[Samba] smb_ldap_setup_connection failed with blank user Password
Hi, i have a succesfully PDC Setup on a Novell/Suse OES1 SP2 Server with eDirectory/LDAP and Samba Version 3.0.26a-0.7-1616-SUSE-SLES9. Only Problem is, a User with a blank Password can't be authenticated on a Domain Member Server (Users with Passwords doesn't have this Problem). A Samba Level 10 Log show me this: snip [2008/05/14 16:25:48, 9] passdb/passdb.c:pdb_update_autolock_flag(1418) pdb_update_autolock_flag: Account user not autolocked, no check needed [2008/05/14 16:25:48, 4] libsmb/ntlm_check.c:ntlm_password_check(326) ntlm_password_check: Checking NT MD4 password [2008/05/14 16:25:48, 5] passdb/pdb_nds.c:pdb_nds_update_login_attempts(770) pdb_nds_update_login_attempts: Successful login for user [2008/05/14 16:25:48, 3] passdb/pdb_nds.c:pdb_nds_update_login_attempts(797) pdb_nds_update_login_attempts: username user found dn 'cn=user,ou=stat,o=TKH' [2008/05/14 16:25:48, 5] passdb/pdb_nds.c:pdb_nds_get_password(677) NDS Universal Password retrieved for cn=user,ou=stat,o=TKH [2008/05/14 16:25:48, 10] lib/smbldap.c:smb_ldap_setup_conn(630) smb_ldap_setup_connection: ldaps://172.30.10.25:636 [2008/05/14 16:25:51, 5] passdb/pdb_nds.c:pdb_nds_update_login_attempts(825) pdb_nds_update_login_attempts: ldap_simple_bind_s Failed for user snip This one looks to be the Problem: smb_ldap_setup_connection: ldaps://172.30.10.25:636 What is the Problem? Is there a way to avoid this? Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
[EMAIL PROTECTED] wrote: [...] Is it a kind of Locking Problem? Ooh, good question, I'm not sure, and I'll try your oplocks settings. What exactly am I turning off, however, if I do that? Am I turning off file locking altogether? man smb.conf Oplock's tells the Windows Client he can cache the requestet file on local machine. Should the Client change the File (or another Client would do this) the Lock must released by the first Client, or Samba break's the Lock after a certain time he doesn't become the Lock back. When you take the Settings in your Share Section with the Database File, then this Settings work only on this Share. So helped this? What speed have a Filetransfer with ftp? What speed did you have with a Windows Server? Ok well along those lines, here's another thing that I've noticed since I first posted. I had been getting ~940Mb/s in iperf, so I didn't think it was a network or NIC specific issue. I was using mount -t cifs and rsync -a --stats --progress to gauge my speed, which is where I was Sorry, i didn't understand you. You have mounted from a different Linux Workstation this Share, or did you mount a Share from the Windows Workstation? getting the 20 MB/s speed statistics. However, copying large files through Windows Explorer from the Samba share results in 55-60 MB/s. So, I don't know if there's a problem with rsync, smbfs, or cifs or whatever, but it looks like actual file transfer speeds (whether on one large file or an entire directory) are pretty good. I wouldn't mind seeing closer to 100+ MB/s, but I guess at around 60 MB/s, that's a great start. NOW the problem is that whenever I actually OPEN a file from any of the Samba servers, it opens MUCH slower than on a comparable Windows server. A large Excel file, for example, takes 15 seconds to load instead of 6 seconds when loaded from the Windows server. A given FoxPro query takes 45-55 seconds to run over the Samba share as opposed to around 10-12 seconds over the network from the Windows server. Could this be related to the oplocks stuff you were talking about, or would this point to a completely different problem? What are the downsides to turning off these oplocks settings? Take a Test. The downsite can be a slower Access to other Files in the Share (*.exe or such). But when the generelly Test have a good Result, the you can turn the Locking off only for the *dbf or *xls Files. Example: [Database] comment = FoxPro Database path = /path/to/database veto oplock files = /*.dbf/ /*.xls/ Have you testet your Diskthrouput with bonnie (or such Tools)? Yes, and I'm getting at least 50-60 MB/s (probably now my bottleneck), although I've set up an SAS raid array that ought to get much faster than that, but doesn't - however that's a question for another mailing list! And without a RAID Array, only a Simple Disk? Maybe a Problem with the RAID Controller or your Bussystem? What Kind of Mainboard? What Bussystem, PCI (PCI-X should be much better for a huge Performance in a Gigabit Environment)? How long take a time dd count=100 bs=1024 if=/dev/zero of=/tmp/testfile? Thanks for your help! -BJ Quinn Your welcome -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Maximum samba file transfer speed on gigabit...
[EMAIL PROTECTED] wrote: What am I missing here? Is the overhead for Samba really that significant, or is there some setting I can change, or am I overlooking something else? What Version of Samba is running? Is it a kind of Locking Problem? Have you tried to use this settings in smb.conf (in the Share Section): oplocks = No level2 oplocks = No OR veto oplock files = /*.dbf/ In the Book Samba 3 by Examble is the following Tipp for WinNT/W2k/SP: Set HKLM\CurrentControlSet\Services\LanmanServer\Parameters EnableOplocks=dword: and HKLM\CurrentControlSet\Services\LanmanWorkstation\Parameters UseOpportunisticLocking=dword: What speed have a Filetransfer with ftp? Have you testet your Diskthrouput with bonnie (or such Tools)? What speed did you have with a Windows Server? Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon Problems with Samba 3.07 after password changes
Hallo Martin Rode, The whole thing happens since we have moved servers (new, but same Debian testing installation). /etc/samba was copied to the new server. Have you only copied /etc/samba ? Forgot to copied the /var/lib/samba/*tdb files ? Is it the same Samba Version ? Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] [EXPERIENCES] with OpenLDAP and Samba and Redundancy ???
Hello Buchan Milne, [..] No you don't, unless your slave is misconfigured. | e.g. a machine changes its machine password in Slave directory and can't logon anymore cause the password change isn't replicated on Master | It's password change attempt will fail. [...] Only if you've mis-configured it. Note that these questions don't really have anything to do with samba, you may want to ask on the openldap list. Sorry about when i ask too. But i think this on Topic on this List. The Question is: What happens in Samba when the Master LDAP Server ist down and a Change- Request for the Workstation-Machine-Account-Passwort comes? - Is it possible that a User can't Logon on this Workstation? - Or falls the Workstation out of the Domain? (Nevermore a Member of the Domain)? - When nothing happens, why is there a Mechanism for changes of Machine Passworts (Security, or what else)? - When i right understand, then is in this Szenario no Changes of Passwort's, LastLogonTime usw. possible, right? Thank You Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Crazy User Entry in W2k, Samba 3.0.2a-Debian, UID-SID Mapping damaged ?
Hi, i'am testing to setup a plain Samba PDC Domain. Now i habe the strange Problem, that the User Entry in Windows Security Dialog show different User that the underlying Samba Filesystem (XFS). In W2k is a User ACL called TKH\games, but such user isn't allow to do anything in the Filesystem, so what's going on ? Here some more Infos: debian:/var/log/samba# smbd -V Version 3.0.2a-Debian debian:/var/log/samba# ls -l /var/samba/ | grep test drwxrws---2 reissedv28 May 3 17:43 test debian:/var/log/samba# getfacl /var/samba/test/ getfacl: Removing leading '/' from absolute path names # file: var/samba/test # owner: reiss # group: edv user::rwx group::--- group:pflege:rwx mask::rwx other::--- default:user::rwx default:group::--- default:group:pflege:rwx default:mask::rwx default:other::--- debian:/var/log/samba# grep games /etc/passwd games:x:5:100:games:/usr/games:/bin/sh debian:/var/log/samba# net getlocalsid SID for domain DEBIAN is: S-1-5-21-521418629-2349234423-895658885 -- Why is the Domain not TKH (which is configured in smb.conf ?) debian:/var/log/samba# net groupmap list System Operators (S-1-5-32-549) - -1 reiss (S-1-5-21-521418629-2349234423-895658885-1001) - reiss Pflege (S-1-5-21-521418629-2349234423-895658885-1000) - pflege root (S-1-5-21-521418629-2349234423-895658885-1002) - root Domain Users (S-1-5-21-521418629-2349234423-895658885-513) - users Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 nogroup (S-1-5-21-521418629-2349234423-895658885-1008) - nogroup Domain Guests (S-1-5-21-521418629-2349234423-895658885-514) - nogroup Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Admins (S-1-5-21-521418629-2349234423-895658885-512) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 -- looks strange too !? Where comes the SID S-1-5-32-545 ? (some Lines deleted) debian:/var/log/samba# net user -l root password: User name Comment - games nobody root news postgres bin reiss operator [global] workgroup = TKH server string = %h server (Samba %v) obey pam restrictions = Yes passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 printcap name = cups add machine script = /usr/sbin/useradd -d /dev/null -g workstations -s /bin/false -c logon script = skripte\login.cmd logon path = \\%L\profiles\%U\%a logon drive = I: domain logons = Yes os level = 66 preferred master = Yes domain master = Yes wins server = 172.30.8.6 ldap ssl = no panic action = /usr/share/samba/panic-action %d printing = cups Windows 2000 Service Pack 4 I can't change the User Rigth's in Windows Security Dialog too (after reopen the Securitydialog the Right's resets everytime back to Original). Can you point me to the source of the Problem ? I think something going completly wrong. Can anybody help me ? Thank You Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] performance problem with samba in any version and small files
Hallo Pascal Hahn, I got big performance roblems in here with our big file server. We got a 2.4 ghz Intel xeon in there, 1 gb ram and 2 scsi hds in softraid 1 on an adaptec Adaptec ASC-29320 U320. The array is set up with standard ext3 system. We are running samba on it with our business softwares data on it. Its a program which uses lots of small and some bigger text files to store info in. When we work on the server with 4 persons we got about 1200 files locked abd being read. it isnt that much of data(per client about 50 mb transferred) but the speed is veery slow. I get about 10 mb/s from the raid in all which is nothing. I also got the samba process eating all 100 % of my cpu. I tried to move the files outside the raid but that didnt have any effect on the performance. Does anyone have an idea how i can speed up the performance? Is it possible that the locking slows down the performance so much? Have you the Chance to change the Filesystem (to reiser or xfs) ? These FS _should_ be better on a lot of Files in a Directory and Handling of that. Or play with the Options -R stripe=stripe_size and -J device=other_journal_device of mkfs.ext3. Hope it helps Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Viewing Properties of file marks it Read-Only?
Hallo Alan Walters, If I use Windows Explorer to right-click on any file (in the SAMBA Share) and view its Properties, the Unix privileges get changed from -rwxrwxr-x to -rwxr--r-- essentially making it Read-Only!! Even if I don't change anything and click CANCEL on the dialogue box? [M2KApps] comment = Manage-2000 Applications path = /roi valid users = awalters admin users = awalters hosts allow = 192.168.100.16 Maybe a Problem with the umask of user root of your system ? man smb.conf admin users (S) This is a list of users who will be granted administrative privileges on the share. This means that they will do all file operations as the super-user (root). So i thing the a umask (022 or so ?) of root should be the Cause of your Failure. Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba resolves wrong wins ip address
Hallo John Russell, berlioz:/home/jorussel# arp -a bxb2-bb-hsrp.cisco.com (161.44.79.1) at 00:00:0C:07:AC:01 [ether] on eth0 ? (161.44.79.176) at 00:02:8A:36:63:87 [ether] on eth0 ? (161.44.79.220) at 00:0C:29:46:EE:9A [ether] on eth0 berlioz:/home/jorussel# nmblookup jorussel-w2ks --vmware guest name querying jorussel-w2ks on 161.44.79.255 161.44.79.220 jorussel-w2ks00 berlioz:/home/jorussel# nmblookup mendelssohn --vmware host and machine 1 querying mendelssohn on 161.44.79.255 161.44.79.176 mendelssohn00 -- this is the CORRECT address. berlioz:/home/jorussel# ping mendelssohn PING mendelssohn (192.168.35.1) 56(84) bytes of data. -- this is the WRONG address AAGGH!! So what is ping doing? What happend's (ping mendelson) when you do the following ? remove wins entry in nsswitch.conf hosts: files dns When you use dhcp then you should dynamically update your DNS ! Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NT4 PDC and Samba 3 issues...
Hello Don Bivens, I can copy a small directory with a few small text files in it from the PDC to the Samba share. When I try to copy almost everything else from anywhere on the LAN to the Samba share it freezes up and the connection eventually times out. That sounds to me there will be a Problem with Full/Halfduplex-Setting of your NIC or Switch. Can you verify that ? Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Automatic Windows Patch Deployment autoit
Hallo rruegner, Hi, i tested autoit from samba netlogon and it works like charme for sure you have to be admin for several programs but you can start any install with run as funktion if desired. your service idea with firestarter seems to me a very good idea, i will include that in my thoughts to universal deployment. i think if more people would share to this problem a gnu deployment system like netinstall should be possible i wonder that there are not many projects about that Hmm, a cool Solution could be a port of the rpm or dpkg Packetsystem as a Windows Service with Admin Privilegs. So you have all the good things like in Linux like - Versioning - Dependens - pre/post Skripts and so on. Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Is there a way to enforce a single login domain wide
Hallo Douglas Phillipson, am Tue, Oct 14, 2003 at 02:07:13PM -0700 hast du folgendes geschrieben: I just tested the process/uid check theory. Upon initail login the new smbd process is owned by the user but with no activity on any shares it switches to being owned by root in a minute. I guess I could use a script to touch a file with the users login name or uid and just check for that upon login and remove it on logout... Anyone have any better ideas? No sure about this, but when you compiling Samba with wtmp/utmp Support than it should be ossible to look with 'who' who is online in with samba. Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question on Samba 2.2.1a
Hallo Jurzitza, Dieter, am Mon, Aug 18, 2003 at 09:24:59AM +0200 hast du folgendes geschrieben: we have a medium size network (~50 people) using samba for mainly fileserver purposes on a Sparc linux (SuSE linux 7.3, kernel 2.4.20) system. Every other time people face difficulties when copying files from the Novell or Windows network onto the samba shares. Let's say you want to copy a file called dummy.doc onto the samba drive. Then a file with that name is created at the target location, having 0 bytes. Then you are told (i. e. by explorer) that the file already exists (even though it did not before) and you are asked whether or not you would like to overwrite. If you say yes (overwrite), an errormessage appears that says that the file cannot be [...] Sorry for late response, but i had have exact the same Problem with a Debian Woody Samba Version. After Update to the latest Release of Samba from Samba.org the Problem is still go away ! So take a look to the latest Version of Samba. Greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba