RE: [Samba] Existing files don't show up in share, new files do
It's the unix right which is incorrect. what is the unix right of the file on the server ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 21/05/2008 16:18:41 : Remove any restrictions on the shares. Like valid user and that sort of thing. Jason Waters -Original Message- From: Pepijn Schmitz [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 21, 2008 10:08 AM To: Rubin Bennett Cc: Jason Waters; samba@lists.samba.org Subject: Re: [Samba] Existing files don't show up in share, new files do I'm slightly closer to finding the cause of this problem. I set the smbd log level to 7 and found the following entries when trying to list the contents of the share: [2008/05/21 15:27:05, 5] smbd/uid.c:change_to_user(273) change_to_user uid=(500,500) gid=(0,500) [2008/05/21 15:27:05, 3] smbd/trans2.c:call_trans2findfirst(1704) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16644 [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(147) unix_convert called on file * [2008/05/21 15:27:05, 5] smbd/filename.c:unix_convert(246) unix_convert begin: name = *, dirpath = , start = * [2008/05/21 15:27:05, 5] smbd/trans2.c:call_trans2findfirst(1769) dir=./, mask = * [2008/05/21 15:27:05, 5] smbd/dir.c:dptr_create(392) dptr_create dir=./ [2008/05/21 15:27:05, 3] smbd/dir.c:dptr_create(515) creating new dirptr 256 for path ./, expect_close = 1 [2008/05/21 15:27:05, 4] smbd/trans2.c:call_trans2findfirst(1837) dptr_num is 256, wcard = *, attr = 22 [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255) get_lanman2_dir_entry found ./. fname=. [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255) get_lanman2_dir_entry found ./.. fname=.. [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./Audio] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./DIRK_GENTLY'S_HOLISTIC_DETECTIVE_AGENCY.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./Foto's] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./HITCHHIKER'S_GUIDE_TO_THE_GALAXY.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./LAST_CHANCE_TO_SEE.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./Martijn] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./MOSTLY_HARMLESS.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./recycled] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./RESTAURANT_END_OF_THE_UNIVERSE.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./STARSHIP_TITANIC.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./temp] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./Video] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./YOUNG_ZAPHOD_PLAYS_IT_SAFE.TXT] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./Fotos] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./.Trash-pepijn] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./.Trash-500] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./volumeid.zbx] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1221) get_lanman2_dir_entry:Couldn't stat [./XXX] (Permission denied) [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255) get_lanman2_dir_entry found ./test.txt fname=test.txt [2008/05/21 15:27:05, 5] smbd/trans2.c:get_lanman2_dir_entry(1255) get_lanman2_dir_entry found ./test2.txt fname=test2.txt [2008/05/21 15:27:05, 5] smbd/trans2.c:call_trans2findfirst(1890)
[Samba] Planning to start a new server
Hi, I have a samba server which act as file/print/wins server and PDC with ldap backend ACL support (samba-3.0.23). I plan to start a new server which replace the old one. My question is about the samba version, my first advice is the use samba-3.0.28a. But maybe is preferable to wait samba 3.2.0. What type of bugs samba-3.0.28a have ? The new sever will act as samba/print server and PDC with ldap backend ACL support . wins server will be on other servers (samba4wins) thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Planning to start a new server
have you tried (if possible) samba-3.0.28a ? I can read in change log : Fix ACL set bug when group being set is the primary group. I don't use the windows ACL management, I have a modified webmin file manager for manage ACL. thanks Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 28/04/2008 16:15:16 : hi, El Mon, 28 Apr 2008 15:34:26 +0200 [EMAIL PROTECTED] ha escrit: Hi, I have a samba server which act as file/print/wins server and PDC with ldap backend ACL support (samba-3.0.23). I plan to start a new server which replace the old one. My question is about the samba version, my first advice is the use samba-3.0.28a. But maybe is preferable to wait samba 3.2.0. What type of bugs samba-3.0.28a have ? i'm using 3.0.24 on SLES 10 because the following ACL-related problems on 3.0.28 http://www.nabble.com/ACL-strange-behaviour-td16495631.html good luck! toni The new sever will act as samba/print server and PDC with ldap backend ACL support . wins server will be on other servers (samba4wins) thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbldap-useradd -w won't create machine account
Samba will add sambaSAMAccount when you add the workstation to the domain. sambaldaptools not add the samba shema for that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/04/2008 16:17:13 : I can't get smbldap-useradd to add the sambaSamAccount workstation attributes. For example: smbldap-useradd -w 'test_machine$' # test_machine$, People, desktop.hmdc.harvard.edu dn: uid=test_machine$,ou=People,dc=desktop,dc=hmdc,dc=harvard,dc=edu objectClass: top objectClass: account objectClass: posixAccount cn: test_machine$ uid: test_machine$ uidNumber: 1010 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer gecos: Computer Has anyone else experienced this? It thinks it's creating a machine account, but it doesn't add sambaSamAccount, or sambaAcctFlags [W ]. More info: # rpm -qi smbldap-tools Name: smbldap-toolsRelocations: (not relocatable) Version : 0.9.4 Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ Release : 1.el5.rf Build Date: Sat 22 Sep 2007 01:35:45 AM EDT Install Date: Tue 25 Mar 2008 11:43:42 AM EDT Build Host: lisse.leuven.wieers.com Group : System Environment/Base Source RPM: smbldap-tools-0.9.4-1.el5.rf.src.rpm Size: 525573 License: GPL Signature : DSA/SHA1, Sat 22 Sep 2007 02:51:47 PM EDT, Key ID a20e52146b8d79e6 Packager: Dag Wieers [EMAIL PROTECTED] URL : http://sourceforge.net/projects/smbldap-tools/ Summary : User and group administration tools for Samba-OpenLDAP Thanks, c -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question about guest user
Hi, I would like to know if I can have some problem if I havn't guest user or if it disabled. Actually I have a guest user which I used (illegaly) by some people. have a nice day Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Problems with Samba
is your WINS server work fine ? what says a nmblookup. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 14/03/2008 13:53:18 : I think there are no issues with the client machine, because nothing has changed.i tried to repeat the process to register a clientmachine in the domain, but it failed. the role of my samba-server is: ROLE_DOMAIN_PDC. Are you sure there are no issues with the client machine? [EMAIL PROTECTED] wrote: Hi, I administrate a server (debian etch) on which runs samba, version 3.0.24-6et. Everything worked fine until today. I tried to logon on the server via a clientmachine (win2k, winxp), but i got an error, System cannot logon because domain not reachable. (it is possible to ping the server and to establish a shortcut (to logon) to the server - that works). I have no idea what happens. The logfiles of smbd, nmbd are ok to mind, there is no advise for an error (.. startet...becomes_domain_controller etc.). I already tested my sambaconfiguration via testparm, no problems. A simple restart of sambe didn't help too. testparm also shows the right name for the workgroup etc. Does anyone have an idea, where the problem could be? The last changes i did on the server where updates via aptitude. thanks Edgar _ In 5 Schritten zur eigenen Homepage. Jetzt Domain sichern und gestalten! Nur 3,99 EUR/Monat! http://www.maildomain.web.de/?mc=021114 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Is there a Samba4 list that I can use?
For asking samba4 question, the best way is subscrinbing to samba-technical list. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 28/02/2008 16:09:43 : In order to get going with Samba4 I subscribed to this list. However, I'm getting inundated with postings that are, for the most part completely, irrelevant to my needs. I know they are all the same software, but Samba4 is almost a complete rewrite with completely different goals. Its very tough to filter through 99.9% of the messages just in hopes of finding one that applies to your platform. My question is, what is the best way to ask questions about Samba4? So far, the only thing I've found is this list and the Samba4 signal to noise ratio is way to low for me. :( Thanx! Richard -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ldapsam:editposix and winbind questions
Hi, I'm testing a other solution about managing my user and group in the ldap tree. I try to switch from smbldap-tools and webmin interface TO ldapsam-editposix and winbind. I used the howto available on samba wiki for that Now, I have some questions : - How make winbind to enum all users (newly users created with new config and users created with older system). - Why samba not set attribute in ldap tree if password policies is set ( like sambaPwdMustChange, sambabadpasswordcount) when set password with net rpc. Can anyone help me ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Bug? inherit acls not working as expected
not sure that you are right. Samba use both unix right and posix acl right. the directory test1 have unix right that autorise smb-Users to access-it. And you cancel it with acl entry = the smb-users group have no right. But you not have default acl entry, if you spec default acl entry with the same right that the acl entry, all directory created under test will take the value described by default acl entry. Else take the unix value. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 04/01/2008 15:40:47 : Hello I'm running Debian Etch with distro kernel Samba package (2.6.18-5-686 3.0.24-6etch9). In my smb.conf I have : inherit owner = yes inherit permissions = yes inherit acls = yes I start with a dir test1 with no rights for group smb-Users, rx for group smb-Inf, and rwx for group smb-Bme-Fr : [EMAIL PROTECTED]:/mnt/temp # ll total 28 drwxr-xr-x 4 root root 4096 2008-01-04 15:08 . drwxr-xr-x 4 root root 29 2008-01-04 14:38 .. drwx-- 2 root root 16384 2008-01-04 14:37 lost+found drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:25 test1 [EMAIL PROTECTED]:/mnt/temp # getfacl test1/ # file: test1 # owner: root # group: smb-Users user::rwx group::--- group:smb-Inf:r-x group:smb-Bme-Fr:rwx mask::rwx other::--- From a Windows XP client with a user member of the group smb-Bme-Fr I create a dir test2 in dir test1, then I have : [EMAIL PROTECTED]:/mnt/temp # ll test1/ total 20 drwxrwx---+ 3 root smb-Users 4096 2008-01-04 15:26 . drwxr-xr-x 4 root root 4096 2008-01-04 15:08 .. drwxrwx---+ 2 root smb-Users 4096 2008-01-04 15:26 test2 [EMAIL PROTECTED]:/mnt/temp # getfacl test1/test2/ # file: test1/test2 # owner: root # group: smb-Users user::rwx group::rwx group:smb-Inf:r-x group:smb-Bme-Fr:rwx mask::rwx other::--- The group smb-Users should have no rights on test2, inherited from the test1 dir, but it has rwx. A user belonging to smb-Users and smb-Inf has rwx access and he should have just rx. I'm using XFS on my Samba server, I tried with ext3 with same results. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Samba as PDC and file server using ACLs
--- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 14/11/2007 14:50:56 : Hello sambers, i'm trying to configure a samba server (3.026a) as a PDC and as a file server using system's ACLs. 1. Where samba stores the users and groups domain information? Is in the /etc/passwd? by default : YES 2. MUST i use winbind to successfully use ACLs? If the samba is the PDC, why should i have to use winbind? There is no problem to me to keep linux box user and groups accounts. NO 3. Someone know where a find the ACLs options official guide? for setting samba to use acl, add --with-acl-support option to the ./configure call. It's the first step for using samba and ACL. And after see manual page of smb.conf for acl parameter. Thanks again for everyone Bruno -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] root != admin domain user?
See on the samba howto collection the chapter 15 User rights and Privileges . You will find the answer. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 23/10/2007 11:36:01 : Hi all, Samba has been running as PDC for some months in a row w/o no issues so far. Users and machines were created and added to the domain correctly... Now I'm facing the following problem... I hope it's easy to solve... Although machines have been added to the domain using the root user, and it's mapped to Administrator in /etc/samba/smbusers, when a situation like connecting to a remote Windows workstation or unlocking a locked session using that user comes, the workstation shows a message telling that I (or the SysAdmin using the root or Administartor account) have no privileges to do that... This is my smb.conf: --- [global] netbios name = v601 server string = Volania Six Dominatrix workgroup = VOLANIASIX.COM ; domain local master browser ; coz we're dealing with Win2k os level = 65 prefered master = yes domain master = yes local master = yes domain logons = yes wins support = yes ; misc options socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 time server = yes ; do not show files starting with dots hide dot files = yes ; do not allow guest access, use only local system accounts security = user guest ok = no invalid users = bin deamon sys man postfix mail ftp admin users = @wheel ; use encrypted passwords encrypt passwords = yes ; logging (max log size is in kB) log level = 2 log file = /var/log/samba/log.%L max log size = 1000 debug timestamp = yes syslog = 1 ; user roaming profiles path logon path = \\%N\profiles\%U logon drive = H: ; general logon script (in DOS format) logon script = %u.bat # These scripts are used on a domain controller or stand-alone # machine to add or delete corresponding unix accounts add user script = /usr/sbin/useradd %u add group script = /usr/sbin/groupadd %g add machine script = /usr/sbin/adduser -n -g users -c V6-Windows-Machine -d /dev/null -s /bin/false %u delete user script = /usr/sbin/userdel %u delete user from group script = /usr/sbin/deluser %u %g delete group script = /usr/sbin/groupdel %g username map = /etc/samba/smbusers ; share for domain controller [netlogon] path = /usr/lib/samba/netlogon public = no writeable = no browsable = no valid users = root @smbusers ; share for storing user profiles [profiles] comment = Network Profiles Share path = /usr/lib/samba/profiles writeable = yes store dos attributes = yes create mask = 0700 directory mask = 0700 browsable = no guest ok = no printable = no hide files = /desktop.ini/outlook*.lnk/*Briefcase*/ valid users = root @smbusers [homes] valid users = %S read only = No browseable = No --- # grep wheel /etc/group wheel:x:10:root Any suggestions?? Maybe I've overseen something obvious when Samba was set up as PDC... TIA, Martin -- Martin Mielke - [EMAIL PROTECTED] Sr. SysAdmin at Casino.com p: +34 956785288 | f: +34 956794081 | m: +34 677509693 w: http://www.casino.com/ The contents of this email and any attachments are for the intended recipient(s) only. This email may contain proprietary, confidential, or otherwise private information belonging to Casino.com (hereafter referred to as The Company) or its affiliates. The Company does not take any responsibility for, or endorse any information which does not relate to its official business, including personal mail and/or opinions by senders whether or not they are employed by The Company. If you receive a message that was not intended for you, please notify the sender immediately (or forward the email to [EMAIL PROTECTED]). Do not read, use or disclose the contents in any way and delete the message immediately. The Company will take reasonable precautions but cannot ensure that this e-mail and any attachments will be free of errors, viruses, interception or interference. Therefore The Company can not be held liable for any loss or damages incurred by you which have been caused by any of the foregoing. No undertaking, guarantee or other obligation contained in this email or any attachments will bind The Company unless it is later confirmed in writing. -- To unsubscribe from this list go to the
RE [Samba] problem with kernel oplock
NFS precision : 127.0.0.1:/srv/vol2_For_SafeKit_Replication on /srv/vol2 type nfs (rw,proto=udp,port=5700,hard,timeo=5,retrans=6,nolock,addr=127.0.0.1) You can see that NFS no lock the file. I tried with kernel oplocks = no but the problem is the same, the message has just changed from I/O problem to access right problem. Where is the problem ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 17/10/2007 13:11 A samba@lists.samba.org cc Objet [Samba] problem with kernel oplock Hi, We test a software called Safekit. This software permit to have a replicated FS and can start some apps from a particular script. We use this startup script for starting SaMBa. We make this test : NODE1 : Samba not actif (SECOND) NODE2 : Samba is running (PRIM) open a file with samba and modify it make swap I try to save and no possible to save, but if I close the file and reopen it it works fine. On the log file, we have : [2007/10/17 12:25:50, 4] smbd/open.c:open_file_ntcreate(1605) calling open_file with flags=0x0 flags2=0x0 mode=0760, access_mask = 0x20089, open_access_mask = 0x20089 [2007/10/17 12:25:50, 2] smbd/open.c:open_file(391) spu opened file CORINF/cmde/CDE5021.ods read=Yes write=No (numopen=3) [2007/10/17 12:25:50, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(173) linux_set_kernel_oplock: Refused oplock on file CORINF/cmde/CDE5021.ods, fd = 26, dev = 14, inode = 403381390. (Ressource temporairement non disponible) [2007/10/17 12:25:50, 5] smbd/nttrans.c:reply_ntcreate_and_X(938) reply_ntcreate_and_X: fnum = 12684, open name = CORINF/cmde/CDE5021.ods [2007/10/17 12:25:50, 5] lib/util.c:show_msg(484) [2007/10/17 12:25:50, 5] lib/util.c:show_msg(494) Anyone can explain this little problem ? Samba 3.0.26a The shared directory is accesible with a local mount of a NFS share. thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with kernel oplock
Hi, We test a software called Safekit. This software permit to have a replicated FS and can start some apps from a particular script. We use this startup script for starting SaMBa. We make this test : NODE1 : Samba not actif (SECOND) NODE2 : Samba is running (PRIM) open a file with samba and modify it make swap I try to save and no possible to save, but if I close the file and reopen it it works fine. On the log file, we have : [2007/10/17 12:25:50, 4] smbd/open.c:open_file_ntcreate(1605) calling open_file with flags=0x0 flags2=0x0 mode=0760, access_mask = 0x20089, open_access_mask = 0x20089 [2007/10/17 12:25:50, 2] smbd/open.c:open_file(391) spu opened file CORINF/cmde/CDE5021.ods read=Yes write=No (numopen=3) [2007/10/17 12:25:50, 3] smbd/oplock_linux.c:linux_set_kernel_oplock(173) linux_set_kernel_oplock: Refused oplock on file CORINF/cmde/CDE5021.ods, fd = 26, dev = 14, inode = 403381390. (Ressource temporairement non disponible) [2007/10/17 12:25:50, 5] smbd/nttrans.c:reply_ntcreate_and_X(938) reply_ntcreate_and_X: fnum = 12684, open name = CORINF/cmde/CDE5021.ods [2007/10/17 12:25:50, 5] lib/util.c:show_msg(484) [2007/10/17 12:25:50, 5] lib/util.c:show_msg(494) Anyone can explain this little problem ? Samba 3.0.26a The shared directory is accesible with a local mount of a NFS share. thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] install printer problem
Hi, With new windows XP SP2 machine, user cannot install or reuse printer installed on her profile. When I try to add a printer I have : A strategy on your computer cannot permit to connect to this print queue. Contact your system administrator When I try to see property of already installed printer; I read : unable to end this operation. Actually, my samba version is 3.0.23c And if I read debug level 10 on the machine, I can see that the client want to have a computer account corresponding to the hostname a PDC. My hostname is different that the DC name. could you help me ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] install printer problem
Actually, no windows user can print with this PC. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 10/07/2007 11:44 A [EMAIL PROTECTED] cc Objet [Samba] install printer problem Hi, With new windows XP SP2 machine, user cannot install or reuse printer installed on her profile. When I try to add a printer I have : A strategy on your computer cannot permit to connect to this print queue. Contact your system administrator When I try to see property of already installed printer; I read : unable to end this operation. Actually, my samba version is 3.0.23c And if I read debug level 10 on the machine, I can see that the client want to have a computer account corresponding to the hostname a PDC. My hostname is different that the DC name. could you help me ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Advice about samba + GFS
Hi people, Actually, I have a samba server with XFS filesystem. It run fine with no problem. But, I must change machine (replacement cycle). The hardware is from HP which distribute some tools and package for managing server. This tools run only with update and kernel from supported distribution (in this case RedHat). The problem is the support of XFS on RedHat distrib. If I want XFS on my server, I must recompile the kernel with problem about Hp package ! Another project have the objective to find a solution for clustering the data and the samba server. And Redhat have a solution named GFS. And now I would like to know some experience of sysadmin about GFS and samba ( on LVM and ACL ) A little bechmarl between XFS and GFS and other link if possible. thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Samba 3.0.25rc3 Available for Download
Support for Additional ACL Modules == Samba's POSIX ACL support has been moved inside of the VFS layer which means it is now possible to support multiple ACL implementations on the same server including NFSv4 and GPFS ACLs. If I understand, I must be find a vfs named posix_acl (eq of --acl-support) But I don't find this vfs plugin. Where is the problem (me or ) thanks Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 25/04/2007 14:08:21 : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 == I'm not really concerned with performance. -- SambaXP 07 Attendee referring to LDAP Directories == Release Announcements = This is the third release candidate of the Samba 3.0.25 code base and is provided for testing only. An RC release means that we are close to the final release but the code may still have a few remaining minor bugs. This release is *not* intended for production servers. There has been a substantial amount of development since the 3.0.23/3.0.24 series of stable releases. We would like to ask the Samba community for help in testing these changes as we work towards the next significant production upgrade Samba 3.0 release. Major features included in the 3.0.25 code base include: o Significant improvements in the winbind off-line logon support. o Support for secure DDNS updates as part of the 'net ads join' process. o Rewritten IdMap interface which allows for TTL based caching and per domain backends. o New plug-in interface for the winbind nss info parameter. o New file change notify subsystem which is able to make use of inotify on Linux. o Support for passing Windows security descriptors to a VFS plug-in allowing for multiple Unix ACL implements to running side by side on the Same server. o Improved compatibility with Windows Vista clients including improved read performance with Linux servers. o Man pages for IdMap and VFS plug-ins. Off-line Logons and AD Site Support === Winbind's capability to support offline logons has been greatly improved with the 3.0.25 release including support for locating domain controllers asynchronously using Active Directory Site information. New IdMap Interface for Winbindd The 3.0.25 release of Samba includes a rewritten IdMap interface for winbindd which replaces the idmap backend parameter. Please refer to the idmap domains description in the smb.conf(5) man page for more details. Dynamic DNS Updates === The net ads join command is now able to register the host's DNS A records with Windows 2000 SP4 and 2003 DNS servers. This feature must be enabled at compile time using the --with-dnsupdate when running the ./configure script. There is also a related net ads dns command for refreshing a host's records which could be launched from a dhcp client script when a new IP address is obtained. Support for Additional ACL Modules == Samba's POSIX ACL support has been moved inside of the VFS layer which means it is now possible to support multiple ACL implementations on the same server including NFSv4 and GPFS ACLs. VFS ReadAhead Plugin Windows Vista introduces pipe-lined read support for improved performance when transferring files. The new vfs_readahead plugin allows Linux file servers to utilize additional Kernel buffers for caching files in order to avoid Disk I/O wait time when serving Vista clients. If you experience poor read performance between Linux servers and Vista clients, please test the vfs_readahead module by adding the following lines to the share definition in smb.conf: [file_share] vfs objects = readahead Note that this plugin will result in additional RAM requirements due to the increased amount of kernel buffer caches used by smbd. Please refer to vfs_readahead(8) for more information. Windows Vista, Office 2007, and Offline Files = Research surrounding offline files, Windows Vista, and Microsoft Office 2007 has revealed a incompatibility between these applications and the map acl inherit = no setting in smb.conf. Users requiring support client side caching (csc) and offline files are encouraged to enable the map acl inherit for any affected share definitions in the server's configuration. Future versions of Samba will enable this setting by default. Please
Re: [Samba] Samba 3.0.25rc2 Available for Download
Hi, I have a problem : ./configure --with-ldap --with-acl-support --prefix=/usr/local --exec-prefix=/usr/local --bindir=/usr/local/bin --sbindir=/usr/local/sbin --libexecdir=/usr/local/libexec --datadir=/usr/local/share --sharedstatedir=/usr/local/com --localstatedir=/usr/local/var --libdir=/usr/local/lib --includedir=/usr/local/include --infodir=/usr/share/info --with-configdir=/etc/samba --sysconfdir=/etc/samba --mandir=/usr/man --enable-cups if [ $? == 0 ]; then make if [ $? == 0 ]; then make install fi fi exit 0; RedHat Enterprise Linux 4 Kernel 2.6.16.5 package dmapi 2.2.1-1 dmapi-devel-2.2.1-1 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 22/04/2007 21:20:18 : Gerald (Jerry) Carter wrote: This is the second release candidate of the Samba 3.0.25 code base and is provided for testing only. These messages are new while compiling: deveis # make [...] Compiling auth/auth_script.c Building plugin bin/script.so make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by `all'. Stop. deveis # make install [...] make: *** No rule to make target `nsswitch/libnss_winbind.so', needed by `all'. Stop. Configure options: export CFLAGS='-O2 -march=i486 -fomit-frame-pointer' ./configure \ --target=i486-pc-linux-gnu \ --with-sendfile-support \ --prefix=/usr \ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --with-privatedir=/etc \ --with-lockdir=/var/lock/samba \ --with-libdir=/usr/lib/samba \ --with-piddir=/var/run \ --with-swatdir=/usr/lib/samba/swat \ --with-configdir=/etc \ --with-logfilebase=/var/log \ --localstatedir=/var/log \ --without-ads \ --without-ldap \ --with-codepagedir=/usr/lib/samba/codepages \ --with-smbmount=yes \ --with-sambabook=/usr/lib/samba/swat/using_samba \ --without-winbind \ --without-python \ --without-manpages \ --without-mysql \ --without-xml \ --with-included-popt \ --enable-cups=no \ --with-vfs \ --with-utmp \ --with-quotas \ --with-pam \ --with-pam_smbpass \ --with-acl-support der tom -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.25rc2 Available for Download
file not attached (due to mail rules), see output of make here : In file included from smbd/dmapi.c:36: /usr/include/xfs/dmapi.h:83: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:85: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:86: error: syntax error before dm_fsid_t /usr/include/xfs/dmapi.h:87: error: syntax error before dm_ino_t /usr/include/xfs/dmapi.h:89: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:92: error: syntax error before dm_size_t /usr/include/xfs/dmapi.h:93: error: syntax error before dm_ssize_t /usr/include/xfs/dmapi.h:104: error: syntax error before dm_dev_t /usr/include/xfs/dmapi.h:246: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:302: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:345: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:359: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:379: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:383: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:410: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:416: error: syntax error before dt_dev /usr/include/xfs/dmapi.h:417: error: syntax error before dt_ino /usr/include/xfs/dmapi.h:422: error: syntax error before dt_rdev /usr/include/xfs/dmapi.h:424: error: syntax error before dt_size /usr/include/xfs/dmapi.h:429: error: syntax error before dt_blocks /usr/include/xfs/dmapi.h:435: error: syntax error before dt_pad3 /usr/include/xfs/dmapi.h:447: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:477: error: champ dx_statinfo est de type incomplet /usr/include/xfs/dmapi.h:486: error: syntax error before __u16 /usr/include/xfs/dmapi.h:488: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:491: error: syntax error before __u16 /usr/include/xfs/dmapi.h:494: error: syntax error before dm_fid_ino /usr/include/xfs/dmapi.h:501: error: syntax error before __s64 /usr/include/xfs/dmapi.h:505: error: syntax error before un élément lexical } /usr/include/xfs/dmapi.h:584: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:597: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:609: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:619: error: syntax error before dm_size_t /usr/include/xfs/dmapi.h:626: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:636: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:659: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:773: error: syntax error before dm_fsid_t /usr/include/xfs/dmapi.h:785: error: syntax error before dm_ino_t /usr/include/xfs/dmapi.h:803: error: syntax error before dm_attrloc_t /usr/include/xfs/dmapi.h:811: error: syntax error before un élément lexical * /usr/include/xfs/dmapi.h:819: error: syntax error before un élément lexical * /usr/include/xfs/dmapi.h:885: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:896: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:915: error: syntax error before dm_read_invis /usr/include/xfs/dmapi.h:920: error: syntax error before dm_off_t /usr/include/xfs/dmapi.h:971: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:991: error: syntax error before dm_eventset_t /usr/include/xfs/dmapi.h:1057: error: syntax error before dm_write_invis /usr/include/xfs/dmapi.h:1063: error: syntax error before dm_off_t smbd/dmapi.c: In function `dmapi_file_flags': smbd/dmapi.c:221: error: syntax error before events smbd/dmapi.c: At top level: smbd/dmapi.c:238: error: syntax error before if smbd/dmapi.c:252: error: path non déclaré ici (hors de toute fonction) smbd/dmapi.c:253: error: un élément de l'initialisation n'est pas une constante smbd/dmapi.c:253: warning : the data definition have no type and no stockage class smbd/dmapi.c:254: error: syntax error before if smbd/dmapi.c:269: attention : noms de paramêtres (sans type) dans la déclaration de fonction smbd/dmapi.c:269: error: types conflictuels pour set_effective_capability include/proto.h:924: error: déclaration précédente de set_effective_capability était ici smbd/dmapi.c:269: error: types conflictuels pour set_effective_capability include/proto.h:924: error: déclaration précédente de set_effective_capability était ici smbd/dmapi.c:269: attention : la définition de données n'a pas de type ni de classe de stockage smbd/dmapi.c:271: error: redéfinition de err smbd/dmapi.c:252: error: définition précédente de err était ici smbd/dmapi.c:272: error: un élément de l'initialisation n'est pas une constante smbd/dmapi.c:272: attention : la définition de données n'a pas de type ni de classe de stockage smbd/dmapi.c:273: error: syntax error before if smbd/dmapi.c:281: error: redéfinition de err smbd/dmapi.c:271:
Re: [Samba] Domain Admins with Samba 3.024
Please read the changelog ! There are many change between 3.0.10 and 3.0.2x In 3.0.2x samba version, privilege are enabled are must be used ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Neil Jolly [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 14/02/2007 15:11 A samba@lists.samba.org cc Objet Re: [Samba] Domain Admins with Samba 3.024 On 14-Feb-07, at 4:01 AM, Gareth Cummings wrote: I am having the same problem on 3.23d, had it working fine with on 3.0.10. The users in the domain admin group can add machines to the network but do not have admin rights on the actual PCs' Thanks for confirming this problem. Good to know I'm not alone, but I still need to resolve the issue at some point. This server's not in production as yet, so I'm free to try some changes if anyone has a suggestion. Thanks, Neil Jolly #12 800 Bowcroft Place Cochrane, Alberta Phone: (403) 688-7516 Fax: (403) 851-0873 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows Client Print Queue does not get cleared afterjobcompletion....
It's depend on print server you are using ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 31/01/2007 10:21:50 : Hi, I am too having the same problem when printing, I could not find a solution other than as you do, remove it after. I am still looking at this issue and will send to this list if I get a solution if no-one replies. :) Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ba.org] On Behalf Of Mansell, Gary Sent: 31 January 2007 09:02 To: samba@lists.samba.org Subject: [Samba] Windows Client Print Queue does not get cleared afterjobcompletion Hi, I am running the default version of Samba that comes with CentOS 4.4 (3.0.10-1.4E.9) and I am experiencing a problem where print jobs do not get removed from the Windows print queue after they have been printed. If I perform an lmstat on the Samba server I can confirm that there are no jobs still waiting to print and hence the Samba print queues should be empty also. The jobs can be manually cancelled by the user after they have been printed but this is obviously a chore. Any advice gladly received Regards Gary Mansell -- This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient). Only Directors or Duly Authorised Officers are authorised to enter into legally binding obligations on behalf of Ricardo unless the obligation is contained within a Ricardo Purchase Order. Ricardo may monitor outgoing and incoming e-mails and other telecommunications on its e-mail and telecommunications systems. By replying to this e-mail you give consent to such monitoring. The recipient should check this e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. Ricardo means Ricardo plc and its subsidiary companies. Ricardo plc is a public limited company registered in England with registered number 00222915. The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba This message has been scanned for viruses by MailControl - (see http://bluepages.wsatkins.co.uk/?4318150) This email and any attached files are confidential and copyright protected. If you are not the addressee, any dissemination of this communication is strictly prohibited. Unless otherwise expressly agreed in writing, nothing stated in this communication shall be legally binding. Consider the environment. Please don't print this e-mail unless you really need to. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows Client Print Queue does not get clearedafterjobcompletion....
With CUPS (libcups), normally you don't have problem about job jobcompletion. With LPD ou lprng, you must complete some parameter on smb.conf (aka : lp parameter and print command ). --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Mansell, Gary [EMAIL PROTECTED] a écrit sur 31/01/2007 12:21:41 : Do you mean whether you use CUPS (CentOS 4.4 default) or LPD? Can you please explain further? On Wed, 2007-01-31 at 12:14 +0100, [EMAIL PROTECTED] wrote: It's depend on print server you are using ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 31/01/2007 10:21:50 : Hi, I am too having the same problem when printing, I could not find a solution other than as you do, remove it after. I am still looking at this issue and will send to this list if I get a solution if no-one replies. :) Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ba.org] On Behalf Of Mansell, Gary Sent: 31 January 2007 09:02 To: samba@lists.samba.org Subject: [Samba] Windows Client Print Queue does not get cleared afterjobcompletion Hi, I am running the default version of Samba that comes with CentOS 4.4 (3.0.10-1.4E.9) and I am experiencing a problem where print jobs do not get removed from the Windows print queue after they have been printed. If I perform an lmstat on the Samba server I can confirm that there are no jobs still waiting to print and hence the Samba print queues should be empty also. The jobs can be manually cancelled by the user after they have been printed but this is obviously a chore. Any advice gladly received Regards Gary Mansell -- This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender immediately and delete this e-mail from your system. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Ricardo (save for reports and other documentation formally approved and signed for release to the intended recipient). Only Directors or Duly Authorised Officers are authorised to enter into legally binding obligations on behalf of Ricardo unless the obligation is contained within a Ricardo Purchase Order. Ricardo may monitor outgoing and incoming e-mails and other telecommunications on its e-mail and telecommunications systems. By replying to this e-mail you give consent to such monitoring. The recipient should check this e-mail and any attachments for the presence of viruses. Ricardo accepts no liability for any damage caused by any virus transmitted by this e-mail. Ricardo means Ricardo plc and its subsidiary companies. Ricardo plc is a public limited company registered in England with registered number 00222915. The registered office of Ricardo plc is Shoreham Technical Centre, Shoreham-by Sea, West Sussex, BN43 5FG. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba This message has been scanned for viruses by MailControl - (see http://bluepages.wsatkins.co.uk/?4318150) This email and any attached files are confidential and copyright protected. If you are not the addressee, any dissemination of this communication is strictly prohibited. Unless otherwise expressly agreed in writing, nothing stated in this communication shall be legally binding. Consider the environment. Please don't print this e-mail unless you really need to. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] access users homes share
exactly, you need to create a special share for permet user2 to acces to home of user1 (or reverse). but I'm not sure that is possible if you want to specify that only user2 can acces to user1'home and not user3. Maybe you must implement ACL... --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 23/01/2007 10:57:11 : hey list, we are currently migrating our users from novell to samba. now we have one problem: in novell we could give e.g. user1 access to users2 home share so he could modify, delete or add files on this share. in samba we defined a global homes share that is mapped on logon. so how can we give user1 the needed rights? here is the definition of the homes share in smb.conf: [homes] comment = user share browseable = no writeable = yes write list = %U create mask = 0600 directory mask = 0700 force user = %U force group = Administrators oplocks = true do we need to add a special share and group? thanks for help and best regards Don't pick lemons. See all the new 2007 cars at Yahoo! Autos. http://autos.yahoo.com/new_cars.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] smbldap-useradd question
IdealX tools is for manage users in ldap tree, not in passwd. Normally , the data of users in LDAP contain necessary attribute for unix account. You can use pam_ldap nss_ldap pour unix auth from LDAP. For mail box, you must create one manually or modify the smbldap-useradd script ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Jason Baker [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 17/01/2007 15:14 A samba List samba@lists.samba.org cc Objet [Samba] smbldap-useradd question I have Samba 3 setup to work with LDAP and I am using the IdealX tools to create new users. If I issue the command /./smbldap-useradd -m -a -c User Name username/, then my new user is added, but I do not see the user in //etc/passwd/ and there is no entry in //var/mail/. Do I need to create a Unix account for this user also? They already have a /home directory. If I want a mail box for the user, could I just create one manually? -- *Jason Baker */IT Coordinator/ *Glastender Inc.* 5400 North Michigan Road Saginaw, Michigan 48604 USA 800.748.0423 Phone: 989.752.4275 ext. 228 Fax: 989.752. www.glastender.com http://www.glastender.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] browser list
Hi ! I have a question or request for improvement : Some external people with her domain name must be connected to our network. Each time, he receive wins and other informations from DHCP. With this configuration the browser list from my PDC contain domain name wich not longer exist because this laptop has been connected one day or two. My question is : howto remove theses informations from wins.dat without restart nmbd ? If not possible, someone can make a tools for that ? or how spécify a timeout of existance of domain (a host exist in this domain) ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [samba] ACL inheritance like NTFS?
XFS use ACL for that. Each Default entry will provide inheritance. For applying ACL ont sub-diretcory and file, we have modified the file-manager of webmin for manage ACL and inheritance. For the rest, samb manage the ACL with the good parameter. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 02/01/2007 13:25:48 : Hi all, I will migrate a windows fileserver to a Suse System with XFS-filesystem and Samba. I will copy the files with the robocopy tool from Microsoft. I did some test and I noticed that XFS-filesystem does not support inheritance like NTFS. If there a solution for that problem? How did you solve that problem? Thank you! Richard -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] IP Address permissions per share
see the hosts allow parameter in man of smb.conf Man : http://ftp.easynet.be/samba/docs/man/manpages-3/smb.conf.5.html --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 02/01/2007 17:13:21 : I've googled and googled for an answer to this but all I can find is ip specific global permissions for samba. What I want to do is only allow specific ip addresses access to certain shares in my config. Is this possible? I know I could do user permissions to shares but I want to lock it down per ip address. Thanks, Ed -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] 3.0.23c: cannot access LDAP when not root
Hi, Try this patch, it work fine on my server -- (https://bugzilla.samba.org/attachment.cgi?id=2135action=view) Should apply cleanly to 3.0.23c. It's my bug report : https://bugzilla.samba.org/show_bug.cgi?id=4097 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 19/10/2006 19:25:08 : Hi Everybody, I have set up a Samba 3.0.23c PDC with LDAP and ACLs on Suse 10.0. Things seem to work fine, but log.smbd gets filled with many smbldap_open: cannot access LDAP when not root messages whenever I move around on the mounted user share using Windows XP Explorer from a client computer. More precisely, whenever I move the cursor to a new subfolder in explorer, I get a new bunch of the above messages in log.smbd, the quantity apparently depending on the number of ACL entries for the folder. Any idea what could be wrong? Let me know if you need more information, smb.conf and extended logs. TIA, Peter Rindfuss Wissenschaftszentrum Berlin fuer Sozialforschung (Social Science Research Center Berlin, Germany) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Printing problems with samba 3.0.23c and NT4
Hi, I have the same problem on a NT4 SP3. I must made a workaround (using direct print, without pass by samba), but the problem still present. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 13/09/2006 10:36:01 : Hi everyone! I have upgrade my fileserver from samba2-smbpasswd to samba3.0.23c with LDAP-PDC. Now i can't print to the printers on that server with NT4. net use ... is functional, but if I print to that printer, I get the error - free translated from german message - The syntax of the filename, directory name or the disc-label is wrong. WinXP hasn't that problem. The share is defined in this way: [global] ... printing = BSD ... [pspdf] path = /tmp printable = yes print command = /usr/local/bin/samba2pdf %s %U use client driver = yes I have played with use client driver, with no success. Is the printing-support for NT4 broken? Thanks a lot in advance Andreas Pohl [EMAIL PROTECTED] -- INTERMET Ueckermünde D-17373 Ueckermünde, Eggesiner Str. 11 Tel.: +49 (0) 39771 2120, Fax: +49 (0) 39771 21210 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap_open: cannot access LDAP when not root..
Hello, I have some little problems with samba 3.0.23c. A client open a excel file (office 2000), modify it and save it. After the office 2000 have saved the file, he display a message box with the message : file correclty saved but he cannot reopened because the memory is too short. If I look the ACL, the owner of file , the ACL is changed to read only and in samba log file, I can read : [2006/09/08 09:59:23, 0] lib/smbldap.c:smbldap_open(1009) smbldap_open: cannot access LDAP when not root.. If I change the ACL correctly, the user will have no problem. what happening ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] problem with samba 3.0.23c and windows NT4 workstation
Hi, I upgraded my samba 3.0.21b to 3.0.23c, after that printing from this NT 4 workstation don't work ! I have : [2006/09/06 09:01:44, 0] smbd/nttrans.c:call_nt_transact_ioctl(2332) call_nt_transact_ioctl(0x90028): Currently not implemented. And on the workstation : write error on \\admin01\promatic for that document : name file syntax, direcrory or volume is incorrect Would you want to retry or cancer job ? anyone can help me ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Printing problem with samba 3.0.23c and windows NT4 (URGENT)
Hi, I upgraded my samba 3.0.21b to 3.0.23c, after that printing from this NT 4 workstation doesn't work ! I have : [2006/09/06 09:01:44, 0] smbd/nttrans.c:call_nt_transact_ioctl(2332) call_nt_transact_ioctl(0x90028): Currently not implemented. And on the workstation : write error on \\admin01\promatic for that document : name file syntax, direcrory or volume is incorrect Would you want to retry or cancer job ? anyone can help me now ? Thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with samba 3.0.23c and windows NT4 workstation
It's a old NT4 SP4 Yesterday this machine hang one time and after no print occur on this machines. I'm not sure that is a samba problem but my chief think that is a problem because I upgraded samba from 3.0.21b to 3.0.23c. Now, I tried with a special section for a printer like : [printers] comment = Imprimantes path = /tmp guest ok = Yes printable = Yes browseable = No printable = Yes public = Yes use client driver = No [promatic] comment = Imprimante etiquette salle OTC1 path = /var/spool/samba read only = No printable = Yes printer name = promatic use client driver = yes And is always not work ! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Gerald (Jerry) Carter [EMAIL PROTECTED] a écrit sur 06/09/2006 15:50:24 : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: Hi, I upgraded my samba 3.0.21b to 3.0.23c, after that printing from this NT 4 workstation don't work ! I have : call_nt_transact_ioctl(0x90028): Currently not implemented. And on the workstation : write error on \\admin01\promatic for that document : name file syntax, directory or volume is incorrect Would you want to retry or cancer job ? anyone can help me ? Are you vending drivers from Samba ? Is spoolss enabled ? I just tested printing locally from NT4. Driver download worked fine and I send a test job through without any hitches. cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE/tIgIR7qMdg1EfYRAtlKAJ0QV5W/t1RF0a9jPQhBz6Mt91b1AQCfSyJk shxa7LH69WODJSHPq3+tleI= =38JI -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with samba 3.0.23c and windows NT4 workstation
It's a test for trying to find problem. This special section have was created only for testing. However, the printer is loading with standard printer section. Now, I started on samba server a ethereal and when I trie to print a page, I have no communication. Do you have a idea for that ? You can notice that the message call_nt_transact_ioctl(0x90028) is only on the connection or reconnection, not each time. I attached a log level 10 of this client and the share promatic is created from printer section. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Gerald (Jerry) Carter [EMAIL PROTECTED] a écrit sur 06/09/2006 16:18:26 : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: It's a old NT4 SP4 Yesterday this machine hang one time and after no print occur on this machines. I'm not sure that is a samba problem but my chief think that is a problem because I upgraded samba from 3.0.21b to 3.0.23c. Now, I tried with a special section for a printer like : ... [promatic] comment = Imprimante etiquette salle OTC1 path = /var/spool/samba read only = No printable = Yes printer name = promatic use client driver = yes And is always not work ! So you believe the 'use client driver' setting is to blame? Do you absolutely need that option? cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE/tiyIR7qMdg1EfYRAuehAJ91/O3EROiSMs9gKJjxO7dGK8yFcwCdFhQo AHgjAnxPJPL6XBcynoMaEGM= =qeFg -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] What about MS06-040
Hi, I have some problem with computer browser and Net Logon. I suspect the MS-patches named MS06-40 (921883). http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx Could anyone confim if this patches couse problem or not. Actually I use samba 3.0.21c and I would like to know if samba 3.0.23c could resolve problem. thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with guest account samba 3.0.23a (smbd wont start)
Hi, I test samba 3.0.23a and I used a existant LDAP tree. But, samba 3.0.23a won't start : In smbd.log : .. [2006/07/28 09:58:14, 10] registry/reg_cachehook.c:reghook_cache_add(61) reghook_cache_add: Adding key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] [2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(201) pathtree_add: Enter [2006/07/28 09:58:14, 10] lib/adt_tree.c:pathtree_add(268) pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] to tree [2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(270) pathtree_add: Exit [2006/07/28 09:58:14, 10] registry/reg_cachehook.c:reghook_cache_add(61) reghook_cache_add: Adding key [/HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] [2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(201) pathtree_add: Enter [2006/07/28 09:58:14, 10] lib/adt_tree.c:pathtree_add(268) pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] to tree [2006/07/28 09:58:14, 8] lib/adt_tree.c:pathtree_add(270) pathtree_add: Exit [2006/07/28 09:58:14, 3] smbd/sec_ctx.c:push_sec_ctx(208) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2006/07/28 09:58:14, 3] smbd/uid.c:push_conn_ctx(345) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2006/07/28 09:58:14, 3] smbd/sec_ctx.c:set_sec_ctx(241) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2006/07/28 09:58:14, 5] auth/auth_util.c:debug_nt_user_token(449) NT user token: (NULL) [2006/07/28 09:58:14, 5] auth/auth_util.c:debug_unix_user_token(475) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2006/07/28 09:58:14, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base = [dc=corman,dc=be], filter = [((uid=root)(objectclass=sambaSamAccount))], scope = [2] [2006/07/28 09:58:14, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1396) ldapsam_getsampwnam: Unable to locate user [root] count=0 [2006/07/28 09:58:14, 3] smbd/sec_ctx.c:pop_sec_ctx(339) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2006/07/28 09:58:14, 5] passdb/pdb_interface.c:pdb_default_uid_to_rid(1217) pdb_default_uid_to_rid: Did not find user root (0) [2006/07/28 09:58:14, 10] passdb/lookup_sid.c:uid_to_sid(1083) uid_to_sid: local 0 - S-1-22-1-0 [2006/07/28 09:58:14, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base = [ou=groupes,dc=corman,dc=be], filter = [((objectClass=sambaGroupMapping)(gidNumber=0))], scope = [2] [2006/07/28 09:58:15, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213) ldapsam_getgroup: Did not find group [2006/07/28 09:58:15, 10] passdb/lookup_sid.c:gid_to_sid(1127) gid_to_sid: local 0 - S-1-22-2-0 [2006/07/28 09:58:15, 3] passdb/lookup_sid.c:store_gid_sid_cache(1038) store_gid_sid_cache: gid 0 in cache - S-1-22-2-0 [2006/07/28 09:58:15, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base = [ou=groupes,dc=corman,dc=be], filter = [((objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-544))], scope = [2] [2006/07/28 09:58:26, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213) ldapsam_getgroup: Did not find group [2006/07/28 09:58:26, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base = [ou=groupes,dc=corman,dc=be], filter = [((objectClass=sambaGroupMapping)(sambaSID=S-1-5-32-545))], scope = [2] [2006/07/28 09:58:35, 4] passdb/pdb_ldap.c:ldapsam_getgroup(2213) ldapsam_getgroup: Did not find group [2006/07/28 09:58:35, 5] lib/smbldap.c:smbldap_search_ext(1179) smbldap_search_ext: base = [ou=groupes,dc=corman,dc=be], filter = [((|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-22-1-0)(sambaSIDList=S-1-22-2-0)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-11)(sambaSIDList=S-1-5-32-544)))], scope = [2] [2006/07/28 09:58:50, 10] lib/smbldap.c:smbldap_search_ext(1237) Failed search for base: ou=groupes,dc=corman,dc=be, error: Timed out () [2006/07/28 09:58:50, 10] auth/auth_util.c:add_aliases(631) pdb_enum_alias_memberships failed: NT_STATUS_UNSUCCESSFUL [2006/07/28 09:58:50, 10] registry/reg_db.c:regdb_open(248) regdb_open: incrementing refcount (1) [2006/07/28 09:58:50, 7] registry/reg_frontend.c:regkey_open_internal(359) regkey_open_internal: name = [HKLM\SYSTEM\CurrentControlSet\Services] [2006/07/28 09:58:50, 10] registry/reg_cachehook.c:reghook_cache_find(95) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] [2006/07/28 09:58:50, 10] lib/adt_tree.c:pathtree_find(341) pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] [2006/07/28 09:58:50, 10] lib/adt_tree.c:pathtree_find(413) pathtree_find: Exit [2006/07/28 09:58:50, 5] registry/reg_frontend.c:registry_access_check(59) registry_access_check: using root's token [2006/07/28 09:58:50, 3] passdb/lookup_sid.c:fetch_sid_from_uid_cache(907) fetch sid from uid cache 0 - S-1-22-1-0 [2006/07/28 09:58:50, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(979) fetch sid from gid cache 0 -
RE [Samba] Windows user password changing with Samba + LDAP + smbldap tools
With LDAP, I not use passwd program parameter. Samba modify directly the password attribute and the userPassword if ldap passwd sync = yes --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 taso [EMAIL PROTECTED] Envoyé par : [EMAIL PROTECTED] 17/01/2006 13:49 Veuillez répondre à [EMAIL PROTECTED] A samba@lists.samba.org cc Objet [Samba] Windows user password changing with Samba + LDAP + smbldap tools smbldap-tools-0.9.1-1 Samba 3.0.21a This is what I have in my smb.conf: passwd program = /opt/IDEALX/sbin/smbldap-passwd %u passwd chat = *New password :*\n %n *new password :*\n %n unix password sync = Yes According to man smb.conf, smbldap-passwd is invoked as root so the passwd chat should be fine. Problem is it doesn't work. Am I missing something obvious? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Adding workstations to domain as non-root
I your log I see two problem or comment : - Have you configured idealx-tools (smbldap.conf smbldap_bind.conf) - Have you added in your ldap_tree the objectclass sambaUnixIdPool into the entry sambaDomainName=xxx (it's the preference entry from idealx-howto) --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 16/01/2006 10:41:55 : Hi, The Problem: I have a samba domain using LDAP as the backend, complete with the IdealX LDAP scripts. Most of my Unix boxes (certainly anything which does any Samba stuff) authenticates against the same LDAP backend, using it for groups and users. I need to grant some people sufficient priviliges to add workstations to the domain, but I don't want to give them the root password in LDAP as doing so will also give them root access to the Unix boxes. I would therefore like to configure the system such that users who are a member of a specific group (Domain Admins springs immediately to mind) are able to add workstations to the domain. I have already added myself to the Domain Admins group: # Domain Admins, Group, u4eatech.com dn: cn=Domain Admins,ou=Group,dc=u4eatech,dc=com objectClass: posixGroup objectClass: sambaGroupMapping gidNumber: 512 cn: Domain Admins memberUid: Administrator memberUid: jamesc description: Netbios Domain Administrators sambaSID: S-1-5-21-2044582568-1589646193-1504741369-512 sambaGroupType: 2 displayName: Domain Admins And I've chown/chmod'ed the smbldap config files so members of the Domain Admins group can read them: elli sbin # ls -ail /etc/smbldap-tools/ total 27 238406 drwxr-xr-x 2 root root 192 Jan 11 16:16 . 9120 drwxr-xr-x 42 root root 3160 Jan 12 09:31 .. 238451 -rw-r--r-- 1 root root 7634 Jan 11 16:06 smbldap.conf 30283 -rw-r--r-- 1 root root 7728 Jan 10 13:44 smbldap.conf.old 238421 -rw-r- 1 root Domain Admins 438 Jan 11 08:52 smbldap_bind.conf However, I can't add users using the smbldap-useradd script: [EMAIL PROTECTED] ~ $ /usr/sbin/smbldap-useradd -w phobos$ Could not find base dn, to get next uidNumber at /usr/sbin//smbldap_tools.pm line 995. Looking at the OpenLDAP logs, it seems that smbldap-useradd is performing the search without first authenticating with the LDAP server: Jan 16 09:24:19 cygnus_new slapd[12571]: conn=67383 fd=52 ACCEPT from IP=172.30.1.22:60342 (IP=0.0.0.0:389) Jan 16 09:24:19 cygnus_new slapd[26453]: conn=67383 op=1 SRCH base=dc=u4eatech,dc=com scope=2 deref=2 filter=((objectClass=posixAccount)(uid=phobos$)) Jan 16 09:24:19 cygnus_new slapd[26453]: conn=67383 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 16 09:24:19 cygnus_new slapd[16367]: conn=67383 op=2 SRCH base=sambaDomainName=U4EATECH,dc=u4eatech,dc=com scope=0 deref=2 filter=(objectClass=sambaUnixIdPool) Jan 16 09:24:19 cygnus_new slapd[16367]: conn=67383 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 16 09:24:19 cygnus_new slapd[12571]: conn=67383 fd=52 closed -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] samba from RedHat 3 doesn't work in RedHat 4
Verify the SeLinux conf! --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 09/01/2006 15:21:07 : I recently upgraded my server from a RedHat 3 on a Dell Precision 410 to RedHat 4 on a Dell Optiplex GX 620 I moved all the samba configuration files from one system to the other. The old system worked as a domain master across several subnets with the use of local samba masters on each of the outlying subnets. The new system cannot be seen as a master on the outlying subnets. When I try to look at the workgroup on an outlying subnet, I get that the workgroup is not accessible. I have iptables set up on the new server to allow access from the 137, 138 and 139 ports on the new server. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] my serwer hngs :(
network card maybe --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 05/01/2006 11:54:06 : Heloo My server hangs up :((machine not only samba) I've upgrated my system. Now it is Gentoo 2005.1 - K 2.6.14 - Samba 3.0.20b Everything works exelent and much more faster now but sometimes it hangs up. The last hang up was when I have loged one user on w98 :( to domain. Only strange thing that I've found in logs are : : [2006/01/05 07:59:13, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 07:59:13 localhost smbd[7048]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/access.c:check_access(328) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Denied connection from (0.0.0.0) Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:01:06 localhost smbd[7061]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:01:06 localhost smbd[7061]: Connection denied from 0.0.0.0 Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:write_data(554) Jan 5 08:01:06 localhost smbd[7061]: write_data: write failure in writing to client 172.17.70.36. Error Connection reset by peer Jan 5 08:01:06 localhost smbd[7061]: [2006/01/05 08:01:06, 0] lib/util_sock.c:send_smb(762) Jan 5 08:01:06 localhost smbd[7061]: Error writing 5 bytes to client. -1. (Connection reset by peer) Jan 5 08:01:06 localhost smbd[7062]: [2006/01/05 08:01:06, 0] rpc_server/srv_pipe.c:api_pipe_bind_req(981) Jan 5 08:01:06 localhost smbd[7062]: Attempt to bind using schannel without successful serverauth2 Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/access.c:check_access(328) Jan 5 08:06:07 localhost smbd[7070]: [2006/01/05 08:06:07, 0] lib/util_sock.c:get_peer_addr(1222) Jan 5 08:06:07 localhost smbd[7070]: getpeername failed. Error was Transport endpoint is not connected Jan 5 08:06:07 localhost smbd[7070]: Denied connection from (0.0.0.0) I don't know what to do :( my smb conf [global] log file = /var/log/samba/%m.log load printers = no smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = yes bind interfaces only = Yes hosts deny = ALL hosts allow = 172.17.70.0/24 127. interfaces = eth0 lo hosts allow = 172.17.70. encrypt passwords = yes passwd program = /usr/bin/passwd %u max disk size = 51200 dns proxy = no server string = zefirek netbios name = zefirek printing = cups logon script = %U.bat message command = winpopup unix password sync = Yes local master = yes workgroup = ztisze os level = 90 printcap name = cups security = user max log size = 5000 pam password change = yes domain logons = yes restrict anonymous = true dos charset = CP852 unix charset = ISO8859-2 preserve case = yes read raw = yes write raw = yes getwd cache = yes #write cache size = 65536 debug level = 1 debug timestamp = no timestamp logs = true dos file times = yes passdb backend = smbpasswd #ldap server = localhost #ldap port = 0 #Czas time server = yes and so on Thx for all answers -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] samba 3 with LDAP
What is the version of smbldap-tools ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 14/12/2005 15:03:57 : Hi all I am setting up Samba Primary Domain controller with LDAP in Redhat Enterprise Linux ES 4.0 . The open Ldap version is _*OpenLDAP 2.2.3*_ and samba version _*3.0.10-1.4E .*_ i used smbldap-tools which comes default in RHEL ES 4.0 . After configuring samba and Ldap ie slapd.conf, and configuring smbldap-conf.pm and populate it through smbldap-populate.pl i get the following error Global symbol $ldapsearch requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 236. Global symbol $ldapsearchnobind requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 237. Global symbol $ldappasswd requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 239. Global symbol $ldapadd requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 240. Global symbol $ldapdelete requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 241. Global symbol $ldapmodrdn requires explicit package name at /usr/local/sbin///smbldap_conf.pm line 242. Compilation failed in require at /usr/local/sbin///smbldap_tools.pm line 4. BEGIN failed--compilation aborted at /usr/local/sbin///smbldap_tools.pm line 4. Compilation failed in require at ./smbldap-populate.pl line 34. BEGIN failed--compilation aborted at ./smbldap-populate.pl line 34. and when i type *net getlocalsid* command i get the following error # [2005/12/14 18:49:49, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (No such object) SID for domain TDC17 is: S-1-5-21-664927944-2827829345-1370909811 # Please guide me Regards Niranjan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question about releases notes
Hi, Just a question about the bugs : Incompatibilities with newer MS Windows hotfixes and embedded OS platforms What hotfixes is concerned ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Temporary Profiles
Are you sure that the path of profiles path are correct ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 01/12/2005 11:01:05 : Hi, I have got a problem with samba for days now and I don't know how to solve it. My problem is, that it doesn't matter if I enable or disable Roaming Profiles, all I get is a temporary profile. If i enable Roaming Profiles, than i get a temporary serverside Profile. If I disable Roaming Profiles, than i get a temporary local Profile. Can somebody please help me? With Roaming Profiles I think it is a problem with Filepermissions. Root get's a full Serverside Profile (not the smb.conf below), but only root. I just want a local Profile for the users, so it is not so relevant. Oliver Samba is PDC [global] include = /etc/samba/dhcp.conf socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon drive = H: hide dot files = yes domain master = Yes username map = /etc/samba/smbusers map to guest = Bad User printer admin = @ntadmin, root, administrator logon home = \\%L\%U\.9xprofile passwd program = /usr/bin/passwd %u wins support = true printcap cache time = 750 netbios name = fileserver cups options = raw printing = cups unix password sync = yes local master = Yes logon path = logon script = logon.bat workgroup = SJ os level = 65 printcap name = cups security = user add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ domain logons = Yes preferred master = Yes load printers = yes passdb backend = smbpasswd [homes] comment = Home Directories valid users = %S browseable = No read only = No inherit acls = Yes [profiles] comment = Network Profiles Service path = %H read only = No # store dos attributes = Yes create mask = 0600 directory mask = 0700 [users] comment = All users path = /home read only = No inherit acls = Yes veto files = /aquota.user/groups/shares/ [groups] comment = All groups path = /home/groups read only = No inherit acls = Yes [printers] comment = All Printers path = /var/tmp printable = Yes create mask = 0600 browseable = No [print$] comment = Printer Drivers path = /var/lib/samba/drivers write list = @ntadmin root force group = ntadmin create mask = 0664 directory mask = 0775 [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon write list = @user, root guest ok = yes locking = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] job queue samba 3.0.20b problem
Hi, I have a strange problem with my samba 3.0.20b with lprm_patch. In job queue list displayed on windows client; I can see a multiple of line with : Remote Downlevel Document with status is : submited in job queue. sometimes, this job is submited more than one time in the same second. The job cannot be deleted my the user, but by administror, it does. Maybe is due to windows 98 client, I don't know. some help will be apprecied Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] what is the SID of the domain administrator?
Hi, Please read the samba-howto-collection available on samba website. The cahper about right and privileges talk about that. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 16/11/2005 14:58:01 : Does the domain administrator SID always end with -1000? I.e., if the SID for the domain is: S-1-2-33-44-5-66 does this mean that the domain administrator's SID would be: S-1-2-33-44-5-66-1000 ? How can I get the SID number for any given user? -- Tomek http://wpkg.org WPKG - software deployment and upgrades with Samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] samba 3.0.21rc1 + ldap PDC - smbpasswd issue
I have upgraded the samba.schema in /etc/openldap/schema , --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 15/11/2005 11:36:40 : Hey Guys, I have just upgraded to version 3.0.21rc1. I decided to re-populate the database and test if everything is working. ./smbldap-populate -a root -k 0 -m 0 - ok ./smbldap-useradd -m -a username - ok ./smbldap-passwd username - ok smbpasswd username - fail [EMAIL PROTECTED] sbin]# smbpasswd asender New SMB password: Retype new SMB password: ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaMaxPwdAge: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaMinPwdAge: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) ldapsam_set_account_policy: Could not set account policy for sambaDomainName=DDESIGN,dc=ddesign,dc=com, error: Undefined attribute type (sambaPwdHistoryLength: attribute type undefined) hm any ideas; is this a bug? Please CC me the reply as well as the list. Adrian Sender. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE RE [Samba] Could not get RealPath CORDAF/* (It's a URGENT problem)
Hi, user2 is member of 32 groups. I found the error, that's the limit of kernel 2.4, thanks --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/10/2005 21:22:07 : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, could you verify the number of group which user2 is member ? [EMAIL PROTECTED] a écrit : Hi, I have two users which have this problem For the user1, I have deleted and recreated the user and is work fine, no problem. For user2, I make the same thing but, don't work. Note that this user have two laptop : - one with XP - one with 2000. When I recreate the user I verified that it's work with two 2000 laptop, but when the XP is reconnected Windows Xp could cuase some problem ? could you help me, the user2 is my director. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 24/10/2005 11:41:24 : A other user have the same problem, but : I copied the directory with the same ACL on my test server and work fine : [2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304) change_to_user uid=(1041,1041) gid=(0,513) [2005/10/24 10:25:47, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [CORPLA] - [CORPLA] [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(175) unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(324) New file * [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA/* [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 5] smbd/trans2.c:call_trans2findfirst(1683) dir=CORPLA, mask = * [2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391) dptr_create dir=CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511) creating new dirptr 256 for path CORPLA, expect_close = 1 [2005/10/24 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740) dptr_num is 256, wcard = *, attr = 22 [2005/10/24 10:25:47, 8] smbd/trans2.c:call_trans2findfirst(1745) dirpath=CORPLA dontdescend= [2005/10/24 10:25:47, 8] smbd/trans2.c:get_lanman2_dir_entry(1077) get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset 0 [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294) dos_mode: CORPLA/. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4027) check_posix_acl_group_write: file CORPLA/. match on group 1016 - can write. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4078) check_posix_acl_group_write: file CORPLA/. returning (ret = 1). [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162) dos_mode_from_sbuf returning d [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(328) dos_mode returning d [2005/10/24 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167) get_lanman2_dir_entry found CORPLA/. fname=. [2005/10/24 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO And on the produc server : [2005/10/24 11:04:56, 4] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/10/24 11:04:56, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for
RE [Samba] SambaPasswdMustChange problem
Hi, Have you specified the maximum password age with pdbedit pdbedit -P maximum password age -C 7776000 Samba takes age in seconds, so 60*60*24*90, is what you need. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/10/2005 15:36:41 : I set my users up with smbldap-tools. SambaPasswdMustChange is populated appropriately. The first time the user is prompted to change their password, and does so, the value in SambaPasswdMustChange goes to 2147483647 which is basically never. Can anybody tell me why this might be happening? Do I have to set this somewhere in smb.conf? Thanks, Misty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] syslog
Hi, man smb.conf syslog (G) This parameter maps how Samba debug messages are logged onto the system syslog logging levels. Samba debug level zero maps onto syslog LOG_ERR, debug level one maps onto LOG_WARNING, debug level two maps onto LOG_NOTICE, debug level three maps onto LOG_INFO. All higher levels are mapped to LOG_DEBUG. This parameter sets the threshold for sending messages to syslog. Only messages with debug level less than this value will be sent to syslog. Default: syslog = 1 syslog only (G) If this parameter is set then Samba debug messages are logged into the system syslog only, and not to the debug log files. Default: syslog only = no --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/10/2005 15:58:45 : How to stop loging with syslog ?? now, samba log to /var/log/samba/* and to log file defined in syslogd.conf in *.info entry ... I only want /var/log/samba/* ... thanx for any help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE [Samba] syslog
What version of samba ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/10/2005 16:55:48 : strange but ... with man smb.conf nothing about syslog ... and in my smb.conf ... now ... nothing too ... [EMAIL PROTECTED] wrote: Hi, man smb.conf syslog (G) This parameter maps how Samba debug messages are logged onto the system syslog logging levels. Samba debug level zero maps onto syslog LOG_ERR, debug level one maps onto LOG_WARNING, debug level two maps onto LOG_NOTICE, debug level three maps onto LOG_INFO. All higher levels are mapped to LOG_DEBUG. This parameter sets the threshold for sending messages to syslog. Only messages with debug level less than this value will be sent to syslog. Default: syslog = 1 syslog only (G) If this parameter is set then Samba debug messages are logged into the system syslog only, and not to the debug log files. Default: syslog only = no --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 26/10/2005 15:58:45 : How to stop loging with syslog ?? now, samba log to /var/log/samba/* and to log file defined in syslogd.conf in *.info entry ... I only want /var/log/samba/* ... thanx for any help -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE RE [Samba] Could not get RealPath CORDAF/* (It's a URGENT problem)
Hi, I have two users which have this problem For the user1, I have deleted and recreated the user and is work fine, no problem. For user2, I make the same thing but, don't work. Note that this user have two laptop : - one with XP - one with 2000. When I recreate the user I verified that it's work with two 2000 laptop, but when the XP is reconnected Windows Xp could cuase some problem ? could you help me, the user2 is my director. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 24/10/2005 11:41:24 : A other user have the same problem, but : I copied the directory with the same ACL on my test server and work fine : [2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304) change_to_user uid=(1041,1041) gid=(0,513) [2005/10/24 10:25:47, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [CORPLA] - [CORPLA] [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(175) unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(324) New file * [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA/* [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 5] smbd/trans2.c:call_trans2findfirst(1683) dir=CORPLA, mask = * [2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391) dptr_create dir=CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511) creating new dirptr 256 for path CORPLA, expect_close = 1 [2005/10/24 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740) dptr_num is 256, wcard = *, attr = 22 [2005/10/24 10:25:47, 8] smbd/trans2.c:call_trans2findfirst(1745) dirpath=CORPLA dontdescend= [2005/10/24 10:25:47, 8] smbd/trans2.c:get_lanman2_dir_entry(1077) get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset 0 [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294) dos_mode: CORPLA/. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4027) check_posix_acl_group_write: file CORPLA/. match on group 1016 - can write. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4078) check_posix_acl_group_write: file CORPLA/. returning (ret = 1). [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162) dos_mode_from_sbuf returning d [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(328) dos_mode returning d [2005/10/24 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167) get_lanman2_dir_entry found CORPLA/. fname=. [2005/10/24 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO And on the produc server : [2005/10/24 11:04:56, 4] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/10/24 11:04:56, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [CORPLA] - [CORPLA] [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(175) unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 11:04:56, 10]
RE [Samba] Could not get RealPath CORDAF/* (It's a urgent problem)
A other user have the same problem, but : I copied the directory with the same ACL on my test server and work fine : [2005/10/24 10:25:47, 5] smbd/uid.c:change_to_user(304) change_to_user uid=(1041,1041) gid=(0,513) [2005/10/24 10:25:47, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 10:25:47, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [CORPLA] - [CORPLA] [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(175) unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 10:25:47, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 10:25:47, 5] smbd/filename.c:unix_convert(324) New file * [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA/* [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 5] smbd/trans2.c:call_trans2findfirst(1683) dir=CORPLA, mask = * [2005/10/24 10:25:47, 5] smbd/dir.c:dptr_create(391) dptr_create dir=CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA [2005/10/24 10:25:47, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 10:25:47, 3] smbd/dir.c:dptr_create(511) creating new dirptr 256 for path CORPLA, expect_close = 1 [2005/10/24 10:25:47, 4] smbd/trans2.c:call_trans2findfirst(1740) dptr_num is 256, wcard = *, attr = 22 [2005/10/24 10:25:47, 8] smbd/trans2.c:call_trans2findfirst(1745) dirpath=CORPLA dontdescend= [2005/10/24 10:25:47, 8] smbd/trans2.c:get_lanman2_dir_entry(1077) get_lanman2_dir_entry:readdir on dirptr 0x803ad4c0 now at offset 0 [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(294) dos_mode: CORPLA/. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4027) check_posix_acl_group_write: file CORPLA/. match on group 1016 - can write. [2005/10/24 10:25:47, 10] smbd/posix_acls.c:check_posix_acl_group_write(4078) check_posix_acl_group_write: file CORPLA/. returning (ret = 1). [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode_from_sbuf(162) dos_mode_from_sbuf returning d [2005/10/24 10:25:47, 8] smbd/dosmode.c:dos_mode(328) dos_mode returning d [2005/10/24 10:25:47, 5] smbd/trans2.c:get_lanman2_dir_entry(1167) get_lanman2_dir_entry found CORPLA/. fname=. [2005/10/24 10:25:47, 10] smbd/trans2.c:get_lanman2_dir_entry(1308) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO And on the produc server : [2005/10/24 11:04:56, 4] smbd/uid.c:change_to_user(217) change_to_user: Skipping user change - already user [2005/10/24 11:04:56, 3] smbd/trans2.c:call_trans2findfirst(1629) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 2 requires_resume_key = 4 level = 0x104, max_data_bytes = 16384 [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(108) unix_convert called on file CORPLA/* [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(215) stat_cache_lookup: lookup failed for name [CORPLA/*] [2005/10/24 11:04:56, 10] smbd/statcache.c:stat_cache_lookup(248) stat_cache_lookup: lookup succeeded for name [CORPLA] - [CORPLA] [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(175) unix_convert begin: name = CORPLA/*, dirpath = CORPLA, start = * [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled(276) is_mangled * ? [2005/10/24 11:04:56, 10] smbd/mangle_hash2.c:is_mangled_component(215) is_mangled_component * (len 1) ? [2005/10/24 11:04:56, 5] smbd/filename.c:unix_convert(324) New file * [2005/10/24 11:04:56, 8] lib/util.c:is_in_path(1671) is_in_path: CORPLA/* [2005/10/24 11:04:56, 8] lib/util.c:is_in_path(1692) is_in_path: match not found [2005/10/24 11:04:56, 1] smbd/vfs.c:reduce_name(981) reduce_name: couldn't get realpath for CORPLA/* [2005/10/24 11:04:56, 5] smbd/filename.c:check_name(418) check_name on CORPLA/* failed [2005/10/24 11:04:56, 10] smbd/trans2.c:set_bad_path_error(2583) set_bad_path_error: err = 13 bad_path = 0 [2005/10/24 11:04:56, 3] smbd/error.c:unix_error_packet(91) unix_error_packet: error string = Permission denied [2005/10/24 11:04:56, 3]
[Samba] Could not get RealPath CORDAF/*
Hi, I have a strange problem : some users cannot acces to diretcory, the message is access denied. The ACL is correct # file: rsrv/vol2/data1/groupes/CORDAF # owner: root # group: Utilisateurs user::rwx user:mro:r-x user:sad:r-x group::--- group:administrateurs:rwx group:daf:rwx mask::rwx other::--- default:user::rwx default:user:mro:r-x default:user:sad:r-x default:group::--- default:group:administrateurs:rwx default:group:daf:rwx default:mask::rwx default:other::--- The user lge is member of group daf, but cannot acces to to directory. In log I find Could not get RealPath CORDAF/* But if I add the user directly to the ACL, no problem Maybe is caused by the update to last service pack on the laptop, because a other people which is also member of group daf can acces correctly. can anyone have problem with last service pack ? Configuration : samba 3.0.20b ldap backend ldap:trusted=yes privileges enabled. file is on a XFS partition. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Dangling MS Access DB Lock Files *.ldb
Hi, Where is this patch, I would like to update my server to 3.0.20a, but if there are some problem with Access DB Lock Files, I prefer to patche samba before compiling. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 11/10/2005 21:08:22 : On Tue, Oct 11, 2005 at 08:03:10PM +0100, Dragan Krnic wrote: I might have unwittingly made the impression that the problem only came with 3.0.20. The same problem was present in 3.0.14 as well as 3.0.4. It's a very intermittent problem which has been haunting me for months now. Then it's not this particular bug. I have compiled your patches and installed it on the affected samba server and the first obvious difference is that when either the *.mdb or *.ldb file is opened then the Sharing attribute in the Open Files section of the status page is now DENY_DOS instead of DENY_NONE. (I can catch the moment when they're opend if I keep refreshing the status often enough.) I hope that no lock file will dangle any more. I'll keep you posted. Hopefully the combination of the new NTCreateX file open code in 3.0.20+ and this patch will do the trick. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] remove rights on c:\Documents and Settings
The right of c:\Documents and Setting is not dependant of Samba. It's dependant of the configuration of the client. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 11/10/2005 11:54:56 : Hi, on samba all our users are just member of 'domain user' group. This way gives them limted rights on local workstation, but they still have full rights on c:\Documents and Settings. Is there a way to just give them read right on that folder ? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] cannot change computer name
You cannot change the computer namde direcly, you must disconnect from the domain, change the name and reconnect to the domain. I always use this methode --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 10/10/2005 12:31:37 : This is a repeat post . I am waiting to hear from someone about this issue. please help me resolving this issue. I have samba PDC configured. I am unable to change the computer name for any computer . All clients are windows XP pro . It says access denied. Although i use the same Administrator username and password which i used to join these computers to samba domain. I will really appreciate if some can help me in this . thanks regards I am using samba-server-3.0.13-2mdk Here is Global section of my samba conf [global] server string = network Share workgroup = NETPDC netbios name = freeze encrypt passwords = Yes smb passwd file = /etc/samba/smbpasswd passwd chat = *New*password* %n\n *new*password* %n\n *success* passwd program = /usr/bin/passwd %u passwd chat debug = yes unix password sync = Yes log level = 0 username map = /etc/samba/smbusers syslog = 0 printcap name = CUPS show add printer wizard = no printing = CUPS name resolve order = wins bcast hosts add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/sbin/usermod -G %g %u add machine script = /usr/sbin/useradd -s /bin/false -d /dev/null %u logon script = scripts\login.bat #logon home = \\%L\%U #logon drive = X: domain logons = Yes preferred master = Yes wins support = Yes winbind separator = \ idmap uid = 1-2 idmap gid = 1-2 # directory security mask = 0775 # security mask = 0775 # create mask = 0775 directory mode = 0775 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] password policy
Hi, pdbedit -P min password length -C value --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 06/10/2005 11:40:33 : Hello, PDC: Samba 2.2.5 on FreeBSD 4.11 Clients: WindowsXP SP2 (local user profiles) The WindowsXP clients login to the PDC. The users can change their password on local PC and Samba in one step (Ctrl+Alt+Del - Change Password) Now my question: How can I set password policies like min. passwowrd length I tried to do that with gpedit, but it works, if the user login to the local PC, only. Thanks in advance Niels -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact LDAP server
Hi, I changed the password of user Manager on my LDAP server, I have changed in /etc/ldap.conf the passwd too. I restarted ldap, nscd, but in messages log I have : smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact LDAP server anyone can explain why this error produce the ldapsam:trusted can be used for having no problem when changing ldap password without restart samba ? thanks Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
re: [Samba] smbd: nss_ldap: could not hard reconnect to LDAP server - Can't contact LDAP server
Samba use a other user than manager. I don't understand why samba call nss_ldap and why nss_ldap use the old password. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Grant Bigham [EMAIL PROTECTED] a écrit sur 04/10/2005 14:14:23 : Stephane, have you issued a smbpasswd -w new_ldap_Manager_pwd ?? Cheers, GrantB -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE RES: [Samba] ACLs with Problem
Hi, - With which user use try to change ACL ? - is the admin users ? - winbind work correctly ? -wbinfo ??? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 23/09/2005 14:39:10 : Hi Greg, Really, the first step to install filesystem it with support ACL. It looks at my archive: LABEL=/ / ext3defaults,acl 1 1 LABEL=/boot /boot ext3defaults 1 2 LABEL=/data /data ext3defaults,acl 1 2 none/dev/ptsdevpts gid=5,mode=620 0 0 none/proc procdefaults 0 0 none/dev/shmtmpfs defaults 0 0 /dev/cciss/c0d0p2 swapswapdefaults 0 0 /dev/cdrom /mnt/cdrom udf,iso9660 noauto, owner,kudzu,ro 0 0 /dev/fd0/mnt/floppy auto noauto,owner,kudzu 0 0 My server samba is integrated with the server windows 2003 (PDC). The server samba is using the users of windows 2003, catching using the way winbind. When I try to change the permissions of an file of the server samba, in my workstation I appear a message Denied Access. I perceived that windows also does not obtain to catch the extendidas permissions when I modified for the server linux. It looks at some parameters of my smb.conf: nt acl support = Yes acl compatibility = win2k acl map full control = yes acl check permissions = no acl group control = yes inherit acls = Yes profile acls = Yes map acl inherit = Yes force unknown acl user = Yes You can help me? -Mensagem original- De: Greg Folkert [mailto:[EMAIL PROTECTED] Enviada em: quinta-feira, 22 de setembro de 2005 13:35 Para: samba@lists.samba.org Assunto: Re: [Samba] ACLs with Problem On Thu, 2005-09-22 at 11:43 -0300, Luis Henrique de Faria Guimarães wrote: Hi All, I am with problem with the permissions of windows. The samba is not getting the ACLs permissions. I compiled version 3.0.20, with the following options: [...] Well the first thin we need to know, is the filesystem that you are sharing via samba mounted with the acl option in the /etc/fstab? Here is what mine looks like and I get the ACLs just fine: /dev/datavg/examplelv /lf/db ext3 rw,suid,nodev,exec,auto, nouser,async,acl,errors=remount-ro 1 1 I guess, I could have done defaults,acl,nodev and be-equivalent... but hey I guess I am a bit retentive. # file: teste.txt # owner: root # group: Domain Users user::rwx user:henrique:rw- group::r-- mask::rw- other::r-- The user henrique appears in linux, but he does not appear in windows. When I try to add permissions through windows appears a message of denied access. Somebody can help me Well, as long as you have the filesystem mounted (assuming it is ext3 with acl support compiled in) with the ACLs turned on... then things should work. -- greg, [EMAIL PROTECTED] The technology that is Stronger, Better, Faster: Linux Use Debian GNU/Linux, its a bazaar thing. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] (no subject)
look at changelog of the last version, you can see that a privilege seTakeOwnerShip is available. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 12/09/2005 11:08:44 : Hi, How user can modify the owner of file if he ?s not an Admin. thanks -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cups driver
[print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes why you set browseable = yes ?, normally browseable = no read only = yes guest ok = yes # Uncomment to allow remote administration of Windows print drivers. # Replace 'ntadmin' with the name of the group your admin users are # members of. write list = root, @ntadmin I suppose that administrator is in ntadmin group ? [global] log file = /var/log/samba/log.%m dns proxy = no netbios name = pykota security = user passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . server string = sprint socket options = TCP_NODELAY invalid users = root obey pam restrictions = yes workgroup = PyKoTa os level = 20 auto services = printers encrypt passwords = true syslog = 0 passwd program = /usr/bin/passwd %u passdb backend = tdbsam guest panic action = /usr/share/samba/panic-action %d max log size = 1000 load printer = Yes printing = cups printcap name = cups use client driver = yes Please modify this line : use client driver = no. The permission of /var/lib/printers is correct. try with no invalid users parameter in a second step --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 09/09/2005 15:02:12 : hi yes i'm sure ... i'm logged in administrator (user in administrator group) why did you say machinename ? so my problem is that drivers are well uploaded on samba share $print (/printer/W32X86/3/hp*) but after when i want to finish installation i get : not saved , access denied ??? Bruno Guerreiro a écrit : You're sure the machinename\administrator belongs to the printer admin group? Bruno Guerreiro -Original Message- From: stenon [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 9 de Setembro de 2005 11:40 To: Bruno Guerreiro; samba@lists.samba.org Subject: Re: [Samba] cups driver hi, it's almost good ! i can add new driver and it's uploading in my $print share on my samba server but when i want to save my change ... printer configuration connot be saved, access denied so i have change access on my directory /var/lib/samba/printers ... nothing where could i see my access denied ? which directory is it ? because logs are empty thanks ... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE [Samba] Bug in LDAP stuff?
Hi, since samba-3.0.20rc1 the ldap filter parameter is removed. you can resolve your problem by comment the ldap-filter parameter. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] a écrit sur 10/08/2005 17:15:01 : I think I've found a bug in the LDAP stuff. I've got a LDAP backend setup based on the idealx scripts. When I try to join a machine to my domain, I get the following. The important bit I want to point out is that the LDAP search is looking for (a lot of) properties, but it seems to be looking for _ALL_ objectClass=sambaSamAccount's. At this point in the trace, it should be trying to validate the login *as root* in order to join the machine. The query it's making does indeed return two entries: root and nobody, as it should, but two entries screws up the process now. Shouldn't the filter here be more like '((objectClass=sambaSamAccount)(uid=root))'? (Or whatever uid you're using to try to join the machine with. I know that the idealx stuff is out of date now post 3.0.11 with the root requirement. Here's hoping they update their stuff soon.) The filter is being supplied by Samba itself; hence, I'm thinking it's a bug. The question is: where do I go from here? Regards, dk Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3] lib/smbldap.c:smbldap_connect_system(866) Aug 10 09:38:50 excelsior smbd[32235]: ldap_connect_system: succesful connection to the LDAP server Aug 10 09:38:50 excelsior smbd[32235]: ldap_connect_system: LDAP server does support paged resultsAug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 4] lib/smbldap.c:smbldap_open(929) Aug 10 09:38:50 excelsior smbd[32235]: The LDAP server is succesfully connected Aug 10 09:38:50 excelsior slapd[31471]: conn=64 op=2 SRCH base=dc=starfleet,dc=mil scope=2 deref=0 filter=((objectClass=sambaSamAccount)) Aug 10 09:38:50 excelsior slapd[31471]: conn=64 op=2 SRCH attr=uid uidNumber gidNumber homeDirectory sambaPwdLastSet sambaPwdCanChange sambaPwdMustChange sambaLogonTime sambaLogoffTime sambaKickoffTime cn displayName sambaHomeDrive sambaHomePath sambaLogonScript sambaProfilePath description sambaUserWorkstations sambaSID sambaPrimaryGroupSID sambaLMPassword sambaNTPassword sambaDomainName objectClass sambaAcctFlags sambaMungedDial sambaBadPasswordCount sambaBadPasswordTime sambaPasswordHistory modifyTimestamp sambaLogonHours modifyTimestamp Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 1] passdb/pdb_ldap.c:ldapsam_getsampwnam(1338) Aug 10 09:38:50 excelsior smbd[32235]: ldapsam_getsampwnam: Duplicate entries for this user [root] Failing. count=2 Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3] smbd/sec_ctx.c:pop_sec_ctx(386) Aug 10 09:38:50 excelsior smbd[32235]: pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3] auth/auth_sam.c:check_sam_security(257) Aug 10 09:38:50 excelsior smbd[32235]: check_sam_security: Couldn't find user 'root' in passdb. Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3] auth/auth_winbind.c:check_winbind_security(80) Aug 10 09:38:50 excelsior smbd[32235]: check_winbind_security: Not using winbind, requested domain [STARFLEET] was for this SAM. Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 2] auth/auth.c:check_ntlm_password(312)Aug 10 09:38:50 excelsior smbd[32235]: check_ntlm_password: Authentication for user [root] - [root] FAILED with error NT_STATUS_NO_SUCH_USER Aug 10 09:38:50 excelsior smbd[32235]: [2005/08/10 09:38:50, 3] smbd/sesssetup.c:do_map_to_guest(41)Aug 10 09:38:50 excelsior smbd[32235]: No such user root [STARFLEET] - using guest account -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] security in samba
Could you explain more ?
One people can access to one printer or each printer are one adminitrator
and other people can just print ?
else there are the printer admin parameter
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
|-+-
| | Shashi Kanth Boddula [EMAIL PROTECTED] |
| | Envoyé par : |
| | [EMAIL PROTECTED]|
| | s.samba.org |
| | |
| | |
| | 29/09/2004 14:57 |
| | |
|-+-
---|
|
|
|Pour : [EMAIL PROTECTED]
|
|cc :
|
|Objet : [Samba] security in samba
|
---|
Hi,
In my company , we have 25 HP printers at different floors. All
printesr are configured on One Linux Machine. Each printer has one
administrator. My task is share the printer to that particular
administrator.
For example if i have 2 printers ( HP1 and HP2) , i want to share
HP1 printer to only 192.168.0.1 and HP2 printer to only 192.168.0.2.
If we use host allow host deny in global { or (or) and } shared
section, the behaviour is not meets my requirement.
if use valid users in shared section, it's not working properly. On
windows, when i connect with valid username and passwd , it gives a
credentials conflict error.
Please , can any one give suggestions on this.
Regards,
shashi kanth
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] Puzzle -- Logon/Login from Windows XP
I think that for resolve your problem, you configure samba for become PDC and connect all WINDOWS XP workstations to domain. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 29/09/2004 11:57 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] Puzzle -- Logon/Login from Windows XP | ---| I hope somebody can help me with this. I posed this question a week ago and got several well-meaning answers that were not very helpful. I have 10 Windows XP workstations and 100 users. Each of the 100 users has an account on my Samba server (running Samba 3.03 on Mandrake Linux 10). Each user has several shares on the Samba server which are unique to that user. In other words, only THAT user can access his/her shares, and THAT user has read/write priviledges for those shares. BTW, I define each user's shares by listings in smb.username.conf files and the include=smb.%U.conf option (I may have that backwards it may be username.smb.conf and include=%U.smb.conf, I have it right on my server.) The problem is, I need each of my 100 users to be able to logon to the Samba server (with READ/WRITE access to their own shares) from any of the 10 Windows XP workstations. It's not a problem if the user has an account on the XP machine that matches the username and password on the Linux Samba server. But users don't have their own machines and it's impractical to create 100 user accounts on EACH Windows XP workstation. Especially when the list of users changes every few months. So my question is, how can those 100 users logon to the Samba server from ANY workstation without having an account on the Windows XP workstation that matches their username/password on the Samba server? I have a clumsy workaround right now, but I need something better. This is what I can do now: -- I have a Samba share that is accessible to everyone. -- In Windows XP, if I map network drive on that share and select connect using different username, I get an opportunity to enter the username and password for the specific user. -- Once the Windows XP machine connects to the Samba server, the Samba server knows who the user is and displays a list of the user's own unique shares -- which can then be mapped as well. The thing that's awkward about this technique, however, is that I'm having to map a public share JUST to communicate to the Samba server the username and password. Isn't there a way to get the Samba server to ask for a username and password when the user clicks on the name of the Samba server in Explorer? That's what happens when I click on the name of a Windows XP machine (XP Machine 1) from another Windows XP machine (XP Machine 2) when I'm logged on to Machine 2 with a username and password that does not match an account on XP Machine 1. I get a dialog box asking for a username and password. If I enter a username that has an account on the first machine -- and the matching password -- I connect and get read/write access to all shared drives and folders. I want to get the same dialog box when I click on the Linux Samba server. But how? Thanks in advance for the help. Regards, Andy Liebman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : Re: Réf. : [Samba] Puzzle -- Logon/Login from Windows XP
Configure samba for become a domain member of a domain ? or make samba as a domain controler and configure trusting account --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] com Pour : [EMAIL PROTECTED] cc : 29/09/2004 12:46 Objet : Re: Réf. : [Samba] Puzzle -- Logon/Login from Windows XP In a message dated 9/29/2004 6:10:14 AM Eastern Daylight Time, [EMAIL PROTECTED] writes: I think that for resolve your problem, you configure samba for become PDC and connect all WINDOWS XP workstations to domain. Thanks for the reply. How do you define and create a domain? And is it difficult to maintain a domain as the users change? And what if the Samba server is just one of many servers on a network that might have other domains and domain servers? And what if the workstations have to access other domains? This is the sort of environment where my system has to work. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how?
Hi, Could explain more your problem ? On samba there are machine account for windows NT4, 2000, XP but no separation between workstation and server and DC. And also, there are no specific group for machine which are managed by samba. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Paul Gienger [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 28/09/2004 15:16 | | | | |-+- ---| | | |Pour : Jim C. [EMAIL PROTECTED] | |cc : [EMAIL PROTECTED] | |Objet : Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how? | ---| Jim C. wrote: Doesn't anyone here know how to authenticate hosts in the group 'Domain Controllers' such that you don't have to set 'ldap admin dn' to the ldap server's root dn? What's the big deal? Why is this such a secret? Everytime I ask about it I get dead silence. It doesn't seem to matter what list I am on either. Well if that's the way you're asking the question it's probably because no one can understand what you're talking about and they are too busy answering well formed quesions to ask for clarification. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : Re: Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how?
I know, but I want to say that samba manage machine group same as a other group, not for Domain Users and Domain Admin group. You can create a group for machine account but, I think that actually is not very important for samba domain. I can be mistaken. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Adam Tauno Williams Pour : [EMAIL PROTECTED] [EMAIL PROTECTED] cc : [EMAIL PROTECTED] nd.com Objet : Re: Re: [Samba] Authenticateing DC's on an ldap backend... nobody knows how? 28/09/2004 15:56 Could explain more your problem ? On samba there are machine account for windows NT4, 2000, XP but no separation between workstation and server and DC. ? A machine account is machine account, only WINS cares about the difference. And also, there are no specific group for machine which are managed by samba. This is an entirely site specific setup thing. If you want all your machine accounts created with a given gidNumber you can certainly do that. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] What is the correct SambaPrimaryGroupSID
Hi, I ask to you for a small question : I have some user with this SambaPrimaryGroiupSID = S-1-5-21-X-X--1443 And other user with this SambaPrimaryGroiupSID = S-1-5-21-X-X--513 What is correct SambaPrimaryGroiupSID ? The SambaSID of my primary group is S-1-5-21-X-X--513 The S-1-5-21-X-X--1443 is the result of GID 221*2 + 1001 RID algorithm I use samba 3.0.4. thanks Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Re: [Samba] NTFS-type directory permissions
You have just, but the kernel and FS used for store data must using ACL... It's just patch kernel (if kernel 2.4.x) for ACL support http://acl.bestbits.at and use a FS which have this possibility : - ext3 - ReiserFS - JFS - XFS Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Hi, I think if you choose to compile samba with the acl flag then you will have the complex access control desired. When you do a ./configure --help ... the options will be there but I think the option for acl support is --with-acl-support or something like that. Both my samba book and a unix terminal are not available to me now. Bri- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re : Re: [Samba] Changing password problem
Hi Christian, The ldap passwd sync is used for set if samba update LM, NT passwords and LDAP password or not the LDAP Password. But I read on the man of smb.conf : This option is used to define whether or not Samba should sync the LDAP password with the NT and LM hashes for normal accounts (NOT for workstation, server or domain trusts) on a password change via SAMBA. The ldap passwd sync can be set to one of three values: Yes = Try to update the LDAP, NT and LM passwords and update the pwdLastSet time. No = Update NT and LM passwords and update the pwdLastSet time. Only = Only update the LDAP password and let the LDAP server do the rest Why sambaPwdMustChange is not updated, samba must update sambaPwdMustChange if the password policy maximum password age is set. Maybe this options is corrected in 3.0.6 ? Thank you Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 [EMAIL PROTECTED] entware.com Pour : [EMAIL PROTECTED] cc : [EMAIL PROTECTED] 27/07/2004 13:00 Objet : Re: [Samba] Changing password problem Hi stephane, did you try ldap passwd sync = yes for me it worked. Christian Wittmer - Büro/Office: +49 (0) 6227/385-120 Email: [EMAIL PROTECTED] InterComponentWare AG Otto-Hahn-Strasse 3 69190 Walldorf Zentrale/Main: +49 (6227) 385-100 http://www.intercomponentware.com http://www.lifesensor.com [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 27.07.2004 12:49 To: [EMAIL PROTECTED] cc: Subject:[Samba] Changing password problem Hi, When a client try to change password : if sambaPwdCanChange = 2147483647 and sambaPwdMustChange = 1090923529 (for example) Samba would not change the password : I can find in log : user xxx cannot change password now, must wait until ven, 13 déc 1901 21:45:51 GMT But, if I set the sambaPwdCanChange to 0, the password is changed but, the sambaPwdMustChange is not updated to next date. I use LDAP and password policy. The unix password sync = no Can anyone answer to this problem ? Thank you Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Changing password problem
Hi, When a client try to change password : if sambaPwdCanChange = 2147483647 and sambaPwdMustChange = 1090923529 (for example) Samba would not change the password : I can find in log : user xxx cannot change password now, must wait until ven, 13 déc 1901 21:45:51 GMT But, if I set the sambaPwdCanChange to 0, the password is changed but, the sambaPwdMustChange is not updated to next date. I use LDAP and password policy. The unix password sync = no Can anyone answer to this problem ? Thank you Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10
Hi, On 3.0.4, I have a similar problem, it's caused by a group which have a user that not exist. Could you verify your user account ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Andreas Grabner [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 13/07/2004 08:46 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : Re: [Samba] Some smbd-processes uses 99% CPU and push load to 10 | ---| Hi It gets URGENT (for me) because there i a course which forces this problem twice a day and all other clients crash. Thanks Andreas Grabner -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : [Samba] best filesystem choice for samba (was: new user cannot logon)
Hi, My Samba server is a PDc and file server. I use XFS for data with ACL and data OS are on a RAID 5 structure disk. No problem for speed acces. Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Simon Oliver [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 08/07/2004 15:05 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] best filesystem choice for samba (was: new user cannot logon) | ---| I am setting up a Samba server and am uncertain as to which filesystem to choose. The consensus seems to be XFS but I'm not sure how proven this filesystem is (I know SGI have used it since Irix 6.5 but that's a different OS). I want the filesystem to be available via both CIFS and NFS. I need quotas and would like acls, but most of all want a fast reliable system. Reports indicate that ext2/3 is particularly slow, especially for long file listings and many people complain have corruption issues with reiser (nut maybe that's RedHat only). Recently, someone even suggested using VFAT! I'd like to hear your thoughts and experiences with the various filesystems, especially with regard to using them with Samba and/or NFS. P.s. The filesystem will be on hardware RAID5, with a hardware RAID1 root filesystem. I've heard that it makes sense to place the log file on the RAID1 partition - I carried out some simple tests but couldn't detect any difference in performance with XFS no matter where the log file is. -- Simon Oliver -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] reloading group member from LDAP
Hello, I use samba 3.0.4 with LDAP backend and ACL, I have no problem. But I see a small problem and I suggest a solution. I explain by an example : I have a user toto, he ask to me to access to two folder (erp01 and crm02). The ACL of erp01 is grp_erp01 rwx The ACL of crm02 is user_bla rx, user_blo, rwx The first directory is managed by a group and the second directly with user list. I going to my LDAP server and I add a memberUid ( = toto) to grp_erp01 and I add a user to my ACL of crm02. If I call toto for says Ok, you can work, toto will see only crm02, no erp01. Why : because smbd load group member on session setup. If a use the command 'smbcontrol pid close-share' or I use the 'kill button' of swat status, the auto-reconnection will reload the group, else not. I just suggest for 3.0.5 to add a parameter : 'reload group' or 'reload session setup' value in second and include the necessary code on smbd. Thanks Stéphane Purnelle -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : [Samba] Two questions about smbldap-tools
Hi Hi all. 1. Are they any web based interfaces to smbldap-passwd.pl? No 2. Is www.idealx.org still a valid site for the smbldap-tools and related info? When I go there, no matter the URL I enter, I get a login screen prompting for a username and password or a message that page can not be found on the server. www.idealx.org is a valid URL, but you can use this url http://samba.idealx.org/ for accesc directly to smbldap-tools page. Thanks, ~Dan --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : [Samba] scripts and pdbedit
Hi, I think that the delete user script is called only by smbd when a usrmgr or other external tools work with samba. smbpasswd and pdbedit is local tools and not use the delete user script, it work directly with the selected sam. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Collen Blijenberg MLHJ| | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 03/06/2004 12:30 | | | Veuillez répondre à Collen Blijenberg MLHJ| | | | |-+- ---| | | |Pour : samba mailing list [EMAIL PROTECTED] | |cc : | |Objet : [Samba] scripts and pdbedit | ---| i noticed the follow, i deleted a user, with both smbpasswd -x and tryed one with pdbedit -x and saw that only the username entry was removed from the samba passwd-backend.. the delete user script entry in the smb.conf is ignored with both commands ?? Why ?? - Collen Blijenberg (Systeem/Netwerk Beheerder) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : [Samba] changing smbpasswd password rules
The min password length in smb.conf is for unix password, you must modify the parameter with this command $ pdbedit -P min password length -C 3 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Jeff Kraeger [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 01/06/2004 17:02 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] changing smbpasswd password rules | ---| Where does smbpasswd get its password rules from? I need to change them! I need to allow for passwords as short as 3 characters. I've changed my unix rules to allow users using passwd to change their password correctly but samba will not. I'm using encrypted passwords so min password length = 3 doesn't do anything, right? I keep getting RAP86 errors and the log says password too short account policy min password len = 5 How do I change this to 3 - do I need to recompile? If so what file needs to change? Thanks, Jeff Kraeger -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LOGON problem on windows 2000 server
Hello, I have a problem a little complicated .
I have a Samba (3.0.2a) server compiled with ACL support and using a
directory LDAP for the users and groups, and it makes function of PDC.
On the network, I also a WINS server (win 2000 server) whose PDC is
customer.
Always on the network I have w98, 2000 (wrk), XP (pro) clients and three
server win2000 (of which waiter WINS).
This three Windows 2000 servers have problems of connection to the PDC.
Messages of the rvent viewer:
No controller of Windows NT field or Windows 2000 is available for field
CORMAN.
The following error occurred: %%1722
and
the explorer could not find the list of the servers of exploring Master
\\ADMIN01 on the network
\Device\NetBT_Tcpip_{D0D1ÇA2-08DD-4BF1-9322-1D66DBC73B0C }. The data is
the error code.
In order to try to include/understand what occurs, I made a script which
executed every 10 minutes and which sends a mail to me.
This mail contains the result of an order smbclient towards one of the
machines.
Sometimes, that passes without problem, I have normal posting, but the
majority of the mails ends in:
SPENGO login failed: No logon servers As I carry out this order with the
option-d10, I have at more the exit of the debug: session setup failed:
NT_STATUS_NO_LOGON_SERVERS
Somebody can it help me ?
Stéphane Purnelle
---
Stéphane PURNELLE [EMAIL PROTECTED]
Service Informatique Corman S.A. Tel : 00 32 087/342467
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] Samba basics
Have you verified your hosts.allow and hosts.deny conf ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Austin, Ben [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 07/05/2004 14:05 | | | | |-+- ---| | | |Pour : '[EMAIL PROTECTED]' [EMAIL PROTECTED] | |cc : | |Objet : [Samba] Samba basics | ---| Hi, I know little to nothing about samba so need some advice on a problem I'm having. One of my users is trying to mount a UNIX directory onto his PC and gets the error not authorised from this station. He was able to do this until he had his hard drive swapped out. Desktop have said they all settings are as they were previously and that this is a UNIX issue. Other users on the same network are not having this problem and the user in question can mount the directory from another PC which would suggest this is a problem with that specific PC. I have checked that all relevant smb/nmb procs are running and there are no errors in the logs. I can ping/traceroute to the PC and the PC can ping the UNIX box. I believe this is a local PC issue and wondered if anyone could help me determine this as the problem is flying back and forwards between UNIX and Desktop and the user is starting to get p$£%d Thanks in advance. Ben Our name has changed, please update your address book to the following format for the latest identities received [EMAIL PROTECTED]. This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] Machine Accounts in Samba3 and OpenLDAP
Hi, I know, I put a bug with no response, normaly, if you uncomment the part of code ... script adds sambaSamAccount atribute, you can adding computers on two step : first step : you have : windows message is same The user name could be not find - samba try to add the machine account because not found the entry second step : the connection work fine - samba found entry and modify correcly entry (sambaNTPassword, ) --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Ruslanas Cechovskis [EMAIL PROTECTED]| | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 26/04/2004 11:15 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] Machine Accounts in Samba3 and OpenLDAP | ---| Hi, Trying to run Samba3 and OpenLDAP.. and have a problem with adding computers to domain while checking logs i found that samba is doing such search : smbldap_search: base = [dc=forbis,dc=lt], filter = [((uid=test$)(objectclas s=sambaSamAccount))], scope = [2] [2004/04/26 09:45:46, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1062) ldapsam_getsampwnam: Unable to locate user [test$] count=0 i use smbldap-useradd script to add computers .. and entry is without sambaSamAccount atribute in smbldap-useradd.pl i found comented entry that samba add sambaSamAccoun atribute automaticaly... somehow it do not happens.. Also i tryed to put ldap filter = (uid=%u) entry in my smb.conf file ..also nothing happend samba still searchs in sambaSamAccount Tryed to uncoment this part of code ... script adds sambaSamAccount atribute .. but still cant join domain.. windows message is same The user name could be not find And right now im out of ideas ... any help ? Su pagarba, Ruslanas Cechovskis UAB Forbis inzinerius -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding computer to domain
Hi! I try to add a computer to my domain and I found a problem with samba. I use the IDEALX smbldap script for create entry in LDAP tree. If I uncomment the add_machine_mkntpasswd, the samba faild. If the add_machine_mkntpasswd is commented, I cannot add the computer to, because the SambaSID already exist. I found the problem. The last time that a computer will be added succesfully, samba converted the posixAccount to account schema. And the account schema don't have uid attribute or my configuration is misconfigured. And the script smbldap don't find correcly uid for machine account. Before adding the next machine, I will must export the last added machine to LDIF,n modify it for add posixAccount and some information, re-import to LDAP. I anyone have some information or help me Samba 3.0.2a OpenLDAP 2.1.25 RedHat 8.0 Thank you Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] add machine script wont add Postfix account
Hi! I have the same problem with my PDC. Work fine: Modify the script for add samba attribute ( three lines) Execute manually the entry (with smbldap-useradd.pl -w machine1) Try to join the domain Don't work : Samba call the smbldap-useradd -w %u and the script is not modified. I use samba 3.0.2a RH 8.0 openldap 2.1.25 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Stagiair [EMAIL PROTECTED]| | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 26/03/2004 16:06 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] add machine script wont add Postfix account | ---| He Guys, When we add a client pc (win2k) to our domain everything goes well except that the add machine script wont run. A computer will be created within the lDAP directory but not with the add machine script. The following is our situation. Fedora Core1 |-samba-3.0.2-7.FC1 |-openldap-2.1.22-8 smb.conf -- # Global parameters [global] workgroup = T3E server string = domeinserver bind interfaces only = Yes passwd program = /usr/sbin/smbldap-passwd.pl %u passwd chat = *new*password* %n *new*password* %n *successfully* passwd chat debug = Yes passdb backend = ldapsam:ldap://localhost #unix password sync = Yes log level = 2 log file = /var/log/samba/samba.log.%m time server = Yes socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 add user script = /usr/sbin/smbldap-useradd.pl -a -m %u add machine script = /usr/sbin/smbldap-useradd.pl -w %u delete user script = /usr/sbin/smbldap-userdel.pl -r %u add group script = /usr/sbin/smbldap-groupadd.pl %g delete group script = /usr/sbin/smbldap-groupdel.pl %g add user to group script = /usr/sbin/smbldap-usermod.pl -G %g %u domain logons = Yes os level = 34 preferred master = Yes domain master = Yes wins support = Yes ldap suffix = o=T3E,c=nl ldap admin dn = cn=Manager,o=T3E,c=nl ldap group suffix = ou=groups ldap machine suffix = ou=computers ldap user suffix = ou=people ldap ssl = no admin users = root hide unreadable = Yes logon path = \\%N\%U\.winprofile logon script = netwerk.bat encrypt passwords = Yes username map = /etc/samba/smbusers -- As you see we use the smbldap-tools to execute when a client logins to the domain. After login the following entry will be made in LDAP: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl uid: tmc-ontwikkelpc$ sambaSID: S-1-5-21-1973588340-308753574-2243378783-3006 sambaPrimaryGroupSID: S-1-5-21-1973588340-308753574-2243378783-3007 objectClass: sambaSamAccount objectClass: account displayName: TMC-ONTWIKKELPC$ sambaPwdCanChange: 1080312437 sambaPwdMustChange: 2147483647 sambaLMPassword: F64C97556FCFA59023753BB150C8A535 sambaNTPassword: E5C3C09DB2CAD5D92CBE5054CCBB7A27 sambaPwdLastSet: 1080312437 sambaAcctFlags: [W ] -- If we do a client add by hand (/usr/sbin/smbldap-useradd.pl -w %u) we get the following entry in the LDAP dir: uid=tmc-ontwikkelpc$,ou=computers,o=T3E,c=nl -- dn: uid=test$,ou=computers,o=T3E,c=nl objectClass: top objectClass: inetOrgPerson objectClass: posixAccount cn: test$ sn: test$ uid: test$ uidNumber: 1000 gidNumber: 10012 homeDirectory: /dev/null loginShell: /bin/false description: Computer -- This is a really different schema, and this is the one that we need. Anyone sees what were doing wrong? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go
[Samba] Samba SID and new installation
Hi, I make a new installation of my server with samba 3.0.2a But I restored my LDAP tree and the SambaDomainName in LDAP is different that net getlocalsid. What can I make : - set the local sid with the old sid (from ldap) net setlocalsid .. - Or change the SambaDomainSID on LDAP tree and all users, groups, and computers. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] printers unreachable in samba 3.0.2?
Already fixed in CVS. See this report for the patch and applay it. https://bugzilla.samba.org/show_bug.cgi?id=1147 --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Book, Jesse [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 04/03/2004 13:23 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] printers unreachable in samba 3.0.2? | ---| Hello, I'm currently running print services on a linux/cups/samba 3.0.2 machine. It seems that every now and again a group of users complains that they are seeing a windows error message telling them that they are unable to connect to their printer, and that the printer may be offline or is unreachable. Looking in the samba log I see the following error message. ---log level 1- [2004/03/04 06:35:04, 0] lib/util.c:smb_panic(1400) PANIC: internal error [2004/03/04 06:35:04, 0] lib/util.c:smb_panic(1408) BACKTRACE: 16 stack frames: #0 /opt/samba/sbin/smbd(smb_panic+0x181) [0x8180ebd] #1 /opt/samba/sbin/smbd [0x8171676] #2 /opt/samba/sbin/smbd [0x81716cb] #3 /lib/libc.so.6 [0x401eb988] #4 /opt/samba/sbin/smbd(print_queue_status+0x159) [0x819adb4] #5 /opt/samba/sbin/smbd [0x808604e] #6 /opt/samba/sbin/smbd(api_reply+0x2c0) [0x808c074] #7 /opt/samba/sbin/smbd [0x80839b5] #8 /opt/samba/sbin/smbd(reply_trans+0x9dd) [0x80844ec] #9 /opt/samba/sbin/smbd [0x80b7713] #10 /opt/samba/sbin/smbd [0x80b77a5] #11 /opt/samba/sbin/smbd(process_smb+0x1c6) [0x80b7ab5] #12 /opt/samba/sbin/smbd(smbd_process+0x153) [0x80b854d] #13 /opt/samba/sbin/smbd(main+0x6ec) [0x81cd699] #14 /lib/libc.so.6(__libc_start_main+0xc6) [0x401d7d06] #15 /opt/samba/sbin/smbd(yp_get_default_domain+0x91) [0x80726a1] -- Looking at the machine via cups show everything with the printer is normal, and a test page from cups can be printed successfully. However, from the windows side, all users that are connected to that printer are unable to use the printer. Deleting the individual printer .tdb (../var/locks/printing/printername.tdb) file and issuing a 'smbcontrol smbd reload-config' seems to clear the problem. I don't know if this is a new problem, or goes back to Jerry Haltom's problem that I read about last month. (Signal 11 in smbd 3.0.2rc2 on printer operation) -= Jesse =- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re. : Re: [Samba] Re: Multiple DB / fragmented information
Hi, Maybe using LDAP REFERRAL ??? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Lapin(c) [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 04/03/2004 14:51 | | | | |-+- ---| | | |Pour : Jérôme Fenal [EMAIL PROTECTED] | |cc : [EMAIL PROTECTED] [EMAIL PROTECTED] | |Objet : Re: [Samba] Re: Multiple DB / fragmented information | ---| Selon Jérôme Fenal [EMAIL PROTECTED]: Salut Lapin(c), Comment va depuis notre longue discussion sur Solutions Linux ? Plutot bien merci :) Lapin(c) wrote: I was exploring a local LDAP solution, as it's for a very large network (1000 sites / 10 users) we want a disjunction between local administration for machines and global administration for users. What do you mean for disjunction between local administration and users ? Do you mean : 1. Separation between directory insertion (etheir user or machine) and local PC admin rights : - class D people can insert machines, as well as users - class T people can login to machines as local admin 2. Separation between directory insertion (users inserted by some people, machine by others) and local PC admin rights : - class M people (local support I guess) can insert local machine, in the right ou=site,ou=Computers sub-ou - class D people can insert users (centrally managed I guess), and maybe Computers - class T people (see below). I guess (read I think, but not yet investigated further) that it could be done, maybe with the help of LDAP management application and carefully crafted LDAP ACLs. I think that, if using IdealX scripts, and different sub-ou configuration for these, you may can do what you intend to, directly using Samba and inserting machine directly from the Windows PC. I mean that computers account is a local data and users password is a global data. so I need to separate both information in term of localization, hence for administration. It's mainly a LDAP architecture problem now. What is the size of the biggest site (I beg it is the Lyon one in Part-Dieu) ? Or maybe Paris'ones. yes they are, the biggest are 300/400 users per site. I guess that machine passwords traffic (once per week) would not be that huge, even on 64kb/s lines no the study is done to minimize network flow on the backbone. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : Re: [Samba] using a master ldap server and a slave ldap server for one samba server
What's means, can I have some problem with this configuration ? Or it's just a speed problem ? Stéphane John H Terpstra [EMAIL PROTECTED] Pour : [EMAIL PROTECTED] cc : [EMAIL PROTECTED] 01/03/2004 18:22 Objet : Re: [Samba] using a master ldap server and a slave ldap server for one samba server On Mon, 1 Mar 2004, John H Terpstra wrote: On Mon, 1 Mar 2004 [EMAIL PROTECTED] wrote: Hi, I would like to make this : passwd backend : ldapsam:ldap://127.0.0.1, ldapsam:ldap://10.217.7.14 Oops! I meant to add that the configuration above will result in both LDAP servers being contacted reesulting in a doubling up of all account entries. - John T. Change that to: passwd backend = ldapsam:ldap://127.0.0.1 ldap://10.217.7.14; Note the specific use of the double quotes. - John T. The ldap server on 127.0.0.1 is the master LDAP server The ldap server on 10.217.7.14 is the slave LDAP server. Can I do this. Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : Re: Réf. : Re: [Samba] using a master ldap server and a slave ldap server for one samba
If the first LDAP server faild, the second can be used directly. This server is a PDC server with more than 100 people connected and some application required domain authentification for running. For me is a critical server. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Beast [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 02/03/2004 11:18 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : Re: Réf. : Re: [Samba] using a master ldap server and a slave ldap server| |for one samba server | ---| * [EMAIL PROTECTED] nulis: What's means, can I have some problem with this configuration ? Or it's just a speed problem ? Samba will get 2 value for same id and problem will appear soon or later. Any reason why using 2 ldapsam backend? Stéphane --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : Re: Réf. : Re: Réf. : Re: [Samba] using a master ldap server and a slave ldap server
The origine of my message is a problem with my local LDAP server. last thursday I upgraded my RH 8 with the glibc update from RedHAt, after sometimes the LDAP server is unreachable. In log : Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.allow: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.allow: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.allow: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.allow: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.allow: Too many open files Mar 2 11:40:02 coradm01 slapd[5342]: warning: cannot open /etc/hosts.deny: Too many open files Some peolple says : It's the limit of open file number, I verified this, it's not this problem. I know, it's a HS mail, but I want to know howto resolve this. Thanks Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Beast [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 02/03/2004 12:18 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : Re: Réf. : Re: Réf. : Re: [Samba] using a master ldap server and a slave| |ldap server for one samba | ---| * [EMAIL PROTECTED] nulis: If the first LDAP server faild, the second can be used directly. This server is a PDC server with more than 100 people connected and some application required domain authentification for running. For me is a critical server. You can use one ldapsam with multiple server, see previous posting for the syntax. You can also setup dedicated ldap server for samba though i dont think that samba make a intensive call to ldap server, pam/nss_ldap yes, but 100 (concurent) user will not that high :) --beast -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] using a master ldap server and a slave ldap server for one samba server
Hi, I would like to make this : passwd backend : ldapsam:ldap://127.0.0.1, ldapsam:ldap://10.217.7.14 The ldap server on 127.0.0.1 is the master LDAP server The ldap server on 10.217.7.14 is the slave LDAP server. Can I do this. Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] Trouble with install, still--please help
Hi These files are the samba daemon ! usr/local/samba/sbin/nmbd usr/local/samba/sbin/smbd usr/local/samba/sbin/swat usr/local/samba/sbin/winbindd You must create the smb.conf in /usr/local/samba/lib. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 |-+- | | Anne Ramey [EMAIL PROTECTED] | | | Envoyé par : | | | [EMAIL PROTECTED]| | | s.samba.org | | | | | | | | | 27/02/2004 16:49 | | | | |-+- ---| | | |Pour : [EMAIL PROTECTED] | |cc : | |Objet : [Samba] Trouble with install, still--please help | ---| When I compile the source, I don't get smbd, nmbd, etc. Can't very well use samba without the deamons. details: I've tried building it on a server that I know has pretty much every library possible for a program to need, but I'm still not getting a good samba install. I'm on white-dwarf linux (kernel 2.4.25), gcc 3.3.2, Samba 3.0.2a White-dwarf is home-grown, very much like slackware. When I configure and make and make install, I don't get any errors, but I when I look for some files that are supposed to come with it, they aren't there. ex /usr/local/samba/lib/smb.conf: No such file or directory /etc/smb.conf: No such file or directory These are the files it did install: ./ usr/ usr/local/ usr/local/samba/ usr/local/samba/bin/ usr/local/samba/bin/net usr/local/samba/bin/smbclient.old usr/local/samba/bin/testparm.old usr/local/samba/bin/smbtar.old usr/local/samba/bin/tdbbackup.old usr/local/samba/bin/wbinfo.old usr/local/samba/bin/smbstatus.old usr/local/samba/bin/rpcclient.old usr/local/samba/bin/smbpasswd.old usr/local/samba/bin/smbtree usr/local/samba/bin/ntlm_auth usr/local/samba/bin/testparm usr/local/samba/bin/testprns usr/local/samba/bin/tdbdump usr/local/samba/bin/nmblookup.old usr/local/samba/bin/findsmb usr/local/samba/bin/smbclient usr/local/samba/bin/testprns.old usr/local/samba/bin/smbpasswd usr/local/samba/bin/tdbbackup usr/local/samba/bin/nmblookup usr/local/samba/bin/smbstatus usr/local/samba/bin/smbtar usr/local/samba/bin/smbcacls usr/local/samba/bin/smbspool usr/local/samba/bin/findsmb.old usr/local/samba/bin/wbinfo usr/local/samba/bin/smbcontrol.old usr/local/samba/bin/pdbedit usr/local/samba/bin/profiles usr/local/samba/bin/smbcontrol usr/local/samba/bin/smbcquotas usr/local/samba/bin/rpcclient usr/local/samba/bin/smbcacls.old usr/local/samba/bin/smbspool.old usr/local/samba/lib/ usr/local/samba/lib/vfs/ usr/local/samba/lib/vfs/audit.so usr/local/samba/lib/vfs/default_quota.so usr/local/samba/lib/vfs/netatalk.so usr/local/samba/lib/vfs/cap.so usr/local/samba/lib/vfs/readonly.so usr/local/samba/lib/vfs/fake_perms.so usr/local/samba/lib/vfs/extd_audit.so usr/local/samba/lib/vfs/recycle.so usr/local/samba/lib/de.msg usr/local/samba/lib/upcase.dat usr/local/samba/lib/en.msg usr/local/samba/lib/valid.dat usr/local/samba/lib/fr.msg usr/local/samba/lib/libsmbclient.so usr/local/samba/lib/ja.msg usr/local/samba/lib/it.msg usr/local/samba/lib/nl.msg usr/local/samba/lib/pl.msg usr/local/samba/lib/tr.msg usr/local/samba/lib/lowcase.dat usr/local/samba/lib/charset/ usr/local/samba/lib/charset/CP437.so usr/local/samba/lib/charset/CP850.so usr/local/samba/man/ usr/local/samba/man/man1/nmblookup.1 usr/local/samba/man/man1/profiles.1 usr/local/samba/man/man1/smbcquotas.1 usr/local/samba/man/man1/editreg.1 usr/local/samba/man/man1/testparm.1 usr/local/samba/man/man1/testprns.1 usr/local/samba/man/man1/rpcclient.1 usr/local/samba/man/man1/findsmb.1 usr/local/samba/man/man1/smbsh.1 usr/local/samba/man/man1/smbstatus.1 usr/local/samba/man/man1/wbinfo.1 usr/local/samba/man/man1/ntlm_auth.1 usr/local/samba/man/man1/smbcacls.1 usr/local/samba/man/man1/vfstest.1 usr/local/samba/man/man1/smbclient.1 usr/local/samba/man/man1/smbtree.1 usr/local/samba/man/man1/smbget.1
Re. : Re: [Samba] SPNEGO nego problem (REPOST)
I have the problem with smbclient -L ... This is a level 50 debug message [2004/02/23 10:45:00, 5] lib/debug.c:debug_dump_status(359) INFO: Current debug levels: all: True/50 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 [2004/02/23 10:45:00, 3] param/loadparm.c:lp_load(3918) lp_load: refreshing parameters [2004/02/23 10:45:00, 3] param/loadparm.c:init_globals(1304) Initialising global parameters [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset UCS-2LE [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset UCS-2LE [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset UTF8 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset UTF8 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset ASCII [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset ASCII [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset 646 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset 646 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset ISO-8859-1 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset ISO-8859-1 [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(95) Attempting to register new charset UCS2-HEX [2004/02/23 10:45:00, 5] lib/iconv.c:smb_register_charset(103) Registered charset UCS2-HEX [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file /usr/local/samba/lib/smb.conf [2004/02/23 10:45:00, 3] param/loadparm.c:do_section(3421) Processing section [global] doing parameter netbios name = ADMIN01 [2004/02/23 10:45:00, 4] param/loadparm.c:handle_netbios_name(2709) handle_netbios_name: set global_myname to: ADMIN01 doing parameter workgroup = CORMAN doing parameter server string = Serveur administratif doing parameter security = user doing parameter passwd chat debug = yes doing parameter passwd chat = *new*password* %n\n *new*password* %n\n successfully* doing parameter passwd program = /usr/local/sbin/smbldap-passwd.pl -o %u doing parameter password level = 2 doing parameter unix password sync = no doing parameter admin users = @administrateurs doing parameter os level = 75 doing parameter unix charset = ISO-8859-15 [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE [2004/02/23 10:45:00, 5] lib/charcnv.c:charset_name(74) Substituting charset 'ANSI_X3.4-1968' for LOCALE doing parameter display charset = ISO-8859-15 doing parameter dos charset = ISO-8859-15 doing parameter veto files
[Samba] lp_servicenumber: couldn't find qstpfbl
Hello, Some questions : - Can anyone could explain this message : [2004/01/26 12:40:57, 7] param/loadparm.c:lp_servicenumber(4060) lp_servicenumber: couldn't find qstpfbl [2004/01/26 12:40:57, 3] param/loadparm.c:lp_add_printer(2394) adding printer service qstpfbl qstpfbl is a printer - Why sometimes a windows 2000 server (SP4) which is a member server of my DOMAIN could not be available on network (Internal server error) ? - When I restart smb daemon (/etc/rc.d/init.d/smb restart), the system not restart correctly, but if i do : /etc/rc.d/init.d/smb stop, wait 1 second, /etc/rc.d/init.d/smb stop, samba work fine ! The message asked in my first question can be the answer ? Thank you Stéphane Purnelle --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] My story installing Samba-LDAP PDC (it has a happy ending)
Could you send the ldap conf of samba (smb.conf) ? Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Muhammad Reza [EMAIL PROTECTED] Envoyé par : Pour : [EMAIL PROTECTED] [EMAIL PROTECTED]cc : .samba.org Objet : [Samba] My story installing Samba-LDAP PDC (it has a happy ending) 05/02/2004 11:08 hi. I Failed when try to mapping (create) samba (NT) group #net groupmap add rid=513 ntgroup=Domain Guests unixgroup=nobody adding entry for group Domain Guests failed! # ldapsearch -x -h localhost -b cn=nobody,ou=Groups,dc=mra,dc=net # extended LDIF # # LDAPv3 # base cn=nobody,ou=Groups,dc=mra,dc=net with scope sub # filter: (objectclass=*) # requesting: ALL # # nobody, Groups, mra.net dn: cn=nobody,ou=Groups,dc=mra,dc=net objectClass: posixGroup objectClass: top cn: nobody description: Local Unix group gidNumber: 65533 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 please help me... regards reza -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] bugzilla.samba.org not work ?
I would like to post a bug, on bugzilla.samba.org, but the website don't respond. My bug is : Some users can't save file correctly the firts time, a second try work fine, but the first try cause an error on workstations. In smbd.log, I have : [2004/01/20 11:13:54, 5] libsmb/namecache.c:namecache_enable(45) namecache_enable: disabling netbios name cache [2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=13) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=17) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/20 11:13:54, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=18) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible bye Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbldap-tools 8.2 and sambaPrimaryGroupSID different that older version
Hi! In 0.7 version, the sambaprimaryGroupSID was composed with SID- uid * 2 + 1001, for example : 221*2+1001 = 1443. Now, the smbldap-tools 8.2 (the latest version) create the sambaprimaryGroupSID with group-SID of group. Its' because I have a groupmapping of this group (Users - Domain Users) ? It's normal ? Thank you for your help. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba says you have right but I must not have right (Important - SECURITY ISSUE)
My Samba 3.0.1 is configured with LDAP SAM and ACL on XFS filesystem. For a test, I added my user to the group cadres. This group is in ACL definition of my directory. # file: Projets # owner: root # group: root user::rwx user:asi:rwx group::rwx group:administrateurs group:cdir:r-x group:jardin:r-x group:cadres:r-x mask::rwx other::--- default:user::rwx default:user:asi:rwx default:group::rwx default:group:adminis default:mask::rwx default:other::--- In my explorer, the directory Projets appear, the directory is available. After, I modifed my group cadres and I supress my account from group. since more than 1 hour, I can see and acces to directory but in unix console I cannot and I must don't access to this directory. The only possibility than I have is : killing my connection with SWAT I looking the source and I think that is the NT_USER_TOKEN information is not updated after connection or if these informations is updated not correctly. I propose that samba refresh correcly these information every five minutes or a parameter REFRECH_USRE_INFO in smb.conf. please help me. Stéphane Samba Administrator. --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] tdb access problem - tdb_brlock failed
Hi I my smbd.log, I can find these lines. How to resolv this problem ? [2004/01/08 12:03:11, 5] lib/gencache.c:gencache_init(59) Opening cache file at /var/cache/samba/gencache.tdb [2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=12) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/08 12:03:11, 5] libsmb/namecache.c:namecache_enable(58) namecache_enable: enabling netbios namecache, timeout 660 seconds [2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=13) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=17) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=18) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/08 12:03:11, 5] tdb/tdbutil.c:tdb_log(724) tdb(unnamed): tdb_brlock failed (fd=19) at offset 4 rw_type=1 lck_type=13: Ressource temporairement non disponible [2004/01/08 12:03:11, 10] registry/reg_cachehook.c:reghook_cache_add(60) reghook_cache_add: Adding key [/HKLM/SYSTEM/CurrentControlSet/Control/Print] [2004/01/08 12:03:11, 8] lib/adt_tree.c:sorted_tree_add(247) sorted_tree_add: Enter [2004/01/08 12:03:11, 10] lib/adt_tree.c:sorted_tree_add(314) sorted_tree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Control/Print] to tree [2004/01/08 12:03:11, 8] lib/adt_tree.c:sorted_tree_add(316) sorted_tree_add: Exit tdb file in /var/cache/samba : account_policy.tdb brlock.tdb browse.dat connections.tdb gencache.tdb group_mapping.tdb lang_en.tdb lang_fr.tdb locking.tdb messages.tdb namelist.debug ntdrivers.tdb ntforms.tdb ntprinters.tdb printing (this is a directory) registry.tdb sessionid.tdb share_info.tdb unexpected.tdb wins.dat Thank you Stéphane --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba wins server, wins client and no wins client
Hi, I configured my samba server as a PDC and wins server. If I declare a workstation as a winsclient, the PDC is visible on network neighborhood and to logon is possible If a laptop or a PC have no wins settings, the PDC is not visible and no logon is possible. Samba 3.0.1 on RedHat 8.0, ldap backend The PDC and wins server is the same computer Why ? --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Réf. : [Samba] last try: change NT password with samba tools?
The solution that I know is webmin with samba+ldap module. http://www.webmin.com --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 Jochen Keutel [EMAIL PROTECTED] Envoyé par : Pour : Samba [EMAIL PROTECTED] [EMAIL PROTECTED]cc : .samba.org Objet : [Samba] last try: change NT password with samba tools? 11/12/2003 14:11 Hello, last try: Is it possible to change the password on a NT PDC with a Samba tool? I want to bind to the PDC as administrator and set the password of a normal user to a new value - without knowing the old value. I've asked this already but, unfortunately, got no answer (http://lists.samba.org/archive/samba/2003-December/076170.html , http://lists.samba.org/archive/samba/2003-December/076368.html ). I'd really appreciate to get at least an answer like no, it's not possible. Thanks in advance, Jochen. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
