Re: [Samba] PDC -> BDC Question
On Thu, Jun 25, 2009 at 3:58 PM, Nick Pappin wrote: > Ok but how do I keep the pdc and the bdc in sync, for example the > account_policy.tdb file has all of the account policy stuff in it now I > assume that I could take this tdb file and move it to another domain for all > it cares and still keep all fo my policy settings. So changes file just mean > that the file needs to be moved to all of the other servers or does it even > matter if this file is the same on the pdc and the bdc because the bdc > doesnt do account policy enforcement. However how does this effect the other > files such as ntdrivers.tdb or registry.tdb. > Ahh. I see. I have no policy settings other than the settings in ldap. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PAM LDAP password change error
why not just use ldap passwd sync = yes, and then change passwords with smbpasswd? Tamás Pisch wrote: Hi, I go trough the SaMBa guide Making happy users secondly. I configure Debian Lenny on XEN. I have problem with PAM. When i try to change a user's password with smbldap-passwd it runs without error, but when i try to log in I get the "Login incorrect" message. When I try to change a user's password with passwd I get the "Authentication service cannot retrieve authentication info" message. I removed every ACLs from slapd.conf. I tried to follow the second version of the PAM configuration, because as I see on Debian, the pam-unix2.so doesn't support ldap. I didn't include pam_pwcheck.so, because it gave me an error about it doesn't find that module. /etc/pam.d/passwd: auth sufficient pam_ldap.so account sufficient pam_ldap.so password sufficientpam_ldap.so password requiredpam_unix2.so nullok use_first_pass use_authtok /etc/nsswitch.conf: passwd: files ldap group: files ldap shadow: files ldap Thanks, in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migration from samba-3.0.21b-i486 to samba-3.0.27a-x86_64 corrupts root group mapping
fix the sid with net setlocalsid and net setdomainsid. change the primary group SID with net groupmap, or if you use ldap, you can fix it in your ldap tree. damjanster wrote: Hello. I went and copied the config files from /etc/samba/* and /var/cache/samba/* to the target server and deleted the browse.dat and wins.dat files. The source and target servers have different IPs and hostnames, so we use "netbios alias". This has worked fine a couple of years ago. Now after all files have been copied, the old server shut down and the new samba in place there are several differences between the systems: $pdbedit -vL root Unix username:root NT username: Account Flags:[U ] User SID: S-1-5-21-528702806-1563566892-1083768929-1000 Primary group for user root is a Local Group and not a domain group Primary Group SID:S-1-5-21-528702806-1563566892-1083768929-513 - the Primary Group SID is wrong. It should end with 512 (Domain Admins) - here it becomes -513 (Users) - all the permissions are therefor corrupt - no admin can login via windows XP clients. I have a test server where I've put all the linux user/group files from the source server and tried to place the same samba server there, but the result is exactly the same. net getlocalsid doesn't work on the source server (previously migrated from even older server) net getlocalsid returns the same value on source and target servers. net groupmap list shows a lot more groups on source server then target. What else can I try? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC -> BDC Question
i'd just copy over everything in /etc/samba, and /var/lib/samba. and also run net getlocalsid and net getdomainsid and write down the number strings, and use net setlocalsid/setdomainsid on the new server. Nick Pappin wrote: Hi Everyone, I was wondering I am setting up a BDC at another physically separate location on a different subnet, and I am currently working on what files I need to have copied between the computers and which need to be made on each server. The specific question I am dealing with is what TDB files I need to replicate filesystems between the two servers. Below is a list of what the files I see in my samba directory are: account_policy.tdb ntdrivers.tdb ntforms.tdb share_info.tdb group_mapping.ldb ntprinters.tdb registry.tdb wins.dat private/schannel_store.tdb private/secrets.tdb I am wondering first which of these need to be replicated from server to server and which need to be unique to each server? For instance I know that account_policy.tdb can be replicated and needs to be because it holds all of the account policy information. The second thing I am wondering is what does each of these files do? I was hoping that someone could do a brief sentence or two about what each of these files do. Thanks for the help. -- W. Nick Pappin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC -> BDC Question
Ok but how do I keep the pdc and the bdc in sync, for example the account_policy.tdb file has all of the account policy stuff in it now I assume that I could take this tdb file and move it to another domain for all it cares and still keep all fo my policy settings. So changes file just mean that the file needs to be moved to all of the other servers or does it even matter if this file is the same on the pdc and the bdc because the bdc doesnt do account policy enforcement. However how does this effect the other files such as ntdrivers.tdb or registry.tdb. -- W. Nick Pappin IT Staff Latah Federal Credit Union 208.874.4394 On Thu, Jun 25, 2009 at 11:55 AM, John Drescher wrote: > On Thu, Jun 25, 2009 at 2:44 PM, Nick Pappin wrote: > > > > I have a full ldap backend so the bdc is the slave to the pdc. I am just > > wondering what I can copy I found a list at > > http://wiki.samba.org/index.php/Frequently_Asked_Questions of what all > of > > the tdb's have in them but it isn't really clear what is server agnostic > and > > which is needs to be individual to each server. So I am wondering how > should > > I be copying these from my pdc should I just have the pdc overwrite > > everything or should I have the bdc create the files as well and have it > run > > with its own files? > > When you are using ldap you generally have separate files for these > and all of them except secrets.tdb can be deleted and the pdc/bdc will > create a new one. Well that is at least what I have found in my 6+ > years with samba. > > -- > John M. Drescher > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC -> BDC Question
On Thu, Jun 25, 2009 at 2:44 PM, Nick Pappin wrote: > > I have a full ldap backend so the bdc is the slave to the pdc. I am just > wondering what I can copy I found a list at > http://wiki.samba.org/index.php/Frequently_Asked_Questions of what all of > the tdb's have in them but it isn't really clear what is server agnostic and > which is needs to be individual to each server. So I am wondering how should > I be copying these from my pdc should I just have the pdc overwrite > everything or should I have the bdc create the files as well and have it run > with its own files? When you are using ldap you generally have separate files for these and all of them except secrets.tdb can be deleted and the pdc/bdc will create a new one. Well that is at least what I have found in my 6+ years with samba. -- John M. Drescher -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC -> BDC Question
I have a full ldap backend so the bdc is the slave to the pdc. I am just wondering what I can copy I found a list at http://wiki.samba.org/index.php/Frequently_Asked_Questions of what all of the tdb's have in them but it isn't really clear what is server agnostic and which is needs to be individual to each server. So I am wondering how should I be copying these from my pdc should I just have the pdc overwrite everything or should I have the bdc create the files as well and have it run with its own files? -- W. Nick Pappin On Thu, Jun 25, 2009 at 1:55 AM, Daniel Müller wrote: > Hello Nick, > > I do not think it is possible to just copy files like this from one to the > other samba. > You can do the copy job with rsync or scp. > I made a samba PDC and BDC with ldap master ldap slave. So on both servers > are the same users > Groups etc. > Both machines must have the same SID > > > Greetings > Daniel > -Ursprüngliche Nachricht- > Von: samba-bounces+mueller=tropenklinik...@lists.samba.org > [mailto:samba-bounces+mueller =tropenklinik.de@ > lists.samba.org] Im Auftrag > von Nick Pappin > Gesendet: Dienstag, 23. Juni 2009 22:52 > An: samba@lists.samba.org > Betreff: [Samba] PDC -> BDC Question > > Hi Everyone, > I was wondering I am setting up a BDC at another physically separate > location on a different subnet, and I am currently working on what files I > need to have copied between the computers and which need to be made on each > server. The specific question I am dealing with is what TDB files I need to > replicate filesystems between the two servers. Below is a list of what the > files I see in my samba directory are: > > account_policy.tdb > ntdrivers.tdb > ntforms.tdb > share_info.tdb > group_mapping.ldb > ntprinters.tdb > registry.tdb > wins.dat > private/schannel_store.tdb > private/secrets.tdb > > I am wondering first which of these need to be replicated from server to > server and which need to be unique to each server? For instance I know that > account_policy.tdb can be replicated and needs to be because it holds all > of > the account policy information. The second thing I am wondering is what > does > each of these files do? I was hoping that someone could do a brief sentence > or two about what each of these files do. Thanks for the help. > > -- > W. Nick Pappin > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba 3.0.33 / AD / winbind / no users returned from nested groups
Hi all, I've not found a search that addressed this problem I'm seeing with 3.0.33 (Centos 5.3 3.0.33-3.7.el5), and before I go further down the diagnostic process, I thought I'd check if what I am doing is supposed to work. I have an install of Centos 5.3 connected to active directory, using winbind & idmap_rid (it is only serving files via samba). [global] workgroup = ADF server string = Physics File Server 3 netbios name = PHYNAS3 interfaces = lo, eth0 bind interfaces only = yes security = ads realm = ADF.BHAM.AC.UK passdb backend = tdbsam local master = no wins support = no dns proxy = yes load printers = no cups options = raw encrypt passwords = yes winbind enum users = yes winbind enum groups = yes winbind nested groups = yes winbind separator = + winbind use default domain = yes winbind cache time = 1800 winbind offline logon = yes template shell = /bin/bash ;template primary group = "Domain users" idmap uid = 5000-100 idmap gid = 5000-100 idmap backend = idmap_rid:ADF=5000-100 log level = 1 acls:3 winbind:10 # cat /etc/pam.d/samba #%PAM-1.0 authrequired pam_env.so authsufficientpam_unix.so try_first_pass nullok authsufficientpam_winbind.so use_first_pass authrequisite pam_succeed_if.so uid >= 500 quiet authrequired pam_deny.so account required pam_unix.so account sufficientpam_succeed_if.so uid < 500 quiet account sufficientpam_winbind.so use_first_pass account required pam_permit.so passwordrequired pam_cracklib.so try_first_pass retry=3 passwordsufficientpam_unix.so try_first_pass use_authtok nullok md5 shadow passwordsufficientpam_winbind.so use_first_pass passwordrequired pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session required pam_winbind.so use_first_pass wbinfo -u / getent passwd / wbinfo -g work as expected. 'getent group' returns a list of groups, and users that are members of that immediate group. In a group-of-groups situation, no users are returned. Example: gTop contains 3 subgroups gList1, gList2 and gList3. gList1, gList2 and gList3 contain users. # getent group gTop gTop:*:123456: # wbinfo -t checking the trust secret via RPC calls succeeded The log implies that winbind is finding the 3 groups as members, but isn't doing a recursive evaluation: [2009/06/25 18:03:28, 3] nsswitch/winbindd_group.c:winbindd_getgrnam(475) [12492]: getgrnam gTop [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(369) looked up 3 names [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(389) processing name gList1 [2009/06/25 18:03:28, 3] nsswitch/winbindd_group.c:fill_grent_mem(398) name gList1 isn't a domain user (Domain Group) [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(389) processing name gList2 [2009/06/25 18:03:28, 3] nsswitch/winbindd_group.c:fill_grent_mem(398) name gList2 isn't a domain user (Domain Group) [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(389) processing name gList3 [2009/06/25 18:03:28, 3] nsswitch/winbindd_group.c:fill_grent_mem(398) name gList3 isn't a domain user (Domain Group) [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(443) num_mem = 0, len = 0, mem = NULL [2009/06/25 18:03:28, 10] nsswitch/winbindd_group.c:fill_grent_mem(450) fill_grent_mem returning 1 Can anyone confirm this is supposed to work, and if so, what version of Samba is being used ? Note: the directory contains 80K user objects so is very slow. I'd initially tried this with winbind enum users/groups set to 'no', but nested groups=yes, but the behaviour is the same as above. I set everything back to 'yes', and restarted smb/winbind for testing. Cheers, Mark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba Interactive mode in OpenWRT
The samba server is only waiting for samba connections if I use the -i (interactive) mode. Any idea how I can get my samba server to listen for and accept requests automatically (in non-interactive mode)? I found that smbd -i & (to start the service and put it in the background) seems to work and the server is waiting for incoming connections. Although samba.init contains a command: "smbd -D" in its Start() function, that does not start the service. why do I not need this option under uClinux (smbd -D just seems to work and cause the service to start)? Thanks, Kunal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba Sharesw/Winbind
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am 25.06.2009 17:06, schrieb Corey Garst: I'm using sernet's centos-packages from tested on all of my samba servers and from experimental on my ctdb cluster. W7 RC1 connects fine as domain member to the cluster, which is AD-backed. Sernet's packages and repo could be found here: ftp://ftp.sernet.de/pub/samba/ Matthias > I'm using the CentOS package now, what's the recommended upgrade path? I > notice that samba.org links me to some samba5 packages that don't upgrade the > CentOS. packages. Can I just install samba5 over samba? Are there any > alternate packages available that would upgrade CentOS samba? > > http://enterprisesamba.com/index.php?id=123 > > -Corey > > > -Original Message- > From: Mössler, Michael [mailto:michael.moess...@uhb-consulting.de] > Sent: Thursday, June 25, 2009 10:42 AM > To: Corey Garst > Subject: AW: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba > Sharesw/Winbind > > Hi Corey, > > Try using an actual newer Version of Samba Version > 3.2.7-11.2.1-2080-SUSE-CODE11 > Works well now for us, ist the same Issue like Vista and W2k8 Server has. > > > > _ > Michael Mössler > Beratung > uhb consulting AG > Chiemseering 1 > 84427 St. Wolfgang > Tel.: 08085/939 131 > Fax: 08085/939 - 2131 > > -Ursprüngliche Nachricht- > Von: samba-bounces+michael.moessler=uhb-consulting...@lists.samba.org > [mailto:samba-bounces+michael.moessler=uhb-consulting...@lists.samba.org] Im > Auftrag von Corey Garst > Gesendet: Donnerstag, 25. Juni 2009 15:53 > An: samba@lists.samba.org > Betreff: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba > Sharesw/Winbind > > I'm doing some testing with Win7 RC1 and I'm having an identical problem > with two CentOS servers (5.2 and 5.3) both running Samba 3.0.33 where I > cannot authenticate. Both servers are authenticating with Winbind to an > AD DC. I have a third CentOS 5.2 server with Samba 3.0.33 shares that > does not use Winbind which has no problems. > > > This pops up in smbd.log: (.200 is wireless and .184 is my wired IP.) > > [2009/06/25 09:06:13, 0] lib/util_sock.c:write_data(562) > write_data: write failure in writing to client 10.1.13.200. Error > Connection reset by peer > [2009/06/25 09:06:14, 0] lib/util_sock.c:send_smb(761) > Error writing 4 bytes to client. -1. (Connection reset by peer) > [2009/06/25 09:19:03, 0] lib/util_sock.c:write_data(562) > write_data: write failure in writing to client 10.1.13.200. Error > Connection reset by peer > [2009/06/25 09:19:03, 0] lib/util_sock.c:send_smb(761) > Error writing 4 bytes to client. -1. (Connection reset by peer) > [2009/06/25 09:21:41, 0] lib/util_sock.c:read_data(534) > read_data: read failure for 4 bytes to client 10.1.13.184. Error = > Connection reset by peer > > > The Win2K DC logs the following (3221225578 = bad password?): > > The logon to account: cgarst > by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 > from workstation: \\RAVAGE > failed. The error code was: 3221225578 > > Perhaps Samba/Winbind are not passing the authentication packages to the > DC correctly? Any suggestions? Thanks. > > -Corey Garst > -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpDrsgACgkQf3LySRiTg2xovACdGRs5mybMIhyNe8ojElIx2LDd ILsAn2ow+YChUOXHJa+CNAmkhpofue+K =ALex -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba Sharesw/Winbind
I'm using the CentOS package now, what's the recommended upgrade path? I notice that samba.org links me to some samba5 packages that don't upgrade the CentOS. packages. Can I just install samba5 over samba? Are there any alternate packages available that would upgrade CentOS samba? http://enterprisesamba.com/index.php?id=123 -Corey -Original Message- From: Mössler, Michael [mailto:michael.moess...@uhb-consulting.de] Sent: Thursday, June 25, 2009 10:42 AM To: Corey Garst Subject: AW: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba Sharesw/Winbind Hi Corey, Try using an actual newer Version of Samba Version 3.2.7-11.2.1-2080-SUSE-CODE11 Works well now for us, ist the same Issue like Vista and W2k8 Server has. _ Michael Mössler Beratung uhb consulting AG Chiemseering 1 84427 St. Wolfgang Tel.: 08085/939 131 Fax: 08085/939 - 2131 -Ursprüngliche Nachricht- Von: samba-bounces+michael.moessler=uhb-consulting...@lists.samba.org [mailto:samba-bounces+michael.moessler=uhb-consulting...@lists.samba.org] Im Auftrag von Corey Garst Gesendet: Donnerstag, 25. Juni 2009 15:53 An: samba@lists.samba.org Betreff: [Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba Sharesw/Winbind I'm doing some testing with Win7 RC1 and I'm having an identical problem with two CentOS servers (5.2 and 5.3) both running Samba 3.0.33 where I cannot authenticate. Both servers are authenticating with Winbind to an AD DC. I have a third CentOS 5.2 server with Samba 3.0.33 shares that does not use Winbind which has no problems. This pops up in smbd.log: (.200 is wireless and .184 is my wired IP.) [2009/06/25 09:06:13, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 10.1.13.200. Error Connection reset by peer [2009/06/25 09:06:14, 0] lib/util_sock.c:send_smb(761) Error writing 4 bytes to client. -1. (Connection reset by peer) [2009/06/25 09:19:03, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 10.1.13.200. Error Connection reset by peer [2009/06/25 09:19:03, 0] lib/util_sock.c:send_smb(761) Error writing 4 bytes to client. -1. (Connection reset by peer) [2009/06/25 09:21:41, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 10.1.13.184. Error = Connection reset by peer The Win2K DC logs the following (3221225578 = bad password?): The logon to account: cgarst by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 from workstation: \\RAVAGE failed. The error code was: 3221225578 Perhaps Samba/Winbind are not passing the authentication packages to the DC correctly? Any suggestions? Thanks. -Corey Garst -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Windows 7 RC1 Build 7100 Cannot Connect to Samba Shares w/Winbind
I'm doing some testing with Win7 RC1 and I'm having an identical problem with two CentOS servers (5.2 and 5.3) both running Samba 3.0.33 where I cannot authenticate. Both servers are authenticating with Winbind to an AD DC. I have a third CentOS 5.2 server with Samba 3.0.33 shares that does not use Winbind which has no problems. This pops up in smbd.log: (.200 is wireless and .184 is my wired IP.) [2009/06/25 09:06:13, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 10.1.13.200. Error Connection reset by peer [2009/06/25 09:06:14, 0] lib/util_sock.c:send_smb(761) Error writing 4 bytes to client. -1. (Connection reset by peer) [2009/06/25 09:19:03, 0] lib/util_sock.c:write_data(562) write_data: write failure in writing to client 10.1.13.200. Error Connection reset by peer [2009/06/25 09:19:03, 0] lib/util_sock.c:send_smb(761) Error writing 4 bytes to client. -1. (Connection reset by peer) [2009/06/25 09:21:41, 0] lib/util_sock.c:read_data(534) read_data: read failure for 4 bytes to client 10.1.13.184. Error = Connection reset by peer The Win2K DC logs the following (3221225578 = bad password?): The logon to account: cgarst by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 from workstation: \\RAVAGE failed. The error code was: 3221225578 Perhaps Samba/Winbind are not passing the authentication packages to the DC correctly? Any suggestions? Thanks. -Corey Garst -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] PAM LDAP password change error
Hi, I go trough the SaMBa guide Making happy users secondly. I configure Debian Lenny on XEN. I have problem with PAM. When i try to change a user's password with smbldap-passwd it runs without error, but when i try to log in I get the "Login incorrect" message. When I try to change a user's password with passwd I get the "Authentication service cannot retrieve authentication info" message. I removed every ACLs from slapd.conf. I tried to follow the second version of the PAM configuration, because as I see on Debian, the pam-unix2.so doesn't support ldap. I didn't include pam_pwcheck.so, because it gave me an error about it doesn't find that module. /etc/pam.d/passwd: auth sufficient pam_ldap.so account sufficient pam_ldap.so password sufficientpam_ldap.so password requiredpam_unix2.so nullok use_first_pass use_authtok /etc/nsswitch.conf: passwd: files ldap group: files ldap shadow: files ldap Thanks, in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
R: [Samba] enabling "null session" on a share
thanks! I found the setting I actually need is "map to guest = Bad Password"... i will try to evaluate about security issues involved by this global setting any comment is appreciated. Thanks again Dave Da: Dale Schroeder [mailto:d...@briannassaladdressing.com] Alessandro Tinivelli wrote: Good day to all, we have a Samba 3.0.33 in ADS mode, and we have been asked to enable "null session" on the share [prova] (my smb.conf is below). I have googled a bit and i have still many doubts: if we put in share definition the "guest ok = yes", will the [prova] will be able to accept null sessions from an process running on a XP station? Will the process be able to delete files? Additionally, I think you will also need [global] map to guest = bad user Of course, the posix permissions must also allow guest access. Details below. Otherwise, this should work, as long as you can deal with the security risks involved with null sessions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] CIFS mount not applying setuids
hydr...@bran ~ $ cat /proc/config.gz |gunzip|grep -i cifs CONFIG_CIFS=m # CONFIG_CIFS_STATS is not set # CONFIG_CIFS_WEAK_PW_HASH is not set # CONFIG_CIFS_UPCALL is not set CONFIG_CIFS_XATTR=y CONFIG_CIFS_POSIX=y # CONFIG_CIFS_DEBUG2 is not set # CONFIG_CIFS_EXPERIMENTAL is not set François Legal wrote: > UNIX extension wouldn't be available if they're not built-in the kernel or > as a module (I never used it in the modular form). > > However (that may not apply well in your case), you could use pam_mount to > do the mounting with the correct user credentials. > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] write list = is ignored
On 24/06/2009, at 18.30, Dale Schroeder wrote: Jon, If I understand your question correctly, and assuming that you're using winbind, have you tried write list = @DOMAIN\* (substitute your winbind separator, if different) I thought i tried that already. Apparently it did work today. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
WG: [Samba] PDC -> BDC Question
Hello Nick, I do not think it is possible to just copy files like this from one to the other samba. You can do the copy job with rsync or scp. I made a samba PDC and BDC with ldap master ldap slave. So on both servers are the same users Groups etc. Both machines must have the same SID Greetings Daniel -Ursprüngliche Nachricht- Von: samba-bounces+mueller=tropenklinik...@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik...@lists.samba.org] Im Auftrag von Nick Pappin Gesendet: Dienstag, 23. Juni 2009 22:52 An: samba@lists.samba.org Betreff: [Samba] PDC -> BDC Question Hi Everyone, I was wondering I am setting up a BDC at another physically separate location on a different subnet, and I am currently working on what files I need to have copied between the computers and which need to be made on each server. The specific question I am dealing with is what TDB files I need to replicate filesystems between the two servers. Below is a list of what the files I see in my samba directory are: account_policy.tdb ntdrivers.tdb ntforms.tdb share_info.tdb group_mapping.ldb ntprinters.tdb registry.tdb wins.dat private/schannel_store.tdb private/secrets.tdb I am wondering first which of these need to be replicated from server to server and which need to be unique to each server? For instance I know that account_policy.tdb can be replicated and needs to be because it holds all of the account policy information. The second thing I am wondering is what does each of these files do? I was hoping that someone could do a brief sentence or two about what each of these files do. Thanks for the help. -- W. Nick Pappin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Very slow transfers to Samba on Ubuntu
On Wed, Jun 24, 2009 at 12:26:59PM -0700, John Du wrote: > Have you looked at adjusting the "socket options" parameter in smb.conf? > > I use "socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192" in my > smb.conf and scp and samba take about the same amount of time to > transfer files from Windows to the samba server. With a reasonably modern Linux (2.6, probably 2.4 also), please don't use the SO_SNDBUF/SO_RCVBUF options anymore. Setting this to 8k really slows things down. Volker signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] enabling "null session" on a share
Good day to all, we have a Samba 3.0.33 in ADS mode, and we have been asked to enable "null session" on the share [prova] (my smb.conf is below). I have googled a bit and i have still many doubts: if we put in share definition the "guest ok = yes", will the [prova] will be able to accept null sessions from an process running on a XP station? Will the process be able to delete files? Or it's impossible to grant "null sessions" when Samba security mode is ADS? Thank you very much for your unvaluable help Alessandro This is my smb.conf - [global] workgroup = DOMAIN realm = DOMAIN.DOM server string = NAS03 (Samba %v) security = ADS log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY IPTOS_LOWDELAY idmap uid = 1-2 idmap gid = 1-2 winbind cache time = 10 winbind use default domain = Yes winbind nss info = rfc2307 [prova] comment = ricezione file path = /storage/samba/prova valid users = DOMAIN\gcp force group = gcp read only = No create mask = 0777 - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] client xp not remember password
Hi all, I'm using Debian etch (kernel 2.6.18) with samba 3.0.24 + ldap 2.3.30 In my ogranization i've one server master ldap and 5 server slave with syncrepl (about 200 client windows xp), each server is PDC for its local network and all work fine. I've a big problem when i set sambaPwdMustChange and the password exipre, windows xp client notify expiration and the user change its password. At the next logon the client lost all stored password like outlook, skype, messenger, and all home banking certificate. Someone have any idea to solve this problem? Thanks, Lox -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
