Re: [Samba] ntlm hashes..
Or php class smbHash: http://www.koders.com/php/fidC803D608E93A9E4FD6F3B4C4270B8A37DFD42261.aspx?s=smtp+server from LDAP Account Manager (http://www.sourceforge.net/projects/lam) greetings mario Peter Rindfuss schrieb: On 03.04.2009 10:29, Collen Blijenberg wrote: Hello, How can i make an lm/ntlm hash from a plain text password ?? i need a way to generate a ntlm password to put into an external database. we make the users and there passwords on a machine that is not direct connected to the samba domain. we can export the database, so the only prob i have left is, how to get the samba passwords (lm/nt) in the database. You could use perl and the Crypt::SMBHash module. Peter Rindfuss -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Re: Samba/Ldap problems with Versions 3.0.24
Hi, Am Montag, den 17.03.2008, 13:41 -0400 schrieb Adam Tauno Williams: we have similiar problems with samba+ldap after updating to 3.0.27. But in our case, the following ldap-Attributes won't get updated: sambaPwdMustChange sambaPwdCanChange only sambPwdLastSet gets altered. in newly created accounts the two Attributes even won't be created !? I already checked every log-file i can think of, I played with verbose logging, but I really can't find a solution up to now. I also asked about this stuff here in the mailinglist several weeks ago, but no answer til now. So what could we do ? Is there a policy set to affect these attributes? littleboy:~ # pdbedit -P minimum password age account policy value for minimum password age is 86400 littleboy:~ # pdbedit -P maximum password age account policy value for maximum password age is 5184000 We have a policy for the maximum password age (value is: 15552000). But this doesnt matter. The timestamps in the LDAP get updated correctly, but the pdbedit -Lv user shows the wrong dates and the functionality is broken as you may read in my previous mail... greetings mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Vista joinDomain gdwError = 0x32
Hi, the same error is with samba version 3.0.24. Later versions can not be tested because of the Samba/Ldap problems with Versions 3.0.24. Nobody knows some thing about this error messages? greetings mario Am Montag, den 03.03.2008, 09:45 +0100 schrieb Mario Gzuk: Hi, I am trying to join MS Vista to a samba (3.0.23) Domain. If I join the domain manually all works fine, but when I try the unattended method I got the following errors: 2008-03-04 02:58:32, Error[unattendedjoin.exe] Unattended Join: NetJoinDomain failed error code is [50] 2008-03-04 02:58:32, Error[unattendedjoin.exe] Unattended Join: Unable to join; gdwError = 0x32 I am searching the samba logs and the Internet, but there is no description of this error (also not on microsoft.com). Maybe someone of the samba experts know this error code? Let me know if you need more information. Thank you for any hint. greetings mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba/Ldap problems with Versions 3.0.24
Hi, we have a samba/ldap domain. After upgrading to versions greater than 3.0.24, there are problems with the timestamps which are correct set in the LDAP tree. Here are 2 examples: --- Example 1: Password can change=not empty LDAP: sambaPwdLastSet: 1205744729 sambaPwdMustChange: 1307828342 sambaPwdCanChange: 1192276342 sambaKickoffTime: 1228086000 Samba 3.0.24 - correct: Logon time: Tue, 06 Feb 2007 16:07:05 CET Logoff time: Tue, 10 Feb 2004 09:18:42 CET Kickoff time: Mon, 01 Dec 2008 00:00:00 CET Password last set:Mon, 17 Mar 2008 10:05:29 CET Password can change: Sat, 13 Oct 2007 13:52:22 CEST Password must change: Sat, 11 Jun 2011 23:39:02 CEST Samba 3.0.24 - incorrect: Logon time: Tue, 06 Feb 2007 16:07:05 CET Logoff time: Tue, 10 Feb 2004 09:18:42 CET Kickoff time: Mon, 01 Dec 2008 00:00:00 CET Password last set:Mon, 17 Mar 2008 10:05:29 CET Password can change: Mon, 17 Mar 2008 10:05:29 CET Password must change: Mon, 17 Mar 2008 10:06:59 CET --- Exapmle 2: Password can change=empty LDAP: sambaPwdLastSet: 1205738745 sambaPwdMustChange: 1208781070 sambaKickoffTime: 1230764400 sambaPwdCanChange - doesnt exist Samba 3.0.24 - correct: Logon time: Wed, 07 Feb 2007 20:00:12 CET Logoff time: Thu, 09 Oct 2003 08:04:28 CEST Kickoff time: Thu, 01 Jan 2009 00:00:00 CET Password last set:Mon, 17 Mar 2008 08:25:45 CET Password can change: 0 Password must change: Mon, 21 Apr 2008 14:31:10 CEST Samba 3.0.24 - incorrect: Logon time: Wed, 07 Feb 2007 20:00:12 CET Logoff time: Thu, 09 Oct 2003 08:04:28 CEST Kickoff time: Thu, 01 Jan 2009 00:00:00 CET Password last set:Mon, 17 Mar 2008 08:25:45 CET Password can change: Mon, 17 Mar 2008 08:25:45 CET Password must change: Mon, 17 Mar 2008 08:27:15 CET --- The time sets for Password can change: and Password must change: are incorrect, that leads to that each user has to change his password every time he want to log in, because the Password must change is 1:30 minute later than Password can change which is the same value like Password last set. So this bug exists since a half year, so I wonder that no one other than Tomasz Chmielewski has detect this behavior. See his unanswered messages here: http://www.nabble.com/Re% 3A-Strange-NT_STATUS_PASSWORD-errors-after-upgrade-to-3.0.26a-td15847364.html greetings mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Vista joinDomain gdwError = 0x32
Hi, I am trying to join MS Vista to a samba (3.0.23) Domain. If I join the domain manually all works fine, but when I try the unattended method I got the following errors: 2008-03-04 02:58:32, Error[unattendedjoin.exe] Unattended Join: NetJoinDomain failed error code is [50] 2008-03-04 02:58:32, Error[unattendedjoin.exe] Unattended Join: Unable to join; gdwError = 0x32 I am searching the samba logs and the Internet, but there is no description of this error (also not on microsoft.com). Maybe someone of the samba experts know this error code? Let me know if you need more information. Thank you for any hint. greetings mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with samba 3.0.25b-33
Hi, our window file server running 3.0.25b-33 (X64) (Sernet rpm) on SLES 9 SP3 has been stoped working. The log file shows nothing new. No error ... Only the clients can not connect to the server. After a restart of smbd it seems to work for a while. Any idea ? Any help is welcome !! -The last logline before was 10:39; at10:42 no connection was possible- Jan 7 10:42:30 modena smbd[9266]: nss_ldap: reconnected to LDAP server after 1 attempt(s) Jan 7 10:42:40 modena smbd[9266]: [2008/01/07 10:42:40, 0] smbd/service.c:make_connection(1191) Jan 7 10:42:40 modena smbd[9266]: namibia (141.5.19.206) couldn't find service c-sid Jan 7 10:42:42 modena smbd[9784]: nss_ldap: reconnecting to LDAP server... Jan 7 10:42:42 modena smbd[9784]: nss_ldap: reconnected to LDAP server after 1 attempt(s) Jan 7 10:42:44 modena smbd[24293]: [2008/01/07 10:42:44, 0] lib/util_sock.c:get_peer_addr(1232) Jan 7 10:42:44 modena smbd[24293]: getpeername failed. Error was Transport endpoint is not connected Jan 7 10:42:44 modena smbd[10567]: [2008/01/07 10:42:44, 0] lib/util_sock.c:get_peer_addr(1232) Jan 7 10:42:44 modena smbd[10567]: getpeername failed. Error was Transport endpoint is not connected Jan 7 10:42:44 modena smbd[10567]: [2008/01/07 10:42:44, 0] lib/util_sock.c:write_data(562) Jan 7 10:42:44 modena smbd[10567]: write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer Jan 7 10:42:44 modena smbd[10567]: [2008/01/07 10:42:44, 0] lib/util_sock.c:send_smb(769) Jan 7 10:42:44 modena smbd[10567]: Error writing 4 bytes to client. -1. (Connection reset by peer) Jan 7 10:42:46 modena smbd[9266]: [2008/01/07 10:42:46, 0] smbd/service.c:make_connection(1191) Jan 7 10:42:46 modena smbd[9266]: namibia (141.5.19.206) couldn't find service c-sid Jan 7 10:42:52 modena smbd[10534]: nss_ldap: reconnecting to LDAP server... Jan 7 10:42:52 modena smbd[10534]: nss_ldap: reconnected to LDAP server after 1 attempt(s) Jan 7 10:43:04 modena smbd[10569]: [2008/01/07 10:43:04, 0] lib/util_sock.c:write_data(562) Jan 7 10:43:04 modena smbd[10569]: write_data: write failure in writing to client 141.5.16.46. Error Connection reset by peer Jan 7 10:43:04 modena smbd[10569]: [2008/01/07 10:43:04, 0] lib/util_sock.c:send_smb(769) Jan 7 10:43:04 modena smbd[10569]: Error writing 4 bytes to client. -1. (Connection reset by peer) Jan 7 10:43:15 modena smbd[9266]: [2008/01/07 10:43:15, 0] lib/util_sock.c:write_data(562) Jan 7 10:43:15 modena smbd[9266]: write_data: write failure in writing to client 141.5.19.206. Error Connection reset by peer Jan 7 10:43:15 modena smbd[9266]: [2008/01/07 10:43:15, 0] lib/util_sock.c:send_smb(769) Jan 7 10:43:15 modena smbd[9266]: Error writing 88 bytes to client. -1. (Connection reset by peer) Jan 7 10:43:15 modena smbd[9266]: [2008/01/07 10:43:15, 0] lib/util_sock.c:write_data(562) Jan 7 10:43:15 modena smbd[9266]: write_data: write failure in writing to client 141.5.19.206. Error Broken pipe Jan 7 10:43:15 modena smbd[9266]: [2008/01/07 10:43:15, 0] lib/util_sock.c:send_smb(769) Jan 7 10:43:15 modena smbd[9266]: Error writing 75 bytes to client. -1. (Broken pipe) Jan 7 10:44:20 modena smbd[9566]: nss_ldap: reconnecting to LDAP server... Jan 7 10:44:20 modena smbd[9566]: nss_ldap: reconnected to LDAP server after 1 attempt(s) Jan 7 10:44:22 modena sshd[10574]: Accepted publickey for root from 141.5.16.150 port 55694 ssh2 Jan 7 10:44:30 modena nmbd[10010]: [2008/01/07 10:44:30, 0] nmbd/nmbd_namequery.c:query_name_response(109) Jan 7 10:44:30 modena nmbd[10010]: query_name_response: Multiple (2) responses received for a query on subnet 141.5.16.61 for name BGC1d. Jan 7 10:44:30 modena nmbd[10010]: This response was from IP 141.5.16.29, reporting an IP address of 141.5.16.29. Jan 7 10:44:33 modena smbd[24293]: [2008/01/07 10:44:33, 0] lib/util_sock.c:get_peer_addr(1232) Jan 7 10:44:33 modena smbd[24293]: getpeername failed. Error was Transport endpoint is not connected Jan 7 10:44:33 modena smbd[10607]: [2008/01/07 10:44:33, 0] lib/util_sock.c:get_peer_addr(1232) Jan 7 10:44:33 modena smbd[10607]: getpeername failed. Error was Transport endpoint is not connected Jan 7 10:44:33 modena smbd[10607]: [2008/01/07 10:44:33, 0] lib/util_sock.c:write_data(562) Jan 7 10:44:33 modena smbd[10607]: write_data: write failure in writing to client 0.0.0.0. Error Connection reset by peer Jan 7 10:44:33 modena smbd[10607]: [2008/01/07 10:44:33, 0] lib/util_sock.c:send_smb(769) Jan 7 10:44:33 modena smbd[10607]: Error writing 4 bytes to client. -1. (Connection reset by peer) Jan 7 10:45:11 modena smbd[9065]: nss_ldap: reconnecting to LDAP server... Jan 7 10:45:11 modena smbd[9065]: nss_ldap: reconnected to LDAP server after 1 attempt(s) Jan 7 10:45:34 modena smbd[10638]: [2008/01/07 10:45:34, 0] lib/util_tdb.c:tdb_chainlock_with_timeout_internal(84) Jan 7 10:45:34 modena
Re: [Samba] OT: Automount, LDAP and AD
Hi, http://docs.hp.com/en/J4269-90084/ch04s02.html but untestet. greetz mario Am Montag, den 19.11.2007, 17:20 +0100 schrieb Sebastian Ries: Hi I know this does not directly correspond to Samba but it corresponds to the interaction between Windows and Linux. Is it possible to distribute automount maps via an AD-Server? I found some hints about adding automount maps into ldap but this does not seem to correspond to the AD. Does anyone of you have links to howtos on this? Regards Sebastian Ries -- DT Netsolution GmbH - Talaeckerstr. 30 - D-70437 Stuttgart Tel: +49-711-849910-36 Fax: +49-711-849910-936 WEB: http://www.dtnet.de/ email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Profile deleted
Am Freitag, den 22.06.2007, 06:49 -0500 schrieb Rex Dieter: Mario Gzuk wrote: Hi, strange things or normal behavior? We have a samba domain and Domain-guests accounts that are limited to log on to only some machines, on this machines the Domain-guests are in the lokal admin group. ... 3.) log on again with this Domain-guests account - all data and all settings are gone. I was not able to find any of the files stored in this account (under Documents and Settings) and all settings are set to the default. Is this normal? Yes, Guest account profiles are not persistent (ie, reset on every login). -- Rex No, the profile is persistent until you add this account to a local group. The M$ documentation says the same as you, but that is not correct for domain-guests, so this behavior is completely strange But dont think about that any more. It is as it is, and I dont think that M$ will correct such damn things greetz mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profile deleted - problem NOT solved
Hi, no hints, no solution. So we take it like all other M$ problems: living with it is easier than try to find why this happens. Thank you for your advertence. greetings mario gzuk Am Mittwoch, den 20.06.2007, 10:50 +0200 schrieb Mario Gzuk: Hi again, no one knows something about this behavior? The same happens if you add the Domain-guest account to an other local group. I will be happy if some one can point me to some documentation or give some hints about that. I have searched the internet but with this keywords you find million of pages with zero solutions. greetings mario Am Montag, den 18.06.2007, 11:39 +0200 schrieb Mario Gzuk: Hi, strange things or normal behavior? We have a samba domain and Domain-guests accounts that are limited to log on to only some machines, on this machines the Domain-guests are in the lokal admin group. All data inc settings will be deleted if you add this user to the local admin group (if the user was logged in one time before...). Here the steps how you can rebuild this behavior: 1.) log on with an Domain-guests account and make some settings (and store some data under Documents and Settings) 2.) log off and add this Domain-guests account to the local admin group 3.) log on again with this Domain-guests account - all data and all settings are gone. I was not able to find any of the files stored in this account (under Documents and Settings) and all settings are set to the default. Is this normal? If the account is a Domain-user (or higher) you can add and delete them from the local admin group without the lost of data. So this only appears to the Domain-guests. Maybe that is one of the special hidden features from M$ which let the people go berserk greetings and thanks for any hints! mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Profile deleted - additional info
Hi again, no one knows something about this behavior? The same happens if you add the Domain-guest account to an other local group. I will be happy if some one can point me to some documentation or give some hints about that. I have searched the internet but with this keywords you find million of pages with zero solutions. greetings mario Am Montag, den 18.06.2007, 11:39 +0200 schrieb Mario Gzuk: Hi, strange things or normal behavior? We have a samba domain and Domain-guests accounts that are limited to log on to only some machines, on this machines the Domain-guests are in the lokal admin group. All data inc settings will be deleted if you add this user to the local admin group (if the user was logged in one time before...). Here the steps how you can rebuild this behavior: 1.) log on with an Domain-guests account and make some settings (and store some data under Documents and Settings) 2.) log off and add this Domain-guests account to the local admin group 3.) log on again with this Domain-guests account - all data and all settings are gone. I was not able to find any of the files stored in this account (under Documents and Settings) and all settings are set to the default. Is this normal? If the account is a Domain-user (or higher) you can add and delete them from the local admin group without the lost of data. So this only appears to the Domain-guests. Maybe that is one of the special hidden features from M$ which let the people go berserk greetings and thanks for any hints! mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Profile deleted
Hi, strange things or normal behavior? We have a samba domain and Domain-guests accounts that are limited to log on to only some machines, on this machines the Domain-guests are in the lokal admin group. All data inc settings will be deleted if you add this user to the local admin group (if the user was logged in one time before...). Here the steps how you can rebuild this behavior: 1.) log on with an Domain-guests account and make some settings (and store some data under Documents and Settings) 2.) log off and add this Domain-guests account to the local admin group 3.) log on again with this Domain-guests account - all data and all settings are gone. I was not able to find any of the files stored in this account (under Documents and Settings) and all settings are set to the default. Is this normal? If the account is a Domain-user (or higher) you can add and delete them from the local admin group without the lost of data. So this only appears to the Domain-guests. Maybe that is one of the special hidden features from M$ which let the people go berserk greetings and thanks for any hints! mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] allowing users to install printers
Hi, but please dont forget you overwrite all other user-policy settings with this. The system32\grouppolicy\blablaba is the rusult set of your changes through gpedit. So if you have made changes before the file exists. If you overwrite the policy.pol all changes you made before are lost after next reboot (or 20 min I think. thats the standard time windows reload the group policys...) greetings amrio gzuk Am Donnerstag, den 12.01.2006, 09:00 +0100 schrieb Tomasz Chmielewski: Gerald (Jerry) Carter schrieb: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tomasz Chmielewski wrote: There's an XP policy that will allow Users to connect to printers and have the driver installed automatically. Run gpedit.msc on an XP client and you'll see what I mean. It's not very handy to do so with Samba and 100 clients if you know what I mean... Perhaps some registry entry that can be added in a script? Policies are just regostry entries. I referred you to the gpedit.msc lpugin so you could see for yourself. Teh rest is left as an exercise for the reader :-) OK, this is what I did: 1) installed Wininstall LE and scanned the workstation (newly installed) 2) changed the policy with gpedit.msc 3) scanned the workstation and created the MSI package with Wininstall LE 4) I looked into the MSI package to see the that were made to the system when I used gpedit.msc 5) the only notable change was a policy.pol file in system32\grouppolicy\user folder (or somewhere there) 6) I distributed the file to another workstation, and I could install printers from the Samba DC :) -- Tomasz Chmielewski http://wpkg.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] rpcclient
Hi, is there some option for the net-command (or an other way) that allows it to do the same like rpcclient --command=enumdomusers to get all rids from the users. thank you greetings mario -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange error 1937
Am Freitag, den 23.09.2005, 16:05 +0300 schrieb Denis Vlasenko: Try to isolate it first to failing invocation of smldap-useradd something add user script = debug_script %u wher debug_script is something like this: #!/bin/sh env /tmp/useradd.env strace -o /tmp/useradd.strace smbldap-useradd %u 1/tmp/useradd.1 2/tmp/useradd.2 Then you will be adle to experiment with failing command without need to do full net vampire run. -- vda Thanks for the answer! But thats not the problem. The smbldap-useradd work as expected if I run it from command line. If I do a net vampire I have to use smbldap-useradd without the -a flag. The samba account will be created by the net vampire command. So the problem comes from net vampire and not from smbldap-useradd (IMHO). PS: better will be: #!/bin/sh env /tmp/useradd.env strace -o /tmp/useradd.strace smbldap-useradd $1 1/tmp/useradd.$1.log 2/tmp/useradd.$1.err signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange error 1937
RESULT tag=105 err=68 text=èV^W^H^X^V.A \204î,@^P3^W^HDx,@[EMAIL PROTECTED]@[EMAIL PROTECTED]@^HY^W^H^C --SNAP--- This is the add user script: add user script = smbldap-useradd %u I take a look at the pdb_ldap.c and the error seems to be produced in the following lines: ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op, element_is_set_or_changed); if (!NT_STATUS_IS_OK(ret)) { DEBUG(0,(ldapsam_add_sam_account: failed to modify/add user with uid = %s (dn = %s)\n, pdb_get_username(newpwd),dn)); ldap_mods_free(mods, True); return ret; } Can someone help me with this? thank you greetings mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] strange error 1937
Am Freitag, den 23.09.2005, 16:05 +0300 schrieb Denis Vlasenko: Try to isolate it first to failing invocation of smldap-useradd something add user script = debug_script %u wher debug_script is something like this: #!/bin/sh env /tmp/useradd.env strace -o /tmp/useradd.strace smbldap-useradd %u 1/tmp/useradd.1 2/tmp/useradd.2 Then you will be adle to experiment with failing command without need to do full net vampire run. -- vda Thanks for the answer! But thats not the problem. The smbldap-useradd work as expected if I run it from command line. If I do a net vampire I have to use smbldap-useradd without the -a flag. The samba account will be created by the net vampire command. So the problem comes from net vampire and not from smbldap-useradd (IMHO). PS: better will be: #!/bin/sh env /tmp/useradd.env strace -o /tmp/useradd.strace smbldap-useradd $1 1/tmp/useradd.$1.log 2/tmp/useradd.$1.err -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] strange error 1937
at the pdb_ldap.c and the error seems to be produced in the following lines: ret = ldapsam_modify_entry(my_methods,newpwd,dn,mods,ldap_op, element_is_set_or_changed); if (!NT_STATUS_IS_OK(ret)) { DEBUG(0,(ldapsam_add_sam_account: failed to modify/add user with uid = %s (dn = %s)\n, pdb_get_username(newpwd),dn)); ldap_mods_free(mods, True); return ret; } Can someone help me with this? thank you greetings mario gzuk -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba