Re: [Samba] Samba 3 / Solaris 8 / Kerberos
On Solaris 8 and 9 I am using Kerberos from MIT and OpenLdap. /Patrik Thomas Müller wrote: Hi, I have a problem to compile Samba 3 with ADS support on Solaris. Unfortunatly, Solaris 8 doesn't come with integrated kerberos support, so that configure doesn't find any support for kerberos. For Solaris 8 there is a package called SEAM 1.0.1 with provides kerberos functionality for Solaris, but the needed header file, i.e krb5.h, are not included and according to my informations from SUN, they will not ship the headers in future. Do I have a chance to compile Samba 3 with ADS support? Might it be a solution to compile an install heimdal kerberos? When Samba 3 is compiled with the installed heimdal kerberos, will it work with the SEAM from SUN? Does anyone here have experience with this topic and a solution? Kind regards. Th. Müller Thomas Müller Phone: +49-711-88716-147 Department Manager ITFax: +49-711-88716-777 Christ GmbHMail: [EMAIL PROTECTED] Mittlerer Pfad 9Internet: www.christ-wasser.de 70499 Stuttgart Germany DISCLAIMER Any opinions expressed in this eMail are those of the the individual and not necesserily the company. This eMail and any files transmitted with it are confidential and solely for use of the intended recipient. If you are not the intended recipient or the person responsible fo delivering to the intended recipient, be advised that you have received this eMail in error and that any use is strictly prohibited. If you have received this eMail in error, please advise the sender immediately by using the reply facility in your eMail software. We have taken every reasonable precaution to ensure that any attachement to this eMail is swept for viruses. However, we cannot accept liability for any damage sustained as a result of software viruses and advise you carry out your own virus checks before opening any attachement. -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error loading module messages from Samba-3rc4 on Solaris
I know this Q has been asked before, but I can't find any answers. If I have my LANG set to C the message will be Error loading module '/usr/local/samba/lib/charset/646.so': ld.so.1: bin/testparm: fatal: /usr/local/samba/lib/charset/646.so: open failed: No such file or directory and if LANG is set to sv (for swedish) the messages will be Error loading module '/usr/local/samba/lib/charset/ISO8859-1.so': ld.so.1: bin/testparm: fatal: /usr/local/samba/lib/charset/ISO8859-1.so: open failed: No such file or directory My Q is where to find those libraries ? I have used libiconv.1.9.1 when compiling samba. /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbclient is broken and W2k can't connect to Samba3.0-rc2
Hi, I have done the same test since Samba-3 alfa. - Compiled the source - Joined the W2003 server - Winbind works - wbinfo tests passed - Connect to samba using smbclient fails with session setup failed: NT_STATUS_INVALID_PARAMETER - W2K client can't brows or connect to Samba. I have attached the debugging info from smbclient. I have also bug-reported this. /Patrik My smb.conf file: # Global parameters [global] workgroup = TEST password server = w2003server realm = TEST.SE netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix2/255.255.0.0 bind interfaces only = Yes ;client use spnego = no ;use spnego = no security = ads private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/TEST.SE/%U template shell = /bin/sh ;winbind use default domain = Yes winbind use default domain = True wins server = w2003server [scmondir] comment = Monitor directory for Sun Cluster path = /tmp browseable = No [homes] comment = Home directory read only = No exec=/bin/mkdir -p /global/mnt1/SAMBA/home/TEST.SE/%U [profiles] comment = Profile directory path = /global/mnt1/SAMBA/profiles read only = No create mask = 0600 directory mask = 0700 [data] comment = Data disk path = /global/mnt1/datadir read only = No guest ok = yes -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Something is broken in Samba3.0-rc2 compared to Samba3.0-rc1
Hi, After the bug 380 was fixed I recompiled Samba3.0-rc2 using Sun One Studio 8 on my Solaris 9 box. I joind my Windows 2003 Server. net ADS JOIN -U Administrator Started winbindd and did wbinfo tests and all worked. Run smbclient locally to connect to the samba-server and it failed with session setup failed: NT_STATUS_INVALID_PARAMETER. My W2000 client can't access the samba server any more. I have attached the trace from smbclient. Everything worked fine with rc1. My smb.conf # Global parameters [global] workgroup = TEST password server = w2003server realm = TEST.SE netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix2/255.255.0.0 bind interfaces only = Yes ;client use spnego = no ;use spnego = no security = ads private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/TEST.SE/%U template shell = /bin/sh ;winbind use default domain = Yes winbind use default domain = True wins server = w2003server [scmondir] comment = Monitor directory for Sun Cluster path = /tmp browseable = No [homes] comment = Home directory read only = No exec=/bin/mkdir -p /global/mnt1/SAMBA/home/TEST.SE/%U [profiles] comment = Profile directory path = /global/mnt1/SAMBA/profiles read only = No create mask = 0600 directory mask = 0700 [data] comment = Data disk path = /global/mnt1/datadir read only = No guest ok = yes -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Getting compiler erros on Samba3.0.rc2 on Solaris 9
Hi, A new kind error has appeared in rc2. I am getting compiler errors on CP850.c when compiling with Sun ONE Studio 8 on Solaris 9. Using FLAGS = -g -I/usr/local/include -I./popt -Iinclude -I/UTILCD/opt2/Cprg/Pr ogram/samba-3.0.0rc2/source/include -I/UTILCD/opt2/Cprg/Program/samba-3.0.0rc2/s ource/ubiqx -I/UTILCD/opt2/Cprg/Program/samba-3.0.0rc2/source/smbwrapper -I. -I /usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I/usr/local/incl ude -I/UTILCD/opt2/Cprg/Program/samba-3.0.0rc2/source LIBS = -lsendfile -lsec -lgen -lresolv -lsocket -lnsl -ldl LDSHFLAGS = -G -g -I/usr/local/include -L /usr/local/lib LDFLAGS = -L /usr/local/lib Compiling modules/CP850.c with -KPIC modules/CP850.c, line 27: syntax error before or at: [ -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ads server = huh?
The parameter password server has the same functionality as ads server. ads server is EOL. /Patrik [EMAIL PROTECTED] wrote: All, I've installed a Redhat 9 system with all packages from 3 discs. Now I've removed my samba 2 related packages and installed samba 3 using rpm. After setting up kerberos with my W2k system and testing that out successfully I set up smb.conf with security = ads etc I've also set 'ads server' but this config option causes various samba binaries to report unknown parameter: ads server What am I missing here ? Is the ads server option still an option ? Thx Aaron Colichia -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] dual smb/nmb for interfaces
Hi, I use the following parameters in the smb.conf file(s): interfaces = hahostix1/255.255.0.0 bind interfaces only = Yes(Bind nmbd/smbd only to the defined interfaces) lock dir = /opt/SAMBA/locks( Store lock info in a another directory ) pid directory = /opt/SAMBA/var/locks(Store pid-files in a another directory ) log file = /opt/SAMBA/logs/logfile smb passwd file = /opt/SAMBA/private/smbpasswd (Were to store the smbpasswd file) In this example I store the smb.conf in /opt/SAMBA/lib The directory structure will be in this case: /opt/SAMBA/lib/smb.conf /opt/SAMBA/locks /opt/SAMBA/logs /opt/SAMBA/var/locks /opt/SAMBA/private The a start nmbd/smbd with -s path to smb.conf /Patrik Mohamed, Amin wrote: HI I'm need to run samba version 2.2.8 and 2 smbd / nnbd processes in a single machine with two separate smb.conf files . They will runs on individual interfaces and how can I do that ? Tried all means that I know off , but to no avail. Please help. Thanks rgs amin == This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you are not the intended recipient, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. CREDIT SUISSE GROUP and each legal entity in the CREDIT SUISSE FIRST BOSTON or CREDIT SUISSE ASSET MANAGEMENT business units of CREDIT SUISSE FIRST BOSTON reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. Unless otherwise stated, any pricing information given in this message is indicative only, is subject to change and does not constitute an offer to deal at any price quoted. Any reference to the terms of executed transactions should be treated as preliminary only and subject to our formal written confirmation. == -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] When will Samba-3 be released as stable ?
Hi, Is there a date when you could expect Samba-3 will be release as stable ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with iconv for Samba-3.0.0-rc1 on Solaris
Hi, I have dowloaded and installed iconv (1.9.1) from http://freshmeat.net/projects/libiconv. I have used default-settings for iconv, meaning: # configure # make # make install I tried then run configure for Samba-3.0.0-rc1 and configure couldn't find sufficient support for iconv. I tried using --with-libiconv, but it didn't help. Did I miss something when installing iconv on my Solaris box ? Do I have to install GNU gettext ? Do I have to use LD_PRELOAD when I run configure and running Samba ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Got strange message when using wbinfo/winbind on Samba-3beta3
Hi, I have joined a ADS (W2003 server) with success. Started winbindd. When I run any wbinfo commands I recieve the following message in the logfile and the command fails: cli_negprot: SMB signing is mandatory and we have disabled it. I am using the same smb.conf as for beta1 and beta2. What have changed or what have missed ? I am running on Solaris 9. My smb.conf file [global] workgroup = SAMBA-NET password server = * ads server = w2003server realm = TEST.SE netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix2/255.255.0.0 bind interfaces only = Yes ;client use spnego = no ;use spnego = no security = ads private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/TEST.SE/%U template shell = /bin/sh winbind use default domain = Yes ;winbind use default domain = No wins server = w2003server -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is it sombody who has a working pam.conf for Solaris 9 ?
Hi, I have now a working pam.conf for Solaris 9 with winbind for telnet, rlogin, ftp, dtsession. The following changes have been done compered to the default. diff pam.conf.ORG pam.conf 21,23c21,24 login auth required pam_dhkeys.so.1 login auth required pam_unix_auth.so.1 login auth required pam_dial_auth.so.1 --- login auth sufficient pam_dhkeys.so.1 login auth sufficient pam_unix_auth.so.1 login auth sufficient pam_dial_auth.so.1 login auth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass 29,30c30,32 rloginauth required pam_dhkeys.so.1 rloginauth required pam_unix_auth.so.1 --- rloginauth sufficient pam_dhkeys.so.1 rloginauth sufficient pam_unix_auth.so.1 rloginauth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass 49,50c51,53 other auth required pam_dhkeys.so.1 other auth required pam_unix_auth.so.1 --- other auth sufficient pam_dhkeys.so.1 other auth sufficient pam_unix_auth.so.1 other auth sufficient /usr/lib/security/pam_winbind.so.1 try_first_pass 65,66c68,70 other account requiredpam_projects.so.1 other account requiredpam_unix_account.so.1 --- other account sufficient pam_projects.so.1 other account sufficient pam_unix_account.so.1 other account sufficient /usr/lib/security/pam_winbind.so.1 71a76 other session sufficient /usr/lib/security/pam_winbind.so.1 /Patrik Patrik Gustavsson PS Sweden Senior Technical Consultant wrote: Hi, I am trying to setup PAM for telnet on my solaris 9 box and the pam_winbind grant me access but I recieve a acount failure: Jul 4 13:29:59 clusterix1 pam_winbind[9688]: user 'patrikg' granted acces Jul 4 13:29:59 clusterix1 login[9688]: login account failure: Permission denied The values in pam.conf for winbind is: login auth required /usr/lib/security/pam_winbind.so other auth sufficient /usr/lib/security/pam_winbind.so login account sufficient /usr/lib/security/pam_winbind.so other account sufficient /usr/lib/security/pam_winbind.so login session sufficient /usr/lib/security/pam_winbind.so What have I missed ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba-3.0.0beta2
In order to get ADS support you have to compile SAMBA with Kerberos- and LDAP- support. /Patrik vincent Badier wrote: Hello all, First, i present myself since this is the first time i post here. My name is Vincent Badier, and i'm a samba beginner. I tried to compil and install samba-3.0.0beta2. I configured it with the --with-acl-support and no error occured. The problem appear when i tried to join an active directory domain. firstly : # /usr/local/samba/bin/net ADS JOIN MEMBER -S mydc -Umyname ADS support not compiled in However the configure --help said on Optional Packages: [...] --with-ads Active Directory support (default yes) ok, let's try without ADS option : # /usr/local/samba/bin/net JOIN MEMBER -S ip.of.my.dc -Umyname [2003/07/08 11:38:29, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(249) cli_nt_setup_creds: request challenge failed [2003/07/08 11:38:29, 1] utils/net_rpc.c:run_rpc_command(154) rpc command function failed! (NT_STATUS_INVALID_COMPUTER_NAME) Password: Create of workstation account failed Unable to join domain MYDOM. Arg, this is not good for me. Any idea? PS : this is my smb.conf : (I also tried to deal with lient lanman auth = Yes but without success) # Samba config file created using SWAT # from my.desktop.ip.addr (my.desktop.ip.addr) # Date: 2003/07/08 10:37:38 # Global parameters [global] workgroup = MYDOM netbios name = MYSRV server string = Samba 3.0.0beta2 interfaces = eth0 security = DOMAIN password server = ip.of.my.dc client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No syslog = 0 log file = /var/log/samba/log.smbd max log size = 8000 show add printer wizard = No preferred master = No local master = No domain master = No dns proxy = No wins server = ip.of.my.dc ldap ssl = no invalid users = root [data] path = /mnt/homes valid users = AD2+domain_users admin users = AD2+mynamevi /etc/sam read only = No -- Vincent -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind in samba3-beta2 is broken compered to samba3-beta1on solaris
I compiled samba3-beta2 with the same argument, kerberos- and ldap libraries as for samba3-beta1. The ADS join worked as it should. I am using the same smb.conf file as before: # Samba config file created using SWAT # from 10.0.0.254 (10.0.0.254) # Date: 2003/06/03 15:37:08 # Global parameters [global] workgroup = SAMBA-NET password server = * ads server = w2003server realm = TEST.SE netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix2/255.255.0.0 bind interfaces only = Yes ;client use spnego = no ;use spnego = no security = ads private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/TEST.SE/%U template shell = /bin/sh winbind use default domain = Yes ;winbind use default domain = No wins server = w2003server With samba3-beta2 I can't do: wbinfo -u wbinfo -g But I can do: wbinfo -n patrikg Everything worked fine with samba3-beta1. What is changed in samba3-beta2 for winbind ? -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Is it sombody who has a working pam.conf for Solaris 9 ?
Hi, I am trying to setup PAM for telnet on my solaris 9 box and the pam_winbind grant me access but I recieve a acount failure: Jul 4 13:29:59 clusterix1 pam_winbind[9688]: user 'patrikg' granted acces Jul 4 13:29:59 clusterix1 login[9688]: login account failure: Permission denied The values in pam.conf for winbind is: login auth required /usr/lib/security/pam_winbind.so other auth sufficient /usr/lib/security/pam_winbind.so login account sufficient /usr/lib/security/pam_winbind.so other account sufficient /usr/lib/security/pam_winbind.so login session sufficient /usr/lib/security/pam_winbind.so What have I missed ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How fix the Error loading module messages on samba3-beta1and 2
I know the Q has been asked before, but I havn't seen any answers. On any samba command the following errors occur: Error loading module '/usr/local/samba/lib/charset/CP850.so': ld.so.1: bin/testp arm: fatal: /usr/local/samba/lib/charset/CP850.so: open failed: No such file or directory Conversion from UCS-2LE to CP850 not supported Error loading module '/usr/local/samba/lib/charset/CP850.so': ld.so.1: bin/testp arm: fatal: /usr/local/samba/lib/charset/CP850.so: open failed: No such file or directory Conversion from UTF8 to CP850 not supported Error loading module '/usr/local/samba/lib/charset/CP850.so': ld.so.1: bin/testp arm: fatal: /usr/local/samba/lib/charset/CP850.so: open failed: No such file or directory Conversion from 646 to CP850 not supported Error loading module '/usr/local/samba/lib/charset/CP850.so': ld.so.1: bin/testp arm: fatal: /usr/local/samba/lib/charset/CP850.so: open failed: No such file or directory How do you fix that ? I running Samba3 on Solaris. /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Questions about w2003 server
To be full ADS member in W2003 server you have to use Samba 3(-beta1). You have to compile Samba 3 with kerberos and ldap support to get ADS support within Samba. /Patrik Johan wrote: Greetings and Thank You in advance to anyone who responds to this message. As the saying goes long time listener first time caller. Our campus is switching(might I add not with our blessing) to a windows 2003 backend. Since we at the library prefer to stay Linux/FreeBsd we are searching for information about joining a Samba Server to a 2003 environment. Has anyone been successful in integrating the two? If so could you offer any advice, pointers, roadblocks, showstoppers etc. Thanks Johan Dowdy Cabrillo College Library -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Has anybody used the mysql passdb backend in samba 3-beta1 ?
Any hints for compiling with mysql passdb backend. I set MYSQL_CONFIG to /usr/local/mysql/bin/mysql_config have tried with run configure with --with-mysql-prefix=/usr/local/mysql --with-expsam=mysql The result in config.log was configure:28942: checking how to build pdb_mysql configure:28971: result: not /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3-beta1 as a PDC and using tdbsam as passdb backend ittakes the home-directory info from /etc/passwd
I didn't get any answers so I try again: I am using tdbsam as passdb backand. I have added root user with pdbedit. The machine trust account was added on the fly. I have added the user with pdbedit. I have created the user in /etc/passwd. When the user logs in from a W2k and mounts the home-directory I noticed that Samba didn't take the home-directory information from tdbsam, it took it from /etc/passwd. Is that correct ? I assumed it would use the info in tdbsam. /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Setting up 3.0 to authenticate to AD
I got the same problem, but I recompiled Samba using the latest kerberos for MIT (1.3) and that works. /Patrik Norris, Brent wrote: Ok I changed my samba entries in pam.d and now I get a login box, but I still cannot login. Here is what the log file for my machine shows now: [2003/06/19 09:33:58, 1] smbd/sesssetup.c:reply_spnego_kerberos(175) Failed to verify incoming ticket! [2003/06/19 09:33:58, 1] smbd/sesssetup.c:reply_spnego_kerberos(175) Failed to verify incoming ticket! [2003/06/19 09:33:58, 1] smbd/sesssetup.c:reply_spnego_kerberos(175) Failed to verify incoming ticket! [2003/06/19 09:33:58, 1] smbd/sesssetup.c:reply_spnego_kerberos(175) Failed to verify incoming ticket! [2003/06/19 09:34:03, 1] smbd/sesssetup.c:reply_spnego_kerberos(221) Username bnorris is invalid on this system Anyone got any ideas? Well, I have the same exact problem as you. I have everything setup right so that wbinfo pulls all information fine. I can Kerberos too. But, can't login from the network. I thought it was PAM, but no for me either. I've posted about this a couple of times, to no avail. Hope someone answers yours! -Original Message- From: Norris, Brent [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 10:14 AM To: Chip Bell Subject: RE: [Samba] Setting up 3.0 to authenticate to AD Sounds like you set up winbind..did you do pam? I was under the impression from the documentation that pam only needed to be changed if you wanted to be able to use the accounts to login as far as telnet, ssh, ftp type stuff. It states that winbindd and samba should be working together and that they /etc/pam.d/samba didn't need changing. Though mine looks like this: auth required pam_nologin.so auth required pam_stack.so service=system-auth accountrequired pam_stack.so service=system-auth sessionrequired pam_stack.so service=system-auth password required pam_stack.so service=system-auth While the doc's only has the two lines: authrequired/lib/security/pam_stack.so service=system-auth account required/lib/security/pam_stack.so service=system-auth I wasn't attempting to change it though since that is what the samba rpm put in there. Perhaps I should change it to look like the one in the docs?? Brent -- output from testparm - Load smb config files from /etc/samba/smb.conf Processing section [homes] Processing section [printers] Processing section [public] Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_MEMBER Press enter to see a dump of your service definitions # Global parameters [global] workgroup = STU realm = STU.EDMONSON.K12.KY.US server string = Linux File Server security = ADS log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No wins server = 10.76.16.50 winbind separator = + winbind use default domain = Yes [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [public] comment = Public Stuff path = /home/samba write list = bnorris guest ok = Yes -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Strange UID/GID mapping in Samba-3beta1 and Win2003 server
I have strange uid/gid problem. I am testing Samba 3-beta1 and Samba is ADS member to W2003 server. Everythings work, wbinfo, getent passwd and so on. Now to the problem: When I list the users with getent passwd I get: Administrator:x:1:1:Administrator:/global/mnt1/SAMBA/home/TEST.SE/administrator:/bin/sh Guest:x:10001:10002:Guest:/global/mnt1/SAMBA/home/TEST.SE/guest:/bin/sh krbtgt:x:10002:1:krbtgt:/global/mnt1/SAMBA/home/TEST.SE/krbtgt:/bin/sh root:x:10003:1:root:/global/mnt1/SAMBA/home/TEST.SE/root:/bin/sh patrikg:x:10004:1:patrik Gustavsson:/global/mnt1/SAMBA/home/TEST.SE/patrikg:/bin/sh fmuser:x:10005:1:fmuser:/global/mnt1/SAMBA/home/TEST.SE/fmuser:/bin/sh When I list the users with wbinfo -u Administrator Guest krbtgt root patrikg fmuser When I am using a W2k client and log into the W20003 Server and access a share on Samba with my user (patrikg) is remaped to pgpc (10.0.0.140) connect to service profiles initially as user TEST.SE\patrikg (uid=10006, gid=10003) That uid 10006 and group 10003 can't be displayed with getent passwd and getent group. Why do I get uid 10006 when I should have 10004 ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Strange UID/GID mapping in Samba-3beta1 and Win2003 server
Yes, I'm running winbindd and it's defined in nsswitch.conf. /Patrik Andrew Bartlett wrote: On Mon, 2003-06-23 at 19:10, Patrik Gustavsson PS Sweden Senior Technical Consultant wrote: I have strange uid/gid problem. I am testing Samba 3-beta1 and Samba is ADS member to W2003 server. Everythings work, wbinfo, getent passwd and so on. Now to the problem: When I list the users with getent passwd I get: Administrator:x:1:1:Administrator:/global/mnt1/SAMBA/home/TEST.SE/administrator:/bin/sh Guest:x:10001:10002:Guest:/global/mnt1/SAMBA/home/TEST.SE/guest:/bin/sh krbtgt:x:10002:1:krbtgt:/global/mnt1/SAMBA/home/TEST.SE/krbtgt:/bin/sh root:x:10003:1:root:/global/mnt1/SAMBA/home/TEST.SE/root:/bin/sh patrikg:x:10004:1:patrik Gustavsson:/global/mnt1/SAMBA/home/TEST.SE/patrikg:/bin/sh fmuser:x:10005:1:fmuser:/global/mnt1/SAMBA/home/TEST.SE/fmuser:/bin/sh When I list the users with wbinfo -u Administrator Guest krbtgt root patrikg fmuser When I am using a W2k client and log into the W20003 Server and access a share on Samba with my user (patrikg) is remaped to pgpc (10.0.0.140) connect to service profiles initially as user TEST.SE\patrikg (uid=10006, gid=10003) That uid 10006 and group 10003 can't be displayed with getent passwd and getent group. Why do I get uid 10006 when I should have 10004 ? This looks like you are not running winbindd, and have found the bugs in beta 1. This has been fixed in current Samba 3.0 CVS. If you were running winbind, was it configured in nsswitch? Andrew Bartlett -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] My Samba 3.0beta1 stopped working as ADS member
I had a working Samba 3.0beta1 as ADS member of a W2003 server. My w2000 client could log in to the W2003 server and use services on Samba (home directory). Winbind is working. So I tried to re-do all my work again. And suddenly the w2k can use any services on Samba anymore. The output from the logfile tells me it's kerberos problem: [2003/06/18 08:35:03, 3] libads/kerberos_verify.c:(126) krb5_rd_req with auth failed (Bad encryption type) [2003/06/18 08:35:03, 1] smbd/sesssetup.c:(175) Failed to verify incoming ticket! [2003/06/18 08:35:03, 3] smbd/error.c:(94) error string = No such file or directory Winbind/wbinfo works as it should. I know what problem it is, but not WHY and not HOW to fix it ? /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] I am testing Samba 3beta1 as a PDC and have a Q about it'sbehaviure
I am using tdbsam as passdb backand. I have added root user with pdbedit. I have added the machine trust account with pdbedit. I have added the user with pdbedit. I have created the user in /etc/passwd. When the user logs in from a W2k and mounts the home-directory I noticed that Samba didn't take the home-directory information from tdbsam, it took it from /etc/passwd. Is that correct ? I assumed it would use the info in tdbsam. /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] WinBind - 3.0.0beta1
What I did for getting winbind to work with Windows 2003 ADS. 1) Compiled Samba with both kerberos and ldap support. If you don't do this it will not work. 2) Configure kerberos klient on your server. 3) Then I ran net ads JOIN -U administrator My smb.conf # Global parameters [global] workgroup = SAMBA-NET password server = * ads server = w2003server realm = TEST.SE netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix1/255.255.0.0 bind interfaces only = Yes security = ads private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/%D/%U template shell = /bin/sh winbind use default domain = Yes wins server = w2003server Brett Hales wrote: I am trying to get WinBind working against Windows 2000 ADS. I am following the document http://de.samba.org/samba/devel/docs/html/winbind.html. I have successfully joined the samba server to the PDC domain. /usr/local/samba/bin/net join -S PDC -U Administrator The winbindd starts successfully however when I try to use wbinfo -u it returns. [EMAIL PROTECTED] root]# /usr/local/samba/bin/wbinfo -u Error looking up domain users And the /usr/local/samba/var/log.winbindd log file contains the below. [2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:add_trusted_domain(138) Added domain AU.MYDOMAIN.COM [2003/06/16 14:57:03, 1] nsswitch/winbindd_util.c:init_domain_list(214) Could not fetch sid for our domain AU.MYDOMAIN.COM My samba.conf is [EMAIL PROTECTED] lib]# cat smb.conf [global] winbind separator = + winbind uid = 1-2 winbind gid = 1-2 winbind enum users = yes winbind enum groups = yes workgroup = AU.MYDOMAIN.COM security = domain password server = myad01 Can anybody advise why this is not working. -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem to get winbind working for Samba3-beta1 on Solaris9 against W2003 PDC
My smb.conf global] workgroup = SAMBA-NET password server = * ;ads server = w2000server netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix1/255.255.0.0 bind interfaces only = Yes client use spnego = no ;use spnego = no security = domain private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/%D/%U template shell = /bin/sh winbind use default domain = Yes I have joined the W2003 server and created the trust account. But winbind can't retrieve any users and group. Do I have to configure realm and ads server parameters to get winbind to work ? Or have I missed something else ? -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems joining W2003 PDC with Samba 3.0 alpha 24
I know the Q has been asked, but I havn't seen the answer. I have PDC in native mode The ADS name is test.se The domain-name is SAMBA-NET The name of the pdc is W2003SERVER ( 10.0.0.20) In smb.conf have the following settings workgroup = SAMBA-NET ; ads server = 10.0.0.20 password server = W2003SERVER netbios name = SAMBA server string = Samba (%v) domain (%h) interfaces = hahostix1/255.255.0.0 bind interfaces only = Yes security = domain private dir = /global/mnt1/SAMBA/private log file = /global/mnt1/SAMBA/logs/logfile lock dir = /global/mnt1/SAMBA/locks pid directory = /global/mnt1/SAMBA/var/locks idmap uid = 1-2 idmap gid = 1-2 template homedir = /global/mnt1/SAMBA/home/%D/%U template shell = /bin/sh winbind use default domain = Yes I recieve the following errors when I run the net command # net -s /global/mnt1/SAMBA/lib/smb.conf -S W2000SERVER JOIN -U Administrator [2003/06/05 13:30:43, 1] libsmb/cliconnect.c:(1274) failed tcon_X with NT_STATUS_DUPLICATE_NAME [2003/06/05 13:30:43, 1] utils/net.c:(177) Cannot connect to server (anonymously). Error was NT_STATUS_DUPLICATE_NAME Password: [2003/06/05 13:30:46, 0] libsmb/ntlmssp_sign.c:(182) NTLMSSP packet check failed due to invalid signiture! [2003/06/05 13:30:46, 1] libsmb/cliconnect.c:(1274) failed tcon_X with NT_STATUS_ACCESS_DENIED [2003/06/05 13:30:46, 1] utils/net.c:(148) Cannot connect to server. Error was NT_STATUS_ACCESS_DENIED I have tried to set: password server = * security = ads ads server = 10.0.0.20 But I get the same problem. Please advice /Patrik -- In a world without fences who needs Gates Patrik Gustavsson, Senior Technical Consultant [EMAIL PROTECTED] Telephone: +46 60 671540 http://glen.swedenMobile: +46 70 3551040 SUN MICROSYSTEMS Fax: +46 60 671550 -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba