RES: [Samba] domain or not domain?
I think you have 2 alternatives: 1 - configure this samba server out of your ad and create a thrusted relationship allowing users from you ad domain access to this share. 2 - Configure your samba as a domain member of you ad comain and configure a user in you ad with restricted access and give him access to this share. Hope it helps, Bruno Gimenes Pereti OBS.: Antes de imprimir este e-mail, pense em seu compromisso com o Meio Ambiente. Essa mensagem é destinada exclusivamente ao seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional ou cuja divulgação seja proibida por lei. O uso não autorizado de tais informações é proibido e está sujeito às penalidades cabíveis. That information is confidential, protected by a professional privilege or which disclosure is prohibited by law. Unauthorized use of such information is prohibited and subject to applicable penalties. -Mensagem original- De: [EMAIL PROTECTED] [mailto:samba- [EMAIL PROTECTED] Em nome de Favero Roger Enviada em: terça-feira, 24 de julho de 2007 07:36 Para: samba@lists.samba.org Assunto: [Samba] domain or not domain? Hi all, that's my first post in this mailing list. I'm looking for a very special and strange samba configuration (at least from my point of view and my experience) and I'm not sure it is possible to reach this goal. Anyway, this is my request: I'm running a M$ Windows 2003 Serve as PDC with Active Directory and file server, and I would like to configure in a Linux machine a directory shared either from some domain's user or from some samba (only, not domain's user) users. In your opinion is it possible? This request is due to the need to let some files available to some external agents when they visit our offices, but I don't want to give them a Domain account to avoid let them able to browse others shares in the windows file server. So, if it is possible to set up a machine where I can authenticate either domain's user or not domain's user I solved my problem in a easy a clean way. Any idea about? Thanks a lot for your help Roger -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] need advise to find what is the problem
Hi all, I'm trying to substitute my samba server machine for a new one. The users here are very limited, so it must be completely transparent. My PDC is a very old RedHat 7.1 with samba 3.0.9, openldap-client 2.0.27, and cups 1.1.14. And the LDAP server is running on another computer with openldap 2.2.23. This is the option I used to compile it: # ./configure --with-smbmount --with-pam --with-ldapsam --with-ldap --with-quota --with-utmp --with-acl-support --enable-cups I installed and configure a new debian machine with samba 3.0.21a, cups 1.1.23 and openldap server 2.2.23 (the replication with the máster is working). Options used to compile: # ./configure --with-smbmount --with-quotas --with-acl-support This new server I configured as BDC. Copied the smb.conf from de PDC and changed: local master = no os level = 33 domain máster = no wins support =no wins server = ip from PDC imported the sid with net rpc getsid joined the domain with net rpc join -U Administrator I copied the netlogon from the PDC to the BDC. Ok, when I start it, it runs ok for a while (from a cople of hours to a couple of days) until the users start complaning that they can't print, the police is not loaded and the logon script don't run. This what I noted because when the problem start I stop samba in the BDC and the problem is gone. One think I notice in the PDC is smbd listening on localhost random udp ports like this: # netstat -atupn [...] tcp00 192.168.0.2:445192.168.0.61:1025 ESTABLISHED 22400/smbd udp00 127.0.0.1:579890.0.0.0:*22915/smbd udp00 127.0.0.1:577350.0.0.0:*22280/smbd udp00 127.0.0.1:578640.0.0.0:*22546/smbd udp00 192.168.0.2:1370.0.0.0:*14222/nmbd udp00 0.0.0.0:1370.0.0.0:*14222/nmbd udp00 192.168.0.2:1380.0.0.0:*14222/nmbd udp00 0.0.0.0:1380.0.0.0:*14222/nmbd udp00 127.0.0.1:577500.0.0.0:*22301/smbd udp00 127.0.0.1:577520.0.0.0:*22308/smbd udp00 127.0.0.1:578850.0.0.0:*22622/smbd [...] What must I do to find what is the problem and how to solve it? Any clue? If any body want to help but need more information, please tell me what. Please any help will be very appreciated. Thanks. Bruno Gimenes Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems while installing...
I think you need to update your openldap packets. Bruno. - Original Message - From: Madhusudan, R [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, March 23, 2005 10:19 AM Subject: [Samba] Problems while installing... Hi, I have two Linux systems, one running FC2 and the other Mandrake 10.1. When I tried installing Samba 3.0.11 on both the systems, I get the following error: # rpm -i samba-3.0.11-1.i386.rpm samba-common-3.0.11-1.i386.rpm warning: samba-3.0.11-1.i386.rpm: V3 DSA signature: NOKEY, key ID f17f9772 error: Failed dependencies: liblber-2.2.so.7 is needed by samba-3.0.11-1 libldap-2.2.so.7 is needed by samba-3.0.11-1 liblber-2.2.so.7 is needed by samba-common-3.0.11-1 libldap-2.2.so.7 is needed by samba-common-3.0.11-1 Any suggestions on how to fix these and go ahead with the installation? Thanks, Madhu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.8.0 - Release Date: 21/03/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem compiling samba 3.0.11
Hello, I have a samba server running samba 3.0.10 compiled from source with this configuration options: ./configure --with-ldap --with-smbmount --with-pam --with-quotas --with-utmp --with-acl-support --with-winbind It's running on a redhat 7.1, the kernel is 2.2.20 with acl. Samba is authenticating to OpenLDAP 2.2.20. I think this is what you need to know about my server. Here comes the problem, when I try to compile samba 3.0.11 with this same options I get no error or warning running configure but I get a lot of undefined reference to in various modules and warnings when compiling. I think there is something I need to update but I don't know what. I really need the new privilege feature! Can someone help me to find what I must do to be able to compile samba 3.0.11? TIA, Bruno Gimenes Pereti. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 10/02/2005 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Users can delete a file they don't have permition in the public share
Hi! I'll try to explain all the situation to help you understand the problem. I have a Samba 3.0.4 + LDAP + ACL PDC and I use poledit to define the background image of the users to \\PDC\public\background.bmp, this file: -rw-r--r--1 Administrator root 787510 09-23 17:34 background.bmp Yes, the acl is not used in this file. This is the public share in smb.conf: [public] comment = Compartilhamento Público path = /home/samba/public # public = yes # guest ok = yes writable = yes create mask = 0666 directory mask = 777 printable = no invalid users = prova yesterday one of the users (students) deleted this file and I thought they shouldn't have permission to do this because they don't have write permission in the file. I tried every thing I know about permition (that's not much) and couldn't find a solution. What can I do to prevent the students to delete this file? Thanks, Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Printer Accounting
Hi Ryan, You can try PyKota. http://www.librelogiciel.com/software/PyKota/action_Presentation Bruno. - Original Message - From: Ryan Verner [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, September 16, 2004 12:20 AM Subject: [Samba] Samba Printer Accounting Howdy, I'm looking for a piece of software I can use for accounting printers shared on a Linux box via Samba, to Win98/2K/XP machines on a domain. In other words, I want to be able to give user a print quota (say, $3.00), then charge them 10c per page they print from a Windows client to a printer shared from a Linux box running Samba. If they're out of quota, it doesn't print (and doesn't tie up the print queue for everybody else). I can't find any workable solutions. I tried PrintBill, but it's rather buggy, it tends to jam up queues randomly, and requires a Postscript driver and as a result there's all sorts of ways to bypass it. I'm more than happy with a commercial solution. I just want something that works :-) Thanks, Ryan -- Qbalt Project (http://www.qbalt.com/) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba, cups and page count.
Hi! I've got a new big problem. I've being reading about this for a week and can't find a solution. I finally installed a Xerox (WorkCentre 420) printer with HP drivers because Xerox don't have drivers for linux. I'm running CUPS to access the printer, samba reads it from /etc/printcap and is sharing the printer. I can print from windows clients without problems. Now, what I need is to count how much page each user is printing. I just read from http://docs.kde.org/en/3.2/kdebase/kdeprint/troubleshooting-cups.html that Jobs printed as raw are always counted as size of 1 page. Is that true? Is there any work around? What do you use for page accouting? I know it's not a samba problem, but I need something that can do page accounting and work with samba. TIA. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ldap performance
Hi, Thank you all for the answers. I'll try to write here answer to everybody that's helping me. I agree with Malte when he says this is not a samba issue, but it's completely related to samba. About the slow group resolution... All my users used to be in 2 groups Domain Users and students|theachers|employees. As I'm not using the second group for access control yet, all users are now only in Domain Users. Is it normal to have 36 slapd process, each using 33 MB? I'm just guessing here, but that doesn't sound right. I don't think you should normally have any more than one, but maybe I'm mistaken. I've never seen it. What he is almost certainly seeing is threads, not processes, and the 33Mb is cumulative not individual - they are all sharing the 33Mb. This is how Linux displays process information. That's right... I didn't know that. For that number of users I think 33Mb is SHOCKINGLY LOW. You need to tune the slapd cache size to let it use more memory. Also 36 threads is insane, your almost certainly swamping the processor. Limit your threads to something like 10 - 20 using the threads directive in slapd.conf. I configured the cachesize to 1 but it's not using more memory. I think it's ok because my ldap store only the posix and samba information. The file /var/lib/ldap/id2entry.gdbm is 37 MB. I changed the thread to 10 and it's a little faster in the peak time. Another thing that may be slowing the ldap is that I need to use scope =sub in my ldap.conf to find users and computers: So you're saying that in your ldap.conf you have things configured like so? nss_base_passwddc=homelan,dc=com,dc=br?sub With the correct indexes and enough RAM it shouldn't really matter. Yes I have this in my ldap.conf: nss_base_passwd dc=ump,dc=edu,dc=br?sub nss_base_shadow dc=ump,dc=edu,dc=br?sub nss_base_group ou=groups,dc=ump,dc=edu,dc=br?one nss_base_hosts ou=computers,dc=ump,dc=edu,dc=br I didn't change that yet because I like the idea of keeping computers and users separated. And I'm using this index that took from the howto-collection: index objectClass eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUid eq index sambaSIDeq index sambaPrimaryGroupSIDeq index sambaDomainName eq index default sub Is that ok or should I change any thing? Thank's again! Bruno Gimenes Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ldap performance
Hi Paul, Another thing that may be slowing the ldap is that I need to use scope =sub in my ldap.conf to find users and computers: So you're saying that in your ldap.conf you have things configured like so? nss_base_passwddc=homelan,dc=com,dc=br?sub With the correct indexes and enough RAM it shouldn't really matter. Yes I have this in my ldap.conf: nss_base_passwd dc=ump,dc=edu,dc=br?sub nss_base_shadow dc=ump,dc=edu,dc=br?sub nss_base_group ou=groups,dc=ump,dc=edu,dc=br?one nss_base_hosts ou=computers,dc=ump,dc=edu,dc=br I didn't change that yet because I like the idea of keeping computers and users separated. That isn't actually what you're doing by setting nss_base_hosts. Basically you're configuring ldap to look for dns information in ou=Computers. The idea of putting hosts and users in different places as far as samba is concerned is a different beast. Samba requires hosts to have a standard unix user account, ldap doesn't really know the difference since samba searches for a general posix account in the passwd scope. Let me know if that's confusing, it seems like it probably is but I don't have my good explaining head on yet. My fault, I didn't explained what mean. I have users in ou=Users,dc=homelan,dc=com,dc=br?sub and computers in ou=Computers,dc=homelan,dc=com,dc=br?one. To make it work this way I need to have nss_base_passwd dc=ump,dc=edu,dc=br?sub nss_base_shadow dc=ump,dc=edu,dc=br?sub in ldap.conf or else samba will not find the computers accounts. If I had users and computers in ou=Users I could have nss_base_passwd ou=Users,dc=ump,dc=edu,dc=br?one and I read (don't remember where) that this would make a big difference. I like my tree the way it is now, and it would be a hard work to move it all. I'd prefer to resolve this problem with the indexes configuration. Thank's Bruno. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba vs NtBackup Round 3.0.5
Hi Tom! Hi Jeremy! Hi list! I don't know what exaclty caused the problem but when I upgraded to Samba 3.0.5rc1 my NTBackup started working again. I'll show what i'm using here and maybe somebody can figure out why it helped to me and not to you. I compiled Samba 3.0.5rc1 from source with this options: # ./configure --with-smbmount --with-pam --with-ldapsam --with-ldap --with-quo ta --with-utmp --with-acl-support I'm not using ldap backend in this server yet. my NTBackup is running in a windows2000 that is the DC of another domain, and it didn't have any thrust relationship to my samba domain (Now it have but it didn't change the backup behave). The share from my Samba server is mounted with the net use command. After I compiled, installed and restarted Samba 3.0.5rc1 the ntbackup started working. I had locking problem with an application that uses a paradox database stored in the server and veto files didn't solved it but the backup is OK. Don't know why it is working here and not for you. Maybe because of the windows NT or because it's a precompiled package. Does anybody have a idea? Bruno Pereti. On Mon, Aug 02, 2004 at 02:28:31PM +1200, Tom Hibbert wrote: Hi all, I experienced the same problem with 3.0.4 that Jeremy and Bruno were discussing - NTBackup unable being to connect to shares and erroring out with 'Access Denied'. I have today upgraded to 3.0.5 (using the Debian Woody packages) and that didn't fix the problem. Was the fix in 3.0.5r1 only applicable to 2000/2003 server? I am stuck in the dark ages of NT 4 here, maybe that is a problem... Any help would be very much appreciated as we are now 2 months without a backup :/ 3.0.5 doesn't contain the fix for this bug. 3.0.5 fixes 2 security bugs *only*. Not even obvious fixes like the NTbackup bigfix were included - this is to allow sites to know exactly what changes go into a security release. 3.0.6preXX will contain this fix. Sorry, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NTBackup and samba-3.0.4
Hi,
I have a Win2000 in my network running ntbackup daily to backup data from
some servers including my Samba-3.0.4 (updated from 2.2.8a last month) with
the homedir of my users. Today I needed to restore one file from the tape
and there was no files from the samba server. Ntbackup can't access the
shares in samba anymore.
In my search I found a patch from Redhat here:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125714
this is it:
--- samba-3.0.4/source/smbd/filename.c.old 2004-06-10 15:00:51.0
+0100
+++ samba-3.0.4/source/smbd/filename.c 2004-06-10 15:01:35.0 +0100
@@ -137,6 +137,10 @@
if (!*name) {
name[0] = '.';
name[1] = '\0';
+ if (SMB_VFS_STAT(conn,name,st) == 0) {
+ *pst = st;
+ }
+ DEBUG(5,(conversion finished %s - %s\n,orig_path, name));
return(True);
}
I don't know exactly what this should do but I tried any way. I altered the
file filename.c and recompiled samba. I copied the new smbd to
/usr/local/samba/bin and restarted samba but it didn't correct the problem.
Sorry if this was addressed before in the list but I didn't find it in the
archive.
Does any body have de solution?
Thanks
Bruno Gimenes Pereti.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NTBackup and samba-3.0.4
Hi,
I have a Win2000 in my network running ntbackup daily to backup data from
some servers including my Samba-3.0.4 (updated from 2.2.8a last month) with
the homedir of my users. Today I needed to restore one file from the tape
and there was no files from the samba server. Ntbackup can't access the
shares in samba anymore.
In my search I found a patch from Redhat here:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125714
this is it:
--- samba-3.0.4/source/smbd/filename.c.old 2004-06-10 15:00:51.0
+0100
+++ samba-3.0.4/source/smbd/filename.c 2004-06-10 15:01:35.0 +0100
@@ -137,6 +137,10 @@
if (!*name) {
name[0] = '.';
name[1] = '\0';
+ if (SMB_VFS_STAT(conn,name,st) == 0) {
+ *pst = st;
+ }
+ DEBUG(5,(conversion finished %s - %s\n,orig_path, name));
return(True);
}
I don't know exactly what this should do but I tried any way. I altered the
file filename.c and recompiled samba. I copied the new smbd to
/usr/local/samba/bin and restarted samba but it didn't correct the problem.
Sorry if this was addressed before in the list but I didn't find it in the
archive.
Does any body have de solution?
Thanks
Bruno Gimenes Pereti.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Import posixAccount to LDAP
Hi Jim,
Thank you for the answer.
I spent my afternoon yesterday trying to make it work but I couldn´t find
what I must do. My first problem is that I don´t know what should be the
input to the script. The script expect the input in a format I don´t know:
while () {
my ($login, $rid, $lmpwd, $ntpwd, $gecos, $homedir, $b) = split(/:/, $_);
I know the input should be the output of pwdump, but I can´t use it. I read
in the net that it´s the same format of smbpasswd but my smbpasswd is not
like this. Should I create a new file mixing smbpasswd and /etc/passwd? What
is the best way?
The other problem is that I pass a lot of information to smbldap-useradd.pl
script when creating a user:
smbldap-useradd.pl -a -d /home/alunos/username -s /bin/false -c Name \
-m -k /home/alunos/template -B 1 -C toshiba\\username -D U: \
-E alunos.bat -F toshiba\\profiles\\template username -P
How can I pass this information to smbldap-migrate-account.pl?
Thanks again.
Bruno Pereti.
