Re: [Samba] Possible problem w/ 'idmap restore' under 3.0.25rc3
On Fri, 2007-05-04 at 19:14 -0500, Don Meyer wrote: > At 06:00 PM 5/4/2007, simo wrote: > >Sorry for the problem, this slipped through during recent patches to fix > >the sid checking layer violation and the idmap offline code. > > > No problem. > > I may have another for you, however. This patch enables me to > successfully restore when using a tdb backend. However, when using > idmap_ldap, it seems that winbind is opening a connection to the ldap > server and not closing it for many updates/queries. > > When I try 'net idmap restore' when using idmap_ldap, the command > will plug away until the ldap server starts complaining "accept(8) > failed errno=24 (Too many open files)". netstat -aln shows around > 1000 open connections from winbind on another system. (The one with > 3.0.25rc3+) > > When "watching" netstat on the ldap server system, each query to > winbind that one would expect it to talk to the ldap server generates > a new TCP session which hangs around until winbind is > restarted. (Granted, I have not wait more than 10 minutes yet, but > this seems a bit extreme...)For instance, after winbindd restart, > the first 'getent passwd user1' request opens a session. Running > that command again does not. (Cached) Running 'getent passwd user2' > opens another session, etc. This occurs whether the UID is already > present, or if it needs to be added new. > > If you need more information on any of this, just let me know. It > seems so close... ;-) Oh this is pretty bad, it seem there is some problem in the smbldap library recognizing if the connection is still open or not :/ At least you found an easy way to reproduce it which means it should be easy to find how to fix it. I will work on this tomorrow or Monday, thanks for the report, I'll post here as soon as I get a clue on what is wrong and a patch. Simo. -- Simo Sorce Samba Team GPL Compliance Officer email: [EMAIL PROTECTED] http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Automatic configuration of disk quotas with samba
Hi *, currently I'm having problems trying to configure automatically the disk quotas for users which access to a server in my work, the stage is as following: A server that owns services like: ssh, ftp, sftp, documents and profiles. The one uses winbind to authenticate users against a active directory domain controller; that's way we can't use adduser feature to configure this quotas. The currently solution that we have is: A program that configure quotas using the setquota program...this is called from the file /etc/profile, so when users log through SSH, bash program calls that file and then our program is executed (this is done just the first time user logs). The problem that we have is: When the user logs through other service which doesn't use bash and login program, like ftp and sftp, the file /etc/profile is not executed so our program to set quotas is not executed either. If somebody knows other way to configure the quotas in a more general and best way, or if somebody had treated this problem previously and found one solution it would be very helpful. Thanks -- Linux Counter #395394 -> http://counter.li.org/ Si la base de la sociedad es ayudar a los demas, porque decir no a la libertad de modificar y compartir el software? (Richard Stallman) La imaginacion es mas importante que el conocimiento (Albert Einstein) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] "Failed to verify incoming ticket!" with Windows 2003 Server
Hi, all! I have the following environment here: - A Windows 2000 domain, with one server running Windows 2003 Server - A kerberos realm, using MIT Kerberos - A samba server, with security=ads The Windows 2003 server have a trust relationship with the MIT kerberos realm. Users logs on that kerberos realm on their Windows workstations, and are supposed to have access to the shares at samba server. All of it was working perfectly until some weeks ago, when the samba server had a hardware failure. The OS was re-installed (Fedora Core 6), the server was re-joined to the windows domain, but, now, when the users tryies to access the shares, they get a window asking for username and password, and the following appears at samba's log: -- [2007/05/05 19:42:53, 10] passdb/secrets.c:secrets_named_mutex(779) secrets_named_mutex: got mutex for replay cache mutex [2007/05/05 19:42:53, 10] libads/kerberos_verify.c:ads_secrets_verify_ticket(261) ads_secrets_verify_ticket: enc type [1] failed to decrypt with error Bad encryption type [2007/05/05 19:42:53, 10] libads/kerberos_verify.c:ads_secrets_verify_ticket(261) ads_secrets_verify_ticket: enc type [3] failed to decrypt with error Bad encryption type [2007/05/05 19:42:53, 10] libads/kerberos_verify.c:ads_secrets_verify_ticket(261) ads_secrets_verify_ticket: enc type [23] failed to decrypt with error Bad encryption type [2007/05/05 19:42:53, 10] passdb/secrets.c:secrets_named_mutex_release(791) secrets_named_mutex: released mutex for replay cache mutex [2007/05/05 19:42:53, 3] libads/kerberos_verify.c:ads_verify_ticket(399) ads_verify_ticket: krb5_rd_req with auth failed (Success) [2007/05/05 19:42:53, 1] smbd/sesssetup.c:reply_spnego_kerberos(202) Failed to verify incoming ticket! [2007/05/05 19:42:53, 3] smbd/error.c:error_packet(146) error packet at smbd/sesssetup.c(204) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE -- I also tried using a samba server that was compiled against Heimdal kerberos, but the result was the same. Tryied to generate the windows server's keytab entry with 'ktpass', and import it at samba server's keytab (setting "use kerberos keytab = yes" at smb.conf), but the problem remains. When I try to access the samba share via smbclient, I get: -- smbclient -k //server/share Doing spnego session setup (blob length=117) got OID=1 2 840 113554 1 2 2 got OID=1 2 840 48018 1 2 2 got OID=1 3 6 1 4 1 311 2 2 10 got principal=cifs/[EMAIL PROTECTED] Doing kerberos session setup ads_cleanup_expired_creds: Ticket in ccache[FILE:/tmp/krb5cc_0] expiration Sun, 06 May 2007 05:53:09 BRT ads_krb5_mk_req: Ticket (cifs/[EMAIL PROTECTED]) in ccache (FILE:/tmp/krb5cc_0) is valid until: (Sun, 06 May 2007 05:53:09 BRT - 1178441589) Got KRB5 session key of length 16 write_socket(5,1364) write_socket(5,1364) wrote 1364 read_socket_with_timeout: timeout read. EOF from client. receive_smb_raw: length < 0! client_receive_smb failed size=0 -- and a "login failed" message. After the try, se following principals get cached: Valid starting ExpiresService principal 05/05/07 19:53:04 05/06/07 19:53:03 krbtgt/[EMAIL PROTECTED] 05/05/07 19:53:09 05/06/07 19:53:03 krbtgt/[EMAIL PROTECTED] 05/05/07 19:53:09 05/06/07 05:53:09 cifs/[EMAIL PROTECTED] The only way our users can access the shares at samba server is logging in at the Windows 2003 domain. Googling arround, I found various issues concerning incompatibilities between Windows 2003 and samba/kerberos tickets. I tryied various suggestions - such as forcing the samba server's computer account at windows 2003 to use only DES crypt, mapping the computer account to an user account and so on, but none of them worked for me. Some idea? (sorry the large e-mail - and my bad english) Tnks in advice! Rodolfo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: strange authentication issue
test On 5/5/07, jawed abbasi <[EMAIL PROTECTED]> wrote: hi I just joined this list, as I am having really strange issue and so far been unable to find the root cause.I will give you scenario to see if anyone knows what could be the cause: 1: 2 windows 64bit enterprise server serverA and Server B 2: both on same physical network no firwalls not routers 3: both on same domain controller ( windows NT4) I can connect to serverA as under from a linux host smbclient //serverA/d$ -U administrator password:** smb:> but I can't connect to serverB from the same linux host with following smbclient //serverA/d$ -U administrator I get access denied (noAccess) error message. I can only connect to serverB when I also give workgroup option smbclient //serverB/d$ -U administrator -W test both serverA and serverB are configured identical, infact they were restored from the same image. So far I have not been able to find the root cause of this to see why? serverA can only authenticate with user and password while serverB authentication fails, untill I give it workgroup option also. any help or pointers will be much appreciated. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Newbie cannot install from source
Env: Mandriva 2007 with recent updates. I go into the source directory as root ./configure, make, make install Using 3.024 and 3.025rc3 with the same result. usr/local/samba/bin/smbpasswd is a shared library. -- View this message in context: http://www.nabble.com/Newbie-cannot-install-from-source-tf3696056.html#a10335501 Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Offline logon from Winxp/2000 Client doesn't work
On 5-May-07, at 7:47 AM, Christoph Lutz wrote: Hello, I've installed samba 3.0.24 recently and since then I cannot login on my Windowsclients if they are disconnected. If I have a connection everything is fine. I'm at a loss what else to do. The only hints for offline logons I've found all refer to the use of samba with ADS. I have only one samba server in my network(no winbind). The clients are unchanged to my prior installation which worked just fine for serveral years. I'm gratefull for any hint. I'm using Debian/Testing with kernel 2.6.18-4 Run the command pdbedit -Lv username for each of the users in question, and verify the the domain listerd for the username is correct. I've seen this occur when the users are created under one domain name, and then the domain name (in the smb.conf) is changed afterward. If that's the case change the users domain using pdbedit -- domain=newdomainnamehere username My smb.conf SNIP Neil Jolly -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ls not showing AD owner username and groupname
I recently upgraded from samba 3.0.14b to 3.0.24.1 everything went well authentication services accept local and AD users., YET if I list a directory with file owned by Domain Users I see IDs AND DO NOT SEE names of group and user owner drwxrwxrwx 3 1500 1513 512 Apr 20 18:14 administrator drwxrwxrwx 3 2149 1513 512 Apr 4 18:06 user1 drwxrwxrwx 3 2119 1513 512 Apr 4 18:07 user2 with Samab 3.0.14d drwxrwxrwx 3 root wheel 512 Apr 20 18:14 administrator drwxrwxrwx 3 user1 Domain Users 512 Apr 4 18:06 user1 drwxrwxrwx 3 user2 Domain Users 512 Apr 4 18:07 user2 Samba is started corerctly and I have NO error in any log Any Hint ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
R: R: R: [Samba] duplicate group in NET GROUPMAP LIST
> -Messaggio originale- > Da: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > conto di John H Terpstra > Inviato: giovedì 3 maggio 2007 2.28 > A: samba@lists.samba.org > Oggetto: Re: R: R: [Samba] duplicate group in NET GROUPMAP LIST > > > On Wednesday 02 May 2007 10:21, Gianluca Culot wrote: > > > -Messaggio originale- > > > Da: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] > > > conto di Gianluca Culot > > > Inviato: mercoledì 2 maggio 2007 15.09 > > > A: samba@lists.samba.org > > > Oggetto: R: R: [Samba] duplicate group in NET GROUPMAP LIST > > > > > > > -Messaggio originale- > > > > Da: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED] > > > > conto di John H Terpstra > > > > Inviato: mercoledì 2 maggio 2007 14.56 > > > > A: samba@lists.samba.org > > > > Oggetto: Re: R: [Samba] duplicate group in NET GROUPMAP LIST > > > > > > > > On Wednesday 02 May 2007 07:40, Gianluca Culot wrote: > > > > > ... > > > > > > > > > > > > the strange fact is the Domain Users appear to have a TWO sids > > > > > > > Domain Users (S-1-5-21-531635747-2076120898-3807014553-2801) > > > > > > > Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) > > > > > > > > > > > > > > The first appear to be correctly mapped to the local > users group > > > > > > > the latter has no mapping (-1) > > > > > > > > > > > > > > that's to me appeares really odd > > > > > > > > > > > > > > Can somebody explain me this old fact ? > > > > > > > > > > > > > > My actual Samba server (with smtp, pop3, wibind, sshd, > > > > > > > > apache21) works > > > > > > > > > > > perefctly and every user can authenticate correctly on every > > > > > > > > > > > > service with > > > > > > > > > > > > > his/her own AD domain user and password > > > > > > > > > > > > > > Any Hint? > > > > > > > PLEASE !?! > > > > > > > > > > > > Execute > > > > > > net groupmap cleanup > > > > > > > > > > > > then reset your mappings. > > > > > > > > > > > > - John T. > > > > > > -- > > > > > > To unsubscribe from this list go to the following URL > and read the > > > > > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > > > > > > > > Looks loke > > > > > net groupmap cleanup > > > > > has no effect on my system > > > > > > > > > > here is the copy of action from my terminal > > > > > > > > > > mail# /home > net groupmap delete ntgroup="domain users" > > > > > Sucessfully removed domain users from the mapping db > > > > > > > > > > mail# /home > net groupmap list > > > > > System Operators (S-1-5-32-549) -> -1 > > > > > Domain Guests (S-1-5-21-531635747-2076120898-3807014553-514) -> -1 > > > > > Replicators (S-1-5-32-552) -> -1 > > > > > Guests (S-1-5-32-546) -> -1 > > > > > BUILTIN (S-1-5-21-531635747-2076120898-3807014553-2001) -> 500 > > > > > Domain Guests (S-1-5-21-531635747-2076120898-3807014553-132069) > > > > > > > > -> nobody > > > > > > > > > Power Users (S-1-5-32-547) -> -1 > > > > > Print Operators (S-1-5-32-550) -> -1 > > > > > Administrators (S-1-5-32-544) -> -1 > > > > > Account Operators (S-1-5-32-548) -> -1 > > > > > Domain Users > (S-1-5-21-531635747-2076120898-3807014553-3001) -> 1000 > > > > > Domain Admins (S-1-5-21-531635747-2076120898-3807014553-1001) -> > > > > > wheel Backup Operators (S-1-5-32-551) -> -1 > > > > > Users (S-1-5-32-545) -> -1 > > > > > Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) -> -1 > > > > > Domain Admins (S-1-5-21-531635747-2076120898-3807014553-512) -> -1 > > > > > > > > > > mail# /home > net groupmap cleanup > > > > > Group Domain Guests is not mapped > > > > > Group Domain Users is not mapped > > > > > Group Domain Admins is not mapped > > > > > > > > > > mail# /home > net groupmap add ntgroup="Domain Users" > > > > > > unixgroup="users" > > > > > > > > type=b > > > > > No rid or sid specified, choosing algorithmic mapping > > > > > Successfully added group Domain Users to the mapping db > > > > > > > > > > mail# /home > net groupmap list > > > > > System Operators (S-1-5-32-549) -> -1 > > > > > Domain Guests (S-1-5-21-531635747-2076120898-3807014553-514) -> -1 > > > > > Replicators (S-1-5-32-552) -> -1 > > > > > Domain Users > (S-1-5-21-531635747-2076120898-3807014553-2801) -> users > > > > > Guests (S-1-5-32-546) -> -1 > > > > > BUILTIN (S-1-5-21-531635747-2076120898-3807014553-2001) -> 500 > > > > > Domain Guests (S-1-5-21-531635747-2076120898-3807014553-132069) > > > > > > > > -> nobody > > > > > > > > > Power Users (S-1-5-32-547) -> -1 > > > > > Print Operators (S-1-5-32-550) -> -1 > > > > > Administrators (S-1-5-32-544) -> -1 > > > > > Account Operators (S-1-5-32-548) -> -1 > > > > > Domain Users > (S-1-5-21-531635747-2076120898-3807014553-3001) -> 1000 > > > > > Domain Admins (S-1-5-21-531635747-2076120898-3807014553-1001) -> > > > > > wheel Backup Operators (S-1-5-32-551) -> -1 > > > > > Users (S-1-5-32-545) -> -1 > > > > > Domain Users (S-1-5-21-531635747-2076120898-3807014553-513) -> -1 > > > > > Domain Admins (S-1-5-21-531635747-2076120898-380
[Samba] strange authentication issue
hi I just joined this list, as I am having really strange issue and so far been unable to find the root cause.I will give you scenario to see if anyone knows what could be the cause: 1: 2 windows 64bit enterprise server serverA and Server B 2: both on same physical network no firwalls not routers 3: both on same domain controller ( windows NT4) I can connect to serverA as under from a linux host smbclient //serverA/d$ -U administrator password:** smb:> but I can't connect to serverB from the same linux host with following smbclient //serverA/d$ -U administrator I get access denied (noAccess) error message. I can only connect to serverB when I also give workgroup option smbclient //serverB/d$ -U administrator -W test both serverA and serverB are configured identical, infact they were restored from the same image. So far I have not been able to find the root cause of this to see why? serverA can only authenticate with user and password while serverB authentication fails, untill I give it workgroup option also. any help or pointers will be much appreciated. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd crash with share security
Hello, I am experiencing an issue on Mandriva 2007.1 (samba 3.0.24) where smbd crashes as soon as a guest connection attempt is made for a single file share: [EMAIL PROTECTED] ~ $ smbclient //192.168.200.2/data Password: Domain=[FONET] OS=[Unix] Server=[Samba 3.0.24] Server not using user level security and no password supplied. tree connect failed: Call returned zero bytes (EOF) Syslog logs following info: May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/fault.c:fault_report(41) May 5 18:32:56 bazina smbd[5571]: === May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/fault.c:fault_report(42) May 5 18:32:56 bazina smbd[5571]: INTERNAL ERROR: Signal 11 in pid 5571 (3.0.24) May 5 18:32:56 bazina smbd[5571]: Please read the Trouble-Shooting section of the Samba3-HOWTO May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/fault.c:fault_report(44) May 5 18:32:56 bazina smbd[5571]: May 5 18:32:56 bazina smbd[5571]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/fault.c:fault_report(45) May 5 18:32:56 bazina smbd[5571]: === May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/util.c:smb_panic(1599) May 5 18:32:56 bazina smbd[5571]: PANIC (pid 5571): internal error May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/util.c:log_stack_trace(1706) May 5 18:32:56 bazina smbd[5571]: BACKTRACE: 6 stack frames: May 5 18:32:56 bazina smbd[5571]:#0 smbd(log_stack_trace+0x29) [0x8020a8ae] May 5 18:32:56 bazina smbd[5571]:#1 smbd(smb_panic+0x76) [0x8020a9d5] May 5 18:32:56 bazina smbd[5571]:#2 smbd(getsmbpass+0) [0x801f7844] May 5 18:32:56 bazina smbd[5571]:#3 [0xbfffe420] May 5 18:32:56 bazina smbd[5571]:#4 /lib/i686/libc.so.6(realloc+0xd9) [0xb7b964f9] May 5 18:32:56 bazina smbd[5571]:#5 smbd(Realloc+0xb2) [0x8020b9ab] May 5 18:32:56 bazina smbd[5571]: [2007/05/05 18:32:56, 0] lib/fault.c:dump_core(173) May 5 18:32:56 bazina smbd[5571]: dumping core in /var/log/samba/cores/smbd May 5 18:32:56 bazina smbd[5571]: Samba log files do not show anything. smb.conf used is: [global] workgroup = HOME server string = Samba Server %v printcap name = cups load printers = yes printcap cache time = 60 printing = cups log file = /var/log/samba/%m.log max log size = 50 map to guest = bad user security = share encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd dns proxy = no [homes] comment = Home Directories browseable = no writable = yes [data] path = /mnt/data comment = data browseable = yes public = yes writable = yes As soon as I switch security to "user", I can connect to the share correctly. I guess this counts as a bug (as applications in general should not crash no matter what), but I wanted to confirm it here. Is there any more info I can provide to help troubleshoot this issue? Thanks in advance, -- Andrej Kacian signature.asc Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot Map drive from XP to Samba shared folder
Dear Sirs, I have a Samba server with LDAP (in Fedora Core 4) and numbers of XP client in a domain. After client login to domain, it runs a logon script to map drive. Each client has own home directory in samba server. Sometimes some of clients cannot map the drive to shared folder in samba server after they login (At the same time, Some clients can map the drive successfully) My Samba version: 3.0.14a smb.conf: # Global parameters [global] unix charset = big5 dos charset= big5 workgroup = GROUP1 netbios name = Server1 log level = 2 syslog = 0 log file = /var/log/samba/%m max log size = 50 name resolve order = wins bcast hosts time server = no #printcap name = CUPS #show add printer wizard = No interfaces = eth2, lo bind interfaces only = yes passdb backend = ldapsam:ldap://127.0.0.1 add user script = /usr/local/sbin/smbldap- useradd.pl -a -m '%u' delete user script = /usr/local/sbin/smbldap-userdel.pl '%u' add group script = /usr/local/sbin/smbldap-groupadd.pl -p '%g' delete group script = /usr/local/sbin/smbldap- groupdel.pl '%g' add user to group script = /usr/local/sbin/smbldap-groupmod.pl -m '%u' '%g' delete user from group script = /usr/local/sbin/smbldap-groupmod.pl -x '%u' '%g' #set primary group script = /usr/local/sbin/smbldap-usermod.pl -g '%g' '%u' add machine script = /usr/local/sbin/smbldap-useradd.pl -w '%u' logon script = scripts\%U.bat logon path = \\%L\profiles\%U logon drive = X: logon home = \\%L\%U domain logons = Yes preferred master = Yes ldap suffix = dc=GROUP1,dc=net ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups wins support = Yes ldap idmap suffix = ou=Idmap ldap admin dn = cn=Manager,dc=GROUP1,dc=net idmap backend = ldap:ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 map acl inherit = Yes security = user template shell = /bin/false winbind use default domain = no ldap passwd sync = Yes deadtime=15 [homes] comment = Home Directories valid users = %S read only = No browseable = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = Yes locking = No browseable = No [profiles] comment = Profile Share path = /var/lib/samba/profiles writable = yes create mask = 0600 directory mask = 0700 browseable = no read only = No profile acls = Yes [Shared] path = /Shared writeable = no valid users = @domain_administrators, @domain_users browseable = no read only = yes The logon script: net use y: /delete net use y: \\Server1\Shared /persistent:no In XP client, type "net use y: \\Server1\Shared /persistnet:no", it prompts something like "Network Path was not found" I'd be grateful if anyone knows what the problem is or has any ideas how to solve such problem. Thanks, Samantha -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Offline logon from Winxp/2000 Client doesn't work
Hello, I've installed samba 3.0.24 recently and since then I cannot login on my Windowsclients if they are disconnected. If I have a connection everything is fine. I'm at a loss what else to do. The only hints for offline logons I've found all refer to the use of samba with ADS. I have only one samba server in my network(no winbind). The clients are unchanged to my prior installation which worked just fine for serveral years. I'm gratefull for any hint. I'm using Debian/Testing with kernel 2.6.18-4 My smb.conf [global] unix charset = ISO8859-15 workgroup = HOME server string = %h server client schannel = Yes server schannel = Yes map to guest = Bad User password server = passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n *password\supdated\ssuccessfully* . username map = /etc/samba/smbusers syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 name resolve order = lmhosts host wins bcast time server = Yes server signing = auto socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY load printers = No logon script = logon.cmd logon path = \\%N\profiles\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes ldap ssl = no panic action = /usr/share/samba/panic-action %d admin users = root hosts allow = 192.168.1.0/255.255.255.0, 192.168.77.0/255.255.255.0 [homes] comment = Home Directories path = /home/%u valid users = %S read only = No browseable = No [profiles] comment = Store the Windows Profiles path = /home/winhomes read only = No create mask = 0600 directory mask = 0700 [netlogon] path = /var/lib/samba/netlogon write list = root guest ok = Yes Greetings, Christoph Lutz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba