[Samba] samba & unix group permissions problems
Hi, I'm having permissions problems connecting to a share when the gid of the directory shared is not the primary group of the user connecting to it. Maybe I faced it the wrong way, but I did read (and at least thought I understood) the 'File, directory and share access controls' section of the howto [0]. My users have either one or another 'primary group' (the one set in /etc/passwd or, in my case the gidNumber attribute of the LDAP entry)... this is based on whether the user had a previous account with the gidNumber set (because it was their unix gid), or the user was created with only a samba account and she won't have unix access (actually created using 'net rpc user add' from the samba server). Since I need to give access to certain shares to smaller groups of people, I created a few groups using: net rpc group add accountants net rpc group add interns and the like. Then added the users to these groups using: net rpc group addmem accountants mary net rpc group addmem accountants patricia net rpc group addmem interns katherine net rpc group addmem interns paul User and group entries in LDAP look OK. However, I have the directories to share with the following permissions: drwxrwx--- Administrator accountants /data/share/accounting drwxrwx--- Administartor interns /data/share/interns And the entries en smb.conf like these: [accounting] comment = Accounting files path = /data/share/accounting #force group = +accountants browseable = yes read only = no guest ok = no [interns] comment = Interns' files path = /data/share/interns #force group = +interns browseable = yes read only = no guest ok = no However, I can't connect to either share from any account but Administrator... If I change the directory modes to 0777 I am able to connect from any account, but this defeats the whole idea of the groups... I see this in the server log: [2009/10/29 12:24:25, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:24:27, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:24:27, 0] smbd/service.c:make_connection_snum(1077) '/data/share/interns' does not exist or permission denied when connecting to [pasantes] Error was Permission denied [2009/10/29 12:24:50, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:24:52, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:24:57, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:24:58, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:25:00, 0] smbd/service.c:make_connection_snum(1077) '/data/share/interns' does not exist or permission denied when connecting to [pasantes] Error was Permission denied [2009/10/29 12:25:03, 1] smbd/service.c:make_connection_snum(1115) cejil-d998e31c3 (10.14.172.194) connect to service netlogon initially as user mabsatz (uid=10, gid=10) (pid 26652) [2009/10/29 12:25:08, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 544 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:25:09, 0] groupdb/mapping.c:pdb_create_builtin_alias(802) pdb_create_builtin_alias: Could not add group mapping entry for alias 545 (NT_STATUS_GROUP_EXISTS) [2009/10/29 12:25:11, 1] smbd/service.c:make_connection_snum(1115) cejil-d998e31c3 (10.14.172.194) connect to service h initially as user mabsatz (uid=10, gid=10) (pid 26652) [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed [2009/10/29 12:25:11, 0] smbd/service.c:set_current_service(191) chdir (/data/share/accounting) failed -- [0] http://samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html -- Mariano Absatz - "El Baby" el.b...@gmail.com www.cl
Re: [Samba] Accessing Windows file-system from Linux samba server
> [...@helen samba]$ sudo mount -t cifs harriet:C /mnt/win Since you're not specifying a username or password, you're connecting as a Guest user. > [...@helen Documents and Settings]$ ls tim > ls: reading directory tim: Permission denied Obviously Guest isn't Tim :-) > [...@helen Documents and Settings]$ ls Default\ User/ > Application Data DesktopLocal Settings NetHood NTUSER.DAT.LOG > Recent Start Menu > Cookies Favorites My DocumentsNTUSER.DAT PrintHood > SendTo Templates But Guest will need to know what the system defaults are. > What do changes do I have to make to enter "tim"s folder; > and why amd I able to enter "Default User". > > Any help or enlightenment gratefully received. When you mount the share, specify a Windows username to connect as (mount ... -o username=tim) Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] AD authentication for local users
> It looks like the problem is AD UID to UNIX UID mapping. The default > TDB backend will create 'virtual' UNIX accounts on demand but I don't > want this -- I want user 'foo' to map to the local user 'foo'. If I > add idmap uid and idmap gid lines the users authenticate okay but the > TDB idmap backend wants to map a new user instead of using the > existing UNIX account by the same name. Have you looked at the 'username map' option? AFAIK you will need to map AD to UNIX users by hand if you don't want the autocreate behaviour. You might be able to script the production of the username mapping file though, which would automate it to a certain extent. Cheers, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Thousands of TIME_WAIT connections with CUPS?
Hi all, For some reason I'm getting thousands of hanging TCP connections on our server which appear to be caused by Samba sending print jobs to CUPS (or I assume so as nothing else on the machine uses CUPS.) These connections are starting to cause problems (programs monitoring connections start breaking because it takes many seconds for them to scan through the full list) so if anyone has any ideas how to rid the system of these connections I'd be very appreciative! tcp0 0 127.0.0.1:37256 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38323 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38251 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38495 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38445 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38818 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38748 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38573 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38359 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37863 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37743 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38035 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38961 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38473 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37984 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38804 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37514 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38307 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37991 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38673 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38054 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37808 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37632 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38069 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38464 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37559 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38713 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37998 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38556 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38162 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37566 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37597 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37939 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38599 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38867 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:37502 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38344 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38412 127.0.0.1:631 TIME_WAIT tcp0 0 127.0.0.1:38691 127.0.0.1:631 TIME_WAIT ... Thanks, Adam. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & libiconv
On Tue, Nov 03, 2009 at 11:01:24PM +0100, Volker Lendecke wrote: > On Tue, Nov 03, 2009 at 01:43:42PM -0800, Jeremy Allison wrote: > > No. Samba needs libiconv to do the utf8 <--> UCS2 translations for > > clients. > > Hmm. I thought we do *that* one ourselves. I thought we need > libiconv just for the other charsets. Ohh - yes you're right - we do several builtin, by preference too. I thought we used to always call iconv by preference and then fall back if we couldn't find it, but that's not right. We have: "UTF8", "ASCII", "ISO-8859-1" buit in... Thanks ! Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & libiconv
- Oorspronkelijk bericht - From: Jeremy Allison > On Tue, Nov 03, 2009 at 11:01:24PM +0100, Volker Lendecke wrote: > > On Tue, Nov 03, 2009 at 01:43:42PM -0800, Jeremy Allison wrote: > > > No. Samba needs libiconv to do the utf8 <--> UCS2 translations for > > > clients. > > > > Hmm. I thought we do *that* one ourselves. I thought we need > > libiconv just for the other charsets. > > Ohh - yes you're right - we do several builtin, by preference > too. I thought we used to always call iconv by preference and > then fall back if we couldn't find it, but that's not right. > > We have: > > "UTF8", "ASCII", "ISO-8859-1" buit in... So, is the following correct? - Samba 3 uses UTF8 on the filesystem side (read&write filenames) by default for linux filsystems (ext3, ext4, reiserfs). - On the client side Samba translates filenames from the client encoding to UTF8 and vice versa. - Modern linux distributions use UTF8 encoding - Windows XP/Vista/7 uses ... UCS2 ? - MAC OS uses ... UTF8 ? And thus one does not need iconv unless Samba needs to write/read file systems that have a filename encoding that is not built-in in Samba (e.g. DOS codepages, ISO-8859-15, etc.) Maybe I misinterpret something here? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & libiconv
On Tue, Nov 03, 2009 at 01:43:42PM -0800, Jeremy Allison wrote: > No. Samba needs libiconv to do the utf8 <--> UCS2 translations for > clients. Hmm. I thought we do *that* one ourselves. I thought we need libiconv just for the other charsets. Volker pgpiJ0eI4MzPp.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & libiconv
On Mon, Nov 02, 2009 at 09:45:37PM +0100, theHog wrote: > Hi, > > I am building a NAS that only has a couple of SATA disks attached (no USB, no > CD/DVD, no NFS, no ...). Since the available space for the rootfs is limited > (only 8 MB), I'd like to omit libiconv because this library takes 875 Kbytes. > > The filesystem on the disks will be ext3. UClibc is built with WCHAR support. > Can I build Samba 3.3.8 without libiconv and still have unicode filenames > (russian, english, ...) displayed correctly in Windows and Linux clients? No. Samba needs libiconv to do the utf8 <--> UCS2 translations for clients. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Desktop.ini in Startmenue
the desktop.ini issue can't be solved by samba. That's because the contents of the "Start Menu" are located in different places, like within your Windows profile (roaming) and the "All Users" profile (local). Because the latter is located on your PC, there's no way for samba to interfere. If they are located on your PC you can hide them using Windows Explorer. Check "Hide protected operating system files" under "Tools/Folder Options". I am using Samba and I don't see any Desktop.ini, neither local nor on the Samba server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Change password in java
Hi, can I change the samba passwords with a java application or it is practicable to change the two password hashes directly throug LDAP commands? Regards Volker Jordan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Ideas for distributed Samba servers
I'm trying to think about how to setup a Samba system and would like to pick the brains of some experts. We are looking up put a large amount of storage ~75TB in a central data center. We have some remote (ok, not remote, but across slower links, ok if you consider several hundred clients over 1Gb to be slow) locations that we would like to set up samba servers that 'cache' the file system and serve it up to the clients in the building and sync with the main data center storage. The idea is have a couple of TB that are located in the building that serve up the Samba share. When a client requests a file, if it's in the local cache it is served up from there, if not then the Samba server grabs the file from the main data center and serves it to the client. When a file is written, something like rsync is used to transfer only difference back to the main data center. The problem is that I'm not sure of a file system that does this. We are using Lustre on our HPC, but this won't do what we want. Any suggestions are welcome. Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba & libiconv
On Tue, Nov 03, 2009 at 09:49:02PM +0100, theHog wrote: > - Oorspronkelijk bericht - > From: Jeremy Allison > > On Tue, Nov 03, 2009 at 11:01:24PM +0100, Volker Lendecke wrote: > > > On Tue, Nov 03, 2009 at 01:43:42PM -0800, Jeremy Allison wrote: > > > > No. Samba needs libiconv to do the utf8 <--> UCS2 translations for > > > > clients. > > > > > > Hmm. I thought we do *that* one ourselves. I thought we need > > > libiconv just for the other charsets. > > > > Ohh - yes you're right - we do several builtin, by preference > > too. I thought we used to always call iconv by preference and > > then fall back if we couldn't find it, but that's not right. > > > > We have: > > > > "UTF8", "ASCII", "ISO-8859-1" buit in... > > So, is the following correct? > > - Samba 3 uses UTF8 on the filesystem side (read&write filenames) by default > for linux filsystems (ext3, ext4, reiserfs). > - On the client side Samba translates filenames from the client encoding to > UTF8 and vice versa. > - Modern linux distributions use UTF8 encoding > - Windows XP/Vista/7 uses ... UCS2 ? > - MAC OS uses ... UTF8 ? > > And thus one does not need iconv unless Samba needs to write/read file > systems that have a filename encoding that is not built-in in Samba (e.g. DOS > codepages, ISO-8859-15, etc.) > > Maybe I misinterpret something here? No, you're right. Volker just corrected me (I was wrong :-) that's all ! Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Status Davenport webdav gateway?
On Tue, 2009-11-03 at 10:34 +0200, Paul te Bokkel wrote: > Any alternatives? :D > We use smbwebclient.php (sourceforge project, http://sourceforge.net/projects/smbwebclient/ ), very simple and it works very well. For smbclient >= 3.2 we had to make a couple of small changes as the options for smbclient seemed to change (and they hadn't updated smbwebclient last time I checked) --- Within smbwebclient.php need to change (line 1445) $cmdline = $this->cfgSmbClient.' '.$smbcmd.' '.$options.' -N '; to $cmdline = $this->cfgSmbClient.' '.$smbcmd.' '.$options; as the -N option now does something different!! and (line 1451) $cmdline .= ($dumpFile) ? '2>/dev/null' : '2>&1'; to $cmdline .= ($dumpFile) ? ' 2>/dev/null' : ' 2>&1'; -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Join Windows7 to a Samba 3.2.15 Domain!?
Dear all Is ist possible to join a windows7 pc to a samba 3.2.15 domain? I tried the registry hack: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Para meters] "DomainCompatibilityMode"=dword:0001 "DNSNameResolutionRequired"=dword: And I got succesfull joind to domain. But after a restart I could not login the domain: "the trust relationship between this workstation and the primary domain failed" Is there a workaround? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ldap passwd sync old password
I had the same situation (Solaris 10, Sun Dir Server, Samba 3.0.33.) I wrote an external script to change the password. Make sure the script is owned by root and with perms 600 or 700 since it needs the LDAP super user's password. #vi smb.conf ... unix password sync = yes passwd program = /etc/samba/smbldappasswd.sh %u ldap passwd sync = no ... #vi /etc/samba/smbldappasswd.sh #!/bin/bash USER="uid="$1",ou=people,o=domain.com" echo -n New password: read NEWPASS date >> /etc/samba/smbldappasswd.log echo $USER >> /etc/samba/smbldappasswd.log echo $NEWPASS >> /etc/samba/smbldappasswd.log /opt/SUNWdsee/dsee6/bin/ldappasswd -h obelix -D "cn=Directory Manager" -w *** -v -s $NEWPASS $USER On 11/03/09 03:44, Volker Jordan wrote: Hi, I want, that the unix password ( stored on LDAP ) gets changed when a user changes his samba password ( stored on LDAP ). So I set ldap passwd sync = yes, but the unix password does not get changed. The samba password is updated. Smbpasswd shows this error machine 127.0.0.1 rejected the (anonymous) password change: Error was : Wrong Password. Failed to change password for user1. After looked at all samba logs, but nothing told me whats wrong. Finally I looked at the error log of the LDAP server and here is the error: Password change not allowed. Old password value must be supplied. So how can I fix this? Samba 3.0.28 / Solaris 10 / Sun Java Directory Server Regards Volker Jordan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED --SMBPASSWD ERROR
thank you for comment, but still same problem in smb.conf interfaces = 192.168.1.201/24 bind interfaces only = Yes obey pam restrictions = Yes passdb backend = ldapsam:ldap://192.168.1.201 pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 500 syslog only = Yes log file = /var/log/samba/log.%m max log size = 1000 ldap admin dn = cn =admin,dc=domain,dc=com ldap group suffix = ou = Group ldap passwd sync = Yes ldap suffix = dc = domain,dc=com ldap user suffix = ou =People panic action = /usr/share/samba/panic-action %d valid users = %S create mask = 0700 directory mask = 0700 smbpasswd -r 192.168.1.201 Old SMB password: New SMB password: Retype new SMB password: machine 192.168.1.201 rejected the tconX on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED. Failed to change password for test Same happend in case I enter 127.0.0.1/8 or both 192.168.1.201/24, 127.0.0.1/8 in smb.conf Thanks On Tue, Nov 3, 2009 at 10:51 AM, Paul te Bokkel wrote: > smbpassword defaults to localhost. Add it to your interfaces or use > smbpasswd -r > > > Paul > -- > ir Paul te Bokkel > Ingenieursbureau Te Bokkel > e p...@tebokkel.com / i http://www.tebokkel.com > > > On Tue, Nov 3, 2009 at 11:02 AM, pcinformace pcinformace < > pcinform...@gmail.com> wrote: > >> Ok, I resolved part >> >> smbpasswd >> Old SMB password: >> New SMB password: >> Retype new SMB password: >> machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : >> NT_STATUS_ACCESS_DENIED. >> Failed to change password for test1 >> >> >> by adding >> >> interfaces = 192.168.1.201/24, eth2 >> bind interfaces only = Yes >> >> to the smb.conf >> >> >> now when I try to change password for user "user1" I am getting error >> >> smbpasswd >> Old SMB password: >> New SMB password: >> Retype new SMB password: >> Unable to connect to SMB server on machine 127.0.0.1. Error was : >> NT_STATUS_CONNECTION_REFUSED. >> Failed to change password for test1 >> >> >> Interesting is I do not have anywhere defined ip address 127.0.0.1 in >> smb.conf >> >> >> If someone knows what could help with above error, please write >> >> Thank you and regards, >> >> >> >> On Mon, Nov 2, 2009 at 9:44 PM, pcinformace pcinformace >> wrote: >> > Hi all, >> > >> > I think I have found some issue in samba packed with Debian. >> > >> > installed packages are >> > >> > dpkg -l | grep samba >> > >> > ii samba 2:3.2.5-4lenny7 a >> > LanManager-like file and printer server for Unix >> > ii samba-common 2:3.2.5-4lenny7 Samba common >> > files used by both the server and the client >> > ii samba-doc 2:3.2.5-4lenny7 Samba >> documentation >> > >> > >> > I am using ldap backend to keep password and enabled ldap passwd sync >> > in smb.conf. >> > >> > I can chnage password for user test1, when I am logged as root, but >> > when I log as user "test1" to samba server >> > and issue command >> > >> > smbpasswd >> > >> > I am getting constantly error >> > >> > >> > smbpasswd >> > Old SMB password: >> > New SMB password: >> > Retype new SMB password: >> > machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : >> > NT_STATUS_ACCESS_DENIED. >> > Failed to change password for test1 >> > >> > >> > I can log in as user1 ( it is ldap user ) and change its password using >> passwd. >> > >> > Also I can change password >> > for user1 when I am logged as root >> > using : smbpasswd test1 >> > >> > when I chanege password as root for test1, change is propagated to ldap >> and >> > I can use password for user " test1" changed with smpasswd to log in >> > to server via ssh. >> > >> > Any hint is welcome, I really do not know what the problem is here. >> > >> > Thank you in advance for any comment >> > >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows clients connecting to Samba with OpenLDAP password backend
I was wrong ... the issue in this case was caused 100% by the line "profile acls = Yes" in the global section rather than the profiles section, it had nothing to do with our OpenLDAP setup (thankfully), and nothing to do with the ZFS partitions/NFS partitions ... moving the "profile acl" line from the global to the profiles section fixed all the issues, on all versions. thanks, you have no idea how many days I've been staring at this thing :) Jon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with pam_winbind
On Mon, Nov 02, 2009 at 10:47:29PM +0200, Michael Wood wrote: > 2009/11/2 Alex Samad : > > On Mon, Nov 02, 2009 at 09:14:26AM -0600, Robert LeBlanc wrote: > >> Ok, it was a shot in the dark since there was no smb.conf included. > > > > okay, forgot about that, I have attached now, I have bzip2 it > > Didn't work. I think the mailing list strips attachments. okay pastebin link instead http://pastebin.com/m2df91bb5 > -- No discipline is ever requisite to force attendance upon lectures which are really worth the attending. -- Adam Smith, "The Wealth of Nations" signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED --SMBPASSWD ERROR
smbpassword defaults to localhost. Add it to your interfaces or use smbpasswd -r Paul -- ir Paul te Bokkel Ingenieursbureau Te Bokkel e p...@tebokkel.com / i http://www.tebokkel.com On Tue, Nov 3, 2009 at 11:02 AM, pcinformace pcinformace < pcinform...@gmail.com> wrote: > Ok, I resolved part > > smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : > NT_STATUS_ACCESS_DENIED. > Failed to change password for test1 > > > by adding > > interfaces = 192.168.1.201/24, eth2 > bind interfaces only = Yes > > to the smb.conf > > > now when I try to change password for user "user1" I am getting error > > smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > Unable to connect to SMB server on machine 127.0.0.1. Error was : > NT_STATUS_CONNECTION_REFUSED. > Failed to change password for test1 > > > Interesting is I do not have anywhere defined ip address 127.0.0.1 in > smb.conf > > > If someone knows what could help with above error, please write > > Thank you and regards, > > > > On Mon, Nov 2, 2009 at 9:44 PM, pcinformace pcinformace > wrote: > > Hi all, > > > > I think I have found some issue in samba packed with Debian. > > > > installed packages are > > > > dpkg -l | grep samba > > > > ii samba 2:3.2.5-4lenny7 a > > LanManager-like file and printer server for Unix > > ii samba-common 2:3.2.5-4lenny7 Samba common > > files used by both the server and the client > > ii samba-doc 2:3.2.5-4lenny7 Samba > documentation > > > > > > I am using ldap backend to keep password and enabled ldap passwd sync > > in smb.conf. > > > > I can chnage password for user test1, when I am logged as root, but > > when I log as user "test1" to samba server > > and issue command > > > > smbpasswd > > > > I am getting constantly error > > > > > > smbpasswd > > Old SMB password: > > New SMB password: > > Retype new SMB password: > > machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : > > NT_STATUS_ACCESS_DENIED. > > Failed to change password for test1 > > > > > > I can log in as user1 ( it is ldap user ) and change its password using > passwd. > > > > Also I can change password > > for user1 when I am logged as root > > using : smbpasswd test1 > > > > when I chanege password as root for test1, change is propagated to ldap > and > > I can use password for user " test1" changed with smpasswd to log in > > to server via ssh. > > > > Any hint is welcome, I really do not know what the problem is here. > > > > Thank you in advance for any comment > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED --SMBPASSWD ERROR
Ok, I resolved part smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : NT_STATUS_ACCESS_DENIED. Failed to change password for test1 by adding interfaces = 192.168.1.201/24, eth2 bind interfaces only = Yes to the smb.conf now when I try to change password for user "user1" I am getting error smbpasswd Old SMB password: New SMB password: Retype new SMB password: Unable to connect to SMB server on machine 127.0.0.1. Error was : NT_STATUS_CONNECTION_REFUSED. Failed to change password for test1 Interesting is I do not have anywhere defined ip address 127.0.0.1 in smb.conf If someone knows what could help with above error, please write Thank you and regards, On Mon, Nov 2, 2009 at 9:44 PM, pcinformace pcinformace wrote: > Hi all, > > I think I have found some issue in samba packed with Debian. > > installed packages are > > dpkg -l | grep samba > > ii samba 2:3.2.5-4lenny7 a > LanManager-like file and printer server for Unix > ii samba-common 2:3.2.5-4lenny7 Samba common > files used by both the server and the client > ii samba-doc 2:3.2.5-4lenny7 Samba > documentation > > > I am using ldap backend to keep password and enabled ldap passwd sync > in smb.conf. > > I can chnage password for user test1, when I am logged as root, but > when I log as user "test1" to samba server > and issue command > > smbpasswd > > I am getting constantly error > > > smbpasswd > Old SMB password: > New SMB password: > Retype new SMB password: > machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : > NT_STATUS_ACCESS_DENIED. > Failed to change password for test1 > > > I can log in as user1 ( it is ldap user ) and change its password using > passwd. > > Also I can change password > for user1 when I am logged as root > using : smbpasswd test1 > > when I chanege password as root for test1, change is propagated to ldap and > I can use password for user " test1" changed with smpasswd to log in > to server via ssh. > > Any hint is welcome, I really do not know what the problem is here. > > Thank you in advance for any comment > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ldap passwd sync old password
Hi, I want, that the unix password ( stored on LDAP ) gets changed when a user changes his samba password ( stored on LDAP ). So I set ldap passwd sync = yes, but the unix password does not get changed. The samba password is updated. Smbpasswd shows this error machine 127.0.0.1 rejected the (anonymous) password change: Error was : Wrong Password. Failed to change password for user1. After looked at all samba logs, but nothing told me whats wrong. Finally I looked at the error log of the LDAP server and here is the error: Password change not allowed. Old password value must be supplied. So how can I fix this? Samba 3.0.28 / Solaris 10 / Sun Java Directory Server Regards Volker Jordan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Status Davenport webdav gateway?
Hi, Can anyone confirm that Davenport, the jCIFS-based webdav gateway is current? In other words, if I update the jCIFS jar, will Davenport be current? Is it still 'supported' without any known errors or is it abandoned? Any current users? Any alternatives? :D Paul -- ir Paul te Bokkel Ingenieursbureau Te Bokkel e p...@tebokkel.com / i http://www.tebokkel.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba