[Samba] samba 3.0.2a-Debian +ldapsam +smbldap-tools 3.0rc4-1= newly created users can't log in
There is something very strange going on with new users... i've created a new user using the smbldap-tools creation goes fine... smbldap-useradd -a -g labusers -G power_users -n -c 'test user' -m -P testuser I've set the password and i see this in my ldap dir: ldapsearch -x -D cn=ldapadmin,dc=bitc,dc=unh,dc=edu -W '((uid=testuser)(objectclass=SambaSamAccount))' # testuser, People, bitc.unh.edu dn: uid=testuser,ou=People,dc=bitc,dc=unh,dc=edu cn: testuser sn: testuser uid: testuser uidNumber: 2014 gidNumber: 100 loginShell: /bin/bash gecos: test user description: test user objectClass: inetOrgPerson objectClass: posixAccount objectClass: sambaSAMAccount sambaPwdLastSet: 0 sambaLogonTime: 0 sambaLogoffTime: 2147483647 sambaKickoffTime: 2147483647 sambaPwdCanChange: 0 sambaPwdMustChange: 2147483647 displayName: test user sambaSID: S-1-5-21-3603135777-1134410093-4029533982-5028 sambaPrimaryGroupSID: S-1-5-21-3603135777-1134410093-4029533982-1201 sambaHomeDrive: H: sambaHomePath: \\BITC\homes sambaProfilePath: \\BITC\profiles\testuser sambaLogonScript: mcmahon.cmd sambaLMPassword: changed here sambaNTPassword: changed here userPassword:: changed= homeDirectory: /home/testuser sambaAcctFlags: [U ] This user can't log in on any workstation in the domain. It is able to log in via ssh to the samba server (so libnss-ldap is able to parse it fine) I cranked up the log to 100 and watched what's going on during login... It finds the user using the same filter as i did above. It finds all the attributes except the NT and LM passwords. But then i find this: 2004/03/18 11:58:52, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (2007, 100) - sec_ctx_stack_ndx = 0 [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(182) ntlm_password_check: NO NT password stored for user mcmahon. [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(309) ntlm_password_check: NO LanMan password set for user mcmahon (and no NT passwo rd supplied) [2004/03/18 11:58:52, 4] libsmb/ntlm_check.c:ntlm_password_check(325) ntlm_password_check: LM password check failed for user, no NT password mcmahon [2004/03/18 11:58:52, 5] auth/auth.c:check_ntlm_password(271) check_ntlm_password: sam authentication for user [mcmahon] FAILED with error N T_STATUS_WRONG_PASSWORD These missing attribs are serious errors - i think they should be at level 2 at least... So the first thing to occur to me is that there is a directory security problem on the the password attribs. Samba is accessing the ldap store as the admin user so it shouldn't matter, but i tried removing the security permissions anyway to no avail. Looks like the smbldap tools switched to inetorgperson from account, that's the only thing that i can tell is different between old users and new users. But samba is able to find the account... could it be that there is a sniffing of the store to see which objectclasses are in use and my mix of I'm stumped - about to dump and re-init my ldap store (urg) thanks for any suggestion! brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.2a-Debian +ldapsam +smbldap-tools 3.0rc4-1= newly created users can't log in
On Thu, 2004-03-18 at 13:15, Bradley W. Langhorst wrote: sambaPwdLastSet: 0 here's the problem! if i manually change this to 1 in the ldap store the login works fine 0 should be an okay value i think - though smbldap-passwd should set it to the current time... I cranked up the log to 100 and watched what's going on during login... It finds the user using the same filter as i did above. It finds all the attributes except the NT and LM passwords. But then i find this: 2004/03/18 11:58:52, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (2007, 100) - sec_ctx_stack_ndx = 0 [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(182) ntlm_password_check: NO NT password stored for user mcmahon. [2004/03/18 11:58:52, 3] libsmb/ntlm_check.c:ntlm_password_check(309) ntlm_password_check: NO LanMan password set for user mcmahon (and no NT password supplied) I believe these false reports to be a bug i just looked in the code to see if i could find something obvious but it would take me a while trace out whats going on... maybe one of the developers just knows where to fix this. brad PS - cross posting because this is now a potential bug report - i'll file it if someone agrees that this behaviour is wrong. -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] permissions wrong on mapped drive in windows XP (samba3)
desktop systems here mount drive h: as their home area... I'm trying to use the ssh program from cygwin which uses HOMEDIR/.ssh/id_rsa ssh complains bitterly about the id_rsa having the wrong permissions on the server ls -l says -rw-r--r--1 sfchase labusers 230 Oct 21 17:25 authorized_keys -rw---1 sfchase labusers 883 Oct 21 17:18 id_rsa -rw-r--r--1 sfchase labusers 230 Oct 21 17:18 id_rsa.pub -rwxrw-r--1 sfchase labusers 229 Oct 21 17:52 known_hosts however on the client H:\.sshls -l total 4 -rw-r--r--1 sfchase mkpasswd 230 Oct 21 17:25 authorized_keys -rw-r--r--1 sfchase mkpasswd 883 Oct 21 17:18 id_rsa -rw-r--r--1 sfchase mkpasswd 230 Oct 21 17:18 id_rsa.pub -rw-r--r--1 sfchase mkpasswd 229 Oct 21 17:52 known_hosts uh - what's mkpasswd - why are these permissions set? thanks! brad here's my homes share definition [homes] comment = Home Directories read only = No create mask = 0774 directory mask = 0775 nt acl support = Yes oplocks = no browseable = No those masks are documented as creation only but i tried removing them - no effect -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles not updating.
On Mon, 2003-09-15 at 13:45, Kevin Anderson wrote: I'm finding our employees' roaming profiles are not being updated. They were initially created correctly, they copy down onto a new machine, but updates are not put back onto the server. I've also noticed that smbstatus does not show any open dat files, such as ntuser.dat. I would have assumed that these files would have been held open while the client was connected. Employees can sign in, sign out, there are no errors on the Win2K box or the smbd or user samba logs, but changes are lost. All employees are running Win2K Desktops, Samba 2.2.8a as a PDC running on Gentoo. Any advice would be appreciated. turn your log up to about level 3 and watch to see what is happening when somebody logs off. if you see nothing then it's likely a client problem. Might be that the date is off? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dave clients accessing Samba
On Tue, 2003-09-02 at 15:01, Rob Tanner wrote: Hi, We have about 2 dozen Mac OS9 computers running Dave 2.5.3 to access smb resources. Our print server, running Samba 2.2.7 (w/domain authentication), has no user accounts. PCs access the printers and print just fine, but the Macs using Dave get an authentication error of invalid user/password. They can access resources on the win2003 PDC. I know this doesn't answer your question ... I recommend running netatalk so you don't have to use dave on the clients. I've had no problems serving the same files via samba and netatalk brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] keeping jobs in windows queue
We print via samba 2.2.8 to a cups printing system. printing = cups printcap = /etc/printcap.cups All usually works fine but users want to see the jobs in the windows print queue until they're finished printing. Right now the jobs disappear from the windows queue as soon as cups has accepted them. That means that they can't cancel their jobs once they've spooled to cups. Is there a way to keep the jobs in the windows print queue until they've finished printing? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble with CUPS/SAMBA
On Mon, 2003-06-23 at 04:34, Bo Mellberg wrote: ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /home/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes you should'nt need this ... the printers will automatically get loaded from the printcap or cups api... ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no ;[pchome] ; comment = PC Directories ; path = /usr/local/pc/%m ; public = no ; writable = yes ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 [jolife shared] comment = Shared Jolife documents path = /home/jolife/ writeable = yes guest ok = yes do you really want all these? the homes share does it automatically... [bosse] [lennart] [martin] [peter] [semmy] [steven] cups error_log: E [23/Jun/2003:09:51:31 +0200] Scheduler shutting down due to SIGTERM. E [23/Jun/2003:09:51:31 +0200] Unknown directive AuthType on line 729. your config file for cups is bad at line 729... [23/Jun/2003:09:51:47 +0200] Job 30 queued on 'hp4550' by 'bosse'. I [23/Jun/2003:09:51:47 +0200] Started filter /usr/lib/cups/filter/cupsomatic (PID 32466) \ for job 30. I [23/Jun/2003:09:51:47 +0200] Started backend /usr/lib/cups/backend/socket (PID 32467) fo\ r job 30. I [23/Jun/2003:10:02:06 +0200] Job 31 queued on 'hp4550' by 'bosse'. I [23/Jun/2003:10:02:06 +0200] Started filter /usr/lib/cups/filter/cupsomatic (PID 335) fo\ r job 31. I [23/Jun/2003:10:02:06 +0200] Started backend /usr/lib/cups/backend/socket (PID 336) for \ job 31. these lines look like your job has made it to cups and is failing in there... so you don't need to mess with your samba configuration. if this doesn't work - take it to the cups lists... one problem you may have is that the windows pcs are sending jobs that are ready for printing with no ripping... you could try setting up your printer in cups as a raw printer instead of pcl5 or whatever you set it up as. best wishes! brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] concerning saving roaming profile and the long delay
On Tue, 2003-06-17 at 09:36, [EMAIL PROTECTED] wrote: adding this to your smb.conf may help: # See speed.txt and the manual pages for details socket options = TCP_NODELAY uh i think not... the long delay he's referring to is the delay that is required to save the roaming profile. there are only two options 1) reduce the size of the roaming profile 2) increase the speed of the network/server to reduce the size of the profile you could try a few tricks 1) move the netscape cache into the local settings folder (which is not replicated to the server) 2) store all documents permanently on the server instead of my documents 3) clean off the desktop best wishes brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security = problems
On Thu, 2003-04-03 at 13:49, [EMAIL PROTECTED] wrote: Is there a way to have users of the samba server, but not add them by smbpasswd -a UserID? I think you want winbind - there are docs in the howto collection brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] security = problems
On Thu, 2003-04-03 at 14:03, [EMAIL PROTECTED] wrote: Thank you, However if every user has a UNIX account and all I want is for the windows users to get the security from the windows PDC. It seems to me that the method that I am using the users are actually authenticating against the samba server's smbpasswd file. please don't send me (or the list) html mail... yes you are currently authenticating against smbpasswd - i thought you don't want that... if you don't want to use smbpasswd you have to use some other backend. you might be able to use passthru auth (password server =) I've never used that I don't know how it works. Since you have all your users on the unix machine you could use security =domain to do the authentication. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] using linux login for win XP
On Thu, 2003-04-03 at 15:28, Dan Kirkpatrick wrote: Is there a quick how-to use the linux server login as the winXP login without adding all the users locally? And if I do that, is it possible to have some machines use the linux domain login, and still have a lot of personal machines only use their local logins? Thanks! --Dan yes to both. read the howto collection at samba.org you want information on setting up samba as a PDC. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: tmp files hanging around too long.
On Tue, 2003-04-01 at 10:19, MCCALL,DON (HP-USA,ex1) wrote: Hi Brad, We have noticed an extra open on files when you have 'map share modes = yes' in the smb.conf file; This causes a problem with deleting a file that you own IF the unix permissions are 0700. At least that's the symptom that came in for us; perhaps your tmp file issue is related. Can you do a testparm and see how that parameter is set on your system? testparm -v shows share modes = Yes i also have oplocks turned off for this share - maybe that's a problem... I'll mess with both settings later today... brad -- Bradley W. Langhorst [EMAIL PROTECTED]
tmp files hanging around too long.
I recently upgraded my a21 system to a22 runaway smbds seem to have disappeared. A new, less serious problem, has emerged. When a user keeps a word document open for a very long time i see a proliferation of locked temporary files (87 since yesterday) I'd like to help track down this problem but I'm not sure where to start... The logs show the the tmp files are opened and opened closed opened closed opened closed opened closed opened opened closed closed opened closed opened opened closed note that the last closed does not happen... this file is never used again - it just hangs around in the locked files is left on the disk until the program is closed. I know this looks like a word bug... but the client computers have not changed and I've only observed this phenomena since upgrading to alpha22. How can i help debug this? brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: [Samba] Help regarding Samba Server
On Wed, 2003-03-26 at 15:55, Abhijit Vaidya wrote: hi all, I am student at ASU and i wanted to know if I could use Samba to export some local file system like NFS via samba server. I am using Red Hat Linux 8 (kernel 2.4.18-14). If it is possible kindly let me know how i can do it. thanks, Abhijit you can do it by reading the manual at www.samba.org I don't recommend samba for unix to unix file sharing use NFS, AFS, or something else. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't join domain wrong password
On Tue, 2003-03-25 at 21:29, Greg Miller wrote: Guest account meaning an account named guest added to the smbpasswd? Yes I have. It is not assigned a password. Should it have one? I don't think it needs a password - you just need to tell samba to use that user as the guest user guest account = should be something like guest account = nobody Could you explain you have some unusual valid users statements...? valid users = @family valid users = %S (I don't know off hand what that does...) i find it hard to read the output of testparm (too much to sift through) brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't reach Samba shares from Win XP Pro
On Mon, 2003-03-24 at 21:39, Srinivas Murty wrote: This seems to be common enough problem. I've used a variety of methods (command line as well as utilities like LinNeighborhood) to mount XP shares on my RedHat 8.0 running Samba 2.2.7. I get consistent problems the other way around. Despite a couple of shares on my Linux partition, I am just unable to do get to it. Network Neighborhood shows my Linux/Samba server but no shares, nor can I explicitly map the share to a Win XP logical drive. While troubleshooting by reading Sam24hc13.qxd (an extract from an excellent book, I might add), I found that I run into trouble trying to use nmblookup -B broadcast address Samba machine name. The same command works fine if I give it the names of my two XP machines. I somehow suspect this is the main reason why I'm having troubles elsewhere. Does anyone have an answer? no nmblookup (I think) should only work with machine names not IP addresses. I recommend you run through diagnosis.html in the samba distribution to figure out your problem brad Srinivas Murty -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mapping samba shares to a second linux box
On Mon, 2003-03-24 at 23:44, Andrew Niven wrote: I have tried different settings all to no avail. I have tried everything I can think of and can't get this to work. if you su to the guest user (smbuser) are you able to do what you want on the storage machine? (ie remove samba from the test) brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Oplock Problem
On Tue, 2003-03-25 at 01:11, Alok Bhatt wrote: We are thinking of shifting to latest version of samba, but will that help or will we have to make further changes. Please help if anyone has gone through the problem. yes that will help - there were oplock bugs fixed recently. your other choice (not a very good one) is to disable oplocks completely. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NEWBIE : Configure Samba
On Tue, 2003-03-25 at 02:57, Alain BACH wrote: Hi all, 1st, sorry for ask those questions one more time on the list. I desesperately type to install Linux and (of course) Samba on my home network. I have 1 server, running W2K pro who should migrate to Linux asap. The 2 workstations are running W2K pro and would stay with this f... OS. My questions : 1. The nicest way to use accounts seems to use the Linux accounts and to synchronize them with Samba. wich parameter shoud be used for that ? use the paremeters like this... (you may need to mess with passwd chat to get it to work on your system) passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *new*password* %n\n *successfully* unix password sync = Yes 2. In such a case, Linux can (or must) be PDC of a Domain. How does samba know wich role it is running ? I looked for browing.txt fil on my computer to learn more about OS level but I didn't find it. don't worry about being a PDC until you're more comfortable with samba. A PDC must have domain logons = Yes The howto collection at samba.org is a great resource... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux to Windows File Server
On Tue, 2003-03-25 at 07:45, Eisenstein, Doug wrote: Hello, Can anyone tell me how my linux server can mount a windows (w2K) share, and modify the ownership of files change the mod etc. I am able mount and rwxd to files and folders but only under the user account which was specificed to own all files and folders.. this is not possible ( as far as i know anyway) Another question is if anyone has been successful in using linux acls.. yes - many people you need a filesystem like XFS that can support ACLS and must compile sambe with acl support brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Guest account not working after upgrade
On Tue, 2003-03-25 at 08:17, Woodcock, Steve wrote: I recently upgraded samba from samba-2.2.1a-4 to samba-2.2.7-2.7.2 on Red Hat 7.2 and a guest share stopped working. The share is defined as: [test] comment = Test path = /test browseable = yes guest ok = yes guest account = intranet I think this belong in the global section... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login denied after joinined Samba PDC
On Tue, 2003-03-25 at 09:02, Eric Halverson wrote: Yes, both my WINS and DNS server are pointing to the IP of my samba server. I'm starting to wonder if this has something to do with the trust account. Does the machine account (machine$) exist in your password database? have you tried removing it and rejoining the machine? What do the log files say? On Tue, 2003-03-25 at 08:49, [EMAIL PROTECTED] wrote: Check your windows DNS, the primary DNS server must be your samba server´s IP. It worked for me. I have domain logons working and wins and dns are on different - non samba machines... Please reply to the earliest thread so it's easy to follow your messages brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't join domain wrong password
On Mon, 2003-03-24 at 22:48, Greg Miller wrote: Hey all I've been running samba 2.7a on my redhat 7.3 server with winxp clients for a while now with no problems. Well I decided to throw redhat 8.0 on a system at home as a test bed. Well I've configured it the same added my users applied the sign or seal patch but when I go to join the domain it gives me an error saying that the password is wrong (using root and it's pw). I know it's not wrong because I can log into swat fine. Any input would be appreciated. All clients are winxp pro. Below is my samba.conf: I can't see your smb.conf but check to see if you've got the root user disabled? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Login denied after joinined Samba PDC
On Tue, 2003-03-25 at 10:05, Eric Halverson wrote: [2003/03/25 03:59:56, 0] smbd/password.c:authorise_login(863) authorise_login: rejected invalid user nobody do you have a guest user? you need one. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Can't join domain wrong password
On Tue, 2003-03-25 at 11:37, Greg Miller wrote: Sorry. I had to attach it but I guess it didn't go through. Here it is: invalid users = valid users = @family admin users = gmiller, root is root in @family? you have some unusual valid users statements... you need to set up a guest user for PDC operation brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Mapping samba shares to a second linux box
On Tue, 2003-03-25 at 16:10, Andrew Niven wrote: Bradley, Yes I can do everything I want on the storage maching as smbuser. I can do anything I want logging in from a windows box with smbuser I just can't seem to get linux-linux to work. sorry - i don't have any other ideas ... you could use NFS instead brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] windows 2000 workstation
On Tue, 2003-03-25 at 09:46, adel essafi wrote: hi all do you have any doc that explain how to configure win 2000 workstation so that it works under samba controle thanks The samba howto collection has a section on PDC configuration look at www.samba.org brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba running on solaris
On Mon, 2003-03-24 at 15:50, Joseph Fushi wrote: having problems browsing down into folder structures from a win2k pro workstation. The file structure can be seen but cannot go deeper down. This symptom occurred after a solaris 2.7 to 8 update.. Although Windows NT 4 workstation works kust fine even after update.. strange that nt4 would behave differently from 2k... are you sure? are you sure you have set both the read and the exectute bit for the user in question on these directories brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Shares and user access?
On Fri, 2003-03-21 at 06:54, Admir wrote: I am running samba server on a debian. I am also totally new to Linux. My problem is: I have a user home folders on a server but I don't have the access to those maps and I need to access them from time to time. Like now I have a virus in those shares and when I try to scan the maps I get the msg. from ant virus software Unable to repair/ no access to the file. unless you've made changes to the defaults homes setup the user who created the file owns it. What shell I do? Pls. help me out? I recommend you have a look at SWAT (its a web based smb.conf tool that's part of samba) You're going to have to learn unix permissions if you don't already know them (see the howtos at linuxdoc.org) I heard that I can change user access rights in the smb.conf file. I was wondering would,t be easier just to create a account on samba server that has all the access via network? If it is pls. let me know how to do this cos I am really new to Linux and samba. the root account will have all access unless you've explicitly disabled it. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How do I upgrade from 2.2.5 to 2.2.8
On Thu, 2003-03-20 at 09:25, [EMAIL PROTECTED] wrote: Samba List Serve Users: Is there a document or web link that follow that describes the steps to upgrade Samba from 2.2.5 to 2.2.8? The documentation on samba.org the I have read assumes that the install is a fresh install and not an upgrade. Thanks so much, Mark Roth Systems Engineer Mylan Pharmaceuticals, Inc. (304) 598-5430 x6864 I'm not aware of such a document... If you're using a system that handles packages (ie most linux distributions) then you should be able to just install the new packages. if you must install from source - (management nightmare IMHO) then you can remove the old samba stuff, keeping the conf file and your tdb files safe. Then after you install the new samba (and before you start it) put the conf file and tdb files where the new samba will expect them (depends on the options you pass to configure...) best wishes! brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Connection by peers
On Thu, 2003-03-20 at 09:47, [EMAIL PROTECTED] wrote: Our Samba work very bad! My some users can't save changers in Exel and Word files. We have file-server ( Linux RH7.3, kernel 2.4.18, Samba-2.2.7a-1) We local network consists of 500 computers with NT Domain Controller (Win98,Win2000,WinXP,Microsoft Office 2000). The user opens a file, he changes it and sometimes can save a file, and sometimes no. Why? looks like a flaky network... the connections are being dropped brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] compile errors
On Tue, 2003-03-18 at 16:11, Bob Matckie wrote: Hi I have downloaded samba-2.2.8 and I'm trying to use the following command to compile the source. ./configure --prefix=/opt/samba --sysconfdir=/opt/samba/conf --with-smbmount --with-acl-support I got the following error when I tried to compile it. checking configure summary... ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config The server is currently running Mandrake 7.2 with 2.4.17 kernel. i think you may be missing the development files to handle locking... you need to look through the output of ./configure to see what it's checking for. You may want to just install an rpm brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Small/Medium Samba Install
On Tue, 2003-03-11 at 15:43, Matthew Daubenspeck wrote: ... Is this something feasible with Samba? samba can do all of this with no trouble. The next question would be the user administration setup. I know in a perfect world, LDAP would probably be best. After some preliminary research, LDAP kind of makes my head spin... But Rome wasn't built in a day either... ldap is the way to go if you want to support services other than samba on this machine. I use it because i use ldap as an NIS replacement and a backend for a groupware suite. If you just want to support samba then you probably don't need ldap - you could use webmin tools to make user administration less intimidating to the command line phobic. I started googling some possibilities, but haven't come up with a whole lot to point me in a direction. Is anyone using something similar, that can point me in a few specific directions? lots of people are doing this - just ask the specific questions you have as you hit problems. I recommend you start with just samba - then add ldap later if you need it. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Norton Ghost, rpc_server
On Tue, 2003-03-04 at 14:42, [EMAIL PROTECTED] wrote: Hi List! It's some time ago now that I asked wether it is possible to join a domain with a Windows 2000 client using the Norton Ghost console and Samba as pdc. I now found some info in Samba's logfiles, and so I can ask now for the feature that would be needed. on december 20th i wrote you this message... did you try what I suggested? what is still broken for you? Lars: I'm using ghost to image our desktop systems... I have it running a syspreped XP image that joins a temporary workgroup on initial load then i apply a machine specific configuration with the AI packages for that particular user, the right computer name, and joins the domain. If you have no need to specify names of computers you could easily use the sysprep commands to join the domain during the client mini-setup. (each one gets a semi-random name) To get the ghost domain joining to work I had to hack the registry and put in a user and password with permission to do domain operations. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NGServer\params there should be two Reg_SZ values Account Password with the appropriate values... best wishes! (easier than the script i think) brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: [Samba] Profiles - Slow logoff
On Mon, 2003-03-03 at 21:40, Jim C wrote: OK, I've finally got my Samba-LDAP PDC operational. Everything seems to work fine but it takes an age to save settings when logging off. What can I do (i.e. what would one normally do) to speed things up? I do have a huge volume of files under ~/profile/My Documents Will this affect the logoff time? yep the files have to be copied back and forth... I encourage my users to keep their files on the server and work on them in place. I redirect My Documents to their home directory on the server. I also move mozilla's cache into their Local Settings folder We use IMAP to reduce the amount of mail stored in the profile. You could also increase the speed of your network... note: this is not a samba specific problem brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profiles - Slow logoff
On Mon, 2003-03-03 at 22:52, Jim C wrote: yep the files have to be copied back and forth... I encourage my users to keep their files on the server and work on them in place. I redirect My Documents to their home directory on the server. Do you do that with a link? i think it's probably a link internally but you can change the location of my documents to be wherever you want. I just put it on a mapped drive I also move mozilla's cache into their Local Settings folder We use IMAP to reduce the amount of mail stored in the profile. You could also increase the speed of your network... note: this is not a samba specific problem Is it windows specific then? I've never noticed it with Linux (LDAP/NFS). linux doesn't do that whole profile thing... so i guess in that sense it's windows specific but really it's just copying files back and forth so there should be no difference in file transfer speeds between linux and windows -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] server side printers
On Sat, 2003-03-01 at 11:56, Tor Bechmann Sørensen wrote: Also, I am wondering about the legality of the process: That is, since my users are residents at my dorm, they have their own private software, and the dorm which is running the server, doesnt have any windows licenses. I could borrow the relevant installation cds to generate the nessesary files, i guess, but would it be legal? the printer drivers are usually made by the manufacturer of the printer and are licensed by printer if at all. I have been googling and reading documentation, but I could only find documentation relevant to versions previous to 2.2.0 and nothing that could help me. the samba howto collection covers the print$ stuff accurately for all the 2.2 version and the 3.0 branch too Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux to windoze
On Sat, 2003-03-01 at 12:28, pshook wrote: Is it possible to allow your Liunx box see your winbox, just like the winbox can see or browse the Linux box with Samba? yes smbclient will do what you want i think brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] server side printers
On Sat, 2003-03-01 at 16:05, Tor Bechmann Sørensen wrote: the samba howto collection covers the print$ stuff accurately for all the 2.2 version and the 3.0 branch too Thank you for your answer Bradley. But Im afraid, that I already looked in the howto collection, and I didnt find information I could use, and gave up on that. I was hoping someone here on the list could lay it out a bit more clearly for me. i don't think it can get any clearer I took this from http://us3.samba.org/samba/docs/Samba-HOWTO-Collection.html#AEN798 6.2.1. Creating [print$] In order to support the uploading of printer driver files, you must first configure a file share named [print$]. The name of this share is hard coded in Samba's internals so the name is very important (print$ is the service used by Windows NT print servers to provide support for printer driver download). You should modify the server's smb.conf file to add the global parameters and to create the following file share (of course, some of the parameter values, such as 'path' are arbitrary and should be replaced with appropriate values for your site): ... I don't think anybody on the list is going to hold your hand any more than i already have. I read that document and set up the driver downloading with no serious trouble. If you have a specific problem like i tried to upload the driver but it failed with this error message and and this in the logs re-post here with those details. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] server side printers
On Sat, 2003-03-01 at 17:00, Tor Bechmann Sørensen wrote: Thanks again for your reply. I did read the part you mention. I did understand how to make the print$ share. The docs are clear on this part. I can now specify my question a bit more: what to do from there on to put the nessecary files in that share? the docs are equally clear on this part. 6.2.2. Setting Drivers for Existing Printers The initial listing of printers in the Samba host's Printers folder will have no real printer driver assigned to them. By default, in Samba 2.2.0 this driver name was set to NO PRINTER DRIVER AVAILABLE FOR THIS PRINTER. Later versions changed this to a NULL string to allow the use tof the local Add Printer Wizard on NT/2000 clients. Attempting to view the printer properties for a printer which has this default driver assigned will result in the error message: Device settings cannot be displayed. The driver for the specified printer is not installed, only spooler properties will be displayed. Do you want to install the driver now? Click No in the error dialog and you will be presented with the printer properties window. The way assign a driver to a printer is to either * Use the New Driver... button to install a new printer driver, or * Select a driver from the popup list of installed drivers. Initially this list will be empty. If you wish to install printer drivers for client operating systems other than Windows NT x86, you will need to use the Sharing tab of the printer properties dialog. Assuming you have connected with a root account, you will also be able modify other printer properties such as ACLs and device settings using this dialog box. A few closing comments for this section, it is possible on a Windows NT print server to have printers listed in the Printers folder which are not shared. Samba does not make this distinction. By definition, the only printers of which Samba is aware are those which are specified as shares in smb.conf. Another interesting side note is that Windows NT clients do not use the SMB printer share, but rather can print directly to any printer on another Windows NT host using MS-RPC. This of course assumes that the printing client has the necessary privileges on the remote host serving the printer. The default permissions assigned by Windows NT to a printer gives the Print permissions to the Everyone well-known group. I am not using windows myself, but my users are. The instructions given in the doc you mention seems to be applicable only if you have a NT server from which you want to upload drivers, or? as specified in section 6.2.2 you must use a windows computer (not necessarily a windows NT server) to upload the drivers. The printer in question is a HP Laserjet 5M, and lpr is used for handling printjobs from samba. Do I need to collect files from windows installation cds and manually copy them to the share? You need to download the driver for the laserjet5m from hp and use the add printer wizard from a client computer (as specified in the docs) Do not try to install these drivers by hand - you would need to populate various tdb files etc. to make it work. the mechanism for spooling from your samba server to the printer is irrelevant to driver downloading. What should I call the folder in which I put drivers for WindowsXP? make the directory structure as specified in secitno 6.2.1 that will work for windowsXP, 2k NT 98 etc. I assume that I can replace @ntadmin with my own account name, or? yes And how will the printer installation wizard look to my users afterwards? they won't see a printer intallation wizard - they right click the printer they want and choose connect - the driver is then downloaded from the server and installed locally without further user interaction. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, CUPs Win2000 printing
On Thu, 2003-02-27 at 23:35, [EMAIL PROTECTED] wrote: I'm very new to Linux and Samba so bear with me - I am migrating our printcap name = cups ... printing = cups i think this is all you need... [printers] comment = All Printers path = /var/spool/samba printer admin = root guest ok = Yes printable = Yes print command = lpr-cups -P %p -o raw %s lpq command = lpstat -o %p lprm command = cancel %p-%j use client driver = Yes browseable = No here's my printers share [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No I also use driver downloading with at print$ share but worry about that after you get basic printing working... best wishes! brad PS. anyone use HP Web Jetadmin software on Linux? i think there are some oss tools that can do some port 9100 adminstration... -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [Fwd: samba 30alpha21 + NT4/2K WS-s]
On Fri, 2003-02-28 at 13:09, [EMAIL PROTECTED] wrote: [netlogon] share is like that: [netlogon] comment = Network Logon Service path = /home/samba/netlogon guest ok = no writable = no browseable = yes public = yes this is what i'm using ... [netlogon] path = /etc/samba/netlogon write list = root guest ok = Yes nt acl support = No do you have scriptPath set in ldap? i don't use logon scripts so i'm not sure you need it - just an idea. Another thing was that smbgroupedit -v showd several Domain Admins and Domain Users group (with different SIDs).. So i took experimental step and deleted some of them, leaving exactly one of every group.. Can this be somehow connected to 1st problem? i have one of each of these. probably you changed your sid during your experiments... it might be a good idea to wipe out all your tdb files and rejoin your machines (that is if your still in testing mode) Also samba complained that: get_domain_user_groups: primary gid of user [john] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that i get that sometimes - i just ignore it... Third problem is locally stored profiles. How I could make such set up that when user logs out from WS , then WS would copy changed profile back to server and delete it from WS ? It's question of security and hard disk space.. you can do that with a setting in gpedit.msc don't remember which one but i think i'll be obvious. 4) How could i set up client name resolution so that X client canot announce itself as DC/browse master etc? I every client resolves names via boadcast then when my DC goes down and someone brings up his nt/samba server he could do lotof damaga - collect people passwords etc... just use wins - it reduces broadcasting significantly. it would not be entirely trivial to just bring up a fake pdc you'd need to know the domain SID fake authentication of clients and fake up some profiles to be downloaded to the user. I don't think the client authenticates the server with samba. someone with more knowledge of the internals might be able to comment more usefully on this front... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Need help understanding smbldap-tools and userrecords
On Thu, 2003-02-27 at 19:28, Jim wrote: Another question. I'm not a Perl writer so I need to know if the -g and -G options for smbldap-useradd.pl assume the pre-existence of the group in question. groups should exist before you try to add a user to them it will just ignore non existent groups passed by -G I have to say that I am not very pleased with the fact that a group is not by default added for the user. Niether does there seem to be a way to do this easily. The end consequence is that you wind up with the default group meaning that unless you have permissions set to 700 that all other users get access. This is not something I would prefer from a security standpoint since one cannot really expect users to understand permissions. We don't do one user per group here because i think that is pretty useless. - why bother with group permissions if you're the only member of your primary group? Instead we have some shares that contain group data - files written to those shares are 770 by default (group read write) files written to home directories default to 700 if you really want the one group per user behaviour just uncomment the stuff around line 99 of smbldap-useradd.pl. Aparently that was the default behaviour (with a -n flag to turn it off) until somebody got annoyed with it... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbldap-tools badly messed up
On Thu, 2003-02-27 at 21:49, Jim wrote: These scripts should function much the same as the binarys shouldn't they? no they should work they way that the folks at UNAV (who wrote the tools) want them too... 1. If you add a user, the users group must pre-exist. No adding users and groups simultaneously. right - see my previous post if you really want the one group per user stuff. 2. If you do add a user the gidNumber is set to the default specified in /etc/samba/smbldap_conf.pm NOT the users group as specified on the command line with -g. This HAS to be a bug. i don't see that here... i have two main groups 100 - users 4493 - admin i just tried this smbldap-useradd.pl -a -g 4493 testuser and i see ldapsearch -x uid=testuser |grep gidNumber gidNumber: 4493 looks to work fine to me... 3. The option to leave profilePath and scriptPath blank does not seem to exist despite the fact that samba does not require them and that one might want blank as the default for simplicity. you can leave those both blank if youlike - just set $_userProfile = and $_userScript = in smbldap_conf.pm I've never tried this so I'm not sure it works. -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Domain Login
i like Jim's response about the SIDs if in fact you have taken care to be sure that the SIDs are unique I'd guess that for some reason the automatic password changing that windows does on machine accounts every few days is intermittently failing. Do the windows logs have anything about that in them? what about the samba logs? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] win2k usernames with spaces
On Wed, 2003-02-26 at 19:41, maq wrote: Hi all, one of the win2k clients of my network uses an ID with one space inside, e.g. jack smith. I succeeded in creating a Linux user with such a name, but have troubles in adding him to the smb users. Any suggestion? did you try jack\ smith ? i've never tried this.. another option would be to set up a user mapping between jack smith and jack_smith I think most unix stuff will not deal well with the spaces in the names brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Specified User Does not exist ?
On Mon, 2003-02-24 at 19:47, Bob wrote: Hey all, I hope I'm missing something simple. This is my second PDC install and I'm having some problems getting my win2k machine to join the domain. First I made the machine account: useradd -g 100 -d /dev/null -c bob's computer -s /bin/false office1$ Then I lock the password: passwd -l office1$ Next I make the smbpasswd -am office1 name. shouldn't that be office1$? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] what's on port 139
On Mon, 2003-02-24 at 05:07, Andrew Greenhill wrote: Having trouble with Samba. The config file passes the test (testparm) The Server seems to be upa and running fine (smbclient -L localhost) But can't seem to connect to it from other computers (running 2000 or 98) They were able to connect once though. What should be listed on port 139 in services. We have : netbios-ssn Does this sound right? Appreciate any help/suggestions!! Regards, Andrew 139 should be the nmbd maybe it's a name resolution problem are you using wins on your clients? i recommend you do. did you tell samba the location of the wins server? did you install samba as the wins server when there is already a wins server on the lan? (ie set wins support = yes) what does log.nmbd say? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] what's on port 139
On Mon, 2003-02-24 at 06:44, Andrew Greenhill wrote: Looked up in the nmbd.log and it tries to become the domain master for subnet 192.168.2.31 (we wanted it to be the domain master for 192.168.2.0) Would this be a problem? unless you're using an unusual subnet mask these are on the same subnet... so no i don't think this is the problem... you didn't answer my wins questions. this smacks of a a name resolution problem - or maybe a firewall problem try making samba the wins server (or point it to another wins server) and make sure that the clients all reference the same wins server. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba authentication
On Sat, 2003-02-22 at 15:23, Daniel Provin wrote: Hi I've read a lot about setting up samba as a password server, and authenticating unix users against a samba server, but is there any way to authenticate samba users (like on logon) against the unix users and passwords (th users on the passwd and on the shadow files)? yes you can do it with unencrypted passwords i don't recommend this... in practice it is not a problem to keep the unix and samba passwords in sync (pam_smbpass for unix password changes) and the samba built in unix updaters for changes from windows. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba authentication
On Sat, 2003-02-22 at 15:55, Daniel Provin wrote: okay so, I just need to activate the pam_smbpass module to keep de smbpass with the last password but is there any way to build an initial list of passwords from unix passwords? well you could crack all your users passwords... probably wouldn't take more than a few weeks if you're using crypt. seriously - i don't know an easy way to deal with this problem. You might be able to configure pam to update the samba password upon login. or put the smbpasswd program into the logon script so that your users change it when the log in brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-LDAP too imature for production?
/On Thu, 2003-02-20 at 15:23, Jim wrote: 2.2.7a It seems that samba-ldap is still to immature for any kind of production environment. The provided Perl scripts simply do not work with the 'add user script' setting or if they do, then there is an an undocumented bug, issue, etc. The scripts work fine from the command line but aparently samba won't execute them properly. Since I cannot expect my users to understand enough of the vagaries of Unix to log in with ssh and add thier machines to the system I don't see how samba-ldap can be implemented in a production environment. well - i use the smbldap-tools in production... are you sure you have the permissions right? add user script = /usr/sbin/smbldap-useradd.pl -a -m %u delete user script = /usr/sbin/smbldap-userdel.pl %u add group script = /usr/sbin/smbldap-groupadd.pl %g delete group script = /usr/sbin/smbldap-groupdel.pl %g add user to group script = /usr/sbin/smbldap-groupmod.pl -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod.pl -x %u %g add machine script = /usr/sbin/smbldap-useradd.pl -w -n %u (this is samba3 but i used to have it working on samba 2.2.5 too) brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logging by name and ip address in 3.0a21
Does anybody else see two sets of logs with log file = /var/log/samba/log.smbd.%m ? i get both logs like log.smbd.192.168.0.3 and log.smbd.testpc when testpc has the ip address 192.168.0.3 I've tried %M and with no obvious effect thanks -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SSL problem
On Thu, 2003-02-13 at 12:02, adel essafi wrote: Hi all I have a problem !!! I want to configure samba with windows 98 SE. I have used this site as reference http://www.linuxfocus.org/Francais/May2002/article247.shtml when I make testparam , I got this messages !! [root@linuxserver root]# testparm Load smb config files from /etc/samba/smb.conf Unknown parameter encountered: ssl CA certFile Ignoring unknown parameter ssl CA certFile what are those doing in your smb.conf file? they don't belong there. -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Which .tdb files are safe to remove?
On Sun, 2003-02-09 at 12:10, Peter Schüller wrote: Hello, which .tdb files in /var/lib/samba are safe to remove (rebuilt automatically)? I've removed all the tdb files before ... they do get recreated automatically. However you will have to reconfigure your system to get things working as you want. For example: If you remove the secrets.tdb files you'll have to reset the SID (or live with a new one). If you remove the ntdrivers.tdb file you'll have to re-upload printer drivers. If you want to just try clearing things out i recommend getting rid of all of them and reseting those parameters that are important to values of your choosing. Probably it would be wise to make a backup in case of trouble. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help a newbie (please!): Samba and WinXP in a non-PDCenvironment
On Sat, 2003-02-08 at 15:12, qk wrote: Hi all... looking for some assistance with my first Samba setup. The setup: On a small (five-computer, mixed Win2k and WinXP pro) LAN, I'd like a share on my FreeBSD server to be available for storage. No printing, no PDC, no individual user directories or password protection -- just a big ol' slice of storage for everyone to access equally. I've come close, (the share shows up in the network neighborhood and even asks for a login) but can't get it to work (no login seems to work). Any advice? Even better: Anyone got a sample SMB.conf that I can steal from? The setup: FreeBSD 4.6 box with two drives. The second (and larger) drive is mounted as /storage. Samba appears to launch correctly (the daemons are running and the share shows up in the clients' network neighborhood). All computers (including the Samba share, if I get it to work) will be part of the WEST-THIRD group. I've tried SWAT. I've tried RTFM. I've Google'd around the 'net. All to no avail. Any advice GREATLY appreciated! have you set up the smbpasswd file and added users to it? what do the samba logs say? if you still have trouble post your smb.conf file here. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] password expire time
On Mon, 2003-02-03 at 21:32, Adam Smith wrote: In Samba 2.2.7a, 'password expire time' appears to be being ignored. When I run 'smbstatus' it says: Unknown parameter encountered: password expire time Ignoring unknown parameter password expire time What should I be using to force a password change every n days? samba3 I don't believe password expiry is supported in samba2 with a normal backend. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with password setup
On Fri, 2003-02-07 at 11:06, Brett wrote: I had the server set to encrypt passwords, and that allowed the machine to log in, but the user's could not change their passwords. So the user can log in? (machines also log in but i think you're referring to users) How did the users try to change their passwords? There is a nice web page (part of swat) that allows them to do that. When I added the registry entry in the source distribtion, the situation got worse. The computer log's in, but then gives an error message that it could not get the roaming profile and all the disk mounts hae failed for password problems. The type of system is a Windows 2000 client, although I have also been trying with a WindowsXP client. what registry entry are you referring to? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdc
On Thu, 2003-02-06 at 04:39, Ryan oberto wrote: howdie all i have a samba pdc server runnnig 3 instances of samba 1 for each different domain it works but i cant add a machine to a domain if the domain doesnt start first and now after 3 days i get service netlogon not running on the window machines can anybody tell me why windows only works properly with the first domain that starts I've never tried this but I'll speculate if you like (take it for what it's worth...) Since the domain joining occurs via rpc i'm guessing that all three sambas are listening (or trying to listen) on the same network address. I don't know how to explain the netlogon premature death Have you multihomed this machine? I think you'd have to at least use ip aliasing and make samba use and interfaces only statement to get this working. This might be one for samba-technical. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] please help...
On Thu, 2003-02-06 at 04:39, Dmitry Surkov wrote: i have the following problem, the outlook express desktop settings are being overwritten every time i change the host. i was helped by Laurent HOFMANN (thanks a lot), who pointed out that the exclusion list in ntuser.ini excludes Local Settings from the files, which are being synchronized. However, I still can not figure out the way to change this list for all users. I don't think you can change whether local settings is copied... I've moved users outlook files to a network drive instead of allowing them to reside in the profile. Mozilla has a similar problem i have to manually move its cache folder INTO the local settings folder to prevent profile bloat. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem inchanging Samba Passwd:Thank you
On Thu, 2003-02-06 at 04:48, Thushani Weerasinghe wrote: Dear Keith and R. Garcia, Thank you for replying me. I set the parameter unix password sync equals to No and now I can both change the local user password and as well as the samba password from a remote machine. But for the synchronization of local UNIX users to samba users cannot be done with that parameter as by changing only the UNIX user password doesn't change the samba password as well. you need to use pam_smbpass to get unix-smbpassword syncronization and unix password sync to get samba-unix passdb syncronization brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Password expire
On Thu, 2003-02-06 at 06:25, richard wrote: yes that would be a fantastic feature??!! I'd like to force all the users to change password every once a month but I'm not sure how!? you need samba3 for this... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Binary packages for RedHat 8.0 of 3.0?
On Thu, 2003-02-06 at 07:51, Alexander Skwar wrote: Hi! The Samba 3.0 roadmap page says, that there should be binary packages of 3.0 alpha 21 available for Red Hat 8.0. The link points to http://download.samba.org/samba/ftp/Binary_Packages/RedHat - however there doesn't seem to be such a directory... Where can I get binary packages for RH 8.0? I don't know where they are - but you can build them yourself using the scripts in the packaging folder in the source tgz file. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] which ACL attributes are supported by Samba?
On Thu, 2003-02-06 at 05:08, Ronan Waide wrote: I've tried to determine this empirically, but have run foul of config issues that won't be resolved in the immediate future. Basically, I know that Samba + ACL + an acl-aware filesystem will allow me to assign unix-style permissions to arbitrary groups of people for a given file. you don't need ACL support for unix style permissions (user, group, world) ACLs are lists of arbitrary users that have the specified permissions on the files you choose. However, Windows has additional permissions: delete, take ownership, and, um, I think possibly one or two more. My question is whether these are supported by Samba if I have extended attributes switched on (which, as far as I can tell, should allow you to define whatever attributes you like for any file)? I don't use those permissions so i'm not sure that samba supports them but i think it does... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] which ACL attributes are supported by Samba?
On Thu, 2003-02-06 at 08:58, Ronan Waide wrote: On February 6, [EMAIL PROTECTED] said: you don't need ACL support for unix style permissions (user, group, world) ACLs are lists of arbitrary users that have the specified permissions on the files you choose. You do if you want more than one set of user/group acls per file. More than one set of users/groups is not unix style permissions - that is ACLs. If you want to list those users/groups with permission that is a access control LIST unix style permissions means drwxrwxrwx - only rwx for one group brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] which ACL attributes are supported by Samba?
On Thu, 2003-02-06 at 09:21, Ronan Waide wrote: The whole point of my question was NOT these ACLs, but whether the extended ACLs provided by Windows were supported. Your response to this was that you didn't know. So essentially, you told me something I already knew, and said I don't know to my actual question. I appreciate that you're trying to help, but consider this: you don't have to reply to every question that's asked, and it's better to say nothing if you can't answer the question being asked in a useful fashion. I'm not going to get into some kind of petty fight with you. It was not clear to me that you understood the difference between ACLs and unix style permission and it's still not... So I responded to the part of your question which I had useful input to. I just tried to set an acl on take ownership it doesn't stick - it should. Read and write attributes does stick. I won't answer your questions in the future brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Novice question
On Thu, 2003-02-06 at 16:32, Glen Overman wrote: Hi, New to Samba this list, so please forgive if I make a faux pas. I've got a Redhat 7.3 box with Samba, 2 Win stations, called ws1 ws2. When either station creates files on the server, all the files get created with permissions of rw-r--r-- (644). How do I get them created with 777? ws1 ws2 are both set up as entries in the /etc/passwd file in the samba password file, with umask 000 in their respective .bash_profile's. root user also has umask 000. The smb.conf attempts are shown below: are you looking for force create mode (S) This parameter specifies a set of UNIX mode bit permissions that will always be set on a file created by Samba. This is done by bitwise 'OR'ing these bits onto the mode bits of a file that is being created or having its permissions changed. The default for this parameter is (in octal) 000. The modes in this parameter are bitwise 'OR'ed onto the file mode after the mask set in the create mask parameter is applied. See also the parameter create mask for details on masking mode bits on files. See also the inherit permissions parameter. Default: force create mode = 000 Example: force create mode = 0755 would force all created files to have read and execute permissions set for 'group' and 'other' as well as the read/write/execute bits set for the 'user'. -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Corrupted JPEG File Names
On Thu, 2003-02-06 at 03:17, [EMAIL PROTECTED] wrote: Hello, I am setting up a music server and have run into some file corruption with Samba. Whenever I copy JPG files from either my Win2K machine or my WinXP machine, I get file corruption. take it to [EMAIL PROTECTED] have you run through diagnosis.txt? are you sure your network is setup properly? brad -- Bradley W. Langhorst [EMAIL PROTECTED]
machine names same as usernames - problems...
Since samba 2.2.8 seems to be on the way i thought i might raise this issue before release. I've seen a few users get confused by the fact that their machine name and their user name cannot be very similar adil (users) and adil$ (machine) cannot work. I think it's not good practice to have machine names and usernames be the same but i also don't think samba should fail cryptically in that situation... The usernames are different - why does this fail? I'm guessing that the $ gets stripped off somewhere but why? At minimum we should provide an explicit prohibion in the docs (doc patch for SAMBA2_2 follows) diff -u -r1.1.2.15 Samba-PDC-HOWTO.sgml --- docs/docbook/projdoc/Samba-PDC-HOWTO.sgml 28 Nov 2001 22:03:22 - 1.1.2.15 +++ docs/docbook/projdoc/Samba-PDC-HOWTO.sgml 6 Feb 2003 14:02:08 - @@ -288,6 +288,11 @@ account, and thus has no shared secret with the domain controller. /para +paraNote: Machine accounts must not have the same base names as user +accounts. eg. The machine account sambauser1$ is not allowed when +there is a regular user sambauser1. +/para + paraA Windows PDC stores each machine trust account in the Windows Registry. A Samba PDC, however, stores each machine trust account in two parts, as follows: -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: machine names same as usernames - problems...
On Thu, 2003-02-06 at 15:39, Andrew Bartlett wrote: adil (users) and adil$ (machine) cannot work. Why can't it work? I've seen this discussed a number of times, but never really been told why it doesn't work. That $ is there for exactly that reason you know - to make them different. i don't know - i probably should have said does not work instead of cannot work. I thought maybe the $ was there to identify machine accounts. I think it's not good practice to have machine names and usernames be the same but i also don't think samba should fail cryptically in that situation... Can you describe the failure please? I thought this was well known... The machine simply fails to join the domain. With a message about bad password or invalid machine account. brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: machine names same as usernames - problems... -- here's areal world NetBIOS clusterfsck ...
On Thu, 2003-02-06 at 17:28, Richard Sharpe wrote: When a workstation boots, it registers its workstation name as a NetBIOS name. Indeed, it registers several types of NetBIOS names, including a 00 name, a 03 name and, if you have enabled sharing, a 20 name. When a user tries to log on, the workstation also tries to register that user's name as a NetBIOS name, with types of 00 and 03. However, they clash with the already registered machine names. SOL. so i guess a doc patch is the way to go here... see my original post for a proposal. brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: passdb/pdb_ldap.c
On Thu, 2003-02-06 at 15:44, Robert Feldbauer wrote: I'm running the latest CVS of 3.0, getting the following error when compiling.. any insights? do you have all the libs you need on this machine? libldap stuff etc. you might try building a21 to test out your system - i know that builds with ldap support. brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: machine names same as usernames - problems...
On Thu, 2003-02-06 at 17:47, Richard Sharpe wrote: On Thu, 6 Feb 2003, Bradley W. Langhorst wrote: On Thu, 2003-02-06 at 15:39, Andrew Bartlett wrote: adil (users) and adil$ (machine) cannot work. Why can't it work? I've seen this discussed a number of times, but never really been told why it doesn't work. That $ is there for exactly that reason you know - to make them different. [...] Can you describe the failure please? I thought this was well known... The machine simply fails to join the domain. With a message about bad password or invalid machine account. Under what circumstances can't/doesn't this work? Does it not work only in the case that adil and adil$ both exist in the passwd database of the Samba server? it certainly fails in that situation. I've had less specific troubles with machines I thought you were just saying that there is no solution to this problem... When a user tries to log on, the workstation also tries to register that user's name as a NetBIOS name, with types of 00 and 03. However, they clash with the already registered machine names. SOL. I've just tested an XP machine joining to a samba3a21 domain (ldap backend) it fails with this in the log [2003/02/06 17:42:02, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(641) ldapsam_search_one_user: searching for:[((uid=bwlang$)(objectclass=sambaAccount))] [2003/02/06 17:42:03, 2] passdb/pdb_ldap.c:ldapsam_search_one_user(641) ldapsam_search_one_user: searching for:[((uid=bwlang$)(objectclass=sambaAccount))] [2003/02/06 17:42:03, 0] passdb/pdb_ldap.c:ldapsam_add_sam_account(1857) User already in the base, with samba properties [2003/02/06 17:42:03, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(2302) could not add user/computer bwlang$ to passdb. Check permissions? [2003/02/06 17:42:04, 2] smbd/server.c:exit_server(534) Closing connections the very nice descriptive error message on the client is Access is denied there was no account bwlang$ when i started there was an account bwlang. interestingly - the join created the bwlang$ account but failed nonetheless brad -- Bradley W. Langhorst [EMAIL PROTECTED]
Re: [Samba] please help me.....
. [root@LinuxBox /]# passwd root$ Changing password for user root$. New password: Retype new password: passwd: all authentication tokens updated successfully. why are you creating this root$ user? I don't recommend having a machine named root. you should be creating a machine account for your machine with its name eg if your machine is named windowsbox there should be an account called windowsbox$ in /etc/passwd and another one in /etc/smbpasswd brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] configuration help
On Tue, 2003-02-04 at 10:16, sukkur abdul wrote: Dear I install linux 8 in one system and samba also enabled more over I edit registery in my win98 system I can see linux mechin in windows you do not need to edit the registry for windows98... network neighborhood when I am opening the system It is not opening i recommend you configure samba to provide WINS and configure win98 to use samba for the wins server. you may have other problems - step through diagnosis.txt in the samba distribution brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] please help me.....
]On Tue, 2003-02-04 at 16:52, Adil Hussain wrote: yes you are right there is no need for this account , i only need account of root user, but i am still confuse about how many account i need and what type of. my windows box name is adil, please tell me how many accounts i need and of what privilege. also when i give right login/password it says The specified user does not exist and when i give wrong Login or password or both it says Logon failure : unknown user name or bad password why is it so behaviour? okay the computer names should not be the same as usernames (it's too confusing - see the relevant rfc on computer naming) you need 2 accounts for every user (one samba account, one unix account) with the same username. In addition you need 2 accounts for every machine in the domain (samba and unix) these must look like machinename$ I use ldap for my accounts db so I can have one account per user instead. so for your account you need a useraccount adil in the unix /etc/passwd and also in /etc/smbpasswd in addition you need you need adilspc$ in both password databases. to do the domain joining you need the root account to be in both /etc/passwd and /etc/smbpasswd. this is all covered in the howto collection... brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] please help me.....
On Tue, 2003-02-04 at 00:38, Adil Hussain wrote: i want to configure samba as PDC .i installed the samba on the linux box machine and configure it accordingly. I am trying to connect the windows 2000(server) as a client of this domain. when i press ok after writing the domain name at the windows 2000 (as a client). It gives me a window , asking for the Name and Password and when i give it the root/[password] to it, it says The following error occured attempting to join the domain [domain name] The specified user does not exist. are you sure that the root user exists in smbpasswd? check to be sure that you are not disallowing the root user in smb.conf. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Printing in Samba.
On Sat, 2003-02-01 at 07:43, Erik Jakobsen wrote: Hi. Please tell if this is the list to ask questions about printing samba. nope - ask at [EMAIL PROTECTED] brad
Re: [Samba] PAM Module for SMB-LDAP
On Thu, 2003-01-30 at 05:28, Matthias Eichler wrote: And with these settings you can really change the lmpassword and ntpassword attributes in LDAP when doing a passwd under UNIX?!? yes - i am using samba3a21 but i'm pretty sure this worked with 2.2.6 when i last tried the 2.2 branch brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] unable to join 2000 to samba domain
On Thu, 2003-01-30 at 09:05, Mike Rambo wrote: Nobody seemed to have any idea's why this was happening as I received only one suggestion to be sure I was using root root password to join the domain (which I was doing). In any case it seems that changing the computer name solves the problem. I don't know why - the PDC box is freshly built and the workstations in question newly installed but if we change the computer name to something other than our standard that has fixed it. The computer names ARE unique too. We usually follow a formula of building_number-room_number-last_five_digits_serial_number so a typical name would look like 39-107-kqr7j or some such thing. In this case that formula seems not to work. Changing the names to contain no or only one dash seems to help. Any ideas why? I don't recommend you encode information in machine names http://www.faqs.org/rfcs/rfc1178.html I don't know why - is allowed in machine names (maybe it is not) anyway i know _ is not. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PAM Module for SMB-LDAP
On Thu, 2003-01-30 at 13:46, Buchan Milne wrote: Date: 30 Jan 2003 10:40:50 -0500 From: Bradley W. Langhorst [EMAIL PROTECTED] To: Matthias Eichler [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Samba] PAM Module for SMB-LDAP Message: 18 On Thu, 2003-01-30 at 05:28, Matthias Eichler wrote: And with these settings you can really change the lmpassword and ntpassword attributes in LDAP when doing a passwd under UNIX?!? yes - i am using samba3a21 but i'm pretty sure this worked with 2.2.6 when i last tried the 2.2 branch It really has no relationship to which samba you're running, since this is when changing your password on a unix machine which is not a DC, so you can't (AFAIK) use pam_smbpass, and the machine may have no samba components installed on it anyway. I could be mistaken but I believe that the pam_smbpass that comes with samba uses native samba calls to change the password. Really - this does work on my setup i've just tested it by changing my password like this on the command line passwd bwlang New UNIX password: BAD PASSWORD: it is based on a dictionary word Retype new UNIX password: LDAP password information changed for bwlang passwd: password updated successfully now when i log in to an xp machine (joined to the samba pdc) i must use the new password here's what my auth.log says... Jan 30 13:49:22 bitc PAM_unix[29461]: username [bwlang] obtained Jan 30 13:49:22 bitc PAM_unix[29461]: Password for bwlang was changed Jan 30 13:49:22 bitc PAM_smbpass[29461]: username [bwlang] obtained Jan 30 13:49:22 bitc PAM_smbpass[29461]: password for (bwlang/603) changed by (root/0) AFIAK, the only way around this is a hacked pam_ldap which changes ntpasswd and lmpasswd, there is one around somewhere ... maybe I'm using that hacked pam_ldap but I don't remember installing it... am i smoking crack here? seems to work. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] So SAMBA no longer supports print driver downloads
On Wed, 2003-01-29 at 17:05, Lawrence Walton wrote: Robert M. Martel [[EMAIL PROTECTED]] wrote: Does anyone *REALLY* have downloading printer drivers to Windows 2000 clients working properly? Has anyone documented the steps as the ones in the available documentation DON'T work? I wanted to say that I had problems up to the time I upgraded to .7a three offices All 2000 clients, XP hates me, but then again XP hates everyone when it comes to printing. I had this working with 2.2.5 but i did have to re-upload the drivers everytime i changed samba versions.. works fine in my hands for 3.0a21 as well (98 and XP clients) brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: *****SPAM***** [Samba] printer
On Wed, 2003-01-29 at 21:18, Stephanie Law wrote: SPAM: Start SpamAssassin results -- SPAM: This mail is probably spam. The original message has been altered SPAM: so you can recognise or block similar unwanted mail in future. SPAM: See http://spamassassin.org/tag/ for more details. SPAM: SPAM: Content analysis details: (5.60 hits, 5 required) SPAM: SPAM_PHRASE_00_01 (0.8 points) BODY: Spam phrases score is 00 to 01 (low) SPAM: SIGNATURE_SHORT_DENSE (-0.3 points) Short signature present (no empty lines) SPAM: FORGED_RCVD_TRAIL (2.0 points) trail of Received: headers seems to be forged SPAM: RCVD_IN_OSIRUSOFT_COM (0.4 points) RBL: Received via a relay in relays.osirusoft.com SPAM:[RBL check: found 1.140.186.129.relays.osirusoft.com.] SPAM: X_OSIRU_OPEN_RELAY (2.7 points) RBL: DNSBL: sender is Confirmed Open Relay SPAM: SPAM: End of SpamAssassin results - This is a very elementary question that has probably been asked and answered. If this is the case and someone could point me to the answer, that would be great as I have not been able to find it. My problem is this: I am a college student running Red Hat Linux 7.3. My roommate is running Windows XP. We only have one printer between us and would like to be able to share it. As of now, however, I have been able to see all the other files she has shared, but not the printer. If anyone could point me to directions on how to share printers, that would be greatly appreciated. Thanks for all your help. I agree with Joel's comments - but I want to add that you may find a shell scirpt called smbprint helpful in figuring out how to submit jobs to the windows queue. I've had good success with cups printing to windows hosted printers. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP--PDC : change user passwd
On Tue, 2003-01-28 at 04:33, Zied Fakhfakh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I'm running Samba+LDAP(+CUPS) as PDC for windoz and linux workstations. I do have all the versions of MS Windoz (98 --- XP). I just can't change any user password from the windoz client, any idea ? you need to provide more information when asking questions... what have you tried? what do the logs say when you try to change a password? do you have unix passwd sync set up? what are the relevant lines of your smb.conf file? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Fileaccess-Problem Samba -- Win2k
it may be a samba problem... i recommend you upgrade to 2.2.7a (there are debs available at samba.org - dunno exactly where you'll have to search) this might be an oplock problem - you could turn oplocks off on the share to see if things improve brad On Tue, 2003-01-28 at 05:07, Heiko Schellhorn wrote: Hi all We installed Samba 2.2.3a to host files for the computers of our secretary-office. Our secretaries are using Win2k computers, mostly Excel. Win2k - German - SP3 Excel2k Pro - German - SP3 We have the following problem: If they try to open files using Workplace-Directory-Folders they get following error: Once in a while Excel hangs after opening three or four files. If they try to open the files within Excel the error doesn't occur. Has anyone seen this problem before ? Is it a error in our configuration or is it a problem between this Samba-Ver. and Win2k? Greets Heiko -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PAM Module for SMB-LDAP
On Tue, 2003-01-28 at 05:43, Matthias Eichler wrote: Hi Everybody, maybe we are just too stupid, but for me it seems that there is some problem with holding passwords completely sync between *NIX-world and WIN-world when I use LDAP Samba. If a user changes a password under Windows, with passwd chat the *NIX-Password (attribute: userPassword) can be changend very well besides the both Samba-LDAP-attributes lmPassword and ntPassword. But if a user from the *NIX-world wants to change his password over a service that uses PAM.D we have the following problem: pam_smbpass.so can authenticate UNIX Users via SMB-LDAP but it can not be used for passwd from UNIX-side!!! We read already the sourcecode and pam_smbpass.so always wants to change the smbpasswd-file, which is not be used for regular users in LDAP-mode... i use pam smbpass for this... here's my /etc/pam.d/passwd file password requisite pam_cracklib.so retry=3 minlen=6 difok=3 debug password [user_unknown=ignore success=ok new_authtok_reqd=ok ignore=ignore defau lt=bad] pam_ldap.so use_first_pass password required pam_unix.so use_first_pass nullok md5 debug password [user_unknown=ignore success=ok new_authtok_reqd=ok ignore=ignore defau lt=bad] pam_smbpass.so use_first_pass audit I don't claim that file to be perfect but it does seem to work just fine for me. Im also using the ldap in the nsswitch.conf brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pam_mkhomedir.so
On Tue, 2003-01-28 at 15:54, Igor Debacker wrote: where and how can i call this module ? is it in /etc/pam.d ? yes how is the sintax ? google for pam administrator guide -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: ldap backend rejoining domain problem
I'm using the smbldap tools and have delete user script = /usr/sbin/smbldap-userdel.pl %u I don't delete the user at all. It could be a bug in your delete user script. ah - this is what i'm suggesting - that samba automatically delete the machine account when it a machine leaves the domain. I don't know if it should be via that delete user script (but i don't think it gets called during domain unjoining). The script does work okay when run at the command line. Do you think that auto-deletion of machine accounts makes sense? I think it does because you can end up with a bunch of orphan machine accounts over time as various mahcines leave the domain and rejoin under different names. brad
Re: [Samba] yup, i'm still stuck
On Mon, 2003-01-27 at 12:33, Jason Kirschenmann wrote: hi, the last piece of advice i got just reminded me of how new i am at this. You said to check the logs and make sure the user has permissions for those folders. The log says alot of stuff, and i have no idea what any of it means, if you want to see one, just ask and i can send you alot. the best technique when debugging is to use log file = /var/log/samba/log.smbd.%m or something similar so that logs are broken out by which machine connects. you should probably start at log level 1 or 2 to see obvious errors. they really do make sense when you see the lower log levels. The other thing. how do i check if the user has permissions for the shared folders. their set to 777, that's all i know how to do. 777 means that everybody can do everything - are you sure that is what you want? i have my security set to domain, so as everyone on our domain should be able to access shares, but that might just be a windows thing. are you sure you understand security=domain? You only use that when you want to authenticate against a real windows server. I think you still have to have all the users on the samba machine unless you're using winbind. Maybe to just get things going a little you should try using security=user instead. Have you read the howto collection? once again, any help is good help. well even well intentioned bad help is not good help - but i hope i'm giving you 'helpful' help. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: ldap backend rejoining domain problem
On Mon, 2003-01-27 at 21:06, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 27 Jan 2003, Gerald (Jerry) Carter wrote: I have no problems joining, unjoining, and rejoining a Samab 3.0 domain (using an LDAP backend). Perhaps you could send me some logs files? I should have mentioned that this is using the latest SAMBA_3_0 cvs code. jerry - i know you've not had a chance to answer my last mail but I thought the following log excerpt might be interesting to you. The machine account was not deleted on my last test - on top of that the old machine account seems to still have the old password (i think that explains the mismatch below) [2003/01/27 22:48:50, 5] lib/util.c:dump_data(1761) [000] 36 36 61 82 90 BC FD B8 A7 17 5F 6D 59 B8 69 F3 66a. .._mY.i. [2003/01/27 22:48:50, 4] libsmb/credentials.c:cred_session_key(59) cred_session_key [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_session_key(61) clnt_chal: 58C1DAD55DCA026A [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_session_key(62) srv_chal : B058ECCC71090C85 [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_session_key(63) clnt+srv : 081AC7A2CED30EEF [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_session_key(64) sess_key : 8532903AE6372823 [2003/01/27 22:48:50, 4] libsmb/credentials.c:cred_create(90) cred_create [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_create(92) sess_key : 8532903AE6372823 [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_create(93) stor_cred: 58C1DAD55DCA026A [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_create(94) timestamp: 0 [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_create(95) timecred : 58C1DAD55DCA026A [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_create(96) calc_cred: 45AE7B884A8EC8A9 [2003/01/27 22:48:50, 4] libsmb/credentials.c:cred_assert(121) cred_assert [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_assert(123) challenge : 8FAE4B1B4C05E3B3 [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_assert(124) calculated: 45AE7B884A8EC8A9 [2003/01/27 22:48:50, 5] libsmb/credentials.c:cred_assert(133) credentials check wrong [2003/01/27 22:48:50, 5] rpc_parse/parse_prs.c:prs_debug(81) 00 net_io_r_auth_2 I have the full log but it's 58K (too big for the list) let me know if you want it.
Re: [Samba] XP Registry Hack
On Sat, 2003-01-25 at 15:35, Stan S. wrote: I have been using Samba for some time now and have had no problems. I now have users that want to use XP and am not able to join them to the Samba domain. I remember a while back that somebody had a registry update for XP but I cannot locate it. Would some kind soul please send it to me google for signorseal brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Who and When
you're going to have to write a little code hash up users and times you may also want to look at utmp brad On Fri, 2003-01-24 at 05:50, Jim LaSalle wrote: This only tells what machine. We are a school. Perhaps 6 or 7 different students a day use the same computer in one lab. Also, the students could login from differents workstations in the building. Seemed like a simple request when my boss asked. :) Bradley W. Langhorst wrote: On Thu, 2003-01-23 at 18:14, [EMAIL PROTECTED] wrote: How can I tell who and when users logged in to a Samba server? The clients are a mixture of Win9x computers. I want to compile a chart of computer use by user. you could break up the logs by machines with %m and examine the size of the log files to estimate usage. brad -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: New Debian Packages?
On Fri, 2003-01-24 at 09:30, Martin Thomas wrote: Brad, tried it a few minutes ago. apt-get update shows: looks good to me now too... I'm using the german mirror. Perhaps you can try another one. i just tried the us mirrors but ncftp ftp://us2.samba.org/samba.org/Binary_Packages/Debian/ says that those files don't exist... maybe it's only on the german mirror? Perhaps Simo can give more information. The information should be reliable before it will be submited to apt-get.org. I agree - Whomever set it up should submit it to apt-get.org. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Users
On Fri, 2003-01-24 at 04:52, [EMAIL PROTECTED] wrote: Sir, My samba is connecting Linux and MSWin . Can I know how many users(with read and write rights) can access at a time. What is the maximum user limit. the number of users is controlled by your hardware... i've heard of 100s of simultaneous users on big hardware. brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] still not working
On Fri, 2003-01-24 at 14:27, Jason Kirschenmann wrote: Hi and sorry to bother you again, I've been trying to get this going, and now i'm able to access my server, but not the shares. When i try and access a share it says, you might not have permission, network path was not found. As i'm going through the diagnosis.txt, i get the same error on steps 3 and 7. That error is session setup failed: NT_STATUS_LOGON_FAILURE. Once again here is my smb.conf you're getting there does your user have permission on those shares in unix? what do the logs say? brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NT ACL's
On Fri, 2003-01-24 at 16:23, [EMAIL PROTECTED] wrote: I have been playing with samba for about 3 months. I have not been able to find a way to setup acl's efficiently. I would like to be able to set permissions for one person one way and three others all with different permissions. Then to also add 4 to 5 groups with all with different permissions the same way you would in windows. I am new to linux so I have a hard time fully understanding the Linux permissions. Any help would be appreciated. If you're talking about files on the client then you need domain groups - samba2 only has domain users and domain admins (samba3 has whatever you want). If you're talking about permissions on the server you can probably do whatever you want with unix groups. You'll have to understand unix permissions to do this try this article http://www.tldp.org/linuxfocus/English/January1999/article77.html brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Good Pam how-to??
On Fri, 2003-01-24 at 16:31, LaSusa, Dan wrote: I'm looking for a good Pam how-to/tutorial. Does anyone have any links?? I'm a TOTAL incompetent when it comes to Pam (I cook with Crisco! sorry...couldn't help that :-) I need a real beginners guide http://www.tldp.org/HOWTO/User-Authentication-HOWTO/ covers pam brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] LDAP Filter Problem
On Fri, 2003-01-24 at 16:32, Peak, John wrote: I am sure there are some extraneous parameters in it from all the things I've tried, but here it is ... # Global parameters [global] realm = ELUCIDATION what's this doing here? ldap filter = ((uid=%u)(objectclass=ixAccount)) i think this should be ldap filter = ((uid=%u)(objectclass=sambaAccount)) unless you've done something unusual brad -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] winbind
On Fri, 2003-01-24 at 16:15, Igor Debacker wrote: i'm tryin to make a suse-linux box to log into an windows 2k server i trying.. using winbind.. coz i don't know other way... i took a look at samba.org home page.. and i readed a how to which explains what to do.. but 2 of the '.so' files which i need to set at /etc/pam.d/login .. does not exists.. pam_stack.so pam_console.so your distribution doesn't use those - don't worry about it... be sure you understand pam before you start messing about with it... pam is great way to lock yourself out of your machine. ps. i just sent this mail to [EMAIL PROTECTED] how can i subscribe to read the answers and other guys questions ? look at the list options at samba.org http://lists.samba.org/mailman/listinfo/samba -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba account question
On Thu, 2003-01-23 at 02:36, ni wrote: I'm trying to build a php page that will promote a user to objectclass: sambaAccount -- my question is: Can I just populate those attributes with the above default values? DisplayName can be generated from cn or gecos. Do i need to use a specific algorithm for generating an rid? yes - I believe it is 2* uid +2 - do a google search to be sure Or can I just pick from a range of available numbers? in samba2 this won't work. -- Bradley W. Langhorst [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba