[Samba] Sambauser can't use his homeshare but other shares - smb.conf

2009-10-05 Thread Mario Constanti 
Ok, here is my smb.conf-File.

 

If i use the [homes]-Section,
I can mount my home-share only if
I first connected to an other share.

 

If I use the [Mario]-Section,
I can mount it on the first run.

 

 

[global]

 

   workgroup = example

   netbios name = mounteverest

   password server = 192.168.2.200

   security = ads

   realm = EXAMPLE.LOCAL

   encrypt passwords = yes

 

   local master =no

   os level = 20

   domain master = no

   preferred master = no

 

   time server = Yes

   keepalive = 30

   create mask = 0740

   directory mask = 0750

   log file = /var/log/samba/log.%m

   log level = 3 passdb:5 auth:10 winbind:2

   nt acl support = yes

 

   winbind separator = +

   idmap backend = idmap_rid:example=1-1

   idmap gid = 1-1

   idmap uid = 1-1

   template shell = /bin/bash

   winbind use default domain = yes

   winbind enum users = yes

   winbind enum groups = yes

# von mario hinzugefuegt um 18:42 am 19.09.09

   winbind nested groups = yes

   wins server = 192.168.2.200

 

# von mario hinzugefuegt um 18:42 am 19.09.09

   template homedir = /data/shares/home/%U

   template shell = /bin/bash

 

#[homes]

#comment = Home Directories

# path = /data/shares/home/%U

# force group = @EXAMPLE+dir_home

#read only = No

#create mask = 0600

#directory mask = 0700

#browseable = No

 

[mario]

path = /data/shares/home/mario

valid users = EXAMPLE+mario

force group = @EXAMPLE+dir_home

read only = No

create mask = 0600

force create mode = 0700

 

 

[nobackup]

path = /data/shares/nobackup

valid users = @EXAMPLE+dir_nobackup

  force group = @EXAMPLE+dir_nobackup

read only = No

create mask = 0750

force create mode = 0770

force directory mode = 0770

 

[public]

path = /data/shares/public

valid users = @EXAMPLE+dir_public

force group = @EXAMPLE+dir_public

read only = No

create mask = 0750

force create mode = 0770

force directory mode = 0770

 

[security]

path = /data/shares/security

valid users = @EXAMPLE+dir_security

force group = @EXAMPLE+dir_security

read only = No

create mask = 0750

force create mode = 0770

force directory mode = 0770

 

 

 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Source Download broken for 3.0.36

2009-10-05 Thread ITPFS oota 
On Mon, Oct 05, 2009 at 02:48:28PM +0200, Jens Nissen wrote:
> The source file
> http://download.samba.org/samba/ftp/stable/samba-3.0.36.tar.gz
> is invalid (checksum error).
> Could you please reinstall this file?
> 
> Kind regards,

I download that file,but no error found.

--
--- Oota Toshiya ---  t-oota at dh.jp.nec.com
NEC Systems Software Operations Unit  Shiba,Minato,Tokyo
IT Platform Solutions DivisionJapan,Earth,Solar system
(samba-jp/ldap-jp Staff,mutt-j/samba-jp postmaster)
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Michael Lueck 

Harry Jede wrote:

You need passwd AND shadow for the users, but normaly NOT the hole file.
The system accounts may be different on your new system, so identify the 
min and max uidnumber for regular users and copy only these users. Do 
the same with the shadow file. AND make backups.


Same thing with groups. Identify your min and max gidnumber and copy 
only these groups.


Maybe you need to transform some uid/gid-numbers :-) .


Thanks for speaking up, Harry! :-)

For Samba users (real actual users) there is an entry in passwd and group. I 
would think I can use adduser to set those up, and edit the uid/gid # to match.

For Samba machine users, there seems to be only an entry in passwd, and shadow of course. The password hash appears to be the same hash as other ID's which no one ever logs into. So I would think I 
would be safe hand editing both passwd and shadow to add the machine accounts, and simply copy/paste the password hash that is appropriate for the new server.


Do you see any problems with this course of action?

Sincerely,

--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba query for aix 6.1 OS

2009-10-05 Thread William Jojo 

Farhan Rafiq wrote:

 Dear All

Could you please let me know if (samba-3.3.6.tar)  samba version is 
compatible for aix version 6.1 ?


  


Where did you get that binary from?


And also if you have doco for configuring it on aix .

Im going to read thru the readme and doco on internet, I presume it is all 
about configuring /etc/smb.conf file :)


  


Well, it depends on how the developer configured it.


Cheers,
Bill



Many Thanks

 Farhan
  


--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Robert LeBlanc 
wbinfo needs to work all the time or you will have problems, getent does not
need to (we have enum users and groups to no because we have so many objects
in our AD). I would look at the winbind logs to get an idea of what is wrong
Debian has this at /var/log/samba/log.winbindd. I usually get several
connection reset by peer lines, and some Could not receive trustdoms, but it
seems to recover and retty and things work. What you are looking for is
failure to connect to a server, or trying to connect to a bad server ro
something. It sounds like you are getting close, the last mile is always the
hardest.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 5:49 PM, Ivan Ordonez  wrote:

>  I was able to set ACL with local username but can't do it on domain
> username or groups.
>
> hostname ~ # getfacl /shared/drive
> getfacl: Removing leading '/' from absolute path names
> # file: shared/drive
> # owner: mylocalusername
> # group: root
> user::rwx
> group::r-x
> other::r-x
> default:user::rwx
> default:group::rwx
> default:other::r-x
>
> When I tried to set ACLs for domain account or groups, it was invalid
> option.
>
> hostname ~ #setfacl -m g:"DOMAIN+Domain Admins":rwx /shared/drive
> setfacl: Option -m: Invalid argument near character 3
>
> hostname ~ #setfacl -m g:"DOMAIN+myusername":rwx /shared/drive
> setfacl: Option -m: Invalid argument near character 3
>
> I believe the drive is mounted and ACL is enable.
>
> hostname ~ # mount
> /dev/hda3 on / type ext3 (rw,noatime,acl)
>
> Here is my /etc/fstab
> /dev/hda3/ext3noatime,acl0 1
>
> What I find odd is running wbinfo and getent command to be very
> inconsistent.  I would sometimes get result and sometimes not.
> hostname ~ # wbinfo -u
> Error looking up domain users
>
> Any other suggestions?
>
> Thanks.
>
>
>
>
>
>
>
>
>
>
> Robert LeBlanc wrote:
>
> Sorry, my bad, 3.3.8 was the security release. It sounds like it is working
> however. As far as ACLs, make sure that ACLs are turned on on your file
> system (mount -o acl for most filesystems) and the make sure you have the
> ACL packages for your distro installed (Debian apt-get install acl). Then
> it's a matter of using the setfacl command like `setfacl -m
> d:u::rwx,u::rwx,d:g::rx,g::rx
> /my/shared/dir.
>
> You can add as many ACLs as you want, remember that the linux default rwx
> perms sets the max for ACL users and groups. If the linux user (owner) ACL
> is rx, then even though an ACL specifies another user with rwx, they will
> only have rx. The second thing to remember is that the default ACL is not
> needed, but if specified will set those ACLs on all new files and
> directories and act much like Windows. If you set the permissions using
> Windows, the default ACL will be set. Thidly, only Linux user and group have
> the file counted against their quota, permissions assigned in ACLs do not
> affect thoes user and groups quotas. Fourtly, some applications are not ACL
> aware, Apache for instance does not look at ACLs on Linux. To check your set
> ACLs, use getfacl /this/is/my/file.
>
> Hope that helps.
>
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University
>
>
> On Mon, Oct 5, 2009 at 2:34 PM, Ivan Ordonez wrote:
>
>> I was able to install 3.3.8 version of Samba.  I am running it now.  I can
>> see shares, but could not write at all.
>>
>> ACL seems simple but I can't get it to work.  Any help or advise would be
>> greatly appreciated.
>>
>> Robert LeBlanc wrote:
>>
>> The changes have not made it into a 3.3.x release yet, 3.3.7 was a
>> security release, ideally 3.3.8 should have the fix. There were quiet a
>> number of configuration changes from 3.0.x to 3.3.x in regards to Active
>> Directory, you may not be able to use you old config without updating some
>> things.
>>
>> Robert LeBlanc
>> Life Sciences & Undergraduate Education Computer Support
>> Brigham Young University
>>
>>
>> On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez wrote:
>>
>>>
>>> I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I got some
>>> "realm" complaints when I run testparm and some "ADS"  related error.  The
>>> 3.3.7 version is masked by Gentoo portage and not sure if it will be
>>> available soon.
>>>
>>> Thanks,
>>> -Ivan
>>>
>>> Robert LeBlanc wrote:
>>>
>>> What version of samba are you using? I submitted a patch to Samba that is
>>> in 3.4.1 and slated for the next version of 3.3.x that fixes the
>>> workgroup/realm thing. It falls back to SPEGO without the patch, but it
>>> takes a little while, the patch speeds things up.
>>>
>>> Robert LeBlanc
>>> Life Sciences & Undergraduate Education Computer Support
>>> Brigham Young University
>>>
>>>
>>> On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson <
>>> jpeters...@garnser.se> wrote:
>>>
 How did you solve the kerberos portion how things, when winbind tries
 to connect to my server the kerberos sessi

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Ivan Ordonez 
I was able to set ACL with local username but can't do it on domain 
username or groups.


hostname ~ # getfacl /shared/drive
getfacl: Removing leading '/' from absolute path names
# file: shared/drive
# owner: mylocalusername
# group: root
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x

When I tried to set ACLs for domain account or groups, it was invalid 
option.


hostname ~ #setfacl -m g:"DOMAIN+Domain Admins":rwx /shared/drive
setfacl: Option -m: Invalid argument near character 3

hostname ~ #setfacl -m g:"DOMAIN+myusername":rwx /shared/drive
setfacl: Option -m: Invalid argument near character 3

I believe the drive is mounted and ACL is enable.

hostname ~ # mount
/dev/hda3 on / type ext3 (rw,noatime,acl)

Here is my /etc/fstab
/dev/hda3/ext3noatime,acl0 1

What I find odd is running wbinfo and getent command to be very 
inconsistent.  I would sometimes get result and sometimes not. 
hostname ~ # wbinfo -u

Error looking up domain users

Any other suggestions?

Thanks.









Robert LeBlanc wrote:
Sorry, my bad, 3.3.8 was the security release. It sounds like it is 
working however. As far as ACLs, make sure that ACLs are turned on on 
your file system (mount -o acl for most filesystems) and the make sure 
you have the ACL packages for your distro installed (Debian apt-get 
install acl). Then it's a matter of using the setfacl command like 
`setfacl -m 
d:u::rwx,u::rwx,d:g::rx,g::rx 
/my/shared/dir.


You can add as many ACLs as you want, remember that the linux default 
rwx perms sets the max for ACL users and groups. If the linux user 
(owner) ACL is rx, then even though an ACL specifies another user with 
rwx, they will only have rx. The second thing to remember is that the 
default ACL is not needed, but if specified will set those ACLs on all 
new files and directories and act much like Windows. If you set the 
permissions using Windows, the default ACL will be set. Thidly, only 
Linux user and group have the file counted against their quota, 
permissions assigned in ACLs do not affect thoes user and groups 
quotas. Fourtly, some applications are not ACL aware, Apache for 
instance does not look at ACLs on Linux. To check your set ACLs, use 
getfacl /this/is/my/file.


Hope that helps.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 2:34 PM, Ivan Ordonez > wrote:


I was able to install 3.3.8 version of Samba.  I am running it
now.  I can see shares, but could not write at all. 


ACL seems simple but I can't get it to work.  Any help or advise
would be greatly appreciated.


Robert LeBlanc wrote:

The changes have not made it into a 3.3.x release yet, 3.3.7 was
a security release, ideally 3.3.8 should have the fix. There were
quiet a number of configuration changes from 3.0.x to 3.3.x in
regards to Active Directory, you may not be able to use you old
config without updating some things.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>> wrote:


I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I
got some "realm" complaints when I run testparm and some
"ADS"  related error.  The 3.3.7 version is masked by Gentoo
portage and not sure if it will be available soon.

Thanks,
-Ivan


Robert LeBlanc wrote:

What version of samba are you using? I submitted a patch to
Samba that is in 3.4.1 and slated for the next version of
3.3.x that fixes the workgroup/realm thing. It falls back to
SPEGO without the patch, but it takes a little while, the
patch speeds things up.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson
mailto:jpeters...@garnser.se>> wrote:

How did you solve the kerberos portion how things, when
winbind tries
to connect to my server the kerberos sessions fails as
it tries to
connect with the workgroup instead of the realm.

Thanks

/Jonathan

On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>>
wrote:
>
>
> Jonathan Petersson wrote:
>>
>> Hi Ivan,
>>
>> I'm working on a similar thing but is having some
issues with the
>> kerberos sessions between samba and AD. Is your Samba
server a member
>> of a Win2k8R2 or a Win2k3 domain?
>>
>> Thanks
>>
>> /Jonathan
>>

Re: [Samba] using svn on a samba share

2009-10-05 Thread Jeremy Allison 
On Tue, Sep 22, 2009 at 08:19:22AM +0200, Rupert wrote:
> Hello,
> 
> we are trying to mount our webroot folders to a local machine, so that
> developers can programm in a local folder but the site is served on the
> server.
> When we now try to checkout(via svn) the project into this remote share we
> always get a "permission denied".
> My searches on google didnt bring a solution, but some people where saying
> that svn does create and deletes
> some files to fast for samba to keep track.
> We also played with the mount options and the smb.conf, but didnt get it to
> work.
> Does someone have a solutuon for this problem?

Log a bug @ bugzilla.samba.org and add a debug level 10 log
so we can see what is going wrong. Remember to test first
with the latest version of Samba (3.4.2).

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Robert LeBlanc 
Sorry, my bad, 3.3.8 was the security release. It sounds like it is working
however. As far as ACLs, make sure that ACLs are turned on on your file
system (mount -o acl for most filesystems) and the make sure you have the
ACL packages for your distro installed (Debian apt-get install acl). Then
it's a matter of using the setfacl command like `setfacl -m
d:u::rwx,u::rwx,d:g::rx,g::rx
/my/shared/dir.

You can add as many ACLs as you want, remember that the linux default rwx
perms sets the max for ACL users and groups. If the linux user (owner) ACL
is rx, then even though an ACL specifies another user with rwx, they will
only have rx. The second thing to remember is that the default ACL is not
needed, but if specified will set those ACLs on all new files and
directories and act much like Windows. If you set the permissions using
Windows, the default ACL will be set. Thidly, only Linux user and group have
the file counted against their quota, permissions assigned in ACLs do not
affect thoes user and groups quotas. Fourtly, some applications are not ACL
aware, Apache for instance does not look at ACLs on Linux. To check your set
ACLs, use getfacl /this/is/my/file.

Hope that helps.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 2:34 PM, Ivan Ordonez  wrote:

>  I was able to install 3.3.8 version of Samba.  I am running it now.  I can
> see shares, but could not write at all.
>
> ACL seems simple but I can't get it to work.  Any help or advise would be
> greatly appreciated.
>
>
> Robert LeBlanc wrote:
>
> The changes have not made it into a 3.3.x release yet, 3.3.7 was a security
> release, ideally 3.3.8 should have the fix. There were quiet a number of
> configuration changes from 3.0.x to 3.3.x in regards to Active Directory,
> you may not be able to use you old config without updating some things.
>
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University
>
>
> On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez wrote:
>
>>
>> I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I got some
>> "realm" complaints when I run testparm and some "ADS"  related error.  The
>> 3.3.7 version is masked by Gentoo portage and not sure if it will be
>> available soon.
>>
>> Thanks,
>> -Ivan
>>
>> Robert LeBlanc wrote:
>>
>> What version of samba are you using? I submitted a patch to Samba that is
>> in 3.4.1 and slated for the next version of 3.3.x that fixes the
>> workgroup/realm thing. It falls back to SPEGO without the patch, but it
>> takes a little while, the patch speeds things up.
>>
>> Robert LeBlanc
>> Life Sciences & Undergraduate Education Computer Support
>> Brigham Young University
>>
>>
>> On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson <
>> jpeters...@garnser.se> wrote:
>>
>>> How did you solve the kerberos portion how things, when winbind tries
>>> to connect to my server the kerberos sessions fails as it tries to
>>> connect with the workgroup instead of the realm.
>>>
>>> Thanks
>>>
>>> /Jonathan
>>>
>>> On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez 
>>> wrote:
>>> >
>>> >
>>> > Jonathan Petersson wrote:
>>> >>
>>> >> Hi Ivan,
>>> >>
>>> >> I'm working on a similar thing but is having some issues with the
>>> >> kerberos sessions between samba and AD. Is your Samba server a member
>>> >> of a Win2k8R2 or a Win2k3 domain?
>>> >>
>>> >> Thanks
>>> >>
>>> >> /Jonathan
>>> >>
>>> >> On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez 
>>> >> wrote:
>>> >>
>>> >>>
>>> >>> Robert LeBlanc wrote:
>>> >>>
>>> 
>>>  What are the permissions on /shared/drive? We use ACLs to control
>>> access
>>>  rather than smb.conf. This gives us great flexability and you can
>>> kind
>>>  of
>>>  manage it using a Windows machine. If you have Kerberos keytab
>>>  generated,
>>>  you can smbmount on Linux using the -o sec=krb5 and no passwords are
>>>  needed,
>>>  it also obeys ACL. The only catch is that you need to use RID or
>>> LDAP
>>>  for
>>>  uid/gid mapping or else your permissions won't line up.
>>> 
>>>  Robert LeBlanc
>>>  Life Sciences & Undergraduate Education Computer Support
>>>  Brigham Young University
>>> 
>>> 
>>>  On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez <
>>> iordo...@berkeley.edu
>>>  > wrote:
>>> 
>>>    Hello,
>>> 
>>>    We have a Gentoo box running Samba and is a member of the Active
>>>    Directory domain. This Gentoo box will be a fileserver when
>>>    everything is completed and setup as it should.  I want our users
>>>    to login to their computer (Computers are all members of the same
>>>    Active Directory domain) using Active Directory accounts/domain
>>>    for authentication. I am using Winbind for Active Directory
>>>    authentication/integration. I'm almost done except file permission
>>>    issue.  All is working

[Samba] Samba Authentication with a windows password server

2009-10-05 Thread wispa 

Hi all, 

I'm trying to set up Samba on a client's computer so that it authenticates
the users which are accessing it via a windows domain controller and
kerberos. I've been following various tutorials and it all seems to go
through correctly but when the client tries to access the shares, it doesn't
accept his credentials and won't get past the login window.

The only failure seems to be within the nmbd log which says this (I've
changed the domain name / IPs):

[2009/10/05 16:27:43,  0]
nmbd/nmbd_nameregister.c:register_name_response(129)
  register_name_response: server at IP 192.168.1.122 rejected our name
registration of DOMAIN<00> IP 192.168.1.120 with error code 6.
[2009/10/05 16:27:43,  0] nmbd/nmbd_mynames.c:my_name_register_failed(35)
  my_name_register_failed: Failed to register my name DOMAIN<00> on subnet
192.168.1.120.

Now the odd thing is that 192.168.1.120 is the samba machine but
192.168.1.120 is a proxy server and doesn't seem to be referenced anywhere.
Could this be a result of the windows machines not being set up correctly or
would this be something incorrectly set up on the linux machine?

I can't seem to figure it out.

Many thanks.

Oliver
-- 
View this message in context: 
http://www.nabble.com/Samba-Authentication-with-a-windows-password-server-tp25752970p25752970.html
Sent from the Samba - General mailing list archive at Nabble.com.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Source Download broken for 3.0.36

2009-10-05 Thread Jens Nissen 
The source file
http://download.samba.org/samba/ftp/stable/samba-3.0.36.tar.gz
is invalid (checksum error).
Could you please reinstall this file?

Kind regards,

Jens

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] test

2009-10-05 Thread Janez Kosmrlj 
just testing mail delivery
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Dynamic Link Aggregation via Samba

2009-10-05 Thread Patrik 
Hi,

I have run into the following I bonded 6 NICs on my Cent OS server into
a 600MB pipe. I use bond method 4 = dynamic Link aggregation. My Cysco
Switch supports this apparently.

However I only get increased bandwidth from my MAC by connecting via
AFP. However when I connect via SMB I don't. I was told to change the
sockect options to the following on my smb.conf file on my fileserver:

socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
SO_SNDBUFF=2048000 SO_RCVBUFF=2048000

large readwrite=yes
read raw= yes
write raw= yes

I did these changes and still top out at 53 MB/s however via AFP I am
able to get an average of 90MB/s up to tops 103MB/s. It seems really odd
that I cannot tweak SMB to utilize the pipe properly. Any ideas on what
settings I need to tweak to make this work?

Any help would be appreciated.

Best, Patrik
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Ivan Ordonez 

Hello,

We have a Gentoo box running Samba and is a member of the Active 
Directory domain. This Gentoo box will be a fileserver when everything 
is completed and setup as it should.  I want our users to login to their 
computer (Computers are all members of the same Active Directory domain) 
using Active Directory accounts/domain for authentication. I am using 
Winbind for Active Directory authentication/integration. I'm almost done 
except file permission issue.  All is working smoothly (ie. wbinfo, 
smbclient, getent, etc.). I can access/map the shared drive on the 
Gentoo box from any Windows computer, login to a machine without a 
problem using Active Directory accounts.  The Active Directory 
authentication with Winbind is working as it should.


For some odd reason, I can't figure out how to give permissions to all 
users the ability to make changes/add new folders on the shared drive. 
I am getting access denied even when the users or group are valid users 
of the shared drive per smb.conf.  Below is my smb.conf shared 
configuration:


[shared]
   comment = shared
   path = /shared/drive
   read only = no
   inherit permissions = yes
   create mask = 755
   directory mask = 755
   valid users = @"MYDOMAIN+mygroup"
   browseable = yes
   writable = yes

Any help would be greatly appreciated.

-Ivan
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba File Issue

2009-10-05 Thread Ryan Parker-Hill 
Try renaming the file and removing the ":"'s in the filename. Windows  
machines don't like the ":" character in filenames.

On 25/09/2009, at 5:46 AM, Luis A. Rivera wrote:

> Trying to open Unix log file via Windows Wordpad. The filename is ->  
> 123.foo_123:1:2:3.
>
> Error message is "Cannot find this file". Although the file is there  
> The problem here seems to be the colons.
>
> Mangle entries in smb.conf file not helping any.
>
> Thanks-
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Active Directory and Samba as fileserver

2009-10-05 Thread Ivan Ordonez 

Hello,

We have a Gentoo box running Samba and is a member of the Active  
Directory domain. This Gentoo box is going to be a fileserver.  I want  
our users to login to their computer using Active Directory for  
authentication. The computers are all members of the Active Directory  
domain.  I setup Samba to use Winbind. All is working smoothly (ie.  
wbinfo, smbclient, getent, etc) I can also access the shared drive  
and login to a machine without a problem using Active Directory  
accounts.  The authentication is working as it should.


For some odd reason, I can't figure out how to give permissions to all  
users the ability to make changes/add new folders on the shared  
drive.  I am getting access denied even when the users or group are  
valid users of the shared drive per smb.conf.  Any help would be  
greatly appreciated.


-Ivan



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] How can I bypass Windows allowing only one user logged on to a Samba Server?

2009-10-05 Thread Frank Church 
I want to connect to a server using 2 different user accounts at the
same time, but Windows allows only one user to be logged from a
system.

I am considering whether it is possible to run samba on multiple IP
addresses so that they are not identified by Windows as the same
server.

What I want to be sure of is whether using different IP address is
sufficient or whether samba has a way of identifying itself as the
same server to Windows even though they are on different IP addresses.

Is this possible?

-- 
Frank Church

===
http://devblog.brahmancreations.com";>devblog.brahmancreations.com
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking problem

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking problem

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking problem

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Cannot access/write to shares, samba appears not to convert group names to SIDs

2009-10-05 Thread Lists 

Hi All,

I cannot access/write to shares so I turned the logging level up to 3.
This is the error from the 'test' share while attempting to create a new 
folder:

[2009/09/29 09:57:45, 3] lib/util_sid.c:string_to_sid(223)
 string_to_sid: Sid @domain users does not start with 'S-'.

I am using samba 3.0.36 on gentoo
smb.conf
  server string = Samba Server %v
  log level = 3
  log file = /var/log/samba/log.%m
  max log size = 50
  interfaces = lo eth0
  bind interfaces only = yes
  hosts allow = 10.4.1. 172.16.142. 127.
  hosts deny = 0.0.0.0/0
  encrypt passwords = yes
  socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  dns proxy = no
  security = ADS
  idmap uid = 1-2
  idmap gid = 1-2
  winbind enum users = yes
  winbind enum groups = yes
  template homedir = /home/%D/%U
  template shell = /bin/bash
  client use spnego = yes
  client ntlmv2 auth = yes
  winbind use default domain = yes
  restrict anonymous = 2
  domain master = no
  local master = no
  preferred master = no
  os level = 10
  disable netbios = no
#   dos charset = ASCII
#   unix charset = UTF8
#   display charset = UTF8
  preserve case = yes
  short preserve case = yes


#   printer admin = root, "@Domain Admins"
  printing = cups
  printcap name = cups
#   printcap = /etc/printcap
  load printers = yes
  default devmode = yes
[printers]
   comment = All Printers
   path = /var/spool/samba
   browseable = no
   guest ok = no
   writable = no
   printable = yes
#   admin users = root, @"Domain Admins", @"Printer Admins", 
@"Domain Power Users"

[print$]
#   comment = Printer Drivers
   path = /var/lib/samba/printers
   guest ok = no
   browseable = yes
#   read only = yes
   write list = @"domain admins"

[daily backups]
   comment = DGHYP Daily Backups
   path = /backup/set1
   valid users = @"domain admins"
   read only = Yes

[tech]
   comment = IT Files
   path = /backup/tech
   write list = @"domain admins"
   force create mode = 0770

[test]
   comment = test
   path = /backup/test
   write list = @"domain users", "@domain users", "@domain admins", 
@"domain admins"


Thanks,
Charlie Page

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Samba query for aix 6.1 OS

2009-10-05 Thread Farhan Rafiq 
 Dear All

Could you please let me know if (samba-3.3.6.tar)  samba version is 
compatible for aix version 6.1 ?

And also if you have doco for configuring it on aix .

Im going to read thru the readme and doco on internet, I presume it is all 
about configuring /etc/smb.conf file :)

Many Thanks

 Farhan
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Winbind and home directories....

2009-10-05 Thread Gary Greene 
Is there a way to set a different home directory specifically for a given
user with winbind, other than to change the template home directory? This is
with samba 3.2.7 on OpenSuSE 11.1 as joined to an AD running Windows 2003.
Thanks.

-- 
Gary L. Greene, Jr.
==
Developer and Project Lead for the AltimatOS open source project
Volunteer Developer for the KDE open source project
See http://www.altimatos.com/ and http://www.kde.org/ for more information
==

Please avoid sending me Word or PowerPoint attachments.



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Poor performance on open/copy/close/rename file operations via remote/VPN connection

2009-10-05 Thread ziotegolina 

Problem solved romoving openvpn and installing PPPTP. 
That software is free and REALLY better than openvpn.



ziotegolina wrote:
> 
> Hallo,
> I've got the same problem using openvpn & samba server.
> Did you fix it? could you help me telling me how to solve it?
> 
> thanks,
> Dario
> 
> 
> 
> 
> gianfranco pra floriani wrote:
>> 
>> hello Dave,
>> I'm still trying to understand how to check all the traffic with 
>> ethereal (now wireshark) as you wrote a few days ago.
>> I had some troubles installing wirshark server side so now i'm doing the 
>> tests from a client (XP).
>> Now, I will also check out your suggestion to use tun0.
>> If I remember, I chose tap because I'm using server-bridge (same subnet) 
>> and not routing for VPN.
>> However, I had the same performance issues when using the router client 
>> VPN connecting to the router's (hardware config) VPN.
>> I will let you know.
>> Thank you so much for your advices.
>> gian
>> 
>> 
>> Dave Kempe wrote:
>>> gianfranco pra floriani wrote:
 dev tap0
 proto udp

 As you point out, it looks more a SMB (and not samba) problem.

>>>
>>> I would seriously suggest you try dev tun0.
>>> make sure the routes work fine, then try again.
>>> I think that you have some sort of networking issue where broadcasts 
>>> are getting confused.
>>> perhaps the machines think they are on the same subnet, but they are 
>>> not on the same 'wire'
>>>
>>> dave
>>>
>>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/listinfo/samba
>> 
>> 
> %-|
> 

-- 
View this message in context: 
http://www.nabble.com/Poor-performance-on-open-copy-close-rename-file-operations-via-remote-VPN-connection-tp16262265p25631910.html
Sent from the Samba - General mailing list archive at Nabble.com.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] name of home directory

2009-10-05 Thread Pascal Legrand 
hello
i use samba with ldap backend

actually when a user  connect on samba domaine from a windows client his home
directory is mapped with his uid as the name of the share.
is there a solution to "rename" the home directory with another field of his
entry in the ldap directory?
for exemple displayname or description ?

thank you for your answers

-- 

---
Pascal Legrand
*IUT de Chartres* - _Service Informatique_
---
1, place Roger Joly
28000 Chartres
Tel : 02 37 91 83 36 - Fax: 02 37 91 83 01

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Problems compiling ADS support on Solaris 9

2009-10-05 Thread Nigel.Pain 
We are encountering some problems compiling a working version of Samba
3.4.1 with ADS support on Solaris 9. We've run autogen.sh and configure
successfully (config.log attached), followed by make and make install.
However, despite having openldap and Heimdal Kerberos (1.2.1) installed,
and including the configure switches --with-ads --with-ldap
--with-krb5=/usr/heimdal, when we try a net join we get the following:

# net ads join
ADS support not compiled in

There are a few errors and warnings in the config.log but I really don't
understand the compilation process so can't work out what they mean, how
to rectify them or even if they are important.

If anyone was able to point me in the right direction I'd be ve 
<> ry grateful.
 

Nigel Pain
The Scottish Government





This e-mail (and any files or other attachments transmitted with it) is 
intended solely for the attention of the addressee(s).  Unauthorised use, 
disclosure, storage, copying or distribution of any part of this e-mail is not 
permitted.  If you are not the intended recipient please destroy the email, 
remove any copies from your system and inform the sender immediately by return.

 

Communications with the Scottish Government may be monitored or recorded in 
order to secure the effective operation of the system and for other lawful 
purposes.  The views or opinions contained within this e-mail may not 
necessarily reflect those of the Scottish Government.




The original of this email was scanned for viruses by the Government Secure 
Intranet virus scanning service supplied by Cable&Wireless in partnership with 
MessageLabs. (CCTM Certificate Number 2009/09/0052.) On leaving the GSi this 
email was certified virus free.
Communications via the GSi may be automatically logged, monitored and/or 
recorded for legal purposes.-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] using svn on a samba share

2009-10-05 Thread Rupert 
Hello,

we are trying to mount our webroot folders to a local machine, so that
developers can programm in a local folder but the site is served on the
server.
When we now try to checkout(via svn) the project into this remote share we
always get a "permission denied".
My searches on google didnt bring a solution, but some people where saying
that svn does create and deletes
some files to fast for samba to keep track.
We also played with the mount options and the smb.conf, but didnt get it to
work.
Does someone have a solutuon for this problem?

[WEBROOT]
   comment =  sourceroot
   path = /development
   writable = yes
   create mask = 0644
   directory mask = 0777
   force create mode = 0777
#   delete readonly = yes
   inherit permissions = Yes
   map archive = yes
   map hidden = yes


greetings


.r
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Question on Samba server with WINS service

2009-10-05 Thread cpthk 

I am setting up a samba server with WINS service. I set:
[CODE]wins support = yes
name resolve order = lmhosts host wins bcast[/CODE]

And then I created the lmhosts file under /etc/samba/lmhosts with info in
short:
[CODE]192.168.1.5 TESTPC
...[/CODE]

I found that when I start samba server, I check the file
/var/lib/samba/wins.dat, I did not see those data in lmhosts file. It only
has the samba's hostname and its workgroup name.

I then found that I have to go to every computer and setup WINS server
address in the network connections, then restart(or give nbtstat -RR) to
make wins.dat file show up each computer name and ip address. Isn't samba
suppose to read lmhosts file upon startup? It seems like samba doesn't read
the lmhosts file at all.

Anyone know the reason?

Thanks.
-- 
View this message in context: 
http://www.nabble.com/Question-on-Samba-server-with-WINS-service-tp25675813p25675813.html
Sent from the Samba - General mailing list archive at Nabble.com.

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] setting default domain

2009-10-05 Thread Elijah Buck 

Hello,

I'm attempting to use samba winbind for ssh authentication for users  
in Active Directory. Things are mostly working, but I'm looking for  
two things:


1.) I currently have to authenticate as adlocal+eli...@concordia.uchicago.edu 
. I would like to authenticate as eli...@concordia.uchicago.edu


2.) I would like the uid of the elijah user to be pulled from an  
existing entry in /etc/passwd (or eventually ldap) instead of being  
generated by winbind.


Active Directory Structure
Groups, Computers, and administrative users are stored in the AD.UCHICAGO.EDU 
 domain. Users are stored in the AD.LOCAL domain. There is a  
transitive trust between the two domains. I have an administrative  
account in AD.UCHICAGO.EDU, and a normal user account in AD.LOCAL. The  
samba server is joined to AD.UCHICAGO.EDU and cannot be joined  
directly to AD.LOCAL.


smb.conf
Samba is running on Red Hat Enterprise Linux 5.4. Samba is version  
3.0.33-3.14 as packaged by redhat.


[global]
workgroup = AD
server string = Samba Server Version %v
netbios name = concordia
security = domain
encrypt passwords = yes
dns proxy = yes
password server = ad1.ad.uchicago.edu
winbind separator = +
;username map = /etc/samba/smbusers
;idmap uid = 15000-20
;idmap gid = 15000-20
;winbind enum users = yes
;winbind enum groups = yes
template homedir = /home-ads/%U
template shell = /bin/bash
winbind use default domain = yes

[homes]
comment = Home Directories
browseable = no
writable = yes

krb5.conf
[libdefaults]
 default_realm = AD.UCHICAGO.EDU
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes

[realms]
 AD.UCHICAGO.EDU = {
  admin_server = ad1.ad.uchicago.edu
  kdc = ad1.ad.uchicago.edu
 }
 AD.LOCAL = {
  admin_server = alfalfa.ad.local
  kdc = alfalfa.ad.local
 }

[domain_realm]
 .ad.uchicago.edu = AD.UCHICAGO.EDU
 .ad.local = AD.LOCAL

pam.d/system-auth
authrequired  pam_env.so
authsufficientpam_winbind.so
authsufficientpam_unix.so nullok use_first_pass
authrequisite pam_succeed_if.so uid >= 500 quiet
authrequired  pam_deny.so

account sufficientpam_winbind.so
account required  pam_unix.so
account sufficientpam_succeed_if.so uid < 500 quiet
account required  pam_permit.so

passwordrequisite pam_cracklib.so try_first_pass retry=3
passwordsufficientpam_unix.so md5 shadow nullok try_first_pass  
use_authtok

passwordrequired  pam_deny.so

session optional  pam_keyinit.so revoke
session required  pam_limits.so
session [success=1 default=ignore] pam_succeed_if.so service in  
crond quiet use_uid

session required  pam_unix.so


=
I joined the domain by:  net rpc join -S ad1.ad.uchicago.edu -U _elijah

As I said, I can ssh in as adlocal+eli...@concordia. I can also ssh in  
as _eli...@concordia (_elijah is the administrative account in AD.UCHICAGO.EDU 
). If I create a local account (e.g. in /etc/passwd) named ADLOCAL 
+elijah, I get that uid as the uid when I ssh in (instead of a uid  
that I believe was generated by idmap before I commented the idmap  
stuff out of smb.conf).


I've tried changing the workgroup to ADLOCAL in smb.conf, but that  
doesn't work (I assume because the computer account is in AD).


Any idea how I can get users in ADLOCAL to login without the prefix  
and inherit a uid from passwd? I'm not concerned about username  
collisions between ADLOCAL and AD.UCHICAGO.EDU


Thanks,

Elijah

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Ivan Ordonez 
I was able to install 3.3.8 version of Samba.  I am running it now.  I 
can see shares, but could not write at all. 

ACL seems simple but I can't get it to work.  Any help or advise would 
be greatly appreciated.


Robert LeBlanc wrote:
The changes have not made it into a 3.3.x release yet, 3.3.7 was a 
security release, ideally 3.3.8 should have the fix. There were quiet 
a number of configuration changes from 3.0.x to 3.3.x in regards to 
Active Directory, you may not be able to use you old config without 
updating some things.


Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez > wrote:



I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I got
some "realm" complaints when I run testparm and some "ADS" 
related error.  The 3.3.7 version is masked by Gentoo portage and

not sure if it will be available soon.

Thanks,
-Ivan


Robert LeBlanc wrote:

What version of samba are you using? I submitted a patch to Samba
that is in 3.4.1 and slated for the next version of 3.3.x that
fixes the workgroup/realm thing. It falls back to SPEGO without
the patch, but it takes a little while, the patch speeds things up.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson
mailto:jpeters...@garnser.se>> wrote:

How did you solve the kerberos portion how things, when
winbind tries
to connect to my server the kerberos sessions fails as it
tries to
connect with the workgroup instead of the realm.

Thanks

/Jonathan

On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>> wrote:
>
>
> Jonathan Petersson wrote:
>>
>> Hi Ivan,
>>
>> I'm working on a similar thing but is having some issues
with the
>> kerberos sessions between samba and AD. Is your Samba
server a member
>> of a Win2k8R2 or a Win2k3 domain?
>>
>> Thanks
>>
>> /Jonathan
>>
>> On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>>
>> wrote:
>>
>>>
>>> Robert LeBlanc wrote:
>>>

 What are the permissions on /shared/drive? We use ACLs
to control access
 rather than smb.conf. This gives us great flexability
and you can kind
 of
 manage it using a Windows machine. If you have Kerberos
keytab
 generated,
 you can smbmount on Linux using the -o sec=krb5 and no
passwords are
 needed,
 it also obeys ACL. The only catch is that you need to
use RID or LDAP
 for
 uid/gid mapping or else your permissions won't line up.

 Robert LeBlanc
 Life Sciences & Undergraduate Education Computer Support
 Brigham Young University


 On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>
 >> wrote:

   Hello,

   We have a Gentoo box running Samba and is a member of
the Active
   Directory domain. This Gentoo box will be a fileserver
when
   everything is completed and setup as it should.  I
want our users
   to login to their computer (Computers are all members
of the same
   Active Directory domain) using Active Directory
accounts/domain
   for authentication. I am using Winbind for Active
Directory
   authentication/integration. I'm almost done except
file permission
   issue.  All is working smoothly (ie. wbinfo,
smbclient, getent,
   etc.). I can access/map the shared drive on the Gentoo
box from
   any Windows computer, login to a machine without a
problem using
   Active Directory accounts.  The Active Directory
authentication
   with Winbind is working as it should.

   For some odd reason, I can't figure out how to give
permissions to
   all users the ability to make changes/add new folders
on the
   shared drive. I am getting access denied even when the
users or
   group are valid users of the shared drive per
smb.conf.  Below is
   my smb.conf shared configuration:

   [shared]
 comment = shared
 path = /shar

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Robert LeBlanc 
The changes have not made it into a 3.3.x release yet, 3.3.7 was a security
release, ideally 3.3.8 should have the fix. There were quiet a number of
configuration changes from 3.0.x to 3.3.x in regards to Active Directory,
you may not be able to use you old config without updating some things.

Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Mon, Oct 5, 2009 at 10:02 AM, Ivan Ordonez  wrote:

>
> I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I got some
> "realm" complaints when I run testparm and some "ADS"  related error.  The
> 3.3.7 version is masked by Gentoo portage and not sure if it will be
> available soon.
>
> Thanks,
> -Ivan
>
>
> Robert LeBlanc wrote:
>
> What version of samba are you using? I submitted a patch to Samba that is
> in 3.4.1 and slated for the next version of 3.3.x that fixes the
> workgroup/realm thing. It falls back to SPEGO without the patch, but it
> takes a little while, the patch speeds things up.
>
> Robert LeBlanc
> Life Sciences & Undergraduate Education Computer Support
> Brigham Young University
>
>
> On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson  > wrote:
>
>> How did you solve the kerberos portion how things, when winbind tries
>> to connect to my server the kerberos sessions fails as it tries to
>> connect with the workgroup instead of the realm.
>>
>> Thanks
>>
>> /Jonathan
>>
>> On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez 
>> wrote:
>> >
>> >
>> > Jonathan Petersson wrote:
>> >>
>> >> Hi Ivan,
>> >>
>> >> I'm working on a similar thing but is having some issues with the
>> >> kerberos sessions between samba and AD. Is your Samba server a member
>> >> of a Win2k8R2 or a Win2k3 domain?
>> >>
>> >> Thanks
>> >>
>> >> /Jonathan
>> >>
>> >> On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez 
>> >> wrote:
>> >>
>> >>>
>> >>> Robert LeBlanc wrote:
>> >>>
>> 
>>  What are the permissions on /shared/drive? We use ACLs to control
>> access
>>  rather than smb.conf. This gives us great flexability and you can
>> kind
>>  of
>>  manage it using a Windows machine. If you have Kerberos keytab
>>  generated,
>>  you can smbmount on Linux using the -o sec=krb5 and no passwords are
>>  needed,
>>  it also obeys ACL. The only catch is that you need to use RID or LDAP
>>  for
>>  uid/gid mapping or else your permissions won't line up.
>> 
>>  Robert LeBlanc
>>  Life Sciences & Undergraduate Education Computer Support
>>  Brigham Young University
>> 
>> 
>>  On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez >  > wrote:
>> 
>>    Hello,
>> 
>>    We have a Gentoo box running Samba and is a member of the Active
>>    Directory domain. This Gentoo box will be a fileserver when
>>    everything is completed and setup as it should.  I want our users
>>    to login to their computer (Computers are all members of the same
>>    Active Directory domain) using Active Directory accounts/domain
>>    for authentication. I am using Winbind for Active Directory
>>    authentication/integration. I'm almost done except file permission
>>    issue.  All is working smoothly (ie. wbinfo, smbclient, getent,
>>    etc.). I can access/map the shared drive on the Gentoo box from
>>    any Windows computer, login to a machine without a problem using
>>    Active Directory accounts.  The Active Directory authentication
>>    with Winbind is working as it should.
>> 
>>    For some odd reason, I can't figure out how to give permissions to
>>    all users the ability to make changes/add new folders on the
>>    shared drive. I am getting access denied even when the users or
>>    group are valid users of the shared drive per smb.conf.  Below is
>>    my smb.conf shared configuration:
>> 
>>    [shared]
>>  comment = shared
>>  path = /shared/drive
>>  read only = no
>>  inherit permissions = yes
>>  create mask = 755
>>  directory mask = 755
>>  valid users = @"MYDOMAIN+mygroup"
>>  browseable = yes
>>  writable = yes
>> 
>>    Any help would be greatly appreciated.
>> 
>>    -Ivan
>>    --To unsubscribe from this list go to the following URL and
>> read
>>  the
>>    instructions:  https://lists.samba.org/mailman/options/samba
>> 
>> 
>> >>>
>> >>> Hi,
>> >>>
>> >>> The files and folders on the shared drive are owned by local Linux
>> >>> account.
>> >>>  The permissions are read, write and execute by the owner, read and
>> write
>> >>> by
>> >>> group and all.  I was hoping that smb.conf will control the shared
>> drive
>> >>> access but having a hard time doing so.  I would like to use ACL if
>> that
>> >>> is
>> >>> the best way to make it work.   Would you mind giving me few pointers
>> or
>> >>> point

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Harry Jede 
On Montag, 5. Oktober 2009 wrote Eero Volotinen:
> Michael Lueck kirjoitti:
> > John Drescher wrote:
> >> I would not remove the old entries. If you are using ldap
> >> replicate the openldap first. If you are using tdbsam copy the
> >> /var/lib/samba folder.
> >
> > Sorry, I forgot to mention that no LDAP or anything "fancy" is
> > involved. So Samba has made entries in /etc/passwd and /etc/group,
> > and that is what I am interested in moving properly.
>
> just copy and paste entries to /etc/passwd and /etc/group ?
Sounds usable, but do not do this.
You may get massiv problems :-( .

You need passwd AND shadow for the users, but normaly NOT the hole file.
The system accounts may be different on your new system, so identify the 
min and max uidnumber for regular users and copy only these users. Do 
the same with the shadow file. AND make backups.

Same thing with groups. Identify your min and max gidnumber and copy 
only these groups.

Maybe you need to transform some uid/gid-numbers :-) .


>
> --
> Eero



-- 

Gruss
Harry Jede
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Bruno MACADRE 

Jeremy Allison a écrit :

On Fri, Oct 02, 2009 at 10:43:07AM +0200, Bruno MACADRE wrote:
  

Hi,

I don't stop to have problems with samba :s ...

Now after having workaround the bug of scanning all LDAP users for each
connexion... smbd crash very often.

In some workstation log files i can see something like this :

...
[2009/10/01 16:28:12,  2] smbd/open.c:580(open_file)
  baala opened file .profiles/firefox/cookies.sqlite-journal read=No
write=No (numopen=20)
[2009/10/01 16:28:12,  2] smbd/close.c:612(close_normal_file)
  baala closed file .profiles/firefox/cookies.sqlite-journal
(numopen=19) NT_STATUS_OK
*** glibc detected *** /usr/sbin/smbd: realloc(): invalid next size:
0x0955c5c8 ***
=== Backtrace: =
/lib/tls/i686/cmov/libc.so.6[0xb7cca604]
/lib/tls/i686/cmov/libc.so.6[0xb7cce1b1]
/lib/tls/i686/cmov/libc.so.6(realloc+0x106)[0xb7cceee6]
/usr/sbin/smbd(Realloc+0x7d)[0x834326d]
/usr/sbin/smbd(brl_lock+0x4a3)[0x82d1f23]
/usr/sbin/smbd(do_lock+0x147)[0x82cc517]
/usr/sbin/smbd[0x8120467]
/usr/sbin/smbd[0x8121e7a]
/usr/sbin/smbd(reply_trans2+0x6ef)[0x8123b5f]
/usr/sbin/smbd[0x8145848]
/usr/sbin/smbd[0x81481ad]
/usr/sbin/smbd[0x8148bd2]
/usr/sbin/smbd(run_events+0x13c)[0x8353cac]
/usr/sbin/smbd(smbd_process+0x791)[0x8147cd1]
/usr/sbin/smbd[0x8623a25]
/usr/sbin/smbd(run_events+0x13c)[0x8353cac]
/usr/sbin/smbd[0x8353f4e]
/usr/sbin/smbd(_tevent_loop_once+0x9b)[0x835458b]
/usr/sbin/smbd(main+0xc12)[0x8624732]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c71775]
/usr/sbin/smbd[0x80c3e91]
=== Memory map: 



This is almost certainly bug 6776 which I just
committed a fix for.

I'm planning a back-port, what specific Samba
version do you need the fix for ?

Jeremy.
  


Thanks for this fix, i've patched my Samba 3.4.2 with your fix and the 
locktest2 works fine... Actualy i can't say if this fix solve my 
problem, i've disabled mounting CIFS on my linux boxes because my 
student can't compile on CIFS share (cf my message related to this 
problem), so for instance i've tranformed my CIFS shares in NFS 
shares it's less secure but it works...


But the bug 6776 describe a behavior really near of my problem. I will 
tell you if i can re-enabled CIFS on my linux boxes a day !


Thanks for your fix !
Bruno

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] not permitted to access this share [Solved]

2009-10-05 Thread andy.marr 
Turned out to be Require Ntlmv2 and 128Bit encryption was set via Group
Policy Object on the clients.

Once these were turn off the shares could be mounted no problem. 

Not had chance to try Samba 3.4.x , its assumed that 3.0.33 doesn't work
with the client settings mentioned above.

Thanks
To all who replied.

Andy


-Original Message-
From: Marr,A,Andy,DGE62 C 
Sent: 30 September 2009 13:39
To: samba@lists.samba.org
Subject: RE: [Samba] not permitted to access this share

 It seems the SMBclient software on the SAMBA server has no issues
mounting a share using ADS for authentication , but the PC Clients in
the AD are unable to mount the share.

Can anyone point in the right direction to look ?


-Original Message-
From: Eero Volotinen [mailto:eero.voloti...@iki.fi]
Sent: 29 September 2009 17:44
To: Marr,A,Andy,DGE62 C
Cc: samba@lists.samba.org
Subject: Re: [Samba] not permitted to access this share

andy.m...@bt.com kirjoitti:
> Update if anyone's reading.
> 
> I've turn off winbind and removed winbind from nsswitch.conf on the 
> samba server.
> 
> I can now get a connection using smbclient on the samba server - using

> the users AD password.
>  /usr/sfw/bin/smbclient //fgukshppay001/lsww -U admandymarr
> Password:
> Domain=[FIRSTGROUP] OS=[Unix] Server=[Samba 3.0.33]
> smb: \>
> 
> 
> But I still cannot get a connection via the PC's in the domain.
> 
> 
> P:\>net use *  \\FGUKSHPPAY001\LSWW
> System error 64 has occurred.
> 
> The specified network name is no longer available.

Can you ping FGUKSHPPAY001 from cmd.exe on windows machine ? If not,
maybe it is wins (dns) name resolving issue?

Try using \\full.dns.name\LSWW on windows machine?

--
Eero,
RHCE
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Zoolook 
On Mon, Oct 5, 2009 at 2:36 PM, Michael Lueck
 wrote:

> Just no one happened to explain how to move machine accounts to the new PDC.
>

machine accounts are user accounts from the *nix point of view ;-)

regards,
norberto
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Jeremy Allison 
On Fri, Oct 02, 2009 at 10:43:07AM +0200, Bruno MACADRE wrote:
> Hi,
> 
>   I don't stop to have problems with samba :s ...
> 
>   Now after having workaround the bug of scanning all LDAP users for each
> connexion... smbd crash very often.
> 
>   In some workstation log files i can see something like this :
> 
> ...
> [2009/10/01 16:28:12,  2] smbd/open.c:580(open_file)
>   baala opened file .profiles/firefox/cookies.sqlite-journal read=No
> write=No (numopen=20)
> [2009/10/01 16:28:12,  2] smbd/close.c:612(close_normal_file)
>   baala closed file .profiles/firefox/cookies.sqlite-journal
> (numopen=19) NT_STATUS_OK
> *** glibc detected *** /usr/sbin/smbd: realloc(): invalid next size:
> 0x0955c5c8 ***
> === Backtrace: =
> /lib/tls/i686/cmov/libc.so.6[0xb7cca604]
> /lib/tls/i686/cmov/libc.so.6[0xb7cce1b1]
> /lib/tls/i686/cmov/libc.so.6(realloc+0x106)[0xb7cceee6]
> /usr/sbin/smbd(Realloc+0x7d)[0x834326d]
> /usr/sbin/smbd(brl_lock+0x4a3)[0x82d1f23]
> /usr/sbin/smbd(do_lock+0x147)[0x82cc517]
> /usr/sbin/smbd[0x8120467]
> /usr/sbin/smbd[0x8121e7a]
> /usr/sbin/smbd(reply_trans2+0x6ef)[0x8123b5f]
> /usr/sbin/smbd[0x8145848]
> /usr/sbin/smbd[0x81481ad]
> /usr/sbin/smbd[0x8148bd2]
> /usr/sbin/smbd(run_events+0x13c)[0x8353cac]
> /usr/sbin/smbd(smbd_process+0x791)[0x8147cd1]
> /usr/sbin/smbd[0x8623a25]
> /usr/sbin/smbd(run_events+0x13c)[0x8353cac]
> /usr/sbin/smbd[0x8353f4e]
> /usr/sbin/smbd(_tevent_loop_once+0x9b)[0x835458b]
> /usr/sbin/smbd(main+0xc12)[0x8624732]
> /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7c71775]
> /usr/sbin/smbd[0x80c3e91]
> === Memory map: 

This is almost certainly bug 6776 which I just
committed a fix for.

I'm planning a back-port, what specific Samba
version do you need the fix for ?

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] samba file locking

2009-10-05 Thread Jeremy Allison 
On Mon, Oct 05, 2009 at 11:43:52AM +0200, Janez Kosmrlj wrote:
> Hi,
> I encountered an interesting problem. We have a Java application on a samba
> server. The folder is then shared to the clients via a samba share. So far
> it works OK. Until now we had windows clients and everything worked OK. But
> now we are trying to migrate to Linux clients and this is where the fun
> starts. When a developer copies a new jar to the folder which is shared via
> samba. And if this copying is done by scp strange things start happening.
> After a few clicks the application stops working returning NoClassDeffFound,
> even if the file is there and readable. After that it is not enough to just
> stop the application, you have to unmount an then mount the share. I tried
> turning off oplocks and then turning on kernel oplocks in the samba
> configuration as suggested in the samba how-to, but it doesn't fix the
> problem.
> Has anyone an idea how to fix this situation?

Need more data - log files as to what is going on etc.
Please log a bugzilla bug.

> We are using centos 5.3 on client and server side.

What Samba version is that ?

Jeremy.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Bruno MACADRE 
Volker Lendecke a écrit :
> On Mon, Oct 05, 2009 at 04:58:22PM +0200, Volker Lendecke wrote:
>> For #6771: You might want to look at "ldapsam:editposix=yes".
> 
> I meant ldapsam:trusted=yes
> 
> Volker
Even with ldapsam:trusted=yes, all the ldap user branch is scanned at
the logon of any user...

must I use idmap even if i don't use Winbind ? ('cause my LDAP doesn't
have idmap branch for instance)

-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Zoolook 
On Mon, Oct 5, 2009 at 2:18 PM, Michael Lueck
 wrote:
> Eero Volotinen wrote:
>
>> just copy and paste entries to /etc/passwd and /etc/group ?
>
> That is what I was thinking to do... just wanted to be sure that such would
> actually work... that I did not need to actually execute adduser and have it
> create the entries as it also knows to update "some other place" that I was
> not thinking of.

Also be sure to copy these:

/var/lib/samba
/var/spool/samba
/var/cache/samba

Regards,
Norberto
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Michael Lueck 

Eero Volotinen wrote:


just copy and paste entries to /etc/passwd and /etc/group ?


That is what I was thinking to do... just wanted to be sure that such would actually work... that I did not need to actually execute adduser and have it create the entries as it also knows to update 
"some other place" that I was not thinking of.


Perhaps years of OS/2 and Windows bleeding through... ;-)

Thanks,

--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Eero Volotinen 

Michael Lueck kirjoitti:

John Drescher wrote:

I would not remove the old entries. If you are using ldap replicate
the openldap first. If you are using tdbsam copy the /var/lib/samba
folder.


Sorry, I forgot to mention that no LDAP or anything "fancy" is involved. 
So Samba has made entries in /etc/passwd and /etc/group, and that is 
what I am interested in moving properly.




just copy and paste entries to /etc/passwd and /etc/group ?


--
Eero
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Michael Lueck 

John Drescher wrote:

I would not remove the old entries. If you are using ldap replicate
the openldap first. If you are using tdbsam copy the /var/lib/samba
folder.


Sorry, I forgot to mention that no LDAP or anything "fancy" is involved. So 
Samba has made entries in /etc/passwd and /etc/group, and that is what I am interested in 
moving properly.

"remove the old entries"... ??? I am trying to set up an identical PDC on new 
hardware.

I understand that uid/gid numbers must match, so thinking to use adduser to get 
them added, then edit the files to keep the numbers matching between the 
old/new PDC.

But then, what to do about those entries in those two files that are for 
workstations? Can I simply copy/paste from the files on the existing PDC the 
entries for the machine accounts?

Thanks,

--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Can't compiling over CIFS Shares

2009-10-05 Thread Bruno MACADRE 
Jonathon Doran a écrit :
> Quoting Bruno MACADRE :
> 
>> Volker Lendecke a écrit :
>>> On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote:
 Hi,

 My problems with Samba continue... I'm very disappointed, i've
 never
 had as problems with Samba before (on my old server with Gentoo/Samba
 3.0.23...).

 So the new problem is : When a student want to compile a C
 program into
 his home (mounted in CIFS), the produced executable can't be executed
 "./tst: cannot execute binary file". Tried on ubuntu-9.04 with
 mount.cifs 3.2.3 and mount.cifs 3.4.2.
>>>
>>> Isn't this more a problem with linux cifs rather than Samba
>>> on the server? The mount.cifs version has only minor
>>> relevance on the behaviour of the in-kernel module.
>>>
>>> Volker
>> Maybe,
>>
>> Actually my kernel is 2.6.28-15-generic (basic ubuntu-desktop kernel).
>> I'll try another kernel and tell you what's happened
> 
> Another kernel seems overkill, and slow.  This sounds like a problem
> with mounting options to me.  What was the command-line or the fstab
> entry for this filesystem?  Perhaps we can see something wrong there.

Like described in my previous message, my mounting options are very simple :

In my pam_mount.conf.xml the mount is like that :


But even if i do a simple mount like this :
mount -t cifs -ousername=user //SERVER_IP/user REP


and when i compile into REP files produced are corrupted...


-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread John Drescher 
On Mon, Oct 5, 2009 at 12:32 PM, Michael Lueck
 wrote:
> Greetings-
>
> I have not found discussed / documented what to do with machine accounts
> when moving a Samba PDC to new hardware.
>
> I have seen that uid/gid numbers must match between the old/new system. I am
> thinking to use adduser to accomplish that, then make the numbers on the new
> server match, using a text editor.
>
> After that, can I simply enter the machine account entries by hand with a
> text editor?
>

I would not remove the old entries. If you are using ldap replicate
the openldap first. If you are using tdbsam copy the /var/lib/samba
folder.

-- 
John M. Drescher
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] How to bulk add machine accounts during PDC hardware refresh?

2009-10-05 Thread Michael Lueck 

Greetings-

I have not found discussed / documented what to do with machine accounts when 
moving a Samba PDC to new hardware.

I have seen that uid/gid numbers must match between the old/new system. I am 
thinking to use adduser to accomplish that, then make the numbers on the new 
server match, using a text editor.

After that, can I simply enter the machine account entries by hand with a text 
editor?

TIA!

--
Michael Lueck
Lueck Data Systems
http://www.lueckdatasystems.com/

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] ad 2003 & nss_ldap produce: smbd/service.c:make_connection_snum(1003): Permission denied

2009-10-05 Thread Andreas Zickner 

Hi,

in case I'm using Samba 3.0.22 based HP CIFS Server A.02.03.02 the setup 
works. I can mount the home dir without any issues. I used exactly the 
same smb.conf (except the line winbind offline logon = false).

Any idea why this does not work with RH 5.4 (and 5.3)?

thanks for any help

Andreas

P.S.: on hp ux I'm using ldapux ... not nss_ldap; but nsswitch.conf is 
the same and windbindd ist running.


Andreas Zickner wrote:

Hello all,

since some weeks I try to get the following configuration working

Windows 2003 AD (no R2!!) with SFU 3.5
Red Hat Enterprise Linux Server release 5.4 (Tikanga) with
 Samba (samba-3.0.33-3.14.el5)
 nss_ldap (nss_ldap-253-21.el5)

So I wanted to implement the following setup:

http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2607783 



The main reason using this combination is that I must maintain the 
UID/GID of users in the AD. The UIDs of the users must be the same on 
all UX systems. I have two samba servers and other UX only servers.


(let me know if you find a better way doing this type of integration)

I followed several manuals and howtos to get it running. It looks all 
working except that I can't mount shares within samba. From my point of 
view Samba returns me a strange error:


Here is the log (user tata -> UID 1 from AD):

[2009/10/03 08:57:51, 5] auth/auth_util.c:debug_unix_user_token(474)
  UNIX token of user 1
  Primary group is 10003 and contains 3 supplementary groups
  Group[  0]: 603
  Group[  1]: 600
  Group[  2]: 602
[2009/10/03 08:57:51, 5] smbd/uid.c:change_to_user(273)
  change_to_user uid=(1,1) gid=(0,10003)
[2009/10/03 08:57:51, 0] smbd/service.c:make_connection_snum(1003)
  '/home/tata' does not exist or permission denied when connecting to 
[share1] Error was Permission denied


I checked the source code and it looks to me that samba does a 'stat 
/home/tata' running as user tata (uid 1) but is getting a 
'Permission denied' from the OS. Ok I thought this is simply a 
permission issue  no success :-(


Ok what I already did & what is working:

* /home/tata is existing and has 777 (for test ... I tried also 755)
* su - tata and stat /home/tata are ok
* I can log on with the AD users on ux / ssh etc.; I have access etc.
* 'getent passwd' is fine
* 'wbinfo -u' and 'wbinfo -g' is fine
* mounting a share tmp with /tmp 
(http://us5.samba.org/samba/docs/man/Samba-HOWTO-Collection/diagnosis.html) 
is working!!

* Kerberos and winbind look ok to me ...
* winbind authentication of the user seem to be fine (from the logs)
* all things I see with the 'net' command seem to be ok.

Here my samba conf:

[global]
   workgroup = W2K3
   password server = AD.W2K3.LOCAL
   realm = W2K3.LOCAL
   security = ads
   idmap uid = 600-33554431
   idmap gid = 600-33554431
   template shell = /bin/bash
   winbind use default domain = false
   winbind offline logon = false
   winbind nested groups = yes
   server string = Samba Server Version %v
   passdb backend = tdbsam
   load printers = yes
   cups options = raw

[homes] ; not working share
comment = Home Directories
browseable = no
writable = yes

[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes

[share1] ; not working share
comment = Share 1
path = /home/tata
read only = yes

[tmp] ; working share
comment = temporary files
path = /tmp
read only = yes


/etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group:  files ldap
hosts:  files dns



I'm unable to mount share1 or homes  but I can mount tmp. If I 
change the path in share1 to /tmp I can mount share1 as well. I changed 
the permissions of /home/tata to the exact values as /tmp -> no luck


In the code I did not really found a reference to /tmp but I'm not a 
samba guru  (btw. I like the code!!, easy to read :D )


Unfortunate I have to get this also running on HP-UX11iv3  any input 
if this is even possible?


I'm also happy to get any alternative solutions that enable me to manage 
the uid in AD and having the accounts only in AD 


I would appreciate any help here.

thanks,
Andreas

P.S: of course I can provide much more details / logs. Just tell me 



--
Andreas Zickner
Gotenstr. 2 - 71065 Sindelfingen - andr...@zickner.de - 015771968553
==
Es ist ein Unterschied ob man seinen Weg kennt ...
 ... oder ob man ihn beschreitet

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Samba as fileserver on Active Directory domain

2009-10-05 Thread Ivan Ordonez 


I am using Samba version 3.0.36.  When I upgraded to 3.3.7, I got some 
"realm" complaints when I run testparm and some "ADS"  related error.  
The 3.3.7 version is masked by Gentoo portage and not sure if it will be 
available soon.


Thanks,
-Ivan

Robert LeBlanc wrote:
What version of samba are you using? I submitted a patch to Samba that 
is in 3.4.1 and slated for the next version of 3.3.x that fixes the 
workgroup/realm thing. It falls back to SPEGO without the patch, but 
it takes a little while, the patch speeds things up.


Robert LeBlanc
Life Sciences & Undergraduate Education Computer Support
Brigham Young University


On Fri, Oct 2, 2009 at 11:09 AM, Jonathan Petersson 
mailto:jpeters...@garnser.se>> wrote:


How did you solve the kerberos portion how things, when winbind tries
to connect to my server the kerberos sessions fails as it tries to
connect with the workgroup instead of the realm.

Thanks

/Jonathan

On Fri, Oct 2, 2009 at 9:36 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>> wrote:
>
>
> Jonathan Petersson wrote:
>>
>> Hi Ivan,
>>
>> I'm working on a similar thing but is having some issues with the
>> kerberos sessions between samba and AD. Is your Samba server a
member
>> of a Win2k8R2 or a Win2k3 domain?
>>
>> Thanks
>>
>> /Jonathan
>>
>> On Fri, Oct 2, 2009 at 9:00 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>>
>> wrote:
>>
>>>
>>> Robert LeBlanc wrote:
>>>

 What are the permissions on /shared/drive? We use ACLs to
control access
 rather than smb.conf. This gives us great flexability and you
can kind
 of
 manage it using a Windows machine. If you have Kerberos keytab
 generated,
 you can smbmount on Linux using the -o sec=krb5 and no
passwords are
 needed,
 it also obeys ACL. The only catch is that you need to use RID
or LDAP
 for
 uid/gid mapping or else your permissions won't line up.

 Robert LeBlanc
 Life Sciences & Undergraduate Education Computer Support
 Brigham Young University


 On Thu, Oct 1, 2009 at 10:14 AM, Ivan Ordonez
mailto:iordo...@berkeley.edu>
 >> wrote:

   Hello,

   We have a Gentoo box running Samba and is a member of the
Active
   Directory domain. This Gentoo box will be a fileserver when
   everything is completed and setup as it should.  I want our
users
   to login to their computer (Computers are all members of
the same
   Active Directory domain) using Active Directory accounts/domain
   for authentication. I am using Winbind for Active Directory
   authentication/integration. I'm almost done except file
permission
   issue.  All is working smoothly (ie. wbinfo, smbclient, getent,
   etc.). I can access/map the shared drive on the Gentoo box from
   any Windows computer, login to a machine without a problem
using
   Active Directory accounts.  The Active Directory authentication
   with Winbind is working as it should.

   For some odd reason, I can't figure out how to give
permissions to
   all users the ability to make changes/add new folders on the
   shared drive. I am getting access denied even when the users or
   group are valid users of the shared drive per smb.conf.
 Below is
   my smb.conf shared configuration:

   [shared]
 comment = shared
 path = /shared/drive
 read only = no
 inherit permissions = yes
 create mask = 755
 directory mask = 755
 valid users = @"MYDOMAIN+mygroup"
 browseable = yes
 writable = yes

   Any help would be greatly appreciated.

   -Ivan
   --To unsubscribe from this list go to the following URL
and read
 the
   instructions:  https://lists.samba.org/mailman/options/samba


>>>
>>> Hi,
>>>
>>> The files and folders on the shared drive are owned by local Linux
>>> account.
>>>  The permissions are read, write and execute by the owner,
read and write
>>> by
>>> group and all.  I was hoping that smb.conf will control the
shared drive
>>> access but having a hard time doing so.  I would like to use
ACL if that
>>> is
>>> the best way to make it work.   Would you mind giving me few
pointers or
>>> point me to the right direction to get started on ACL?  I am
no LDAP
>>> expert
>>> but I think I can get by if I have to use it.
>>>
>>> Thanks!
>>>
>>> -I

Re: [Samba] smbd Crash

2009-10-05 Thread Bruno MACADRE 
Volker Lendecke a écrit :
> On Mon, Oct 05, 2009 at 04:42:00PM +0200, Bruno MACADRE wrote:
>> I've got :
>>  panic action = /bin/sleep 9
>>
>> I don't know why in samba 3.4.2 the new default for panic action is
>> /bin/sleep 9 but if i do a simple calcul, this means that my
>> server sleep during 31 years when a crash appears 
>>
>> 31 years... it's long, so i'm going to activate a REAL panic action in
>> my smb.conf !!
> 
> We choose this default only if you compile with
> --enable-developer=yes. It is intended for developers which
> want to attach to the crashed process with gdb.
> 
>> This can't resolv neither my ldapsam problem (bug #6771) nor my smbd
>> crash when mounting some CIFS under linux (and even nor my problem of
>> broken compilation over CIFS share), but i think my would be more
>> efficient without sleeping 31 years !!
> 
> For the cifs mounting crash Jeremy Allison probably has a
> fix. This just sounds too similar to bug #6776.
> 
> For #6771: You might want to look at "ldapsam:editposix=yes".
> 
> Volker
Yes, i've compiled samba with --enable-debug and --enable-developper to
use gdb and valgrind and forgot it (ouch... i think i need to sleep a
little ^^)

Thanks for your answers i will try this ASAP !

Regards,
Bruno.


-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Can't compiling over CIFS Shares

2009-10-05 Thread Jonathon Doran 

Quoting Bruno MACADRE :


Volker Lendecke a écrit :

On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote:

Hi,

My problems with Samba continue... I'm very disappointed, i've never
had as problems with Samba before (on my old server with Gentoo/Samba
3.0.23...).

So the new problem is : When a student want to compile a C program into
his home (mounted in CIFS), the produced executable can't be executed
"./tst: cannot execute binary file". Tried on ubuntu-9.04 with
mount.cifs 3.2.3 and mount.cifs 3.4.2.


Isn't this more a problem with linux cifs rather than Samba
on the server? The mount.cifs version has only minor
relevance on the behaviour of the in-kernel module.

Volker

Maybe,

Actually my kernel is 2.6.28-15-generic (basic ubuntu-desktop kernel).
I'll try another kernel and tell you what's happened


Another kernel seems overkill, and slow.  This sounds like a problem  
with mounting options to me.  What was the command-line or the fstab  
entry for this filesystem?  Perhaps we can see something wrong there.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Volker Lendecke 
On Mon, Oct 05, 2009 at 04:58:22PM +0200, Volker Lendecke wrote:
> For #6771: You might want to look at "ldapsam:editposix=yes".

I meant ldapsam:trusted=yes

Volker


signature.asc
Description: Digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Volker Lendecke 
On Mon, Oct 05, 2009 at 04:42:00PM +0200, Bruno MACADRE wrote:
> I've got :
>   panic action = /bin/sleep 9
> 
> I don't know why in samba 3.4.2 the new default for panic action is
> /bin/sleep 9 but if i do a simple calcul, this means that my
> server sleep during 31 years when a crash appears 
> 
> 31 years... it's long, so i'm going to activate a REAL panic action in
> my smb.conf !!

We choose this default only if you compile with
--enable-developer=yes. It is intended for developers which
want to attach to the crashed process with gdb.

> This can't resolv neither my ldapsam problem (bug #6771) nor my smbd
> crash when mounting some CIFS under linux (and even nor my problem of
> broken compilation over CIFS share), but i think my would be more
> efficient without sleeping 31 years !!

For the cifs mounting crash Jeremy Allison probably has a
fix. This just sounds too similar to bug #6776.

For #6771: You might want to look at "ldapsam:editposix=yes".

Volker


signature.asc
Description: Digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Can't compiling over CIFS Shares

2009-10-05 Thread Bruno MACADRE 
Volker Lendecke a écrit :
> On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote:
>> Hi,
>>
>>  My problems with Samba continue... I'm very disappointed, i've never
>> had as problems with Samba before (on my old server with Gentoo/Samba
>> 3.0.23...).
>>
>>  So the new problem is : When a student want to compile a C program into
>> his home (mounted in CIFS), the produced executable can't be executed
>> "./tst: cannot execute binary file". Tried on ubuntu-9.04 with
>> mount.cifs 3.2.3 and mount.cifs 3.4.2.
> 
> Isn't this more a problem with linux cifs rather than Samba
> on the server? The mount.cifs version has only minor
> relevance on the behaviour of the in-kernel module.
> 
> Volker
Maybe,

Actually my kernel is 2.6.28-15-generic (basic ubuntu-desktop kernel).
I'll try another kernel and tell you what's happened

Bruno.

-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] smbd Crash

2009-10-05 Thread Bruno MACADRE 
Volker Lendecke a écrit :
> On Fri, Oct 02, 2009 at 04:33:39PM +0200, Bruno MACADRE wrote:
>> Ok I will turn log to level 10 for the next restart of the server, when
>> this crash happening i will send you all the lines requested :)
>>
>> Another clue, the crash appear only for user who connect under linux (so
>> for user who mount their homes and shares in CIFS). Users using WinXP
>> Pro Workstations have no problem (while server don't crash of course ^^).
> 
> Oh, that is indeed a very good hint. What cifs version are
> you running, and what apps?
> 
> Volker

I've no more information about the crash evoked in my previous message,
but last mail of "Ralph Kutschera" (Unknown panic action) points my
reflexions about "Why my server seems to be hang when a panic action ??"

The answer is pretty simple, i've no "panic action" in my smb.conf, and
in the man i can read "Default: panic action =".

But if i type the following command :
# testparm -v | grep panic
I've got :
panic action = /bin/sleep 9

I don't know why in samba 3.4.2 the new default for panic action is
/bin/sleep 9 but if i do a simple calcul, this means that my
server sleep during 31 years when a crash appears 

31 years... it's long, so i'm going to activate a REAL panic action in
my smb.conf !!

This can't resolv neither my ldapsam problem (bug #6771) nor my smbd
crash when mounting some CIFS under linux (and even nor my problem of
broken compilation over CIFS share), but i think my would be more
efficient without sleeping 31 years !!

Regards,
Bruno.

-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] Can't compiling over CIFS Shares

2009-10-05 Thread Volker Lendecke 
On Mon, Oct 05, 2009 at 04:30:41PM +0200, Bruno MACADRE wrote:
> Hi,
> 
>   My problems with Samba continue... I'm very disappointed, i've never
> had as problems with Samba before (on my old server with Gentoo/Samba
> 3.0.23...).
> 
>   So the new problem is : When a student want to compile a C program into
> his home (mounted in CIFS), the produced executable can't be executed
> "./tst: cannot execute binary file". Tried on ubuntu-9.04 with
> mount.cifs 3.2.3 and mount.cifs 3.4.2.

Isn't this more a problem with linux cifs rather than Samba
on the server? The mount.cifs version has only minor
relevance on the behaviour of the in-kernel module.

Volker


signature.asc
Description: Digital signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Can't compiling over CIFS Shares

2009-10-05 Thread Bruno MACADRE 
Hi,

My problems with Samba continue... I'm very disappointed, i've never
had as problems with Samba before (on my old server with Gentoo/Samba
3.0.23...).

So the new problem is : When a student want to compile a C program into
his home (mounted in CIFS), the produced executable can't be executed
"./tst: cannot execute binary file". Tried on ubuntu-9.04 with
mount.cifs 3.2.3 and mount.cifs 3.4.2.

How to reproduce :
1- Mount a CIFS share on a workstation :
# mount -t cifs -ousername=toto //192.168.0.10/toto TMP
2- Go to this mount
# cd TMP
3- Write a small C program
# vi main.c
int main(int argc, char *argv[])
{
return 0;
}
4- Try to compile and execute them :
a- First way :
# gcc -o tst main.c
Compilation OK
# ./tst
./tst: cannot execute binary file


b- Second way :
# gcc -c main.c
Compilation OK
# gcc -o tst main.o
main.o: file not recognized: File format not recognized
collect2: ld returned 1 exit status


You can try to evaluate the type of file .o. When you compile on a local
directory of the workstation :
# file main.o
main.o: ELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not
stripped
But if you compile in a CIFS share
# file main.o
main.o: data

Any idea ??

I've a simple configuration Samba (3.4.2) as PDC and smbpasswd as
passdb backend (the bug #6771 of ldapsam obliges me to workaround with
smbpasswd). My shares are physicaly on XFS Filesystem with acl activated.

Actually my SAMBA works fine with Windows but it's totally unusable
under Linux...

To be continued...
Regards,
Bruno.

PS : If something is interrested by this problem (i hope for), i can
send my smb.conf and any log files (log level 10 activated) !

-- 

Bruno MACADRE
---
 Ingénieur Systèmes et Réseau | Systems and Network Engineer
 Département Informatique | Department of computer science
 Responsable Réseau et Téléphonie | Telecom and Network Manager
 Université de Rouen  | University of Rouen
---
Coordonnées / Contact :
Université de Rouen
Faculté des Sciences et Techniques - Madrillet
Avenue de l'Université - BP12
76801 St Etienne du Rouvray CEDEX

Tél : +33 (0)2-32-95-51-86
Fax : +33 (0)2-32-95-51-87
---

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Unknown panic actions

2009-10-05 Thread Ralph Kutschera 

Dear list,

  I have Debian Etch with Samba Version 3.0.24 configured as a PDC.

Every day I get exactly 9 emails with panic action:


The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for PID 4170 ().

This means there was a problem with the program, such as a segfault.
However, the executable could not be found for process 4170.
It may have died unexpectedly, or you may not have permission to debug
the process.


All emails are sent at the same time usually in the morning between 7:30 
and 8:30.


I cannot find anything dubious within the logfiles (samba's and syslog) 
nor do I recognize any functional errors.


How can I find out what triggers these panic actions?

Thanks,
  Ralph

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Sambauser can't use his homeshare but other shares - smb.conf

2009-10-05 Thread Mario Constanti 
 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] Sambauser can't use his homeshare but other shares - Logfile3

2009-10-05 Thread Mario Constanti 
 

[2009/10/01 10:17:32, 5] auth/auth_util.c:make_user_info_map(161)
  make_user_info_map: Mapping user []\[] from workstation [WINXPNOTEBOOK]
[2009/10/01 10:17:32, 5] auth/auth_util.c:make_user_info(75)
  attempting to make a user_info for  ()
[2009/10/01 10:17:32, 5] auth/auth_util.c:make_user_info(85)
  making strings for 's user_info struct
[2009/10/01 10:17:32, 5] auth/auth_util.c:make_user_info(117)
  making blobs for 's user_info struct
[2009/10/01 10:17:32, 10] auth/auth_util.c:make_user_info(135)
  made an encrypted user_info for  ()
[2009/10/01 10:17:32, 3] auth/auth.c:check_ntlm_password(221)
  check_ntlm_password:  Checking password for unmapped user 
[]...@[winxpnotebook] with the new password interface
[2009/10/01 10:17:32, 3] auth/auth.c:check_ntlm_password(224)
  check_ntlm_password:  mapped user is: [example]...@[winxpnotebook]
[2009/10/01 10:17:32, 10] auth/auth.c:check_ntlm_password(233)
  check_ntlm_password: auth_context challenge created by random
[2009/10/01 10:17:32, 10] auth/auth.c:check_ntlm_password(235)
  challenge is: 
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] auth/auth.c:check_ntlm_password(270)
  check_ntlm_password: guest authentication for user [] succeeded
[2009/10/01 10:17:32, 5] auth/auth.c:check_ntlm_password(309)
  check_ntlm_password:  guest authentication for user [] -> [] -> [nobody] 
succeeded
[2009/10/01 10:17:32, 5] auth/auth_util.c:free_user_info(2056)
  attempting to free (and zero) a user_info structure
[2009/10/01 10:17:32, 10] auth/auth_util.c:free_user_info(2060)
  structure was created for 
[2009/10/01 10:17:32, 10] auth/auth_util.c:create_local_nt_token(844)
  Create local NT token for S-1-5-21-2090443268-3284995344-604914335-501
[2009/10/01 10:17:32, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1107)
  fetch gid from cache 1 -> S-1-5-32-544
[2009/10/01 10:17:32, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1107)
  fetch gid from cache 10001 -> S-1-5-32-545
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID 
[S-1-5-21-2090443268-3284995344-604914335-501]
[2009/10/01 10:17:32, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-2]
[2009/10/01 10:17:32, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-32-546]
[2009/10/01 10:17:32, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-1-0 to gid, ignoring it
[2009/10/01 10:17:32, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-5-2 to gid, ignoring it
[2009/10/01 10:17:32, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-5-32-546 to gid, ignoring it
[2009/10/01 10:17:32, 10] auth/auth_util.c:debug_nt_user_token(454)
  NT user token of user S-1-5-21-2090443268-3284995344-604914335-501
  contains 4 SIDs
  SID[  0]: S-1-5-21-2090443268-3284995344-604914335-501
  SID[  1]: S-1-1-0
  SID[  2]: S-1-5-2
  SID[  3]: S-1-5-32-546
  SE_PRIV  0x0 0x0 0x0 0x0
[2009/10/01 10:17:32, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338)
  NTLMSSP Sign/Seal - Initialising with flags:
[2009/10/01 10:17:32, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0xa2088205
[2009/10/01 10:17:32, 3] smbd/password.c:register_vuid(304)
  User name: nobody Real name: nobody
[2009/10/01 10:17:32, 3] smbd/password.c:register_vuid(325)
  UNIX uid 65534 is UNIX user nobody, and will be vuid 105
[2009/10/01 10:17:32, 3] smbd/process.c:process_smb(1069)
  Transaction 799 of length 86
[2009/10/01 10:17:32, 3] smbd/process.c:switch_message(927)
  switch message SMBtconX (pid 8642) conn 0x0
[2009/10/01 10:17:32, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 10:17:32, 3] smbd/

[Samba] Sambauser can't use his homeshare but other shares - Logfile2

2009-10-05 Thread Mario Constanti 
 

[2009/10/01 09:51:30, 5] auth/auth_util.c:make_user_info_map(161)
  make_user_info_map: Mapping user []\[] from workstation [WINXPNOTEBOOK]
[2009/10/01 09:51:30, 5] auth/auth_util.c:make_user_info(75)
  attempting to make a user_info for  ()
[2009/10/01 09:51:30, 5] auth/auth_util.c:make_user_info(85)
  making strings for 's user_info struct
[2009/10/01 09:51:30, 5] auth/auth_util.c:make_user_info(117)
  making blobs for 's user_info struct
[2009/10/01 09:51:30, 10] auth/auth_util.c:make_user_info(135)
  made an encrypted user_info for  ()
[2009/10/01 09:51:30, 3] auth/auth.c:check_ntlm_password(221)
  check_ntlm_password:  Checking password for unmapped user 
[]...@[winxpnotebook] with the new password interface
[2009/10/01 09:51:30, 3] auth/auth.c:check_ntlm_password(224)
  check_ntlm_password:  mapped user is: [example]...@[winxpnotebook]
[2009/10/01 09:51:30, 10] auth/auth.c:check_ntlm_password(233)
  check_ntlm_password: auth_context challenge created by random
[2009/10/01 09:51:30, 10] auth/auth.c:check_ntlm_password(235)
  challenge is: 
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] auth/auth.c:check_ntlm_password(270)
  check_ntlm_password: guest authentication for user [] succeeded
[2009/10/01 09:51:30, 5] auth/auth.c:check_ntlm_password(309)
  check_ntlm_password:  guest authentication for user [] -> [] -> [nobody] 
succeeded
[2009/10/01 09:51:30, 5] auth/auth_util.c:free_user_info(2056)
  attempting to free (and zero) a user_info structure
[2009/10/01 09:51:30, 10] auth/auth_util.c:free_user_info(2060)
  structure was created for 
[2009/10/01 09:51:30, 10] auth/auth_util.c:create_local_nt_token(844)
  Create local NT token for S-1-5-21-2090443268-3284995344-604914335-501
[2009/10/01 09:51:30, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1107)
  fetch gid from cache 1 -> S-1-5-32-544
[2009/10/01 09:51:30, 3] passdb/lookup_sid.c:fetch_gid_from_cache(1107)
  fetch gid from cache 10001 -> S-1-5-32-545
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:push_sec_ctx(208)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/uid.c:push_conn_ctx(358)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:pop_sec_ctx(356)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID 
[S-1-5-21-2090443268-3284995344-604914335-501]
[2009/10/01 09:51:30, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-2]
[2009/10/01 09:51:30, 3] lib/privileges.c:get_privileges(261)
  get_privileges: No privileges assigned to SID [S-1-5-32-546]
[2009/10/01 09:51:30, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-1-0 to gid, ignoring it
[2009/10/01 09:51:30, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-5-2 to gid, ignoring it
[2009/10/01 09:51:30, 10] auth/auth_util.c:create_local_token(1045)
  Could not convert SID S-1-5-32-546 to gid, ignoring it
[2009/10/01 09:51:30, 10] auth/auth_util.c:debug_nt_user_token(454)
  NT user token of user S-1-5-21-2090443268-3284995344-604914335-501
  contains 4 SIDs
  SID[  0]: S-1-5-21-2090443268-3284995344-604914335-501
  SID[  1]: S-1-1-0
  SID[  2]: S-1-5-2
  SID[  3]: S-1-5-32-546
  SE_PRIV  0x0 0x0 0x0 0x0
[2009/10/01 09:51:30, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338)
  NTLMSSP Sign/Seal - Initialising with flags:
[2009/10/01 09:51:30, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0xa2088205
[2009/10/01 09:51:30, 3] smbd/password.c:register_vuid(304)
  User name: nobody Real name: nobody
[2009/10/01 09:51:30, 3] smbd/password.c:register_vuid(325)
  UNIX uid 65534 is UNIX user nobody, and will be vuid 101
[2009/10/01 09:51:30, 3] smbd/process.c:process_smb(1069)
  Transaction 3 of length 86
[2009/10/01 09:51:30, 3] smbd/process.c:switch_message(927)
  switch message SMBtconX (pid 8340) conn 0x0
[2009/10/01 09:51:30, 3] smbd/sec_ctx.c:set_sec_ctx(241)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/01 09:51:30, 3] smbd/se

[Samba] Sambauser can't use their homeshare but other shares - STRANGE

2009-10-05 Thread Mario Constanti 
 

Hello,

 

i am new to the Group and i hope, someone has a idea for my problem.

 

We have a Windows Small Business Server 2003 (with Active Directory)
which is the PDC in our domain.

We also have an Ubuntu 8.04.3 LTS system with Samba 3.0.28a

 

The Ubuntu-System is our Fileserver and we have joined it to the domain.

So i can successfully login with my user from the ActiveDirectory on the
Ubuntu-System.

On our ubuntu-System we have some shares like [homes], [public],
[nobackup] and so on.

 

So this is our Problem:

If i tried to logon from a Windows XP to my "homes-share", it doesn't
work.

I've got the loginscreen to enter my username and password, but it
doesn't work.

In the Logfiles on the ubuntu-Server I see the following entry: (will
also in the File "log.home_share.txt")

 

smbd/password.c:register_vuid(304)

  User name: nobody Real name: nobody

 smbd/password.c:register_vuid(325)

  UNIX uid 65534 is UNIX user nobody, and will be vuid 101

...

smbd/service.c:make_connection_snum(1033)

  winxpnotebook (192.168.2.15) connect to service IPC$ initially as user
nobody (uid=65534, gid=65534) (pid 8500)

 

When I tried to use the "public-share" it works and I see in the
logfiles the following entry: (will also in the File
"log.public_share.txt")

 

  Got NTLMSSP neg_flags=0xa2088205

 smbd/password.c:register_vuid(304)

  User name: EXAMPLE+mario   Real name: 

 smbd/password.c:register_vuid(325)

  UNIX uid 11206 is UNIX user EXAMPLE+mario, and will be vuid 103

...

smbd/service.c:make_connection_snum(1033)

  winxpnotebook (192.168.2.15) connect to service public initially as
user EXAMPLE+mario (uid=11206, gid=11150) (pid 8376)

 

When my connection to the "public-share" is still alive and I trie then
to use my home-share with the same
settings from my first "home-share-connection", it works.

And in the logfiles I see the following entry: (will also in the File
"log.home_share_after_public.txt")

 

smbd/service.c:make_connection_snum(1033)

  winxpnotebook (192.168.2.15) connect to service mario initially as
user EXAMPLE+mario (uid=11206, gid=11636) (pid 8642)

 

Any ideas?

 

After this, I created a new share with the name of my username called
[mario].

And then I reboot my Windows-XP machine and I tried to share my new
[homes] and it works.

And in the logfiles I see the following entry: (will also in the File
"log.home_mario_extra_share.txt")

 

  Got NTLMSSP neg_flags=0xa2088205

 smbd/password.c:register_vuid(304)

  User name: EXAMPLE+mario Real name: 

 smbd/password.c:register_vuid(325)

  UNIX uid 11206 is UNIX user EXAMPLE+mario, and will be vuid 103

...

smbd/service.c:make_connection_snum(1033)

  winxpnotebook (192.168.2.15) connect to service mario initially as
user EXAMPLE+mario (uid=11206, gid=11150) (pid 8376)

 

 

I hope someone has a idea of my problem.

I will now attach the smb.conf and the logfiles.

 

In the smb.conf I have uncommented the [homes]-Section and have created
the [mario]-Section.

This is the status, where my home-Share would work.

Logfile for this: log.home_mario_extra_share.txt

 

If I disable the [Mario]-Share and enable the default [homes]-Section,
then it wouldn't work

Logfiles for this: log.home_share.txt, log.public_shares.txt,
log._home_share_after_public.txt

 

So, I will post each logfile in an extra Mail, because
the Message will be to big.

 

 

So I hope, someone has an idea for this problem and can help me to solve
it.

Thanks for help,

Greetings from Germany

Mario

 

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] reverse name resolving of winbind 3.4.x

2009-10-05 Thread Alexander Födisch 

passwd: compat winbind
group:  compat winbind


Michael Wood schrieb:

2009/10/5 Alexander Födisch :

Hi all,

I did upgrade from samba 3.0.28 to 3.4.1 on a domain member server. Now it
seems there is a problem with reverse name resolving of winbind.

The tools "ls" and "getfacl" shows UIDs instead of the usernames. When I run
id "" the username and the UID are shown correctly. After using
"id" the name is also listed fine in the output of "ls" or "getfacl" for
this user.

The problem also exists w/ samba 3.4.2.


Any ideas?


What does your /etc/nsswitch.conf file look like?



--
Mit besten Grüßen / Best Regards

Alexander Födisch

Max Planck Institute for Evolutionary Anthropology
-Central IT Department-
Deutscher Platz 6
D-04103 Leipzig

Phone:  +49 (0)341 3550-168
+49 (0)341 3550-154
Fax:+49 (0)341 3550-119
Email:  foedi...@eva.mpg.de



smime.p7s
Description: S/MIME Cryptographic Signature
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] [OT] Ubuntu samba package (was: MDB database corruption)

2009-10-05 Thread Francesco Abeni 

Adam Nielsen ha scritto:

Mmh... i'd like to stick with official repository. So you're telling me
that Ubuntu Server 8.04 is quite behind in keeping Samba version
up-to-date?


Well according to the Samba website the latest release in the 3.0 series
is 3.0.37.  But that branch is only being maintained with security
releases, the current release in the 3.2 branch is 3.2.15.  But even the
3.2 branch has now been superseded with 3.4, so yes, 3.0.28a is quite
old :-)


It's a bit OT, i know, but i'm curious.

Does anybody know why a version marked as LTS (Long Time Support) 
doesn't offer a more recent version of Samba package? Is there any issue 
between Ubuntu and Samba people? Or are there technical problems?


--
Francesco
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] reverse name resolving of winbind 3.4.x

2009-10-05 Thread Alexander Födisch 

Hi all,

I did upgrade from samba 3.0.28 to 3.4.1 on a domain member server. Now it seems there is a problem with reverse name 
resolving of winbind.


The tools "ls" and "getfacl" shows UIDs instead of the usernames. When I run id "" the username and the UID 
are shown correctly. After using "id" the name is also listed fine in the output of "ls" or "getfacl" for this user.


The problem also exists w/ samba 3.4.2.


Any ideas?


Thanks,
Alex

PS:
"id ", "getent passwd " and "wbinfo -u" are working fine.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] samba file locking

2009-10-05 Thread Janez Kosmrlj 
Hi,
I encountered an interesting problem. We have a Java application on a samba
server. The folder is then shared to the clients via a samba share. So far
it works OK. Until now we had windows clients and everything worked OK. But
now we are trying to migrate to Linux clients and this is where the fun
starts. When a developer copies a new jar to the folder which is shared via
samba. And if this copying is done by scp strange things start happening.
After a few clicks the application stops working returning NoClassDeffFound,
even if the file is there and readable. After that it is not enough to just
stop the application, you have to unmount an then mount the share. I tried
turning off oplocks and then turning on kernel oplocks in the samba
configuration as suggested in the samba how-to, but it doesn't fix the
problem.
Has anyone an idea how to fix this situation?

We are using centos 5.3 on client and server side.

BR
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] test

2009-10-05 Thread Janez Kosmrlj 
testing mail delivery
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] MSG_SHUTDOWN

2009-10-05 Thread Bruno MACADRE 
Sorry for the mistyped subject, you must read MSG_SHUTDOWN instead of
MSH_SHUTDOWN !

Sorry,

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] MSH_SHUTDOWN

2009-10-05 Thread Bruno MACADRE 
Hi,

I'm always working on my Samba server, and put the log level to 10 like
Volker said in a previous message. But, when i read any log files i see
a troubling message :

"got a SHUTDOWN message"

Every minutes !!! Is this behavior normal ?? Following, the paste of 2
sequences (so 2 minutes of a log file) :

[2009/10/04 23:09:45, 10] lib/events.c:105(run_events)
  Running timed event "smbd_idle_event_handler" 0xb9ab36a8
[2009/10/04 23:09:45, 10] lib/events.c:287(s3_event_debug)
  s3_event: Destroying timer event 0xb9ab36a8 "smbd_idle_event_handler"
[2009/10/04 23:09:45, 10] smbd/process.c:663(smbd_idle_event_handler)
  smbd_idle_event_handler: idle_evt(deadtime) (nil) called
[2009/10/04 23:09:45,  2] smbd/process.c:1979(deadtime_fn)
  Closing idle connection
[2009/10/04 23:09:45, 10] lib/messages_local.c:237(messaging_tdb_store)
  messaging_tdb_store:
[2009/10/04 23:09:45,  1] ../librpc/ndr/ndr.c:214(ndr_print_debug)
   array: struct messaging_array
  num_messages : 0x0001 (1)
  messages: ARRAY(1)
  messages: struct messaging_rec
  msg_version  : 0x0002 (2)
  msg_type : MSG_SHUTDOWN (13)
  dest: struct server_id
  id   : 0x0cb2 (3250)
  src: struct server_id
  id   : 0x0cb2 (3250)
  buf  : DATA_BLOB length=0
[2009/10/04 23:09:45, 10] smbd/process.c:667(smbd_idle_event_handler)
  smbd_idle_event_handler: idle_evt(deadtime) (nil) stopped
[2009/10/04 23:09:45, 10]
lib/messages_local.c:73(messaging_tdb_signal_handler)
  messaging_tdb_signal_handler: sig[10] count[1] msgs[1]
[2009/10/04 23:09:45, 10] lib/messages_local.c:447(message_dispatch)
  message_dispatch: received_messages = 1
[2009/10/04 23:09:45, 10] lib/messages_local.c:196(messaging_tdb_fetch)
  messaging_tdb_fetch:
[2009/10/04 23:09:45,  1] ../librpc/ndr/ndr.c:214(ndr_print_debug)
   result: struct messaging_array
  num_messages : 0x0001 (1)
  messages: ARRAY(1)
  messages: struct messaging_rec
  msg_version  : 0x0002 (2)
  msg_type : MSG_SHUTDOWN (13)
  dest: struct server_id
  id   : 0x0cb2 (3250)
  src: struct server_id
  id   : 0x0cb2 (3250)
  buf  : DATA_BLOB length=0
[2009/10/04 23:09:45,  3] smbd/server.c:146(msg_exit_server)
  got a SHUTDOWN message
[2009/10/04 23:09:45,  3] smbd/sec_ctx.c:310(set_sec_ctx)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2009/10/04 23:09:45,  5] auth/token_util.c:522(debug_nt_user_token)
  NT user token: (NULL)
[2009/10/04 23:09:45,  5] auth/token_util.c:548(debug_unix_user_token)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2009/10/04 23:09:45,  5] smbd/uid.c:368(change_to_root_user)
  change_to_root_user: now uid=(0,0) gid=(0,0)
[2009/10/04 23:09:45,  3] smbd/connection.c:31(yield_connection)
  Yielding connection to
[2009/10/04 23:09:45, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked)
  Locking key B20C
[2009/10/04 23:09:45, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked)
  Allocated locked data 0x0xb9b00ad8
[2009/10/04 23:09:45,  3] smbd/connection.c:42(yield_connection)
  deleting connection record returned NT_STATUS_NOT_FOUND
[2009/10/04 23:09:45, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr)
  Unlocking key B20C
[2009/10/04 23:09:45,  3] smbd/server.c:845(exit_server_common)
  Server exit (normal exit)
[2009/10/04 23:09:45,  6] param/loadparm.c:6994(lp_file_list_changed)
  lp_file_list_changed()
  file /etc/samba/smb.conf -> /etc/samba/smb.conf  last mod_time: Fri
Oct  2 23:47:47 2009

[2009/10/04 23:09:45,  5] smbd/reply.c:498(reply_special)
  init msg_type=0x81 msg_flags=0x0
[2009/10/04 23:10:45, 10] lib/events.c:105(run_events)
  Running timed event "smbd_idle_event_handler" 0xb9ab36a8
[2009/10/04 23:10:45, 10] lib/events.c:287(s3_event_debug)
  s3_event: Destroying timer event 0xb9ab36a8 "smbd_idle_event_handler"
[2009/10/04 23:10:45, 10] smbd/process.c:663(smbd_idle_event_handler)
  smbd_idle_event_handler: idle_evt(deadtime) (nil) called
[2009/10/04 23:10:45,  2] smbd/process.c:1979(deadtime_fn)
  Closing idle connection
[2009/10/04 23:10:45, 10] lib/messages_local.c:237(messaging_tdb_store)
  messaging_tdb_store:
[2009/10/04 23:10:45,  1] ../librpc/ndr/ndr.c:214(ndr_print_debug)
   array: struct messaging_array
  num_messages : 0x0001 (1)
  messages: ARRAY(1)
  messages: struct messaging_rec
  msg_version  : 0x0002 (2)
  msg_type : MSG_SHUTDOWN (13)
  dest: struct

Re: [Samba] mod_dav_svn support in suse 11 ?

2009-10-05 Thread J. Bakshi 
oh !! wrong list,
Extremely sorry.



J. Bakshi wrote:
> Dear list,
>
> My running svn repo has the following config in apache
>
> ```
> LoadModule dav_svn_module /usr/lib/apache2-prefork/mod_dav_svn.so
> LoadModule aut_svn_module/usr/lib/apache2-prefork/mod_aut_svn.so
>
>
> 
>
> SSLRequireSSL
> DAV svn
>
> AuthType Basic
>   AuthName "Authorization Realm"
>   AuthUserFile /home/SVN/PASSWD
>   Require valid-user
>   SVNParentPath /home/SVN
>
>
>  Limit write permission to list of valid users.
>   
>   AuthType Basic
>   AuthName "Authorization Realm"
>   AuthUserFile /home/SVN/PASSWD
>   Require valid-user
>
>   
> 
> ``
>
> Now I like to do the same in opensuse 11 server. But there is no 
> mod_dav_svn. Should I manuall install that module from rpm search site
> or opensuse-11 already have some module which can support the dav-svn ?
> in that case what would be the config ?
>
> Kindly enlighten me.
> Thanks
>
>   

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

[Samba] mod_dav_svn support in suse 11 ?

2009-10-05 Thread J. Bakshi 
Dear list,

My running svn repo has the following config in apache

```
LoadModule dav_svn_module /usr/lib/apache2-prefork/mod_dav_svn.so
LoadModule aut_svn_module/usr/lib/apache2-prefork/mod_aut_svn.so




SSLRequireSSL
DAV svn

AuthType Basic
  AuthName "Authorization Realm"
  AuthUserFile /home/SVN/PASSWD
  Require valid-user
  SVNParentPath /home/SVN


 Limit write permission to list of valid users.
  
  AuthType Basic
  AuthName "Authorization Realm"
  AuthUserFile /home/SVN/PASSWD
  Require valid-user

  

``

Now I like to do the same in opensuse 11 server. But there is no 
mod_dav_svn. Should I manuall install that module from rpm search site
or opensuse-11 already have some module which can support the dav-svn ?
in that case what would be the config ?

Kindly enlighten me.
Thanks

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba

Re: [Samba] URGENT HELP NEEDED!!! PLEASE!!

2009-10-05 Thread Rakotomandimby Mihamina 

10/05/2009 09:58 AM, Adam Nielsen::

No ideas, anyone???

With a subject like that I think we all assumed it was spam ;-)
Probably best to choose a more accurate subject next time.


+1

Wherever I lurk, I never answer to messages with
"help" AND "urgent" AND "please".
Although they are not spam, they are dumb written.

--
  Architecte Informatique chez Blueline/Gulfsat:
   Administration Systeme, Recherche & Developpement
   +261 34 29 155 34
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba