[Samba] Re: CATIA V5 SAMBA Problem
Harvey, Adam wrote: I'm not sure if the problem I'm about to describe is related to configuration or a limitation in SAMBA, hopefully you'll know the answer... We have a SAMBA server that provides Windows workstations access to CATIA V5 CAD data which resides on other NFS servers. Hi Adam, could you please provide more information about Samba version, OS (AIX?), and maybe full smb.conf? It would also help if you isolate log access to the files in the level 10 samba logs. Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: NUA + MYSQL?
Joel Holder wrote: I am a tard. The question below was supposed to be: Does anyone know if it is possible to use ldapsam WITHOUT /etc/passwd entries if you are also using ldap for posixaccount lookups? Yes, it is the way it is intended to function. LDAP is good at glueing together different kind (objectclasses) of objects attributes (same). So an account not in /etc/passwd would have the person, posixAccount, and sambaSamAccount objectclasses and mandatory attributes associated to. Regards, Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba + Domino LDAP
kabeldesigner wrote: Hi all, I want to use the Domino LDAP to authenticate Samba users over it. Did anyone knows, if Samba and Domino LDAP works with together??? If yes, where can I find something about it respectively anyone can tell me how it works?! I don't know Domino very well, but here are what I could see at a customer site. dominoPerson is the Notes/Domino specific objectClass, derived from either Person or inetOrgPerson, and thus using some fields with semantics slightly differing from the one in posixAccount and sambaSamAccount. Moreover, you will have things standing out of the other (Domino vs. Posix/Samba), for example password changes, when done from Notes or from NT. So you can extend Notes schema to include Posix and Samba fields. But I would not recommend it. Neither that I would recommend having an authenticating account database relying on Domino/Notes. What I did at customer site is having Perl scripts to check accounts in both directories (Domino and OpenLDAP or any other LDAP), and mail account in one and not in the other, etc. You also may want to automatically create new accounts in OpenLDAP from Notes information, without password set (account created but disabled) or (not rec'd) with default passwords. HTH, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Multiple DB / fragmented information
Salut Lapin(c), Comment va depuis notre longue discussion sur Solutions Linux ? Lapin(c) wrote: I was exploring a local LDAP solution, as it's for a very large network (1000 sites / 10 users) we want a disjunction between local administration for machines and global administration for users. What do you mean for disjunction between local administration and users ? Do you mean : 1. Separation between directory insertion (etheir user or machine) and local PC admin rights : - class D people can insert machines, as well as users - class T people can login to machines as local admin 2. Separation between directory insertion (users inserted by some people, machine by others) and local PC admin rights : - class M people (local support I guess) can insert local machine, in the right ou=site,ou=Computers sub-ou - class D people can insert users (centrally managed I guess), and maybe Computers - class T people (see below). I guess (read I think, but not yet investigated further) that it could be done, maybe with the help of LDAP management application and carefully crafted LDAP ACLs. I think that, if using IdealX scripts, and different sub-ou configuration for these, you may can do what you intend to, directly using Samba and inserting machine directly from the Windows PC. I'll let the tdb solution down anyway You'd better... Thanks I'll give a feedback on large network architecture as soon as we have finish the deployment. Andrew Bartlett [EMAIL PROTECTED]: On Mon, 2004-03-01 at 23:01, Lapin(c) wrote: Hi, I wonder if it's possible to have multiple backend in order to fragment SAM information. For example, i'd like to have a central LDAP directory for user authentication purpose but a local tdb format for Machines accounts. What is the size of the biggest site (I beg it is the Lyon one in Part-Dieu) ? Or maybe Paris'ones. I guess that machine passwords traffic (once per week) would not be that huge, even on 64kb/s lines I want to minimize network traffic but still keep a central user account DB. Setup a central directory, replicated to each the 6/10 central sites, or maybe to each of your 1000 local site. This way, authentication would be local/not too far away, and machine account password will be ref'd to the central directory. Has anybody tried this kind of config ? Not yet, but on a much smaller site (600 people). This is a really bad idea. The network traffic (LDAP lookups) for machine accounts really are minimal. If you want to reduce network read traffic, you might set up a local LDAP slave. Get your system working, before you try to create a more complex system. Agreed. Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Supplementary Group Issues
Dmitry Monakhov wrote: Hi, All I was wondering if any one else is having issues with supplementary groups not being recognized. It seems as if Samba is ignoring the sup.groups. I'm using RH9.0 on Intel with samba-3.0.0-2_rh9 and OpenLDAP 2.0.27. When I do a id -a username the user is in all the necessary groups but when accessing shares the users' primary GID is used only. I have the same problem using samba 3.0.2a SUN Solaris-9 SUN One Directory Server 5.2 Supplementary groups are recognized quite correct under unix shell environment, but samba can recognize them only from /etc/group file ignoring content of /etc/nsswithch.conf Is it bug or samba-3.* feature? What are the clients you use ? If Win9X, there was a bug in Samba3 before 3.0.1rc? where groups where compared in uppercase to the posix ones (mostly lowercase). It has been corrected in latests Samba 3.0.2 and 3.0.2a. Also, remember that all the secondary groups you need to see in Samba have to be defined in LDAP, and groupmapped. Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Supplementary Group Issues
Dmitry Monakhov wrote: I have the same problem using samba 3.0.2a SUN Solaris-9 SUN One Directory Server 5.2 Supplementary groups are recognized quite correct under unix shell environment, but samba can recognize them only from /etc/group file ignoring content of /etc/nsswithch.conf Is it bug or samba-3.* feature? What are the clients you use ? If Win9X, there was a bug in Samba3 before 3.0.1rc? where groups where compared in uppercase to the posix ones (mostly lowercase). It has been corrected in latests Samba 3.0.2 and 3.0.2a. I'm using Samba 3.0.2a win2K clients. All secondary groups are in LDAP and groupmapped i.e. Each secondary group has ... objectClass: sambaGroupMapping sambaSID: S-1-5-21-... ... Do you have a level 10 log at hand with the login sequence ? You should also send yous smb.conf, it would help. Regards, J. -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: smbldap-tools: only incremental UID's?
Rauno Tuul wrote:
Hi,
In smbldap-useradd.pl is a pice of code, which find the first unused uid
starting from $UID_START (for example 1000).
if (!defined($userUidNumber)) {
# find first unused uid starting from $UID_START
while (defined(getpwuid($UID_START))) {
$UID_START++;
}
I've over 500 UID's in use (maximum UID is 1547).
It works well, until you delete an user. After deleting an user, there comes
a random uid available between 1000 and 1547. When useradd script is called
again, it assign the same UID to new user/machine and files that belonged to
the old user, belong now to the new user. It has happened, that a machine
account has a profile in windows server.
Is there a way to modify smbldap-useradd.pl, that it would find keep in
mind, which UID is the greatest and just do uid++? Or find the greatest UID
and do ++.
Anyone has a good idea, how to fix this?
The idea would be to add support to smbldap-tools for an uidpool in the
directory.
One more LDAP search to find the next uidNumber, but many many less than
doing incremental searches to find the hole to fill, and moreover it
solves your problem.
uidPool is somewhat described here :
http://www.openldap.org/lists/openldap-software/200402/msg00272.html
It is also, as said in the mail, described in Gerald's book. Gerald may
provide more details, or you may buy the book and patch smbldap-tools.
Regards,
Jérôme
--
Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre
Groupe Expert Managed Services - LogicaCMG France
http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Virtual network using ssh tunneling on Windows 2K/XP. Please help.
Paul Gardiner wrote: Hi, I'm trying to connect to a samba server via an ssh tunnel. I'm running ssh on my W2K machine. If I try to connect from another machine that is running an OS called RiscOS and a NetBIOS client called LanMan98 then it works perfectly, but if I try to connect from the another Windows machine running XP, or from the W2k machine (uisng loopback), I get Windows cannot find \\127.0.0.1\sharename. Check the spelling and try again, or try searching for the item by clicking the Start button and then clicking Search. I've found claims on the net of this working. So what am I doing wrong (other than using Windows in the first place :-) )? What are ports that you tunnel with SSH ? Did you forget to tunnel 445 ? Regards, Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: {Samba}Cannot list domain users and groups
Arif M. Rahaman wrote: Hi, I have a samba 2.2.8a configured on Freebsd 5.2. I have configured winbind to where if you do a wbinfo -u command, i will get a list of all my domain users. But when i do a getpwent, I only get a listing of all my local accounts on my BSD box. What could be the problem. What says your /etc/nsswitch.conf ? it should have winbind somewhere (for passwd and group entries). Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: 3.0.2rc1, LDAP, Solaris 9 and secondary group problem - Bug 395?
Sojka Reinhard wrote: Hi, we have tested Samba 3.0.0 and 3.0.1 with LDAP-Support (--with-ldap) on Solaris 8 and it worked fine. The machine authenticates against an OpenLDAP server. Patch 108993-23 is applied and we use native Sun LDAP client modules. On Solaris 9 we ran into problems with secondary groups. Users cannot access files if the rights are based on a secondary group and if this information is stored on the LDAP server. Note that everything is ok with information from /etc/group and Unix authentication is working (login, id, groups, getent, ...). We are using the Sun LDAP client, Patch 112960-10. I had the same problem with Solaris 9 and Samba 3.0.?. Only W2K and WXP clients would have their secondary groups honoured, Win98 would not. This was in relation with login name case (i.e. Win98 would give it in UPPERCASE, no shouting here), and Win2K/XP in lowercase. And secondary groups would not be seen by Unix if unix login is lowercase, and tested login (from Samba) was uppercase. Have a test right now, and tell us if it is the problem encountered (and give us the type of clients you have, and have tests on both W9x and WNT). Simply test : # id jerome uid=1000(jerome) gid=513(domusers) groups=513(domusers),550(prtadmin),103(dsvi),102(susers),1000(ntadmin) # id JEROME uid=1000(jerome) gid=513(domusers) groups=513(domusers) It seems that Samba doesn't seach the secondary groups on the LDAP server. Was not Samba for me, it was Solaris. Posix in fact, as Linux shows the same behaviour. Have a look at https://bugzilla.samba.org/show_bug.cgi?id=882. It's supposed to be corrected, but I could not have my customer to test it. [snip] : can't help on getgrouplist HTH, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: AW: unicode conversion
Michel Jouvin wrote: Bjoern, I have the same problem (see thread incorrect handling of files with accentuated chars) with french accentuated chars. convmv allows samba not to truncate the filename but the converted character is not the right one. I tried different value for -f. An example : - I have a filename with french 'é' in it. In Samba 2.2.8 (and previous versions, I never had any pb), it was encoded as character \202. - If I run convmv (-f iso-8859-1 -t utf8), this character is translated to 2 chars \302\202 which is not displayed as é by Samba 3. - If I create a new file under Samba v3 with the french 'é' in the name, it is encoded as \303\251. In these tests, Samba v3 is running with default unix charset (not defined in smb.conf) and Samba v2 was running with default settings too. Oui, set the following in smb.conf : unix charset= UTF8 Then you will be able to see diacritics correctly on Windows clients. The downside is that Solaris users won't see correctly these filenames if they don't have their environment correctly set. Regards, J. -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: AW: unicode conversion
Michel Jouvin wrote: Jérome, No, you have skipped something from the discussion. The pb is that before running convmv, the filename is incorrectly truncated because he was encoded by Samba v2 (not UTF8) and Samba v3 looks for UTF8. And if you convert the filename with convmv, the UTF8 version of the previous encoding (supposed to be iso-8859-1) is not correct (doesn't correspond to the expected character). I made a new test : configure Samba v3 with unix charset = iso-8859-1. In this case, the character displayed is still not the right one but if you create a file with a french é and convert it with convmv, you obtain the same encoding as with Samba v3 running with unix charset = utf8. Looks like if the problem is that encoding used by Samba v2 was not iso-8859-1. And convmv is working properly. Was it CP850 (e.g. default client charset for Samba 2.2) ? You can check it by running testparm -v if you still have your samba 2 binaries around, on the old smb.conf. If yes, remember that cp850 != iso-8859-1. See http://oss.software.ibm.com/cgi-bin/icu/convexp?conv=ibm-850_P100-1995s=ALL and http://oss.software.ibm.com/cgi-bin/icu/convexp?conv=ISO-8859-1s=ALL. Does convmv know how to remap cp850 to UTF-8 (never tested it ?) Regards, J. -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Good News, ou=computer works! :-)
Vegeta wrote: Andrew Bartlett wrote: On Thu, Jan 15, 2004 at 09:42:53AM -0400, Vegeta wrote: Beast wrote: I'm just storing machine accounts under ou=computer,ou=site,dc=domain,dc=com and it works. Tested with W2K sp2 and W2K sp3, recreating from fresh ldif 2 times were never failed. Im sure it is 'stable' right now :-) 'works' means it was able to add machine trust on-the-fly, or using manual creation with smbpasswd command. The key is in not to use 'objectclass=sambaSamAccount' in ldap filter. Tks to everybody who helps... --beast I did not use 'objectclass=sambaSamAccount' and 3.0.2pre1 still doesn't work for me using ou=computers All LDAP searche (for account objects, anyway) are done under the 'ldap suffix'. If you have that set so that it can 'see' both ou=People and ou=Computers, it really should 'just work'. The 'ldap user suffix' and 'ldap machine suffix' was meant to control where users and machines get put, if they don't already exist. Due to current requirments, you pretty much always have to run an add user script, so more important issetting this in the ldap tools. Andrew Bartlett No, the key is not the smb.conf file but the ldap.conf file. Samba seems to look for machine accounts among users returned by the Name Service Switch (what you get when you run the command 'getent passwd'). Most people has the nss_base_passwd property in ldap.conf set as ou=People, dc=domain,dc=com and the scope property set as one. If ldap.conf is configured this way NSS only returns entries in the ou=People subtree. If scope is set to sub and nss_base_passwd is set to dc=domain,dc=com then NSS switch will return as users all entries in subtrees of dc=domain,dc=com, including both the ou=Computers and the ou=People subtree. For me, the key thing to make OU=Computers work, was to keep the standard RH9 /etc/ldap.conf : host 127.0.0.1 base dc=domain,dc=com ssl no pam_password md5 No nss_base_passwd, no nothing. It just runs. And accounts (either users' or computers') are not directly in OU=People (I had to user OU=People because of Solaris), but in sub OU's (towns for Computers, towns and services or administrative Samba accounts for users). Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba-3.0 groupmapping problem
[EMAIL PROTECTED] wrote: Hi, first thank for this answer :o) What do you meen by : You must have the posixAccount LDAP definition in the LDAP directory. Having it /etc/group won't help at all... That's why you have a «No such object» error in Samba logs. Sorry, I meant « posixGroup » in the LDAP directory. Then, when the group is defined in LDAP (and not in /etc/group), you can associate (ie. groupmap) an SID with the posixGroup. Tu peux aussi me contacter sur ma BAL [EMAIL PROTECTED] pour continuer en Français. Cdt, J. -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: INTERNAL ERROR: Signal 11
[EMAIL PROTECTED] wrote: Hello everybody, I just installed a samba-3.0.1 from sources, and I have an INTERNAL ERROR when I launch smbd, nmbd or even swat (from inetd) to try to configure something. I use a slackware 9.1 with glibc-2.3.2 The glibc seems to be the problem, because when I jump back on a 2.3.1, I can launch swat without this bug. Can someone help me to fix that ? Could you quickly test your server's memory with memtest86 ? Signal 11 is often a sign of failing memory hardware. Cdt, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Group mapping problem
Gonzalo Aguilera wrote: Hi, I have Samba 3 as Domain controller. From a Windows 2000 Professional I share a folder (c:\test) with access permission for certain domain user (MYDOMAIN\yo). I can access to that folder from other w2000 with that user validated into it. If I add that user to a unix group (domadm) and map this group to Domain Admins (net groupmap modify ntgroup=Domain Admins unixgroup=domadm) and change w2000 shared folder access permission for group MYDOMAIN\Domain Admins I get Access Denied. What's wrong? Thanks. Please include more informations about your setup : - What sam type are you using (tdb, ldap, etc.) ? - Include a copy of testparm output - Include the content of the mapping (ie. which RID dd you give to the domadmin group?) - What version of Samba 3 (3.0.0, 3.0.1pre?, 3.0.1rc?) - and any more information that would be valuable to answer you Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: samba3/ldap/net groupmap fails
Beast wrote: Friday, December 12, 2003, 6:17:30 AM, John wrote: I don't understand why it is like this... Fabien are you suggesting this may be a problem with samba3? because i've been trying to resolve this issue for several days now, thinking there must be a problem with our ldap setup. somehow, it seems strange that this could be a problem with samba. we thought that perhaps samba didn't like something in our ldap. surely others are able to get the ntgroups to show correctly with ldapsam as the first backendotherwise, no one would have a working samba3/ldap setup. I'm using LDAP only (S3 schema), and domain groups won't work as expected. Can someone confirm that it works in a pure tdbsam setup? (asking twice never hurts ;-) putting tdpsam as the first backend allows for ntgroups, but since we don't use it, none of our profiles load if we do this. users get stuck with temp profiles. this is driving me bonkers:-) Hi, 1. you must create group mapping manually. 2. unix group you've assigning to Domain Admins MUST be in ldap (not in /etc/group). ie. root# net groupmap modify rid=512 -d1 ntgroup=Domain Admins unixgroup=domadmin the domadmin group must be stored in ldap, not /etc/group. This is also what I've done here, eg. creating a Posix account only in LDAP, then creating with « net groupmap » command the aliasing. I end up with the following LDAP entry : dn: cn=domadmin, ou=Group, dc=domain,dc=com gidNumber: 512 memberUid: jerome,admin-jfenal objectClass: posixGroup,sambaGroupMapping cn: domadmin sambaSID: S-1-5-21-1150874807-1180408084-429402335-512 sambaGroupType: 2 displayName: Domain Admins description: Local Unix group But samba does not look at the RID=512 when needing to give admin rights: [2003/12/12 17:58:53, 10] lib/util_seaccess.c:se_access_check(234) se_access_check: requested access 0x000601bf, for NT token with 9 entries and first sid S-1-5-21-1150874807-1180408084-429402335-3000. [2003/12/12 17:58:53, 3] lib/util_seaccess.c:se_access_check(251) [2003/12/12 17:58:53, 3] lib/util_seaccess.c:se_access_check(252) se_access_check: user sid is S-1-5-21-1150874807-1180408084-429402335-3000 se_access_check: also S-1-5-21-1150874807-1180408084-429402335-512 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: also S-1-5-21-1150874807-1180408084-429402335-513 se_access_check: also S-1-5-21-1150874807-1180408084-429402335-550 se_access_check: also S-1-5-21-1150874807-1180408084-429402335-1207 se_access_check: also S-1-5-21-1150874807-1180408084-429402335-1205 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 2035b, current desired = 601bf se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f07ff, current desired = 400a4 se_access_check: ACE 2: type 0, flags = 0x00, SID = S-1-5-32-548 mask = f07ff, current desired = 400a4 se_access_check: ACE 3: type 0, flags = 0x00, SID = S-1-5-21-1150874807-1180408084-429402335-3000 mask = 20044, current desired = 400a4 [2003/12/12 17:58:53, 5] lib/util_seaccess.c:se_access_check(315) se_access_check: access (601bf) denied. [2003/12/12 17:58:53, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_user: ACCESS DENIED (requested: 0x000601bf) This log excerpt is generated by clicking on an entry in USRMGR.EXE. I still can use USRMGR with an account mapped to root (although with some glitches : I have to navigate through error popups, and insist on things getting done despite errors messages, but the job is mostly done). When I'm at it, in USRMGR, when you change the primary group of a user, only the sambaPrimaryGroupSID is change, not the gidNumber as one would expect. Not to say that I'm trying to do Unix admin with NT tool, but, hey, one can try... ;-) Or maybe I should try lastest IdealX script (I'm using 0.8.1) before saying anything... i found lot of typo or incorrect info in smb howto collection, i've ordering the printable version on amazon, hopefully it has different content than the online version. Yeah, I guess I had to guess many entries. But hopefully it is *as it should be*. Nevertheless, can anybody confirm me that the LDIF in this mail *really* defines the domain admin group ? That the « domain admin » group is defined by rid=512 ? Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba locking database errors : V 2.2.8 a on HP-UX 11i
Foster, Ian (LogicaCMG) wrote: We are in the process of commissioning a new HP server (on HP-UX 11i) and have installed Samba which we have configured and used extensively before without major problems (though not this version - 2.2.8.a). Samba ran OK initially, but now we are getting failures with messages of 'smbd[pid] Cannot initialize locking database' and 'no locks available' logged to the syslog and no new connections can be established (can not even browse - get message 'Network name could not be found'). This can only be cleared by restarting the daemons. I have checked our smb.conf file with the testparm utility and this looks ok, and checked the parameters (including the defaults) against the smb.conf man page at samba.org in an attempt to identify any bad config. I have also verified the obvious - that the lock directory exists and the permissions are correct (if they didn't I guess it would fall over straight away). I have attached a dump of our global definitions for inspection. Has anybody any ideas what may be causing this ? I have checked the Samba web pages without success. Is there a bad locking option here - or some other samba / kernel threshold we are hitting ? If I can't resolve this the filestore is going to NT ! Any help very gratefully recieved. Hi, could you send the real smb.conf, since RTF encoded testparm output is bit clumsy to read...? I read in the testparm dump that you are in 'security=server' mode. Do you really need it? Does your server participate in a domain? 2.2.8a can happily participate in a NT4 or an NT4 compat on ADS domain. And could you check with Sam the limits of the HP-UX kernel (number of processes for the system, by user, max number of open files, etc.)? I'll check tomorrow on HP-UX server at work what kernel parameters could hit Samba. Could you also set 'log level=' to a bit more than 1 to see more output in the logs? That would help. Regards, J. -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: no forwardtick in filename?
Holger Krull wrote: I can't use a ´ (forward tick, accent acute) in a filename on a samba share. Is this an error or intention? If i copy a file with ´ to the samba share the result will be, the tick will be converted to a capital Z with back and forward tick on it and the rest of the filename is dropped. samba 3.01rc1 [global] dos charset = CP850 unix charset = ISO8859-15 ^^ Forward tick is not in the iso-8859-15 table. It is really replaced by LATIN CAPITAL LETTER Z WITH CARON from iso-8859-1. Only the simple computing tick is (APOSTROPHE), as well as the back-tick (GRAVE ACCENT) : ' and `. Maybe you should switch to UTF-8, in order to be able to map the win-1252 table. Or switch back to iso-8859-1. For further reference, please see : - http://oss.software.ibm.com/cgi-bin/icu/convexp?conv=ISO-8859-15s=ALL - http://oss.software.ibm.com/cgi-bin/icu/convexp?conv=ISO-8859-1s=ALL - http://oss.software.ibm.com/cgi-bin/icu/convexp?conv=UTF-8b=C2s=ALL Regards, Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3 and OpenLDAP 2.1.22
Jason Williams wrote: Good afternoon everyone. Good night from France, I'm testing out the new samba 3 (3.0.1 to be exact) with openldap 2.1.22. ( have setup a samba 2.2.8a with openldap 2.0.27 as a PDC in the past) I've read up on a few pages about some of the reqs that are needed: http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html I've followed the Samba How-To as well. I edited my slapd.conf file and added the correct schemas and indexs. I rebuilt my slapindex no problem. I added some inital data to my LDAP tree so I could see what is going on and to track a few things. Whats odd is that if I do a simple search in my tree (ldapsearch -x) I cant seem to pull any of the information that I entered. I entered just some basic stuff, very similar to what was in the Samba how-to. I just took out a few things and changed the fields to reflect my company. [snip] passdb backend = ldapsam:ldaps://ldap.mydomain.com, smbpasswd, Here you use the new ldapsam (in Samba 3), which LDAP schema has changed beginning with Samba 3 (sambaSamAccount objectclass), whereas Samba 2.2 used SambaAccount objectclass. [snip] add user script = /usr/share/samba3/scripts/smbldap-useradd.pl '%u' Here, you *seem* to use smbldap scripts by IdealX, from the Samba3 tarball. _But_, the version 0.7 in the tarball does nos support the new LDAP schema. Use the 0.8.1 from http://samba.idealx.org/ which works flawlessly. [snip] I apologize for my brain freeze right now. I thought i'd ask for some help and see what im missing. You're welcome, the list is made for that. Best regards, and good luck with Samba 3. The list has had some nice answers to many of my questions (asked by myself or not) since the last two months. Try searching archives when having a question. Then post here if no answer. Jérôme -- Jérôme Fenal - Consultant Unix/SAN/Logiciel Libre Groupe Expert Managed Services - LogicaCMG France http://www.logicacmg.com/fr/ - mailto:jerome.fenal AT logicacmg.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Winbind usage PDC and Domain menber ?
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alban Browaeys wrote: | Is winbind recommended on a multi file services network | (SMB+NFS+AFS+etc) and when ACL are used: | from various it seems not , winbind get the name only | from the PDC and set a random id in the idmap, so id differs | on pdc and menbers, also between menbers This can be corrected using the ldap backend for winbindd. It's not really well documented I'm afraid. Wow, had not seen that. Cool. I've just had a look at the documentation, it should be ok, but would just need the schema used, and some example of association (LDIF format). (I have not looked at the code) Is it using the posixAccount schema ? (my idea is to get the answer here, then on the Web via mail-archives ;-) Could it use a part of an AD LDAP server ? (in the context of an NT4-compatible DC ADS) Anyway, I'll work on a testbed for thing, I may need sooner than I expect... Regards, Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] [patch] Samba 3.0.1pre1 : unable to link tdbbackup on Solaris 9
Hi to all, On Solaris 9 (and below I think), Samba 3.0.1pre1's tdbbackup now needs snprintf which is not included in Solaris. The following patch on master Makefile.in (~samba/source) should ease the compilation of tdbbackup : diff -u Makefile.in.orig Makefile.in --- Makefile.in.origMon Oct 20 11:06:54 2003 +++ Makefile.in Mon Oct 20 11:07:09 2003 @@ -629,7 +629,7 @@ POPT_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \ popt/popthelp.o popt/poptparse.o -TDBBACKUP_OBJ = tdb/tdbbackup.o tdb/tdbback.o $(TDBBASE_OBJ) +TDBBACKUP_OBJ = tdb/tdbbackup.o tdb/tdbback.o lib/snprintf.o $(TDBBASE_OBJ) NTLM_AUTH_OBJ = utils/ntlm_auth.o $(LIBSAMBA_OBJ) $(POPT_LIB_OBJ) \ libsmb/asn1.o libsmb/spnego.o libsmb/clikrb5.o libads/kerberos.o \ It should be included in the case snprintf is absent from the system, but it's done this way with other binaries. Regards, Jérôme ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Group mapping, among other problems
Granzow, Matt (MED, Adecco) wrote: Hopefully I can write this out so someone understands it. We are currently running a number of Solaris servers, to which windows computers need to connect. Currently they connect via NFS using hummingbird's NFS client. This requires them to have a separate unix account along with their windows account. Our idea is to implement samba 3.0.0 to eliminate that NFS client. My current problems are: #1, when I mount my share (in either windows or unix using smbclient), I am not getting the proper permissions. We have a group (lets call it happy) in both unix, and in our windows domain. with winbind, the domain\happy group obviously isn't getting the same GID as the unix happy group. the share we are working on is 0775, so I can't write to it when I connect using my domain acct. in net groupmap a mapping for the group domain\happy = happy, and in my username.map file, I have * = domain\*. What else do I need to setup to get this working? using getent group I only get one group in my domain, but when I run wbinfo -g I get the full list. getent passwd gets me all the users in the domain, so I don't understand what is so broken about groups. #2, when I have something mounted, and I run smbstatus (or click status from swat), it will just hang where it is finding who is connected. Here is a copy of my smb.conf file. hopefully it will help someone figure this out. yes winbind is running, and it has a computer account in the domain. wbinfo works. ntlm_auth works. So I know I'm close, but I just can't figure out this last part. and yes, I do need that many uid's if I have to use winbind enum users = yes [global] workgroup = ourdomain netbios name = BOXEN server string = Samba %v on %L security = DOMAIN password server = pdc username map = /usr/local/samba/lib/username.map username level = 2 log file = /var/log/samba/samba.%m max open files = 2 load printers = No preferred master = No local master = No domain master = No kernel oplocks = No ldap ssl = no idmap uid = 1-45000 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes create mask = 0775 directory mask = 0775 mangled names = No oplocks = No level2 oplocks = No [smbview] comment = viewstorage path = /smbview read only = No writable = yes /smbview is 0775 and so are all the files in it. All i need to do is get users that authenticate via samba to get the proper group assigned when they connect. Thanks for any help! Mathew Granzow I think that I have the same problem. My setup : - PDC on RH9 (Samba3 RPM + small Jeremy %S patch + remove of -g in Make to avoid crunching the disks), SAM on ldapsam. Works nice (I gave up FreeBSD 5.1). - Member server on Solaris 9, Samba 3 + %S patch, using Winbind. Winbind works quite nicely for users, ksh recognises ~user, I get the right conversions for SID to uid, uid to SID, and so on... But not for groups. In fact, I think that the group mapping code for winbind is a little bit too fast. Let me explain : Here are my group definitions in LDIF format : dn: cn=Domain Admins,ou=Groups, dc=dummy,dc=com sambaSID: S-1-5-21-3210478623-1080310788-3073812203-2025 gidNumber: 512 displayName: Domain Admins memberUid: Administrator memberUid: root memberUid: jerome memberUid: david sambaGroupType: 2 objectClass: posixGroup objectClass: sambaGroupMapping description: Local Unix group cn: Domain Admins dn: cn=domusers,ou=Groups, dc=dummy,dc=com sambaSID: S-1-5-21-3210478623-1080310788-3073812203-2027 gidNumber: 513 displayName: Domain Users sambaGroupType: 2 memberUid: jerome memberUid: david memberUid: henri memberUid: mytest memberUid: mytest2 description: Utilisateurs du domaine objectClass: posixGroup objectClass: sambaGroupMapping cn: domusers dn: cn=Domain Guests,ou=Groups, dc=dummy,dc=com sambaSID: S-1-5-21-3210478623-1080310788-3073812203-2029 gidNumber: 514 displayName: Domain Guests sambaGroupType: 2 objectClass: posixGroup objectClass: sambaGroupMapping description: Local Unix group cn: Domain Guests Notice the gidNumbers, and the SID numbers, which are «dans la ligne du parti»: sid-suffix = 1000 + gid*2 + 1 Now, let have a look to conversion when trying to resolve groups on the Solaris member server (with net rpc group list) : System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Admins (S-1-5-21-3209628119-1617240125-1967951502-512) - -1 Domain Guests (S-1-5-21-3209628119-1617240125-1967951502-514) - -1 Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Domain Users (S-1-5-21-3209628119-1617240125-1967951502-513) - -1 Account Operators (S-1-5-32-548) - -1 Backup Operators (S-1-5-32-551) - -1 Users
RE: [Samba] Problem with samba 3.0.0 installation
-Original Message- From: María Isabel López Sánchez-Huete [mailto:[EMAIL PROTECTED] Sent: mercredi 1 octobre 2003 12:33 To: [EMAIL PROTECTED] Subject: [Samba] Problem with samba 3.0.0 installation Hi. I have found some problems installing the new version of samba. My enviroment is: Solaris 8 (sparc) gcc 3.1 GNU make 3.80 Currently samba 2.2.8a is running. When I try install the version 3.0.0, after executing 'configure' and 'make' without problem, I execute 'make install' and it finish with the error: (...) Installing bin/CP437.so as /usr/local/samba/lib/charset/CP437.so ./install-sh -c bin/libsmbclient.so /usr/local/samba/lib mksh: Fatal error: Cannot load command `./install-sh': Bad file number Current working directory /tmp/samba-3.0.0/source *** Error code 1 (ignored) : bin/libsmbclient.a /usr/local/samba/lib ./install-sh -c /tmp/samba-3.0.0/source/include/libsmbclient.h /usr/local/samba/include mksh: Fatal error: Cannot load command `./install-sh': Bad file number Current working directory /tmp/samba-3.0.0/source *** Error code 1 (ignored) What says 'df -k /usr/local' ? Samba 3.0.0 has debugging information enabled in binaries, whatever you specify to configure. This leads to Samba crunching a huge set of disk space due to +50MB binaries. After configure, edit Makefile and remove the '-g' in CFLAGS. Recompile, and reinstall. Or strip all actual binaries. Regards, Jérôme ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RE : S3+CUPS+PDF pseudo printer : print command not functional on service
Thanks for your answer. So for my PDF printer, I switched back to BSD printing (calling cups-lpd), and keeped the local (to PDF printer) print command definition. It works now. I still had to add to cups (which automatically generates the /etc/printcap file) a fake printer with the name of the pdf printer (to avoid the loss of the manual addendum to /etc/printcap for the pdf printer). Best regards, Jerome Message d'origine De: Buchan Milne [mailto:[EMAIL PROTECTED] Date: lun. 9/29/2003 16:02 À: [EMAIL PROTECTED] Cc: Jérôme Fenal Objet: Re: S3+CUPS+PDF pseudo printer : print command not functional on service -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Message: 14 Date: Fri, 26 Sep 2003 17:45:11 +0200 From: J?r?me Fenal [EMAIL PROTECTED] Subject: [Samba] S3+CUPS+PDF pseudo printer : print command not functional on service To: [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=iso-8859-1 Hi all, I've just set up a Samba 3.0.0 PDC (LDAP+nss) on FreeBSD 5.1, with CUPS as default print stack, which begins to work nicely. I'm configuring a PDF pseudo printer, with the following share : [pdfwriter] comment = Imprimante PDF : génère un fichier PDF printing = bsd path = /var/tmp printable = Yes print command = /usr/local/bin/printpdf -u %U -h %M %s 2/dev/null lpq command = This very same config (except that %u is replaced here by %U) used to work nicely on Samba 2.2.7a, with cups on stock RH9. The print command was used, and CUPS would not see anything concerning 'pdfwriter'. No more on S3, I have in the log : [2003/09/26 15:30:19, 0] printing/print_cups.c:cups_job_submit(756) Unable to print file to pdfwriter - server-error-not-accepting-jobs So I think that S3 does not honor any more the 'print command' when specified in printable share when using CUPS. Can anyone confirm this is a bug, or point me to my error ? You can't use 'print command' if you have 'printcap name = cups' in the global section. Regards, Buchan - -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/eDturJK6UGDSBKcRAntjAKCcsJWdeNtgPoJh/wAp4aNR6uicRgCfdn1R ri2qMx1MAu2t0eT4tFIQ5ko= =Pybh -END PGP SIGNATURE- * Please click on http://www.cae.co.za/disclaimer.htm to read our e-mail disclaimer or send an e-mail to [EMAIL PROTECTED] for a copy. * This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. LogicaCMG global sponsors, Gartner Symposium, Cannes, 4th -7th November 2003 http://symposium.gartner.com/story.php.id.3323.s.5.html Please note that LogicaCMG does not have control over content from,or availability of, this website ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE : [Samba] OOT : Puzzling
Hi, It is not a Samba issue, but a RH9 one. Try to replace in /etc/sysconfig/i18n the default charset utf8 to something easier (and faster) to handle for the system (look at the same file on your RH73). HTH, Jérôme Message d'origine De: Stefan G. Weichinger [mailto:[EMAIL PROTECTED] Date: mar. 9/30/2003 20:23 À: [EMAIL PROTECTED] Cc: Objet: Re: [Samba] Puzzling Hi Wayne, am Dienstag, 30. September 2003 um 18:32 schrieben Sie: w Dear List: w I have installed the lastest Samba 3.0 onto an AMD 2.6 GHz RedHat 9.0 w system running mirrored SCSI drives. The system is multi homed as such:- w eth0 - 192.168.50.5 w - 192.168.100.199 w eth1 - public IP address What do you mean? eth0 has 2 adresses or what? What does ifconfig tell you? w I connect from an XP Home box to a Samba share via the 192.168.1.0/24 w subnet, mapped as Drive Z and performed the following file transfers. Samba (Z:) - Samba (Z:) 928 MB folder 20 mins Samba (Z:) - XP (C:) 928 MB folder 21 mins XP (C:) - Samba (Z:) 928 MB folder 3 mins You smb.conf tells us other things: hosts allow = 192.168.50. 192.168.1. 127. bind interfaces only = TRUE Leave this one out unless you really know what to use it for. #interfaces = eth0 eth0:1 lo interfaces = 192.168.50.5 192.168.1.100 127.0.0.1 You talk about 192.168.100.199 but use the 192.168.1.100 adress. Check your IPs on the Samba box and on the XP box and edit your smb.conf to the right interfaces and hosts allow options. To make it easier use the line interfaces = eth0 eth1 and leave out the bind interfaces-line. It will bind to your subnets nicely, you avoid typos and readjusting smb.conf when changing IPs. Did you map Z: to the [Oasis]-share ? [Oasis] comment = Oasis Data Programs path = /thelook/Oasis public = yes writable = yes printable = no write list = @oasis force create mode = 0770 force group = +oasis oplocks = False level2 oplocks = False blocking locks = no With the last 3 options you basically set your performance down. Drastically. I donZt know if you really want them to be set like this. At least I would comment them out for testing. Do your log-files say something special? Set log level to 1 or 2 and look at your files. Compare the results for the 2 installations. On the other hand, what do you mean by If I replace the mirrored SCSI drive with a SCSI drive... ? Might it be simply a difference in harddisk performance? (Again, let the locking-parameters away and let the OS do its work handling the locks ...) Let us know more details ... best regards, Stefan G. Weichinger mailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. LogicaCMG global sponsors, Gartner Symposium, Cannes, 4th -7th November 2003 http://symposium.gartner.com/story.php.id.3323.s.5.html Please note that LogicaCMG does not have control over content from,or availability of, this website ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] S3+CUPS+PDF pseudo printer : print command not functional on service
Hi all, I've just set up a Samba 3.0.0 PDC (LDAP+nss) on FreeBSD 5.1, with CUPS as default print stack, which begins to work nicely. I'm configuring a PDF pseudo printer, with the following share : [pdfwriter] comment = Imprimante PDF : génère un fichier PDF printing = bsd path = /var/tmp printable = Yes print command = /usr/local/bin/printpdf -u %U -h %M %s 2/dev/null lpq command = This very same config (except that %u is replaced here by %U) used to work nicely on Samba 2.2.7a, with cups on stock RH9. The print command was used, and CUPS would not see anything concerning 'pdfwriter'. No more on S3, I have in the log : [2003/09/26 15:30:19, 0] printing/print_cups.c:cups_job_submit(756) Unable to print file to pdfwriter - server-error-not-accepting-jobs So I think that S3 does not honor any more the 'print command' when specified in printable share when using CUPS. Can anyone confirm this is a bug, or point me to my error ? Best regards, Jérôme ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE : [Samba] Successfuly Building Samba 2.2.X under HP-UX 11i with gcc
Hello, just for my information, what happens if you append -D_HPUX_SOURCE ? Some (long) time ago (HP-UX 10.x), it would help compiling foreign software on HP-UX. But I had only at hand the HP compiler. Regards, Jérôme Message d'origine De: Hughes, Martin [mailto:[EMAIL PROTECTED] Date: jeu. 9/18/2003 13:05 À: '[EMAIL PROTECTED]' Cc: Hughes, Martin Objet: [Samba] Successfuly Building Samba 2.2.X under HP-UX 11i with gcc Hello, Here is my solution to building samba 2.2.3a and 2.2.8a under HP-UX 11i. The compilers used are gcc-2.95.3 (fixed for HP-Ux 11i) and gcc-3.1.1. Compilations fail because the C headers have changed and cause previously successful ANSI compilations to fail. This causes configure to fail to detect the /usr/include/shadow.h and the make to fail at ~/samba-2.2.8a/passdb/pass_check.c. The HP ANSI C compiler does not flag an error because it compiles ANSI mode with HP extensions. The fix is simply to add the -traditional-cpp switch to the CFLAGS environment variable before configuring and compiling as shown below: setenv CFLAGS -O2 -traditional-cpp Hope this helps. Regards Martin Hughes mailto:[EMAIL PROTECTED] Thales Defence (Wells) DISCLAIMER: The information in this message is confidential and may be legally privileged. It is intended solely for the addressee. Access to this message by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, or distribution of the message, or any action or omission taken by you in reliance on it, is prohibited and may be unlawful. Please immediately contact the sender if you have received this message in error. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. LogicaCMG global sponsors, Gartner Symposium, Cannes, 4th -7th November 2003 http://symposium.gartner.com/story.php.id.3323.s.5.html Please note that LogicaCMG does not have control over content from,or availability of, this website ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3, LDAP and FreeBSD 4.8 : need for NSS ?
Hi all, another French guy learning, don't bash me too hard... ;-) In fact, I'm in need of a confirmation : I'm on the way to create a Samba3+LDAP (new schemas) PDC server (no migration from NT4 nor 2K, only from an old Samba 2.0 with security=user using /etc/passwd, ie. no encrypt password). This Samba3 should be hosted on a FreeBSD 4.8 (ie. pam_ldap can work, I tested it today, but no NSS available). I've read many docs, including the HEAD Samba HOWTO collection, HOWTO from Ignacio Coupeau (worth a read), old one from IdealX (which disapeared last week, I still have a hardcopy), and many others. The OpenLDAP 2.1 is up, with a few accounts populated (with both sambaSamAccount posixAccount objectclasses). PAM_LDAP auth works. Then comes the integration with Samba. I have not yet began the work of integrating Samba to LDAP (I'm learning LDAP). Here's my question : does Samba3 need a Unix account (in /etc/passwd) in addition to the one in the LDAP directory ? I believe the answer is yes (since FreeBSD 4.8 doesn't have NSS, and PAM is only for authentication), but may someone confirm because I lose the few last hair I have ;-? Or, before the server is migrated to FreeBSD 5.1 (-CURRENT), which should undoubtely lessen the need for a firm answer. Best regards, and thanks for the job for so many years (I live happily with Samba since 1996, in production since 1998). Jérôme ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] RE : Problem uploading printer driver on 2.2.8a (FreeBSD 4.8)
Message d'origine De: Dragan Krnic [mailto:[EMAIL PROTECTED] Date: sam. 9/13/2003 20:15 À: Jérôme Fenal Cc: [EMAIL PROTECTED] Objet: Re: Problem uploading printer driver on 2.2.8a (FreeBSD 4.8) It's a bug. Fortunately it can be fixed by applying a couple of patches described in https://bugzilla.samba.org/show_bug.cgi?id=82 and then rebuilding 2.2.8a. Thanks, works nicely now. Regards, Jérôme (sorry for HTML mail, this is OWA2K). ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. LogicaCMG ** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem uploading printer driver on 2.2.8a (FreeBSD 4.8)
Hello,
I have an annoying problem. I have declared a printer for which I want Samba to
download drivers onto the clients.
So I have configured print$ share, the printer itself (by BSD printing), then connect
the printer to my W2K client (SP3 with ALL RPC updates applied, including today's one).
And it fails :
- on the windows side, I have a popup : unable to install name of the driver driver.
Operation could not be completed.
- on the samba side, I get an internal error :
[2003/09/11 18:09:29, 3] smbd/sec_ctx.c:pop_sec_ctx(436)
pop_sec_ctx (1014, 1014) - sec_ctx_stack_ndx = 0
[2003/09/11 18:09:29, 5] printing/nt_printing.c:add_a_printer_driver_3(1654)
add_a_printer_driver_3: Adding driver with key DRIVERS/W32X86/2/HP LaserJet 4 Plus
[2003/09/11 18:09:29, 0] lib/fault.c:fault_report(38)
===
[2003/09/11 18:09:29, 0] lib/fault.c:fault_report(39)
INTERNAL ERROR: Signal 11 in pid 59048 (2.2.8a)
Please read the file BUGS.txt in the distribution
[2003/09/11 18:09:29, 0] lib/fault.c:fault_report(41)
===
[2003/09/11 18:09:29, 0] lib/util.c:smb_panic(1094)
PANIC: internal error
I must say that some (if not all, I can't say) of the printer driver files _are_
uploaded to the print$ share. But it fails to register, it seems.
Samba is in PDC mode (too much hassle with rights before, when beeing a simple
'security=user' server : service :{{SID}} not found messages, SID corresponding to
Printers on the W2K client, according to he registry ). Shares all are accessible
with no noticeable messages in the logs.
I don't know what to say more. I can provide smb.conf on request if needed.
Any ideas about this ?
Regards,
Jérôme
**
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager. LogicaCMG
**
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
