[Samba] Announce version / Announce as
I don't really understand these options. What happens with a higher value of announce version than the default??, does it has a similar effect to os level?. What are the possible values of Announce as? (I have read the man page but it doesn't enumerate them) Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Linux-to-Linux Samba Migration
Maybe you can try with NIS or NIS+. What database backend are you using? Regards On 3/28/06, Tom Smith [EMAIL PROTECTED] wrote: I'm working on migrating from Mandrake 10.0 to Ubuntu 5.10. The last, and probably most important, service to be moved is Samba... The setup is fairly simple, here is is: - Mandrake Linux 10.0 - Samba 3.0.10 Here's the global Samba configuration of my server: [global] workgroup = workgroup name server string = string passdb backend = tdbsam:/etc/samba/passdb.tdb passwd program = /usr/bin/passwd %u unix password sync = Yes time server = Yes load printers = No add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\%U.bat logon drive = H: logon home = \\%N\%U\profile.w98 domain logons = Yes wins support = Yes ldap ssl = no idmap uid = 15000-2 idmap gid = 15000-2 admin users = root, tom create mask = 0770 directory mask = 0770 veto oplock files = /*.xls/ Transferring the files and the associated shares is the easy part. What I'm concerned about is getting the domain and user/group information to transfer without having to reconfigure all of the workstations or all of the user/group accounts on the new server. I looked to see if I could find such a guide for doing this but wasn't able to--not sure if maybe I'm searching for the wrong terms or whatnot. Any suggestions offered and/or pointers to documentation would be greatly appreciated. Thanks in advance for your help. ~ Tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Two local master browsers in the same subnet??
Hello I have the following problem. I have a Windows network, when Samba starts it says in his logs that is local master browser for his workgroup. However when I do nmblookup -MT Name of the workgroup it returns two ip addresses, one of them is the address of the Samba Server, the other is the address of a Windows machine (could be Windows 2000 or XP). The thing is that the browse list that is seen in the network neighborhood is the one mantained by the Windows machine, so for all practical purposes the local master browser is the Windows machine. If I reboot the Windows machine the Samba server becomes the local master browser and everything works ok (doing an nmblookup returns only the ip address of the Samba server). Any ideas why is this happening and how to fix it?? Thanks in advance. Pd: the following are the relevant options of my smb.conf (there isn't any other Samba machines) local master = yes os level = 65 preferred master = yes browse list = yes domain logons = yes domain master = yes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
Yes I have done that, but I also want that the share can be seen only by specific people Regards On 3/16/06, Guillermo Gutierrez [EMAIL PROTECTED] wrote: Try using valid users = @somegroup (replacing somegroup with an actual users group) or valid users = userone usertwo etc... for individual users. These should be added under the specific share entries in the smb.conffile. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Guillermo Dalla Vecchia Sent: Thursday, March 16, 2006 6:20 PM To: samba@lists.samba.org Subject: [Samba] Making Share Visible To Particular Users Only Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
Sorry, I didn't check the reply address. How about Linux Clients?? could it be done something similar for them? (logon scripts only work with Windows Clients). On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Let's keep this on list please. A logon script is a script so yes, it could be done that way. A share that isn't browseable is still there, it just doesn't show up in a network browser. You can still connect to it, access privileges permitting. Similar to ADMIN$ or C$ from a Windows 'server' Craig On Fri, 2006-03-17 at 02:42 -0300, Guillermo Dalla Vecchia wrote: Could it be done with the logon scripts option?? I think this works with windows clients. For Linux clients could it be done setting up correctly fstab (to mount the share at boot time)?? the shares require username and password though... Regards On 3/16/06, Craig White [EMAIL PROTECTED] wrote: On Thu, 2006-03-16 at 23:19 -0300, Guillermo Dalla Vecchia wrote: Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. not that I know of but you can set browsable to off (less visibility) and have those users mount the share by a script or individually set by 'reconnect at logon' and of course you can control read and write access within each share. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
Also, logon scripts only work with a domain configuration whereas I have a workgroup. Is there some way to this in a workgroup?? Regards On 3/17/06, Guillermo Dalla Vecchia [EMAIL PROTECTED] wrote: Sorry, I didn't check the reply address. How about Linux Clients?? could it be done something similar for them? (logon scripts only work with Windows Clients). On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Let's keep this on list please. A logon script is a script so yes, it could be done that way. A share that isn't browseable is still there, it just doesn't show up in a network browser. You can still connect to it, access privileges permitting. Similar to ADMIN$ or C$ from a Windows 'server' Craig On Fri, 2006-03-17 at 02:42 -0300, Guillermo Dalla Vecchia wrote: Could it be done with the logon scripts option?? I think this works with windows clients. For Linux clients could it be done setting up correctly fstab (to mount the share at boot time)?? the shares require username and password though... Regards On 3/16/06, Craig White [EMAIL PROTECTED] wrote: On Thu, 2006-03-16 at 23:19 -0300, Guillermo Dalla Vecchia wrote: Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. not that I know of but you can set browsable to off (less visibility) and have those users mount the share by a script or individually set by 'reconnect at logon' and of course you can control read and write access within each share. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
I think this could work, I'll give it a try. I'll also try the suggestion from Gx to use the include directive in the share definition. I think both are possible solutions. Thanks Guillermo. On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Linux clients 'mount' as root which complicates things a bit. If you put the mount in fstab as 'user', and set the users 'credentials' to be a file in their home directory (which contains their username and password), then those that have that file could actually 'mount it' and those without wouldn't know the difference. In this case, the users who could 'mount' the samba share would have to know where on the filesystem the mount is made. Craig On Fri, 2006-03-17 at 11:48 -0300, Guillermo Dalla Vecchia wrote: Sorry, I didn't check the reply address. How about Linux Clients?? could it be done something similar for them? (logon scripts only work with Windows Clients). On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Let's keep this on list please. A logon script is a script so yes, it could be done that way. A share that isn't browseable is still there, it just doesn't show up in a network browser. You can still connect to it, access privileges permitting. Similar to ADMIN$ or C$ from a Windows 'server' Craig On Fri, 2006-03-17 at 02:42 -0300, Guillermo Dalla Vecchia wrote: Could it be done with the logon scripts option?? I think this works with windows clients. For Linux clients could it be done setting up correctly fstab (to mount the share at boot time)?? the shares require username and password though... Regards On 3/16/06, Craig White [EMAIL PROTECTED] wrote: On Thu, 2006-03-16 at 23:19 -0300, Guillermo Dalla Vecchia wrote: Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. not that I know of but you can set browsable to off (less visibility) and have those users mount the share by a script or individually set by 'reconnect at logon' and of course you can control read and write access within each share. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
The thing is that I need this for only one user, and I don't want to use a domain. Regards Guillermo. On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Workgroup, you would probably have to distribute specific scripts to specific users on specific machines. Are you trying to make an argument for why setting Samba up as a domain controller is a good thing? If so, you are succeeding. Craig On Fri, 2006-03-17 at 12:19 -0300, Guillermo Dalla Vecchia wrote: Also, logon scripts only work with a domain configuration whereas I have a workgroup. Is there some way to this in a workgroup?? Regards On 3/17/06, Guillermo Dalla Vecchia [EMAIL PROTECTED] wrote: Sorry, I didn't check the reply address. How about Linux Clients?? could it be done something similar for them? (logon scripts only work with Windows Clients). On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Let's keep this on list please. A logon script is a script so yes, it could be done that way. A share that isn't browseable is still there, it just doesn't show up in a network browser. You can still connect to it, access privileges permitting. Similar to ADMIN$ or C$ from a Windows 'server' Craig On Fri, 2006-03-17 at 02:42 -0300, Guillermo Dalla Vecchia wrote: Could it be done with the logon scripts option?? I think this works with windows clients. For Linux clients could it be done setting up correctly fstab (to mount the share at boot time)?? the shares require username and password though... Regards On 3/16/06, Craig White [EMAIL PROTECTED] wrote: On Thu, 2006-03-16 at 23:19 -0300, Guillermo Dalla Vecchia wrote: Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. not that I know of but you can set browsable to off (less visibility) and have those users mount the share by a script or individually set by 'reconnect at logon' and of course you can control read and write access within each share. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Making Share Visible To Particular Users Only
I did it with the following configuration of the share: [johndoe] path = /tmp valid users = johndoe public = no browseable = no writeable = yes include = /etc/samba/smb.conf.%U create mask = 0600 directory mask = 0700 /etc/samba/smb.conf.%U The following lines are in the file smb.conf.johndoe [johndoe] browseable = yes Thanks to Gx and to all for your kind help Regards Guillermo. On 3/17/06, Frederick C. Damen [EMAIL PROTECTED] wrote: You might try to have the home share be attached to the directory of interest or have the directory(ies) of interest as sub directories of the home directory. This would not technically control the visability of the shares but would give access to the set of files based on user identity. Should give same results in Windows/Unix. Hope This Helps, Fred On Fri, March 17, 2006 9:19 am, Guillermo Dalla Vecchia wrote: Also, logon scripts only work with a domain configuration whereas I have a workgroup. Is there some way to this in a workgroup?? Regards On 3/17/06, Guillermo Dalla Vecchia [EMAIL PROTECTED] wrote: Sorry, I didn't check the reply address. How about Linux Clients?? could it be done something similar for them? (logon scripts only work with Windows Clients). On 3/17/06, Craig White [EMAIL PROTECTED] wrote: Let's keep this on list please. A logon script is a script so yes, it could be done that way. A share that isn't browseable is still there, it just doesn't show up in a network browser. You can still connect to it, access privileges permitting. Similar to ADMIN$ or C$ from a Windows 'server' Craig On Fri, 2006-03-17 at 02:42 -0300, Guillermo Dalla Vecchia wrote: Could it be done with the logon scripts option?? I think this works with windows clients. For Linux clients could it be done setting up correctly fstab (to mount the share at boot time)?? the shares require username and password though... Regards On 3/16/06, Craig White [EMAIL PROTECTED] wrote: On Thu, 2006-03-16 at 23:19 -0300, Guillermo Dalla Vecchia wrote: Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. not that I know of but you can set browsable to off (less visibility) and have those users mount the share by a script or individually set by 'reconnect at logon' and of course you can control read and write access within each share. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Making Share Visible To Particular Users Only
Dear Friends, Is It Possible to Make a *Share* Visible to a List of Users *Only* ? e.g. If have shares Likes Account, Sales, Support Then I would Like make respective *share* visible *only* to persons in respective dept. Thanks and Best Regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Bizarre problems with two Samba in the same workgroup
I have resolved part of my problems. The shares won't show up if they have more than 12 characters. That was happening with documentacion and my home (they have 13 characters). I have lowered the os level from 200 to 65 in the new server (the recommended value), and 65 to 0 in the old server (to not take part in master browser elections). That seems to give better results. But I still can't see the old server (Samba 2.2 configured as client) in the browsing list (mantained in the new Samba 3.0.14 server). I have the following question I can see an entry in wins.dat for the old and new server but nothing more, although when I see browse.dat I can see the browsing list ok except for the old server. Is that ok?? shouldn't I see an entry in wins.dat for every client configured to use wins?? Why Samba 3.0 doesn't add Samba 2.2 to the browsing list?? Thanks in advance On 3/8/06, Guillermo Dalla Vecchia [EMAIL PROTECTED] wrote: I had to setup a new Samba server as a PDC in my job (Samba 3.0) to replace and existing Samba server PDC (Samba 2.2), the old server was running ldap as backend, the new is running tdbsam. I have a lot of bizarre problems when I put both in the same workgroup with other machines. I will give you a list of them: 1) The new server is configured as local master browser and domain master browser, with this configuration the old server never appears in the network neighborhood. 2) The servers have the same shares. If I define a new share in one of them. the share appears in the other if I see it in network neighborhood. The content of the shares of the new server are the same of the old one if a see them in the network neighborhood (although they are not the same). 3) There is a share defined in the new server (documentacion) that doesn't appear in network neighborhood (I can only connect to it from command line with smbclient) eventhough the same share works ok in the old server. 4) If I do nmblookup -MT Workgroup the result are the IPs of both servers. 5) The home of my user doesn't appear in network neighborhood but other users appear ok. Next I will give you the content of smb.conf of both servers: New server running Samba 3.0 (IP 192.168.5.150) in Debian Sarge 3.1 [global] workgroup = PRUEBA server string = Servidor2 netbios name = SERVIDOR2 wins support = yes dns proxy = yes name resolve order = wins host lmhosts bcast local master = yes os level = 200 preferred master = yes browse list = yes domain logons = yes domain master = yes add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u logon home = logon drive = Z: logon path = \\%L\profiles\%U log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password:* %n\n *Retype*new*UNIX*password:* %n\n *passwd:*password*updated*successfully* log level = 3 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [homes] comment = Home del usuario %U valid users = %S browseable = no writeable = yes create mask = 0600 directory mask = 0700 [profiles] comment = Perfiles de usuarios path = /home/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no [documentacion] comment = Documentacion ISO 9001 path = /home/docs/ valid users = +users public = yes browseable = yes writeable = yes create mask = 0640 directory mask = 0750 [grupos] comment = Directorio compartido de grupos path = /home/grupos # ver el macro %S valid users = +users browseable = yes writeable = yes create mask = 0660 directory mask = 0770 [noconf] comment = No conformidades ISO 9001 path = /home/NoConf/ valid users = +users browseable = yes writeable = yes create mask = 0664 directory mask = 0775 *** Old server running Samba 2.2 (IP 192.168.5.99) in Debian Woody workgroup = PRUEBA netbios name = SERVIDOR server string = Servidor domain admin group = @Domain Admins log file = /var/log/samba/%m.log security = user password level = 16 username level = 16 encrypt passwords = yes unix password sync = yes passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* ldap server = localhost ldap port = 389 ldap ssl = no ldap suffix = dc=ledefyl,dc=com socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.5.99/24 127.0.0.1 bind interfaces only = yes local master = no os level = 65 domain master
[Samba] Bizarre problems with two Samba in the same workgroup
I had to setup a new Samba server as a PDC in my job (Samba 3.0) to replace and existing Samba server PDC (Samba 2.2), the old server was running ldap as backend, the new is running tdbsam. I have a lot of bizarre problems when I put both in the same workgroup with other machines. I will give you a list of them: 1) The new server is configured as local master browser and domain master browser, with this configuration the old server never appears in the network neighborhood. 2) The servers have the same shares. If I define a new share in one of them. the share appears in the other if I see it in network neighborhood. The content of the shares of the new server are the same of the old one if a see them in the network neighborhood (although they are not the same). 3) There is a share defined in the new server (documentacion) that doesn't appear in network neighborhood (I can only connect to it from command line with smbclient) eventhough the same share works ok in the old server. 4) If I do nmblookup -MT Workgroup the result are the IPs of both servers. 5) The home of my user doesn't appear in network neighborhood but other users appear ok. Next I will give you the content of smb.conf of both servers: New server running Samba 3.0 (IP 192.168.5.150) in Debian Sarge 3.1 [global] workgroup = PRUEBA server string = Servidor2 netbios name = SERVIDOR2 wins support = yes dns proxy = yes name resolve order = wins host lmhosts bcast local master = yes os level = 200 preferred master = yes browse list = yes domain logons = yes domain master = yes add machine script = /usr/sbin/useradd -d /dev/null -g machines -s /bin/false -M %u logon home = logon drive = Z: logon path = \\%L\profiles\%U log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = user encrypt passwords = true passdb backend = tdbsam unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password:* %n\n *Retype*new*UNIX*password:* %n\n *passwd:*password*updated*successfully* log level = 3 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [homes] comment = Home del usuario %U valid users = %S browseable = no writeable = yes create mask = 0600 directory mask = 0700 [profiles] comment = Perfiles de usuarios path = /home/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no [documentacion] comment = Documentacion ISO 9001 path = /home/docs/ valid users = +users public = yes browseable = yes writeable = yes create mask = 0640 directory mask = 0750 [grupos] comment = Directorio compartido de grupos path = /home/grupos # ver el macro %S valid users = +users browseable = yes writeable = yes create mask = 0660 directory mask = 0770 [noconf] comment = No conformidades ISO 9001 path = /home/NoConf/ valid users = +users browseable = yes writeable = yes create mask = 0664 directory mask = 0775 *** Old server running Samba 2.2 (IP 192.168.5.99) in Debian Woody workgroup = PRUEBA netbios name = SERVIDOR server string = Servidor domain admin group = @Domain Admins log file = /var/log/samba/%m.log security = user password level = 16 username level = 16 encrypt passwords = yes unix password sync = yes passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* ldap server = localhost ldap port = 389 ldap ssl = no ldap suffix = dc=ledefyl,dc=com socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = 192.168.5.99/24 127.0.0.1 bind interfaces only = yes local master = no os level = 65 domain master = no preferred master = no domain logons = no name resolve order = wins host lmhosts bcast wins server = 192.168.5.150 dns proxy = no wins proxy = yes logon home = logon drive = Z: logon path = \\%L\profiles\%U logon script = startup.bat add user script = /usr/local/sbin/smbldap-useradd.pl -m -d /dev/null -g computers -s /bin/false [homes] comment = Home del usuario %U valid users = %S browseable = no writeable = yes create mask = 0600 directory mask = 0700 [profiles] comment = Perfiles de usuarios path = /home/profiles writeable = yes browseable = no create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /home/netlogon read only = yes browseable = no write list = root,@Domain Admins [grupos] path = /home/grupos comment = Directorio compartido de grupos # ver el macro %S valid users = +users browseable = yes writeable = yes create mask = 0660 directory mask = 0770 [documentacion] comment = Documentacion ISO 9001 path = /home/iso9001/docs/ valid users = +users browseable = yes writeable = yes create mask = 0640
