Re: [Samba] root can print, users not
check the rights of your spooler directory of samba (path =) Tim Thaler schrieb: Hi, I have a Win2k client that should be able to print to a printer connected to a SuSE 8.1 Linux box. The situation: - 'root' is able to print from Win2k to the Linux, user 'tim' is not. - Both, 'root' and 'tim' have their home directories visible and accessible on the Win2k. - User acounts on Win2k and Linux are the same: 'root', 'tim' with identical passwords on both machines. - Both, 'root' and 'tim' have been added to the smbpasswd file. - The smb.log file (level 10) has been filled with a load of messages I simply don't know how to interpret, but there is something like access denied. I just can't figure why? - The printer has been made browsable = yes and guest ok = yes - The printer is visible to Win2k users; 'root' and 'tim'. Does anyone have a good idea what else could be wrong that only 'root' is allowed to print but 'tim' is not? Cheers Tim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Configuring firewall to allow Samba to work
here's a mail, which was posted in this list... all exact ports arel listed in /etc/services. the ports u need where postet a view days ago in this list. please somebody correct, if i'm wrong: netbios-ns 137/tcp# NETBIOS Name Service netbios-ns 137/udp# NETBIOS Name Service netbios-dgm 138/tcp# NETBIOS Datagram Service netbios-dgm 138/udp# NETBIOS Datagram Service netbios-ssn 139/tcp# NETBIOS Session Service netbios-ssn 139/udp# NETBIOS Session Service and,if u need: swat 901/tcp # XXX Samba Web Adminisration And with Win2K you may need port 445/tcp also. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Configuring firewall to allow Samba to work
-BEGIN PGP SIGNED MESSAGE- [EMAIL PROTECTED] wrote: | | This is a note for all those people out there who had to turn off their | firewalls (iptables) to get Samba to work. First start the GUI | interface to the firewall by typing - - Your hint should only apply to a firewall that serves to harden your server ~ installation, i.e. if you use iptables on your server to control, which ~ kind of packets *from your local net* your server responds to. ~ If your firewall has the additional purpose to separate your local net ~ from the internet, then allowing NetBIOS over TCP/IP is not a good idea. ~ There are currently several windows worms that scan random IP address ~ ranges for weakly protected windows shares, so opening up your network to ~ these protocols is a bad idea! ~ To repeat that: You should open Ports 137, 138 and 139 (UDP and TCP) ~ only for your local net, not for the internet. - - Are we going to accept hints from someone without a name and with an ~ address [EMAIL PROTECTED]? I have the strong suspicion, that your ~ real purpose might be to trick people into opening up their firewalls. - -- Wolfgang Ratzka Phone: +49 6421 2823531 FAX: +49 6421 2826994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany ~ http://www.uni-marburg.de/hrz/mitarbeiter/ratzka.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBPnBG2xwiO5rz0xULAQEyFwf/YD1AEn7jz5W9Pzp3KbyMpPv+XbFZA0qw 1pM0EY72XzJ1Dn6X1N4aJ7PT+Cwqr6CVj/fxaVaOBY+C4HYZ9pJomTDevp9W/npp GZM4mkHylVHH/D59nHsd6x4IhLYllENTIGeHOdxRVN19XnYsIPt4EJ9R1GADrjRA 5dMowsaFBsX2Qymj7MM9N3wIzHkHft9eHHKXfMJd5bmPinqmtMFHHEOcgKSzutHZ Z5d5vijP9DQuPxv2v5kLx6OKYPwmLXP+6sKOno0Q/l08EZUROaBHTQD6heeYCqC2 hPaWGaxRrtF/IO2YVLH9A5UFSOK9/Qiwwihv7cFTDn/VIB/IbY0yjw== =xV38 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] help needed
Need help. I cannot make directory writeable from Windows NT, despite trying read only = no and writeable = true in smb.conf file in this [directory]. Is this because of user is invalid (user = nobody in [global]) or something else is wrong with my smb.conf file. I ran testparm and all went OK. Any help appreciated. Thanks -- __ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Test
Testing -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: XP logon failure but still logs on -- no roamingprofile
hmmm..did you try running ...tcpdump -i eth0 ..on your samba box? (assuming eth0 is samba lan interface?) then you can see what is happening at the time.. regards Richard Coates. On Wed, 2003-03-12 at 04:13, Brian White wrote: so if you reboot you get a successful logon? xp -pre sp1 ? Usually, yes. I did get one case where it did not but the computer had been on for a while before I tried to log on. SP1 was installed. I just did another update of all critical updates but it made no difference. After I reboot, I could logon, logoff, logon, logoff, but the third time I tried to logon, I got the error. On a hunch, I tried removing everything from the logon.bat script. It didn't help, though. After a reboot, I could logon/off three times and then I started getting the error. Continuing logon/logoff sequences shows no discernable pattern, though it only fails about 1/2 to 1/3 of the tries. After restoring the content of the logon.bat file, the logon process fails much more often but not every time. I began to wonder if it had something to do with network activity/idle periods since when I was typing results in to this message, it seemed that the next logon attempt would work. Taking a more patient approach to this, I've discovered that the problem is at least somewhat related to how long I stay logged in. With the full login.bat content (because it makes the problem more obvious) I've discovered that: - Logout immediately after logon (waiting for logon.bat to complete first) causes a logon failure every time. - Waiting 20 seconds after a logon failure before logout will ensure that the next logon attempt is successful. Waiting only 10 seconds is not enough. The next logon attempt(after one that was successful) will fail even if I again wait over 30 _minutes_ before logout. - Waiting at the press CTRL-ALT-DELETE to logon prompt, even up to 60 seconds, does not help; it fails every time. Attached is the logon.bat file renamed to logon.txt so it doesn't get stripped by any virus scanners. In addition to mapping a number of network drives, it also tries to map H: to /home/userid (if it exists) or to the users home computer on the network if they're logging in to a different machine (sort of like a unix automounter would do for home directories on different machines). Brian ( [EMAIL PROTECTED] ) --- Tired of spam? See what you can do to fight it at: http://www.cauce.org/ :-net accounts /forcelogoff:no /minpwlen:4 /minpwage:0 /maxpwage:unlimited /uniquepw:5 :- :- Mount the home directory :- net use h: /d subst h: /d if exist C:\Home\%USERNAME%\nul.x goto localhome :nethome call %USERPROFILE%\Network\homedir.bat goto donehome :localhome subst h: C:\Home\%USERNAME% mkdir %USERPROFILE%\Network echo net use h: \\%COMPUTERNAME%\home\%USERNAME% /persistent:no /yes %USERPROFILE%\Network\homedir.bat goto donehome :donehome :- :- Mount network drives :- net use o: \\share\office2000p /persistent:no /yes net use p: \\share\precidia /persistent:no /yes net use s: \\share\win32 /persistent:no /yes net use t: \\ftp\ftp /persistent:no /yes net use x: \\share\tmp /persistent:no /yes :- :- Set some environment variables :- mkdir C:\tmp\%USERNAME% s:\bin\setx TEMP C:\tmp\%USERNAME% s:\bin\setx TMP C:\tmp\%USERNAME% :- s:\bin\setx HOMEDRIVE H: :- :- Update the computers clock :- net time \\share /set /yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] printer configuration issue
I've installed Samba 2.2.7a on my SuSE 8.1 system in an effort to persuade it to act as a print server on my LAN, which consists of it and 6 Windows desktops of various flavors. Right away it seemed to allow file sharing and printing from DOS and became browsable from the Network Neighborhood, but I can't get it to print from Windows. I keep getting a Status of Access denied, unable to connect, even when simply trying to print a test page. A perusal of the Samba logs has been inconclusive as has a poring through both Samba and SuSE documentation. I'm guessing that it's a stupid permission or authentication configuration I've overlooked, but it's making me crazy! I had the exact same problem and it cost me a full day to solve it but now it works! At first I had my printer connected to the Samba server using the lpd protocol, but that did not work at all. On my W2k clients I had the 'Access denied' problem all the time. Then I went over to using CUPS for managing my printer and read some info on this issue. Here are the sites I read that lead me to victory: http://us3.samba.org/samba/ftp/docs/htmldocs/cups.html http://www.cups.org/sam.html#8_6 I copied the Adobe PS drivers to the mentioned location, ran cupsaddsmb and added the printer to the W2k client again. This time it worked. Give it a try and success! Jaap -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] how to view users logged in samba server??
I do not know to do. I have around 50 logados users and would like to know the names of who are logados at the moment. I thank any aid. Diego. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] how to view users logged in samba server??
Have you tried smbstatus? -Original Message- From: Diego S. Soares [mailto:[EMAIL PROTECTED] Sent: Thursday, 13 March, 2003 12:35 PM To: [EMAIL PROTECTED] Subject: [Samba] how to view users logged in samba server?? Importance: High I do not know to do. I have around 50 logados users and would like to know the names of who are logados at the moment. I thank any aid. Diego. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to view users logged in samba server??
yes. I don't have services or mapping in my server. It only PDC domain and proxy authentication . smbstatus brings active connections... - Original Message - From: Peter Carpenter [EMAIL PROTECTED] To: 'Diego S. Soares' [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 9:41 AM Subject: RE: [Samba] how to view users logged in samba server?? Have you tried smbstatus? -Original Message- From: Diego S. Soares [mailto:[EMAIL PROTECTED] Sent: Thursday, 13 March, 2003 12:35 PM To: [EMAIL PROTECTED] Subject: [Samba] how to view users logged in samba server?? Importance: High I do not know to do. I have around 50 logados users and would like to know the names of who are logados at the moment. I thank any aid. Diego. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ___ Busca Yahoo! O serviço de busca mais completo da Internet. O que você pensar o Yahoo! encontra. http://br.busca.yahoo.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] rpcclient setprinter failes
Since I haven't got any answers on this I try again... We have an Redhat 8.0 machine who acts as an printserver. I'm sharing printers via Samba and using CUPS. Samba is 2.2.7a and CUPS 1.1.8. The Microsoft clients (Win9x, Win NT, Win 2k) is downloading the driver from the server. I had no problem to install and upload up to 55 printers but now I am not able to set the driver. I can install more printers, but when cupsaddsmb is running rpcclient -N -U 'user%secret' -c 'setdriver pr51433 pr51433' I get the result was NT_STATUS_UNSUCCESSFUL messages. This is cut out of the debug-log of rcpclient. 10 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0004 0014 context_id: 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 28 18 spoolss_io_r_setprinter 0018 status: WERR_ACCESS_DENIED SetPrinter call failed! Before this I get a message about rpc_api_pipe: len left: 0 smbtrans read: 36 rpc_api_pipe: fragment first and last both set 18 spoolss_io_r_getprinter 18 spoolss_io_buffer 0018 ptr: 001c needed: 0198 0020 status: WERR_INSUFFICIENT_BUFFER 00 spoolss_io_q_getprinter Could there be a problem that this machine is not an PDC? And what is the difference between the following command? rpcclient -U pc%secret localhost -c enumdrivers rpcclient -U pc%secret localhost -c enumprinters Where getting the enumdrivers work, but not the enumprinters... I would really appreciate some help with this.. /Tia Patrik -- Patrik Carlsson Högskolan i Gävle Driftsansvarig, IT-enheten Kungsbäcksvägen 47 026-64 85 00, 070-329 88 25 801 76 Gävle [EMAIL PROTECTED] -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba-2.2.8pre2-1, rpcclient segfault and other problems
I've been having a few problems with samba-2.2.8pre2-1 --with-winbind --with-winbind-challenge-response Rh 7.2, 2.4.9-38 on s/390, glibc-2.2.4-31 rpcclient segfaults on enumdrivers 3... I hadn't tried it with earlier versions of samba, but the man pages indicate enumdrivers 1, 2, and 3 are supported. If you'd like to see a -d 10 or -d 100, or the /var/log/messages dump, just let me know. Jerry, don't worry about the copy devmode thing, I went ahead and did something in VBA based on http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=116 which is goofy but good enough for my purposes. Another problem, for some drivers I've gotten Printer settings could not be saved. I've effectively started from scratch, removed nt*.tdb and printing.tdb, removing files from print$ path, and restarted samba. Most drivers work fine, but some... when I click on apply, I get a crit msgbox with Printer settings could not be saved. The files uploaded fine, I am connected as a printer admin, etc, and there's no further information like Access Denied, or Operation could not be completed, or anything like that that google has turned up. If I get out of that window, under printers I can see that the correct model is associated with the printer share, but right-clicking on it brings up the same, device settings cannot be displayed... do you want to install a driver [no] msgbox. While this driver has always been problematic, I believe with earlier versions of samba it would get in a loop where it would open and close each driver file on the samba server repeatedly. I was hoping I could remedy that by copying the devmode from a locally installed printer at some point during the install, and while the copy (with SetPrinter or DocumentProperties) did not return any errors, samba still reports that device settings cannot be displayed, etc. Any ideas? ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win2000 client and Samba 2.2 PDC?
I have set up a Samba as PDC and everything working flawless except for Win2000 clients. WinNT workstations and servers join the domain without problems. Win98 clients log on without problems. Win2000 clients can join the domain. BUT When Win2000 restart and I try to log on, I get a message, something like this (translated from my own language): The Primary Domain Controller is missing or the password is incorrect The Win2000 client and the User has been added to both /etc/passwd and smbpasswd. What is wrong? Regards Jacob Sönnichsen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] problem with join Win2K workstation to a SAMBA PDC
Hello all, When I try to join Win2K workstation to a SAMBA PDC from the workstation (with Network ID wizard), I get a error The account used is a computer account. Use your global user account bla-bla-bla. When I adding machine manually by editing /etc/passwd and so on, everything is OK. What should I do to fix this? Best regards, Alexey -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win2000 client and Samba 2.2 PDC?
Hum... The 2K machines it has that to exist in the server: # useradd -d /dev/null -c MAQ_709 -m -s /bin/false MAQ_709$ # smbpassword -m -a MAQ_709 Maybe this can help you: http://www.linuxrapido.kit.net/dicas_samba.htm Regards Tiago Cruz Em Qui, 2003-03-13 às 10:41, [EMAIL PROTECTED] escreveu: I have set up a Samba as PDC and everything working flawless except for Win2000 clients. WinNT workstations and servers join the domain without problems. Win98 clients log on without problems. Win2000 clients can join the domain. BUT When Win2000 restart and I try to log on, I get a message, something like this (translated from my own language): The Primary Domain Controller is missing or the password is incorrect The Win2000 client and the User has been added to both /etc/passwd and smbpasswd. What is wrong? Regards Jacob Sönnichsen -- Tiago Cruz [EMAIL PROTECTED] Org. King de Contab. S/C Ltda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba Print server
Not to try and break any records, but we have servers that each serve up ~1500 printers under 2.0.X. Needless to say, attempts to upgrade to 2.2 resulted in some difficulty (servers coming nearly instantly to their knees as dozens of Windows boxes attempted to initiate RPC, etc.). But performance under 2.0.X is actually not at all bad. Bill Knox Senior Operating Systems Programmer/Analyst The MITRE Corporation On Wed, 12 Mar 2003, John H Terpstra wrote: Date: Wed, 12 Mar 2003 04:22:33 + (GMT) From: John H Terpstra [EMAIL PROTECTED] To: Joseph Loo [EMAIL PROTECTED] Cc: samba [EMAIL PROTECTED] Subject: Re: [Samba] Samba Print server On Tue, 11 Mar 2003, Joseph Loo wrote: I rember awhile back someone mention there was a limitiation about 50 printers for samba. Does this still hold true or was it my imagination. I guess your imagination - I am sure someone will correct me if I am wrong! I had a site that had well over 100 on one server in the days of samba-2.0.7. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Vedr.: Re: [Samba] Win2000 client and Samba 2.2 PDC?
The 2K machine account is created automaticly, when joining the domain from Win2000. The problem has something to do with Win2000 not seeing the Samba Server as PDC, or not reaching the PDC at all. I have set the Win2000 client to use netbios compability. Regards Jacob Tiago Cruz [EMAIL PROTECTED]Til:[EMAIL PROTECTED] ol.com.brcc: [EMAIL PROTECTED] Vedr.: Re: [Samba] Win2000 client and Samba 2.2 PDC? 13-03-03 15:13 Hum... The 2K machines it has that to exist in the server: # useradd -d /dev/null -c MAQ_709 -m -s /bin/false MAQ_709$ # smbpassword -m -a MAQ_709 Maybe this can help you: http://www.linuxrapido.kit.net/dicas_samba.htm Regards Tiago Cruz Em Qui, 2003-03-13 às 10:41, [EMAIL PROTECTED] escreveu: I have set up a Samba as PDC and everything working flawless except for Win2000 clients. WinNT workstations and servers join the domain without problems. Win98 clients log on without problems. Win2000 clients can join the domain. BUT When Win2000 restart and I try to log on, I get a message, something like this (translated from my own language): The Primary Domain Controller is missing or the password is incorrect The Win2000 client and the User has been added to both /etc/passwd and smbpasswd. What is wrong? Regards Jacob Sönnichsen -- Tiago Cruz [EMAIL PROTECTED] Org. King de Contab. S/C Ltda -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows95 client does not get list of domain users
I have a Slackware 8.1 with Samba 2.2.4 configured as PDC on my network. I have a Windows95 client (OSR2, USB supplement) that can't get the list of domain users for defining a share, I get the message:You cannot view the list of users at this time. Please again later Windows98 clients can get the list of users on the domain with no problem, also WindowsNT workstations get the list in no time. I'm sure it's a client problem, but please, maybe someone has faced this problem before, and share your solution with me. Thank you! Emil Furniga. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Changing unix group ownership through Samba
Hi everyone, First of all, sorry if this is something which the man pages or other documentation answer. I could not find a simple solution. I am running 3.0alpha22 on Linux joined to a W2k domain with a Windows 2000 Server domain controller. Authentication is done with Kerberos, clients are 2000/XP. I want to be able to change the unix group ownership on directories and files from the Windows 2000/XP clients connecting to Samba. That is, if a directory is owned by the unix group unixgroup1 on the machine Samba is running on, I want to be able to change it to unixgroup2 from the client. What is the simplest way to do this? Somehow mapping all unix groups to Windows-world groups? Do I need winbindd in there somewhere? Any help is much appreciated! Best regards, Antti -- [EMAIL PROTECTED] Helsinki University of Technology Computing Centre -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
http://quics.qnx.com/cgi-bin/print_des.cgi?/usr/free/qnx4/tcpip/utils/+s amba-qnxbin-2.0.7.tgz You should also read the samba docs. Especially those concerning WinNT, Win98 and W2K where encrypted password negotiation is used by default. It's all explained in the docs how to revert back to clear-text negotiation. Basically you need to do some nasty registry hacking to achieve this. On the other hand, you could also enable encryption in samba. I've heard reports that this works with at least WinNT. (That's not a link to a file above, it's a link to a page with that text in it) If there is a way to do encpryted password, I would be serisously rock if it was found! :-) THANKS! --KM -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 10:47 PM To: Kenny Mann Cc: Andrew Bartlett; ; Sacha HAEGELIN Subject: RE: [Samba] Windows XP and plain text password On Wed, 12 Mar 2003, Kenny Mann wrote: I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? Re-enabling plain text password support by the registry change does NOT disable encrypted password support at all. It just re-enables plain text based authentication. MS Windows clients do NOT cache the plain text password, only the encrypted password. So if you do not enable encrypted passwords on Samba then when the MS Windows client drops a connection and later tries to restore the connection, this later re-connect can only send the encrypted password which will fail if you do not have this enabled in samba. The result then will be a blue kiss of death screen on the client. To enable encrypted passwords in samba: In smb.conf [globals] put: encrypted password = Yes Then for each of your users: smbpasswd -a 'usern_name' For some time now samba compiles in encrypted password ability, you just need to enable it as per above. - John T. THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba BDC and secrets.tdb question
I have a question about setting up a samba BDC (with a samba PDC). I am running Samba as the PDC on a small network. Other Unix boxes on the network are running with: security = DOMAIN encrypt passwords = Yes update encrypted = Yes password server = 192.168.1.5 So they make use of the PDC for smbmount and smbsh applications. The W2K box also uses Samba at the PDC. I want to set up a Redhat 8 box as a BDC. smbpasswd -S got the machine ID informationa across to the secrets.tbd per the BDC howto. Later it the document, it says I have to blindly copy the secrets.tbd from the PDC to the BDC. It also says I have to change from security = DOMAIN to security = USER This appears to indicate that the BDC will now use it's own authentication information rather than defering to the PDC. 1. Is this true? 2. Blindly copying the secrets.tbd across seems a dangerous idea. Is there an equivalent to smbpasswd -S which just copies across the relevant data.? 3. If not, is it really safe to copy secrets.tbd from the PDC to the BDC? I do not want to foul things up trying to get the BDC to work. I am not ready to try switching to LDAP, although I will do this if it is the only way. Thanks for any help. -- Robert E. Styma Principal Engineer AG Communication Systems, Phoenix - A subsidiary of Lucent Email: [EMAIL PROTECTED] Phone: 623-582-7323 FAX: 623-581-4884 Company: http://www.agcs.com Personal: http://www.swlink.net/~styma -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Compile problems
Samba Ver: 2.2.7a GCC Ver: 3.2 OS: HPUX-11 Hello List, I've been having trouble trying to compile Samba. The configure phase goes well, but during the gmake phase I always get this error: Compiling lib/snprintf.c lib/snprintf.c:790: conflicting types for `snprintf' /usr/local/lib/gcc-lib/hppa2.0n-hp-hpux11.00/3.2/include/stdio.h:493: previous declaration of `snprintf' gmake: *** [lib/snprintf.o] Error 1 The issue seems to be with sprintf. Has anyone using PARISC run into this problem? Any solutions other than installing the samba-depot ? Any help would be greatly appreciated. Rick King -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 won't join TNG domain
Hi, I have a TNG-controlled domain which works fine with Win2k and samba 2.2.7 workstations. Now when I try to join a samba 3.0 workstation to this domain doing: net rpc join -U abakus\\root it fails. Setting the log level to 10 I get a lot of debug messages on the console including: ... [2003/03/13 15:49:43, 4] rpc_client/cli_pipe.c:check_bind_response(1075) bind_rpc_pipe: pipe_name \PIPE\lsass != expected pipe \PIPE\lsarpcd. oh well! [2003/03/13 15:49:43, 2] rpc_client/cli_pipe.c:rpc_pipe_bind(1243) rpc_pipe_bind: check_bind_response failed. ... could not initialise lsa pipe could not obtain sid for domain This seems as if 3.0 and TNG have different ideas of what the pipe should be called and I don't know who's fault this is. Any comments on this from the samba or tng developers would be welcome. Thanks Uli -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows95 client does not get list of domain users
Still me! :) The solution: for anyone who might have to solve such a problem: I've installed Dcom95.exe update for Win95 an now it gets the list of domain users like a Win98 wkst. does. HTH someone. Emil - Original Message - From: Emil Furniga [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 4:05 PM Subject: [Samba] Windows95 client does not get list of domain users I have a Slackware 8.1 with Samba 2.2.4 configured as PDC on my network. I have a Windows95 client (OSR2, USB supplement) that can't get the list of domain users for defining a share, I get the message:You cannot view the list of users at this time. Please again later Windows98 clients can get the list of users on the domain with no problem, also WindowsNT workstations get the list in no time. I'm sure it's a client problem, but please, maybe someone has faced this problem before, and share your solution with me. Thank you! Emil Furniga. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] help needed
Did you give 0777 permission to your share folder? - Original Message - From: Slawomir Stys [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, March 13, 2003 1:41 AM Subject: [Samba] help needed Need help. I cannot make directory writeable from Windows NT, despite trying read only = no and writeable = true in smb.conf file in this [directory]. Is this because of user is invalid (user = nobody in [global]) or something else is wrong with my smb.conf file. I ran testparm and all went OK. Any help appreciated. Thanks -- __ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Windows XP and plain text password
On Thu, 13 Mar 2003, Kenny Mann wrote: http://quics.qnx.com/cgi-bin/print_des.cgi?/usr/free/qnx4/tcpip/utils/+s amba-qnxbin-2.0.7.tgz 2.0.7 is way ancient - do you not have a more up to date version? In any case Samba has it's own crypto routines for MS Windows clients. Does your version have a binary called 'smbpasswd'? If so, then that is what you need to create the encrypted password database. Also, check the output of: testparm | grep encrypt If it has a line that says 'encrypt passwords' then it is most likely that your versions DOES have support for encrypted password handling. As I indicated, plain text password support in MS Windows products had most likely NOT been maintained since it was disabled by default. If you revert to plain text passwords you will almost certainly run into serious problems. - John T. You should also read the samba docs. Especially those concerning WinNT, Win98 and W2K where encrypted password negotiation is used by default. It's all explained in the docs how to revert back to clear-text negotiation. Basically you need to do some nasty registry hacking to achieve this. On the other hand, you could also enable encryption in samba. I've heard reports that this works with at least WinNT. (That's not a link to a file above, it's a link to a page with that text in it) If there is a way to do encpryted password, I would be serisously rock if it was found! :-) THANKS! --KM -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 10:47 PM To: Kenny Mann Cc: Andrew Bartlett; ; Sacha HAEGELIN Subject: RE: [Samba] Windows XP and plain text password On Wed, 12 Mar 2003, Kenny Mann wrote: I have yet to find samba for QNX with encpryption nor do I have the time to port it. If perhaps you know of a location (and I have tried google, although only for a short search), I would be more than happy to listen however that is the only method that I know. BTW, IF someone enabled plaintextpassword's does that mean that ALL of there passwords are plaintext or just any that can't be encrpyted? Re-enabling plain text password support by the registry change does NOT disable encrypted password support at all. It just re-enables plain text based authentication. MS Windows clients do NOT cache the plain text password, only the encrypted password. So if you do not enable encrypted passwords on Samba then when the MS Windows client drops a connection and later tries to restore the connection, this later re-connect can only send the encrypted password which will fail if you do not have this enabled in samba. The result then will be a blue kiss of death screen on the client. To enable encrypted passwords in samba: In smb.conf [globals] put: encrypted password = Yes Then for each of your users: smbpasswd -a 'usern_name' For some time now samba compiles in encrypted password ability, you just need to enable it as per above. - John T. THANKS! --KM -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 3:55 PM To: Kenny Mann Cc: John H Terpstra; Sacha HAEGELIN; [EMAIL PROTECTED] Subject: RE: [Samba] Windows XP and plain text password On Thu, 2003-03-13 at 05:01, Kenny Mann wrote: Samba built for OS's such as QNX do not have the encryption capability. You must have plain text turned on. Perhaps he is in the same position. Why? It's certainly not a code-size issue, as there are much bigger parts of samba... It seems a pretty lame excuse for almost complete incompatibility with out-of-the-box installations. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Email: [EMAIL PROTECTED] -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (Fwd) vfs_recycle and create mode 770
I'd like to use the recycle as a per machine recycler using the option 'name = .recycle/%m' (because we just use some usernames without passwords, and not because of the adminstrators abilties, but for a better workflow with a lot of different projects and people working on them.) But if a directory is created the vfs recycle uses the rights 700, and i have found no way around it (maybe editing recycle.h or vfs.h, but i don't think im good enough). The Problem is: User A is deleting a directory. This directory is the being created and the file is being moved to that place. But then the dirctory is created with 700. User B is deleting a subdirectory within that directory created from User A but isn't allowed to do so and therefore the files will be purged. How can I change the create mode to 770. My thoughts till now: force create/directory mode helps nothing, think it's hidden somewhere in the vfs code a cron job to change the rights would be a little insecure, because for one hour the recycle isn't working. Marcel Mohr --- Berliner Institut für Vergleichende Sozialforschung Wissenschaftlicher, gemeinnütziger Verein Mitglied im Europäischen Migrationszentrum Postal Adress: Schliemannstraße 23, D-10437 Berlin Phone: +49-30 - 44 65 10 65 Fax: +49-30 - 444 10 85 E-mail: [EMAIL PROTECTED] Homepage: http://www.emz-berlin.de -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can't see a security tab
I have two version 2.2.7a servers running on a unix/NT network (NT PDC) One server behaves correctly and the other server doesn't. The misbehaving one lets me see the shares, files, etc, but if I right-click on a share or file and select properties, I get a dialog box saying: The server web does not accept remote requests. The resulting properties then only contains 2 tabs, 'General' and 'Customize'. There is no 'Security' tab. both smb.conf files contain: encrypt passwords = Yes security = domain workgroup = DEVP password server = * and both have been added to the domain. Any ideas? thanks! ** Brian Vaughan Corporate Webmaster, Web Services FAME Information Services, Inc. 325 E. Eisenhower Parkway, Suite #301 Ann Arbor, MI 48108, U.S.A. Tel: 734.332.4382 Fax: 734.332.4440 e-mail: [EMAIL PROTECTED] http://www.fame.com/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] (Fwd) vfs_recycle and create mode 770
-[ Marcel ([EMAIL PROTECTED]) wrote on 3/13/2003 4:50 PM +0100 ]- But if a directory is created the vfs recycle uses the rights 700, and i have found no way around it (maybe editing recycle.h or vfs.h, but i don't think im good enough). Read: http://marc.theaimsgroup.com/?l=sambam=102528804420858w=2 You will find the necessary changes to make listed there. --Ben-- Ben Griffith [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] how to view users logged in samba server??
smbstatus -b gives all logged users... Diego S. Soares schrieb: I do not know to do. I have around 50 logados users and would like to know the names of who are logados at the moment. I thank any aid. Diego. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] problem with join Win2K workstation to a SAMBA PDC
1) *check, if the name u use to join the domain is root* 2) check if all network drive mappings are removed. 3) check, thats the workgroup, which is setted now, is not the same name as the domain... 3) check if username and machinename is not the same Alexey Raevsky schrieb: Hello all, When I try to join Win2K workstation to a SAMBA PDC from the workstation (with Network ID wizard), I get a error The account used is a computer account. Use your global user account bla-bla-bla. When I adding machine manually by editing /etc/passwd and so on, everything is OK. What should I do to fix this? Best regards, Alexey -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows LocalSystem Account - Linux Samba Server - What's the userID?
I have a Linux Samba server I access from a Win2K system. I want to allow a process started from a Windows service to access a share on the Samba server. The Windows service is set to run as LocalSystem instead of a specific userID. What userID do I need to define on the Samba server to allow LocalSystem to access files on a Samba share? -- Jim Garrison ([EMAIL PROTECTED]) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] too many open files , samba crashes
hello, using SuSE 7.3 with all Patches and SAMBA 2.2.7a-SuSE after a couple of days too many files are opend (bejond 16000) and samba hast to be totally stopped and restartet. the log tells us the following: [2003/03/13 09:21:44, 0] smbd/posix_acls.c:create_canon_ace_lists(919) create_canon_ace_lists: unable to map SID S-1-5-21-823518204-1202660629-842925246-2721 to uid or gid. [2003/03/13 09:31:29, 0] lib/util.c:close_low_fds(470) Can't open /dev/null [2003/03/13 09:31:29, 0] tdb/tdbutil.c:tdb_log(531) tdb(/var/lib/samba/connections.tdb): tdb_reopen: open failed (Too many open files in system) [2003/03/13 09:31:29, 0] locking/brlock.c:brl_init(235) Failed to open byte range locking database [2003/03/13 09:31:29, 0] locking/locking.c:locking_init(328) ERROR: Failed to initialise locking database [2003/03/13 09:31:29, 0] smbd/server.c:open_sockets(275) open_sockets: accept: Too many open files in system [2003/03/13 09:31:29, 0] lib/debug.c:reopen_logs(348) Unable to open new log file /var/log/samba/log.smbd: Too many open files in system [2003/03/13 10:00:13, 0] smbd/posix_acls.c:create_canon_ace_lists(919) create_canon_ace_lists: unable to map SID S-1-5-21-823518204-1202660629-842925246-2184 to uid or gid. [2003/03/13 10:01:14, 0] lib/debug.c:reopen_logs(348) Unable to open new log file /var/log/samba/log.smbd: Too many open files in system [2003/03/13 10:01:14, 0] lib/util_sock.c:open_socket_in(772) open_socket_in(): socket() call failed: Too many open files in system [2003/03/13 10:01:14, 0] smbd/oplock.c:init_oplocks(1217) open_oplock_ipc: Failed to get local UDP socket for address 17f. Error was Too many open files in system [2003/03/13 10:01:25, 0] lib/debug.c:reopen_logs(348) Unable to open new log file /var/log/samba/log.smbd: Too many open files in system [2003/03/13 10:01:25, 0] lib/util_sock.c:open_socket_in(772) open_socket_in(): socket() call failed: Too many open files in system any idea to solve the problem? thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Permission Issues
Hi All, I set up a samba server to talk to various wint NT clients so they can access data off the serever. its a Solaris 8 server.As you can see from the smb.conf below I have Security = share but the only way to access it is to make the share wide open 777 and that is not good. Any advice ass to what I can change. Thank You from newbie Ben # Global parameters [global] coding system = client code page = 850 code page directory = /usr/local/samba/lib/codepages workgroup = DAVE netbios name = LANCELOT netbios aliases = netbios scope = server string = Lancelot Samba Server interfaces = bind interfaces only = No security = SHARE encrypt passwords = Yes update encrypted = No allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = lancelot smb passwd file = /usr/local/samba/private/smbpasswd root directory = pam password change = No passwd program = /usr/bin/passwd passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = Yes lanman auth = Yes use rhosts = No admin log = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba.log max log size = 50 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol read bmpx = No read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts host wins bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 1 name cache timeout = 660 read size = 16384 socket options = TCP_NODELAY stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = lpstat disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 0 lm announce = Auto lm interval = 60 preferred master = Auto local master = No domain master = No browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = 157.199.5.25 wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 add share command = change share command = delete share command = config file = preload = lock dir = /usr/local/samba/var/locks pid directory = /usr/local/samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 NIS homedir = No source environment = panic action = hide local users = No winbind uid = winbind gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 15 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No comment = path = alternate permissions = No username = guest account = nobody invalid users = valid users = admin users = read list = printer admin = force user = force group = read only = Yes create mask = 0744 force create mode = 00 security
[Samba] Still warnings on Solaris 9 (sparc)
Sun's Forte C 6.2 Solaris 9 (sparc64), CVS of 2.2 as of Weds 13th March about 1130 UK time CC=cc ./configure --with-readline=/usr/local/ --with-quotas --with-utmp --with-acl-support --with-syslog --with-libsmbclient --with-automount --without-winbind Using FLAGS = -O -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper -I/usr/local//include -I/usr/local//include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLOGFILEBASE=/usr/local/samba/var -DCONFIGFILE=/usr/local/samba/lib/smb.conf -DLMHOSTSFILE=/usr/local/samba/lib/lmhosts -DSWATDIR=/usr/local/samba/swat -DSBINDIR=/usr/local/samba/bin -DLOCKDIR=/usr/local/samba/var/locks -DCODEPAGEDIR=/usr/local/samba/lib/codepages -DDRIVERFILE=/usr/local/samba/lib/printers.def -DBINDIR=/usr/local/samba/bin -DPIDDIR=/usr/local/samba/var/locks -DLIBDIR=/usr/local/samba/lib -DHAVE_INCLUDES_H -DPASSWD_PROGRAM=/usr/bin/passwd -DSMB_PASSWD_FILE=/usr/local/samba/private/smbpasswd -DTDB_PASSWD_FILE=/usr/local/samba/private/smbpasswd.tdb Using FLAGS32 = -O -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper -I/usr/local//include -I/usr/local//include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLOGFILEBASE=/usr/local/samba/var -DCONFIGFILE=/usr/local/samba/lib/smb.conf -DLMHOSTSFILE=/usr/local/samba/lib/lmhosts -DSWATDIR=/usr/local/samba/swat -DSBINDIR=/usr/local/samba/bin -DLOCKDIR=/usr/local/samba/var/locks -DCODEPAGEDIR=/usr/local/samba/lib/codepages -DDRIVERFILE=/usr/local/samba/lib/printers.def -DBINDIR=/usr/local/samba/bin -DPIDDIR=/usr/local/samba/var/locks -DLIBDIR=/usr/local/samba/lib -DHAVE_INCLUDES_H -DPASSWD_PROGRAM=/usr/bin/passwd -DSMB_PASSWD_FILE=/usr/local/samba/private/smbpasswd -DTDB_PASSWD_FILE=/usr/local/samba/private/smbpasswd.tdb Using LIBS = -lsec -lgen -lsocket -lnsl -ldl Warnings to follow Compiling libsmb/clirap.c libsmb/clirap.c, line 114: warning: argument #9 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 114: warning: argument #11 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 164: warning: argument #9 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 164: warning: argument #11 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 244: warning: argument #9 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 244: warning: argument #11 is incompatible with prototype: prototype: pointer to unsigned int : libsmb/clirap.c, line 57 argument : pointer to int libsmb/clirap.c, line 356: warning: argument #4 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 662 argument : pointer to int libsmb/clirap.c, line 356: warning: argument #6 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 662 argument : pointer to int Compiling libsmb/cliprint.c libsmb/cliprint.c, line 87: warning: argument #9 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 434 argument : pointer to int libsmb/cliprint.c, line 87: warning: argument #11 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 434 argument : pointer to int libsmb/cliprint.c, line 148: warning: argument #9 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 434 argument : pointer to int libsmb/cliprint.c, line 148: warning: argument #11 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 434 argument : pointer to int Compiling libsmb/clisecdesc.c libsmb/clisecdesc.c, line 52: warning: argument #3 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 671 argument : pointer to int libsmb/clisecdesc.c, line 52: warning: argument #5 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 671 argument : pointer to int libsmb/clisecdesc.c, line 116: warning: argument #3 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 671 argument : pointer to int libsmb/clisecdesc.c, line 116: warning: argument #5 is incompatible with prototype: prototype: pointer to unsigned int : include/proto.h, line 671 argument : pointer to int Compiling rpc_parse/parse_spoolss.c rpc_parse/parse_spoolss.c, line 1209: warning: assignment type mismatch:
[Samba] Bizarre problem - happens only under XP and not 2000
I have a very strange problem, which no one has been able to fathom to
this point so I'm hoping that someone here may have encountered
something similar. I'd better note down some background details first.
Relevant machines involved:
Win2K Adv. Server SP3 (acting as Active Directory primary)
Win2K Pro SP3 (authenticates against Win2K server above)
WinXP Pro SP1 (authenticates against Win2K server above)
Redhat 7.2 running Samba 2.2.1a in 'domain' mode (password
server is Win2K server)
Redhat 8.0 running Samba 2.2.7 in 'domain' mode (password server
is Win2K server)
Here is the background of what I am trying to do. There is a CVS module
for a project I develop checked out on both of the Redhat machines,
which I manage using TortoiseCVS on the WinXP machine. Until this week I
was running only the RH7.2 machine and had no problems at all, but this
machine has got a little long in the tooth and so I built a new machine
to run RH8.
All the Windows machines are logged in using the same Active Directory
user, and I can access the shares on both Samba servers via Win2K and XP
with no problems, and have full read/write/delete permissions.
However, when I run a CVS update or checkout using the WinXP machine on
the RH8 box, I get lots of errors reporting that some directories that
were removed from the CVS module a long time ago could not be deleted as
they are not empty. Running the same update on the RH8 machine using
either of the Win2K boxes goes through with no errors. Running the same
CVS update on the RH7.2 machine with any of the Windows machines does
not produce the error.
This is what the CVS update ~should~ look like:
In \\plasma\home\kier\vb2: cvs -q update -d -P
CVSROOT=:pserver:{username}:{repository}
? language
? admin/spellcheck
? images/afp
? images/avatars
? images/styles/new/images
Success, CVS operation completed
And this is what it looks like when I run the same thing on the XP box
with the Samba 2.2.7 machine:
In \\plasma\home\kier\vb2: cvs -q update -d -P
CVSROOT=:pserver:{username}:{repository}
? language
? admin/spellcheck
? images/afp
? images/avatars
? images/styles/new/images
cvs update: cannot remove language: Directory not empty
cvs update: cannot remove images/styles/new/images: Directory not empty
cvs update: cannot remove images/avatars: Directory not empty
cvs update: cannot remove images/afp: Directory not empty
cvs update: cannot remove admin/spellcheck: Directory not empty
Success, CVS operation completed
Here is a summary of the results from running the update from different
machines:
Win2K with RH 7.2 / Samba 2.2.1aNO ERRORS
WinXP with RH 7.2 / Samba 2.2.1aNO ERRORS
Win2K with RH 8.0 / Samba 2.2.7 NO ERRORS
WinXP with RH 8.0 / Samba 2.2.7 ERRORS
From this I can only assume that there is something weird going on with
XP + Samba 2.2.7, as all other factors seem to be the same.
Has anyone got any clue whatsover as to what might be happening here?
Thanks for your help,
Kier Darby
Product Manager, vBulletin
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Copying Files
For some reason when I try to copy some files from a windows machine to a samba share on a particular Linux server it creates the filename on the share and then gives me the following error: This folder already contains a file named foo.exe Would you like to replace the existing file which is 0 bytes with this one which is 13.4mb It does not do this with all files. I copied two different iso files that are approximately 650mb fine several times but I have tried with exe files and some work while some do not. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] gpedit.msc as centralized policy for 2k/xp clients
John, I would like to figure out how to do this gpedit.msc+AD+gpc+gpt magic for win2k/xp with linux+samba(2.2/3.0/tng)+openldap and is it possible at all? We use local (!) GPOs on our Win2k clients with great success: - log on to master workstation as administrator - create a link to the C:\WINNT\system32\GroupPolicy folder on your administrator's desktop - optionally add gpedit.msc to mmc (add snapin ...) - change settings in GPOs to fit your needs or your company's security policy (especially admin templates) - export and import on other workstations or clone master workstation Please bear in mind that LGPOs affect ALL local users and Samba domain users, including the local administrator account. So be careful when changing the LGPOs since the user-specific policy settings are immediately effective! Administrators control can be retained by denying read access on the GroupPolicy folder, logging off and logging on again. This trick probably won't work on WinXP any more, so you will need to find a different solution. Please post your findings, especially if an alternative for WinXP and/or central policy management is at all possible. Good luck, Uli -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Extended ACL wrongly(?) set on HPUX
File on SAMBA with 664 permissions, UserA and GroupA - No Extended ACLS. -rw-rw-r-- 1 b321972sysadmin 4 Mar 13 09:35 junk1.txt UserB open's this document in Word 2000 (under Win2K) and Saves. Extended ACLS are set AND owner is changed... -rw-rwxr--+ 1 b432291sysadmin10 Mar 13 09:36 junk1.txt # file: junk1.txt # owner: b432291 # group: sysadmin user::rw- user:b321972:rw- group::rw- class:rwx other:r-- --- What can I do (short of nt acl support = no) to stop the setting of extended ACL's (the + on the ll user:b321972:rw- entry)? I need acl support to show file owner's in explorer. Not really concerned about the change of ownership... Running hpux 11.00 with HP's SAMBA 2.2.5 (HP ver A.01.09.01) and version 4 on my vxfs 3.3 filesystems. Thanks, Ted Saylor UNIX Sys. Admin. M-F ~8AM-~4:30PM 480-891-7884 Desk [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permission Issues
Hi All, Files that I create from win are assigned user nobody how can I change that to a valid unix name .. Thanks --- Ben Bays [EMAIL PROTECTED] wrote: Hi All, I set up a samba server to talk to various wint NT clients so they can access data off the serever. its a Solaris 8 server.As you can see from the smb.conf below I have Security = share but the only way to access it is to make the share wide open 777 and that is not good. Any advice ass to what I can change. Thank You from newbie Ben # Global parameters [global] coding system = client code page = 850 code page directory = /usr/local/samba/lib/codepages workgroup = DAVE netbios name = LANCELOT netbios aliases = netbios scope = server string = Lancelot Samba Server interfaces = bind interfaces only = No security = SHARE encrypt passwords = Yes update encrypted = No allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = lancelot smb passwd file = /usr/local/samba/private/smbpasswd root directory = pam password change = No passwd program = /usr/bin/passwd passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = Yes lanman auth = Yes use rhosts = No admin log = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba.log max log size = 50 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol read bmpx = No read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts host wins bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 1 name cache timeout = 660 read size = 16384 socket options = TCP_NODELAY stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = lpstat disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 0 lm announce = Auto lm interval = 60 preferred master = Auto local master = No domain master = No browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = 157.199.5.25 wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 add share command = change share command = delete share command = config file = preload = lock dir = /usr/local/samba/var/locks pid directory = /usr/local/samba/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 NIS homedir = No source environment = panic action = hide local users = No winbind uid = winbind gid = template homedir = /home/%D/%U template shell = /bin/false winbind separator = \ winbind cache time = 15 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = No comment = path =
[Samba] Apparent Failing Trust Relationships with MSDN Windows XP
Dear Samba List readers. I have a working Samba PDC, and am using it (I have file access) successfully with a Windows XP Pro machine. The PDC is from the Pink Tie (i.e. Redhat) Linux 8.0 Distribution. I am now setting up a second Windows XP machine to attach to the same Samba PDC. I have chosen the computer name and domain on XP, and configured them on the Samba PDC. If I boot up the new PC and login locally as local-XP-computer\Administrator, then sure enough local-XP-computer appears in the domain tree for my Samba-hosted domain when inspected from my original, still working, XP box. The problem comes when I try and log in to the new XP box with a Samba user account, as opposed to merely attaching to the domain using the machine account. If I type in a valid Samba account name, password, and the domain name at the main new XP machine login, I get the message: Windows cannot connect to the domain, either because the domain is down or otherwise unavailable, or because your computer account was not found. It makes no difference what domain user account I try - even the one that works fine on my old XP box does not work on the new one. Alternately, but similarly, if I login as my local Administrator on the new XP box, then go to: Control Panel - User Accounts - Add... Then type in a Samba user account name and the domain name I get: The user could not be added because the following error has occurred: The trust relationship between this workstation and the primary domain failed. I inspected the local-XP-computer.log file on the Samba server, and it has no information. I am using the version of XP distributed with MSDN with Windows XP Service Pack 1 (Express) installed. I have tried setting: My Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\P arameters\... sealsecurechannel and signsecurechannel to zero (as per unofficial HOWTO), but that seems to make no difference. With thanks in advance for any help or suggestions. ___ email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] nt user groups
I have looked around for a few days to try to find a solution to this. I have to map the nt group power users to a unix group. so far I have tried adding domain group map = /foo/bar to smb.conf file. also in the username map = /foo/bar I added a line testgroup = @power users It was just a long shot anyways. I am sure it is possible to do, otherwise, damn it is needed. Any assistance is appreciated. Kyle Loree Rendek Communications [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-2.2.7a on HPUX 11.00 trying to compile LDAP support
Damian Hickey wrote: Dear all, I am trying to use Samba with LDAP support so I can't use the CIFS binaries. I are having an issue with compiling samba-2.27.a (patched) on our HPUX server. I am configuring it with these Samba option flags: --prefix=/opt/samba --libdir=/etc/opt/samba --localstatedir=/var/opt/samba --with-privatedir=/var/opt/samba/private --with-lockdir=/var/opt/samba/locks --with-swatdir=/opt/samba/swat --with-acl-support --with-msdfs --with-ldapsam --with-profile -disable-static I have gcc-3.2 installed. I run configure OK, but get an error when running gmake: Compiling lib/snprintf.c lib/snprintf.c790: conflicting types for `snprintf' /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/3.0.1/include/stdio.h:493:previous declaration of `snprintf' ***Error exit code 1 Just comment line 493 from the above file using /* */ will do the trick I think the lines in conflict are: gcc-3.2 stdio.h extern int snprintf(char *, _hpux_size_t, char *,...); samba-2.2.7a/source/lib/snprintf.c int snprintf(char *str,size_t count,const char *fmt,...) but I do not know how to resolve the issue. I'd love to know if you have had any success with this or have any ideas. With thanks, Damian Hickey Unix Administrator Workcover Queensland 15th Floor, 280 Adelaide St. Brisbane ph 07 30066422 fax 07 30066424 mob 0421 093582 *** Messages included in this e-mail and any of its attachments are those of the author unless specifically stated to represent WorkCover Queensland. The contents of this message are to be used for the intended purpose only and are to be kept confidential at all times. This message may contain privileged information directed only to the intended addressee/s. Accidental receipt of this information should be deleted promptly and the sender notified. This e-mail has been scanned by Sophos for known viruses. However, no warranty nor liability is implied in this respect. ** -- René Nieuwenhuizen Afdeling Informatietechnologie Centraal Planbureau Bezoekadres: Van Stolkweg 14, 2585 JR Den Haag Postadres: Postbus 80510, 2508 GM Den Haag T (070) 3383 342 F (070) 3383 350 I http://www.cpb.nl/nl/general/org/afdelingen/it/ -- Aan dit bericht kunnen geen rechten worden ontleend. Het bericht is alleen bestemd voor de geadresseerde. Indien dit bericht niet voor u is bestemd, verzoeken wij u dit onmiddellijk aan ons te melden en de inhoud van het bericht te vernietigen. This message shall not constitute any obligations. This message is intended solely for the addressee. If you have received this message in error, please inform us immediately and delete its contents. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Bizarre problem - happens only under XP and not 2000
Just an update on this - I removed Samba 2.2.7 from the RH8 system and
reinstalled it using the Samba 2.2.1a-4 version from my Redhat 7.2 CDs,
and the problem has miraculously disappeared...
So what got broken between 2.2.1a-4 and 2.2.7-2?
Kier
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Kier Darby
Sent: 13 March 2003 16:47
To: [EMAIL PROTECTED]
Subject: [Samba] Bizarre problem - happens only under XP and not 2000
I have a very strange problem, which no one has been able to fathom to
this point so I'm hoping that someone here may have encountered
something similar. I'd better note down some background details first.
Relevant machines involved:
Win2K Adv. Server SP3 (acting as Active Directory primary)
Win2K Pro SP3 (authenticates against Win2K server above)
WinXP Pro SP1 (authenticates against Win2K server above)
Redhat 7.2 running Samba 2.2.1a in 'domain' mode (password
server is Win2K server)
Redhat 8.0 running Samba 2.2.7 in 'domain' mode (password server
is Win2K server)
Here is the background of what I am trying to do. There is a
CVS module
for a project I develop checked out on both of the Redhat machines,
which I manage using TortoiseCVS on the WinXP machine. Until
this week I
was running only the RH7.2 machine and had no problems at
all, but this
machine has got a little long in the tooth and so I built a
new machine
to run RH8.
All the Windows machines are logged in using the same Active Directory
user, and I can access the shares on both Samba servers via
Win2K and XP
with no problems, and have full read/write/delete permissions.
However, when I run a CVS update or checkout using the WinXP
machine on
the RH8 box, I get lots of errors reporting that some directories that
were removed from the CVS module a long time ago could not be
deleted as
they are not empty. Running the same update on the RH8 machine using
either of the Win2K boxes goes through with no errors.
Running the same
CVS update on the RH7.2 machine with any of the Windows machines does
not produce the error.
This is what the CVS update ~should~ look like:
In \\plasma\home\kier\vb2: cvs -q update -d -P
CVSROOT=:pserver:{username}:{repository}
? language
? admin/spellcheck
? images/afp
? images/avatars
? images/styles/new/images
Success, CVS operation completed
And this is what it looks like when I run the same thing on the XP box
with the Samba 2.2.7 machine:
In \\plasma\home\kier\vb2: cvs -q update -d -P
CVSROOT=:pserver:{username}:{repository}
? language
? admin/spellcheck
? images/afp
? images/avatars
? images/styles/new/images
cvs update: cannot remove language: Directory not empty
cvs update: cannot remove images/styles/new/images: Directory
not empty
cvs update: cannot remove images/avatars: Directory not empty
cvs update: cannot remove images/afp: Directory not empty
cvs update: cannot remove admin/spellcheck: Directory not empty
Success, CVS operation completed
Here is a summary of the results from running the update from
different
machines:
Win2K with RH 7.2 / Samba 2.2.1a NO ERRORS
WinXP with RH 7.2 / Samba 2.2.1a NO ERRORS
Win2K with RH 8.0 / Samba 2.2.7 NO ERRORS
WinXP with RH 8.0 / Samba 2.2.7 ERRORS
From this I can only assume that there is something weird
going on with
XP + Samba 2.2.7, as all other factors seem to be the same.
Has anyone got any clue whatsover as to what might be happening here?
Thanks for your help,
Kier Darby
Product Manager, vBulletin
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Oplock error messages with samba on Linux
TEST: = SAMBA STRESS OVER GIGABIT NETWORK: This is a simple Read/Write/Compare/Delete kind of test over the network via Samba. Multiple clients with multiple threads try to read/write/compare/delete(in a loop) a finite sized file (64K block size) over samba for a prolonged period of time in an effort to stress test the server. SERVER SIDE CONFIG: === ARCH: x86 OS: RHL AS 2.1 KERNEL: 2.4.9-e.3smp SAMBA: 2.2.7-1.21as.i386.rpm (also tried RH AS2.1 stock version: 2.2.1a-4.i386.rpm) NIC: 2 ONBOARD GIG BCM5703(COPPER)ON A STATIC GEC TRUNK RAM: 512 MB CPU: Dual 2.66GHz CPU with HT ON (tried several different speed CPU's: 2.2, 2.4, 3.06 etc) SWAP: 2 GB SCSI/RAID: Able to reproduce this on SCSI as well as RAID 0 (not tried other RAID configs) CLIENT SIDE CONFIG: === SAMBA CLIENTS: Windows only (tried both NT4 and W2K). Please note that there are *no* Linux clients trying to access the samba share. The clients are all Windows and are all installed from one common image. DESCRIPTION OF FAILURES: The Stress Test Controller starts to show some Read/Write/Compare failures anywhere from a 30 mins up to a 24 hour period into the test. These failures continue to occur and eventually the server locks up. Tried to enable nmi_watchdog with serial console. No OOPS capture yet. I also tried raising the samba debug level (went up to 3) , printk level raised to 7 4 1 7, SysRq enabled etc. None of the information I have captured so far gives me any definite theory on why this is happening. What I do notice is that in almost all the failures, the samba logs have references to oplocks. Any body has any ideas why this could be happening ? Any ideas for what I can do further to troubleshoot. I have tried various other things that I have not posted with this message to try and keep this post readable. Posted below are a sample smbd.log, samba_client_name.log and my smb.conf file from one of the recent failures. Any suggestions would be helpful. /var/log/smbd.log: == [2003/03/12 04:02:03, 0] smbd/server.c:open_sockets(238) Got SIGHUP /var/log/samba/samba_client1.log: = [2003/03/11 10:04:07, 0] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1369) unable to open passdb database. [2003/03/12 03:33:49, 0] smbd/oplock.c:oplock_break(790) oplock_break: end of file from client oplock_break failed for file ZEUS05/ZEUS05_0.dat (dev = 811, inode = 131074, file_id = 5907). [2003/03/12 03:33:49, 0] smbd/oplock.c:oplock_break(878) oplock_break: client failure in break - shutting down this smbd. [2003/03/12 03:34:15, 0] smbd/oplock.c:request_oplock_break(1008) request_oplock_break: no response received to oplock break request to pid 2482 on port 32793 for dev = 811, inode = 131074, file_id = 5907 /etc/samba/smb.conf: [global] netbios name = box_400 server string = Samba Server security = SHARE encrypt passwords = Yes log file = /var/log/samba/%m.log max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No printing = lprng wins support = yes [homes] comment = Home Directories writeable = Yes browseable = No [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [share] path = /stress writeable = Yes guest ok = Yes [web] path = /var/www/html writeable = Yes guest ok = Yes - Amit Bhutani -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Copying Files
Hi TJ Davis, you wrote: For some reason when I try to copy some files from a windows machine to a samba share on a particular Linux server it creates the filename on the share and then gives me the following error: This folder already contains a file named foo.exe Would you like to replace the existing file which is 0 bytes with this one which is 13.4mb very old bug - try updating to the last stable version 2.2.7a. der tom -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Oplock error messages with samba on Linux
On Thu, Mar 13, 2003 at 01:40:03PM -0600, [EMAIL PROTECTED] wrote: TEST: = SAMBA STRESS OVER GIGABIT NETWORK: This is a simple Read/Write/Compare/Delete kind of test over the network via Samba. Multiple clients with multiple threads try to read/write/compare/delete(in a loop) a finite sized file (64K block size) over samba for a prolonged period of time in an effort to stress test the server. SERVER SIDE CONFIG: === ARCH: x86 OS: RHL AS 2.1 KERNEL: 2.4.9-e.3smp SAMBA: 2.2.7-1.21as.i386.rpm (also tried RH AS2.1 stock version: 2.2.1a-4.i386.rpm) NIC: 2 ONBOARD GIG BCM5703(COPPER)ON A STATIC GEC TRUNK RAM: 512 MB CPU: Dual 2.66GHz CPU with HT ON (tried several different speed CPU's: 2.2, 2.4, 3.06 etc) SWAP: 2 GB SCSI/RAID: Able to reproduce this on SCSI as well as RAID 0 (not tried other RAID configs) CLIENT SIDE CONFIG: === SAMBA CLIENTS: Windows only (tried both NT4 and W2K). Please note that there are *no* Linux clients trying to access the samba share. The clients are all Windows and are all installed from one common image. DESCRIPTION OF FAILURES: The Stress Test Controller starts to show some Read/Write/Compare failures anywhere from a 30 mins up to a 24 hour period into the test. These failures continue to occur and eventually the server locks up. Tried to enable nmi_watchdog with serial console. No OOPS capture yet. I also tried raising the samba debug level (went up to 3) , printk level raised to 7 4 1 7, SysRq enabled etc. None of the information I have captured so far gives me any definite theory on why this is happening. What I do notice is that in almost all the failures, the samba logs have references to oplocks. Any body has any ideas why this could be happening ? Any ideas for what I can do further to troubleshoot. I have tried various other things that I have not posted with this message to try and keep this post readable. Posted below are a sample smbd.log, samba_client_name.log and my smb.conf file from one of the recent failures. Any suggestions would be helpful. Server 'locks up' represents a Linux kernel bug. No other option. Samba as a user level process should not be able to cause the kernel to freeze. On a 'perfect' network (no lost packets) oplock break failures are due to bugs in Windows clients not responding to asynchronous 'break' messages sent back to them over a TCP stream. What *exact* config are the Windows clients ? What service pack ? Jeremy Allison, Samba Team. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Excel File Problems - continue
Hi all. I am running Samba on OSX. Everything runs well except I get the occasional reports from my users that they cannot open Excel files (Office2000 on Windows2000/XP clients) . They will try a second, and maybe a third time time and the file will open. The error message in the windows clients tends to be along the lines of thefile.xls cannot be accessed. The file may be read-only, or you may be trying to access a read-only location. Or, the server the document is stored on may not be responding On rare occasions - a user may be able to open a file but not write back to the server drive... OR locally. The error message is something like unable to save to disk. However, he can continue to open, save and close other excel files and also open a new document and copy the bad files workbooks to the new file and save that off.. (back to the server). This is quite rare - I might see it once a week with 60 users. Below, I have an example of my error logs on the server... Has anybody experienced this kind of behavior? - Any help would be appreciated. Regards, Hugh Evans [2003/03/13 08:55:26, 0] /SourceCache/samba/samba-21/source/smbd/oplock.c:oplock_break(843) oplock_break: client failure in break - shutting down this smbd. [2003/03/13 08:58:54, 0] /SourceCache/samba/samba-21/source/smbd/oplock.c:oplock_break(758) oplock_break: receive_smb error (Undefined error: 0) oplock_break failed for file Accounting/Digital_Documents/Accounting_2001/a14174.pdf (dev = e16, inode = 204152, file_id = 22). [2003/03/13 08:58:54, 0] /SourceCache/samba/samba-21/source/smbd/oplock.c:oplock_break(843) oplock_break: client failure in break - shutting down this smbd. [2003/03/13 08:59:08, 0] /SourceCache/samba/samba-21/source/lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/03/13 09:26:26, 0] /SourceCache/samba/samba-21/source/lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Operation timed out [2003/03/13 09:42:30, 0] /SourceCache/samba/samba-21/source/lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/03/13 09:52:44, 0] /SourceCache/samba/samba-21/source/lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/03/13 10:02:39, 0] /SourceCache/samba/samba-21/source/lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] subdirectory of home
Hi. Sorry: my level of english is not enough good. I hope you understand what I mean. My question is: it's possible to share a subdirectory (and only one subdirectory for every user) in the section [homes]? The version of samba which i'm working is 2.2.7a, over Solaris 8. Thanks in advance. -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba logging file modifications
Hi, I'm using samba as a file server for my network. Samba 2.2.6 is running on a linux/2.4.18 and all my clients access the share as guest. I want to log every file modification/upload/delete and the machine that did it, there's any way to do that? Thanks alot Thiago -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] subdirectory of home
Hello Maria! Yeah! See a example in /etc/samba/smb.conf: -- [homes] comment = Home Directories read only = No browseable = No [2k] comment = Programas 2K para teste em servidor Linux path = /home/tiago/2k public = yes guest ok = Yes writable = yes force create mode = 777 force directory mode = 777 Regard's Tiago Cruz Em Qui, 2003-03-13 às 17:18, María Isabel López Sánchez-Huete escreveu: Hi. Sorry: my level of english is not enough good. I hope you understand what I mean. My question is: it's possible to share a subdirectory (and only one subdirectory for every user) in the section [homes]? The version of samba which i'm working is 2.2.7a, over Solaris 8. Thanks in advance. -- [ ]'s Tiago Cruz Org. King de Contab. S/C Ltda. www.linuxrapido.kit.net Linux User #282636 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Permission Issues
Hi All, Files that I create from win are assigned user nobody how can I change that to a valid unix name .. Thanks On most systems, nobody is a perfectly valid unix name Does $ id nobody return a uid/gid? Or does it say no such user? You probably want to do a man smb.conf, and from there type /SECURITY followed by enter. That'll get you to the part explaining SECURITY = SHARE, which should be beneficial for you. ~ Daniel --- This message is the property of Time Inc. or its affiliates. It may be legally privileged and/or confidential and is intended only for the use of the addressee(s). No addressee should forward, print, copy, or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as a recipient. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized disclosure, dissemination, distribution, copying or the taking of any action in reliance on the information herein is strictly prohibited. If you have received this communication in error, please immediately notify the sender and delete this message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Win XP printing and Samba 2.2.5.0 running on AIX 4.3.3
Having trouble connecting to print ques on AIX 4.3.3 running samba 2.2.5.0 with Windows XP client. All other OS's (95,98,ME) can print and Windows XP CAN interface with disk shares. Not sure what is going on. smb.conf file: [global] printing = AIX printcap name = /etc/qconfig load printers = yes guest account = nobody print command = qprt -P%p -dp %s encrypt passwords = yes hosts allow = 128.200. workgroup = janesville ; This next option sets a separate log file for each client. Remove ; it if you want a combined log file. ; log file = /usr/local/samba/log.%m ; You will need a world readable lock directory and share modes=yes ; if you want to support the file sharing modes for multiple users ; of the same files ; lock directory = /usr/local/samba/var/locks ; share modes = yes [homes] comment = Home Directories browseable = yes read only = no create mode = 0750 guest ok = yes [printers] comment = All Printers browseable = yes printable = yes guest ok = yes writable = yes create mode = 0700 print command = qprt -P%p -dp %s [rootdir] path = / public = yes guest ok = yes browseable = yes read only = no Thanks, Mark Freeh Janesville Products -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Permission Issues
Thank You ... that worked but I still have a problem with the file permission being 777 to access the mount points security = share. If I change this to user will that mean I have to create an account for everyone who uses it ans well as do smbpasswd? thanks for your help --- [EMAIL PROTECTED] wrote: use 'force user = username', or 'force group = groupname Also check the 'create mask' and 'directory mask' parameters. Ries Citeren Ben Bays [EMAIL PROTECTED]: Hi All, Files that I create from win are assigned user nobody how can I change that to a valid unix name .. Thanks --- Ben Bays [EMAIL PROTECTED] wrote: Hi All, I set up a samba server to talk to various wint NT clients so they can access data off the serever. its a Solaris 8 server.As you can see from the smb.conf below I have Security = share but the only way to access it is to make the share wide open 777 and that is not good. Any advice ass to what I can change. Thank You from newbie Ben # Global parameters [global] coding system = client code page = 850 code page directory = /usr/local/samba/lib/codepages workgroup = DAVE netbios name = LANCELOT netbios aliases = netbios scope = server string = Lancelot Samba Server interfaces = bind interfaces only = No security = SHARE encrypt passwords = Yes update encrypted = No allow trusted domains = Yes hosts equiv = min passwd length = 5 map to guest = Never null passwords = No obey pam restrictions = No password server = lancelot smb passwd file = /usr/local/samba/private/smbpasswd root directory = pam password change = No passwd program = /usr/bin/passwd passwd chat = *new*password* %n\n *new*password* %n\n *changed* passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = Yes lanman auth = Yes use rhosts = No admin log = No log level = 0 syslog = 1 syslog only = No log file = /var/log/samba.log max log size = 50 timestamp logs = Yes debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 large readwrite = Yes max protocol = NT1 min protocol read bmpx = No read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt status support = Yes announce version = 4.9 announce as = NT max mux = 50 max xmit = 16644 name resolve order = lmhosts host wins bcast max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = No unix extensions = No change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 10 max smbd processes = 0 max disk size = 0 max open files = 1 name cache timeout = 660 read size = 16384 socket options = TCP_NODELAY stat cache size = 50 use mmap = Yes total print jobs = 0 load printers = Yes printcap name = lpstat disable spoolss = No enumports command = addprinter command = deleteprinter command = show add printer wizard = Yes os2 driver map = strip dot = No mangling method = hash character set = mangled stack = 50 stat cache = Yes domain admin group = domain guest group = machine password timeout = 604800 add user script = delete user script = logon script = logon path = \\%N\%U\profile logon drive = logon home = \\%N\%U domain logons = No os level = 0 lm announce = Auto lm interval = 60 preferred master = Auto local master = No domain master = No browse list = Yes enhanced browsing = Yes dns proxy = Yes wins proxy = No wins server = 157.199.5.25 wins support = No wins hook = kernel oplocks = Yes lock spin count = 3 lock spin time = 10 oplock break wait time = 0 add share command = change share command = delete share command = config file = preload =
Re: [Samba] Permission Issues
Hi, Not to sound jonny come lately, but you should have security = user as accounts in passwd as well as smbpasswd. With the appropriate uid/giu and force create statements, you will have an elegant security solution. I havn't messed with ACL feature in Samba yet but I understand its also elegant. It takes some work but in the long run you will be happy. Bri- PS I can supply you with a sample .conf if you like to get this going. __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] DC set with restrict anonymous HELP!
I am trying to get samba to work with winbind and still have the DC (w2k) use restrict anonymous. If I run wbinfo -A it will allow me to enumerate all the user accounts and groups but I still get prompted for a password when I try to access samba shares. I can turn off restrict anonymous and I can access the samba box all day with no problem but as soon as I turn on restrict anonymous it breaks. Do I need to do anything other then wbinfo -A in order to get around restrict anonymous? Bobby Guerra -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Sync Linux - NT Domain passwords
Is there a way to syncronise the Windows Domain passwords with the linux account passwords? SAMBA passes authentication to an NT box password server = * Users have local accounts on the Linux box and get access to SAMBA shares depending on which group (linux) they belong to and if their authentication credentials were correct. I've tried synchronising their passwords so when they change their Windows password it changes their Linux password, but unfortunately that doesn't happen. unix password sync = Yes security = domain wins server = NT Box Is there any way to achieve this??? Thanks Steve Simeonidis Network Engineer, Spherion Education Spherion Group Ltd Making the Workplace Work Better 1st Floor, 493 St. Kilda Rd, Melbourne VIC 3004, Australia +61 3 9243 2382 [EMAIL PROTECTED] The information contained in this email and any attachments to it: (a) may be confidential and if you are not the intended recipient, any interference with, use, disclosure or copying of this material is unauthorised and prohibited; and (b) may contain personal information of the recipient and/or the sender as defined under the Privacy Act 1988 (Cth). Consent is hereby given by the recipient(s) to collect, hold and use such information and any personal information contained in a response to this email, for any reasonable purpose in the ordinary course of Spherion's business, including forwarding this email internally or disclosing it to a third party. All personal information collected by Spherion will be handled in accordance with Spherion's Privacy Policy. If you have received this email in error, please notify the sender and delete it. (c) you agree not to employ or arrange employment for any candidate(s) supplied in this email and any attachments without first entering into a contractual agreement with Spherion. You further agree not to divulge any information contained in this document to any person(s) or entities without the express permission of Spherion. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Logon Script Doesn't
Hi, I've finally been dragged kicking and screaming into the wonderful world of XP. I've been able to join a domain and login with the help of the docs on samba.org and gleaning info from this list. Google and I don't get along. My question is How do I get the logon script to run when XP logs in? Win 98 doesn't have a problem running the logon script. Here is part of the smb.conf: [global] comment = Home based server server string = Samba Server v2.2.7 netbios name = OciCat workgroup = CRANDELL security = server encrypt passwords = yes preferred master = yes domain logons = yes domain master = yes local master = yes logon script = %U.bat logon drive = H: logon path = add user script = /usr/sbin/useradd -d /dev/null -g users -s /dev/false -M %u The batch files exist and are working with Win98. I miss DOS. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Installing printer drivers
Hi, I'm trying to copy printer driver files to the server in a way that workstations can install from the server just by right-clicking on the printer icon and choosing Install. I created the [printers] share and created the W32X86, etc directories. In XP I right-clicked on the printer icon and installed the drivers. It looked like it worked. Looking at it from the linux side, I can see the other directories created under the ones I made and the printer driver files are there. However when I right click on the icon from Win98, it asks for the driver disk. Here is part of the smb.conf: [global] comment = Home based server server string = Samba Server v2.2.7 SNIP printcap name = /etc/printcap load printers = yes printing = bsd disable spoolss = no printer admin = administrator, @ntadmin, root [print$] available = yes comment = Printer Drivers path = /home/samba/printers browseable = yes guest ok = Yes read only = yes write list = @ntadmin, administrator, root [HP990] available = yes comment = HP990 Color Printer path = /var/spool/lpd/lp0 print command = /usr/bin/lpr -P%p -r %s queuepause command = /usr/sbin/lpc -P%p stop queueresume command = /usr/sbin/lpc -P%p start guest ok = yes public = yes printer = lp0 writable = no printable = yes browsable = yes create mask = 0777 use client driver = no write list = @ntadmin, administrator, root Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profiles with Samba PDC
John: I thought it would be a good idea to follow up with how I came out with my problem of getting Samba configured correctly as a PDC. While I hate to admit it publicly, the main stumbling block in my attempts to get Samba working correctly was my lack of understanding on how Samba shares are handled. For whatever reason I read about them over and over but never looked at their usage correctly, especially when assigning a value to one of the path parameters. With that key piece of understanding missing I was not setting up the directory structure correctly. A good example of this is the Profiles share. Wherever the logon path pointed to the profiles share I would always want to create a directory to match how the logon path appeared. Therefore if the logon path appeared as: logon path = \\%L\profiles I would view that as needing to have a directory of the root of my server called profiles, as opposed to that referring to the path of the profiles share. Of course I knew that there was a share defined as profiles but somehow I thought that either Windows or Samba was referring to that by some other means. It sound stupid now but it made sense that the time! :-) Anyway, I have it working now and it is all making perfect sense. Thank you for all of your help. Scott Millhisler SJM Computer Consulting -- Perry, Michigan -- Original Message -- From: John H Terpstra [EMAIL PROTECTED] Date: Tue, 11 Mar 2003 05:38:25 + (GMT) On Mon, 10 Mar 2003, Scott Millhisler wrote: First of all, I would like to thank you for your prompt reply. Unfortunately you lost me on a couple of issues and I am hoping that you can clarify them. We exchanged: # User profile path logon path = \\%N\home\%u\ntprofile Suggest you try: logon path = \\%L\home\%U\ntprofile Make absolutely sure that the directory 'ntprofile' exists (and is writable) - BEFORE - the uyser logs on. A MUCH better suggestion is to put profiles in a 'profiles' share, that is the way it is done in MS Windows land. It allows you to set more suitable smb.conf parameters for profile handling for the shared resource for which it may be needed. In this case you would have a share like: [Profiles] comment = Roaming Profile Share path = /var/lib/samba/profiles read only = No profile acls = Yes and the following to match it: logon path = \\%L\Profiles\%U In this exchange you indicate that it would be better to have a 'profiles' share, contrasting it to my global definition of logon path. I am not sure if you saw it or not, but in my original message it was a profiles share defined at the end. It did differ from yours in that the path pointed to the science have used in the global area. Your logon path directs that profiles into the users' home directory into a subdirectory called ntprofile. Your original profiles share will thus not be used at all. I created a profiles directory under the samba directory as indicated above. Do I need to create subdirectories in that profiles directory for all of the users before they logon or will Windows create the subdirectories as needed during a user's first logon? Yes. You need to create those directories so that Samba can store the profiles. In the absence of the proper directory the profile will not be written to your profiles share. Also, you wrote to set my logon path to \\%L\Profiles\%U to match 'it'. What 'it' are you referring to? Should this logon path the set in the profiles share definitions or the global, thus replacing the one I have there now? I currently do not have a profiles directory off of root, which is where I assume that would be referring to, but I can certainly create one. Either that, or do I totally misunderstand the usage of %L? Your logon path settings need to match a storage are within your Samba server file system. The 'it' refers to the Profiles share settings I gave you. In my case I store profiles under /var/lib/samba/profiles/'username' The %U translates to the 'username'. The %L is a macro that translates to the name be which you refer to the samba server. So if your samba server is called 'FRED and logon path = \\%L\Profiles\%U and you access the Samba server by the name FRED then it will map to \\FRED\Profiles\'username'. Thus if your username is 'jbloggs', the full profile path will be: \\FRED\Profiles\jbloggs. Given my path statement in the [Profiles] definition this will result in the files being written to (or read from): /var/lib/samba/profiles/jbloggs Does that clear the air now? - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: how to view users logged in samba server??
Diego, An alternative approach is to compile Samba form source with the configure option --with-utmp or use a precompiled package, which has utmp support enabled. The command who | grep smb | cut -f 1 -d ' ' | uniq will then list users with connections to Samba shares (who is part of GNUs sh-utils and should be included in all Linux distributions). Good luck, Uli -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Am I getting the best performance?
Okay, I've been chasing performance for a while now. I have no idea if I should be trying to get better performance or if I'm getting all I can out of my hardware. Here is the information: /sbin/hdparm -I /dev/hdd /dev/hdd: ATA device, with non-removable media Model Number: ST328040A Serial Number: 7BY034XB Firmware Revision: 3.07 Standards: Supported: 4 3 2 1 Likely used: 5 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBAuser addressable sectors: 55704096 device size with M = 1024*1024: 27199 MBytes Capabilities: LBA, IORDY(can be disabled) Buffer size: 512.0kBQueue depth: 1 Standby timer values: spec'd by Standard R/W multiple sector transfer: Max = 16 Current = 16 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 *udma4 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=240ns IORDY flow control=120ns Commands/features: Enabled Supported: *READ BUFFER cmd *WRITE BUFFER cmd *Look-ahead *Write cache *Power Management feature set *SMART feature set *DOWNLOAD MICROCODE cmd HW reset results: CBLID- above Vih Device num = 1 /sbin/hdparm -Tt /dev/hdd /dev/hdd: Timing buffer-cache reads: 128 MB in 0.95 seconds =134.74 MB/sec Timing buffered disk reads: 64 MB in 2.43 seconds = 26.34 MB/sec /sbin/hdparm /dev/hdd /dev/hdd: multcount= 16 (on) IO_support = 1 (32-bit) unmaskirq= 1 (on) using_dma= 1 (on) keepsettings = 0 (off) readonly = 0 (off) readahead= 8 (on) geometry = 3684/240/63, sectors = 55704096, start = 0 /etc/samba/smb.conf socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 I'm running Redhat 8.0 using a custom built 2.4.20 kernel. The drive referenced above is a Seagate 7200rpm UDMA-33 IDE hard drive. I did a 2GB copy from Linux to a Windows98SE machine using Samba. I got 5.85MB/sec. I did the same copy on a Windows XP machine and got 6.99MB/sec. Then I copied from hdd to hdc and got 6.94MB/sec. (same channel) Then I copied from hdd to hdb and got 9.30MB/sec. (different channel) It seems to me that I should be able to get close to the 9.30MB/sec when transfering over the network. Still 9.3MB/sec is no where near the 26MB/sec hdparm is reporting... I'm on a 100Mb switch and I'm using 3Com 905TX NICs in both the workstation and the server. I guess the best my network can put out is 12MB/sec. I was hoping to get around 10MB/sec with Samba. Is this unreasonable??? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon Script Doesn't
see bottom Bob Crandell [EMAIL PROTECTED] writes: Hi, I've finally been dragged kicking and screaming into the wonderful world of XP. I've been able to join a domain and login with the help of the docs on samba.org and gleaning info from this list. Google and I don't get along. My question is How do I get the logon script to run when XP logs in? Win 98 doesn't have a problem running the logon script. Here is part of the smb.conf: [global] comment = Home based server server string = Samba Server v2.2.7 netbios name = OciCat workgroup = CRANDELL security = server encrypt passwords = yes preferred master = yes domain logons = yes domain master = yes local master = yes logon script = %U.bat logon drive = H: logon path = add user script = /usr/sbin/useradd -d /dev/null -g users -s /dev/false -M %u The batch files exist and are working with Win98. I miss DOS. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba I have it working using logon script = %u.bat my netlogon script was created on a 2k machine and is as follows @echo off net use o: \\foo\bar /persistent:no net use p: \\servername\sharename /persistent:no the persistent is mainly for nt machines or machines that leave the network. it turns off reconnect. it matters that the script has the proper line breaks place the file in the netlogon dir and login with the matching user. It should work well. Also logon path is where you want to store profiles, usually logon path = \\crandell\profiles\%u that would create a dir for each user that logs in. also recomend using logon home = \\crandell\profiles\%u I don't totally understand why they haven't been integrated into one, but the logon home handles 9x machines. Good luck, hope this works. Kyle Loree Rendek Communications [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP Replication
From Google searches, it seems that using SAMBA 2.2.7 + Open LDAP on Linux patched for POSIX ACL support delivers a functional PDC/BDC pair, and that directory replication can take place automatically once set up. Could someone please confirm that this actually works? The background to this issue is that we are moving a large number of NT4 file servers to a LINUX platform, but need to keep security arrangements, particularly file ACLs unchanged, but cannot wait until the production release of Samba V3. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Changing unix group ownership through Samba
Antti, I want to be able to change the unix group ownership on directories and files from the Windows 2000/XP clients connecting to Samba. That is, if a directory is owned by the unix group unixgroup1 on the machine Samba is running on, I want to be able to change it to unixgroup2 from the client. What is the simplest way to do this? You may want to have a look at ACLs, included in recent versions of the journallimg filesystems XFS, JFS, ext3 and ReiserFS. SuSE and probably RedHat also (?) should by default have ACL aware kernels. I'd personally recommend XFS but your mileage may vary. See http://acl.bestbits.at/ http://oss.sgi.com/projects/xfs Good luck, Uli -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Am I getting the best performance?
On Fri, 14 Mar 2003, aragonx wrote: Okay, I've been chasing performance for a while now. I have no idea if I should be trying to get better performance or if I'm getting all I can out of my hardware. Here is the information: /sbin/hdparm -I /dev/hdd /dev/hdd: ATA device, with non-removable media Model Number: ST328040A Serial Number: 7BY034XB Firmware Revision: 3.07 Standards: Supported: 4 3 2 1 Likely used: 5 Configuration: Logical max current cylinders 16383 16383 heads 16 16 sectors/track 63 63 -- CHS current addressable sectors: 16514064 LBAuser addressable sectors: 55704096 device size with M = 1024*1024: 27199 MBytes Capabilities: LBA, IORDY(can be disabled) Buffer size: 512.0kBQueue depth: 1 Standby timer values: spec'd by Standard R/W multiple sector transfer: Max = 16 Current = 16 DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 *udma4 Cycle time: min=120ns recommended=120ns PIO: pio0 pio1 pio2 pio3 pio4 Cycle time: no flow control=240ns IORDY flow control=120ns Commands/features: Enabled Supported: *READ BUFFER cmd *WRITE BUFFER cmd *Look-ahead *Write cache *Power Management feature set *SMART feature set *DOWNLOAD MICROCODE cmd HW reset results: CBLID- above Vih Device num = 1 /sbin/hdparm -Tt /dev/hdd /dev/hdd: Timing buffer-cache reads: 128 MB in 0.95 seconds =134.74 MB/sec Timing buffered disk reads: 64 MB in 2.43 seconds = 26.34 MB/sec This appears to be measuring cache performance - not disk I/O performance. Check the drive specifications. Probably more like 35MB/sec sustainable write rate. /sbin/hdparm /dev/hdd /dev/hdd: multcount= 16 (on) IO_support = 1 (32-bit) unmaskirq= 1 (on) using_dma= 1 (on) keepsettings = 0 (off) readonly = 0 (off) readahead= 8 (on) geometry = 3684/240/63, sectors = 55704096, start = 0 /etc/samba/smb.conf socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE SO_RCVBUF=8192 SO_SNDBUF=8192 Did you check the impact of increasinf the SO_RECVBUF and SO_SNDBUF to 128KByte? I'm running Redhat 8.0 using a custom built 2.4.20 kernel. The drive referenced above is a Seagate 7200rpm UDMA-33 IDE hard drive. I did a 2GB copy from Linux to a Windows98SE machine using Samba. I got 5.85MB/sec. I did the same copy on a Windows XP machine and got 6.99MB/sec. Then I copied from hdd to hdc and got 6.94MB/sec. (same channel) Then I copied from hdd to hdb and got 9.30MB/sec. (different channel) It seems to me that I should be able to get close to the 9.30MB/sec when transfering over the network. Still 9.3MB/sec is no where near the 26MB/sec hdparm is reporting... I'm on a 100Mb switch and I'm using 3Com 905TX NICs in both the workstation and the server. An 100MB/s == 11 megabytes/sec at peak I/O and no network contention. Copared with that 9.3 megabytes/sec is VERY good! I guess the best my network can put out is 12MB/sec. I was hoping to get around 10MB/sec with Samba. Is this unreasonable??? No - not reasonable. You have IP stack, a TCP stack, then buffering from the kernel to samba's smbd with is user space, then I/O back to the kernel and ultimately to the Disk subsystem. Lot's of overhead in other words. You did well over 100Mbit ethernet! What file system? ext2, ext3, reiserfs, xfs, jfs Even that makes a hugh difference. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba for Windows? :P
Hi, just wondering if anyone had ever though about making a port of Samba for windows. Now you may think What's the point? Well I'll tell you if you had as much control over smb as you have with Samba then you wouldn't need it for windows.. but you don't. Not unless you buy Windows 2000 Server or now 2003. By porting Samba to Windows you could take control of your network easily setting up a wins server and domain controller and brows master. All of which are things which are a pain in current windows versions. A free port would be great for all of us who don't have the resources or even really the need for a large server solution but still need the core functionality which should be available already. (If you can already do all that I ask then please tell me and save me my embaracement :P ) Kuan _ MSN Instant Messenger now available on Australian mobile phones. Go to http://ninemsn.com.au/mobilecentral/hotmail_messenger.asp -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] want to access a Windows Share from a Red Hat 8 linux box
Thanks so much, that worked! All the way from Australia, users helping users! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Simeonidis, Steve Sent: Thursday, March 13, 2003 6:51 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject: RE: [Samba] want to access a Windows Share from a Red Hat 8 linux box Try something like mount -t smbfs -o username=user,password=password,workgroup=domain //windows_server/folder /local_folder you may also want to add ,ip=Windows_server_IP if it can't resolve the name Thanks Steve Simeonidis Network Engineer, Spherion Education Spherion Group Ltd Making the Workplace Work Better 1st Floor, 493 St. Kilda Rd, Melbourne VIC 3004, Australia +61 3 9243 2382 [EMAIL PROTECTED] -Original Message- From: David Jackson [mailto:[EMAIL PROTECTED] Sent: Friday, 14 March 2003 10:16 AM To: [EMAIL PROTECTED] Subject: [Samba] want to access a Windows Share from a Red Hat 8 linux box I have a domain and both servers are members of the domain. I want to access a windows share from the Red hat 8 server? Do I use mount or smbmount? I have been trying to use smbmount with the username option. However, it keeps denying me access. Here is what i type: smbmount //windows_server/shared_folder /linux_local_folder username=davidj After it asks for password, it rejects me with ErrMsg. Thank you David -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba The information contained in this email and any attachments to it: (a) may be confidential and if you are not the intended recipient, any interference with, use, disclosure or copying of this material is unauthorised and prohibited; and (b) may contain personal information of the recipient and/or the sender as defined under the Privacy Act 1988 (Cth). Consent is hereby given by the recipient(s) to collect, hold and use such information and any personal information contained in a response to this email, for any reasonable purpose in the ordinary course of Spherion's business, including forwarding this email internally or disclosing it to a third party. All personal information collected by Spherion will be handled in accordance with Spherion's Privacy Policy. If you have received this email in error, please notify the sender and delete it. (c) you agree not to employ or arrange employment for any candidate(s) supplied in this email and any attachments without first entering into a contractual agreement with Spherion. You further agree not to divulge any information contained in this document to any person(s) or entities without the express permission of Spherion. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Logon Script Doesn't
If I change logon script = %U.bat to logon script = %U.cmd Will the login script still work for Win 98? Thanks Zuber Sidiyot ([EMAIL PROTECTED]) wrote*: Bob Try Extension .cmd instead .bat Zuber -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bob Crandell Sent: Friday, March 14, 2003 12:09 PM To: Samba List Subject: [Samba] Logon Script Doesn't Hi, I've finally been dragged kicking and screaming into the wonderful world of XP. I've been able to join a domain and login with the help of the docs on samba.org and gleaning info from this list. Google and I don't get along. My question is How do I get the logon script to run when XP logs in? Win 98 doesn't have a problem running the logon script. Here is part of the smb.conf: [global] comment = Home based server server string = Samba Server v2.2.7 netbios name = OciCat workgroup = CRANDELL security = server encrypt passwords = yes preferred master = yes domain logons = yes domain master = yes local master = yes logon script = %U.bat logon drive = H: logon path = add user script = /usr/sbin/useradd -d /dev/null -g users -s /dev/false -M %u The batch files exist and are working with Win98. I miss DOS. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Logon Script Doesn't
Kyle Loree ([EMAIL PROTECTED]) wrote*: see bottom Bob Crandell [EMAIL PROTECTED] writes: Hi, I've finally been dragged kicking and screaming into the wonderful world of XP. I've been able to join a domain and login with the help of the docs on samba.org and gleaning info from this list. Google and I don't get along. My question is How do I get the logon script to run when XP logs in? Win 98 doesn't have a problem running the logon script. Here is part of the smb.conf: [global] comment = Home based server server string = Samba Server v2.2.7 netbios name = OciCat workgroup = CRANDELL security = server encrypt passwords = yes preferred master = yes domain logons = yes domain master = yes local master = yes logon script = %U.bat logon drive = H: logon path = add user script = /usr/sbin/useradd -d /dev/null -g users -s /dev/false -M %u The batch files exist and are working with Win98. I miss DOS. Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba I have it working using logon script = %u.bat my netlogon script was created on a 2k machine and is as follows @echo off net use o: \\foo\bar /persistent:no net use p: \\servername\sharename /persistent:no the persistent is mainly for nt machines or machines that leave the network. it turns off reconnect. it matters that the script has the proper line breaks place the file in the netlogon dir and login with the matching user. It should work well. Also logon path is where you want to store profiles, usually logon path = \\crandell\profiles\%u that would create a dir for each user that logs in. also recomend using logon home = \\crandell\profiles\%u I don't totally understand why they haven't been integrated into one, but the logon home handles 9x machines. Good luck, hope this works. Kyle Loree Rendek Communications [EMAIL PROTECTED] The persistent option breaks Win 98 script processing. I keep profiles local so logon path needs to be as I have it. The problem here is that the login script does not run with XP. It does run with Win 98. What's the difference and why me? Thanks -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba for Windows? :P
On Fri, Mar 14, 2003 at 03:37:26PM +1100, Kuan Bartel said: Hi, just wondering if anyone had ever though about making a port of Samba for windows. Now you may think What's the point? Well I'll tell you if you had as much control over smb as you have with Samba then you wouldn't need it for windows.. I agree Samba is an extremely powerful utility, and part of that has to do with the fact that it's based upon unix design -- flat text file configurations, and integration with the Unix subsystem of course, etc. Porting Samba to NT would be an interesting feat, however realistically, who would want to run Samba on NT? If you weren't confident in using unix, I doubt you'd be confident in using Samba/NT. Apache was ported to NT, but I really don't know how many people around the world run Apache on Windows. The only time I could possibly see the advantages of running Samba on Windows instead of on Unix is because you don't have the budget to put in a Unix system. Otherwise, it would be Unix, Unix, Unix, all the way! If it were available for NT, would you run it? And if so, why would you choose to run it on the NT platform over Unix? -- Adam Smith Information Technology Officer SAGE Automation Ltd. [EMAIL PROTECTED] http://www.sageautomation.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Win95 Win98 - NOT WORKING - NT,2000, XP are ok (reposted)
I tried adding the [printers] section to my conf file as John suggested, but this didn't solve the problem. Still able to print from NT, 2000, XP and not from Win95, 98 just recapping - am able to print from all clients with the old version (2.0.6) which we are still using in production With the new Samba (2.2.7a) the file sharing is fine, but printing only works for NT,2000,XP With Win95 Win98 only, the file gets put in the spool directory but doesn't seem to get sent from the spool directory to the printer. (or picked up by the printer - however it works...) Any idea if Win95, 98 printing is treated differently to the newer OS's ? thanks for any thoughts. see below for other details... -peter. John H Terpstra [EMAIL PROTECTED] on 13/03/2003 03:02:55 PM On Thu, 13 Mar 2003 [EMAIL PROTECTED] wrote: Suggest you add a [printers] entry in your smb.conf file. You should NOT need an entry for the printer itself. My samba-2.2.x prints fine from Win95/98/Me as well as NT4/2K/XP. - John T. Hey, thanks for your efforts anyway. I don't know what to make of this. Obviously a lot of things have changed between Samba 2.0.6 and 2.2.7a, but I can't figure out why Win95 98 suddenly can't print. I think you may be right - something to do with the new Samba using the MS-RPCs... which I imagine would mean a completely different printing method. Do you think this would require a different printer driver on the 95/98 boxes?? From what I read, I had the impression that it should all still work. I'd like to hear from anyone if they are successfully printing from Win95, Win98 clients on a Solaris server and using HP printers. I'm sure many people must be successfully printing from 95/98, but maybe this problem is specific to my particular environment ? I am contemplating your suggestion about the bug message. Maybe another day or so of frustration and I will try it. again - thanks muchly for your help. -peter. Date: Mon, 10 Mar 2003 18:33:35 +0100 From: maraqas [EMAIL PROTECTED] Hi Peter, i had a long, frunstrating web surfing yesterday night, searching for something that could apply to your case. I didn't find much at all, sorry. The only thing perhaps interesting to you could be this: http://us2.samba.org/samba/ftp/docs/htmldocs/printer_driver2.html This doc contains a section about migrating from 2.0.x to 2.2.x I think the problem lyes in the new way samba manages printing, that is by listening the MS-RPCs (Remote Procedure Call) coming from the winNT and win2000 clients. This is done thanks to spoolss, as i figured out reading here and there across the net. Well they say spoolss supports even win9x driver calls, even if those OSes do not actually make an RPC. They also say that backward compat. is reached through use client driver and spoolss disable. With these options enabled, the samba server should act just like it was a 2.0.x I think you'd need help from the samba guys themselves, so i advice reposting this problem with a more shocking subject line (suggest to use the keyword BUG :)) so you'll be able to capture their attention. Really sorry not to have been useful to you... cheers Maq Sorry to have to repost this (didn't get any response on the first post), we really need some of the fixes of the new Samba but cannot go ahead without the support for the older machines. Need to prove that Samba is the great product that I believe it is. Hi folks - I am having printing problems with our older machines. Printing is working fine for our Windows NT, 2000 and XP clients. However, with windows 95 98, the print job gets put into the Samba spool directory (path = /var/spool/lp/tmp/samba) but doesn't make it to the printer. The print files stay there in the directory - don't get removed. Samba version is 2.2.7a, on Solaris 8 Printers are HP printers - e.g. HP 8100dn All clients including 95/98 were happily printing on a very much older version of Samba (2.0.6) printing directly from Unix to the printer is working ok Has anyone experienced this problem or have any advice on how to get my older boxes printing with the latest Samba? any thoughts welcome - no really - anything - please :-) -peter. (p.s. Just for a wild stab in the dark I tried setting the disable spoolss = yes but this stopped all printing from making it to the computer - even from the clients that were originally working.) relevant bits of conf. file included below... note that I don't have print command explicitly stated, but testparm indicates that it is configured properly... [global] printing = sysv lprm command = /usr/bin/cancel %p-%j lppause command = lp -i %p-%j -H hold lpresume command = lp -i %p-%j -H resume load printers = no [hp8100DN1] printer = hp8100dn_1 comment = HP LaserJet hp8100 DN path = /var/spool/lp/tmp/samba guest account = nobody guest ok = yes browseable = yes printable = yes writable =
[Samba] Samba ADS Error
How do you do !!! Already several days are beaten with such problem: Beside me Windows 2000 Domain - with server Windows 2000 in own mode, want to install samba as BDC, came to conclusion that necessary to use Samba 3 + ADS. Has Compiled samba-3.0alpha22 with with the following option: ./configure --with-ads --with-ldap --with-pam --with-pam_smbpass --with-ldapsam --with-tdbsa --with-quotas --with-libsmbclient --with-acl-support --with-sendfile-support --with-winbind Has Installed, created the smb.conf file: [global] passdb backend = smbpasswd use sendfile = Yes update encrypted = Yes ldap server = 192.168.1.5 ldap port = 389 #636 ldap suffix = dc=lan,dc=sgtp,dc=ru ldap machine suffix = CN=Computers,DC=lan,DC=sgtp,DC=ru ldap user suffix = dc=lan,dc=sgtp,dc=ru ldap filter = ((sAMAccountName=%u)(objectclass=user)) ldap admin dn = CN=murphy AM. murphy,CN=Users,DC=lan,DC=sgtp,DC=ru ldap ssl = No ldap passwd sync = yes ldap trust ids = No profile acls = No realm = LAN.SGTP.RU client NTLMv2 auth = Yes hide local users = Yes ADS server = 192.168.1.5 dos charset = 866 unix charset = KOI8-R encrypt passwords = true winbind uid = 1-65000 winbind gid = 1-65000 winbind separator = + template homedir = /home/%D/%U template shell = /bin/sh winbind cache time = 5 netbios name = sana workgroup = SGTP server string = Samba Server log file = /usr/local/samba/var/log.%m max log size = 50 security = ADS socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 3 domain master = no preferred master = no domain logons = yes name resolve order = wins lmhosts bcast wins server = 192.168.1.5 inherit acls = yes # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [test] path = /mnt/xfs/samba writeable = yes force group = root [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = yes writable = no share modes = no It Was Registered in domain: kinit [EMAIL PROTECTED] has Prescribed in domain: net ads join has Started smbd,nmbd,winbindd has Done wbinfo -p - all have fine Done wbinfo -u - has got list of the groups has Done ./wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc18b) Could not check secret Restart computer - has Started smbd,nmbd,winbindd wbinfo -u Error looking up domain users If once again execute net ads join and restart all samba services, that all ok. That to do in given situations ? RESPECTFULLY YOURS, Aleksey. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba ADS Error
How do you do !!! Already several days are beaten with such problem: Beside me Windows 2000 Domain - with server Windows 2000 in own mode, want to install samba as BDC, came to conclusion that necessary to use Samba 3 + ADS. Has Compiled samba-3.0alpha22 with with the following option: ./configure --with-ads --with-ldap --with-pam --with-pam_smbpass --with-ldapsam --with-tdbsa --with-quotas --with-libsmbclient --with-acl-support --with-sendfile-support --with-winbind Has Installed, created the smb.conf file: [global] passdb backend = smbpasswd use sendfile = Yes update encrypted = Yes ldap server = 192.168.1.5 ldap port = 389 #636 ldap suffix = dc=lan,dc=sgtp,dc=ru ldap machine suffix = CN=Computers,DC=lan,DC=sgtp,DC=ru ldap user suffix = dc=lan,dc=sgtp,dc=ru ldap filter = ((sAMAccountName=%u)(objectclass=user)) ldap admin dn = CN=murphy AM. murphy,CN=Users,DC=lan,DC=sgtp,DC=ru ldap ssl = No ldap passwd sync = yes ldap trust ids = No profile acls = No realm = LAN.SGTP.RU client NTLMv2 auth = Yes hide local users = Yes ADS server = 192.168.1.5 dos charset = 866 unix charset = KOI8-R encrypt passwords = true winbind uid = 1-65000 winbind gid = 1-65000 winbind separator = + template homedir = /home/%D/%U template shell = /bin/sh winbind cache time = 5 netbios name = sana workgroup = SGTP server string = Samba Server log file = /usr/local/samba/var/log.%m max log size = 50 security = ADS socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 3 domain master = no preferred master = no domain logons = yes name resolve order = wins lmhosts bcast wins server = 192.168.1.5 inherit acls = yes # Share Definitions == [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [test] path = /mnt/xfs/samba writeable = yes force group = root [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon guest ok = yes writable = no share modes = no It Was Registered in domain: kinit [EMAIL PROTECTED] has Prescribed in domain: net ads join has Started smbd,nmbd,winbindd has Done wbinfo -p - all have fine Done wbinfo -u - has got list of the groups has Done ./wbinfo -t checking the trust secret via RPC calls failed error code was NT_STATUS_NO_TRUST_SAM_ACCOUNT (0xc18b) Could not check secret Restart computer - has Started smbd,nmbd,winbindd wbinfo -u Error looking up domain users If once again execute net ads join and restart all samba services, that all ok. That to do in given situations ? RESPECTFULLY YOURS, Aleksey. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] performance issues
Hi, I have compiled and am running samba version 2.2.7.a on Redhat linux 7.3. I am having some performance issues with it and was wondering if I was doing something wrong. I have noticed that if I use samba in security = server mode, every time a new connection is made to the server from the same client a new smbd process is started. It also seems as if the process only ends when the client machine is rebooted. When I use the server in security = user mode, every time a new connection is made from a different client a new process is started. It also only seems to kill the process when the client is rebooted. I end up with a lot of processes running on the fileserver and sometimes the machine locks up and complains about the max file limit being reached. I have found a workaround by increasing the file-max value in /proc/sys/fs. I was just wondering if there is a way to get the processes to die as soon as the client disconnects from the server - maybe I have omitted something when running the configure command?? I was also wondering if it is the default behaviour of samba to spawn new processes every time a connection is made? Is it possible to change this behaviour? thanks in advance, Mark Le Noury -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Getting notification upon loss of connection (libsmbclient)
On Wed, 12 Mar 2003 16:07:43 -0500 [EMAIL PROTECTED] wrote: I have not been able to find the block of code that will be called if an open connection receives an indication that the peer has gone away (i.e. shutdown, crashed, cable cut, etc.). More specifically, if I have an open, established connection by having previously done: cli_connect() cli_session_request() cli_session_setup() cli_send_tconX() and now the remote server goes away (let's say it crashed suddenly), how can I find this out? I'm not familiar with libsmbclient but I believe you will just have to try to perform some operation and catch the error code. If the error codes are consistent (e.g. EIO) you can trap and reinitialize the request in a way that would be transparent to the user. Otherwise the library would need to send NBT keepalives or use an out of band heartbeat of some kind. Smbclient sort of does this by repeatedly sending an SMB_COM_CHECK_DIRECTORY every 3 seconds. That probably serves a similar purpose. But this is a TCP thing, not a libsmbclient thing. Mike -- A program should be written to model the concepts of the task it performs rather than the physical world or a process because this maximizes the potential for it to be applied to tasks that are conceptually similar and, more important, to tasks that have not yet been conceived.
could not find domain entry for domain @xxxxx
Have anybody seen that problem ? We have that in an NT40Serverfarm with samba 2.2.7a as BDC. during the start of winbind we saw also following message: could not get sid of domain ... The users get access to there shares but the policies dont work corectly We have an IP-Segmented network, the server are in there own net, wins is running on the NT40 PDC. Thanks for every idea Holger Diese Mail wurde im Hause SCHMIEDER it-solutions GmbH auf Viren überprüft !
Re: New approach for winbind to match Windows to UNIX users and back
Hi Michael, Michael Fair wrote: The admin would have to rechown all the files from the old ids to the new ones, but a simple find command could probably manage that. How does that work? Any major wrinkles? I'm not feeling really comfortable with winbind assigning all UIDs and GIDs on a system, as it does need to coexist with other means and tools for Unix user management. Reassigning their IDs is a major pain, and often impossible. If winbind could only be used when taking over ID management entirely, we would be in trouble. So this behaviour needs to be at least optional... Cheers! Michael
Re: [PATCH] smbcquotas (client site quota support)
At 00:22 13.03.2003 +0100, Stefan (metze) Metzmacher wrote: If someone want to apply this patch please ask for an actuall patch against the latest HEAD. I merged in jra's unsigned fixes and some little formatting fixes to my local tree. metze - Stefan metze Metzmacher [EMAIL PROTECTED]
Re: New approach for winbind to match Windows to UNIX users and back
Michael Steffens [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi Michael, Michael Fair wrote: The admin would have to rechown all the files from the old ids to the new ones, but a simple find command could probably manage that. How does that work? Any major wrinkles? I'm not feeling really comfortable with winbind assigning all UIDs and GIDs on a system, as it does need to coexist with other means and tools for Unix user management. Reassigning their IDs is a major pain, and often impossible. If winbind could only be used when taking over ID management entirely, we would be in trouble. So this behaviour needs to be at least optional... Oh yes, entirely! Nothing I mentioned was an attempt to put winbind in control of all the UID/GIDs on a system. I personally have never used, nor even heard of a system that used UID/GIDs 100,000,000 and above. That's the address space that winbind would be using. Everything below that 0 through 99,999,999 would be reserved for the normal system (as I mentioned earlier in the post). But just because I haven't encountered doesn't mean it doesn't exist which was my primary concern (if the address space is in use, then it is not a solution and we'll need to come up with something else). The snippet you grabbed was part of an optional step 7 that an administrator could, if they were so inclined, use to get an existing UNIX user to be directly mapped to the new Windows User created by winbind (mostly because the admin doesn't want to specify the ACL for the unix user separate from the ACL for the Windows User). This not something winbind would do. This is only something an administrator would do manually (perhaps with the aid of some scripts, and only if it was found to actually be a valuable operation). If the existing UNIX UID is heavily ACLed then this of course would probably not be used. The two IDs would remain separated. If the UNIX admin was following the best practices recommendation and only assigning ACLs on the GIDs that Winbind created, then the same effect could be gotten by placing the UNIX user in the private group that Winbind created for the Windows User. The only purpose having winbind create a UNIX user serves is exactly that, to let the system have an honest to goodness UNIX user to use for operations in the system. The concept is: 1) Winbind only uses IDs 100,000,000 and above ( the bit friendly version is IDs 134,217,728 and above) 2) Each domain encountered gets its own 100,000,000 offset. So 100,000,000 for D1, 200,000,000 for D2, etc. 3) Winbind only creates GIDs, except in the case it has detected a Windows User, then it also creates a UID with the same number as the GID for that object (and for that object only) 4) Suggest that a best practice be adopted where only the GID gets ACLs on the local system (this might be unnecessary with the addition of the Give users a UID as well approach. The only thing this proposal really does is break up the UID/GID space into 100,000,000 offest segments, the first of which is for the UNIX system (Local_Machine if you will) and the rest for each Domain it encounters, up to 42 domains (or 31 domains if using the bit friendly version). (I personally thing that even 67,108,864 offsets is reasonable with up to 63 domains, but I've never deployed a large scale enterprise before so I don't know how big those numbers get) -- Michael --
Re: New approach for winbind to match Windows to UNIX users andback
On Thu, 2003-03-13 at 01:32, Andrew Bartlett wrote: On Thu, 2003-03-13 at 10:38, Michael Fair wrote: I haven't done much work in this are yet so please feel free to correct me as you see fit, but as I understand it, part of the problem we face is that the equivalents of the UID and a GID in UNIX, are mapped to the same address space in Windows. I was working on some unrelated ACL stuff and thought about the potential of practically eliminating the use of an ACL on a UID and only using ACLs on groups. I think this is a very good idea. We would effectivly create a 'user private group' for every winbindd user. And if they turned out to be a group, then we just populate them with members! This is an approach I have proposed back last summer to Jeremy and Tridge at Jeremy's, and that would have also cured the problem that all distribution that automatically create a private group for a user have, but seem they was not convinced so I didn't pushed the idea anymore :-) This helps us particularly with the problem that we don't know the type of a SID without a lookup - a lookup that may well fail. Exactly! This would also solve a nasty problem we have that we don't know the 'real' primary group of every user for NT4 domains, when doing a getgrent(). Instead we assume 'domain users'. This would allow us to always know that value. No, that's not right, we must have a Primary Group in local passdb and use Domain Users as a fallback. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 signature.asc Description: This is a digitally signed message part
Re: New approach for winbind to match Windows to UNIX users and back
On Thu, 2003-03-13 at 20:29, Michael Fair wrote: Michael Steffens [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hi Michael, Michael Fair wrote: The admin would have to rechown all the files from the old ids to the new ones, but a simple find command could probably manage that. How does that work? Any major wrinkles? I'm not feeling really comfortable with winbind assigning all UIDs and GIDs on a system, as it does need to coexist with other means and tools for Unix user management. Reassigning their IDs is a major pain, and often impossible. If winbind could only be used when taking over ID management entirely, we would be in trouble. So this behaviour needs to be at least optional... Oh yes, entirely! Nothing I mentioned was an attempt to put winbind in control of all the UID/GIDs on a system. I personally have never used, nor even heard of a system that used UID/GIDs 100,000,000 and above. You would be supprised.. For example, my uni uses unix ids that match the student ids - and they are 7 digits long. Not quite 100,000,000, but don't make assumptions. That's the address space that winbind would be using. Everything below that 0 through 99,999,999 would be reserved for the normal system (as I mentioned earlier in the post). But just because I haven't encountered doesn't mean it doesn't exist which was my primary concern (if the address space is in use, then it is not a solution and we'll need to come up with something else). The next problem is the number of domains. Many of the orginisations that deploy samba live on *massive* internal networks with 100's of domains! Worse still, each and every workstation is it's own domain, and the SIDs from that workstation can end up on the NAS! We need to be able to correctly map these SIDs, even if we have never heard of the domain before. The concept is: 1) Winbind only uses IDs 100,000,000 and above ( the bit friendly version is IDs 134,217,728 and above) 2) Each domain encountered gets its own 100,000,000 offset. So 100,000,000 for D1, 200,000,000 for D2, etc. I don't like the offset idea. 3) Winbind only creates GIDs, except in the case it has detected a Windows User, then it also creates a UID with the same number as the GID for that object (and for that object only) We should only create a passwd nss record for Users, and possibly only map to a uid for users - but this means we have to look them up first - and that has problems. 4) Suggest that a best practice be adopted where only the GID gets ACLs on the local system (this might be unnecessary with the addition of the Give users a UID as well approach. 'best practice' isn't a particularly good idea when things break if people don't follow it. We need solutions that don't rely on *users* following 'best practice' but instead 'this works'. The only thing this proposal really does is break up the UID/GID space into 100,000,000 offest segments, the first of which is for the UNIX system (Local_Machine if you will) and the rest for each Domain it encounters, up to 42 domains (or 31 domains if using the bit friendly version). (I personally thing that even 67,108,864 offsets is reasonable with up to 63 domains, but I've never deployed a large scale enterprise before so I don't know how big those numbers get) With SIDs they get very big. I sit in two camps on this one - for local UIDs/GIDs, I actually like the 'algorithmic', but it's confined to a single uid/gid space. For winbindd, I'm convinced that the tdb mapping is the best way forward, but that some extensions to cope with all SIDs as GIDs. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part
Re: New approach for winbind to match Windows to UNIX users and back
On Thu, 2003-03-13 at 20:46, Simo Sorce wrote: On Thu, 2003-03-13 at 01:32, Andrew Bartlett wrote: On Thu, 2003-03-13 at 10:38, Michael Fair wrote: I haven't done much work in this are yet so please feel free to correct me as you see fit, but as I understand it, part of the problem we face is that the equivalents of the UID and a GID in UNIX, are mapped to the same address space in Windows. I was working on some unrelated ACL stuff and thought about the potential of practically eliminating the use of an ACL on a UID and only using ACLs on groups. I think this is a very good idea. We would effectivly create a 'user private group' for every winbindd user. And if they turned out to be a group, then we just populate them with members! This is an approach I have proposed back last summer to Jeremy and Tridge at Jeremy's, and that would have also cured the problem that all distribution that automatically create a private group for a user have, but seem they was not convinced so I didn't pushed the idea anymore :-) This helps us particularly with the problem that we don't know the type of a SID without a lookup - a lookup that may well fail. Exactly! I'm glad we agree! This would also solve a nasty problem we have that we don't know the 'real' primary group of every user for NT4 domains, when doing a getgrent(). Instead we assume 'domain users'. This would allow us to always know that value. No, that's not right, we must have a Primary Group in local passdb and use Domain Users as a fallback. This is where I've lost what you mean... I'm talking about winbind as a domain member, but I'm open to suggestions. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part
Re: New approach for winbind to match Windows to UNIX users and back
Hi Michael, Michael Fair wrote: Oh yes, entirely! Nothing I mentioned was an attempt to put winbind in control of all the UID/GIDs on a system. I personally have never used, nor even heard of a system that used UID/GIDs 100,000,000 and above. That's the address space that winbind would be using. Everything below that 0 through 99,999,999 would be reserved for the normal system (as I mentioned earlier in the post). But just because I haven't encountered doesn't mean it doesn't exist which was my primary concern (if the address space is in use, then it is not a solution and we'll need to come up with something else). Hmmpf, sorry, sometimes I need to be told things twice to understand :) Got it! Michael
Re: [Samba] PATCH: downloading drivers from Solaris [was Re: SoSAMBA no longer ...]
Hi, like I have tested, Printer driver download from W2000 works fine know (Solaris , samba-2.2.8-pre2) But I have another Solaris specific problem with W95 drivers (works fine under Linux) The W95 Client opens the addprinterwizzard, when downloading the driver. Samba reports (see below): [2003/03/13 10:48:05, 3] smbd/lanman.c:get_printerdrivernumber(836) Can't determine number of printer driver files [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(918) api_DosPrintQGetInfo: Driver files count: 0 Could that be another Solaris specific issue. I attached the command, how I added the driver below. I am using a version of cupsaddsmb , which places the : correctly. Thank you very much Hansjrg [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(884) api_DosPrintQGetInfo: uLevel=51 name=INSHP4050 [2003/03/13 10:48:05, 3] smbd/process.c:process_smb(876) Transaction 13 of length 115 [2003/03/13 10:48:05, 3] smbd/process.c:switch_message(685) switch message SMBtrans (pid 4703) [2003/03/13 10:48:05, 3] smbd/ipc.c:reply_trans(480) trans \PIPE\LANMAN data=0 params=35 setup=0 [2003/03/13 10:48:05, 3] smbd/ipc.c:named_pipe(334) named pipe command on LANMAN name [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3345) Got API command 70 of form zWrLh WN (tdscnt=0,tpscnt=35,mdrcnt=1024,mprcnt=6) [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3349) Doing DosPrintQGetInfo [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(884) api_DosPrintQGetInfo: uLevel=52 name=INSHP4050 [2003/03/13 10:48:05, 3] smbd/lanman.c:get_printerdrivernumber(836) Can't determine number of printer driver files [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(918) api_DosPrintQGetInfo: Driver files count: 0 [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(656) printerdriver:inshp4050: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(657) Driver:ADOBEPS4.DRV: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(658) Data File:inshp4050.PPD: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(659) Language Monitor:PSMON.DLL: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(661) lp_driverlocation:\\PRINTSERVER2\print$\WIN40\0: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(664) Data Type:RAW: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(665) Help File:ADOBEPS4.HLP: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(679) fill_printq_info on inshp4050 gave 0 entries [2003/03/13 10:48:05, 3] smbd/process.c:process_smb(876) Transaction 14 of length 115 [2003/03/13 10:48:05, 3] smbd/process.c:switch_message(685) switch message SMBtrans (pid 4703) [2003/03/13 10:48:05, 3] smbd/ipc.c:reply_trans(480) trans \PIPE\LANMAN data=0 params=35 setup=0 [2003/03/13 10:48:05, 3] smbd/ipc.c:named_pipe(334) named pipe command on LANMAN name [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3345) Got API command 70 of form zWrLh WN (tdscnt=0,tpscnt=35,mdrcnt=1024,mprcnt=6) [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3349) Doing DosPrintQGetInfo [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(884) api_DosPrintQGetInfo: uLevel=52 name=INSHP4050 [2003/03/13 10:48:05, 3] smbd/lanman.c:get_printerdrivernumber(836) Can't determine number of printer driver files [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(918) api_DosPrintQGetInfo: Driver files count: 0 [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(656) printerdriver:inshp4050: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(657) Driver:ADOBEPS4.DRV: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(658) Data File:inshp4050.PPD: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(659) Language Monitor:PSMON.DLL: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(661) lp_driverlocation:\\PRINTSERVER2\print$\WIN40\0: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(664) Data Type:RAW: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(665) Help File:ADOBEPS4.HLP: [2003/03/13 10:48:05, 3] smbd/lanman.c:fill_printq_info_52(679) fill_printq_info on inshp4050 gave 0 entries [2003/03/13 10:48:05, 3] smbd/process.c:process_smb(876) Transaction 15 of length 115 [2003/03/13 10:48:05, 3] smbd/process.c:switch_message(685) switch message SMBtrans (pid 4703) [2003/03/13 10:48:05, 3] smbd/ipc.c:reply_trans(480) trans \PIPE\LANMAN data=0 params=35 setup=0 [2003/03/13 10:48:05, 3] smbd/ipc.c:named_pipe(334) named pipe command on LANMAN name [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3345) Got API command 70 of form zWrLh WN (tdscnt=0,tpscnt=35,mdrcnt=1024,mprcnt=6) [2003/03/13 10:48:05, 3] smbd/lanman.c:api_reply(3349) Doing DosPrintQGetInfo [2003/03/13 10:48:05, 3] smbd/lanman.c:api_DosPrintQGetInfo(884) api_DosPrintQGetInfo: uLevel=52 name=INSHP4050 [2003/03/13 10:48:05, 3] smbd/lanman.c:get_printerdrivernumber(836) Can't determine number of
failure to print (samba HEAD, cups, raw printers)
hi folks, again with the peculiar setup :) I've set up raw printers in cups to match the windows network, and added the correct windows drivers to feed them. One of the printers, a HP Colour LaserJet 8500 in PCL mode, fails at the testpage stage with this message: the data area passed to a system call is too small I've done a trace of the attempt, which I can forward if required. I thought this might be the large RPC bug that tpot was looking at, but I'm not sure. Cheers, Waider. -- [EMAIL PROTECTED] / Yes, it /is/ very personal of me. Anyway, yes. Known bug. Try entering only numbers as your phone number, no brackets, dashes, widgets, knobs, fish or sliding trammel bars.
Re: failure to print (samba HEAD, cups, raw printers)
On March 13, [EMAIL PROTECTED] said: hi folks, again with the peculiar setup :) I've set up raw printers in cups to match the windows network, and added the correct windows drivers to feed them. One of the printers, a HP Colour LaserJet 8500 in PCL mode, fails at the testpage stage with this message: Uh, sorry. forgot to mention. The client is NT4SP6. By correct windows drivers to feed them I mean the NT box downloads the same PCL drivers from the Samba server as it would from the normal (NT) server. Cheers, Waider. -- [EMAIL PROTECTED] / Yes, it /is/ very personal of me. Andrea.B.Previtera says, I can't remember...we found a good cheap beer in an undocumented irish pub...and we had pints and pints and pints to celebrate something...
sock8 timeout
--- Environment HP ALPHA XP100 (fomerly Compaq) TRU64 5.1A PK 3 Samba 2.2.5 In directory /tmp I found some files which I dont know who created them: drwxr-xr-x 2 root system 8192 Mar 11 09:26 .winbindd -rw-r--r-- 1 root system 0 Mar 8 00:16 log8015_03.03.08 -rw-r--r-- 1 root system 692 Mar 9 14:38 log8015_03.03.09 -rw-r--r-- 1 root system 2070 Mar 10 16:50 log8015_03.03.10 -rw-r--r-- 1 root system 346 Mar 11 09:31 log8015_03.03.11 -rw-r--r-- 1 root system 2696 Mar 11 09:31 log8015_counter -rw-r--r-- 1 root system 3612 Mar 11 00:16 log8015_counter.old -rw-r--r-- 1 root system 351 Mar 10 14:19 log8015_error Content of log8015_error: [10/Feb/2003:16:08:09] sock8 timeout [10/Feb/2003:16:20:19] sock8 timeout [17/Feb/2003:09:22:39] sock8 timeout [26/Feb/2003:15:24:35] sock8 timeout [10/Mar/2003:09:25:05] sock8 timeout [10/Mar/2003:10:13:04] sock8 timeout [10/Mar/2003:12:47:25] sock8 timeout [10/Mar/2003:12:53:04] sock8 timeout [10/Mar/2003:14:19:24] sock8 timeout Any ideas which application created these files? What is the problem with sock8 timeout? Google does not know anything about sock8. What I did during the times logged in the file log8015_error: I tried to run squid (a proxy server) in combination with ntlm / winbind. Samba and wb_auth works fine $ wbinfo -t Secret is good squid without winbind works fine too. But the combination of squid and wwinbind seems to time out. Thanks in advance for any helpful hints. Mit freundlichen Grüßen / regards Werner Rost - ZF Boge GmbH Werner Rost IT Friesdorfer Str. 175 D-53175 Bonn phone:+49/228/3825 420 fax: +49/228/3825 398 [EMAIL PROTECTED] www.boge-vibrationcontrol.com/ -
(fwd) amigasamba?
Does anyone know about this? - Forwarded message from Larry Urquhart [EMAIL PROTECTED] - From: Larry Urquhart [EMAIL PROTECTED] Subject: amigasamba Date: Wed, 12 Mar 2003 21:28:49 -0800 To: [EMAIL PROTECTED] User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 X-Bogosity: No, tests=bogofilter, spamicity=0.024176, version=0.10.2 Hi. I don't know if this is the right place to ask this but I have been trying to visit the web site of www.amigasamba.org for over a week and it is off line. What's up ? I have questions to ask the administrator. Cheers Larry - End forwarded message - -- Martin
Re: Applications that want 8.3 names
Richard Sharpe [EMAIL PROTECTED] writes: Is anyone aware of Windows applications that will only deal with 8.3 names and cannot deal with long file names? Modern apps, no. Lots of Windows 3.1 apps (e.g. Quicken versions from back in the day) couldn't deal with long file names when moved onto later Windows versions which would have otherwise supported it. Derrell
RE: (fwd) amigasamba?
I look into this in a few days. Use www.birrabrothers.com/tiger/data/samba as mirror I'm on vacation and don't have the info here. -- Ulf -Original Message- From: Martin Pool [mailto:[EMAIL PROTECTED] Sent: Thursday, March 13, 2003 10:43 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: (fwd) amigasamba? Does anyone know about this? - Forwarded message from Larry Urquhart [EMAIL PROTECTED] - From: Larry Urquhart [EMAIL PROTECTED] Subject: amigasamba Date: Wed, 12 Mar 2003 21:28:49 -0800 To: [EMAIL PROTECTED] User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 X-Bogosity: No, tests=bogofilter, spamicity=0.024176, version=0.10.2 Hi. I don't know if this is the right place to ask this but I have been trying to visit the web site of www.amigasamba.org for over a week and it is off line. What's up ? I have questions to ask the administrator. Cheers Larry - End forwarded message - -- Martin
RE: Applications that want 8.3 names
Most setup.exe programs are stubs that are 16-bit executables, and want 8.3 filenames. ERX -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] g]On Behalf Of Richard Sharpe Sent: Thursday, March 13, 2003 1:56 PM To: [EMAIL PROTECTED] Subject: Applications that want 8.3 names Hi, Is anyone aware of Windows applications that will only deal with 8.3 names and cannot deal with long file names? Regards - Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, sharpe[at]ethereal.com, http://www.richardsharpe.com
Re: could not find domain entry for domain @xxxxx
schmieder, holger wrote: Have anybody seen that problem ? We have that in an NT40Serverfarm with samba 2.2.7a as BDC. during the start of winbind we saw also following message: could not get sid of domain ... The users get access to there shares but the policies dont work corectly We have an IP-Segmented network, the server are in there own net, wins is running on the NT40 PDC. Thanks for every idea Holger We would need a lot more information. First thing to try is this: $ nmblookup -R -U wins server IP domain#1C That checks to see that all of the 1C IP addresses for your WINS database. Chris -)- -- Samba Team -- http://www.samba.org/ -)- Christopher R. Hertel jCIFS Team -- http://jcifs.samba.org/ -)- ubiqx development, uninq. ubiqx Team -- http://www.ubiqx.org/ -)- [EMAIL PROTECTED] OnLineBook -- http://ubiqx.org/cifs/-)- [EMAIL PROTECTED]
Re: New approach for winbind to match Windows to UNIX users and back
Andrew Bartlett [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I sit in two camps on this one - for local UIDs/GIDs, I actually like the 'algorithmic', but it's confined to a single uid/gid space. For winbindd, I'm convinced that the tdb mapping is the best way forward, but that some extensions to cope with all SIDs as GIDs. The irony is that this is actaully proving my original proposal to use solely GIDs ineffective since it seems that ultimately we'll need entries in both the UID space and the GID space to get the behavior we need. Indeed it seems that what's actually required is a UID and a GID per SID (I forgot about Group Owners of normal files, and looking up permissions in a normal POSIX fashion uses the UID to access a list of GIDs (including the default GID)). So it seems like the solution to define two identically sized ranges from the local UID and GID space and to have winbind just burn through them incrementally while maintaining a mapping table really ends up being the best approach. I hadn't realized that an SID is actually 256 bits and we at best only have 32 bits to work with I I was only thinking about the RIDs). -- Michael --
Re: New approach for winbind to match Windows to UNIX users and back
I hadn't realized that an SID is actually 256 bits and we at best only have 32 bits to work with I I was only thinking about the RIDs). A SID is variable length, really. -- Luke -- Luke Howard | PADL Software Pty Ltd | www.padl.com
Re: Applications that want 8.3 names
Richard Sharpe wrote: Is anyone aware of Windows applications that will only deal with 8.3 namesand cannot deal with long file names? erx wrote: Most setup.exe programs are stubs that are 16-bit executables, and want 8.3 filenames. And some of the ones that can handle storing long filenames expect that when they extract the files, they will get the same 8.3 alias that they had originally, which does not happen because Microsoft has several different algorithms for generating the alias. One of the installers in the Windows NT 4.0 Resource kit has this problem. -John [EMAIL PROTECTED] Personal Opinion Only
Error messages generated by passdb/pdb_smbpasswd.c are (almost)useless
Hi,
Someone asked me what some messages like getsmbfilepwent: malformed
password entry (uid not number) meant when using the smbpasswd command.
Not knowing, I went searching the source code to find:
if (!isdigit(*p)) {
DEBUG(0, (getsmbfilepwent: malformed password entry (uid not
number)\n));
continue;
This is very little help in pinpointing the problems, as it does not tell
us what the routine was looking at that caused the problem. Perhaps
including the string it was processing would have been more useful!
Regards
-
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
RE : Detecting directory changes.
Without knowing what is using the internal routine, I do not know if it will remain, will be removed, or if changes to RMS will leave it totally or partially non-functional. Actually, this internal routine uses a feature of the XQP, not of RMS, but it's a detail. It may work for now, but as it is an internal routine, it is unsupported, and may break with out notice, even from the installation of an ECO kit. Well, this is hardly what happened in the past, however. As Dave Jones pointed out, this internal routine is dated 1993 in the sources, and uses an XQP feature (using the VMS lock manager in a certain way) that seems to be present since the very beginning of the XQP itself (middle of the 80s, if I remember correctly), precisely for managing the validation of the directory XQP cache in a cluster environment. In my opinion, the probability of a sudden break out for this particular feature sounds low. Note that my old method of looking at the lock value block of the XQP volume lock used another XQP feature that is hardly more documented or supported... Caching directory and file (stat) information enhances Samba/VMS performances very much, that's a fact. May be that the price to pay is to take the risk of using some undocumented/unsupported VMS feature. PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: Detecting directory changes.
If another way of doing it is desired, perhaps the following could be considered. The general description of the method is to use the lock manager in a way that is compatible with how RMS uses it. What you'd do is to take out a lock in PR (protected read) mode on the RMS resource that represents the directory file. These resources have names that are built using a known pattern (4 character prefix of RMS$, 6 byte FID, 16 character devlockname). So after you read the directory data into your cache you enqueue a PR mode lock to the resource and close the file, at which time this lock should be granted (possible refinement - the lock could initially be requested in NL (null) mode with LCK$M_EXPEDITE specified, then a conversion to PR mode enqueued; this may have some advantages). You specify a blocking AST with the lock. The PR mode lock will not block any read-only access to the file, as they should PR (or maybe CR) mode locks. Any open allowing writes to the file should trigger your blocking AST as these will involve a PW (protected write) or EX (exclusive) mode lock which will be blocked by this lock. In the blocking AST you enqueue a conversion of lock to NL mode and set a flag for the cache indicating that it is invald. The next time the cache is needed the program checks the validity flag and finds that it is not valid so the cache is refreshed from disk and the lock converted back to PR mode. (Note that the resources used by the RMS locks all have a minimum of executive mode access and are all system locks. This makes enqueueing them just a bit more complicated.) The advantage is that you wouldn't need to poll the sequence number via F11X$POSIX_FASTRDSEQNOS every time you want to read from the cache, possibly giving some slight (possibly trivial) increase in performance. (Instead of polling for the value, you get notified via the blocking AST.) The disadvantage is, I think, that you had best be very carefull when messing around with RMS or you could have an adverse effect on the system as a whole. It is also possible that you will be invalidating the cache more often than is really necessary since other accesses to the directory file for reading it may not always be done in a read-only type of way (defaults for opening files in C, for example, is no sharing which presumably causes an EX mode lock to be used which would trigger the blocking AST and invalidate the cache). You should note that the Frontport library already does this sort of thing with RMS locks, thus Samba V2.0.6 is also already doing this sort of thing (and it works OK). Frontport's useage of this is, as I recall, somewhat simpler - I think it only enqueues locks to RMS resources to find out who is blocking you, and those test locks are immediately dequeued. This is part of its increase to fcntl() functionality regarding locks. It's a possibility to consider, anyway. --- Carl PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
RE: Detecting directory changes
How does Pathworks do this? Since HP/Compaq will probably maintain Pathworks as a layered product, the Pathworks method will continue to be supported internally (unless there is a major change in Pathworks itself). Mike Ober. PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
