RE: [Samba] Active Directory Integration Problems
Brian, Which logs should I be checking? The following output comes from the winbindd.log. I replaced the FQDN of the domain controller in the second to last line of the log file. It was in the format SERVERNAME.domain.name [2009/07/13 09:16:40, 0] lib/util_sock.c:write_data(564) write_data: write failure. Error = Connection reset by peer [2009/07/13 09:16:40, 0] libsmb/clientgen.c:write_socket(158) write_socket: Error writing 104 bytes to socket 17: ERRNO = Connection reset by peer [2009/07/13 09:16:40, 0] libsmb/clientgen.c:cli_send_smb(188) Error writing 104 bytes to client. -1 (Connection reset by peer) [2009/07/13 09:16:40, 1] rpc_client/cli_pipe.c:cli_rpc_pipe_open(2223) cli_rpc_pipe_open: cli_nt_create failed on pipe \lsarpc to machine (FQDN to domain controller). Error was Write error: Connection reset by peer -Original Message- From: gregorcy [mailto:brian.grego...@utah.edu] Sent: Friday, July 10, 2009 12:56 PM To: David Armstrong Cc: samba@lists.samba.org Subject: Re: [Samba] Active Directory Integration Problems David Armstrong wrote: Thanks for the replies. I have modified the share portion of my smb.conf file as shown below. Still no luck. [test] path = /home/2CP/darmstrong browseable = yes read only = yes inherit permissions = yes valid users = 2CP\darmstrong,buexec,test,itadmin write list = 2CP\darmstrong,buexec,test,itadmin read list = When modifying file permissions for shares on Windows servers, I have to log out and log back on again before the workstation recognizes them. Does the same go for Samba shares? Sounds like my first suggestion was wrong, maybe try uping the idmap setting. idmap backend = rid:CHEMENG=500-1 idmap uid = 500-1 idmap gid = 500-1 Is there anything in the logs? -- Brian Gregorcy IT Manager University of Utah Department of Chemical Engineering -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Active Directory Integration Problems
failure. Error = Connection reset by peer [2009/07/13 09:16:40, 0] libsmb/clientgen.c:write_socket(158) write_socket: Error writing 104 bytes to socket 17: ERRNO = Connection reset by peer [2009/07/13 09:16:40, 0] libsmb/clientgen.c:cli_send_smb(188) Error writing 104 bytes to client. -1 (Connection reset by peer) [2009/07/13 09:16:40, 1] rpc_client/cli_pipe.c:cli_rpc_pipe_open(2223) cli_rpc_pipe_open: cli_nt_create failed on pipe \lsarpc to machine (FQDN to domain controller). Error was Write error: Connection reset by peer -Original Message- From: gregorcy [mailto:brian.grego...@utah.edu] Sent: Friday, July 10, 2009 12:56 PM To: David Armstrong Cc: samba@lists.samba.org Subject: Re: [Samba] Active Directory Integration Problems David Armstrong wrote: Thanks for the replies. I have modified the share portion of my smb.conf file as shown below. Still no luck. [test] path = /home/2CP/darmstrong browseable = yes read only = yes inherit permissions = yes valid users = 2CP\darmstrong,buexec,test,itadmin write list = 2CP\darmstrong,buexec,test,itadmin read list = When modifying file permissions for shares on Windows servers, I have to log out and log back on again before the workstation recognizes them. Does the same go for Samba shares? Sounds like my first suggestion was wrong, maybe try uping the idmap setting. idmap backend = rid:CHEMENG=500-1 idmap uid = 500-1 idmap gid = 500-1 Is there anything in the logs? -- Brian Gregorcy IT Manager University of Utah Department of Chemical Engineering -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- LIving the dream... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Active Directory Integration Problems
HI:) what permission you used for the folder: /home/CHE-shares/faculty ? Thanks:) Gabi On Fri, Jul 10, 2009 at 12:20 AM, gregorcybrian.grego...@utah.edu wrote: [test] path = /home/2CP/darmstrong valid users = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin write list = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin read list = Try setting up your share like this, I am not sure that you need the quotes except of groups with spaces in them. [faculty] comment = CHE Faculty Share path = /home/CHE-shares/faculty browseable = yes read only = yes inherit permissions = yes write list = @CHEMENG+Domain Admins, @CHEMENG+Faculty valid users = @CHEMENG+Domain Admins, @CHEMENG+Faculty admin users = @CHEMENG+Domain Admins -- Brian Gregorcy IT Manager University of Utah Department of Chemical Engineering 801.585.7170 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Active Directory Integration Problems
David Armstrong wrote: Thanks for the replies. I have modified the share portion of my smb.conf file as shown below. Still no luck. [test] path = /home/2CP/darmstrong browseable = yes read only = yes inherit permissions = yes valid users = 2CP\darmstrong,buexec,test,itadmin write list = 2CP\darmstrong,buexec,test,itadmin read list = When modifying file permissions for shares on Windows servers, I have to log out and log back on again before the workstation recognizes them. Does the same go for Samba shares? Sounds like my first suggestion was wrong, maybe try uping the idmap setting. idmap backend = rid:CHEMENG=500-1 idmap uid = 500-1 idmap gid = 500-1 Is there anything in the logs? -- Brian Gregorcy IT Manager University of Utah Department of Chemical Engineering -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Active Directory Integration Problems
[test] path = /home/2CP/darmstrong valid users = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin write list = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin read list = Try setting up your share like this, I am not sure that you need the quotes except of groups with spaces in them. [faculty] comment = CHE Faculty Share path= /home/CHE-shares/faculty browseable = yes read only = yes inherit permissions = yes write list = @CHEMENG+Domain Admins, @CHEMENG+Faculty valid users = @CHEMENG+Domain Admins, @CHEMENG+Faculty admin users = @CHEMENG+Domain Admins -- Brian Gregorcy IT Manager University of Utah Department of Chemical Engineering 801.585.7170 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] Active Directory Integration Problems
Thanks for the replies. I have modified the share portion of my smb.conf file as shown below. Still no luck. [test] path = /home/2CP/darmstrong browseable = yes read only = yes inherit permissions = yes valid users = 2CP\darmstrong,buexec,test,itadmin write list = 2CP\darmstrong,buexec,test,itadmin read list = When modifying file permissions for shares on Windows servers, I have to log out and log back on again before the workstation recognizes them. Does the same go for Samba shares? -Original Message- From: Gary Greene [mailto:ggre...@minervanetworks.com] Sent: Thursday, July 09, 2009 2:38 PM To: gregorcy; David Armstrong Cc: samba@lists.samba.org Subject: Re: [Samba] Active Directory Integration Problems On 7/9/09 2:20 PM, gregorcy brian.grego...@utah.edu wrote: [test] path = /home/2CP/darmstrong valid users = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin write list = 2CP\darmstrong,2CP\buexec,2CP\test,itadmin read list = Try setting up your share like this, I am not sure that you need the quotes except of groups with spaces in them. [faculty] comment = CHE Faculty Share path= /home/CHE-shares/faculty browseable = yes read only = yes inherit permissions = yes write list = @CHEMENG+Domain Admins, @CHEMENG+Faculty valid users = @CHEMENG+Domain Admins, @CHEMENG+Faculty admin users = @CHEMENG+Domain Admins The domain portion of the user isn't needed if you have 'winbind use default domain = true' in your config. The quotes are however required since Samba and the NSS stack on Linux cannot (or at least not from my experience) handle escapes. -- Gary L. Greene, Jr. IT Operations Minerva Networks, Inc. Cell: (650) 704-6633 Phone: (408) 240-1239 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
