Re: [Samba] need recipe for samba to do user authentication against a centos 5.5 openldap server (NO IDMAPS! NO PDC!)
On Fri, Jun 03, 2011 at 07:46:49PM -0700, Clayton Hill wrote: Please help Ive been wasting days at this... I am not trying to create a PDC, I am not joining an active directory, I am not needing samba schema in my openldap (or do I?), I am not trying to use winbind and idmaps for translations from SID to UID/GID, I just want my samba server which shares linux home directories to authenticate user+password against my existing linux based openldap server. These are already POSIX accounts on the openldap server, so the UID and GID need no translation AFAIK All I want to do is have users log into the samba share with their openldap Linux accounts. unfortunately this is not working... at all. You need the Samba schema in OpenLDAP and sambaSamAccount objects, Samba can't use the password attributes OpenLDAP uses natively. Volker -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: +49-551-37-0, fax: +49-551-37-9 AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] idmap backend = tdb2 is broken in Ubuntu / Debian
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The tdb2 backend for idmap is broken in Ubuntu and presumably debian. As reported here https://bugs.launchpad.net/bugs/789097 Careful how you read it, the quoted patch is the source of the bug, NOT the fix. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJN6e3GAAoJEJjHYqrO/1XcrfgH/2ILGHJER5MTYYoAvoeIy4eK 5/mTQV+jP04FhajVTuXKbWk1TDeLO/K84bZr2jx59BLBruXGuExKfOUnj1GxByq5 gqPRKv25hKy/Q/zKK0boI5znVzGq9V4oye1M8p8gDy9jc0ClHQs0JvlSiKF6lxzz JSNfQ0cBm5lQe4yniLBV81vn5XDDV9CfFtDHKHpF0IHjqGpxf0tzcGzvQnmgO0DY zHDDkJIncXV+HvoWD3ayNv7Tqe8mTrRyGsCMXOPPVsgyY2wehC3qdYu44pShk3EO 9dnl/ifkvsUqEGfRYJusiBXAHOQP4rf2tCu9aO33/U2oQqOM+4I5/XBlSheOCAw= =wZ/a -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] idmap backend = tdb2 is broken in Ubuntu / Debian
Quoting Dave Lawrence (d...@daftdroid.com): -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The tdb2 backend for idmap is broken in Ubuntu and presumably debian. As reported here https://bugs.launchpad.net/bugs/789097 Careful how you read it, the quoted patch is the source of the bug, NOT the fix. Thanks for pointing this out (I actually missed the BR in LP, even though I receive these bug reports). Brynnen Owen mentioned this to us, recently, indeed. The fix has been committed in the Debian package SVN. It will reach Debian unstable, then Ubuntu, when we upload a new release. Given that the fix is trivial but has important consequences for anybody wanting to use the TDB2 backend, I'll ask for permission to upload a fix in squeeze too. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Shutdown hangs since setting up Samba
On 16:30:33 wrote bew...@gmx.com: Am 03.06.2011 23:50, schrieb Chris Weiss: On Fri, Jun 3, 2011 at 4:11 PM, bew...@gmx.com wrote: I get this error messages on boot: CIFS VFS: Error connecting to socket. Aborting operation CIFS VFS: cifs_mount failed w/return code = -101 I have seen these before. OK, I'm not the only one. as I recall, it's trying to mount before the network comes fully up, and downing the network before unmounting the cifs. I have the same suspicion, but don't know how to fix it. I do not recall the solution, and I don't use cifs in fstab anymore. What are you using instead of CIFS? Use the pam mount helper. They run, when a user is logging in. man pam_mount man pam_mount.conf When I tried NFS, there were similar errors. Best Regards, Benedikt -- Regards Harry Jede -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba Digest, Vol 102, Issue 4
I am currently on annual leave. I will be back in the office on Friday 10th June 2011. If you have an urgent matter needing attention, it may be prudent to contact the ITSC main number 01236 757600. Thanks. -- Andrew McNaughton ICT Network Support Officer Learning Leisure Services North Lanarkshire Council ** ICT TECHNICAL SERVICES CENTRE (ITSC) Towers Road, Airdrie, North Lanarkshire ML6 8PG email: and...@nleducation.org.uk ** --- This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error, please notify the System Manager and thereafter delete the e-mail from your system. The System Manager may be contacted at postmas...@nleducation.org.uk E-mail transmission is not secure and information can be intercepted, corrupted, lost, destroyed, delayed or incomplete. The sender does not accept any liability for errors or omissions arising as a result of e-mail transmission or interception. Please note that incoming e-mails are routinely scanned for the purpose of detecting offensive or inappropriate materials. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Trouble installing SWAT on a Samba 4 Alpha 13 build onUbuntu Server
Hey! I hope I help you: You should have the share folder in smb.conf like this: [finance] Path=/some/wehere Read only= no And then configure the permission like this message says: Then!!! Log in from a domain member (xp or whatever windows) with your administrator. And set in the security tab for this finance the rights of user and grou By Daniel Muller. But YOU CAN'T change the permission if your sistem NOT SUPPORT both the user and system xattr namespaces. You can view if your kernel suport this doing this (Example on Debian Squeeze): #cat /boot/config-`uname -r` | grep CONFIG_EXT3_FS_XATTR #cat /boot/config-`uname -r` | grep CONFIG_EXT3_FS_SECURITY You should see: CONFIG_EXT3_FS_XATTR=y CONFIG_EXT3_FS_SECURITY=y If not : You should recompile your kernel with that options to YES If yes: You should mount your filesystem with the option user_xattr in /etc/fstab file: Example: /dev/sda1 / ext3 errors=remount-ro,user_xattr 1 1 Then you should change the permissions like Daniel Muller said. -- Greetings Jesús Lucas - jeluka...@gmail.com Linux and Windows SysAdmin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 2ce68d9 Make samba4.drs.fsmo.python knownfail via e28df27 s3: Fix the build on FreeBSD 8 from 3c9b3b2 Add the same fix to the S3 event backend as the previous commit added to the tevent poll backend. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 2ce68d93f3eb38e6122dddc8bcd30795c48d07b7 Author: Volker Lendecke v...@samba.org Date: Sat Jun 4 14:10:46 2011 +0200 Make samba4.drs.fsmo.python knownfail This frequently blocks autobuild for me, this time with Testing for rid role transfer from localdc.samba.example.com to localvampiredc.samba.example.com ERROR: Failed to initiate transfer of 'rid' role: LDAP error 52 LDAP_UNAVAILABLE - Failed FSMO transfer: NT_STATUS_IO_TIMEOUT UNEXPECTED(failure): samba4.drs.fsmo.python(vampire_dc).fsmo.DrsFsmoTestCase.test_RIDMasterTransfer REASON: _StringException: _StringException: Content-Type: text/x-traceback;charset=utf8,language=python traceback 36E Traceback (most recent call last): File /usr/lib/python2.6/dist-packages/testtools/runtest.py, line 128, in _run_user return fn(*args) File /usr/lib/python2.6/dist-packages/testtools/testcase.py, line 368, in _run_test_method testMethod() File /memdisk/vlendec/a/b5798/samba4/source4/torture/drs/python/fsmo.py, line 125, in test_RIDMasterTransfer self._role_transfer(role=rid, role_dn=self.rid_dn) File /memdisk/vlendec/a/b5798/samba4/source4/torture/drs/python/fsmo.py, line 97, in _role_transfer self._net_fsmo_role_transfer(DC=self.dnsname_dc2, role=role) File /memdisk/vlendec/a/b5798/samba4/source4/torture/drs/python/fsmo.py, line 68, in _net_fsmo_role_transfer self.assertEquals(ret, 0, Transferring role %s to %s has failed! % (role, DC)) AssertionError: Transferring role rid to localvampiredc.samba.example.com has failed! 0 NT_STATUS_IO_TIMEOUT -- does that mean that sn.samba.org is not powerful enough to run this test successfully? Volker Autobuild-User: Volker Lendecke vlen...@samba.org Autobuild-Date: Sat Jun 4 15:24:20 CEST 2011 on sn-devel-104 commit e28df27f2a6744e20e6413cee0f48c66c920e080 Author: Volker Lendecke v...@samba.org Date: Sat Jun 4 14:18:31 2011 +0200 s3: Fix the build on FreeBSD 8 This is probably not the last word on gss_mech_krb5, but for now it fixes the build on FreeBSD --- Summary of changes: source3/configure.in |5 + source4/selftest/knownfail |1 + 2 files changed, 6 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/configure.in b/source3/configure.in index 12d083b..324ada4 100644 --- a/source3/configure.in +++ b/source3/configure.in @@ -3917,6 +3917,11 @@ if test x$with_ads_support != xno; then AC_CHECK_FUNC_EXT(gss_oid_equal, $KRB5_LIBS) AC_CHECK_FUNC_EXT(gss_inquire_sec_context_by_oid, $KRB5_LIBS) + # This is for FreeBSD (and possibly others). gss_mech_krb5 is a + # #define to GSS_KRB5_MECHANISM, which is defined in -lgssapi_krb5 + AC_CHECK_LIB_EXT(gssapi_krb5, KRB5_LIBS, GSS_KRB5_MECHANISM, + [KRB5_LIBS=$KRB5_LIBS -lgssapi_krb5]) + # MIT krb5 1.8 does not expose this call (yet) AC_CHECK_DECLS(krb5_get_credentials_for_user, [], [], [#include krb5.h]) diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index d0d3ace..af807fc 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -85,3 +85,4 @@ ^samba4.nbt.winsreplication.owned # fails sometimes, timing related ^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.test_dirsync_deleted_items #^samba4.ldap.dirsync.python.dc..__main__.ExtendedDirsyncTests.* +^samba4.drs.fsmo.python -- Samba Shared Repository
