Re: [Samba] Creating domain list takes too long
I have seen this happen on a domain without a Samba server on the network. The only way I found to skip this step is Ctrl+Alt+Del and they are listed. I've just put it down to one of those quirks of Microsoft Windows but its definatly not a Samba issue. Taolizhong wrote: Hello -- We have a LAN that consists of a samba domain controller and a bunch of PCs. The samba version is 3.0.20b and the PCs are running Windows XP (sp2). The Windows clients can join the domain without any problem, however, a message saying Please wait while the domain list is created shows up right after the first time after the clients join the domain and reboot. This procedure of creating the domain list takes a very very long time. I wonder if there is a way to reduce it. Thanks, --Lingtao - Yahoo! Music Unlimited - Access over 1 million songs. Try it free. -- Lee Ball 08707 45 87 14 effective it -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Cant add new PC to Domain
Is the name of your machine test? Also, you are aware that for each machine account you are creating a home directory? They don't need one and it just makes /home/ cluttered. Also, is there any reason why although you created a machine account for samba called test1 you actually have shown us a machine account for test000? Maybe I'm getting mixed up there but that doesn't seem right to me. flip wrote: Dear all I have a Problem about add new Maschine accounts to the Domain. i do whit = useradd -g nogroup -s /bin/false test1$ = smbpasswd -a -m test1$ Added user test1$ ok then i look in to /etc/passwd = test1$:x:1067:65534::/home/test1$:/bin/false and in /etc/samba/smbpasswd = test000$:1066:20BE7AFE63748DF6AAD3B435B51404EE:76082E11433FD5DCA38B1329767AEE57 [W ]:LCT-437CA369: looks ok but i become a Error when i bring my Win2k PC into the Domain Error say: The machine account for this computer either does not exist Whats wrong? MFG flip -- Lee Ball 08707 45 87 14 effective it -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can not delete /remove files
Whats the script your trying to run? [EMAIL PROTECTED] wrote: Can not rm files on Unix server when running script from Window server. Jeff -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] newbie: Samba with Mysql question
Are the people who you want to connect to Samba locally on your network or will they be connecting over the Internet? Its just I don't see why you would need OpenVPN unless they were connecting over a public network. You may also want to look at http://samba.linuxforum.net/samba/docs/man/Samba-HOWTO-Collection/passdb.html#id2571894 Lonnie wrote: Greetings All, I am new to this list and currently have a Fedora 3 server set up with Samba which just needs to be configured. I would like to set up the MySQL database support for users and passwords as we have another project that will want to add entries to the Samba database so when the users are created so that they will have access to their home directories via samba. Could someone please give me a little guidance on how to set this up? I have Samba samba-3.0.10-1.fc3 installed and my next step after getting it to function cleanly will be to install the OpenVPN software on the server so the clients will have clean and secure access through samba. Thanks for any help and guidance that you could provide to get me started on the configurations. Lonnie Cumberland -- Lee Ball 08707 45 87 14 effective it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACLs - backup and restore
Have you checked on the home page? This link specifies hints for using Star and ACL support: http://cdrecord.berlios.de/old/private/star-acl.html Felipe wrote: Thanks for the link, Lee. I'm testing star but I didn't find many informations about it.. I used this way to backup my files: [EMAIL PROTECTED] shares]# star -c -Hexustar -acl -C /home/shares/data/ . f=/home/tmp/backup2.tgz star: 2 blocks + 0 bytes (total of 20480 bytes = 20.00k). And this way to restore: [EMAIL PROTECTED] shares]# star -xp -acl -C /home/shares/data/ f=/home/tmp/backup2.tgz star: current './' newer. star: current 'publica/' newer. star: current 'felipe/' newer. star: current 'felipe/teste/' newer. star: current 'felipe/teste.txt' newer. star: current 'felipe/aazevedo/' newer. star: 2 blocks + 0 bytes (total of 20480 bytes = 20.00k). But it didn't restore the acls of my files and folders.. Do anybody know what I'm doing wrong? thanks! regards, Felipe. 2005/8/10, Lee Ball [EMAIL PROTECTED]: Try using star (http://freshmeat.net/projects/star/) it supports ACLs whereas tar doesn't. Felipe wrote: Hi all, How is the best way to perform backups of my files witch has acls in order to don't lose then when I need to recover some file or folder? Is there anybody here who has problems of losing acls when backup files and restore? thanks! Felipe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining XP SP2 to a Samba PDC
Have you added the machine name to the linux box using the command
adduser {machine name}$ (if it doesn't allow the $ then add it to the
end of the machine name in /etc/passwd
then do:
smbpasswd -m {machine name}$
Then try joining the domain by using the administrator username and the
root password for the Linux box.
DSanchez wrote:
Hello and Thanks in advance.
I have a CentOS 4.1 Server and i have samba Version 3.0.10-1.4E
I have 2 users on this server right now: Root, Dsanchez.
I have also issued this command to set up these 2 users on the Samba
Server as well.
smbpasswd -a root
smbpasswd -a dsanchez
and i set up the password to match the linux account.
Here is my SMB.conf file:
# Global parameters
[global]
workgroup = ETNET
server string = Samba PDC Server
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
add machine script = /usr/sbin/useradd -c Machine -d /dev/null
-s /bin/false machine_name$
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
hosts allow = 10.78., 127.
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
I have also made the following changes to the XP box.
Registry changes:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters\Requiresignorseal
Which i set to '0' from '1'
I have made sure the following in Local Security Policy is set:
I edited or checked the following entries:
Domain member: Digitally encrypt or sign secure channel(Disabled)
Domain member: Disable machine account password changes(Disabled).
Domain member: Require strong (Windows 2000 or later) session key(Disabled)
Then i go to the Systems Properties/computer name change/
I change from workgroup: workgroup to Domain:ETINET
Then i click the 'ok' button, and a login window pops up.
I then use the following usernames to 'Join'
root
admin
administrator
dsanchez
etinet\root
etinet\admin
etinet\administrator
etinet\dsanchez
I get the following error when i try to join as:
administrator
admin
etinet\admin
etinet\administrator
The following error occurred attempting to join the domain ETINET:
Logon Failure: Unknown Username or bad password.
When i try using the following this is what i get:
root
etinet\root
The following error occurred attempting to join the domain ETINET:
The username could not be found.
Then, if i try and use my account, whcih i added to the root group.
Dsanchez
etinet\Dsanchez
The following error occurred attempting to join the domain ETINET:
Access is Denied.
Note, this is an XP SP2 Machine and i only have 1 user on this machine
(Dsanchez)
Also,
I did find that this script
add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false
has a group of 102
and the machine log file that was in /var/log/samba/machinename.log
had this error in it.
useradd: unknown group 102
however i do have this script in the smb.conf file.
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
So do i need both of these lines?
do i need to make a group with the Gid of 102?
Thanks.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining XP SP2 to a Samba PDC
Correction, the command you want is:
smbpasswd -a -m {machine name, no $}
DSanchez wrote:
Hello and Thanks in advance.
I have a CentOS 4.1 Server and i have samba Version 3.0.10-1.4E
I have 2 users on this server right now: Root, Dsanchez.
I have also issued this command to set up these 2 users on the Samba
Server as well.
smbpasswd -a root
smbpasswd -a dsanchez
and i set up the password to match the linux account.
Here is my SMB.conf file:
# Global parameters
[global]
workgroup = ETNET
server string = Samba PDC Server
passwd program = /usr/bin/passwd %u
passwd chat = *New*UNIX*password* %n\n
*ReType*new*UNIX*password* %n\n
*passwd:*all*authentication*tokens*updated*successfully*
unix password sync = Yes
log file = /var/log/samba/%m.log
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = /etc/printcap
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M %u
add machine script = /usr/sbin/useradd -c Machine -d /dev/null
-s /bin/false machine_name$
domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
hosts allow = 10.78., 127.
cups options = raw
[homes]
comment = Home Directories
read only = No
browseable = No
[netlogon]
comment = Network Logon Service
path = /home/netlogon
guest ok = Yes
share modes = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
I have also made the following changes to the XP box.
Registry changes:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetLogon\Parameters\Requiresignorseal
Which i set to '0' from '1'
I have made sure the following in Local Security Policy is set:
I edited or checked the following entries:
Domain member: Digitally encrypt or sign secure channel(Disabled)
Domain member: Disable machine account password changes(Disabled).
Domain member: Require strong (Windows 2000 or later) session key(Disabled)
Then i go to the Systems Properties/computer name change/
I change from workgroup: workgroup to Domain:ETINET
Then i click the 'ok' button, and a login window pops up.
I then use the following usernames to 'Join'
root
admin
administrator
dsanchez
etinet\root
etinet\admin
etinet\administrator
etinet\dsanchez
I get the following error when i try to join as:
administrator
admin
etinet\admin
etinet\administrator
The following error occurred attempting to join the domain ETINET:
Logon Failure: Unknown Username or bad password.
When i try using the following this is what i get:
root
etinet\root
The following error occurred attempting to join the domain ETINET:
The username could not be found.
Then, if i try and use my account, whcih i added to the root group.
Dsanchez
etinet\Dsanchez
The following error occurred attempting to join the domain ETINET:
Access is Denied.
Note, this is an XP SP2 Machine and i only have 1 user on this machine
(Dsanchez)
Also,
I did find that this script
add machine script = /usr/sbin/useradd -d /dev/null -g 102 -s /bin/false
has a group of 102
and the machine log file that was in /var/log/samba/machinename.log
had this error in it.
useradd: unknown group 102
however i do have this script in the smb.conf file.
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u
So do i need both of these lines?
do i need to make a group with the Gid of 102?
Thanks.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [GOLUM] RE: [Samba] pdbedit not working as documented
Thats quite correct, we are all out to get you. Not only did you reply
to your email 3 times but its only been 2 days since you posted.
If you want help in future, learn to be more patient, not everyone has
time to respond to emails. Sometimes people can only reply at weekends,
or using their works email account that they don't have access to from
home. If thats the case then if someone was off on Tues or Monday then
it will be 2 days until you get a reply.
NO'ONE is guaranteed to get a response, but replying to your own emails
and then giving a shitty reply after not receiving a lightning quick
response from a volunteer supported mailing list WILL get an email like
this.
Now go and play with Mr Gates, no doubt you will send an email to the
Windows 2003 server mailing lists of a similar style.
John McLoskey wrote:
Thanks everyone for your lack of any response whatsoever, I find it builds
character to be ignored throughout challenges I encounter in my life. Since
I was unable to explain why Samba is predisposed to a range of SID for all
accounts, the client who was interested in keeping his Linux/Samba solution
will be migrating to Window 2003. I hope that feels as bad, deep in your
stomach, as it does mine! Thanks for nothing.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
John McLoskey
Sent: Tuesday, August 09, 2005 3:03 AM
To: samba@lists.samba.org; [EMAIL PROTECTED]
Subject: [GOLUM] RE: [Samba] pdbedit not working as documented
Am I building user_sid internally every time?
We seem to ignore -U argument to pdbedit.
At line 475 of samba-3.0.14a/source/utils/pdbedit.c;
if (user_sid) {
DOM_SID u_sid;
if (!string_to_sid(u_sid, user_sid)) {
/* not a complete sid, may be a RID, try building a
SID */
int u_rid;
if (sscanf(user_sid, %d, u_rid) != 1) {
fprintf(stderr, Error passed string is not
a complete user SID or RID!\n);
return -1;
}
sid_copy(u_sid, get_global_sam_sid());
sid_append_rid(u_sid, u_rid);
}
pdb_set_user_sid (sam_pwent, u_sid, PDB_CHANGED);
}
if (group_sid) {
DOM_SID g_sid;
if (!string_to_sid(g_sid, group_sid)) {
/* not a complete sid, may be a RID, try building a
SID */
int g_rid;
if (sscanf(group_sid, %d, g_rid) != 1) {
fprintf(stderr, Error passed string is not
a complete group SID or RID!\n);
return -1;
}
sid_copy(g_sid, get_global_sam_sid());
sid_append_rid(g_sid, g_rid);
}
pdb_set_group_sid (sam_pwent, g_sid, PDB_CHANGED);
}
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of John McLoskey
Sent: Tuesday, August 09, 2005 12:46 AM
To: samba@lists.samba.org
Subject: RE: [Samba] pdbedit not working as documented
Modifying account has same behavior;
smbsvr# pdbedit -r test1 -U S-1-5-21-1375268081-527015025-691025275-3010
Unix username:test1
NT username:
Account Flags:[U ]
User SID: S-1-5-21-1375268081-527015025-691025275-3008
Primary Group SID:S-1-5-21-1375268081-527015025-691025275-3009
Full Name:User
Home Directory: \\smbsvr\home\test1
HomeDir Drive:H:
Logon Script:
Profile Path: \\smbsvr\home\test1\profile
Domain: WORKGROUP
Account desc:
Workstations:
Munged dial:
Logon time: 0
Logoff time: Mon, 18 Jan 2038 21:14:07 UTC
Kickoff time: Mon, 18 Jan 2038 21:14:07 UTC
Password last set:Tue, 09 Aug 2005 04:53:13 UTC
Password can change: Tue, 09 Aug 2005 04:53:13 UTC
Password must change: Mon, 18 Jan 2038 21:14:07 UTC
Last bad password : 0
Bad password count : 0
Logon hours : FF
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of John McLoskey
Sent: Monday, August 08, 2005 11:55 PM
To: samba@lists.samba.org
Subject: [Samba] pdbedit not working as documented
I have am hitting a wall with pdbedit, as shown below.
Any workarounds would be greatly appreciated.
I am encountering the inability to change any users (profile) SID on Samba
3.x for Linux and BSD, which causes the accounts to no longer recognize
their local Samba 2 profiles once they join Samba 3 domain. If I add a new
user and pdbedit -a user -U SID it ignores the -U.
The old profiles appear on the Windows clients as unknown profile.
The problem is that the profiles are inaccessible.
If I man pdbedit, it
Re: [Samba] ACLs - backup and restore
Try using star (http://freshmeat.net/projects/star/) it supports ACLs whereas tar doesn't. Felipe wrote: Hi all, How is the best way to perform backups of my files witch has acls in order to don't lose then when I need to recover some file or folder? Is there anybody here who has problems of losing acls when backup files and restore? thanks! Felipe. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Repost: Temporary files with word
I am guessing that you use roaming profiles on the Samba server. Compare their ntuser.dat (sometimes called NTUSER.DAT) files with one of the users who was created before the migration. You may find that the word registry key inside the NTUSER.DAT file has some inconsitencies with the ones inside the older users. Do you know your domain SID? If not try running the command net getlocalsid (if that doesn't work try running net rpc info). You will find that SID entry for your domain in each users ntuser.dat files (or at least thats how it should work). I am guessing that somehow word seems able to create the files, possibly by overriding the domain SID (what are the user in questions local privelages and do they differ with other users?) but the user cannot then delete them due to Word creating them with this higher power. I may be waffling (infact I know I am) but try running the command profiles ntuser.dat file from within the users profiles, also stick a in their to output to a file so you can easily compare them with each other. Maybe doing a diff if you want to get bogged down with it. Then post your findings. Another thing, this new user isn't missing group membership in any way are they? Nicki Messerschmidt, Linksystem Muenchen GmbH wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nicki Messerschmidt, Linksystem Muenchen GmbH said the following: I have a strange problem with samba 3.0.14a. One of my users is experiencing a lot of temporary files created by winword 2003. Winword does delete the temp files under any other userid. The only difference I know of is that the problematic user was created after the automatic switch from samba 2.2.8a to 3.0.14a (during an upgrade from debian woody to debian sarge). Has anyone an idea what could be wrong and where I could look to understand this problem? It seems that this only profile keeps the connection to the temporary files open. The same userid cannot delete the files, but others can. I'm really at a loss here and hope that someone can point me in the right direction. Cheers and thanks Nicki - -- Linksystem Muenchen GmbH [EMAIL PROTECTED] Schloerstrasse 10 http://www.link-m.de 80634 Muenchen Tel. 089 / 890 518-0 We make the Net work. Fax 089 / 890 518-77 PGP Keys: https://www.link-m.de/pgp/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Get keys at: https://www.link-m.de/pgp iD8DBQFC8e1K6zWc+bXuIEMRAgFjAKC1fAVr6fGYITtUvyjfjLiQ67w8MQCeJi46 r/BHg0eJFHpxMJJRuM1vkSs= =2eAn -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problem with Roaming Profiles
Have you tried clearing out the profiles from both machines, use the profiles tool on the Linux box to check that the domain SID (net getlocalsid) is the same as what is listed in the ntuser.dat files inside each persons profile. Another way to test this is to give the particular user that is having the problems local administrator rights to the desktop machine. Then when they login if everything works fine (desktop background etc) it could very well be an SID problem. Hi, This is driving me nuts!! Ok, this is a home network, so not many machines! I HAD 1 windows XP machine with local profiles for everyone - worked fine. I have now installed a linux box with SAMBA on it and I have 3 desktop PCs. I have set up roaming profiles (I think) correctly according to the How-To book. I initially had some trouble getting the local profiels moved to the server, but I don't think that's the issue now. Anyway, what happens is this:-- Log in to Machine A. Everything works fine, the various profile files seem to go to the server, things like the re-direction of My Documents works etc. etc. Log in to Machine B and only SOME of the profile seems to work. The desktop wallpaper doesn't appear, the desktop icons are most unknown icon, but other bits DO work (for example desktop items are ther ane My Documents is still redirected. Go back to Machine A and everything is still fine. Back on Machine B, set up everything as I want it. Now Machine B works, but Machine A doesn't!!! It can't be a rights thing because the files get created ok from either machine. I tried copying the local profile up to make it a roaming one and changed the security to allow the domain user to use it and it STILL does this!!! Can anyone help?? WinXP SP2 SAMBA3 LFS 6.0 Cheers, Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logins require local admin membership on Windows XP
If anyone is interested I finally got to the bottom of this.
The problem? ntuser.dat. Why? The domain SID was different to the one
listed in the ntuser.dat files.
Solved using the profiles command and a -c (change) and -n (new) switch.
For example, the ntuser.dat files inside each person profiles contained
a reference to the a domain SID, but not the correct one, must be the
old one I thought.
Running the command profiles -c {old domain ID} -n {new domain ID}
ntuser.dat changes the ntuser.dat file to what it should be. However, if
you just do this on the roaming profile and leave one locally on the
clients machine then when you login it will just use the local one
rather then the roaming one.
I know I could change the domain SID that is currently set to the old
one (how it should have been done after the upgrade) but a) I don't
quite know how and b) I'm sure it will break the new ntuser.dat files
that have been created (new users) and will break some other things as I
noticed that some people had the correct references in their .dat files.
Although this appears to work, there is one Windows XP machine and user
account which has given me a headache.Even though I removed all traces
of the users profiles and account from the machine and updated the
ntuser.dat file on the server it still changed back once the user had
logged in. Weird.
Only NT based OS's use the SIDs in this, which is why the Windows 98
clients didn't have a problem as they are dumb when it comes to
security. I guess adding local administrator rights allows any user on a
domain to alter the HKey Local User registry settings.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logins require local admin membership on Windows XP
I am still working through this problem and I think (take that lightly) that I am nearing a solution. I believe that the problem is related to the tdb files. I am currently going through these files using tdbdump. My question is, what is the process that creates these files? I have seen articles (posts, mailing lists etc) that state that the /var/cache can be emptied as it gets recreated. So if this dir gets recreated then there is something else that I need to modify otherwise my changes to the tdb files won't be permanent. Thanks Eric Hines wrote: http://us1.samba.org/samba/docs/Samba3-HOWTO.pdf , newly updated. You'll likely want Chapt 34, in particular. Eric Hines Lee Ball wrote: Is there a process that you should do when migrating from Samba 2 to Samba 3? I have spoken to my colleague who did the migration and the way it was done was to copy the files that contain the user accounts over. The symptoms we seem to have is that a workstation won't allow access to certain files unless it recognises that you are either a member of the domain admins group or a member of the administrators group on the local machine. This is what causes the programs to not function. It appears to be only programs that require specific access to things stored on the local machine. I think one of these examples is the ODBC files used to communicate with access databases. Trackit for example. I've googled for migration information but turned up with nothing specific at the moment. I'm going to re-read the Samba 3 docs now though incase there is something in there. -- Lee Ball 08707 45 87 14 effective it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Logins require local admin membership on Windows XP
Hello, This is my first post to this list so if I break any rules be gentle :) I will try to put in as much detail into this as I can, here I go: We have a domain at work with Samba (samba-3.0.10-1.fc2) as the PDC. The Linux box is running FC2 as the rpm suggests running on a 2.6.5-1.358smp kernel. The problems that we exhibit is that unless you have your domain account made a member of the administrators group on the workstation for things to work correctly, if your not various things break: Desktop wallpaper displays when logging in then is replaced with a blue background default desktop Outlook won't run and reports Outlook cannot start when trying to run it (although Thunderbird works) Track-it won't run, it just simply hangs and then ends with Not responding This behaviour only happened once we moved our domain from being on Samba (samba-2.2.7-5.8.0) running on Red Hat Linux release 8.0 (Psyche) on a 2.4.20 kernel. We imported the old smbpassd file onto the new server (I didn't do this but could find out the process taken if required). This behaviour has happened on a customers site too which is the same story except that their installation is samba-3.0.10-1.4E running on CentOS release 4.0 (Final) on a 2.6.11.12 kernel. I've tried lots of things recently and I'm starting to get a little bit lost and would like some ideas from you learned lot. If you require anything like samba configs and the like just request and I shall post a non-user specific list to retain anonymity. One of the entries in my samba logs for logging into the machine I've been working on whilst the user is a non admin: [2005/07/05 13:30:45, 0] rpc_server/srv_samr.c:api_samr_set_userinfo(786) api_samr_set_userinfo: Unable to unmarshall SAMR_Q_SET_USERINFO. Cheers -- Lee Ball 08707 45 87 14 effective it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logins require local admin membership on Windows XP
Hello, This is my first post to this list so if I break any rules be gentle :) I will try to put in as much detail into this as I can, here I go: We have a domain at work with Samba (samba-3.0.10-1.fc2) as the PDC. The Linux box is running FC2 as the rpm suggests running on a 2.6.5-1.358smp kernel. The problems that we exhibit is that unless you have your domain account made a member of the administrators group on the workstation for things to work correctly, if your not various things break: Desktop wallpaper displays when logging in then is replaced with a blue background default desktop Outlook won't run and reports Outlook cannot start when trying to run it (although Thunderbird works) Track-it won't run, it just simply hangs and then ends with Not responding I've only experienced this during some kind of upgrade. It's typically the result of trying to load a profile that has a different SID. Always the best way to do these things (if running XP Pro) is to use the files and settings transfer wizard on client machines, do upgrade and reimport the profile into the user account. Of course on large networks this is not a good option. For larger situations, or if running nt4/w2k you need to keep your SID, and your user SID's. How does making the user a local administrator cure this though? Also, I thought this could have been something like that so what I did was remove all of the domain profiles from the workstation (by right clicking My Computer and going through Profiles and deleting them) and then I removed the machine from the domain and rejoined it again. This didn't solve anything though (as you will gather from me emailing the list). Its almost as if a domain account doesn't have any rights on the machine. For example the My Documents mapping doesn't get done (it should remap to H:\ although this isn't in the netlogon script), I can't access the clock on the machine either, it complains saying You do not have the proper privilege level to change the System Time. Thanks for the swift reply, -- Lee Ball 08707 45 87 14 effective it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
