[Samba] Performance on freebsd 6.3
Hi: I have a serius performance issue with samba on freebsd 6.3. If check the tranfer with ftp i got about 36/46 mb/s but with samba i only got about 15/25 trasfering the SAME file. I want to improve the file trasfer performance for my server, do you guys have any tips or patches? My machine: Freebsd 6.3 AMD64 samba-3.0.28 AMD X2 3800+ 1GB of ram 4 hard drives (Raid 1, and one raid 0) Thanks. -- mmm, interesante. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with cups print job name
For some time I had been running samba 3.0.10 from RHEL4. I have a samba -> cups -> pdf printer set up which uses the user supplied job name for the output file. The job name was formatted like this "smbprn.1020 Microsoft Word - Test.doc". Since then, RHEL have updated to samba 3.0.25. The job name supplied to cups is now a random string of characters like "smbprn.1512.hFG4Qi". Does anyone know if there is there a way to get the old behavior back? Thanks John. -- John Newbigin ITS Senior Analyst / Programmer Faculty of Information and Communication Technologies Swinburne University of Technology Melbourne, Australia http://www.ict.swin.edu.au/staff/jnewbigin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange permission denied problem
Yan Seiner wrote: I built an embedded box which uses mount.cifs to mount network shares.I've shipped several of these and all are working fine except for one, which gives me permission denied on certain files: [EMAIL PROTECTED]:~/mnt/bgrp1/c/Ballance Group Folders/Scully/Client Photos-Scully# cat "Office Pics 002.jpg" > /dev/null cat: Office Pics 002.jpg: Permission denied [EMAIL PROTECTED]:~/mnt/bgrp1/c/Ballance Group Folders/Scully/Client Photos-Scully# cat "Iron & Concrete Table.jpg" > /dev/null [EMAIL PROTECTED]:~/mnt/bgrp1/c/Ballance Group Folders/Scully/Client Photos-Scully# So only the Office Pics file gets a permission denied. [EMAIL PROTECTED]:~/mnt/bgrp1/c/Ballance Group Folders/Scully/Client Photos-Scully# ls -al dr-xr-x---1 root root0 Mar 28 14:22 . dr-xr-x---1 root root0 Mar 27 17:35 .. -r--r-1 root root 113826 Mar 3 16:26 Iron & Concrete Table.jpg -r--r-1 root root 744886 Feb 21 16:14 Nightstands.jpg -r--r-1 root root 765452 Feb 15 19:09 Occhio Chair.jpg -r--r-1 root root90670 Mar 28 14:22 Office Pics 002.jpg cat /proc/mounts says: //bgrp1/c /tmp/mnt/bgrp1/c cifs ro,mand,nodiratime,unc=\\bgrp1\c,username=root,domain=,rsize=4100,wsize=4100 0 0 and the mount line itself is mount.cifs "//$server/$wshare" /tmp/mnt/$server/$lshare -o ip=$target,guest,ro,file_mode=0440,dir_mode=0550 I can't for the life of me figure out why some files give me a permission denied. I have no physical access to the problem box; here's what I know: --+ Looking up status of 192.168.0.2 BGRP1 <00> - B MSHOME <00> - B BGRP1 <20> - B MSHOME <1e> - B MSHOME <1d> - B ..__MSBROWSE__. <01> - B MAC Address = 00-19-DB-A6-43-23 --+ Sharename Type Comment - --- IPC$IPC Remote IPC D$ Disk Default share C DiskBallance Group Folders Disk F DiskADMIN$ Disk Remote Admin C$ Disk Default share Server Comment ---- WorkgroupMaster How do I go about diagnosing this? Thanks, --Yan Does 'lsof' show the file as opened and locked by chance? I've seen something to this effect with a stale lock (had to reboot the server - although I'm sure there is a guru technique to blow away the entry in the open files table, and it's probably elegant too!) In my case, it made the load increase, as it thought it was I/O blocked. Are you seeing any outrageous load averages in 'uptime'? I was in the hundreds, but the box was responding like it was at a 0.5 or so. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Restrictions
Ryan Bair wrote: I have single directories with over 100,000 entries and about 4 million files on the system total spanning about 15TB. I don't think you should have a problem. Only problem I have is that directory listings take a while with 100K entries but that's to be expected. On Mon, Mar 31, 2008 at 9:11 AM, <[EMAIL PROTECTED]> wrote: Hi, I'm hopping you can give me some advice, I work for a Financial Institute and we are very interested in implementing Samba as a file server running on AIX 5.3. Before we can think about implementing this we need to no if Samba has any limitation on number of folders, files and shares. The current file storage system is running on Windows 2003 server and has somewhere in the region of 51,000 folders and 450,000 files taking up 200GB would samba be able to cope with this? Your feedback would be appreciated. Thanks Tim This e-mail and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from disclosure under applicable law. If you are not the addressee, or have received this e-mail in error, please notify the sender immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this e-mail or its attachments. Internet communications are not guaranteed to be secure or virus-free. The Barclays Group does not accept responsibility for any loss arising from unauthorised access to, or interference with, any Internet communications by any third party, or from the transmission of any viruses. Replies to this e-mail may be monitored by the Barclays Group for operational or business reasons. Any opinion or other information in this e-mail or its attachments that does not relate to the business of the Barclays Group is personal to the sender and is not given or endorsed by the Barclays Group. Barclays Bank PLC.Registered in England and Wales (registered no. 1026167). Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom. Barclays Bank PLC is authorised and regulated by the Financial Services Authority. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Just be careful that you pick a file system with enough inodes. I think reiserfs has a great number of inodes and will handle multiple small files quickly; although, it is... cranky; I assume if you're a financial institute you have redundant everything and incremental backups constantly chugging off site, so it shouldn't be too much of a risk. Just make sure you don't drop the power, reiserfs will need to replay the journal and might need a fsck tree rebuild if you ever shut down while it's still mounted. I hear XFS also has many of these traits (and is somewhat more mature, although I think it has an issue on AIX, IIRC something isn't supported... snapshotting, perhaps?), as does JFS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange behaviour
Yes, but the dhcp server isn't providing that now nor thursday and before. I think that I'll put this setting there, but I haven't yet understood what happened and I hope someone could help me finding what caused that. Thank you. Roberto Charles Marcus ha scritto: On 4/1/2008, Roberto Sacchetti ([EMAIL PROTECTED]) wrote: What can I do to restore the working state without having to manually set the WINS server in each client? This should always be provided to the clients by the DHCP server, no? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange behaviour
Yes, you're right, but the dhcp configuration wasn't changed in the night after the restoration...I haven't yet understood what happened and I hope someone could help me finding what caused that. Thank you Roberto [EMAIL PROTECTED] ha scritto: Add WIN server addresses to the dhcp configuration. -- Damien Dye BSC(hon) IT and Telecommunications Engineer Mckenna Group Lawn Road Industrial Estate Lawn Road Carlton-in-Lindrick Worksop Nottinghamshire United Kingdom S81 9LB Email : [EMAIL PROTECTED] Tel: (44) 01909541414 Direct : (44) 01909541462 Fax: (44) 01909541415 Web: www.mckennagroup.co.uk Company Registered in England, McKenna Precision Castings Ltd Company Registration Number 1713320 Registered address Lawn Road, Carlton-in-Lindrick, Worksop, Notts, S81 9LB -- Original Message Subject: [Samba] strange behaviour (01-Apr-2008 8:16) From:[EMAIL PROTECTED] To: [EMAIL PROTECTED] Hi all. Last thursday I've had to restore my customer's pdc from an hdd failure, and by the evening I restored a full working state of server and clients, rejoining all of them to the domain. Next morning the customer called me saying that nothing was working, I looked the server from remote without finding failures and then I went there: I found that clients couldn't find the pdc and I struggled with name resolution, but I didn't get the system up until I put the server's ip address in the WINS servers list in each client's TCP/IP configuration. Can someone tell me what could cause this strange issue? I must say that the server wasn't shut down the thursday evening, only clients were. What can I do to restore the working state without having to manually set the WINS server in each client? Thank you in advance. Roberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba To: samba@lists.samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC, OpenLDAP, and passwd chat
Hey Denis, Denis Cardon wrote: > Hi Ryan, > >> I'm using Samba 3.0.24 and OpenLDAP 2.3.30 (with the ppolicy and >> smbk5pwd overlays). >> >> While testing Samba as a PDC with an OpenLDAP backend, I've hit a snag >> on password change. I currently have the following in my smb.conf >> related to password changes: >> >> passwd program = /usr/bin/ldappasswd -x -W -S -D >> uid=%u,ou=Users,dc=example,dc=com >> passwd chat = "*Enter NEW password*" %n\n "*Confirm NEW >> password*" %n\n "*Verify OLD password*" %o\n "*Password changed*" \n >> passdb backend = ldapsam:ldap://127.0.0.1 > > Correct me if I'm wrong, but I thought that the password chat was > refering to some kind of Expect script to interact with the script > refered by the "password program" parameters (/usr/bin/ldappasswd in > your case). There is some more info on this in the smb.conf man page. > Yeah, you're right. And, in reading the man page, I found this: "Note that this parameter only is only used if the unix password sync parameter is set to yes". I, however, have "ldap passwd sync = yes", not "unix passwd sync = yes". So I guess 'passwd chat' isn't ever going to be used in my case? I can live with the default dialog, but I absolutely need to fix #2 below - the ppolicy restrictions on password length, strength, etc. need to be adhered to. The fact that I get: "Your password must be at least 5 characters, cannot repeat any of your previous 0 passwords and must be at least 0 days old. Please type a different password. Type a password that meets these requirements in both text boxes." ...instead of the requirements set forth in OpenLDAP (minimum 6 chars, can't use previous 6 passwords, etc) as demonstrated below is an issue. Where is it pulling these requirements from, and how can I get it to relay messages from OpenLDAP (e.g., the 'password fails quality checking' message) back to the user? > >> I can change passwords, but there are a couple of things I've noticed >> that don't work properly. >> >> 1. My 'passwd chat' text isn't reflected on the Windows clients on the >> domain. Instead, I get (when changing via ctrl+alt+delete or during >> domain logon if the password has expired): >> >>User name: >>Log on to: >>Old password: >>New password: >>Confirm new password: >> >> 2. The password requirements set forth by ppolicy (such as length, >> strength, and recently used passwords) don't seem to be adhered to. I >> can put in 'foobar' as the new password, change it to 'foobar1', change >> it back to 'foobar', and Samba will happily change the passwords. While >> the change does take, and I can log in to the domain with 'foobar' or >> 'foobar1' as the password, it's certainly not what I want. Conversely, >> I get this desired results when invoking 'ldappasswd' from the >> command-line: >> >> # Testing the weak password 'foobar' >> server:~# /usr/bin/ldappasswd -x -W -S -D >> uid=tester,ou=Users,dc=example,dc=com >> New password: >> Re-enter new password: >> Enter LDAP Password: >> Result: Constraint violation (19) >> Additional info: Password fails quality checking policy >> >> # Testing a password in the list of the last six passwords >> server:~# /usr/bin/ldappasswd -x -W -S -D >> uid=tester,ou=Users,dc=example,dc=com >> New password: >> Re-enter new password: >> Enter LDAP Password: >> Result: Constraint violation (19) >> Additional info: Password is in history of old passwords >> >> If I try putting in something like 'a' as the password, I get a dialog >> box that says: "Your password must be at least 5 characters, cannot >> repeat any of your previous 0 passwords and must be at least 0 days >> old. Please type a different password. Type a password that meets >> these requirements in both text boxes." Where is this text/requirement >> list coming from? And, how can I configure Samba such that it returns >> the desired errors (above) to the user? >> >> In the same vein, instead of having the sambaPasswordHistory attribute >> in LDAP reflect the old hashed passwords, I just get one entry which >> reads: >> >>sambaPasswordHistory: >> >> >> I would very much appreciate any advice you folks might be able to >> offer. >> >> Thanks, >> Ryan > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC, OpenLDAP, and passwd chat
Hi Ryan, I'm using Samba 3.0.24 and OpenLDAP 2.3.30 (with the ppolicy and smbk5pwd overlays). While testing Samba as a PDC with an OpenLDAP backend, I've hit a snag on password change. I currently have the following in my smb.conf related to password changes: passwd program = /usr/bin/ldappasswd -x -W -S -D uid=%u,ou=Users,dc=example,dc=com passwd chat = "*Enter NEW password*" %n\n "*Confirm NEW password*" %n\n "*Verify OLD password*" %o\n "*Password changed*" \n passdb backend = ldapsam:ldap://127.0.0.1 Correct me if I'm wrong, but I thought that the password chat was refering to some kind of Expect script to interact with the script refered by the "password program" parameters (/usr/bin/ldappasswd in your case). There is some more info on this in the smb.conf man page. Cheers, Denis I can change passwords, but there are a couple of things I've noticed that don't work properly. 1. My 'passwd chat' text isn't reflected on the Windows clients on the domain. Instead, I get (when changing via ctrl+alt+delete or during domain logon if the password has expired): User name: Log on to: Old password: New password: Confirm new password: 2. The password requirements set forth by ppolicy (such as length, strength, and recently used passwords) don't seem to be adhered to. I can put in 'foobar' as the new password, change it to 'foobar1', change it back to 'foobar', and Samba will happily change the passwords. While the change does take, and I can log in to the domain with 'foobar' or 'foobar1' as the password, it's certainly not what I want. Conversely, I get this desired results when invoking 'ldappasswd' from the command-line: # Testing the weak password 'foobar' server:~# /usr/bin/ldappasswd -x -W -S -D uid=tester,ou=Users,dc=example,dc=com New password: Re-enter new password: Enter LDAP Password: Result: Constraint violation (19) Additional info: Password fails quality checking policy # Testing a password in the list of the last six passwords server:~# /usr/bin/ldappasswd -x -W -S -D uid=tester,ou=Users,dc=example,dc=com New password: Re-enter new password: Enter LDAP Password: Result: Constraint violation (19) Additional info: Password is in history of old passwords If I try putting in something like 'a' as the password, I get a dialog box that says: "Your password must be at least 5 characters, cannot repeat any of your previous 0 passwords and must be at least 0 days old. Please type a different password. Type a password that meets these requirements in both text boxes." Where is this text/requirement list coming from? And, how can I configure Samba such that it returns the desired errors (above) to the user? In the same vein, instead of having the sambaPasswordHistory attribute in LDAP reflect the old hashed passwords, I just get one entry which reads: sambaPasswordHistory: I would very much appreciate any advice you folks might be able to offer. Thanks, Ryan -- Denis Cardon Tranquil IT Systems 44 bvd des pas enchantés 44230 Saint Sébastien sur Loire tel : +33 (0) 2.40.97.62.67 http://www.tranquil-it-systems.fr -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC, OpenLDAP, and passwd chat
Hey List, I'm using Samba 3.0.24 and OpenLDAP 2.3.30 (with the ppolicy and smbk5pwd overlays). While testing Samba as a PDC with an OpenLDAP backend, I've hit a snag on password change. I currently have the following in my smb.conf related to password changes: passwd program = /usr/bin/ldappasswd -x -W -S -D uid=%u,ou=Users,dc=example,dc=com passwd chat = "*Enter NEW password*" %n\n "*Confirm NEW password*" %n\n "*Verify OLD password*" %o\n "*Password changed*" \n passdb backend = ldapsam:ldap://127.0.0.1 I can change passwords, but there are a couple of things I've noticed that don't work properly. 1. My 'passwd chat' text isn't reflected on the Windows clients on the domain. Instead, I get (when changing via ctrl+alt+delete or during domain logon if the password has expired): User name: Log on to: Old password: New password: Confirm new password: 2. The password requirements set forth by ppolicy (such as length, strength, and recently used passwords) don't seem to be adhered to. I can put in 'foobar' as the new password, change it to 'foobar1', change it back to 'foobar', and Samba will happily change the passwords. While the change does take, and I can log in to the domain with 'foobar' or 'foobar1' as the password, it's certainly not what I want. Conversely, I get this desired results when invoking 'ldappasswd' from the command-line: # Testing the weak password 'foobar' server:~# /usr/bin/ldappasswd -x -W -S -D uid=tester,ou=Users,dc=example,dc=com New password: Re-enter new password: Enter LDAP Password: Result: Constraint violation (19) Additional info: Password fails quality checking policy # Testing a password in the list of the last six passwords server:~# /usr/bin/ldappasswd -x -W -S -D uid=tester,ou=Users,dc=example,dc=com New password: Re-enter new password: Enter LDAP Password: Result: Constraint violation (19) Additional info: Password is in history of old passwords If I try putting in something like 'a' as the password, I get a dialog box that says: "Your password must be at least 5 characters, cannot repeat any of your previous 0 passwords and must be at least 0 days old. Please type a different password. Type a password that meets these requirements in both text boxes." Where is this text/requirement list coming from? And, how can I configure Samba such that it returns the desired errors (above) to the user? In the same vein, instead of having the sambaPasswordHistory attribute in LDAP reflect the old hashed passwords, I just get one entry which reads: sambaPasswordHistory: I would very much appreciate any advice you folks might be able to offer. Thanks, Ryan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] renaming a computer fail on a samba domain using ldap backend
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I am trying to rename a computer on my samba domain but it fails telling me I hadn't rights to do it. Obviously, I use the same admin account (root) than the one which add this computer on the domain some seconds before. I am using samba 3.0.24 on Debian etch with a openldap SAM backend and smbldap-tools scripts using these conf params : ~~ add user script = /usr/sbin/smbldap-useradd -c "Samba user account" -m -s /bin/false '%u' add machine script = /usr/sbin/smbldap-useradd -c "Samba computer account" -g 515 -w -s /bin/false '%u' add group script = /usr/sbin/smbldap-groupadd '%g' add user to group script = /usr/sbin/smbldap-groupmod -m '%u' '%g' delete user script = /usr/sbin/smbldap-userdel '%u' delete group script = /usr/sbin/smbldap-groupdel '%g' delete user from group script = /usr/sbin/smbldap-groupmod -x '%u' '%g' set primary group script = /usr/sbin/smbldap-usermod -g '%g' '%u' ~~ So far, I can add a computer on a domain, but I can't rename it. I tried to rename the computer using smbldap-usermod before updating it in WinXP, but obviously, it fails telling me the user is unknown. The only way I found is to add a computer with the new name to the domain using smbldap-useradd, leaving the domain from WinXP, renaming it under WinXP, re-join the domain, then drop the old computer account. Here the content of log.root when I try to rename the computer (using "log file = /var/log/samba/log.%U" and log level = 3) http://pastebin.org/26701 The ACCESS denied is at line 771 : "set_user_info_21: failed to rename account: NT_STATUS_ACCESS_DENIED" I could give a more verbose log file, but this one is pretty huge... So, where did I fail ? Do we can rename a computer on a samba domain ? Feel free to ask me anything more you need to help me :) - -- Guillaume (ioguix) de Rorthais -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH8mxOxWGfaAgowiIRApA7AJ9p/7m2G3wH/1YvR/0f9MkxNZ3DGACfZbOl e6Mz3mQS2bIS6yzJ++cu66A= =B3vK -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbldap-useradd -w won't create machine account
Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : > I can't get smbldap-useradd to add the sambaSamAccount workstation > attributes. For example: > > smbldap-useradd -w 'test_machine$' > > > # test_machine$, People, desktop.hmdc.harvard.edu > dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu > objectClass: top > objectClass: account > objectClass: posixAccount > cn: test_machine$ > uid: test_machine$ > uidNumber: 1010 > gidNumber: 515 > homeDirectory: /dev/null > loginShell: /bin/false > description: Computer > gecos: Computer > > > Has anyone else experienced this? It thinks it's creating a machine > account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. > > > More info: > # rpm -qi smbldap-tools > Name: smbldap-toolsRelocations: (not relocatable) > Version : 0.9.4 Vendor: Dag Apt > Repository, http://dag.wieers.com/apt/ > Release : 1.el5.rf Build Date: Sat 22 Sep 2007 > 01:35:45 AM EDT > Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: > lisse.leuven.wieers.com > Group : System Environment/Base Source RPM: > smbldap-tools-0.9.4-1.el5.rf.src.rpm > Size: 525573 License: GPL > Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID > a20e52146b8d79e6 > Packager: Dag Wieers <[EMAIL PROTECTED]> > URL : http://sourceforge.net/projects/smbldap-tools/ > Summary : User and group administration tools for Samba-OpenLDAP > > > > Thanks, > c > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Strong(er) authentication required when joining Active Directory (Samba 3.0.28)
Hello all, I'm having problems getting Samba to join a Windows AD. I am delegated OU admin, and have no direct access to the domain controller. We have 3 DCs in one domain where my OU exists. The users I wish to authenticate are in a different domain. I have set up Kerberos and can receive tickets correctly. I run net -d 4 ads join createcomputer=[Delegated OU] -U [account with join permissions] After filling in a password, I get the following: [2008/04/01 16:06:01, 4] libsmb/namequery_dc.c:ads_dc_name(139) ads_dc_name: using server= dc_server' IP=dc_ip ccspmed's password: [2008/04/01 16:06:03, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: ", *" [2008/04/01 16:06:03, 4] libsmb/namequery.c:get_dc_list(1599) get_dc_list: returning 3 ip addresses in an ordered list [2008/04/01 16:06:03, 4] libsmb/namequery.c:get_dc_list(1600) get_dc_list: 10.10.250.17:389 10.10.250.3:389 10.10.250.1:389 [2008/04/01 16:06:03, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.10.250.17 [2008/04/01 16:06:03, 4] libads/ldap.c:ads_current_time(2414) time offset is -5 seconds [2008/04/01 16:06:03, 4] libads/sasl.c:ads_sasl_bind(521) Found SASL mechanism GSS-SPNEGO [2008/04/01 16:06:03, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2008/04/01 16:06:03, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2008/04/01 16:06:03, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2008/04/01 16:06:03, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2008/04/01 16:06:03, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = dc_server [2008/04/01 16:06:03, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2008/04/01 16:06:03, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Wed, 02 Apr 2008 02:05:58 BST [2008/04/01 16:06:03, 1] utils/net_ads.c:net_ads_join(1470) error on ads_startup: Strong(er) authentication required Failed to join domain: Strong(er) authentication required [2008/04/01 16:06:03, 2] utils/net.c:main(1036) return code = -1 Any help appreciated. Yours, Naadir Jeewa -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Standalone server providing authenticated services to AD clients?
I'm trying to set up Samba on an older Solaris 9 box using the bundled Samba. I don't want to have to build Samba from scratch. All I need to be able to do is provide authenticate file share access to clients that are in our AD domain. E.g., my laptop is an AD domain client, I am logged in as myself, AD-DOM\myusername. Samba is running on the server with user level security. myusername exists in /etc/passwd and has been added smbpasswd. The same password is being used in AD, /etc/passwd and /etc/sfw/private/smbpasswd. But when I try to connect to \\MYSUNSERVER\myusername, "it" is trying to connect me as "MYSUNSERVER\Guest" rather than "myusername". I'm sure this is just my lack of understanding, but if someone could set me straight, that would be appreciated. [global] workgroup = AD-DOM security = user [homes] comment = User Home Directories valid users = %s read only = no browseable = no -- Georgia: Why am I not doing what they're doing? Rube: Because you're doing what you're doing. When it's time for you to do something else you'll do that. READ CAREFULLY. By reading this email, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange behaviour
On 4/1/2008, Roberto Sacchetti ([EMAIL PROTECTED]) wrote: What can I do to restore the working state without having to manually set the WINS server in each client? This should always be provided to the clients by the DHCP server, no? -- Best regards, Charles -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-useradd -w won't create machine account
I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers <[EMAIL PROTECTED]> URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] strange behaviour
Hi all. Last thursday I've had to restore my customer's pdc from an hdd failure, and by the evening I restored a full working state of server and clients, rejoining all of them to the domain. Next morning the customer called me saying that nothing was working, I looked the server from remote without finding failures and then I went there: I found that clients couldn't find the pdc and I struggled with name resolution, but I didn't get the system up until I put the server's ip address in the WINS servers list in each client's TCP/IP configuration. Can someone tell me what could cause this strange issue? I must say that the server wasn't shut down the thursday evening, only clients were. What can I do to restore the working state without having to manually set the WINS server in each client? Thank you in advance. Roberto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba