Re: [Samba] Can't compile 3.6.2 on Solaris 11
I did. See the bug I filed: https://bugzilla.samba.org/show_bug.cgi?id=8557 Andy On Tue, 17 Jan 2012, Blaster wrote: No one has attempted to compile 3.6.1 on Solaris 11 at all? On 1/8/2012 11:24 AM, Blaster wrote: Trying to compile Samba 3.6.2 on Solaris 11, getting the following error: gmake Using CFLAGS = -O -I. -I/export/home1/src/samba-3.6.1/source3 -I/export/home1/src/samba-3.6.1/source3/../lib/iniparser/src -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/tevent -I./librpc -I./.. -I./../lib/talloc -I../lib/tdb/include -DHAVE_CONFIG_H -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED -DSUNOS5 -I/export/home1/src/samba-3.6.1/source3/lib -I.. -D_SAMBA_BUILD_=3 -D_SAMBA_BUILD_=3 PICFLAG= -fPIC LIBS = -lsendfile -lresolv -lnsl -lsocket -liconv -laio LDFLAGS= -pie -lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib -lthread -L./bin DYNEXP = LDSHFLAGS = -fPIC -shared -lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib -lthread -L./bin -lc -Wl,-z,defs SHLIBEXT = so SONAMEFLAG = -Wl,-h, Linking shared library bin/libnetapi.so.0 Undefinedfirst referenced symbol in file tdb_jenkins_hashlib/util.o wbcSidsToUnixIdspassdb/lookup_sid.o tdb_transaction_start_nonblock lib/gencache.o ld: fatal: symbol referencing errors. No output written to bin/libnetapi.so.0 collect2: ld returned 1 exit status gmake: *** [bin/libnetapi.so.0] Error 1 my configure line: ./configure --prefix=/opt/samba --with-automount --with-acl-support --enable-socket-wrapper --with-sys-quotas --with-aio-support --enable-shared --enable-cups --enable-swat --with-quotas --enable-nss-wrapper --without-pam LDFLAGS=-lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib Any idea what library I'm missing? Thanks... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't compile 3.6.2 on Solaris 11
I'm sorry. I was compiling on Solaris 10, not Solaris 11. Apparently there are problems on both. If you are having a problem compiling on Solaris 11, you should probably file a new bug. Andy On Wed, 18 Jan 2012, Andrew Morgan wrote: I did. See the bug I filed: https://bugzilla.samba.org/show_bug.cgi?id=8557 Andy On Tue, 17 Jan 2012, Blaster wrote: No one has attempted to compile 3.6.1 on Solaris 11 at all? On 1/8/2012 11:24 AM, Blaster wrote: Trying to compile Samba 3.6.2 on Solaris 11, getting the following error: gmake Using CFLAGS = -O -I. -I/export/home1/src/samba-3.6.1/source3 -I/export/home1/src/samba-3.6.1/source3/../lib/iniparser/src -Iinclude -I./include -I. -I. -I./../lib/replace -I./../lib/tevent -I./librpc -I./.. -I./../lib/talloc -I../lib/tdb/include -DHAVE_CONFIG_H -D_REENTRANT -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLDAP_DEPRECATED -DSUNOS5 -I/export/home1/src/samba-3.6.1/source3/lib -I.. -D_SAMBA_BUILD_=3 -D_SAMBA_BUILD_=3 PICFLAG= -fPIC LIBS = -lsendfile -lresolv -lnsl -lsocket -liconv -laio LDFLAGS= -pie -lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib -lthread -L./bin DYNEXP = LDSHFLAGS = -fPIC -shared -lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib -lthread -L./bin -lc -Wl,-z,defs SHLIBEXT = so SONAMEFLAG = -Wl,-h, Linking shared library bin/libnetapi.so.0 Undefinedfirst referenced symbol in file tdb_jenkins_hashlib/util.o wbcSidsToUnixIdspassdb/lookup_sid.o tdb_transaction_start_nonblock lib/gencache.o ld: fatal: symbol referencing errors. No output written to bin/libnetapi.so.0 collect2: ld returned 1 exit status gmake: *** [bin/libnetapi.so.0] Error 1 my configure line: ./configure --prefix=/opt/samba --with-automount --with-acl-support --enable-socket-wrapper --with-sys-quotas --with-aio-support --enable-shared --enable-cups --enable-swat --with-quotas --enable-nss-wrapper --without-pam LDFLAGS=-lintl -R/opt/samba/lib -L/usr/ccs/lib -R/usr/ccs/lib -L/usr/sfw/lib -R/usr/sfw/lib -L/opt/samba/lib -R/opt/samba/lib Any idea what library I'm missing? Thanks... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Slow and unpredictable Samba performance?
On Tue, 26 Aug 2008, Jakov Sosic wrote: On Tuesday 26 August 2008 00:56:22 Dennis Clarke wrote: Hi! I've installed Solaris 10 x86 (Core2Duo - x64) server, with Samba over ZFS RAID-Z. Samba is a part of Active Directory Domain. I've managed to join it to domain, to get the users and groups from A.D. and to translate them to Unix IDs. Everything works really good. Samba is installed from the packages from Solaris 10 DVD. Remove all the old CSWsamba packages. I already removed all the CSW packages... I installed them only to try the transfer rates with another Samba package. So you want to say that Sun packaged Samba has some problems and that's why the transfer rates are so messed up? But how can that be possible, I mean, Solaris is enterprise OS... And CSWSamba problem I had is the inability to join ADS. Go get Samba 3.0.31 at http://www.blastwave.org/testing/samba-3.0.31,REV=2008.08.22-SunOS5.8-i386- CSW.pkg.bz2 Or try Samba 3.2.2 : http://www.blastwave.org/testing/samba-3.2.2,REV=2008.08.22-SunOS5.8-i386-C SW.pkg.gz Pick one .. only one. Install it. You need to create your own /etc/init.d/cswsamba .. but I suggest something like this : http://www.blastwave.org/dclarke/stuff/samba/samba_3x_cswsamba.txt then create your smb.conf in /opt/csw/etc/samba Let me know how it goes. I will try it, although I hate this much experimenting with the machine that's supposed to go into production :( If the stuff works I think I will need to reinstall it from scratch :( But the main question is still the same - what about Samba packaged by Sun? From the system administrators point of view, it's working absolutely awesome (SVC startup methods, winbind, wins, PAM integration, getent, kerberos)... And to migrate all that stuff to CSW - I don't have a good experience with CSW samba so far in that point of view :( Why not open a support ticket with Sun then, since it is their packaging of Samba that seems to be slow? :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help: justification for Linux PDC vs Windows...
On Fri, 11 Apr 2008, JJB wrote: As I understand it, you need a WINS server for every subnet - we figured this out after the fact, so we now have 3 servers running Samba so that everyone can see all members of the workgroup (we are rolling out the domain slowly - in the meanwhile, we don't want to lose browse functionality). If anyone has You only need 1 WINS server for your organization (or 2 for redundancy). We have multiple subnets here at OSU and only 2 WINS servers. Our DHCP servers had out the WINS server IP addresses to all clients, and Samba is configured to use them as well. You DO need a master browser on each subnet. All of this is well documented in the Official Samba HOWTO in Chapter 10. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: WINS and Subnets [was: Help: justification for Linux PDC vs Windows...]
On Fri, 11 Apr 2008, Greg J. Zartman, P.E. wrote: You only need 1 WINS server for your organization (or 2 for redundancy). We have multiple subnets here at OSU and only 2 WINS servers. Our DHCP servers had out the WINS server IP addresses to all clients, and Samba is configured to use them as well. You DO need a master browser on each subnet. Are you pointing your clients on a given subnet to the local master for WINS queries or the primary WINS server? I have a couple subnets, but hand out the Primary WINS ip to ALL of my clients. WINS browsing across the subnets fine, but updates from the subnets tend to be really slow. All clients are given the IP addresses of the 2 WINS servers. We don't configure local master browsers explicitly on our subnets - the Windows computers can elect a local master for themselves automatically. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Retry: Mapping AD domain users to UNIX users
On Wed, 23 Jan 2008, [EMAIL PROTECTED] wrote: We're using Samba 3.0.23b (binaries downloaded from Sunfreeware) on Solaris 9 as a member server, using security = DOMAIN in an Active Directory 2003 domain. The server is primarily an application server, running SAS software, but we have a share to Windows to enable users to save programs and data from their Windows XP workstations. Historically we've been using PC Netlink, Sun's version of Lanman, but this isn't compatible with AD 2003 so we need to move to Samba. We're struggling to establish a mapping between domain user accounts and UNIX user accounts that are similarly named (the same naming convention is used for both). My understanding of Samba, albeit sketchy, was that it could automatically make a mapping between local and domain accounts of the same name. However, this doesn't appear to be happening. If I set a file's permissions for a specified user in Solaris it appears in the file's security within Windows, but the user is listed as a Unix User along the lines of: u123456 (Unix User\u123456) I was expecting that there should be an implicit mapping between u123456 in Solaris and domain\u123456 but maybe I've got the wrong end of the stick. We need to maintain the local users so that we can control who has access to the server software, and we maintain password aging both on the server and the domain so maintaining a separate password database for Samba would be a complication. an Extract from nsswitch.conf and (edited) smb.conf and included below. As you will see from nsswitch.conf, we are using winbind. wbinfo will resolve any domain information and getent passwd will return domain user accounts. If your Solaris system already has unix system accounts with the same usernames as the Windows accounts, then you do not need to run winbind. That's how we run our Solaris and Linux systems here. Unix users are populated from ldap using the nss_ldap module, and Samba is a member of the domain (security=domain). Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.26a Available for Download
On Tue, 11 Sep 2007, David C. Rankin wrote: Ed Kasky wrote: At 05:24 AM Tuesday, 9/11/2007, Gerald (Jerry) Carter wrote -= Binary packages will be made available on a volunteer basis at http://download.samba.org/samba/ftp/Binary_Packages/ Not being as adept at building rpm's as I could be if I had the time to learn it, is there any supporting documentation anywhere that describes how to go about converting from an rpm install to installing from src? Or is it easier/preferred/better to stick with the rpm's and build them from the src? I know there are opinions on both sides but I wouldn't mind hearing a few as I try and decide if I should continue with the rpm on a FC6 machine or convert to a src install Ed, Don't throw the baby out with the bathwater!!! Seriously, I prefer rpm's, but I have servers still running mandriva 2005le and no one has built rpms for that distro for well over a year. So instead of worrying about installing some new OS, I simply started building them from scratch/source. Simple process, you only need to figure out what the ./configure options need to be once and then updates are a breeze. THE BASICS (1) download the latest samba-rev#.tar.gz; (2) unzip it with tar -xzf samba-rev#.tar.gz (3) change into the new samba-rev# directory (4) actually read the README file (5) cd into the new samba-rev#/source directory (6) run sh autogen.sh FIGURING OUT THE CONFIGURE OPTIONS While looking at the output of ./configure --help may be daunting, unless you have very special needs, the only config options you need are very straight forward. They are basically limited to: Where are your samba binaries/libs are stored and where do the documentation, config, and password files go? I prefer to keep all source installed packages out of the Distro-maintained directories (/usr). Historically, this was traditionally done on unix systems by using --prefix=/usr/local. I prefer to put Samba into /private/samba, but that's really up to you. If you are going to install from source, I recommended using /usr/local as the prefix. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ridiculous slow gigabit transfer, faster with VNC
On Thu, 19 Jul 2007, Mark Baily wrote: Hi, I have a problem with file transfers between a windows systems and unix systems. I have one win32 desktop (intel e6400 2Gb Ram), one win32 laptop (p-m 2Ghz). Also one linux laptop (p-m 1.4GHz) and one opensolaris desktop (intel e4400 1GB Ram). The two laptops have built-in 100Mbit ethernet and desktops have 1Gbit ethernet on the motherboard. Both desktops use a Marvell Yukon. The file transfer rate between two systems using FTP between the two desktops (win32 to opensolaris) is consistently 50Mb/sec which is as expected. Using scp I only get 5Mb/sec between from any win32 system to any unix system, much slower than expected. Using scp from the linux lapotp to solaris desktop is 10Mb/sec as expected (laptop has 100mbit only). Using samba to copy a 1GB file I get about 7 minutes from win32 to opensolaris. From opensolaris to win32 the windows dialog says estiamted time 142 mins. Using plain FTP it takes 25sec. This is very consistent. A twist is that if a VNC client is open from the win32 desktop to the opensolaris box the estimated transfer time via samba from opensolaris to win32 drops right down to about 4 min. Much better, but still nowhere near the FTP. I have also tried swapping between a D-Link DGS-1008D switch and a Netgear GS105 switch with no difference. Since the FTP is very consistently acheiving 50megabytes/sec, I don't think it can be blamed on a hardware fault. However the problem doesn't appear to be just samba either, as the slowness also occurs with scp, albiet scp is much more consistent at 5mb/sec than samba varying at 1GB/142min to 1GB/3min with VNC open. Is this problem something to do with TCP stacks playing up? What else might it be? Have you confirmed that you do not have a duplex mismatch? I don't know if D-Link or Netgear (consumer grade?) switches can be queried for the duplex setting or forced to full duplex. Usually this stuff just works, but the behavior you describe sounds very much like the switch is half duplex and the server is full duplex. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Miserable read performance (factor ~60 too slow)
On Thu, 5 Jul 2007, Arno Schäfer wrote: Hi, I am trying to migrate my files from a Windows XP Pro box to a new server running OpenSuSE 10.2/Linux 2.6.18 (x86_64) and Samba 3.0.25b. The Server is a new Athlon 64 X2 4000+/1GB with two 400GB SATA disks in a software RAID1 configuration. The share file system is reiserfs on a 350GB RAID1 partition. I have a small LAN with three PCs on 100MBit Ethernet and a Laptop on WLAN on a 4 Port Switch/WLAN/DSL router. I am experiencing extremely (an I really mean EXTREMELY) bad performance. It is so bad that it can not have anything to do with performance tuning, it must be a configuration error somewhere. Doing some comparisons, I find that - copying a 700MB file from the CIFS share of the Windows XP box to a different Windows PC starts immediately and takes about two minutes. - copying the same file via HTTP from the new Samba server takes a little more than one minute (10.5 MB/sec). - copying the file from the Samba share varies hugely. It can take between 90 seconds and literally hours (!). - sometimes it goes faster, but almost always the startup time is between 20 and 90 seconds, that is the time before the copying even begins. - I have found repeatedly that when I am copying a file from the Samba share, and it goes extremely slow (estimated time 90 minutes), and I start copying a second file (from the same or a different PC), suddenly the copying speeds up to normal speed. ifconfig does not show any collisions or errors, and as I said, copying via HTTP is extremely fast. The Linux installation is as barebones as I could make it, no X11, no firewall (for now), no ZENWorks or AppArmor or anything. I already once reinstalled everything from scratch, to no avail. Any ideas would be immensely appreciated, as I am seriously considering going back to Windows XP ;-) You have an Ethernet duplex mismatch between your server and the switch port. Based on the symptoms you describe, your server is probably at full duplex and the switch port is at half duplex. Andy-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] win2k/xp clients cannot copy files after samba upgrade
On Thu, 28 Jun 2007, Dirk Kleinhesselink wrote:
I have a linux server that I'm preparing to migrate our samba services to.
It has been running as a stand alone server and I intend to set it up
as a PDC - we have another old system working as a PDC now.
Because of some problems during samba testing (quite awhile ago) I decided
to upgrade the samba version running on the server - the original packaged
samba was 3.0.20 and I downloaded 3.0.25a and built it. Windows clients
are getting this error when copying files to the server:
cannot copy {file}: The process cannot access the file because another
process has locked a portion of the file
using smbclient from a linux machine does not give a problem and I can
put files OK. Windows clients can create and delete folders OK. If I
kill the new version and restart the old samba daemons, then things work
fine. With debug level 3, I can find this in the logs:
cmd=47 SMBwriteX NT_STATUS_FILE_LOCK_CONFLICT
I did some extensive testing with a similar install setup and
did not have a problem until I realized that my test bed was running
a hand built 2.6.14 kernel, whereas my server is running a 2.6.18 vendor
supplied kernel. I put the vendor supplied 2.6.18 kernel on my test
machine and the problem then manifested itself. I need the vendor supplied
kernel due to hardware setup on my server. I tried a newer
2.6.19 kernel from them and still get the problem.
More information - the problem is with shares that are nfs mounted. I
realize that sharing NFS mounted filesystems through samba may not be
the most ideal, but I have a large fileserver that I don't want local
users to have accounts on, yet be able to store data there.
I tried setting kernel oplocks = no and oplocks = no in the global
parameters and this did not help.
Anyone have any information that can help me resolve this situation ?
Thanks for any help,
Dirk
Another sysadmin where I work ran into this same problem and was able to
fix it by setting:
strict locking = no
Apparently the default for this option changed in version 3.0.23.
Andy
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Possible Filesystem Corruption with Samba 3.0.25a (with XFS and LVM)
On Tue, 26 Jun 2007, Andri wrote: Adam Tauno Williams wrote: On Tue, 2007-06-26 at 12:00 -0400, Charles Marcus wrote: On 6/26/2007, Andri ([EMAIL PROTECTED]) wrote: I've done occasional memtests for a few days straight, and all have ended successfully. If it wasn't one of those one-in-a-quintillion chances that the sun flipped the necessary bits in memory, I'm betting on software bugs. Memtest is hardly a reliable test for memory. I have had bad memory pass test for days on end. The best way I've ever found to reliably find bad memory is compile something big, like X. If your memory is bad, you'll find out pretty quick... The real solution is to use ECC memory. :) It's a headless server without X, but I've compiled plenty of other applications on it without issues. That includes Linux. The chance that a bit flipping on the exact location that directs Samba's (or the filesystem's or what-not's) output, and it ending up on another (and raw) device is something I really can't believe happening. Like the XFS guys said, memory corruption errors might not necessarily be because of faulty hardware. Even if this issue is related to the SATA controller's driver, I wish to find out the origin of the data structures I've pasted twice now, because I believe tracing them might hold the key to this mystery. Of course, I lack the expertise to scan a driver's source code for such possible mistakes, but at least I can let the author know and ask for their assistance. Blaming hardware for uncommon and unexpected behavior is not always the reasonable thing to do. Samba uses standard system calls to create, modify, and delete files. It does not write to random bits of /dev/hda. If you have filesystem corruption, then the problem lies elsewhere. Maybe the data you found came from Samba (indirectly through files your Bittorrent client was saving to a Samba share), but that does not imply that Samba was the cause of the problem. When Samba used the system call write() - or whatever optimized system call it uses - some other piece of software (XFS, LVM, Linux kernel IDE driver) placed that data in the wrong place on the disk. In my experience (which only counts as anecdotal evidence anyways), disk hardware failures are usually easily detected as ever-increasing bad block counts reported by the disk's S.M.A.R.T. firmware. If the disk still works normally and is not reporting any SMART errors, then you can probably rule out hardware. I'm not saying it is impossible for Samba to create this problem, but since Samba uses standard system calls and has no reason to write directly to the /dev/hda raw device, it seems far more likely that the software which does actually write to the raw device (XFS, LVM, Linux kernel) is the culprit. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] URGENT! Windows Server 2003 SP2 broke samba
On Tue, 26 Jun 2007, [EMAIL PROTECTED] wrote: Reading the How To Compile Samba leads me to this question. Must I compile Samba with AD support as described in that document in order for the Samba server to be able to have userids/passwords authenticated by a W2K3/SP2 AD? I only need to be able to continue to provide access to users' Unix home directories from their PCs via a Windows login script that includes: net use s: \\sambasvr\username (where username is the same for both Unix and Windows). Gee! I wish I had seen this coming! Charles I seem to remove 2003 SP2 changed some default to require a more secure authentication method. However, you can change that back using the Default Domain Policy. Grr, does this ring a bell for anyone? I can't remember the specifics. In any case, it is perfectly possible to run security=domain and join an AD forest. We do it here. Andy-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shared dirs are empty. Help needed please!
On Thu, 14 Jun 2007, User Forums wrote: Hey fellas. I just installed samba and am having a problem. What I'm trying to achieve is hosting a file server for my lan. I don't want any login/password's to be used or any of that. The server box is running Debian linux and the clients are a mix of debian and winxp. On the server box I'm mounting the harddrives I want to share like this in /etc/fstab: /dev/sda1 /storage/sata0 xfs defaults0 2 /dev/sdb1 /storage/sata1 xfs defaults0 2 /dev/sdc1 /storage/sata2 xfs defaults0 2 /dev/sdd1 /storage/sata3 xfs defaults0 2 /storage and all subdirs are owned by my file server user login name and are chmod'ed with 744. Shouldn't that be 755 instead of 744? Without execute permission on the directory, a user cannot chdir into it. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] slow with one transfer, fast with multiple
On Mon, 11 Jun 2007, David Olsson wrote: Running samba with Ubuntu, default configuration, one share, samba running as daemons rather from inetd. Copying one file between the share and another machine on the LAN is very slow. Adding another copy and both transfers proceed very quickly. The client machines are Macs with recent OSX, and a Windows laptop. Same behavior. If the second transfer is initiated on a different client, both transfers still speed up, dramatically. Sounds suspiciously like an ethernet duplex mismatch problem to me (one end things the connection is half-duplex). Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Changing group owner to a group user is not member of
On Mon, 30 Apr 2007, Henrik Zagerholm wrote: Hi, I'm using latest samba 3.0.24 on a debian etch box (ext3, acl) in ADS mode joined to a W2003 domain. Everything works fine except when I want to change the group of a file to something the user is not member of. Even if I run the commands as Administrator I can't seem to change to groups expect to those that the Administrator is member of. This is really annoying as its very inconvenient to have a user member of all groups... Is there some way to change this behavior? I'm guessing you don't have Administrator mapped to root in unix? I recently stumbled across the issue you describe in another context, and found this note in the Solaris manpage for chgrp: The operating system has a configurationoption _POSIX_CHOWN_RESTRICTED, to restrict ownership changes. When this option is in effect, the owner of the file may change the group of the file only to a group to which the owner belongs. Only the super-user can arbitrarily change owner IDs, whether or not this option is in effect. (the option is enabled by default in Solaris). The linux manpage doesn't list this restriction, but it definitely is in effect there too. This seems to be a POSIX restriction, unrelated to Samba. There is a way to disable it in Solaris, but I don't know of a way to disable it in linux. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] BindDN and password for Active Directory
On Thu, 26 Apr 2007, Stellwag, Philippe wrote: Hello @ll, I have a general question to Active Directory (AD), not directly concerning samba, but I think the experts of this list know the answer. At my scope: I'm using a Windows XP PC which is logged on using Microsoft AD domain and Kerberos (normal procedure). I want to find out the BindDN and - if possible the appropriate password - for using it for a query with the Linux tool ldapsearch. The problem is that I haven't an admin-access to AD-server. (1) Where are BindDN (and password) saved (e.g. Windows registry)? If you can view your AD domain using the Active Directory Users and Computers MMC snap-in (you don't need admin access for this), then you can determine the DN of a user. Find the user and the container (OU) it is located in. The DN will be of the form: cn=username,ou=some_container,dc=domain,dc=example,dc=com (2) Which encryption (e.g. none, SSL, TLS) is used by microsoft for the AD-queries (standard Windows login over an AD-domain)? AD domain controllers listen on the standard LDAPS port (636) and will only accept binds on that port. You cannot bind as a user on port 389. I don't think they support TLS on port 389, but I have no tried in a long time. (3) Can I use Ethereal for grep this information? If the answer is YES, what to do, to force Windows execute an login situation (e.g. program - execute as ...)? Windows AD clients will use Kerberos to authenticate, not LDAP, so you won't be able to capture the information you need that way. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Securing home shares
On Mon, 12 Feb 2007, Neil Jolly wrote: I'm setting up a server running samba 3.024, and am trying to secure the home directories. I thought that adding valid users = %U to the home share in the smb.conf would restrict access to the current user only, but this appears to not be the case. Anyone got a better method they can recommend for this? Doesn't using the special [homes] share already do this? Or am I missing something? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Securing home shares
On Mon, 12 Feb 2007, Neil Jolly wrote: On 12-Feb-07, at 12:38 PM, Charles Marcus wrote: On 2/12/2007 Neil Jolly ([EMAIL PROTECTED]) wrote: [homes] browseable = No read only = No guest ok = No Don't need this? path = /home/%U I've tried with, and without this one users = %S Typo? Shouldn't this be 'valid users = %S' Not according to : http://samba.org/samba/docs/man/Samba-HOWTO-Collection/securing-samba.html An excerpt: The only user works in conjunction with the users = list, so to get the behavior you require, add the line: users = %S This is equivalent to adding valid users = %S to the definition of the [homes] share, as recommended in the smb.conf man page. The manpage for smb.conf says: users This parameter is a synonym for username. username (S) Multiple users may be specified in a comma-delimited list, in which case the supplied password will be tested against each username in turn (left to right). This is very different from the valid users parameter. I think the securing-samba.html file is wrong in saying they are equivalent. If I'm reading it right, you want valid users = %S. Also unix permissions are rwx on all home dirs. Why not just fix the unix permissions? We set home dirs to 700 and public_html to 755 here. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Multi ADS Auth servers in 1 smb.conf
On Tue, 6 Feb 2007, James McLaughlin wrote: Hello All: I would love to RTFM on multiple ADS servers being configured for ADS sercurity, but I can't find anything. Specifically: I have 2 ADS servers at 1 site. I have 4 SAMBA file servers at said site. If ADS server 1 goes down -- It will not cascade to ADS Server 2. How can I set that up? I have seen when using security = server multiple server names listed, but have not seen anything regarding ADS and this. I am planning on testing this either this weekend or sometime in the evenings, but thought maybe the list would know ...The list always knows With security = domain we use password server = *, which seems to work fine when 1 of our 2 domain controllers is down. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.23a BROKE my network
On Sat, 3 Feb 2007, Chris Hall wrote: On Mon, 29 Jan 2007 Gerald (Jerry) Carter wrote Chris Hall wrote: ...but doesn't change my opinion that software should be written to avoid obscure failure caused by obvious misconfiguration -- particularly in the case of an upgrade which turns a previously working configuration into a broken one ! Chris, This is not a pass the buck argument, but I would push back on the Fedora folks (IIRC the original context correctly). No one should have pushed out a 3.0.23a from 3.0.14a via yum. We have been constantly saying that upgrade releases (when the minor number changes) has significant differences from past releases. The letter releases are bug fix only. Well, OK... but is there a 3.0.14x which contains all the bug and *security* fixes that 3.0.23 contains ? So you can tell us (developers) that we should make such sweeping changes and in response I would state that package maintainers for a distro should not push out such sweeping changes without properly notifying the distro users. These days one feels nervous if one is not running the latest, stable version, on the basis that it should be the most secure. Last time I ran yum it updated 171 packages. The only way that it is practical for me to keep up to date is to depend on the developers to ensure: - either, the updates are upwards compatible (if necessary, by updating configuration) - or, the new software stops gracefully and points me in the right direction to complete the update And I would expect the second case to be (very) rare, and driven by a serious need or (better) a significant feature advantage. As a developer I understand the cost of upwards compatibility. But where it used to be a matter of convenience when occasionally upgrading for new features, it is now a matter of necessity when frequently upgrading to maintain maximum security. If I were maintaining a distribution, running to many hundreds of packages, I doubt I would feel it was practical if each one could carry its own little surprise ! Or, you could use Debian Linux which backports security fixes for their stable releases. :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] AD passwd change
On Sun, 7 Jan 2007, Azher Amin wrote:
Hi,
Can someone guide me, how to change the password of windows AD using a linux
script.
Here is a snippet of perl code we use to change AD passwords:
my $unicodepwd = pack(v*, (unpack(C*, \$newpw1\)));
$mesg = $ad-modify($addn, replace = { unicodepwd = $unicodepwd });
Where $newpw1 is the new password, and $ad is a Net::LDAPS object
connected to an AD domain controller as a user with privileges to update
passwords.
Andy
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] smbd keeps maxing out the cpu, must reboot server constantly
On Fri, 5 Jan 2007, James A. Dinkel wrote: Yeah, I see the brief spikes when each user connects. Those are nothing. This is a dual-Xeon 3.6Ghz server (both assigned to the Ubuntu file server vm) with 1GB of RAM assigned to this vm. It's the only vm running on this ESX server. Also top doesn't show a user smbd process maxing out the processor, it's the root smbd process. Why not run strace against the offending smbd and see what it is doing? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Fileserver for Two AD Forests with No Trust Relationship
On Fri, 15 Dec 2006, Alan Broady wrote: Hi, I have the following situation: I'm designing a solution for an organization with two Active Directory forests. The forests do not have a trust relationship, and there is no chance to get them to move to a trust relationship (at least within a reasonable timescale). I need to set up a fileserver than both sets of users can access, with Windows authentication. I could host this on a UNIX box (probably AIX) or on a Windows box (probably W2003 Server). AFAIK, there is no way to set up a single instance of Samba to realize this (or at least without getting into hacking the source / special builds, which also would be unacceptable - I must use widely available / standard products). Mad idea: 2 x UNIX servers (or logical partitions - bit like a VMWare image). On each UNIX server, run Samba. One server is a normal Samba fileserver Other server has files from the first server mounted via NFS. Would it work? If not why not? Issue? Better ideas (please!!) You could probably run both copies of Samba on a single box by having each Samba bind to a separate network interface. I'm not sure how you could handle the local unix accounts needed though, since winbind to 2 forests would be pretty hairy. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Weird Samba upload performance on Gigabit network
On Fri, 10 Nov 2006, David Harrison wrote: On 10/11/2006, at 12:22 PM, John Drescher wrote: On 11/9/06, David Harrison [EMAIL PROTECTED] wrote: - BUT OSX Tiger to Samba 3.0.23C (Suse 10) file transfers operate at 1-2meg/second which is well down from expected performance. The strange thing is if I begin a file transfer from OSX Tiger to Samba and in a terminal window on OSX begin an SCP copy operation to the same Suse server the file transfer speed of Samba jumps up to gigabit level speeds. As soon as the SCP copy operation is stopped the Samba file transfer process drops to 1-2meg/second again. Looking at your numbers I believe that you have both network and samba problems. Can you run netperf or do some nfs testing? Today I ran it and found out a few of my servers (using nvidia mobo adapters) although the gigabit light was on the nic and the switch the adapter was not transfering at gigabit speeds. I did a nfs test like the following: dd if=/dev/zero of=/mnt/remoteserver/test.dat bs=16k count=16k and got around 10MB/s which is only 100mbit speeds. On netperf I verified that my maximum transfer rate was around 94mbit/s so I googled a bit and then ended up upgrading my kernel to 2.6.18 and then did the same test and I got 109 MB/s on netperf and on the nfs test above I got 43MB/s and after setting nfs to asynchronous mode I got 57MB/s. John I've updated the Suse box to the 2.6.18.2 kernel with no effect. I'm not in a position to run NFS tests on the machine but I'm guessing it is the network card (low-end Netgear with the r8169 driver). To (hopefully) fix the problem for good I've ordered a decent gigabit card that by the looks of it has good Linux support. I'd rather spend the money than continue messing with a card/driver that according to Google has some underlying performance issues :-) Have you verified that the duplex settings on the network switch and the Suse server are the same? If you have half duplex on the Suse server and full duplex on the network switch, you could get the behavior you describe. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Possible to have two SAMBA srvs act as one?
On Mon, 11 Sep 2006, Michael Rignaz wrote: On 09/10/2006 10:11 AM, Michael Rignaz escreveu: Hi, is it possible to share write locks amongst two samba servers? We are experiencing performance issues all the time, because one location (location A) is connected via VPN to the main location (location B) and needs to access files hosted there on some samba shares. Now loc A gets its own server, but still files hosted in B need to be read/write accessed from A and vice versa. It would be really nice to have all files and shares on both servers. And when a file is locked on srv1 it's also locked on srv2. Is something like that possible? Thnx in advance, Michael I hope this Wiki Page can help you. :) http://wiki.samba.org/index.php/Clustered_Samba Kind regards, - -- Felipe Augusto van de Wiel [EMAIL PROTECTED] Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE http://www.paranacidade.org.br/ Phone: (+55 41 3350 3300) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFFBVFQCj65ZxU4gPQRAhjxAJ9sna8eVDkRNBcU5OmTX9i3CxkN8wCeIv/9 L/ZqGtZl2Xt8qzMwvF/aBS0= =3G7m -END PGP SIGNATURE- Thnx a lot for your reply. I'm a total newbie to clusters plus a linux beginner only. Could u tell me how advanced/tricky this is? I just setup three samba servers, cyrus imapd and two networks connected via vpn with OpenVPN, this is all I'm capable of yet :) Can I just use cluadmin to cluster two samba services, or would I need to cluster whole machines?Can't even try to get into it yet, since I have only RHEL WS 4 and this doesn't support cluadmin. Maybe I'll install Debian and try. Also it seems as if this would eat up a lot of bandwidth performance at least in terms of latency.. when two smb servers are connected via a low bandwidth vpn only, I feel as if this wasn't an option. What do you say? Have you looked into WAN Accelerators? These are typically hardware devices placed at each end of the WAN link which do some sort of fancy mojo to reduce the perceived latency of the link. (Can you tell I have no clue how they really work?) Short of replicating all the data to a local machine, it seems like a WAN accelerator is the only other choice. Andy-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re-exporting CIFS file systems
On Wed, 23 Aug 2006, Jeremy Allison wrote: On Wed, Aug 23, 2006 at 11:16:36AM -0700, Chuck Forsberg WA7KGX N2469R wrote: I tried 'done descend' with and without the leading . and it has no discernable effect. Might do the job if it worked. Log a bug at bugzilla.samba.org so we can track it please, also so we can see what smb.conf you used. No one else has reported an issue with this. Shouldn't that be dont descend rather than done descend? There is a typo somewhere in all this... :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] nmbd[1892] error
On Fri, 21 Apr 2006, Keith wrote: Approximately every 30 seconds a friend receives a nmbd[1892] error. I believe it is related to Samba. As I'm a complete novice can someone please advise. Ummm, how about posting the error message? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User groups
On Mon, 3 Apr 2006, Cybionet wrote: Wlcome in the club :-) I wrote a topic Limit of group membership for a user? with the same problem, and I don't have any answer by the samba team. I have the most recent Samba 3.0.21b, OpenLDAP 2.2.28 and Glibc 2.3.6 version on a Gentoo (kernel 2.6.15) and I have the same problem. I check the NGROUP_MAX (65535) and the NSS_BUFLEN_GROUP (2048) value of the glibc. For the AMD64 environment I have a limit of 66 groups for a user, but suprise, on the x86 environment I stop to count at 83 groups for a user (but it is not the limit). I continu the test this week. From my limited memory of this issue on Linux, the problem is not the number of users in a group, but the total length of the membership string. So the number of users that can be in a group may also depend on the length of all their usernames. I have no idea if glibc has changed, but a long time ago it was a fixed length char array that stored the group membership. This doesn't really help your issue, but hopefully it provides more information. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Authentication failing
On Mon, 27 Mar 2006, Matt Smith wrote: ACK! Ok this morning for some strange reason when trying to resolve my samba server authentication fails ... it can ping the host name and it tries to connect but authentication fails, if I connect to the IP all works fine, this only started happening this AM any ideas? My enviro is a win2k3 AD domain and a samba file server ... everything seems to run fine except for when users try to map to machinename\share it fails, but works with ip_address\share Sounds like a WINS name resolution problem. We had an issue like this recently and found out that the WINS server listed in smb.conf was not running (service did not start after a power outage). Now, we list both our WINS servers in case one fails. :) You may need to restart Samba (or at least nmbd) if you change WINS settings, in order for Samba to register its name with the new server(s). Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to manage 3000 Samba Connection
On Thu, 9 Mar 2006, updatemyself . wrote: In my Network i have Only One Domain (Win2003) and all the windows client is accessing the samba share with out further authentication.. to run the project smoothly.. i need all this as one domain.. the file permission and all happening through only windows.. all the volume's owner is sysadmin as that user.. i am managing the access control.. (security is also important for me) i know abt HA (heartbeat 2) and i used for fail over.. my main target is.. load balance till i have 6 servers.. as file server.. fail over is only 2nd thing what u try to explain is not much clear for me.. if u r able to point some document.. it will be a grate thing.. Thanks a lot.. dude... i respect ur time also.. jerrynikky. You can do this in software with ipvs (as another person suggested) or buy a hardware load balancer such as a Foundry Networks ServerIron. We use a ServerIronXL here for websites, ldap, and Citrix in the past. It should work fine for SMB as well. ipvs will be more flexible and configurable, but a hardware load balancer will probably be easier to setup and maintain. Either solution should work for you. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] valid users + ldap on Solaris 10 problems
On Thu, 12 Jan 2006, Miki Monguilod wrote: Hi Gerald, We have Solaris 10 completely updated up today. About samba and libraries, we have compiled Samba againt OpenLdap libraries (usr/local/lib/libldap.*) and of course, nss_ldap is linked against Sun ldap's libraries /usr/lib/libldap.*) . The big deal is why is Samba using Sun's ldap libraries instead of OpenLdap one's when is getting any group entry. Otherwise thanks for your reply. Have anybody got more ideas? I bet it works if you run nscd... :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem after upgrade from 3.0.14a to 3.0.21a
On Thu, 12 Jan 2006, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Remy Zandwijk wrote: I found out that I need to use 'fake' 'idmap uid' and 'idmap gid' to get it to work. Is that a winbind bug? In Should be fine without either an idmap uid/gid range. Are you saying that winbindd will not start without these? contrast to the documentation, 'nscd' must be running, otherwise I am not able to logon to the member server. That makes no sense to me. One possible reason is that with nscd running, processes that want to do passwd and group lookups will talk to nscd through a door file, rather than loading nss_ldap and/or nss_winbind into their process space. If for some reason you have multiple versions of the same library on your system (libldap.so, for example), then you will have a world of pain if a single process inadvertently ends up with both versions loaded. This can happen pretty easily if nss_ldap is compiled against one version of libldap (say, as a part of your system's packages) and samba is compiled against a different version. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.21a panic - oplock problem?
I upgraded from Samba 3.0.20 to 3.0.21a last night on my Solaris 10 machine. After the upgrade, everything seemed to work fine, but I see that Samba is panic'ing in the logs. As far as I can tell, the client retries whatever it was doing and succeeds (at least, we've had no reports of problems from our users). I have attached a level 10 debug, backtrace, and my smb.conf. The commented out lines in smb.conf are what I used to generate the level 10 logs and backtrace. I will probably downgrade to 3.0.20 tonight, so please let me know if there is any additional information needed. Thanks, Andy[global] netbios name = ONID-FS security = domain password server = * encrypt passwords = true interfaces = ce0 guest account = nobody domain master = no local master = no preferred master = no os level = 0 log level = 1 syslog = 6 syslog only = yes # log level = 10 # log file = /private/samba/var/log1 # debug pid = yes # max log size = 0 # panic action = /bin/sleep 9 name resolve order = wins host wide links = false wins server = 128.193.4.45 workgroup = ONID server string = ONID File Server allow trusted domains = no printing = bsd printcap name = /dev/null [homes] comment = Home Directories browseable = false read only = no create mode = 0700 hide files = /public_html/ [public_html] comment = Web page read only = no path = %H/public_html create mode = 0755 [EMAIL PROTECTED] lib]# mdb /private/samba/sbin/smbd ::attach 12930 Loading modules: [ ld.so.1 libc.so.1 libuutil.so.1 ] ::stack libc.so.1`_waitid+8(3283, ffbff064, 0, 3283, fee52000, 0) libc.so.1`waitpid+0x60(3283, ffbff064, 0, 0, ffbff11c, feba3080) libc.so.1`system+0x2b4(33e468, 0, ffbff11c, 0, ff0e4280, ff0e7f18) smb_panic2+0x80(2b3690, 33e468, ffbfeec8, ffbff2e0, 7c00, 0) smb_panic+8(2b3690, 2b3588, 258308, 28, 0, 2ed000) fault_report+0x1b4(a, 0, 0, 0, 0, 0) sig_fault+4(a, 0, ffbff4d8, 1, 7c00, 2b7008) libc.so.1`__sighndlr+0xc(a, 0, ffbff4d8, 1b59fc, 0, 1) libc.so.1`call_user_handler+0x3b8(a, 200, 4, 0, fee52000, ffbff4d8) process_oplock_break_message+0x564(bbe, 33e430, 3464c4, 3068c8, ffbff888, bbe) message_dispatch+0x184(0, 3e8, ea60, 12b, 0, 2e7400) receive_message_or_smb+0x64(346d88, 20041, ea60, 20441, 0, 4104) smbd_process+0x110(bba, 55534, 2, 265400, 2cc400, 18) main+0x8e4(0, ffbffc2c, ffbffc38, 2fb864, fee50200, fee50240) _start+0x5c(0, 0, 0, 0, 0, 0) ::quit -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.21a panic - oplock problem?
On Wed, 11 Jan 2006, Jeremy Allison wrote: On Wed, Jan 11, 2006 at 03:56:53PM -0800, Andrew Morgan wrote: I upgraded from Samba 3.0.20 to 3.0.21a last night on my Solaris 10 machine. After the upgrade, everything seemed to work fine, but I see that Samba is panic'ing in the logs. As far as I can tell, the client retries whatever it was doing and succeeds (at least, we've had no reports of problems from our users). I have attached a level 10 debug, backtrace, and my smb.conf. The commented out lines in smb.conf are what I used to generate the level 10 logs and backtrace. I will probably downgrade to 3.0.20 tonight, so please let me know if there is any additional information needed. Please downgrade for now. There's an alignment issue with Solaris that we're working on Thanks for the fast response. I'll downgrade tonight then! :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SOLARIS 9 INSTALL PROBLEMS
On Tue, 25 Oct 2005 [EMAIL PROTECTED] wrote: I downloaded SAMBA VERSION: 3.0.20b to my sun sol 9 server and below is the error I got after running ./configure. [EMAIL PROTECTED] ./configure SAMBA VERSION: 3.0.20b checking for -fPIE... checking for gcc... no checking for cc... cc checking for C compiler default output file name... configure: error: C compiler cannot create executables See `config.log' for more details. By default, Solaris does not come with a C compiler. They include cc as a dummy program which does nothing. You'll need to install either Sun's C compiler (Forte) or GCC. I'd recommend GCC. :) Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permissions when MOVING files
On Wed, 19 Oct 2005, Travis Knabe wrote: We've got a large user base. They all have a home directory and within it a public_html directory. Each of the directories have and need different permissions set on them. I've tried using ACL's, setgid bits, all the samba options, however when a file is _MOVED_ from their home directory to their public_html directory the permissions don't change. Even with the different options discussed above. I imagine that if the file is moved on the same filesystem, the file attributes don't change at all, its only when the file has to be created, and that's why a copy works. Anyone else have similar issues? If so how did you overcome? We have two shares for each user, one for their homedir and one for their public_html. Here is our share config: [homes] comment = Home Directories browseable = false read only = no create mode = 0700 hide files = /public_html/ [public_html] comment = Web page read only = no path = %H/public_html create mode = 0755 Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Speed versus Netatalk from OS X
On Sat, 15 Oct 2005 [EMAIL PROTECTED] wrote: Does anyone know why, when transferring data via Gigabit Ethernet from OS X to Linux (or vice versa), you get about 50-60 MB/sec with Samba 3.0.X (all versions I've tried, the rate depending on whether you use Jumbo Frames) but you get about 105-110 MB/sec with Apple File Sharing Protocol and Netatalk 2.03? Is there any inherent reason why Samba goes at about half the speed? By the way, I'm talking about connecting with OS X (10.4.2 -- Tiger)'s native SMB/CIFS client. This has been my experience with OS X clients against Netatalk and Samba. I think it is a fault in the OS X smb client. Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] excessive lpstat calls
On Wed, 12 Oct 2005, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew Morgan wrote: | | On Wed, 12 Oct 2005, Gerald (Jerry) Carter wrote: | | Try setting printing = bsd and printcap name = /dev/null. | | Although we really shouldn't be looking for printers at all | | when there ie no [printers] section in smb.conf. | | | | Thanks Jerry, this worked. Should I file a bug on | | this so it doesn't get lost? | | You just just send me a level 10 smbd debug log of the lpstat | issue? I think I can figure it out pretty quickly. | | Do you want the level 10 debug log with the original | settings, or the settings you recommended above? The original configuration where you were getting an excissive amount of calls to lpstat. Btwwhat version of Samba is this? This is version 3.0.20 (not a, not b). I changed the configuration back, HUP'd smbd, but I now it won't call lpstat anymore! I can probably restart smbd this weekend to get it going again. Do you have any tips for creating that level 10 debug log? During the day I have 300-400 smb connections, so it's a little overkill. I can try to capture it during a slower time. Thanks, Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] excessive lpstat calls
On Wed, 12 Oct 2005, Gerald (Jerry) Carter wrote: | Andrew Morgan wrote: | | | | I run a fairly busy samba server that only serves up users' home | | directory. I am running Samba v3.0.20 under Solaris 10 on a Sun v440. | | I'm seeing a large number of calls to '/usr/bin/lpstat -v'. These are | | probably occuring everytime a new client connects, but I'm not | positive. | | | | The server does not have any printers attached to it, has no entries in | | /etc/printers.conf, and is not running lp services at all. I am unable | | to remove the lp packages from the system due to dependencies. I have | | no intention of using Samba as a print server on this machine, so I'd | | like to disable printing entirely and prevent Samba from calling lpstat | | continuously. | | | | I've attached my smb.conf file. Any suggestions? | | Try setting printing = bsd and printcap name = /dev/null. | Although we really shouldn't be looking for printers at all | when there ie no [printers] section in smb.conf. | | Thanks Jerry, this worked. Should I file a bug on | this so it doesn't get lost? You just just send me a level 10 smbd debug log of the lpstat issue? I think I can figure it out pretty quickly. Do you want the level 10 debug log with the original settings, or the settings you recommended above? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] excessive lpstat calls
On Tue, 11 Oct 2005, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Andrew Morgan wrote: | | I run a fairly busy samba server that only serves up users' home | directory. I am running Samba v3.0.20 under Solaris 10 on a Sun v440. | I'm seeing a large number of calls to '/usr/bin/lpstat -v'. These are | probably occuring everytime a new client connects, but I'm not positive. | | The server does not have any printers attached to it, has no entries in | /etc/printers.conf, and is not running lp services at all. I am unable | to remove the lp packages from the system due to dependencies. I have | no intention of using Samba as a print server on this machine, so I'd | like to disable printing entirely and prevent Samba from calling lpstat | continuously. | | I've attached my smb.conf file. Any suggestions? Try setting printing = bsd and printcap name = /dev/null. Although we really shouldn't be looking for printers at all when there ie no [printers] section in smb.conf. Thanks Jerry, this worked. Should I file a bug on this so it doesn't get lost? Andy -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] excessive lpstat calls
I run a fairly busy samba server that only serves up users' home directory. I am running Samba v3.0.20 under Solaris 10 on a Sun v440. I'm seeing a large number of calls to '/usr/bin/lpstat -v'. These are probably occuring everytime a new client connects, but I'm not positive. The server does not have any printers attached to it, has no entries in /etc/printers.conf, and is not running lp services at all. I am unable to remove the lp packages from the system due to dependencies. I have no intention of using Samba as a print server on this machine, so I'd like to disable printing entirely and prevent Samba from calling lpstat continuously. I've attached my smb.conf file. Any suggestions? Thanks, Andy[global] netbios name = ONID-FS security = domain password server = * encrypt passwords = true interfaces = ce0 guest account = nobody domain master = no local master = no preferred master = no os level = 0 log level = 1 syslog = 6 syslog only = yes name resolve order = wins host wide links = false wins server = 128.193.4.45 workgroup = ONID server string = ONID File Server allow trusted domains = no load printers = no [homes] comment = Home Directories browseable = false read only = no create mode = 0700 hide files = /public_html/ [public_html] comment = Web page read only = no path = %H/public_html create mode = 0755 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: samba not using nscd (fwd)
That's what I thought too. Samba is not linked to any ldap libraries
itself, but something is triggering it to not use nscd. That's why I
mentioned the switch from user to root and back as a possibility. I don't
know enough about nscd under linux to say.
My guess is that this is being done by glibc without samba's knowledge
(let's hope!), but if I knew what was triggering it maybe I could work
around it. Has anyone else seen this behavior?
Andy
On Thu, 27 Feb 2003, Jelmer Vernooij wrote:
Isn't it up to libc to decide whether or not to use nscd? Or to nscd?
Afaik there is no way that samba can actually _know_ about nscd.
Jelmer
On Thu, Feb 27, 2003 at 07:51:38AM -0800, Andrew Morgan wrote about 'samba not using
nscd (fwd)':
Reposting for the third time... Please let me know if there is more or
different information needed, or where I might look to debug this further
myself.
Thanks,
Andy
-- Forwarded message --
Date: Tue, 21 Jan 2003 13:37:43 -0800 (PST)
From: Andrew Morgan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: samba not using nscd
I've got samba installed on several different machines in my environment,
but samba on the linux machines doesn't seem to use nscd all the time. On
my RedHat 7.1 machine running samba 2.2.7, it uses nscd for name lookups
initially, then decides to bypass nscd and lookup names directly. I have
strace output showing this, if someone would like to look at it. This
also happens on a Debian stable machine running samba 2.2.3a-12.
On my Solaris 8 machine running samba 2.2.7a, it correctly uses nscd for
all lookups.
You ask, why do I care? I care because I am using nss_ldap on all of
these machines. When it bypasses nscd, I get another connection to the
ldap server for every smbd process, which I'd like to avoid.
Could this be related to the user-switching between root and the
connected user that happens in samba? The first time the smbd process
stops using nscd shows the following in the strace file:
fcntl64(4, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=592, len=1},
0xbfffdca0) = 0
stat64(/users/u2/b/bishopc, 0xbfffe1e0) = -1 ENOENT (No such file or directory)
geteuid32() = 0
getegid32() = 0
getgroups32(0, []) = 0
geteuid32() = 0
getegid32() = 0
setgroups32(0, []) = 0
setresgid32(rgid 4294967295, egid 0, sgid 4294967295) = 0
getegid32() = 0
setresuid32(ruid 4294967295, euid 0, suid 4294967295) = 0
geteuid32() = 0
open(/etc/nsswitch.conf, O_RDONLY)= 19
at which point it starts loading the libnss_* libraries, etc, rather than
using the nscd socket which it has previously used.
If there is more information needed to track this down, just let me know
what to provide...
Thanks,
Andy Morgan
Central Computing
Oregon State University
--
Jelmer Vernooij [EMAIL PROTECTED] - http://nl.linux.org/~jelmer/
20:15:28 up 1 day, 6:28, 12 users, load average: 0.09, 0.13, 0.05
samba not using nscd
I've got samba installed on several different machines in my environment,
but samba on the linux machines doesn't seem to use nscd all the time. On
my RedHat 7.1 machine running samba 2.2.7, it uses nscd for name lookups
initially, then decides to bypass nscd and lookup names directly. I have
strace output showing this, if someone would like to look at it. This
also happens on a Debian stable machine running samba 2.2.3a-12.
On my Solaris 8 machine running samba 2.2.7a, it correctly uses nscd for
all lookups.
You ask, why do I care? I care because I am using nss_ldap on all of
these machines. When it bypasses nscd, I get another connection to the
ldap server for every smbd process, which I'd like to avoid.
Could this be related to the user-switching between root and the
connected user that happens in samba? The first time the smbd process
stops using nscd shows the following in the strace file:
fcntl64(4, F_SETLKW64, {type=F_UNLCK, whence=SEEK_SET, start=592, len=1}, 0xbfffdca0)
= 0
stat64(/users/u2/b/bishopc, 0xbfffe1e0) = -1 ENOENT (No such file or directory)
geteuid32() = 0
getegid32() = 0
getgroups32(0, []) = 0
geteuid32() = 0
getegid32() = 0
setgroups32(0, []) = 0
setresgid32(rgid 4294967295, egid 0, sgid 4294967295) = 0
getegid32() = 0
setresuid32(ruid 4294967295, euid 0, suid 4294967295) = 0
geteuid32() = 0
open(/etc/nsswitch.conf, O_RDONLY)= 19
at which point it starts loading the libnss_* libraries, etc, rather than
using the nscd socket which it has previously used.
If there is more information needed to track this down, just let me know
what to provide...
Thanks,
Andy Morgan
Central Computing
Oregon State University
smbclient bug in 2.2.5
I think I've found a bug in the smbclient program in 2.2.5. Smbclient hard-codes the name_type to 0x20 (File Server) for all netbios queries, but calling 'smbclient -M machine' should use a name_type of 0x03 (Messenger) instead. When sending a message to a machine, it is not necessary for the machine to be running file sharing. Our client machines have file sharing turned off and do not register 0x20 with the WINS server. I'm not sure when this behavior changed, but the smbclient program from samba 2.0.10 works correctly. Thanks, Andy
Re: smbclient bug in 2.2.5
Works here. Thanks for the quick response!
Will this make it into the 2.2.6 release?
Andy
On Wed, 2 Oct 2002 [EMAIL PROTECTED] wrote:
On Wed, Oct 02, 2002 at 09:26:08AM -0700, Andrew Morgan wrote:
I think I've found a bug in the smbclient program in 2.2.5. Smbclient
hard-codes the name_type to 0x20 (File Server) for all netbios queries,
but calling 'smbclient -M machine' should use a name_type of 0x03
(Messenger) instead.
When sending a message to a machine, it is not necessary for the machine
to be running file sharing. Our client machines have file sharing turned
off and do not register 0x20 with the WINS server. I'm not sure when this
behavior changed, but the smbclient program from samba 2.0.10 works
correctly.
Try this patch - I'm going to commit to all branches...
Jeremy.
Index: client/client.c
===
RCS file: /data/cvs/samba/source/client/client.c,v
retrieving revision 1.148.2.30
diff -u -r1.148.2.30 client.c
--- client/client.c 27 Aug 2002 14:49:19 - 1.148.2.30
+++ client/client.c 2 Oct 2002 20:46:31 -
@@ -2422,8 +2422,9 @@
}
/
-handle a message operation
+ Handle a message operation.
/
+
static int do_message_op(void)
{
struct in_addr ip;
@@ -2435,7 +2436,15 @@
make_nmb_name(called , desthost, name_type);
zero_ip(ip);
- if (have_ip) ip = dest_ip;
+ if (have_ip)
+ ip = dest_ip;
+ else if (name_type != 0x20) {
+ /* We must do our own resolve name here as the nametype is #0x3, not
#0x20. */
+ if (!resolve_name(desthost, ip, name_type)) {
+ DEBUG(0,(Cannot resolve name %s#0x%x\n, desthost,
name_type));
+ return 1;
+ }
+ }
if (!(cli=cli_initialise(NULL)) || (cli_set_port(cli, port) == 0) ||
!cli_connect(cli, desthost, ip)) {
DEBUG(0,(Connection to %s failed\n, desthost));
Re: samba 2.2.5-pre and solaris 9
On 7 Jun 2002, Mike Gerdts wrote: On Fri, 2002-06-07 at 13:10, David Lee wrote: Can Dave-CB shed any light on Solaris ld, including any possible changes in the new Solaris 9? A quick look at the getopt(3C) option string suggests that there was no change in options: Solaris 9: % strings /usr/ccs/bin/ld | grep : ... 6:abc:d:e:f:h:il:mo:p:rstu:z:B:CD:F:GI:L:M:N:P:Q:R:S:VY:? Solaris 8: % strings /usr/ccs/bin/ld | grep : ... 6:abc:d:e:f:h:il:mo:p:rstu:z:B:CD:F:GI:L:M:N:P:Q:R:S:VY:? % ld -E ld: illegal option -- E Mike It seems like the proper method is to use gcc to do the linking rather than ld, if the compiler is gcc. I remember doing this when I compiled pam_ldap on Solaris 8. If you are using Sun's Workshop compiler, use the linker in /usr/ccs/bin/ld. Andy
Re: [Samba] samba 2.2.3a loses WINS registration
On Thu, 25 Apr 2002, Gerald Carter wrote: On Thu, 25 Apr 2002, Andrew Morgan wrote: Since upgrading to Samba 2.2.3a on several of our servers, we are having trouble with nmbd not maintaining the WINS registration. After the WINS server expires the record, our users in other subnets cannot find the server. Restarting nmbd registers the server again in WINS, but nmbd doesn't reregister at 20 minute intervals as before. I think I remember jeremy fixing something like post 2.2.3a. Please test the SAMBA_2_2 cvs tree and see if you still experience the problem. For some reason I thought we had fixed this before Okay, I checked out SAMBA_2_2 just now, but I'm getting an error when I compile it. I'm using: ./configure --prefix=/private/samba --without-winbind --with-syslog and the make goes for a while, then gives me: ... Compiling tdb/tdbbackup.c Linking bin/tdbbackup Compiling utils/make_printerdef.c Linking bin/make_printerdef Compiling utils/smbpasswd.c utils/smbpasswd.c: In function `join_domain_byuser': utils/smbpasswd.c:354: invalid operands to binary != make: *** [utils/smbpasswd.o] Error 1 Any ideas? Thanks, Andy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 2.2.3a loses WINS registration
On Thu, 25 Apr 2002, Gerald Carter wrote: On Thu, 25 Apr 2002, Andrew Morgan wrote: Since upgrading to Samba 2.2.3a on several of our servers, we are having trouble with nmbd not maintaining the WINS registration. After the WINS server expires the record, our users in other subnets cannot find the server. Restarting nmbd registers the server again in WINS, but nmbd doesn't reregister at 20 minute intervals as before. I think I remember jeremy fixing something like post 2.2.3a. Please test the SAMBA_2_2 cvs tree and see if you still experience the problem. For some reason I thought we had fixed this before Okay, I managed to get SAMBA_2_2 to compile and I have verified that it correctly re-registers with WINS. I will wait eagerly for 2.2.4 to be released! Thanks, Andy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba 2.2.3a loses WINS registration
Since upgrading to Samba 2.2.3a on several of our servers, we are having trouble with nmbd not maintaining the WINS registration. After the WINS server expires the record, our users in other subnets cannot find the server. Restarting nmbd registers the server again in WINS, but nmbd doesn't reregister at 20 minute intervals as before. I have compiled samba from source with: ./configure --prefix=/private/samba --with-syslog --without-winbind --with-quotas and here is the [global] section from my smb.conf: [global] security = domain password server = * hosts allow = 128.193. 127. encrypt passwords = true guest account = nobody debug level = 1 syslog = 0 name resolve order = wins host wide links = false wins server = 128.193.4.45 workgroup = SCF server string = Monolith The Black Box netbios name = monolith nt acl support = true log file = /var/log/samba/log.smb max log size = 5 locking = yes Did something change between 2.2.2 and 2.2.3a? I'm not subscribed to this mailing list, so please cc me on any replies. Thanks, Andy -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