Tried the migration scripts in /usr/share/samba3/scripts ?
smbldap-migrate-accounts.pl
smbldap-migrate-groups.pl
Bruno Gimenes Pereti wrote:
| Hi friends,
|
| I´m running a Samba 3.0.0 in a production server with Redhat. I´m
trying to
| migrate my users and machine accounts to LDAP, I used pdbedit but it
imports
| only the sambaSamAccount attributes and I want to import the
posixAccount
| attributes too.
| How can I do that?
|
| Thank´s
|
| Bruno Pereti.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Folder Redirection with NT4 Domains (II)
Hi John and all, I didnt implement it in a prodution server, but its working in my test server. Im working with poledit to redirect the Desktop and My Documents from the default profile directory to the users home directory on the PDC. In the file system.adm (got it from win2000 server) there is already a police to redirect the Desktop folder, I added a police to redirect My Documents folder, I changed the NTConfig.POL (with the poledit.exe tool) and its working. There is a single shared profile directory \\PDC\profiles\template for all domain users and the local copy of the profile is erased when the user logoff. I didnt finished all the tests I planned to do and there is stil some problems with implamentation that I hope I can correct til the and of the year. Ill keep you and the list informed about the problems this environment can bring. Bruno Pereti. - Original Message - From: John H Terpstra [EMAIL PROTECTED] To: Juan Luis Fernandez [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, December 14, 2003 10:27 PM Subject: Re: [Samba] Folder Redirection with NT4 Domains (II) On Mon, 15 Dec 2003, Juan Luis Fernandez wrote: Redirecting My Documnets isn't a tricky one. Just right click - properties and change the target location. This is automatically done in our network by changing the location in the default profile. This is then applied to every user when they first logon. Do you mean Local Settings or the Application Data folder. The Applications Data folder is part of the profile anyway. I cant see why you would want to copy the Local Settings directory with your profile. I just work with samba 2.2.8 as a part of FreeBSD ports colecction. All the workstations are Win 2K SP4. All the things runs ok but lately there are some users configured with roaming profiles that put in the desktop some folders. I recomend that they do it with links to the My documents folder opposite that creating folder in my desktop. In some users if I change this by this way ,the folders previusly deleted reapered when users close and open the logon again. I dont know about how to track a solution about this. All the users have the same rights and directory permisions in Unix and they are part of local administration group of Win2K boxes. I dont know if this is about recycle bin in samba or I have roaming profiles misconfigured. Juan, You have hit on one of the key issues that needs to be addressed. I'd like to see further comment on that too. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Folder Redirection with NT4 Domains (II)
I forgot one detail. The shared profile is mandatory. When I create the profile with an user and just rename the NTUSER.DAT to NTUSER.MAN it works only with the user I created the profile, so had to copy the NTUSER.DAT from C:\Documents and Settings\Default User\NTUSER.DAT to the shared profile directory and rename it to NTUSER.MAN. And Id like to thank you and all the samba time for the amazing work! Bruno Pereti. - Original Message - From: John H Terpstra [EMAIL PROTECTED] To: Bruno Gimenes Pereti [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, December 15, 2003 3:58 PM Subject: Re: [Samba] Folder Redirection with NT4 Domains (II) Bruno, Thanks for this detail - it helps to make clear what you did. cheers, John T. On Mon, 15 Dec 2003, Bruno Gimenes Pereti wrote: Hi John and all, I didnt implement it in a prodution server, but its working in my test server. Im working with poledit to redirect the Desktop and My Documents from the default profile directory to the users home directory on the PDC. In the file system.adm (got it from win2000 server) there is already a police to redirect the Desktop folder, I added a police to redirect My Documents folder, I changed the NTConfig.POL (with the poledit.exe tool) and its working. There is a single shared profile directory \\PDC\profiles\template for all domain users and the local copy of the profile is erased when the user logoff. I didnt finished all the tests I planned to do and there is stil some problems with implamentation that I hope I can correct til the and of the year. Ill keep you and the list informed about the problems this environment can bring. Bruno Pereti. - Original Message - From: John H Terpstra [EMAIL PROTECTED] To: Juan Luis Fernandez [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, December 14, 2003 10:27 PM Subject: Re: [Samba] Folder Redirection with NT4 Domains (II) On Mon, 15 Dec 2003, Juan Luis Fernandez wrote: Redirecting My Documnets isn't a tricky one. Just right click - properties and change the target location. This is automatically done in our network by changing the location in the default profile. This is then applied to every user when they first logon. Do you mean Local Settings or the Application Data folder. The Applications Data folder is part of the profile anyway. I cant see why you would want to copy the Local Settings directory with your profile. I just work with samba 2.2.8 as a part of FreeBSD ports colecction. All the workstations are Win 2K SP4. All the things runs ok but lately there are some users configured with roaming profiles that put in the desktop some folders. I recomend that they do it with links to the My documents folder opposite that creating folder in my desktop. In some users if I change this by this way ,the folders previusly deleted reapered when users close and open the logon again. I dont know about how to track a solution about this. All the users have the same rights and directory permisions in Unix and they are part of local administration group of Win2K boxes. I dont know if this is about recycle bin in samba or I have roaming profiles misconfigured. Juan, You have hit on one of the key issues that needs to be addressed. I'd like to see further comment on that too. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Installing samba 3.0 on redhat 9
I never installed samba3 from rpm but it looks like you need libacl-devel (or acl-devel, don´t know the package name). Bruno. - Original Message - From: Bjørn-Sverrre Nøttum [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, November 03, 2003 12:18 PM Subject: [Samba] Installing samba 3.0 on redhat 9 Hi! I am having problems trying to install samba 3.0 on my redhat 9 server. Installation of Samba common works fine but when I try to install the samba package it stops. I get a message that libacl.so.1 and libaccl.so.2 is needed by samba. I have the newest libacl and libattr packages installed. Can anyone help me on this? Thanks! Bjorn _ Se hva du og andre tjente i fjor http://money.msn.no/ Sjekk skatten nå -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Mandatory profiles
Hi, I plan to use mandatory profile but I didn´t find a way to NOT allow the user any ability to change the desktop environment. I read in Samba-HOWTO-Colletion that it must be done with policy settings but I can´t find who. I´m running samba-3.0.0rc2 and my clients are all win2k and winXP. Please help me. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Changing registry in workstations.
Hi! I´m running a test samba-3rc2 in RedHat 9 with LDAP passdb backend. I got UserManager and police to work, I have 1 mandatory profile to all users that is erased from the workstation when users log off (done with poledit). My problem is that I want to deny write access to the desktop, My Documents, and every thing that is in the profile; and I want to redirect the folder My Documents to a directory in the server (that can be done in W2K). I didn´t find a way to do that with poledit. I know it can be done editing the registry in the workstation but I have more than 200 workstations and I´d like to do it just once and apply it to all machines. Is there any tool to do that or is it possible? Thank´s Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smb.conf for samba3+LDAP
Hello, I can´t get samba3 to work with LDAP. My worst problem is that I don´t know who to initiate my LDAP tree. In the previous version of samba I used smbldap-populate (from idealx), but with when the schema changed it stop work. Can someone that got it working send me the smb.conf and a ldif file with the necessary objects and attributes? Any documentation would be great. My test environment: RedHat 9 (kernel 2.4.20-19) Samba 3 rc1 OpenLDAP 2.0.27-8 Thank´s Bruno Gimenes Pereti -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb.log v/s nmb.log
Hello! I forgot to say that you can use the command last with these files: [EMAIL PROTECTED] log]# last -f /var/log/wtmpx pereti smb/510.1.1.110Thu Aug 14 08:15 still logged in pereti smb/510.1.1.110Thu Aug 14 08:02 - 08:13 (00:11) alunosmb/910.1.1.113 Thu Aug 14 07:33 - 07:37 (00:03) alunosmb/910.1.1.113 Thu Aug 14 07:33 - 07:33 (00:00) alunosmb/810.1.1.114 Thu Aug 14 07:33 - 07:36 (00:03) alunosmb/710.1.1.112Thu Aug 14 07:32 still logged in and last -f /var/log/utmpx will show who are still logged in, almost the same output than smbstatus -b These is the only 2 files created here, I don´t know if you can create one per user. Bruno Pereti. - Original Message - From: Jason Williams [EMAIL PROTECTED] To: Bruno Gimenes Pereti [EMAIL PROTECTED] Sent: Wednesday, August 13, 2003 6:19 PM Subject: Re: [Samba] smb.log v/s nmb.log Thanks Bruno. I do appreciate it very much. Looks like the server does have utmp compiled with it. I checked the install file. (I inherited this server...much work to do) Thus, looks like I just need to setup utmp = Yes utmp dir = /var/log That will allow me to see how logged in at what time as well as what time the person logged out? Is this just a general file that shows the daily activity? Possible to setup a logging system that will show who logged in and off, but create the log file per person? For instance, if Joe logs in, then it will create a file like /var/log/joe and show when he logged on and off. Thanks again Bruno. Jason At 05:41 PM 8/13/2003 -0300, you wrote: Hi Jason, The log file parameter is just the name of the file. At the end you will have the same log, don´t matter what is the file name. To log who logged in the Domain you can do ./configure --with-utmp in the compile time and add these lines to your smb.con: utmp = Yes utmp dir = /var/log And it will create the files: /var/log/utmpx - this file with who is logged /var/log/wtmpx - this file with who ever logged. I this very usefull. Hope it helps. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smb.log v/s nmb.log
Hi Jason, The log file parameter is just the name of the file. At the end you will have the same log, don´t matter what is the file name. To log who logged in the Domain you can do ./configure --with-utmp in the compile time and add these lines to your smb.con: utmp = Yes utmp dir = /var/log And it will create the files: /var/log/utmpx - this file with who is logged /var/log/wtmpx - this file with who ever logged. I this very usefull. Hope it helps. Bruno Pereti. - Original Message - From: Jason Williams [EMAIL PROTECTED] To: Corey Hart [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, August 13, 2003 5:26 PM Subject: Re: [Samba] smb.log v/s nmb.log Interesting actually. I had not thought about this. Is it possible to have more than one type of log? Lets say I want to have: log file = /var/log/smb/log.%U ---this will tell me when a user logged onto their account as well as logged off, correct? Also, i have this in my smb.conf: log file = /var/log/smb/log.%m Which, gathers machine information. What I was curious about is i'd like to setup my logging so I can see any potential problems with machines, and also set up logging so I can view when people logged onto the domain as well as logging off the domain. Any recommendations? Or what would work best? Thanks. Jason At 11:03 AM 8/13/2003 -0500, you wrote: in smb.conf [global] log file = /var/log/smb/log.%U [EMAIL PROTECTED] wrote: how do I create the separate log files of smb.log and nmb.log Just want a log of users who have accessed their accounts. Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Corey Hart Systems/Security Analyst St. Edward's University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC without profiles
I'am using Samba 2.27 as PDC on mandrake 9.1. I don't need to use profiles. How to do it? I tried to delete share [profiles] and rule 'logon path', but then is WinXP saying can't load roaming profiles,...blah blah each time I started it. Disable roaming profiles from XP like advised here: http://hr.uoregon.edu/davidrl/samba/samba-pdc.html -- There is another way to do that. If you simply delete the line with the logon path parameter samba will use the default. You can set it like this: logon path = You can verify this with testparm. good luck. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP problem...
Hi Kevin, Below are some files that I think are pertinent. The /etc/openldap/ldap.conf, /etc/openldap/slapd.conf /etc/samba/smb.conf, the base.ldif that is from the IDEALX.org HOWTO. I'm hoping that someone with much more experience than me will be able to help me. I´m not so experience but I think you forgot one thing. Do you have this: passwd: files ldap shadow: files ldap group: files ldap in your /etc/nsswitch.conf and this: authrequired /lib/security/pam_env.so authsufficient/lib/security/pam_unix.so likeauth nullok authsufficient use_first_pass authrequired /lib/security/pam_deny.so account sufficient /lib/security/pam_ldap.so account required /lib/security/pam_unix.so passwordrequired /lib/security/pam_cracklib.so retry=3 passwordsufficient/lib/security/pam_unix.so nullok use_authtok md5 shadow passwordsufficient /lib/security/pam_ldap.so passwordrequired /lib/security/pam_deny.so session required /lib/security/pam_limits.so session sufficient /lib/security/pam_ldap.so session required /lib/security/pam_unix.so in /etc/pam.d/system-auth? In redhat you can do this with authconfig. hope this helps. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + LDAP problem...
I did have these set, as I used 'authconfig' to generate the PAM/LDAP integration. What I didn't have (but do now) is some settings in /etc/ldap.conf. Those that look like nns_base_passwd, nss_base_shadow, and nss_base_group or very similar. I have those set now, and the error message that I'm getting is different. On the Windows 2000 machine when I join the domain, I get: The account used is a computer account. Use your global user account, or local user account to access this server. It almost sounds like the administrator account is misconfigured and is appearing to Windows as a computer account instead of a user account. Have you heard of this happening before? I used 'smbldap-useradd.pl -a -m -g 200 administrator' to add the administrator account after I had LDAP up and running. Don´t know if this occurs when using LDAP but I used to get this error when trying to join a machine to the domain with a user different then root or when my add user script was misconfigured and samba couldn´t create the machine account. Verify if you can run /usr/local/sbin/smbldap-useradd.pl -w machine_name from a directory different than /usr/local/bin, if not you need to configure perl to locate your smbldap_tools.pm. If the machine account was created try to change the uid and gid from the administrator to 0 or run smbpasswd -a root and use the user root to join the machine to the domain. Hope this helps. Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba, Passwd, LDAP auth
Hi Peter, I´m not sure but I think you have a misconfiguration in the account session. When you use required for pam_unix.so the user must exist in passwd and shadow. Try: account sufficient/lib/security/pam_unix.so account required/lib/security/pam_ldap.so Please correct me if I´m wrong. Bruno. #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authconfig is run. authrequired /lib/security/pam_env.so authsufficient/lib/security/pam_unix.so likeauth nullok authsufficient/lib/security/pam_ldap.so use_first_pass authrequired /lib/security/pam_deny.so account required /lib/security/pam_unix.so account sufficient/lib/security/pam_ldap.so passwordrequired /lib/security/pam_cracklib.so retry=3 type= passwordsufficient/lib/security/pam_unix.so nullok use_authtok md5 shadow passwordsufficient/lib/security/pam_ldap.so use_authtok passwordrequired /lib/security/pam_deny.so session required /lib/security/pam_limits.so session required /lib/security/pam_unix.so session optional /lib/security/pam_ldap.so As far as I can tell, I only need to edit /etc/pam.d/system-auth to make all PAM applications work in RedHat 8. I edited my /etc/nsswitch.conf to look at 'ldap' for passwd,groups,shadow. Thank you for any help! Peter Shull -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Novell EDirectory as LDAP backend
Hi Rolf, I spent a long time last year trying to use Edirectory with Samba but I didn´t get it working. That file in the tar ball is a translation I did from samba.schema to the sintaxe of the ndssch program that is installed with Edir 8.6.2 for linux. The SyntaxID error is probably my mistake. I didn´t get your file attached and I think you should send it to Jerry to update it in the CVS tree. I stopped working with that and now I´m using OpenLDAP but I remember that the object Account was missing in the rfc2307-usergroup.sch that comes with the Edir for linux. I suppose the user that you are using in the ldapclient and samba have the right privilege to insert and alter information in you Edir. What is the messages in you log file? Bruno Gimenes Pereti. - Original Message - From: Rolf Offermanns [EMAIL PROTECTED] Subject: [Samba] Novell EDirectory as LDAP backend Hi, is anybody out there who is using Novell Edir. with samba? I have searched the archive and found some random notes but no real success story. Here is what I have achived so far. Maybe someone can give me some hints. I have tried the samba-nds.schema that comes with the 2.2.7a tar ball. While I was able to import/add it to EDir. it did not work for me, because the lmPassword and ntPassword attributes had a SyntaxID of SYN_INTEGER which I think is wrong, because samba tries to store some hex.Strings in these attributes. After changing them to SYN_CI_STRING I was able to authenticate against edir. The only thing that does not work is to ldapadd or ldif import users with objectClass sambaAccount. Adding posixAccount users and then adding the sambaAccount objectClass via Novells ConsoleOne works, so I guess this is a edir. specific problem which is OT here. So right now, I can manually add machine and user accounts, join (W2K) clients to the samba domain and log in as an user. Changing passwords works, too. I have attached the modified schema file. Can anyone give me a hint about adding users w/o using ConsoleOne? Setting this up with openldap was no problem at all, btw, but I have to use edirectory, because my university wants it that way. Any help is greatly appreceated, -Rolf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Novell EDirectory as LDAP backend
- Original Message - From: Rolf Offermanns [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Samba] Novell EDirectory as LDAP backend [...] A simple test that should work is to export (ldif) a working sambaAccount user(set up using consoleone), delete the entry and import it again, without changing anything. This should work, shouldn't it? But I get an object class violation, without any further detail. I also tried various tracing levels (ndstrace) but got no information about what is causing the problem. Yes, that should work. Please, check if you have the object Account in you Edir because when I added this object to mime I stopped receiving the object class violation error when using ldapadd. This object is metioned in a documentation from Novell (the name of the file is a020602.pf. I´ll send it to you in private). Probably this is not what is causing the error because this document talks about authenticating system users and you already got it working, but I don´t think it´s a wast of time trying that. I can´t install Edir here (at work) but I´ll install it at home and see what I can get with your help. Bruno Gimenes Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I need no profiles.
Hi, I'm running samba-2.2.7a with LDAP. I have almost 1200 users and more than 200 workstations divided in 7 classrooms. All my users have access to all workstations, it means that I have more than 1000 profiles in each workstations. I don't want to use remote profile because I have limited disk space and my users (students) don't even know what is a profile. I know one man who is using ZenNetworks (from Novell) an it erases the profile every time the user logon. Is it possible with samba? Thank's Bruno Gimenes Pereti -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Force the user to change its password
Maybe my configuration is incorrect but I can't do it. I'm using samba-2.7.7 and openldap-2.0.25-1 in a redhat-8.0 test machine. When I run smbldap-usermod -B 1 pereti it sets pwdMustChange to 0 and when I try to logon it says (translating from portuguese): Your password exipires today. Do you want to change it now? Ok, it's the expected behave but if I answer Yes and try to change my password the message is (translating from portuguese): The system can not change your password because the domain LDAP is not availiable (ps: LDAP is my domain name) And in the log files I find: [2003/01/14 09:36:12, 0] lib/util_sec.c:assert_gid(114) Failed to set gid privileges to (0,514) now set to (0,-1) uid=(0,999) [2003/01/14 09:36:12, 0] lib/util.c:smb_panic(1094) PANIC: failed to set gid And if I change my password with crtl+alt+del it don't change the value of pwdMustChange. I you have the solution it would be great to use this feature. Bruno. Pascal Schelcher wrote: I know that it's possible when using Samba with LDAP. In the LDAP Schema, there is an attribut pwdMustChange that's force an user to change its password. This attribut take 2 values : - 0 : user must change its password - 2147483647 : don't change Pascal. Raffaele Sandrini wrote: Hi I successfully set up a PDC using samba 2.2. It really works perfect! I'd like to force all users to change their paswords on their first login. Is that possible? (On a M$ PDC this would be a special flag wich u have to activate) cheers, Raffaele -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Removing requirement for local machine accounts
Hi Dan, To allow everyone to join your domain you can use this in your smb.conf (got this idea from Art): add user script = sudo /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ With this you will give rights to everyone to create users, I think it's a little dangerous and you'll still have to manage the machine accounts created by the users. Hope it helps. Bruno. Dan Peterson wrote: I'm looking for a way to not have to worry about machine accounts on the server. My organization is looking to move thousands of machines and many locations to XP and, if possible, we'd like to avoid the headache of managing more system and samba accounts. Basically, I'd like a way to say I don't care who joins my domain, just do whatever is necessary to make them think they have. I'd be willing to pay for such a feature (please contact me via email). It would also be nice if there was a way to alias all the system machine accounts into one system account (and, for that matter, the samba machine accounts into one samba account) and have samba do magic to keep what it needs seperated out somewhere I don't have to worry about (Is this kind of stuff in secrets.tdb?). Any help to reach my goal is appreciated. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2 Samba PDC and 1 LDAP Server.
Hi all, I have 2 samba PDCs, each on is on a isolated network and on firewall in both networks. The first samba server is authenticating in a LDAP server, the other one is authenticating with smbpasswd file. I intend to create all the users acounts for the second samba server in the same LDAP server and use it to authenticate users from both samba servers. The problem is... There is users that should have access to both domains and users that should be restricted to only one of them. The question is... Is it possible? I could create one group for each domain and restrict the access using the acls in the LDAP server or using the ldap filter parameter in the samba server. Could this work? What is the better way? Thank's Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ERROR: no seteuid method available
Hi, I´m installing samba in a new machine. RedHat-7.1 Kernel-2.4.19 (with ext2 acl-support) When I try: ./configure --without-swat --with-pam --with-ldapsam --with-quota --with-utm p --with-acl-support I get the following error: ... checking configure summary... WARNING: No automated network interface determination ERROR: no seteuid method available configure: error: summary failure. Aborting config I tried ./configure without parameter and in the old kernel 2.4.2-2 but I get the same error. I think I uninstalled some needed library. can some body help me please... TIA, Bruno -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] information about XP - samba ?
Hi, Today I got my first XP in my network. I installed applied the registry patch and it logged perfectly in the Samba PDC. After that I started the Windows Update. I couldn´t install the SP1 but I installed all the hotfix left and them, after a reboot, the XP took almost 30 minutes to log into the Samba PDC. my 0.2 cents. Bruno. - Original Message - From: Greg S. Miller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, October 18, 2002 1:09 PM Subject: RE: [Samba] information about XP - samba ? Have you tried releasing the system from the domain (change it to a workgroup) and then rejoining it to the domain? I had that with one of my systems and after that all was well. Also make sure that you're ip settings are correct. The network assistance does some weird stuff to your system. That's why I don't use it. -Original Message- From: Dr. Bernd Zimmermann [mailto:bernd;schaumburger-tracht.de] Sent: Friday, October 18, 2002 4:22 AM To: Greg S. Miller Subject: Re: [Samba] information about XP - samba ? Hi, my problem is, that it was also working, but now its over. The person who works with the XP computer changed something, he cant remember - perhaps by accident. An from now on the XP computer does not recognise the Samba anymore. The samba also does not show up in the network neighborhood. All registry hacks are set, no firewall, all ports,ip,protocols are open, but no chance of seeing a samba server. So do you have any hints whats going on with XP when it refuses to workd with Samba ? I had a similar effect once playing with XP and Samba at home. At first everything was OK, but then I klicked in the network assistent on the button Home network installation an from that point, no way of getting in touch with samba. I found no way getting back. That was the point I decided to kill XP. ;-( Regards, Bernd Greg S. Miller wrote: I've been using Samba 2.2.5 on RedHat 7.2 with 7 XP clients for almost a year with no problems. It actually was pretty smooth after I figured out how to get samba running (this was my first install). The reg hacks are necessary but if you set them before you get into it all it creates a whole lot less headaches. Also remember to create machine trust accounts on the server. Google has a wealth of information on the subject. As far as everything working, everything works fine between the two (Print server hasn't been tested). Roaming profiles, personal folders, everything you should expect from a file server. I would say setup up a dummy client with xp and test it out before you do a full upgrade. This will allow you to stream line the rest of the installs. Good luck. -Original Message- From: [EMAIL PROTECTED] [mailto:samba-admin;lists.samba.org] On Behalf Of Dr. Bernd Zimmermann Sent: Thursday, October 17, 2002 7:12 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Samba] information about XP - samba ? Hello, my experience so far: dont do it - dont use XP - use Win2K WinNT Win2K all is woorking fine, but XP ist might work and it might not. We habe a single XP computer in out environment and ist makes a lot of trouble. At first after applying all registry pathces to XP it worked, but suddenly after a non reproducable accident XP is ignoring the Samba Server. My personal experience with XP was the same. After installation it worked, but after an hour playing with XP and also an nonreproducable accident XP was ignoring Samba. We still cant figure out what the problem is. So if u use XP and Samba and if it works over a long time (i.e. 4 weeks ore more) please write a FAQ ;-) MY recommendation: dont use XP - Use Win2K Regards, Bernd [EMAIL PROTECTED] wrote: I'm thinking about upgrading our NT4-clients to XP in the near future and I want to know how well XP is supported by SAMBA in the recent samba-versions. I found many single statements in usenet, but I wonder if there is a kind of XP-FAQ out there. (The one at samba-page is very outdated) Especially I need to know how well XP integrates in a existing NT4-domain (samba as PDC). Then I need to know if there are any problems with fileservers (I remember rumours about reghacks one has to apply on XP to make things work) And finally - if a machine is not part of the domain (guest-laptop): if a local XP-user with user/pass similar than on samba-server is sufficient for auth on the sambaserver ? thnx, peter -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Novell vs Linux.
Hi, yes, it´s for eDirectory 8.6 but even I´m almost sure it´s correct, I don´t know if it works. Feel free to do what you want with it. I´ll keep the list informated of my progress. I intend to make a howto when I finish this quest. I´m glad I can help. - Original Message - From: Gerald Carter [EMAIL PROTECTED] To: Bruno Gimenes Pereti [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, October 07, 2002 11:54 AM Subject: Re: [Samba] Novell vs Linux. On Fri, 4 Oct 2002, Bruno Gimenes Pereti wrote: The schema file is at: http://www.pereti.hpg.com.br/samba.sch Is this for eDirectory 8.6 ? Mind if I include it in our CVS tree ? cheers, jerry - Hewlett-Packard http://www.hp.com SAMBA Team http://www.samba.org --http://www.plainjoe.org SAMS Teach Yourself Samba in 24 Hours 2ed. ISBN 0-672-32269-2 --I never saved anything for the swim back. Ethan Hawk in Gattaca-- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbpasswd gives 2 Password changed for user user message
Hi, I´m worried about a strange behave of smbpasswd. It´s doubling the response of the command. When I change a password it gives me this answer: [root@srv03 /]# smbpasswd testNew SMB password:Retype new SMB password:Password changed for user test.Password changed for user test. I´m user samba-2.2.6-pre2, autentication without pam and with the passwd file. What is that? Thank you, Bruno Gimenes Pereti.
Re: [Samba] Novell vs Linux.
This the attribute and object definition from samba.schema from samba2.2.6pre CVS couple of weeks ago: attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword' [samba.schema] [...] What does that mean? I can connect, search LDAP from NDS with the tools provided by redhat 7.1 distribution... Sorry if I´m being boring but I really need Samba to work with NDS eDirectory. You have to 'import' this definiton to your ldap server/nds server. There must be a way to import this schema. After that, you must be able to fill in data in ldap/nds. I forgot to mention, I can import the definition from the file rfc2307-usergroup.sch but I can´t import from the samba.schema. Certanly you saw that the sintaxe of this files are completly different. NDS provides two applications to import schema, they are ndssch and ldapmodify. ndssch can´t import samba.schema and ldapmodify uses another kind of file (ldif). Do you know how can I do this? Thank´s Bruno Pereti. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Novell vs Linux.
Samba is capable to authenicate against a ldap v3 server. For this ldap
version exist inside the samba source a samba.schema file.
Last Saturday, Volker Lendecke ([EMAIL PROTECTED]) was ask this question,
and he said: If there is no Problem with the ldap implementation of the
nds, there is no reason for samba not to authenticate against nds via
ldap, using the samba.schema.
This the attribute and object definition from samba.schema from
samba2.2.6pre CVS couple of weeks ago:
attributetype ( 1.3.6.1.4.1.7165.2.1.1 NAME 'lmPassword'
DESC 'LanManager Passwd'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{32}
SINGLE-VALUE )
[...]
objectclass ( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' SUP top AUXILIARY
DESC 'Samba Auxilary Account'
MUST ( uid $ rid )
MAY ( cn $ lmPassword $ ntPassword $ pwdLastSet $
logonTime $
logoffTime $ kickoffTime $ pwdCanChange
$ pwdMustChange $ acctFlags $
displayName $ smbHome $ homeDrive $
scriptPath $ profilePath $
description $ userWorkstations $
primaryGroupID $ domain ))
[...]
And this is an exemple of the attribute and object definition from
rfc2307-usergroup.sch from NDS eDirectory for Linux instalation:
RFC2307UserGroupSchemaExtensions DEFINITIONS ::=
BEGIN
-- An integer uniquely identifying a user in an administrative domain
uidNumber ATTRIBUTE ::=
{
Operation ADD,
SyntaxIDSYN_INTEGER,
Flags { DS_SINGLE_VALUED_ATTR },
ASN1ObjID { 1 3 6 1 1 1 1 0 }
}
[...]
posixAccount OBJECT-CLASS ::=
{
OperationADD,
Flags {DS_AUXILIARY_CLASS},
SubClassOf {TOP},
MustContain{ CN },
MustContain{ uniqueID },
MustContain{ uidNumber },
MustContain{ gidNumber },
MustContain{ homeDirectory },
MayContain { loginShell },
MayContain { gecos },
MayContain { description },
ASN1ObjID { 1 3 6 1 1 1 2 0 }
}
[...]
What does that mean?
I can connect, search LDAP from NDS with the tools provided by redhat 7.1
distribution...
Sorry if I´m being boring but I really need Samba to work with NDS
eDirectory.
Thank´s.
Bruno Pereti.
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
