[Samba] Samba 3.0 as ADS domain member (atleast).
Hi all, I am trying to set up a Samba 3.0 beta, as an additional domain controller on a domain that has a windows 2000 (ADS integrated) DC. I would like some pointers on how I could achieve this; I am to understand that there may not be tried-and-tested howtos but, even some raw documentation in that direction would do. The closest I got was the Chapter 8 (Samba as a ADS domain member), bundled, in the documentation with the, distribution. This document I followed but, on trying "net use * \\sambaServer\shareName", it asks me for a password, inspite of a successful './net ads join'. 'klist tickets' tells me that 'klist: No credentials cache found (ticket cache FILE:tickets)'. After some googling, did add 'winbind cache time = 10', but it didn't help the situation. Kindly help. Regards, suraj. __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re:Replacing Samba PDC with new hardware
>From: "Alex" <[EMAIL PROTECTED]> >Subject: [Samba] Replacing Samba PDC with new hardware >To: "SambaList" <[EMAIL PROTECTED]> > >Hi, >I'm currently running a Samba PDC (2.2.3a) on RedHat 7.3 supporting 10 or so >win2k users with roaming profiles. Just got a new Dell box and would like >to replace the current PDC machine. My question is this : > >What is the best way to make the switch without making the current user >accounts obsolete. I've duplicated the most of the environment already, my >users accounts have already been added to /etc/passwd, /etc/group. I set up >smb.conf, the homes and netlogon share. I copied the logon.bat file I've >been using from the old box, and added all my users and machine accounts to >the smbpasswd file as usual. Now as far as the SID I'm a little fuzzy. I >would ideally like the replacement server to have the same netbios name >(SERVER) as the de-commissioned machine. For the moment I 've given the new >box the name (NEW_SERVER) so that I can copy files over. I ran smbpasswd -S >(domain) to suck the SID to the new server already. Now when I shut down >the old box for good, and change the netbios name will the SID for the >domain be re-written making my user accounts useless/ unable to logon? Is >there any way to avoid this? Also is there a "better" way to move the users >home directories to new box? I was planning on tar-ing up the /home dir and >just expanding it on the new machine? Does anyone know if I have all the >users logged in, swap out the servers, and log the users out will that send >the profile back to the home directory on the new server? Try to replace the secrets.tdb on the new PDC with the one from the old PDC. I had some trouble too, the domain SID can be extracted from the old machines secrets.tdb and set one the new one with smbpasswd, but it seems that the server-SID is important too. The output of smbpasswd -X and smbpasswd -X was different on my new installation and identical on the old PDC. I did not find a way to set the Server SID using smbpasswd. After overwriting the secrets.tdb on the new server with the one from the old PDC the client- login worked without rejoining. Make shure that the password in the smbpasswd-file for users and machines are the same as one the old server. If you keep the same uids for machines and users one the new server as they where on the old one just copy smbpasswd or edit the uids in the copied smbpasswd-file to match those in /etc/passwd on your new PDC. If you have a file MACHINE.SID copy this file too (some older versions of Samba used this file but its now obsolete, the data is now in secrets.tdb). Hope this helps -- Martin Thomas University of Kaiserslautern, Institute of Environmental Engineering, Kaiserslautern (ZIP 67663), Germany -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Exec file incompatible with hardware
>>When I try and run a script we have that runs: >>/usr/local/samba/bin/smbd -D -l /var/adm/smblogs \ >> -s /usr/local/samba/lib/smb.conf >>/usr/local/samba/bin/nmbd -D -l /var/adm/nmb.log \ >> -s /usr/local/samba/lib/smb.conf >> >>I get this error: >>./startsmb.sh[7]: /usr/local/samba/bin/smbd: >Executable file incompatible with >>hardware >>./startsmb.sh[9]: /usr/local/samba/bin/nmbd: >Executable file incompatible with >>hardware > >Are you positively sure that what ran on the old >machine was 10.20? What was the model of the old >server and what is the model of the new one? The >above error sounds like you are trying to run >Apollo m64k on an hppa or at least trying to run >hppa 2.0 binary on a 1.0 or 1.1. > >Can you post what the old and the new server >output when you execute the commands "uname -a" >and "model"? Also, what comes back from executing >"file smbd", "what smbd", and "chatr smbd" on >both servers? It may help to undestand the problem. You probably don't specify with +D? options what hppa version should be the target platform (on which the program should run). The default is probably inappropriate for your hardware model. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unexpected IP resolution
>> >The result from nmblookup (same result on all >> >platform) for a given samba server isn't what I >> >expect. >> >> But it is exactly what nmblookup expects if you >> configure your card the way you did! >> > >Ok then, how do I configure things in such way that >nmblookup (and windows machines) will return >10.10.10.10 for ourserver instead of 10.10.10.12. That's easy, Richard. Just configure your ourserver as an alias or hostname for a machine with an IP addresss of 10.10.10.10. How else? >Note that gethostbynam() returns 10.10.10.10. Sure, if you set up your nsswitch.conf to first look into files before calling a dns server and your /etc/hosts contains a line saying 10.10.10.10 is the IP address of ourserver then gethostbynam() will return 10.10.10.10 as the IP address of ourserver. You could even fool a DNS server if your hat were black enough. There's nothing contradictory here, just a simple principle: Garbage in, garbage out. >I don't put the fault on mnblookup. Far from that. >Let's me show you the ethereal output (transcripted) : > >source destination info >10.10.10.111 10.10.10.255 Name query NB OURSERVER<00> >10.10.10.2 10.10.10.111 response NB 10.10.10.12 > >As you can see, the smb service is binded to >10.10.10.2:137 and it answers 10.10.10.12 in the >message. Where do you see any inconsistency? Your client 10.10.10.111 broadcasts to everyone in 10.10.10.0/24, someone may please let him know which IP address goes under the WINS name of OURSERVER. A server of yours whose eth0 is primarily bound to global IP address of 10.10.10.2 reads the broadcast and passes it over to nmbd. nmbd consults browse.dat and wins.tdb and finds that OURSERVER was most recently updated as having the address of 10.10.10.12. This piece of wisdom will be put on the wire by your said server with address 10.10.10.2 where it's intercepted by ethereal. End of story. As you have seen, there's no mistery. The only question is, why would you want to confuse a perfectly functioning samba server in this particular way? I don't doubt that you have some lofty motives, but perhaps you may go for a compromise solution, which isn't exactly how you thought things would work out but at least you have happy users being industriously served by a fantastic piece of open source software. I know what you want, Richard. You want different WINS aliases of your samba server to be reported under different IP addresses, all of them in the same logical subnet. Taking into consideration the present state of development of TCP/IP and SMB one way to achieve that is for you to rewrite the nmbd.c in such a way that it looks up your /etc/hosts instead of wins.dat and browse.tdb. I'm afraid that would have some very nasty side effects, but hey, what the hell, give it a try. But why would you want that? What's the perceived benefit that you expect from forcing a samba server with 10 aliases and 10 IP addresses, OK 5 not 10, all in the same subnet, to remember exactly which IP address should belong to which WINS alias? Cheers Dragan Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: smbclient
> > >Dragan Krnic offres some great advice: > >> >is there a way tojust install smbclient ...like >> >from the samba source... >> >> Of course. samba-client is always a separate RPM --8<---8<8<- >> Experiment on a vanilla PC and see how far you can >> chip away a samba installation and still be able >> to access an SMB server. Good lcuk. >> > > >Thanks ... will do... smbmount as well smbmount >totally rules btw! > >P I know P, it's so kewl I sometimes I forget to smbdimsount :-) Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Charset module could not load
Hello, Everything I've tested so far regarding my Samba 3.0.0 beta 1 installation works great, despite the following error: Error loading module '/usr/local/samba/lib/charset/CP850.so': Cannot open "/usr/local/samba/lib/charset/CP850.so" This error comes up when I run any of the Samba binaries, such as smbpasswd, pdbedit, etc... also it shows up in log.smbd, log.nmbd when either of those are run. I can't find this module anywhere in the source directories or on my system anywhere. Is this supposed to be something that Samba compiles and installs, or am I missing something? This Samba server is running on a FreeBSD 4.5 system. I also have another FreeBSD 4.5 system that does the exact same thing. Has anyone else had this problem? Thanks, David van Geyn -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User can delete file when they have no read/write access
The key for delete is the permissions of the parent directory not the file. If a user has write access to the directory he can delete files in that directory. Check out the chmod man page for references to the "sticky bit" for a directory. Here is a quote from the IRIX man page (Linux should be similar) If a directory is writable and the sticky bit, (t), is set on the directory, a process may remove or rename files within that directory only if one or more of the following is true (see unlink(2) and rename(2)): the effective user ID of the process is the same as that of the owner ID of the file the effective user ID of the process is the same as that of the owner ID of the directory the process is a superuser. Esben Laursen wrote: > > Im haveing a problem with my profiles share on my Samba 2.2.3 PDC server. > > I have a share like this: > > [profiles] > path = /home/samba/profiles > writeable = yes > create mask = 0700 > directory mask = 0700 > browsable = no > valid users = root,@smbusers > > The roaming profile works just fine with windows2k, and the users can't read the > other profiles (they get a "access denied" if they try to access another profile > then their own) thats great, BUT they can delete the other profiles. > It aint only the profiles share but all files, and thats pretty much a problem here > =) > > Here is a ls of the profiles directory: > > linux:/home/samba/profiles# ls -l > total 12 > drwx-- 14 emma emma 4096 Jun 19 22:18 emma > drwx-- 19 esbenesben4096 Jun 17 20:00 esben > drwx-- 14 root root 4096 May 17 21:13 root > linux:/home/samba/profiles# > > So the user esben cant read the emma folder but he can delete it witch is pretty bad > =) > > How can I fix this? > > Kind Regards > > Esben > > Ps. Here is my [global] section: > > [global] > netbios name = linux2 > server string = Samba %v on %L > workgroup = domain > > add user script = /usr/sbin/useradd -d /dev/null -g nobody -s /bin/false -M %u > > os level = 65 > prefered master = yes > domain master = yes > local master = yes > domain logons = yes > socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 > time server = yes > hide dot files = yes > security = user > guest ok = no > invalid users = bin deamon sys man mail ftp > admin users = @root > domain admin group = root,@admins > encrypt passwords = yes > log level = 2 > log file = /var/log/samba/log.%L > max log size = 1000 > debug timestamp = yes > syslog = 1 > hosts allow = 192.168.1. 127. 62.79.110. > > ; user roaming profiles path > logon path = \\%L\profiles\%u > > client codepage = 850 > valid chars = æ:Æ ø:Ø å:Å > logon script = logon.bat > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- == Herb Lewis Silicon Graphics Networking Engineer 1600 Amphitheatre Pkwy MS-510 Strategic Software Organization Mountain View, CA 94043-1351 [EMAIL PROTECTED] Tel: 650-933-2177 http://www.sgi.com Fax: 650-932-2177 PGP Key: 0x8408D65D == -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] User can delete file when they have no read/write access
Im haveing a problem with my profiles share on my Samba 2.2.3 PDC server. I have a share like this: [profiles] path = /home/samba/profiles writeable = yes create mask = 0700 directory mask = 0700 browsable = no valid users = root,@smbusers The roaming profile works just fine with windows2k, and the users can't read the other profiles (they get a "access denied" if they try to access another profile then their own) thats great, BUT they can delete the other profiles. It aint only the profiles share but all files, and thats pretty much a problem here =) Here is a ls of the profiles directory: linux:/home/samba/profiles# ls -l total 12 drwx-- 14 emma emma 4096 Jun 19 22:18 emma drwx-- 19 esbenesben4096 Jun 17 20:00 esben drwx-- 14 root root 4096 May 17 21:13 root linux:/home/samba/profiles# So the user esben cant read the emma folder but he can delete it witch is pretty bad =) How can I fix this? Kind Regards Esben Ps. Here is my [global] section: [global] netbios name = linux2 server string = Samba %v on %L workgroup = domain add user script = /usr/sbin/useradd -d /dev/null -g nobody -s /bin/false -M %u os level = 65 prefered master = yes domain master = yes local master = yes domain logons = yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 time server = yes hide dot files = yes security = user guest ok = no invalid users = bin deamon sys man mail ftp admin users = @root domain admin group = root,@admins encrypt passwords = yes log level = 2 log file = /var/log/samba/log.%L max log size = 1000 debug timestamp = yes syslog = 1 hosts allow = 192.168.1. 127. 62.79.110. ; user roaming profiles path logon path = \\%L\profiles\%u client codepage = 850 valid chars = æ:Æ ø:Ø å:Å logon script = logon.bat -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winxp netlogon script
I'm running Samba-2.2.8a on RedHat Linux 7.1, Kernel 2.4.18-24.7.x, glibc-2.2.4-31, on an i686. I understand that kernel-2.4.20-18.7 and glibc-2.2.4-32 is available for RH7.1. If need be, I'll update to 7.3 with the latest kernel and glibc if that will fix the issue. I'd prefer to not take the server down for a lengthy time to do a complete OS upgrade, rather just update the kernel and glibc on RH7.1 if possible. smb.conf: [global] workgroup = ACADEMIC netbios name = SLC3 interfaces = 172.16.0.3 127.0.0.1 bind interfaces only = Yes hosts allow = 172.16. 10. encrypt passwords = Yes name resolve order = wins lmhosts hosts domain admin group = @admin add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ unix password sync = yes smb passwd file = /var/samba/private/smbpasswd log level = 1 debug timestamp = yes password level = 1 passwd program = /var/samba/bin/syncpass.sh %u %n passwd chat = *Password* *changed* logon script = scripts\%g.bat logon drive = H: logon home = \\SLC3\%u domain logons = Yes os level = 65 preferred master = True domain master = True wins support = Yes time server = True guest account = ftp [netlogon] path = /var/samba/netlogon browseable = no [homes] comment = home directory support read only = No inherit permissions=yes browseable = no [data] comment = Data Resources path = /var/data admin users = @admin read only = No create mask = 0775 directory mask = 0775 browseable = no -Original Message- From: John H Terpstra [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 3:42 PM To: Khanh Tran Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: [Samba] Winxp netlogon script Folks, For what it is worth, in my testing of samba-3 domain logon behaviour I have found logon script processing totally reliable. The only instance of trouble that I have come across so far was with sites running RedHat 7.3 that did NOT have the glibc and kernel updates. In every case where the updates have been applied there has been no pleoblem. If you want your problems resolved then a little more detail might help. What version of samba? What platform (OS version and updates)? What smb.conf info? How are clients configured? - John T. On Fri, 20 Jun 2003, Khanh Tran wrote: > I have been experiencing the exact same issue as you, and I was > wondering if you ever came to a resolution? I didn't see a response > on the Samba list! > > Thanks! > > List: samba > Subject: RE: [Samba] Winxp netlogon script > From: "Truman" > Date: 2003-05-16 20:31:28 > [Download message RAW] > > I am adding more information on my status: > The question that I need to find is why Win98 client have no problem > running the logon script and WinXp clients do not even appear to try. > > When I log onto the domain from a WinXp pro client the home share is > getting mapped but the logon script is not getting executed. I have > checked the log files and I am in the domain. > > Initially I had 2 WinXp client using roaming profiles just to test but > I decided against using this feature. This may somehow caused WinXp > clients to not run the logon script but I am not sure. I have the > same symptoms on 4 WinXp clients, and 1 win2000 client. > > Truman > > > Khanh Tran > Network Operations > Sarah Lawrence College > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't join linux machine to linux pdc controlled domain.
Getting error message: Error connecting to my_pdc Unable to join domain my_domain when I run 'smbpasswd -j my_domain -r my_pdc' from linux_box my_pdc is the primary domain controller for my_domain. I have three win2k machines that are all using the pdc for domain authentication. They all work fine (funny enough) and can access the domain. I have added linux_box$ to /etc/passwd on my_pdc. I have also added it to smbpasswd using the following command 'smbpasswd -a -m linux_box' I have added/updated these lines to smb.conf on linux_box encrypt passwords = Yes security = domain password server = * samba daemons are not running on linux_box but are running on my_pdc during the "join" attempts.. linux_box can ping my_pdc. It can resolve my_pdc's ip address using nmblookup and my_pdc's netbois name. I can use smbclient from linux_box to log into my_pdc and list the shares available. I am running tcpdump on my_pdc. I see traffic from other machines that are working correctly. I do not see any traffic from linux_box to my_pdc during the "join" attempts my_pdc is running samba 2.2.7 on redhat 7.3 kernel 2.4.20-18.7 linux_box is running samba 2.2.5 on redhat 7.3 kernel 2.4.18-5 I have gone into smbpasswd on my_pdc and deleted linux_box$ entry, then readded it and immediately tried to join again, with the same results, which shouldn't matter as no traffic is getting to my_pdc during the "join" attempts. I've read the samba.org documentation and troubleshooting guide. Good info on joining windows machines, but nothing on joining linux machines. Any direction would be greatly appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] File Locking for dropbox
OK, this may sound like a FAQ but all the FAQ sheets I see don't really cover it : they come close, but not close enough. The case : Samba server (2.2.8a) on a stock 2.4.20 linux kernel (glibc 2.2.3) Operating as a 'dropbox' : files are dropped into \\server\incoming by various (windows) clients, then the server processes them. The problem : How to tell when a 'new' file detected in the dropbox is available Currently we do this : 1 - See a new file 2 - Attempt a write lock on the file (in Delphi, but could be in C) 3 - Process file This doesn't work, because samba doesn't seem to write files in a way that blocks the write access of the file processor. i.e. Step 2 _always_ succeeds, even if the file hasn't done writing yet. So when a user drops 5000 files into the dropbox, the Delphi process gets about 4900 'rejected : corrupt files' because it tried to access the file while it was still being written. Notes : - When using 100M ethernet vs. 10M ethernet, the problem goes away. This makes sense : the faster you write the file (files average about 800K in size) the less likely the file processor will try to read the file as you're writing it. - smb.conf file is below. The 'strict' and 'level2' lines were added to try to fix the problem, but they didn't work well enough : the ratio of rejected files dropped, but it's still happening. Is there a way to force samba, when writing a file, to lock it such that any other UNIX/server side process can't access the file because it's locked? If not, do you have any other suggestions? (can't use atime, FS is mounted noatime for performance reasons. Can't use atime/ctime, cuz they're the atime/ctime of the original file on the windows side. I'm kinda stumped myself :) Dana Lacoste Ottawa, Canada -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unexpected IP resolution
On Fri, 2003-06-20 at 14:27, Dragan Krnic wrote: > >The result from nmblookup (same result on all > >platform) for a given samba server isn't what I > >expect. > > But it is exactly what nmblookup expects if you > configure your card the way you did! > Ok then, how do I configure things in such way that nmblookup (and windows machines) will return 10.10.10.10 for ourserver instead of 10.10.10.12. Note that gethostbynam() returns 10.10.10.10. I don't put the fault on mnblookup. Far from that. Let's me show you the ethereal output (transcripted) : source destination info 10.10.10.11110.10.10.255Name query NB OURSERVER<00> 10.10.10.2 10.10.10.111Name query response NB 10.10.10.12 As you can see, the smb service is binded to 10.10.10.2:137 and it answers 10.10.10.12 in the message. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, 20 Jun 2003, Mark Roach wrote: > On Fri, 2003-06-20 at 15:38, John H Terpstra wrote: > > On Fri, 20 Jun 2003, Jonathan Johnson wrote: > > > > > OK, I don't have a strong understanding of oplocks, but I'm sure someone > > > will correct me where I go wrong. > > > > Those interested in the whole OpLock story might benefit from reading > > chapter 14 'File and Record Locking" of: > > > > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html > > > > From this coverage it should be obvious that file locking affects a > > complex interaction of Client and Server protocols and configuration > > settings. Please draw your own conclusions. > > Hi, John. I'm pretty sure I "get" what oplocks are for and why they are > good, I guess my question would be more along the lines of "do they work > properly in samba?" along with the error message that prompts the > question. OpLock support in Samba is very well tested and proven code. That does not mean that there are no bugs in it. By the same token, the document I referred people to shows that the problem with OpLocks is just as big an issue in a pure MS Windows server environment. Is Samba OpLock support up to the grade? Sure, as far as we can determine this is. If you can demonstrate otherwise we are eager to fix it. > I think the question could be further distilled to "Is this an example > of oplocks not working properly, or is it something else entirely?" I > hope my question makes more sense worded that way. I referred folks to the documentation to show that the whole subject is MUCH deeper than "Is OpLocks any good in Samba?". - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba -v- unix file/group permissions
In migrating to Samba on FreeBSD from WinNT, I've run into this hitch. Let us say I have 9 users named User1, User2, User3, ? User9 User1 is a member of group wheel User2 & User3 have the administrative task (add/change/delete) of managing the content of the directory Dirc1 and all subordinate objects (files and directories). Dirc1 is the directory /usr/Shared/Dirc1. Only User1 will need to delete Dirc1, but if it helps then User2 & User3 can also delete Dirc1. All users can read anything in Dirc1 and all subordinate objects as well. All users can contribute (add/change/delete) anything in the Everyone directory which is /usr/Shared/Dirc1/Everyone Shared is a Samba service. As User2 & User3 add new objects subordinate to Dirc1 they are to retain the permissions necessary to add/change/delete all current and new objects in Dirc1. All users can add/change/delete anything anywhere else in Shared All end-user efforts are performed from Windows NT workstations. (This is essentially what I have on an NT file system and would like to maintain this structure to prevent confusion.) Finally, Samba ACL support is not compiled into Samba because that option is broken between this version of FreeBSD and this version of Samba. 1) How do I configure the Shared, Dirc1 & Everyone directories in terms of the Unix file permissions and ownerships to support this? 2) How do I configure the Shared service in Samba to support this? 3) How do I configure the User2 & User3? 4) What else will be necessary? In Linux, can groups be members of other groups? In BSD groups cannot. I think I'm going to learn to hate this about Unix. On the issue of Force group / force user. These properties take presence over the actual user: group properties of a users connection such that if force user and/or force group is implemented on a share then all users of that share are controlled by the force user/force group assignments. So this did not work. I expect force create mode to be similarly effective for all objects on the share which will not work for me. I thought to have: root : wheeldrwxrwxr - xfor /usr/Shared root : Dirc1-admins drwxrwxr - xfor /usr/Shared/Dirc1 and root : Dirc1-admin drwxrwxrwx for /usr/home/shared/Dirc1/Everyone Dirc1-admins= User2, User3 Where Shared is defined in Samba as: [shared] path = /usr/Shared browsable = yes read only = no writable = yes available = yes My problem here is when creating new objects I have to manually fix the group permissions. Can this fix be automated and the time the file is created regardless of who created the object? Thanks, -Steve Lyle 513.557.5207 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, 20 Jun 2003, Troy.A Johnson wrote: > The original url got me nothing, but > this: > > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf > > got me the doc. Apologies for the typo. - John T. > > >>> John H Terpstra <[EMAIL PROTECTED]> 06/20/03 02:38PM >>> > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Exec file incompatible with hardware
>Well, we consolidated servers and moved everything to >another server with HP-UX 10.20 (the previous server >had the same HPUX version so I thought I was in the >clear), the samba version is samba-1.9.18p2. I copied >over the source and ran make, then make install - >during the make install I received these errors: > >Installing codepage files in >/usr/local/samba/lib/codepages >Creating codepage file >/usr/local/samba/lib/codepages/codepage.437 >from codepage _def.437 >installcp.sh [23]: >/usr/local/samba/bin/make_smbcodepage: >Execute permission denied. Is "/usr/local/samba/bin/make_smbcodepage" a shell script or a binary? Does it have the proper exec bit set? >When I try and run a script we have that runs: >/usr/local/samba/bin/smbd -D -l /var/adm/smblogs \ > -s /usr/local/samba/lib/smb.conf >/usr/local/samba/bin/nmbd -D -l /var/adm/nmblog.log \ > -s /usr/local/samba/lib/smb.conf > >I get this error: >./startsmb.sh[7]: /usr/local/samba/bin/smbd: >Executable file incompatible with >hardware >./startsmb.sh[9]: /usr/local/samba/bin/nmbd: >Executable file incompatible with >hardware Are you positively sure that what ran on the old machine was 10.20? What was the model of the old server and what is the model of the new one? The above error sounds like you are trying to run Apollo m64k on an hppa or at least trying to run hppa 2.0 binary on a 1.0 or 1.1. Can you post what the old and the new server output when you execute the commands "uname -a" and "model"? Also, what comes back from executing "file smbd", "what smbd", and "chatr smbd" on both servers? It may help to undestand the problem. >I realize we need to be off 10.20 and that this samba >version is old, but we have clients we need to >support that still have old crud. The 10.20 can not >be updated but Samba could be without a problem. I >actually tried to install samba-2.2.3a, but didn't >have any luck. Like I said I don't know Samba, so I >apologize for the idiocy of my email :) There's really no excuse for keeping 10.20. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, Jun 20, 2003 at 02:49:48PM -0500, Brandon Lederer wrote: > My comment/question leans towards Windows here I cant turn oplocks off > in Windows (to my knowledge). Therefore they are always ON. If this is the > case, And they dont cause any problems, then WHY do we have to turn them off > in Samba? Do they not work properly? Yes you can turn them off in Windows, there are registry entries to do so on both client and server (as in Samba) - although not per share or wildcard match as you can in Samba. Several Windows application vendors (usually multi-user db vendors) recommend turning them off Windows to Windows, no Samba involved. "Oplocks: nice idea, shame about the Windows client implementation". Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: smbclient
>is there a way tojust install smbclient ...like from >the samba source... Of course. samba-client is always a separate RPM but you do need the following libraries: # ldd $(which smbclient) libreadline.so.4 => /lib/libreadline.so.4 libncurses.so.5 => /lib/libncurses.so.5 libacl.so.1 => /lib/libacl.so.1 libcups.so.2 => /usr/lib/libcups.so.2 libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 libnsl.so.1 => /lib/libnsl.so.1 libpam.so.0 => /lib/libpam.so.0 libldap.so.2 => /usr/lib/libldap.so.2 libpopt.so.0 => /usr/lib/libpopt.so.0 libc.so.6 => /lib/libc.so.6 libdl.so.2 => /lib/libdl.so.2 libattr.so.1 => /lib/libattr.so.1 liblber.so.2 => /usr/lib/liblber.so.2 libresolv.so.2 => /lib/libresolv.so.2 libsasl2.so.2 => /usr/lib/libsasl2.so.2 /lib/ld-linux.so.2 => /lib/ld-linux.so.2 if you need all that pam, sam, ldap, etc. >like a make --smbclient install or something? Perhaps it's also possible, but why don't you do like Michelangelo did when he chipped away all that wasn't David from that slab of Carrara. Build the whole thing and then throw away all but the above libs and smbclient itself. >I realize the client may require some libs of the >server, can we pass that to the make as a param as >well? liuke a --libexec=X pr lib=... I dunno. Perhaps, did you read the README.1ST file? Me neither. >I am building linux appliance and juts wnat to >access shares from the appliance to windows smb >shares... not vice versa... my OS runs in RAM >only so I have limited space Don't exaggerate with parsimony. The above listing of lib dependencies is for a full-fledged pam, sam, ldap and puff-capable client. If you build a less general samba & client most of those libs won't be necessary and some might be part of the rest of your Linux environment anyway. Experiment on a vanilla PC and see how far you can chip away a samba installation and still be able to access an SMB server. Good lcuk. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, Jun 20, 2003 at 03:40:05PM -0400, Mark Roach wrote: > > Hi, John. I'm pretty sure I "get" what oplocks are for and why they are > good, I guess my question would be more along the lines of "do they work > properly in samba?" along with the error message that prompts the > question. They work as well in Samba as they do in Windows, that is to say, dependent on client bugs (of which there have been several nasty ones). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] ok, so oplocks: good or bad?
My comment/question leans towards Windows here I cant turn oplocks off in Windows (to my knowledge). Therefore they are always ON. If this is the case, And they dont cause any problems, then WHY do we have to turn them off in Samba? Do they not work properly? -Original Message- From: Mark Roach [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 2:40 PM To: John H Terpstra Cc: [EMAIL PROTECTED]; Jonathan Johnson Subject: Re: [Samba] ok, so oplocks: good or bad? On Fri, 2003-06-20 at 15:38, John H Terpstra wrote: > On Fri, 20 Jun 2003, Jonathan Johnson wrote: > > > OK, I don't have a strong understanding of oplocks, but I'm sure someone > > will correct me where I go wrong. > > Those interested in the whole OpLock story might benefit from reading > chapter 14 'File and Record Locking" of: > > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html > > From this coverage it should be obvious that file locking affects a > complex interaction of Client and Server protocols and configuration > settings. Please draw your own conclusions. Hi, John. I'm pretty sure I "get" what oplocks are for and why they are good, I guess my question would be more along the lines of "do they work properly in samba?" along with the error message that prompts the question. I think the question could be further distilled to "Is this an example of oplocks not working properly, or is it something else entirely?" I hope my question makes more sense worded that way. Thanks very much, Mark Roach -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 'Little' problems with Samba v2.2.3a-12.3 (Debian Woody)and PRINTERS !!
Farget Vincent farget at olfac.univ-lyon1.fr Fri Jun 20 15:14:50 GMT 2003 Le Jeudi 19 Juin 2003 17:15, vous avez écrit : But you have not read the samba-howto-collection.pdf, which has a chapter on this, which tells you *exactly* not to do this. I have read the 6th chapter of theSamba-HOWTO-Collection paper and above all the 6.2.2th chapter named 'Setting Drivers for Existing Printers'. You should also refer to the new version for Samba 3.0, temporarily located here: http://www.linuxprinting.org/kpfeifle/SambaPrintHOWTO/ It is also valid for most of Samba 2.2.x printing, but much more detailed and offers some troubleshooting tips also. Another point: Since the days of 2.2.3a there have been going a lot of printing code improvements into 2.2.4, 2.2.4a, 2.2.5, 2.2.6, 2.2.7, 2.2.8, 2.2.8a and 2.2.9. Think about updating! (And 3.0 is even better) Cheers, Kurt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Fwd: Re: [Samba] add user script & samba 3.0b
machine add does not work, manual or on the fly, if have an complete test enviroment so nothing is dangerios, but sometimes i have to install the boxes new *grins interface = lo, changes nothing to the result, i cant join the samba domain with win2k , cause failure is: the machine account is not found or trusted by domain controller after all i bulid a bdc with 2.2.7a on traditional way an it worked very nice. my problem is this [2003/06/20 21:25:53, 2] auth/auth.c:check_ntlm_password(295) check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_NO_SUCH_USER [2003/06/20 21:26:04, 2] smbd/server.c:exit_server(558) Closing connections this comes up to logged machine when try to get in the samba3beta domain i have no idea what to do next... Regards > What seems to be a dangerous thing to me is that your samba doesn't bend > to lo (127.0.0.1 aka localhost) I'm not shure if it is the origin of > your problems, but in the docs is written, that lots of tools, including > smbpasswd (maybe others things too ?) relays on accessing localhost, if > security=user. Anyway I would suggest to try with this new settings too. > I'm really new to the 3.0 branch, and I would want an LDAP solution > (Samba PDC+ Samba BDC). > > Best Regards > > Geza Gemes > > [EMAIL PROTECTED] írta: > > > this is my smb.conf, > > as i failed before , the machine add script works on the fly, but the > > machine account which is right in the smbpasswd, does not login after > > required > > reboot win2k serv3 to domain, with failure message > > local computer account is not trusted > > My plan is to make samba easier administrate with usmgr, machine > creation > > on > > the fly. > > > > And i dont wanna use ldap. > > is anyone working on that too? > > > > > > > >>i compiled the beta on suse 8.2 from scratch > >>do sombody have any usefull comments about this config? > >> > >> > >> > >>[global] > >>dos charset = ASCII > >>display charset = UTF8 > >>workgroup = LINUX > >>interfaces = eth0 > >>bind interfaces only = Yes > >>map to guest = Bad User > >>passwd program = /usr/bin/passwd %u > >>username map = /etc/samba/smbusers > >>unix password sync = Yes > >>log level = 2 > >>log file = /var/log/samba/%m > >>time server = Yes > >>keepalive = 255 > >>socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 > >>SO_RCVBUF=8192 > >>load printers = No > >>printcap name = cups > >>add user script = /usr/sbin/useradd -m %u > >>delete user script = /usr/sbin/userdel -r %u > >>add group script = /usr/sbin/groupadd -r %g > >>delete group script = /usr/sbin/groupdel %g > >>add user to group script = /usr/bin/gpasswd -a %u %g > >>delete user from group script = /usr/bin/gpasswd -d %u %g > >>set primary group script = /usr/sbin/usermod -g '%g' '%u' > >>#create a group machines first ! > >>add machine script = /usr/sbin/useradd -g machines -c Machine -d > >>/dev/null -s /bin/false %u > >>logon drive = z > >>domain logons = Yes > >>os level = 255 > >>preferred master = Yes > >>domain master = Yes > >>wins proxy = Yes > >>wins support = Yes > >>ldap ssl = no > >>utmp = Yes > >>host msdfs = Yes > >>admin users = Administrator > >> > >>[homes] > >>comment = Home Directories > >>read only = No > >>create mask = 0640 > >>directory mask = 0750 > >>browseable = No > >> > >> > >> > >> > >> > >>>it seems that the developers group has changed the command name from > >>>add user script to add machine script > >>>you can see the difference only in the man page on the CVS tree > >>>after I changed it to this command in smb.conf - it worked. > >>> > >>>regards > >>> > >>>[EMAIL PROTECTED] schrieb: > >>> > >>> > >>> > HI if tested the add user script (samba3beta) and it works fine for me > > but the created machine account , it not followed > with a working login, win2k serv pack 3 says computer account is not > > > >>>trusted > >>> > >>> > in the domain, > this is is not a failure by the script , cause i tried traditional way > > > >>>too. > >>> > >>> > ( smbpasswd -a -m ) > any ideas? > Regards > > > > > > > > > > >Howdy, > > > >I would like to use the samba server as a replacment for NT Servers. > >So I need the add user script command for adding new machines to the > >domain. > >This is no problem in all 2.2.X versions of samba which I used. > >But on version 3.0 alpha and beta it is not working. > > > >I am using debian 3.0r1 with the unstable package of samba 3.0beta. > > > >smb.conf: > >[global] > >
[Samba] User Script
I have a strange problem with one user on our network. We have a 'clump' of users that logon with the same username and password. The profile is 'locked' down, and for all intents and purposes it works fine, with the exception of one persons PC. When you logon with this computer for the first time it doesn't run the script off the samba server. The script maps drives that are needed for certain apps to run. If you Start/Shut Down/Log off user and then log back on, it runs the script. If you reboot it doesn't run the script. What I have her doing now is she boots up, logs on to the domain, then immediatly logs off, then logs back on and the script runs. There are approx 15 other people using that username, but she's the only one with this problem. Has anybody else seen this? Here's what I'm using: Server: RH 9.0 Samba 2.2.8a-1 configured as a PDC Workstations: Windows 2000 SP3 All of the workstations are clean installs as of the beginning of this week. TIA Rick -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, 2003-06-20 at 15:38, John H Terpstra wrote: > On Fri, 20 Jun 2003, Jonathan Johnson wrote: > > > OK, I don't have a strong understanding of oplocks, but I'm sure someone > > will correct me where I go wrong. > > Those interested in the whole OpLock story might benefit from reading > chapter 14 'File and Record Locking" of: > > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html > > From this coverage it should be obvious that file locking affects a > complex interaction of Client and Server protocols and configuration > settings. Please draw your own conclusions. Hi, John. I'm pretty sure I "get" what oplocks are for and why they are good, I guess my question would be more along the lines of "do they work properly in samba?" along with the error message that prompts the question. I think the question could be further distilled to "Is this an example of oplocks not working properly, or is it something else entirely?" I hope my question makes more sense worded that way. Thanks very much, Mark Roach -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
The original url got me nothing, but this: http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf got me the doc. >>> John H Terpstra <[EMAIL PROTECTED]> 06/20/03 02:38PM >>> http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows domain group policies
On Fri, 20 Jun 2003, Thomas Angst wrote: > Hello, > > Does anybody have an idea how I can set a group membership to a domain user? > I don't wan't to set the group membership on each computer one by one. > And all Windows admins I asked, doesn't have any anticipation how this > will work, if they don't have a button for click it. Chapter 23 and 24 of: http://samba.org/~jht/NT4migration/Samba-HOWTO-Collections.pdf If still not clear then please tell us what to fix. We MUST get this right before Samba-3 ships. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] why is samba3.0 server showing as PDC in W2K domain?
Please advise. I'm want to bring in Samba 3 to our existing W2K mixed-mode domain as a member server. Here is my smb.conf: realm = DEPLOY.AK ads server = xxx.xxx.xxx.xxx security = ads encrypt passwords = yes name resolve order = wins lmhosts bcast netbios name = tim-on-samba3 local master = no os level = 20 log file = /var/log/samba/log.%m socket option = TCP_NODELAY SO_SNDVUR=8192 SO_RCVBUF=8192 wins server = xxx.xxx.xxx.xxx wins support = no map to guest = bad user doman master = no template shell = /bin/bash server string = samba 3.0beta perferred master = no TIA, Tim -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winxp netlogon script
Folks, For what it is worth, in my testing of samba-3 domain logon behaviour I have found logon script processing totally reliable. The only instance of trouble that I have come across so far was with sites running RedHat 7.3 that did NOT have the glibc and kernel updates. In every case where the updates have been applied there has been no pleoblem. If you want your problems resolved then a little more detail might help. What version of samba? What platform (OS version and updates)? What smb.conf info? How are clients configured? - John T. On Fri, 20 Jun 2003, Khanh Tran wrote: > I have been experiencing the exact same issue as you, and I was wondering if > you ever came to a resolution? I didn't see a response on the Samba list! > > Thanks! > > List: samba > Subject: RE: [Samba] Winxp netlogon script > From: "Truman" > Date: 2003-05-16 20:31:28 > [Download message RAW] > > I am adding more information on my status: > The question that I need to find is why Win98 client have no problem > running the logon script and WinXp clients do not even appear to try. > > When I log onto the domain from a WinXp pro client the home share is > getting mapped but the logon script is not getting executed. I have > checked the log files and I am in the domain. > > Initially I had 2 WinXp client using roaming profiles just to test but I > decided against using this feature. This may somehow caused WinXp > clients to not run the logon script but I am not sure. I have the same > symptoms on 4 WinXp clients, and 1 win2000 client. > > Truman > > > Khanh Tran > Network Operations > Sarah Lawrence College > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0 Question...
Hello, The Linux setup is on my workstation (RedHat 9) with Samba 3.0 Beta 1. The Windows setup is a Windows 2000 native-mode domain to which a Windows XP workstation is a part of. I'll attach my smb.conf file. My machine has been successfully joined to the domain (hosted on Windows 2000). "wbinfo -{u,g,m}" all have successful returns of information. "net ads status" returns proper ldap information (or at least what I expect). >From the Windows workstation I can "nbtstat -A" the machine and see it's netbios name and the workgroup/domain it is a part of. My problem is that I cannot figure out what I'm missing in order to map a drive. >From the windows with "net view \\mynetbiosname" I get "System error 53 has occured" and "The network path cannot be found" >From Windows using "net use r: \\mynetbiosname\myshare" the message is the same "The network path cannot be found". >From Windows using "net use r: \\fqdn-of-linux-machine\myshare" the message is "The mapped network drive could not be created because the following error has occured: There are currently no logon servers available to service the logon request." Any ideas? If I revert back to "security = server", everything from Windows works as expected. Cheers, Ryan My smb.conf file: [global] workgroup = MISSOURI.EDU realm = MISSOURI.EDU # client NTLMv2 auth = yes winbind separator = + winbind cache time = 5 winbind uid = 500-65000 winbind gid = 500-65000 server string = Samba Server netbios name = mynetbiosname printcap name = /etc/printcap load printers = no printing = cups log file = /var/log/samba/%m.log max log size = 50 security = ADS ADS server = my-dcs-fqdn encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd unix password sync = Yes obey pam restrictions = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 3 domain master = no preferred master = no domain logons = no wins server = ip.of.my.wins dns proxy = no inherit acls = yes use sendfile = yes winbind use default domain = yes acl compatibility = Win2k [homes] comment = Home Directories browseable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
On Fri, 20 Jun 2003, Jonathan Johnson wrote: > OK, I don't have a strong understanding of oplocks, but I'm sure someone > will correct me where I go wrong. Those interested in the whole OpLock story might benefit from reading chapter 14 'File and Record Locking" of: http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.html >From this coverage it should be obvious that file locking affects a complex interaction of Client and Server protocols and configuration settings. Please draw your own conclusions. - John T. > > Overgeneralization #1: Disabling oplocks is ALWAYS a safe thing to do. > > Overgeneralization #2: Oplocks provide a performance boost by allowing the > workstation (ws1) to cache a copy of the file locally and set an oplock. > This way, the ws1 can assume it has exclusive access and doesn't need to > read/write to/from the server for every operation. Occasionally, the ws1 > syncs the cached copy with the server copy. When another workstation (ws2) > requests access to the file, the server asks the ws1 to break the oplock. > Ws1 then syncs the cache with the server, and tells the server that it's > released the oplock. The server then tells ws2 it can access the file. If > ws1 has the file open for read (not write), ws2 can open the file for read > without breaking any oplocks. > > Overgeneraliztion #3: With oplocks disabled, the workstation must always ask > for an exclusive lock before writing to the file, and does not cache a copy. > Another workstation can't access the file until the first workstation > releases it. > > Exactly what goes on when things go wrong (server doesn't ask for oplock > break; workstation doesn't release oplock, etc.) I can't tell you. As for > the meaning of your errors, I haven't a clue. > > --Jon > > P.S. -- My philosophy is that if you ask a question and no one answers, tell > a lie as gospel truth and everyone will. > > On 20 Jun 2003, Mark Roach wrote: > > > I have been searching for info on this and haven't found an > > authoritative answer. From what I have read, oplocks are good because > > they increase connection speeds, but they are bad because they don't > > really work, but they actually do work, but they only work in some > > cases, etc etc. > > > > so, here's my problem and my question together: I get tons of these > > messages every day (over a thousand a day) > > > > [2003/06/20 08:19:42, 0] smbd/oplock.c:request_oplock_break(1011) > > request_oplock_break: no response received to oplock break request to > > pid 22335 on port 35010 for dev = 2b00, inode = 688540, file_id = 256210 > > [2003/06/20 08:19:42, 0] smbd/open.c:open_mode_check(652) open_mode_check: > > exlusive oplock left by process 22335 after break ! For file UHG/Local > > Settings/Temporary Internet Files/Content.IE5/desktop.ini, dev = 2b00, > > inode = 688540. Deleting it to continue... > > > > > > is this an indication that I should disable oplocks, or is disabling > > oplocks a foolish, unsafe thing to do, or is there just some other > > problem I need to fix to allow me to keep using oplocks? > > > > Very confused. > > > > -Mark > > > > > > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Fw:
>Anyone know why I get this message on my NT when >trying to mount unix home to NT: > > The account is not authorized > to login from this station. > >Ran smbpasswd -u moorej There is no option "-u" (small "u"). RTFM. >Ran smbclient -L fairchd1 >Domain=[MYGROUP] OS=[Unix]Server=Samba .2.3a] > >Sharename Type Comment >- --- >moorej Disk Home Directory > >ON THE NT: > >C:\>net user e: \\199.254.200.1\moorej >The password is invalid for \\199.254.200.1\moorej. >Type the password for \\199.254.200.1\moorej: >The account is not authorized to login from this >station. You really want to map "E:" to your home directory, right? Why don't you use "net use" instead ? What you typed, "net user", means you want to add a new user to an NT server. >[global] > workgroup = MYGROUP > server string = Samba Server > security = SHARE > unix password sync = Yes > log file = /usr/local/samba/var/log.%m > max log size = 50 > dns proxy = No >[homes] > comment = Home Directories > valid users = %S > read only = No > browseable = No >[moorej] > comment = Home Directory > path = /home/moorej > valid users = moorej > read only = No With security=SHARE you don't need [homes]. They don't fit. But don't hurt either. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Need an explanation on Samba Log.
On Fri, 20 Jun 2003, Farget Vincent wrote: > Hi, > > > I am using Samba (v2.2.3a-12.3 on stable Debian Woody) on a bi-cpu server > acting as a primary domain controller to allow connection from Win98 and > Win2000Pro client computers. All user connections on the domain works well > but I have the following lines in my logs for every user connections : > Do you have "security = domain" by any chance? - John T. > > DATE MYSRV smbd[20603]: connect from xxx.xxx.xxx.xxx > DATE MYSRV smbd[20603]: [DATE, 0] > smbd/password.c:domain_client_validate(1517) > DATE MYSRV smbd[20603]: domain_client_validate: could not fetch trust > account password for domain MYDOM > > > > Can somebody tell me what does it really mean ? > > Thanks. > Best regards. > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows domain group policies
Gémes Géza írta: Thomas Angst írta: I am trying to use Samba 3.0, but as you answered the other mail with the add machine script, there are some problems to solve. If you are experimenting with 3.0b too and you can do, what we can't, to add a machine to the domain. Can you please inform me, how you did it? I spent a lots of time for this domain things and unfortunatly I am stuck now. About th groups, can you tell me, where you did found the infos? I'm using Debian and there are no manpage to that tool also not on the CVS tree on samba.org. If you are using Samba 2.x there is no way, I know , I need the same functionality for the same reasons. With Samba 3.0, TNG, you could do that, with samedit, etc tools. I'm just trying that tools right now. I'm just started to experiment with 3.0, so I'm absolutely not an expert of the new features, but the newly introduced net command has some interesting things, like: net3 groupmap, with which you could control the UNIX->NT group mappings Best regards Geza Gemes Sorry for the typos, the corrected version: I've just started to experiment with 3.0, so I'm absolutely not an expert of the new features, but the newly introduced net command has some interesting things, like: net groupmap, with which you could control the UNIX->NT group mappings -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] src rpm?
You need to run the makerpms.sh script that comes with the standard tar.gz source. I specified --with acl and it built mine just fine. Jim Wharton Network Administrator Alachua County Property Appraiser [EMAIL PROTECTED] > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Behalf Of > Norris, Brent > Sent: Friday, June 20, 2003 3:04 PM > To: '[EMAIL PROTECTED]' > Subject: [Samba] src rpm? > > > Is their a source rpm for the 3.0beta1 rpm? I would like to > recompile it > for ACL support, but I cannot seem to find one. Any links? > > Brent Norris > Assistant DTC, Edmonson County Schools > Cell: 270.246.0152 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > OutBound Mail Scanned by Mcafee Web Appliance. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows domain group policies
Thomas Angst írta: I am trying to use Samba 3.0, but as you answered the other mail with the add machine script, there are some problems to solve. If you are experimenting with 3.0b too and you can do, what we can't, to add a machine to the domain. Can you please inform me, how you did it? I spent a lots of time for this domain things and unfortunatly I am stuck now. About th groups, can you tell me, where you did found the infos? I'm using Debian and there are no manpage to that tool also not on the CVS tree on samba.org. If you are using Samba 2.x there is no way, I know , I need the same functionality for the same reasons. With Samba 3.0, TNG, you could do that, with samedit, etc tools. I'm just trying that tools right now. I'm just started to experiment with 3.0, so I'm absolutely not an expert of the new features, but the newly introduced net command has some interesting things, like: net3 groupmap, with which you could control the UNIX->NT group mappings Best regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] src rpm?
Is their a source rpm for the 3.0beta1 rpm? I would like to recompile it for ACL support, but I cannot seem to find one. Any links? Brent Norris Assistant DTC, Edmonson County Schools Cell: 270.246.0152 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Windows domain group policies
I am trying to use Samba 3.0, but as you answered the other mail with the add machine script, there are some problems to solve. If you are experimenting with 3.0b too and you can do, what we can't, to add a machine to the domain. Can you please inform me, how you did it? I spent a lots of time for this domain things and unfortunatly I am stuck now. About th groups, can you tell me, where you did found the infos? I'm using Debian and there are no manpage to that tool also not on the CVS tree on samba.org. > If you are using Samba 2.x there is no way, I know , I need the same > functionality for the same reasons. With Samba 3.0, TNG, you could do > that, with samedit, etc tools. I'm just trying that tools right now. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Replacing Samba PDC with new hardware
| What is the best way to make the switch without | making the current user accounts obsolete? Copy all shares to the new server. The tar is OK, but take care of the ACLs if you use them. Copy all user/group databases, copy /etc/samba directory, give the new server the same name and IP addres the old one had and start samba. Just like you planned. | I've duplicated the most of the environment already, | my users accounts have already been added to | /etc/passwd, /etc/group. I set up smb.conf, the | homes and netlogon share. I copied the logon.bat | file I've been using from the old box, and added | all my users and machine accounts to the smbpasswd | file as usual. Now as far as the SID I'm a little | fuzzy. I would ideally like the replacement server | to have the same netbios name (SERVER) as the de- | commissioned machine. For the moment I 've given | the new box the name (NEW_SERVER) so that I can copy | files over. I ran smbpasswd -S (domain) to suck the | SID to the new server already. Now when I shut down | the old box for good, and change the netbios name | will the SID for the domain be re-written making my | user accounts useless/unable to logon? Is there any | way to avoid this? Also is there a "better" way to | move the users home directories to new box? I was | planning on taring up the /home dir and just | expanding it on the new machine? Does anyone know | if I have all the users logged in, swap out the | servers, and log the users out will that send the | profile back to the home directory on the new server? Now I wouldn't really do it while everyone is still logged in. Although it is reasonable to expect that all the shares would reconnect as soon as one tries to access them, I wouldn't bet that profiles would just drop back in the desired slots on the new server. It's possible, but I'd still do it on a quiet day when noone's watching. Who knows what else may have gone wrong. If you really want to pull the carpet from under everyone's feet without toppling them, at least exercise the trick a couple of times on a sunny weekend alone if possible. Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC???
Hi All I am migrating from NT4 to Samba.. I followed the documentation in Samba-HOTO-Collection.pdf i am fine till i do #net rpc join -S NT4PDC -w WORKGROUP -U Administrator%password [2003/06/20] 14:54:03, ] utils/net_rpc.c:run_rpc_command(154) rpc command function failed! (NT_STATUS_ACCESS_DENIED) Joined domain WORKGROUP After this when i do #net rpc vampire -S NT4PDC -w WORKGROUP -U Administrator%password i have attched the error i got... Needed any kind of help...Did u do any wrong in smb.conf file or missed something??? with Best Regards YS [global] netbios name = POGO workgroup = ITERNAL passdb backend = smbpasswd, guest smbpasswd file = /etc/samba/smbpasswd os level = 64 preferred master = Yes domain master = Yes local master = Yes security = user encrypt passwords = Yes domain logons = Yes logon path = \\%N\profiles\%u logon drive = H: logon home = \\homeserver\%u\winprofile logon script = logon.cmd [netlogon] path = /usr/local/samba/lib/netlogon read only = Yes write list = ntadmin [profiles] path = /export/smb/ntprofile read only = No create mask = 0600 directory mask = 0700 [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username Administrator with uid 500 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(581) add_smbfilepwd_entry: entry with name Administrator already exists [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for Administrator failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user Administrator (group SID=S-1-5-21-2005620710-1318861517-1539857752-513) [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username Guest with uid 501 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(581) add_smbfilepwd_entry: entry with name Guest already exists [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for Guest failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user Guest (group SID=S-1-5-21-2005620710-1318861517-1539857752-514) [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username ISERVER1$ with uid 1000 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(581) add_smbfilepwd_entry: entry with name ISERVER1$ already exists [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for ISERVER1$ failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user ISERVER1$ (group SID=S-1-5-21-2005620710-1318861517-1539857752-513) [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username IUSR_ISERVER1 with uid 1001 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_smb_pass(1160) build_sam_pass: Failing attempt to store user with non-uid based user RID. [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for IUSR_ISERVER1 failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user IUSR_ISERVER1 (group SID=S-1-5-21-2005620710-1318861517-1539857752-513) [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username ITERNAL02$ with uid 1003 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_smb_pass(1160) build_sam_pass: Failing attempt to store user with non-uid based user RID. [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for ITERNAL02$ failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user ITERNAL02$ (group SID=S-1-5-21-2005620710-1318861517-1539857752-513) [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:build_sam_account(1226) build_sam_account: smbpasswd database is corrupt! username ITERNAL03$ with uid 1004 is not in unix passwd database! [2003/06/20 15:01:23, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(581) add_smbfilepwd_entry: entry with name ITERNAL03$ already exists [2003/06/20 15:01:23, 1] utils/net_rpc_samsync.c:fetch_account_info(452) SAM Account for ITERNAL03$ failed to be added to the passdb! [2003/06/20 15:01:23, 0] utils/net_rpc_samsync.c:fetch_account_info(472) Could not find unix group -1 for user ITERNAL03$ (group SID=S-1-5-21-200562071
Re: [Samba] ok, so oplocks: good or bad?
Jonathan Johnson said on Fri, Jun 20, 2003 at 11:39:09AM -0700: > On 20 Jun 2003, Mark Roach wrote: > > > I have been searching for info on this and haven't found an > > authoritative answer. From what I have read, oplocks are good because > > they increase connection speeds, but they are bad because they don't > > really work, but they actually do work, but they only work in some > > cases, etc etc. > > > > so, here's my problem and my question together: I get tons of these > > messages every day (over a thousand a day) > > > > [2003/06/20 08:19:42, 0] smbd/oplock.c:request_oplock_break(1011) > > request_oplock_break: no response received to oplock break request to > > pid 22335 on port 35010 for dev = 2b00, inode = 688540, file_id = 256210 > > [2003/06/20 08:19:42, 0] smbd/open.c:open_mode_check(652) open_mode_check: > > exlusive oplock left by process 22335 after break ! For file UHG/Local > > Settings/Temporary Internet Files/Content.IE5/desktop.ini, dev = 2b00, > > inode = 688540. Deleting it to continue... > > > > > > is this an indication that I should disable oplocks, or is disabling > > oplocks a foolish, unsafe thing to do, or is there just some other > > problem I need to fix to allow me to keep using oplocks? I always disable oplocks. After experiencing some odd, unreproducable problems with files getting corrupted, being out of sync, etc, I read a very through post on this mailing list explaining why oplocks were and how they could break. After blinking in disbelief that someone thought that this was good idea, I turned them off, and all of the problems went away. My user's haven't complained about performance degradation, but they always complained about destroyed data. M pgp0.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Machine Account Question With LDAP
Where should the sambaPrimaryGroupSID for a machine account point? Mine point to a SID that is not used. S-1-5-21-1866435639-2936868300-2408733660-513 This SID is showing up in the Administrators Group of computers that join the domain and it doesn't map to anything (Domain Admins is not be added to the Administrators Group). Also this SID minus 1 is showing up in the Users Group. Is there a good document that explains SIDs, RIDs & UIDs. I am wondering if it is okay for unix uid for some user to be the same a another user's RID? From what I currently understand these are complete different numbers that are tied by some formula to one another. thanks, ryan -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] XP causing sending full user's name instead of login afteralready logged in
XP seems to have this thing for sending the User's full name string instead of the user's user name at times (even after they are logged in), any possibility to get samba to possibly figure out when it's a user's name string and search for the user's cn or displayName? Example: [2003/06/20 14:05:24, 2] passdb/pdb_ldap.c:ldapsam_search_suffix(948) ldapsam_search_suffix: searching for:[(&(&(uid=User's Name)(objectClass=sambaSamAccount))(objectclass=sambaSamAccount))] [2003/06/20 14:05:24, 2] auth/auth.c:check_ntlm_password(293) check_ntlm_password: Authentication for user [User's Name] -> [User's Name] FAILED with error NT_STATUS_NO_SUCH_USER signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.7a - adduser script only worked the first time
>Allen írta: > >>I have WinXP machines loging into a samba domain. I am using this add user script: >> >> >>add user script = useradd -d /dev/null -g 300 -s /bin/false -M %u >> >>This worked beautifully with the first WinXP machine I set up. I immediately >>booted up a second machine and got the "Access Denied" error. I have tried two >>more computers since and keep getting the same thing but the first machine still >>logs in and out fine. The samba.log keeps saying that the user does not exist >>on the domain. >>All of my WinXP machines were ghosted from the same image so I don't believe >>the problem is on that side. >> >>Any ideas? >>-Allen >> >>Allen Seelye >>"DeadTOm" >>[EMAIL PROTECTED] >>ICQ# 8286205 >> >Sorry if it sounds fullish, but have you checked, that your computers don't have all the same name, if you ghost them, you first need to change their names. > >Best Regards > >Geza Gemes > > Actually that's not a stupid question, that happened when we first started using Ghost. DOH! But I did figured it out. We are using the serial numbers of the machines as their computer names. Some of them start with letters and some of them start with numbers. Linux doesn't won't allow usernames that begins with a number. So when the add user script was running it would hit that name, fail to create a system user, then smbpasswd couldn't enter it because there was no system user, then windows would kick back an 'access denied' message. It would have been nice for that to show up in the samba.log but it didn't. I found out by manually entering the computer name at the console and seeing the 'invcalid username' message. We'll just have to modify our naming convention a little bit for the computers. Thanks for the response though. -Allen Allen Seelye "DeadTOm" [EMAIL PROTECTED] ICQ# 8286205 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ok, so oplocks: good or bad?
OK, I don't have a strong understanding of oplocks, but I'm sure someone will correct me where I go wrong. Overgeneralization #1: Disabling oplocks is ALWAYS a safe thing to do. Overgeneralization #2: Oplocks provide a performance boost by allowing the workstation (ws1) to cache a copy of the file locally and set an oplock. This way, the ws1 can assume it has exclusive access and doesn't need to read/write to/from the server for every operation. Occasionally, the ws1 syncs the cached copy with the server copy. When another workstation (ws2) requests access to the file, the server asks the ws1 to break the oplock. Ws1 then syncs the cache with the server, and tells the server that it's released the oplock. The server then tells ws2 it can access the file. If ws1 has the file open for read (not write), ws2 can open the file for read without breaking any oplocks. Overgeneraliztion #3: With oplocks disabled, the workstation must always ask for an exclusive lock before writing to the file, and does not cache a copy. Another workstation can't access the file until the first workstation releases it. Exactly what goes on when things go wrong (server doesn't ask for oplock break; workstation doesn't release oplock, etc.) I can't tell you. As for the meaning of your errors, I haven't a clue. --Jon P.S. -- My philosophy is that if you ask a question and no one answers, tell a lie as gospel truth and everyone will. On 20 Jun 2003, Mark Roach wrote: > I have been searching for info on this and haven't found an > authoritative answer. From what I have read, oplocks are good because > they increase connection speeds, but they are bad because they don't > really work, but they actually do work, but they only work in some > cases, etc etc. > > so, here's my problem and my question together: I get tons of these > messages every day (over a thousand a day) > > [2003/06/20 08:19:42, 0] smbd/oplock.c:request_oplock_break(1011) > request_oplock_break: no response received to oplock break request to > pid 22335 on port 35010 for dev = 2b00, inode = 688540, file_id = 256210 > [2003/06/20 08:19:42, 0] smbd/open.c:open_mode_check(652) open_mode_check: > exlusive oplock left by process 22335 after break ! For file UHG/Local > Settings/Temporary Internet Files/Content.IE5/desktop.ini, dev = 2b00, > inode = 688540. Deleting it to continue... > > > is this an indication that I should disable oplocks, or is disabling > oplocks a foolish, unsafe thing to do, or is there just some other > problem I need to fix to allow me to keep using oplocks? > > Very confused. > > -Mark > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Unexpected IP resolution
>The result from nmblookup (same result on all >platform) for a given samba server isn't what I >expect. But it is exactly what nmblookup expects if you configure your card the way you did! >[global] > netbios name = ourserver2 > netbios aliases = ourserverdev ourserverlab ourserver > name resolve order = hosts bcast > >/etc/hosts >10.10.10.1 ourserver1 >10.10.10.2 ourserver2 >10.10.10.10ourserver >10.10.10.11ourserverdev >10.10.10.12ourserverlab > >My hostname is set to ourserver2. > >ifconfig : >2: eth0: mtu 1500 qdisc >pfifo_fast qlen 100 > link/ether 00:99:fc:99:99:fc brd ff:ff:ff:ff:ff:ff > inet 10.10.10.2/24 brd 10.10.10.255 scope global eth0 > inet 10.10.10.10/24 brd 10.10.10.255 scope global secondary eth0:1 > inet 10.10.10.11/24 brd 10.10.10.255 scope global secondary eth0:2 > inet 10.10.10.12/24 brd 10.10.10.255 scope global secondary eth0:3 > >On whatever machine I run a nmblookup, I get : >$ nmblookup ourserver2 ->querry ourserver2 on 10.10.10.255 =>10.10.10.12 >$ nmblookup ourserverdev ->querry ourserverdev on 10.10.10.255 =>10.10.10.12 >$ nmblookup ourserverlab ->querry ourserverlab on 10.10.10.255 =>10.10.10.12 Sure, that's what got entered in the WINS tdb. >A tcpdump/ethereal show me that it is really >10.10.10.2 that answers me. Of course. The computer knows its name is ourserver2 and its address is 10.10.10.2. You didn't ask the computer to tell you its name and address. You asked nmblookup to tell you what address is entered for each of those names. Now you know - each one is pegged to 10.10.10.12. >Is it normal that I get 10.10.10.12 for every >machine ? How comes ? Yes, it's normal. Giving several addresses in the same network to an ether card just doesn't cut it. You may just as well leave the real address and set different aliases to map to the same IP address, although it's questionable what that may be good for. So, what did you actually want to do? Perhaps there are easier ways to do it and someone on this list can help you. We know that you would like nmblookup to give you a different address for every alias but we don't know why you would want something like that. What should such obfuscation accomplish? Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] winbind error
Did you join the domain successfully? -Original Message- From: Jim Adkins [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 1:10 PM To: [EMAIL PROTECTED] Subject: [Samba] winbind error Hello, I've been working on getting winbind set up and running for quite some time now. I've had absolutly no luck. I've tried mulitple tutorials, and I've always had the same problems. It seems that winbind runs, but doesn't DO anything. I've tried to use wbinfo to ping winbind, and it can't ping it. but by using ps -ea | grep winbindd, I get "15824 ?00:00:00 winbindd" so it seems to be running, but just not doing anything. Why would it be running and wbinfo not be able to ping it or pull any info with it? Well, here's my smb.conf file, I've been using SWAT to manage it, and it seems to be working fine for everything else, but I want to be able to have my domain users and groups on my Linux box so that shares can have better security. # Samba config file created using SWAT # from localhost (127.0.0.1) # Date: 2003/06/20 11:03:53 # Global parameters [global] workgroup = SBH netbios name = SG3 server string = Samba Server %v security = DOMAIN encrypt passwords = Yes map to guest = Bad User password server = MSS1 SERVER3 SBHMX password level = 3 username level = 3 unix password sync = Yes restrict anonymous = Yes log file = /var/log/samba/log.%m max log size = 50 keepalive = 100 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups add user script = /usr/sbin/useradd %u delete user script = /usr/sbin/userdel %u logon path = preferred master = No domain master = No dns proxy = No winbind uid = 1-2 winbind gid = 1-2 template homedir = /home/winnt/%D/%U winbind separator = + printer admin = @adm profile acls = Yes printing = cups [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 guest ok = Yes printable = Yes print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. browseable = No [print$] path = /var/lib/samba/printers write list = @adm root guest ok = Yes Please, can anyone help me out. I've been pulling my hair out for weeks with this. Thank you all in advance. -Jim _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 2.2.7a - adduser script only worked the first time
Allen írta: I have WinXP machines loging into a samba domain. I am using this add user script: add user script = useradd -d /dev/null -g 300 -s /bin/false -M %u This worked beautifully with the first WinXP machine I set up. I immediately booted up a second machine and got the "Access Denied" error. I have tried two more computers since and keep getting the same thing but the first machine still logs in and out fine. The samba.log keeps saying that the user does not exist on the domain. All of my WinXP machines were ghosted from the same image so I don't believe the problem is on that side. Any ideas? -Allen Allen Seelye "DeadTOm" [EMAIL PROTECTED] ICQ# 8286205 Sorry if it sounds fullish, but have you checked, that your computers don't have all the same name, if you ghost them, you first need to change their names. Best Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] winbind error
Hello, I've been working on getting winbind set up and running for quite some time now. I've had absolutly no luck. I've tried mulitple tutorials, and I've always had the same problems. It seems that winbind runs, but doesn't DO anything. I've tried to use wbinfo to ping winbind, and it can't ping it. but by using ps -ea | grep winbindd, I get "15824 ?00:00:00 winbindd" so it seems to be running, but just not doing anything. Why would it be running and wbinfo not be able to ping it or pull any info with it? Well, here's my smb.conf file, I've been using SWAT to manage it, and it seems to be working fine for everything else, but I want to be able to have my domain users and groups on my Linux box so that shares can have better security. # Samba config file created using SWAT # from localhost (127.0.0.1) # Date: 2003/06/20 11:03:53 # Global parameters [global] workgroup = SBH netbios name = SG3 server string = Samba Server %v security = DOMAIN encrypt passwords = Yes map to guest = Bad User password server = MSS1 SERVER3 SBHMX password level = 3 username level = 3 unix password sync = Yes restrict anonymous = Yes log file = /var/log/samba/log.%m max log size = 50 keepalive = 100 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 printcap name = cups add user script = /usr/sbin/useradd %u delete user script = /usr/sbin/userdel %u logon path = preferred master = No domain master = No dns proxy = No winbind uid = 1-2 winbind gid = 1-2 template homedir = /home/winnt/%D/%U winbind separator = + printer admin = @adm profile acls = Yes printing = cups [homes] comment = Home Directories read only = No browseable = No [printers] comment = All Printers path = /var/spool/samba create mask = 0700 guest ok = Yes printable = Yes print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers. browseable = No [print$] path = /var/lib/samba/printers write list = @adm root guest ok = Yes Please, can anyone help me out. I've been pulling my hair out for weeks with this. Thank you all in advance. -Jim _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Fwd: Re: [Samba] add user script & samba 3.0b
What seems to be a dangerous thing to me is that your samba doesn't bend to lo (127.0.0.1 aka localhost) I'm not shure if it is the origin of your problems, but in the docs is written, that lots of tools, including smbpasswd (maybe others things too ?) relays on accessing localhost, if security=user. Anyway I would suggest to try with this new settings too. I'm really new to the 3.0 branch, and I would want an LDAP solution (Samba PDC+ Samba BDC). Best Regards Geza Gemes [EMAIL PROTECTED] írta: this is my smb.conf, as i failed before , the machine add script works on the fly, but the machine account which is right in the smbpasswd, does not login after required reboot win2k serv3 to domain, with failure message local computer account is not trusted My plan is to make samba easier administrate with usmgr, machine creation on the fly. And i dont wanna use ldap. is anyone working on that too? i compiled the beta on suse 8.2 from scratch do sombody have any usefull comments about this config? [global] dos charset = ASCII display charset = UTF8 workgroup = LINUX interfaces = eth0 bind interfaces only = Yes map to guest = Bad User passwd program = /usr/bin/passwd %u username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /var/log/samba/%m time server = Yes keepalive = 255 socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No printcap name = cups add user script = /usr/sbin/useradd -m %u delete user script = /usr/sbin/userdel -r %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' #create a group machines first ! add machine script = /usr/sbin/useradd -g machines -c Machine -d /dev/null -s /bin/false %u logon drive = z domain logons = Yes os level = 255 preferred master = Yes domain master = Yes wins proxy = Yes wins support = Yes ldap ssl = no utmp = Yes host msdfs = Yes admin users = Administrator [homes] comment = Home Directories read only = No create mask = 0640 directory mask = 0750 browseable = No it seems that the developers group has changed the command name from add user script to add machine script you can see the difference only in the man page on the CVS tree after I changed it to this command in smb.conf - it worked. regards [EMAIL PROTECTED] schrieb: HI if tested the add user script (samba3beta) and it works fine for me but the created machine account , it not followed with a working login, win2k serv pack 3 says computer account is not trusted in the domain, this is is not a failure by the script , cause i tried traditional way too. ( smbpasswd -a -m ) any ideas? Regards Howdy, I would like to use the samba server as a replacment for NT Servers. So I need the add user script command for adding new machines to the domain. This is no problem in all 2.2.X versions of samba which I used. But on version 3.0 alpha and beta it is not working. I am using debian 3.0r1 with the unstable package of samba 3.0beta. smb.conf: [global] workgroup = unreal server string = %h server (Samba %v) log file = /var/log/samba/log.%m syslog = 0 security = user encrypt passwords = true passdb backend = smbpasswd:/etc/samba/smbpasswd socket options = TCP_NODELAY wins server = 192.168.0.133 dns proxy = no admin users = root, admin, administrator add user script = /usr/sbin/useradd -d /dev/null -g 100 -s bin/false -M %u domain logons = yes domain master = yes logon path = \\%N\profiles\%U logon drive = H: logon home = \\%N\%U logon script = logon.bat samba.log: [2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314) root logged in as admin user (root privileges) [2003/06/20 00:33:39, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597) add_smbfilepwd_entry: cannot add account roof2$ without unix identity [2003/06/20 00:33:39, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(2313) could not add user/computer roof2$ to passdb. Check permissions? The same command line is working with 2.2.3a (Debian testing). thanks for any answer Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! -- To unsubscribe from this list go to the following URL and read the instruc
[Samba] Samba3 and winxp printing problem...
cyroreal cyroreal at bol.com.br Fri Jun 20 12:06:36 GMT 2003 Hello all, I am using the samba3 package from debian unstable, on my debian box, and i am trying to let another machine (winXP) to access the printer o the samba box, but it is not working, i have no experience with samba3, but i have "some" experience with samba2, so what are the diferences about sharing a printer on these samba releases? Do i have to apply the registry patch on the winXP box with samba3 too? I am using cups on the samba box and the printer is printing fine on linux. Help please... Cyro Hi Cyro, please tell me if this document http://www.linuxprinting.org/kpfeifle/SambaPrintHOWTO/ helps you to solve your problem. The differences in configuration are described in section 6.3.5. CUPS printing is described in very much detail, in all of chapter 7. Cheers, Kurt -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Roaming Profile XP
On Fri, Jun 20, 2003 at 06:01:47PM +0800, Adrian Chow wrote: > I have configured roaming profile on WIndows Xp client that is connect to > the Samba. Login works fine except that when I change the wallpaper on > one machine, log off and goes to another machine, the wallpaper was not > changed on the other one. > > Other files created on the desktop are changed. > > Can anyone explain or help ? Adrian, I ran into this too. This is what happens. Say I set my background to be something OTHER THAN a bitmap like mypic.jpg. XP converts the jpg to a bitmap and stores the bitmap under "Local Settings" in the profile, which of course doesn't roam. The simple fix that I've been telling my users is to first convert their background to a bitmap image and store it on a network drive, then set your background to that image and your background roams with you. Works for me. Nathan -- nre :wq -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 2.2.7a - adduser script only worked the first time
I have WinXP machines loging into a samba domain. I am using this add user script: add user script = useradd -d /dev/null -g 300 -s /bin/false -M %u This worked beautifully with the first WinXP machine I set up. I immediately booted up a second machine and got the "Access Denied" error. I have tried two more computers since and keep getting the same thing but the first machine still logs in and out fine. The samba.log keeps saying that the user does not exist on the domain. All of my WinXP machines were ghosted from the same image so I don't believe the problem is on that side. Any ideas? -Allen Allen Seelye "DeadTOm" [EMAIL PROTECTED] ICQ# 8286205 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] what is the default amount of time that smbpasswdincrements the sambaPwdMustChange value
So I get a phone call about my companie's controler not being able to log into samba. About two weeks ago we migrated from Win2k Server to Samba running on LDAP. What would be the default value that sambaPwdMustChange would be incremented? This is NT Time Right (1 unit for every 100 ms from 1600 right?) I just had to bump everybody what I'm guessing is three weeks, but I need to know soon so I don't get woken up out of bed again! signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] A Group Policy Question in Win9x (yes, another one).
I can tell you what's missing John. :) The thing that I have been having great difficulty understanding, and this could be because of lack of Windows knowledge but bear with me, is how you can have DIFFERENT policy files based on... well, anything. I know group support is limited... how about even based on NetBIOS name as I can easily get that from %m at least. I know, for example, the profile of a Win2k machine will be located in \\SERVER\NETLOGON\Default Profile, but what if I want to have one for lab PC's and one for Office PC's, and for some remote sites, none at all, just authentication? I know how to implement policies per user, too, but I don't want to have to login as the user, set the policy and then save the policy and log out. How can I apply a policy to a user based on some arbitrary information? Is the logon script early enough to do some work behind the scenes to smylink the proper files into the right place, or... am I totally off track here? I'm sure this is something everyone does, but I can't for the life of me figure out the way to make this stuff apply to different users differently. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$&| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Fri, 2 May 2003, John H Terpstra wrote: > On Fri, 2 May 2003, Nathan wrote: > > > John: > > > > Thank-you for the immediate reply. > > > > By pointing me to a document for version 3.0, does this mean that group > > policies (in Win9x) do not work for versions < 3.0? As I am running a 2.2.x > > version, and the 3.0 version is still in BETA (as far as I know), I would > > like to know if I can implement group policies in the version I'm running. > > Samba does NOT implement group policies - your MS Windows client does. > What samba has to implement is the NETLOGON share in which you need to > place your Config.POL file. Samba also needs to be configured to support > network logons. ie: In smb.conf [globals] > domain logons = Yes > > So what else is missing from the HOWTO? I do need to know. > > - John T. > > > > > Thanks, > > Nathan > > > > > > - Original Message - > > From: "John H Terpstra" <[EMAIL PROTECTED]> > > To: "Nathan" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]> > > Sent: Friday, May 02, 2003 6:09 PM > > Subject: Re: [Samba] A Group Policy Question in Win9x (yes, another one). > > > > > > > Nathan, > > > > > > Please refer to the following document. It is a work in progress that will > > > be completed for inclusion in Samba-3. > > > > > > If you do NOT find what you need in this document then please let me know > > > at the earliest opportunity. > > > > > > http://samba.org/~jht/NT4migration/Samba-HOWTO-Collection.pdf > > > > > > Cheers, > > > John T. > > > > > > > > > On Fri, 2 May 2003, Nathan wrote: > > > > > > > I am wondering if anyone has ever answered the question of group > > policy operability under Windows 9x. That is, I am _not_ looking for a > > work-around but the real thing--one config.pol file to service several > > groups. > > > > I have done my homework, hopefully well, but found nothing. To > > prove this, I will quickly summarize my findings below. Either I have > > found: > > > > > > > > 1. a list of unresolved (mostly unreplied as well) inquiries from the > > past including some from Sept, Oct, and Dec of 1999, along with the latest > > inquiry dated July 2002, and others as well. (These were from the SAMBA > > Mailing List.) > > > > > > > > or > > > > > > > > 2. a work-around. > > > > > > > > Please let me know if any version <3.0 correctly supports group > > policies for Win9x machines. > > > > > > > > > > > > Thank-you, > > > > Nathan Howard > > > > -- > > > > To unsubscribe from this list go to the following URL and read the > > > > instructions: http://lists.samba.org/mailman/listinfo/samba > > > > > > > > > > -- > > > John H Terpstra > > > Email: [EMAIL PROTECTED] > > > > > > > -- > John H Terpstra > Email: [EMAIL PROTECTED] > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Fwd: Re: [Samba] add user script & samba 3.0b
this is my smb.conf, as i failed before , the machine add script works on the fly, but the machine account which is right in the smbpasswd, does not login after required reboot win2k serv3 to domain, with failure message local computer account is not trusted My plan is to make samba easier administrate with usmgr, machine creation on the fly. And i dont wanna use ldap. is anyone working on that too? > i compiled the beta on suse 8.2 from scratch > do sombody have any usefull comments about this config? > > > > [global] > dos charset = ASCII > display charset = UTF8 > workgroup = LINUX > interfaces = eth0 > bind interfaces only = Yes > map to guest = Bad User > passwd program = /usr/bin/passwd %u > username map = /etc/samba/smbusers > unix password sync = Yes > log level = 2 > log file = /var/log/samba/%m > time server = Yes > keepalive = 255 > socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=8192 > SO_RCVBUF=8192 > load printers = No > printcap name = cups > add user script = /usr/sbin/useradd -m %u > delete user script = /usr/sbin/userdel -r %u > add group script = /usr/sbin/groupadd -r %g > delete group script = /usr/sbin/groupdel %g > add user to group script = /usr/bin/gpasswd -a %u %g > delete user from group script = /usr/bin/gpasswd -d %u %g > set primary group script = /usr/sbin/usermod -g '%g' '%u' > #create a group machines first ! > add machine script = /usr/sbin/useradd -g machines -c Machine -d > /dev/null -s /bin/false %u > logon drive = z > domain logons = Yes > os level = 255 > preferred master = Yes > domain master = Yes > wins proxy = Yes > wins support = Yes > ldap ssl = no > utmp = Yes > host msdfs = Yes > admin users = Administrator > > [homes] > comment = Home Directories > read only = No > create mask = 0640 > directory mask = 0750 > browseable = No > > > > > it seems that the developers group has changed the command name from > > add user script to add machine script > > you can see the difference only in the man page on the CVS tree > > after I changed it to this command in smb.conf - it worked. > > > > regards > > > > [EMAIL PROTECTED] schrieb: > > > > >HI if tested the add user script (samba3beta) and it works fine for me > > >but the created machine account , it not followed > > >with a working login, win2k serv pack 3 says computer account is not > > trusted > > >in the domain, > > >this is is not a failure by the script , cause i tried traditional way > > too. > > >( smbpasswd -a -m ) > > >any ideas? > > >Regards > > > > > > > > > > > > > > > > > > > > > > > >>Howdy, > > >> > > >>I would like to use the samba server as a replacment for NT Servers. > > >>So I need the add user script command for adding new machines to the > > >>domain. > > >>This is no problem in all 2.2.X versions of samba which I used. > > >>But on version 3.0 alpha and beta it is not working. > > >> > > >>I am using debian 3.0r1 with the unstable package of samba 3.0beta. > > >> > > >>smb.conf: > > >>[global] > > >>workgroup = unreal > > >>server string = %h server (Samba %v) > > >>log file = /var/log/samba/log.%m > > >>syslog = 0 > > >>security = user > > >>encrypt passwords = true > > >>passdb backend = smbpasswd:/etc/samba/smbpasswd > > >>socket options = TCP_NODELAY > > >>wins server = 192.168.0.133 > > >>dns proxy = no > > >>admin users = root, admin, administrator > > >>add user script = /usr/sbin/useradd -d /dev/null -g 100 -s > bin/false > > > > >>-M %u > > >>domain logons = yes > > >>domain master = yes > > >>logon path = \\%N\profiles\%U > > >>logon drive = H: > > >>logon home = \\%N\%U > > >>logon script = logon.bat > > >> > > >>samba.log: > > >>[2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314) > > >> root logged in as admin user (root privileges) > > >>[2003/06/20 00:33:39, 0] > > passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597) > > >> add_smbfilepwd_entry: cannot add account roof2$ without unix > identity > > >>[2003/06/20 00:33:39, 0] > > >>rpc_server/srv_samr_nt.c:_api_samr_create_user(2313) > > >> could not add user/computer roof2$ to passdb. Check permissions? > > >> > > >> > > >>The same command line is working with 2.2.3a (Debian testing). > > >> > > >>thanks for any answer > > >>Thomas > > >> > > >>-- > > >>To unsubscribe from this list go to the following URL and read the > > >>instructions: http://lists.samba.org/mailman/listinfo/samba > > >> > > >> > > >> > > > > > > > > > > > > > > > -- > +++ GMX - Mail, Messaging & more http://www.gmx.net +++ > Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! > > -- +++ GMX
Re: [Samba] Error "Could not fetch trust account password" in Samba3 Beta..what do I need to do?
Hi. i have exact the same problem with same logs, on suse 8.2 with samba compiled from scratch or using suse first rpm of the beta Regards Specifics samba-3.0.0beta1-1.i386.rpm on RedHat 9 and smbpasswd > authentication, the machine is the PDC and security is set for user. The > machine account was setup on the fly and it appears in passwd, shadow, and > smbpasswd files as it should. However it seemed to take a very long time > to > join the domain, about 1-1/2 minutes. I can browse the Samba PDC machine > and access the shares, etc. After joining the domain, the machine logging > in says it is "unable to locate a domain controller for domain > 'XMYDOMAINX'". I am using the same identical smb.conf that I used for > Samba3_alpha23 which worked fine. All of the mailing list archives > pointing > to this problem all seem to have to do with winbind and having another NT > PDC. This is NOT my case, there is no other PDC or domain. Is the > problem > my secrets.tdb file and how do I refresh or regenerate that? The log from > the joining of the machine to the domain and the first login attempt is > included (of course all of the X's are filled in with the appropriate > things), I have pointed out where things fail. Thanks in advance for any > help! > > [2003/06/20 08:06:57, 2] auth/auth.c:check_ntlm_password(288) > check_ntlm_password: authentication for user [] -> [] > -> > [] succeeded > [2003/06/20 08:06:57, 2] lib/access.c:check_access(325) > Allowed connection from (192.168.xxx.xxx) > [2003/06/20 08:06:57, 0] smbd/service.c:set_admin_user(314) > logged in as admin user (root privileges) > [2003/06/20 08:07:31, 2] smbd/sesssetup.c:setup_new_vc_session(504) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all > old > resources. > [2003/06/20 08:07:31, 2] smbd/sesssetup.c:setup_new_vc_session(504) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all > old > resources. > [2003/06/20 08:07:31, 2] auth/auth.c:check_ntlm_password(288) > check_ntlm_password: authentication for user [root] -> [root] -> [root] > succeeded > [2003/06/20 08:07:32, 2] lib/access.c:check_access(325) > Allowed connection from (192.168.xxx.xxx) > [2003/06/20 08:07:32, 0] smbd/service.c:set_admin_user(314) > root logged in as admin user (root privileges) > [2003/06/20 08:07:32, 2] > rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513) > Returning domain sid for domain XMy_DomainX -> > S-X-X-XX-XX-X-XX > [2003/06/20 08:08:32, 0] auth/auth_domain.c:check_ntdomain_security(433) > check_ntdomain_security: could not fetch trust account password for > domain > 'XMy_DomainX' <<<--- > [2003/06/20 08:08:32, 2] auth/auth.c:check_ntlm_password(295) > check_ntlm_password: Authentication for user [] -> [] FAILED with error > NT_STATUS_CANT_ACCESS_DOMAIN_INFO <<-- > [2003/06/20 08:09:33, 2] smbd/server.c:exit_server(558) > Closing connections > [2003/06/20 08:12:50, 2] smbd/sesssetup.c:setup_new_vc_session(504) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all > old > resources. > [2003/06/20 08:12:50, 2] smbd/sesssetup.c:setup_new_vc_session(504) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close > all > old > resources. > [2003/06/20 08:12:50, 0] auth/auth_domain.c:check_ntdomain_security(433) > check_ntdomain_security: could not fetch trust account password for > domain > 'XMy_DomainX' > [2003/06/20 08:12:50, 2] auth/auth.c:check_ntlm_password(295) > check_ntlm_password: Authentication for user [] -> [] FAILED with error > NT_STATUS_CANT_ACCESS_DOMAIN_INFO > [2003/06/20 08:13:01, 2] smbd/server.c:exit_server(558) > Closing connections > [2003/06/20 08:13:30, 0] auth/auth_domain.c:check_ntdomain_security(433) > check_ntdomain_security: could not fetch trust account password for > domain > 'XMy_DomainX' > [2003/06/20 08:13:30, 2] auth/auth.c:check_ntlm_password(295) > check_ntlm_password: Authentication for user [] -> [] FAILED with error > NT_STATUS_CANT_ACCESS_DOMAIN_INFO > [2003/06/20 08:13:36, 2] smbd/server.c:exit_server(558) > Closing connections > [2003/06/20 08:13:44, 2] smbd/server.c:exit_server(558) > Closing connections > [2003/06/20 08:13:44, 0] auth/auth_domain.c:check_ntdomain_security(433) > check_ntdomain_security: could not fetch trust account password for > domain > 'XMy_DomainX' > [2003/06/20 08:13:44, 2] auth/auth.c:check_ntlm_password(295) > check_ntlm_password: Authentication for user [] -> [] FAILED with error > NT_STATUS_CANT_ACCESS_DOMAIN_INFO > [2003/06/20 08:13:44, 2] smbd/server.c:exit_server(558) > Closing connections > [2003/06/20 08:13:44, 2] auth/auth.c:check_ntlm_password(288) > check_ntlm_password: authentication for user [] -> [] > -> > [] succeeded > [2003/06/20 08:13:44, 2] lib/access.c:check_access(325) > Allowed co
[Samba] Bug or feature?
I attempted to write a catch-all command line that would add/enable/set password for a user, to make sure they were in good shape upon a reactivation of their account. However, in my opinion, the man pages are incorrect when regarding the -e switch. -a and -e will not work together, so the behavior of -e is not really benign if the user does not need enabling. I guess this is somewhat of a gray area, as if the user does not exist, a -e flag should probably fail... but... I guess what I'm asking is was the intended behavior that -a -e would not work together (ie. if the account does not exist, the -a will not be used either), or is -a -e supposed to be a way to add/enable a user? _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$&| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Error "Could not fetch trust account password" in Samba 3Beta..what do I need to do?
Specifics samba-3.0.0beta1-1.i386.rpm on RedHat 9 and smbpasswd authentication, the machine is the PDC and security is set for user. The machine account was setup on the fly and it appears in passwd, shadow, and smbpasswd files as it should. However it seemed to take a very long time to join the domain, about 1-1/2 minutes. I can browse the Samba PDC machine and access the shares, etc. After joining the domain, the machine logging in says it is "unable to locate a domain controller for domain 'XMYDOMAINX'". I am using the same identical smb.conf that I used for Samba3_alpha23 which worked fine. All of the mailing list archives pointing to this problem all seem to have to do with winbind and having another NT PDC. This is NOT my case, there is no other PDC or domain. Is the problem my secrets.tdb file and how do I refresh or regenerate that? The log from the joining of the machine to the domain and the first login attempt is included (of course all of the X's are filled in with the appropriate things), I have pointed out where things fail. Thanks in advance for any help! [2003/06/20 08:06:57, 2] auth/auth.c:check_ntlm_password(288) check_ntlm_password: authentication for user [] -> [] -> [] succeeded [2003/06/20 08:06:57, 2] lib/access.c:check_access(325) Allowed connection from (192.168.xxx.xxx) [2003/06/20 08:06:57, 0] smbd/service.c:set_admin_user(314) logged in as admin user (root privileges) [2003/06/20 08:07:31, 2] smbd/sesssetup.c:setup_new_vc_session(504) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2003/06/20 08:07:31, 2] smbd/sesssetup.c:setup_new_vc_session(504) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2003/06/20 08:07:31, 2] auth/auth.c:check_ntlm_password(288) check_ntlm_password: authentication for user [root] -> [root] -> [root] succeeded [2003/06/20 08:07:32, 2] lib/access.c:check_access(325) Allowed connection from (192.168.xxx.xxx) [2003/06/20 08:07:32, 0] smbd/service.c:set_admin_user(314) root logged in as admin user (root privileges) [2003/06/20 08:07:32, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2513) Returning domain sid for domain XMy_DomainX -> S-X-X-XX-XX-X-XX [2003/06/20 08:08:32, 0] auth/auth_domain.c:check_ntdomain_security(433) check_ntdomain_security: could not fetch trust account password for domain 'XMy_DomainX' <<<--- [2003/06/20 08:08:32, 2] auth/auth.c:check_ntlm_password(295) check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_CANT_ACCESS_DOMAIN_INFO <<-- [2003/06/20 08:09:33, 2] smbd/server.c:exit_server(558) Closing connections [2003/06/20 08:12:50, 2] smbd/sesssetup.c:setup_new_vc_session(504) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2003/06/20 08:12:50, 2] smbd/sesssetup.c:setup_new_vc_session(504) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2003/06/20 08:12:50, 0] auth/auth_domain.c:check_ntdomain_security(433) check_ntdomain_security: could not fetch trust account password for domain 'XMy_DomainX' [2003/06/20 08:12:50, 2] auth/auth.c:check_ntlm_password(295) check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_CANT_ACCESS_DOMAIN_INFO [2003/06/20 08:13:01, 2] smbd/server.c:exit_server(558) Closing connections [2003/06/20 08:13:30, 0] auth/auth_domain.c:check_ntdomain_security(433) check_ntdomain_security: could not fetch trust account password for domain 'XMy_DomainX' [2003/06/20 08:13:30, 2] auth/auth.c:check_ntlm_password(295) check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_CANT_ACCESS_DOMAIN_INFO [2003/06/20 08:13:36, 2] smbd/server.c:exit_server(558) Closing connections [2003/06/20 08:13:44, 2] smbd/server.c:exit_server(558) Closing connections [2003/06/20 08:13:44, 0] auth/auth_domain.c:check_ntdomain_security(433) check_ntdomain_security: could not fetch trust account password for domain 'XMy_DomainX' [2003/06/20 08:13:44, 2] auth/auth.c:check_ntlm_password(295) check_ntlm_password: Authentication for user [] -> [] FAILED with error NT_STATUS_CANT_ACCESS_DOMAIN_INFO [2003/06/20 08:13:44, 2] smbd/server.c:exit_server(558) Closing connections [2003/06/20 08:13:44, 2] auth/auth.c:check_ntlm_password(288) check_ntlm_password: authentication for user [] -> [] -> [] succeeded [2003/06/20 08:13:44, 2] lib/access.c:check_access(325) Allowed connection from (192.168.xxx.xxx) [2003/06/20 08:13:44, 0] smbd/service.c:set_admin_user(314) logged in as admin user (root privileges) [2003/06/20 08:13:44, 1] smbd/service.c:make_connection_snum(690) My_Machine_Name (192.168.xxx.xxx) connect to service netlogon initially as user (uid=0, gid=500) (pid 5347) [2003/06/20 08
[Samba] Samba3 and winxp printing problem...
Hello all, I am using the samba3 package from debian unstable, on my debian box, and i am trying to let another machine (winXP) to access the printer o the samba box, but it is not working, i have no experience with samba3, but i have "some" experience with samba2, so what are the diferences about sharing a printer on these samba releases? Do i have to apply the registry patch on the winXP box with samba3 too? I am using cups on the samba box and the printer is printing fine on linux. Help please... Cyro __ Seleção de Softwares UOL. 10 softwares escolhidos pelo UOL para você e sua família. http://www.uol.com.br/selecao -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] smbpasswd change from win2000
I am sorry to direct this question here but I can't find any information on this. Should users be able to change their smbpasswd from a win2000 client? Any help would be much appreciated. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows domain group policies
Hello, Does anybody have an idea how I can set a group membership to a domain user? I don't wan't to set the group membership on each computer one by one. And all Windows admins I asked, doesn't have any anticipation how this will work, if they don't have a button for click it. greetings Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Winxp netlogon script
I have been experiencing the exact same issue as you, and I was wondering if you ever came to a resolution? I didn't see a response on the Samba list! Thanks! List: samba Subject: RE: [Samba] Winxp netlogon script From: "Truman" Date: 2003-05-16 20:31:28 [Download message RAW] I am adding more information on my status: The question that I need to find is why Win98 client have no problem running the logon script and WinXp clients do not even appear to try. When I log onto the domain from a WinXp pro client the home share is getting mapped but the logon script is not getting executed. I have checked the log files and I am in the domain. Initially I had 2 WinXp client using roaming profiles just to test but I decided against using this feature. This may somehow caused WinXp clients to not run the logon script but I am not sure. I have the same symptoms on 4 WinXp clients, and 1 win2000 client. Truman Khanh Tran Network Operations Sarah Lawrence College -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] getpeername failed
Anyone know what's up with this? Jun 20 09:48:37 alsi smbd[5235]: [2003/06/20 09:48:26, 0] lib/util_sock.c:get_socket_addr(895) Jun 20 09:48:37 alsi smbd[5235]: getpeername failed. Error was Transport endpoint is not connected Jun 20 09:48:37 alsi smbd[5235]: [2003/06/20 09:48:26, 0] lib/util_sock.c:write_socket_data(388) Jun 20 09:48:37 alsi smbd[5235]: write_socket_data: write failure. Error = Connection reset by peer Jun 20 09:48:37 alsi smbd[5235]: [2003/06/20 09:48:26, 0] lib/util_sock.c:write_socket(413) Jun 20 09:48:37 alsi smbd[5235]: write_socket: Error writing 4 bytes to socket 17: ERRNO = Connection reset by peer Jun 20 09:48:37 alsi smbd[5235]: [2003/06/20 09:48:26, 0] lib/util_sock.c:send_smb(574) Jun 20 09:48:37 alsi smbd[5235]: Error writing 4 bytes to client. -1. (Connection reset by peer) I have redhat 9, and did a rpm -Uvh to the latest release. I am now seeing these errors quite often (didn't before upgrade) and I've also noticed some names aren't resolving like: 192.168.1.102.log instead of machine1.log. Samba is not the wins server (looks to a windows machine). Security is share. Any thoughts would be helpful! t o n y A.G. (Tony) Nichols I.S. Manager Appalachian Log Structures Inc. www.applog.com [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ok, so oplocks: good or bad?
I have been searching for info on this and haven't found an authoritative answer. From what I have read, oplocks are good because they increase connection speeds, but they are bad because they don't really work, but they actually do work, but they only work in some cases, etc etc. so, here's my problem and my question together: I get tons of these messages every day (over a thousand a day) [2003/06/20 08:19:42, 0] smbd/oplock.c:request_oplock_break(1011) request_oplock_break: no response received to oplock break request to pid 22335 on port 35010 for dev = 2b00, inode = 688540, file_id = 256210 [2003/06/20 08:19:42, 0] smbd/open.c:open_mode_check(652) open_mode_check: exlusive oplock left by process 22335 after break ! For file UHG/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini, dev = 2b00, inode = 688540. Deleting it to continue... is this an indication that I should disable oplocks, or is disabling oplocks a foolish, unsafe thing to do, or is there just some other problem I need to fix to allow me to keep using oplocks? Very confused. -Mark -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Setting up 3.0 to authenticate to AD
For everyone...here's where we're stuck. Samba 3, winbind, pam. We can't login to the samba server using ad credentials, but wbinfo works with all options. All of us are getting slightly different errors, but we're all stuck in the same place.. -Original Message- From: Ernie Cline [mailto:[EMAIL PROTECTED] Sent: Friday, June 20, 2003 10:06 AM To: Chip Bell Cc: Norris, Brent; [EMAIL PROTECTED] Subject: Re: [Samba] Setting up 3.0 to authenticate to AD I know I haven't, and I've been working with a samba developer in private email too. I can get just plain 'su' to work with an AD user, and webinfo -u, getent passwd, those all work. But trying to login, via telnet, ssh, ftp, whatever, none of that works. My samba doesn't crash like that though ... -e Chip Bell wrote: > Did you get any futher? I'm still stuck and have NO IDEA where to go > next. > > -Original Message- > From: Norris, Brent [mailto:[EMAIL PROTECTED] > Sent: Thursday, June 19, 2003 1:37 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [Samba] Setting up 3.0 to authenticate to AD > > While trying to work on my problem with logging in to my 2000 AD, I > decided > to try and do it will my account from the NT4.0 domain that I run which > has > a trust to the AD. That crashed SAMBA, here is the log file: > > [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(36) > === > [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(37) > INTERNAL ERROR: Signal 11 in pid 7188 (3.0.0beta1) > Please read the appendix Bugs of the Samba HOWTO collection > [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(39) > === > [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1462) > PANIC: internal error > [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1469) > BACKTRACE: 9 stack frames: >#0 smbd(smb_panic+0x11c) [0x81b280c] >#1 smbd [0x81a1432] >#2 /lib/i686/libc.so.6 [0x4016a5d8] >#3 smbd(tdb_close+0xe7) [0x81c3ec7] >#4 smbd(gencache_shutdown+0x65) [0x81bfa15] >#5 smbd(namecache_shutdown+0xb) [0x80f192b] >#6 smbd(main+0x4d7) [0x821af17] >#7 /lib/i686/libc.so.6(__libc_start_main+0xc7) [0x40157a07] >#8 smbd(chroot+0x35) [0x8073381] > > Thought someone might want that. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Setting up 3.0 to authenticate to AD
I know I haven't, and I've been working with a samba developer in private email too. I can get just plain 'su' to work with an AD user, and webinfo -u, getent passwd, those all work. But trying to login, via telnet, ssh, ftp, whatever, none of that works. My samba doesn't crash like that though ... -e Chip Bell wrote: Did you get any futher? I'm still stuck and have NO IDEA where to go next. -Original Message- From: Norris, Brent [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 1:37 PM To: '[EMAIL PROTECTED]' Subject: RE: [Samba] Setting up 3.0 to authenticate to AD While trying to work on my problem with logging in to my 2000 AD, I decided to try and do it will my account from the NT4.0 domain that I run which has a trust to the AD. That crashed SAMBA, here is the log file: [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(36) === [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 7188 (3.0.0beta1) Please read the appendix Bugs of the Samba HOWTO collection [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(39) === [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1462) PANIC: internal error [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1469) BACKTRACE: 9 stack frames: #0 smbd(smb_panic+0x11c) [0x81b280c] #1 smbd [0x81a1432] #2 /lib/i686/libc.so.6 [0x4016a5d8] #3 smbd(tdb_close+0xe7) [0x81c3ec7] #4 smbd(gencache_shutdown+0x65) [0x81bfa15] #5 smbd(namecache_shutdown+0xb) [0x80f192b] #6 smbd(main+0x4d7) [0x821af17] #7 /lib/i686/libc.so.6(__libc_start_main+0xc7) [0x40157a07] #8 smbd(chroot+0x35) [0x8073381] Thought someone might want that. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'Little' problems with Samba v2.2.3a-12.3 (Debian Woody)and PRINTERS !!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Farget Vincent wrote: > Le Jeudi 19 Juin 2003 17:15, vous avez écrit : > >>But you have not read the samba-howto-collection.pdf, which has a >>chapter on this, which tells you *exactly* not to do this. > > > > > I have read the 6th chapter of theSamba-HOWTO-Collection paper and above all > the 6.2.2th chapter named 'Setting Drivers for Existing Printers'. > > First of all, I remove all the files which was under my : > '\\MYSRV\print$\W32X86' directory and also do : > MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "setdriver nss.rdc NULL" > You should possible also then remove the printing-related tdb files (ntprinters.tdb, ntdrivers.tdb etc.) > After that I start to follow the 6.2.2th chapter process : > 1.) >>From a Windows 2000 Pro, trying to view the 'nss.rdc' properties throught the > 'Network Neighborhood', result in an error message : > 'Device settings cannot be displayed. The driver for the specified printer is > not installed, only spooler properties will be displayed. Do you want to > install the driver now ?' > 2.) > I answered 'No' to this question. The 'Printer properties window' appeared. > 3.) > I clicked on the 'Advanced' tab and on the 'New driver...' button. > 4.) > I gave the axact directory where is the 'HP4050PS.INF' which correspond to > the driver I want to upload to the server. > > All worked well. No other errors appeared. > > I looked at my server to see if the driver's files were well upload. And as I > can see a new directory ('2') in the '\\MYSRV\print$\W32X86' with all the > driver's files I can say that all was well done. > But when I use the rpcclient's command, I can see that there were something > always missing. > MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "enumdrivers" > gave me an empty answer. > > And there is nothing else in the Samba-HOWTO-Collection Well, it should work, and I have done this with versions since 2.2.2, but there were some releases that were problematic. > > MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "enumprinters" > gave me the following answer : > > INFO: Debug class all level = 1 (pid 23218 from pid 23218) > session setup ok > Domain=[MYDOM] OS=[Unix] Server=[Samba 2.2.3a-12.3 for Debian] > cmd = enumprinters > enumprinters > flags:[0x80] > name:[\\MYSRV\nss.rdc] > description:[MYSRV\\MYSRV\nss.rdc,HP LaserJet 4050 Series PS,Partage > imprimante HP4050N (1er etage)] > comment:[Partage imprimante HP4050N (1er etage)] > > flags:[0x80] > name:[\\MYSRV\nss.1er] > description:[MYSRV\\MYSRV\nss.1er,HP LaserJet 4000 Series PCL > 6,Partage imprimante HP4000N (2eme etage)] > comment:[Partage imprimante HP4000N (2eme etage)] > Looks like you have confused samba a bit, which may be most easily fixed (at this stage) by removing the tdb files. >>I have screenshots of the right method, but haven't had the time to get >>them together properly. >> >>Well, since the files are there, you should now be able to set the >>driver with rpclient, but if you do it the right way, you don't need to >>do anything. > > Are you talking about the setdriver rpcclient'c command ? > Or are you talking of another rpcclient's command ? > Yes, setdriver should work, but it's the same as setting the driver via the advanced tab in the printer dialog (which will probably show as empty at this stage. >>You should not need this, well, at least I have never needed it, but we >>use CUPS on all our print servers. > > Yes, but I think the problem is a samba problem, not an LPRng or CUPS > problem. > Yes, if removing the tdb files and starting again does not work, I would suspect your ancient samba release. >>You are spending too much time working around problems, instead of >>reading the documentation. > > Yes, but I have readen the Samba-HOWTO-Collection documentation and there is > no solution for my little problem. > > In fact, I don't really know if it is a problem, as all works well : > UPLOADING drivers to the server, DOWNLOADING driver from the server > but there are some things that don't work as it do. Well, if your samba server doesn't know what drivers it has, it can't tell the clients which one to download. Maybe you should ask on a Debian list, since no-one else runs such ancient versions of samba. Regards, Buchan - -- |--Another happy Mandrake Club member--| Buchan MilneMechanical Engineer, Network Manager Cellphone * Work+27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+8w4nrJK6UGDSBKcRAkWaAJ9TAu80oFfbSrKARcttSXvjVYTvZwCgvYs5 T022PUIMM/+PfBg5rBI5FpI= =c818 -END P
Re: [Samba] 'Little' problems with Samba v2.2.3a-12.3 (Debian Woody)and PRINTERS !!
Le Jeudi 19 Juin 2003 17:15, vous avez écrit : > > But you have not read the samba-howto-collection.pdf, which has a > chapter on this, which tells you *exactly* not to do this. I have read the 6th chapter of theSamba-HOWTO-Collection paper and above all the 6.2.2th chapter named 'Setting Drivers for Existing Printers'. First of all, I remove all the files which was under my : '\\MYSRV\print$\W32X86' directory and also do : MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "setdriver nss.rdc NULL" After that I start to follow the 6.2.2th chapter process : 1.) >From a Windows 2000 Pro, trying to view the 'nss.rdc' properties throught the 'Network Neighborhood', result in an error message : 'Device settings cannot be displayed. The driver for the specified printer is not installed, only spooler properties will be displayed. Do you want to install the driver now ?' 2.) I answered 'No' to this question. The 'Printer properties window' appeared. 3.) I clicked on the 'Advanced' tab and on the 'New driver...' button. 4.) I gave the axact directory where is the 'HP4050PS.INF' which correspond to the driver I want to upload to the server. All worked well. No other errors appeared. I looked at my server to see if the driver's files were well upload. And as I can see a new directory ('2') in the '\\MYSRV\print$\W32X86' with all the driver's files I can say that all was well done. But when I use the rpcclient's command, I can see that there were something always missing. MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "enumdrivers" gave me an empty answer. And there is nothing else in the Samba-HOWTO-Collection MYSRV:~# rpcclient MYSRV -U root%ROOTPASSWD -c "enumprinters" gave me the following answer : INFO: Debug class all level = 1 (pid 23218 from pid 23218) session setup ok Domain=[MYDOM] OS=[Unix] Server=[Samba 2.2.3a-12.3 for Debian] cmd = enumprinters enumprinters flags:[0x80] name:[\\MYSRV\nss.rdc] description:[MYSRV\\MYSRV\nss.rdc,HP LaserJet 4050 Series PS,Partage imprimante HP4050N (1er etage)] comment:[Partage imprimante HP4050N (1er etage)] flags:[0x80] name:[\\MYSRV\nss.1er] description:[MYSRV\\MYSRV\nss.1er,HP LaserJet 4000 Series PCL 6,Partage imprimante HP4000N (2eme etage)] comment:[Partage imprimante HP4000N (2eme etage)] > I have screenshots of the right method, but haven't had the time to get > them together properly. > > Well, since the files are there, you should now be able to set the > driver with rpclient, but if you do it the right way, you don't need to > do anything. Are you talking about the setdriver rpcclient'c command ? Or are you talking of another rpcclient's command ? > You should not need this, well, at least I have never needed it, but we > use CUPS on all our print servers. Yes, but I think the problem is a samba problem, not an LPRng or CUPS problem. > You are spending too much time working around problems, instead of > reading the documentation. Yes, but I have readen the Samba-HOWTO-Collection documentation and there is no solution for my little problem. In fact, I don't really know if it is a problem, as all works well : UPLOADING drivers to the server, DOWNLOADING driver from the server but there are some things that don't work as it do. Thanks. Best regards. -- Mr FARGET Vincent Universite Claude Bernard LYON 1 CNRS - UMR 5020 Laboratoire des Neurosciences et Systemes Sensoriels 50, avenue Tony Garnier 69366 LYON Cedex 07 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Setting up 3.0 to authenticate to AD
Did you get any futher? I'm still stuck and have NO IDEA where to go next. -Original Message- From: Norris, Brent [mailto:[EMAIL PROTECTED] Sent: Thursday, June 19, 2003 1:37 PM To: '[EMAIL PROTECTED]' Subject: RE: [Samba] Setting up 3.0 to authenticate to AD While trying to work on my problem with logging in to my 2000 AD, I decided to try and do it will my account from the NT4.0 domain that I run which has a trust to the AD. That crashed SAMBA, here is the log file: [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(36) === [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 7188 (3.0.0beta1) Please read the appendix Bugs of the Samba HOWTO collection [2003/06/19 12:36:26, 0] lib/fault.c:fault_report(39) === [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1462) PANIC: internal error [2003/06/19 12:36:26, 0] lib/util.c:smb_panic(1469) BACKTRACE: 9 stack frames: #0 smbd(smb_panic+0x11c) [0x81b280c] #1 smbd [0x81a1432] #2 /lib/i686/libc.so.6 [0x4016a5d8] #3 smbd(tdb_close+0xe7) [0x81c3ec7] #4 smbd(gencache_shutdown+0x65) [0x81bfa15] #5 smbd(namecache_shutdown+0xb) [0x80f192b] #6 smbd(main+0x4d7) [0x821af17] #7 /lib/i686/libc.so.6(__libc_start_main+0xc7) [0x40157a07] #8 smbd(chroot+0x35) [0x8073381] Thought someone might want that. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] limited logon
Good day/Good afternoon, for gentility as I configure Samba 2,8 (intel) so that it has limited logon of my users the determined stations of work? -- Rafael, Claudio == Tribunal de Justiça - MG/Brazil Sefor - Secretaria de Informática Sites de projetos mantidos: - Pessoal: http://www.geocities.com/rafael_mcp - Monesa GNU Linux: http://www.monesa-br.cjb.net - Oportunidades(INFO): http://www.oportunidadesinformatica.hpg.com.br -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] use id and paswrod problem
Iam new to Samba and have installed/compiled 2.2.8a on my AIX 5.1 system. I cans ee the shares fine. However when I go to the PC and double click on the share it asks me for a passwd. This is what I want OK so far. When I enter in my unix ID and unix passwd it does not accept it. I keep getting invalid id or passwd message. I have made the samba password file from the unix per the instruction : cat /etc/passwd |mkpasswd >/usr/local/samba/private/smbpasswd I also had one in /usr/local/bin/smbpasswd I think this was from the old install. When I use the smbpasswd command it does not respond as expected. (From what man pages says thatis) It tries to run the smbpasswd file. Is this what should happen? Confused CJ = There are two major products to come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence. Blessed are the pessimists, for they make backups! Tell me and I forget. Show me and I remember. Involve me and I learn." 101010100111001010010011101001000100101010101010 00110010101000101100101011000101 __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] add user script & samba 3.0b
HI if tested the add user script (samba3beta) and it works fine for me but the created machine account , it not followed with a working login, win2k serv pack 3 says computer account is not trusted in the domain, this is is not a failure by the script , cause i tried traditional way too. ( smbpasswd -a -m ) any ideas? Regards > Howdy, > > I would like to use the samba server as a replacment for NT Servers. > So I need the add user script command for adding new machines to the > domain. > This is no problem in all 2.2.X versions of samba which I used. > But on version 3.0 alpha and beta it is not working. > > I am using debian 3.0r1 with the unstable package of samba 3.0beta. > > smb.conf: > [global] > workgroup = unreal > server string = %h server (Samba %v) > log file = /var/log/samba/log.%m > syslog = 0 > security = user > encrypt passwords = true > passdb backend = smbpasswd:/etc/samba/smbpasswd > socket options = TCP_NODELAY > wins server = 192.168.0.133 > dns proxy = no > admin users = root, admin, administrator > add user script = /usr/sbin/useradd -d /dev/null -g 100 -s bin/false > -M %u > domain logons = yes > domain master = yes > logon path = \\%N\profiles\%U > logon drive = H: > logon home = \\%N\%U > logon script = logon.bat > > samba.log: > [2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314) >root logged in as admin user (root privileges) > [2003/06/20 00:33:39, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597) >add_smbfilepwd_entry: cannot add account roof2$ without unix identity > [2003/06/20 00:33:39, 0] > rpc_server/srv_samr_nt.c:_api_samr_create_user(2313) >could not add user/computer roof2$ to passdb. Check permissions? > > > The same command line is working with 2.2.3a (Debian testing). > > thanks for any answer > Thomas > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Changing the domain namn
Hello On a domain that already has a samba pdc and about 50 clients. Is there any easy way to change the domainname. I could do it by changing the name on the server and then go to all workstations and rejoin them to the domain?!?! /Alexander -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] add user script & samba 3.0b
On Fri, 2003-06-20 at 19:38, Thomas Angst wrote: > Howdy, > > I would like to use the samba server as a replacment for NT Servers. > So I need the add user script command for adding new machines to the domain. > This is no problem in all 2.2.X versions of samba which I used. > But on version 3.0 alpha and beta it is not working. We tried to make life easier, and we now have 'add machine script'. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] upgrading samba
hello all, how to uprade samba-2.2.4 to samba-2.2.8 on solaris9? thaks you. norah -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Roaming Profile XP
Hi, I have configured roaming profile on WIndows Xp client that is connect to the Samba. Login works fine except that when I change the wallpaper on one machine, log off and goes to another machine, the wallpaper was not changed on the other one. Other files created on the desktop are changed. Can anyone explain or help ? Thanks. adrian -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] backup problems
Hi, I have the following problems: 1. User1/Group1 save FileA on Fileserver and disable the archiv-attribute. User2/Group1 change FileA on the Fileserver. -> User1/Group1 stay the owner of the file. That not a big problem, but the archiv-attribute didn't change! (A change of FileA by User1/Group1 set the archiv-attribute) -> the archiv-attribute didn't work for backup!! 2. User1/Group1 open FileB from Windows 2000 (not shared) User2/Group1 can't open FileB from Windows. Ok, but my backup.daemon can copy the opened FileB! Isn't that a problem to backup a corrupt FileB? my config: NT4 as PDC Suse Linux (8.2) with Samba 2.2.7a-72 as Fileserver (raiserfs) user and group on PDC More info available on request. Best regards Oliver Fritz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] udp 137/138 vs tcp 139
Hi! I have a samba PDC connected with 2 nics on the same network... (to increse bandwidth) well... connections on ports udp 137/138 go on the first nic, while tcp 139 goes out only on the second... why? Anybody knows? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Need an explanation on Samba Log.
Hi, I am using Samba (v2.2.3a-12.3 on stable Debian Woody) on a bi-cpu server acting as a primary domain controller to allow connection from Win98 and Win2000Pro client computers. All user connections on the domain works well but I have the following lines in my logs for every user connections : DATE MYSRV smbd[20603]: connect from xxx.xxx.xxx.xxx DATE MYSRV smbd[20603]: [DATE, 0] smbd/password.c:domain_client_validate(1517) DATE MYSRV smbd[20603]: domain_client_validate: could not fetch trust account password for domain MYDOM Can somebody tell me what does it really mean ? Thanks. Best regards. -- Mr FARGET Vincent Universite Claude Bernard LYON 1 CNRS - UMR 5020 Laboratoire des Neurosciences et Systemes Sensoriels 50, avenue Tony Garnier 69366 LYON Cedex 07 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] add user script & samba 3.0b
Howdy, I would like to use the samba server as a replacment for NT Servers. So I need the add user script command for adding new machines to the domain. This is no problem in all 2.2.X versions of samba which I used. But on version 3.0 alpha and beta it is not working. I am using debian 3.0r1 with the unstable package of samba 3.0beta. smb.conf: [global] workgroup = unreal server string = %h server (Samba %v) log file = /var/log/samba/log.%m syslog = 0 security = user encrypt passwords = true passdb backend = smbpasswd:/etc/samba/smbpasswd socket options = TCP_NODELAY wins server = 192.168.0.133 dns proxy = no admin users = root, admin, administrator add user script = /usr/sbin/useradd -d /dev/null -g 100 -s bin/false -M %u domain logons = yes domain master = yes logon path = \\%N\profiles\%U logon drive = H: logon home = \\%N\%U logon script = logon.bat samba.log: [2003/06/20 00:33:38, 0] smbd/service.c:set_admin_user(314) root logged in as admin user (root privileges) [2003/06/20 00:33:39, 0] passdb/pdb_smbpasswd.c:add_smbfilepwd_entry(597) add_smbfilepwd_entry: cannot add account roof2$ without unix identity [2003/06/20 00:33:39, 0] rpc_server/srv_samr_nt.c:_api_samr_create_user(2313) could not add user/computer roof2$ to passdb. Check permissions? The same command line is working with 2.2.3a (Debian testing). thanks for any answer Thomas -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: Winbind and Organization Unit
--- Tom Dickson <[EMAIL PROTECTED]> a écrit : > > > > >Winbind can authentify users when the user is a > >Global > > User but not when he's in an Organization Unit. > > I need that winbind is able to authentify OU's > users. > > Normally I've access only to my OU so how to tell > to > > winbind to check only in a specific. > > Someone knows how to do that ?? >Try this > patch (you have to recompile from source): > > >ftp://ftp.samba.org/pub/tridge/misc/samba_22_local_group.patch Many thanks for the help, I've spoken with the W2K Admin. and in fact, he has changed some settings to enforce the security. So he've suggested me to use LDAP and Kerberos. I've tried the patch without success. How to use LDAP with Kerberos with Samba 2.2.8a ? Is there a HOWTO, Doc... Anyway thank you, D. ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Exec file incompatible with hardware
Hi yuo not write how architecture of new server is. Version of HPUX is not significant. If you compile any software, this must be compiled with libs and compilators for your architecture(cpu...alfa/i386/...)and for OS. First yuo instal proper compilers and libs and then make samba,but first run configure then make. Try new version 2.2.8a and read instruction for HPUX. Bye. At time of writing, the Makefile claimed support for: A/UX 3.0 AIX Altos Series 386/1000 Amiga Apollo Domain/OS sr10.3 BSDI B.O.S. (Bull Operating System) Cray, Unicos 8.0 Convex DGUX. DNIX. FreeBSD HP-UX Intergraph. Linux with/without shadow passwords and quota LYNX 2.3.0 MachTen (a unix like system for Macintoshes) Motorola 88xxx/9xx range of machines NetBSD NEXTSTEP Release 2.X, 3.0 and greater (including OPENSTEP for Mach). OS/2 using EMX 0.9b OSF1 QNX 4.22 RiscIX. RISCOs 5.0B SEQUENT. SCO (including: 3.2v2, European dist., OpenServer 5) SGI. SMP_DC.OSx v1.1-94c079 on Pyramid S series SONY NEWS, NEWS-OS (4.2.x and 6.1.x) SUNOS 4 SUNOS 5.2, 5.3, and 5.4 (Solaris 2.2, 2.3, and '2.4 and later') Sunsoft ISC SVR3V4 SVR4 System V with some berkely extensions (Motorola 88k R32V3.2). ULTRIX. UNIXWARE UXP/DS - Original Message - From: "Mauer, Lisa" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, June 19, 2003 6:32 PM Subject: [Samba] Exec file incompatible with hardware > Sorry if this is going to be one of those 'idiot' questions, but I don't > use Samba. It has always been on our server, chugging along beautifully > so no on ever had to touch it... Well, we consolidated servers and moved > everything to another server with HP-UX 10.20 (the previous server had > the same HPUX version so I thought I was in the clear), the samba > version is samba-1.9.18p2. I copied over the source and ran make, then > make install - during the make install I received these errors: > > Installing codepage files in /usr/local/samba/lib/codepages > Creating codepage file /usr/local/samba/lib/codepages/codepage.437 from > codepage > _def.437 > installcp.sh[23]: /usr/local/samba/bin/make_smbcodepage: Execute > permission deni > ed. > Creating codepage file /usr/local/samba/lib/codepages/codepage.850 from > codepage > _def.850 > installcp.sh[23]: /usr/local/samba/bin/make_smbcodepage: Execute > permission deni > ed. > Creating codepage file /usr/local/samba/lib/codepages/codepage.852 from > codepage > _def.852 > installcp.sh[23]: /usr/local/samba/bin/make_smbcodepage: Execute > permission deni > ed. > Creating codepage file /usr/local/samba/lib/codepages/codepage.932 from > codepage > _def.932 > installcp.sh[23]: /usr/local/samba/bin/make_smbcodepage: Execute > permission deni > ed. > Creating codepage file /usr/local/samba/lib/codepages/codepage.866 from > codepage > _def.866 > installcp.sh[23]: /usr/local/samba/bin/make_smbcodepage: Execute > permission deni > ed. > == > The code pages have been installed. You may uninstall them using the > command "make uninstallcp" or make "uninstall" to uninstall binaries, > man pages, shell scripts and code pages. > == > > When I try and run a script we have that runs this command: > /usr/local/samba/bin/smbd -D -l /var/adm/smblogs \ > -s /usr/local/samba/lib/smb.conf > /usr/local/samba/bin/nmbd -D -l /var/adm/nmblog.log \ > -s /usr/local/samba/lib/smb.conf > > I get this error: > ./startsmb.sh[7]: /usr/local/samba/bin/smbd: Executable file > incompatible with h > ardware > ./startsmb.sh[9]: /usr/local/samba/bin/nmbd: Executable file > incompatible with h > ardware > > I realize we need to be off 10.20 and that this samba version is old, > but we have clients we need to support that still have old crud. The > 10.20 can not be updated but Samba could be without a problem. I > actually tried to install samba-2.2.3a, but didn't have any luck. Like I > said I don't know Samba, so I apologize for the idiocy of my email :) > > Thanks! > Lisa > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Regarding Samba as a PDC
> Sir, Samba is great thing. Sir, please tell me how can I > make PDC to a Red Hat Linux 8.0 using Samba. Can I have to > install Red Hat Linux 8.0 as a Server or I will have to do > Custom Installation. Sir, please tell me what to do in > SMB.CONF file and where is the option for making it as a > PDC. I want that Windows Users can login into Red Hat Linux > 8.0 box. I will be grateful to you? http://hr.uoregon.edu/davidrl/samba/samba-pdc.html http://us1.samba.org/samba/ftp/docs/htmldocs/Samba-PDC-HOWTO.html -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] cupsaddsmb NT_STATUS_NO_SUCH_DEVICE
> > After adding PSMON.DLL, when I run cupsaddsmb, it gives: > > Running command: rpcclient localhost -N -U'root%secret?' -c > 'setdriver ps212erb ps212erb' session setup ok > Domain=[CSEENTDOMAIN] OS=[Unix] Server=[Samba 2.2.3a-12.3 for > Debian] cmd = setdriver ps212erb ps212erb setdriver ps212erb ps212erb > prs_mem_get: reading data of size 4 would overrun buffer. > > and /var/log/samba/log.machine says: > > cli_net_sam_logon_internal: NT_STATUS_NO_SUCH_USER > [2003/06/19 14:39:52, 0] smbd/password.c:domain_client_validate(1572) > domain_client_validate: unable to validate password for > user ROOT in domain to Domain controller *. Error was > NT_STATUS_NO_SUCH_USER. > > I have added this samba server as a member server of > CSEENTDOMAIN and after that when I run cupsaddsmb for > automatic driver downloads, I get above errors. Any > suggestions?? How do I remove samba server from a domain, > after I have added it using smbpasswd -j ?? Looking at "-U'root%secret?'" and the "NT_STATUS_NO_SUCH_USER" answer may I ask if you've added root to the PDC? That is, if PDC is samba did you "smbpasswd -a root"? It didn't work for me without that... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba