[Samba] samba 3.0.23: %p not working?
RedHat AS 4, 2.6.9-22.0.2.ELsmp samba3-3.0.24-30 (RPMs from http://enterprisesamba.com/) Dear list members Several times a day we have interrupts up to 30 seconds. This is quite annoying. We have learnt from the mailing list that others had the same problem. This might be because we have the users home directory automounted by nfs first and than shared by samba. As almost everybody has their physical home directory on the same server we do not need local automounts, we could share them directly with samba. I.e. instead of homedir - nfs - samba we'd like to do the following homedir - samba. The problem is that we cannot get this working properly. We have the information stored in NIS and according to the documentation we can just use %p for the path for the homes. When users are logged in and we restart smbd than smbstatus shows us corret SharePaths. But when a user logs in the homedir for this user is automounted to /home/ user. In the share definition for [profiles] the variable %p cannot be used at all. Is %p not working properly or do we use it not correctly? How could we achieve direct samba sharing of homedirs without nfs mounts but with the information stored in NIS? Thanks for any kind of advise. Kind regards, Marc [global] workgroup = MYDOMAIN netbios name = MYSERVER domain logons = yes server string = MYDOMAIN SMB-Server %v hosts allow = 127.0.0.1 82.130. 172.31. 129.132. log file = /var/log/samba/%m.log log level = 1 max log size = 2500 security = user bind interfaces only = yes interfaces = bond0:0 smb ports = 139 client NTLMv2 auth = yes debug level = 0 password server = %L password level = 8 username level = 8 encrypt passwords = yes passdb backend = smbpasswd:/etc/samba/private/smbpasswd unix password sync = no local master = yes os level = 65 domain master = yes preferred master = yes logon path = \\%L\profiles\.profile.%a\e\profile.pds logon drive = P: logon script = mapdrives1.bat name resolve order = lmhosts wins hosts bcast wins support = yes dns proxy = yes nis homedir = yes homedir map = auto.home display charset = UTF8 unix charset = UTF8 dos charset = CP850 preserve case = yes short preserve case = yes default case = lower case sensitive = no [homes] comment = %U's Data on %L Group %G path = %p -- does not work browseable = no writable = yes create mask = 0700 directory mask = 0700 follow symlinks = yes locking = no oplocks = yes [profiles] path = %p -- does not work csc policy = disable browseable = no writable = yes create mask = 0700 directory mask = 0700 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Redhat samba-3.0.10-1.4E.6-x86_64
Dear List Members We are currently using samba-3.0.10-1.4E.2-x86_64 on RedHat AS 4. And it seems that we are suffering of the same problems reported here: http://lists.samba.org/archive/samba/2005-April/104335.html problems with the service pack 1 for windows 2003 [2005/04/25 02:06:33, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(993) api_pipe_bind_req: unknown auth type 1 requested. I was wondering if samba-3.0.10-1.4E.6-x86_64, which is now available through the RedHat Network channel, includes the necessary patches or not. Is this numbering schema identical to the one used by the samba- team? I know that RedHat backports but is RedHat 3.0.10 really samba- team 3.0.10? Searching through samba.org site I found the binaries provided by http://enterprisesamba.com/. Should we leave the RedHat Channel and use samba3-3.0.23-26.x86_64.rpm instead? Any comments on the quality of these packages? We don't really want to compile samba ourselves anymore. Kind regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] tdbsam and variables
This is a known problem. At this time there is no way to do what you are trying to do. Thank you very much for the clarification. I really appreciate this. Can we work around this known problems with login scripts/ preexec scripts? Are the variables supported in these scripts? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] tdbsam and variables
Not quite! The smb.conf setting is used in creating the user account entry in tdbsam. Yes, I forgot this one. But when adding a user I end up with entries like the following: Profile Path: \\myserver\myuser\.profile.UNKNOWN\profile.pds This is not really useful, is it? And when I correct it to be Profile Path: \\myserver\myuser\.profile.%a\profile.pds .profile.%a folders are created. Not very useful either. I've just the feeling that with tdbsam (and ldapsam?) we have lost all the dynamic features (%H, %u, %L, etc.). Can anybody confirm this or am I wrong? And why isn't there a fall back to the settings in smb.conf when something is not defined in tdbsam? This would be really helpful. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] tdbsam and variables
| First question: When Home Directory is not set in tdbsam | does samba just use the setting of logon home in smb.conf? | And when it's set does it ignore the smb.conf setting? You actually can't exlude these settings from the tdbsam records IIRC. I'd have to go back and look again to be sure. So the home directory path in the tdb record would always take precedence over the smb.conf settings. But like I say, I would have to double check this in the code. I would be really glad if you could check this. If what you say is true than the example Big 500 Users Example makes just no sense to me. The example only uses a tdbsam backend and then the setting for logon home and logon path could just be removed because it's the tdbsam which counts. And when we cannot use variables in tdbsam I begin to wonder what the advantages of a tdbsam backend against a smbpasswd file should be. Is this somewhere documented which backend supports variables and which backend supports the settings in smb.conf and since which version of samba? Thanks, Jerry. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] tdbsam and variables
Dear List Members We are trying to setup samba PDC with tdbsam backend. First question: When Home Directory is not set in tdbsam does samba just use the setting of logon home in smb.conf? And when it's set does it ignore the smb.conf setting? Second question: Does tdbsam allow the inclusion of variables such as %a, %u, %H, etc.? We were looking at the Big 500 Users Example [1] but had some difficulties. When we were using the tdbsam backand, samba ignored the settings which was set in smb.conf and we had to hard-code the varibles. E.g.: Profile Path: \\myserver\myuser\.profile.WinXP\profile.pds As we still have some computers running NT and 2k we tried to use %a: Profile Path: \\myserver\myuser\.profile.%a\profile.pds But this resulted in the generation of a folder .profile.%a and %a was not interpreted at all. We also wanted to use %L and %u in the profile path but then the profile wasn't found at all. When we left the Profile Path in tdbsam empty the setting in smb.conf was ignored and the profile not found. When using smbpasswd as backand everything works as expected with all variables. Therefore, my answer to my own question would be: all parameters have to be statically set in tdbsam because the settings in smb.conf are ignored and the inclusion of variables does not work. But when I look at the Big 500 Users Example [1] this answer does not make sense at all. If it were true why are the logon path and logon home set in the example configuration? My guess is that I have something wrong in my setup but I just cannot figure out what it is (I've added smb.con at the end of this message). BTW, this is samba-3.0.7-1.3E.1 on RedHat EL 3. Thanks for any hints to resolve this problem. Kind regards, Marc [1] http://us1.samba.org/samba/docs/man/Samba-Guide/Big500users.html /etc/samba/smb.conf #=== Global Settings = [global] workgroup = mydomain #netbios name = %L domain logons = yes server string = SMB-Server 6/6 %v hosts allow = xx.xxx.xx. log file = /var/log/samba/%m.log max log size = 50 security = user debug level = 0 # password server = %L password level = 8 username level = 8 encrypt passwords = yes passdb backend = tdbsam:/etc/samba/private/passdb.tdb unix password sync = no socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 33 domain master = yes preferred master = yes logon path = \\%L\profiles\.profile%a\profile.pds name resolve order = wins hosts wins support = no wins server = xx.xx.xx.xx dns proxy = no nis homedir = true homedir map = auto.home preserve case = yes short preserve case = yes default case = lower case sensitive = no logon drive = P: # Share Definitions == [homes] comment = %U's Data on %L Group %G path = %H browseable = no writable = yes create mask = 0700 directory mask = 0700 follow symlinks = yes [profiles] path = /home/%u browseable = no writable = yes create mask = 0700 directory mask = 0700 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] hosts allow and partial subnet
dear list members how can i restrict access to samba with the hosts allow configuration for only part of a subnet without having to list all the individual ip-numbers? e.g. we have the subnet 123.123.123.1 - 123.123.123.512 and i would like that only the hosts with the ip numbers between 123.123.123.237-123.123.123.319 have access. how can i do this? all hostnames have the following schema groupname-c## where ## is a simple number. i guess that something like hosts allow = groupname-c## is not possible with samba? regards, marc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] hosts allow and partial subnet
Is there any way you could re-arrange the IP address allocation? this is not possible. we have one huge subnet which is shared between different groups. if there is not a better solution i use hosts allow = @groupname where groupname is a nis netgroup (but then i would have to maintain these maps too) or use the include feature so that the smb.conf does not get cluttered with huge amounts of ip addresses. something like hosts allow = 123.123.123.237-319 would be really nice, though. regards, marc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multiple passdb backends: ldaps for users, everything else locally?
In your situation, you can't modify the users' entries in LDAP to add the samba information either I would guess. correct. For this type of a situation, use either the password file (is the option smbpasswd?) or tdbsam. You don't need to specify that ldap is involved at all. no. i want the users authenticate against the central ldap and not a local database/file. i don't want to maintain the username and passwords myself; this information is already available in the ldap and many other systems/programs rely on these informations in the ldap (almost single-sign-on). why do this twice? regards, marc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] multiple passdb backends: ldaps for users, everything else locally?
dear list members is it possible to only have the users authenticate against an external ldap server and everything else managed locally on the samba server? the problem is that i only can authenticate against the central ldap but not write to it. this means that samba root as well as all machine accounts have to be managed locally and the users' homes information is retrieved by nis. in the manual page of smb.conf i read the following: Multiple backends can be specified, separated by spaces. The backends will be searched in the order they are specified. New users are always added to the first backend specified. now, when i define the passdb backends as following in this order does my intention work? passdb backend = tdbsam ldapsam:ldaps://ldaps01.domain.com root is defined locally in tdbsam, all users in ldap. machines are also added locally. regards, marc -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] do I need to rejoin machines to the domain?
Due to a stupid human mistake we had some UIDs in the passwd and smbpasswd which were identical for users and machines, i.e. the user peter had the UID 1044 and the machine cyclone had the UID 1044. We configured samba as a PDC, therefore, nobody could log in anymore. I fixed the UIDs in the passwd by changing the machines' UIDs, then I deleted the machine's entries in smbpasswd and added them again to the smbpasswd. The problem now is that login to the domain does not work any more. My question is: do we need to rejoin the machines to the domain due to these changes in the smbpasswd? Thanks for any hints. Regards, Marc P.S.: samba 2.2.3a on Solaris; Win2k-, WinNT-clients -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba