Re: [Samba] net join echoes root password
Robert Vangel wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Heinrich Rebehn wrote: Hi list, # net join asks for the root password (seems to be new). This is not a problem, but when i do: # ssh [EMAIL PROTECTED] net join mydomain the root password is echoed on the terminal. Is this expected behaviour? (I hope not). This is because you aren't allocating a terminal in your ssh session. Add `-t' after ssh to force allocation of one, and it will work as-per normal. Thanks, this works. There's still things to learn.. Heinrich -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] net join echoes root password
Hi list, # net join asks for the root password (seems to be new). This is not a problem, but when i do: # ssh [EMAIL PROTECTED] net join mydomain the root password is echoed on the terminal. Is this expected behaviour? (I hope not). Regards, Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] net join echoes root password
Heinrich Rebehn wrote: Hi list, # net join asks for the root password (seems to be new). This is not a problem, but when i do: # ssh [EMAIL PROTECTED] net join mydomain the root password is echoed on the terminal. Is this expected behaviour? (I hope not). Sorry, i forgot to mention the versions: Samba: 3.0.14a-Debian Kernel: 2.6.11.11y Userland: Debian Sarge Regards, Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Printer settings get lost
Hi List, I have a problem with printing and cannot find a solution in the HowTo or in the mail archive. I have set up Point and click printing according to the official samba howto. I uploaded the drivers to the server and can print from the clients just fine, with one exeption: As a printer admin i can configure our printer to have the duplex unit installed and other (non privileged) users see the changed setting. But after a while (i am not sure when, maybe when i have logged out) the setting gets lost, the printer does not have a duplexer anymore and unprivileged users cannot use it because they can't configure it (it is greyed out). I use SAMBA 3.0.10 on Gentoo Linux. Client is Windows XP SP 2. Printer driver is in /var/lib/samba/printers/W32X86/3 Any ideas? This is really a showstopper for our samba printing. -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Solved: [Samba] Printers not visible to other users
Heinrich Rebehn wrote: Hi all, I run a 3.0.8 Samba PDC with WIN XP SP2 clients. I configured printing (lprng) with drivers uploaded to the server for easy printer installation on the clients. This works like a charm: I can drag'n drop printers from the server's printer share or install them with the local Add printer wizzard. I do this as a domain admin on the client and it works fine. BUT: If another user logs in to the client, he does not see the printers! And since he is not admin, he cannot install any. I then took a look into the admin's NTUSER.DAT (with a hex editor) and found the names of the printers there! So it seems i installed them only for this user. Is this possible? I always thought that printers are installed system-wide. What am i missing here? Can anyone help? I found the answer in the Samba Howto: Since network printers are installed per user, this much simplifies the process of keeping the installation up-to-date Thanks for the good documentation, it is just s much to read ;-) --Heinrich -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cannot get DOMAIN ADMINS to work *SOLVED*
Ryan Novosielski wrote: FWIW, I believe you'll be experiencing problems with this part of your setup: Administrators (S-1-5-32-544) - ntadmin Domain Admins (S-1-5-21-4008939791-1949703945-886196202-512) - ntadmin I don't believe that is legal. Or perhaps it is only illegal if ntadmin is someone's primary group, not secondary. I just fought with this one myself. Does anyone have a good resource on this? ntadmin is one of my secondary groups. Anyway, it now works for me. I had to stop samba, delete secrets.tdb and groupmappings.tdb and restart samba, according to: http://lists.samba.org/archive/samba/2004-August/090343.html _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - User Support Spec. III |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Fri, 10 Dec 2004, Heinrich Rebehn wrote: Hi list, After reading a lot in the mailing list and the official Samba 3 howto, i am still unable to give domain admin rights to a user, so that he gets admin rights on all workstations in the domain. Here is what i have: - Samba 3.08 PDC, config: [global] workgroup = ANT netbios name = ANTSRV netbios aliases = RUN KITS HOMES LIB PRINTERS server string = ANT Samba Server %v printcap name = /etc/samba/smbprintcap load printers = yes printing = lprng printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 map to guest = bad user security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 33 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U shares removed - Client: Vanilla Windows XP professional, SP2, domain member, no special registry settings - Groups: [EMAIL PROTECTED] [~] # net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - ntadmin Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-4008939791-1949703945-886196202-513) - wiss Domain Admins (S-1-5-21-4008939791-1949703945-886196202-512) - ntadmin Backup Operators (S-1-5-32-551) - -1 Domain Guests (S-1-5-21-4008939791-1949703945-886196202-514) - nogroup Users (S-1-5-32-545) - wiss [EMAIL PROTECTED] [~] # getent group ntadmin ntadmin:x:1060:rebehn This should be enough to give user rebehn admin rights on all workstaions in the domain, right? But it does not work. When i try to partition disks on a workstation, i get a message saying that i do not have the nessecary rights. Questions: - Did i miss something obvious? - How can i debug on server/client side ? Thanks for any help. PS: winbindd is not running. Do i need it? -- -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: domain admin issue *solved*
Trey Nolen wrote: http://groups.google.com/groups?hl=enlr=ie=UTF-8threadm=1bKKG-3JE-47%40gated-at.bofh.itrnum=1prev=/groups%3Fq%3Dsamba%2Bdomain%2Badmins%2Bproblem%26ie%3DUTF-8%26hl%3Den%26btnG%3DGoogle%2BSearch Bottom line: Stop samba, delete group_mapping.tdb *and* secrets.tdb, start samba. Make sure you have a backup of secrets.tdb, at least on production servers. The clients probably have to rejoin the domain after deleting secrets.tdb. It's also possible that the tdb-files are in different directories if you are trying out different versions/distributions of samba. XP-clients also cache the ten latest logins by default to add to the confusion... Other than that I have never had problems with the Domain Admins-stuff working on the client with any samba 3.0.x. This got it. The trick was deleting the secrets.tdb as well. I still don't know why it didn't work the first time, but I it si working now. Thanks for the help. Trey Nolen Thanks for this tip. This also fixed the problem for me. I had been looking for days.. So this still happens with Samba 3.08. -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Cannot get DOMAIN ADMINS to work
Jim C. wrote: | After reading a lot in the mailing list and the official Samba 3 howto, | i am still unable to give domain admin rights to a user, so that he gets | admin rights on all workstations in the domain. | | Here is what i have: 1. If you are using ldap, you should know that the posixgroup objectClass is out of date and that you will need a different objectClass to provide Administrative access to the LDAP database itself. Specifically, groupOfNames. LDAP is only used by the Unix system. Samba does not use LDAP, it is even compiled w/o LDAP support. So, as long as getgrent(3) shows that a user is in the ntadmin group, the user should get admin rights. --Heinrich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Cannot get DOMAIN ADMINS to work
Hi list, After reading a lot in the mailing list and the official Samba 3 howto, i am still unable to give domain admin rights to a user, so that he gets admin rights on all workstations in the domain. Here is what i have: - Samba 3.08 PDC, config: [global] workgroup = ANT netbios name = ANTSRV netbios aliases = RUN KITS HOMES LIB PRINTERS server string = ANT Samba Server %v printcap name = /etc/samba/smbprintcap load printers = yes printing = lprng printer admin = @adm log file = /var/log/samba/log.%m max log size = 50 map to guest = bad user security = user encrypt passwords = yes smb passwd file = /etc/samba/private/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 33 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U shares removed - Client: Vanilla Windows XP professional, SP2, domain member, no special registry settings - Groups: [EMAIL PROTECTED] [~] # net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - ntadmin Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-4008939791-1949703945-886196202-513) - wiss Domain Admins (S-1-5-21-4008939791-1949703945-886196202-512) - ntadmin Backup Operators (S-1-5-32-551) - -1 Domain Guests (S-1-5-21-4008939791-1949703945-886196202-514) - nogroup Users (S-1-5-32-545) - wiss [EMAIL PROTECTED] [~] # getent group ntadmin ntadmin:x:1060:rebehn This should be enough to give user rebehn admin rights on all workstaions in the domain, right? But it does not work. When i try to partition disks on a workstation, i get a message saying that i do not have the nessecary rights. Questions: - Did i miss something obvious? - How can i debug on server/client side ? Thanks for any help. PS: winbindd is not running. Do i need it? -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Permission error on /etc/samba/private/secrets.tdb
Hi list,
I have a strange permission problem with secrets.tdb on an nfs mounted
filesystem.
A strace of smbd shows the following lines:
open(/etc/samba/private/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600)
= 4
fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1},
0xb010) = -1 EACCES (Permission denied)
/etc/samba/private/secrets.tdb is a link to
/var/etc/samba/private/secrets.tdb which in turn is a link to
/cluster/bremerhaven/secrets.tdb, which is on an nfs mounted filesystem.
This setup is because the root fs is readonly and /var is volatile (tmpfs).
root has full access on /cluster and it also does not help if i set
secrets.tdb's permissions to 0666.
Are there known issues with the fcntl64 call? Would upgrading to kernel
2.6.x help?
Versions:
--
smbd: 3.0.4
kernel: 2.4.26
NFS server: FreeBSD 5.2.1
Any help or hints would be appreciated.
Grretings,
Heinrich Rebehn
University of Bremen
Physics / Electrical and Electronics Engineering
- Department of Telecommunications -
Phone : +49/421/218-4664
Fax :-3341
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permission error on /etc/samba/private/secrets.tdb
Jeremy Allison wrote:
On Tue, Jul 13, 2004 at 11:16:23AM +0200, Heinrich Rebehn wrote:
Hi list,
I have a strange permission problem with secrets.tdb on an nfs mounted
filesystem.
A strace of smbd shows the following lines:
open(/etc/samba/private/secrets.tdb, O_RDWR|O_CREAT|O_LARGEFILE, 0600)
= 4
fcntl64(4, F_SETLKW64, {type=F_WRLCK, whence=SEEK_SET, start=0, len=1},
0xb010) = -1 EACCES (Permission denied)
/etc/samba/private/secrets.tdb is a link to
/var/etc/samba/private/secrets.tdb which in turn is a link to
/cluster/bremerhaven/secrets.tdb, which is on an nfs mounted filesystem.
This setup is because the root fs is readonly and /var is volatile (tmpfs).
root has full access on /cluster and it also does not help if i set
secrets.tdb's permissions to 0666.
Are there known issues with the fcntl64 call? Would upgrading to kernel
2.6.x help?
Try not to put tdb files on an nfs mount. Some servers (Solaris as I
remember) have issues with doing fcntl locks on an mmapped file. By
issues I mean it doesn't work :-).
Jeremy.
Thanks for your reply.
Unfortunately i do not have any other option on a diskless machine. I
could copy it to tmpfs at boot time, but that would require copying it
back on shutdown.
The good news, however, is that it works with kernel 2.6.7, so maybe
it's not a server's problem but a linux problem (or both).
Yet smbd still complains that it can't set permission 0600 on
secrets.tdb which still does not make sense.
Anyhow, samba does work now.
--Heinrich
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] change_to_user: Invalid vuid used 0
Hi list, When i try to connect to a share on my samba server from a DOS client (DEC Pathworks), i can connect, but when trying to access the share, i get Access Denied. At the same time, the following is logged on the server: essen (134.102.176.48) connect to service kits as user nobody (uid=65534, gid=65534) (pid 48840) [2003/07/16 10:34:37, 3] smbd/sec_ctx.c:set_sec_ctx(329) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2003/07/16 10:34:37, 3] smbd/reply.c:reply_tcon_and_X(395) tconX service=kits user=nobody [2003/07/16 10:34:42, 3] smbd/process.c:process_smb(846) Transaction 3 of length 61 [2003/07/16 10:34:42, 3] smbd/process.c:switch_message(685) switch message SMBsearch (pid 48840) [2003/07/16 10:34:42, 2] smbd/uid.c:change_to_user(138) change_to_user: Invalid vuid used 0 === [2003/07/16 10:34:42, 3] smbd/error.c:error_packet(129) error packet at smbd/process.c(742) cmd=129 (SMBsearch) eclass=2 ecode=4 Same problem when i connect as an authenticated user. The file permissions are ok and i can connect from WIN9x client w/o problems. What wrong here? I use samba 2.2.8a under FreeBSD-4.7 Heinrich -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] change_to_user: Invalid vuid used 0
Andrew Bartlett wrote: On Wed, Jul 16, 2003 at 10:55:56AM +0200, Heinrich Rebehn wrote: Hi list, When i try to connect to a share on my samba server from a DOS client (DEC Pathworks), i can connect, but when trying to access the share, i get Access Denied. For a client this old, try 'security=share' Andrew Bartlett Thanks, but unfortunately i cannot do this on a share or client level and I would not like to reconfigure our main samba server just for the sake of this client. Also i remember that this used to work with an older samba version (don't konw which one though..) Or can i specifiy security=...' in a client specific include file? Heinrich -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error messages about locking.tdb
Hi list, I am using Samba 2.2.3a-12 and it works fine, exept for error messages that fill up my log files. The messages are: smbd[1198]: [2003/02/12 22:53:53, 0] tdb/tdbutil.c:tdb_log(475) smbd[1198]: tdb(/var/run/samba/locking.tdb): expand_file ftruncate to 8192 failed (Permission denied) smbd[1198]: [2003/02/12 22:53:54, 0] tdb/tdbutil.c:tdb_log(475) smbd[1198]: tdb(/var/run/samba/locking.tdb): expand_file ftruncate to 8192 failed (Permission denied) The permission of /var/run/samba/locking.tdb is 600 root:root, the process trying to access it is an smbd running under a user account, so there seems to bee a configuration problem. I chnged the perms to 666 for a few seconds and now the log is quiet. Searching google did not show any solution. What's wrong here? System is Linux 2.4.18 SMP. Thanks for any help Heinrich -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - E-mail: mailto:[EMAIL PROTECTED] Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
