Re: [Samba] Setting password expiration policy
On 18/06/2013 12:07, Thomas Harold wrote: On 5/13/2013 11:23 AM, Gerry Reno wrote: Can I use samba-tool to globally set passwords to never expire like this: /usr/local/samba/bin/samba-tool domain passwordsettings set --max-pwd-age=0 Or do I have to set max age to some positive value and set expiration in ADUC when creating each user as "Password never expires"? My assumption would be that since the allowed range is only 0-999 for that argument that a value of zero would be "don't expire". But I'm also curious as the Samba4 wiki doesn't have much to say on the subject. A value of zero does indeed cause a password to never expire. You can use ADUC from a windows PC to confirm. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Group Policy Linux Machines
On 01/02/2013 18:52, Michael Ray wrote: Hey all- So linux machines in my domain, served by a Samba4 PDC, show up in the Administrative Tools. I was testing GP to see if it would apply to linux machines -- a basic one, just trying to deny a user from logging in. It does nothing; though from samba-tool, I can verify this policy is linked to the machine. Is it just that GP is designed for Windows machines such that they will have no effect on linux machines? Yes. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: correction - Frustrated with "there are currently no logon servers available"
On 01/02/2013 15:59, Morgan Toal wrote: On 2/1/2013 8:54 AM, Morgan Toal wrote: OK I feel even dumber now... I pasted the wrong text into my email due to my frustration level. The error is: "there are currently no logon servers available" as opposed to: "the network name is no longer available" That error has always meant to me that the client in question has somehow become unjoined (for all intents and purposes). That is, it's SID no longer matches that held by the PDC. Have you tried unjoining the domain, ensuring the client record has actually been removed and rejoining? -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] DNS updates working Windows only
On 12/01/2013 19:36, Robert Moggach wrote: I'm using BIND9_FLATFILE and able to join windows machines and have DNS updates working but Linux machines join with DNS update errors. Is there additional configuration necessary on Linux for the machines' NICs to be seen as valid? As far as I'm aware this has always been the case with Samba 4 (and cetainly in my experience), Linux clients aren't catered for in this respect. There are vey many posts on this subject on this list and over on samba-technical. The workaround is to use a script, usually in association with your dhcpd to accomplish the update. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Can we use two file-servers?
On 26/06/2012 11:22, steve wrote: On 26/06/12 11:54, Mike Howard wrote: On 26/06/2012 09:04, steve wrote: Hi We've just added a second DC to our domain, both DCs are Samba4 DC1 is also the s3fs file server. If that goes down then so does the file-server. IOW, we can still authenticate via DC2 but we cannot do any work! What are my options here? Is it possible to sync the files to DC2 and use that in case of failure? Or maybe add a third box running smbd? Cheers, Steve It depends on your needs. For me, I use a couple of arm plugs as PDC & BDC for authentiaction and dns etc and file serve files from elsewhere, also plugs. Where ever you serve files from, if that box goes down you lose your data/file serving capability. You can use (software or hardware) raid to provide redundancy for the disks and/or a complete backup device for full HA. Hi Mike Sorry, my English is over 30 years old! Can you give me a one liner on plugs and HA in a S4 context? We'd like to have a spare box with a backup of the data to substitute the DC/fileserver. What do you think about the possibility of syncing the data over to the secondary DC along with a copy of smb.conf and using that when the primary DC/fileserver goes down. Would the clients know to use the new fileserver: thinking about Kerberos here. Cheers Steve Sorry, by plug I meant Sheevaplug/Dreamplug/Guruplug which arem compact, low power arm devices. HA is High Availability, put (over) simply, the provision of backup devices/components in case of failure. Daniel mentioned in another reply, you can use GlusterFS (NAS type approach) to aggregate your data (you still need somewhere to aggregate it to though) or replication if your restricted to the two DCs, though I've never tried that approach. In either case the switch (of where data is accessed) should be automated from a client perspective. Cheers, -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 Can we use two file-servers?
On 26/06/2012 09:04, steve wrote: Hi We've just added a second DC to our domain, both DCs are Samba4 DC1 is also the s3fs file server. If that goes down then so does the file-server. IOW, we can still authenticate via DC2 but we cannot do any work! What are my options here? Is it possible to sync the files to DC2 and use that in case of failure? Or maybe add a third box running smbd? Cheers, Steve It depends on your needs. For me, I use a couple of arm plugs as PDC & BDC for authentiaction and dns etc and file serve files from elsewhere, also plugs. Where ever you serve files from, if that box goes down you lose your data/file serving capability. You can use (software or hardware) raid to provide redundancy for the disks and/or a complete backup device for full HA. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DC replication
On 26/06/2012 08:56, steve wrote: Hi We have just added a second DC to our existing domain. Replication is working fine. We have setup the second DC with bind DLZ and that too is working fine (except that the DNS partition is not replicated). So, we now have two DC's and so also two DNS servers. Question, Do I now have to go to every client and add the new IP for the new DNS? Cheers, Steve Just add the extra address to 'option domain-name-servers' in your dhcpd.conf file (comma separated list), unless of course all your clients are statically assigned. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cross-compile samba4
On 28/05/2012 23:07, Andrew Bartlett wrote: Great news! I'm pretty sure you are the first person to have cross-compiled Samba4, or if not, the first person to have done it in a long time. (The ability was there, but you know the difference between theory and practice). Could you write up in the wiki what you needed to do, and if there are any small changes we could make to the build system to make it easier next time? Andrew Bartlett Sure, I can do that. I assume I just need to create an account? Cheers, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cross-compile samba4
On 18/05/2012 08:54, Kai Blin wrote: On 2012-05-18 09:45, Mike Howard wrote: Hi Mike, I have compiled natively on the dreamplug and it did take ~2hrs. In the past I've usually had to compile numerous times and time is money as they say :), so compiling on my desktop, at just under 5mins, would be a boon. The Archlinux|ARM folks have a guide on using distcc cross-compiling guide on their website, http://archlinuxarm.org/developers/distcc-cross-compiling I haven't tried this myself yet, but it should be adaptable to your set-up and allow you to launch ARM builds that are distributed to your desktop machine. Hello again Kai, As previously mentioned, distcc turned out not to be of any improvement over my initial cross compile attempts. I also tried qemu which wasn't much of an improvement over compiling natively on my ARM device. I have eventually succeeded in cross compiling on my x86_64 desktop and although it's not as fast as a 5 minute native compile, I'll settle for 14 minutes as opposed to over 2 hours. Thanks for the input. Cheers, Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 4 Re-provisioning
What's best practice when it comes to changing a samba4 provision, without screwing current domain objects (users, computers, policy etc)? If, for example, I wanted to change the DNS from internal to external bind9, is it just a case of re-running 'provision' with the different command line option or will that mangle the domain sid etc? Cheers, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS - Adding CNAME
On 21/05/2012 20:38, Charles Tryon wrote: I have been working on this too, and found that I needed to add the FQDN as the target of the CNAME. This is what appears to be happening... When I just put in the name, for example: samba-tool dns add dnsserver mydomain.org <http://mydomain.org> newname CNAME realname ...and I use the Windows DNS tool to look at the record in the mydomain.org <http://mydomain.org> zone, it maps "newname" to "realname." <--- NOTICE the "dot" at the end. In DNS parlance, that dot usually means, "don't add anything after this." So, when DNS is trying to resolve the actual IP, it tries to look up "realname" with no domain, and eventually times out. If you change this to: samba-tool dns add dnsserver mydomain.org <http://mydomain.org> newname CNAME realname.mydomain.org <http://realname.mydomain.org> ... then doing a "dig" or "ping" or whatever seems to work correctly. I may be doing this wrong, but at least this is how I got it to work. On Sat, May 19, 2012 at 6:57 AM, Mike Howard mailto:m...@dewberryfields.co.uk>> wrote: On 19/05/2012 11:12, Michael Wood wrote: So, the question is; What am I doing wrong? I haven't tried the above myself, but it seems you are adding it the wrong way around. i.e. it looks like you are saying that the canonical name of "centos" is "debian" instead of what you want (i.e. that the canonical name of "debian" is "centos".) i.e. it looks like you now have this situation: centos IN A 192.168.1.11 centos IN CNAME debian Yes, I did wonder about that and did try it the other way around. That resulted in a new record as follows; Name=debian, Records=1, Children=0 CNAME: centos. (flags=f0, serial=21, ttl=900) But it still doesn't resolve. OK, then try specifying the FQDN for "centos" when you add the CNAME record. From the output above it looks like it's adding a CNAME to "centos." instead of "centos.example.com <http://centos.example.com>". Also try: dig @192.168.1.254 <http://192.168.1.254> debian.example.com <http://debian.example.com>. IN CNAME If everything is set up correctly you should get something like this: [...] ;; QUESTION SECTION: ;debian.example.com <http://debian.example.com>.IN CNAME ;; ANSWER SECTION: debian.example.com <http://debian.example.com>. 3600IN CNAME centos.example.com <http://centos.example.com>. [...] Ok, I used; samba-tool dns add 127.0.0.1 example.com <http://example.com> debian CNAME centos.example.com <http://centos.example.com> a query now returns; Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) Name=debian, Records=1, Children=0 CNAME: centos.example.com <http://centos.example.com>. (flags=f0, serial=23, ttl=900) and 'dig @192.168.1.254 <http://192.168.1.254> debian.example.com <http://debian.example.com>. IN CNAME' returns; [...] ;; QUESTION SECTION: ;debian.example.com <http://debian.example.com>. IN CNAME ;; ANSWER SECTION: debian.example.com <http://debian.example.com>. 900 IN CNAME centos.example.com <http://centos.example.com>. [...] However, neither 'debian' nor 'debian.example.com <http://debian.example.com>' resolve to an IP, yet the output from dig implies the entry is correct? Of course, 'centos' does resolve. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Charles Tryon _ “Risks are not to be evaluated in terms of the probability of success, but in terms of the value of the goal.” - Ralph D. Winter Well I too got dig, on the server, to produce the correct output but the hostname (either short or fully qualified) would not resolve to an ip address from _any_ clients. I'm using the internal dns server by the way. As I mentioned, I bodged it by just adding would be CNAME entries as A records. Not orthodox but it works for now. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cross-compile samba4
On 18/05/2012 08:15, Kai Blin wrote: On 2012-05-17 14:06, Andrew Bartlett wrote: Hi Mike, I've CC'ed Kai, who is our expert on Samba4 on ARM. Hopefully he can help you out. I have to admit that so far I've resorted to building natively on the ARM hardware I run things on. You need a target Python version in your path, and cross-compiling Python has so far been a stumbling block for me. The dreamplug is a Kirkwood-based ARMv5, right? With a reasonably fast disk, I can build on similar hardware in ~2 hours, iirc. Make sure you have enough RAM, the build takes> 128 megs. HTH, Kai Hi Kai, I thought I'd give the cross-compile route a further try. To that end, I've a cross-compiled python and so have it available to put in my path. However, If I put the 'arm' version at the head of my path, configure fails immediately as it tries to use it and if I put it at the tail of my path, then during the configure process, configure finds the native python and tries to use it, which fails. Is/are there any configure options to specify which python to use and when? I guess not. The configure doesn't want to play nice with distcc either, again due to the python issue I guess. Regards, Mike. -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS - Adding CNAME
On 19/05/2012 11:57, Mike Howard wrote: On 19/05/2012 11:12, Michael Wood wrote: So, the question is; What am I doing wrong? I haven't tried the above myself, but it seems you are adding it the wrong way around. i.e. it looks like you are saying that the canonical name of "centos" is "debian" instead of what you want (i.e. that the canonical name of "debian" is "centos".) i.e. it looks like you now have this situation: centos IN A 192.168.1.11 centos IN CNAME debian Yes, I did wonder about that and did try it the other way around. That resulted in a new record as follows; Name=debian, Records=1, Children=0 CNAME: centos. (flags=f0, serial=21, ttl=900) But it still doesn't resolve. OK, then try specifying the FQDN for "centos" when you add the CNAME record. From the output above it looks like it's adding a CNAME to "centos." instead of "centos.example.com". Also try: dig @192.168.1.254 debian.example.com. IN CNAME If everything is set up correctly you should get something like this: [...] ;; QUESTION SECTION: ;debian.example.com.INCNAME ;; ANSWER SECTION: debian.example.com.3600INCNAMEcentos.example.com. [...] Ok, I used; samba-tool dns add 127.0.0.1 example.com debian CNAME centos.example.com a query now returns; Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) Name=debian, Records=1, Children=0 CNAME: centos.example.com. (flags=f0, serial=23, ttl=900) and 'dig @192.168.1.254 debian.example.com. IN CNAME' returns; [...] ;; QUESTION SECTION: ;debian.example.com. IN CNAME ;; ANSWER SECTION: debian.example.com. 900 IN CNAME centos.example.com. [...] However, neither 'debian' nor 'debian.example.com' resolve to an IP, yet the output from dig implies the entry is correct? Of course, 'centos' does resolve. I guess I could 'bodge' it and add intended CNAMEs as A records :) A workaround at least. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS - Adding CNAME
On 19/05/2012 11:12, Michael Wood wrote: So, the question is; What am I doing wrong? I haven't tried the above myself, but it seems you are adding it the wrong way around. i.e. it looks like you are saying that the canonical name of "centos" is "debian" instead of what you want (i.e. that the canonical name of "debian" is "centos".) i.e. it looks like you now have this situation: centos IN A 192.168.1.11 centos IN CNAME debian Yes, I did wonder about that and did try it the other way around. That resulted in a new record as follows; Name=debian, Records=1, Children=0 CNAME: centos. (flags=f0, serial=21, ttl=900) But it still doesn't resolve. OK, then try specifying the FQDN for "centos" when you add the CNAME record. From the output above it looks like it's adding a CNAME to "centos." instead of "centos.example.com". Also try: dig @192.168.1.254 debian.example.com. IN CNAME If everything is set up correctly you should get something like this: [...] ;; QUESTION SECTION: ;debian.example.com.IN CNAME ;; ANSWER SECTION: debian.example.com. 3600IN CNAME centos.example.com. [...] Ok, I used; samba-tool dns add 127.0.0.1 example.com debian CNAME centos.example.com a query now returns; Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) Name=debian, Records=1, Children=0 CNAME: centos.example.com. (flags=f0, serial=23, ttl=900) and 'dig @192.168.1.254 debian.example.com. IN CNAME' returns; [...] ;; QUESTION SECTION: ;debian.example.com. IN CNAME ;; ANSWER SECTION: debian.example.com. 900 IN CNAME centos.example.com. [...] However, neither 'debian' nor 'debian.example.com' resolve to an IP, yet the output from dig implies the entry is correct? Of course, 'centos' does resolve. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS - Adding CNAME
On 19/05/2012 10:41, Michael Wood wrote: Hi On 19 May 2012 11:34, Mike Howard wrote: Hi All, I'm using samba 4.0.0alpha21-GIT-UNKNOWN provisioned to use the internal dns server. I'm having a bit of trouble adding a CNAME entry, or more correctly, getting it to resolve after adding. Prior to adding the CNAME a query returns (the relevant record); Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) It's more than likely me doing something wrong, I really am poking around in the dark a bit with samba-tool, so maybe somebody could help me out. I've added a CNAME entry using samba-tool as follows; samba-tool dns add 127.0.0.1 mydomain centos CNAME debian where is the zone, is the name of a current A record (see above) and is the CNAME I want added. A query no returns (the relevant record); Name=centos, Records=2, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) CNAME: debian. (flags=f0, serial=19, ttl=900) On the face of it, to a layman like myself, the entry is added successfully (as per samba-tools output - Record added successfully), however, am 'nslookup' returns; # nslookup debian Server: 192.168.1.254 Address:192.168.1.254#53 Non-authoritative answer: *** Can't find debian: No answer So, the question is; What am I doing wrong? I haven't tried the above myself, but it seems you are adding it the wrong way around. i.e. it looks like you are saying that the canonical name of "centos" is "debian" instead of what you want (i.e. that the canonical name of "debian" is "centos".) i.e. it looks like you now have this situation: centos IN A 192.168.1.11 centos IN CNAME debian Yes, I did wonder about that and did try it the other way around. That resulted in a new record as follows; Name=debian, Records=1, Children=0 CNAME: centos. (flags=f0, serial=21, ttl=900) But it still doesn't resolve. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 DNS - Adding CNAME
On 19/05/2012 10:34, Mike Howard wrote: Hi All, I'm using samba 4.0.0alpha21-GIT-UNKNOWN provisioned to use the internal dns server. I'm having a bit of trouble adding a CNAME entry, or more correctly, getting it to resolve after adding. Prior to adding the CNAME a query returns (the relevant record); Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) It's more than likely me doing something wrong, I really am poking around in the dark a bit with samba-tool, so maybe somebody could help me out. I've added a CNAME entry using samba-tool as follows; samba-tool dns add 127.0.0.1 mydomain centos CNAME debian where is the zone, is the name of a current A record (see above) and is the CNAME I want added. A query no returns (the relevant record); Should have read "A query now returns (the relevant record);" Name=centos, Records=2, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) CNAME: debian. (flags=f0, serial=19, ttl=900) On the face of it, to a layman like myself, the entry is added successfully (as per samba-tools output - Record added successfully), however, am 'nslookup' returns; Should have read "an 'nslookup' returns;" # nslookup debian Server: 192.168.1.254 Address:192.168.1.254#53 Non-authoritative answer: *** Can't find debian: No answer So, the question is; What am I doing wrong? Apart from my inability to type! Cheers, MIke. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 DNS - Adding CNAME
Hi All, I'm using samba 4.0.0alpha21-GIT-UNKNOWN provisioned to use the internal dns server. I'm having a bit of trouble adding a CNAME entry, or more correctly, getting it to resolve after adding. Prior to adding the CNAME a query returns (the relevant record); Name=centos, Records=1, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) It's more than likely me doing something wrong, I really am poking around in the dark a bit with samba-tool, so maybe somebody could help me out. I've added a CNAME entry using samba-tool as follows; samba-tool dns add 127.0.0.1 mydomain centos CNAME debian where is the zone, is the name of a current A record (see above) and is the CNAME I want added. A query no returns (the relevant record); Name=centos, Records=2, Children=0 A: 192.168.1.11 (flags=f0, serial=2, ttl=900) CNAME: debian. (flags=f0, serial=19, ttl=900) On the face of it, to a layman like myself, the entry is added successfully (as per samba-tools output - Record added successfully), however, am 'nslookup' returns; # nslookup debian Server: 192.168.1.254 Address:192.168.1.254#53 Non-authoritative answer: *** Can't find debian: No answer So, the question is; What am I doing wrong? Cheers, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] cross-compile samba4
On 18/05/2012 08:15, Kai Blin wrote: On 2012-05-17 14:06, Andrew Bartlett wrote: Hi Mike, I've CC'ed Kai, who is our expert on Samba4 on ARM. Hopefully he can help you out. I have to admit that so far I've resorted to building natively on the ARM hardware I run things on. You need a target Python version in your path, and cross-compiling Python has so far been a stumbling block for me. The dreamplug is a Kirkwood-based ARMv5, right? With a reasonably fast disk, I can build on similar hardware in ~2 hours, iirc. Make sure you have enough RAM, the build takes> 128 megs. HTH, Kai Thanks guys, that's very helpful. I have compiled natively on the dreamplug and it did take ~2hrs. In the past I've usually had to compile numerous times and time is money as they say :), so compiling on my desktop, at just under 5mins, would be a boon. Cheers, Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] cross-compile samba4
Hi All, Are there any good, up-to-date hints out there for cross compiling Samba4 for Arm? I've looked at http://wiki.samba.org/index.php/Waf#cross-compiling but the info is a little dated it appears. I'm looking to build for the dreamplug and based on the info on the wiki I've installed qemu and an arm toolchain but 'cross-execute' appears to be ignored. At least that's what it looks like to me. The 'config' step fails complaining it can't find the python libraries but I suspect the process is failing to run the created arm code. Of course I could be way off of base with my assumtions. Maybe I'd be better off not using waf? Either way, any hints on cross-compiling samba4 greatly appreciated. Cheers, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Offline Caching
On 06/02/2012 06:43, Volker Lendecke wrote: On Sun, Feb 05, 2012 at 10:47:49AM -0500, Charles Marcus wrote: On 2012-02-04 10:33 AM, Volker Lendecke wrote: On Sat, Feb 04, 2012 at 02:54:13PM, Mike Howard wrote: I'm sure this has been asked before but I can't find anything recent. Using Samba4 and windows clients, the client logs include lots off 'windows has detected that offline caching is enabled on the roaming profile share...' messages. Is this an issue and if so, how do I sort it? I've found references to 'csc policy = disable' but this is not recognised in samba4 smb.conf. Probably someone needs to take the time to port this feature from the Samba3 based fileserver to the Samba4 based one. Patches welcome:-) Confused on both the question and answer... Is the question 'How do I enable offline caching for shares in Samba4', or 'how do I *disable* offline caching for a specific share in samba4'? My answer was in response to the "csc policy" parameter. The samba3 based file server has it, but it seems the samba4 based one does not. So if you require the samba4 based file server for some reason, someone needs to port this feature to the samba4 based file server to fulfill your requirements. So the info on the Samba4/Howto page about profiles is misleading then? Do the roaming profiles need to stored on a different, samba3 box, leaving the Samab4 box to to AD stuff only? The profiles area is still a share being served and if caching isn't disabled, is subject to corruption according to MS. If that is the case, then a 'Franky' like setup, with both 3 & 4 on the same box would make sense (at least to me). Is that viable? Cheers. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Offline Caching
On 05/02/2012 15:47, Charles Marcus wrote: On 2012-02-04 10:33 AM, Volker Lendecke wrote: On Sat, Feb 04, 2012 at 02:54:13PM, Mike Howard wrote: I'm sure this has been asked before but I can't find anything recent. Using Samba4 and windows clients, the client logs include lots off 'windows has detected that offline caching is enabled on the roaming profile share...' messages. Is this an issue and if so, how do I sort it? I've found references to 'csc policy = disable' but this is not recognised in samba4 smb.conf. Probably someone needs to take the time to port this feature from the Samba3 based fileserver to the Samba4 based one. Patches welcome:-) Confused on both the question and answer... Is the question 'How do I enable offline caching for shares in Samba4', or 'how do I *disable* offline caching for a specific share in samba4'? Then, Volker, which one of these questions does your answer pertain to? Meaning, does Samba4 *not* have an option to 'disable offline caching' for specific shares? That said, Microsoft requires that offline caching be disabled on the roaming profiles share for Windows XP/2000 clients. Thankfully they have solved this problem with Vista/7 clients, and using Roaming Profiles + Redirected Folders (which is now recommended best practice) works much better, in fact pretty much seamlessly, even in cases where lots of 'disconnected' users (ie, laptops that come and go) exist... The question was 'how do I _disable_ offline caching' and no, there does not appear to be a way to do this in Samba4. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Offline Caching
Hi All, I'm sure this has been asked before but I can't find anything recent. Using Samba4 and windows clients, the client logs include lots off 'windows has detected that offline caching is enabled on the roaming profile share...' messages. Is this an issue and if so, how do I sort it? I've found references to 'csc policy = disable' but this is not recognised in samba4 smb.conf. Cheers, Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 user add - memberOf
On 27/01/2012 11:15, Daniel Müller wrote: Look at: https://wiki.samba.org/index.php/Samba-tool-external --- Hi All, After adding a new user, using 'samba-tool user add', what would be the best way to make the new user a 'memberOf' a specific group, from the command line/script? I was thinking, the obvious way would be the ldb* tools, are they documented anywhere? Regards, Mike. Thanks for the link. I have now worked it out and ldbmodify has done the trick. Regards, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 user add - memberOf
Hi All, After adding a new user, using 'samba-tool user add', what would be the best way to make the new user a 'memberOf' a specific group, from the command line/script? I was thinking, the obvious way would be the ldb* tools, are they documented anywhere? Regards, Mike. -- Any question is easy if you know the answer! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] DNS update failed! - Samba 3 joining Samba 4 AD Domain
Hi All, I've got samba4 set up as AD domain controller (from latest git), works fine. I'm now attemptng to use a separate samba 3 box as the file server (as I'm assuming this is current best practice?) but when joining the domain (which succeeds) I get the message 'DNS update failed!'. I've seen a lot of issues with this whilst trawling the net but no solutions. Windows clients can join the domain, it's only samba3 clients that can't. I haven't done anything special on the S3 clients (as I didn't need to with the windows clients) but maybe I need to? Anyway, if anybody has any ideas I'd be grateful. Mike -- *//* This email is intended solely for the addressee, it is strictly private and confidential and may also be legally privileged. If you are not the addressee please do not read, print, email, store or act in reliance upon it or on any attachments. Instead, please email it back to the sender and then permanently delete it.-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: DNS update failed! - Samba 3 joining Samba 4 AD Domain
On 24/12/2011 10:21, David Roid wrote: Add following line to /etc/hosts . Er, why would I want to do that? I'm using DHCP so if I have numerous linux clients that would be a royal pain. Can't try right now but are you saying that if I add a client to the hosts file on the samba4 server it will update DNS? Regards, -- Michael Howardmike at dewberryfields dot co dot uk Lancashire England -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: DNS update failed! - Samba 3 joining Samba 4 AD Domain
Hi All, I've got samba4 set up as AD domain controller (from latest git), works fine. I'm now attempting to use a separate samba3 box as the file server (as I'm assuming this is current best practice?) but when joining the domain (which succeeds) I get the message 'DNS update failed!'. I've seen a lot of issues with this whilst trawling the net but no solutions. Windows clients can join the domain and have DNS updated, it's only samba3 clients that can't. I haven't done anything special on the S3 clients (as I didn't need to with the windows clients) but maybe I need to? Anyway, if anybody has any ideas I'd be grateful. Mike. -- Michael Howardmike at dewberryfields dot co dot uk Lancashire England -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 - Cannot get quick test to succeed
On 10/07/2011 09:32, Andrew Bartlett wrote: On Sun, 2011-07-10 at 08:55 +0100, Mike Howard wrote: Hi All, I'm currently using/testing samba-4.0.0alpha15. I downloaded the tar ball, followed the Samba4 HOWTO wiki at http://wiki.samba.org/index.php/Samba4/HOWTO and got stuff working pretty well. I have experienced issues with GPOs and such and dynamic dns and so thought I'd try the current version but I cannot now get samba4 to pass quicktest (or any other test). In need your config.h and smbd -b output, so I can disable the running of certain tests on systems without some of the libraries Samba3 requires for 'ADS' support (which is what the s3member tests test - the 'Samba3' binaries in an AD domain provided by Samba4). Hi Andrew, Thank you for the response. I've attached my config.h and smbd output. Regards, Mike. Build environment: Built by:root@squeeze Built on:Sun Jul 10 09:01:05 BST 2011 Built using: /usr/bin/gcc Build host: Linux squeeze 2.6.32-5-amd64 #1 SMP Wed Jan 12 03:40:32 UTC 2011 x86_64 GNU/Linux SRCDIR: /root/samba-4.0.0alpha16/source3 BUILDDIR:/root/samba-4.0.0alpha16/source3 Paths: SBINDIR: /usr/local/samba/sbin BINDIR: /usr/local/samba/bin SWATDIR: /usr/local/samba/share/swat CONFIGFILE: /usr/local/samba/etc/smb.conf LOGFILEBASE: /usr/local/samba/var LMHOSTSFILE: /usr/local/samba/etc/lmhosts LIBDIR: /usr/local/samba/lib MODULESDIR: /root/samba-4.0.0alpha16/bin/modules SHLIBEXT: so LOCKDIR: /usr/local/samba/var/lock STATEDIR: /usr/local/samba/var/locks CACHEDIR: /usr/local/samba/var/cache PIDDIR: /usr/local/samba/var/run SMB_PASSWD_FILE: /usr/local/samba/private/smbpasswd PRIVATE_DIR: /usr/local/samba/private System Headers: Headers: UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_ADDR HAVE_UT_UT_ADDR_V6 HAVE_UT_UT_EXIT HAVE_UT_UT_HOST HAVE_UT_UT_ID HAVE_UT_UT_NAME HAVE_UT_UT_PID HAVE_UT_UT_TIME HAVE_UT_UT_TV HAVE_UT_UT_TYPE HAVE_UT_UT_USER PUTUTLINE_RETURNS_UTMP WITH_UTMP HAVE_* Defines: HAVE_ACL_GET_FILE HAVE_ACL_LIBACL_H HAVE_ADDR_TYPE_IN_KRB5_ADDRESS HAVE_AIO HAVE_AIO64 HAVE_AIOCB64 HAVE_AIO_CANCEL HAVE_AIO_CANCEL64 HAVE_AIO_ERROR HAVE_AIO_ERROR64 HAVE_AIO_FSYNC HAVE_AIO_FSYNC64 HAVE_AIO_H HAVE_AIO_READ HAVE_AIO_READ64 HAVE_AIO_RETURN HAVE_AIO_RETURN64 HAVE_AIO_SUSPEND HAVE_AIO_SUSPEND64 HAVE_AIO_WRITE HAVE_AIO_WRITE64 HAVE_ALLOCA_H HAVE_AP_OPTS_USE_SUBKEY HAVE_ARPA_INET_H HAVE_ARPA_NAMESER_H HAVE_ASM_TYPES_H HAVE_ASM_UNISTD_H HAVE_ASPRINTF HAVE_ASSERT_H HAVE_ATEXIT HAVE_ATTRIBUTE_COLD HAVE_ATTRIBUTE_CONST HAVE_ATTRIBUTE_NORETURN HAVE_ATTRIBUTE_PRINTF HAVE_ATTRIBUTE_UNUSED HAVE_ATTRIBUTE_USED HAVE_ATTR_XATTR_H HAVE_AVAHI_CLIENT_CLIENT_H HAVE_AVAHI_CLIENT_NEW HAVE_AVAHI_COMMON_WATCH_H HAVE_AVAHI_STRERROR HAVE_BACKTRACE HAVE_BACKTRACE_SYMBOLS HAVE_BER_SCANF HAVE_BER_SOCKBUF_ADD_IO HAVE_BER_TAG_T HAVE_BINDTEXTDOMAIN HAVE_BIND_TEXTDOMAIN_CODESET HAVE_BLKCNT_T HAVE_BLKSIZE_T HAVE_BOOL HAVE_BUILTIN_CLZ HAVE_BUILTIN_CLZL HAVE_BUILTIN_CLZLL HAVE_BUILTIN_CONSTANT_P HAVE_BUILTIN_EXPECT HAVE_BUILTIN_POPCOUNTL HAVE_BUILTIN_TYPES_COMPATIBLE_P HAVE_BZERO HAVE_C99_VSNPRINTF HAVE_CAP_GET_PROC HAVE_CHARSET_CP850 HAVE_CHARSET_UTF_8 HAVE_CHECKSUM_IN_KRB5_CHECKSUM HAVE_CHMOD HAVE_CHOWN HAVE_CHROOT HAVE_CLOCK_GETTIME HAVE_CLOCK_MONOTONIC HAVE_CLOCK_PROCESS_CPUTIME_ID HAVE_CLOCK_REALTIME HAVE_COMPARISON_FN_T HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS HAVE_COMPOUND_LITERALS HAVE_COM_ERR HAVE_COM_ERR_H HAVE_COM_RIGHT_R HAVE_CONFIG_H HAVE_CONNECT HAVE_CPPFUNCTION HAVE_CREAT64 HAVE_CRYPT HAVE_CRYPT_H HAVE_CTYPE_H HAVE_CUPS HAVE_CUPS_CUPS_H HAVE_CUPS_LANGUAGE_H HAVE_CURSES_H HAVE_DECL_ASPRINTF HAVE_DECL_DLOPEN HAVE_DECL_FDATASYNC HAVE_DECL_GETGRENT_R HAVE_DECL_GETPWENT_R HAVE_DECL_H_ERRNO HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER HAVE_DECL_READAHEAD HAVE_DECL_RL_EVENT_HOOK HAVE_DECL_SNPRINTF HAVE_DECL_VASPRINTF HAVE_DECL_VSNPRINTF HAVE_DECL__RES HAVE_DEVICE_MAJOR_FN HAVE_DEVICE_MINOR_FN HAVE_DGETTEXT HAVE_DIRENT_D_OFF HAVE_DIRENT_H HAVE_DIRFD HAVE_DIRFD_DECL HAVE_DLCLOSE HAVE_DLERROR HAVE_DLFCN_H HAVE_DLOPEN HAVE_DLSYM HAVE_DN_EXPAND HAVE_DPRINTF HAVE_DUP2 HAVE_ENCTYPE_ARCFOUR_HMAC HAVE_ENCTYPE_ARCFOUR_HMAC_MD5 HAVE_ENDHOSTENT HAVE_ENDIAN_H HAVE_ENDMNTENT HAVE_ENDNETGRENT HAVE_ENDNETGRENT_PROTOTYPE HAVE_ENVIRON_DECL HAVE_EPOLL HAVE_EPOLL_CREATE HAVE_ERR HAVE_ERRNO_DECL HAVE_ERRNO_H HAVE_ERRX HAVE_ERR_H HAVE_ETYPE_IN_ENCRYPTEDDATA HAVE_EXECINFO_H HAVE_EXECL
[Samba] Samba4 - Cannot get quick test to succeed
Hi All, I'm currently using/testing samba-4.0.0alpha15. I downloaded the tar ball, followed the Samba4 HOWTO wiki at http://wiki.samba.org/index.php/Samba4/HOWTO and got stuff working pretty well. I have experienced issues with GPOs and such and dynamic dns and so thought I'd try the current version but I cannot now get samba4 to pass quicktest (or any other test). I've tried samba-4.0.0alpha16.tar.gz and also the latest via git. Obviously you guys would need some specifics but I'm not sure what info would best help diagnose the problem. There is spurious output during the build with reference to 'errors 1' or 'errors 4' etc, as there was with the alpha15 build which did pass quicktest. There are numerous processes left hanging around after quicktest fails and it always fails 5 tests but the st/summary doesn't give me any clues. It ends like so; samba: EOF on stdin - terminating ./bin/samba exited with no error ./bin/samba got signal 9 and exits with 0! samba: EOF on stdin - terminating ./bin/samba exited with no error samba: EOF on stdin - terminating ./bin/samba exited with no error samba: EOF on stdin - terminating ./bin/samba exited with no error samba: EOF on stdin - terminating ./bin/samba exited with no error samba: EOF on stdin - terminating ./bin/samba exited with no error samba: EOF on stdin - terminating ./bin/samba exited with no error FAILED (5 failures and 0 errors in 5 testsuites) A summary with detailed information can be found in: ./st/summary ERROR: test failed with exit code 1 make: *** [quicktest] Error 1 and sumary of st/summary; = Failed tests = == samba3.posix_s3.raw.open (s3dc) == == samba4.smb.signing disabled on with -k no --signing=off domain-creds(s3member) == == samba4.smb.signing disabled on with -k no --option=usespnego=no --signing=off domain-creds(s3member) == == samba4.smb.signing disabled on with -k no --option=gensec:spengo=no --signing=off domain-creds(s3member) == == samba4.smb.signing disabled on with -k yes --signing=off domain-creds(s3member) == and the processes still hanging around; /usr/bin/perl /root/samba4/samba-master/selftest/selftest.pl --target=samba --prefix=./st --srcdir=/root/samba4/samba-master --exclude=./st/skip --testlist=/usr/bin/ ./bin/timelimit 7500 ./bin/winbindd -F --no-process-group --stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/timelimit 7500 ./bin/smbd -F --no-process-group --log-stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/winbindd -F --no-process-group --stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/smbd -F --no-process-group --log-stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/winbindd -F --no-process-group --stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/winbindd -F --no-process-group --stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/winbindd -F --no-process-group --stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 ./bin/smbd -F --no-process-group --log-stdout -s /root/samba4/samba-master/st/plugin_s4_dc/lib/server.conf -d0 As I say, there are no obvious signs as to why it's failing but if I can provide something more specific (I'm sure there is something more helpful) please let me know. Regards, Mike. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba