Re: [Samba] Is it possible to change the root/Administrator user to another username?
On 11/15/2012 10:08 PM, Günter Kukkukk wrote: Am Freitag, 16. November 2012, 03:00:11 schrieb Andrew Bartlett: On Thu, 2012-11-15 at 08:44 -0500, Paul Griffith wrote: Hi Andrew, The 'username map' option isn't exactly what I am looking for. That doesn't solve my issue. We have a home grown backend with a custom Samba plugin. The original writer has moved on and I am faced with solving a issue that might be solved if I could replace Samba query for the root user with something else. At least that what it looks like from where I am sitting. You are going to need to give many more details of what you are actually trying to do, rather than how you think you might fix it. Then we can probably give you some sensible advise. root isn't hard-coded anywhere in Samba, but uid 0 is special in unix and in Samba. Andrew Bartlett Paul, just a further note on what Andrew is saying here with uid 0 is special in unix and in Samba. You can create a new *nix user e.g. named smbroot with useradd . -u 0 smbroot to assign him the uid 0. This cmd useradd is sometimes named adduser and might take different arguments. Sample (done as root): useradd -d /nodir -s /bin/false -u 0 smbroot This created user doesn't even have a *nix homedir and a login shell - but has otherwise the same rights as root. But choose the options you like - at least uid 0 must be set. Then you can add this new user to the samba user database. smbpasswd -a smbroot Cheers, Günter Surely more detailed info is needed from your side. Thank you for the suggestions, re smbroot. I will try to give you a clearer picture. I understand that you looking into a black box and trying to help. Thank you for that! We have a home grown passdb module, it talks to our home grown user database. The original developer of the plugin and the user database has moved on but we have managed to keep things working without any major issues, until now. Recently we have been having more issues with the plugin and the user database. What has been happening is that some of the connections to the user database are hanging around for days at a time. This seems to create a condition where the other incoming connections are getting blocked. When I did a strace on one of the hanging processes/connections it was giving the following error message: udb_cmd: result: [error] [record root:user does not exist] udb_to_sam: record [root:user] does not exist That is when I thought that adding the root user might help the situation. If the root user existed, the error would go away and then maybe the connection could be completed normally and closed. I understand this is our own custom code we added to Samba and I certainly don't expect anyone to fix our code. I hope that gives you a better picture. Many Thanks, Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Is it possible to change the root/Administrator user to another username?
Hi Andrew, The 'username map' option isn't exactly what I am looking for. That doesn't solve my issue. We have a home grown backend with a custom Samba plugin. The original writer has moved on and I am faced with solving a issue that might be solved if I could replace Samba query for the root user with something else. At least that what it looks like from where I am sitting. Thanks for the suggestions. Best Regards, Paul On 11/15/2012 12:49 AM, Andrew Galdes wrote: Are you looking for /etc/samba/smbusers? root = administrator admin -Andrew Galdes On Thu, Nov 15, 2012 at 2:14 AM, Paul Griffith pa...@cse.yorku.ca mailto:pa...@cse.yorku.ca wrote: Greetings Samba users, In the process of setting up Samba, one of the item you need to need is add a root user to the samba password database. I was wondering if it is possible to change the name of the Samba root/Administrator user to another user, like smbroot ? I checked the 'username map' option in the man pages, but it doesn't appear to do what I want. From the man page it appears that I can map UNIX to Windows mappings. I was hoping to find something that says 'use smbroot instead of root'. Best Regards, Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -Andrew Galdes Managing Director RHCSA, LPI, CCENT AGIX Linux Ph: 08 7324 4429 Mb: 0422 927 598 Site: http://www.agix.com.au Twitter: http://twitter.com/agixlinux LinkedIn: http://au.linkedin.com/in/andrewgaldes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Is it possible to change the root/Administrator user to another username?
Greetings Samba users, In the process of setting up Samba, one of the item you need to need is add a root user to the samba password database. I was wondering if it is possible to change the name of the Samba root/Administrator user to another user, like smbroot ? I checked the 'username map' option in the man pages, but it doesn't appear to do what I want. From the man page it appears that I can map UNIX to Windows mappings. I was hoping to find something that says 'use smbroot instead of root'. Best Regards, Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] When do you End of Life older Samba versions ?
Greetings, I was wondering if the Samba team has a End of Life statement on the web for the different versions of Samba out there. I know that the 3.0.x series is pretty much EOL, but what about 3.2.x and 3.3.x series ? I just want to know when I need to get the lead out and upgrade! ;) Cheers, Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] KB957097 / MS08-068 - and Domain accounts - any known issues
Greetings Samba users, Have anyone encountered issues with Windows patch KB957097 (security bulletin MS08-068)? We started to experience workstations and DC trust issues with this patch insalled. I have seen a scattering of issues on the Internet, but nothing real concrete yet. I have uninstalled the patch on one host, but it looks like the machine record had already been changed, so I had to unjoin/rejoin the host to the DC. For the record the Samba flags had changed from WX to UX. We are running Samba 3.0.30 (compiled from source) on CentOS 4.6 Thank You Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Copying (Samba - WinXP SP2) MATLAB generated .jpg files very slow.
Greetings, This is a interesting problem. One of our researchers uses MATLAB to generate jpg files as part of his vision research. When he copies these files from the file server, it is very slow. I tried 3.0.28a and I see the same problem as we have with 3.0.28. Here are some interesting stats. 1) MATLAB generated files: command: robocopy Y:\23_1 C:\23_1 /e dirs: 2 files: 262 bytes: 12.75MB time: 3min 15 seconds 2) Same files resaved with IfranView command: robocopy Y:\23_1b C:\23_1b /e dirs: 2 files: 260 bytes: 22.05MB time: 19 seconds This is only a subset of the files that the user copies. The full directory consists of 8939 files over 101 directories for a total of 402MB and this takes 1 Hr,12 minutes and 5 seconds (Samba 3.0.28 - WinXP SP2) verses 3 minutes 30 seconds for a WinXP SP2 - WinXP SP2 copy. When I write the files back to the same Samba server the results are about the same for the MATLAB and IfranView jpg files. Any suggestions, since this only happens with MATLAB generated files? Thanks == /xsys/pkg/samba-3.0.28/sbin/smbd -b Build environment: Built by:[EMAIL PROTECTED] Built on:Tue Dec 11 09:46:16 EST 2007 Built using: gcc Build host: Linux navy 2.6.9-55.0.2.EL.CSE.smp #1 SMP Wed Jul 11 09:50:28 EDT 2007 i686 i686 i386 GNU/Linux SRCDIR: /tmp/xsys.8289.0/samba-3.0.28/source BUILDDIR:/tmp/xsys.8289.0/samba-3.0.28/source Paths: SBINDIR: /xsys/pkg/samba-3.0.28/sbin BINDIR: /xsys/pkg/samba-3.0.28/bin SWATDIR: /xsys/pkg/samba-3.0.28/swat CONFIGFILE: /xconf/samba/smb.conf LOGFILEBASE: /var/log LMHOSTSFILE: /xconf/samba/lmhosts LIBDIR: /xsys/pkg/samba-3.0.28/lib SHLIBEXT: so LOCKDIR: /var/samba/locks PIDDIR: /var/run SMB_PASSWD_FILE: /var/samba/private/smbpasswd PRIVATE_DIR: /var/samba/private [global] workgroup = CSYORKUCA netbios name = PCSERVER netbios aliases = SILVER server string = CS Samba %v Server interfaces = bind interfaces only = Yes passdb backend = pdb_udb username map = /xconf/samba/usermap client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No log level = 2 syslog = 0 max log size = 0 debug uid = Yes smb ports = 139 deadtime = 15 hostname lookups = Yes printcap name = /xconf/lprng/printcap logon script = default.bat logon path = logon home = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes invalid users = root inherit permissions = Yes hosts allow = print command = /xsys/bin/lpr -b -P%p %s ; rm -f %s lpq command = /xsys/bin/lpq -P%p lprm command = /xsys/bin/lprm -P%p %j use client driver = Yes oplocks = No level2 oplocks = No [netlogon] path = /xconf/samba/netlogon [homes] comment = Home Directories valid users = %S read only = No csc policy = disable [printers] comment = All Printers path = /tmp create mask = 0700 printable = Yes browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PHP/Samba Authentication w/ tdb files.
On Thu, 24 May 2007 13:48:58 -0400, Ryan Neufeld [EMAIL PROTECTED] wrote: Hello, I am working on a web based file system access solution for the company I work for. I need to authenticate users against samba's password database, I found a project called PEAR::File_SMBPasswd that works with the older (and now depricated?) smbpasswd file format, however it fails spectacularly when using it with sambas TDB formatted files. I have googled for the last week trying to find a solution, or even some docs on the tdb format so I could read it with PHP but I am at the end of my rope (and soon my deadline) for this one. Any ideas? I am not sure if this will help you, but from a quick google search. http://freshmeat.net/projects/smbwebclient/ About: SMB Web Client is a simple PHP script that allows users to access Windows networks from a Web browser (using Samba tools). smbwebclient - looks like a PHP wrapper for the Samba tools. Hope this help! Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.25 plugin changes
Greetings, Before I start digging into making our local passdb plugin work with Samba 3.0.25, is there any heads up I need to know about? I tried to compile the example plugin in samba-3.0.25/examples/pdb, but it fails. See below for a sample of the error messages. If I try to compile the same example that comes with Samba v3.0.24, the example code compiles without any issues? Any pointers? I am running Centos v4.4 gcc v3.4.6. If add ' source/tdb/include' to my compile to pickup tdb.h, even more errors! :( Thanks Paul #1 - first try [EMAIL PROTECTED] pdb]$ make libtool --mode=compile gcc -I../../source -I../../source/include -I../../source/ubiqx -I../../source/smbwrapper -Wall -g -I/usr/include/heimdal -fPIC -c test.c gcc -I../../source -I../../source/include -I../../source/ubiqx -I../../source/smbwrapper -Wall -g -I/usr/include/heimdal -fPIC -c test.c -fPIC -DPIC -o .libs/test.o In file included from test.c:21: ../../source/include/includes.h:636:17: tdb.h: No such file or directory In file included from ../../source/include/includes.h:637, from test.c:21: ../../source/include/util_tdb.h:35: error: syntax error before TDB_DATA ../../source/include/util_tdb.h:35: warning: no semicolon at end of struct or union ../../source/include/util_tdb.h:36: warning: type defaults to `int' in declaration of `TDB_LIST_NODE' ../../source/include/util_tdb.h:36: warning: data definition has no type or storage class ../../source/include/util_tdb.h:44: error: syntax error before '*' token ../../source/include/util_tdb.h:44: warning: type defaults to `int' in declaration of `tdb_search_keys' ../../source/include/util_tdb.h:44: warning: data definition has no type or storage class ../../source/include/util_tdb.h:45: error: syntax error before '*' token ../../source/include/util_tdb.h:48: error: syntax error before '*' token ../../source/include/util_tdb.h:51: error: syntax error before '*' token ../../source/include/util_tdb.h:53: error: syntax error before '*' token ../../source/include/util_tdb.h:58: error: syntax error before TDB_DATA ../../source/include/util_tdb.h:60: error: syntax error before TDB_DATA ../../source/include/util_tdb.h:61: error: syntax error before tdb_fetch_bystring ../../source/include/util_tdb.h:61: warning: type defaults to `int' in declaration of `tdb_fetch_bystring' ../../source/include/util_tdb.h:61: warning: data definition has no type or storage class ../../source/include/util_tdb.h:67: error: syntax error before make_tdb_data ../../source/include/util_tdb.h:67: warning: type defaults to `int' in declaration of `make_tdb_data' ../../source/include/util_tdb.h:67: warning: data definition has no type or storage class ../../source/include/util_tdb.h:68: error: syntax error before string_tdb_data ../../source/include/util_tdb.h:68: warning: type defaults to `int' in declaration of `string_tdb_data' ../../source/include/util_tdb.h:68: warning: data definition has no type or storage class ../../source/include/util_tdb.h:69: error: syntax error before TDB_DATA ../../source/include/util_tdb.h:71: error: syntax error before '*' token ../../source/include/util_tdb.h:73: error: syntax error before '*' token ../../source/include/includes.h:638:21: tdbback.h: No such file or directory In file included from ../../source/librpc/gen_ndr/srvsvc.h:3, from ../../source/librpc/gen_ndr/wkssvc.h:3, from ../../source/include/smb.h:315, from ../../source/include/includes.h:661, from test.c:21: ../../source/librpc/gen_ndr/security.h:1:26: ndr/security.h: No such file or directory In file included from ../../source/include/includes.h:689, from test.c:21: ../../source/include/rpc_eventlog.h:63: error: syntax error before TDB_CONTEXT ../../source/include/rpc_eventlog.h:63: warning: no semicolon at end of struct or union ../../source/include/rpc_eventlog.h:65: error: syntax error before '}' token ../../source/include/rpc_eventlog.h:65: warning: type defaults to `int' in declaration of `ELOG_TDB' ../../source/include/rpc_eventlog.h:65: warning: data definition has no type or storage class In file included from ../../source/nsswitch/winbind_client.h:1, from ../../source/include/includes.h:706, from test.c:21: ../../source/nsswitch/winbind_nss_config.h:39:27: system/passwd.h: No such file or directory ../../source/nsswitch/winbind_nss_config.h:40:28: system/filesys.h: No such file or directory ../../source/nsswitch/winbind_nss_config.h:41:28: system/network.h: No such file or directory In file included from ../../source/include/includes.h:788, from test.c:21: ../../source/include/proto.h:249: error: syntax error before '*' token ../../source/include/proto.h:249: warning: type defaults to `int' in declaration of `get_account_pol_tdb' ../../source/include/proto.h:249: warning: data
Re: [Samba] Sparc Solaris 10 samba issue -
On Mon, 16 Apr 2007 17:05:26 -0400, Michael Folsom [EMAIL PROTECTED] wrote: Folks: Having an issue with samba 3.0.24 on a Sun Sparc Solaris 10 box compiled with gcc version 3.4.6. On these systems I'm constantly getting the following two lines in the log.smbd file: [2007/04/16 10:20:19, 0] param/loadparm.c:map_parameter(2690) Unknown parameter encountered: client code page [2007/04/16 10:20:19, 0] param/loadparm.c:lp_do_parameter(3420) Ignoring unknown parameter client code page Any clue why? Thanks - M- See the following: http://www.samba.org/samba/history/samba-3.0.0.html Parameters -- This section contains a brief listing of changes to smb.conf options in the 3.0.0 release. Please refer to the smb.conf(5) man page for complete descriptions of new or modified parameters. Removed Parameters (order alphabetically): * admin log * alternate permissions * character set * client codepage * code page directory * coding system * domain admin group * domain guest group * force unknown acl user * nt smb support * postscript * printer driver * printer driver file * printer driver location * status * strip dot * total print jobs * use rhosts * valid chars * vfs options New Parameters (new parameters have been grouped by function): UNICODE and Character Sets -- * display charset * dos charset * unicode * unix charset -- Paul Griffith | Dept. of Computer Science and Engineering CSE Technical Team|4700 Keele Street, Toronto, ON, Canada M3J 1P3 [EMAIL PROTECTED]|CSE1003A|Phone: 416-736-2100 x70258|Fax: 416-736-5872 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] MacOS X ':' in password causes NT_STATUS_LOGON_FAILURE error when printing
Greetings, We have a user running MacOS X 10.4 and is password contained a special character ':'. This users could logon and map his home directory, but when he tried the print it would fail with the print queue window displaying the following message: Unable to connect to SAMBA host, will retry in 60 seconds...ERROR. Connection failed with error NT_STATUS_LOGON_FAILURE. From these two web sites it sesms that Microsoft has allow special characters for some time. http://www.microsoft.com/technet/security/prodtech/windows2000/w2kccadm/acctpol/w2kadm07.mspx http://www.microsoft.com/ntworkstation/technicalresources/PWDguidelines.asp Does Samba fully support all the Windows password guidelines ? I am more likely to point my finger at 'Print Center' since normal file mapping works, but printing fails. Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] SOLVED: rpc command function failed! (NT_STATUS_ACCESS_DENIED) trying to grant privileges - 3.0.23a
On Tue, Jul 25, 2006 at 12:37:43PM -0500, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: Greetings, I am in the process of testing Samba 3.0.23a with our own passdb plugin. ... $ net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege ... Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED) rpc command function failed! (NT_STATUS_ACCESS_DENIED) return code = 1 - What could be causing this error? The only thing that catches my eyes is the following ... lsa_io_sec_qos: length c does not match size 8 I think you need to look at the server logs and not the client logs to debug this. I'm pretty sure this error message is not the problem though. To fix this problem I had to create my own rid_algorithm, (*pdb_method)-rid_algorithm = pdb_udb_rid_algorithm; which returned false and also fix some of my own coding errors. Just one last question in regards to rid_algorithm can I assume the following? return False if we don't generate our own rid - let Samba handle return True if we generate our own rid - let our rid function handle Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] troubleshooting a custom passdb module
Greetings, Is there any tips/docs on trouble shooting a custom passdb module? The module compiles and can be loaded without problems I can even access shares with my username and password. When I try to assign privilages so our tech members can join computer to the domain, I get a error message. Even with level 10 dumps it is hard to see where the problem is. Our user database contains all the normal UNIX account info, uid, gid, etc. When it comes to Samba it our user database only contain LMHASH and NTHASH. What are the miminal fuctions I should provide to passdb, currently I have: (*pdb_method)-setsampwent = pdb_udb_setsampwent; (*pdb_method)-endsampwent = pdb_udb_endsampwent; (*pdb_method)-getsampwent = pdb_udb_getsampwent; (*pdb_method)-getsampwnam = pdb_udb_getsampwnam; (*pdb_method)-getsampwsid = pdb_udb_getsampwsid; (*pdb_method)-add_sam_account = pdb_udb_add_sam_account; (*pdb_method)-update_sam_account = pdb_udb_update_sam_account; (*pdb_method)-delete_sam_account = pdb_udb_delete_sam_account; (*pdb_method)-rid_algorithm = pdb_udb_rid_algorithm; pdb_udb_rid_algorithm just returns true like pdb_smbpasswd.c and pdb_udb_getsampwsid returns NT_STATUS_NOT_IMPLEMENTED. Any tips or ideas out there? Here is the error message.. net -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege Password: Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED) I use pdb_smbpasswd.c for idea, since our UDB and pdb_smbpasswd.c are basically doing the same thing, just one is file based and the other is network based. Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] rpc command function failed! (NT_STATUS_ACCESS_DENIED) trying to grant privileges - 3.0.23a
Greetings, I am in the process of testing Samba 3.0.23a with our own passdb plugin. As part of mytesting I am trying to join the domin so here are the steps I take... 1 - get local sid /usr/local/samba/bin/net getlocalsid SID for domain JAZZY is: S-1-5-21-1016995387-3159270912-1426853295 2 - create group mappings [EMAIL PROTECTED] ~]$ /usr/local/samba/bin/net groupmap list Domain Users (S-1-5-21-1016995387-3159270912-1426853295-513) - users Domain Admins (S-1-5-21-1016995387-3159270912-1426853295-512) - tech Domain Guests (S-1-5-21-1016995387-3159270912-1426853295-514) - nobody [EMAIL PROTECTED] ~]$ 3 - Assign privileges to tech group so they can join machines to the domain. net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege [EMAIL PROTECTED] sbin]$ /usr/local/samba/bin/net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege [2006/07/25 11:37:50, 3] param/loadparm.c:lp_load(4945) lp_load: refreshing parameters [2006/07/25 11:37:50, 3] param/loadparm.c:init_globals(1410) Initialising global parameters [2006/07/25 11:37:50, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file /usr/local/samba/lib/smb.conf [2006/07/25 11:37:50, 3] param/loadparm.c:do_section(3687) Processing section [global] [2006/07/25 11:37:50, 1] param/loadparm.c:lp_do_parameter(3426) WARNING: The printer admin option is deprecated [2006/07/25 11:37:50, 2] lib/interface.c:add_interface(81) added interface ip=130.xx.xx.xx bcast=130.xx.xx.xx nmask=255.255.255.0 [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_lmhosts(939) resolve_lmhosts: Attempting lmhosts lookup for name JAZZY0x20 [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(836) resolve_wins: Attempting wins lookup for name JAZZY0x20 [2006/07/25 11:37:50, 3] libsmb/namequery.c:resolve_wins(875) resolve_wins: using WINS server 130.xx.xx.xx and tag '*' [2006/07/25 11:37:50, 2] libsmb/namequery.c:name_query(577) Got a positive name query response from 130.xx.xx.xx ( 130.xx.xx.xx ) Password: [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_start_connection(1417) Connecting to host=JAZZY [2006/07/25 11:38:00, 3] lib/util_sock.c:open_socket_out(874) Connecting to 130.xx.xx.xx at port 445 [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(723) Doing spnego session setup (blob length=58) [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(748) got OID=1 3 6 1 4 1 311 2 2 10 [2006/07/25 11:38:00, 3] libsmb/cliconnect.c:cli_session_setup_spnego(757) got principal=NONE [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(941) Got challenge flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60890215 [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(963) NTLMSSP: Set final flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/07/25 11:38:00, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338) NTLMSSP Sign/Seal - Initialising with flags: [2006/07/25 11:38:00, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63) Got NTLMSSP neg_flags=0x60080215 [2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7622 bind request returned ok. [2006/07/25 11:38:00, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine JAZZY pipe \lsarpc fnum 0x7623 bind request returned ok. [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED) [2006/07/25 11:38:00, 1] utils/net_rpc.c:run_rpc_command(170) rpc command function failed! (NT_STATUS_ACCESS_DENIED) [2006/07/25 11:38:00, 2] utils/net.c:main(988) return code = 1 - What could be causing this error? The only thing that catches my eyes is the following [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 [2006/07/25 11:38:00, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 Anyone have any pointers ? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] rpc command function failed! (NT_STATUS_ACCESS_DENIED) trying to grant privileges - 3.0.23a
On Tue, Jul 25, 2006 at 12:37:43PM -0500, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: Greetings, I am in the process of testing Samba 3.0.23a with our own passdb plugin. ... $ net -d 3 -S JAZZY rpc rights grant 'JAZZY\tech' SeMachineAccountPrivilege ... Failed to grant privileges for JAZZY\tech (NT_STATUS_ACCESS_DENIED) rpc command function failed! (NT_STATUS_ACCESS_DENIED) return code = 1 - What could be causing this error? The only thing that catches my eyes is the following ... lsa_io_sec_qos: length c does not match size 8 I think you need to look at the server logs and not the client logs to debug this. I'm pretty sure this error message is not the problem though. cheers, jerry = I wonder if this is the cause of my problem. I see Samba is trying to see if the group exists with a getsampwnam() call, but a check of 3.0.20a shows the same behaviour, and the same results (user does not exist), but I can still assign rights. Does 3.0.23a need a successfult lookup of a group name to assign rights? [2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(540) pdb_udb_getsampwnam: search by name: [tech] [2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(575) pdb_udb_getsampwnam: search key: [tech:user] [2006/07/25 15:07:11, 2] pdb_udb.c:udb_cmd(133) udb_cmd: sending: udb get tech:user name [2006/07/25 15:07:11, 2] pdb_udb.c:udb_cmd(144) udb_cmd: result: error record tech:user does not exist [2006/07/25 15:07:11, 0] pdb_udb.c:udb_to_sam(314) udb_to_sam: record [tech:user] does not exist [2006/07/25 15:07:11, 5] pdb_udb.c:pdb_udb_getsampwnam(580) pdb_udb_getsampwnam: unable to locate user [tech] Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.23 - smbd + custom passdb panics when there is no root user
] lib/fault.c:fault_report(41) === [2006/07/13 11:08:44, 0] lib/fault.c:fault_report(42) INTERNAL ERROR: Signal 11 in pid 17610 (3.0.23) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/07/13 11:08:44, 0] lib/fault.c:fault_report(44) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/07/13 11:08:44, 0] lib/fault.c:fault_report(45) === [2006/07/13 11:08:44, 0] lib/util.c:smb_panic(1592) PANIC (pid 17610): internal error [2006/07/13 11:08:44, 0] lib/util.c:log_stack_trace(1699) BACKTRACE: 12 stack frames: #0 ./smbd(log_stack_trace+0x26) [0xb7f10959] #1 ./smbd(smb_panic+0x76) [0xb7f107e4] #2 ./smbd [0xb7efebb0] #3 ./smbd [0xb7efebbe] #4 /lib/tls/libc.so.6 [0xb7bd38e8] #5 ./smbd(uid_to_sid+0x125) [0xb7eecddc] #6 ./smbd(get_root_nt_token+0xae) [0xb7f4b440] #7 ./smbd(svcctl_init_keys+0x34) [0xb7e49bc3] #8 ./smbd(init_registry+0xcd) [0xb7f7ae5d] #9 ./smbd(main+0x647) [0xb7f88591] #10 /lib/tls/libc.so.6(__libc_start_main+0xd3) [0xb7bc0e23] #11 ./smbd [0xb7d95f79] [2006/07/13 11:08:44, 0] lib/fault.c:dump_core(173) dumping core in /usr/local/samba/var/cores/smbd -- Paul Griffith |York University, Dept. of Computer Science Engineering CSE Technical Team|4700 Keele Street, Toronto, Ontario, Canada M3J 1P3 [EMAIL PROTECTED] |CSE1003A|Phone: 416-736-2100 x70258|Fax: 416-736-5872 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] updated samba-3.0.23/examples/pdb/test.c
See attached samba-3.0.23/examples/pdb/test.c which actually compiles. /* * Test password backend for samba * Copyright (C) Jelmer Vernooij 2002 * * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License as published by the Free * Software Foundation; either version 2 of the License, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for * more details. * * You should have received a copy of the GNU General Public License along with * this program; if not, write to the Free Software Foundation, Inc., 675 * Mass Ave, Cambridge, MA 02139, USA. */ #include includes.h static int testsam_debug_level = DBGC_ALL; #undef DBGC_CLASS #define DBGC_CLASS testsam_debug_level /*** Start enumeration of the passwd list. / static NTSTATUS testsam_setsampwent(struct pdb_methods *methods, BOOL update, uint32 acb_mask) { DEBUG(10, (testsam_setsampwent called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /*** End enumeration of the passwd list. / static void testsam_endsampwent(struct pdb_methods *methods) { DEBUG(10, (testsam_endsampwent called\n)); } /* Get one struct samu from the list (next in line) */ static NTSTATUS testsam_getsampwent(struct pdb_methods *methods, struct samu *user) { DEBUG(10, (testsam_getsampwent called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /** Lookup a name in the SAM database **/ static NTSTATUS testsam_getsampwnam (struct pdb_methods *methods, struct samu *user, const char *sname) { DEBUG(10, (testsam_getsampwnam called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /*** Search by sid **/ static NTSTATUS testsam_getsampwsid (struct pdb_methods *methods, struct samu *user, const DOM_SID *sid) { DEBUG(10, (testsam_getsampwsid called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /*** Delete a struct samu / static NTSTATUS testsam_delete_sam_account(struct pdb_methods *methods, struct samu *sam_pass) { DEBUG(10, (testsam_delete_sam_account called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /*** Modifies an existing struct samu / static NTSTATUS testsam_update_sam_account (struct pdb_methods *methods, struct samu *newpwd) { DEBUG(10, (testsam_update_sam_account called\n)); return NT_STATUS_NOT_IMPLEMENTED; } /*** Adds an existing struct samu / static NTSTATUS testsam_add_sam_account (struct pdb_methods *methods, struct samu *newpwd) { DEBUG(10, (testsam_add_sam_account called\n)); return NT_STATUS_NOT_IMPLEMENTED; } NTSTATUS testsam_init(struct pdb_methods **pdb_method, const char *location) { NTSTATUS nt_status; if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) { return nt_status; } (*pdb_method)-name = testsam; /* Functions your pdb module doesn't provide should not be set, make_pdb_methods() already provide suitable defaults for missing functions */ (*pdb_method)-setsampwent = testsam_setsampwent; (*pdb_method)-endsampwent = testsam_endsampwent; (*pdb_method)-getsampwent = testsam_getsampwent; (*pdb_method)-getsampwnam = testsam_getsampwnam; (*pdb_method)-getsampwsid = testsam_getsampwsid; (*pdb_method)-add_sam_account = testsam_add_sam_account; (*pdb_method)-update_sam_account = testsam_update_sam_account; (*pdb_method)-delete_sam_account = testsam_delete_sam_account; testsam_debug_level = debug_add_class(testsam); if (testsam_debug_level == -1) { testsam_debug_level = DBGC_ALL; DEBUG(0,
Re: [Samba] trouble printing from Win9x clients
Here is a long shot in the dark... Are you printers configured to print to spooler first then print ? What does your print command look like? Thanks Paul On Tue, Nov 29, 2005 at 02:11:03PM -0800, Patrick Carney wrote: Hi, We are on an Windows based LAN using Samba file and print servers. Our print server is CUPS. What is happening is that the workstations running Win98se get locked up when trying to print to networked printers. Whenever this happens, From my XP client, I can open up the networked printer and see like 600 - 1000 past printjobs with pcguest as the user. I have to delete all of these jobs from my XP client and then go back and to the 98se workstation and the user can print fine. Has anyone heard of this before? thanks Patrick -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How does Samba handle unexpected disconnects?
Thanks for taking the time to look into this issue. This issue has been a tough one to solve. On Mon, Oct 31, 2005 at 10:29:13PM +1100, Andrew Bartlett wrote: On Thu, 2005-10-27 at 09:55 -0400, Paul Griffith wrote: I can reproduce this error like clock work! The network capture should be in your mailbox. I can't tell if this is a network harware or software problem It is hard to tell anything from an the un-annotated network capture. I was hoping something might stick out... I probably won't chase this any further, but as a suggestion on how to read the captures, I often capture in ethereal with 'update packets in real time', and note the packet sequence number when error messages (or success) appears on the client. You can then start comparing, and looking for 'last error packet' etc. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How does Samba handle unexpected disconnects?
I can reproduce this error like clock work! The network capture should be in your mailbox. I can't tell if this is a network harware or software problem Thanks Paul On Thu, Oct 27, 2005 at 10:35:22AM +1000, Andrew Bartlett wrote: On Wed, 2005-10-26 at 09:39 -0400, Paul Griffith wrote: Greetings, I have been looking for infomation on how Samba handle rude disconnects. Here is the test #1 - Login to Samba hosted Domain #2 - Turn off the computer; Turn the computer back on #3 - goto to step #1 and repeat Now at some point my login should fail...right? It shouldn't. If I try the above steps, after the 5-6th power off I get '' Domain not found! That's odd. Do you have a network trace? Questions Does Samba kill the connection after the dead time has been reached assuming deadtime has been set? Yes, but if you have rebooted the client then the OS may get to it first. Does the OS timeout the TCP connnection and kill the connection ? Do these zombie connections limit or effect new connections? The only effect these connections have is that they may still hold locks, and we have been chasing some behaviour issues where a client that is still live reconnects, but the old connection has the locks. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc.http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] How does Samba handle unexpected disconnects?
Greetings, I have been looking for infomation on how Samba handle rude disconnects. Here is the test #1 - Login to Samba hosted Domain #2 - Turn off the computer; Turn the computer back on #3 - goto to step #1 and repeat Now at some point my login should fail...right? If I try the above steps, after the 5-6th power off I get '' Domain not found! Questions Does Samba kill the connection after the dead time has been reached assuming deadtime has been set? Does the OS timeout the TCP connnection and kill the connection ? Do these zombie connections limit or effect new connections? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] 3.0.20a nmbd/wins problems - can't find domain
Greetings, Our setup: Xeon 2x2.8Ghz/2GB RAM Red Hat Linux release 7.3 (Valhalla) Kernel 2.4.29 on an i686 multihomed - 5 subnets, samba operates only on 4 firewalled Samba: v3.0.20a Clients: Windows XP SP2 fully patched; MacOS X 10.3/10.4 We are having intermittent problems with nmbd/wins. At one point our admin users couldn't logon for upto 2 hours. When any of our user login into the domain they *may* get the eror message stating that the domain is not available. Here are the steps we have taken to try to solve this problem 1 - move Samba from xinetd to standalone startup script 2 - update Samba from 3.0.11 to 3.0.20a 3 - open up firewall to allow udp ports 137-139;445 from our 4 subnets 4 - tested against a fully unpatched WinXP SP2 client to see if it was a MS patch All the above steps failed :-( How we can reproduce the error... 1 - login to domain 2 - turn off computer, not log off 3 - login into domain when the login screen appears 4 - goto step 2 and repeat until domain login fails (about 2-3 times) Using etherreal we have notice that the only difference between a good or bad session is.. bad session - client doesn't do anything with the NB name query and goes to DNS to find the IP of the server that handles the CSYORKUCA domain. We dont't have the netbios name in our DNS good session - client doesn't goto dns, it works with the NB name query and talks to the server that handles the CSYORKUCA domain. In the past we had never put the 'netbios name' into the DNS. I was under the impression that netios wasn't routable? How would this work with 4 subnets? Any advice Thanks Paul ---smb.conf--- [global] display charset = ascii workgroup = CSYORKUCA netbios name = PCSERVER netbios aliases = SILVER server string = CS Samba %v Server interfaces = 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0, 130.63.xx.xx/255.255.255.0 bind interfaces only = Yes passdb backend = pdb_udb enable privileges = Yes passwd program = /cs/local/lib/udb/smbchange %u passwd chat = . %n\n username map = /cs/local/share/samba/usermap unix password sync = Yes client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No log level = 2 max log size = 0 deadtime = 3 printcap name = /cs/local/share/LPRng/printcap logon script = default.bat logon path = logon home = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes invalid users = root inherit permissions = Yes hosts allow = 127.0.0.1/24, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xxx.0/255.255.255.0, 130.63.xx.0/255.255.255.0, 130.63.xx.91/255.255.255.0, 130.63.xx.200/255.255.255.0 print command = /cs/local/bin/lpr -b -P%p %s ; rm -f %s lpq command = /cs/local/bin/lpq -P%p lprm command = /cs/local/bin/lprm -P%p %j use client driver = Yes oplocks = No level2 oplocks = No [netlogon] path = /cs/local/share/samba/netlogon [homes] comment = Home Directories valid users = %S read only = No csc policy = disable [printers] comment = All Printers path = /tmp create mask = 0700 printable = Yes browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba/Firewall issues?
The setting are local master = yes domain master = yes perferred master = yes One side affect I am seeing in users are getting xxx domain not available error messages. I am also going to try to pull smbd/nmbd out of xinetd and run them in standalone mode. We are also running a very old dist. of Linux (Redhat v7.3 with a newer kernel) Still debugging this problem! Thanks Paul On Wed, Oct 12, 2005 at 04:46:25PM +0100, Mark Waterhouse - Mailing Lists wrote: Paul Can you confirm what your settings for local master, domain master and preferred master are? You should find these in /etc/smb.conf Mark - Original Message - Greetings, I am running into *possible* Samba/Firewall issues. Our Samba v3.0.11 server is also running iptables. In our log.nmbd file we have noticed the following: [2005/09/27 15:43:41, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 15:50:21, 0] libsmb/nmblib.c:send_udp(790) Packet send failed to 130.xx.xx.xx(138) ERRNO=Operation not permitted [2005/09/27 14:07:57, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (No route to host) [2005/09/27 14:12:51, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 14:23:04, 1] libsmb/cliconnect.c:cli_connect(1313) A search turned up the following: http://seclists.org/lists/bugtraq/2001/Mar/0285.html Obviously, the netfilter nat code breaks nmap while using the -O flag or using decoy options. The (sendto in send_tcp_raw: sendto) error is a symptom of this. It also breaks other packet shaping utilities such as hping, etc., so this does not appear to be an nmap problem. I don't believe the connection tracking portion of netfilter is to blame in this case. In my tests the connection tracking code, whether it was loaded as a module or built statically into the kernel, didn't seem to get in the way. The cause of the 'sendto..' errors seems to be caused solely by the iptable_nat.o module(which is huge, of course). Once you load that one, or build it into the kernel, nmap -O no worky. Without it, nmap/hping/everything works just peachy. Best Regards, Steve - Now I have removed iptable_nat with rmmod but I am still seeing errors. For our end users the error shows up as Domain not found. Anyone see these errors before ?? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain cannot be contacted
Did you ever resolved your problem? On Mon, Oct 17, 2005 at 06:45:39PM +, Matt Pruett wrote: I have setup two samba domain controllers, both have basicly the same configs and use the same ldap database backend. Often however when logging in users will get a domain cannot be contacted error, attempting to login multiple times will eventually get them in and it will work fine from then on. The question is, is there anything else I really need to do to make this work correctly? Why would this error be occuring only some of the time? I can generally join the domain fine, and browse / access the shares on both servers. So I am wondering if I missed something, like something I need to add to the config so the two servers know they are both DC's? The goal is to be able to at least log in with only one of the two up. And suggested reading on this subject? any ideas? Thanks :) -- Matt Pruett [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba/Firewall issues?
Greetings, I am running into *possible* Samba/Firewall issues. Our Samba v3.0.11 server is also running iptables. In our log.nmbd file we have noticed the following: [2005/09/27 15:43:41, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 15:50:21, 0] libsmb/nmblib.c:send_udp(790) Packet send failed to 130.xx.xx.xx(138) ERRNO=Operation not permitted [2005/09/27 14:07:57, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (No route to host) [2005/09/27 14:12:51, 1] libsmb/cliconnect.c:cli_connect(1313) Error connecting to 130.xx.xx.xx (Connection refused) [2005/09/27 14:23:04, 1] libsmb/cliconnect.c:cli_connect(1313) A search turned up the following: http://seclists.org/lists/bugtraq/2001/Mar/0285.html Obviously, the netfilter nat code breaks nmap while using the -O flag or using decoy options. The (sendto in send_tcp_raw: sendto) error is a symptom of this. It also breaks other packet shaping utilities such as hping, etc., so this does not appear to be an nmap problem. I don't believe the connection tracking portion of netfilter is to blame in this case. In my tests the connection tracking code, whether it was loaded as a module or built statically into the kernel, didn't seem to get in the way. The cause of the 'sendto..' errors seems to be caused solely by the iptable_nat.o module(which is huge, of course). Once you load that one, or build it into the kernel, nmap -O no worky. Without it, nmap/hping/everything works just peachy. Best Regards, Steve - Now I have removed iptable_nat with rmmod but I am still seeing errors. For our end users the error shows up as Domain not found. Anyone see these errors before ?? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Solved] Re: [Samba] Samba closing printer prematurely?
Greetings, In the driver settings page I set the option print directly to printer and *not* to spool the print jobs. Problem solved. Thanks Paul On Tue, Sep 20, 2005 at 03:09:19PM -0400, Paul Griffith wrote: Greetings Samba Users, I have a strange issue. Adobe Reader can't print to a Samba printer. It would be funny except it is happening to me Adobe Reader can't print PDF files to a true Adobe PS3 printer but GhostView can print PDF files without any problems. The printer in question is a Ricoh Aficio AP4510. I tried Samba v3.0.11 and v3.0.20 and I get the same result, no printer output. As a member of the Domain Admin group I can print from AcroReader without any problems. All other users can't printsounds like a permission problem. Using FileMon from SysInternal I see spoolsv.exe returning a ACCESS DENIED error. A ethereal dump shows communications between the client and the Samba Server. A level 4 debug level from Samba shows: [2005/09/20 14:31:16, 3] smbd/reply.c:reply_printopen(3535) openprint fd=5 fnum=9756 [2005/09/20 14:31:16, 3] smbd/process.c:process_smb(1114) Transaction 566 of length 41 [2005/09/20 14:31:16, 3] smbd/process.c:switch_message(900) switch message SMBsplclose (pid 758) conn 0x8311a10 [2005/09/20 14:31:16, 4] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/09/20 14:31:16, 3] smbd/reply.c:reply_printclose(3561) printclose fd=5 fnum=9756 Seem like Samba is opening and closing the printer connection at the same timem, so nothing is getting down the pipe. Anyone have any tips, ideas I can try? As I said this problem is only with AcroReader v7.0.3 on a fully patched WinXP2 box. Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Paul Griffith | York University, Dept. of Computer Science Engineering CSE Technical Team| 4700 Keele Street, Toronto, Ontario, Canada M3J 1P3 [EMAIL PROTECTED] | CSE 1003A | Phone: 416-736-2100 x70258 | Fax: 416-736-5872 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba closing printer prematurely?
Greetings Samba Users, I have a strange issue. Adobe Reader can't print to a Samba printer. It would be funny except it is happening to me Adobe Reader can't print PDF files to a true Adobe PS3 printer but GhostView can print PDF files without any problems. The printer in question is a Ricoh Aficio AP4510. I tried Samba v3.0.11 and v3.0.20 and I get the same result, no printer output. As a member of the Domain Admin group I can print from AcroReader without any problems. All other users can't printsounds like a permission problem. Using FileMon from SysInternal I see spoolsv.exe returning a ACCESS DENIED error. A ethereal dump shows communications between the client and the Samba Server. A level 4 debug level from Samba shows: [2005/09/20 14:31:16, 3] smbd/reply.c:reply_printopen(3535) openprint fd=5 fnum=9756 [2005/09/20 14:31:16, 3] smbd/process.c:process_smb(1114) Transaction 566 of length 41 [2005/09/20 14:31:16, 3] smbd/process.c:switch_message(900) switch message SMBsplclose (pid 758) conn 0x8311a10 [2005/09/20 14:31:16, 4] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/09/20 14:31:16, 3] smbd/reply.c:reply_printclose(3561) printclose fd=5 fnum=9756 Seem like Samba is opening and closing the printer connection at the same timem, so nothing is getting down the pipe. Anyone have any tips, ideas I can try? As I said this problem is only with AcroReader v7.0.3 on a fully patched WinXP2 box. Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] any known issue with printing from MS Access ?
On Sun, Sep 18, 2005 at 04:20:07PM -0500, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ilia Chipitsine wrote: | MS Access is known to have issues with certain drivers | if they have not been initialized on the server properly. | | | so, MS Access wants something from samba which it | cannot do at all ? No. But I think you both need to re-read the documentation on printing in the Samba-HOWTO0-Collection to really understand what a non-initialized driver is. If you have read that and it still doesn't make sense, then I will try to clarify. cheers, jerry Sounds like a problem I am having with Adobe Reader v7. Every other program can print to our Ricoh printer, but the way AcroReader calls spoolsv.exe results in a ACCESS DENIED error code on \\pcserver\printer_name So I will re-read the documentation on printing in the Samba-HOWTO0-Collection. Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] creating local Windows users with Samba username/passwords?
Greetings, I have a little project I am working on. I need to provide a IIS server hosting ASP.NET pages for a new course. Since users will be ftping their files to their web home on the IIS server I would like them to have the same Linux and Windows password. So the question is it possible to export users/password from Samba and have them created (imported) on Windows with the same password? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Gigabit Throughput too low
Greetings, Can you post more info on your setup, i.e - configuration of machine, etc I am also looking into Linux network stack tweaks. I have seen my tweaks posted for GigE, but you have to be careful. You may actually get a lower throughput. For example: sysctl -w net.ipv4.tcp_mem='8388608 8388608 8388608' This tell your kernel it can use 8388608 pages ( a page is 4K on the Intel platform) for all your TCP currently in use. so (8388608 * 4096)/1048576 = 32768MB Take a look at: http://ipsysctl-tutorial.frozentux.net/ipsysctl-tutorial.html On Fri, May 13, 2005 at 12:06:29PM -0500, Duncan, Brian M. wrote: Hi I was wondering if you ever got better performance out of your Gigabit/IDE/Fc2? I am facing a similar situation. I am running FC2 with Samba 3.x My problem lies in not that I am limited to 10 MBytes per second sustained. I think it's related to this pdflush and how it's buffers are setup. (I have been doing some research and before 2.6 kernels bdflush was the method that was used and it was tweakable. Have yet to find anything on HOW to tweak pdflush. My issue is that I can copy over the network at 15+ MBytes per second but then after a few minutes it will drop to 4-8 MBytes per second. Yet a drive to drive copy on the linux box itself can sustain 14+ MBytes per second on the same size file. (4+ gigs) While I watch a Top when the network copying is going on PDFlush is bouncing around with Samba, not sure what is going on. Was curious if you had improved your situation, and if you did what you did. BTW here are some tweaks for network stack related stuff for Gig. sysctl -w net.core.rmem_max=8388608 sysctl -w net.core.wmem_max=8388608 sysctl -w net.core.rmem_default=65536 sysctl -w net.core.wmem_default=65536 sysctl -w net.ipv4.tcp_rmem='4096 87380 8388608' sysctl -w net.ipv4.tcp_wmem='4096 65536 8388608' sysctl -w net.ipv4.tcp_mem='8388608 8388608 8388608' sysctl -w net.ipv4.route.flush=1 Brian M. Duncan Katten Muchin Rosenman LLP 525 West Monroe Street Chicago IL 60661-3693 312-577-8045 [EMAIL PROTECTED] === Important: This electronic mail message and any attached files contain information intended for the exclusive use of the individual or entity to whom it is addressed and may contain information that is proprietary, privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information may be subject to legal restriction or sanction. Please notify the sender, by electronic mail or telephone, of any unintended recipients and delete the original message without making any copies. NOTIFICATION: Katten Muchin Rosenman LLP is an Illinois limited liability partnership that has elected to be governed by the Illinois Uniform Partnership Act (1997). === -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Slow printing on Windows XP SP2 -- no solution?
Try the following. Thank you for choosing Online Support for your Microsoft Technical Support offering. My name is Amy and I will be assisting you with this service request. For your reference, the Case ID of this service request is SRxxx. In your case log, you've indicated that you have installed Service Pack 2. However, when trying to print from a network printer, the printer preference box and setup dialog box take a long time to load and then, the print slows down. We shall be working to resolve this specific issue through the course of the case. If I have misunderstood your concern, please let me know. Before we go further, I would like to explain that the solution mentioned in the KB329234 has been included in the installation of Service Pack 2. That is to say, if the problem occurs after installation Service Pack 2, it can be caused by different factor. According to my experience, I suggest that we perform the steps below to add this network printer to the local port of this SP2 computer and resolve the issue. Let's now follow the steps to create a local printer, and then redirect the port to the network server. 1. Click Start, click Control Panel and open Printers and Faxes. 2. In the left column, please choose Add A Printer. 3. Click Next and choose Local Printer attached to this computer and click Next. 4. The printer wizard will search the printer and it will prompt you that it cannot find a plug and play printer. Please click Next 5. Click to choose Create a new port and choose Local Port; click Next button. 6. Type in the server and printer name for the printer in \\ServerName\PrinterName syntax in the pop up open box. Click OK. 7. Use the new port for the local printer. If you are prompted for a password, there may not be a field in Windows XP in which to enter a password. Reset the password on the destination computer to be blank. Restart the computer and test if our printer issue has been resolved. On Thu, Feb 10, 2005 at 08:10:13PM +, Eddy wrote: I browsed through some posts about this issue which I've been struggling with for a long time now. Why is there no solution? I think this issue has been discussed so many times (with no final solution) that I don't need to rewrite the symptoms and logs. Printer HP LaserJet 1100 with latest HP drivers. Smb 3.0.7 (also tried 3.0.12pre with no difference in printing time). This is what I hate about non-commercial software.. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
Greetings, We have home grown user management backend system, and I have ported our v2.2.x passdb over to v3 type plugin. I am able to access files and print using our backend. I am running into trouble joining PCs to the domain. I am assuming the primary problem is that our backend system doesn't have a 'root' user. I was hoping that assigning SeMachineAccountPrivilege to our tech members would be enough to allow our tech members to join computers to our domain. net rpc rights grant 'DOMAIN\paulg' SeMachineAccountPrivilege But I get prompted for a password and naturally if I don't enter a password I get. Could not connect to server 127.0.0.1 The username or password was not correct. Now as a test I did the following o disable our plugin and used sampasswd plugin o create Samba root user o assign SeMachineAccountPrivilege to myself o comment out sampasswd backend and enable our backend o I was now able to join the PC to our domain. So the question is it possible to gant rights without using the Samba root user? Any other suggestions? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
On Tue, Feb 08, 2005 at 01:08:31PM -0600, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: | Greetings, | | We have home grown user management backend system, | and I have ported our v2.2.x passdb over to v3 type plugin. | I am able to access files and print using our backend. | I am running into trouble joining PCs to the domain. | | I am assuming the primary problem is that our | backend system doesn't have a 'root' user. | | I was hoping that assigning SeMachineAccountPrivilege | to our tech members would be enough to allow our tech | members to join computers to our domain. | ... | | So the question is it possible to gant rights | without using the Samba root user? Any other suggestions? Paul, Create a group mapping for the Domain Admins group. E.g. net groupmap modify ntgroup=Domain Admins unixgroup=ntadmins now any member of the ntadmins unix group will be able to assign privileges. cheers, jerry Thanks, but still no go. 1 - I am now a member of ntadmins. % id uid=2381(paulg) gid=1000(tech) groups=1000(tech),512(ntadmins),5001(intern),11000(macadm),32000(tdb),32030(webapp),31002(wwwprism) 2 - as root I then did this: net groupmap modify ntgroup=Domain Admins unixgroup=ntadmins net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Admins (S-1-5-21-1048414848--xx-512) -ntadmins Domain Guests (S-1-5-21-1048414848--xx-514) - -1 Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-1048414848-xx-xx-513) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 3 - Now try to assign SeMachineAccountPrivilege to paulg net rpc rights grant 'PAULWG\paulg' SeMachineAccountPrivilege Password: [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] rpc_client/cli_pipe.c:rpc_api_pipe(435) cli_pipe: return critical error. Error was Call returned zero bytes (EOF) [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] rpc_client/cli_pipe.c:rpc_api_pipe(435) cli_pipe: return critical error. Error was Call returned zero bytes (EOF) Anymore tips or suggestions ? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Mysql Password Backend
Did you solve your password backend problem? I am an also having problems trying to load my own plug-in. It seems that Samba can't find the init function to initialize the plug-in. If you find anything please let me know. Thanks Paul On Thu, Jan 06, 2005 at 02:13:09PM +0800, Evan Oberholster wrote: Hi, I am trying to use the Mysql Password Backend for Samba and keep comming to this error. The Error: No builtin nor plugin backend for mysql found Loading mysql:mysql failed! The smb.conf: [global] passdb backend = mysql:mysql mysql:mysql database = samba mysql:mysql table = user Thanks, Evan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
2.2.8 fcntl F_SETLKW64 failing on Solaris 8
Hi! I am running into a problem with Samba 2.2.8 on Solaris 8. I didn't have this problem with 2.2.7a and my config file didn't change. What I notice is smbd process running iwth a high CPU usage. Normally they are below 1%. PID USERNAME THR PRI NICE SIZE RES STATETIMECPU COMMAND 11193 root 1 200 4800K 3256K cpu/3 929:36 23.25% smbd Sometimes I see two to three smbd process - each chewing up 20-25% each of the CPU, when I kill them they reappear after 2-3 days. If I do a truss on the process ID I see the following: fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 fcntl(11, F_SETLKW64, 0xFFBEEF38) = 0 going on forever and ever. I saw similar posting on samba-technical and the fix was for Samaba 2.2.3a was an updated brlock.c Here are the details: SunOS 5.8 Generic_108528-18 sun4u sparc SUNW,Ultra-4 and our smb.conf file ; CS Samba Configuration ; (run though testparm after changing to verify no errors) [global] dfree command = /cs/local/lib/samba/dfree netbios name = xxx netbios aliases = xxx xxx username map = /cs/local/share/samba/usermap debug level = 1 max log size = 0 max connections = 0 server string = CS Samba %v Server workgroup = CSYORKUCA encrypt passwords = yes security = user hosts allow = guest account = nobody invalid users = root printing = bsd printcap name = /cs/local/share/LPRng/printcap load printers = yes interfaces = wins support = yes domain master = yes local master = yes nt acl support = yes preferred master = yes os level = 65 domain logons = yes print command = /cs/local/bin/lpr -b -P%p %s ; rm -f %s lpq command = /cs/local/bin/lpq -P%p lprm command = /cs/local/bin/lprm -P%p %j ; create mask = 0700 unix password sync = true passwd chat = . %n\n passwd program = /cs/local/lib/udb/smbchange %u logon script = default.bat ; disable roaming profiles ; win2k clients didn't run default.bat when it was in a directory below netlogon. ; default.bat now is in netlogon directory. ;logon script = scripts/default.bat ;logon path = \\%N\profiles\%U ;logon drive = h: ;logon home = \\%L\%U logon path = logon drive = logon home = inherit permissions = yes ;use client driver = yes ;disable spoolss = yes [netlogon] path = /cs/local/share/samba/netlogon writeable = no guest ok = no mangle case = yes ; The 'valid users' line means that users can only access their own ; home directory and not the home directories of others. [homes] comment = Home Directories browseable = yes read only = no valid users = %S [printers] comment = All Printers browseable = yes printable = yes public = no writable = no create mode = 0700 path = /tmp