Re: [Samba] 300mbit/s smbclient vs. 500mbit/s iperf [Solved]
Hi, Original-Nachricht What smbclient is that? smbclient --version Version 3.0.33-3.29.el5_5.1 ... i admit that this is a littte old. i'll upgrade and rerun the tests. Yes, please do. For 3.2 there considerable work was done to tune the get/put commands. smbclient 3.3 reaches same throughput as iperf. thanks for your help. -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 300mbit/s smbclient vs. 500mbit/s iperf
Hi List, my samba server has a gigabit connection and in order to check if the performance is on par i ran two simple Tests: 1) sending data from samba server to client with iperf (tcp mode, standard parameters): The achievable datarate is constantly about 500mbit/s 2) Downloading files with smbclient, ramdisk to ramdisk: The achievable datarate is constantly about 300mbit/s As the samba server is not under load i wonder why smbclient is considerably slower than iperf (why iperf only makes 500mbit/s is another question though). Any ideas? Regards Werner -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 300mbit/s smbclient vs. 500mbit/s iperf
Original-Nachricht What smbclient is that? smbclient --version Version 3.0.33-3.29.el5_5.1 ... i admit that this is a littte old. i'll upgrade and rerun the tests. -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] winbind is not taking default domain
Similar Problem here: Since Upgrading to Sernet Samba 3.5.8 logging in without typing in the default domain does not work any more. Original-Nachricht Datum: Mon, 28 Mar 2011 16:34:19 +1300 Von: Marco Huang marco.hu...@auckland.ac.nz An: samba@lists.samba.org Betreff: [Samba] winbind is not taking default domain Hi, We have been running samba file server about 2 years without this problem. The problem appeared at the same time on our debian and centos servers. Not sure if it's related to any updates on our windows AD servers. Debian Squeeze sernet-samba-3.5.8-27 Centos 5.5 samba3-3.5.5-43.el5 Use Active Directory for user login authentication Use uid/gid from ldap The reason we still want winbind is for managing permissions from client end. Since last week, users failed on login with valid users = @staff until I stopped winbind. I found if I change to valid users = @ABC\staff, users can login, however the change can not resolve the problem of ACLs on the folders/files. Of cause, if I stop winbind, works ok - user can login, and following the current permissions, but we do need winbind for managing permissions from client end. # smb.conf [global] realm = ad.mydomain workgroup = ABC server string = %h server enable privileges = yes dns proxy = no netbios name = linfiles smb ports = 139 445 load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes log file = /var/log/samba/%U.log log level = 10 winbind:10 debug timestamp = yes max log size = 1000 syslog only = no syslog = 2 panic action = /usr/share/samba/panic-action %d security = ADS encrypt passwords = true obey pam restrictions = no invalid users = root unix extensions = no idmap backend = nss idmap config ABC : default = yes idmap config ABC : backend = nss idmap alloc backend = nss idmap cache time = 30 allow trusted domains = no socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=65536 SO_SNDBUF=65536 locking = yes strict locking = no posix locking = yes kernel oplocks = no oplocks = yes level2 oplocks = yes winbind trusted domains only = yes winbind use default domain = yes winbind enum users = no winbind enum groups = no winbind cache time = 3600 acl compatibility = auto [sit] comment = Shares browseable = yes writable = yes create mask = 0770 directory mask = 0770 acl group control = yes acl check permissions = True nt acl support = yes force directory security mode = 770 inherit permissions = yes inherit acls = yes inherit owner = no map acl inherit = yes path = /mnt/sit valid users = @staff # /etc/nsswitch.conf passwd: files ldap shadow: files group: files ldap # getent group staff returns group members with testuser. # wbinfo --own-domain ABC # Here are some logs from debug mode, winbind just trying to lookup domain LINFILES and Unix Group rather than ABC. [2011/03/25 12:43:50.645636, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid @staff does not start with 'S-'. [2011/03/25 12:43:50.645683, 5] smbd/password.c:423(user_in_netgroup) Unable to get default yp domain, let's try without specifying it [2011/03/25 12:43:50.645694, 5] smbd/password.c:430(user_in_netgroup) looking for user testuser of domain (ANY) in netgroup staff [2011/03/25 12:43:50.645733, 10] passdb/lookup_sid.c:69(lookup_name) lookup_name: LINFILES\staff = LINFILES (domain), staff (name) [2011/03/25 12:43:50.645744, 10] passdb/lookup_sid.c:70(lookup_name) lookup_name: flags = 0x077 [2011/03/25 12:43:50.645753, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2011/03/25 12:43:50.645764, 3] smbd/uid.c:429(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2011/03/25 12:43:50.645773, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2011/03/25 12:43:50.645783, 5] auth/token_util.c:525(debug_nt_user_token) NT user token: (NULL) [2011/03/25 12:43:50.645792, 5] auth/token_util.c:551(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2011/03/25 12:43:50.645825, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2011/03/25 12:43:50.645837, 10] passdb/lookup_sid.c:69(lookup_name) lookup_name: Unix Group\staff = Unix Group (domain), staff (name) [2011/03/25 12:43:50.645847, 10] passdb/lookup_sid.c:70(lookup_name) lookup_name: flags = 0x077 [2011/03/25 12:43:50.647804, 10] smbd/share_access.c:216(user_ok_token) User testuser not in 'valid users' [2011/03/25 12:43:50.647820, 2] smbd/service.c:598(create_connection_server_info) user 'testuser' (from session setup) not
Re: [Samba] new created files belong to root instead samba user
Thanks for your reply. Yes, anyone with the proper file and share permissions can do so. You really want to use the advanced settings dialog. Luckily working with the advanced settings dialogs seems to be working now. I wonder why the advanced settings dialog works, but permissions are not properly displayed on the security settings tab - is this normal? regards, Werner -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba winbind ignores local unix groups.
Hi, Original-Nachricht Why does samba+winbind ignore the local unix groups ? I have joined my samba server to Windows AD. I have configured a share with the values: [public_share] #Perms are 777 path= /home/pub_share comment = Public_Share writable= yes create mask = 775 directory mask = 775 browsable = yes valid users = @adgroup If I use a group from Windows AD, there is no problem accessing the share, but we do not want to add / change groups in AD, we need to add users to our local /etc/groups as access to Windows AD is very limited and we would rather control things on the linux side, and use the single sign on from AD for the users. i am not the best expert the mailing list has to offer, but i think when you are using ad and winbind you need group information locally and in ad + mapping between ad and local groups - otherwise you will step into various problems. alternatives are (1) switching off winbind (then samba falls back to local group information only) or (2) administer your local groups via ad rfc2307 schema extension + winbind + nsswitch. hth werner -- NEU: FreePhone - kostenlos mobil telefonieren und surfen! Jetzt informieren: http://www.gmx.net/de/go/freephone -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new created files belong to root instead samba user
Hi Chris, thanks for your reply. I run several samba servers and none use an admin users list. Rights/privileges, file permissions, acls, share permissions, etc. can avoid the need to use admin users. actually i have problems setting (and viewing) permissions via windows explorer. although i use admin users is is not possible to view the permissions in general - setting permissions works in some cases (in other cases a error message about wrong parameters shows up). Are you able to view and modify permissions via windows explorer and could you give me i a hint how i can get this working (without admin users)? Best regards Werner -- NEU: FreePhone - kostenlos mobil telefonieren und surfen! Jetzt informieren: http://www.gmx.net/de/go/freephone -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba howto: sticky bit on directories
Hi List, The Samba Howto Collection http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2611229 says: When the set user or group ID bit (s) is set on a directory, then all files created within it will be owned by the user and/or group whose `set user or group' bit is set. while i cannot repoduce this behavior the wikipedia says: http://en.wikipedia.org/wiki/Setuid#setuid_and_setgid_on_directories The setuid permission set on a directory is ignored on UNIX and Linux systems either there is an error in the howto, or maybe its just time for me to start the weekend ;-) regards Werner -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba howto: sticky bit on directories
... sorry wrong subject in previous post: setuid would have been correct ... -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] new created files belong to root instead samba user
Hi List, i just noticed, that files that are created by any samba user who is in the admin users list, belong to root in the unix filesystem. This is not what i want. Are there any other options to allow sb. else than the fileowner to change file permissions (via samba connection)? Werner -- GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit gratis Handy-Flat! http://portal.gmx.net/de/go/dsl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new created files belong to root instead samba user
Are you using force user or force group in your smb.conf? no, none of these options. -- Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] view share/folder/file permissions via Windows Explorer
Hi List, when i connect to my samba server (3.5) using windows explorer and view the security/permissions properties all checkboxes show up disabled - which is definitly the wrong information. What did i configure wrong / or is samba not able to tell a windows client about such permissions? Werner -- NEU: FreePhone - kostenlos mobil telefonieren und surfen! Jetzt informieren: http://www.gmx.net/de/go/freephone -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba