[Samba] Problem with roaming profiles..

2003-01-22 Thread Michele Santucci 
I'm using samba 2.2.7 used as pdc.
After long time I finally managed it two work mostly but I still have two
problems pending:
1) if i put on a desktop of a user profile (I'm using roaming profiles)
a link to a net resource I'm unable to open again this profile (the system
tell me it's unable to use the remote profile etc.)
2) the Administrator user (that's mapped on root I hope) act as if it's
been mappend on guest...


bye by(t)e[S]...TuX!

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Domain / Server disappear from network neighbourhood

2002-11-20 Thread Michele Santucci 
Hello I attached my smb.conf as a reference but the problem is quite simple:

1) my server didn't show in the network neighbourhood
2) often the whole domain didn't show at all in the n.b. and if I try to
access it directly (i.e. typing the domain name) I got a strange error
(cannot find the network path)


P.S. Every single machine (server included) is viewable if referenced
directly (i.e. by typing \\machinename)



bye by(t)e[S]...TuX!


---
Questo messaggio è certificato Virus Free - AVG 6 Free Edition
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.419 / Virus Database: 235 - Release Date: 13/11/2002

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2002/11/19 12:56:50

# Global parameters
[global]
workgroup = CCGM
netbios name = CCGM-SERVER
netbios aliases = server-ccgm
server string = Samba Server %v
encrypt passwords = Yes
update encrypted = Yes
null passwords = Yes
pam password change = Yes
username map = /etc/samba/smbusers
unix password sync = Yes
admin log = Yes
log file = /var/log/samba/log.%m
max log size = 50
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = lpstat
domain admin group = @smb-admin
domain guest group = @users
add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine 
Account' -s /bin/false -M %u
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
dns proxy = No
wins support = Yes
guest account = guest
valid users = @smb-admin @ccgm @satyagra
admin users = @smb-admin
read list = @ccgm @satyagra
write list = @smb-admin
printer admin = @smb-admin
printing = cups

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr-cups -P %p -o raw %s -r   # using client side printer 
drivers.
browseable = No

[print$]
path = /var/lib/samba/printers
write list = @adm root

[pdf-generator]
comment = PDF Generator (only valid users)
path = /var/tmp
printable = Yes
print command = /usr/share/samba/scripts/print-pdf %s ~%u %L%u %m 
%I 

[ccgm-folder]
comment = CCGM Folder
path = /var/lib/samba/shares/ccgm-folder
valid users = @smb-admin @ccgm
admin users = @smb-admin @ccgm
read list = 
write list = @smb-admin @ccgm
read only = No

[satyagra-folder]
comment = Satya Gra Folder
path = /var/lib/samba/shares/satyagra-folder
valid users = @smb-admin @satyagra
admin users = @smb-admin @satyagra
read list = 
write list = @smb-admin @satyagra
read only = No

[public]
comment = Public Folder
path = /var/lib/samba/shares/public
valid users = @smb-admin @ccgm @satyagra @users
read list = @smb-admin @ccgm @satyagra @users
write list = @smb-admin @ccgm @satyagra @users
read only = No
create mask = 0777

[netlogon]
comment = Net Logon share
path = /var/lib/samba/netlogon
guest ok = Yes

Re: [Samba] PDC Problems

2002-11-20 Thread Michele Santucci 
I got the problem clear:
when i try to join the domain (as root) smb reports in the machine log
that guest is trying to do something and it fails authentication...

I partially fixed it mapping the guest user on root but this's not what
security manuals suggest ;-)

Hope someone can clarify me now...

   bye by(t)e[s]TuX!

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PDC Problems

2002-11-20 Thread Michele Santucci 
 Michele Santucci wrote:
  I got the problem clear:
  when i try to join the domain (as root) smb reports in the machine
log
  that guest is trying to do something and it fails authentication...

 You never mentioned that you couldn't join the domain. You should get a
 Welcome to the Domain Domain message if it worked. I now assume you
 didn't get one.

Not at all I got the Welcome to the domain CCGM but in the logs I got this:

[2002/11/20 19:57:44, 0] smbd/service.c:make_connection(381)
  make_connection: root logged in as admin user (root privileges)
[2002/11/20 19:57:44, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2050)
  Returning domain sid for domain CCGM -
S-1-5-21-739079523-194949929-328313008
3
[2002/11/20 19:57:46, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest
[2002/11/20 19:57:47, 2] smbd/service.c:make_connection(331)
  Invalid username/password for ipc$ [guest]
[2002/11/20 19:58:45, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest
[2002/11/20 19:58:45, 2] smbd/service.c:make_connection(331)
  Invalid username/password for ipc$ [guest]
[2002/11/20 19:59:46, 2] smbd/server.c:exit_server(461)
  Closing connections


All these lines comes during the domain joining of the workstation..

 Please remember, the more information you give about your problem, the
 easier it is for other people to help you.

Of course... that's the way I 'd attached the smb.conf file :-)
(this time I wrote it by hand with pico)

 $ smbclient -L server_name -U root

yep and I got this:
Domain=[CCGM] OS=[Unix] Server=[Samba 2.2.6]

Sharename  Type  Comment
-    ---
public Disk  Public Folder
ccgm   Disk  CCGM Folder
satyagra   Disk  Satya Gra Folder
IPC$   IPC   IPC Service (Samba Server 2.2.6)
ADMIN$ Disk  IPC Service (Samba Server 2.2.6)
root   Disk  Home Directories

Server   Comment
----
ARCHIVIO
CCGMSERVER   Samba Server 2.2.6
GFX
RECEPTION
SERVER-CCGM  Samba Server 2.2.6
VIDEO

WorkgroupMaster
----
CCGM CCGMSERVER
WORKGROUPGFX




smb.conf
Description: Binary data

Re: [Samba] PDC Problems 2

2002-11-20 Thread Michele Santucci 
BTW if I try to login after having 'sucessfully' joined the domain and
rebooted the system I got this:

Cannot login! The remote user doesn't exist and/or the password is invalid

(with every user registered onto the pdc)


P.S. I patched the workstation (W2K SP3) with the plainpassword.reg fix...


C.ya

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PDC Problems

2002-11-19 Thread Michele Santucci 
Ok this time I attached all the involved files.

I try to explain the incident from the very beginning:

I have a linux server (Mandrake Pro Suite 8.2 updated to the latest fixes
etc.)
I removed the supplied 2.2.3 samba distrib. and reinstalled the new 2.2.6
(mandrake 8.2 rpm taken from the binary distribution of samba.org), the
attached smb.conf show how I set it up to act as a PDC.
The domain must be CCGM and the server netbios name CCGM-SERVER
I just added an alias for backward compatibilities...
I created all the users (since we have two distinct kind of users I created
two
groups i.e. ccgm and satyagra) and 'passed' everyone to smbpasswd.
Now I have to join a W2K PRO SP3 workstation called 'video' to this domain,
it run just TCP/IP (no NETBeui neither IPX).
Before attempting to join the domain I set the workstation to act as a
standalone pc
 then rebooted it (I also restarted smbd  nmbd) I logged in as
administrator, then
I start the network ID configuration (I supplied root as the username (with
it's password)
VIDEO as the computer name and CCGM as the domain name), the procedure goes
on
haging a little just before the last step after that I found these lines on
log.video but the
w2k worstation at this time reported no errors:

   [2002/11/19 13:13:28, 0] smbd/password.c:authorise_login(863)
authorise_login: rejected invalid user guest

After joining the domain the network ID procedure wizard asked me to add a
local user
so I tried to import a domain account and I got these lines in the log.video
file:

[2002/11/19 13:47:03, 0] smbd/service.c:make_connection(381)
  make_connection: root logged in as admin user (root privileges)

[2002/11/19 13:47:08, 0] smbd/password.c:authorise_login(863)
authorise_login: rejected invalid user guest

This time the w2k workstation reported me the infamous error:
Cannot add user the trust relationship has failed

I really cannot understand what's going on...



   bye by(t)e[s]  TuX!



smbusers
Description: Binary data


smb.conf
Description: Binary data


log.nmbd
Description: Binary data


log.smbd
Description: Binary data


log.video
Description: Binary data


passwd
Description: Binary data


group
Description: Binary data


smbpasswd
Description: Binary data

[Samba] PDC Problems

2002-11-18 Thread Michele Santucci 
Hello,

That's what I got trying to join a Win2K workstation to my domain (managed
by a linux/samba server),
after I joined the domain the system refuse to logon/add any domain user
reporting a trust relationship failure...
1) All the clients are Windows 2000 sp3 machines (tcp + netbeui)
2) Linux server use a Mandrake 8.2 pro suite running samba 2.2.6

/etc/passwd

video$:x:504:421:Machine Account:/dev/null:/bin/false

/etc/samba/smbpasswd

video$:504:DD8EB67612E73F3842517E31664A1C6C:BC3911425DC8A72332F814FC212ABE91
:[W
 ]:LCT-3DD8E642:

^ seems like it created the machine account correctly



[root@server samba]# more log.video
[2002/11/18 14:08:17, 0] smbd/service.c:make_connection(381)
  make_connection: root logged in as admin user (root privileges)

As long as I add machine accounts it just show this

[2002/11/18 14:09:18, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest
[2002/11/18 14:10:30, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest

these lines appear after the procedure created the machine account and I try
to add a new local account (called michele) taking it from the domain.

[root@server samba]# more log.smbd
[2002/11/18 14:06:42, 0] smbd/server.c:main(707)
  smbd version 2.2.6 started.
  Copyright Andrew Tridgell and the Samba Team 1992-2002
[2002/11/18 14:07:42, 0] smbd/server.c:open_sockets(238)
  Got SIGHUP



This's my CONFIGURATION file ...

[root@server samba]# more /etc/samba/smb.conf
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2002/11/18 13:52:01

# Global parameters
[global]
workgroup = CCGM-DOM
netbios name = CCGM-SERVER
server string = Samba Server %v
encrypt passwords = Yes
update encrypted = Yes
null passwords = Yes
pam password change = Yes
username map = /etc/samba/smbusers
unix password sync = Yes
admin log = Yes
log file = /var/log/samba/log.%m
max log size = 50
time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
printcap name = lpstat
domain admin group = @smb-admin
domain guest group = @users
add user script = /usr/sbin/useradd -d /dev/null -g machines -c
'Machine Account' -s /bin/false -M %u
domain logons = Yes
os level = 64
preferred master = Yes
domain master = Yes
wins proxy = Yes
wins support = Yes
guest account = guest
valid users = @smb-admin @ccgm @satyagra
admin users = @smb-admin
read list = @ccgm @satyagra
write list = @smb-admin
printer admin = @smb-admin
printing = cups

[homes]
comment = Home Directories
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
guest ok = Yes
printable = Yes
print command = lpr-cups -P %p -o raw %s -r   # using client side
printer drivers.
browseable = No

[print$]
path = /var/lib/samba/printers
write list = @smb-admin




bye by(t)e[S]...TuX!


---
Questo messaggio è certificato Virus Free - AVG 6 Free Edition
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.419 / Virus Database: 235 - Release Date: 13/11/2002

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] PDC Problems (read this the first one is incomplete)

2002-11-01 Thread Michele Santucci 

 Sorry, I just want to clarify, does it fail when adding a computer
 account in the domain?

No... it fails after that... when the system ask to create a local profile
for a Domain user...
it happens with all the users, normal ones and admins...

  In the machine specific log file if found this:
 
  [2002/10/31 10:14:32, 0] smbd/password.c:authorise_login(863)
authorise_login: rejected invalid user guest
  [2002/10/31 10:14:32, 0] smbd/password.c:authorise_login(863)
authorise_login: rejected invalid user guest
 

 When you were trying to do what?

When I try to create a local profile for a Domain user...

  I already set the w2k workstations to send non encrypted password to
third
  parties smb server.
  I checked /etc/passwd, group and /etc/samba/smbpasswd file and they're
  correcly updated with machine and user accounts.
 

 You cannot join a windows 2000 machine to a domain if you have set it to
 use clear text passwords, and you smb.conf is set for encrypted passwords.

U're right it seemed strage to me too but I found notes about setting
encryption in the
smb.conf file in the samba PDC faq  howto and also hints about unsetting
the encryption
for third party PDCs in similar documentation... and anyway this fix another
problem:
when u try to add a Domain user in a local machine u can specify it manually
or u can browse it from the PDC... if don't enable the password encryption
for third parties server the user list browsing fails...

 Can you be more clear on exactly which procedure you are using?

About what?



bye by(t)e[S]...TuX!

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] PDC problems ....

2002-10-31 Thread Michele Santucci 
I've got a big problem with my PDC (Mandrake 8.2 with samba 2.2.5):
when I try to join the domain from a W2KPRO (sp3) workstation the procedure
goes on well until it require
to create a local account for a Domain user ... the system let me browse all
the user account on the
domain controller but when I try to add it reports this error:
The trust relationship between this workstation and the primary domain is
failed
(probably the english text is different but this should be the meaning since
I'm traslating it from italian).

I already set the w2k workstations to send non encrypted password to third
parties smb server.
I checked /etc/passwd, group and /etc/samba/smbpasswd file and they're
correcly updated with machine and user accounts.

Anyway these are smb.conf, group,passwd and smbpasswd interested rows:

---
SMB.CONF -

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2002/10/31 09:48:05

# Global parameters
[global]
 coding system =
 client code page = 850
 code page directory = /var/lib/samba/codepages
 workgroup = CCGM-DOM
 netbios name = SERVER-CCGM
 netbios aliases =
 netbios scope =
 server string = CCGM Samba Server
 interfaces = eth0
 bind interfaces only = No
 security = USER
 encrypt passwords = Yes
 update encrypted = No
 allow trusted domains = Yes
 hosts equiv =
 min passwd length = 5
 map to guest = Never
 null passwords = No
 obey pam restrictions = No
 password server =
 smb passwd file = /etc/samba/smbpasswd
 root directory =
 pam password change = No
 passwd program = /usr/bin/passwd
 passwd chat = *new*password* %n\n *new*password* %n\n *changed*
 passwd chat debug = No
 username map =
 password level = 0
 username level = 0
 unix password sync = Yes
 restrict anonymous = No
 lanman auth = Yes
 use rhosts = No
 admin log = No
 log level = 0
 syslog = 1
 syslog only = No
 log file = /var/log/samba/log.%m
 max log size = 50
 timestamp logs = Yes
 debug hires timestamp = No
 debug pid = No
 debug uid = No
 protocol = NT1
 large readwrite = No
 max protocol = NT1
 min protocol = CORE
 read bmpx = No
 read raw = Yes
 write raw = Yes
 nt smb support = Yes
 nt pipe support = Yes
 nt status support = Yes
 announce version = 4.5
 announce as = NT
 max mux = 50
 max xmit = 65535
 name resolve order = lmhosts host wins bcast
 max packet = 65535
 max ttl = 259200
 max wins ttl = 518400
 min wins ttl = 21600
 time server = No
 unix extensions = No
 change notify timeout = 60
 deadtime = 0
 getwd cache = Yes
 keepalive = 300
 lpq cache time = 10
 max smbd processes = 0
 max disk size = 0
 max open files = 1
 read size = 16384
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 stat cache size = 50
 use mmap = Yes
 total print jobs = 0
 load printers = Yes
 printcap name = lpstat
 disable spoolss = No
 enumports command =
 addprinter command =
 deleteprinter command =
 show add printer wizard = Yes
 os2 driver map =
 strip dot = No
 mangling method = hash
 character set =
 mangled stack = 50
 stat cache = Yes
 domain admin group = ccgm-admin
 domain guest group =
 machine password timeout = 604800
 # How can I encode the machine name in the -c param? ( -c 'Workstation %m')
 add user script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /bin/false %m$
 delete user script =
 logon script =
 logon path = \\%N\%U\profile
 logon drive =
 logon home = \\%N\%U
 domain logons = Yes
 os level = 65
 lm announce = Auto
 lm interval = 60
 preferred master = True
 local master = Yes
 domain master = True
 browse list = Yes
 enhanced browsing = Yes
 dns proxy = Yes
 wins proxy = Yes
 wins server =
 wins support = Yes
 wins hook =
 kernel oplocks = Yes
 lock spin count = 3
 lock spin time = 10
 oplock break wait time = 0
 add share command =
 change share command =
 delete share command =
 config file =
 preload =
 lock dir = /var/cache/samba
 pid directory = /var/run/samba
 utmp directory =
 wtmp directory =
 utmp = No
 default service =
 message command =
 dfree command =
 valid chars =
 remote announce =
 remote browse sync =
 socket address = 0.0.0.0
 homedir map = auto.home
 time offset = 0
 NIS homedir = No
 source environment =
 panic action =
 hide local users = No
 host msdfs = No
 winbind uid =
 winbind gid =
 template homedir = /home/%D/%U
 template shell = /bin/false
 winbind separator = \
 winbind cache time = 15
 winbind enum users = Yes
 winbind enum groups = Yes
 winbind use default domain = Yes
 comment =
 path =
 alternate permissions = No
 username = guest
 guest account = guest
 invalid users =
 valid users = ccgm-admin, ccgm, satya
 admin users = ccgm-admin
 read list =
 write list =
 printer admin =
 force user =
 force group =
 read only = Yes
 create mask = 0744
 force create mode = 00
 security mask = 0777
 force security mode = 00
 directory mask = 0755
 force directory mode = 00
 directory security mask = 0777
 force directory security mode = 00
 force

[Samba] PDC Problems (read this the first one is incomplete)

2002-10-31 Thread Michele Santucci 
Sorry but I've posted an incomplete message before that:

I've got a big problem with my PDC (Mandrake 8.2 with samba 2.2.5):
when I try to join the domain from a W2KPRO (sp3) workstation the procedure
goes on well until it require to create a local account for a Domain user
... the system let me browse all
the user account on the domain controller but when I try to add it reports
this error:
The trust relationship between this workstation and the primary domain is
failed (probably the english text is different but this should be the
meaning since
I'm traslating it from italian).

In the machine specific log file if found this:

[2002/10/31 10:14:32, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest
[2002/10/31 10:14:32, 0] smbd/password.c:authorise_login(863)
  authorise_login: rejected invalid user guest

I already set the w2k workstations to send non encrypted password to third
parties smb server.
I checked /etc/passwd, group and /etc/samba/smbpasswd file and they're
correcly updated with machine and user accounts.

Anyway these are smb.conf, group,passwd and smbpasswd interested rows:

---
SMB.CONF -


# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2002/10/31 10:15:15

# Global parameters
[global]
 coding system =
 client code page = 850
 code page directory = /var/lib/samba/codepages
 workgroup = CCGM-DOM
 netbios name = SERVER-CCGM
 netbios aliases =
 netbios scope =
 server string = CCGM Samba Server
 interfaces = eth0
 bind interfaces only = No
 security = USER
 encrypt passwords = Yes
 update encrypted = No
 allow trusted domains = Yes
 hosts equiv =
 min passwd length = 5
 map to guest = Never
 null passwords = No
 obey pam restrictions = No
 password server =
 smb passwd file = /etc/samba/smbpasswd
 root directory =
 pam password change = No
 passwd program = /usr/bin/passwd
 passwd chat = *new*password* %n\n *new*password* %n\n *changed*
 passwd chat debug = No
 username map =
 password level = 0
 username level = 0
 unix password sync = Yes
 restrict anonymous = No
 lanman auth = Yes
 use rhosts = No
 admin log = No
 log level = 0
 syslog = 1
 syslog only = No
 log file = /var/log/samba/log.%m
 max log size = 50
 timestamp logs = Yes
 debug hires timestamp = No
 debug pid = No
 debug uid = No
 protocol = NT1
 large readwrite = No
 max protocol = NT1
 min protocol = CORE
 read bmpx = No
 read raw = Yes
 write raw = Yes
 nt smb support = Yes
 nt pipe support = Yes
 nt status support = Yes
 announce version = 4.5
 announce as = NT
 max mux = 50
 max xmit = 65535
 name resolve order = lmhosts host wins bcast
 max packet = 65535
 max ttl = 259200
 max wins ttl = 518400
 min wins ttl = 21600
 time server = No
 unix extensions = No
 change notify timeout = 60
 deadtime = 0
 getwd cache = Yes
 keepalive = 300
 lpq cache time = 10
 max smbd processes = 0
 max disk size = 0
 max open files = 1
 read size = 16384
 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
 stat cache size = 50
 use mmap = Yes
 total print jobs = 0
 load printers = Yes
 printcap name = lpstat
 disable spoolss = No
 enumports command =
 addprinter command =
 deleteprinter command =
 show add printer wizard = Yes
 os2 driver map =
 strip dot = No
 mangling method = hash
 character set =
 mangled stack = 50
 stat cache = Yes
 domain admin group = ccgm-admin
 domain guest group = guest
 machine password timeout = 604800
 add user script = /usr/sbin/adduser -n -g machines -c Machine -d
/dev/null -s /bin/false %m$
 delete user script =
 logon script =
 logon path = \\%N\%U\profile
 logon drive =
 logon home = \\%N\%U
 domain logons = Yes
 os level = 65
 lm announce = Auto
 lm interval = 60
 preferred master = True
 local master = Yes
 domain master = True
 browse list = Yes
 enhanced browsing = Yes
 dns proxy = Yes
 wins proxy = Yes
 wins server =
 wins support = Yes
 wins hook =
 kernel oplocks = Yes
 lock spin count = 3
 lock spin time = 10
 oplock break wait time = 0
 add share command =
 change share command =
 delete share command =
 config file =
 preload =
 lock dir = /var/cache/samba
 pid directory = /var/run/samba
 utmp directory =
 wtmp directory =
 utmp = No
 default service =
 message command =
 dfree command =
 valid chars =
 remote announce =
 remote browse sync =
 socket address = 0.0.0.0
 homedir map = auto.home
 time offset = 0
 NIS homedir = No
 source environment =
 panic action =
 hide local users = No
 host msdfs = No
 winbind uid =
 winbind gid =
 template homedir = /home/%D/%U
 template shell = /bin/false
 winbind separator = \
 winbind cache time = 15
 winbind enum users = Yes
 winbind enum groups = Yes
 winbind use default domain = Yes
 comment =
 path =
 alternate permissions = No
 username =
 guest account = guest
 invalid users =
 valid users = ccgm-admin, ccgm, satya
 admin users = ccgm-admin
 read list =
 write list =
 printer admin =
 force user =

Re: [Samba] PDC Problems (read this the first one is incomplete)

2002-10-31 Thread Michele Santucci 
  The trust relationship between this workstation and the primary domain
is
  failed (probably the english text is different but this should be the
  meaning since
  I'm traslating it from italian).
 
   security = USER
   add user script = /usr/sbin/adduser -n -g machines -c Machine -d
  /dev/null -s /bin/false %m$

 According to the smb.conf man page security has to be DOMAIN or SERVER
 to use the add user script option.

I don't know what man page u're reading but mine says that the only security
option not useable for the adduser script is 'SHARE'
anyway the 'USER' option is compulsory since I have got to set the samba
server to act as a PDC.

Anyone else listening 



c'ya ... TUX

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Again problems with PDC

2002-10-29 Thread Michele Santucci 



Ok I probably found the first problem with my 
system:
Iwas using a domain name identical to the 
workgroup alreadyset onthe clients.
I changed it and anything seems to work better 
infact I can now join the domain and the machine account it's 
created...
BUT when the system ask me to create a new machine 
user the system give me this error:
"cannot create user account since trust 
relationship with the PDC cannot be verified" 
or something of this kind since I'm translating it 
from italian

WHAT'S THAT 
?

P.P.S. I'm using samba 2.2.6 on a Mandrake Linux 
8.2, I have got 6 clients using W2KSP3

P.S. The ccgm, ccgm-admin, satya, machine  
guest groups are already set in the system groups file and all the 
user
(including Administrator and root are correctly set 
in the smbpasswd)

BTW that's my smb.conf file:

# Samba config file created using SWAT# from 0.0.0.0 (0.0.0.0)# 
Date: 2002/10/29 14:39:43# Global parameters[global]	coding 
system = 	client code page = 850	code page directory = 
/var/lib/samba/codepages	workgroup = CCGM-DOM	netbios name = 
SERVER-CCGM	netbios aliases = 	netbios scope = 	server string = CCGM 
Samba Server	interfaces = eth0	bind interfaces only = No	security = 
USER	encrypt passwords = Yes	update encrypted = No	allow trusted 
domains = Yes	hosts equiv = 	min passwd length = 5	map to guest = 
Never	null passwords = No	obey pam restrictions = No	password server 
= 	smb passwd file = /etc/samba/smbpasswd	root directory = 	pam 
password change = No	passwd program = /usr/bin/passwd	passwd chat = 
*new*password* %n\n *new*password* %n\n *changed*	passwd chat debug = 
No	username map = 	password level = 0	username level = 0	unix 
password sync = Yes	restrict anonymous = No	lanman auth = Yes	use 
rhosts = No	admin log = No	log level = 0	syslog = 1	syslog only 
= No	log file = /var/log/samba/log.%m	max log size = 50	timestamp 
logs = Yes	debug hires timestamp = No	debug pid = No	debug uid = 
No	protocol = NT1	large readwrite = No	max protocol = NT1	min 
protocol = CORE	read bmpx = No	read raw = Yes	write raw = Yes	nt 
smb support = Yes	nt pipe support = Yes	nt status support = 
Yes	announce version = 4.5	announce as = NT	max mux = 50	max 
xmit = 65535	name resolve order = lmhosts host wins bcast	max packet = 
65535	max ttl = 259200	max wins ttl = 518400	min wins ttl = 
21600	time server = No	unix extensions = No	change notify timeout = 
60	deadtime = 0	getwd cache = Yes	keepalive = 300	lpq cache time 
= 10	max smbd processes = 0	max disk size = 0	max open files = 
1	read size = 16384	socket options = TCP_NODELAY SO_RCVBUF=8192 
SO_SNDBUF=8192	stat cache size = 50	use mmap = Yes	total print jobs 
= 0	load printers = Yes	printcap name = lpstat	disable spoolss = 
No	enumports command = 	addprinter command = 	deleteprinter command 
= 	show add printer wizard = Yes	os2 driver map = 	strip dot = 
No	mangling method = hash	character set = 	mangled stack = 
50	stat cache = Yes	domain admin group = @ccgm-admin	domain guest 
group = 	machine password timeout = 604800	add user script = 
/usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false 
%m$	delete user script = 	logon script = 	logon path = 
\\%N\%U\profile	logon drive = 	logon home = \\%N\%U	domain logons = 
Yes	os level = 65	lm announce = Auto	lm interval = 60	preferred 
master = True	local master = Yes	domain master = True	browse list = 
Yes	enhanced browsing = Yes	dns proxy = Yes	wins proxy = 
Yes	wins server = 	wins support = Yes	wins hook = 	kernel 
oplocks = Yes	lock spin count = 3	lock spin time = 10	oplock break 
wait time = 0	add share command = 	change share command = 	delete 
share command = 	config file = 	preload = 	lock dir = 
/var/cache/samba	pid directory = /var/run/samba	utmp directory = 
	wtmp directory = 	utmp = No	default service = 	message command 
= 	dfree command = 	valid chars = 	remote announce = 	remote 
browse sync = 	socket address = 0.0.0.0	homedir map = auto.home	time 
offset = 0	NIS homedir = No	source environment = 	panic action = 
"	hide local users = No	host msdfs = No	winbind uid = 	winbind 
gid = 	template homedir = /home/%D/%U	template shell = 
/bin/false	winbind separator = \	winbind cache time = 15	winbind 
enum users = Yes	winbind enum groups = Yes	winbind use default domain = 
Yes	comment = 	path = 	alternate permissions = No	username = 
guest	guest account = guest	invalid users = 	valid users = 
@ccgm-admin, @ccgm, @satya	admin users = @ccgm-admin	read list = 
	write list = 	printer admin = 	force user = 	force group = 
	read only = Yes	create mask = 0744	force create mode = 
00	security mask = 0777	force security mode = 00	directory mask = 
0755	force directory mode = 00	directory security mask = 0777	force 
directory security mode = 00	force unknown acl user = 00	inherit 
permissions = No	inherit acls = No	guest only = No	guest ok = 
No	only user = No	hosts allow = 	hosts deny = 	status = 
Yes	nt acl support = Yes	block size = 1024	max connections = 
0	min print