Re: [Samba] Samba 4 as member server
Hi Steve, when I start samba without the 'server services' optinion I get: At this time the 'samba' binary should only be used for either: 'server role = active directory domain controller' or to access the ntvfs file server with 'server services= +smb' oder the rpc proxy with 'dcerpc endpoint servers = remote' You should start start smbd/nmbd/winbindd instead for domain member an standalone file server tasks But there are no smb/nmbd/winbindd binaries. Klaus Am 05.08.2013 23:01, schrieb steve: On Mon, 2013-08-05 at 22:25 +0200, Klaus Rörig wrote: I cannot the member server working. My smb.conf: Hi Leave the domain and remove the .tdb files in /var/lib/smb. Then rejoin with this: [global] workgroup = VERWALTUNG security = ads realm = VERWALTUNG.LEIBNIZ-REMSCHEID.DE encrypt passwords = true idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config VERWALTUNG:backend = ad idmap config VERWALTUNG:schema_mode = rfc2307 idmap config VERWALTUNG:range = 500-4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes [verwaltung] path = /srv/shares read only = no Start it with: smbd; winbindd Prolly not perfect, but should get you a bit close. hth Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
On Tue, 2013-08-06 at 09:21 +0200, Klaus Rörig wrote: But there are no smb/nmbd/winbindd binaries. Hi Oh, I see. The Ubuntu packages must only be for AD then. Sorry, I missed that you only wanted ntvfs. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
OK, than I have to use the Samba 3.6 packages shipped with Ubuntu. Anything special I have to care about? Am 06.08.2013 09:33, schrieb steve: On Tue, 2013-08-06 at 09:21 +0200, Klaus Rörig wrote: But there are no smb/nmbd/winbindd binaries. Hi Oh, I see. The Ubuntu packages must only be for AD then. Sorry, I missed that you only wanted ntvfs. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
On Tue, 2013-08-06 at 10:57 +0200, Klaus Rörig wrote: OK, than I have to use the Samba 3.6 packages shipped with Ubuntu. Anything special I have to care about? Hi, no, but as you have only a few clients, it may be simpler to use the dc itself as file server, especially as you have specified ntvfs. If you want rfc2307 from winbind though, you'll have to either build samba 4.0.x from source on a separate box and use smbd or use the Ubuntu 3.6 packages, also on a separate box. If you're OK with ntvfs and you only have win7 clients, I'd go with the single DC/fileserver and forget about rfc2307. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
Hi, it seems that the ntvfs module is not working on Ubuntu, I get lots of error messages about this. I don't see Samba4 servers on network neighborhood, so users cannot browses shares but I do see Samba3 servers, so I have to get Samba3 working with Samba4. Or I have to build Samba4 by myself. Klaus Am 06.08.2013 11:59, schrieb steve: On Tue, 2013-08-06 at 10:57 +0200, Klaus Rörig wrote: OK, than I have to use the Samba 3.6 packages shipped with Ubuntu. Anything special I have to care about? Hi, no, but as you have only a few clients, it may be simpler to use the dc itself as file server, especially as you have specified ntvfs. If you want rfc2307 from winbind though, you'll have to either build samba 4.0.x from source on a separate box and use smbd or use the Ubuntu 3.6 packages, also on a separate box. If you're OK with ntvfs and you only have win7 clients, I'd go with the single DC/fileserver and forget about rfc2307. HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
On Tue, 2013-08-06 at 12:36 +0200, Klaus Rörig wrote: Hi, it seems that the ntvfs module is not working on Ubuntu, I get lots of error messages about this. I don't see Samba4 servers on network neighborhood, so users cannot browses shares but I do see Samba3 servers, so I have to get Samba3 working with Samba4. Or I have to build Samba4 by myself. Klaus Hi I don't think you can have (or would want?) network neighbourhood with AD. It may be best to have real shares and control access using ACL's or smb.conf. If you can, I really would advise building s4 from source: 4.0.8 for both DC and file server and using samba for the DC and smbd for the file server. It takes longer but it's easy to do and you can be sure to have the latest version. If you want to stick with Ubuntu then I see the s4 DC and separate s3 file server the best way to go. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
Hi! I set up s3 on the fileserver now but I cannot connect to my share. 'wbinfo -u' lists all user 'wbinfo-g' lists all groups getent also list the queried user. But when I try to connect from Win7 to my s3 share, it asks for creds but does not accept any. I cannot see any log entries. What's wrong now? Klaus Am 06.08.2013 12:58, schrieb steve: On Tue, 2013-08-06 at 12:36 +0200, Klaus Rörig wrote: Hi, it seems that the ntvfs module is not working on Ubuntu, I get lots of error messages about this. I don't see Samba4 servers on network neighborhood, so users cannot browses shares but I do see Samba3 servers, so I have to get Samba3 working with Samba4. Or I have to build Samba4 by myself. Klaus Hi I don't think you can have (or would want?) network neighbourhood with AD. It may be best to have real shares and control access using ACL's or smb.conf. If you can, I really would advise building s4 from source: 4.0.8 for both DC and file server and using samba for the DC and smbd for the file server. It takes longer but it's easy to do and you can be sure to have the latest version. If you want to stick with Ubuntu then I see the s4 DC and separate s3 file server the best way to go. Cheers, Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
On Tue, 2013-08-06 at 14:34 +0200, Klaus Rörig wrote: Hi! I set up s3 on the fileserver now but I cannot connect to my share. 'wbinfo -u' lists all user 'wbinfo-g' lists all groups getent also list the queried user. But when I try to connect from Win7 to my s3 share, it asks for creds but does not accept any. I cannot see any log entries. What's wrong now? Hi Too general without knowing a bit more: Who is logged in on the Win7 box? Is the Win7 box joined to the domain? What are the permissions on /srv and /srv/share? Can the user access the share if logged in on the file server? Can the user access the share using smbclient? Does the share appear as a folder in explorer? What does the windows security tab give for the share? Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
Hi! Authentication works when I set 'password server = server01', but then testparm complains: WARNING: The setting 'security=ads' should NOT be combined with the 'password server' parameter. (by default Samba will discover the correct DC to contact automatically). But Samba doesn't. DNS is working: host -t srv _kerberos._tcp _kerberos._tcp.verwaltung.leibniz-remscheid.de has SRV record 0 100 88 server01.verwaltung.leibniz-remscheid.de. host server01 server01.verwaltung.leibniz-remscheid.de has address 192.168.20.200 Klaus On Tue, Aug 6, 2013 at 5:13 PM, steve st...@steve-ss.com wrote: On Tue, 2013-08-06 at 14:34 +0200, Klaus Rörig wrote: Hi! I set up s3 on the fileserver now but I cannot connect to my share. 'wbinfo -u' lists all user 'wbinfo-g' lists all groups getent also list the queried user. But when I try to connect from Win7 to my s3 share, it asks for creds but does not accept any. I cannot see any log entries. What's wrong now? Hi Too general without knowing a bit more: Who is logged in on the Win7 box? Is the Win7 box joined to the domain? What are the permissions on /srv and /srv/share? Can the user access the share if logged in on the file server? Can the user access the share using smbclient? Does the share appear as a folder in explorer? What does the windows security tab give for the share? Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
How does your /etc/krb5.conf file look? On Tue, Aug 6, 2013 at 2:21 PM, Klaus Rörig kroe...@gmail.com wrote: Hi! Authentication works when I set 'password server = server01', but then testparm complains: WARNING: The setting 'security=ads' should NOT be combined with the 'password server' parameter. (by default Samba will discover the correct DC to contact automatically). But Samba doesn't. DNS is working: host -t srv _kerberos._tcp _kerberos._tcp.verwaltung.leibniz-remscheid.de has SRV record 0 100 88 server01.verwaltung.leibniz-remscheid.de. host server01 server01.verwaltung.leibniz-remscheid.de has address 192.168.20.200 Klaus On Tue, Aug 6, 2013 at 5:13 PM, steve st...@steve-ss.com wrote: On Tue, 2013-08-06 at 14:34 +0200, Klaus Rörig wrote: Hi! I set up s3 on the fileserver now but I cannot connect to my share. 'wbinfo -u' lists all user 'wbinfo-g' lists all groups getent also list the queried user. But when I try to connect from Win7 to my s3 share, it asks for creds but does not accept any. I cannot see any log entries. What's wrong now? Hi Too general without knowing a bit more: Who is logged in on the Win7 box? Is the Win7 box joined to the domain? What are the permissions on /srv and /srv/share? Can the user access the share if logged in on the file server? Can the user access the share using smbclient? Does the share appear as a folder in explorer? What does the windows security tab give for the share? Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 as member server
On Mon, 2013-08-05 at 22:25 +0200, Klaus Rörig wrote: I cannot the member server working. My smb.conf: Hi Leave the domain and remove the .tdb files in /var/lib/smb. Then rejoin with this: [global] workgroup = VERWALTUNG security = ads realm = VERWALTUNG.LEIBNIZ-REMSCHEID.DE encrypt passwords = true idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config VERWALTUNG:backend = ad idmap config VERWALTUNG:schema_mode = rfc2307 idmap config VERWALTUNG:range = 500-4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes [verwaltung] path = /srv/shares read only = no Start it with: smbd; winbindd Prolly not perfect, but should get you a bit close. hth Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba