[Samba] Domain Children
hi, I have a pdc domain called, 'shinyang' then, how can i create a called domain children, such as 'sycompany1.shinyang'? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba BDC for Backup
Hiu Yen Onn wrote: Hiu Yen Onn wrote: hi, i have no experience in configure any of the BDC before. just curious to ask, if i have configured a BDC, then if any fail down of my PDC, does BDC will take turn automatically??? stupid question but, i didnt know it... sorry another question 1. I have a master ldap tree for my PDC, likewise my BDC also having a slave ldap tree, do i need to replicate the master ldap to the slave ldap? 2. How about the sid number??? does PDC sid have to be similar to the BDC sid??? what is sid? what does is working for??? dun understand... pls enlighten.. thanks.. do i need to configure a NIS master and NIS slave for my pdc, and bdc??? if not, i am wondering how can a user in pdc can be appeared to a bdc??? pls advise thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba BDC for Backup
Ian Clancy wrote: Hiu Yen Onn wrote: Hiu Yen Onn wrote: hi, i have no experience in configure any of the BDC before. just curious to ask, if i have configured a BDC, then if any fail down of my PDC, does BDC will take turn automatically??? stupid question but, i didnt know it... sorry another question 1. I have a master ldap tree for my PDC, likewise my BDC also having a slave ldap tree, do i need to replicate the master ldap to the slave ldap? In a word, Yes. If you are using openldap you will find plenty of documentation on the Internet about how to do this. 2. How about the sid number??? does PDC sid have to be similar to the BDC sid??? what is sid? what does is working for??? dun understand... pls enlighten.. thanks.. The PDC and the BDC have the same SID number. Usually each computer / users has a unique SID. However domain controllers are a unique case. You can import the SID into a BDC using the 'net rpc getsid DOMAINNAME' command. i configured a BDC, but, it ends up throwing me an error when i a trying to join the domain no mapping between account names and security ids pls guide me for troubleshooting.. thanks.. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba BDC for Backup
Hiu Yen Onn wrote: hi, i have no experience in configure any of the BDC before. just curious to ask, if i have configured a BDC, then if any fail down of my PDC, does BDC will take turn automatically??? stupid question but, i didnt know it... sorry another question 1. I have a master ldap tree for my PDC, likewise my BDC also having a slave ldap tree, do i need to replicate the master ldap to the slave ldap? 2. How about the sid number??? does PDC sid have to be similar to the BDC sid??? what is sid? what does is working for??? dun understand... pls enlighten.. thanks.. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba BDC for Backup
hi, i have no experience in configure any of the BDC before. just curious to ask, if i have configured a BDC, then if any fail down of my PDC, does BDC will take turn automatically??? stupid question but, i didnt know it... sorry -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Disk Quota
hi, I have samba-3.0.3(PDC), FC2, and now, each of the mounted drive is showing the maximum harddisk space on my machine. i scare my users will use up my diskspace. is there any way to build up a disk quota feature into the pdc? thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba Password Expiry Date
Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn how can u calculate the 5007600. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. the password expires in Unix and Samba. Samba does all changes for itself. You can set password-age to 60 days by typing: # pdbedit -P maximum password age -C 5007600 For Linux you have to change shadowlastchange in LDAP. I wrote a script for this: smb.conf: #- unix password sync = yes passwd program = /etc/samba/scripts/ldap_userPassword_change %u passwd chat = *New*password* %n\n *new*password* %n\n *Success* #- /etc/samba/scripts/ldap_userPassword_change: #- #!/bin/sh LDAP_SERVER=ldapserver LDAP_USER=uid=userPassChange,o=mydomain,c=com LDAP_PASS=secret LDAP_PASSWD=/usr/bin/ldappasswd LDAP_MODIFY=/usr/bin/ldapmodify #DN of User USER_DN=uid=$1,ou=users,o=mydomain,c=com #Get Date TS=`date +%s` SLC=$(($TS/24/3600)) #- MODIFY userPassword $LDAP_PASSWD -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS -S $USER_DN #- MODIFY shadowlastchange if [ $? -eq 0 ]; then echo dn: $USER_DN changetype: modify replace: shadowLastChange shadowLastChange: $SLC | $LDAP_MODIFY -x -h $LDAP_SERVER -D $LDAP_USER -w $LDAP_PASS /dev/null 21 fi exit #- kind regards Matthias Hiu Yen Onn schrieb: Hi, i have configured a Samba PDC based on idealx.org. now, whenever i set the sambaMustChangePassword flag to 0, then from the subsequent logon, there is a popup urge me for changing password. now, the problem is after i have changed the password, the sambaMustChangePassword is set to 2147483647(unix timestamp), which if i converted it into human readable format, it will be 2038 year, bla..bla..and bla second. it is really unbelieveable that my password will be lasted until year 2038 year??? i have looked thoroughly on the internet resources, some mentioning about on defaultMaxPasswordAge flag. I think i have set it to 55 (actually, i dunno whether what is the quantity representing, day?? time??). but, i have no point to make it works. so, i am seeking the solution making the password expiry feature avaiable in my pdc. FYI, i am using FC2, samba 3.0.3-5. thanks. Cheers, yenonn i prompt in the pdbedit -P maximum password age. it yields to me this account policy value for maximum password age is 4294967295 what is the digits means to me?? how can i make use of it??? thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, # pdbedit -P maximum password age -C 5007600 Does it apply for all users in my domain??? This feature must be activated on yout domain-master. I've set this option also at all other samba domain-controllers (PDC's an BDC's). I don't know, if this is required. There is the ldap-attribute shadowMax: 60 for each user, but I don't know if this works yet with samba 3.0.14. matze how to activated this account -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Password Expiry Date
Matthias Spork wrote: Hello, # pdbedit -P maximum password age -C 5007600 Does it apply for all users in my domain??? This feature must be activated on yout domain-master. I've set this option also at all other samba domain-controllers (PDC's an BDC's). I don't know, if this is required. There is the ldap-attribute shadowMax: 60 for each user, but I don't know if this works yet with samba 3.0.14. matze i think i have prompt in pdbedit -P maximum password age -C 86400 it is almost 1 day, just for testing only purpose. then, when i get to show all the accounts, it shows this to me Unix username:yohiu NT username: yohiu Account Flags:[U ] User SID: S-1-5-21-1584484687-1589642492-3641120062-3006 Primary Group SID:S-1-5-21-1584484687-1589642492-3641120062-513 Full Name:Hiu Yen Onn Home Directory: \\SY\homes\yohiu HomeDir Drive:H: Logon Script: mis.bat Profile Path: \\SY\profiles\yohiu Domain: SHINYANG Account desc: Network Engineer Workstations: Munged dial: Logon time: 0 Logoff time: Sat, 14 Dec 1901 04:45:51 GMT Kickoff time: 0 Password last set:Thu, 02 Jun 2005 15:17:38 GMT Password can change: Thu, 02 Jun 2005 15:17:38 GMT Password must change: Sat, 14 Dec 1901 04:45:51 GMT Last bad password : 0 Bad password count : 0 from the above, the password must change flag indicating the password is expired on Sat, 14 Dec 1901 04:45:51 GMT, but, it is not 1 day after the password have been changed. weird i am so confusing... thanks for helps...anyway... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A device attached to the system is not functioning
hi matt, this is the log file that i retrieve from /var/log/samba/log.machinename [2004/11/17 15:17:02, 0] lib/util_sock.c:get_peer_addr(952) getpeername failed. Error was Transport endpoint is not connected [2004/11/17 15:17:02, 0] lib/util_sock.c:write_socket_data(388) write_socket_data: write failure. Error = Connection reset by peer [2004/11/17 15:17:02, 0] lib/util_sock.c:write_socket(413) write_socket: Error writing 4 bytes to socket 5: ERRNO = Connection reset by peer [2004/11/17 15:17:02, 0] lib/util_sock.c:send_smb(605) Error writing 4 bytes to client. -1. (Connection reset by peer) together i attached by smb.conf file. (actually i copied from a reference from internet) # Global parameters [global] workgroup = SHINYANG netbios name = SYPDC interfaces = 172.16.0.222 username map = /etc/samba/smbusers server string = Samba Server %v security = domain encrypt passwords = yes min passwd length = 3 #obey pam restriction = no ldap passwd sync = yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 10 time server = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 logon script = STARTUP.BAT logon drive = H: logon home = logon path = domain logons = yes os level = 65 preferred master = yes domain master = yes wins support = yes passdb backend = ldapsam:ldap://127.0.0.1/ #ldap admin dn = cn=samba,ou=DSA,cn=root,dc=shinyang,dc=com,dc=my ldap admin dn = cn=root,dc=shinyang,dc=com,dc=my ldap suffix = cn=root,dc=shinyang,dc=com,dc=my ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=USers #ldap ssl = start tls add user script = /usr/local/sbin/smbldap-useradd -m %u ldap delete dn = yes add machine script = /usr/local/sbin/smbldap-useradd -w %u add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u # printers configuration printer admin = @Print Operators load printers = yes create mask = 0640 directory mask = 0750 nt acl support = no printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc/,/dev/,/etc/,/lib/,/lost+found,/initrd show add printer wizard = yes preserve case = yes short preserve case = yes case sensitive = no [homes] comment = Home directory %U, %u read only = no create mask = 0664 directory mask = 0775 browseable = no [netlogon] path = /home/samba/netlogon/ browseable = no read only = yes [doc] path = /usr/share/doc public = yes writable = no read only = no create mask = 0750 guest ok = yes [profiles] path = /home/samba/profiles read only = no create mask = 0600 directory mask = 0700 browseable = no guest ok = yes profile acls = yes csc policy = disable force user = %U valid users = %U @Domain Admins [printers] comment = Network Printers printer admin = @Print Operators guest ok = yes printable = yes path = /home/spool browseable = no read only = yes printable = yes print command = /usr/sbin/lpr -P%p -r %s lpq command = /usr/bin/lpq -P%p lprm command = /usr/bin/lprm -P%p %j [print$] path = /home/samba/printers guest ok = no browseable = yes read only = yes valid users = @Print Operators write list = @Print Operators create mask = 0664 directory mask = 0775 [public] comment = Public path = /home/public browseable = yes guest ok = yes read only = no directory mask = 0775 create mask = 0664 At this moment, all i can get the information from the linux box is as much. later on, i will repost a better log information from windows xp professional client in a much detail manner. pls enlight me, bcz i am really a newbie to samba. anyway, can a samba 3 susbtitute a windows NT PDC machines? thanks cheers, yenonn MaTT wrote: Hi, doesn't seems to be a samba related problem. did you check the logs?? anything there?? increase log level ?? check the XP event viewer regards MRB www.lionix.com Linux Hiu Yen Onn wrote: hi, i have a samba-ldap pdc. from the windows xp client. i hardly logon to the network. the windows popup a box stating A device attached to the system is not functioning. .but however, i tested the account from windows 98. it worked perfectly. can someone give me some pointers? thanks -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A device attached to the system is not functioning
/11/18 10:00:08, 3] smbd/process.c:switch_message(685) switch message SMBclose (pid 8110) [2004/11/18 10:00:08, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (99, 99) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:08, 3] smbd/process.c:process_smb(890) Transaction 40 of length 45 [2004/11/18 10:00:08, 3] smbd/process.c:switch_message(685) switch message SMBclose (pid 8110) [2004/11/18 10:00:20, 3] smbd/process.c:process_smb(890) Transaction 41 of length 43 [2004/11/18 10:00:20, 3] smbd/process.c:switch_message(685) switch message SMBulogoffX (pid 8110) [2004/11/18 10:00:20, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:20, 3] smbd/reply.c:reply_ulogoffX(1108) ulogoffX vuid=100 [2004/11/18 10:00:20, 3] smbd/process.c:process_smb(890) Transaction 42 of length 39 [2004/11/18 10:00:20, 3] smbd/process.c:switch_message(685) switch message SMBtdis (pid 8110) [2004/11/18 10:00:20, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:20, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:20, 3] smbd/service.c:close_cnum(887) yenonn (172.16.0.223) closed connection to service IPC$ [2004/11/18 10:00:20, 3] smbd/connection.c:yield_connection(69) Yielding connection to IPC$ [2004/11/18 10:00:20, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:20, 3] smbd/process.c:timeout_processing(1104) timeout_processing: End of file from client (client has disconnected). [2004/11/18 10:00:20, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:00:20, 2] smbd/server.c:exit_server(558) Closing connections [2004/11/18 10:00:20, 3] smbd/connection.c:yield_connection(69) Yielding connection to [2004/11/18 10:00:20, 3] smbd/connection.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. [2004/11/18 10:00:20, 3] smbd/server.c:exit_server(601) Server exit (normal exit) [2004/11/18 10:02:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:03:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:04:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:05:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:06:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:07:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/11/18 10:08:55, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 from the log file, i can see this check_ntlm_password: mapped user is: [EMAIL PROTECTED] which mean the user is not mapping correct for authentication. so, after all, i wan to start my winbind service. but, it fails to start. pls advise... thanks MaTT wrote: Hi, doesn't seems to be a samba related problem. did you check the logs?? anything there?? increase log level ?? check the XP event viewer regards MRB www.lionix.com Linux Hiu Yen Onn wrote: hi, i have a samba-ldap pdc. from the windows xp client. i hardly logon to the network. the windows popup a box stating A device attached to the system is not functioning. .but however, i tested the account from windows 98. it worked perfectly. can someone give me some pointers? thanks -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] A device attached to the system is not functioning
hi, i have a samba-ldap pdc. from the windows xp client. i hardly logon to the network. the windows popup a box stating A device attached to the system is not functioning. .but however, i tested the account from windows 98. it worked perfectly. can someone give me some pointers? thanks -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] newbie to samba
i am pretty new to samba. all i can say, samba is my first time. so, anyway, i have a small network, i wish samba powers everything for my network. may be i should go for samba+ldap. any proper documentation? pls guide me. thanks. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
