Re: [Samba] Backup Tape

2005-11-16 Thread Eduard Witteveen 

Denis Vlasenko wrote:

Or better yet, in order to avoid carrying drives back and forth,
copy backup over network to a few physically
remote backup servers - just in case of asteroid impact, that
sort of trouble, you know.
We dont have a lot of data, but we use http://samba.anu.edu.au/rsync/ 
with http://freshmeat.net/projects/pdumpfs/


Since our data doesnt change very much, we have a backup that cost us 30 
GB the first time,.. after this it took 10 GB for 1 month.
(still have to write a clean script that will be triggered when the disk 
is almost full)

Advantage with this sollution that you can also browse back in time.

Please notice that we did use WIFI to have a geographical distance!
--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba PDC (3.0.14a) with LDAP cannot add machines

2005-09-28 Thread Eduard Witteveen 

Hello list,

Im still trying to get the add machine script working.

I have a user which is named administrator, which is stored in ldap, 
i  can login using this user(i attached a loginshell) and execute the 
command: '/usr/sbin/smbldap-useradd -w eduard-laptop$' succesfull

(UID=0,USER=root)

Howevery, when this command is executed by samba, it will not run, since 
ldap doesnt like the way the command was started:

(UID=65534,USER=root)

How can i get this script to be executed the same way as when it is run 
from the commandline?

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Samba PDC (3.0.14a) with LDAP cannot add machines

2005-09-07 Thread Eduard Witteveen 

Jan Evert van Grootheest wrote:


Hi,
 


I am setting up a Samba PDC which uses LDAP for account information.
 

It is a debian installation with samba 3.0.14a and slapd 2.2.23 (I'm 
also using ldap-account-manager, but I don't think that has anything to 
do with this).
 


Jan,

I also ran into maybe similar problems, which i couldnt solve on ubuntu(debian). The 
problem for me is that when the script is executed on the command line/ 
'/usr/sbin/smbldap-useradd -w //eduard-laptop$'/ the following enviourment 
varaibles are set:

... 
UID=0
USER=root
...

When the script is run by samba, the enviourment settings are:
...
UID=65534
USER=root
...

Notice that the UID of 65534 should be 0 AFAIK. I determined this by using the 
following setting in the smb.conf:
'set / /tmp/user.txt; /usr/sbin/smbldap-useradd -w %u'

(http://lists.samba.org/archive/samba/2005-August/109759.html)

I dont know if we have the same problem, but to me it almost looks the same.

I dont have a sollution for this problem.
/


--
Eduard Witteveen
+31 (0)6 414 789 23
nl_NL  fy_NL  en_US

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Adding machine to domain fails - check permissions? (ldap)

2005-08-20 Thread Eduard Witteveen 
On Sun, 2005-08-14 at 12:02 +0200, Eduard Witteveen wrote:
 Eduard Witteveen wrote:
 
  Error: modifications require authentication at 
  /usr/share/perl5/smbldap_tools.pm line 891, DATA line 283.
[2005/08/11 16:46:54, 0] 
  rpc_server/srv_samr_nt.c:_samr_create_user(2324)
  _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w 
  eduard-laptop$' gave 127
I changed the add machine script into 'set
 /tmp/user.txt; /usr/sbin/smbldap-useradd -w %u'. This /tmp/user.txt
contains a lot of information,.. but what really wondered me was the
following part:
...
UID=65534
USER=root
...
(where one would expect uid=0, since the uid of administrator(user in
ldap) is 0)


When i do this on the commandline, the administrator has a UID of 0
[EMAIL PROTECTED]:~$ sudo -u Administrator bash
[EMAIL PROTECTED]:~# set | grep UID=0
EUID=0
UID=0

How can i let the add machine script run with UID = 0?

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Adding machine to domain fails - check permissions? (ldap)

2005-08-19 Thread Eduard Witteveen 
I made a short summary of the current situation, and i hope that someone 
can give me some pointers


The summary can be found at: http://nergens.org/download/ldap-problems.pdf

--
Eduard Witteveen
+31 (0)6 414 789 23
nl_NL  fy_NL  en_US

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Adding machine to domain fails - check permissions? (ldap)

2005-08-14 Thread Eduard Witteveen 

Eduard Witteveen wrote:

Error: modifications require authentication at 
/usr/share/perl5/smbldap_tools.pm line 891, DATA line 283.
  [2005/08/11 16:46:54, 0] 
rpc_server/srv_samr_nt.c:_samr_create_user(2324)
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w 
eduard-laptop$' gave 127



I didnt read the log file completely, before this message there were 
also some other messages:



[EMAIL PROTECTED]:/var/log/samba# cat log.eduard-laptop
[2005/08/12 15:15:26, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Connection reset by peer
[2005/08/12 15:15:26, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection 
reset by peer

[2005/08/12 15:15:26, 0] lib/util_sock.c:send_smb(647)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
[2005/08/12 15:15:28, 0] lib/util_sock.c:write_socket_data(430)
  write_socket_data: write failure. Error = Connection reset by peer
[2005/08/12 15:15:28, 0] lib/util_sock.c:write_socket(455)
  write_socket: Error writing 4 bytes to socket 25: ERRNO = Connection 
reset by peer

[2005/08/12 15:15:28, 0] lib/util_sock.c:send_smb(647)
  Error writing 4 bytes to client. -1. (Connection reset by peer)
Error: modifications require authentication at 
/usr/share/perl5/smbldap_tools.pm line 891, DATA line 283.

[2005/08/12 15:15:38, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2324)
  _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w 
eduard-laptop$' gave 127

[EMAIL PROTECTED]:/var/log/samba#



I assume that this means that the smbldap_tools.pm script cannot connect 
to the ldap server. Therefore i opened the file and found the following 
code:



sub get_next_id($$) {
  my $ldap_base_dn = shift;
  my $attribute = shift;
  my $tries = 0;
  my $found=0;
  my $next_uid_mesg;
  my $nextuid;
  if ($ldap_base_dn =~ m/$config{usersdn}/i) {
# when adding a new user, we'll check if the uidNumber available 
is not

# already used for a computer's account
$ldap_base_dn=$config{suffix}
  }
  do {
$next_uid_mesg = $ldap-search(
  base = 
$config{sambaUnixIdPooldn},
  filter = 
(objectClass=sambaUnixIdPool),

  scope = base
 );
$next_uid_mesg-code  die Error looking for next uid;
if ($next_uid_mesg-count != 1) {
  die Could not find base dn, to get next $attribute;
}
my $entry = $next_uid_mesg-entry(0);
$nextuid = $entry-get_value($attribute);
my $modify=$ldap-modify( $config{sambaUnixIdPooldn},
 changes = [
 replace = [ 
$attribute = $nextuid + 1 ]

]
   );
$modify-code  die Error: , $modify-error;



^^

# let's check if the id found is really free (in ou=Groups or 
ou=Users)...

my $check_uid_mesg = $ldap-search(
  base = $ldap_base_dn,
  filter = 
($attribute=$nextuid),

 );
$check_uid_mesg-code  die Cannot confirm $attribute $nextuid 
is free;

if ($check_uid_mesg-count == 0) {
  $found=1;
  return $nextuid;
}
$tries++;
print Cannot confirm $attribute $nextuid is free: checking for 
the next one\n

  } while ($found != 1);
  die Could not allocate $attribute!;
}



This means that the variable $config{sambaUnixIdPooldn} contains 
something we dont like.  I assume that this came from the file 
/etc/smbldap-tools/smbldap.conf


This contains the value:


sambaUnixIdPooldn=cn=NextFreeUnixId,${suffix}



(i checked this one and it exists in ldap)

Also:


suffix=dc=hawarit,dc=com




I've read the other documentation, but it doesnt give me any clue's 
Joachim told me to store the machines in the Users organisation-unit.


Could somebody please give me some more pointers?

--
Eduard Witteveen
+31 (0)6 414 789 23
nl_NL  fy_NL  en_US

# $Source: /opt/cvs/samba/smbldap-tools/smbldap.conf,v $
# $Id: smbldap.conf,v 1.15 2004/10/14 09:53:14 jtournier Exp $
#
# smbldap-tools.conf : Q  D configuration file for smbldap-tools

#  This code was developped by IDEALX (http://IDEALX.org/) and
#  contributors (their names can be found in the CONTRIBUTORS file).
#
# Copyright (C) 2001-2002 IDEALX
#
#  This program is free software; you can redistribute it and/or
#  modify it under the terms of the GNU General Public License
#  as published by the Free Software Foundation; either version 2
#  of the License, or (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY

[Samba] Adding machine to domain fails - check permissions? (ldap)

2005-08-12 Thread Eduard Witteveen 

Dear list,

Whe i trying to add a machine to the domain(ldap/pdc) i get the 
following error:


Error: modifications require authentication at 
/usr/share/perl5/smbldap_tools.pm line 891, DATA line 283.
  [2005/08/11 16:46:54, 0] 
rpc_server/srv_samr_nt.c:_samr_create_user(2324)
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w 
eduard-laptop$' gave 127


Since i used the user Administrator, i login from the windows-machine on 
the linux-computer running samba with the username Administrator 
(account which is stored inside ldap), i *can* run the command 
succesfull. (this user is actually root since i changed the gidnumber 
and the uidnumber both to 0)


But when this machine has been added manually to the ldap-database, i 
still cannot join the domain and samba puts information like the 
following in the log:



[2005/08/11 17:05:07, 0] lib/smbldap.c:smbldap_open(882)
  smbldap_open: cannot access LDAP when not root..
.
[2005/08/11 17:05:22, 0] lib/smbldap.c:smbldap_search_suffix(1176)
  smbldap_search_suffix: Problem during the LDAP search:  (Timed out)
[2005/08/11 17:05:22, 0] rpc_server/srv_samr_nt.c:_samr_create_user(2350)
  could not add user/computer eduard-laptop$ to passdb.  Check 
permissions?


I've attached the smb.conf for completeness. Furthermore, im running 
Version 3.0.14a-Ubuntu


Please let me know, how i can let samba execute the add machine script 
successfull


--
Eduard Witteveen
+31 (0)6 414 789 23
nl_NL  fy_NL  en_US

# Global parameters
[global]
workgroup = hawarit
netbios name = pdc
enable privileges = yes
#interfaces = 192.168.5.11
username map = /etc/samba/smbusers
server string = Samba Server %v
security = user
encrypt passwords = true
#min passwd length = 3
min print space = 3
obey pam restrictions = No
#unix password sync = Yes
#passwd program = /usr/sbin/smbldap-passwd -u %u
#passwd chat = Changing password for*\nNew password* %n\n *Retype 
new password* %n\n
ldap passwd sync = Yes
log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 10
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1

logon script = logon.bat
logon drive = H:
logon home =
logon path =

domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = no
passdb backend = ldapsam:ldap://127.0.0.1/
# passdb backend = ldapsam:ldap://127.0.0.1/ ldap://slave.idealx.com;
 # ldap filter = ((objectclass=sambaSamAccount)(uid=%u))
ldap admin dn = cn=manager,dc=hawarit,dc=com
ldap suffix = dc=hawarit,dc=com
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Users

#TODO: use tls on ldap server one day!
#ldap ssl = start tls
ldap ssl = no
add user script = /usr/sbin/smbldap-useradd -m %u
ldap delete dn = Yes
#delete user script = /usr/sbin/smbldap-userdel %u
add machine script = /usr/sbin/smbldap-useradd -w %u
add group script = /usr/sbin/smbldap-groupadd -p %g 
#delete group script = /usr/sbin/smbldap-groupdel %g
add user to group script = /usr/sbin/smbldap-groupmod -m %u %g
delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g
set primary group script = /usr/sbin/smbldap-usermod -g %g %u

# printers configuration
printer admin = @Print Operators
load printers = Yes
create mask = 0640
directory mask = 0750
nt acl support = No
printing = cups
printcap name = cups
deadtime = 10
guest account = nobody
map to guest = Bad User
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
; to maintain capital letters in shortcuts in any of the profile 
folders:
preserve case = yes
short preserve case = yes
case sensitive = no

[homes]
comment = repertoire de %U, %u
read only = No
create mask = 0644
directory mask = 0775
browseable = No

[netlogon]
path = /home/samba/netlogon/
browseable = No
read only = yes

[profiles]
path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = Yes
profile acls = yes
csc policy = disable
# next line is a great way to secure the profiles 
force user = %U 
# next line allows administrator to access all profiles 
valid users = %U @Domain Admins

[printers]
comment

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian) -- SOLVED by adding updating to 3 and 'domain logons = Yes' to smb.config

2003-12-19 Thread Eduard Witteveen 
John H Terpstra wrote:

I've searched on this topic on google, but this led only to other people
asking the same question, without any aswers.
It would really mean a lot to me to get Samba running in our
organisation, but i've already spend a lot of time on this.  So if one
could give me some pointers were to start, i would be very thankfull
   

First off, I'd recommend you use Samba-3.0.1 or later.
 

I changed my sources.list to use an backport for my system.
Below are the lines i added:
# samba backport
deb http://www.backports.org/debian stable samba
deb-src http://www.backports.org/debian stable samba
updated my system

nemo:/var/log/samba# smbd -V
Version 3.0.0-Debian
Second, have you read the Samba-HOWTO-Collection?
http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
It might help. This is also available in book form. It is called, The
Official Samba-3 HOWTO and Reference Guide - It's available from
Amazon.Com.
 

After reading this document 
(http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf) my eyes 
fell on the following part:

snip
Note
The above parameters make for a full set of parameters that may define the
servers mode of operation. The following smb.conf parameters are the 
essentials
alone:
netbios name = BELERIAND
workgroup = MIDEARTH
domain logons = Yes
domain master = Yes
security = User
The additional parameters shown in the longer listing above just makes for a
more complete explanation.
/snip

I added the following line to my /etc/samba/smb.conf and im getting a 
login screen for joining the domain. I guess i can figure it out from 
here by using the other mails / docs :)
domain logons = Yes

I dont know if installing 3.0 was necessary, but i dont have time to 
analyse this problem further at this moment, thanx all

Eduard Witteveen
[global]
;added after reading the http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf 
page 55
domain logons = Yes

;changes after comments of Fabien Chevalier
wins server = 10.0.0.10

;changes after comments of Patrick Shoaf
password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
pam password change = yes
obey pam restrictions = yes

;basic server settings
workgroup = HAWAR3
netbios name = nemo
server string = Samba %h PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
# encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 2
# max log size = 50
# hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0

;user profiles and home directory
logon home = \\%L\%U\
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat

;sync passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n  
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: 
*all*authentication*tokens*updated*successfully*

; new machines
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

#  shares 
[unsafe]
path = /etc/samba
comment = Unsafe Config Share, has to be removed
browseable = yes
writeable = yes

[homes]
comment = Home Directories 
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)

2003-12-18 Thread Eduard Witteveen 
Eduard Witteveen wrote:

Please let me know what to do next.
I've searched on this topic on google, but this led only to other people 
asking the same question, without any aswers.
It would really mean a lot to me to get Samba running in our 
organisation, but i've already spend a lot of time on this.  So if one 
could give me some pointers were to start, i would be very thankfull

Eduard Witteveen
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)

2003-12-17 Thread Eduard Witteveen 
Patrick Shoaf wrote:

I am running on RedHat, but everything should be same on server side.  
Try adding the following lines into the smb.conf file:

password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
pam password change = yes
obey pam restrictions = yes
I added your parameters to the config file and also created an 
additional shared called [unsafe] from which i can easier get the config 
file when i want to email it.

When i want to join the domain with an Windows XP Version 2002 
Professional Service Pack 1 i still get the following error:
   A domain controller for the domain HAWAR3 could not be contacted.
   Ensure that the domain name is typed correctly.
   If the name is correct click Details for troubleshooting

When i click on details:
   Note: This information is intended for a network administrator.  If 
you are not your network's administrator, notify the administrator that 
you received this information, which has been recorded in the file 
C:\WINDOWS\debug\dcdiag.txt.
   The domain name HAWAR3 might be a NetBIOS domain name.  If this is 
the case, verify that the domain name is properly registered with WINS.
   If you are certain that the name is not a NetBIOS domain name, then 
the following information can help you troubleshoot your DNS configuration.
   The following error occurred when DNS was queried for the service 
location (SRV) resource record used to locate a domain controller for 
domain HAWAR3:
   The error was: DNS name does not exist.
   (error code 0x232B RCODE_NAME_ERROR)
   The query was for the SRV record for _ldap._tcp.dc._msdcs.HAWAR3
   Common causes of this error include the following:
   - The DNS SRV record is not registered in DNS.
   - One or more of the following zones do not include delegation to 
its child zone:
   HAWAR3
   . (the root zone)
   For information about correcting this problem, click Help.

Screenshots:
- http://www.nergens.org/samba/ComputerNameChanges.PNG
- http://www.nergens.org/samba/ComputerProperties.PNG
Attached is my smb.conf

Eduard Witteveen  
[global]
;changes after comments of  Patrick Shoaf
password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
pam password change = yes
obey pam restrictions = yes

;basic server settings
workgroup = HAWAR3
netbios name = nemo
server string = Samba %h PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
# encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 2
# max log size = 50
# hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0

;user profiles and home directory
logon home = \\%L\%U\
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat

;sync passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n  
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: 
*all*authentication*tokens*updated*successfully*

; new machines
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

#  shares 
[unsafe]
path = /etc/samba
comment = Unsafe Config Share, has to be removed
browseable = yes
writeable = yes

[homes]
comment = Home Directories 
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)

2003-12-17 Thread Eduard Witteveen 
Fabien Chevalier wrote:

It seems your workstation tries to locate the DC by doing a dns query, what is not currently supported by Samba.
What is your workstation node type set to?
 

Could you rephrase your question?  I dont know how i found out what the 
node type of my workstations is.
(after some googling i tried looking in the registry for the key 
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters 
NodeType, but i couldnt find the entry)

Eduard Witteveen
--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)

2003-12-17 Thread Eduard Witteveen 
Fabien Chevalier wrote:

Please send your ipconfig /all.
 

I attached the output

I suppose something's wrong in your network settings.
Are you using Dhcp or static Ip?
 

Dhcp. (look in the output)

The linux server (nemo) has ip-number  10.0.0.152

Eduard Witteveen


Windows IP Configuration



Host Name . . . . . . . . . . . . : SHARED-PC

Primary Dns Suffix  . . . . . . . : 

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix  . : 

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet 
NIC

Physical Address. . . . . . . . . : 00-E0-4C-48-3E-AB

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.156

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.138

DHCP Server . . . . . . . . . . . : 10.0.0.10

DNS Servers . . . . . . . . . . . : 194.134.0.97

194.134.5.55

Primary WINS Server . . . . . . . : 10.0.0.10

Lease Obtained. . . . . . . . . . : Dienstag, 16. Dezember 2003 10:38:39

Lease Expires . . . . . . . . . . : Dienstag, 23. Dezember 2003 10:38:39

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] A domain controller for the domain could not be contacted (2.2.3a-12.3 for Debian)

2003-12-17 Thread Eduard Witteveen 
Fabien Chevalier wrote:

I think your Samba server hasn't been registered to your wins server,
thus when trying to join the domain, your workstation falls back to dns...which 
obviously fails.
Try to add wins server = 10.0.0.10 to your smb.conf,
and let us know if it works...
 

No. I've attached my current configuration file.
When i try to join the domain i still get the same error message(and no 
logfile).
Please let me know what to do next.

[global]
;changes after comments of Fabien Chevalier
wins server = 10.0.0.10

;changes after comments of Patrick Shoaf
password level = 8
username level = 8
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
unix password sync = yes
pam password change = yes
obey pam restrictions = yes

;basic server settings
workgroup = HAWAR3
netbios name = nemo
server string = Samba %h PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
# encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 2
# max log size = 50
# hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0

;user profiles and home directory
logon home = \\%L\%U\
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat

;sync passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n  
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: 
*all*authentication*tokens*updated*successfully*

; new machines
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u

#  shares 
[unsafe]
path = /etc/samba
comment = Unsafe Config Share, has to be removed
browseable = yes
writeable = yes

[homes]
comment = Home Directories 
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] A domain controller for the domain could not by contacted (2.2.3a-12.3 for Debian)

2003-12-16 Thread Eduard Witteveen 
Hello,

I'm having problems using Samba as an primary domain controller. I am 
using debian woody as our platform.

The version of samba is 2.2.3a-12.3 for Debian and i followed the 
instructions which can be found on the following url: 
http://www-106.ibm.com/developerworks/eserver/tutorials/samba/. In short 
this covers:
   - creating the config file
   - creating the users / groups
   - creating directory structure
   - configuring the windows client
I attached my config file's /logging  from my debian woody system.

I did the following things on the windows client (Windows XP 
Professional 2002 Service Pack 1)
   - Open the Local Security Policy editor (Start - All Programs - 
Administrative Tools - Local Security Policy).
   - Locate the entry Domain member: Digitally encrypt or sign secure 
channel (always). Disable it.
   - Locate the entry Domain member: Disable machine account password 
changes. Make sure it's disabled as well.
   - Locate the entry Domain member: Require strong (Windows 2000 or 
later) session key. Disable it.
   - Next, download the WinXP_SignOrSeal registry patch from 
www.samba.org http://www.samba.org or collect it from the Further 
resources: Downloads and developerWorks 
http://www-106.ibm.com/developerworks/eserver/tutorials/samba/samba-6-2.html 
section at the end of this tutorial. Apply it by double-clicking and 
answering Yes to the dialog prompt.
   - Now join the domain the same as you would for Windows NT or 2000. 
Right-click My Computer, select Properties, Computer Name, and Change. 
Or click the Network ID button and run the Network Wizard.

I put some screenshots of windows on the following locations: 
http://www.nergens.org/samba/ComputerNameChanges.PNG and 
http://www.nergens.org/samba/ComputerProperties.PNG

( i searched on the mailarchive, but i couldnt find any pointers / im 
kinda new to smb so i dont know how to debug)

Could someone please help me here?

Eduard Witteveen

[global]
;basic server settings
workgroup = HAWAR3
netbios name = nemo
server string = Samba %h PDC running %v
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192

;PDC and master browser settings
os level = 64
preferred master = yes
local master = yes
domain master = yes

;security and logging settings
security = user
# encrypt passwords = yes
log file = /var/log/samba/log.%m
log level = 2
# max log size = 50
# hosts allow = 127.0.0.1 192.168.1.0/255.255.255.0

;user profiles and home directory
logon home = \\%L\%U\
logon drive = H:
logon path = \\%L\profiles\%U
logon script = netlogon.bat

;sync passwords
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n  
*Enter*new*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd: 
*all*authentication*tokens*updated*successfully*

; new machines
add user script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u


#  shares 

[homes]
comment = Home Directories 
browseable = no
writeable = yes

[profiles]
path = /home/samba/profiles
writeable = yes
browseable = no
create mask = 0600[2003/12/16 17:18:37, 0] smbd/server.c:main(698)
  smbd version 2.2.3a-12.3 for Debian started.
  Copyright Andrew Tridgell and the Samba Team 1992-2002
[2003/12/16 17:18:37, 1] lib/debug.c:debug_message(250)
  INFO: Debug class all level = 2   (pid 232 from pid 232)
[2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973)
  Processing section [homes]
[2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973)
  Processing section [profiles]
[2003/12/16 17:18:37, 2] param/loadparm.c:do_section(2973)
  Processing section [netlogon]
[2003/12/16 17:18:37, 2] lib/interface.c:add_interface(81)
  added interface ip=10.0.0.152 bcast=10.0.0.255 nmask=255.255.255.0
[2003/12/16 17:18:37, 2] smbd/server.c:open_sockets(198)
  waiting for a connection
nemo:/var/log/samba# cat log.nmbd 
[2003/12/16 17:18:37, 0] nmbd/nmbd.c:main(783)
  Netbios nameserver version 2.2.3a-12.3 for Debian started.
  Copyright Andrew Tridgell and the Samba Team 1994-2002
[2003/12/16 17:18:37, 1] lib/debug.c:debug_message(250)
  INFO: Debug class all level = 2   (pid 230 from pid 230)
[2003/12/16 17:18:37, 2] nmbd/nmbd.c:main(821)
  Becoming a daemon.
[2003/12/16 17:18:37, 2] lib/interface.c:add_interface(81)
  added interface ip=10.0.0.152 bcast=10.0.0.255 nmask=255.255.255.0
[2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193)
  making subnet name:10.0.0.152 Broadcast address:10.0.0.255 Subnet mask:255.255.255.0
[2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193)
  making subnet name:UNICAST_SUBNET Broadcast address:0.0.0.0 Subnet mask:0.0.0.0
[2003/12/16 17:18:37, 2] nmbd/nmbd_subnetdb.c:make_subnet(193)
  making subnet name:REMOTE_BROADCAST_SUBNET Broadcast address:0.0.0.0 Subnet 
mask:0.0.0.0
[2003/12/16 17:18:37, 2] nmbd/nmbd_lmhosts.c:load_lmhosts_file(41)
  load_lmhosts_file: Can't open lmhosts file /etc/samba/lmhosts. Error

Re: [Samba] A domain controller for the domain could not by contacted (2.2.3a-12.3 for Debian)

2003-12-16 Thread Eduard Witteveen 
Fabien Chevalier wrote:

Relevant information is generally in /var/log/samba/log.NETBIOSNAME.

 

I cannot find this file. I did the following steps:
- Stopped the samba deamon
- Removed all the logging from the /var/log/samba directory
- Started the samba deamon
- Tried to join the domain again
nemo:/var/log/samba# ls -la
total 16
drwxr-x---2 root adm  4096 Dec 16 18:42 .
drwxr-xr-x6 root root 4096 Dec 16 06:25 ..
-rw-r--r--1 root root 3548 Dec 16 18:43 log.nmbd
-rw-r--r--1 root root  663 Dec 16 18:42 log.smbd
But when i try to access the server itselve by entering 
\\ipnumber-samba-machine in start  run  this file is created.
   nemo:/var/log/samba# cat log.shared-pc
   [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458)
 Closing connections
   [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458)
 Closing connections
   [2003/12/16 18:48:41, 2] smbd/server.c:exit_server(458)
 Closing connections

I tried to join the domain again at this point, but no changes are made 
to the logging while im doing this

Are there things i have to test before i want to join the domain?

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba