[Samba] Help needed to debug Samba problem
I have a Samba domain that is having problems. We have a new NetApp file server (FAS2040 running NetApp Release 7.3.4) that keeps dropping its connection to the Samba server. We didn't have this problem with an older NetApp box (FAS250 running NetApp Release 6.5.1R1). I can run tcpdump on the Samba server and see traffic going back and forth between the FAS2040 and the Samba server when the filer tries to connect, but don't know enough about the protocol to decipher the traffic. One thought I had was to move the Samba domain to a newer version of Samba (on a newer server) but I don't know if that will really help. The above means that I have two questions: how to decipher the tcpdump info, and how to migrate existing Samba tdb databases to a new server? Thanks in advance for any pointers! Carl Carl G. Riches Department of Biostatistics University of Washington Seattle, WA 98195-7232 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed to debug Samba problem
On Thu, Sep 29, 2011 at 11:59:41AM -0700, Carl G. Riches wrote: I have a Samba domain that is having problems. We have a new NetApp file server (FAS2040 running NetApp Release 7.3.4) that keeps dropping its connection to the Samba server. We didn't have this problem with an older NetApp box (FAS250 running NetApp Release 6.5.1R1). I can run tcpdump on the Samba server and see traffic going back and forth between the FAS2040 and the Samba server when the filer tries to connect, but don't know enough about the protocol to decipher the traffic. One thought I had was to move the Samba domain to a newer version of Samba (on a newer server) but I don't know if that will really help. The above means that I have two questions: how to decipher the tcpdump info, and how to migrate existing Samba tdb databases to a new server? Thanks in advance for any pointers! What does your setup look like ? How are you trying to export files from what to what ? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] help needed about SID to UID/GID mapping
Dear all I need some advise with respect to SID/UID/GID mapping. The server runs Samba 3.5.8 as a member of an AD (w2k8) domain. Our UNIX UIDs are taken from the 1000-6 range with about 1 allocated accounts. 99% of user IDs exist in AD with the same name. For that reason we rely on the nss idmap backend which is non-allocating. The problem comes with the group mappings. Several UNIX groups exist on the AD side but with different names. E.g. kizinfraversusAbteilung Infrastrktur so the nss backend cannot map the AD group SIDs to GIDs and vice versa. Is there any way to create a static mapping table for groups? Tried wbinfo --set-gid-mapping gid,sid as well as net groupmap but it didn't work. Replacing the nss backend by tdb allocates new GID/UIDs but how would I make sure that existing ones are mapped correctly given the above mentioned name conflicts. Looking at the manpages I also got the impression that I could use both an non-allocating backend and a allocating as fallback but I also didn't manage to get it working. Any hints are greatly appreciated! Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed with Windows7 roaming files.
With outlook working you need to redirect your users pst and you need to set up a prf-file for each user. Ex: ;Automatically generated PRF file from the Microsoft Office Customization and Installation Wizard ; ** ; Section 1 - Profile Defaults ; ** [General] Custom=1 ProfileName=test DefaultProfile=Yes OverwriteProfile=Yes ModifyDefaultProfileIfPresent=FALSE ;DefaultStore=Service1 ; ** ; Section 2 - Services in Profile ; ** [Service List] Service1=Personal Folders Service2=Outlook Address Book Service3=Personal Address Book ;*** ; Section 3 - List of internet accounts ;*** [Internet Account List] Account1=IMAP_I_Mail ;*** ; Section 4 - Default values for each service. ;*** [Service1] UniqueService=No Name=Mein persönlicher Ordner PathToPersonalFolders=\\tuepropdc\%USERNAME%\outlook\%USERNAME%.pst --the psts EncryptionType=0x8000 [Service2] [Service3] NameOfPAB=Persönliches Adress Buch Path=\\tuepropdc\%USERNAME%\outlook\%USERNAME%.pab ShowNamesBy=0 .. But you are running exchange. Why do you need another imap and smtp? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Dennis M Gesendet: Montag, 21. Februar 2011 05:45 An: samba@lists.samba.org Betreff: Re: [Samba] Help needed with Windows7 roaming files. Hi Guys, I've had a check again, looks like roaming profile is already running (sorry about being misleading), strange though no local profile is created (this can be found out when i log in as local admin and go to the User Profile tab in computer properties), and outlook still complains about the data file cannot be accessed and not sending email (we have two email accounts in outlook, the exchange one is fine, only imap/smtp account is not sending. ) on Windows XP before the upgrade everything was fine, just wondering if there's anyone managed to get outlook working with windows7 roaming profile. .profile.V2 looks fine on the server. it was auto-generated by windows7. Thanks again. On Mon, Feb 21, 2011 at 12:30 AM, mr...@freemail.hu mr...@freemail.huwrote: Hi Dennis! Windows 7 uses the same share for roaming profiles as Windows XP, but a different directory. (so, you don't need the profiles.v2 share) The profile directories for Win7 ends with .v2. Try to create a directory with the following name: \\server1\user1\.profile.v2. Perhaps it helps, If doesn't, then here is my config which worked for me: smb.conf: [global] ... logon path = \\smbserver\profiles\%U ... [profiles] path = /opt/samba/profiles writeable = yes browseable = yes read only = no hide unreadable = yes directory mask = 0770 force directory mode = 2770 create mask = 0660 In the profiles share I made two directories for the two profiles: john john.v2 Best regards, mredd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed with Windows7 roaming files.
Thanks Daniel, The legacy IMap (postfix and courier) server exists for historic reasons, we have plans to merge it with the Exchange server sometime this year. until then we will still need to live with it. Can you give more details as in how to activate the prf file for each user? if i understand correctly, this will place the .prf file in the network share, i heard it's not supported by MS prone to errors. Thanks heaps for the great help! On Mon, Feb 21, 2011 at 6:35 PM, Daniel Müller muel...@tropenklinik.dewrote: With outlook working you need to redirect your users pst and you need to set up a prf-file for each user. Ex: ;Automatically generated PRF file from the Microsoft Office Customization and Installation Wizard ; ** ; Section 1 - Profile Defaults ; ** [General] Custom=1 ProfileName=test DefaultProfile=Yes OverwriteProfile=Yes ModifyDefaultProfileIfPresent=FALSE ;DefaultStore=Service1 ; ** ; Section 2 - Services in Profile ; ** [Service List] Service1=Personal Folders Service2=Outlook Address Book Service3=Personal Address Book ;*** ; Section 3 - List of internet accounts ;*** [Internet Account List] Account1=IMAP_I_Mail ;*** ; Section 4 - Default values for each service. ;*** [Service1] UniqueService=No Name=Mein persönlicher Ordner PathToPersonalFolders=\\tuepropdc\%USERNAME%\outlook\%USERNAME%.pst --the psts EncryptionType=0x8000 [Service2] [Service3] NameOfPAB=Persönliches Adress Buch Path=\\tuepropdc\%USERNAME%\outlook\%USERNAME%.pab ShowNamesBy=0 .. But you are running exchange. Why do you need another imap and smtp? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Dennis M Gesendet: Montag, 21. Februar 2011 05:45 An: samba@lists.samba.org Betreff: Re: [Samba] Help needed with Windows7 roaming files. Hi Guys, I've had a check again, looks like roaming profile is already running (sorry about being misleading), strange though no local profile is created (this can be found out when i log in as local admin and go to the User Profile tab in computer properties), and outlook still complains about the data file cannot be accessed and not sending email (we have two email accounts in outlook, the exchange one is fine, only imap/smtp account is not sending. ) on Windows XP before the upgrade everything was fine, just wondering if there's anyone managed to get outlook working with windows7 roaming profile. .profile.V2 looks fine on the server. it was auto-generated by windows7. Thanks again. On Mon, Feb 21, 2011 at 12:30 AM, mr...@freemail.hu mr...@freemail.huwrote: Hi Dennis! Windows 7 uses the same share for roaming profiles as Windows XP, but a different directory. (so, you don't need the profiles.v2 share) The profile directories for Win7 ends with .v2. Try to create a directory with the following name: \\server1\user1\.profile.v2. Perhaps it helps, If doesn't, then here is my config which worked for me: smb.conf: [global] ... logon path = \\smbserver\profiles\%U ... [profiles] path = /opt/samba/profiles writeable = yes browseable = yes read only = no hide unreadable = yes directory mask = 0770 force directory mode = 2770 create mask = 0660 In the profiles share I made two directories for the two profiles: john john.v2 Best regards, mredd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed with Windows7 roaming files.
Hi Guys, I've had a check again, looks like roaming profile is already running (sorry about being misleading), strange though no local profile is created (this can be found out when i log in as local admin and go to the User Profile tab in computer properties), and outlook still complains about the data file cannot be accessed and not sending email (we have two email accounts in outlook, the exchange one is fine, only imap/smtp account is not sending. ) on Windows XP before the upgrade everything was fine, just wondering if there's anyone managed to get outlook working with windows7 roaming profile. .profile.V2 looks fine on the server. it was auto-generated by windows7. Thanks again. On Mon, Feb 21, 2011 at 12:30 AM, mr...@freemail.hu mr...@freemail.huwrote: Hi Dennis! Windows 7 uses the same share for roaming profiles as Windows XP, but a different directory. (so, you don't need the profiles.v2 share) The profile directories for Win7 ends with .v2. Try to create a directory with the following name: \\server1\user1\.profile.v2. Perhaps it helps, If doesn't, then here is my config which worked for me: smb.conf: [global] ... logon path = \\smbserver\profiles\%U ... [profiles] path = /opt/samba/profiles writeable = yes browseable = yes read only = no hide unreadable = yes directory mask = 0770 force directory mode = 2770 create mask = 0660 In the profiles share I made two directories for the two profiles: john john.v2 Best regards, mredd -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed with Windows7 roaming files.
Are you sure it's not a permissions problem? Have the Windows 7 machines been properly added to the domain? Are the user accounts enabled? Sorry, I have no Windows 7 clients to test things on. However, whenever I've had similar problems, it's been an account setup problem, not a Samba configuration issue. On 17/02/11 11:00 PM, Dennis M wrote: Hi all, We've been trying to setup/upgrade a samba PDC (version 3.56) with OpenLDAP as backend and roaming profiles for Windows7 (32bit) Clients. windows7 has no problem with login after applying the reg patches, however, it seems to always load a temporary profile as opposed to roaming one for users, no local profile is created. this has caused Outlook 2010 to function improperly (complains about outlook data cannot be accessed and fail to send any email), if i force profile type to local only in registry then outlook works perfectly, local profile is not an option for us though as a lot of our users change sites/pcs quite often. I've enclosed some related info below; the same config works perfectly with windowsXP clients. Ldap entries (samba related) objectClass: sambaSamAccount sambaSID: S-1-5-21-1209579028-1696229136-1764916649-15754 sambaHomePath: \\server1\user1 sambaProfilePath: \\server1\user1\.profile sambaLogonScript: logon.bat sambaAcctFlags: [UX ] sambaPrimaryGroupSID: S-1-5-21-1209579028-1696229136-1764916649-513 smb.conf [global] logon drive = H: logon home = \\%s\%U [profiles] path = /home browseable = no read only = no profile acls = yes csc policy = disable hide files=/Desktop.ini/Thumbs.db/lost+found store dos attributes = Yes create mask = 0600 directory mask = 0700 [profiles.v2] copy = profiles Any ideas? thanks heaps. Dennis has anybody managed to get Windows 7 (final) to use roaming profiles? Windows 7 is joined to my Samba 3.4.1 domain and always logs me in with a temporary profile. Windows XP works without problems. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed with Windows7 roaming files.
Hi all, We've been trying to setup/upgrade a samba PDC (version 3.56) with OpenLDAP as backend and roaming profiles for Windows7 (32bit) Clients. windows7 has no problem with login after applying the reg patches, however, it seems to always load a temporary profile as opposed to roaming one for users, no local profile is created. this has caused Outlook 2010 to function improperly (complains about outlook data cannot be accessed and fail to send any email), if i force profile type to local only in registry then outlook works perfectly, local profile is not an option for us though as a lot of our users change sites/pcs quite often. I've enclosed some related info below; the same config works perfectly with windowsXP clients. Ldap entries (samba related) objectClass: sambaSamAccount sambaSID: S-1-5-21-1209579028-1696229136-1764916649-15754 sambaHomePath: \\server1\user1 sambaProfilePath: \\server1\user1\.profile sambaLogonScript: logon.bat sambaAcctFlags: [UX ] sambaPrimaryGroupSID: S-1-5-21-1209579028-1696229136-1764916649-513 sambaProfilePath: \\oakland\profiles\pcuser description: System User homeDirectory: /home/pcuser sn: pcuser sambaHomePath: \\oakland\open Works fine with XP, Vista and Win7 smb.conf SNIP [Profiles] path=/usr/home/sambashit/Profiles public = yes only guest = no browseable = yes writeable = yes printable = no create mask = 0770 force create mode = 0770 force directory mode = 0770 directory security mask = 0770 level2 oplocks = Yes Security fine grained control using acls set from Administrator account on Windows workstation. smb.conf [global] . logon drive = H: logon home = \\%s\%U [profiles] path = /home browseable = no read only = no profile acls = yes csc policy = disable hide files=/Desktop.ini/Thumbs.db/lost+found store dos attributes = Yes create mask = 0600 directory mask = 0700 [profiles.v2] copy = profiles Any ideas? thanks heaps. Dennis has anybody managed to get Windows 7 (final) to use roaming profiles? Windows 7 is joined to my Samba 3.4.1 domain and always logs me in with a temporary profile. Windows XP works without problems. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed with Windows7 roaming files.
Hi all, We've been trying to setup/upgrade a samba PDC (version 3.56) with OpenLDAP as backend and roaming profiles for Windows7 (32bit) Clients. windows7 has no problem with login after applying the reg patches, however, it seems to always load a temporary profile as opposed to roaming one for users, no local profile is created. this has caused Outlook 2010 to function improperly (complains about outlook data cannot be accessed and fail to send any email), if i force profile type to local only in registry then outlook works perfectly, local profile is not an option for us though as a lot of our users change sites/pcs quite often. I've enclosed some related info below; the same config works perfectly with windowsXP clients. Ldap entries (samba related) objectClass: sambaSamAccount sambaSID: S-1-5-21-1209579028-1696229136-1764916649-15754 sambaHomePath: \\server1\user1 sambaProfilePath: \\server1\user1\.profile sambaLogonScript: logon.bat sambaAcctFlags: [UX ] sambaPrimaryGroupSID: S-1-5-21-1209579028-1696229136-1764916649-513 smb.conf [global] logon drive = H: logon home = \\%s\%U [profiles] path = /home browseable = no read only = no profile acls = yes csc policy = disable hide files=/Desktop.ini/Thumbs.db/lost+found store dos attributes = Yes create mask = 0600 directory mask = 0700 [profiles.v2] copy = profiles Any ideas? thanks heaps. Dennis has anybody managed to get Windows 7 (final) to use roaming profiles? Windows 7 is joined to my Samba 3.4.1 domain and always logs me in with a temporary profile. Windows XP works without problems. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed: Ubuntu 8.04/Winbind broken under Windows 2008R2 PDC
Hi all, I am running 3 ubuntu 8.04 LTSP servers that use Active Directory via winbind for authentication. We've recently upgraded the Domain Controllers to Windows 2008 R2 and now domain users can't log in to these linux boxes. - wbinfo and getent passwd still return correct information root can still su to a domain user account id returns correct user info however login fails. auth.log shows: Aug 27 16:59:00 vbuntu sshd[11743]: pam_winbind(sshd:auth): getting password (0x) Aug 27 16:59:00 vbuntu sshd[11743]: pam_winbind(sshd:auth): request failed: Named pipe dicconnected, PAM error was System error (4), NT error was NT_STATUS_PIPE_DISCONNECTED Aug 27 16:59:00 vbuntu sshd[11743]: pam_winbind(sshd:auth): internal module error (retval = 4, user = 'flyboy') The ubuntu boxes are running winbind version 3.0.28a-1ubuntu4.12 and Canonical won't be supporting newer versions on this release afaik. I don't have the option to upgrade these servers. On the theory that my problem probably stems from an ancient samba version I downloaded the latest samba source 3.5.4 and compiled it and was able to join AD and get wbinfo -u and wbinfo -g to return users and wbinfo -i shows correct mapping for individual users. However neither getent passwd or getent group return domain users. And domain users are still not able to log in. I followed the howto in the wiki http://wiki.samba.org/index.php/Samba_%26_Active_Directory but that seems slightly dated and it has nothing to say about Windows 2008 R2. I am hoping someone here has been down this road before and can help me. Thanks! John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed with log.winbindd errors
Problem: Trying to finish creation of Samba 3.3.2 domain server on new 9.04 Ubuntu server. Did default Ubuntu installation of LAMP and Samba during installation. Successfully edited smb.conf, built users, server and resources visible in smbclient and in windows test workstation. Can login as different users, and join machines to the domain via windows. However, the whole system was INCREDIBLY slow! Question: Started checking the log files and noticed I was getting winbind errors. After starting samba winbind, I get repeating errors in /var/log/samba/log.winbindd. (see file below) I've searched many forums and sites for the error msgs and can't find references. Can you clue me in why these are generated and where/what I need to reconfig? FYI, log.winbindd and smb.conf is below. Let me know if you need more resources. Regards, --mdutch /var/log/samba/log.winbindd [2009/10/22 12:44:01, 0] winbindd/winbindd.c:main(1125) winbindd version 3.3.2 started. Copyright Andrew Tridgell and the Samba Team 1992-2009 [2009/10/22 12:44:01, 0] winbindd/winbindd_cache.c:initialize_winbindd_cache(2577) initialize_winbindd_cache: clearing cache and re-creating with version number 1 ERRORS START [2009/10/22 12:44:42, 0] libsmb/namequery.c:saf_store(75) saf_store: refusing to store 0 length domain or servername! [2009/10/22 12:44:52, 0] libsmb/clientgen.c:cli_receive_smb(165) Receiving SMB: Server stopped responding [2009/10/22 12:44:52, 1] winbindd/winbindd_cm.c:cm_prepare_connection(967) failed tcon_X with NT_STATUS_IO_TIMEOUT THEN THE THREE ERRORS REPEAT every 10-20 sec [2009/10/22 12:45:02, 0] libsmb/namequery.c:saf_store(75) saf_store: refusing to store 0 length domain or servername! [2009/10/22 12:45:12, 0] libsmb/clientgen.c:cli_receive_smb(165) Receiving SMB: Server stopped responding [2009/10/22 12:45:12, 1] winbindd/winbindd_cm.c:cm_prepare_connection(967) failed tcon_X with NT_STATUS_IO_TIMEOUT etc.etc. http://www.tek-tips.com/viewthread.cfm?qid=1575492page=1 (my smb.conf is posted in this msg on Andrew T's Samba Forum) -- View this message in context: http://www.nabble.com/Help-needed-with-log.winbindd-errors-tp26015170p26015170.html Sent from the Samba - General mailing list archive at Nabble.com. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
On Thu, 17 Sep 2009 16:42:50 +0100 Alex Crow ac...@integrafin.co.uk wrote: I'm not sure that Samba checks the Linux groups but Linux does. In a Windows domain, all the accounts reside in the Domain. It may be checking the Linux accounts for shares on the DC, but wouldn't be able to on a member server. Perhaps one of the Linux gurus could answer your question. However, for operations in the domain, you're best to stick with domain entities, such as a domain group or domain user accounts. So long as Samba has sufficient privileges to access the local Linux share, it should be OK. Samba (and the windows clients) will only care about domain groups in the global context of a Samba domain, Unix local groups are pretty useless here. You need to sort out group mappings to map your local Unix group to a Samba group, then all should work fine. net groupmap on your domain controller is the way to go. You can then go on your merry way using Linux groups on the server across all your Windows clients and other Win/Samba member servers (given an appropriate way of resolving those groups across any other Samba/windows servers you may have - eg Winbind and LDAP). Seems this type of thing comes up a lot - should there be something prominent on TOSHARG about it? Alex Thank you both Alex and Gary for your comments. I guess there is somwhere a better explanation of the +group, the (in)valid users section in smb.conf(5) is IMHO missleading. I ended up listing all those users as domain\user and it work. Yes, it's ugly but the DC is not under my control, thus not easy to to have/manage a group there. Thanks for your time. Regards, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
On Wed, 16 Sep 2009 18:03:48 -0400 Gary Dale garyd...@rogers.com wrote: Chris Osicki wrote: Hi I'm using Samba 3.0.33 on Solaris10 and have the following problem. In the smb.conf I have workgroup = CORPROOT security = domain and users authenticated to CORPROOT domain can connect shares w/o problems, [homes] for example. Now I would like to create a share and restrict access to it just to a dozen of users or so. I tried valid users = +docs force user = usodocs where docs is a group in /etc/group and it didn't work. Looks like Samba is trying to look up the group docs on the domain controller in the CORPROOT domain. So, I tried this valid users = CORPROOT\user force user = usodocs it works. According to man page valid users = +docs should work. I must be missing something, but what? Is there any better/nicer way to achieve what I'm looking for? That is, to give a group of users full control over content of a share. I have several Linux Samba servers where I use POSIX ACLs to control read/write rights on the OS level and it works fine. I tried the same on the Solaris10 box with ZFS and its ACLs and it didn't work as expected (posted about it few weeks ago, no answers though) I would be very thankful for any help. BTW, anyone any idea how to attract attention to a post on this list? Virtual beer as attachment? ;-) My success rate is by now close to nothing. Thanks for your time. Regards, Chris Further to my earlier response, you need to ensure that the group has access to the share since Samba permissions cannot override Linux permissions. You may want to set the Linux permissions to 777 while testing. Leave off the force user and just try the valid users. Also, since you are using the + group prefix, this is strictly the Linux group that you are granting permission to. Thanks Gary for your reply. I followed your suggestions but it didn't work. Samba tries to resolve +group on the Domain Controller and not localy on Unix. If I put valid users = +CORPROOT\OG_ITS-SDL-SO-DXS-USO-BE where OG_ITS-SDL-SO-DXS-USO-BE is a group my NT account belongs to, it works. What could be causing Samba not checking +group localy on Unix? Thanks for your time. Regards, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
Chris Osicki wrote: On Wed, 16 Sep 2009 18:03:48 -0400 Gary Dale garyd...@rogers.com wrote: Chris Osicki wrote: Hi I'm using Samba 3.0.33 on Solaris10 and have the following problem. In the smb.conf I have workgroup = CORPROOT security = domain and users authenticated to CORPROOT domain can connect shares w/o problems, [homes] for example. Now I would like to create a share and restrict access to it just to a dozen of users or so. I tried valid users = +docs force user = usodocs where docs is a group in /etc/group and it didn't work. Looks like Samba is trying to look up the group docs on the domain controller in the CORPROOT domain. So, I tried this valid users = CORPROOT\user force user = usodocs it works. According to man page valid users = +docs should work. I must be missing something, but what? Is there any better/nicer way to achieve what I'm looking for? That is, to give a group of users full control over content of a share. I have several Linux Samba servers where I use POSIX ACLs to control read/write rights on the OS level and it works fine. I tried the same on the Solaris10 box with ZFS and its ACLs and it didn't work as expected (posted about it few weeks ago, no answers though) I would be very thankful for any help. BTW, anyone any idea how to attract attention to a post on this list? Virtual beer as attachment? ;-) My success rate is by now close to nothing. Thanks for your time. Regards, Chris Further to my earlier response, you need to ensure that the group has access to the share since Samba permissions cannot override Linux permissions. You may want to set the Linux permissions to 777 while testing. Leave off the force user and just try the valid users. Also, since you are using the + group prefix, this is strictly the Linux group that you are granting permission to. Thanks Gary for your reply. I followed your suggestions but it didn't work. Samba tries to resolve +group on the Domain Controller and not localy on Unix. If I put valid users = +CORPROOT\OG_ITS-SDL-SO-DXS-USO-BE where OG_ITS-SDL-SO-DXS-USO-BE is a group my NT account belongs to, it works. What could be causing Samba not checking +group localy on Unix? Thanks for your time. Regards, Chris I'm not sure that Samba checks the Linux groups but Linux does. In a Windows domain, all the accounts reside in the Domain. It may be checking the Linux accounts for shares on the DC, but wouldn't be able to on a member server. Perhaps one of the Linux gurus could answer your question. However, for operations in the domain, you're best to stick with domain entities, such as a domain group or domain user accounts. So long as Samba has sufficient privileges to access the local Linux share, it should be OK. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
I'm not sure that Samba checks the Linux groups but Linux does. In a Windows domain, all the accounts reside in the Domain. It may be checking the Linux accounts for shares on the DC, but wouldn't be able to on a member server. Perhaps one of the Linux gurus could answer your question. However, for operations in the domain, you're best to stick with domain entities, such as a domain group or domain user accounts. So long as Samba has sufficient privileges to access the local Linux share, it should be OK. Samba (and the windows clients) will only care about domain groups in the global context of a Samba domain, Unix local groups are pretty useless here. You need to sort out group mappings to map your local Unix group to a Samba group, then all should work fine. net groupmap on your domain controller is the way to go. You can then go on your merry way using Linux groups on the server across all your Windows clients and other Win/Samba member servers (given an appropriate way of resolving those groups across any other Samba/windows servers you may have - eg Winbind and LDAP). Seems this type of thing comes up a lot - should there be something prominent on TOSHARG about it? Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. Transact is operated by Integrated Financial Arrangements plc Domain House, 5-7 Singer Street, London EC2A 4BQ Tel: (020) 7608 4900 Fax: (020) 7608 1200 (Registered office: as above; Registered in England and Wales under number: 3727592) Authorised and regulated by the Financial Services Authority (entered on the FSA Register; number: 190856) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed: valid users
Hi I'm using Samba 3.0.33 on Solaris10 and have the following problem. In the smb.conf I have workgroup = CORPROOT security = domain and users authenticated to CORPROOT domain can connect shares w/o problems, [homes] for example. Now I would like to create a share and restrict access to it just to a dozen of users or so. I tried valid users = +docs force user = usodocs where docs is a group in /etc/group and it didn't work. Looks like Samba is trying to look up the group docs on the domain controller in the CORPROOT domain. So, I tried this valid users = CORPROOT\user force user = usodocs it works. According to man page valid users = +docs should work. I must be missing something, but what? Is there any better/nicer way to achieve what I'm looking for? That is, to give a group of users full control over content of a share. I have several Linux Samba servers where I use POSIX ACLs to control read/write rights on the OS level and it works fine. I tried the same on the Solaris10 box with ZFS and its ACLs and it didn't work as expected (posted about it few weeks ago, no answers though) I would be very thankful for any help. BTW, anyone any idea how to attract attention to a post on this list? Virtual beer as attachment? ;-) My success rate is by now close to nothing. Thanks for your time. Regards, Chris -- Chris Osicki o...@osk.ch Dipl. Informatik-Ing. HTL -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
Chris Osicki wrote: Hi I'm using Samba 3.0.33 on Solaris10 and have the following problem. In the smb.conf I have workgroup = CORPROOT security = domain and users authenticated to CORPROOT domain can connect shares w/o problems, [homes] for example. Now I would like to create a share and restrict access to it just to a dozen of users or so. I tried valid users = +docs force user = usodocs where docs is a group in /etc/group and it didn't work. Looks like Samba is trying to look up the group docs on the domain controller in the CORPROOT domain. So, I tried this valid users = CORPROOT\user force user = usodocs it works. According to man page valid users = +docs should work. I must be missing something, but what? Is there any better/nicer way to achieve what I'm looking for? That is, to give a group of users full control over content of a share. I have several Linux Samba servers where I use POSIX ACLs to control read/write rights on the OS level and it works fine. I tried the same on the Solaris10 box with ZFS and its ACLs and it didn't work as expected (posted about it few weeks ago, no answers though) I would be very thankful for any help. BTW, anyone any idea how to attract attention to a post on this list? Virtual beer as attachment? ;-) My success rate is by now close to nothing. Thanks for your time. Regards, Chris Don't use force user unless you really want everyone to look like that user when accessing the share. Quick documentation on the various options is available via SWAT. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help needed: valid users
Chris Osicki wrote: Hi I'm using Samba 3.0.33 on Solaris10 and have the following problem. In the smb.conf I have workgroup = CORPROOT security = domain and users authenticated to CORPROOT domain can connect shares w/o problems, [homes] for example. Now I would like to create a share and restrict access to it just to a dozen of users or so. I tried valid users = +docs force user = usodocs where docs is a group in /etc/group and it didn't work. Looks like Samba is trying to look up the group docs on the domain controller in the CORPROOT domain. So, I tried this valid users = CORPROOT\user force user = usodocs it works. According to man page valid users = +docs should work. I must be missing something, but what? Is there any better/nicer way to achieve what I'm looking for? That is, to give a group of users full control over content of a share. I have several Linux Samba servers where I use POSIX ACLs to control read/write rights on the OS level and it works fine. I tried the same on the Solaris10 box with ZFS and its ACLs and it didn't work as expected (posted about it few weeks ago, no answers though) I would be very thankful for any help. BTW, anyone any idea how to attract attention to a post on this list? Virtual beer as attachment? ;-) My success rate is by now close to nothing. Thanks for your time. Regards, Chris Further to my earlier response, you need to ensure that the group has access to the share since Samba permissions cannot override Linux permissions. You may want to set the Linux permissions to 777 while testing. Leave off the force user and just try the valid users. Also, since you are using the + group prefix, this is strictly the Linux group that you are granting permission to. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Help needed: strange issue with share mapping at logon
Hello all, I've run into an issue while migrating a client's Samba PDC from Debian 3.x to OpenSuSE 10.3, have been beating my head against it for over a week, and am now turning to the mailing list for help. We're running Samba 3.0.26a-3-1478-SUSE-SL10.3 authenticating against OpenLDAP 2.3.37. Integration of Samba and OpenLDAP works, and importing the 2000+ existing user accounts from the old PDC (running OpenLDAP 2.0.x) also worked after some reformatting of the LDIF data. The domain logon script, logon.cmd, calls Kixtart to execute the script logon.kix, which maps different shares for each user depending on which groups they belong to, sets up email, and generally does all sorts of clever things. This script works...up to a point. This is where my problems begin. All logon scripts were directly copied across from the old PDC, as was /etc/samba/smb.conf. Obviously some tweaks were made to the Samba config to deal with changes in the LDAP DB organisation (users in a different OU, etc.), but share definitions were kept intact. What's going wrong is this: shares that *should* be being automapped for members of the CSSG Pupils and Technology groups are not being automapped. Other shares, that all users get via logon.kix, are mapped. the logon script is definitely being run - one can watch it execute when a user logs on. It's not a rights issue - members of CSSG Pupils can use net use or equivalent commands to access the relevant shares, can browse to them via an SMB browser, and otherwise have exactly the level of access they should have. There is no reason I can see why this wouldn't work as intended, but it's failing, and I have no idea why. Here's the smb.conf: # # Configuration file for the Samba suite for Debian GNU/Linux. # #=== Global Settings === [global] ## Browsing/Identification ### netbios name = PHSSERVER workgroup = PHSDOMAIN server string = Primary Domain Controller (Samba %v) wins support = yes dns proxy = no ; name resolve order = lmhosts host wins bcast Debugging/Accounting log file = /var/log/samba/log.%U max log size = 1000 # We want Samba to log a minimum amount of information to syslog. Everything # should go to /var/log/samba/log.{smbd,nmbd} instead. If you want to log # through syslog you should set the following parameter to something higher. syslog = 2 # Do something sensible when Samba crashes: mail the admin a backtrace panic action = /usr/share/samba/panic-action %d ### Authentication ### security = user encrypt passwords = true passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=phs,dc=lan ldap suffix = dc=phs,dc=lan ldap group suffix = ou=Groups ldap user suffix = ou=Users ; In Samba 3.0.x, people and machines must be in same container: ldap machine suffix = ou=Users ldap ssl = off ldap delete dn = Yes add machine script = /usr/local/sbin/smbldap-useradd -w -c Computer %u -g 515 -H [W] %u add user script = /usr/local/sbin/smbldap-useradd -m %u delete user script = /usr/local/sbin/smbldap-userdel %u add group script = /usr/local/sbin/smbldap-groupadd -p %g delete group script = /usr/local/sbin/smbldap-groupdel %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u ; ldap passwd sync = yes passwd program = /usr/local/sbin/phs-passwd %u passwd chat = *ew*password* %n\n *ew*password* %n\n *successfully* unix password sync = yes # This boolean controls whether PAM will be used for password changes # when requested by an SMB client instead of the program listed in # 'passwd program'. The default is 'no'. ; pam password change = no obey pam restrictions = no guest account = nobody invalid users = root domain logons = yes domain master = yes #logon script = netlogon\logon.kix logon script = logon.cmd logon drive = G: logon home = \\%N\%U logon path = \\%N\profiles\default ## Printing ## load printers = yes printing = cups printcap name = cups File sharing # Name mangling options ; preserve case = yes ; short preserve case = yes Misc socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # The following parameter is useful only if you have the linpopup package # installed. The samba maintainer and the linpopup maintainer are # working to ease installation and configuration of linpopup and samba. ; message command = /bin/sh -c '/usr/bin/linpopup %f %m %s; rm %s' # Some defaults for winbind (make sure you're not using the ranges # for something else.) ; idmap uid = 1-2 ; idmap gid = 1-2 ; template shell = /bin/bash # Must be off for Debian Samba 3.0 on Xeon use sendfile = no # Do not lock database files veto oplock files =
Re: [Samba] Help needed. Samba 3.2.0rc2 - IDMAP - Windows 2008 Server - ADS Integration - Winbind
Hi, did you try using nis instead of winbind ??? i'm saying that because you are using MS Identity Management for Unix and this provides a nis server. this would provide you the same UIDs and GIDs on all machines. Marcos. --- Em sex, 27/6/08, Samba-Liste [EMAIL PROTECTED] escreveu: De: Samba-Liste [EMAIL PROTECTED] Assunto: [Samba] Help needed. Samba 3.2.0rc2 - IDMAP - Windows 2008 Server - ADS Integration - Winbind Para: samba samba@lists.samba.org Data: Sexta-feira, 27 de Junho de 2008, 8:31 Hi, I read at least 100 different documentations during the last week and didn't get it. So I decided to ask the list for help :) Unfortunately we have to move to a Windows 2008 Server ADS in our company as this is required for some other projects. But we want to keep our nice 5+ samba-server providing fast 50TB+ of storage. So we have to find a way to nicely integrate the storage with the new ADS installed. Therefor I installed a Testlab consisting of 2 debian etch storage-servers with each 12TB lvm-based storage attached. Also we have 2 MS 2008 Server SP1 as PDC and BDC. Further we have some Windows XP 32 and 64 Bit clients as workstations for testing. Now we setup everything and decided to use samba 3.2.0 as there are some bugs related to W2k8 server are solved. So I build debian packages from experimental for etch an installed them. Then I set up kerberos and samba using security = ads. Everythings works great. I can get a kerberos ticket with kinit also I can join the ADS with net ads join -Uadministrator. I set up /etc/nssswitch to use winbind and I can request user information successfully. But now I have to set up shared IDMAP for my samba servers to have the same UIDs and GIDs on all machines. As it would be nice to have all that on the ADS server I tried the following for days without success and that is where I need help: - I installed the MS Identity Management for Unix - I added UID, Homedir, Shell and Default Group to the AD User - I set Unix Attr for my groups - I configured samba to as followed: - snip - [global] workgroup = TESTLAB realm = TESTLAB.COMPANY.COM netbios name = filesrv001 server string = Samba Storage Fileserver 001 (%v) security = ADS idmap domains = BUILTIN, TESTLAB idmap config TESTLAB:backend = ad idmap config TESTLAB:default = yes idmap config TESTLAB:schema_mode = rfc2307 idmap config BUILTIN:backend= tdb idmap config BUILTIN:base_rid = 800 idmap config BUILTIN:range = 800-999 winbind nss info = rfc2307 winbind use default domain = yes winbind nested groups = Yes password server = WIN-RXYDW1KO5DH.testlab.company.com wins server = WIN-RXYDW1KO5DH.testlab.company.com socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hide unreadable = yes hide dot files = yes unix charset = LOCALE log level = 5 [big_data] comment = Very Big Share path = /SERV browseable = yes guest ok = no valid users = @STGT\entenhausen create mask = 660 directory mode = 770 writeable = yes readonly = no force group = STGT\entenhausen - snip - - I cleaned /var/run/samba, /var/log/samba, /var/lib/samba - I delete the Join on the ADS - Then I rebooted the Linux-Server, re-joined the ADS - And I can retrieve the user with getent and it has IT UID filesrv001:/var/log/samba# getent passwd tic.tic tic.tic:*:20007:10001::/home/STGT/tic.tic:/bin/false - But the default group, the home-dir and the shell is not right - seems like the values are not retrieved correctly from ADS - also strange: I set up the second storage with the same configs - only changed names - if I retrieve the user-information there - it looks like this getent passwd tic.tic tic.tic:*:20007:1:Tic Tic:/home/STGT/tic.tic:/bin/false - so the default-group is changing - but its still not the value listed in the ADS Any ideas on that? Did I get something completely wrong? I'll now take a closer look to the Win 2008 logfiles and I'll check the communication with tcpdump. But I'm mostly stuck and really could need some hints. Or should I try another solution? IDMAP-RID cannot be used as we are planning a trust domain setup Thank you and best regards Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Novos endereços, o Yahoo! que você conhece. Crie um email novo com a sua cara @ymail.com ou @rocketmail.com. http://br.new.mail.yahoo.com/addresses -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed. Samba 3.2.0rc2 - IDMAP - Windows 2008 Server - ADS Integration - Winbind
Hi, I read at least 100 different documentations during the last week and didn't get it. So I decided to ask the list for help :) Unfortunately we have to move to a Windows 2008 Server ADS in our company as this is required for some other projects. But we want to keep our nice 5+ samba-server providing fast 50TB+ of storage. So we have to find a way to nicely integrate the storage with the new ADS installed. Therefor I installed a Testlab consisting of 2 debian etch storage-servers with each 12TB lvm-based storage attached. Also we have 2 MS 2008 Server SP1 as PDC and BDC. Further we have some Windows XP 32 and 64 Bit clients as workstations for testing. Now we setup everything and decided to use samba 3.2.0 as there are some bugs related to W2k8 server are solved. So I build debian packages from experimental for etch an installed them. Then I set up kerberos and samba using security = ads. Everythings works great. I can get a kerberos ticket with kinit also I can join the ADS with net ads join -Uadministrator. I set up /etc/nssswitch to use winbind and I can request user information successfully. But now I have to set up shared IDMAP for my samba servers to have the same UIDs and GIDs on all machines. As it would be nice to have all that on the ADS server I tried the following for days without success and that is where I need help: - I installed the MS Identity Management for Unix - I added UID, Homedir, Shell and Default Group to the AD User - I set Unix Attr for my groups - I configured samba to as followed: - snip - [global] workgroup = TESTLAB realm = TESTLAB.COMPANY.COM netbios name = filesrv001 server string = Samba Storage Fileserver 001 (%v) security = ADS idmap domains = BUILTIN, TESTLAB idmap config TESTLAB:backend = ad idmap config TESTLAB:default = yes idmap config TESTLAB:schema_mode = rfc2307 idmap config BUILTIN:backend= tdb idmap config BUILTIN:base_rid = 800 idmap config BUILTIN:range = 800-999 winbind nss info = rfc2307 winbind use default domain = yes winbind nested groups = Yes password server = WIN-RXYDW1KO5DH.testlab.company.com wins server = WIN-RXYDW1KO5DH.testlab.company.com socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hide unreadable = yes hide dot files = yes unix charset = LOCALE log level = 5 [big_data] comment = Very Big Share path = /SERV browseable = yes guest ok = no valid users = @STGT\entenhausen create mask = 660 directory mode = 770 writeable = yes readonly = no force group = STGT\entenhausen - snip - - I cleaned /var/run/samba, /var/log/samba, /var/lib/samba - I delete the Join on the ADS - Then I rebooted the Linux-Server, re-joined the ADS - And I can retrieve the user with getent and it has IT UID filesrv001:/var/log/samba# getent passwd tic.tic tic.tic:*:20007:10001::/home/STGT/tic.tic:/bin/false - But the default group, the home-dir and the shell is not right - seems like the values are not retrieved correctly from ADS - also strange: I set up the second storage with the same configs - only changed names - if I retrieve the user-information there - it looks like this getent passwd tic.tic tic.tic:*:20007:1:Tic Tic:/home/STGT/tic.tic:/bin/false - so the default-group is changing - but its still not the value listed in the ADS Any ideas on that? Did I get something completely wrong? I'll now take a closer look to the Win 2008 logfiles and I'll check the communication with tcpdump. But I'm mostly stuck and really could need some hints. Or should I try another solution? IDMAP-RID cannot be used as we are planning a trust domain setup Thank you and best regards Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Copying Files from XP to Samba (help needed)
Peter, Ever get a helpful response on this one? - Scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Copying Files from XP to Samba (help needed)
Unfortunately, running a packet sniffer on the server does not make things any better in my case (otherwise it would be at least an easy workaround ;) Regards, Peter Daum Daniel Lindgren wrote: I am also having performance problems writing to a Samba share (see previous post about tcpdump) and I have seen a strange phenomenon: if I start tcpdump on the Samba machine, performance increases 20 times. It would be interesting to know if you also experience the same, just start tcpdump and redirect output to /dev/null while/before copying files. Regards, Daniel Lindgren 2006/10/9, Peter Daum [EMAIL PROTECTED]: I am still desperately trying to figure out why I get such a horrible performance trying to copy files from XP to Samba (below is my original post to illustrate the context. Meanwhile, I found a pretty remarkable pattern in the network traces. Generally, the packets send from the XP machine look like this: 01: WriteAndXRequest 60 kBytes (1392 bytes payload) 02: 1460 bytes ...(usual time delta between 2 packets 0.0001 secs) 42: 1460 bytes delta: 0.05 - 0.3 secs 43: last 188 bytes .. WriteAndXResponse from Samba machine, da capo It seems like what is slowing the transfer down so dramatically, is the long gap before the last 188 bytes are sent. I can't see anything reasonable the XP machine could be waiting for - it already got the ack for the last preceding packet. To emphasize again, this is not a general networking problem between the 2 machines; it only (at leas AFAIK) occurs when copying large files from Windows XP to Samba shares (and at that occasion I could reproduce it with all the Samba servers and XP clients that I checked so far) Any help would be greatly appreciated. Regards, Peter Daum I noted an extremely poor performance when copying big files from a windows xp client to a samba share. The exact version of samba does not seem to matter: I tried several different samba servers with versions between 3.014 and 3.0.23b running on Linux 2.4.32 and 2.6.17 (machines and network otherwise idle, clients connected via fast ethernet, servers via Gbit; network performance in both directions around 95 Mbit/s). I made several tests copying a 1GB file with Windows 98 and Windows XP clients. Reading the file from the server takes predictably around 105 seconds (~9.75 MB/s). Writing to the server takes only slightly longer on Win98 (130 seconds, ~8 MB/s) while the same takes approximately 45 minutes from a XP client (I don't know whether this matters, I noted that on the XP write test, the directory listing on the server immediately shows a file with the final size - obviously a sparse file, repeatedly invoking du shows the gradually increasing actual size). I wrote a little test program that just writes data to a file and shows the throughput; the transfer rates I get that way are pretty reasonable, so it is not a general problem but something that only occurs on specific operations like copying. Tracing the network traffic also didn't tell me what the problem might be: XP uses for copying as well as for other write operations WriteAndXRequest, the only peculiarity I noticed is the slightly exotic block size of 61440 bytes per request when copying (which also doesn't seem to be the problem - Win98 uses the same block size with WriteRaw) Has anybody else made similar experiences? (Since I could see this issue with differently configured servers/clients, it should not be just my personal problem. Of course in most settings where the data usually goes mostly from the server to the client it is not obvious) Any ideas what's going on and what to do about it? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Copying Files from XP to Samba (help needed)
I am still desperately trying to figure out why I get such a horrible performance trying to copy files from XP to Samba (below is my original post to illustrate the context. Meanwhile, I found a pretty remarkable pattern in the network traces. Generally, the packets send from the XP machine look like this: 01: WriteAndXRequest 60 kBytes (1392 bytes payload) 02: 1460 bytes ...(usual time delta between 2 packets 0.0001 secs) 42: 1460 bytes delta: 0.05 - 0.3 secs 43: last 188 bytes .. WriteAndXResponse from Samba machine, da capo It seems like what is slowing the transfer down so dramatically, is the long gap before the last 188 bytes are sent. I can't see anything reasonable the XP machine could be waiting for - it already got the ack for the last preceding packet. To emphasize again, this is not a general networking problem between the 2 machines; it only (at leas AFAIK) occurs when copying large files from Windows XP to Samba shares (and at that occasion I could reproduce it with all the Samba servers and XP clients that I checked so far) Any help would be greatly appreciated. Regards, Peter Daum I noted an extremely poor performance when copying big files from a windows xp client to a samba share. The exact version of samba does not seem to matter: I tried several different samba servers with versions between 3.014 and 3.0.23b running on Linux 2.4.32 and 2.6.17 (machines and network otherwise idle, clients connected via fast ethernet, servers via Gbit; network performance in both directions around 95 Mbit/s). I made several tests copying a 1GB file with Windows 98 and Windows XP clients. Reading the file from the server takes predictably around 105 seconds (~9.75 MB/s). Writing to the server takes only slightly longer on Win98 (130 seconds, ~8 MB/s) while the same takes approximately 45 minutes from a XP client (I don't know whether this matters, I noted that on the XP write test, the directory listing on the server immediately shows a file with the final size - obviously a sparse file, repeatedly invoking du shows the gradually increasing actual size). I wrote a little test program that just writes data to a file and shows the throughput; the transfer rates I get that way are pretty reasonable, so it is not a general problem but something that only occurs on specific operations like copying. Tracing the network traffic also didn't tell me what the problem might be: XP uses for copying as well as for other write operations WriteAndXRequest, the only peculiarity I noticed is the slightly exotic block size of 61440 bytes per request when copying (which also doesn't seem to be the problem - Win98 uses the same block size with WriteRaw) Has anybody else made similar experiences? (Since I could see this issue with differently configured servers/clients, it should not be just my personal problem. Of course in most settings where the data usually goes mostly from the server to the client it is not obvious) Any ideas what's going on and what to do about it? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Copying Files from XP to Samba (help needed)
I am also having performance problems writing to a Samba share (see previous post about tcpdump) and I have seen a strange phenomenon: if I start tcpdump on the Samba machine, performance increases 20 times. It would be interesting to know if you also experience the same, just start tcpdump and redirect output to /dev/null while/before copying files. Regards, Daniel Lindgren 2006/10/9, Peter Daum [EMAIL PROTECTED]: I am still desperately trying to figure out why I get such a horrible performance trying to copy files from XP to Samba (below is my original post to illustrate the context. Meanwhile, I found a pretty remarkable pattern in the network traces. Generally, the packets send from the XP machine look like this: 01: WriteAndXRequest 60 kBytes (1392 bytes payload) 02: 1460 bytes ...(usual time delta between 2 packets 0.0001 secs) 42: 1460 bytes delta: 0.05 - 0.3 secs 43: last 188 bytes .. WriteAndXResponse from Samba machine, da capo It seems like what is slowing the transfer down so dramatically, is the long gap before the last 188 bytes are sent. I can't see anything reasonable the XP machine could be waiting for - it already got the ack for the last preceding packet. To emphasize again, this is not a general networking problem between the 2 machines; it only (at leas AFAIK) occurs when copying large files from Windows XP to Samba shares (and at that occasion I could reproduce it with all the Samba servers and XP clients that I checked so far) Any help would be greatly appreciated. Regards, Peter Daum I noted an extremely poor performance when copying big files from a windows xp client to a samba share. The exact version of samba does not seem to matter: I tried several different samba servers with versions between 3.014 and 3.0.23b running on Linux 2.4.32 and 2.6.17 (machines and network otherwise idle, clients connected via fast ethernet, servers via Gbit; network performance in both directions around 95 Mbit/s). I made several tests copying a 1GB file with Windows 98 and Windows XP clients. Reading the file from the server takes predictably around 105 seconds (~9.75 MB/s). Writing to the server takes only slightly longer on Win98 (130 seconds, ~8 MB/s) while the same takes approximately 45 minutes from a XP client (I don't know whether this matters, I noted that on the XP write test, the directory listing on the server immediately shows a file with the final size - obviously a sparse file, repeatedly invoking du shows the gradually increasing actual size). I wrote a little test program that just writes data to a file and shows the throughput; the transfer rates I get that way are pretty reasonable, so it is not a general problem but something that only occurs on specific operations like copying. Tracing the network traffic also didn't tell me what the problem might be: XP uses for copying as well as for other write operations WriteAndXRequest, the only peculiarity I noticed is the slightly exotic block size of 61440 bytes per request when copying (which also doesn't seem to be the problem - Win98 uses the same block size with WriteRaw) Has anybody else made similar experiences? (Since I could see this issue with differently configured servers/clients, it should not be just my personal problem. Of course in most settings where the data usually goes mostly from the server to the client it is not obvious) Any ideas what's going on and what to do about it? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed configuring event log
Hi all, is there any more documentation on how to configure event loging on Samba? Maybe some examples? Some example scripts? Thanks a lot, Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help needed configuring event log
If you want file event logging I think your best bet is the audit VFS module. Cheers, Henrik 29 maj 2006 kl. 10:36 skrev Masopust, Christian: Hi all, is there any more documentation on how to configure event loging on Samba? Maybe some examples? Some example scripts? Thanks a lot, Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help needed configuring event log
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Henrik Zagerholm wrote: If you want file event logging I think your best bet is the audit VFS module. VFS auditing and Windows Eventlogs are not necessarily the same thing. For a short HOWTO on Eventlogs, see http://wiki.samba.org/index.php/Event_Logging cheers, jerry = Samba--- http://www.samba.org Centeris --- http://www.centeris.com What man is a man who does not make the world better? --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEe7BTIR7qMdg1EfYRAiTsAJ4wlJpgY7tGSElWt+l4uPqqKMD0IACffUJk kraX66HzcpFVdnpBCDFOPPk= =D5Iz -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help needed: connecting with similar windows-unix usernames?
You need to establish your Solaris box as a member server in the W2K3 domain. SWAT has a wizard for that which will create the appropriate smb.conf. When you do this, the W2K3 domain controller will be used for authentication. The accounts and/or groups need to map between the two boxes. Your Solaris box works using Unix priviliges at the file level. Therefore your Windows users need to be in appropriate Unix groups to access the shares. A simple way of handling this is to ensure that Domain Users maps to a local Unix such as pcgis (if that is a local group) that has access to the shares. Amit Zvigoren wrote: Hello all samba'ers I'm trying to configure samba for Windows (active-directory) authentication, with every Windows-user having a similar unix username. I've created the users in both sides but I couldn't configure the smb.conf file (either with or without SWAT) to make it work. I'm using XP clients with a Win2K3 as the domain server and Solaris 9 as the samba server. Everything works fine when I use the 'security = share' option so I believe the physical connection is ok. 1. Do I actually need to use 'security = user', or should I use 'security = server? 2. I've created the smbpasswd(5) file and edited it with smbpasswd(8), and synchronized users+passwords with the relevant ones at /etc/passwd and /etc/shadow. Do I actually need the smbpasswd(5)? 3. Is it feasible without using winbind? 4. Does any of you have some smb.conf sample for connecting using similar windows-unix usernames? 5. Do I need to use the 'username map' option even if the usernames are similar? Here is a part of the [global] section at my smb.conf, each line suffiixed (here, not actually in the file itself) with my description: [global] workgroup = GIS' windows workgroup to 'contain' the samba server null passwords = yes ' preferred, not a must valid users = minhal, +pcgis' pcgis is a group on unix. am I right? or does this parameter meant to be for windows groups? write list = minhal ' this user should have write-permission on shared directories regardless of their mode Here is another section of my smb.conf for defining a samba share: [home1] path = /home1 read only = no guest ok = yes ' not necessary, just for the test Now what am I missing? what have I done wrong? Thanks and regards, Amit Zvigoren Systematics Technologies -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] help needed: connecting with similar windows-unix usernames?
Hello all samba'ers I'm trying to configure samba for Windows (active-directory) authentication, with every Windows-user having a similar unix username. I've created the users in both sides but I couldn't configure the smb.conf file (either with or without SWAT) to make it work. I'm using XP clients with a Win2K3 as the domain server and Solaris 9 as the samba server. Everything works fine when I use the 'security = share' option so I believe the physical connection is ok. 1. Do I actually need to use 'security = user', or should I use 'security = server? 2. I've created the smbpasswd(5) file and edited it with smbpasswd(8), and synchronized users+passwords with the relevant ones at /etc/passwd and /etc/shadow. Do I actually need the smbpasswd(5)? 3. Is it feasible without using winbind? 4. Does any of you have some smb.conf sample for connecting using similar windows-unix usernames? 5. Do I need to use the 'username map' option even if the usernames are similar? Here is a part of the [global] section at my smb.conf, each line suffiixed (here, not actually in the file itself) with my description: [global] workgroup = GIS' windows workgroup to 'contain' the samba server null passwords = yes ' preferred, not a must valid users = minhal, +pcgis' pcgis is a group on unix. am I right? or does this parameter meant to be for windows groups? write list = minhal ' this user should have write-permission on shared directories regardless of their mode Here is another section of my smb.conf for defining a samba share: [home1] path = /home1 read only = no guest ok = yes ' not necessary, just for the test Now what am I missing? what have I done wrong? Thanks and regards, Amit Zvigoren Systematics Technologies -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed setting up samba to authenticate against NT PDB
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I try to set up a Linux/Samba box to authenticate users (on Windows 2000 and XP boxes) against a Windows NT4 Primary domain controller but failed with what I tried so far. - - both machines are on the same local network (192.168.17.X) - - the windows box runs NT4. I havn't set up this and I don't know much about it either but I have adminstrator access to it. - - I tried this setting security = domain' password server = IP of PDB but then I get the following error in the samba log: [2005/11/17 12:41:25, 0] auth/auth_domain.c:check_ntdomain_security(284) check_ntdomain_security: could not fetch trust account password for domain 'TVC' What is this trust account password and how do I make it known to samba? Can somebody post a sample configuration for this kind of setup? Do I have to set up something on the PDB? Thanks in advance! I'm not very experienced in windows administration (though I do have lot of expertise on linux) so many terms in the samba docs are greek to me. Chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Puzzled by the all these strange characters? Comment: See http://smurl.name/lz5 for an introduction Comment: to public key encryption and signing. iD8DBQFDfHxEyacnDOuTzPwRAsPiAJ91CH0/yF1RxqmFcQEmPz83OTJjngCgw//W HDZj9zJgjjGnD2NS/5oyiUU= =xeCL -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Help needed setting up samba to authenticate against NT PDB
Christopher, You need to add the samba server to the NT4 domain. The procedure to follow can be looked up here: http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.ht ml#id2526872 Read up on Domain Security mode. Regards, Franz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help needed setting up samba to authenticate against NT PDC
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Strebel, Franz R. wrote: You need to add the samba server to the NT4 domain. The procedure to follow can be looked up here: http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/ServerType.ht ml#id2526872 Read up on Domain Security mode. Ok, thanks, that helped. Do I have to issue the 'net rpc join' command on the linux box after every reboot or was this just necessary once? Chris -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Puzzled by the all these strange characters? Comment: See http://smurl.name/lz5 for an introduction Comment: to public key encryption and signing. iD8DBQFDfKOVyacnDOuTzPwRAtGiAJoCxUME5GTHs++po/1ovJeYVcbIbACcCl74 mQogFpWsxxnfvRn5RTd9O8E= =oFFO -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help needed for samba 3.0
Try using ip address instead anf see if that works :) //henrik 15 okt 2005 kl. 13.10 skrev Sunil Kumar: Hi all, when I am tring to connect to my linux share using linux for ex: smbclient //linuxspan/kerberos -U suneel - where as linuxspan is host name and kerberos is a share name and suneel is ads user. I am getting this error : tree connect failed : NT_STATUS_BAD_NETWORK_NAME. pls help me on this. Thanks in advance. Best regards, Sunny. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] help needed for samba 3.0
Hi all, when I am tring to connect to my linux share using linux for ex: smbclient //linuxspan/kerberos -U suneel - where as linuxspan is host name and kerberos is a share name and suneel is ads user. I am getting this error : tree connect failed : NT_STATUS_BAD_NETWORK_NAME. pls help me on this. Thanks in advance. Best regards, Sunny. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed please? SMB 3.0.14a - SMBPASSWD
Hello - Im having a problem w/ my users being able to change their SMB password. What is the best approach to allow users acces to smbpasswd to change their own passwords when they want? Right now Im getting the following error: machine 127.0.0.1 rejected the (anonymous) password change: Error was : Wrong Password. Failed to change password for donald Here is my global from the smb.conf [global] netbios name = WOOT socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 server string = SMB v3.0.14a local master = yes preferred master = yes domain logons = no domain master = no workgroup = Puddin interfaces = 146.61.201.2 bind interfaces only = no log file = /var/log/samba-log.%m log level = 2 max log size = 50 lock directory = /var/lock/samba printcap name = /etc/printcap wins support = no wins server = 136.61.203.14 os level = 62 remote announce = 136.61.203.255 deadtime = 15 -- Thank you Todd Johnson == Todd Johnson State of Alaska Dept. of Natural Resources Computer Information Center MicroComputer/Network Specialist (907) 269-8831 (907) 269-8920 FAX [EMAIL PROTECTED] == -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help Needed
Good Morning: I am having trouble with my samba server on FC3. For some reason I cannot get it to authenticate against the domain, In order for domain users to be able to access resources, it requires me to create samba users and input their windows password for it to work (which is terrible security practice). I have been fiddling around on a development server (which in now being rebuilt because I screwed it up so bad (not this project - several others) with the procedure from http://us4.samba.org/samba/docs/man/Samba-Guide/Unixclients.html, and everything was running along nicely till all of a sudden when I entered wbinfo -u I got a message that said - error looking up users - that's all - no more PLEASE NOTE - I am NOT looking for someone to do this for me, I really want to learn this stuff, but I am just stuck right now, and I could really use some guidance I can supply smb.conf etc if you need as soon as the server finishes rebuilding, but it is basically identical to the one in the web page mentioned above - the only differences are the ones to match our site Thanks TIM Timothy A. Holmes IT Manager / Webmaster / Science Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] help needed to move from Samba 2 to 3
Hi I know that these kind of postings are sometimes frowned upon, so i will apologise in advance. What we have had in place for over 5 years is a Redhat 5.2 machine running Samba 2.06, and Win 95, 98 and ME clients, with but Home and Public shares on Samba. I am happy configuring this version of Samba to do what I want it to do and it has worked well. Needing to have Win 2000 XP Clients We now have a replacement box, Running Fedora, and Samba 3. I have been doing my very best to hook these up and have been spending some time on this and seem to have hit a brick wall, I can establish a share for WinME, but WinXP just doesn't want to connect to a share, thought it will log on to a the domain. I have configured both machines 'by the book' I get the feeling that is maybe my lack of experience with XP that is the problem more than at the server end? Can any one out there offer some professional help? We are in South East England. I am not a Unix Guru, but I am no Unix idiot either. I just feel I need a bit of 'hand holding' to get me running with samba 3 and win XP. Mark -- __ A.R.E. Limited T: 01252 711777 East Street F: 01252 723918 Farnham E: mailto:[EMAIL PROTECTED] SurreyGU9 7XU W: http://www.are.ltd.uk Distributors of Quality Automotive Parts and Accessories The views expressed herein are those of the author of this document and do not necessarily represent the views of this company. This transmission may be confidential, if you are not the intended recipient you should notify us. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed/.....
Can someone please explain to me what does numopen=a mean when a takes values of 0,1,2,3 etc?? In addition, can someone guide me in an online manual (or a pdf or something like that) for all those meanings and error codes that I get from time to time?? Thanx Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help Needed: Migrating from RH7.3 to RH9.x (And upgrading from 2.x to 3.1 at the same time...)
Hi Guys! I am from South Africa and this is my first post. My first installation of SAMBA (2001) worked like a charm! No hassles and the system has been running for the last 2+ years! The documentation was also of such nature that it was no problem to install/configure... The machine that I have installed SaMBa on has now run out of capacity. I am now about to upgrade the machine (It is a Celeron 1.7 and the new machine is a P4 2.6) and would like to know if there are any documentation migrating users and file systems to newer and faster machines? So: 1. I want to move my file system (Linux) from a Red Hat Release 7.3 to a more powerful machine running RH9.x. 2. I want to move my users. 3. I want to keep IP/HOSTNAME/SHARES. Please could you help or point me to the right place? Thank you for your time and this amazing package. It has saved me more than 30% of my yearly budget due to decrease in MS licences! (And that my company took to the bank!) Aubrey Kloppers Cape Town South Africa -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help needed
hi, Failed to open /usr/local/private/secrets.tdb means smb is looking after this file this are the standart paths for a compiled versiom from scratch, depending on the packs you used this files can be in i.e. /etc/samba too Best Regards - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 19, 2003 6:01 PM Subject: [Samba] Help needed Hi, I have installed the public domain version of samba version 2.2.8a on aix 5.2 and I receive the following error message while attempting to start the samba server. I am wondering if anyone could help me. Thanks in advance. [2003/11/19 11:52:21, 0] smbd/server.c:main(791) smbd version 2.2.8a started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [2003/11/19 11:52:21, 0] passdb/secrets.c:secrets_init(44) Failed to open /usr/local/private/secrets.tdb [2003/11/19 11:52:21, 0] smbd/server.c:main(791) smbd version 2.2.8a started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [2003/11/19 11:52:21, 0] passdb/secrets.c:secrets_init(44) Failed to open /usr/local/private/secrets.tdb [2003/11/19 11:52:21, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163) pdb_generate_sam_sid: Failed to store generated machine SID. [2003/11/19 11:52:21, 0] smbd/server.c:main(877) ERROR: Samba cannot create a SAM SID. [2003/11/19 11:52:21, 0] passdb/machine_sid.c:pdb_generate_sam_sid(163) pdb_generate_sam_sid: Failed to store generated machine SID. [2003/11/19 11:52:21, 0] smbd/server.c:main(877) ERROR: Samba cannot create a SAM SID. Vyasa Srinivas Unix System Administration FreddieMac 703-450-3352 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help Needed! NT4 to Samba-3.0.0beta1 Migration
Hi Will NT4 to Samba migration will migrate NT 4 Logon Scripts to Linux.. i mean through net rpc we can get users,groups and passwords data from NT4 thorugh net rpc commands in the same way will i fetch Logon scripts from NT4??? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed
Need help. I cannot make directory writeable from Windows NT, despite trying read only = no and writeable = true in smb.conf file in this [directory]. Is this because of user is invalid (user = nobody in [global]) or something else is wrong with my smb.conf file. I ran testparm and all went OK. Any help appreciated. Thanks -- __ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help needed
Did you give 0777 permission to your share folder? - Original Message - From: Slawomir Stys [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 1:41 AM Subject: [Samba] help needed Need help. I cannot make directory writeable from Windows NT, despite trying read only = no and writeable = true in smb.conf file in this [directory]. Is this because of user is invalid (user = nobody in [global]) or something else is wrong with my smb.conf file. I ran testparm and all went OK. Any help appreciated. Thanks -- __ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed : Error : The specified user does not exist.
Hi Adil Have you had any solutions regarding this issue yet? I have a simular problem: We setup Samba 2.2.7 with SWAT client. We converted the users from Novell to Linux as a file server. What we are having a problem with is that we have to create a samba share for each user and a login script for each indavidual user. So after 15 shares and over 100 users, it becomes confusing. Thus, can you create a share(1) within a share(2) and give list access to the first share(1) and write access to the second share(2)?? Regards Andre -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help needed
all exact ports arel listed in /etc/services. the ports u need where postet a view days ago in this list. please somebody correct, if i'm wrong: netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp # NETBIOS Name Service netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp # NETBIOS Datagram Service netbios-ssn 139/tcp # NETBIOS Session Service netbios-ssn 139/udp # NETBIOS Session Service and,if u need: swat901/tcp # XXX Samba Web Adminisration dharanesh dharanesh schrieb: hello i am new to Samba protocol please help. Our Client software used samba protocol If there is no firewall case , this protocol work properly from remote site. All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. please give info how to configure samba on firewal. regards Dharanish _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed
hello I am new to Samba protocol. Our Client software used samba protocol If there is no firewall case , this protocol work properly from remote site. All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. would like to know about port usage of samba protocol. I think snmpd, nmpd daemon used some port number. i can see /etc/service file. Client software has no daemon, i think may be server request to some port of client. That means samba protocol used another port except snmpd,nmpd port. My question is 1. I would like to know about port usage of samba protocol. 2. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. Regards Dharanish _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed
hello i am new to Samba protocol please help. Our Client software used samba protocol If there is no firewall case , this protocol work properly from remote site. All of firwall configuration open ( this mean is all of port open ). Samba work very well, but if some constrain put in, it doesn't work. My client want to set exact port number for firewall, because he don't want to open all of port for security isseu. please give info how to configure samba on firewal. regards Dharanish _ Cricket World Cup 2003- News, Views and Match Reports. http://server1.msn.co.in/msnspecials/worldcup03/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed : Error : The specified user does not exist.
i want to configure samba as PDC .i installed the samba on the linux box machine and configure it accordingly. I am trying to connect the windows 2000(server) as a client of this domain. when i press ok after writing the domain name at the windows 2000 (as a client). It gives me a window , asking for the Name and Password and when i give it the root/[password] to it, it says The following error occured attempting to join the domain [domain name] The specified user does not exist. please help me in this regard becuase i tried many tutorials to solve this problem, but its still annoying me. thnaks best regards Adil __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help Needed
Hi there I have resently shifted from a windows server to a linux server (Mandrake 9.0). I have configured the /etc/samba/smb.conf file and I have the server shown in the network neibourhood of my win clients. But I am not able to login the server. Could anyone please help me?? Thanks Pondiboy _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Help Needed
Have you set up the users with Linux accounts and smbpasswd entries and have you added them to the etc/hosts file ? Mike - Original Message - From: pondiboy - [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, January 03, 2003 11:52 AM Subject: [Samba] Help Needed Hi there I have resently shifted from a windows server to a linux server (Mandrake 9.0). I have configured the /etc/samba/smb.conf file and I have the server shown in the network neibourhood of my win clients. But I am not able to login the server. Could anyone please help me?? Thanks Pondiboy _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help needed...
Hi Everyone... I have having problem conecting my linux (laptop) to internet via windows machine that has two ethernet cards. one connected to cable modem and one to my laptop. anyone have any idea how to connect them. Till next time, Samip - Samip K.Banker, B.S, M.S Assistant System Administrator, Dept. Of Computer Science, University Of Massachusetts, Lowell E-Mail : [EMAIL PROTECTED] Web: www.cs.uml.edu/~sbanker Phone : (978) 452 - 5861 Mobile : (978) 884 - 9198 Work : (978) 934 - 3636 - -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] HELP NEEDED: Cannot run samba 2.2.4 on HPUX
Environment: HP L-2000 running HP-UX 11.0 Problem: Installed Samba 2.2.4 (both self-compiled and from pre-compiled binaries with same results) and if I try the command smbclient -L ctsdev1 (where ctsdev1 is the name of my server) I get the following output: # ./smbclient -L ctsdev1 added interface ip=143.61.1.17 bcast=143.61.1.255 nmask=255.255.255.0 Password: session setup failed: NT_STATUS_LOGON_FAILURE I get that no matter which user I try it as. I tried a very simple smb.conf file which looks like: [global] workgroup = MYGROUP [homes] guest ok = no read only = no [tmp] comment = temporary files path = /tmp read only = yes Also, tesparm runs without generating any errors. If I try nmblookup everything is fine -- I only get the NT_STATUS_LOGON_FAILURE whenever the smbd daemon is trying to do anything. Please email any suggestions to: [EMAIL PROTECTED] Thanks! attachment: winmail.dat