Re: [Samba] How to access shares via HTTP (apache2)
Why do you need to access your shares via HTTP???!! THe only thing this might be usefull is from outside your lan over internet?! If you plan this, there ist the linux opensource solution OPENVPN!! With this mighty software you work with your shares and outlook from outside as if you were in your bureau. Take a look at it and give it a try! Daniel -Ursprüngliche Nachricht- Von: "Robert LeBlanc" An: "Martin Balint" Cc: Gesendet: Donnerstag, 31. Dezember 2009 18:25 Betreff: Re: [Samba] How to access shares via HTTP (apache2) On Thu, Dec 31, 2009 at 7:35 AM, Martin Balint wrote: Hello, I configured samba fileserver as a member of samba domain. PDC and fileserver are different machines. It works great using windows sharing. Now, I need to set up apache to serve my shares, but I am having problem with permissions. Apache runs as www-user, and doesn't see content in shares. So I would like to ask, what is the proper way to use apache (or another http server) to serve files on file server. Using Ubuntu 9.10 and Samba 3.4.0-3ubuntu5.1. Thanks for help, Martin Right now, my configuration is: smb.conf [global] workgroup = DOMAIN.EU netbios name = share2 server string = %h server (Samba, Ubuntu) log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d winbind separator = + idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes security = domain password server = * [software] comment = Shared software path = /srv/fileserver/software force group = "DOMAIN.EU+domain users" create mask = 0660 directory mask = 0770 writable = yes /etc/nsswitch.conf: passwd: compat winbind group: compat winbind # ls -la /srv/fileserver/software/ total 20 drwxrwxrwx 5 root root 4096 2009-12-31 12:12 . drwxr-xr-x 3 root root 4096 2009-12-31 00:08 .. drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 00:24 test2 drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 12:11 test3 drwxrwx--- 2 DOMAIN.EU+martin DOMAIN.EU+domain users 4096 2009-12-31 12:12 test4 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba I guess you are trying to do this with wedav. I've looked and have not found a good Linux solution. To use Apache, you would have to write a listener that forks an Apache process as the user. That is expensive and there is no pre-built solution out there. We finally gave up and used Windows 2008 with IIS 7 which can do this natively. We set-up a web site who's root is our samba share (we only have one share and specify all permissions through ACLs). This preserves permissions and owners so that quotas are not thrown off. We initially did some nasty group member things to get it to work with Apache, but the management overhead was a nightmare and went with the Windows solution even though we wanted to go Linux. Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to access shares via HTTP (apache2)
Hello, as from windows vista on web dav support from microsoft ist no more than before. But if you do not miss the drag and drop thing and so on with your users. Try this (Linux): http://sourceforge.net/projects/davenport or: http://www.simple-groupware.de/cms/WebDAV or their special package (supports dfs!!!): http://www.simple-groupware.de/cms/WebDisk/IntegraTUMWebDisk But in all cases your firewall need to be configured Greetings Daniel -Ursprüngliche Nachricht- Von: Robert LeBlanc An: Daniel Müller Cc: samba@lists.samba.org Gesendet: Freitag, 1. Januar 2010 17:02 Betreff: Re: [Samba] How to access shares via HTTP (apache2) On Fri, Jan 1, 2010 at 8:10 AM, Daniel Müller wrote: Why do you need to access your shares via HTTP???!! THe only thing this might be usefull is from outside your lan over internet?! If you plan this, there ist the linux opensource solution OPENVPN!! With this mighty software you work with your shares and outlook from outside as if you were in your bureau. Take a look at it and give it a try! Daniel In our case, we already have a VPN solution (Cisco, definatly not our choice) in place. We wanted a solution that is cross-platform and didn't require anything to be intalled on the OS and would never be blocked by any firewall. WebDav fit the bill alhough it sucks prety bad on Windows, it is still there. Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Claim Your Prize!!!
Hello to all, What have this unserious people to do with SAMBA??Please prevent this people from taken action on the samba list. Ban them right now. This is abuse of the list. Greetings Daniel -Ursprüngliche Nachricht- Von: "STAATSLOTERIJ EMAIL PROMOTION.NL" An: "undisclosed-recipients:" Gesendet: Samstag, 2. Januar 2010 11:53 Betreff: [Samba] Claim Your Prize!!! Claim Your Prize!!! This email is to notify you that your Email Address attached to a Ticket Number: 64/3721/62/18 has won an Award Sum of 1,000,000.00(One Million Euro) In an Email Sweepstakes program held on the 1st of January 2010 in the Netherlands. draw was done electronically with several email addresses provided to this office by web mail providers to enhance the utilization of the internet Please contact the claim officer through the below given contact information. STAATS LOTTERIJ CLAIM DEPARTMENT OFFICER. Mr. Peter Hans. Tel: 0031-619-863-365, Please Reply To These Two Email Below. staatspromot...@aol.nl staats_cl...@aol.nl Your Names: Phone number: Nationality: You Full Email Address: Ticket Number: 85/9432/11/42 Ref Number: HEL21/628439/94 Batch Number: 72431528/MYW Please forward the above stated winning information to your Staatslotterij Claim department officer. N:B: You are advised to keep your winning strictly confidential until your winning is processed and received by you this is to avoid double claiming which could lead to disqualification. Congratulations!!! Yours Sincerely, Mrs.Marissa Joyce, (Public Relation Officer) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.4 clustering CTDB
Hello to all, Did someone succed with samba clustering using CTDB? We just started a project trying to set up a cluster with Samba 3.4 and ctdb and 2 nodes. We aim to substitute the samba pdc bdc thing which is not sufficient I thing. Because when the pdc is down the bdc must be set manually to be the pdc. If clustering should work then ctdb (load balancing!?)will decide which node to authenticate against and will sync user groups and files. If one node fails the other would take over and users and clients can work on. Are these things possible in current state of development??? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] subfolder level restriction
Look at the issue "dont descend" in the [mrt] config. Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von himmat baldaniya Gesendet: Dienstag, 19. Januar 2010 09:39 An: samba samba Betreff: [Samba] subfolder level restriction hello I have three users u1 ,u2 and u3 I have a share named "mrt" and it has two subfolder "mrt1" and "mrt2". what i have to do is that when u1 logs in mrt it should view all the contents inside mrt (including contents of its subfolderand all) and when u2 logs into mrt it should view mrt1 and restrict mrt2 and in same way when u3 logs into mrt ,it could access mrt2 and restrict mrt1 how should i do this ?? please Help thankyou _ Windows 7: Find the right PC for you. Learn more. http://windows.microsoft.com/shop -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] registry based config
Dear all, the registry based config on samba 3.3.1 suse 10.2: I imported the shares with net conf import fileinsmbconfformat_ofshares. I made them available in smb.conf by: include registry=yes. Users have access to the shares. But I get the error when opening the registry of my sambaserver from an xp client: Klicking on HK_LOCAL_MACHINE>Software>Samba>smbconf gives me : An error occurred opening smbconf. No Access!. How can I grant access to show the internal keys. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: file copy from share A to share B
>From your Ubuntu box rsync -e -a /ShareA/ /ShareB --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Stijn Oude Brunink Gesendet: Mittwoch, 3. Februar 2010 11:59 An: samba@lists.samba.org Betreff: [Samba] file copy from share A to share B Hello, I'm using a samba server with one harddrive with several partitions. I want to copy some file from one partition to the other. My pc runs on Ubuntu and using the file browser I can easily copy files from one partition to the other. If I copy files from one samba share to the other using the file browser the file will be transported over the network to my pc and then back to the other samba share. This is very inefficient if the files are large. Is there a more efficient way of doing this? thanks Stijn -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Problem with Excel
What is your samba version? You need at least 3.28 There is a bug concerning execl files acls. Look at your linux/unix box when you save your exel files in the share it will loose their ownership and permissions. Or try this: http://support.microsoft.com/?id=812937 Von: "Claudio Guzman" An: Gesendet: Mittwoch, 3. Februar 2010 20:32 Betreff: [Samba] Problem with Excel To try to overwrite, download and copy an excel file in a shared folder on Samba, gives me error that the operation can not be done or not have permissions to perform the task. This problem happens to me with this type of format office2003 Excel SP3 Any idea to this error or bug fixed Best Regards. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 clustering
Hello, is there a way to cluster samba4 with ctdb? The old [global] parameters of samba3 Will not work: Clustering=yes <--unknown with testparm Idmap backend= tdb2 <--unknown with testparm Greeetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 clustering
CTDB is not the problem it is already installed. The problem is that the paramater used for samba3 can not be used. I need to know the new parameters for samba4!? If there are any!? -Ursprüngliche Nachricht- Von: Maiquel Consalter An: muel...@tropenklinik.de Cc: samba@lists.samba.org Gesendet: Mittwoch, 17. Februar 2010 17:07 Betreff: Re: [Samba] Samba4 clustering But, i think yoy need to install ctdb.. 2010/2/17 Daniel Müller Hello, is there a way to cluster samba4 with ctdb? The old [global] parameters of samba3 Will not work: Clustering=yes <--unknown with testparm Idmap backend= tdb2 <--unknown with testparm Greeetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Att, Maiquel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3 vfs Modul:virtual share in mysql
Dear All, it seems a few years ago there where a vfs (Dtabasefs!?)modul making it possible to build a virtual share from within a mysql database. In praxis: I thought to have images in my mysqldatabase. The virtual share in samba points to that database. Users could browse this virtual share and so searching the pitures is much more easier. Is there anything out that can do this? Or what are the conditions to build such vfs-module ? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3 vfs Modul:virtual share in mysql
Thank you for Your reply. Where can I find instructions (Documentation)to build my own vfs-Modul?! Does opensuse platform supports fuse? Daniel -Ursprüngliche Nachricht- Von: "Volker Lendecke" An: "Daniel Müller" Cc: Gesendet: Mittwoch, 24. Februar 2010 13:49 Betreff: Re: [Samba] Samba 3 vfs Modul:virtual share in mysql -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 clustering
If I understand it right, I do not have to cluster anything. I can run two or more samba4 DCs. If one fail the other will take over. Or the other way, if two samba4 DCs own the same domain, ex. Test.local, they load balance the domain? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andrew Bartlett [mailto:abart...@samba.org] Gesendet: Sonntag, 21. März 2010 08:54 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] Samba4 clustering On Wed, 2010-02-17 at 14:53 +0100, Daniel Müller wrote: > Hello, > > is there a way to cluster samba4 with ctdb? > The old [global] parameters of samba3 > Will not work: > Clustering=yes <--unknown with testparm Idmap backend= tdb2 <--unknown > with testparm > Samba4 does not support any clustered operation. In it's primary role as an AD domain controller, this simply isn't needed - multiple DCs are expected. The fileserver could with work be clustered - indeed ctdb was first developed in Samba4 - but there is no work in this area at this time. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 clustering
In this case there is a need for replication. What is the status quo? Will the DCs replicate their databases? Where do I set replication? In my smb.conf? Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Andrew Bartlett [mailto:abart...@samba.org] Gesendet: Montag, 22. März 2010 08:52 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: [Samba] Samba4 clustering On Mon, 2010-03-22 at 08:38 +0100, Daniel Müller wrote: > If I understand it right, I do not have to cluster anything. I can run two or > more samba4 DCs. If one fail the other will take over. > Or the other way, if two samba4 DCs own the same domain, ex. Test.local, they > load balance the domain? Correct. Load balancing is up to the client, but yes it should just work. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 4 smb.conf parameters
Dear all, after al lot playing around with samba 4 . There are a few questions concerning the parameters left for the smb.conf. Where can I get a link to the parameters for read and write permissions and so on. It seems the old parameters are gone. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2
Dear all, I have samba 3.2.15 PDC running with an openldap backend and smbd4wins on the same host. There is also a BDC the same as my PDC. After I did an update to 3.3.12 on my BDC this worked on the fly without problems. Then I went on doing the same update on my PDC with the result of chaos. No user was able to logon anymore , when I did a smbclient -L mypdc -N it was extremely slow, and my whole domain was down. After a few hours searching for the reasons, I only saw an error with the samba talking to my openldap on my PDC (this error was definitly not on my BDC with quiet the same configuration) that searching the ldap database. At the end the only way to solve this was to downgrade again to 3.2.15. Is there a way to upgrade a samba PDC to 3.3.12 without fail!? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2
groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' idmap uid=15000-2 idmap gid=15000-2 ldap ssl=no #vista compatibility client lanman auth=no client ntlmv2 auth=yes load printers = Yes nt acl support = No printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd preserve case = yes short preserve case = yes case sensitive = no --- The error that occurred while samba talking to ldap on my PDC and only there not on my BDC: EXT oid=1.3.6.1.4.1.1466.20037 Apr 8 09:22:20 tuepdc slapd[7693]: do_extended: unsupported operation "1.3.6.1.4.1.1466.20037" Apr 8 09:22:20 tuepdc slapd[7693]: conn=441 op=0 RESULT tag=120 err=2 text=unsupported extended operation No user could logon to the PDC nor did the account of the workstations longer work. The chaos was, that the Samba BDC only served a few users all other users could not work any more. So my question again: How can I bring the PDC to version 3.3.12 safely and how can I guarantee the BDC is taking over right in time and all of my users can work on. Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Stan Hoeppner Gesendet: Sonntag, 11. April 2010 00:20 An: samba@lists.samba.org Betreff: Re: [Samba] Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2 Daniel Müller put forth on 4/10/2010 2:11 AM: > > > Dear all, I have samba 3.2.15 PDC running with an openldap backend and > smbd4wins on the same host. There is also a BDC the same as my PDC. After I > did an update to 3.3.12 on my BDC this worked on the fly without problems. > Then I went on doing the same update on my PDC with the result of chaos. No > user was able to logon anymore , when I did a smbclient -L mypdc -N it was > extremely slow, and my whole domain was down. After a few hours searching > for the reasons, I only saw an error with the samba talking to my openldap > on my PDC (this error was definitly not on my BDC with quiet the same > configuration) that searching the ldap database. At the end the only way to > solve this was to downgrade again to 3.2.15. Is there a way to upgrade a > samba PDC to 3.3.12 without fail!? Greetings Daniel It might help if you share that error message with the list. Just telling us that you upgraded Samba and something broke doesn't give us much to go on. Error messages, relevant log entries, and config files are always helpful. -- Stan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Windows 7 Policies????
Hello, You need a section in your smb.conf: [netlogon] with the path to your netlogon-directory In your [global] you need --> logon script = thenameofyourlogonscript This works for me with samba 3.2.15 and Windows7 --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Timothy Johnson Gesendet: Mittwoch, 14. April 2010 23:14 An: samba@lists.samba.org Betreff: [Samba] Windows 7 Policies I am hoping someone can point me in the right direction. I just started adding windows 7 to my domain, and my logon scripts are not running. They arent even trying to run. How do you enforce policies on windows 7? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2
What happend to my question?! Is there someone who could help me getting on? Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:muel...@tropenklinik.de] Gesendet: Mittwoch, 14. April 2010 16:28 An: 'samba@lists.samba.org' Betreff: WG: [Samba] Upgrading 3.2.15 to 3.3.12 sernet package on opensuse 10.2 My Configuration, On my PDC: Samba version 3.2.15 /LDAP-Master (slurpd)/SMBD4wins <-- version 3.3.12 not working. Downgrade again On my BDC: Samba version 3.3.12 /LDAP-Slave <-- version 3.3.12 working [global] on PDC [global] workgroup = tuepdc.local bind interfaces only = true interfaces = 192.168.135.143/24 127.0.0.0/8 socket address = 192.168.135.255 profile acls = no hosts allow = 127.0.0.1 192.168.129.0/24 192.168.133.0/24 192.168.134.0/24 192.168.132.0/24 192.168.135.0/24 10.0.77.0/24 hosts deny = 0.0.0.0/0 server string = tuepdc.local MasterServer %v admin users = root, administrator,marstaller ldap passwd sync = Yes passwd program = /usr/local/sbin/smbldap-passwd -u %u log level = 0 vfs:[01] log file = /system/log/%U.%m.log syslog = 0 max log size = 3000 time server = Yes read raw = yes defer sharing violations = no write raw = yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE mangling method = hash2 dos charset = 850 unix charset = ISO8859-15 display charset = ISO8859-15 logon script = logon.bat logon drive = S: logon path = security = user domain logons = Yes domain master = Yes browse list = true os level = 254 preferred master = Yes wins support = no wins server = 192.168.135.150 dns proxy = yes smb ports = 139 445 passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=tuepdc,dc=local ldap suffix = dc=tuepdc,dc=local ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k /dummy "%u" delete user script = /usr/local/sbin/smbldap-userdel -r "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" delete group script = /usr/local/sbin/smbldap-groupdel "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' client lanman auth = no client ntlmv2 auth = yes load printers = Yes nt acl support = no printing = cups printcap name = cups deadtime = 10 map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd preserve case = yes case sensitive = no [global] on smbd4wins/pdc [globals] netbios name= tuepdc-wins workgroup=tuepdc.local bind interfaces only=yes interfaces=192.168.135.150 ntpd:disable_broadcast=yes wins server=192.168.135.150 log level=4 dns proxy=yes --- [global] on BDC [global] workgroup = tuepdc.local netbios name = tuebdc enable privileges = yes interfaces = 192.168.135.144/24 127.0.0.0/8 bind interfaces only=true profile acls=no hosts allow=127.0.0.1 192.168.129.0/24 192.168.133.0/24 192.168.134.0/24 192.168.132.0/24 192.168.135.0/24 10.0.77.0/24 hosts deny=0.0.0.0/0 large readwrite=no max xmit=166644 server string = tuebdc.local BackupServer %v admin users=root, administrator, marstaller encrypt passwords = Yes ldap passwd sync = Yes passwd program = /usr/local/sbin/smbldap-passwd -u %u log level = 0 vfs:[01] log file=/system/log/%U.%m.log syslog = 0 max log size = 3000 defer sharing violations=no time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-15 display charset=ISO8859-15 logon script = logon.bat logon drive = S: logon path= security=user domain logons = Yes domain master=NO os level = 100 preferred master =Yes local master =Yes wins support = no wins server=192.168.135.150 dns proxy=yes host msdfs=yes smb ports=139 445 passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=tuepdc,dc=local ldap suffix =
[Samba] Which version of CTDB
Dear all, after downloading ctdb with rsync -avz samba.org::ftp/unpacked/ctdb and compiling well. I installed on my Centos 5.3 sernet package samba 3.5.2. Also working well. But after setting up ctdb and samba und running it my two nodes freezing for a while And ctdb and samba are down again. On Both nodes My /etc/sysconfig/ctdb: CTDB_RECOVERY_LOCK="/cluster/recovery/recovery" CTDB_PUBLIC_ADDRESSES=/etc/ctdb/public_addresses CTDB_MANAGES_SAMBA=yes ulimit -n 1 CTDB_NOTIFY_SCRIPT=/etc/ctdb/notify.sh CTDB_DBDIR=/var/ctdb CTDB_DBDIR_PERSISTENT=/var/ctdb/persistent CTDB_EVENT_SCRIPT_DIR=/etc/ctdb/events.d CTDB_SOCKET=/tmp/ctdb.socket CTDB_TRANSPORT="tcp" CTDB_MONITOR_FREE_MEMORY=100 CTDB_LOGFILE=/var/log/log.ctdbq My /etc/ctdb/nodes 192.168.134.28 192.168.134.27 My /etc/ctdb/public_addresses 192.168.134.100/24 eth0 192.168.134.101/24 eth0 My /etc/samba/smb.conf [global] workgroup = domain-cluster security=user clustering=yes private dir=/cluster/recovery passdb backend=tdbsam groupdb:backend=tdb idmap backend=tdb2 idmap uid=100-200 idmap gid=100-200 fileid:algorithm = fsname [test] path= /cluster/samba writeable=yes vfs objects= fileid My mount point for gfs-cluster: /dev/drbd0 on /cluster type gfs (rw,hostdata=jid=0:id=589825:first=1) A cut of my log in /var/log/log.ctdb 2010/05/19 15:31:21.784728 [ 5356]: Starting CTDB daemon 2010/05/19 15:31:21.795804 [ 5357]: Set scheduler to SCHED_FIFO 2010/05/19 15:31:21.796078 [ 5357]: tcp/tcp_connect.c:349 Failed to bind() to so cket. Success(0) 2010/05/19 15:31:21.796111 [ 5357]: ctdb chose network address 192.168.134.28:43 79 pnn 0 2010/05/19 15:31:21.796337 [ 5357]: Attached to database '/var/ctdb/persistent/s ecrets.tdb.0' 2010/05/19 15:31:21.796359 [ 5357]: Attached to persistent database secrets.tdb 2010/05/19 15:31:21.797331 [ 5357]: Keepalive monitoring has been started 2010/05/19 15:31:21.797391 [ 5357]: Monitoring has been started 2010/05/19 15:31:21.819914 [ 5359]: monitor_cluster starting 2010/05/19 15:31:28.212161 [ 5357]: NMB-Dienste starten: [ OK ] 2010/05/19 15:31:28.212280 [ 5357]: server/ctdb_control.c:449 Unknown CTDB contr ol opcode 119 What do I missing ------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Which version of CTDB
coveries to end. Wait one more second. 2010/05/20 09:35:49.541157 [31866]: CTDB_WAIT_UNTIL_RECOVERED 2010/05/20 09:35:49.541222 [31866]: server/ctdb_monitor.c:251 wait for pending recoveries to end. Wait one more second. 2010/05/20 09:35:50.541773 [31866]: CTDB_WAIT_UNTIL_RECOVERED 2010/05/20 09:35:50.541842 [31866]: server/ctdb_monitor.c:251 wait for pending recoveries to end. Wait one more second. 2010/05/20 09:35:51.380680 [31866]: server/ctdb_takeover.c:162 public address '192.168.134.101' now unassigned (old iface '__none__' refs[0]) 2010/05/20 09:35:51.380797 [31866]: server/ctdb_takeover.c:162 public address '192.168.134.100' now unassigned (old iface '__none__' refs[0]) 2010/05/20 09:35:51.543367 [31866]: CTDB_WAIT_UNTIL_RECOVERED 2010/05/20 09:35:51.543426 [31866]: server/ctdb_monitor.c:251 wait for pending recoveries to end. Wait one more second. 2010/05/20 09:35:52.543968 [31866]: CTDB_WAIT_UNTIL_RECOVERED 2010/05/20 09:35:52.544037 [31866]: server/ctdb_monitor.c:251 wait for pending recoveries to end. Wait one more second. 2010/05/20 09:35:53.544573 [31866]: CTDB_WAIT_UNTIL_RECOVERED 2010/05/20 09:35:53.544666 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/share_info.tdb.1' healthy 2010/05/20 09:35:53.544695 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/registry.tdb.1' healthy 2010/05/20 09:35:53.544721 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/passdb.tdb.1' healthy 2010/05/20 09:35:53.544747 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/secrets.tdb.1' healthy 2010/05/20 09:35:53.544774 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/account_policy.tdb.1' healthy 2010/05/20 09:35:53.544800 [31866]: server/ctdb_ltdb_server.c:418 persistent db '/var/ctdb/persistent/group_mapping.tdb.1' healthy 2010/05/20 09:35:53.544820 [31866]: ctdb_recheck_presistent_health: OK[6] FAIL[0] 2010/05/20 09:35:53.544839 [31866]: server/ctdb_monitor.c:300ctdb_start_monitoring: ctdb_recheck_persistent_health() OK 2010/05/20 09:35:53.544857 [31866]: server/ctdb_monitor.c:302 Recoveries finished. Running the "startup" event. 2010/05/20 09:35:54.545182 [31866]: server/eventscript.c:715 Starting eventscript startup 2010/05/20 09:35:54.611981 [31866]: Connected client with pid:32062 2010/05/20 09:35:54.653053 [31866]: ERROR: No link on the public network interface eth0 2010/05/20 09:35:54.654966 [31866]: Connected client with pid:32088 2010/05/20 09:35:54.951970 [31866]: Invalid command: net serverid 2010/05/20 09:35:54.952835 [31866]: Usage: 2010/05/20 09:35:54.952883 [31866]: net rpc Run functions using RPC transport --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Volker Lendecke [mailto:volker.lende...@sernet.de] Gesendet: Mittwoch, 19. Mai 2010 17:37 An: Daniel Müller Cc: samba@lists.samba.org Betreff: Re: [Samba] Which version of CTDB On Wed, May 19, 2010 at 04:39:38PM +0200, Daniel Müller wrote: > after downloading ctdb with rsync -avz samba.org::ftp/unpacked/ctdb > and compiling well. Please retry, Stefan Metzmacher kindly fixed something with the rsync url. Thanks, Volker signature.asc Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: cannot see or browse a share from a VPN client
Hello, Your VPN does not pass through Netbios. What kind of VPN are you using? Openvpn does netbios Pass trough. Did You "interfaces=IPinyour192.168.0.0/24 IPinyour172.16.15.0/24..." In your smb.conf to make samba send browselists in your 172.16.15.0 net?? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von H.S. Gesendet: Dienstag, 8. Juni 2010 18:06 An: samba@lists.samba.org Betreff: [Samba] cannot see or browse a share from a VPN client Hello. I have three separate networks on my LAN: wired network (192.168.0.0/24) wireless network (192.168.5.0/24) VPN (172.16.15.0/24) Here is an ASCII art showing my setup: ,--. ppp0 <--eth1eth0--192.168.0.0/24--->to LAN switch | wlan0--192.168.5.0/24---> WLAN | tun0--172.16.15.0/24---> VPN |__| | "ROUTER": Samba and VPN server machine "ROUTER" is running Debian Testing and 2.6.30-2-686 kernel. The VPN client mentioned below is a Dell laptop running Ubuntu Karmic. I have setup Samba with a shared folder on the VPN server. I can browse the Samba network from wireless machines fine. But I cannot do so from a wireless machine with a VPN connection, i.e. VPN clients from my WLAN do not see the Samba network (from Gnome Network browsing GUI). This is what I wanted to achieve but it is not working. What am I missing here? I have the following in smb.conf file (wireless clients are not allowed intentinally, the idea is to allow them only via VPN): hosts allow = 127.0.0.1 192.168.0.0/24 172.16.15.0/24 hosts deny = 0.0.0.0/0 Now, at this point, from a machine on wireless LAN, I am able to mount the samba shared folder on "ROUTER" using "sudo smbmount -o user=guest". However, I do not see the share from Gnome's Network GUI tool. On the other hand, if the machine is put on the wired network, and is connected via VPN, the GUI can see the share without any problems. In short, smbmount works from LAN and from VPN, but Gnome Network browsing works only from LAN and not from VPN. What have I missed in the setup? In case this is relevant, when I start samba on the firewall machine "ROUTER" , I see the following in its log: * Samba name server ROUTER is now a local master browser for workgroup ROUTERSMB on subnet 192.168.0.1 * * Samba name server ROUTER is now a local master browser for workgroup ROUTERSMB on subnet 192.168.5.1 * Why do only these two networks act as a local browser and why doesn't VPN (172.16.15.0/24) also do so? Thanks in advance. -- Please reply to this list only. I read this list on its corresponding newsgroup on gmane.org. Replies sent to my email address are just filtered to a folder in my mailbox and get periodically deleted without ever having been read. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Samba PDC and big files
/man/Samba-Guide/happy.html#id2582162 My kixkstart script: ;we redirect personal folder to the server ;we look at the registry if there isvalue that the folders has been redirected ;zunächst gibt es diesen Eintrag schon? $RETURNCODE=EXISTKEY("HKEY_CURRENT_USER\tpdc") ;if not set it it in the registry IF NOT $RETURNCODE=0 ADDKEY("HKEY_CURRENT_USER\tpdc") ;now if we set the above key we know it ist he first login and we set it. Later on we will delete this key ADDKEY("HKEY_CURRENT_USER\tpdc\FIRST_LOGIN") ENDIF ;now if it ist he first login we have to do something $RETURNCODE=EXISTKEY("HKEY_CURRENT_USER\tpdc\FIRST_LOGIN") IF $RETURNCODE=0 ;geschachtelte Bedingung $RETURNCODE=EXISTKEY("HKEY_CURRENT_USER\tpdc\profile_copied") IF NOT $RETURNCODE=0 ;if there is a profile IF EXIST("\\tp...@userid\@userID\profile") copy "\\tp...@userid\@userID\profile\Eigene Dateien\*" "\\tp...@userid\" ENDIF ;nun setzen wir den hinweis das Eigene Dateien kopiert worden sind ADDKEY("HKEY_CURRENT_USER\tpdc\profile_copied") ;set the redirected shell folders in the registry WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\Shell Folders","Personal","\\tp...@userid","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\Shell Folders","My Pictures","\\tp...@userid\meine Bilder","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\Shell Folders","My Music","\\tp...@userid\meine Musik","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\Shell Folders","My Videos","\\tp...@userid\meine Videos","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\User Shell Folders","Personal","\\tp...@userid","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\User Shell Folders","My Pictures","\\tp...@userid\meine Bilder","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\User Shell Folders","My Music","\\tp...@userid\meine Musik","REG_SZ") WRITEVALUE("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Expl orer\User Shell Folders","My Videos","\\tp...@userid\meine Videos","REG_SZ") ;jetzt sollen Server profile nicht mehr lokal gecached werden 16.07.07 wird über ntconfig.pol abgebildet ;$PFAD="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\" ;WRITEVALUE("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\","DeleteRoamingCache","000","REG_DWORD") ;schachtelung ende ENDIF ;first login löschen $RETURNVALUE=EXISTKEY("HKEY_CURRENT_USER\tpdc\FIRST_LOGIN") IF $RETURNVALUE=0 DELKEY("HKEY_CURRENT_USER\tpdc\FIRST_LOGIN") ENDIF For this to work you must have a policy for all your clients to not locally cache profiles. Happy trying Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Natxo Asenjo Gesendet: Donnerstag, 24. Juni 2010 20:50 An: Samba Mail List Betreff: Re: [Samba] Samba PDC and big files On Thu, Jun 24, 2010 at 2:04 PM, Pedro Rafael Alves Simoes wrote: > Hello, > > I'm trying to setup a PDC with Samba, but I have the known problem of the > roaming profiles: big files. I think it's difficult to guarantee that a > inexperienced user will copy is downloaded files, documents, or whatever, > to a H:\ share instead of is handy desktop. Other problem is the files of > Outlook or Thunderbird that can get big. The goal is to avoid email > configuration each time the user changes to another workstation, so I can't > configure the email client to store the files locally on the workstation. 1. Do not store mail locally, you will lose mail if you do. Use a central imap server for instance, it's also much easier for backups; 2. I set the user's desktop to readonly with cacls in the logon scripts, problem solved (get yourself management's approval before you try this, explain why it is necessary). If they do not want to listen to you then ... 3. use folder redirection. This is harder to do in a pure samba 3 environment than in AD, but it is certainly doable. Soon, with samba 4 we will have all the group policy goodies :-) -- natxo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Synchronisation using LDAP
Hello, Try with ldapadmin (sourceforge) Point your configuration to yoursambaldapserver Port: 389 Version3 Example: Base: CN=Configuration,DC=yourads,DC=yourads Drop in your Username and password. This is working for me --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Jorijn Schrijvershof Gesendet: Freitag, 2. Juli 2010 13:40 An: samba@lists.samba.org Betreff: [Samba] Synchronisation using LDAP Hello All, I am trying to set up a sync between google apps professional and samba4, we are currently in the fase to use samba4 instead of our current windows 2008 AD. However, I can't seem to browse the internal LDAP server. I am using the alpha12. Whenever I try to connect, I recieve no such attribute. Please advise on how to connect properly. -- Jorijn Schrijvershof -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: Cross subnet browsing + OpenVPN
What about your openvpn config? The tun net must have an entry in your hosts allow. If you work with briding the remote network has to be the same subnet as the local!? Bridging is the best way to have a remote net integrated. I have one logging in form Berlin on my Samba-Domain. Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Julian Pilfold-Bagwell Gesendet: Dienstag, 6. Juli 2010 14:12 An: samba@lists.samba.org Betreff: [Samba] Cross subnet browsing + OpenVPN Hi All, I'm having a problem with cross subnet browsing and name resolution across an openvpn tunnel. i've found quite a few people who've had the same on mail lists but none of their fixes have worked. The spec of the setups at both ends of the tunnel are as follows: OS - CentOS 5.5 Samba Version 3.5.4 OpenVPN Version 2.0.9-1 Each server is configured in gateway mode with two NICS, one to the lan and the other to a modem/router. The first machine, HEADOFFICE, has an internal IP address of 192.168.0.1 and an external of 192.168.10.4. The second machine, REMOTE1, has an internal address of 192.168.1.254 and an external of 192.168.20.4. On openVPN, I have configured client to client and routes and iroutes to allow machines on each network to ping machines at the other end as well as the server IP's. So far so good and I can ping any machine on either subnet from anywhere and get a reply. The servers are configured as Samba servers with the HEADOFFICE machine working as a PDC, DMC and WINS server and the REMOTE1 machine configured as a BDC and WINS proxy. In order to maintain logon facilities in the event of broadband failure, I have replicated the LDAP server from HEADOFFICE to REMOTE1 and updates and password changes propogate successfully from one site to the other. If I try to access HEADOFFICE from REMOTE1 and REMOTE1's subnet it works perfectly but trying to access REMOTE1 from HEADOFFICE and its subnet fails on name resolution while entering \\192.168.1.254\ brings up Windows Explorer and a list of shares. I've included the remote browse entries in smb.conf on the PDC and have WINS Proxying set up on the BDC but I can't get it to push REMOTE1's IP back to the WINS server. Port scanning the internal IP of each machine from the oher end of the tunnel returns a full set of open ports for the services I'm using but no IP. If anyone can spot what I'm doing wrong I'd be grateful. Thanks. smb.conf - HEADOFFICE ### Included 2nd subnet for second remote site in browse sync [ global] workgroup = NEWDOM netbios name = HEADOFFICE security = user enable privileges = yes interfaces = 192.168.0.1 127.0.0.1 # hosts allow = 192.168.0.0/255.255.255.0 192.168.1.0/255.255.255.0 194.168.2.0/255.255.255.0 127.0.0.1 remote announce = 192.168.2.255/NEWDOM 192.168.1.255/NEWDOM remote browse sync = 192.168.1.255 192.168.2.255 wins support = yes name resolve order = wins hosts bcast username map = /etc/samba/smbusers server string = Samba Server %v encrypt passwords = Yes ldap ssl = no unix password sync = yes ldap passwd sync = no passwd program = /usr/sbin/smbldap-passwd -u "%u" passwd chat = "Changing *\nNew password*" %n\n "*Retype new password*" %n\n" #public = yes #browseable = yes #lm announce = yes #browse list = yes #auto services = yes log level = 3 syslog = 0 log file = /var/log/samba/log.%U max log size = 10 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 local master = Yes domain logons = Yes domain master = Yes os level = 65 preferred master = Yes wins support = yes passdb backend = ldapsam:ldap://127.0.0.1 ldap admin dn = cn=Manager,dc=newdom,dc=ldm ldap suffix = dc=newdom,dc=ldm ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Idmap add user script = /usr/sbin/smbldap-useradd -m "%u" ldap delete dn = Yes delete user script = /usr/sbin/smbldap-userdel "%u" add machine script = /usr/sbin/smbldap-useradd -t 0 -w
[Samba] WG: Cross subnet browsing + OpenVPN
Hi, Robert Schetterer is right. You will succeed in the end with tap bridging. Bridiging does netbios reach trough. I did this with two XP-Clients 2 Nics build at each a bridge: Both the remote and the local Clients must be in the same subnet. My openvpn.conf: Client or server dev tap dev-node TAB proto udp remote 1194 resolv-retry infinite ca C:\\ca.crt cert C:\\client1.crt key C:\\client1.key ns-cert-type server verb 6 # Silence repeating messages script-security 2 comp-lzo tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 persist-tun persist-key route-delay 10 On CENTOS look here: http://csmorley.spaces.live.com/blog/cns!990C0A249621766!184.entry Greetings --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Robert Schetterer Gesendet: Freitag, 9. Juli 2010 17:26 An: t...@tms3.com Cc: samba@lists.samba.org Betreff: Re: [Samba] Cross subnet browsing + OpenVPN Am 09.07.2010 14:42, schrieb t...@tms3.com: > > > >> --- Original message --- >> *Subject:* Re: [Samba] Cross subnet browsing + OpenVPN >> *From:* Robert Schetterer >> *To:* >> *Date:* Friday, 09/07/2010 3:05 AM >> >> Am 09.07.2010 11:37, schrieb Julian Pilfold-Bagwell: >>> Sorry about the delay, family emergency to deal with. >>> browse sync shares the info across them. I tried putting the specific >>> IP addresses of the local master browsers into the browse sync but it >>> still doesn't seem to spread everything across all the subnets. >> >> you should use tap interfaces with openvpn > This is a matter of network design, and has nothing to do whatsoever > with the issue at hand. Further: i used samba with subnet browsing years ago it dont worked with tun interfaces, it must have been tab interfaces additional right samba setup times may changed, samba and openvpn changed but simply try it does not cost anything my setup was bdc--internalnet--firewall--(tunnel)--firewall--internalnet--pdc i had samba on the firewalls to bind to tab tunnel interfaces as wins proxy the pdc was the wins server, bdc as wins proxy and directed browsing to pdc, all clients did got well configured parameters per dhcp additional there was a working dns which matched dynamicly wins anyway times may change , and there are better solutions now but this one worked stable an robust read samba faqs wins and subnet browsing etc good luck > > > Server configuration file > > *dev tun > ifconfig 10.8.0.1 10.8.0.2 > secret static.key* > > > Client configuration file > > *remote myremote.mydomain > dev tun > ifconfig 10.8.0.2 10.8.0.1 > secret static.key* > > > From: > > http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-stat ic-key-mini-howto.html > > Which makes for a nice network to network setup for two locations > connected via a wan link. > > Why not shift the discussion to weather we should use IPSEC and racoon > instead of OpenVPN, or perhaps we should scrap all that and argue that > he should be using Cisco vpn gateways altogether? > > GUH! > > ** > > >> >> >>> >>> >>> From what I understand, the remote announce tells the WINS server to >>> broadcast across the remote subnets and remote >>> >>> On 06/07/10 13:50, t...@tms3.com wrote: >>>> >>>> >>>> SNIP >>>>> >>>>> Hi All, >>>>> >>>>> I'm having a problem with cross subnet browsing and name resolution >>>>> across >>>>> an openvpn tunnel. i've found quite a few people who've had the same on >>>>> mail lists but none of their fixes have worked. The spec of the >>>>> setups at >>>>> both ends of the tunnel are as follows: >>>>"remote announce = 192.168.2.255/NEWDOM 192.168.1.255/NEWDOM >>>> remote browse sync = 192.168.1.255 192.168.2.255" >>>> >>>> This looks odd to me. >>>> >>>> remote announce = / >>>> remote browse sync = >>>> >>>> NEEDED in both smb.conf >>>> >>>> wins server = >>>> >>>> Can't remember default for this setting so >>>> >>>> enhanced browsin
[Samba] WG: Samba, ldap and machine accounts
Hello Götz, grep yourself ldapadmin to administrate samba3 http://ldapadmin.sourceforge.net. What means to a certain point? You must add the machines on your centosbox to samba/ldap with the smbldap-tools (This never worked with my version). I did it with ldapadmin. Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Götz Reinicke - IT-Koordinator Gesendet: Donnerstag, 15. Juli 2010 15:27 An: samba@lists.samba.org Betreff: [Samba] Samba, ldap and machine accounts Hi, some time a go I started to try a migration form our "old" samba PDC with smbpasswd user backend to a new ldap based. I got to the point, that users can login to shares and now I'd liked to set up the server as an PDC with ldap and machine accounts too. The smbldap-toosl are installed and configured and I can add a machine to ldap to a certain point. The ldap entry is created, but when I restart the XP client there is a pop-up at the login window with the message, that the domain is not available. (The domain I joined a few minutes ago.) I restarted the samba server, I restarted the xp client, waited some time over night for the browser announcement to finish. Deleted the cached files on the sambe server in /var/cache/samba/ ... May be I missed something or deleted something I shouln't ... The server is centos 5.5, openldap-2.3.43, samba-3.0.33. The Client is windows xp SP3 with all latest patches and no modifications to the registry or anything else. In the logfiles is not clue to me. Any suggestion or help is appreciate! Thanks a lot and best regards, Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: WG: Samba, ldap and machine accounts
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] user add script, machine add script
I am using samba 3.024 on a suse 9.3 workstation.Everythings is working as it should but add users with the add user script from Microsofts usrmngr and Machines with the srvmgr from Win clients. The funny is I can add, delete groups put users into groups. Did someone manage this? greetings Daniel -- "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... Jetzt GMX TopMail testen: http://www.gmx.net/de/go/topmail?ac=OM.GX.GX003K11713T4783a -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: Re: [Samba] user add script, machine add script
Hello to all, after noone bother my subject. I think I'm all alone making mistakes on this thing. But I should really know if it is possible to mange the administration of samba in an comfortable way. After all the years I worked with it I never did manage it to be in an sufficent manner. Is there a plan in the future to have a central administration within the samba package? Original-Nachricht Datum: Thu, 08 Feb 2007 18:22:52 +0100 Von: "Daniel Müller" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] user add script, machine add script > I am using samba 3.024 on a suse 9.3 workstation.Everythings is working as > it should but add users with the add user script from Microsofts usrmngr > and Machines with the srvmgr from Win clients. > The funny is I can add, delete groups put users into groups. > Did someone manage this? > > > greetings > Daniel > -- > "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... > Jetzt GMX TopMail testen: > http://www.gmx.net/de/go/topmail?ac=OM.GX.GX003K11713T4783a > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- NEU +++ 3DSL von 1&1 mit extra Vorteil für GMX Besteller +++ Jetzt Einführungsangebot sichern: http://www.gmx.net/de/go/dsl -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: Re: [Samba] Samba 3.0.24 + OpenLDAP
Hello, I did it from the same side on a suse 9.3. For me it worked with smpldap-useradd -m . But I had to recognize that some of the steps descriped there did not work on suse and I had to change different things in my ldap.conf and with pam and nss. Did yoe set smbpasswd -w yorldappassword and smbpasswd -a root perhaps you must have a usermap in smbusers root=administrator or just a net rpc grant all rights to root or grant all rights to the group "Domain Admins". See the official howto of the samba package for this greetings daniel Original-Nachricht Datum: Sat, 17 Feb 2007 22:19:04 +0100 Von: Tim Boneko <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: Re: [Samba] Samba 3.0.24 + OpenLDAP [EMAIL PROTECTED] schrieb: > # Adding a User (doesn't work) > smbldap-useradd -a -s /bin/false -c'Test User' -A 1 -N'Test User' test_user I configured my domain by the howto on this website: www.samba-ldap.de Adding users works perfectly without creating a unix account beforehand. It's offline right now, so i can't check if there's an english version of it. Good luck! timbo -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Net groupmap list puzzler
Hi, I think at first you have to do a net groupmap add all the well known Groups. System Operators (S-1-5-32-549) -> -1 Replicators (S-1-5-32-552) -> -1 Guests (S-1-5-32-546) -> -1 Domain Users (S-1-5-21-3732367786-856876144-3282938955-513) -> -1 Domain Admins (S-1-5-21-3732367786-856876144-3282938955-512) -> -1 Power Users (S-1-5-32-547) -> -1 Domain Guests (S-1-5-21-3732367786-856876144-3282938955-514) -> -1 Print Operators (S-1-5-32-550) -> -1 Administrators (S-1-5-32-544) -> -1 Account Operators (S-1-5-32-548) -> -1 Backup Operators (S-1-5-32-551) -> -1 Users (S-1-5-32-545) -> -1 This is my example working with suse groupadd ntadmins groupadd domusers net groupmap add ntgroup=“Domain Admins“ unixgroup=ntadmins rid=512 type=domain net groupmap add ntgroup=“Domain Users“ unixgroup=domusers rid=513 type=domain This case go through all groups you need mapping the groups with the right rid. after done this a net groupmap list must be shown this way: Domain Users (S-1-5-21-3732367786-856876144-3282938955-513) -> domusers Domain Admins (S-1-5-21-3732367786-856876144-3282938955-512) -> ntadmins Domain Guests (S-1-5-21-3732367786-856876144-3282938955-514) -> nobody To grant the rights to the group with the rid 512 "Domain Admins" you gotta do a rpc right grant for this group and set in the global of your smb.conf enable privileges=yes greetings daniel Original-Nachricht Datum: Tue, 20 Feb 2007 13:50:14 -0600 Von: "Craig Jackson" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] Net groupmap list puzzler Hi Dudes, I have a samba Version 3.0.23d that has successfully joined our Server 2003 ADS domain. # wbinfo -u shows the users # wbinfo -g shows the groups And I can chown/grp directories to NT users & groups. However, # net groupmap list only shows Administrators (S-1-5-32-544) -> BUILTIN\administrators Users (S-1-5-32-545) -> BUILTIN\users So if I try to map groups, this is what happens. # net groupmap modify ntgroup="Domain Admins" unixgroup=domadmins # NT Group Domain Admins doesn't exist in mapping DB One other problem. I get permission denied when I try to Modify ACLs. The ext3 file system is mounted with acl and nt acl support = yes is in the share section defined. Please help with a hint. I have Googled and read the Samba Chapter 12/13 on the net command to no avail. Thanks. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] smbldap-populate - failed to add entry: modifications
Hello, did you write the ldap Admin in your smb.conf? did you made a smbpasswd -w yourladpadminpasswort? smbpasswd -a root? This has to be done before populate Original-Nachricht Datum: Mon, 12 Feb 2007 14:10:28 +0700 Von: "bppi" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] smbldap-populate - failed to add entry: modifications hai. i have problem similiar that u have. when i use smbldap populate, it required auth...error code 471 provide pass for root and it says user root doesnt exist please help me -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... Jetzt GMX TopMail testen: www.gmx.net/de/go/mailfooter/topmail-out -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba3 ldap password change
Hello to all, I got samba3 PDC working with ldap. But I' m still wondering how to set important things about the users passwords. The first thing when a user login the first time should be to change his/her password? Where do I set when the passwords expire and how do I set it to 60 days? I do not work mith Microsoft's usrmgr because of Vista clients.I look at my samba/ldap with LDAP Admin. Does someone manage this point with this tool? greetings Daniel -- "Feel free" - 5 GB Mailbox, 50 FreeSMS/Monat ... Jetzt GMX ProMail testen: www.gmx.net/de/go/mailfooter/promail-out -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Fwd: [Samba] Changing LDAP password from Windows XP
Hello, remove the line 'passwd program = /usr/sbin/smbldap-passwd %u' for testing. On my Suse 10.1 I do not need this and m y users can change their passwords. greetings daniel Original-Nachricht Datum: Fri, 2 Mar 2007 11:55:06 -0600 (CST) Von: "Andy Colvin" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] Changing LDAP password from Windows XP I've got a very simple setup with Samba 3.0.24 running on Fedora Core 6, talking to Fedora Directory Server 1.0.4. I've got everything set up so that I can add computers to the domain, add users using the smbldap- tools, and have users logging in. When a user tries to change their password from within Windows (ctrl-alt-del) they get the error "the user name or old password is incorrect. letters in passwords must be typed using the correct case." The strange thing is that the samba passwords (sambalmpassword, sambantpassword) are changed in the LDAP server, but the general account password (userpassword) is not changed. I looked everywhere I could, and couldn't find anything to cause this. I can set passwords just fine using smbldap-passwd and it will set all passwords. Here is a copy of my smb.conf: [global] workgroup = MAIL netbios name = YOURMOM security = user passdb backend = ldapsam:ldap://mail.yourmom.net ldap admin dn = cn=Directory Manager ldap suffix = dc=yourmom,dc=net ldap user suffix = ou=People ldap idmap suffix = ou=People ldap machine suffix = ou=Computers ldap group suffix = ou=Groups ldap passwd sync = yes ldap delete dn = no obey pam restrictions = no encrypt passwords = yes passwd program = /usr/sbin/smbldap-passwd %u add machine script = /usr/sbin/smbldap-useradd -w "%u" log file = /var/log/samba/log.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 os level = 255 domain logons = yes domain master = yes local master = yes preferred master = yes wins support = yes template shell = /bin/false winbind use default domain = no logon path = logon home = [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon read only = yes browseable = no [homes] comment = Home Directories browseable = no read only = no guest ok = no create mode = 0664 directory mode = 0775 Thanks, Andy Colvin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- "Feel free" - 5 GB Mailbox, 50 FreeSMS/Monat ... Jetzt GMX ProMail testen: www.gmx.net/de/go/mailfooter/promail-out -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Administrator on samba server?
First of all did you net groupmap the Groups? Did you net rpc grant rights to the Admin Group? If so: Put the administrator to the DOMAIN ADMINS GROUP on your Samba. Log in as root over your XP CLIENT on Your Samba Domain. Add the Group DOMAIN ADMINS/Yourdomain as Member of Your XP Clients Admin Group. Or add the ADMINISTRATOR/Yourdomain as Member of your XP CLIENTS Admin Group. greetings daniel Original-Nachricht Datum: Fri, 2 Mar 2007 16:39:17 +0100 Von: "max" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] Administrator on samba server? Hi, I've samba 3 running on trustix 2.2. I've added an xp sp2 client without much problems. But now I'm trying to use "administrator" user on this client for administrative purpouses (adding software, printers and so on) and I've realized that, even if in Samba the user "administrator" exists, it isn't recognised by the client as an administrator. When I add an xp client to a real windows server computer, the domain administrator is immediately recognised by the client as administrator of the client itself, with samba this is not. Why? How to fix this? Thanks. Max -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba authentication w/o using /etc/passwd?
Hi, Suse 10.1, Yast, authentication, choose samba greetings daniel Original-Nachricht Datum: Mon, 5 Mar 2007 09:05:19 -0800 Von: Young <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: [Samba] Samba authentication w/o using /etc/passwd? > Hi, > > > Is there a way to configure Samba w/o using /etc/passwd but only Samba's > local password file only? > > I'm looking for a simple way to configure it to avoid using /etc/passwd, > if > there's a way. > > Thanks in advance! > > > - Young > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: RE: Fwd: [Samba] Changing LDAP password from Windows XP
You are with ldap aren`t you. Then you are missing ldap passwd sync = yes. Is your goup mapping correct? Did you made an net rpc grant rights to the group DOMAIN ADMINS? ex:. net -S server -U root%passwordroot rpc rights grant 'DOMAIN\Domain Admins' SeMachineAccountPrivilege Original-Nachricht Datum: Sat, 3 Mar 2007 11:15:42 -0600 (CST) Von: "Andy Colvin" <[EMAIL PROTECTED]> An: samba@lists.samba.org CC: Betreff: RE: Fwd: [Samba] Changing LDAP password from Windows XP > I get a different error if I add "unix password sync = yes" This time it > gives me the error "you do not have permission to change your password" > Everything that I've seen related to this error says to upgrade to 3.0.4, > but I'm running 3.0.24. > > Any ideas? > > Thanks, > > Andy > > > -Original Message- > From: Marcin Giedz [mailto:[EMAIL PROTECTED] > Sent: Saturday, March 03, 2007 10:46 AM > To: Andy Colvin > Cc: samba@lists.samba.org > Subject: Re: Fwd: [Samba] Changing LDAP password from Windows XP > > Daniel Müller wrote: > > Hi > > your smb.conf file seems to be OK, however to be able to sync > sambapasswords with userPassword try to add > > unix password sync = yes > > to your smb.conf > > Regards, > Marcin > > > > > > Hello, > > > > remove the line 'passwd program = /usr/sbin/smbldap-passwd %u' > > for testing. > > On my Suse 10.1 I do not need this and m y users can change their > passwords. > > > > greetings > > daniel > > > > > > > > > > > > > > Original-Nachricht > > Datum: Fri, 2 Mar 2007 11:55:06 -0600 (CST) > > Von: "Andy Colvin" <[EMAIL PROTECTED]> > > An: samba@lists.samba.org > > CC: > > Betreff: [Samba] Changing LDAP password from Windows XP > > > > I've got a very simple setup with Samba 3.0.24 running on Fedora Core 6, > > talking to Fedora Directory Server 1.0.4. I've got everything set up so > > that I can add computers to the domain, add users using the smbldap- > > tools, and have users logging in. When a user tries to change their > > password from within Windows (ctrl-alt-del) they get the error > > > > "the user name or old password is incorrect. letters in passwords > must > > be typed using the correct case." > > > > The strange thing is that the samba passwords (sambalmpassword, > > sambantpassword) are changed in the LDAP server, but the general account > > password (userpassword) is not changed. I looked everywhere I could, > and > > couldn't find anything to cause this. I can set passwords just fine > using > > smbldap-passwd and it will set all passwords. > > > > Here is a copy of my smb.conf: > > > > [global] > > workgroup = MAIL > > netbios name = YOURMOM > > security = user > > passdb backend = ldapsam:ldap://mail.yourmom.net > > ldap admin dn = cn=Directory Manager > > ldap suffix = dc=yourmom,dc=net > > ldap user suffix = ou=People > > ldap idmap suffix = ou=People > > ldap machine suffix = ou=Computers > > ldap group suffix = ou=Groups > > ldap passwd sync = yes > > ldap delete dn = no > > obey pam restrictions = no > > encrypt passwords = yes > > passwd program = /usr/sbin/smbldap-passwd %u > > add machine script = /usr/sbin/smbldap-useradd -w "%u" > > log file = /var/log/samba/log.%m > > socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > os level = 255 > > domain logons = yes > > domain master = yes > > local master = yes > > preferred master = yes > > wins support = yes > > template shell = /bin/false > > winbind use default domain = no > > logon path = > > logon home = > > > > [netlogon] > >comment = Network Logon Service > >path = /var/lib/samba/netlogon > >read only = yes > >browseable = no > > > > [homes] > >comment = Home Directories > >browseable = no > >read only = no > >guest ok = no > >create mode = 0664 > >directory mode = 0775 > > > > > > > > Thanks, > > > > > > > > Andy Colvin > > > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba errors when using windows xp home edition
XP Home cannot logon to any domain. You need to have Professonal to do this.Home has just another behaveour within his network functions. Even You use the shares there could be mistakes. Original-Nachricht Datum: Sat, 24 Mar 2007 22:45:56 +0700 Von: "sato x" <[EMAIL PROTECTED]> An: "Chantal Rosmuller" <[EMAIL PROTECTED]> CC: samba Betreff: Re: [Samba] samba errors when using windows xp home edition > Hi Chantal, > > I don't know what is the real problem you face, but here in my office, we > don't have such problems with users using Win XP HE. All I do is join > their > machine into the PDC (with smbldap-useradd -w; since I use ldap as the > backend) then add their username and smbpassword into the PDC. The > username > and smbpassword should be the same as their local one. Other way, samba > will > ask them to login every time they start to browse the samba share. Good > luck. > > PS. I use samba-3.0.20b-3.3 on OpenSuSE. > > Regards, > > sato > > > On 3/20/07, Chantal Rosmuller <[EMAIL PROTECTED]> wrote: > > > > Hi everyone, > > > > I hope someone can help me with the following problem: > > > > I administer 2 separate networks, each with one samba server (samba > > versions > > are 3.0.14 and 3.0.22) and serveral windows xp professional clients. > There > > were never any problems, but recently one of the employees bought a > laptop > > with windows xp home that he wants to use in both networks. He does not > > log > > on to the domain like other employees but only accesses the shares. He > > complains that office hangs when he is working on an excel sheet that's > on > > the server. I also noticed some errors in te logson both servers, for > > example: > > > > libsmb/cliconnect.c:cli_connect(1330) Error connecting to 192.168.2.236 > > (Operation already in progress) : 1 Time(s) > > > > Or > > > > lib/util_sock.c:write_data(557) write_data: write failure in writing to > > client 192.168.2.236. Error Broken pipe : 1 Time(s) > > > > Can this have something to do with XP home or not logging onto the > domain? > > I > > > > Thanks, regards Chantal > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: https://lists.samba.org/mailman/listinfo/samba > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- "Feel free" - 10 GB Mailbox, 100 FreeSMS/Monat ... Jetzt GMX TopMail testen: www.gmx.net/de/go/mailfooter/topmail-out -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Open Files (MSOFFICE, xls, word) on samba share extreme slow
Dear all, I have a samba 3.2.07 server up and running. All is working fine but W2000 clients have a heavy problem opening files on network shares. Did someone recognized the same behavior and solved it? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] PDC / BDC in a Samba Domain Controller.
Your PDC and BDC must have the same SID, Your BDCs ldap database should be a copy of Your PDCs. Also the BDC should be a slave to the PDCs ldap. So every change in Your PDcs database should change on your BDC. This is quite simple with slurpd. If the PDC now stops the BDC will take over. The users are able to logg in, but to have there shares accesseable you should hve the same shares on PDC and BDC. Write a script when you log on or off to rsync the files of the users. Greetings Daniel On Thu, 26 Mar 2009 11:15:34 -0300, Juan Pablo Michelino wrote: > Hello > I makeing a Domain Controller with Samba (v3.0.33) and LDAP (v2.4). > I will install a PDC in the headquarter and a BDC in the subsidiary of > the company that I work. > The PDC and the BDC will have his own LDAP data base. > I just install the PDC without problems and my next step is to install > the BDC. > I configured the LDAP that work in multi master mode. I made some test > and the LDAP works well. > I need to know if the BDC can write in his local data base. > In other side: Can the BDC acts as PDC when the conection betwen both > servers is broken? I need that the users that works in the subsidiary > can log in and make changes in his profiles (e.g. change his password > and so on) including when the conection with the headquarter is lost. > Below I copy the BDC's smb.conf > Can anyone help me? Thanks. > > # > admin users = manager @"Domain Admins" @administradores > ntlm auth = yes > netbios name = PDC_Rosario > workgroup = SECCO > lanman auth = no > winbind trusted domains only = yes > encrypt passwords = yes > winbind use default domain = yes > server string = BDC > domain logons = yes > > # --- Network Related Options - > > hosts allow = 10.20.0.0/16 10.18.0.0/16 localhost > > # --- Logging Options - > > max log size = 500 > log file = /var/log/samba/%m.log > > # - LDAP Options -- > > ldap passwd sync = yes > ldap admin dn = cn=manager,dc=secco,dc=com,dc=ar > ldap user suffix = ou=People > ldap group suffix = ou=Groups > ldap machine suffix = ou=Computers > ldap suffix = dc=secco,dc=com,dc=ar > > # --- Standalone Server Options --- > > security = user > passdb backend = ldapsam:ldap://127.0.0.1 > > # --- Domain Members Options --- > # --- Domain Controller Options --- > > logon script = login.bat > add machine script = /usr/sbin/smbldap-useradd -w "%u" > delete user script = /usr/sbin/smbldap-userdel "%u" > add group script = /usr/sbin/smbldap-groupadd -p "%g" > add user script = /usr/sbin/smbldap-useradd -m "%u" > > # --- Browser Control Options - > >local master = yes >os level = 65 >domain master = no >preferred master = yes > > #- Name Resolution > >wins support = yes >name resolve order = wins lmhosts bcast > > # --- Printing Options > > # --- Filesystem Options -- > > #== Share Definitions = > > [homes] > > comment = Home Directories > browseable = no > writable = no > root preexec = /etc/samba/mk_sambadir "/home/%u" "%u" "%g" > write list = %S manager > valid users = SECCO\%S SECCO\manager > inherit permissions = yes > force user = %S > force group = @administradores > directory mask = 0700 > create mask = 0700 > > [netlogon] > comment = Network Logon Service > browseable = yes > path = /home/netlogon > guest ok = yes > writable = no > valid users = SECCO\manager %U > write list = llattan > > [shares] > comment = Carpeta del grupo Sistemas > path = /home2/sistemas > valid users = @shares @administradores > browseable = yes > writable = no > write list = @shares_w @administradores > inherit permissions = yes > force user = %U > force group = share > > > # > > > -- > Juan Pablo Michelino -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
AW: [Samba] Question about multiples logins at the same time
If you have a ldap and samba domain there is a way to restrict the login to a single workstation --- Daniel Müller eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-bounces+mueller=tropenklinik...@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik...@lists.samba.org] Im Auftrag von Marcelo Opazo Vivallos Gesendet: Mittwoch, 1. April 2009 02:05 An: samba@lists.samba.org Betreff: [Samba] Question about multiples logins at the same time Hi, Do you have any guideline or variable in Samba in the configuration file it determines that a user can not logging at the same time, in order to avoid same login from different places at the same time. For now, what I plan is to use a startup script that through me like a flag indicating whether logged kick then through some mechanism. I accept all suggestions. Thank you Reggard from Chile -- Marcelo Opazo Vivallos Estudiante de Ing en Informatica Slackware Linux, user #372952. HomePage: http://amarzeck.googlepages.com WebLog: http://amarzeck.blogspot.com Chile. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
AW: [Samba] file locking options in smb.conf
Dear all, It is the same problem with me. I run samba 3.2.8 on suse 10.2 . Now and then we have trouble concerning the home directories writing Word and Excel files. My smb.conf for homes: [homes] ##mit dem preexec befehl wird das userverzeichnis erstellt root preexec=/windows/./userverzeichnis %U root postexec=/windows/./bshares %U comment=Heimatverzeichnis %U msdfs root=yes path= /windows/winuser/%U valid users=%S inherit permissions=yes inherit owner=yes force group= "Domain Users" read only=no create mask= 0750 directory mask=0775 browseable=no hide files=/Desktop.ini/Thumbs.db/lost+found/desktop.ini veto oplock files=/*.pdf/*.PST/*.pst/*.doc/*.xls/*.docx/*.mdb/*.MDB/*.dbf/*.DBF/*.ppt/*. xlsx/ #vfs objects=extd_audit,recycle vfs objects=recycle recycle:exclude= *.tmp,*.temp,*.log,*.ldb,*.TMP,?~$*,~$* recycle:keeptree=Yes recycle:exclude_dir=tmp,temp,profile,.profile recycle:touch_mtime=yes recycle:versions=Yes When the error occurs the word or excel file is suddenly owned mask administrators. And the user changed it cannot save it any more. There are from this moment on many temp files around this files. Only after deleting the admins mask ownership, and the temp files by hand the word, excel files will be Writeable again. On our old samba 2.2.7 still running we do not have this trouble (the same windows versions, the same office versions!!!). --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-bounces+mueller=tropenklinik...@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik...@lists.samba.org] Im Auftrag von Anoop P.A. Gesendet: Mittwoch, 6. Mai 2009 08:36 An: volker.lende...@sernet.de Cc: samba@lists.samba.org Betreff: RE: [Samba] file locking options in smb.conf Hi list, Any body implemented cross protocol file locking before? Any pointer will help me a lot Hi Volker, CIFS -> CIFS locking is not working as expected. It failed for me in following scenario. 1. Opened a share using browser in Win XP machine. 2. Copied a word document (*.doc) to share. 3. Mounted CIFS share in a Ubuntu (8.04 LTS desktop). 4. Opened word document from Ubuntu using openoffice 2.4 5. Tried to open same file in Win XP but it didn't open and got error message "No proper file permission" (I expect word document to open in read only mode). However if I open document first in Win XP and then using Open office working as expected i.e. Document getting opened in read only mode. Thanks Anoop > -Original Message- > From: Volker Lendecke [mailto:volker.lende...@sernet.de] > Sent: Tuesday, May 05, 2009 5:19 PM > To: Anoop P.A. > Cc: samba@lists.samba.org > Subject: Re: [Samba] file locking options in smb.conf > > On Tue, May 05, 2009 at 04:27:30AM -0700, Anoop P.A. wrote: > > Hi Volker, > > > > Thanks for the reply. > > I want basic file locking work as expected. ( i.e. I want to prevent > files from getting corrupted while shared across multiple platforms). > > If some file is opened writing in one client, other clients should not > be able to write in to it. > > > > My server failing in many scenarios, I could explain one of the scenario > as follows. > > > > 1. Opened a share using browser in Win XP machine. > > 2. Mounted same share in a Linux machine through nfs. > > 3. Initiated a 1 GB file transfer to share in windows > > 4. Same time tried to copy a file with same name in nfs share.It asked > to overwrite existing file( I expect it not to start copy as write lock of > that file is being obtained by CIFS client) > > 5. After a while both the transfers finished. MD5SUM showed resultant > file got corrupted. > > No way you will achieve this cross-protocol. Unix just does > not know how to lock a complete file like Windows/CIFS does > using share modes. Your only chance is to only use Samba and > a cifs client file system and ditch NFS and local file > access. > > Volker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba getpeername failed. Error was Transport endpoint is not connected
Dear All, Suse 10.2 Samba 3.2.8 How to get rid off the annoying: Samba getpeername failed. Error was Transport endpoint is not connected. I made iptables I INPUT 1 p tcp dport 445 j DROP and it finished. But this could not be the solution. Since the newer versions of samba this port makes sense and should be used. Did someone solve this? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
WG: [Samba] PDC -> BDC Question
Hello Nick, I do not think it is possible to just copy files like this from one to the other samba. You can do the copy job with rsync or scp. I made a samba PDC and BDC with ldap master ldap slave. So on both servers are the same users Groups etc. Both machines must have the same SID Greetings Daniel -Ursprüngliche Nachricht- Von: samba-bounces+mueller=tropenklinik...@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik...@lists.samba.org] Im Auftrag von Nick Pappin Gesendet: Dienstag, 23. Juni 2009 22:52 An: samba@lists.samba.org Betreff: [Samba] PDC -> BDC Question Hi Everyone, I was wondering I am setting up a BDC at another physically separate location on a different subnet, and I am currently working on what files I need to have copied between the computers and which need to be made on each server. The specific question I am dealing with is what TDB files I need to replicate filesystems between the two servers. Below is a list of what the files I see in my samba directory are: account_policy.tdb ntdrivers.tdb ntforms.tdb share_info.tdb group_mapping.ldb ntprinters.tdb registry.tdb wins.dat private/schannel_store.tdb private/secrets.tdb I am wondering first which of these need to be replicated from server to server and which need to be unique to each server? For instance I know that account_policy.tdb can be replicated and needs to be because it holds all of the account policy information. The second thing I am wondering is what does each of these files do? I was hoping that someone could do a brief sentence or two about what each of these files do. Thanks for the help. -- W. Nick Pappin -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Join Windows7 to a Samba 3.2.15 Domain!?
Dear all Is ist possible to join a windows7 pc to a samba 3.2.15 domain? I tried the registry hack: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Para meters] "DomainCompatibilityMode"=dword:0001 "DNSNameResolutionRequired"=dword: And I got succesfull joind to domain. But after a restart I could not login the domain: "the trust relationship between this workstation and the primary domain failed" Is there a workaround? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba 3.2.15 is working with Winows 7 !!!
Hello to all, After a lot of trying this is the solution for all with samba 3.2.15 installed. My Windows 7 client machine joins the domain on the fly with this registry hack. I can logon without errors and all my netlogon scripts are working: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Para meters] "DomainCompatibilityMode"=dword:0001 "DNSNameResolutionRequired"=dword: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters] "Update"="no" "DisablePasswordChange"=dword: "MaximumPasswordAge"=dword:001e "RequireSignOrSeal"=dword:0001 "RequireStrongKey"=dword:0001 "SealSecureChannel"=dword:0001 "SignSecureChannel"=dword:0001 Greatings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] smbd4winsr-1.0.6-29.src.rpm high cpu load
Hello to all, I compiled the source of smbd4wins on a suse 10.2 machine successful. On the same machine there is a samba server ver. 3.0.31. The wins is working but after a couple of days it has a high cpu load which is steadily growing and then the system hangs and I need to restart it: top - 15:11:15 up 6 days, 7:07, 2 users, load average: 0.20, 0.25, 0.29 Tasks: 311 total, 2 running, 309 sleeping, 0 stopped, 0 zombie Cpu(s): 0.2%us, 15.6%sy, 0.0%ni, 83.7%id, 0.5%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 4136680k total, 2519308k used, 1617372k free, 167832k buffers Swap: 2104472k total, 32k used, 2104440k free, 1446936k cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 24741 root 25 0 347m 343m 1304 R 42 8.5 50:49.67 smbd4wins 8742 root 15 0 5512 2068 1376 R0 0.0 0:00.28 top 1 root 15 0 740 288 240 S0 0.0 0:01.37 init 2 root RT 0 000 S0 0.0 0:01.86 migration/0 3 root 34 19 000 S0 0.0 0:00.00 ksoftirqd/0 4 root RT 0 000 S0 0.0 0:00.01 migration/1 5 root 34 19 000 S0 0.0 0:00.00 ksoftirqd/1 6 root RT 0 000 S0 0.0 0:00.92 migration/2 7 root 34 19 000 S0 0.0 0:00.00 ksoftirqd/2 8 root RT 0 000 S0 0.0 0:00.00 migration/3 9 root 34 19 000 S0 0.0 0:00.00 ksoftirqd/3 10 root 10 -5 000 S0 0.0 0:00.07 events/0 11 root 10 -5 000 S0 0.0 0:00.01 events/1 12 root 10 -5 000 S0 0.0 0:00.06 events/2 13 root 10 -5 000 S0 0.0 0:00.03 events/3 14 root 10 -5 000 S0 0.0 0:00.00 khelper 15 root 17 -5 000 S0 0.0 0:00.00 kthread And there are a dozen of smbd4wins when I do a ps -A 13124 ?00:00:00 smbd4wins 13125 ?00:00:00 smbd4wins 13126 ?00:00:00 smbd4wins 13127 ?00:00:00 smbd4wins 13128 ?00:00:00 smbd4wins 13129 ?00:00:00 smbd4wins 13130 ?00:00:00 smbd4wins 13131 ?00:00:00 smbd4wins 13132 ?00:00:00 smbd4wins 13133 ?00:00:00 smbd4wins 13134 ?00:00:00 smbd4wins 13135 ?00:00:00 smbd4wins 13136 ?00:00:00 smbd4wins 13137 ?00:00:00 smbd4wins 13138 ?00:00:00 smbd4wins 13139 ?00:00:00 smbd4wins 13140 ?00:00:00 smbd4wins 13141 ?00:00:00 smbd4wins 13142 ?00:00:00 smbd4wins 13143 ?00:00:00 smbd4wins 13144 ?00:00:00 smbd4wins 13145 ?00:00:00 smbd4wins 13146 ?00:00:00 smbd4wins 13147 ?00:00:00 smbd4wins 13148 ?00:00:00 smbd4wins 13149 ?00:00:00 smbd4wins 13150 ?00:00:00 smbd4wins 13151 ?00:00:00 smbd4wins 13152 ?00:00:00 smbd4wins 13153 ?00:00:00 smbd4wins 13154 ?00:00:00 smbd4wins 13155 ?00:00:00 smbd4wins 13156 ?00:00:00 smbd4wins 13157 ?00:00:00 smbd4wins 13158 ?00:00:00 smbd4wins 13159 ?00:00:00 smbd4wins 13160 ?00:00:00 smbd4wins 13161 ?00:00:00 smbd4wins 13162 ?00:00:00 smbd4wins 13163 ?00:00:00 smbd4wins 13164 ?00:00:00 smbd4wins 13165 ?00:00:00 smbd4wins 13166 ?00:00:00 smbd4wins 13167 ?00:00:00 smbd4wins 13168 ?00:00:00 smbd4wins 13169 ?00:00:00 smbd4wins 13170 ?00:00:00 smbd4wins 13171 ?00:00:00 smbd4wins 13172 ?00:00:00 smbd4wins 13173 ?00:00:00 smbd4wins 13174 ?00:00:00 smbd4wins 13175 ?00:00:00 smbd4wins Do you have an idea Greetings Daniel Müller Tropenklinik Paul-Lechler-Krankenhaus [EMAIL PROTECTED] 07071 206 463 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba performance copying files to windows too slow
Hello to all, I have a problem when copying files from my shares on samba3.031 (Suse10.2) to win-xp clients. The transfer is extremly slow. My smb.conf: [global] Read raw=yes Write raw=yes Socket options=TCP_NODELAY IPTOS_LOWDELAY I tried SO_RCVBUF and SO_SNDBUF this made transfer impossible and so did max xmit too. Can You help me? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Windows vista ultimate samba 3.0.31
Hello to all I have setup samba 3.0.31 as PDC successful with xp clients. Now I have a vista ultimate pc which I cannot join to the domain. The error message when I try to join to the domain is: The Domain is unavailable or the connection could not be established. What I've done so far: Run secpol.msc --> Local Plicies-->Security Options -->Lan Manager authentication level-->changed it to: LM and NTLM- use NTLMV2 session security if negotiated. Had someone did the trick?? Greetings Daniel Müller Tropenklinik Paul-Lechler-Krankenhaus [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] WG: Windows vista ultimate samba 3.0.31
I found the solution: I tried the srvmgr tool from microsoft to get connected to my samba 3 domain (from an XP client). And this tool told me the same "There is no PDC found for your domain. You may go on but but your rights may be Restricted." As I logged on I saw that both my PDC and BDC where BDCs. I stopped my BDC. Logged on to my PDC and remembering that I had also smbd4wins running on the same machine I restarted smbd4wins and then samba and everithing worked fine. I could join the vista client to the domain on the fly. -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:[EMAIL PROTECTED] Gesendet: Montag, 18. August 2008 15:00 An: 'samba@lists.samba.org' Betreff: Windows vista ultimate samba 3.0.31 Hello to all I have setup samba 3.0.31 as PDC successful with xp clients. Now I have a vista ultimate pc which I cannot join to the domain. The error message when I try to join to the domain is: The Domain is unavailable or the connection could not be established. What I've done so far: Run secpol.msc --> Local Plicies-->Security Options -->Lan Manager authentication level-->changed it to: LM and NTLM- use NTLMV2 session security if negotiated. Had someone did the trick?? Greetings Daniel Müller Tropenklinik Paul-Lechler-Krankenhaus [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] universal netlogon script
Hello Brad, If you are in linux/unix try a root preexec when the users login there home directories. Example: [home] root preexec=/your Path to/your script %U. In this script make a directory for all the links(if it does not exist).In it make a ln -s for all other directories that the user should have access. And the tousand mapped shares are gone. >From now on your users will find their directories for example all under the directory data in the home-share. Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Brad C Gesendet: Mittwoch, 3. September 2008 15:05 An: samba@lists.samba.org Betreff: [Samba] universal netlogon script Hi Guys, Advise, I have 200 users, they all have access to 20 shares in different combinations. They all have their own netlogon scripts... its a management nightmare, is there a way to create a universal netlogon script that I can include all the shares to mount and it will silently fail on the ones it cant? Perhaps there is a smarter way to implement this idea, lynching is welcome, so is advice. Brad -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] XP Client sees two files with same name.
Hello, I have the same problem on debian Xp showing me not only files but whole directories two times on Several xp Clients Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Andrea Venturoli Gesendet: Samstag, 6. September 2008 11:57 An: samba@lists.samba.org Betreff: [Samba] XP Client sees two files with same name. Hello. I'm running 3.0.32 on FreeBSD 6.3/i386 sharing some folders to Windows clients. From an XP client I sees a particular file two times in the same folder (same identical name, same size, same dates, ecc...); I double-checked on the server and from there I only see it once. Where should I start looking into this? Could this be a samba problem? Or rather a Windows one? bye & Thanks av. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] rcsmbd4wins smaba 3.031 infinite error loop sys_gethosbyname:Unknown host
Hello to all , I have successfully installed smbd4wins on my suse 10.2 . Everything is working well but a error in my rcsmbd4wins.log telling m in a endless loop: lib/util.c:330 :interpret_addr()] sys_gethostbyname:Unknown host.HOSTNAME Now the HOSTNAME wins is complaining is no more in action and the address is gone. Can someone help me? Any Idee? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Samba LDAP entries for Password Change
Hello, This must be set in LDAP: sambaPwdCanChange=1 ;or you will never be asked to change your password sambaPwdLastSet=0 sambaPwdMustChange=0; on my Suse this must be set too try it out for your machine And how you' ve been told the sambaMaxPwdAge must be set. Greetings Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Jorge Concha C. Gesendet: Dienstag, 16. September 2008 23:36 An: Albrecht Dreß; samba@lists.samba.org Betreff: Re: [Samba] Samba LDAP entries for Password Change Hi... sorry for my bad english. > - when a new account is created, the user immediately must change the > password when [s]he first logs in; > - after that, the password shall expire after x days. sambaMaxPwdAge = number of seconds (60 x 60 x 24 x nDays) sambaPwdLastSet = set to '0' at create the account. good luck Jorge C. On Tue, 16 Sep 2008 10:27:53 -0400, Albrecht Dreß <[EMAIL PROTECTED]> wrote: > Hi all, > > I have a question regarding the enforced change of passwords in Samba > 3.0.28 (coming with Ubuntu Hardy) in connection with a LDAP backend. In > particular, I am looking for a documentation how the fields > sambaMinPwdAge, sambaMaxPwdAge (from sambaDomain), sambaPwdCanChange and > sambaPwdMustChange (from sambaSAMAccount) interact. > > I would like to have the following: > - when a new account is created, the user immediately must change the > password when [s]he first logs in; > - after that, the password shall expire after x days. > > Unfortunately, I tried a number of combinations without success. > Everything seems to be controlled by the sambaMaxPwdAge setting (seconds > relative to sambaPwdLastSet when the password must be changed?), and the > other entries seem to be irrelevant? > > Any documentation/pointer would be welcome! > > Thanks, Albrecht. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- Using Opera's revolutionary e-mail client: http://www.opera.com/mail/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Strange!!! Clients only log on to samba bdc
Hello to all, My samba servers are doing strange things . Ive set up a smba-ldap as PDC and another as BDC. Everything was ok until last week. Suddenly all clients log on to my BDC not longer to the PDC. Testparm didn t show any changes the PDC results Server role=ROLE_DOMAIN_PDC and the BDC Server role=ROLE_DOMAIN_BDC. I put the os level of the PDC to 240 and the BDCs to 86 nothing changed. I also changed the Preferred master to no. How can I force the xp and vista clients only to log on to the PDC? Greetings Daniel Müller Tropenklinik Paul-Lechler-Krankenhaus [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Strange!!! Clients only log on to samba bdc
Is there nothing to solve the problem ? -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Daniel Müller Gesendet: Mittwoch, 17. September 2008 08:20 An: samba@lists.samba.org Betreff: [Samba] Strange!!! Clients only log on to samba bdc Hello to all, My samba servers are doing strange things . Ive set up a smba-ldap as PDC and another as BDC. Everything was ok until last week. Suddenly all clients log on to my BDC not longer to the PDC. Testparm didn t show any changes the PDC results Server role=ROLE_DOMAIN_PDC and the BDC Server role=ROLE_DOMAIN_BDC. I put the os level of the PDC to 240 and the BDCs to 86 nothing changed. I also changed the Preferred master to no. How can I force the xp and vista clients only to log on to the PDC? Greetings Daniel Müller Tropenklinik Paul-Lechler-Krankenhaus [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: WG: [Samba] Strange!!! Clients only log on to samba bdc
When I stop the BDC all clients log on to the PDC. And to my confusion when I restarted the BDC today and made a testparm on both PDC and BDC both showd role domain pdc --> Server role: ROLE_DOMAIN_PDC Here my smb.confs: PDC: [global] security=user smb ports = 139 logon script = logon.bat logon path = \\%L\%U\profile\%U logon drive = S: domain logons = Yes os level = 254 preferred master = Yes domain master = Yes wins server = 192.168.135.150 #this is a smbd4wins server running on the same machine BDC: [global] security=user smb ports = 139 logon script = logon.bat logon path = \\%L\%U\profile\%U logon drive = S: domain logons = Yes os level = 65 preferred master = Yes domain master = No wins server = 192.168.135.150 -Ursprüngliche Nachricht- Von: Michael Heydon [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 18. September 2008 09:46 An: [EMAIL PROTECTED] Cc: samba@lists.samba.org Betreff: Re: WG: [Samba] Strange!!! Clients only log on to samba bdc Daniel Müller wrote: > Suddenly all clients log on to my BDC not longer to the PDC. > What happens if the BDC is unavailable (You could simulate this by setting up iptables rules to drop all traffic from a given workstation)? The way I understand it, workstations will use what ever DC is "closest" to them. If the PDC is taking longer to respond or something then they may consider the BDC to be the best choice. *Michael Heydon - IT Administrator * [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] remote samba connection
Hello, of corse it is! You need a dyndns adress and a router in your office that will forward dyndns to your linux box. Example1: on which is running davenport: http://davenport.sourceforge.net/. Configure davenport to fit your needs On Your XP Client you should install novell s netdrive. Example2: on a html basis- http://prdownloads.sourceforge.net/[..]bclient/smbwebclient-2.9.php.gz?d ownload Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Bahadir Tonguc / Supramar Gesendet: Montag, 22. September 2008 21:09 An: samba@lists.samba.org Betreff: [Samba] remote samba connection dear friends, I have just installed Samba on my Ubuntu machine in the office and could successfully connect from WinXP within the office network. As you might have guessed, Vista computers all failed to connect to Samba. The problem or the question is; would it still be possible for me to access the shared folder on the Ubuntu machine from my XP laptop from home ??? Ubuntu pc has static IP however when I try to connect using "start > run > \\xxx.yyy.zzz.aa\" it failed to connect. Is there a way to connect from home to office? Thanks for all your assistance Regards Bahadir Tonguc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: WG: [Samba] Strange!!! Clients only log on to samba bdc
Ist there no one concerning this behaviour? I did my setup following the man pages. There must be a serious bug in samba 3.031. Daniel -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 18. September 2008 10:11 An: 'samba@lists.samba.org' Betreff: WG: WG: [Samba] Strange!!! Clients only log on to samba bdc When I stop the BDC all clients log on to the PDC. And to my confusion when I restarted the BDC today and made a testparm on both PDC and BDC both showd role domain pdc --> Server role: ROLE_DOMAIN_PDC Here my smb.confs: PDC: [global] security=user smb ports = 139 logon script = logon.bat logon path = \\%L\%U\profile\%U logon drive = S: domain logons = Yes os level = 254 preferred master = Yes domain master = Yes wins server = 192.168.135.150 #this is a smbd4wins server running on the same machine BDC: [global] security=user smb ports = 139 logon script = logon.bat logon path = \\%L\%U\profile\%U logon drive = S: domain logons = Yes os level = 65 preferred master = Yes domain master = No wins server = 192.168.135.150 -Ursprüngliche Nachricht- Von: Michael Heydon [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 18. September 2008 09:46 An: [EMAIL PROTECTED] Cc: samba@lists.samba.org Betreff: Re: WG: [Samba] Strange!!! Clients only log on to samba bdc Daniel Müller wrote: > Suddenly all clients log on to my BDC not longer to the PDC. > What happens if the BDC is unavailable (You could simulate this by setting up iptables rules to drop all traffic from a given workstation)? The way I understand it, workstations will use what ever DC is "closest" to them. If the PDC is taking longer to respond or something then they may consider the BDC to be the best choice. *Michael Heydon - IT Administrator * [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: WG: [Samba] Strange!!! Clients only log on to samba bdc
This is the strange thing I have set on the BDC Security=user Domain logons=yes Domain master= no <--- not yes!!! Os level=190 Preferred master=no And when I do a testparm it results Role Domain PDC???!! -Ursprüngliche Nachricht- Von: Alex Harrington [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 24. September 2008 09:25 An: [EMAIL PROTECTED]; samba@lists.samba.org Betreff: RE: WG: [Samba] Strange!!! Clients only log on to samba bdc > Ist there no one concerning this behaviour? > I did my setup following the man pages. > There must be a serious bug in samba 3.031. As I understand it, clients will prefer logging on to a BDC over a PDC, and then use whichever responds quickest, so certainly all the clients should not be logging in to one box or other - and probably least likely to log on to the PDC of the two options. I know that we see about a 60/40 split logins to BDC/PDC. I don't think you should have domain master = yes set on the BDC. Here's the settings from my BDC [global] netbios name = CORE02 server string = Longhill BDC (%v,%h) workgroup = LONGHILL interfaces = 10.108.1.8/255.255.255.0 name resolve order = host bcast wins os level = 65 domain master = no domain logons = yes local master = no preferred master = no guest ok = yes wins server = 10.108.1.32 Hope that helps Alex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: WG: [Samba] Strange!!! Clients only log on to samba bdc
This is the global section of my PDC: [global] workgroup = tuepdc.local netbios name = tuepdc enable privileges = yes bind interfaces only=true interfaces = 192.168.135.143/24 127.0.0.0/8 socket address= 192.168.135.255 profile acls=Yes hosts allow=127.0.0.1 192.168.133.0/24 192.168.134.0/24 192.168.132.0/24 192.168.135.0/24 hosts deny=0.0.0.0/0 server string = tuepdc.local MasterServer %v admin users=root, administrator, vollmar encrypt passwords = Yes ldap passwd sync = Yes passwd program = /usr/local/sbin/smbldap-passwd -u %u ##debugging and logging log level = 0 vfs:[012] log file=/system/log/%U.%m.log syslog = 0 max log size = 3000 time server = Yes read raw=yes write raw=yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-15 display charset=ISO8859-15 logon script = logon.bat logon drive = S: #logon home = \\%L\homes nur fuer winxx me logon path= #logon path = \\%L\%U\profile\%U security=user domain logons = Yes domain master = Yes browse list=true os level = 254 preferred master = Yes wins support = no #neuer wins server auf der virtuellen ip auf tuepdc eth0:2 wins server=192.168.135.150 #wins proxy=yes dns proxy=yes host msdfs=yes smb ports = 139 passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=tuepdc,dc=local ldap suffix = dc=tuepdc,dc=local ldap group suffix = ou=Groups ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap idmap suffix = ou=Users add user script = /usr/local/sbin/smbldap-useradd -A 1 -B 1 -m -k /dummy "%u" delete user script = /usr/local/sbin/smbldap-userdel -r "%u" add machine script = /usr/local/sbin/smbldap-useradd -w "%u" add group script = /usr/local/sbin/smbldap-groupadd -p "%g" delete group script = /usr/local/sbin/smbldap-groupdel "%g" add user to group script = /usr/local/sbin/smbldap-groupmod -m "%u" "%g" delete user from group script = /usr/local/sbin/smbldap-groupmod -x "%u" "%g" set primary group script = /usr/local/sbin/smbldap-usermod -g '%g' '%u' idmap uid=15000-2 idmap gid=15000-2 ldap ssl=no #vista compatibility client lanman auth=no client ntlmv2 auth=yes load printers = Yes create mask = 0640 directory mask = 0750 nt acl support = Yes map acl inherit= Yes printing = cups printcap name = cups deadtime = 10 guest account = nobody map to guest = Bad User dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd ; to maintain capital letters in shortcuts in any of the profile folders: preserve case = yes short preserve case = yes case sensitive = no And here ist the BDC s: [global] workgroup = tuepdc.local netbios name = tuebdc enable privileges = yes interfaces = 192.168.135.144/24 127.0.0.0/8 bind interfaces only=true profile acls=Yes hosts allow=127.0.0.1 192.168.133.0/24 192.168.134.0/24 192.168.132.0/24 192.168.135.0/24 hosts deny=0.0.0.0/0 large readwrite=no max xmit=166644 server string = tuebdc.local BackupServer %v admin users=root, administrator, vollmar encrypt passwords = Yes ldap passwd sync = Yes passwd program = /usr/local/sbin/smbldap-passwd -u %u ##debugging and logging log level = 0 vfs:[012] log file=/system/log/%U.%m.log syslog = 0 max log size = 3000 time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-15 display charset=ISO8859-15 logon script = logon.bat logon drive = S: #logon home = \\%L\homes nur fuer winxx me logon path= #logon path = \\%L\%U\profile\%U security=user #security=domain domain logons = Yes domain master = No #muß als pdc auf yes gesetzt werden os level = 190 preferred master =no wins support = no wins server=192.168.135.150 dns proxy=yes host msdfs=yes smb ports=139 passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=admin,dc=tuepdc,dc=local
WG: [Samba] vista cannot connect to samba
What is Your samba version? If above 3.02 In Your smb.conf global section: #vista compatibility client lanman auth=no client ntlmv2 auth=yes Next on your vista business or higher Go to your networkcenter an put recognize network(netzwerkerkennung) to on. -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von James Gesendet: Mittwoch, 24. September 2008 22:28 Cc: samba@lists.samba.org Betreff: Re: [Samba] vista cannot connect to samba On Wed, September 24, 2008 4:20 pm, Bahadir Tonguc / Supramar wrote: > Dear friends, > > > I have installed Samba on our Ubuntu pc at the office and XP computers > can easily connect while Vista machines insistently do not see the server > to connect. > > Any suggestions? Read this: http://www.linux-watch.com/news/NS4434907782.html > > > Regards > Bahadir > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] vista cannot connect to samba
It's the same for the networkcenter. You should then be able to see the network -Ursprüngliche Nachricht- Von: Bahadir Tonguc / Supramar [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 25. September 2008 08:50 An: [EMAIL PROTECTED] Betreff: Re: [Samba] vista cannot connect to samba Thanks but using Vista Home unfo.. what to do now? - Original Message - From: "Daniel Müller" <[EMAIL PROTECTED]> To: Sent: Thursday, September 25, 2008 9:43 AM Subject: WG: [Samba] vista cannot connect to samba What is Your samba version? If above 3.02 In Your smb.conf global section: #vista compatibility client lanman auth=no client ntlmv2 auth=yes Next on your vista business or higher Go to your networkcenter an put recognize network(netzwerkerkennung) to on. -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von James Gesendet: Mittwoch, 24. September 2008 22:28 Cc: samba@lists.samba.org Betreff: Re: [Samba] vista cannot connect to samba On Wed, September 24, 2008 4:20 pm, Bahadir Tonguc / Supramar wrote: > Dear friends, > > > I have installed Samba on our Ubuntu pc at the office and XP computers > can easily connect while Vista machines insistently do not see the server > to connect. > > Any suggestions? Read this: http://www.linux-watch.com/news/NS4434907782.html > > > Regards > Bahadir > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Create user home directory or user-own folder on sambaserver on first login to samba
Hello In the [homes] section at first with root preexec=/path/to/script Ex: [homes] Root preexec=/scripts/./firstlogon In the firstlogon this could be: #!/bin/bash #probe if $1=user exist and his home share If test -d /users/$1 Then #write only to log file Echo "$1 User and Share exist" >> /somewhere/logfile #if not exist make it Else Mkdir /users/$1 Chmod -R 700 /users/S1 Chown -R $1:"Domain Users" /users/$1 Echo "made /users/$1" >> /somewhere/logfile Fi This is my way suite it to your needs Greetings Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Ðóñàêîâ Äåíèñ Gesendet: Dienstag, 21. Oktober 2008 12:08 An: samba@lists.samba.org Betreff: [Samba] Create user home directory or user-own folder on sambaserver on first login to samba Hello, I'd like to create user home directory or user-own folder on samba server on first login to samba without using PAM, so how could I do this? Thank you, Denis -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Application settings saving for PDC.
Beware of that If all of Your users have the same outlook version this can be done. But if one single one does have another version and is logging on from another workstation outlook is broken. I realized the stuff with kixtart pref files and all the same outlook version. Greetings Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Adam Williams Gesendet: Donnerstag, 30. Oktober 2008 14:39 An: Brent Clark Cc: samba@lists.samba.org Betreff: Re: [Samba] Application settings saving for PDC. by default, windows does not copy the Local Settings directory in the profile to the roaming profile server. Options are to edit ntuser.ini for each user and take out the Local Settings directory, or read pages 210-212 of samba 3 by example.pdf on how to hack the registry for each user to redirect .PST files. Brent Clark wrote: > Hiya > > Im new to setting up a PDC for Samba, and there is just something I > was hoping to know about PDC in general. > > First off I got my PDC working (Thanks to the Oreilly Samba book), and > I can log in and out my two test desktops. > > Therefore the test files / folders created on the desktop, do get > copied to the profile, so everything works hunky dory. > > The question I now would like to know about is application setting etc > (e.g. mail clients). > > So for my senario test, if I create and set an account for my outlook > and I log out, why is that on my other test workstation, the settings > are not saved on the profile and / or carried across. > > My gf works at a bank and she tells me that when they move > workstations, that have too redo the account setting for outlook. > > Would someone be able to help me understand this, or am I doing > something wrong with samba, or why is this the case. > > TIA > > Regards > Brent Clark -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Samba 3.0.28a PDC and Vista Clients
Did you have profile files written? With Xp it is profiles.V2. I made my profile-path reside in the home directories of the users And it worked on the fly Ex: [homes] path=/windows/winuser/%U [profiles] path=/windows/winuser/%U/profile Greetings Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Jason Waters Gesendet: Dienstag, 4. November 2008 15:17 An: samba@lists.samba.org Betreff: [Samba] Samba 3.0.28a PDC and Vista Clients I'm trying to get my samba PDC to work with Vista clients. I'm thinking it's because of NTLMv2. I would rather not disable that on the clients if possible. I tried: client ntlmv2 auth = yes in the config file but that didn't work. I can login to the domain but it doesn't see my profile. But I know it works because after I'm logged in I navigate to my profile path and I can write/delete to that directory. Any ideas? Do I need more in my smb.conf? Thanks for your help. Jason Waters -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] share folder for each user
Hello, very simple set the profiles path [global] to :logon path= and in your [homes] section valid users=%U Daniel On Sat, 8 Nov 2008 10:42:07 +0330, "Mohammad Reza Hosseini" <[EMAIL PROTECTED]> wrote: > hello > we have an ldap server and a samba pdc; but our problem is that we don't > want to have a roaming profile but we want that each user have his own > place > on the server that could be accessible every where but not to other users. > any help? > > thanks. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
WG: [Samba] Still working on a Member Server
For me getting a member server to work I did not need winbind just ldap was sufficient. Did you made the trust account? Getent group and passwd must give you all users and groups. You must be able to chmod domainuser:domaingroup on your Member Server. What I recognized is that the member server with samba 3.028 is much to slow. It takes too long if you try to connect over My Network Places. This bug I could not solve. Greetings Daniel -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von [EMAIL PROTECTED] Gesendet: Freitag, 14. November 2008 03:21 An: samba@lists.samba.org Betreff: [Samba] Still working on a Member Server Going through the examples and reading through the wiki's I still have not found exactly what I was looking for in matching uid's and gid's. using samba samba3-3.0.32-36 We currently have a domain controller Samba/LDAP PDC. samba-3.0.20b-1 Previous member servers samba-3.0.10-1.4 and I went to add a member server. Now I find that users and groups don't match. So from previous postings I have surmised that this has all changed and to get uid's and gid's to match across member servers you need to install an LDAP server on each Member Server and then use this as the backend for that system. So what I have seen thus far the idmap uid = idmap gid = have not effect on the outcome of uid's and gid's on the server anymore. I have tried /etc/nsswitch.conf passwd files winbind shadow files groupfiles winbind and then tried passwdfile ldap shadow file ldap group file ldap Using winbind would give me groups, but not what I was expecting. I would get no info on users or groups for the domain. Using ldap I would receive no precursor for users or groups using wbinfo or getent, but the users and groups would show up. The uid and gid had no correlation to idmap uid or idmap gid. Nov 13 19:36:35 IET0245Q slapd[25398]: <= bdb_equality_candidates: (sambaGroupType) index_param failed (18) Nov 13 19:36:35 IET0245Q slapd[25398]: daemon: select: listen=8 active_threads=0 tvp=NULL Nov 13 19:36:35 IET0245Q slapd[25398]: <= bdb_equality_candidates: (sambaSIDList) index_param failed (18) Nov 13 19:36:35 IET0245Q last message repeated 4 times Nov 13 19: [global] unix charset = LOCALE workgroup = GUM netbios name = GUM01B_TEST security = DOMAIN username map = /etc/samba/smbusers log level = 10 syslog = 0 log file = /var/log/samba/samba2.log smb ports = 139 name resolve order = wins bcast hosts printcap name = /etc/printcap domain master = No wins server = 192.168.1.239 ldap admin dn = cn=Manager,dc=GUM,dc=COM; ldap group suffix = ou=Group; ldap idmap suffix = ou=Idmap; ldap machine suffix = ou=Computers ; ldap suffix = dc=GUM,dc=COM ; ldap user suffix = ou=People; idmap backend = ldap://192.168.1.245 idmap uid = 1-2 ; idmap gid = 1-2 ; winbind enum users = Yes winbind enum groups = Yes winbind trusted domains only = Yes [GUMSHARE] comment = GUMSHARE path = /RAIDDEVICE/GUMSHARE username = GUM+user1,@"GUM+Domain Users" read list = GUM+user1, "@GUM+Domain Users" write list = "@GUM+Domain Users" read only = No create mask = 0774 security mask = 0774 force security mode = 0770 directory mask = 02777 directory security mask = 0770 force directory security mode = 0770 inherit permissions = Yes hide unreadable = Yes veto oplock files = /GUM.*/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Run script ON SAMBA host - then client log in.
Hello, in the [homes] section You need at fist root preexec= yourscript within this script you can handle smb vars greetings Daniel --- EDV Daniel Müller Leitung Edv Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-bounces+mueller=tropenklinik...@lists.samba.org [mailto:samba-bounces+mueller=tropenklinik...@lists.samba.org] Im Auftrag von Proskurin Kirill Gesendet: Donnerstag, 18. Dezember 2008 08:49 An: samba Betreff: [Samba] Run script ON SAMBA host - then client log in. Hello all. If it is possible to run script on samba host then client logon? I need run script on every client login and add as variable to this script clients login name and IP. -- Best regards, Proskurin Kirill -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Configure samba to serv ldap users and non ldap users?
Hello to all, I am running an older suse 8.2 PC with samba 2.27a. I configured suse to work as an ldap client (the ldapserver runs on another machine) . Getent passwd and getent group gives me all the ldap users and groups and this users and groups can take ownership of files and folders. Is there a way to make my samba recognize ldap users and groups with pam in /etc/pam.d/samba file, witout having to change the [global] section? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Weird samba pdc problem.
Hello, I had a problem similar to yours. Did you join the machine to the new domaine? If it is a xp client klick windows+R, type : control keymgrl.dll. Purge all entries. This should help a bit. Greetings --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Donny Brooks Gesendet: Dienstag, 20. Juli 2010 17:05 An: samba@lists.samba.org Betreff: [Samba] Weird samba pdc problem. Hello, We have been running a samba pdc with LDAP backend setup here at work since "before my time" (a few years now). Recently it has became necessary to move a handful of users to their own server for shares, profiles, and such to reduce the load on the primary server. Of these users, all moved just fine with the exception of one user. All the users that were moved are using windows xp. I updated all their profile paths in ldap, removed their logon scripts from the primary machine, edited the logon scripts on the new machine to point to the proper machine and share, and even ran the unix2dos on the logon scripts for good measure. I even compared the non-working persons ldap entry to one of the working ones and they are identical expect the name and personal stuff. So here it is a week later and 3 of the 4 users are pulling their profiles, my documents, and shares from the new server with little intervention on my part. It is that last one that has me stumped. His machine refuses to pull his profile from the new machine and won't pull his my documents (we redirect them as the R: drive). Instead it tries to pull form the old machine and sees there is no profile so instead loads the local copy instead. I have removed the logon script, removed the folders for his profile and such and restarted the samba and ldap service about a dozen times to no avail. I even made sure his machine was powered completely down to ensure it isn't just hibernating and keeping settings in memory. I am at a loss why this one user is giving me such issues. And of course it would be the head of the section I am doing the server for. Any help or pointers would be much appreciated. Donny B. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 phyton-dns error
Dear all, I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and DNS working as wanted. There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: Traceback (most recent call last): File "/usr/sbin/samba_dnsupdate", line 40, in ? samba.ensure_external_module("dns", "dnspython") File "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", line 321, in ensure_external_module sys.modules[modulename] = __import__( TypeError: __import__() takes no keyword arguments Starting samba I M single: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): /usr/local/samba/sbin/samba_dnsupdate: File "/usr/local/samba/sbin/samba_dnsupdate", line 40, in ? /usr/local/samba/sbin/samba_dnsupdate: samba.ensure_external_module("dns", "dnspython") /usr/local/samba/sbin/samba_dnsupdate: File "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", line 321, in ensure_external_module /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = __import__( /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no keyword arguments ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED Testing kcctpl_create_intersite_connections Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm What link do I miss. Greetings Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 phyton-dns error
I installed this package, python-dns-1.7.1-1.el5. Restarted Samba4 now the error: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Mike Brady [mailto:mike.br...@devnull.net.nz] Gesendet: Donnerstag, 22. Juli 2010 11:53 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] samba4 phyton-dns error On Thu, 2010-07-22 at 10:49 +0200, Daniel Müller wrote: > Dear all, > > I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and > DNS working as wanted. > There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: > > Traceback (most recent call last): > File "/usr/sbin/samba_dnsupdate", line 40, in ? > samba.ensure_external_module("dns", "dnspython") > File "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", > line 321, in ensure_external_module > sys.modules[modulename] = __import__( > TypeError: __import__() takes no keyword arguments > > Starting samba –I –M single: > > samba version 4.0.0alpha12-GIT-UNKNOWN started. > Copyright Andrew Tridgell and the Samba Team 1992-2010 > samba: using 'single' process model > FIXME: Using new system session for hdb > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/sbin/samba_dnsupdate", line 40, in ? > /usr/local/samba/sbin/samba_dnsupdate: > samba.ensure_external_module("dns", "dnspython") > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", line 321, > in ensure_external_module > /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = > __import__( > /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no > keyword arguments > ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED > Testing kcctpl_create_intersite_connections > > > Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm > What link do I miss. > > Greetings > Daniel > > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > > Daniel I have python-dns-1.7.1-1.el5 installed from EPEL, not python-pydns. Regards Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: samba4 phyton-dns error
Dear all, I skipped the old named of cent 0S 5.5. Build my own package bind 9.6.2. Now bind accepts update-policy ms-self! But samba_dnsupdate turned out: response to GSS-TSIG query was unsuccessful Do I have to grant rights? Or install something more? Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:muel...@tropenklinik.de] Gesendet: Donnerstag, 22. Juli 2010 12:43 An: 'mike.br...@devnull.net.nz' Cc: 'samba@lists.samba.org' Betreff: AW: [Samba] samba4 phyton-dns error I installed this package, python-dns-1.7.1-1.el5. Restarted Samba4 now the error: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space ------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Mike Brady [mailto:mike.br...@devnull.net.nz] Gesendet: Donnerstag, 22. Juli 2010 11:53 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] samba4 phyton-dns error On Thu, 2010-07-22 at 10:49 +0200, Daniel Müller wrote: > Dear all, > > I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and > DNS working as wanted. > There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: > > Traceback (most recent call last): > File "/usr/sbin/samba_dnsupdate", line 40, in ? > samba.ensure_external_module("dns", "dnspython") > File "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", > line 321, in ensure_external_module > sys.modules[modulename] = __import__( > TypeError: __import__() takes no keyword arguments > > Starting samba –I –M single: > > samba version 4.0.0alpha12-GIT-UNKNOWN started. > Copyright Andrew Tridgell and the Samba Team 1992-2010 > samba: using 'single' process model > FIXME: Using new system session for hdb > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/sbin/samba_dnsupdate", line 40, in ? > /usr/local/samba/sbin/samba_dnsupdate: > samba.ensure_external_module("dns", "dnspython") > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", line 321, > in ensure_external_module > /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = > __import__( > /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no > keyword arguments > ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED > Testing kcctpl_create_intersite_connections > > > Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm > What link do I miss. > > Greetings > Daniel > > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > > Daniel I have python-dns-1.7.1-1.el5 installed from EPEL, not python-pydns. Regards Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: WG: samba4 phyton-dns error
For all running in the same error: This solved my problem. In smb.conf --> interfaces = eth0 And all is up and running perfect!! Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Daniel Müller Gesendet: Montag, 26. Juli 2010 08:34 An: samba@lists.samba.org Betreff: [Samba] WG: samba4 phyton-dns error Dear all, I skipped the old named of cent 0S 5.5. Build my own package bind 9.6.2. Now bind accepts update-policy ms-self! But samba_dnsupdate turned out: response to GSS-TSIG query was unsuccessful Do I have to grant rights? Or install something more? Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:muel...@tropenklinik.de] Gesendet: Donnerstag, 22. Juli 2010 12:43 An: 'mike.br...@devnull.net.nz' Cc: 'samba@lists.samba.org' Betreff: AW: [Samba] samba4 phyton-dns error I installed this package, python-dns-1.7.1-1.el5. Restarted Samba4 now the error: samba version 4.0.0alpha12-GIT-UNKNOWN started. Copyright Andrew Tridgell and the Samba Team 1992-2010 samba: using 'single' process model FIXME: Using new system session for hdb /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space /usr/local/samba/sbin/samba_dnsupdate: dns_tkey_buildgssquery failed: ran out of space ----------- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Mike Brady [mailto:mike.br...@devnull.net.nz] Gesendet: Donnerstag, 22. Juli 2010 11:53 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] samba4 phyton-dns error On Thu, 2010-07-22 at 10:49 +0200, Daniel Müller wrote: > Dear all, > > I compiled Samba 4.0.0alpha12 successful on my centos 5.5 box. Kerberos and > DNS working as wanted. > There is only a ugly error in dnsupdate. Samba_dnsupdate gives this error: > > Traceback (most recent call last): > File "/usr/sbin/samba_dnsupdate", line 40, in ? > samba.ensure_external_module("dns", "dnspython") > File "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", > line 321, in ensure_external_module > sys.modules[modulename] = __import__( > TypeError: __import__() takes no keyword arguments > > Starting samba –I –M single: > > samba version 4.0.0alpha12-GIT-UNKNOWN started. > Copyright Andrew Tridgell and the Samba Team 1992-2010 > samba: using 'single' process model > FIXME: Using new system session for hdb > /usr/local/samba/sbin/samba_dnsupdate: Traceback (most recent call last): > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/sbin/samba_dnsupdate", line 40, in ? > /usr/local/samba/sbin/samba_dnsupdate: > samba.ensure_external_module("dns", "dnspython") > /usr/local/samba/sbin/samba_dnsupdate: File > "/usr/local/samba/lib/python2.4/site-packages/samba/__init__.py", line 321, > in ensure_external_module > /usr/local/samba/sbin/samba_dnsupdate: sys.modules[modulename] = > __import__( > /usr/local/samba/sbin/samba_dnsupdate: TypeError: __import__() takes no > keyword arguments > ../dsdb/dns/dns_update.c:249: Failed DNS update - NT_STATUS_ACCESS_DENIED > Testing kcctpl_create_intersite_connections > > > Of course I installed following rpm: python-pydns-2.3.4-1.noarch.rpm > What link do I miss. > > Greetings > Daniel > > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > > Daniel I have python-dns-1.7.1-1.el5 installed from EPEL, not python-pydns. Regards Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] HOWTO centOS 5.5 samba4 dns dynamic update
.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.dc._msdcs.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.dc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc node1.tuebingen.tst.loc 389 as _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _ldap._tcp.gc._msdcs.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _ldap._tcp.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _ldap._tcp.pdc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.pdc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.pdc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _gc._tcp.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._tcp.tuebingen.tst.loc. Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 Looking for DNS entry SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._udp.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._udp.tuebingen.tst.loc. Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 No DNS updates needed Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Help on Samba 4
Look at my howto : [Samba] HOWTO centOS 5.5 samba4 dns dynamic update of today in this list --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Amitava Chakraborty Gesendet: Montag, 26. Juli 2010 10:45 An: samba@lists.samba.org Betreff: [Samba] Help on Samba 4 We are trying to install Samba 4 on a RHEL4 update 4 machine and are facing problems. We have downloaded the samba4 tar ball from http://repo.or.cz/w/Samba.git/snapshot/master.tar.gz After untarring it we have done cd source4 ./autogen.sh ./configure But at this stage itself we are getting the following error: /root/Samba/source4/wscript: error: Traceback (most recent call last): File "/root/Samba/buildtools/bin/.waf-1.5.17-164170d221747ffbb50f4a8b9ccc2b2a/waf admin/Utils.py", line 198, in load_module exec(compile(code,file_path,'exec'),module.__dict__) File "/root/Samba/source4/wscript", line 11, in ? import wafsamba, Options, samba_dist, Scripting File "../buildtools/wafsamba/wafsamba.py", line 53 @conf ^ SyntaxError: invalid syntax Can anybody kindly help us? Regards Amitava CAhkraborty -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] WG: HOWTO centOS 5.5 samba4 dns dynamic update
c190._msdcs.tuebingen.tst.loc. Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _kerberos._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.dc._msdcs.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.dc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.dc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc node1.tuebingen.tst.loc 389 as _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.e67cd6da-dbd0-492d-96e2-2dc778abaebe.domains._msdcs.tuebingen.tst .loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _ldap._tcp.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _ldap._tcp.gc._msdcs.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _ldap._tcp.gc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _ldap._tcp.pdc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.pdc._msdcs.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.pdc._msdcs.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _gc._tcp.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._tcp.tuebingen.tst.loc. Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 Looking for DNS entry SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._udp.tuebingen.tst.loc. Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._udp.tuebingen.tst.loc. Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 No DNS updates needed Greetings Daniel -
Re: [Samba] HOWTO centOS 5.5 samba4 dns dynamic update
This is a guide to test the functions of Samba4 (nothing with Samba 3.X) on centos 5.5 nothing else. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Nico Kadel-Garcia [mailto:nka...@gmail.com] Gesendet: Montag, 26. Juli 2010 14:05 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: [Samba] HOWTO centOS 5.5 samba4 dns dynamic update On Mon, Jul 26, 2010 at 5:34 AM, Daniel Müller wrote: > For all, > > after I had several problems making samba4 working as it should on > centOs5.5 here is a short guide setting it up to work. > First of all do not install the bind package coming with centos 5.5!! > > Install needs for samba Let me slow you down here. While your guide is useful, there are a couple of important things you're not doing. * You're building this as a root user. Never do this: Configure your $HOME/.rpmmacros to set your rpm build directories to include something like this: %_topdir /home/username/rpm * SRPM's can be rebuilt with the command "rpmbuild --rebuild filename.src.rpm", which also cleans up the mess in your BUILD and SOURCES and SPECS subdirectories left behind. * Recent Fedora RPM's remain an issue to grab on the current CentOS and RHEL releases, due to the recent change in checksum tools. Replacing RHEL published components with recent Fedora ones is... a potential compatibility risk. * Instead of manually installing Samba and losing all that RPM component information, Why not review the SRPM's at http://ftp.sernet.de/pub/samba/3.5/rhel/5/? It's a valuable resource for leading edge Samba RPM's, and you can rebuild Samba cleanly from them to install as RPM's, even if you don't care to use the RPM's there directly. That will report all your build requirements as well, and save deducing them manually. And it gets you away from replacing bind. * I love configuring and using "mock" to build my RPM's, to prevent changes in my development machines libraries from skewing my builds of important software like Samba. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 3.3 with LDAP - How To change passwor from WIndows
You need in your smb.conf : passwd program = /usr/local/sbin/smbldap-passwd -u %u Did you install ldapadmin: http://ldapadmin.sourceforge.net/ ?? In your Ldap-Configuration this have to be set: sambaPwdCanChange = 1 for each user You can find it in ldapadmin edit entry of each user If you have any questions call me Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Götz Reinicke - IT Koordinator Gesendet: Dienstag, 27. Juli 2010 01:21 An: samba@lists.samba.org Betreff: [Samba] samba 3.3 with LDAP - How To change passwor from WIndows Hi, I got my samba PDC / LDAP system to the point, that users can login. But they can't change there password from the windows pc. Can somewone tell me which settings may I check? Or can point me to a how to? The posix password should be changed to. Thanks a lot and best regards! /Götz -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Multiple Workgroups and Subnets
Example On Server1 [global] >workgroup = GROUP1 >netbios name = GROUP1_SRV >domain master = yes >local master = yes >preferred master = yes >os level = 65 >smb ports = 139 >dns proxy = no >socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 >wins support = yes >name resolve order = wins lmhosts bcast host >interfaces = lo eth0 192.168.10.254/24 127.0.0.1/8 >bind interfaces only = yes >remote announce = 192.168.20.254/GROUP1 >remote browse sync = 192.168.20.254 >hosts allow = 127. 192.168.10. 192.168.20. On Server 2 [global] >workgroup = GROUP2 >netbios name = GROUP2_SRV >domain master = yes >local master = yes >preferred master = yes >os level = 65 >smb ports = 139 >dns proxy = no >socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 >wins support = no -> Wins server= IPOFTHESERVER1 <--- >name resolve order = wins lmhosts bcast host >interfaces = lo eth0 192.168.10.254/24 127.0.0.1/8 >bind interfaces only = yes >remote announce = 192.168.10.254/GROUP2 >remote browse sync = 192.168.10.254 > hosts allow = 127. 192.168.10. 192.168.20. --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von t...@tms3.com Gesendet: Dienstag, 27. Juli 2010 23:27 An: Tawanda Kavayi Cc: samba@lists.samba.org Betreff: Re: [Samba] Multiple Workgroups and Subnets Short answer: Use 1 WINS server. > > --- Original message --- > Subject: [Samba] Multiple Workgroups and Subnets > From: Tawanda Kavayi > To: > Date: Tuesday, 27/07/2010 2:01 PM > > Hi, > > I am configuring a network with two subnets with a different workgroup > in each subnet. My aim is to have users being able to view and access > shares on both workgroups. I have a Samba server in each > subnet/workgroup, configured as both the domain and local master for > each workgroup. Each server is also the WINS server for its subnet. > The > setup is like this: > > Subnet1: > network - 192.168.10.0/24 > server IP - 192.168.10.254 > workgroup - Group1 > > Subnet2: > network - 192.168.20.0/24 > server IP - 192.168.20.254 > workgroup - Group2 > > The two servers are configured identically, except for the information > above, so the smb.conf for the Group1 server looks like this: > > [global] >workgroup = GROUP1 >netbios name = GROUP1_SRV >domain master = yes >local master = yes >preferred master = yes >os level = 65 >smb ports = 139 >dns proxy = no >socket options = TCP_NODELAY SO_RCVBUF=8192 > SO_SNDBUF=8192 >wins support = yes >name resolve order = wins lmhosts bcast host >interfaces = lo eth0 192.168.10.254/24 127.0.0.1/8 >bind interfaces only = yes >remote announce = 192.168.20.254/GROUP1 >remote browse sync = 192.168.20.254 >hosts allow = 127. 192.168.10. 192.168.20. > > The problem is that a machine in Group1 can see all the machines in > it's > workgoup, plus the network for Group2 appears in network neighborhood, > but the machines and shares in Group2 do not. > > To troubleshoot, I ran smbtree with debug level 5. What I picked out > from all the output was: > > Cannot find master browser for workgroup GROUP2 > > How can I resolve this? > > > Tawanda > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Multiple Workgroups and Subnets
Yes Group1 Server ist the wins for all --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Tawanda Kavayi [mailto:tawa...@earth.co.zw] Gesendet: Mittwoch, 28. Juli 2010 10:15 An: muel...@tropenklinik.de Cc: t...@tms3.com; samba@lists.samba.org Betreff: Re: AW: [Samba] Multiple Workgroups and Subnets OK, but what of the client PC's in Group2. Do I assign them the Group1 server as their WINS server, or do they now operate without WINS? Tawanda Daniel Müller wrote: > Example > On Server1 > > [global] > >>workgroup = GROUP1 >>netbios name = GROUP1_SRV >>domain master = yes >>local master = yes >>preferred master = yes >>os level = 65 >>smb ports = 139 >>dns proxy = no >>socket options = TCP_NODELAY SO_RCVBUF=8192 >> SO_SNDBUF=8192 >>wins support = yes >>name resolve order = wins lmhosts bcast host >>interfaces = lo eth0 192.168.10.254/24 127.0.0.1/8 >>bind interfaces only = yes >>remote announce = 192.168.20.254/GROUP1 >>remote browse sync = 192.168.20.254 >>hosts allow = 127. 192.168.10. 192.168.20. >> > > > On Server 2 > > > [global] > >>workgroup = GROUP2 >>netbios name = GROUP2_SRV >>domain master = yes >>local master = yes >>preferred master = yes >>os level = 65 >>smb ports = 139 >>dns proxy = no >>socket options = TCP_NODELAY SO_RCVBUF=8192 >> SO_SNDBUF=8192 >>wins support = no >> > -> Wins server= IPOFTHESERVER1 <--- > >>name resolve order = wins lmhosts bcast host >>interfaces = lo eth0 192.168.10.254/24 127.0.0.1/8 >>bind interfaces only = yes >>remote announce = 192.168.10.254/GROUP2 >>remote browse sync = 192.168.10.254 >>hosts allow = 127. 192.168.10. 192.168.20. >> > > > --- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > --- > -Ursprüngliche Nachricht- > Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im > Auftrag von t...@tms3.com > Gesendet: Dienstag, 27. Juli 2010 23:27 > An: Tawanda Kavayi > Cc: samba@lists.samba.org > Betreff: Re: [Samba] Multiple Workgroups and Subnets > > Short answer: Use 1 WINS server. > > > > >> --- Original message --- >> Subject: [Samba] Multiple Workgroups and Subnets >> From: Tawanda Kavayi >> To: >> Date: Tuesday, 27/07/2010 2:01 PM >> >> Hi, >> >> I am configuring a network with two subnets with a different workgroup >> in each subnet. My aim is to have users being able to view and access >> shares on both workgroups. I have a Samba server in each >> subnet/workgroup, configured as both the domain and local master for >> each workgroup. Each server is also the WINS server for its subnet. >> The >> setup is like this: >> >> Subnet1: >> network - 192.168.10.0/24 >> server IP - 192.168.10.254 >> workgroup - Group1 >> >> Subnet2: >> network - 192.168.20.0/24 >> server IP - 192.168.20.254 >> workgroup - Group2 >> >> The two servers are configured identically, except for the information >> above, so the smb.conf for the Group1 server looks like this: >> >> [global] >>workgroup = GROUP1 >>netbios name = GROUP1_SRV >>domain master = yes >>local master = yes >>preferred master = yes >>os level = 65 >>smb ports = 139 >>dns proxy = no >>socket options = TCP_NODELAY SO_RCVBUF=8192 >> SO_SNDBUF=
Re: [Samba] 2008 R2 Failover Clustering using Samba 4 AD
Hello, Setting up a virt Centos Box on Hyper-V is easy, working on the fly. I myself try to do the same only with real machines. One node already running with samba 4 AD alpha 12. The test adding new users And group policies are all well and done. My Howto in the list: HOWTO centOS 5.5 samba4 dns dynamic update The second step will be building the second node witch ads replication on behalf of a second centos 5.5 box. Greetings --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Aggarwal, Ajay Gesendet: Mittwoch, 28. Juli 2010 17:19 An: samba@lists.samba.org Betreff: [Samba] 2008 R2 Failover Clustering using Samba 4 AD I am trying to see if Hyper-V 2008 R2 Failover Clustering will work with Samba 4 as the Active Directory server. Have installed Samba 4 (version alpha12) on CentOS 5.4. Anybody else tried this before? Please share your experiences here. Thanks, Ajay -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 Replication Policies
Hello To all, I set up 2 samba4 dc with replication. All working well users/groupsare in both controllers. But what I am missing are the group-policies I set up on a "ou" basis on the first controller . Are the policies replicated and how? Can I do it manuell?! The folder /usr/local/samba/var/locks/sysvol/tuebingen.tst.loc does only have "Scripts", no "Policies" on my second joined dc. Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need suggestion for domain controller
Hi, why don' t try samba4 . Look at my thread: http://old.nabble.com/HOWTO-centOS-5.5-samba4-dns-dynamic-update-td29264678.html Daniel On Sat, 31 Jul 2010 19:04:11 +0530, masatheesh wrote: > Hi, > > I wish to establish domain controller based on Centos 5.x.I am > considering below setups. > > 1) Samba PDC > 2) OpenLDAP > 3) Combination of Samba PDC + LDAP > > I am confused to select one among above.Can anyone please suggest me? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Beginner setting up samba: NT_STATUS_LOGO N_FAILURE
On Sat, 31 Jul 2010 23:33:12 +0200, thah...@t-online.de (Thomas Hahn) wrote: > Hello, > I am trying to set up samba on this host and testing it locally > is giving me headaches right away. > > t...@hversa:~:~$ smbclient -L localhost -U% > Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.8] > > Sharename Type Comment > - --- > homes Disk Home Directories > print$ Disk Printer Drivers > IPC$IPC IPC Service (hversa server) > e250dn Printer Lexmark printer Ksenia > Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.4.8] > > Server Comment > ---- > HVERSA hversa server > > WorkgroupMaster > ---- > DERU_WICO001 OCHENTA > WORKGROUPHVERSA > > So, there is sth. configured, BUT: > > t...@hversa:/var/log/samba$ smbclient //hversa/tom -d 3 > lp_load_ex: refreshing parameters > Initialising global parameters > rlimit_max: rlimit_max (1024) below minimum Windows limit (16384) > params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" > Processing section "[global]" > added interface eth0 ip=fe80::224:1dff:fedc:c0c1%eth0 > bcast=fe80:::::%eth0 netmask=::::: > added interface eth0 ip=192.168.1.48 bcast=192.168.1.255 > netmask=255.255.255.0 > Client started (version 3.4.8). > Enter tom's password: Hello, did you a smbpasswd -a root? Or are simply the rights wrong for the path:/var/run/samba/ try to chmod or chown. Or set your interfaces in your global section do 127.0.0.1 and your eth0 Greetings Daniel > tdb(unnamed): tdb_open_ex: could not open file > /var/run/samba/gencache.tdb: Permission denied > Connecting to 127.0.0.1 at port 445 > Doing spnego session setup (blob length=58) > got OID=1.3.6.1.4.1.311.2.2.10 > got principal=NONE > Got challenge flags: > Got NTLMSSP neg_flags=0x608a8215 > NTLMSSP: Set final flags: > Got NTLMSSP neg_flags=0x60088215 > NTLMSSP Sign/Seal - Initialising with flags: > Got NTLMSSP neg_flags=0x60088215 > SPNEGO login failed: Logon failure > session setup failed: NT_STATUS_LOGON_FAILURE > > I have googled for the NT_STATUS_LOGON_FAILURE but this didn't help me. > > Any hints please ... > > Thanks Thomas -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] HOWTO centOS 5.5 samba4 dns dynamic update/Replication
record 2 is the new dc in the forest. Now you must update your /usr/local/samba/private/dns/yourzone.list . Copy d6160c39-0810-4026-aa24-91c91797d892 and paste it in yourzone.list. Mine after change: ; -*- zone -*- ; generated by provision.pl $ORIGIN tuebingen.tst.loc. $TTL 1W @ IN SOA @ hostmaster ( 2010072311 ; serial 2D ; refresh 4H ; retry 6W ; expiry 1W ); minimum IN NS node1 IN A192.168.134.27 ; node1IN A192.168.134.27 node2IN A192.168.134.28 #<new dc entry node2. gc._msdcs IN A192.168.134.27 365d2a9f-bfe6-462d-965e-8622bfefc190._msdcs IN CNAMEnode1 d6160c39-0810-4026-aa24-91c91797d892._msdcs IN CNAMEnode2 <---new dc entry here. ; ; global catalog servers _gc._tcpIN SRV 0 100 3268 node1 _gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 node1 _ldap._tcp.gc._msdcsIN SRV 0 100 3268 node1 _ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 node1 _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 node1 ; ; krb5 servers _kerberos._tcp IN SRV 0 100 88 node1 _kerberos._tcp.dc._msdcsIN SRV 0 100 88 node1 _kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 node1 _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 node1 _kerberos._udp IN SRV 0 100 88 node1 ; MIT kpasswd likes to lookup this name on password change _kerberos-master._tcp IN SRV 0 100 88 node1 _kerberos-master._udp IN SRV 0 100 88 node1 ; ; kpasswd _kpasswd._tcp IN SRV 0 100 464node1 _kpasswd._udp IN SRV 0 100 464node1 ; ; heimdal 'find realm for host' hack _kerberos IN TXT TUEBINGEN.TST.LOC (END) Now you have to put two new entries on node1 /usr/local/samba/etc/smb.conf in the global section: dreplsrv:periodic_interval = 10 . dreplsrv:periodic_startup_interval = 5. Then ssh in node2 to /usr/local/samba/etc. net vampire has placed there a smb.conf. There in the global section set this above entries too: dreplsrv:periodic_interval = 10 . dreplsrv:periodic_startup_interval = 5. My globals on node1: [globals] netbios name= NODE1 workgroup = TUEBINGEN realm = TUEBINGEN.TST.LOC server role = domain controller interfaces = 192.168.134.27 dreplsrv:periodic_interval = 10 dreplsrv:periodic_startup_interval = 5 My globals on node2: [globals] netbios name= NODE2 workgroup = TUEBINGEN realm = TUEBINGEN.TST.LOC server role = domain controller dreplsrv:periodic_interval=10 dreplsrv:periodic_startup_interval=5 Then on Both Servers: Restart samba service named restart. rndc flush. A litle bit testing: I put the a user Sammler to my domain using the win7 Domain-Tools: On second server node2 cd /samba4/source4 then: bin/ldbsearch -H ldap://node2 -Uadministrator%password name='sam*' dn # record 1 dn: CN=Sammler sm. Sammler,OU=Keine Systemsteuerung,DC=tuebingen,DC=tst,DC=loc # Referral ref: ldap://tuebingen.tst.loc/CN=Configuration,DC=tuebingen,DC=tst,DC=loc # returned 2 records # 1 entries # 1 referrals --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Daniel Müller [mailto:muel...@tropenklinik.de] Gesendet: Montag, 26. Juli 2010 11:35 An: 'samba@lists.samba.org' Betreff: HOWTO centOS 5.5 samba4 dns dynamic update For all, after I had several problems making samba4 working as it should on centOs5. 5 here is a short guide setting it up to work. First of all do not install the bind package coming with centos 5.5!! Install needs for samba yum install libacl* gnutls* readline* python* gdb* autoconf* Named installation: Here is a description on what to do: http://jason.roysdon.net/2009/10/16/building-bind-9-6-on-rhel5-centos5-for-d nssec-nsec3-support/ The steps, yum -y install make gcc rpm-build libtool autoconf openssl-devel libcap-devel libidn-devel libxml2-devel openldap-devel postgresql-devel sqlite-devel mysql-devel krb5-devel xmlto For named to compile correctly you need this 2 packages too: yum -y install curl* download.fedora.redhat.com/pub/fedora/epel/5/i386/python-dns-1.7.1-1.el5.noa rch.rpm cd /usr/src/redhat/SRPMS wget -c ftp://mirrors.kernel.org/pub/fedora/updates/1
Re: [Samba] Samba4 Replication Policies
This is only an idea. Could it be a way to put the Scripts and the Policies directories on a drbd-disk Active-active to have scripts and policies the same on both dcs? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Daniel Müller Gesendet: Samstag, 31. Juli 2010 10:50 An: samba@lists.samba.org Betreff: [Samba] Samba4 Replication Policies Hello To all, I set up 2 samba4 dc with replication. All working well users/groupsare in both controllers. But what I am missing are the group-policies I set up on a "ou" basis on the first controller . Are the policies replicated and how? Can I do it manuell?! The folder /usr/local/samba/var/locks/sysvol/tuebingen.tst.loc does only have "Scripts", no "Policies" on my second joined dc. Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 alpha12 Home Directory?!
Dear all, I tried to configure home directories in my samb4 conf. I set in my globals: template homedir = /home/%WORKGROUP%/%ACCOUNTNAME% template shell= /bin/bash I added the directory for administrator manually : /home/MYWORKGROUP/administrator Did an entry in smb.conf: [homes] path=%H read only=no This did not work, smbclient gave me: [r...@node1 etc]# smbclient //localhost/homes -Uadministrator Password for [TUEBINGEN\administrator]: Connection to \\localhost\homes failed - NT_STATUS_BAD_NETWORK_NAME Even when I set [home] path=/home/MYWORKGROUP/%U read only=no It is the same result. Any idea to make this work? Daniel EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 alpha12 Home Directory?!
Hi, it worked on the fly. Just another way than on samba3. What about other shares example for groups. Is writelist Still alive in samba4?!!! Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Francis Guslinski Gesendet: Dienstag, 3. August 2010 14:20 An: samba@lists.samba.org Betreff: Re: [Samba] Samba4 alpha12 Home Directory?! Use: [homes] path=/home read only=no Then set ACL permissions in \\server on the share. The user home directory you set in tool Active Directory Users and Groups from administration tools pack. Here works fine in my tests. 2010/8/3 Daniel Müller > Dear all, > > > I tried to configure home directories in my samb4 conf. > I set in my globals: > > template homedir = /home/%WORKGROUP%/%ACCOUNTNAME% > template shell= /bin/bash > > I added the directory for administrator manually : > /home/MYWORKGROUP/administrator > > Did an entry in smb.conf: > > [homes] >path=%H >read only=no > > This did not work, smbclient gave me: > > [r...@node1 etc]# smbclient //localhost/homes -Uadministrator > Password for [TUEBINGEN\administrator]: > Connection to \\localhost\homes failed - NT_STATUS_BAD_NETWORK_NAME > > Even when I set [home] > path=/home/MYWORKGROUP/%U > read only=no > It is the same result. > > Any idea to make this work? > > Daniel > > > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 replication PDC/BDC Status
Dear all, I set up a samba4 dc (S1; provisioned) on a physical machine and a second samba4(S2) on another machine. S2 wa set up without provisioning by replication. Users, groups are well replicated and show up on both DCs. But when I stop S1 my win-clients can logon( I think only cached) but the shares on S2 are not accesible. Error no DC available. Starting S1 again all shares on S2 work well. My Question: Replication to another DC makes only sense if S2 can do the logon when S1 is down. How can I mange that? Is it possible at this stage of samba4 alpha 12?? Is there a HOWTO concerning this action?? Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] HOWTO samba4 centos5.5 named dnsupdate drbd simple failover
ode1 und node2 Now important to make your simple failover work you have to tune your named server on node1: This are the entries for your /usr/local/samba/private/dns/yourdomianzone EX mine : /usr/local/samba/private/dns/tuebingen.tst.loc.zone Change it according your settings: ; -*- zone -*- ; generated by provision.pl $ORIGIN tuebingen.tst.loc. $TTL 1W @ IN SOA @ hostmaster ( 2010080911 ; serial 2D ; refresh 4H ; retry 6W ; expiry 1W ); minimum IN NS node1 IN A192.168.134.27 IN A192.168.134.28 ;192.168.134.28 eingefuegt ; node1IN A192.168.134.27 node2IN A192.168.134.28 gc._msdcs IN A192.168.134.27 13ff0be8-50f6-45b8-858e-9a38872906e0._msdcs IN CNAMEnode1 aaf6380d-162e-4263-86b2-c4119457342c._mscds IN CNAMEnode2 ; ; global catalog servers _gc._tcpIN SRV 0 100 3268 node1 _gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 node1 _ldap._tcp.gc._msdcsIN SRV 0 100 3268 node1 _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 3268 node1 ; ; ldap servers _ldap._tcp IN SRV 0 100 389node1 _ldap._tcp IN SRV 0 100 389node2 _ldap._tcp.dc._msdcsIN SRV 0 100 389node1 _ldap._tcp.dc._msdcsIN SRV 0 100 389node2 _ldap._tcp.pdc._msdcs IN SRV 0 100 389node1 ;von mir eingefuegt _ldap._tcp.pdc._msdcs IN SRV 0 100 389node2 ;ende _ldap._tcp.fac1d707-a9a9-44a2-8b02-4ab6dda8cec7.domains._msdcs IN SRV 0 100 389 node1 _ldap._tcp.fac1d707-a9a9-44a2-8b02-4ab6dda8cec7.domains._msdcs IN SRV 0 100 389 node2 _ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 node1 _ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 node2 _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 node1 _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 node2 ; ; krb5 servers _kerberos._tcp IN SRV 0 100 88 node1 _kerberos._tcp IN SRV 0 100 88 node2 _kerberos._tcp.dc._msdcsIN SRV 0 100 88 node1 _kerberos._tcp.dc._msdcsIN SRV 0 100 88 node2 _kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 node1 _kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 node2 _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 node1 _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 node2 _kerberos._udp IN SRV 0 100 88 node1 _kerberos._udp IN SRV 0 100 88 node2 ; MIT kpasswd likes to lookup this name on password change _kerberos-master._tcp IN SRV 0 100 88 node1 _kerberos-master._tcp IN SRV 0 100 88 node2 _kerberos-master._udp IN SRV 0 100 88 node1 _kerberos-master._udp IN SRV 0 100 88 node2 ; ; kpasswd _kpasswd._tcp IN SRV 0 100 464node1 _kpasswd._tcp IN SRV 0 100 464node2 _kpasswd._udp IN SRV 0 100 464node1 _kpasswd._udp IN SRV 0 100 464node2 ; ; heimdal 'find realm for host' hack _kerberos IN TXT TUEBINGEN.TST.LOC --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 removing a DC from domain!?
I succeeded "Samba4 joining a domain as a DC ". But how remove a samba4 dc again from a samba4 domain? Is there a way without using lbdedit?! Greetings Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need suggestion for domain controller
Why don' t try samba4: My thread on this list: HOWTO samba4 centos5.5 named dnsupdate drbd simple failover --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Jack Downes Gesendet: Montag, 9. August 2010 20:48 An: samba@lists.samba.org Betreff: Re: [Samba] Need suggestion for domain controller The quick solution here is to head over to turnkeylinux.org and use their prebuilt setup to handle this. I've not used it (yet), but if it's as good as their other stuff, it's probably quite nice. Jack On 07/31/10 07:34 AM, masatheesh wrote: > Hi, > > I wish to establish domain controller based on Centos 5.x.I am > considering below setups. > > 1) Samba PDC > 2) OpenLDAP > 3) Combination of Samba PDC + LDAP > > I am confused to select one among above.Can anyone please suggest me? > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba and ms server 2008
Look at my thread: HOWTO samba4 centos5.5 named dnsupdate drbd simple failover --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Rob Townley Gesendet: Dienstag, 10. August 2010 02:59 An: gaiseric.van...@gmail.com Cc: samba@lists.samba.org Betreff: Re: [Samba] samba and ms server 2008 On Mon, Aug 9, 2010 at 2:07 PM, Gaiseric Vandal wrote: > http://wiki.samba.org/index.php/Windows7 > > > I would be pretty sure that if Windows 7 doesn't work with Samba 3.0.x that > Windows 2008 won't either. Rather than compiling samba 3.4 or 3.5 from > source I would go with Fedora Core 11 (samba 3.3.x) or some other more > up-to-date linux distro that has a newer version of samba included. I > wouldn't start anything with 3.0.xx. > > I would (maybe stating the obvious) set up a test environment 1st. I did > start playing with FC13 (samba 3.5)- not sure it behaved properly. I > personally would stick with FC12 which I think had samba 3.4.x included- > since I am pretty familiar with 3.4.x but not 3.5.x. There were definately > some config changes between 3.0.x and 3.4.x (group mapping, domain trusts.) > > > > > On 08/09/2010 02:56 PM, Peter Lawrie wrote: >> >> Hi >> I am about to set up a Centos server with samba and an MS server 2008 for >> a >> new customer. >> The MS server is required because he has an MSSQL application. The samba >> shares will be for everything else. >> I've previously set up centos and redhat servers as domain members with a >> 2003 pdc >> before I get stuck, are there any issues I should worry about with server >> 2008? >> What release of samba should I run? >> Are there any differences in configuration compared with samba3.0.33 which >> comes with centos5.5 >> Peter >> No virus found in this outgoing message. >> Checked by AVG - www.avg.com >> Version: 9.0.851 / Virus Database: 271.1.1/3059 - Release Date: 08/09/10 >> 07:35:00 >> >> > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > If you want to use CentOS, then your best bet would probably be : http://enterprisesamba.com/index.php?id=123 They do have a 64 bit packages, but you have to click on the 386 packages and navigate up and down to see the x86_64 packages. Better yet, simply add this repo file as /etc/yum.repos.d/sernet-samba.repo and then yum install samba3*. Not samba, but samba3 as they name packages differently. http://ftp.sernet.de/pub/samba/3.5/rhel/5/sernet-samba.repo [sernet-samba] name=SerNet Samba Team packages (RedHat Enterprise Linux 5) type=rpm-md baseurl=http://ftp.sernet.de/pub/samba/3.5/rhel/5 enabled=1 gpgcheck=0 Let us know how it goes. Are you using 2008 or 2008R2? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 4 Start Up error
I have this message too on my master samba4 server. Greetings Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von David Gonzalez Gesendet: Donnerstag, 12. August 2010 04:34 An: Samba Betreff: [Samba] Samba 4 Start Up error Hi, Another weird thing I'm seeing on my logs is this message about registering witha rootdse. ldb: ldb_tdb: Unable to register control with rootdse! ldb_wrap open of secrets.ldb My server works "normally", altough I'd like to know what this means. Thanks. --- David Gonzalez H. DGHVoIP - OPEN SOURCE TELEPHONY SOLUTIONS Phone Bogotá: +(57-1)289-1168 Phone Medellin: +(57-4)247-0985 Mobile: +(57)315-838-8326 MSN: da...@planetaradio.net Skype: davidgonzalezh WEB: http://www.dghvoip.com/ Proud Linux User #294661 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba 4 dns-update issue
.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 88 node2.tuebingen.tst.loc. against SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc. Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.Default-First-Site-Name._sites.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 as _gc._tcp.tuebingen.tst.loc. Checking 0 100 3268 node1.tuebingen.tst.loc. against SRV _gc._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 3268 Looking for DNS entry SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._tcp.tuebingen.tst.loc. Checking 0 100 88 node2.tuebingen.tst.loc. against SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._tcp.tuebingen.tst.loc. Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 Looking for DNS entry SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 as _ldap._tcp.tuebingen.tst.loc. Checking 0 100 389 node2.tuebingen.tst.loc. against SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Checking 0 100 389 node1.tuebingen.tst.loc. against SRV _ldap._tcp.tuebingen.tst.loc node1.tuebingen.tst.loc 389 Looking for DNS entry SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 as _kerberos._udp.tuebingen.tst.loc. Checking 0 100 88 node2.tuebingen.tst.loc. against SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Checking 0 100 88 node1.tuebingen.tst.loc. against SRV _kerberos._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 88 Looking for DNS entry SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 as _kpasswd._udp.tuebingen.tst.loc. Checking 0 100 464 node2.tuebingen.tst.loc. against SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 Checking 0 100 464 node1.tuebingen.tst.loc. against SRV _kpasswd._udp.tuebingen.tst.loc node1.tuebingen.tst.loc 464 No DNS updates needed --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Roland de Lepper [mailto:roland.de.lep...@cvis.nl] Gesendet: Mittwoch, 11. August 2010 13:16 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: [Samba] samba 4 dns-update issue I,ve looked at your howto, and it's exactly what I've did too. I also compiled bind after I created the user'named' and added to the group 'named'. I've set the permissions on the files as in your howto, but still no luck. Selinux and the firewall are disabled on the samba-server and the firewall is disabled on the win7 client machine. Kind regards, Roland de Lepper > Look at my thread: HOWTO samba4 centos5.5 named dnsupdate drbd simple > failover > > --- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > --- > > -Ursprüngliche Nachricht- > Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] > Im > Auftrag von Roland de Lepper > Gesendet: Mittwoch, 11. August 2010 09:38 > An: samba@lists.samba.org > Betreff: [Samba] samba 4 dns-update issue > > Hi all, > > I've setup samba4 according to the samba4 wiki on centOS 5.4 in KVM. > This went without any problems. I only had to install a higher version of > bind to 9.6.x because Centos bind in repo will install version 9.3.x. > I've used the Fedora12 source rpms for this to build bind 9.6.x on Centos > 5.4. > > Then I configured bind according to the samba wiki > (http://wiki.samba.org/index.php/Samba4/DN
Re: [Samba] samba 4 dns-update issue
Is this working: samba_dnsupdate --verbose ??? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Roland de Lepper [mailto:roland.de.lep...@cvis.nl] Gesendet: Donnerstag, 12. August 2010 10:09 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: AW: [Samba] samba 4 dns-update issue Yes I did. here is my /etc/named.conf [r...@sambaserver ~]# cat /etc/named.conf // // named.conf // // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS // server as a caching only nameserver (as a localhost DNS resolver only). // // See /usr/share/doc/bind*/sample/ for example named configuration files. // options { listen-on port 53 { 127.0.0.1; 192.168.122.100; }; ## listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; 192.168.122.0/24; }; recursion yes; forwarders { 192.168.122.1; }; tkey-gssapi-credential "DNS/quinox.be"; tkey-domain "QUINOX.BE"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named-samba.conf"; > Did you set a allow query to all your subnets in your named conf?? > Here is mine: > > > > options { > listen-on port 53 { 127.0.0.1;192.168.134.27; };<---imortant put > an > ip > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; 192.168.135.0/24; 192.168.134.0/24; > };<---all your subnets here > recursion yes; > forwarders { 192.168.134.253; }; > > > logging { > channel default_debug { > file "data/named.run"; > severity dynamic; > }; > }; > > zone "." IN { > type hint; > file "named.ca"; > }; > include "/usr/local/samba/private/named.conf";<--- this named.conf must be > named:named, and the file at which it is pointing > to:/usr/local/samba/private/named.conf.update > Also the entry dns.keytab file in /etc/sysconfig/named: > > > [r...@node1 sysconfig]# cat named > # BIND named process options > # > KEYTAB_FILE="/usr/local/samba/private/dns.keytab" > export KEYTAB_FILE > # -- Specify named service keytab file (for GSS-TSIG) > > Make shure named can read and write to it. > > Try in your smb.conf > Interfaces= ip > Ex mine: > > [globals] > netbios name= NODE1 > workgroup = TUEBINGEN > realm = TUEBINGEN.TST.LOC > server role = domain controller > interfaces= 192.168.134.27 > > Make a samba_dnsupdate --verbose: > [r...@node1 sysconfig]# samba_dnsupdate --verbose > Looking for DNS entry A tuebingen.tst.loc 192.168.134.27 as > tuebingen.tst.loc. > Looking for DNS entry A node1.tuebingen.tst.loc 192.168.134.27 as > node1.tuebingen.tst.loc. > Looking for DNS entry CNAME > 02284f45-de16-4125-a795-3b614f540ef7._msdcs.tuebingen.tst.loc > node1.tuebingen.tst.loc as > 02284f45-de16-4125-a795-3b614f540ef7._msdcs.tuebingen.tst.loc. > Looking for DNS entry SRV > _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc > node1.tuebingen.tst.loc 88 as > _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc. > Checking 0 100 88 node2.tuebingen.tst.loc. against SRV > _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc > node1.tuebingen.tst.loc 88 > Checking 0 100 88 node1.tuebingen.tst.loc. against SRV > _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc > node1.tuebingen.tst.loc 88 > Looking for DNS entry SRV > _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc > node1.tuebingen.tst.loc 389 as > _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.tuebingen.tst.loc. > Checking 0 1
Re: [Samba] samba 4 dns-update issue
First of all. If you have a single samba4 server system: Important did you install: download.fedora.redhat.com/pub/fedora/epel/5/i386/python-dns-1.7.1-1.el5.noa rch.rpm Test all your dns conf: host -t SRV _ldap._tcp.your.domain.com EX: [r...@node1 ~]# host -t SRV _ldap._tcp.tuebingen.tst.loc #<--- your doman here _ldap._tcp.tuebingen.tst.loc has SRV record 0 100 389 node1.tuebingen.tst.loc.#<---must give you host -t SRV _kerberos._udp.your.domain.com EX: [r...@node1 ~]# host -t SRV _kerberos._udp.tuebingen.tst.loc _kerberos._udp.tuebingen.tst.loc has SRV record 0 100 88 node1.tuebingen.tst.loc. host -t A nameofteserver.your.domain.com EX: [r...@node1 ~]# host -t A node1.tuebingen.tst.loc node1.tuebingen.tst.loc has address 192.168.134.27 This must work. If not you have a mistake somewhere. Look at you /usr/local/samba/private/named.conf.update. It should look like this: [r...@node1 private]# cat named.conf.update /* this file is auto-generated - do not edit */ update-policy { grant TUEBINGEN.TST.LOC ms-self * A ; grant administra...@tuebingen.tst.loc wildcard * A SRV CNAME TXT; grant nod...@tuebingen.tst.loc wildcard * A SRV CNAME; }; Then at last samba_dnsupdate --verbose must succed with no errors. If you have 2 samba4 server dc-forest. All of the commands are only running on the first-master-dc. Please post the answer of above commands here, and your named.conf, your /etc/sysconfig/named, your samba4-zone-file (in ../private/dns) --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: Roland de Lepper [mailto:roland.de.lep...@cvis.nl] Gesendet: Donnerstag, 12. August 2010 21:05 An: muel...@tropenklinik.de Cc: samba@lists.samba.org Betreff: Re: AW: AW: AW: AW: [Samba] samba 4 dns-update issue Yes I do. Centos 5.5 I do have those two lines in my /etc/sytsconfig/named file. btw. This evening I've installed a new virtual machine and used your howto for the installation of samba4 and DNS. Unfortunatly...I have the same problem again: Aug 12 20:58:34 localhost named[28804]: client 192.168.122.150#54473: update 'quinox.nl/IN' denied This is driving me crazy.I even chmod -R 777 /usr/local/samba/private/dns but also that didn't help. I have installed bind-9.6.2-5. regards, Roland de Lepper > You are running on CentOs? > > Mine keytab file (for GSS-TSIG) > >>> [r...@node1 sysconfig]# cat named >>> # BIND named process options >>> # >>> KEYTAB_FILE="/usr/local/samba/private/dns.keytab" >>> export KEYTAB_FILE >>> # -- Specify named service keytab file (for GSS-TSIG) > > Your: > >> tkey-gssapi-credential "DNS/quinox.be"; >> tkey-domain "QUINOX.BE"; > > --- > EDV Daniel Müller > > Leitung EDV > Tropenklinik Paul-Lechler-Krankenhaus > Paul-Lechler-Str. 24 > 72076 Tübingen > > Tel.: 07071/206-463, Fax: 07071/206-499 > eMail: muel...@tropenklinik.de > Internet: www.tropenklinik.de > --- > > -Ursprüngliche Nachricht- > Von: Roland de Lepper [mailto:roland.de.lep...@cvis.nl] > Gesendet: Donnerstag, 12. August 2010 11:16 > An: muel...@tropenklinik.de > Betreff: Re: AW: AW: AW: [Samba] samba 4 dns-update issue > > Is was working with the same denied message in my log, but after the > changes yesterday, it isn't working anymore: > > [r...@sambaserver sbin]# ./samba_dnsupdate --verbose > Looking for DNS entry A quinox.be 192.168.122.100 as quinox.be. > Traceback (most recent call last): > File "./samba_dnsupdate", line 275, in ? > if not check_dns_name(d): > File "./samba_dnsupdate", line 160, in check_dns_name > ans = resolver.query(normalised_name, d.type) > File "/usr/lib/python2.4/site-packages/dns/resolver.py", line 723, in > query > return get_default_resolver().query(qname, rdtype, rdclass, tcp, > source) > File "/usr/lib/python2.4/site-packages/dns/resolver.py", line 604, in > query > timeout = self._compute_timeout(start) > File "/usr/lib/python2.4/site-packages/dns/resolver.py", line 537, in > _compute_timeout > raise Timeout > dns.exception.Timeout > > > >> Is this working: samba_dnsupdate --verbose ??? >> >> --- >> EDV Daniel Müller >> >> Leitung EDV >> Tropenklinik Paul-Lechler-Krankenhaus >> Paul-Lechler-S