Re: [Samba] Problem with trust relationship
On Mon, Feb 21, 2011 at 6:34 PM, Leonardo Carneiro chesterma...@gmail.comwrote: On Sat, Feb 19, 2011 at 11:56 AM, Leonardo Carneiro chesterma...@gmail.com wrote: On Sat, Feb 19, 2011 at 11:15 AM, Leonardo Carneiro chesterma...@gmail.com wrote: On Sat, Feb 12, 2011 at 12:51 PM, Leonardo Carneiro chesterma...@gmail.com wrote: Do you have the log level set at at least 3? John It was set to 2 (3 for winbind), but i setted for 3 and did some testes. again, nothing interesting. setted to 5 and at least something related to the machine name showed up on nmbd.log: [2011/02/12 12:43:48.071897, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet 192.168.0.2: netmask= 255.255.254.0: DOMINIO(1) current master browser = DOMAINSERVER ... (some machines) VELTEC16 40011003 () (the machine that i'm testing) ... (some others machines) other than this... nothing. Hi guys. I had to give a break to the samba debug cause my ldap base went crazy for a while after the upgrade, but it's ok now. Unfortunally, my samba PDC still isn't going quite well =( There is any other ideas that i could try? Before all this, eventually one or two machines had trust relationship issues, but all i need to do was re-adding them to the domain. Now i can't even do this, since when i try to add a machine is the domain, the Workstation service just crashes. =S One thing i notice is that i cannot see my domain box when i navigate through the network, but if i go direct to the IP of the server i can see the shares and stuff. In addition to not see my domain box when i navigate through the network, i saw another strange thing. i got a fresh install and tried to add to domain. Instead of the usual crash that happens in all other machines, it just says that there is no domain or the domain cannot be reached. I thing there is something that is making my domain to not be seeing by the whole network. not something like firewall, cause when i enter the ip, i can navigate through the shares, but something that is making my domain to now announce itself. since this is a fresh install, i doubt that this is a malware issue. Hey, it finally worked. There was a ubuntu server machine with the defaults configuration that comes with ubuntu and it was trying to become the domain master and logon master. i changed the configuration and it's ok now. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Sat, Feb 19, 2011 at 11:56 AM, Leonardo Carneiro chesterma...@gmail.comwrote: On Sat, Feb 19, 2011 at 11:15 AM, Leonardo Carneiro chesterma...@gmail.com wrote: On Sat, Feb 12, 2011 at 12:51 PM, Leonardo Carneiro chesterma...@gmail.com wrote: Do you have the log level set at at least 3? John It was set to 2 (3 for winbind), but i setted for 3 and did some testes. again, nothing interesting. setted to 5 and at least something related to the machine name showed up on nmbd.log: [2011/02/12 12:43:48.071897, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet 192.168.0.2: netmask= 255.255.254.0: DOMINIO(1) current master browser = DOMAINSERVER ... (some machines) VELTEC16 40011003 () (the machine that i'm testing) ... (some others machines) other than this... nothing. Hi guys. I had to give a break to the samba debug cause my ldap base went crazy for a while after the upgrade, but it's ok now. Unfortunally, my samba PDC still isn't going quite well =( There is any other ideas that i could try? Before all this, eventually one or two machines had trust relationship issues, but all i need to do was re-adding them to the domain. Now i can't even do this, since when i try to add a machine is the domain, the Workstation service just crashes. =S One thing i notice is that i cannot see my domain box when i navigate through the network, but if i go direct to the IP of the server i can see the shares and stuff. In addition to not see my domain box when i navigate through the network, i saw another strange thing. i got a fresh install and tried to add to domain. Instead of the usual crash that happens in all other machines, it just says that there is no domain or the domain cannot be reached. I thing there is something that is making my domain to not be seeing by the whole network. not something like firewall, cause when i enter the ip, i can navigate through the shares, but something that is making my domain to now announce itself. since this is a fresh install, i doubt that this is a malware issue. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Sat, Feb 12, 2011 at 12:51 PM, Leonardo Carneiro chesterma...@gmail.comwrote: Do you have the log level set at at least 3? John It was set to 2 (3 for winbind), but i setted for 3 and did some testes. again, nothing interesting. setted to 5 and at least something related to the machine name showed up on nmbd.log: [2011/02/12 12:43:48.071897, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet 192.168.0.2: netmask= 255.255.254.0: DOMINIO(1) current master browser = DOMAINSERVER ... (some machines) VELTEC16 40011003 () (the machine that i'm testing) ... (some others machines) other than this... nothing. Hi guys. I had to give a break to the samba debug cause my ldap base went crazy for a while after the upgrade, but it's ok now. Unfortunally, my samba PDC still isn't going quite well =( There is any other ideas that i could try? Before all this, eventually one or two machines had trust relationship issues, but all i need to do was re-adding them to the domain. Now i can't even do this, since when i try to add a machine is the domain, the Workstation service just crashes. =S -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Sat, Feb 19, 2011 at 11:15 AM, Leonardo Carneiro chesterma...@gmail.comwrote: On Sat, Feb 12, 2011 at 12:51 PM, Leonardo Carneiro chesterma...@gmail.com wrote: Do you have the log level set at at least 3? John It was set to 2 (3 for winbind), but i setted for 3 and did some testes. again, nothing interesting. setted to 5 and at least something related to the machine name showed up on nmbd.log: [2011/02/12 12:43:48.071897, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet 192.168.0.2: netmask= 255.255.254.0: DOMINIO(1) current master browser = DOMAINSERVER ... (some machines) VELTEC16 40011003 () (the machine that i'm testing) ... (some others machines) other than this... nothing. Hi guys. I had to give a break to the samba debug cause my ldap base went crazy for a while after the upgrade, but it's ok now. Unfortunally, my samba PDC still isn't going quite well =( There is any other ideas that i could try? Before all this, eventually one or two machines had trust relationship issues, but all i need to do was re-adding them to the domain. Now i can't even do this, since when i try to add a machine is the domain, the Workstation service just crashes. =S One thing i notice is that i cannot see my domain box when i navigate through the network, but if i go direct to the IP of the server i can see the shares and stuff. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Thu, Feb 10, 2011 at 3:20 PM, Leonardo Carneiro chesterma...@gmail.com wrote: On Thu, Feb 10, 2011 at 11:32 AM, t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] Problem with trust relationship From: Leonardo Carneiro chesterma...@gmail.com To: samba@lists.samba.org Date: Thursday, 10/02/2011 2:46 AM On Wed, Feb 9, 2011 at 4:36 PM, t...@tms3.com wrote: Hi John and others, Tks for the feedback. I tried the configs you showed to me and unfortunally did not work. Also, there is a [small] number of windows xp and vista getting the same problem too. Any new ideas? You need to re add the systems back to the domain after the trust expires. The registry entries are to prevent the expiration not to fix an already expired trust. The easy way to test is to use the Windoze network wizard and keep the name the same. If the join works and on reboot the trust works then it is most definately the machine pass issue. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I tried both the sambaRefuseMachinePwdChange = 1 in LDAP and the test in the network wizard. The wizard fails with a RPC error message. Hmmm. Details? This is begining to smell of browsing issues. Do you have a WINS server? The setting in ldap had no effect. In fact, almost all machines are having this issue now, but it seems to be occasional. Once in a while, someone just logs in OK. It happens that the error is now happening on every windows machine, not just the the ones with windows 7. =S -- To unsubscribe from this list go to the following URL and read the instructions: a target=_blank href=https://lists.samba.org/mailman/options/sa /body/html As recommended in the link, i'd set the the following: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters DisablePasswordChange = dword:1 MaximumPasswordAge = 100 in some machines to test. At first, it seems to solve the problem in the windows xp machines, but after a while some clients start to show the same problem again. It had no effect in Windows Vista and 7 machines. My samba is configured to act as a Wins Server. Here is the error that occurs when i try to run the wizard: http://img140.imageshack.us/i/capturezo.png/ The text in the box is the following: Files that help describe the problem: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER11D2.tmp.appcompat.txt C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER1231.tmp.WERInternalMetadata.xml C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER1BA5.tmp.mdmp ... Hi everyone. Applying the registry patch and readding the machines in the domain seems to work on windows XP, but not for vista or 7. In fact, i cannot add the machine in the domain again with those versions of windows. it gives me that remote procedure call failed error. There is any new ideas that i should try? I'm getting crazy over here XD~ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Sat, Feb 12, 2011 at 11:25 AM, John Drescher dresche...@gmail.com wrote: Hi everyone. Applying the registry patch and readding the machines in the domain seems to work on windows XP, but not for vista or 7. In fact, i cannot add the machine in the domain again with those versions of windows. it gives me that remote procedure call failed error. There is any new ideas that i should try? I'm getting crazy over here The weird thing is when I had trust relationship problems with my windows 7 machines this did not cause any kind of crash on the client. The only effect seen on the client was the user could not logon. On the samba side I saw in the logs evidence that the machine account was being rejected. You are showing us Client side crashes of the workstation service I have never had in the 10+ years I have used samba as a domain controller and fileservers on my network at work. Also is anything showing up on your samba logs that can help debug this? -- John M. Drescher Nahh, nothing =S. I just upgraded my hole system just to test. I was using debian 5 lenny with samba 3.4.3. Now i'm using 6 squeeze with samba 3.5.6, but the problems persist. This is really getting annoying. The logs just does not show anything. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
Do you have the log level set at at least 3? John It was set to 2 (3 for winbind), but i setted for 3 and did some testes. again, nothing interesting. setted to 5 and at least something related to the machine name showed up on nmbd.log: [2011/02/12 12:43:48.071897, 4] nmbd/nmbd_workgroupdb.c:281(dump_workgroups) dump_workgroups() dump workgroup on subnet 192.168.0.2: netmask= 255.255.254.0: DOMINIO(1) current master browser = DOMAINSERVER ... (some machines) VELTEC16 40011003 () (the machine that i'm testing) ... (some others machines) other than this... nothing. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Wed, Feb 9, 2011 at 4:36 PM, t...@tms3.com wrote: Hi John and others, Tks for the feedback. I tried the configs you showed to me and unfortunally did not work. Also, there is a [small] number of windows xp and vista getting the same problem too. Any new ideas? You need to re add the systems back to the domain after the trust expires. The registry entries are to prevent the expiration not to fix an already expired trust. The easy way to test is to use the Windoze network wizard and keep the name the same. If the join works and on reboot the trust works then it is most definately the machine pass issue. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I tried both the sambaRefuseMachinePwdChange = 1 in LDAP and the test in the network wizard. The wizard fails with a RPC error message. The setting in ldap had no effect. In fact, almost all machines are having this issue now, but it seems to be occasional. Once in a while, someone just logs in OK. It happens that the error is now happening on every windows machine, not just the the ones with windows 7. =S -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Thu, Feb 10, 2011 at 11:32 AM, t...@tms3.com wrote: --- Original message --- Subject: Re: [Samba] Problem with trust relationship From: Leonardo Carneiro chesterma...@gmail.com To: samba@lists.samba.org Date: Thursday, 10/02/2011 2:46 AM On Wed, Feb 9, 2011 at 4:36 PM, t...@tms3.com wrote: Hi John and others, Tks for the feedback. I tried the configs you showed to me and unfortunally did not work. Also, there is a [small] number of windows xp and vista getting the same problem too. Any new ideas? You need to re add the systems back to the domain after the trust expires. The registry entries are to prevent the expiration not to fix an already expired trust. The easy way to test is to use the Windoze network wizard and keep the name the same. If the join works and on reboot the trust works then it is most definately the machine pass issue. John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I tried both the sambaRefuseMachinePwdChange = 1 in LDAP and the test in the network wizard. The wizard fails with a RPC error message. Hmmm. Details? This is begining to smell of browsing issues. Do you have a WINS server? The setting in ldap had no effect. In fact, almost all machines are having this issue now, but it seems to be occasional. Once in a while, someone just logs in OK. It happens that the error is now happening on every windows machine, not just the the ones with windows 7. =S -- To unsubscribe from this list go to the following URL and read the instructions: a target=_blank href=https://lists.samba.org/mailman/options/sa /body/html As recommended in the link, i'd set the the following: HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters DisablePasswordChange = dword:1 MaximumPasswordAge = 100 in some machines to test. At first, it seems to solve the problem in the windows xp machines, but after a while some clients start to show the same problem again. It had no effect in Windows Vista and 7 machines. My samba is configured to act as a Wins Server. Here is the error that occurs when i try to run the wizard: http://img140.imageshack.us/i/capturezo.png/ The text in the box is the following: Files that help describe the problem: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER11D2.tmp.appcompat.txt C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER1231.tmp.WERInternalMetadata.xml C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_Lanm_80bd52c3108cb58e777eac405860db8a5dca280_cab_0af31c3e\WER1BA5.tmp.mdmp ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] problema com windows 7
Bom dia Debianos, Uso aqui um debian lenny com Samba PDC + ldap, samba versão 3.4.7 Hoje, várias máquinas com windows 7 começaram a apresentar falha na relação de confiança entre a máquina e o domínio. Tentar remover e adicioná-las novamente não funciona (não é nem possível readicioná-las). sei que a MS lança updates toda terça, então é provável que seja algo do update. mais alguém está tendo problemas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem with trust relationship
Hello everyone, I have a Samba 3.4.7 + OpenLDAP working as PDC. Since this morning, some computers, mainly the ones with Windows 7, are getting trust relationship problems and I cannot find the source of the problem. All my windows boxes do automatic updates, and there was a pack of 9 or 10 updates yesterday, but i don't know if this have some relation with the problem. I don't know exactly what kind of information i should give to get extra help, so any help is welcome. Tks in advance -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with trust relationship
On Wed, Feb 9, 2011 at 4:06 PM, John Drescher dresche...@gmail.com wrote: On Wed, Feb 9, 2011 at 1:04 PM, Leonardo Carneiro chesterma...@gmail.com wrote: Hello everyone, I have a Samba 3.4.7 + OpenLDAP working as PDC. Since this morning, some computers, mainly the ones with Windows 7, are getting trust relationship problems and I cannot find the source of the problem. All my windows boxes do automatic updates, and there was a pack of 9 or 10 updates yesterday, but i don't know if this have some relation with the problem. I don't know exactly what kind of information i should give to get extra help, so any help is welcome. http://www.mail-archive.com/samba@lists.samba.org/msg110665.html John Hi John and others, Tks for the feedback. I tried the configs you showed to me and unfortunally did not work. Also, there is a [small] number of windows xp and vista getting the same problem too. Any new ideas? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbindd log error
Hello everyone I have a Debian Lenny running Samba 3.4.7 + OpenLDAP as PDC. I'm having trouble with Winbind. He logs so much messages that my disk is almost full! here is the log: Dec 13 16:18:14 fileserver smbd[10017]: [2010/12/13 16:18:14, 0] lib/util_sock.c:539(read_fd_with_timeout) Dec 13 16:18:14 fileserver smbd[10017]: [2010/12/13 16:18:14, 0] lib/util_sock.c:1491(get_peer_addr_internal) Dec 13 16:18:14 fileserver smbd[10017]: getpeername failed. Error was Transport endpoint is not connected Dec 13 16:18:14 fileserver smbd[10017]: read_fd_with_timeout: client 0.0.0.0 read error = Connection timed out. Dec 13 16:18:39 fileserver winbindd[10085]: [2010/12/13 16:18:39, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) Dec 13 16:18:39 fileserver winbindd[10085]: idmap_alloc module tdb already registered! Dec 13 16:18:39 fileserver winbindd[10085]: [2010/12/13 16:18:39, 0] winbindd/idmap.c:149(smb_register_idmap) Dec 13 16:18:39 fileserver winbindd[10085]: Idmap module passdb already registered! Dec 13 16:18:39 fileserver winbindd[10085]: [2010/12/13 16:18:39, 0] winbindd/idmap.c:149(smb_register_idmap) Dec 13 16:18:39 fileserver winbindd[10085]: Idmap module nss already registered! Dec 13 16:18:39 fileserver winbindd[10085]: [2010/12/13 16:18:39, 0] winbindd/idmap_ldap.c:123(get_credentials) Dec 13 16:18:39 fileserver winbindd[10085]: get_credentials: Unable to fetch auth credentials for cn=root,dc=dominio,dc=com,dc=br in ALLOC Dec 13 16:18:39 fileserver winbindd[10085]: [2010/12/13 16:18:39, 0] winbindd/idmap.c:589(idmap_alloc_init) Dec 13 16:18:39 fileserver winbindd[10085]: ERROR: Initialization failed for alloc backend, deferred! Dec 13 16:18:41 fileserver winbindd[10085]: [2010/12/13 16:18:41, 0] winbindd/idmap.c:201(smb_register_idmap_alloc) Dec 13 16:18:41 fileserver winbindd[10085]: idmap_alloc module tdb already registered! Dec 13 16:18:41 fileserver winbindd[10085]: [2010/12/13 16:18:41, 0] winbindd/idmap.c:149(smb_register_idmap) Dec 13 16:18:41 fileserver winbindd[10085]: Idmap module passdb already registered! Dec 13 16:18:41 fileserver winbindd[10085]: [2010/12/13 16:18:41, 0] winbindd/idmap.c:149(smb_register_idmap) Dec 13 16:18:41 fileserver winbindd[10085]: Idmap module nss already registered! Dec 13 16:18:41 fileserver winbindd[10085]: [2010/12/13 16:18:41, 0] winbindd/idmap_ldap.c:123(get_credentials) Dec 13 16:18:41 fileserver winbindd[10085]: get_credentials: Unable to fetch auth credentials for cn=root,dc=dominio,dc=com,dc=br in ALLOC Dec 13 16:18:41 fileserver winbindd[10085]: [2010/12/13 16:18:41, 0] winbindd/idmap.c:589(idmap_alloc_init) Dec 13 16:18:41 fileserver winbindd[10085]: ERROR: Initialization failed for alloc backend, deferred! Theses errors are fulling the daemon.log Here is the idmap part of the smb.conf: ldap passwd sync = yes ldap ssl = off ldap delete dn = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=root,dc=dominio,dc=com,dc=br ldap suffix = dc=dominio,dc=com,dc=br ldap group suffix = ou=Grupos ldap user suffix = ou=Usuarios ldap machine suffix = ou=Computadores ldap idmap suffix = ou=ldapidmapsuffix idmap backend = ldap://127.0.0.1 idmap alloc backend = ldap idmap alloc config : ldap_user_dn = cn=root,dc=dominio,dc=com,dc=br idmap alloc config : ldap_base_dn = ou=Usuarios,dc=dominio,dc=com,dc=br idmap alloc config : ldap_url = ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 Can someone shed some light on this? Tks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Convite para se conectar no LinkedIn
LinkedIn Leonardo Carneiro requested to add you as a connection on LinkedIn: -- Serge, Eu gostaria de adicioná-lo à minha rede profissional no LinkedIn. -Leonardo Accept invitation from Leonardo Carneiro http://www.linkedin.com/e/mzateh-gfqnlnim-6r/vTWyDe4yCEPPQyWVLZMh1H4yCEPPQGFCi7/blk/I12477347_25/pmpxnSRJrSdvj4R5fnhv9ClRsDgZp6lQs6lzoQ5AomZIpn8_dj9vdPgPdPsQcz59bR8TiORfoSBhbP4Qcz0SdjkOe34LrCBxbOYWrSlI/EML_comm_afe/ View invitation from Leonardo Carneiro http://www.linkedin.com/e/mzateh-gfqnlnim-6r/vTWyDe4yCEPPQyWVLZMh1H4yCEPPQGFCi7/blk/I12477347_25/0RcBYTd3cTdPgOckALqnpPbOYWrSlI/svi/ -- DID YOU KNOW that LinkedIn can find the answers to your most difficult questions? Post those vexing questions on LinkedIn Answers to tap into the knowledge of the world's foremost business experts: http://www.linkedin.com/e/mzateh-gfqnlnim-6r/ask/inv-23/ -- (c) 2010, LinkedIn Corporation -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to run more than one logon script
Hi Thomas. I'm glad to hear that. I'll try it here. Tks On Tue, Sep 28, 2010 at 6:50 PM, Thomas Bork tomb...@web.de wrote: Am 28.09.2010 23:17, schrieb Leonardo Carneiro: Well, in theory this should work. I'll try and post here if this will work well. Tks in advance. It works, you could use many combinations: for user: logon script = %u.bat %g %m for group: logon script = %g.bat %u %m for machine: logon script = %m.bat %u %g for all: logon script = logon.bat %u %g %m For example, if you use the last possibility 'all', then in logon.bat: REM Run user specific stuff REM call %1.bat REM Run group specific stuff REM call %2.bat REM Run machine specific stuff REM call %3.bat -- der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] how to run more than one logon script
Hi everyone, I'm running Samba 3.4.7 with OpenLDAP as PDC and I want to run more than one logon script per user. What i want to achieve is: Run a general logon script, that do the folder mapping of the public access folders for all users. AFTER this run a group-based logon script, to map some groups-related folders. And still after those 2 scripts, run a user-based logon script, to map some user-related folders. Why i'm trying to do this: I want to do this because i have a lot of folders that i want to map for some users that are not from the same primary group. If i create only one script per user, i'll have tons of scripts, and I'll have to edit each of then every time i'd want to map a folder to all users, not only to those guys. I'm well aware that i can specify a group or user (or other things) related script in the users settings in samba, but i want to run more than one script. Is there a specific configuration to make this work? Is there a workaround to do this? Tks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to run more than one logon script
Hi Pascal, Forgive me my poor english, but i didn't understood what factorize your code means. Could you explain in another way (with examples, if possible =D )? Tks in advance. On Tue, Sep 28, 2010 at 4:52 PM, Pascal Valois pascal.val...@devinci.fr wrote: run more than one logon script ? there is only one reason to do so. it's if you want to share part of login script between users and factorize your code. if you dont, then merging the script is enough, and would explain why one logon script is sufficient. Le 28/09/2010 21:49, Leonardo Carneiro a écrit : Hi everyone, I'm running Samba 3.4.7 with OpenLDAP as PDC and I want to run more than one logon script per user. What i want to achieve is: Run a general logon script, that do the folder mapping of the public access folders for all users. AFTER this run a group-based logon script, to map some groups-related folders. And still after those 2 scripts, run a user-based logon script, to map some user-related folders. Why i'm trying to do this: I want to do this because i have a lot of folders that i want to map for some users that are not from the same primary group. If i create only one script per user, i'll have tons of scripts, and I'll have to edit each of then every time i'd want to map a folder to all users, not only to those guys. I'm well aware that i can specify a group or user (or other things) related script in the users settings in samba, but i want to run more than one script. Is there a specific configuration to make this work? Is there a workaround to do this? Tks in advance. -- Pascal Valois Service Informatique Pole Universitaire Léonard de Vinci -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] how to run more than one logon script
Hmm... this is interesting. I think that with the 'call' statement i can reach my goal. Make all users to run a default script, then this script does it's magic, call a group based script, and then this one also does it calls a third user-based script. Well, in theory this should work. I'll try and post here if this will work well. Tks in advance. On Tue, Sep 28, 2010 at 5:06 PM, Gaiseric Vandal gaiseric.van...@gmail.com wrote: This is more of a Windows question (i.e. google searches windows login scripts may be helpfull. You scripts could use commands like ifmember groupname http://www.eggheadcafe.com/software/aspnet/30250014/login-script-group-membership.aspx That should let you map drives based on group membership. Then you can have the same login script specified for each user, and that login script includes conditional drive mappings for the specific groups. Windows also has the call command which should let one batch file call another then return to the 1st file. http://www.computerhope.com/call.htm On 09/28/2010 03:49 PM, Leonardo Carneiro wrote: Hi everyone, I'm running Samba 3.4.7 with OpenLDAP as PDC and I want to run more than one logon script per user. What i want to achieve is: Run a general logon script, that do the folder mapping of the public access folders for all users. AFTER this run a group-based logon script, to map some groups-related folders. And still after those 2 scripts, run a user-based logon script, to map some user-related folders. Why i'm trying to do this: I want to do this because i have a lot of folders that i want to map for some users that are not from the same primary group. If i create only one script per user, i'll have tons of scripts, and I'll have to edit each of then every time i'd want to map a folder to all users, not only to those guys. I'm well aware that i can specify a group or user (or other things) related script in the users settings in samba, but i want to run more than one script. Is there a specific configuration to make this work? Is there a workaround to do this? Tks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC Migration
On Wed, Aug 4, 2010 at 9:42 AM, yudi shiddiq yudi.shid...@yahoo.com wrote: Hi all, I need help, This time i want to migrate samba PDC(backend ldap) to new machine, new machine used different samba version but file configuration is the same, i have made new samba pdc succesfully, but i failed to migrate all account from old machine to new machine, i have done this step to migrate acc(users and workstation) : - copy folder /var/lib/ldap - import use command slapadd -c -l slapcat.ldif - import use command ldapadd -x -D cn=Manager,dc=domain,dc=com -W -f /home/my.ldif but it still fail, cause when i use command getent passwd it shows nothing. Installed software, Old machine : - samba-3.0.20b-3.3 - openldap2-2.2.27-6 New Machine : - samba-3.4.3-10.1 - openldap2-2.4.12 Thx, Yudi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba Think you need to read the change log to fix your possibly broken smb.conf. There have been some changes from 3.0 to 3.4 that you need to apply on your smb.conf in order to get thinks working. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Ubuntu 10.04] Share not visible from XP?
On Thu, Jul 29, 2010 at 8:48 AM, Helmut Hullen hul...@t-online.de wrote: Hallo, Gilles, Du meintest am 29.07.10: So what's the correct way on Ubuntu 10.04 to (re)start Samba, including smbd and nmbd? If the daemons run and only need to re-read the smb.conf: killall -HUP smbd killall -HUP nmbd on Linux machines. I think that on ubuntu you could user just /etc/init.d/samba reload -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Ubuntu 10.04] Share not visible from XP?
On Thu, Jul 29, 2010 at 9:07 AM, Gilles gilles.gana...@free.fr wrote: On Thu, 29 Jul 2010 08:58:23 -0300, Leonardo Carneiro chesterma...@gmail.com wrote: I think that on ubuntu you could user just /etc/init.d/samba reload Right... but that was until recently, while the latest Samba package is different ;-) # /etc/init.d/samba restart -su: /etc/init.d/samba: No such file or directory # /etc/init.d/nmbd restart Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service nmbd restart Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the restart(8) utility, e.g. restart nmbd nmbd start/running, process 1932 # /etc/init.d/smbd restart Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service smbd restart Since the script you are attempting to invoke has been converted to an Upstart job, you may also use the restart(8) utility, e.g. restart smbd smbd start/running, process 1941 So it looks like the right way is # restart nmbd nmbd start/running, process 1951 # restart smbd smbd start/running, process 1955 It'd be easier to add restart samba which would take care of both smbd and nmbd. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba UU, tks for the info Gilles, i was not aware of this change at all. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbldap-groupmod problem
Hi, i'm having a problem with the smbldap-groupmod. I tried to change
the users of some groups, i get an error message. The action indeed
execute, as the users was removed or added from the group, but an error
is throwed in the output:
server:~# smbldap-groupmod -x user1 -m user2 testgroup
Can't call method get_value on an undefined value at
/usr/sbin/smbldap-groupmod line 146.
The line in question is:
if ($group_entry-get_value('sambaSID') eq
$user_entry-get_value('sambaPrimaryGroupSID')) {
What this means? Tks in advance.
--
Leonardo Carneiro
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba entry in ldap
Hello everyone, I have a object in the first level of my LDAP database. It's name is sambaDomainName=MyDomain. It's a sambaDomain class object. When i installed LAM this week, it complained that there is no ou=Domains entry in my base, and offered to create it. All blue until here. Now, when i try to access the samba3 configs of some user, it says that i do not have a samba3 domain, but i do have. I think that LAM only check the existance of a sambaDomain object inside the ou=Domains entry. My question is: there is any problem in having the sambaDomainName object in the first level of the ldap tree instead of having it inside of the ou=Domains? Is this an LAM issue or something that can affect the operation of my domain in someway? Tks in advance. -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 12:22 PM, Chris Smith wrote: On Sat, Jul 3, 2010 at 10:10 AM, Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br wrote: I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. First debugging step, if you haven't done this already, would be to verify a specifically named logon script, that is one that doesn't use a variable, such as testlogon.cmd runs properly. Chris Hi Chris, tks for your answer. I've already done that, and it works. In fact, that's the way is used to work, but i want to keep the things a little more organized, so i'm trying to setup by groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 12:38 PM, Steve Thompson wrote: On Sat, 3 Jul 2010, Miguel Medalha wrote: One thing I once noticed was that the Samba account attribute sambaLogonScript must ONLY be set for a user if it DIFFERS from what is specified in smb.conf. Otherwise, the script wouldn't run. I found this with the Samba 3.1x family, I don't know if that still applies. I am using both Samba 3.0.33 and 3.5.1, and this does not apply to me for both versions. Every user has sambaLogonScript set to the same value as that which appears in smb.conf, and it does get run (using ldapsam). Steve Hi Steve and Miguel, This is something that i haven't tried yet, and definitely worths a shot. I'll try and comment the results here. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/05/2010 08:28 AM, Miguel Medalha wrote: Did you verify that end lines of the scripts are in DOS format (CR+LF)? You can use unix2dos to convert them from Unix format (LF) to DOS format (CR+LF). %G.bat is working correctly for me. Samba PDC over CentOS 5.5 with LDAP back end. Pardon me for being so obvious, but of course your scripts have the exact same name as the groups, don't they? Regards Miguel Hi Miguel, i doubt that this could be the problem, since when i specify the name of the script, it runs OK. And yes, the names of the scripts are ok. Tks again. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem [SOLVED]
On 07/05/2010 08:21 AM, Leonardo Carneiro - Veltrac wrote: On 07/03/2010 12:38 PM, Steve Thompson wrote: On Sat, 3 Jul 2010, Miguel Medalha wrote: One thing I once noticed was that the Samba account attribute sambaLogonScript must ONLY be set for a user if it DIFFERS from what is specified in smb.conf. Otherwise, the script wouldn't run. I found this with the Samba 3.1x family, I don't know if that still applies. I am using both Samba 3.0.33 and 3.5.1, and this does not apply to me for both versions. Every user has sambaLogonScript set to the same value as that which appears in smb.conf, and it does get run (using ldapsam). Steve Hi Steve and Miguel, This is something that i haven't tried yet, and definitely worths a shot. I'll try and comment the results here. Hello everyone, Miguel tip worked for me. In my smb.conf i't specified that users should run %G.bat, so i removed this attribute ( smbldap-usermod -E user ) and WORKED. This is something that is documented somewhere and i missed? It's interesting that this works for me in the 3.4.7 version and does not work for Steve in 3.0.33 and 3.5.1 versions. Anyway, tks to everyone who help me to solve this riddle, specially to Miguel Medalha who gave me the killing tip. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba group members
Hi everyone, When i add someone to a group using smbldap-usermod -G +(groupname) (username) it does not add the user to the group in the ldap backend: smbldap-groupshow (groupname) | grep memberUid The new member is not there! I have to mannualy add it to the user to the groups again. This is the expected behavior or i'm missing something? -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] sambaLogonScript [another] problem
Hi there, i'm having another problem with the samba logon scripts. Like i said in the previous thread, in my smb.conf is defined to users use group defined logon scripts: logon script = %G.bat In the previous thread we also reached the conclusion that when the desired logon script of the users matches the logon script defined in the smb.conf, i can't have it defined in the ldap database, otherwise the script would not load. But it happens that when i create a new user, the sambaLogonScript entry in the ldap database is set to %G.bat, exactly the entry i MUST NOT have to load the script. Since i'm expanding my network and tons of new users are coming, i trying to keep things very organized. I'll need to change this entry for every new user or there is a smarter way to do this? I'm using Samba 3.4.7. Tks in advance and sorry for my poor english. -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] sambaLogonScript problem
Hi everyone, I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. Tks in advance. -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 11:13 AM, John Drescher wrote: On Sat, Jul 3, 2010 at 10:10 AM, Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br wrote: Hi everyone, I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. Put a pause command at the end of the login script. That way the window will not close. John Hi John, tks for the idea. Is actually pretty useful. But for the users who are not running the script at all, i wish i could see in the log files what script they are loading, or at least what they are trying to load. Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 11:27 AM, John H Terpstra wrote: On 07/03/2010 09:10 AM, Leonardo Carneiro - Veltrac wrote: Hi everyone, I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. Tks in advance. Leonardo, How are you using a local account on the MS Windows client, or are your users logging into the MS Windows client using the Samba user account? - John T. Hello Another John, The accounts that i'm using are all Samba users accounts. I don't use roaming profiles, but i don't think this matters anything in this scenario, right? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 11:23 AM, Leonardo Carneiro - Veltrac wrote: On 07/03/2010 11:13 AM, John Drescher wrote: On Sat, Jul 3, 2010 at 10:10 AM, Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br wrote: Hi everyone, I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. Put a pause command at the end of the login script. That way the window will not close. John Hi John, tks for the idea. Is actually pretty useful. But for the users who are not running the script at all, i wish i could see in the log files what script they are loading, or at least what they are trying to load. Leonardo Carneiro Hmm, it looks like that there are no users running the scripts partially. What happens is some users that have manually mapped their drives. None of the users are really running the scripts. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] sambaLogonScript problem
On 07/03/2010 11:42 AM, Leonardo Carneiro - Veltrac wrote: On 07/03/2010 11:23 AM, Leonardo Carneiro - Veltrac wrote: On 07/03/2010 11:13 AM, John Drescher wrote: On Sat, Jul 3, 2010 at 10:10 AM, Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br wrote: Hi everyone, I'm having trouble in deploying by group sambaLogonScript. My scripts consist only im mapping network folders. I'm using Samba 3.4.7. Is there a way to debug this? The logs does not show anything about the logon scripts. All my users are set with %G.bat in the ldap backend, but the vast majority of the users are not running the scripts, or running partially. Put a pause command at the end of the login script. That way the window will not close. John Hi John, tks for the idea. Is actually pretty useful. But for the users who are not running the script at all, i wish i could see in the log files what script they are loading, or at least what they are trying to load. Leonardo Carneiro Hmm, it looks like that there are no users running the scripts partially. What happens is some users that have manually mapped their drives. None of the users are really running the scripts. Tried with %g.bat instead of %G.bat, but not worked. Using the name of the group does works like a charm (like dev.bat). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] file time-to-live
Hi everyone, There is a way to make files being automatically deleted some time after they have been created? I know that, with some scripting wizardry i could achieve this, but i wanna know if samba has this kind of feature. I have a temp folder that users insist in use like a backup folder, so i want to files to be deleted 24 hours after they have been created. I cannot just delete everything at midnight because this folder is used in full time, so if a user create a file at 23h59, it would be deleted a minute later. Sorry for my poor english and tks in advance. -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] file time-to-live
Hi Brian, tks for your answer. I'm confident that my goal could be achieved through the use of some third-party tool, like a script or something like it, like you sugested. But what i really need to know is if there is some feature in samba that would allow me to do just that. But tks anyway for your answer. On 06/29/2010 11:49 AM, Brian Cuttler wrote: You could write something to check file create times and delete files older than 36 hours, and run if from cron several times per day. I'd suggest # find, but it doesn't have the granularity you are looking for, you could run it at 00:01 and remove files there where 2 days old. I did somethign similar on a VMS system I was managing, worked well until some enterprising student found (I don't believe they wrote it themselves) a program to reset the time stamp on their files (which your users may start doing as well, perhaps using # touch). At which point I started looking for files with creation dates in the future... many users of the date reset program wheren't quite as smart as they thought they where. On Tue, Jun 29, 2010 at 11:32:52AM -0300, Leonardo Carneiro - Veltrac wrote: Hi everyone, There is a way to make files being automatically deleted some time after they have been created? I know that, with some scripting wizardry i could achieve this, but i wanna know if samba has this kind of feature. I have a temp folder that users insist in use like a backup folder, so i want to files to be deleted 24 hours after they have been created. I cannot just delete everything at midnight because this folder is used in full time, so if a user create a file at 23h59, it would be deleted a minute later. Sorry for my poor english and tks in advance. -- Leonardo Carneiro -- --- Brian R Cuttler brian.cutt...@wadsworth.org Computer Systems Support(v) 518 486-1697 Wadsworth Center(f) 518 473-6384 NYS Department of HealthHelp Desk 518 473-077 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] new users, new group, can't access share
Hi everyone. I have a Samba 3.4.7 (bpo) on a debian box running as PDC with a LDAP backend. i have added a new group, 2 new users and created a new group share for them, but by some unknown reason they cannon access the share. the client is running windows vista. here's what i did: smbldap-groupadd -a office smbldap-useradd -a -m user1 smbldap-useradd -a -m user2 smbldap-passwd user1 smbldap-passwd user2 smbldap-usermod -G +office user1 smbldap-usermod -G +office user2 and added the following entry to my smb.conf: [office] writeable = yes map acl inherit = yes inherit permissions = yes path = /home/grupos/office force directory mode = 02777 force create mode = 0777 create mask = 0777 directory mask = 02777 valid users = @office here is the folder permissions: fileserver:~# ls -ld /home/grupos/office/ drwxrwx--- 2 root office 4096 2010-05-12 09:30 /home/grupos/office/ did i missed something? Tks in advance. -- Leonardo Carneiro -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new users, new group, can't access share
Leonardo Carneiro - Veltrac wrote: Hi everyone. I have a Samba 3.4.7 (bpo) on a debian box running as PDC with a LDAP backend. i have added a new group, 2 new users and created a new group share for them, but by some unknown reason they cannon access the share. the client is running windows vista. here's what i did: smbldap-groupadd -a office smbldap-useradd -a -m user1 smbldap-useradd -a -m user2 smbldap-passwd user1 smbldap-passwd user2 smbldap-usermod -G +office user1 smbldap-usermod -G +office user2 and added the following entry to my smb.conf: [office] writeable = yes map acl inherit = yes inherit permissions = yes path = /home/grupos/office force directory mode = 02777 force create mode = 0777 create mask = 0777 directory mask = 02777 valid users = @office here is the folder permissions: fileserver:~# ls -ld /home/grupos/office/ drwxrwx--- 2 root office 4096 2010-05-12 09:30 /home/grupos/office/ did i missed something? Tks in advance. I forgot to tell, this particular machine has not joined the domain, but this never has been a problem with other machines so far. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new users, new group, can't access share
Leonardo Carneiro - Veltrac wrote: Leonardo Carneiro - Veltrac wrote: Hi everyone. I have a Samba 3.4.7 (bpo) on a debian box running as PDC with a LDAP backend. i have added a new group, 2 new users and created a new group share for them, but by some unknown reason they cannon access the share. the client is running windows vista. here's what i did: smbldap-groupadd -a office smbldap-useradd -a -m user1 smbldap-useradd -a -m user2 smbldap-passwd user1 smbldap-passwd user2 smbldap-usermod -G +office user1 smbldap-usermod -G +office user2 and added the following entry to my smb.conf: [office] writeable = yes map acl inherit = yes inherit permissions = yes path = /home/grupos/office force directory mode = 02777 force create mode = 0777 create mask = 0777 directory mask = 02777 valid users = @office here is the folder permissions: fileserver:~# ls -ld /home/grupos/office/ drwxrwx--- 2 root office 4096 2010-05-12 09:30 /home/grupos/office/ did i missed something? Tks in advance. I forgot to tell, this particular machine has not joined the domain, but this never has been a problem with other machines so far. Giving full permission to the folder (chmod -R +rwx /home/grupos/office) permit the user to access, but i rather not use like this. There is another way out? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Upgrade from Vista to 7 + samba = error
Hello everyone, I'm using Ldap + Samba PDC 3.4.7 in a Debian Lenny machine (backported). I've been able add successfully 3 hosts with windows 7 on my domain. Now i upgraded a notebook from windows vista to windows 7. I could not log on the domain (the trust relationship was broken), So i tried to remove and re-add (after applying the registry patch file) the machine in the domain (several times), but i still cannot log in the domain. Here's the some log: [2010/04/26 17:12:03, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: tecnologia001$ [2010/04/26 17:12:03, 2] passdb/pdb_ldap.c:2434(init_group_from_ldap) init_group_from_ldap: Entry found for group: 515 [2010/04/26 17:12:03, 2] libsmb/credentials.c:223(netlogon_creds_server_check) netlogon_creds_server_check: credentials check failed. [2010/04/26 17:12:03, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client TECNOLOGIA001 machine account TECNOLOGIA001$ What can i do to solve this? Tks in advance. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrade from Vista to 7 + samba = error [SOLVED]
Sorry from my lack of reading. The problem got solved by ensuring that the requirestrongkey was set to '1'. Tks Leonardo Carneiro - Veltrac wrote: Hello everyone, I'm using Ldap + Samba PDC 3.4.7 in a Debian Lenny machine (backported). I've been able add successfully 3 hosts with windows 7 on my domain. Now i upgraded a notebook from windows vista to windows 7. I could not log on the domain (the trust relationship was broken), So i tried to remove and re-add (after applying the registry patch file) the machine in the domain (several times), but i still cannot log in the domain. Here's the some log: [2010/04/26 17:12:03, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: tecnologia001$ [2010/04/26 17:12:03, 2] passdb/pdb_ldap.c:2434(init_group_from_ldap) init_group_from_ldap: Entry found for group: 515 [2010/04/26 17:12:03, 2] libsmb/credentials.c:223(netlogon_creds_server_check) netlogon_creds_server_check: credentials check failed. [2010/04/26 17:12:03, 0] rpc_server/srv_netlog_nt.c:603(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client TECNOLOGIA001 machine account TECNOLOGIA001$ What can i do to solve this? Tks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba over VPN
The W2K3 server is the VPN client or is a host behind a vpn client that have a route to the remote network? Is the server IS the vpn client, does the connection is being made by a service (prior to the user login) or you just connect to the VPN after login? Gaiseric Vandal wrote: How do the clients get IP addresses? You could try adding the WINS server value to the client ip address (either statically or via DHCP.) Then they should be able to get the necessary netbios name info even tho they are on a separate subnet. Why do you have the DC distant from the clients that it supports? On 04/22/2010 09:41 AM, Mike A. Leonetti wrote: Yeah. I don't think it's the VPN blocking traffic. I think my WINS server is not functioning properly. I'll keep working at it. Daniel Müller wrote: Are you sure, I thought with ipsec there could be netbios bypassing the tunnel. Shares and dns are always working. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Mike A. Leonetti [mailto:mleone...@evolutionce.com] Gesendet: Mittwoch, 14. April 2010 16:47 An: muel...@tropenklinik.de Cc: samba Mailing Betreff: Re: AW: [Samba] Samba over VPN Daniel, I'm using ipsec for a VPN. Since all shares are working and name resolution all netbios packets seem to be traversing the VPN no problem. Thanks. Daniel Müller wrote: Hello, as far I know you need a vpn with netbios enabled. This can be done witch openvpn in briding mode. Or with a router having this option. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Mike A. Leonetti Gesendet: Dienstag, 13. April 2010 22:27 An: Samba Mailing Betreff: [Samba] Samba over VPN Have a 2003 server located outside of the Domain network over a VPN. The server originally existed inside the network (10.1.1.0/24) but now exists on 10.10.12.0/24. I can access shares over the VPN to the domain controller, but when I try to log in as a domain user it says the domain is unavailable. I added the domain controller as a WINS server on the 2003 server. nbtstat -c on the 2003 does list the domain controller and the domain. Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp. C:\Documents and Settings\Administratornbtstat -c Local Area Connection 2: Node IpAddress: [10.10.12.244] Scope Id: [] NetBIOS Remote Cache Name Table Name Type Host AddressLife [sec] CRCOMPUTER1C GROUP 10.1.1.1390 CRCOMPUTER1B UNIQUE 10.1.1.1387 FORTISSIMO20 UNIQUE 10.1.1.1430 C:\Documents and Settings\Administrator Is there a way I can test the WINS server to definitely make sure it's working? Is it that SAMBA isn't broadcasting itself over the 10.10.12.0 (VPN) network? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 and samba 3.0.28
No, you didn't searched. Go to google and try samba windows7 vishesh kumar wrote: Dear all May be this question asked earlier in list but i didn't able to search exact . I have samba+ldap domain setup on RHEL 5.1 and samba version is 3.0.28. Today i got a windows 7 system , but i am not able to join that system in our samba+ldap domain. Do i need to do any registry tweaking. I can't upgrade own samba version beyond 3.0.33 because this maximum version i get if i update my system to RHEL 5.5. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Compile Samba 3.5 for lenny
You can use the backports repo to install samba 3.4 and add Windows 7 machines, also windows Vista machines. Also: *http://tinyurl.com/y9cbaxc* Eliano Leão wrote: Hi. I need adding machines with Windows Vista in my domain. My system:Debian Lenny ,Samba 3.2.15 and LDAP. How to compiler Samba 3.5 for Lenny? how to start samba after compiled? Thanks. Eliano -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Migration from 3.0.23d to 3.4.5 failed
After a migration from 3.2.5 to 3.4.7 i'm still having issues. My windows XP users randomly loses their access to the server and cannot open the share list. =S Volker Lendecke wrote: On Wed, Mar 24, 2010 at 05:39:15PM +0100, Bastien Semene wrote: Yes I'm using this one. Actually the module has been upgraded for 3.4 (and 3.5) in February 2010 : http://sourceforge.net/projects/pdbsql/files/ I plan to switch to another backend at short term, but I can't do it now as all my services uses this backend currently, and I need to upgrade Samba service to integrate Windows 7 workstations. Anyway I don't think that it is the source of the problem according to the tests I made with pdbedit in my previous mail (but I'm a newbie in Samba services). If you can point me a test to confirm (or unconfirm) that this module is the problem, I'll be glad. Ok, what we need then is a debug level 10 log of smbd that you can't connect to. Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba PDC upgrade from 3.2.5 to 3.4.7
Hello everyone. Yesterday i did an almost painless upgrade from samba pdc from 3.2.5 to 3.4.7. I'm running in a Debian Lenny (upgraded from the original package to the backported one). After a few tweaks i found on the web my users, including those who run win7, where able to log in the domain. But now the cannot access the shared folders on the server. Some users can't even open the server share list. There is any major change that prevent users to access the shares that i'm skipping it? Tks in advance and sorry for my poor english. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba PDC upgrade from 3.2.5 to 3.4.7
Also, i found out that only users running windows xp in one of the two interfaces that samba is being accessed are having this trouble. Leonardo Carneiro - Veltrac wrote: Hello everyone. Yesterday i did an almost painless upgrade from samba pdc from 3.2.5 to 3.4.7. I'm running in a Debian Lenny (upgraded from the original package to the backported one). After a few tweaks i found on the web my users, including those who run win7, where able to log in the domain. But now the cannot access the shared folders on the server. Some users can't even open the server share list. There is any major change that prevent users to access the shares that i'm skipping it? Tks in advance and sorry for my poor english. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ham,Re: samba PDC upgrade from 3.2.5 to 3.4.7
Hi Dale and others. I had already checked the release notes. Only users in eth0 (192.168.0.x) are having trouble. Here is some info and some logs: smb.conf: [global] workgroup = DOMINIO netbios name = DOMINIO server string = Samba Server hosts allow = 192.168.1. 192.168.0. 127. smb ports = 139 load printers = no log file = /var/log/samba/%m.log max log size = 50 log level = 2 winbind:3 security = user encrypt passwords = true username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0 eth1 local master = yes os level = 90 domain master = yes preferred master = yes domain logons = yes logon script = %G.bat logon path = name resolve order = wins bcast lmhosts wins support = yes dns proxy = no ldap passwd sync = yes ldap ssl = off ldap delete dn = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=root,dc=dominio,dc=com,dc=br ldap suffix = dc=dominio,dc=com,dc=br ldap group suffix = ou=Grupos ldap user suffix = ou=Usuarios ldap machine suffix = ou=Computadores ldap idmap suffix = ou=ldapidmapsuffix idmap backend = ldap://127.0.0.1 idmap alloc backend = ldap idmap alloc config : ldap_user_dn = cn=root,dc=dominio,dc=com,dc=br idmap alloc config : ldap_base_dn = ou=Usuarios,dc=dominio,dc=com,dc=br idmap alloc config : ldap_url = ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 enable privileges = yes nt acl support = yes add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u dos charset = CP850 Unix charset = ISO8859-1 admin users = root time server = yes template shell = /bin/false winbind use default domain = no map acl inherit = Yes Dale Schroeder wrote: On 03/23/2010 1:48 PM, Leonardo Carneiro - Veltrac wrote: Also, i found out that only users running windows xp in one of the two interfaces that samba is being accessed are having this trouble. Leonardo Carneiro - Veltrac wrote: Hello everyone. Yesterday i did an almost painless upgrade from samba pdc from 3.2.5 to 3.4.7. I'm running in a Debian Lenny (upgraded from the original package to the backported one). After a few tweaks i found on the web my users, including those who run win7, where able to log in the domain. But now the cannot access the shared folders on the server. Some users can't even open the server share list. There is any major change that prevent users to access the shares that i'm skipping it? Tks in advance and sorry for my poor english. You could check the release notes for changes: http://www.samba.org/samba/history/ , or consider posting your smb.conf. Dale -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] usuários não consegues acessar pastar compartilhadas após upgrade do samba
Oi Fábio. Pelo IP também não acessa. A minha suspeita de que era um problema ligado a interface está errada. Aleatóriamente usuários nas duas interfaces perdem o acesso. Ainda assim, somente usuários com Windows XP tem esse problema. Vou testar suas indicações. Fábio Rabelo wrote: 2010/3/23 Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br Não existem regras de firewall para nenhuma interface. Tenho as seguinte regra sobre interfaces e redes: hosts allow = 192.168.0. 192.168.1. 127. interfaces = eth0 eth1 E estas linhas acima estão no smb.conf ?!? Se sim, o Sr. tem que acrescentar o loopback interfaces = lo eth1 eth2 e a linha bind interfaces only = yes TEM que existir Uma pergunta, se o Sr. tentar acessar o compartilhamento usando o ip ele coneta ? Se a resposta for sim, o Sr. pode estar com problemas de resolução de nomes, já tentou colocar esta linha no smb.conf : wins support = yes Fábio Rabelo Não localizei nenhum erro nos logs. Os usuários não conseguem nem acessar a lista de shares. Ao tentar acessar \\[ip_do_server], já recebo a mensagem de caminho de rede não encontrado. Fábio Rabelo wrote: Existem várias possíveis causas, vamos tentar duas delas : O Sr. verificou as regras do firewall, se são idênticas para ambas as placas ?? E se o Sr. tem alguma coisa assim no seu smb.conf : interfaces = eth1, lo bind interfaces only = yes Se sim, amas as placas de rede TEM que estar presentes na primeira linha . E a dica básica de todos os dias, o Sr. já verificou se existe alguma msg de erro no log ?!? Fábio Rabelo 2010/3/23 Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br Olá pessoALL, Fiz um upgrade quase 'painless' do samba 3.2.5 para a versão 3.4.7 do backports, para permitir máquinas com windows 7 no domínio. Após algumas pequenas mudanças, todos estavam logando normalmente no domínio. Porém, vários usuários não conseguem acessar as pastas compartilhadas. Este samba atende em duas interfaces (eth0 e eth1) com duas subredes diferentes. Em uma interface, todos estão acessando normal. Na outra, os clientes com windows xp não conseguem nem abrir a lista de shares do servidor. O que pode estar errado? -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org mailto:debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org mailto:listmas...@lists.debian.org Archive: http://lists.debian.org/4ba90c70.2020...@veltrac.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] usuários não consegues acessar pastar compartilhadas após upgrade do samba
sorry, wrong list Leonardo Carneiro - Veltrac wrote: Oi Fábio. Pelo IP também não acessa. A minha suspeita de que era um problema ligado a interface está errada. Aleatóriamente usuários nas duas interfaces perdem o acesso. Ainda assim, somente usuários com Windows XP tem esse problema. Vou testar suas indicações. Fábio Rabelo wrote: 2010/3/23 Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br Não existem regras de firewall para nenhuma interface. Tenho as seguinte regra sobre interfaces e redes: hosts allow = 192.168.0. 192.168.1. 127. interfaces = eth0 eth1 E estas linhas acima estão no smb.conf ?!? Se sim, o Sr. tem que acrescentar o loopback interfaces = lo eth1 eth2 e a linha bind interfaces only = yes TEM que existir Uma pergunta, se o Sr. tentar acessar o compartilhamento usando o ip ele coneta ? Se a resposta for sim, o Sr. pode estar com problemas de resolução de nomes, já tentou colocar esta linha no smb.conf : wins support = yes Fábio Rabelo Não localizei nenhum erro nos logs. Os usuários não conseguem nem acessar a lista de shares. Ao tentar acessar \\[ip_do_server], já recebo a mensagem de caminho de rede não encontrado. Fábio Rabelo wrote: Existem várias possíveis causas, vamos tentar duas delas : O Sr. verificou as regras do firewall, se são idênticas para ambas as placas ?? E se o Sr. tem alguma coisa assim no seu smb.conf : interfaces = eth1, lo bind interfaces only = yes Se sim, amas as placas de rede TEM que estar presentes na primeira linha . E a dica básica de todos os dias, o Sr. já verificou se existe alguma msg de erro no log ?!? Fábio Rabelo 2010/3/23 Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br Olá pessoALL, Fiz um upgrade quase 'painless' do samba 3.2.5 para a versão 3.4.7 do backports, para permitir máquinas com windows 7 no domínio. Após algumas pequenas mudanças, todos estavam logando normalmente no domínio. Porém, vários usuários não conseguem acessar as pastas compartilhadas. Este samba atende em duas interfaces (eth0 e eth1) com duas subredes diferentes. Em uma interface, todos estão acessando normal. Na outra, os clientes com windows xp não conseguem nem abrir a lista de shares do servidor. O que pode estar errado? -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org mailto:debian-user-portuguese-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org mailto:listmas...@lists.debian.org Archive: http://lists.debian.org/4ba90c70.2020...@veltrac.com.br -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ham,Re: samba PDC upgrade from 3.2.5 to 3.4.7
Hi John. It worked well just before the upgrade. I'm not saying that this is correct, but is the reason why users aren't accessing? Also, should'n this give some specific error in the logs? Tks in advance. John H Terpstra wrote: On 03/23/2010 02:35 PM, Leonardo Carneiro - Veltrac wrote: Hi Dale and others. I had already checked the release notes. Only users in eth0 (192.168.0.x) are having trouble. Here is some info and some logs: smb.conf: [global] workgroup = DOMINIO netbios name = DOMINIO It is not at all surprizing that users are having difficulty accessing this server! It's workgroup name and hostname are the SAME! Please read the Samba-HOWTO. These two names MUST differ. What you have is broken. - John T. server string = Samba Server hosts allow = 192.168.1. 192.168.0. 127. smb ports = 139 load printers = no log file = /var/log/samba/%m.log max log size = 50 log level = 2 winbind:3 security = user encrypt passwords = true username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 interfaces = eth0 eth1 local master = yes os level = 90 domain master = yes preferred master = yes domain logons = yes logon script = %G.bat logon path = name resolve order = wins bcast lmhosts wins support = yes dns proxy = no ldap passwd sync = yes ldap ssl = off ldap delete dn = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=root,dc=dominio,dc=com,dc=br ldap suffix = dc=dominio,dc=com,dc=br ldap group suffix = ou=Grupos ldap user suffix = ou=Usuarios ldap machine suffix = ou=Computadores ldap idmap suffix = ou=ldapidmapsuffix idmap backend = ldap://127.0.0.1 idmap alloc backend = ldap idmap alloc config : ldap_user_dn = cn=root,dc=dominio,dc=com,dc=br idmap alloc config : ldap_base_dn = ou=Usuarios,dc=dominio,dc=com,dc=br idmap alloc config : ldap_url = ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 enable privileges = yes nt acl support = yes add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u dos charset = CP850 Unix charset = ISO8859-1 admin users = root time server = yes template shell = /bin/false winbind use default domain = no map acl inherit = Yes Dale Schroeder wrote: On 03/23/2010 1:48 PM, Leonardo Carneiro - Veltrac wrote: Also, i found out that only users running windows xp in one of the two interfaces that samba is being accessed are having this trouble. Leonardo Carneiro - Veltrac wrote: Hello everyone. Yesterday i did an almost painless upgrade from samba pdc from 3.2.5 to 3.4.7. I'm running in a Debian Lenny (upgraded from the original package to the backported one). After a few tweaks i found on the web my users, including those who run win7, where able to log in the domain. But now the cannot access the shared folders on the server. Some users can't even open the server share list. There is any major change that prevent users to access the shares that i'm skipping it? Tks in advance and sorry for my poor english. You could check the release notes for changes: http://www.samba.org/samba/history/ , or consider posting your smb.conf. Dale -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5011/ /R. Pará 162 - CENTRO/ /Londrina- PR/ /Cep: 86010-450/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new user can't log
Hi guys. I'm still stuck with that user that can't logon. This is what i got with some commands: fileserver:~# net groupmap list Domain Admins (S-1-5-21-874179082-3571801642-3889913597-512) - Domain Admins Domain Users (S-1-5-21-874179082-3571801642-3889913597-513) - Domain Users Domain Guests (S-1-5-21-874179082-3571801642-3889913597-514) - Domain Guests Domain Computers (S-1-5-21-874179082-3571801642-3889913597-515) - Domain Computers Administrators (S-1-5-32-544) - Administrators Account Operators (S-1-5-32-548) - Account Operators Print Operators (S-1-5-32-550) - Print Operators Backup Operators (S-1-5-32-551) - Backup Operators Replicators (S-1-5-32-552) - Replicators admfin (S-1-5-21-874179082-3571801642-3889913597-3001) - admfin industrial (S-1-5-21-874179082-3571801642-3889913597-3003) - industrial qualidade (S-1-5-21-874179082-3571801642-3889913597-3019) - qualidade todos (S-1-5-21-874179082-3571801642-3889913597-3023) - todos infra (S-1-5-21-874179082-3571801642-3889913597-47827) - infra diretoria (S-1-5-21-874179082-3571801642-3889913597-17759) - diretoria comercial (S-1-5-21-874179082-3571801642-3889913597-90607) - comercial instalacao (S-1-5-21-874179082-3571801642-3889913597-111769) - instalacao atendimento (S-1-5-21-874179082-3571801642-3889913597-68367) - atendimento veltrac (S-1-5-21-874179082-3571801642-3889913597-3031) - software hardware (S-1-5-21-874179082-3571801642-3889913597-3021) - hardware mapas (S-1-5-21-874179082-3571801642-3889913597-120591) - mapas importacao (S-1-5-21-874179082-3571801642-3889913597-130555) - importacao fileserver:~# net getlocalsid SID for domain DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 fileserver:~# net getdomainsid SID for local machine DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 SID for domain DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 Apparently, the domain sid matchs with most part of the groups sid. can you guys see something wrong here? *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ Leonardo Carneiro escreveu: The database from ldap was a copy from another domain, that existed in another network. i've done a slapcat in the old domain and did a slapadd in this new one (both domain have the same name). But this happened about 2 years ago. After a samba and ldap upgrade via apt-get, the duplicated domains message start to pop (abouth 3 months ago). Just now i've solved, but now, this =S. I'll try some of the stuff you guys sugested me. tks and sorry for my poor english. *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ David Whitney escreveu: Unless I've blown my memory on Windows internals, each user's SID is comprised of the domain's SID, then a self-refential RID portion. That means a user from the domain DOMINIOS should NOT have what amounts to a prefix that looks as though it came from a different domain. But unless I'm mistaken, your logs are telling you exactly that - the domain portion of the group and user SID's indicate different domains, and that indicates a problem. One theory is that perhaps your domain was created, groups and users were created, but then for some reason your domain SID changed, and perhaps that led to your described duplicate domain entry (?) problem. Anyway, I'd take a look at the SIDS of other users and groups and see if this problem exists for other users or groups on your domain. -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new user can't log
It's strange. I've found that this problem isn't with this particular user, but with every new user that i create. How can i make the smbldap-useradd to create the users with the right sid? *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ Zoolook escreveu: 2009/12/21 Leonardo Carneiro lscarne...@veltrac.com.br: Hi guys. I'm still stuck with that user that can't logon. This is what i got with some commands: was that the user with SID S-1-5-21-4161212321-1980848047-2820993626-3468 ? his SID doesn't match your domain. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new user can't log
Hi Zoolook and others. Indeed, the smbldap.conf was with the wrong sid. i've changed, but i do not have a terminal server to test remote. once i get in there i'll test, but i'm pretty confident that this was the problem. tks a lot! *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ Zoolook escreveu: 2009/12/21 Leonardo Carneiro lscarne...@veltrac.com.br: It's strange. I've found that this problem isn't with this particular user, but with every new user that i create. How can i make the smbldap-useradd to create the users with the right sid? Check your smbldap config. I'm sure the SID there doesn't match. Either remove it or change it to the right value. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] new user can't log
Hello everyone. I was having a problem with my Samba PDC with LDAP backend. The command 'net getlocalsid' gaves me the message Got too many (2) domain info entries for domain [domain]. I logged im my ldap server, and saw that i have the following entries: dn: sambaDomainName=DOMINIO,dc=dominio,dc=com,dc=br sambaDomainName: DOMINIO sambaSID: S-1-5-21-874179082-3571801642-3889913597 sambaAlgorithmicRidBase: 1000 objectClass: sambaDomain sambaNextUserRid: 67109862 sambaNextGroupRid: 67109863 structuralObjectClass: sambaDomain entryUUID: 9ca720c8-00a6-102c-9973-d48efacd902d creatorsName: cn=root,dc=dominio,dc=com,dc=br createTimestamp: 20070926180404Z entryCSN: 20070926180404Z#01#00#00 modifiersName: cn=root,dc=dominio,dc=com,dc=br modifyTimestamp: 20070926180404Z and: dn: ou=Dominios,dc=dominio,dc=com,dc=br ou: Dominios objectClass: top objectClass: organizationalUnit structuralObjectClass: organizationalUnit dn: sambaDomainName=DOMINIO,ou=Dominios,dc=dominio,dc=com,dc=br objectClass: sambaDomain sambaAlgorithmicRidBase: 1000 sambaSID: S-1-5-21-874179082-3571801642-3889913597 sambaDomainName: DOMINIO sambaMinPwdLength: 4 sambaLogonToChgPwd: 2 sambaForceLogoff: 0 sambaRefuseMachinePwdChange: 1 structuralObjectClass: sambaDomain Deleting the former (the one that was not inside the 'ou=Dominios') solved the problem. Now, the 'net getlocalsid' gives me the SID for my domain correctly. I don't know if this have any relation with my new problem, but i created a new user and he can't login. The error is in portuguese, but i'll translate here: The system could not logon by the following error: A device conected to the system is not working. In the log of the machine the user is trying to log, i have the following info: [2009/12/18 16:47:29, 2] auth/auth.c:check_ntlm_password(308) check_ntlm_password: authentication for user [dsribeiro] - [dsribeiro] - [dsribeiro] succeeded [2009/12/18 16:47:29, 1] rpc_server/srv_netlog_nt.c:_netr_LogonSamLogon(1060) _netr_LogonSamLogon: user DOMINIO\dsribeiro has user sid S-1-5-21-4161212321-1980848047-2820993626-3468 but group sid S-1-5-21-874179082-3571801642-3889913597-513. The conflicting domain portions are not supported for NETLOGON calls Can anyone point me to how to solve this? I'm not what you guys could call an expert in samba :D -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new user can't log
The database from ldap was a copy from another domain, that existed in another network. i've done a slapcat in the old domain and did a slapadd in this new one (both domain have the same name). But this happened about 2 years ago. After a samba and ldap upgrade via apt-get, the duplicated domains message start to pop (abouth 3 months ago). Just now i've solved, but now, this =S. I'll try some of the stuff you guys sugested me. tks and sorry for my poor english. *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ David Whitney escreveu: Unless I've blown my memory on Windows internals, each user's SID is comprised of the domain's SID, then a self-refential RID portion. That means a user from the domain DOMINIOS should NOT have what amounts to a prefix that looks as though it came from a different domain. But unless I'm mistaken, your logs are telling you exactly that - the domain portion of the group and user SID's indicate different domains, and that indicates a problem. One theory is that perhaps your domain was created, groups and users were created, but then for some reason your domain SID changed, and perhaps that led to your described duplicate domain entry (?) problem. Anyway, I'd take a look at the SIDS of other users and groups and see if this problem exists for other users or groups on your domain. -David -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] can't write to share
hi everyone. i just want to create a share that anyone can read and write. simple that. what i'm doing wrong? here is my smb.conf [global] netbios name = delsoftserver writeable = yes server string = Samba Server Version %v workgroup = WORKGROUP security = share passdb backend = tdbsam unix charset = ISO8859-1 [FFe] writeable = yes path = /dados/NFe public = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 guest ok = yes browsable = yes read only = no -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] new share with specific setting
hi everyone i have to create a share that will allow a group of users just to create files, not modifying or even reading these files. plus, i need to allow just xml files to be created. is that possible? tks in advance -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new share with specific setting
anyone? i've found the 'veto' statement, but it only allows me to block certains files, not allows just a few and block all others. Leonardo Carneiro escreveu: hi everyone i have to create a share that will allow a group of users just to create files, not modifying or even reading these files. plus, i need to allow just xml files to be created. is that possible? tks in advance -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Re: can't access samba PDC after power cut
yes, i can. i have other services relying on ldap, and they are running fine. the samba server indeed starts, but a 'smbclient -L 127.0.0.1 -U lscarneiro' returns me the following message: Connection to 127.0.0.1 failed (Error NT_STATUS_CONNECTION_REFUSED) i'm already going nuts with this. every user on my network is screaming in my phone =S tks in advance for any help jamrock escreveu: Leonardo Carneiro lscarne...@veltrac.com.br wrote in message news:4a5268e1.2080...@veltrac.com.br... hello guys, after a power cut in this weekend, the filesystem of the machine running samba+ldap currupted. i did a fsck and every other services in the machine are running fine now, but i cannot access the samba shares and cannot join/log in the domain. in the windows machines it just show a message the network path is not found. Can you search the ldap directory using the standard ldap tools. e.g. ldapsearch? If not, the problem could be with ldap and not Samba. -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Re: can't access samba PDC after power cut
Guys, you won't believe, but after ANOTHER unexpected power cut, the server is now running... kind off. After the unexpected reboot (my nobreaks aren't working) the command at least returns me a message requiring the password, but i cannot authenticate. same in windows. when i give a \\192.168.0.2, it does require the password, but i cannot authenticate. again, my, ldap backend is fine. Olivier Nicole escreveu: 'smbclient -L 127.0.0.1 -U lscarneiro' returns me the following message: Connection to 127.0.0.1 failed (Error NT_STATUS_CONNECTION_REFUSED) To me too, but I think that your smbclient command is not valid. It should rather be -I 127.0.0.1 I think. By the way, are you sure that your Samba server should be responding to the loopback address? Here it is not. Try 'netstat -na|grep 445' and see what IP address is listening. You write that: the samba server indeed starts But does it successfully start? Is it still runninng? Try 'ps auwx|grep mdb' you should see the nmbd and smbd processes. Bests, Olivier -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Re: can't access samba PDC after power cut
ldap is running fine. it looks like my winbind init script corrupted in one of the power cuts. replacing with the backup solved the problem. tks for all the effort and sorry about my poor english. Adam Williams escreveu: are you sure that ldap is running ok? i find that slapd on openldap doesn't like unclean shutdowns. Leonardo Carneiro wrote: Guys, you won't believe, but after ANOTHER unexpected power cut, the server is now running... kind off. After the unexpected reboot (my nobreaks aren't working) the command at least returns me a message requiring the password, but i cannot authenticate. same in windows. when i give a \\192.168.0.2, it does require the password, but i cannot authenticate. again, my, ldap backend is fine. Olivier Nicole escreveu: 'smbclient -L 127.0.0.1 -U lscarneiro' returns me the following message: Connection to 127.0.0.1 failed (Error NT_STATUS_CONNECTION_REFUSED) To me too, but I think that your smbclient command is not valid. It should rather be -I 127.0.0.1 I think. By the way, are you sure that your Samba server should be responding to the loopback address? Here it is not. Try 'netstat -na|grep 445' and see what IP address is listening. You write that: the samba server indeed starts But does it successfully start? Is it still runninng? Try 'ps auwx|grep mdb' you should see the nmbd and smbd processes. Bests, Olivier -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] can't access samba PDC after power cut
hello guys, after a power cut in this weekend, the filesystem of the machine running samba+ldap currupted. i did a fsck and every other services in the machine are running fine now, but i cannot access the samba shares and cannot join/log in the domain. in the windows machines it just show a message the network path is not found. i'll add my smb.conf tks in advance -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5601/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ [global] workgroup = DOMINIO netbios name = DOMINIO server string = Veltrac Samba Server smb ports = 139 load printers = no printing = bsd disable spoolss = yes log file = /var/log/samba/%m.log max log size = 50 security = user encrypt passwords = true username map = /etc/samba/smbusers socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon script = %U.bat logon path = name resolve order = wins bcast lmhosts wins support = yes dns proxy = no ldap passwd sync = yes ldap delete dn = yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=root,dc=dominio,dc=com,dc=br ldap suffix = dc=dominio,dc=com,dc=br ldap group suffix = ou=Grupos ldap user suffix = ou=Usuarios ldap machine suffix = ou=Computadores ldap idmap suffix = ou=ldapidmapsuffix idmap backend = ldap://127.0.0.1 idmap uid = 1-2 idmap gid = 1-2 enable privileges = yes nt acl support = yes add machine script = /usr/sbin/smbldap-useradd -w %u add user script = /usr/sbin/smbldap-useradd -m %u delete user script = /usr/sbin/smbldap-userdel %u add group script = /usr/sbin/smbldap-groupadd -p %g delete group script = /usr/sbin/smbldap-groupdel %g add user to group script = /usr/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/sbin/smbldap-usermod -g %g %u dos charset = CP850 Unix charset = ISO8859-1 #veto files = /*.mp3/*.wmv/*.wma/*.avi/*.mpg/*.wav/ admin users = root time server = yes map acl inherit = Yes [homes] comment = Home Directories browseable = no writable = yes [diretoria] comment = Diretoria path = /home/grupos/diretoria writable = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 valid users = @diretoria inherit permissions = yes map acl inherit = yes [instalacao] comment = Instalacao path = /home/grupos/instalacao writable = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 valid users = @instalacao inherit permissions = yes map acl inherit = yes [admfin] comment = Administrativo/Financeiro path = /home/grupos/admfin writable = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 valid users = @admfin inherit permissions = yes map acl inherit = yes [atendimento] comment = Atendimento path = /home/grupos/atendimento writable = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 valid users = @atendimento inherit permissions = yes map acl inherit = yes [industrial] writeable = yes path = /home/grupos/industrial force directory mode = 02777 force create mode = 0777 create mask = 0777 comment = Industrial directory mask = 02777 valid users = @industrial inherit permissions = yes map acl inherit = yes [comercial] comment = Comercial path = /home/grupos/comercial writable = yes create mask = 0777 force create mode = 0777 directory mask = 02777 force directory mode = 02777 valid users = @comercial inherit permissions = yes map acl inherit = yes [importacao] writeable = yes map acl inherit = yes inherit permissions = yes path = /home/grupos/importacao force directory mode = 02777 force create mode = 0777 create mask = 0777 directory mask = 02777 valid users = @importacao [infra] writeable = yes map acl inherit = yes inherit permissions = yes path = /home/grupos/infra force
Re: [Samba] multiple domain info entries problem
i still have this problem i have not found any solution. sorry for the 'up' on the topic, but i'm really in trouble with this situation. any idea anyone? Leonardo Carneiro escreveu: after many tries and upgrading my samba to 3.2.5, the sharing is working... kind of. now everyone can access their exclusive folders on the server, also can acess the public folder (anyone can access this folder without authentication). when people try to access folders that they should not access (like a IT guy accessing the Sales folder), the server also forbid the access. But when someone try to access their group folder (like the Sales guy accessing the Sales folder), windows show a error message, telling me the folder is no accessible. any help is welcome. tks in advance. Leonardo Carneiro escreveu: Hi fellows. I'm new to the list and hope I'll have a nice time here. one of my servers running samba+ldap is not working properly. the setup is: Debian 5 fileserver:/etc/samba#smbd --version Version 3.0.24 fileserver:/etc/samba# slapd -V @(#) $OpenLDAP: slapd 2.3.30 (Oct 5 2008 22:08:58) $ j...@galadriel:/home/jmm/ldap/openldap2.3-2.3.30/debian/build/servers/slapd After a samba upgrade via apt-get, the user could not access their shared folders anymore. Looking at the logs i'd saw some strage things: smbd.log: === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6550 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6550): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 15 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(main+0x10f0) [0x82c3860] #13 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #14 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(41) === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6556 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6556): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 16 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(start_background_queue+0x25c) [0x824893c] #13 /usr/sbin/smbd(main+0x1344) [0x82c3ab4] #14 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #15 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd and the 'net getlocalsid' returns me the following: fileserver:/var/log/samba# net getlocalsid [2009/05/19 09:25:19, 0] lib/smbldap_util.c:smbldap_search_domain_info(267) smbldap_search_domain_info: Got too many (2) domain info entries for domain DOMINIO SID for domain DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 Other tests also returns me the smb_ldap_search_domain_info error, but my ldap only one sambaDomain and sambaDomainName entries. Other apps using ldap like squid
[Samba] multiple domain info entries problem
Hi fellows. I'm new to the list and hope I'll have a nice time here. one of my servers running samba+ldap is not working properly. the setup is: Debian 5 fileserver:/etc/samba#smbd --version Version 3.0.24 fileserver:/etc/samba# slapd -V @(#) $OpenLDAP: slapd 2.3.30 (Oct 5 2008 22:08:58) $ j...@galadriel:/home/jmm/ldap/openldap2.3-2.3.30/debian/build/servers/slapd After a samba upgrade via apt-get, the user could not access their shared folders anymore. Looking at the logs i'd saw some strage things: smbd.log: === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6550 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6550): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 15 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(main+0x10f0) [0x82c3860] #13 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #14 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(41) === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6556 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6556): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 16 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(start_background_queue+0x25c) [0x824893c] #13 /usr/sbin/smbd(main+0x1344) [0x82c3ab4] #14 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #15 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd and the 'net getlocalsid' returns me the following: fileserver:/var/log/samba# net getlocalsid [2009/05/19 09:25:19, 0] lib/smbldap_util.c:smbldap_search_domain_info(267) smbldap_search_domain_info: Got too many (2) domain info entries for domain DOMINIO SID for domain DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 Other tests also returns me the smb_ldap_search_domain_info error, but my ldap only one sambaDomain and sambaDomainName entries. Other apps using ldap like squid are working fine. I've searched the web and the list looking for a solution, but haven't found =/ I do apreciate any help. Sorry about my poor english. Tks in advance. -- *Leonardo de Souza Carneiro* *Veltrac - Tecnologia em Logística.* lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br http://www.veltrac.com.br http://www.veltrac.com.br/ /Fone Com.: (43)2105-5600/ /Av. Higienópolis 1601 Ed. Eurocenter Sl. 803/ /Londrina- PR/ /Cep: 86015-010/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] multiple domain info entries problem
after many tries and upgrading my samba to 3.2.5, the sharing is working... kind of. now everyone can access their exclusive folders on the server, also can acess the public folder (anyone can access this folder without authentication). when people try to access folders that they should not access (like a IT guy accessing the Sales folder), the server also forbid the access. But when someone try to access their group folder (like the Sales guy accessing the Sales folder), windows show a error message, telling me the folder is no accessible. any help is welcome. tks in advance. Leonardo Carneiro escreveu: Hi fellows. I'm new to the list and hope I'll have a nice time here. one of my servers running samba+ldap is not working properly. the setup is: Debian 5 fileserver:/etc/samba#smbd --version Version 3.0.24 fileserver:/etc/samba# slapd -V @(#) $OpenLDAP: slapd 2.3.30 (Oct 5 2008 22:08:58) $ j...@galadriel:/home/jmm/ldap/openldap2.3-2.3.30/debian/build/servers/slapd After a samba upgrade via apt-get, the user could not access their shared folders anymore. Looking at the logs i'd saw some strage things: smbd.log: === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6550 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6550): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 15 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(main+0x10f0) [0x82c3860] #13 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #14 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(41) === [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 6556 (3.0.24) Please read the Trouble-Shooting section of the Samba3-HOWTO [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2009/05/19 08:45:59, 0] lib/fault.c:fault_report(45) === [2009/05/19 08:45:59, 0] lib/util.c:smb_panic(1599) PANIC (pid 6556): internal error [2009/05/19 08:45:59, 0] lib/util.c:log_stack_trace(1706) BACKTRACE: 16 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x23) [0x822c3d3] #1 /usr/sbin/smbd(smb_panic+0x46) [0x822c4c6] #2 /usr/sbin/smbd [0x821a69a] #3 [0xb7eff420] #4 /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x50) [0xb76ac300] #5 /usr/lib/libldap_r-2.4.so.2 [0xb76dc274] #6 /usr/lib/libldap_r-2.4.so.2 [0xb76bc6d8] #7 /usr/lib/libldap_r-2.4.so.2 [0xb76eb950] #8 /lib/ld-linux.so.2 [0xb7f0e453] #9 /lib/i686/cmov/libc.so.6(exit+0x89) [0xb7b23ab9] #10 /usr/sbin/smbd [0x82c23bc] #11 /usr/sbin/smbd [0x82c23e0] #12 /usr/sbin/smbd(start_background_queue+0x25c) [0x824893c] #13 /usr/sbin/smbd(main+0x1344) [0x82c3ab4] #14 /lib/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0xb7b0b455] #15 /usr/sbin/smbd [0x8082b11] [2009/05/19 08:45:59, 0] lib/fault.c:dump_core(173) dumping core in /var/log/samba/cores/smbd and the 'net getlocalsid' returns me the following: fileserver:/var/log/samba# net getlocalsid [2009/05/19 09:25:19, 0] lib/smbldap_util.c:smbldap_search_domain_info(267) smbldap_search_domain_info: Got too many (2) domain info entries for domain DOMINIO SID for domain DOMINIO is: S-1-5-21-874179082-3571801642-3889913597 Other tests also returns me the smb_ldap_search_domain_info error, but my ldap only one sambaDomain and sambaDomainName entries. Other apps using ldap like squid are working fine. I've searched the web and the list looking for a solution, but haven't found =/ I do apreciate any help. Sorry about my poor english. Tks in advance
