[Samba] Samba 3.0 and RedHat Linux 7.0?
Does the latest Samba 3.0 release still work on redHat 7.0? I really would like to know because after downloading, compiling and installing it, it exits on startup with the following message: /usr/local/samba/bin/smbd: error while loading shared libraries: unexpected reloc type 0x80 Compiled with options: ./configure --sbindir=/usr/local/samba/bin --with-logfilebase=/var/log/samba --with-smbmount --with-pam --with-acl-support My system: RedHat version 7.0 gcc version 2.96 2731 (Red Hat Linux 7.1 2.96-85) Please, can somebody answer this question? Kind regards, Eddie Lania. !DSPAM:3f3fe693214301232614842 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Printing with Samba and Intel Inbusiness printstation?
Hello folks,
Regarding the story below, has there ever been done some effort to acomplish
this?
We use several of these so called windows print stations at work, but
whatever I have tried with samba, cups, etc, I can't get it to work.
Perhaps this is an issue that has allready been solved in the past, but I
couldn't find anything in this direction.
Any help would be appreciated.
Eddie.
---
From: Wim Verhoogt
Subject: Printing on printers connected to Intel InBusiness print
stations
Date: Tue, 17 Jul 2001 18:44:39 +0200
L.S.,
I've been struggling to print with Intel InBusiness print stations. These
stations are labeled as for use with Windows only by Intel.
I found out that they emulate a Windows machine exporting two printer
shares, one for each connector. The NetBIOS name of the stations is the
Device ID, and the shares are //device_id/Printer1 and //device_id/Printer2
I tried to print to these shares with smbclient's print command, but
received various errors.
Some reverse-engineering (tcpdump is your friend :-) ) showed that you have
to specify a remote filename of DEV\LPT1 (or DEV\LPT2 for the 2nd share -
haven't tested that), and that SMB_COM_WRITE (0x0B) must be used to write
to the share. Smbclient uses WRITE_COM_ANDX (0x2F). This doesn't return an
error, but garbles the print data.
I've patched smbclient to support this. I implemented a new option (-H)
which will direct smbclient to write using SMB_COM_WRITE. The put command
can now be used to print to the InBusiness stations. The print command won't
work because it doesn't support specifying a remote filename.With this hack
and a CUPS backend script, my server now exports 3 printers, connected to
these stations, and I'm happy :-)
I was wondering if this new feature of smbclient can be incorporated in the
official SAMBA distribution, so that I don't need to patch smbclient for
each new release. I doubt that the new -H option is the best way to do that,
it just happened to be a quick and easy way to solve my problem.
The patch used was:
--- client.c Fri Jul 6 04:01:20 2001
+++ /home/wim/cvs/samba/source/client/client.c Mon Jul 9 16:33:41 2001
-79,6 +79,7
BOOL prompt = True;
int printmode = 1;
+BOOL inBusiness_hack = False;
static BOOL recurse = False;
BOOL lowercase = False;
-1031,8 +1032,10
DEBUG(0,(Error reading local file: %s\n, strerror(errno) ));
break;
}
-
- ret = cli_write(cli, fnum, 0, buf, nread, n);
+ if (inBusiness_hack)
+ ret = cli_smbwrite(cli, fnum, buf, nread, n);
+ else
+ ret = cli_write(cli, fnum, 0, buf, nread, n);
if (n != ret) {
DEBUG(0,(Error writing file: %s\n, cli_errstr(cli)));
-2415,7 +2418,7
}
while ((opt =
- getopt(argc, argv,s:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:)) !=
EOF) {
+ getopt(argc, argv,s:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:H)) !=
EOF) {
switch (opt) {
case 's':
pstrcpy(servicesf, optarg);
-2571,6 +2574,9
break;
case 'b':
io_bufsize = MAX(1, atoi(optarg));
+ break;
+ case 'H':
+ inBusiness_hack = True;
break;
default:
usage(pname);
--__--__--
Re: Printing with Samba and Intel Inbusiness printstation?
That's propably why Intel has stopped there support on this product :-)))
But hey, who can blame them since Microsoft invented NT (Neanderthaler
Technology).
Eddie.
- Original Message -
From: Christopher R. Hertel [EMAIL PROTECTED]
To: Eddie Lania [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, October 22, 2002 8:16 PM
Subject: Re: Printing with Samba and Intel Inbusiness printstation?
It would be interesting to see the Negotiate Protocol exchange. It sounds
as though the print station is using an older dialect.
Chris -)-
On Tue, Oct 22, 2002 at 08:00:42PM +0200, Eddie Lania wrote:
Hello folks,
Regarding the story below, has there ever been done some effort to
acomplish
this?
We use several of these so called windows print stations at work, but
whatever I have tried with samba, cups, etc, I can't get it to work.
Perhaps this is an issue that has allready been solved in the past, but
I
couldn't find anything in this direction.
Any help would be appreciated.
Eddie.
---
From: Wim Verhoogt
Subject: Printing on printers connected to Intel InBusiness print
stations
Date: Tue, 17 Jul 2001 18:44:39 +0200
L.S.,
I've been struggling to print with Intel InBusiness print stations.
These
stations are labeled as for use with Windows only by Intel.
I found out that they emulate a Windows machine exporting two printer
shares, one for each connector. The NetBIOS name of the stations is the
Device ID, and the shares are //device_id/Printer1 and
//device_id/Printer2
I tried to print to these shares with smbclient's print command, but
received various errors.
Some reverse-engineering (tcpdump is your friend :-) ) showed that you
have
to specify a remote filename of DEV\LPT1 (or DEV\LPT2 for the 2nd
share -
haven't tested that), and that SMB_COM_WRITE (0x0B) must be used to
write
to the share. Smbclient uses WRITE_COM_ANDX (0x2F). This doesn't return
an
error, but garbles the print data.
I've patched smbclient to support this. I implemented a new option (-H)
which will direct smbclient to write using SMB_COM_WRITE. The put
command
can now be used to print to the InBusiness stations. The print command
won't
work because it doesn't support specifying a remote filename.With this
hack
and a CUPS backend script, my server now exports 3 printers, connected
to
these stations, and I'm happy :-)
I was wondering if this new feature of smbclient can be incorporated in
the
official SAMBA distribution, so that I don't need to patch smbclient for
each new release. I doubt that the new -H option is the best way to do
that,
it just happened to be a quick and easy way to solve my problem.
The patch used was:
--- client.c Fri Jul 6 04:01:20 2001
+++ /home/wim/cvs/samba/source/client/client.c Mon Jul 9 16:33:41 2001
@@ -79,6 +79,7 @@
BOOL prompt = True;
int printmode = 1;
+BOOL inBusiness_hack = False;
static BOOL recurse = False;
BOOL lowercase = False;
@@ -1031,8 +1032,10 @@
DEBUG(0,(Error reading local file: %s\n, strerror(errno) ));
break;
}
-
- ret = cli_write(cli, fnum, 0, buf, nread, n);
+ if (inBusiness_hack)
+ ret = cli_smbwrite(cli, fnum, buf, nread, n);
+ else
+ ret = cli_write(cli, fnum, 0, buf, nread, n);
if (n != ret) {
DEBUG(0,(Error writing file: %s\n, cli_errstr(cli)));
@@ -2415,7 +2418,7 @@
}
while ((opt =
- getopt(argc, argv,s:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:)) !=
EOF) {
+ getopt(argc, argv,s:O:R:M:i:Nn:d:Pp:l:hI:EU:L:t:m:W:T:D:c:b:A:H))
!=
EOF) {
switch (opt) {
case 's':
pstrcpy(servicesf, optarg);
@@ -2571,6 +2574,9 @@
break;
case 'b':
io_bufsize = MAX(1, atoi(optarg));
+ break;
+ case 'H':
+ inBusiness_hack = True;
break;
default:
usage(pname);
--__--__--
--
Samba Team -- http://www.samba.org/ -)- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)- ubiqx development,
uninq.
ubiqx Team -- http://www.ubiqx.org/ -)- [EMAIL PROTECTED]
OnLineBook -- http://ubiqx.org/cifs/-)- [EMAIL PROTECTED]
Re: Identifying WinXP
Kris van Hees wrote: Has anyone found a way to identify WinXP as the remote architecture of a client rather than just identifying it as Win2000? From everything I can find it is acting pretty much identical to a Win2000 client, which is a bit of an issue since I really would need to try to make a distinction. Any ideas? Kris Kris, If you are using a client login script, perhaps the cmdinfo.exe tool can be of some assistance. You can find this tool on the internet, doc's too. Eddie.
Usrmgr.exe and Samba 3.0-alpha20.
Hi list, I like the use of the Usermanager for domains for windows. I played a litlle with this tool and noticed that the window95 version doesn't work because the RPC service is unavailable it say's. The NT version does work, altough there are some limitations. My questions at this moment are: - Will there still be support for the usrmgr tools in Samba in the future (considering that samba becomes more and more dc orientated)? - If so, then what will have to be done to be able to add groups and add members to groups through the usrmgr, considering that there is no mechanism (yet) to add a group with usrmgr and be able to define if it is a local or domain group? (This still requires the group to be added in two places where te later is the group mappings tdb which is managed with the smbgroupedit tool). Any comment on this would be welcome. Eddie.
smbgroupedit and ldap groups?
Hi list, Please observe the case below: I download, compile and install Samba 3.0 from cvs. I am using ldap. I have installed the nss_ldap package. I have setup the pam and /etc/nsswitch.conf files as required. etc Now, this is in the smbgroupedit man page: To give access to a certain directory on a domain member machine (an NT/W2K or a samba server running winbind) to some users who are member of a group on your samba PDC, flag that group as a domain group: root# smbgroupedit -a unixgroup -td But what if the group I want to map as a domain group is the Domain Admins group that is in the ldap database? And I want current unix user(s) (in /etc/passwd and /etc/group) to be able to become a member of the Domain Users or Domain Admins global groups? I allready tried the given scenario's (mapping all groups as said in the smbgroupedit man page and make certain users members of them, etc...), but still no luck. At this moment, when a user logs in, his/her primairy gid is still being taken from the /etc/group file and so the user is not indentified as a member of any domain group. Also, the Windows NT UserManager (srvtools) for domains does not work (I think because of this problem e.g. the user is not indentified as a Domain Admin.). The only time I was able to use the NT UserManager was when I logged on as root. I thought this would be solved by Kai's patches, but whatever I try, it still doesn't work here. The more I am expirimenting with it, the more confused I get. Again, any help would be appreciated. Thanks. Eddie.
Re: smbgroupedit and ldap groups?
Hi Metze and list, I am willing to try this, but I thought the admin users parameter primairily is used in the services section and not as a global parameter? So this parameter would only affect rights on a service. Am I right or wrong? Eddie. - Original Message - From: Stefan (metze) Metzmacher [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, October 04, 2002 10:38 AM Subject: Re: smbgroupedit and ldap groups? Also, the Windows NT UserManager (srvtools) for domains does not work (I think because of this problem e.g. the user is not indentified as a Domain Admin.). The only time I was able to use the NT UserManager was when I logged on as root. I thought this would be solved by Kai's patches, but whatever I try, it still doesn't work here. you have to specify the Domain Admins group as 'admin users' if you map 'Domain Admins' to 'domadmins' then admin users = @domadmins But I think the admin users have to go till 3.0 and the 'Domain Admins' and 'Administrators' groups should be used... The more I am expirimenting with it, the more confused I get. Again, any help would be appreciated. Thanks. Eddie. metze -- --- Stefan metze Metzmacher [EMAIL PROTECTED]
Re: smbgroupedit and ldap groups?
Hi Metze and list, Is this the common behaviour when I did it like you told me? I.o.w. is this like it is supposed to behave when I log on as user eddie and am a member of domain admins? Eddie. [2002/10/04 10:59:14, 0, effective(0, 0), real(0, 0)] smbd/service.c:set_admin_user(309) eddie logged in as admin user (root privileges) [2002/10/04 11:01:58, 0, effective(0, 0), real(0, 0)] smbd/service.c:set_admin_user(309) eddie logged in as admin user (root privileges) [2002/10/04 11:01:58, 1, effective(0, 500), real(0, 0)] smbd/service.c:make_connection_snum(681) p1400elania (192.168.168.35) connect to service eddie initially as user eddie (uid=0, gid=500) (pid 31282) [2002/10/04 11:02:02, 1, effective(0, 0), real(0, 0)] smbd/service.c:close_cnum(852) p1400elania (192.168.168.35) closed connection to service eddie [2002/10/04 11:02:19, 0, effective(0, 0), real(0, 0)] smbd/service.c:set_admin_user(309) eddie logged in as admin user (root privileges) [2002/10/04 11:02:19, 1, effective(0, 500), real(0, 0)] smbd/service.c:make_connection_snum(681) p1400elania (192.168.168.35) connect to service eddie initially as user eddie (uid=0, gid=500) (pid 31282) [2002/10/04 11:03:06, 0, effective(0, 0), real(0, 0)] smbd/service.c:set_admin_user(309) eddie logged in as admin user (root privileges) [2002/10/04 11:03:06, 1, effective(0, 500), real(0, 0)] smbd/service.c:make_connection_snum(681) p1400elania (192.168.168.35) connect to service eddie initially as user eddie (uid=0, gid=500) (pid 31282) [2002/10/04 11:03:52, 1, effective(0, 0), real(0, 0)] smbd/service.c:close_cnum(852) p1400elania (192.168.168.35) closed connection to service eddie [2002/10/04 11:04:03, 1, effective(0, 0), real(0, 0)] smbd/service.c:close_cnum(852) p1400elania (192.168.168.35) closed connection to service eddie - Original Message - From: Stefan (metze) Metzmacher [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, October 04, 2002 10:38 AM Subject: Re: smbgroupedit and ldap groups? Also, the Windows NT UserManager (srvtools) for domains does not work (I think because of this problem e.g. the user is not indentified as a Domain Admin.). The only time I was able to use the NT UserManager was when I logged on as root. I thought this would be solved by Kai's patches, but whatever I try, it still doesn't work here. you have to specify the Domain Admins group as 'admin users' if you map 'Domain Admins' to 'domadmins' then admin users = @domadmins But I think the admin users have to go till 3.0 and the 'Domain Admins' and 'Administrators' groups should be used... The more I am expirimenting with it, the more confused I get. Again, any help would be appreciated. Thanks. Eddie. metze -- --- Stefan metze Metzmacher [EMAIL PROTECTED]
Re: Fw: smbgroupedit and ldap groups?
Metze, you are correct. I was using HEAD. I recompiled 3.0alpha20 and now it is working. Thanks. Eddie. - Original Message - From: Stefan (metze) Metzmacher [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, October 04, 2002 11:34 AM Subject: Re: Fw: smbgroupedit and ldap groups? And BTW, the UserManager for domains still doesn't work after this addition. Eddie. current HEAD or alpha20 and what error? for me alpha20 works fine but HEAD can't get some local groups and exit. metze -- --- Stefan metze Metzmacher [EMAIL PROTECTED]
Samba 3.0 and swat.
Hi, In my smb.conf the next fields are all filled in properly: ldap suffix = dc=elton-intra,dc=net ldap machine suffix = ou=Computers,dc=elton-intra,dc=net ldap user suffix = ou=Users,dc=elton-intra,dc=net ldap admin dn = cn=Manager,dc=elton-intra,dc=net ldap ssl = no However, on the Swat global page the fields all are blank. Also, the advanced and developer view doesn't seem to work on this page. There is no button to change the view. Has anyone else noticed this? Eddie.
[PATCH] sam backend parameter
Well, I'm starting to think our syntax is just getting too complex. All the 'solutions' for putting 'domain' in there just look ugly! Some poor admin has to construct this line, and even if they don't use multidomain stuff (and that's almost everybody), then have to read the doco that attempts to explain it. I think we should remove the DOMAIN bit compleatly, and allow backends to store both their own SID and thier domain name. If they don't 'know' it, then they can either chose the default, or use a 'parametric option' to specify it. What about using the WORKGROUP parameter as the default domain vallue? And an extra parameter like multiple domain support = False|DOMAIN1,DOMAIN2,etc? It's just an idea, I am not a developper myself tough. Eddie.
register_message_flags: tdb_fetch failed
Does somebody knows what is causing this problem?
[2002/10/01 09:32:28, 1, effective(500, 500), real(0, 0)]
smbd/ipc.c:api_fd_reply(284)
api_fd_reply: INVALID PIPE HANDLE: 76e3
[2002/10/01 09:32:30, 1, effective(500, 500), real(0, 0)]
smbd/service.c:make_connection_snum(681)
192.168.168.35 (192.168.168.35) connect to service eddie initially as user
eddie (uid=500, gid=500) (pid 30099)
[2002/10/01 09:32:44, 1, effective(0, 0), real(0, 0)]
smbd/service.c:close_cnum(852)
192.168.168.35 (192.168.168.35) closed connection to service eddie
[2002/10/01 09:39:29, 0, effective(0, 0), real(0, 0)]
lib/util_sock.c:read_socket_data(418)
read_socket_data: recv failure for 4. Error = Connection reset by peer
[2002/10/01 09:39:54, 0, effective(0, 0), real(0, 0)]
smbd/service.c:make_connection(830)
192.168.168.35 (192.168.168.35) couldn't find service c
[2002/10/01 09:40:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:40:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:40:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:40:47, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:41:57, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:41:57, 0, effective(0, 0), real(0, 0)]
smbd/service.c:make_connection(830)
192.168.168.35 (192.168.168.35) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2002/10/01 09:41:59, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:42:01, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:42:01, 0, effective(0, 0), real(0, 0)]
smbd/service.c:make_connection(830)
192.168.168.35 (192.168.168.35) couldn't find service
::{2227a280-3aea-1069-a2de-08002b30309d}
[2002/10/01 09:42:29, 1, effective(500, 500), real(0, 0)]
smbd/service.c:make_connection_snum(681)
192.168.168.35 (192.168.168.35) connect to service eddie initially as user
eddie (uid=500, gid=500) (pid 30146)
[2002/10/01 09:42:39, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 09:43:18, 1, effective(0, 0), real(0, 0)]
smbd/service.c:close_cnum(852)
192.168.168.35 (192.168.168.35) closed connection to service eddie
[2002/10/01 13:33:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 13:33:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 13:33:17, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 13:34:16, 0, effective(500, 500), real(0, 0)]
smbd/connection.c:register_message_flags(212)
register_message_flags: tdb_fetch failed
[2002/10/01 15:25:10, 1, effective(500, 500), real(0, 0)]
smbd/ipc.c:api_fd_reply(284)
api_fd_reply: INVALID PIPE HANDLE: 74f2
[2002/10/01 15:25:12, 1, effective(500, 500), real(0, 0)]
smbd/service.c:make_connection_snum(681)
192.168.168.35 (192.168.168.35) connect to service eddie initially as user
eddie (uid=500, gid=500) (pid 31898)
[2002/10/01 15:25:20, 1, effective(0, 0), real(0, 0)]
smbd/service.c:close_cnum(852)
192.168.168.35 (192.168.168.35) closed connection to service eddie
Eddie.
Re: Groups in ldap and /etc/group?
- Original Message - From: Mike Brady [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, September 28, 2002 10:20 PM Subject: Re: Groups in ldap and /etc/group? Eddie The answer to this really depends on what it is that you are trying to do and how you want to manage your site. Which comes back to people and processes more than anything else. Strictly speaking Samba use of LDAP and Unix use of LDAP for user account data have absolutely nothing to do with one another. For instance, you could quite easily have Samba data in LDAP and Unix data in NIS. The tie between the two for users is the username and for groups is the group_mapping.tdb file. The smbldap-tools (we are talking about he Idealx tools right?) assume that a solution design decision has been made to store both Unix and Samba user account data in LDAP and do what is necessary to support this. If then you are trying to do things the Idealx way (and I currently am) and use the smbldap-tools package, then you are correct, in that existing Unix users in /etc/passwd who also need to use Samba will need to have their Unix account data moved to LDAP. I haven't needed to look at doing this myself, but here are a couple of ideas. 1) Create the user with smbldap-useradd and then use something else to change the uidNumber attribute (and what ever alse needs changing) to the current /etc/passwd values. If you are just testing a few users, use an LDAP browser to do it by hand. I use gq. If you are looking at a lot of users write a script to do it. Delete the user from passwd, shadow and group files as required when you are ready. Ok, but what about the user his/her group that normally is the same number as his/her uid? Would that then be permanently changed to a Domain Group? Or should the group also be moved from /etc/group to ldap? Is it wise to change a unix user his/her group to a different group? (At this moment I wouldn't know why this should not be possible, but maybe anyone else has a good reason?) Eddie.
Groups in ldap and /etc/group?
Hello, Using smbgroupedit, should I link groups to ldap groups, those in /etc/group (if I also would define them in there) or both? Or none? (If using ldap) Eddie.
Compile warnings.
Samba 3.0, compiled on RedHat 7.0 (up to date), 28 September 2002 08:05 CET. Warnings: Compiling smbd/mangle_hash2.c smbd/mangle_hash2.c: In function `cache_insert': smbd/mangle_hash2.c:172: warning: assignment makes pointer from integer without a cast smbd/mangle_hash2.c: In function `is_mangled': smbd/mangle_hash2.c:263: warning: initialization makes pointer from integer without a cast Compiling libsmb/clispnego.c libsmb/clispnego.c: In function `spnego_gen_negTokenTarg': libsmb/clispnego.c:330: warning: passing arg 1 of `krb5_get_ticket' discards qualifiers from pointer target type Compiling passdb/secrets.c passdb/secrets.c: In function `secrets_fetch': passdb/secrets.c:61: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_store': passdb/secrets.c:77: warning: assignment discards qualifiers from pointer target type passdb/secrets.c:79: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_delete': passdb/secrets.c:93: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_lock_trust_account_password': passdb/secrets.c:218: warning: passing arg 2 of `tdb_lock_bystring' discards qualifiers from pointer target type passdb/secrets.c:220: warning: passing arg 2 of `tdb_unlock_bystring' discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_get_trusted_domains': passdb/secrets.c:509: warning: assignment makes pointer from integer without a cast passdb/secrets.c: In function `secrets_named_mutex': passdb/secrets.c:610: warning: passing arg 1 of `tdb_set_lock_alarm' discards qualifiers from pointer target type Compiling lib/util_str.c lib/util_str.c: In function `str_list_make': lib/util_str.c:1160: warning: passing arg 3 of `next_token' discards qualifiers from pointer target type Compiling lib/util.c lib/util.c: In function `smb_xstrndup': lib/util.c:1832: warning: initialization makes pointer from integer without a cast Compiling lib/gencache.c lib/gencache.c: In function `gencache_get': lib/gencache.c:248: warning: initialization makes pointer from integer without a cast lib/gencache.c: In function `gencache_iterate': lib/gencache.c:303: warning: assignment makes pointer from integer without a cast Compiling libads/ldap.c libads/ldap.c: In function `ads_do_paged_search': libads/ldap.c:405: warning: passing arg 2 of `str_list_copy' from incompatible pointer type libads/ldap.c: In function `ads_do_search': libads/ldap.c:631: warning: passing arg 2 of `str_list_copy' from incompatible pointer type Compiling libads/ldap_printer.c libads/ldap_printer.c: In function `ads_mod_printer_entry': libads/ldap_printer.c:80: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:96: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:99: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type Compiling libads/kerberos.c libads/kerberos.c: In function `kerberos_kinit_password': libads/kerberos.c:80: warning: passing arg 6 of `krb5_get_init_creds_password' discards qualifiers from pointer target type Compiling utils/net_ads.c utils/net_ads.c: In function `net_ads_printer_info': utils/net_ads.c:722: warning: passing arg 4 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_publish': utils/net_ads.c:774: warning: assignment discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_remove': utils/net_ads.c:812: warning: assignment discards qualifiers from pointer target type Compiling utils/net_rpc_join.c utils/net_rpc_join.c: In function `net_rpc_join_ok': utils/net_rpc_join.c:65: warning: passing arg 1 of `secrets_fetch_trust_account_password' discards qualifiers from pointer target type
Samba 3.0 and ldap setup?
Hello everyone, Following the discussions on this list, I am getting a little confused now. Which configure string do I have to use when I want to setup Samba on a RedHat 7.0 system with ldap? What I have done so far is: Downloaded samba from cvs. ,/configure --sbindir=/usr/local/samba/bin --with-logfilebase=/var/log/samba 3 --with-pam --with-krb5=/usr/kerberos --with-smbmount --with-acl-support make make install So far so good. Everything up and running. But when I add a new group to the ldap database by using the smb-ldaptools, the new group is added properly but not useable in samba, it doesn't show up anywhere and smbgroupedit doesn't display it either. Please help! Thanks. Eddie.
Re: Samba 3.0 and UserManager? (solved)
Kai, Thank you, it works exactly like you told me. Loggin in as root from a workstation works for usermgr. Eddie. - Original Message - From: Kai Krueger [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, September 26, 2002 11:21 AM Subject: Re: Samba 3.0 and UserManager? - Original Message - From: Eddie Lania [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 8:47 PM I haven't got this to work altough I have read several mails now on this list of people that seem to have it working. I was wondering how this should be done. I can start UserManager for windows NT and see the accounts and groups, but whenever I try to open one of them I get a permission denied. This is a known bug. It was introduced about two months ago if I remember correctly. It however only affects users other than root that are in the BUILTIN\Administrators group of the samba PDC. So not many people will have noticed it. Please, can somebody help me? If it is the bug I'm thinking of, then there are three solutions to it: 1) Use the user root (it must be added to passdb) to administer with usrmgr 2) Apply a patch I've appended 3) wait till Andrew Bartlet has applied the patch to HEAD The preferred solution is using the root user on the windows machines. Currently only root has write access to the sam. With the two other solutions, you will be able to open your users in usrmgr, but not change anything. Once the new sam subsystem is in place, all members of the Administrators groups should be able to administer the sam, but that is no where near ready yet. Eddie. Kai
Re: Samba 3.0 and UserManager?
Does this also removes the bug that causes the user password time settings being changed, even when the cancel button is pressed in usermgr? - Original Message - From: Andrew Bartlett [EMAIL PROTECTED] To: Kai Krueger [EMAIL PROTECTED] Cc: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, September 26, 2002 3:32 PM Subject: Re: Samba 3.0 and UserManager? Kai Krueger wrote: - Original Message - From: Eddie Lania [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 8:47 PM I haven't got this to work altough I have read several mails now on this list of people that seem to have it working. I was wondering how this should be done. I can start UserManager for windows NT and see the accounts and groups, but whenever I try to open one of them I get a permission denied. This is a known bug. It was introduced about two months ago if I remember correctly. It however only affects users other than root that are in the BUILTIN\Administrators group of the samba PDC. So not many people will have noticed it. 3) wait till Andrew Bartlet has applied the patch to HEAD Applied. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
Re: Roadmap to 3.0
Look here for more information to see what I am talking about: http://www.kixtart.org BTW, it is widely used in a lot of production environments. Eddie. - Original Message - From: Richard Sharpe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 9:40 AM Subject: Re: Roadmap to 3.0 On Wed, 25 Sep 2002 [EMAIL PROTECTED] wrote: On Wed, Sep 25, 2002 at 07:45:36AM +0200, Eddie Lania wrote: Loadable RPC implementations yes o o o Does this mean that it will support KIXTART as well? I've yet to see a good definition of what KIXTART needs, so I can't say if we will support it. I suspect that it has something to do with being violent towards prostitutes. Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Re: Roadmap to 3.0
On Windows XP it doesn't work properly, or it must be that I have some misconfigured settings. These are some of the error messages I get in the apllication log: - UserGetLocalGroups failed Error : Toegang geweigerd. (0x5/5). - GetPrimaryGroup failed Error : Er is geen toewijzing uitgevoerd tussen accountnamen en beveiligings-ID's. (0x534/1332). Also, KiXtart indetifies me as Guest user when I log in from the XP box, while I am an Administrator. For the rest it works ok here too. Eddie. - Original Message - From: Mike Brady [EMAIL PROTECTED] To: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 8:55 AM Subject: Re: Roadmap to 3.0 I have done some very basic testing with login scripts using KIXTART on 3.0Alpha19 from an NT4 Workstation and all that I did worked. By basic I mean testing for Domain Group memberships, enumerating group membership etc, nothing fancy. On Wed, 25 Sep 2002 18:39, Eddie Lania wrote: Look here for more information to see what I am talking about: http://www.kixtart.org BTW, it is widely used in a lot of production environments. Eddie. - Original Message - From: Richard Sharpe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: Eddie Lania [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 9:40 AM Subject: Re: Roadmap to 3.0 On Wed, 25 Sep 2002 [EMAIL PROTECTED] wrote: On Wed, Sep 25, 2002 at 07:45:36AM +0200, Eddie Lania wrote: Loadable RPC implementations yes o o o Does this mean that it will support KIXTART as well? I've yet to see a good definition of what KIXTART needs, so I can't say if we will support it. I suspect that it has something to do with being violent towards prostitutes. Regards - Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
Samba 3.0 and UserManager?
I haven't got this to work altough I have read several mails now on this list of people that seem to have it working. I was wondering how this should be done. I can start UserManager for windows NT and see the accounts and groups, but whenever I try to open one of them I get a permission denied. Please, can somebody help me? Eddie.
Windows NT PDC and Samba PDC cross subnet browsing?
Hello, I have been searching for answers now more then a week, but I cannot find a proper solution. Please help me with this: Scenario: Two differnet subnetted networks (1 and 2)connected by a cipe tunnel between two linux Samba boxes over the internet. On network one (1) is a Windows NT PDC installed which currently is the DMB for it's domain (1). On network two (2) one of the linux Samba tunnelboxes is a Samba PDCwhich currently is the DMB for it's domain (2). WINS is installed on the NT server on network one (1). I can ping all the computers from every subnet. Every other command like "net view", nbtstat, etc works from every peer to every peer on both subnets. I configured dhcp for all clients to use the NT WINS as their WINS server. Now I only can browseboth networks (workgroups 1 and 2)on the NT (1) network and not the other way arround. The workgroup from network one(1) does not appear in network neighbourhood on network one (2). Altough I can use the "search computer" function from windows to find one of the computers on the other end of the tunnel and then use windows explorer to view the complete workgroup,I would really like to be able to browse both networks on both ends of the tunnel trough the network neighbourhood. If I switch the WINS server from the NT server to the Samba server it doesn't work either, I keep getting the workgroups in network neighbourhood in only one end of the tunnel and only one network on the other end. Is this because the browse lists from the Samba PDC can not be synchronised with the browse list from the NT PDC? I also tried all kind of possible combinations with the samba boxes to get the browse lists synchronised on both sides, but on thenetwork where the NT PDC rules, the Samba will refuse to exchange his browse lists because it is not configured as a DMB (it say's), altough it has no problems to become the LMB. Is the only solution to install Samba PDC's on both end's? Or is there any other solution? Please help me out here. Thank you very much. Eddie.
Patch for testparm.c - Re: Samba problems?
Hello everyone,
Hereby I would like to add my patch to the utils/testparm.c file;
Change line 54:
if (lp_wins_support() wins_srv_count()) {
in to:
if (lp_wins_support() lp_wins_server_list()) {
This wil solve testparm complaining: ERROR: both 'wins support = true' and
'wins server = server' cannot be set in the smb.conf file. nmbd will abort
with this setting. while the parameter 'wins server=' is not used in
smb.conf.
With friendly greetings,
Eddie Lania.
- Original Message -
From: Andrew Bartlett [EMAIL PROTECTED]
To: Eddie Lania [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, August 17, 2002 12:40 PM
Subject: Re: Samba problems?
Eddie Lania wrote:
Hello everybody,
I am using Samba in networking environments at home and work.
I am testing with samba.
I compile the HEAD version from cvs with regular intervals but keep on
having the following problems.
In both environments, samba is
compiled --with-ldapsam, --with-smbmount, --with-nsswitch
--with-ldapsam doesn't do anything any more, its in by default if you
have ldap on the system. I don't think we even have a
--with-nsswitch...
and --with-acl-support on a RedHat 7.0 system with openldap installed.
Hopefully, the information in this message can be an usefull
contribution to
this list.
Please observe:
- First the details of my smb.conf:
[global]
passdb backend = ldapsam:ldap://localhost
ldap suffix = dc=elton-intra,dc=net
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap admin dn = cn=Manager,dc=elton-intra,dc=net
ldap ssl = off
use spnego = No
workgroup = ELTON
time server = Yes
wins support = Yes
os level = 64
prefered master = Auto
domain master = Yes
local master = Yes
security = user
# security = ads
encrypt passwords = Yes
null passwords = Yes
passwd program = /usr/local/sbin/smbldap-passwd.pl
guest account = Guest
socket address = 192.168.169.192
interfaces = 192.168.169.0/24 127.0.0.1
bind interfaces only = Yes
remote announce = 192.168.168.150
remote browse sync = 192.168.168.150
domain logons = Yes
add user script = /usr/local/sbin/smbldap-useradd.pl -a -E
login.bat
%u
add machine script = /usr/local/sbin/smbldap-useradd.pl -g
102 -w %u
delete user script = /usr/local/sbin/smbldap-userdel.pl %u
logon path = \\%L\profiles\%U
logon drive = q:
logon home = \\%L\%U\.profile
logon script = login.bat
debug uid = Yes
log file = /var/log/samba3/%m.log
max log size = 0
[netlogon]
comment = Network Logon Service
path = /home/netlogon
read only = Yes
[homes]
path = /home/users/%U
read only = No
browseable = No
inherit acls = Yes
inherit permissions = Yes
csc policy = disable
[profiles]
comment = User Profiles share
path = /home/profiles
read only = No
inherit acls = Yes
inherit permissions = Yes
csc policy = disable
[users]
comment = Users directories
path = /home/users
read only = Yes
write list = @Administrators
inherit acls = Yes
inherit permissions = Yes
[public]
comment = Public Files share
path = /mnt/big_f32/public
force user = nobody
read only = No
[apps]
comment = Applications share
path = /mnt/big_f32/apps
force user = nobody
read only = No
[backup]
comment = Backup share
path = /mnt/big_f32/backup
force user = nobody
read only = Yes
- Using this configuration, testparm outputs the following error:
Processing section [netlogon]
Processing section [homes]
Processing section [profiles]
Processing section [users]
Processing section [public]
Processing section [apps]
Processing section [backup]
Load smb config files from /usr/local/samba/lib/smb.conf
Loaded services file OK.
ERROR: both 'wins support = true' and 'wins server = server' cannot be
set
in the smb.conf file. nmbd will abort with this setting.
Altough the parameter 'wins server = server' is not defined in my
smb.conf.
Is this a bug?
Quite possible - have a look at the testparm source and see what you can
figure out.
- When logging on from a windows 9xx client, there are no errors in the
samba log file(s).
When logging on from Xp the next message is displayed in the log file:
[2002/08/17 08:53:45, 0, effective(500, 500), real(0, 0)]
rpc_server/srv_util.c:get_domain_user_groups(342)
get_domain_user_groups: primary gid of user
cvs HEAD compile warnings.
Hello, I downloaded and compiled the latest HEAD source from cvs this morning. My system is RedHat 7.0, kernel 2.2.19-7.0.16 I compiled with the following options: ./configure --sbindir=/usr/local/samba/bin --with-logfilebase=/var/log/samba 3 --with-smbmount --with-ldapsam --with-acl-support There were no errors, but I did notice the following warnings: smbd/mangle_hash2.c: In function `cache_insert': smbd/mangle_hash2.c:172: warning: assignment makes pointer from integer without a cast smbd/mangle_hash2.c: In function `is_mangled': smbd/mangle_hash2.c:263: warning: initialization makes pointer from integer without a cast passdb/secrets.c: In function `secrets_fetch': passdb/secrets.c:61: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_store': passdb/secrets.c:77: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_delete': passdb/secrets.c:93: warning: assignment discards qualifiers from pointer target type passdb/secrets.c: In function `secrets_get_trusted_domains': passdb/secrets.c:480: warning: assignment makes pointer from integer without a cast passdb/pdb_ldap.c: In function `ldapsam_search_one_user': passdb/pdb_ldap.c:424: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type passdb/pdb_ldap.c: In function `search_top_nua_rid': passdb/pdb_ldap.c:1097: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type passdb/pdb_ldap.c: In function `ldapsam_setsampwent': passdb/pdb_ldap.c:1195: warning: passing arg 5 of `ldap_search_s' from incompatible pointer type lib/util_str.c: In function `str_list_make': lib/util_str.c:1148: warning: passing arg 3 of `next_token' discards qualifiers from pointer target type libads/ldap.c: In function `ads_do_paged_search': libads/ldap.c:410: warning: passing arg 2 of `str_list_copy' from incompatible pointer type libads/ldap.c: In function `ads_do_search': libads/ldap.c:633: warning: passing arg 2 of `str_list_copy' from incompatible pointer type libads/ldap_printer.c: In function `ads_mod_printer_entry': libads/ldap_printer.c:80: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:96: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/ldap_printer.c:99: warning: passing arg 4 of `ads_mod_strlist' from incompatible pointer type libads/kerberos.c: In function `kerberos_kinit_password': libads/kerberos.c:76: warning: passing arg 6 of `krb5_get_init_creds_password' discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_user': utils/net_ads.c:370: warning: passing arg 6 of `ads_do_search_all_fn' from incompatible pointer type utils/net_ads.c: In function `net_ads_group': utils/net_ads.c:477: warning: passing arg 6 of `ads_do_search_all_fn' from incompatible pointer type utils/net_ads.c: In function `net_ads_printer_info': utils/net_ads.c:695: warning: passing arg 3 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_ads.c:695: warning: passing arg 4 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_publish': utils/net_ads.c:747: warning: assignment discards qualifiers from pointer target type utils/net_ads.c: In function `net_ads_printer_remove': utils/net_ads.c:785: warning: assignment discards qualifiers from pointer target type utils/net_ads.c:789: warning: passing arg 3 of `ads_find_printer_on_server' discards qualifiers from pointer target type utils/net_rpc_join.c: In function `net_rpc_join_ok': utils/net_rpc_join.c:64: warning: passing arg 1 of `secrets_fetch_trust_account_password' discards qualifiers from pointer target type Just to let you know. Greetings, Eddie Lania.
Fw: Samba 3.0-alpha 18 with ldapsam backend and primary gid of user?
Hi again, I just wanted to add this to make my information more complete: The id primary group id of user eddie in the ldap tree is 500:201. 201 is the group Domain Users But you have to know that user eddie also excists with id and gid 500:500 in the /etc/passwd and /etc/group files. Examining the log file below, this raises the following question to me: Is the passdb backend plugin ldap perhaps using a normal getent function do determine the correct user id and gid? If so, this could explain why I have these errors, but does this mean that the configuration of /etc/nsswitch.conf should be changed from: passwd: files ldap shadow: files ldap group: files ldap to: passwd: ldap files shadow: ldap files group: ldap files And will this affect the way people log in using other applications like shh for example? Or should there be a different solution? Also, the params: ldap suffix = dc=techdream,dc=net ldap user suffix = ou=Users ldap machine suffix = ou=Computers Are, in my opinion fairly undocumented and I have not been able to gather more information about them, so, the vallues that i've used are only guessed by myself and I would like to know if their right or wrong. It also seems to me that the smbgroupedit program is not usefull when authenticating against a ldap server (I have tried to map some of the unix groups to the domain groups but didn't notice any change). Is this right? Thanks again, Eddie. - Original Message - From: Eddie Lania [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, August 03, 2002 8:23 PM Subject: Samba 3.0-alpha 18 with ldapsam backend and primary gid of user? Hello list, Can someone tell me why I keep getting these kind of errors in the samba log files? I just went over from 2.2.5 to 3.0-alpha 18, I never had these errors in the 2.2.5 version. Especially the rid [0] is a complete mistery to me since I have no account defined in my ldap service that has rid 0. Thank you very much for your help. Eddie Lania. [2002/08/03 19:21:27, 0, effective(1001, 202), real(0, 0)] rpc_server/srv_util.c:get_domain_user_groups(346) get_domain_user_groups: primary gid of user [eddie] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2002/08/03 19:21:38, 1, effective(500, 500), real(0, 0)] smbd/service.c:make_connection_snum(676) p450aukje (192.168.168.253) connect to service profiles initially as user eddie (uid=500, gid=500) (pid 24710) [2002/08/03 19:21:41, 1, effective(0, 0), real(0, 0)] smbd/service.c:close_cnum(843) p450aukje (192.168.168.253) closed connection to service profiles [2002/08/03 19:21:41, 1, effective(500, 500), real(0, 0)] smbd/service.c:make_connection_snum(676) p450aukje (192.168.168.253) connect to service netlogon initially as user eddie (uid=500, gid=500) (pid 24710) [2002/08/03 19:21:43, 1, effective(0, 0), real(0, 0)] smbd/service.c:close_cnum(843) p450aukje (192.168.168.253) closed connection to service netlogon [2002/08/03 19:21:43, 1, effective(500, 500), real(0, 0)] smbd/service.c:make_connection_snum(676) p450aukje (192.168.168.253) connect to service homes initially as user eddie (uid=500, gid=500) (pid 24710) [2002/08/03 19:21:43, 1, effective(500, 500), real(0, 0)] smbd/service.c:make_connection_snum(676) p450aukje (192.168.168.253) connect to service netlogon initially as user eddie (uid=500, gid=500) (pid 24710) [2002/08/03 19:21:53, 0, effective(500, 500), real(0, 0)] rpc_server/srv_util.c:get_domain_user_groups(346) get_domain_user_groups: primary gid of user [eddie] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that [2002/08/03 19:21:53, 0, effective(0, 0), real(0, 0)] passdb/pdb_ldap.c:ldapsam_getsampwrid(1250) We don't find this rid [0] count=0 [2002/08/03 19:21:53, 0, effective(500, 500), real(0, 0)] rpc_server/srv_util.c:get_domain_user_groups(346) get_domain_user_groups: primary gid of user [eddie] is not a Domain group ! get_domain_user_groups: You should fix it, NT doesn't like that - This is how I compiled samba: ./configure --sbindir=/usr/local/samba/bin --with-logfilebase=/var/log/samba --with-smbmount --with-ldapsam --with-acl-support Here my smb.conf: [global] passdb backend = ldapsam:ldap://localhost ldap suffix = dc=techdream,dc=net ldap user suffix = ou=Users ldap machine suffix = ou=Computers ldap admin dn = cn=Manager,dc=techdream,dc=net ldap ssl = off use spnego = No workgroup = TECHDREAM time server = Yes deadtime = 15 server string = Linux Samba Server %v wins support = Yes os level = 64 prefered master = Auto domain master = Yes local master = Yes security = user encrypt passwords = Yes null passwords = Yes
Domain group appearing as Unix group?
Hello everyone, I have a question about Domain groups. Why are the domain groups from the ldap server on my RH 7 samba server, on a Windows XP client not recognized as Domain groups, but do they appear as Unix-group in the advanced groups and/or users properties? I am using samba 2.2.5 with ldap support compiled in and openldap on RH 7.0 server. Everything else is working fine. Looking forward to solve this (final) problem. Thank you all very much for any answer. Eddie.
