from:"maorui"

[Samba] Can I reconfigure Samba share without restart smb service?

2004-04-30 Thread maorui

Everytime I add or remove some samba shares, I must restart smb service to
take effect.
Is there anyway to reconfig it without restart?



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] getent passwd cannot list win2k ADS users

2003-12-01 Thread maorui

I'm using RH9, and install Samba 3.0.0 by using rpm package.



I use following configure files.



/etc/samba/smb.conf:

[global]
workgroup = DOMAIN
realm = DOMAIN.COM
server string = Demo Samba Server
security = ADS
username map = /etc/samba/smbusers
log file = /var/log/samba/log.%m
max log size = 50
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = No
local master = No
domain master = No
dns proxy = No
idmap uid = 1-2
idmap gid = 1-2
template homedir = /home/windomain/%D/%U
template shell = /bin/bash
winbind separator = +


/etc/krb5.conf:

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log



[libdefaults]
 ticket_lifetime = 24000
 default_realm = DOMAIN.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false



[realms]
 DOMAIN.COM = {
  kdc = server.domain.com:88
  admin_server = server.domain.com:749
  default_domain = domain.com
 }



[domain_realm]
 .domain.com = DOMAIN.COM
 domain.com = DOMAIN.COM



[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf



[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }



/etc/nsswitch.conf:

passwd: files winbind
shadow: files
group:  files winbind

hosts:  files dns

bootparams: nisplus [NOTFOUND=return] files

ethers: files
netmasks:   files
networks:   files
protocols:  files
rpc:files
services:   files

netgroup:   files

publickey:  nisplus

automount:  files
aliases:files nisplus

And I update MIT Kerberos package by following steps:

1.
./configure --prefix=/usr/kerberos --localstatedir=/var/kerberos --enable-dn
s

2. make

3. make install



I entered command 'kinit administrator', and got no error message.



'klist -5' returned:

Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]



Valid starting ExpiresService principal
12/01/03 15:37:13  12/02/03 01:37:13  krbtgt/[EMAIL PROTECTED]
12/01/03 15:50:33  12/02/03 01:37:13  [EMAIL PROTECTED]

And commands

net ads join -S server.domain.com -U administrator

net rpc join -S server.domain.com -U administrator

worked fine.



I started winbindd. 'wbinfo -u'  'wbinfo -g' can get all users  groups
from domain.







But the command 'getent passwd' could only show local accounts, without any
domain mapped accounts inside.

And /home had no any home directory created.



Who can tell me which step I made a mistake?





--- Logs -

/var/log/samba/log.winbindd:

[2003/12/01 15:48:45, 1] nsswitch/winbindd.c:main(832)
  winbindd version 3.0.0 started.
  Copyright The Samba Team 2000-2003
[2003/12/01 15:48:46, 1] nsswitch/winbindd_util.c:add_trusted_domain(149)
  Added domain DOMAIN.COM
[2003/12/01 15:48:46, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/12/01 15:48:46, 1] nsswitch/winbindd_ads.c:ads_cached_connection(64)
  ads_connect for domain DOMAIN.COM failed: Operations error
[2003/12/01 15:48:46, 1] nsswitch/winbindd_util.c:init_domain_list(284)
  Could not fetch sid for our domain DOMAIN.COM
[2003/12/01 15:48:46, 1] nsswitch/winbindd_util.c:add_trusted_domains(206)
  scanning trusted domain list
[2003/12/01 15:48:46, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/12/01 15:49:07, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/12/01 15:49:07, 1] nsswitch/winbindd_ads.c:ads_cached_connection(64)
  ads_connect for domain DOMAIN.COM failed: Operations error
[2003/12/01 16:16:36, 1] nsswitch/winbindd.c:main(832)
  winbindd version 3.0.0 started.
  Copyright The Samba Team 2000-2003
[2003/12/01 16:16:36, 1] nsswitch/winbindd_util.c:add_trusted_domain(149)
  Added domain DOMAIN.COM
[2003/12/01 16:16:36, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/12/01 16:16:36, 1] nsswitch/winbindd_ads.c:ads_cached_connection(64)
  ads_connect for domain DOMAIN.COM failed: Operations error
[2003/12/01 16:16:36, 1] nsswitch/winbindd_util.c:init_domain_list(284)
  Could not fetch sid for our domain DOMAIN.COM
[2003/12/01 16:16:36, 1] nsswitch/winbindd_util.c:add_trusted_domains(206)
  scanning trusted domain list
[2003/12/01 16:16:36, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/12/01 16:16:46, 1]

[Samba] Auth problem?

2003-11-25 Thread maorui

When I connected Samba 3.0 as ADS Domain member, I always got error messages
as below.
Nov 25 18:10:12 maorui 11?? 25 18:10:12 smbd[11169]: [2003/11/25 18:10:12,
0] auth/auth_util.c:make_server_info_info3(1017)
Nov 25 18:10:12 maorui 11?? 25 18:10:12 smbd[11169]:
make_server_info_info3: pdb_init_sam failed!
And Windows client cannot show share list.

What's the error messages mean?




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Auth problem

2003-11-14 Thread maorui

Linuxbox with Samba 3.0 has been joined Win2k domain with command net ads
join  net rpc join.
winbindd  smbd  nmbd started successfully without any error messages. I
could use wbinfo -u  wbinfo -g to get domain user/group list.
But I cannot use genent passwd to get New mapped uid, it only returned
local linux accounts.

When I connected to Samba from Windows 2k/xp client, I got a error message -
'cannot found computer 192.168.0.227'.
And I got a lot error message in /var/log/messages:
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]: [2003/11/14 15:42:52, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:52 maorui 11?? 14 15:42:52 smbd[3960]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]: [2003/11/14 15:42:54, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3961]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]: [2003/11/14 15:42:54, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3962]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]: [2003/11/14 15:42:54, 0]
auth/auth_domain.c:check_trustdomain_security(367)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]:
check_trustdomain_security: could not fetch trust account password for
domain DOMAIN
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]: [2003/11/14 15:42:54, 0]
auth/auth_util.c:make_server_info_info3(1017)
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]:
make_server_info_info3: pdb_init_sam failed!
Nov 14 15:42:54 maorui 11?? 14 15:42:54 smbd[3963]: [2003

[Samba] winbind cannot run correctly

2003-11-11 Thread maorui

I modified /etc/nsswitch.conf, added winbind after passwd  group.
Also modified /etc/samba/smb.conf same as samba HOWTO collection's example.

The command net rpc join -S DOMAIN -U Administrator runned successfully,
and I could see my Linuxbox listed in ADS usercomputer management console.

But when I started winbindd, some error messages appeared in
/var/log/message:

Nov 11 16:39:50 maorui 11 Oct 16:39:50 winbindd[2801]: [2003/11/11 16:39:50,
0] libads/kerberos.c:ads_kinit_password(133)
Nov 11 16:39:50 maorui 11 Oct 16:39:50 winbindd[2801]:
kerberos_kinit_password HOST/[EMAIL PROTECTED] failed: Client not found in
Kerberos database

And I cannot use wbinfo -u  wbinfo -g, always returned: Error looking
up domain users/groups.

What's wrong?



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Re: Must I remove gnome-kerberos-0.3.1-9?

2003-11-06 Thread maorui

Hm..I think I made a mistake. It is not the kerberos core.
It seems that RH9 already have MIT kerberos installed.
But how can I make it works? I've read the HOWTO collection, but still got
the error message.

maorui [EMAIL PROTECTED] Ð´ÈëÏûÏ¢ÐÂÎÅ
:[EMAIL PROTECTED]
   I managed to setup samba3.0 as a win2k domain member, and modified
smb.conf  krb5.conf.
   But when I try kinit [EMAIL PROTECTED], I got an error.

 -- kinit(v5):KDC has no support for encryption type while getting initial
credentials

   I found gnome-kerberos-0.3.1-9 was shipped with RH9. Did it support all
kerberos function Samba3 need?
   Must I remove it and install MIT or Heimdal Kerberos package?



 --
 To unsubscribe from this list go to the following URL and read the
 instructions:  http://lists.samba.org/mailman/listinfo/samba




-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Must I remove gnome-kerberos-0.3.1-9?

2003-11-05 Thread maorui

  I managed to setup samba3.0 as a win2k domain member, and modified smb.conf  
krb5.conf.
  But when I try kinit [EMAIL PROTECTED], I got an error.

-- kinit(v5):KDC has no support for encryption type while getting initial credentials

  I found gnome-kerberos-0.3.1-9 was shipped with RH9. Did it support all kerberos 
function Samba3 need?
  Must I remove it and install MIT or Heimdal Kerberos package?



-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Can I reconfigure Samba share without restart smb service?

[Samba] getent passwd cannot list win2k ADS users

[Samba] Auth problem?

[Samba] Auth problem

[Samba] winbind cannot run correctly

[Samba] Re: Must I remove gnome-kerberos-0.3.1-9?

[Samba] Must I remove gnome-kerberos-0.3.1-9?

7 matches

Site Navigation

Mail list logo

Footer information