?

Samba version 3.0.14a

-- 
Mike Collins
Sr. Programmer/Analyst
TTUHSC Information Technology
806-743-2870 ext. 271

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] net share add command

2006-02-15 Thread Tucker Cunningham 

howdy all -
  I have been experimenting with the net command to do some remote 
windows administration.  i have been successfully adding users, but i 
was wondering if anybody could explain what [targets] signifies in the line:


[RAP|RPC] SHARE ADD name=serverpath [-C comment] [-M maxusers] [targets]

from the net(8) manpage.  thanks for your help.

-tucker

--
Tucker Cunningham
Integration Appliance Inc.
email: [EMAIL PROTECTED]
cell: 650.387.5980

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

RE: [Samba] RE: Print Migrator help needed...

2006-02-15 Thread Aarti Varshney \(asadhnan\) 
Thanks Jerry, after I applied this patch I can now migrate print queues
successfully.
But I am still having trouble migrating drivers. In the log file I am
seeing this error message:

2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file UNIDRV.DLL is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file HPLJ5MP.GPD is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file UNIDRVUI.DLL is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file UNIDRV.HLP is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file PCL5ERES.DLL is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file TTFSUB.GPD is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file UNIRES.DLL is
missing from the CAB
2006:02:15 12:17:57   Driver "HP LaserJet 5MP": the file STDNAMES.GPD is
missing from the CAB
2006:02:15 12:17:58   Bad version 3 driver: HP LaserJet 5MP
2006:02:15 12:17:58winerror.h - 2

Any idea how to fix this.
Thanks,
Aarti.

-Original Message-
From: Gerald (Jerry) Carter [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 08, 2006 10:07 AM
To: Geoffrey Scott
Cc: samba@lists.samba.org; Aarti Varshney (asadhnan)
Subject: Re: [Samba] RE: Print Migrator help needed...

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Gerald (Jerry) Carter wrote:
> Gerald (Jerry) Carter wrote:
>>> Geoffrey Scott wrote:
>>>
> On a debian Sarge box this is what I get in the log for the 
> machine connected from after using the mmc plugin:
>
> sh: line 1: /usr/lib/samba/svcctl/NETLOGON: No such file or 
> directory
> sh: line 1: /usr/lib/samba/svcctl/Spooler: No such file or 
> directory
> sh: line 1: /usr/lib/samba/svcctl/Spooler: No such file or 
> directory
>>>
>>> I can't reproduce this failure anymore.  I have you log files but I 
>>> need your smb.conf.
> 
> Ahhhok.  Apparently, there's a bug when you don't list any 
> external services in smb.conf.  Patch forthcoming.

And here's the patch.  Some older code that didn't get removed during
the latest rewrite.





cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD6gkNIR7qMdg1EfYRAvAnAJ9KVqfkhTioqy6qu1zDe3bf4SSiRACguib5
kEHh8BfbiPq4Xem8RPmPr3M=
=HsN2
-END PGP SIGNATURE-
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba with ADS

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Chris wrote:

>>> Feb  3 13:27:06 firewall winbindd[29307]:   request_len_recv: Invalid
>>> request size received: 1824

Make sure to always install the matching version of libnss_winbind.so
with the version of winbindd that is running.








cheers, jerry
=
I live in a Reply-to-All world.   ---
Samba--- http://www.samba.org
Centeris ---  http://www.centeris.com

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD8znBIR7qMdg1EfYRAq0IAJ4mQ+sLpm9fdaqnnklOnkxObfsrKgCfbqj9
FY8Mn/1jMpC+h4XM0clg2Ug=
=2m3X
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba rpm and /var/*/samba directory for .tdb files

2006-02-15 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Oliver Schulze L. wrote:
> Hi,
> I use CentOS4 (RHEL4) and it seems that I was using /var/lib/samba
> for storing the .tdb files. Then I compilled the fedora .src.rpm from
> samba.org
> and it points now to /var/cache/samba
> 
> I will build tonight the .rpm from the .tar.gz and see which directory
> samba
> choose for the .tdb files in CentOS4.
> 
> Anyone can confirm this list of distro/.tdb directory:
> Fedora: /var/cache/samba
> CentOS4: /var/lib/samba
> RH9: /var/lib/samba

This was a mistake introduced into the RPM specfile during a
recent set of merges.  When it was realized, the 3.0.21b-1 rpm was
pulled from samba.org and a new set of RPMs posted.  The tdb files
should live in /var/lib/samba/






cheers, jerry
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD8zmdIR7qMdg1EfYRAqCJAKDubh6E9futdVB4de1NpNbsdwVMaACfVHxq
UZcmgIqx9gAvNnVtI2Vqn6w=
=Cb8+
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Smbpasswd -m -x not working, "object class violation" error

2006-02-15 Thread Daniel Wilson 
What object class is the displayName in and does the user account have 
that object class ? Im sure you need to have the object class before you 
can add/remove the attribute assigned to the object classs.


Attributes belong to and are grouped in objectclasses.

Regards

Daniel Wilson
Systems Manager
Student and Learning Support
University of Sunderland
Tel: 0191 515 2695



Andrés Yacopino wrote:


Thanks for replying Daniel, i execute :grep -il displayName *.ldif

and i obtain:

00core.ldif
50ns-admin.ldif
50ns-iabs.ldif
99samba-schema-netscapeds5.x.ldif
99user.ldif

And also see the configuration in the console and i see:

Standard Attribute(Read Only):

Name: displayName
OID: 2.16.840.1.113730.3.1.241
Syntax: DirectoryString
Multivalued: not checked

Do you know what is wrong with this?
Thanks a lot,
Andrés.

2006/2/14, Daniel Wilson <[EMAIL PROTECTED] 
>:


Im sure this means that its trying to delete the displayName attribute
which is more than likely not in your LDAP schema.

Look in "/slapd-/config/schema/" directory for
your schema

To see if "displayName" is part of any object classes in your LDAP
schema search the schema files:

bash# grep -il displayName
/slapd-/config/schema/*.ldif

If its not part of your schema you may want to add this attribute to
your 99user.ldif schema file or add the attribute via the Sun LDAP
console (recommended):

bash # /startconsole &
Server Group > Directory  Server (Open) > Configuration > Schema >
Attributes > Create

-or-

you may want to just disable schema checking in your LDAP server :

bash # /startconsole &
Server Group > Directory  Server (Open) > Configuration > Schema
(Disable)

Regards

Daniel Wilson
Systems Manager
Student and Learning Support
University of Sunderland
Tel: 0191 515 2695



Andrés Yacopino wrote:

> Daniel, check the log as you said and i hit this:
>
> [14/Feb/2006:14:19:10 +0300] - ERROR<5897> - Schema  - conn=-1 op=-1
> msgId=-1 -
> User error:  Entry "uid=aprueba$,ou=computers,o= acasalud.com.ar

> ,dc=acasalud,dc=c
> om,dc=ar", attribute "displayName" is not allowed
>
> What does it means?
>
> Thanks,
> Andrés.
>
>
>
> 2006/2/14, Daniel Wilson < [EMAIL PROTECTED]

> >>:
>
> Have you checkes the Sun LDAP errors.log file for the
specific object
> class violation? Usually at
> /slapd-/logs/errors.log
>
> Daniel Wilson
> Systems Manager
> Student and Learning Support
> University of Sunderland
> Tel: 0191 515 2695
>
>
>
> Andrés Yacopino wrote:
>
> >I have deployed a samba server with Sun Java Ldap Directory.
> >
> >I sucessfully create users and deleted them when ldap delete
> dn=yes in
> >smb.conf, but when ldap delete dn=no i obtain this error when i
> issue a
> >smbpasswd -m -x command:
> >
> >ldapsam_delete_entry: Could not delete attributes for
> >uid=aprueba$,ou=computers,
> >o= acasalud.com.ar 
> ,dc=acasalud,dc=com,dc=ar, error:
Object
> class violation ()
> >Failed to delete entry for user aprueba$.
> >Failed to modify password entry for user aprueba$
> >
> >My smb.conf is:
> >
> >[global]
> >
> >   workgroup = ACASALUDROS
> >   server string = Sun Samba Server
> >   security = user
> >   dos filetimes = yes
> >   time offset = -360
> >   load printers = yes
> >   printcap name = /etc/printcap
> >   printing = cups
> >   guest account = guest
> >   log file = /usr/local/samba/var/log.%m
> >   log level = 5
> >   max log size = 50
> >   null passwords = yes
> >   encrypt passwords = yes
> >   ldap password sync = yes
> >   unix password sync = yes
> >   username level = 2
> >   password level = 0
> >   passwd program = /usr/bin/passwd %u
> >   passwd chat = *New* password* %n\n *new* password* %n\n
> *successfully*
> >idmap backend = ldapsam:ldap://localhost:389
> >passdb backend = ldapsam:ldap://localhost:389
> >ldap admin dn = cn=Directory Manager
> >ldap suffix = o= acasalud.com.ar

> ,dc=acasalud,dc=com,dc=ar
> >ldap user suffix = ou=people
> >ldap group suffix = ou=groups
> >ldap machine suffix = ou=computers
> >ldap idmap suffix = ou=id

Re: [Samba] Increasing samba performance

2006-02-15 Thread Gerald Drouillard 

James Lamanna wrote:

Hi.

Between 2 linux (2.6.11 client and 2.6.14 server) machines connected by
a 100Mb link I get samba performance copying a file from the client to
the server through a smbmounted share of around 4.2MB/s
Is this to be expected? Or can it be improved (and if so, how?) I've
tried tweaking SO_(SND/RCV)BUF (after reading numerous articles on
samba performance...), but it doesn't seem to have any effect.
Unfortunately, I can't use jumbo frames at this moment either.

I've tried this with shares on ReiserFS and XFS and there is no
difference in the transfer rate.
Both machines are not even close to maxxed on cpu (both are at around
10-15% cpu when the transfer is running).

Thanks.

-- James

Have a look at:
http://www.drouillard.ca/Tips&Tricks/Samba/Oplocks.htm

Basically, it comes down to try this:
socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY

lock spin time = 15
lock spin count = 30



--
Regards
--
Gerald Drouillard
Technology Architect
Drouillard & Associates, Inc.
http://www.Drouillard.ca
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] small files poor performance

2006-02-15 Thread Gerald Drouillard 

Robert Jakab wrote:


   socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=16384 
SO_SNDBUF=16384


Have a look at:
http://www.drouillard.ca/Tips&Tricks/Samba/Oplocks.htm

Basically, it comes down to try this:
socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY

lock spin time = 15
lock spin count = 30


--
Regards
--
Gerald Drouillard
Technology Architect
Drouillard & Associates, Inc.
http://www.Drouillard.ca
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Lock files (cobol)

2006-02-15 Thread Gerald Drouillard 

Jonis Maurin Ceará wrote:

Hi all

I'm trying to use my Cobol aplication with  Smba but i'm getting A LOT 
OF "OPEN" errors...


lookslike system is (or isn't) looking files for read/write.

Anybody had this problem?

PS:  this program isn't mine, it's just for my company made by third 
company.




Have a look at:
http://www.drouillard.ca/Tips&Tricks/Samba/Oplocks.htm


--
Regards
--
Gerald Drouillard
Technology Architect
Drouillard & Associates, Inc.
http://www.Drouillard.ca
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] 3.0.21b and eventlogs

2006-02-15 Thread Thomas Bork 

Hi Jerry,

tried to playing around with eventlogs but:

smb.conf global part:
eventlog list = SyslogLinux

In your Samba-EventLog-HOWTO.txt:
When Samba initially starts, it looks to see if the
eventlog directory, and a particular log exists; if not,
the  directory and file are created under LOCK_DIR

This is not the case, no directory and file was created.

In the docs for smb.conf:
eventlog list (G)
This option defines a list of log names that Samba will report to the 
Microsoft EventViewer utility. The listed eventlogs will be associated 
with tdb file on disk in the $(libdir)/eventlog.



Mmmh:
LOCK_DIR or $(libdir)?
Nobody of them :(

Debuglevel 5 shows:

[...]
  doing parameter eventlog list = SyslogLinux
[...]
[2006/02/15 16:24:56, 5] tdb/tdbutil.c:tdb_log(772)
  tdb(unnamed): tdb_open_ex: could not open file 
/var/lock/samba/registry.tdb: No such file or directory

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key [HKLM]
[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key [HKLM]
[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key [HKLM/SOFTWARE]
[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE/Microsoft]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft/Windows NT]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT/CurrentVersion]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion/Print]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print/Printers]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion/Ports]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key [HKLM/SYSTEM]
[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM/CurrentControlSet]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet/Control]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Control/Print]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet/Services]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Services/LanmanServer]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer/Shares]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Services/Eventlog]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion/Perflib]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib/009]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Control\Print/Monitors]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Control/ProductOptions]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Control/Terminal Server]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Control\Terminal 
Server/DefaultUserConfiguration]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Services/TcpIp]

[2006/02/15 16:24:56, 5] registry/reg_db.c:regdb_fetch_keys(457)
  regdb_fetch_keys: tdb lookup failed to locate key 
[HKLM\SYSTEM\CurrentControlSet\Services\TcpIp/Parameters]

[20

[Samba] smbd fails to start on Fedora Core 4

2006-02-15 Thread Gavin Simpson 
Hi,

Having reset-up a print server from installation disks today, I did
something stupid and blindly copied the contents of /etc/samba from the
previous installation into the new installation.

Now smbd refuses to start (nmbd starts OK). I am currently using a blank
smb.conf file and the smb.conf file from the old installation. testparm
doesn't report any errors in the smb.conf from the old installation.

This is what I see in the shell when restarting smb:

/sbin/service smb restart

Shutting down SMB services:[FAILED]
Shutting down NMB services:[  OK  ]
Starting SMB services: /etc/init.d/functions: line 83:  2945 Aborted
$nice $*
   [FAILED]
Starting NMB services: [  OK  ]

And this is the relevant part of the log file:

[2006/02/15 15:36:42, 0] lib/util.c:smb_panic2(1525)
  BACKTRACE: 7 stack frames:
   #0 smbd(smb_panic2+0x8a) [0x72507c]
   #1 smbd(smb_panic+0x19) [0x7252c2]
   #2 smbd(get_global_sam_sid+0x2bc) [0x6dd84c]
   #3 smbd(init_guest_info+0x65) [0x76b6be]
   #4 smbd(main+0x2a7) [0x7a6fb3]
   #5 /lib/libc.so.6(__libc_start_main+0xdf) [0x408d5f]
   #6 smbd [0x5a54f1]
[2006/02/15 15:47:21, 0] smbd/server.c:main(798)
  smbd version 3.0.14a-2 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2004
[2006/02/15 15:47:21, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2006/02/15 15:47:21, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2006/02/15 15:47:21, 0] passdb/secrets.c:secrets_init(64)
  Failed to open /etc/samba/secrets.tdb
[2006/02/15 15:47:21, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176)
  pdb_generate_sam_sid: Failed to store generated machine SID.
[2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1517)
  PANIC: Could not generate a machine SID

[2006/02/15 15:47:21, 0] lib/util.c:smb_panic2(1525)
  BACKTRACE: 7 stack frames:
   #0 smbd(smb_panic2+0x8a) [0x31c07c]
   #1 smbd(smb_panic+0x19) [0x31c2c2]
   #2 smbd(get_global_sam_sid+0x2bc) [0x2d484c]
   #3 smbd(init_guest_info+0x65) [0x3626be]
   #4 smbd(main+0x2a7) [0x39dfb3]
   #5 /lib/libc.so.6(__libc_start_main+0xdf) [0x6a5d5f]
   #6 smbd [0x19c4f1]

Can anyone see what is wrong and how I can rectify this problem?

Thanks in advance,

Gav

-- 
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%
Gavin Simpson [T] +44 (0)20 7679 5522
ENSIS Research Fellow [F] +44 (0)20 7679 7565
ENSIS Ltd. & ECRC [E] gavin.simpsonATNOSPAMucl.ac.uk
UCL Department of Geography   [W] http://www.ucl.ac.uk/~ucfagls/cv/
26 Bedford Way[W] http://www.ucl.ac.uk/~ucfagls/
London.  WC1H 0AP.
%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%~%


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] umount share on user logout

2006-02-15 Thread Toni Casueps 
I have Windows and Linux clients accessing a Samba share. In the /etc/fstab 
file of the Linux clients I use the credentials=... option so that the 
system mounts the share when it boots.
If the only person that uses that PC is the one that I have set in 
/etc/fstab everything is ok, but not if it's another person because the 
permissions of the share are the ones of the first person.
Is there a way to do the same as the Windows clients? (i.e. disconnect share 
when one user logs out and ask for credentials either when the user logs in 
or when he accesses the share)



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] How to delete NON-EMPTY directories through a Samba share?

2006-02-15 Thread Michael Gasch 

try increasing the debug level and post error message

greez

Sandor Balogh wrote:

Hi,

The shared folder is owned by root:products_admin
drwxrwsr-x2 root products_admins 4096 Feb 13 07:56 data

This directory contains another directory created through his samba share
drwxrwsr-x2 bas  products_admins 4096 Feb 14 09:08
a_new_directory

As you can see, the directory is owned by user bas (that would be me) and by
the group products_admin.
User bas is member of group products_admin.

The content of directory a_new_directory:
-rwxrwxr-x1 bas  products_admins 6769 Dec 12 10:14 softice.txt

I am trying to delete the directory with the same user bas, but this only
succeeds when the directory is empty. Still I can rename it independently of
it's content.

I know that in UNIX world, you can delete a folder which has some contents,
only if you delete it's contents recursively. This should be specified in
command line using option -R (-r). By default UNIX does not ask you if you
want to delete the content of the directory. It's just give you an error
message saying that wht are you trying to delete is a directory (he thinks
that you don't kno that :))  I think here is the same kind of problem.

Thanks,
Sandor


On 2/14/06, Louis van Belle <[EMAIL PROTECTED]> wrote:

most likely the rights ( owner ) of the folder is not
the users u used to deleted.

This is not but, just a rights problem.

Louis



-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto: [EMAIL PROTECTED]
Namens Sandor Balogh
Verzonden: maandag 13 februari 2006 17:31
Aan: samba@lists.samba.org
Onderwerp: [Samba] How to delete NON-EMPTY directories through
a Samba share?

Hi all,

I have setup a Samba server as file and print server. Everything works
perfectly, I can print, I can write, delete files through
Samba. But, the
only thing that does not work is to delete a NON-EMPTY
directory. No error
message received, just don't want to delete it. As soon as I delete all
files from the directory, then the directory can be deleted
too. The problem
is recursive for subdirectories. Just think how awful is to delete a
directory with lots of subdirectories. I don't think it's a permission
problem (it can't be) and I could't find any posts on this
problem over the
internet.

Thanks for help,
Sandor
--
To unsubscribe from this list go to the following URL and read the
instructions:   https://lists.samba.org/mailman/listinfo/samba





--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution (IT Staff)
Deutscher Platz 6
D-04103 Leipzig
Germany

Phone: 49 (0)341 - 3550 137
   49 (0)341 - 3550 374

Fax:   49 (0)341 - 3550 399

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] groupmapping doubts

2006-02-15 Thread Charles Marcus 

On 2/15/2006 Marc Fournier ([EMAIL PROTECTED]) wrote:

I would like every domain user to be able to install programs on
every domain machine. As I understood, this can be achieved by adding
every domain user in the "Domain Admins" group. Am I right ? Is there
a better way to do this?


Ack! Well, it's your network, but I really strongly urge you NOT to make 
them all DOMAIN Admins.


At worst, add the Domain USERS group to the LOCAL Administrators group. 
This will make all domain USERS a member of the LOCAL Administrators 
group on each computer, without making them all domain ADMINS.


--

Best regards,

Charles
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] New 3.0.21b-1 Samba does not respect system "Groups"

2006-02-15 Thread Siju George 
On 2/13/06, Gerald (Jerry) Carter <[EMAIL PROTECTED]> wrote:
> >
> > Thankyou so much Tomasz for your reply.
> > Any Idea why it is that the new groups I create
> > donot work that way then?
>
> The token for the user is created a login time (i.e.
> when smbd authenticates the user).  You don't say but I'm
> guessing you are testing with groups after the token was
> created.  Logout from the windows client and log back in
> to refresh the user's token.
>

Thankyou so much Jerry for your reply :-)

I actually tried logout and login but the problem persisted so I downgraded to

devsrv:~# dpkg -l |grep samba
ii  samba  3.0.14a-3sarge a LanManager-like file and printer server fo
ii  samba-common   3.0.14a-3sarge Samba common files used by both the server a
devsrv:~#

and created the samba accounts ( tedious task! ) and the problems persisted.

The I found that the problem is only for the samba account "administrator"
So I removed the unix and samba accounts "administrator" and created
it again with "useradd" and also created the samba account
"administrator" and the thing seemed to be fixed.

I upgraded to

devsrv:~# dpkg -l |grep samba
ii  samba  3.0.21b-1  a LanManager-like file and printer server fo
ii  samba-common   3.0.21b-1  Samba common files used by both the server a
devsrv:~#

and the problems seem to be gone :-)

no Idea what went wrong actually! Thankyou ll for the help and suggestions.

Kind Regards

Siju
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] dfree (bad disk size reporting at Windows)

2006-02-15 Thread vmoravek 
Hi all,
I using little non standart filesystem(GPFS) with user quotas for my Samba. 
There is problem with correct disk size reporting in home mapped devices in 
Windows.

In example: 
I use three partitions(shares) for home directories, mapped in Windows like 
disc H: I: K:. Every user have quota on every one partition H: 1GB (I: 2GB 
K:512MB) 

When those shares are mapped in Windows, their disk size is reported as whole 
disk(partition) size 1 TB , but not quoted size 1gb  :(

So I would use dfree option in smb.conf which call external script.

My question is, exist any way how I can tell to script which user on which 
partition is asking for space? or any other way how i can show corret quoted 
space in Windows?

Best regard
Vojtech Moravek

 
 


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Problem changing passwords (LDAP + SMB + smbldap-tools)

2006-02-15 Thread Stéphane Purnelle 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

look at smb.conf man page about ldap passwd sync parameter

[EMAIL PROTECTED] a écrit :
> Hi everybody.
>
> I'm having a weird behavior with my smb+ldap installation.
>
> My server is configured as the PDC for my network. All my users are
> attached to the domain and are working fine.
> Also, I'm trying to configure other web applications in order to use LDAP,
> the idea is that the users use the same credentials to log into the SMB
> domain and to log into another applications (specifically, OneOrZero
> helpdesk manager)
>
> My problem is:
> If I change user's password with "smbldap-passwd", users can authenticate
> to SMB domain and other LDAP applications.
> BUT if users change their passwords from windows (CTRL+ALT+DEL -> "Change
> Password"), the new password works for the SMB domain but it does not work
> for the other LDAP applications. In fact they can log into the LDAP
> applications using the old password.
> At the end, every user has two valid passwords: one for the domain and
> other for my applications using LDAP authentication.
>
> I suppose I'm missing some kind of option in order to have synchronized
> both passwords.
>
> My LDAP is saving this entries:
> sambaNTPassword
> sambaLMPassword
> userPassword
>
> What represents each of this attributes?
> How can I force smbldap-tools to keep both password synchronized?
>
>
> Thanks in advance.
>
>
> Saludos
> David


- --
Stéphane Purnelle <[EMAIL PROTECTED]>
Site Web : http://www.linuxplusvalue.be
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD8wJa8tswkE3d0ecRAjsEAJ9Ojt5Yd7I1fl67uTe200bTto7dWACdEBJ5
GmXgQ9ZO5TyTXCcJ6Wc6EA8=
=dV1l
-END PGP SIGNATURE-

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] groupmapping doubts

2006-02-15 Thread Marc Fournier 
Hello Samba people !

Thanks to the great docs available, I was able to setup samba as a PDC in
a few hours. Everything works as I wish, except one thing. As security is
not really a matter in my case, I would like every domain user to be able
to install programs on every domain machine. As I understood, this can be
achieved by adding every domain user in the "Domain Admins" group. Am I
right ? Is there a better way to do this ?

Anyway, after reading groupmapping.html from the howto-collection, I did
this:

net groupmap add ntgroup="Domain Admins" unixgroup=smbadm

eos:~# grep smbadm /etc/group
smbadm:x:1003:toto,root

eos:~# net groupmap list
System Operators (S-1-5-32-549) -> -1
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Domain Admins (S-1-5-21-3749086184-651259868-1278831297-3007) -> smbadm
Domain Admins (S-1-5-21-3749086184-651259868-1278831297-512) -> -1
Domain Guests (S-1-5-21-3749086184-651259868-1278831297-514) -> -1
Domain Users (S-1-5-21-3749086184-651259868-1278831297-513) -> -1
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1

But it doesn't seem to work. I notice I now have 2 "Domain Admins" groups.
Maybe that is wrong ? I am not using winbind, as I understood it shouldn't
be mandatory in my case.

By the way, not being very "fluent" in windows, how can I check if the
domain-user "toto" is member of one or another domain-group under winxp ?

Any help or advice greatly appreciated !
Marc

PS: here are the relevant parts on my smb.conf file:

eos:~# smbd  -V
Version 3.0.14a-Debian

[global]
workgroup = EDI
interfaces = 172.17.200.3, 127.0.0.1
bind interfaces only = Yes
obey pam restrictions = Yes
passdb backend = tdbsam, guest
name resolve order = wins host lmhosts bcast
time server = Yes
logon script = logon.bat
logon path = 
logon home = 
domain logons = Yes
os level = 70
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
ldap ssl = no


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba