Re: [Samba] Can't see or change ACLs on Windows
strange ... please post getfacl output . On 10/19/07, Eric Diven <[EMAIL PROTECTED]> wrote: > Whoops, these were both supposed to go to the list. > > If I log on as the owner of the file, I still can't add another entry to > the ACL. I can change the permissions set on the user, group and world > permissions, but that's it. I do see that that the owner is identified > as the user I'm logged in as. > > ~Eric > > -Original Message- > From: Stas [mailto:[EMAIL PROTECTED] > Sent: Friday, October 19, 2007 12:13 AM > To: Eric Diven > Cc: samba@lists.samba.org > Subject: Re: [Samba] Can't see or change ACLs on Windows > > make sure that user logged in to windows box is an owner of files . > as i know , only owner can change permissions . > try # chown "administrator/DOMAIN" /samba/test.txt , after that try to > set permissions on this file from windows . > > > On 10/18/07, Eric Diven <[EMAIL PROTECTED]> wrote: > > None when I open the security tab, but when I try to add an entry to > > the ACL, I get: > > > > "Unable to save permission changes on directory on 'croesus running > > samba (ipaddress)' (driveletter:). > > > > Access is denied." > > > > The smb.conf file is set up to allow admin access to both an AD user > > and > > group: > > > > the relevant sections of the smb.conf file: > > > > [global] > > workgroup = W2K3TEST > > realm = W2K3TEST.LOCAL > > server string = croesus running samba > > security = ADS > > log file = /var/log/samba/log.%m > > max log size = 50 > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > printcap name = /etc/printcap > > preferred master = No > > dns proxy = No > > idmap uid = 1-2 > > idmap gid = 1-2 > > winbind separator = + > > > > [afiles] > > path = /foo/afiles > > admin users = W2K3TEST+bobadmin, @W2K3TEST+admins > > read only = No > > > > I've logged in both as another member of the W2K3TEST+admins group, > > and as W2K3TEST+bobadmin, and that doesn't seem to have any effect on > > whether or not it works. I've also tried adding a non-domain user and > > > group to the ACL on the Solaris side to see if that would make an > > entry other that the standard permissions appear on Windows, but to no > avail. > > > > ~Eric > > > > -Original Message- > > From: Stas [mailto:[EMAIL PROTECTED] > > Sent: Thursday, October 18, 2007 3:39 PM > > To: [EMAIL PROTECTED] > > Cc: Eric Diven; samba@lists.samba.org > > Subject: Re: [Samba] Can't see or change ACLs on Windows > > > > any errors on windows side when you try to set permissions? > > > > On 10/18/07, Volker Lendecke <[EMAIL PROTECTED]> wrote: > > > On Thu, Oct 18, 2007 at 09:11:59AM -0400, Eric Diven wrote: > > > > Here you go: > > > > > > > > bash-3.00# /usr/local/samba/sbin/smbd -b | grep ACL > > > >HAVE_SYS_ACL_H > > > >HAVE_SOLARIS_ACLS > > > >HAVE__ACL > > > >HAVE__FACL > > > > > > > > It looks plausible to me, but I'm assuming you know better than I > > > > what > > > > > > That indeed looks right. No idea then, sorry. Maybe you want to look > > > > in a debug level 10 log of smbd, search for > > > call_nt_transact_query_security_desc, maybe you find something > > > obvious. > > > > > > Volker > > > > > > -- > > > To unsubscribe from this list go to the following URL and read the > > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows XP truncating last share name?
Hi folks, We have a Samba 3 PDC domain (with an LDAP backend) configured pretty much as described on "Samba 3 by Example" for Windows XP clients. Some XP machines are presenting errors when editing files wich reside on a samba shared folder. The user accesses the share and opens de desired file. When trying to save it the file name turns blue (that is, windows explorer display the file name in blue color and not in black as usual) and the user receives an access denied message and is prohibited to save the modified file. Searching samba logs I have found messages like: ---snip ice1_contas_14 (10.9.28.84) couldn't find service ice1_conta ---snip Nevertheless smb.conf has a share named "ice1_contas". Note that the last character "s" is chopped in the log message. I believe it is a Window XP bug. Can anyone give me any hint? Best Regards, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba can't find its hostname via broadcast
Atrox wrote: Ah, yes, it's plain-text :) ??? Should be binary, yet readable with cat. But there's only 1 IP for the server, but there are 8 lines for the server: Sounds good. Probably not the same problem as I had then. Yes, I recall multiple entries for the server. So, how do you know Samba can not find itself? Are you seeing messages in the nmbd log? -- Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] AD Auth, but Unix users and groups
Hello All: I have a Samba server (running 3.0.11) that uses an LDAP SAM for authentication. We now have AD (native mode) running in house. Since everyone has a login there, I would like to use the AD credentials for authentication. However, I would like to continue to use the Unix user ids and group ids, etc. All the documentation for AD authentication talks about ID mapping, etc. I don't think I need this. I already have ids. I don't need to map them. Is there an easy way to do what I want? I have tried to make it work by picking up the latest Blastwave distribution and I installed it with configurations like: -- [global] unix charset = LOCALE workgroup = ULTICOM realm = ULTICOM.COM netbios name = CARP server string = Carp -- a test instance of Corp interfaces = 172.25.0.9 bind interfaces only = Yes security = ADS smb passwd file = /etc/csw/samba/carp/private/smbpasswd private dir = /etc/csw/samba/carp/private log level = 1 syslog = 0 log file = /var/csw/samba/log/carp.smbd.log max log size = 50 printcap name = CUPS ldap ssl = no lock directory = /etc/csw/samba/carp/locks pid directory = /etc/csw/samba/carp/locks include = /etc/csw/samba/carp/smb.conf.shares [homes] ... -- With this configuration, I can do an "smbclient -L carp" just fine, but I can't do "smbclient //carp/gaa". I get: -- Domain=[ULTICOM] OS=[Unix] Server=[Samba 3.0.23b] tree connect failed: NT_STATUS_ACCESS_DENIED -- This sure sounds like the login works but the user ids don't allow access. (If I type my password wrong, I get a NT_STATUS_LOGON_FAILURE). Any other ideas? -- Gary Algier, WB2FWZ gaa at ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 Nielsen's First Law of Computer Manuals: People don't read documentation voluntarily. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joining an AD domain where AD domain name != DNS domain name
Hi all, I found a nice cheatsheet (http://blogs.sun.com/jurasek/) for setting up Samba on my Solaris 10. Problem is, that document is pretty explicit about the AD domain and DNS domain being the same. The problem with *that* is, when we moved to AD, the AD domain (and therefore AD DNS domain) was implemented as "company.corp" rather than our real DNS domain "company.com". All my *nix boxes are in company.com, not company.corp. Is this a problem? And is there a way around it? My preferred solution to to get rid of the company.corp abomination, but that isn't going to happen. Thanks, Mark -- Georgia: Why am I not doing what they're doing? Rube: Because you're doing what you're doing. When it's time for you to do something else you'll do that. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't see or change ACLs on Windows
Whoops, these were both supposed to go to the list. If I log on as the owner of the file, I still can't add another entry to the ACL. I can change the permissions set on the user, group and world permissions, but that's it. I do see that that the owner is identified as the user I'm logged in as. ~Eric -Original Message- From: Stas [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 12:13 AM To: Eric Diven Cc: samba@lists.samba.org Subject: Re: [Samba] Can't see or change ACLs on Windows make sure that user logged in to windows box is an owner of files . as i know , only owner can change permissions . try # chown "administrator/DOMAIN" /samba/test.txt , after that try to set permissions on this file from windows . On 10/18/07, Eric Diven <[EMAIL PROTECTED]> wrote: > None when I open the security tab, but when I try to add an entry to > the ACL, I get: > > "Unable to save permission changes on directory on 'croesus running > samba (ipaddress)' (driveletter:). > > Access is denied." > > The smb.conf file is set up to allow admin access to both an AD user > and > group: > > the relevant sections of the smb.conf file: > > [global] > workgroup = W2K3TEST > realm = W2K3TEST.LOCAL > server string = croesus running samba > security = ADS > log file = /var/log/samba/log.%m > max log size = 50 > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > printcap name = /etc/printcap > preferred master = No > dns proxy = No > idmap uid = 1-2 > idmap gid = 1-2 > winbind separator = + > > [afiles] > path = /foo/afiles > admin users = W2K3TEST+bobadmin, @W2K3TEST+admins > read only = No > > I've logged in both as another member of the W2K3TEST+admins group, > and as W2K3TEST+bobadmin, and that doesn't seem to have any effect on > whether or not it works. I've also tried adding a non-domain user and > group to the ACL on the Solaris side to see if that would make an > entry other that the standard permissions appear on Windows, but to no avail. > > ~Eric > > -Original Message- > From: Stas [mailto:[EMAIL PROTECTED] > Sent: Thursday, October 18, 2007 3:39 PM > To: [EMAIL PROTECTED] > Cc: Eric Diven; samba@lists.samba.org > Subject: Re: [Samba] Can't see or change ACLs on Windows > > any errors on windows side when you try to set permissions? > > On 10/18/07, Volker Lendecke <[EMAIL PROTECTED]> wrote: > > On Thu, Oct 18, 2007 at 09:11:59AM -0400, Eric Diven wrote: > > > Here you go: > > > > > > bash-3.00# /usr/local/samba/sbin/smbd -b | grep ACL > > >HAVE_SYS_ACL_H > > >HAVE_SOLARIS_ACLS > > >HAVE__ACL > > >HAVE__FACL > > > > > > It looks plausible to me, but I'm assuming you know better than I > > > what > > > > That indeed looks right. No idea then, sorry. Maybe you want to look > > in a debug level 10 log of smbd, search for > > call_nt_transact_query_security_desc, maybe you find something > > obvious. > > > > Volker > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Performance Issue on Samba 3.023d with many small files
I am transmitting many small files from Windows 2000 to Samba as AD-Member Server with a Gigabit LAN Adapter. Transmitting a large number of small files brings performance down below 80 Kbyte/s. How can I work around this? How can I identify what makes Samba so slow (and set-up Samba parameters better if it is a configuration issue?) Has there been some performance boost in some later release than 3.023d? - I'm using a ACL-patched 2.4 Kernel - I'm using filesystem ext3, but there is no difference with XFS. - I have a Gigabit LAN and I'm able to transmit TCP about 22 Mbyte/s (tested with iperf between client and server) (UDP performance is worse). - I have a Windows Server (2000) in the same network as I am using AD: While transmitting large files from Windows Client to Windows Server or Samba Member Server allows approx. the same data rate, my test set of 3 GB (with the small files) takes about twice the time to transmit to the Samba Server than to the Windows Server). So it's not that my Samba Server is generally slow, only small files cause trouble. Kind regards, Jens -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3 + LDAP with multiple ou's
To require what you are doing you will need multiple database definition's in your slapd.conf each with its own directory, you then can search each base independently. You will need to setup interdomain trusts between the pdc's which is described in the how to's. Adrian Sender 2007/10/18, Daniel Cristian Cruz : > > Hello, all. > > I was wondering if anyone could help me with this configuration: > > I had a LDAP tree with this structure: > > dc=base > + ou=unit1 > + ou=People > + ou=Groups > + ou=Computers > + ou=unit2 > + ou=People > + ou=Groups > + ou=Computers > + ou=unit3 > + ou=People > + ou=Groups > + ou=Computers > ... > > And I need people from unit1 logging on unit2, unit3, etc. > > First thing is to put all users on one SAMBA Domain, but: > > Does Samba support "sub" search for users without PAM? Any workaround? > > Is the only alternative to put everyone in one big group like this: > > dc=base > + ou=People > + ou=Groups > + ou=Computers > > Considering less than 100.000 users (today only 10.000), is it good or > bad? > > I read man pages, search google and asked some IRC Channels, but I > didn't found anything. > > Thanks. > > -- > Daniel Cristian Cruz > クルズ クリスチアン ダニエル _ What are you waiting for? Join Lavalife FREE http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Flavalife9%2Eninemsn%2Ecom%2Eau%2Fclickthru%2Fclickthru%2Eact%3Fid%3Dninemsn%26context%3Dan99%26locale%3Den%5FAU%26a%3D30288&_t=764581033&_r=email_taglines_Join_free_OCT07&_m=EXT -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't see or change ACLs on Windows
On Thursday 18 October 2007 03:29:59 Eric Diven wrote: > I have samba server joined to a domain that I'm trying to use ads > security and acls on. I can set acls on the Unix file system, and > access from a windows client seems to honor them. I can't view the acls > under the security tab, all I see are the standard Unix permissions > instead. If I try to add an entry to the acl, I get an access denied > error, even if the user is on the list of admin users. Samba version is > 3.0.24, OS is Solars 10. Winbind works smoothly, I can set an entry in > an ACL to a domain user or group using setfacl on the unix side, and I > see it correctly with getfacl. Any ideas please? Hi Eric, Isn't it normal that Windows cannot see Unix ACL? As far as I know, since it cannot see it, it will then just translate the ACL into a more general ones. -- Fajar Priyanto | Reg'd Linux User #327841 | Linux tutorial http://linux2.arinet.org 17:58:23 up 4:52, 2.6.20-16-generic GNU/Linux Let's use OpenOffice. http://www.openoffice.org The real challenge of teaching is getting your students motivated to learn. pgpk3kCLK8PG2.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] static wins entries -- entries change after restart of corresponding Samba server
I am trying to use static wins entries, as stated in the Official Samba Howto Collection. One Samba server (VServer) is with wins service enabled. Another (Server1) is not, but it has the wins server in its smb.conf. When I set wins.dat at VServer: "SERVER1#00" 0 192.168.6.231 192.168.1.231 66R "SERVER1#03" 0 192.168.6.231 192.168.1.231 66R "SERVER1#20" 0 192.168.6.231 192.168.1.231 66R And then I restart Samba at Server1 this static entries get changed in: "SERVER1#00" 0 192.168.6.231 192.168.1.231 192.168.222.231 192.168.6.229 192.168.6.239 192.168.1.239 192.168.224.1 192.168.225.1 66R "SERVER1#03" 0 192.168.6.231 192.168.1.231 192.168.222.231 192.168.6.229 192.168.6.239 192.168.1.239 192.168.224.1 192.168.225.1 66R "SERVER1#20" 0 192.168.6.231 192.168.1.231 192.168.222.231 192.168.6.229 192.168.6.239 192.168.1.239 192.168.224.1 192.168.225.1 66R I would likle to keep it as I set it. Samba version on both machines: 3.0.24 /etc/smb.conf (Server1): [global] workgroup = mycompany server string = %h BDC netbios name = server1 wins support = no wins server = 192.168.222.235 dns proxy = yes log file = /var/log/samba/log.%m log level = 3 max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true obey pam restrictions = yes guest account = nobody unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = "*New password:*" %n\n "*Re-enter new password:*" %n\n "*LDAP password information changed for*" passwd chat debug = yes domain logons = yes local master = yes os level = 60 domain master = no preferred master = no logon path = logon drive = passdb backend = ldapsam:ldap://192.168.6.229/ ldap admin dn = cn=root,dc=mylocation,dc=mycompany ldap suffix = dc=mylocation,dc=mycompany ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Machines add machine script = /usr/sbin/smbldap-useradd -w "%u" add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" load printers = no printcap name = /dev/null disable spoolss = yes socket options = TCP_NODELAY aio read size = 0 aio write size = 0 blocking locks = yes fake oplocks = no kernel oplocks = yes level2 oplocks = no oplocks = no posix locking = yes strict locking = no strict sync = no sync always = no write cache size = 0 [netlogon] comment = Network Logon Service browseable = no path = /disk1/samba/netlogon guest ok = yes writable = no share modes = no include = /disk1/samba/etc/smb.conf.%i /etc/smb.conf (VServer): [global] workgroup = mycompany server string = %h PDC wins support = yes dns proxy = yes name resolve order = lmhosts wins bcast log file = /var/log/samba/log.%m log level = 3 max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d encrypt passwords = true obey pam restrictions = yes guest account = nobody unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = "*New password:*" %n\n "*Re-enter new password:*" %n\n "*LDAP password information changed for*" passwd chat debug = yes domain logons = yes local master = yes os level = 75 domain master = yes preferred master = yes logon path = logon drive = logon home = passdb backend = ldapsam:ldap://192.168.6.229/ ldap admin dn = cn=root,dc=mylocation,dc=mycompany ldap suffix = dc=mylocation,dc=mycompany ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Machines add machine script = /usr/sbin/smbldap-useradd -w "%u" add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes add group script = /usr/sbin/smbldap-groupadd -p "%g" delete group script = /usr/sbin/smbldap-groupdel "%g" add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u" load printers = no printcap name = /dev/null disable spoolss = yes socket options = TCP_NODELAY aio read size = 0 aio write size = 0 blocking locks = yes fake oplocks = no kernel oplocks = yes level2 oplocks = no oplocks = no posix locking = yes strict locking = no strict sync = no sync always = no write cache size = 0 [netlogon] comment = Network Logon Service path = /disk1/samba/netlogon browseable = no guest ok = yes writable = no share modes = no
[Samba] Problem with master browser, Vista kills network neighbourhood
I have a Samba Server 3.0.23a running on a Fedora 4. Since Vista entered my lan I've been having problems with master browser elections. When a Vista client connects to my workgroup it kills the network neighbourhood and the only machines seen is the vista client and my fileserver. By changing the regedit entries on the client side following this advice: HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > Browser > Parameters MaintainServerList = No IsDomainMaster = FALSE seemed to help a bit, but the problem still remains. There is one user with a Vista Home Edition that still have this problem. The global part of smb.conf: netbios name = -FILE workgroup = security = user server string = Samba ver. %v interfaces = 10.0.0.4 bind interfaces only = yes # For Vista compability client lanman auth = no client ntlmv2 auth = yes domain master = yes local master = yes preferred master = yes os level = 255 encrypt passwords = yes null passwords = yes username map = /etc/samba/smbusers guest account = mmt wins support = yes name resolve order = wins lmhosts hosts dns A typical log when it dies: Oct 19 07:28:34 mmtab-file nmbd[2919]: [2007/10/19 07:28:34, 0] nmbd/nmbd_nameregister.c:register_name_response(130) Oct 19 07:28:34 mmtab-file nmbd[2919]: register_name_response: server at IP 10.0.0.41 rejected our name registration of <1d> IP 10.0.0.4 with error code 6. Oct 19 07:28:34 mmtab-file nmbd[2919]: [2007/10/19 07:28:34, 0] nmbd/nmbd_become_lmb.c:become_local_master_fail2(417) Oct 19 07:28:34 mmtab-file nmbd[2919]: become_local_master_fail2: failed to register name <1d> on subnet 10.0.0.4. Failed to become a local master browser. Oct 19 07:28:34 mmtab-file nmbd[2919]: [2007/10/19 07:28:34, 0] nmbd/nmbd_namelistdb.c:standard_fail_register(305) Oct 19 07:28:34 mmtab-file nmbd[2919]: standard_fail_register: Failed to register/refresh name <1d> on subnet 10.0.0.4 Sorry for wrapping lines, the Samba machine is at 10.0.0.4 and Vista client is 10.0.0.41. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] The Number One Success System Gifting
http://www.noss123.com/ In the past, when brokers (and their agents) only represented sellers, the term ''real estate salesperson'' may have been more appropriate than it is today, given the different ways that brokers and their agents can help a buyer through the process rather than simply "sell'' him or her a property. Legally however, the term 'salesperson' is still used in many states to describe a real estate agent. *Real estate education*: In order to become licensed, most states require that an applicant take a minimum number of classes before taking the state licensing exam. Such education is often provided by real estate brokerages as a means to finding new agents. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] problem with kernel oplock
NFS precision : 127.0.0.1:/srv/vol2_For_SafeKit_Replication on /srv/vol2 type nfs (rw,proto=udp,port=5700,hard,timeo=5,retrans=6,nolock,addr=127.0.0.1) You can see that NFS no lock the file. I tried with kernel oplocks = no but the problem is the same, the message has just changed from I/O problem to access right problem. Where is the problem ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 17/10/2007 13:11 A samba@lists.samba.org cc Objet [Samba] problem with kernel oplock Hi, We test a software called Safekit. This software permit to have a replicated FS and can start some apps from a particular script. We use this startup script for starting SaMBa. We make this test : NODE1 : Samba not actif (SECOND) NODE2 : Samba is running (PRIM) open a file with samba and modify it make swap I try to save and no possible to save, but if I close the file and reopen it it works fine. On the log file, we have : [2007/10/17 12:25:50, 4] smbd/open.c:open_file_ntcreate(1605) calling open_file with flags=0x0 flags2=0x0 mode=0760, access_mask = 0x20089, open_access_mask = 0x20089 [2007/10/17 12:25:50, 2] smbd/open.c:open_file(391) spu opened file CORINF/cmde/CDE5021.ods read=Yes write=No (numopen=3) [2007/10/17 12:25:50, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(173) linux_set_kernel_oplock: Refused oplock on file CORINF/cmde/CDE5021.ods, fd = 26, dev = 14, inode = 403381390. (Ressource temporairement non disponible) [2007/10/17 12:25:50, 5] smbd/nttrans.c:reply_ntcreate_and_X(938) reply_ntcreate_and_X: fnum = 12684, open name = CORINF/cmde/CDE5021.ods [2007/10/17 12:25:50, 5] lib/util.c:show_msg(484) [2007/10/17 12:25:50, 5] lib/util.c:show_msg(494) Anyone can explain this little problem ? Samba 3.0.26a The shared directory is accesible with a local mount of a NFS share. thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Pam_mount + cifs
I have it working in an LDAP context. However I was unable to make KDE work. http://lists.samba.org/archive/samba/2006-July/122347.html If you make some progress please let me know. Regards, Thierry. On Wednesday 17 October 2007 19:18, Diego Obetko wrote: > Hi, i'm probably not the first but i have found no concrete information > about my problem... lots of information, nothing helped.. :S > > so, here's the thing.. i'm running a samba-3.0.22-13.16 server on SLES 9 > kernel 2.6.16.21-0.8-default as an nt domain controller, there was a > migration to Linux for the workstations so i had to implement WINBIND + > PAM_MOUNT. Maybe a winbind issue. See below. > > after searching for the right configuration y got it working with SMBFS and > here's the problem... smbfs doesn't support hardlinks or symlinks... a BIG > trouble since the workstations run KDE (dcop)... > > i've tryed mounting homes with cifs insted but this is what happens > > - > pam_mount.conf > - > debug 1 > mkmountpoint 1 > luserconf .pam_mount.conf > > options_allow nosuid,nodev > options_denysuid,dev > options_require nosuid,nodev > > lsof /usr/sbin/lsof %(MNTPT) > fsck /sbin/fsck -p %(FSCKLOOP) > cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o > "username=%(USER)%(before=\",\" OPTIONS)" > smbmount /usr/bin/smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o > "username=%(USER),gid=%(USERGID)%(before=\",\" OPTIONS)" > umount /bin/umount %(MNTPT) > mntagain /bin/mount --bind %(PREVMNTPT) %(MNTPT) > > volume * cifs 192.168.9.15 & /home/& > uid=&,dir_mode=0700,workgroup=COLEGIO - - > > --- > > > pam_mount(mount.c:368) information for mount: > pam_mount(mount.c:369) -- > pam_mount(mount.c:370) (defined by globalconf) > pam_mount(mount.c:373) user: dobetko > pam_mount(mount.c:374) server:192.168.9.15 > pam_mount(mount.c:375) volume:dobetko > pam_mount(mount.c:376) mountpoint:/home/dobetko > pam_mount(mount.c:377) options: user=dobetko,dir_mode=0700 > pam_mount(mount.c:378) fs_key_cipher: > pam_mount(mount.c:379) fs_key_path: > pam_mount(mount.c:380) use_fstab: 0 > pam_mount(mount.c:381) -- > pam_mount(mount.c:177) realpath of volume "/home/dobetko" is > "/home/dobetko" pam_mount(mount.c:182) checking to see if > //192.168.9.15/dobetko is already mounted at /home/dobetko > pam_mount(mount.c:799) checking for encrypted filesystem key configuration > pam_mount(mount.c:819) about to start building mount command > pam_mount(misc.c:264) command: /bin/mount [-t] [cifs] > [//192.168.9.15/dobetko] [/home/dobetko] [-o] > [username=dobetko,user=dobetko,dir_mode=0700] > pam_mount(mount.c:851) mount errors (should be empty): > pam_mount(mount.c:100) pam_mount(misc.c:341) set_myuid(pre): real > uid/gid=0:10003, effective uid/gid=0:10003 > pam_mount(mount.c:100) pam_mount(misc.c:376) set_myuid(post): real > uid/gid=0:10003, effective uid/gid=0:10003 > pam_mount(mount.c:854) waiting for mount > S.ficheros Bloques de 1K UsadoDispon Uso% Montado en > /dev/hda1 27617036 15634032 10580132 60% / > tmpfs 254372 0254372 0% /lib/init/rw > udev 1024052 10188 1% /dev > tmpfs 254372 0254372 0% /dev/shm > //192.168.9.15/dobetko > 117206592 101382352 15824240 87% /home/dobetko > pam_mount(pam_mount.c:123) clean system authtok (0) > pam_mount(misc.c:264) command: /usr/sbin/pmvarrun [-u] [dobetko] [-o] [1] > pam_mount(misc.c:341) set_myuid(pre): real uid/gid=0:10003, effective > uid/gid=0:10003 > pam_mount(misc.c:376) set_myuid(post): real uid/gid=0:10003, effective > uid/gid=0:10003 > pam_mount(pam_mount.c:360) pmvarrun says login count is 3 > pam_mount(pam_mount.c:491) done opening session > bash: /home/dobetko/.bashrc: Permision denied > > $mount > //192.168.9.15/dobetko on /home/dobetko type cifs (rw,mand) > > $ls -l /home > drwx-- 36 1181 guest0 2007-10-17 09:33 dobetko Apparently the user id is not resolved. What's the output of 'id dobetko' and 'id 1181' ? What's the output of 'whami' and 'ls -l /home/dobetko' ? > > > smb.conf (server side) > > [global] > server string = Samba PDC > domain logons = Yes > domain master = Yes > netbios name = samba > security = users > wins support = Yes > # unix password sync = yes > workgroup = COLEGIO > logon drive = H: > logon path = \\%L\%U\./.perfil_win > logon home = \\%L\profiles\%U > add machine script = /usr/sbin/useradd -c Machine -d > /var/lib/nobody -s /bin/false %m$ > passdb backend = smbpasswd > veto files = /*.asf/*.wma/*.wmv/*.mp2/*.mp4/*.mp3/*.rsm/*root*/ > local master = Yes > os level = 65 >
[Samba] 1st winbind 2nd vampire
Hi I set up a samba server as domain memeber. I used winbind for user/ groupmapping. Now the samba server should replace the NT 4.0 PDC. I want to use net vampire to store the account database on the samba server. Will net vampire obey idmap mapping ot will the uid/gid number change? Cheers, Tilo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Weird disconnection problems
i'm seeing same problems here. A very specific problem is clients sometimes can't get their roaming profile. Error message is the same so i guess the problem may be somewhat the same. Sometimes it happens with shares too. System Debian etch Samba 3.024 smbd log: Around 9:14 i'm seeing the same errors. 2007/10/19 09:03:56, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2007/10/19 09:03:56, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2007/10/19 09:03:56, 0] lib/access.c:check_access(327) [2007/10/19 09:03:56, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2007/10/19 09:03:56, 1] smbd/process.c:process_smb(1103) [2007/10/19 09:03:56, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2007/10/19 09:03:56, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 192.168.1.98. Error Connection reset by peer [2007/10/19 09:03:56, 0] lib/util_sock.c:send_smb(769) Error writing 5 bytes to client. -1. (Connection reset by peer) [2007/10/19 09:04:28, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2007/10/19 09:04:28, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2007/10/19 09:04:28, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 0.0.0.0. Error = Connection reset by peer [2007/10/19 09:04:28, 0] smbd/service.c:make_connection() mpi057 (192.168.1.98) couldn't find service verah [2007/10/19 09:04:28, 0] smbd/service.c:make_connection() mpi057 (192.168.1.98) couldn't find service verah [2007/10/19 09:04:30, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service netlogon initially as user verah (uid=1003, gid=1001) (pid 10356) [2007/10/19 09:04:30, 0] smbd/service.c:set_current_service(150) chdir (/data/netlogon) failed [2007/10/19 09:04:30, 0] smbd/service.c:set_current_service(150) chdir (/data/netlogon) failed [2007/10/19 09:04:38, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service netlogon [2007/10/19 09:04:39, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service profiles initially as user verah (uid=1003, gid=1001) (pid 10360) [2007/10/19 09:04:39, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service profiles [2007/10/19 09:04:41, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service ICT initially as user verah (uid=1003, gid=1004) (pid 10361) [2007/10/19 09:04:50, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service ICT [2007/10/19 09:06:10, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service ICT initially as user verah (uid=1003, gid=1004) (pid 10371) [2007/10/19 09:06:10, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service Backup initially as user verah (uid=1003, gid=1004) (pid 10371) [2007/10/19 09:14:26, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service profiles initially as user verah (uid=1003, gid=1001) (pid 10371) [2007/10/19 09:14:30, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service profiles [2007/10/19 09:14:30, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service Backup [2007/10/19 09:14:30, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service ICT [2007/10/19 09:14:43, 1] smbd/service.c:make_connection_snum(950) mpi057 (192.168.1.98) connect to service profiles initially as user verah (uid=1003, gid=1001) (pid 10405) [2007/10/19 09:14:47, 1] smbd/service.c:close_cnum(1150) mpi057 (192.168.1.98) closed connection to service profiles [2007/10/19 09:14:47, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected [2007/10/19 09:14:47, 0] lib/access.c:check_access(327) [2007/10/19 09:14:47, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Denied connection from (0.0.0.0) [2007/10/19 09:14:47, 1] smbd/process.c:process_smb(1103) [2007/10/19 09:14:47, 0] lib/util_sock.c:get_peer_addr(1229) getpeername failed. Error was Transport endpoint is not connected Connection denied from 0.0.0.0 [2007/10/19 09:14:47, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 192.168.1.98. Error Connection reset by peer [2007/10/19 09:14:47, 0] lib/util_sock.c:send_smb(769) Error writing 5 bytes to client. -1. (Connectio
[Samba] Re: Samba 3 + LDAP with multiple ou's
Daniel Cristian Cruz napisał(a): On Oct 18, 12:00 pm, Marcin Giedz <[EMAIL PROTECTED]> wrote: This might be a need if you have several PDCs (samba domains) running on one LDAP server. I've had such structure for several years and it works OK. M. Marcin, I didn't get what structure you use. Many PDC's with an ou for each, yes exactly Every PDC has his OWN SID that's why I need to split it to different trees in LDAP. Like e.g ou=domain1,dc=xx,dc=x, ou=domain2,dc=xx,dc=x, etc or all PDC's in the same LDAP People, Group and Machines? NO! M. Thank you, Daniel Cristian -- ARISE M.Giedz, T.Żebruń sp.j. http: www.arise.pl mail: [EMAIL PROTECTED] tel: +48 502 537 157 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SID List
Hi, when im runing te command: net usersidlist [2007/10/19 09:11:13, 0] utils/net_rpc.c:net_usersidlist(4724) Could not get the user/sid list I'll get this error. S-1-5-21-X--X-500 i must find this sid.. someone got a hint ? Louis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba