[Samba] Webtrends blowing up my mapping since samba upgrade
I have yet another really weird possibly samba problem... This is bizzare This was all working before, then I rebuild my samba install.. I have a windows computer that connects, and grabs a web server access-log from the drive and processes it (WEBTRENDS). From the windows desktop I can browse the mapped drive letter, view the file, edit the file. When webtrends tries it, It says it can't find the file, then blows the mapping up and I have to reconnect. Which log files on the server, and at what debug level would give me a clue to what is causing it? -- Bill Chmura Director of Internet Technology Explosivo ITG Wolcott, CT p: 888.560.YWEB (9932) e: [EMAIL PROTECTED] w. http://www.explosivo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to keep local profiles when joining domain?
On Wed, 16 Jun 2004, Nash Computer Technology wrote: However, we are now in the final stages of deploying a Samba server to replace the Novell one. The Samba server is configured as a Primary Domain Controller, and seems to be working fine. We do not wish to use roaming profiles, so the profiles will be held locally on each PC. unsure how to join the new domain, such that the existing profiles (eg desktop layout, applications, etc etc) are retained for each user. When we simply change the PC properties to join the domain, we lose the users settings. This method is unreasonable for more than a few users, due to the time involved, but it has worked for me. 1. Make a note of the user's profile directory. I'll assume it is in C:\Documents and Settings\mike 2. Log in to the PC in question as a LOCAL Administrator, other than Mike. 3. Make a copy of Mike's profile, just in case things get screwed up royally. It's a good idea to use ntbackup for this (if you're dealing with XP, it can be installed from the CD) so you don't lose the ACLs. 4. Rename Mike's profile to something like C:\Documents and Settings\Mike.temp 5. Join the workstation to the domain and reboot as prompted. 6. Log into NEWDOMAIN as Mike. A new profile for Mike will be created, hopefully it will be C:\Documents and Settings\Mike, but make a note of whatever the path is. 7. Log out Mike and log in as the local or domain administrator again. 8. DELETE the new profile that was just created. (You did make a note of it's exact name, didn't you? If you didn't, go back to step 6.) 9. RENAME Mike's old profile from Mike.temp to C:\Documents and Settings\Mike (Or whatever the path created in step 6 was) 10. Change the ACLs (security descriptors) on this profile to allow NEWDOMAIN\Mike full access to the folder and all child entries. 11. If the path of the profile that was created in step 6 DOES NOT match the original path of the profile, your job just got a lot harder. Skip to step 13. 12. You should now be able to log in as NEWDOMAIN\Mike and have all his profile back. Thank your chosen diety you were able to make the new profile use the same path as the old profile, and skip the rest of these steps and go on to the next workstation. 13. While you're still logged in as an administrator, open up regedit. Load the registry hive C:\Documents and Settings\(new path)\NTUSER.DAT 14. EDIT the registry, replacing all instances of the old path with the new path. Make sure you also check for instances of 8.3 munged names. There will be WAY TOO MANY of these; I've found that sections of the registry can be exported to a text file with can then be search-replaced. Maybe there's a registry tool out there that makes this easy; I haven't found it. 15. BEFORE YOU CLOSE REGEDIT, be sure to UNLOAD the hive you loaded in step 13. Otherwise, Mike will not be able to log on. 16. You should now be able to log in as Mike. If things are totally screwed up, well, that's why you made a backup, right? Yes, I've actually done this. Several times. It's only fairly easy if you can make the new profile use the same path as the old profile. That's why we renamed the old profile first. There may be a way to temporarily use roaming profiles and the User Profiles tool in the system properties, along with Samba tools on the UNIX end to accomplish the same thing in a quicker, easier manner, but I haven't investigated that. ~~Jonathan Johnson Sutinen Consulting, Inc. [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to keep local profiles when joining domain?
You may also want to read these Microsoft Knowledge Base articles: How to Migrate User Profiles to Windows 2000 http://support.microsoft.com/default.aspx?scid=kb;en-us;234548 How to Create and Copy Roaming User Profiles in Windows http://support.microsoft.com/default.aspx?scid=kb;en-us;142682 HOW TO: Create a Roaming User Profile in Windows 2000 http://support.microsoft.com/default.aspx?scid=kb;en-us;302082 What you may want to do is temporarily migrate the user profile from a local to a roaming profile using the information in these articles, then change the profile mode back to local in the System Properties / User Profiles module. --Jon Johnson Sutinen Consulting, Inc. [EMAIL PROTECTED] (360) 270-9317 cell -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[4]: [Samba] a better smbstatus for monitoring samba ?
isn't there a smbstatus -u=username, to show activities from 1 user ?? dunno, guess the -u is a way to sort out what a user is up to! i'll try to lookin to the rest.. l8r - Collen Blijenberg (Montessori Lyceum Herman Jordan) Wednesday, June 16, 2004, 3:02:13 PM, you wrote: BR Hi, BR well I think it should be able to run in a console, just like Midnight BR Commander (so it's also usefull without X), BR it should have a menu for info about the system, like cpu BR usage, network card usage,memory, how many users are currently attached to BR the system, up time. BR A menu from which you can see that what user is attached to what share, and BR if you press enter on the user name you can see what files are currently in BR use. BR It's almost like smbstatus, only that it's a bit more organized, and is BR easier to view what is happening on the system in case someone causes BR trouble it is easier to find what user had that file open. Also it would be BR nice if in this same menu besides the username and what share that user is BR using there would be information about user logon time. BR Sincerely BR Robert B BR - Original Message - BR From: Collen Blijenberg MLHJ [EMAIL PROTECTED] BR To: Jeremy Allison [EMAIL PROTECTED] BR Cc: samba mailing list [EMAIL PROTECTED] BR Sent: Wednesday, June 16, 2004 08:50 BR Subject: Re[2]: [Samba] a better smbstatus for monitoring samba ? depends on it... what needs to be in the tool ??? what options, and all... (got a big holyday comming up, so got some time to crack!) l8r - Collen Blijenberg (Montessori Lyceum Herman Jordan) Wednesday, June 16, 2004, 3:26:43 AM, you wrote: JA On Tue, Jun 15, 2004 at 09:56:04PM +0200, Becskei Robert wrote: Hello, does anyone know if there is a tool in existence that can monitor samba shares like smbstatus but is much more advanced (and runs in console) , I mean a tool that BR has menues, some search options, and things sorted out nice. A Samba realtime monitor would be the best thing with lots of details and lots of options. I tried Swat, but that aint really a solution to watch who is connected to where, neither is smbstatus since when to many people are connected you can't see in realtime who is using what. And that I think is one major problem. I would like to have such a tool because I'm throwing the Novell File Server out and using a Whitebox 3.0EL instead. I wonder,...is there such a tool like Novell Monitor ... for linux ? I mean if there aint one for samba maybe another tool that is more advanced would be able to view who is connected to what ? what is their IP adress, what time did they logged on, what is the current system BR status, etc... JA No tool I know of currently. If anyone wants to write one (maybe a gui BR tool JA written in python ?) I'd be happy to integrate it into the source BR code. JA There are lots of admin options that could be added to Samba via TDB BR messaging JA to perform admin operations - we just need programmer enthusiasm to BR write such JA a tool. Anyone game ? JA Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Webtrends blowing up my mapping since samba upgrade
Hi Bill, if Your sambaversion is 3.0.4 it looks like an known bug. https://bugzilla.samba.org/show_bug.cgi?id=1345 and https://bugzilla.samba.org/show_bug.cgi?id=1404 These bug prevents some applications to access sambashares. I hope an new sambaversion will be released soon. I'm not geek enough to build my own package with the available patch. Olaf -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] WinXP local master announcemment problem
Hi all, I have a WinXP home connected to my samba server (Linux Red hat enterprise 3.0) and which is announcing itself as a local master for my network. And I don't want... Does anybody knows how to tell it not to try. Samba works fine with another winxp home edition PC so i suppose that it's a configuration problem but I don't find from where... Any suggestion would be great. Jean -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Stale NFS file handle error when you try and browse a Windows mounted folder
Hi, I am trying to mount folders shared on our Active Directory 2003 Windows servers on a Linux system running RH7.3 with Samba version 3.0.4 installed. I seem to be able to establish the connection to the AD database to browse users and mount windows folders using smbclient command. However whenever I try to mount using the mount -t smbfs -o [EMAIL PROTECTED] //server/sharename /mnt/mountpoint it does mount the folder, but I get a Stale NFS file handle error message whenever I try to access any files or folders on the mounted disk. Doing a df -k gave a permission denied error on the mounted filesystem, so I checked the permissions and gave Everyone Full Control just incase, but this made no difference. Does anyone have any ideas what may cause this error. Thanks in advance, Gareth -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] How reliable is file locking?
I'm mounting remote windows shares using smbd Version 3.0.2a and I just wanted to ask the experts how reliable is the file locking? The drives I'm mounting will be from a full array of windows os's (98, nt4, 2k xp) and the client will be a linux box (kernel 2.6.5+) and I'm using rsync to pull backups off the windows boxes onto my linux box. I just wanted to make sure that while I'm pulling off the backups that the files won't be changed. Any comments please. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
AW: [Samba] Password change problem, Samba 3.0.4
Hi Sean, smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser We have exactly the same problem with Samba v2.2.8a. We found out that the password change process works if you set unix password sync = no. But that's not a good solution fo us. Users should be able to log in to Linux with the same password. I hope there is another solution. Götz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] NT Domain Problem
I have Samba 3.0.4 running on Slack 9.1. I set PDC. Clients are win98, winnt4, w2k and winxp. All of them can connect to Samba shares, but they cannot access each other. I got an error message indicating that there is something wrong with trust relationships. I created machine and user accounts correctly. My smb.conf: [global] workgroup = firma netbios name = serwerek server string = Serwer firmowy encrypt passwords = Yes hosts allow = localhost, 10.0.0.0/255.255.255.0 log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon path = \\%L\Profiles\%U logon home = \\%L\%U\.profiles wins support = yes domain logons = yes os level = 65 domain master = yes local master = yes preferred master = yes name resolve order = wins hosts lmhosts bcast time server = true Best Regards Cooba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: AW: [Samba] Password change problem, Samba 3.0.4
On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz [EMAIL PROTECTED] sent: Hi Sean, smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser We have exactly the same problem with Samba v2.2.8a. We found out that the password change process works if you set unix password sync = no. But that's not a good solution fo us. Users should be able to log in to Linux with the same password. no one seems to like our solution, but we turned off _all_ windows-linux linux-windows password changes from the windows/linux session and just made a web page that sets both - it takes a lot of crap out of the equation and also lets us sync our email and web passwords at the same time - just a thought I hope there is another solution. Götz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com A href=http://www.prupref.com;Prudential/AA href=http://chicago.prupref.com;Chicago Real Estate/A Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
AW: AW: [Samba] Password change problem, Samba 3.0.4
On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz [EMAIL PROTECTED] sent: Arrrg. This is what the spammer loves Hi Sean, smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser We have exactly the same problem with Samba v2.2.8a. We found out that the password change process works if you set unix password sync = no. But that's not a good solution fo us. Users should be able to log in to Linux with the same password. no one seems to like our solution, but we turned off _all_ windows-linux linux-windows password changes from the windows/linux session and just made a web page that sets both - it takes a lot of crap out of the equation and also lets us sync our email and web passwords at the same time - just a thought This sounds good. Can we get more infos ? Götz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: AW: AW: [Samba] Password change problem, Samba 3.0.4
I havn't read the entire thread but what about using LDAP as a backend? Kopmann, Goetz wrote: On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz [EMAIL PROTECTED] sent: Arrrg. This is what the spammer loves Hi Sean, smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser We have exactly the same problem with Samba v2.2.8a. We found out that the password change process works if you set unix password sync = no. But that's not a good solution fo us. Users should be able to log in to Linux with the same password. no one seems to like our solution, but we turned off _all_ windows-linux linux-windows password changes from the windows/linux session and just made a web page that sets both - it takes a lot of crap out of the equation and also lets us sync our email and web passwords at the same time - just a thought This sounds good. Can we get more infos ? Götz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ldap + samba + group membership problem
Hi to all, I have recently set up a new linux serveur with SAMBA 3.0.4 + Openldap The server is PDC , users and groups are stored into LDAP All is working fine for the moment, I can join the domain without Pb on a W2k machine. but, Here is my problem : I've some users members of differents groups and not only the main group. Like user joe First Group : admin and secondary groups : software + development + docs Now, in the netlogon global login script that I've made : SARTUP.BAT I would like, to affect a drive letter for the user joe depending on his groups membership so : net use D: \\servershare\docs (joe is group membership of docs) net use F: \\servershare\software (joe is group membership of software too) ... But I've noticed in the example script of source distrib. of SAMBA (genlogon.pl) that there is the use of %G witch is the main group of the user. looking in the man page of smb.conf , I didn' t see a parameter identifying a list of group membership for the user : %U My question now is : Has anyone had the same problem for groups membership into the login script, and how to solve this, perhaps doing some ldap searching into the login script ? Have a nice day Xavier -- Xavier mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] print$
I have installed samba on a linux OS suse 8.1. I have a printer installed locally on the machine. I can see the printer in SWAT. I want to be able to connect to the printer using UNC allowing the user to print without any users needing to be installed locally on the NT machine. All the drivers for windows reside in the share print$ and in the sub directory winnt4. Where does the .inf file have to reside for the NT machine to use the necessary driver sat in print$ Kind Regards matthew The contents of this email may be confidential or protected from disclosure to other than intended recipients.If it has reached you by mistake, we apologise and request you to advise us by emailing [EMAIL PROTECTED] Thank you. BYTRON cannot accept responsibility for any loss or damage arising from the use of this email or attachments. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.698 / Virus Database: 455 - Release Date: 6/2/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba PDC Password changing errors
Still haveing problems I read the articles on the WIndows patch that messed up the chaging of passwords... I have since downloaded the latest stable version (3.0.4) and set it up, everything works perfectly except for changing passwords. When a user from an XP machine goes to change his/her password, they get the error You do not have permission to change your password Here is a copy of my SMB.conf file [global] workgroup = KOSTERTEST netbios name = TESTSERVER1 server string = Kosters Test Server password server = passwd program = /usr/bin/passwd %u log file = /var/log/samba/log.%m max log size = 50 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/sbin/adduser -s /bin/bash %u add machine script = /usr/sbin/adduser -d /dev/null -g machines -s /bin/false -M %u logon script = netlogon.bat logon path = logon drive = H: domain logons = Yes os level = 32 domain master = Yes dns proxy = No ldap ssl = no printer admin = @adm encrypt passwords = yes [printers] comment = All Printers path = /var/spool/samba create mask = 0700 guest ok = Yes printable = Yes browseable = No [print$] path = /var/lib/samba/printers write list = @adm, root inherit permissions = Yes guest ok = Yes [pdf-generator] comment = PDF Generator (only valid users) path = /var/tmp printable = Yes [netlogon] comment = NetLogon Share path = /home/netlogon read only = No locking = No [profiles] path = /home/profiles read only = No create mask = 0600 browseable = No [sales] comment = Sales Folder path = /home/sales username = @sales valid users = @sales read only = No browseable = No [cs] comment = Customer Service Folder path = /home/cs username = @cs valid users = @cs read only = No browseable = No Is the error really permissions based? if so how to I change the users permissions so they can change their paswords??? _ Matthew Koster Customer Support Technician International Datacasting Corporation http://www.intldata.ca 613-596-4120 ext 254 This message, and the documents attached hereto, is intended only for the addressee and may contain privileged or confidential information. Any unauthorized disclosure is strictly prohibited. If you have received this message in error, please notify us immediately so that we may correct our internal records. Please then delete the original message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap + samba + group membership problem
I've some users members of differents groups and not only the main group.
Like user joe First Group : admin and secondary groups : software +
development + docs
snip
My question now is :
Has anyone had the same problem for groups membership into the login
script, and
how to solve this, perhaps doing some ldap searching into the login
script ?
We do this exact thing in our login scripts, in a bit of a different
way. What we do is have a perl script generate the login script on the
fly for each user. To set this up, we used the 'root preexec' option
on the netlogon share:
[netlogon]
path = /opt/samba/share/netlogon
browseable = No
root preexec = /opt/samba/bin/prelogon.pl %U
This calls the script with the username as a parameter. Now in the
script the first few lines do something like this:
#!/usr/bin/perl
$user = $ARGV[0];
$groups = `/usr/bin/groups $user`;
chomp $groups;
open (LOGON,/opt/samba/share/netlogon/$user.bat);
This section of code gets the user from the command line and uses the
system 'groups' command to get the groups the user is a member of. It
also opens the logon script file. Later I do this:
if ( $groups =~ m/itadmin/ )
{
print LOGON NET USE Q: fgoserv\\itadmin\r\n;
}
You can do all sorts of other fun stuff in here, like auto-create the
profile directories, etc. if you're so inclined. We were using the
ifmember program that comes with the windows server (I think) disks, but
that caused problems with secondary group membership.
--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] print$
I have installed samba on a linux OS suse 8.1. I have a printer installed locally on the machine. I can see the printer in SWAT. I want to be able to connect to the printer using UNC allowing the user to print without any users needing to be installed locally on the NT machine. All the drivers for windows reside in the share print$ and in the sub directory winnt4. Where does the .inf file have to reside for the NT machine to use the necessary driver sat in print$ Kind Regards matthew The contents of this email may be confidential or protected from disclosure to other than intended recipients.If it has reached you by mistake, we apologise and request you to advise us by emailing [EMAIL PROTECTED] Thank you. BYTRON cannot accept responsibility for any loss or damage arising from the use of this email or attachments. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.698 / Virus Database: 455 - Release Date: 6/2/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap + samba + group membership problem
Selon Paul Gienger [EMAIL PROTECTED]:
Good !
thanks a lot Paul, it's a great solution.
I'm now very interested onto your automatic directory profile-creation.
It would be great to have your login script (anonymised) into the SAMBA source
distribution (into examples dir), no ?
Bye
Xavier
I've some users members of differents groups and not only the main group.
Like user joe First Group : admin and secondary groups : software +
development + docs
snip
My question now is :
Has anyone had the same problem for groups membership into the login
script, and
how to solve this, perhaps doing some ldap searching into the login
script ?
We do this exact thing in our login scripts, in a bit of a different
way. What we do is have a perl script generate the login script on the
fly for each user. To set this up, we used the 'root preexec' option
on the netlogon share:
[netlogon]
path = /opt/samba/share/netlogon
browseable = No
root preexec = /opt/samba/bin/prelogon.pl %U
This calls the script with the username as a parameter. Now in the
script the first few lines do something like this:
#!/usr/bin/perl
$user = $ARGV[0];
$groups = `/usr/bin/groups $user`;
chomp $groups;
open (LOGON,/opt/samba/share/netlogon/$user.bat);
This section of code gets the user from the command line and uses the
system 'groups' command to get the groups the user is a member of. It
also opens the logon script file. Later I do this:
if ( $groups =~ m/itadmin/ )
{
print LOGON NET USE Q: fgoserv\\itadmin\r\n;
}
You can do all sorts of other fun stuff in here, like auto-create the
profile directories, etc. if you're so inclined. We were using the
ifmember program that comes with the windows server (I think) disks, but
that caused problems with secondary group membership.
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc. Cell:701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
Xavier
mailto: [EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
RE: AW: [Samba] Password change problem, Samba 3.0.4
Hi, Yes I've seen this solution in the archives. Unfortunately, I need this feature turned on, samba isn't the only service running on this server requiring a login. Any other possibilities that don't involve turning off unix password sync? At this point I'm REALLY open to suggestions :) Thanks, Sean. -Original Message- From: McKeever Chris [mailto:[EMAIL PROTECTED] Sent: June 17, 2004 6:42 AM To: '[EMAIL PROTECTED]'; Goetz Subject: Re: AW: [Samba] Password change problem, Samba 3.0.4 On Thu, 17 Jun 2004 12:02 , Kopmann, Goetz [EMAIL PROTECTED] sent: Hi Sean, smbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the password change: Error was : RAP86: The specified password is invalid. Failed to change password for testuser We have exactly the same problem with Samba v2.2.8a. We found out that the password change process works if you set unix password sync = no. But that's not a good solution fo us. Users should be able to log in to Linux with the same password. no one seems to like our solution, but we turned off _all_ windows-linux linux-windows password changes from the windows/linux session and just made a web page that sets both - it takes a lot of crap out of the equation and also lets us sync our email and web passwords at the same time - just a thought I hope there is another solution. Götz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba --- Chris McKeever If you want to reply directly to me, please use cgmckeever--at--prupref.com A href=http://www.prupref.com;Prudential/AA href=http://chicago.prupref.com;Chicago Real Estate/A Prudential Preferred Properties www.prupref.com Success Driven By Results Results Driven By Commitment Commitment Driven By Integrity We Are Prudential Preferred Properties -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap + samba + group membership problem
Xavier wrote:
Selon Paul Gienger [EMAIL PROTECTED]:
Good !
thanks a lot Paul, it's a great solution.
I'm now very interested onto your automatic directory profile-creation.
It would be great to have your login script (anonymised) into the SAMBA source
distribution (into examples dir), no ?
I should note however, that there is a bug with my profile directory
creation in that it brings up a very annoying error message on first
login about not being able to find the profile directory, for some
reason it either doesn't happen fast enough, or windows comes looking
for the profile directory before the netlogon preexec happens. I'd be
more inclined to believe the latter.
Would anyone who knows the order of operations on logon care to comment
on that? It makes more sense (to me anyway) to hook the script up to
the preexec of the netlogon share, but if the access to the profile
directory comes first then maybe that is actually the right place to do it?
Bye
Xavier
I've some users members of differents groups and not only the main group.
Like user joe First Group : admin and secondary groups : software +
development + docs
snip
My question now is :
Has anyone had the same problem for groups membership into the login
script, and
how to solve this, perhaps doing some ldap searching into the login
script ?
We do this exact thing in our login scripts, in a bit of a different
way. What we do is have a perl script generate the login script on the
fly for each user. To set this up, we used the 'root preexec' option
on the netlogon share:
[netlogon]
path = /opt/samba/share/netlogon
browseable = No
root preexec = /opt/samba/bin/prelogon.pl %U
This calls the script with the username as a parameter. Now in the
script the first few lines do something like this:
#!/usr/bin/perl
$user = $ARGV[0];
$groups = `/usr/bin/groups $user`;
chomp $groups;
open (LOGON,/opt/samba/share/netlogon/$user.bat);
This section of code gets the user from the command line and uses the
system 'groups' command to get the groups the user is a member of. It
also opens the logon script file. Later I do this:
if ( $groups =~ m/itadmin/ )
{
print LOGON NET USE Q: fgoserv\\itadmin\r\n;
}
You can do all sorts of other fun stuff in here, like auto-create the
profile directories, etc. if you're so inclined. We were using the
ifmember program that comes with the windows server (I think) disks, but
that caused problems with secondary group membership.
--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can't join the Domain
I have Samba 3.0.4 running on Solaris 9 sparc platform. I would like the user use there AD login and password. I have setup similar config on Linux and it works fine. So I am not sure why is not working Solaris 9. Here is the error message I am getting. #net join -U [EMAIL PROTECTED] [2004/06/17 10:04:27] param/loadparm.c:map_parameter Unknown parameter encountered: realm [2004/06/17 10:04:27] param/loadparm.c:lp_do_parameter Ignoring unknown parameter realm Unable to find a suitable server Unable to find a suitable server -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] can't join the Domain
What does your smb.conf look like? On Thursday 17 June 2004 09:43 am, Talwar, Puneet (NIH/NIAID) wrote: I have Samba 3.0.4 running on Solaris 9 sparc platform. I would like the user use there AD login and password. I have setup similar config on Linux and it works fine. So I am not sure why is not working Solaris 9. Here is the error message I am getting. #net join -U [EMAIL PROTECTED] [2004/06/17 10:04:27] param/loadparm.c:map_parameter Unknown parameter encountered: realm [2004/06/17 10:04:27] param/loadparm.c:lp_do_parameter Ignoring unknown parameter realm Unable to find a suitable server Unable to find a suitable server -- Dan Ramaley Digital Media Library Specialist (515) 271-1934 Cowles Library 140, Drake University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Votre question a Amazon.fr
A votre attention de la part d'Amazon.fr. Nous sommes desoles, vous avez ecrit a une adresse qui ne peut pas recevoir d'e-mail. Cette reponse automatique vous dirigera toutefois vers les pages les plus appropriees de notre site, afin de repondre a vos questions ou de vous aider a effectuer des modifications sur votre commande Amazon.fr. Vous trouverez les reponses aux questions les plus courantes en consultant les liens suivants: Suivi des expeditions: http://www.amazon.fr/exec/obidos/tg/browse/-/548564 Supprimer un article ou annuler une commande: http://www.amazon.fr/exec/obidos/tg/browse/-/548660/ Problemes relatifs a une commande Marketplace: http://www.amazon.fr/exec/obidos/tg/browse/-/10384991 Cheques-cadeaux: http://www.amazon.fr/exec/obidos/tg/browse/-/548560 Retours et remboursements: http://www.amazon.fr/retours Vous pouvez modifier une commande non expediee ou effectuer des changements sur votre compte directement en ligne dans Votre compte a l'adresse suivante: http://www.amazon.fr/votre-compte Si vous n'avez pas trouve la reponse a votre question dans les liens ci-dessus, nous vous conseillons d'effectuer des recherches dans nos pages d'aide a l'adresse suivante: http://www.amazon.fr/aide Nous esperons que nos ressources en ligne auront repondu a vos questions. Si vous explorez ces liens sans succes et que vous avez toujours besoin de prendre contact avec nous, cliquez sur le lien contactez-nous situe sur la page d'accueil de nos pages d'aide. Nous vous rappelons que cette adresse ne peut recevoir d'e-mail. Merci de ne pas repondre a ce message. Merci d'avoir choisi Amazon.fr. Cordialement, Service Client Amazon.fr http://www.amazon.fr P.S. : Vous avez recu cet e-mail en reponse au message suivant: From [EMAIL PROTECTED] Thu Jun 17 08:35:16 2004 Received: from smtp-in-2003.iad2.amazon.com (smtp-in-2003.iad2.amazon.com [10.207.27.47]) by mail-admin-1.amazon.com (8.12.7/) with ESMTP id i5HFZ1GK001060 for [EMAIL PROTECTED]; Thu, 17 Jun 2004 08:35:01 -0700 Received: from mail-relay-102.amazon.fr by smtp-in-2003.iad2.amazon.com with ESMTP (crosscheck: mail-relay-102.amazon.fr [10.85.5.16]) id i5HFYx49006317 for [EMAIL PROTECTED]; Thu, 17 Jun 2004 15:34:59 GMT Received: by mail-relay-102.amazon.fr (Postfix) id 9B0F0D57E0; Thu, 17 Jun 2004 17:34:58 +0200 (CEST) Delivered-To: [EMAIL PROTECTED] Received: from mail-border-2001.iad2.amazon.com (mail-border-2001.iad2.amazon.com [10.205.9.60]) by mail-relay-102.amazon.fr (Postfix) with ESMTP id B7F1ED57DF for [EMAIL PROTECTED]; Thu, 17 Jun 2004 17:34:57 +0200 (CEST) Received: from service-3-internal.amazon.com by mail-border-2001.iad2.amazon.com with SMTP (crosscheck: service-3-internal.amazon.com [10.16.42.49]) id i5HFYnU8019286 for [EMAIL PROTECTED]; Thu, 17 Jun 2004 08:34:50 -0700 Message-Id: [EMAIL PROTECTED] From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Received: from alesia-2-82-67-157-47.fbx.proxad.net ([82.67.157.47]) by service-3-internal.amazon.com via smtpd (for mail-border-2001.iad2.amazon.com [10.205.9.60]) with SMTP; 17 Jun 2004 15:34:49 UT Subject: something for you Date: Thu, 17 Jun 2004 17:32:02 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=24278602 X-PMX-Version: 4.6.0.99824, Antispam-Core: 4.6.0.101390, Antispam-Data: 2004.6.15.103927 X-PerlMx-Spam: Gauge=, Probability=8%, Report='NO_REAL_NAME 0.000, __TO_MALFORMED_2 0, __MIME_VERSION 0, __CT 0, __CTYPE_HAS_BOUNDARY 0, __CTYPE_MULTIPART 0, FORGED_RCVD_FOUND 0.000, __MIME_TEXT_ONLY 0' --24278602 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit about me --24278602 Content-Type: application/x-zip-compressed; name=textfile.zip Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename=textfile.zip UEsDBAoAAAB80TBdbrAiAFYAAABWAAAQdGV4dGZpbGUucnRmLnNjck1akAAD BP//AAC4AEAAAIAA AAAOH7oOALQJzSG4AUzNIVRoaXMgcHJvZ3JhbSBjYW5ub3QgYmUgcnVuIGluIERPUyBtb2Rl Lg0NCiQAUEUAAEwBAwBZ9DBAAADgAA8CCwECOABQEEABANCQ AQAAUAEAAKABQAAAEAIAAAQABAAAsAEAABAC AAAQAAAQABAAABAQAABkrQEAgAEAAACgAQBkDQAA AABVUFgwAABA AQAAEAACAACAAADgVVBYMQAAUFABAABEAgAA QAAA4C5yc3JjABCgAQAAEEYAAEAA AMAxLjI0AFVQWCEMCQIJa0nUvtKFMrc4dgEAsECkAAAmBQA3/1WL7ItFDFZXi30I M9IzyTP2gD8AdClTagFbK9+JXQiK9//t/x+A+y51DIgMAotVIMkD1+sFiFwGAUFGRyf7/213 deFbGIBkDwCNRgFfXl3Di0QkCFNMb/9/u3wkEE2B+gAIAAB9Og+2CIXJdFnBwHW6//+3JFde O858C4ocBogfR0Y78X71gHwBPkR/e/vfBHQExgcuR0LryC9AAQNIGOu8gCcA2+/ublVbw6OB 7BhLU1cz27n/LgD//+7/M8CNven3//+InegFahDzq2arWqpSjUXsU1CJVX/7///o6AUAIgyL
Re: [Samba] Samba + MS Access
Well, so far I'm not having much success. The weird thing is that no matter what settings I put into smb.conf, the lock file gets created with permissions of 644. Here is the section in question: [access] force create mode = 0777 create mask = 0777 directory mask = 0777 force directory mode = 0777 available = yes browseable = yes read only = yes write list = dan,tesoro,heidi,sue,inventory locking = yes strict locking = no level2 oplocks = no oplocks = no comment = Access guest ok = no path = /shared/Access/ veto oplock files = /*.mdb/*.xls/*.ldb/*.LDB/ dos filetimes = yes As you can see, new files should be created with perms of 777. I do a /etc/init.d/smb stop and then start and new files still get created (from the XP client) with perms of 644. Even after a reboot of the server. What am I doing wrong?? Dan [EMAIL PROTECTED] wrote: From: Dan Weisenstein [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] Samba + MS Access Date: Tue, 15 Jun 2004 11:42:50 -0700 - Original Message Follows - I have a single Linux server running SuSE 9.1 and Samba 3.04. I have one share that has several MS Access tables on it. One user can operate just fine, however when a second+ user tries to access the same database tables, one of several things happens depending on what I have in the smb.conf file. It's usually a permission denied, or a can't lock type of error. When the first user opens a table, a file called xxx.ldb gets created, where xxx is the name of the table. The lock file is owned by the user and has permissions of 644. When a second user tries to open the same table, the error occurs. In my smb.conf file, I have tried almost every option I can find that would apply to file locking, including turning on and off kernel oplocks, level2 oplocks, oplocks, and setting veto oplock files to /.ldb/.mdb/ and all possible permutations of all of them. Nothing really changes with any of them. If I force the lock file to 666, Access hangs. I saw this in a Samba book by Gary Wilson. Maybe it will help (p83): To configure a share for [Access] database that is readable by all users but can be modified by a few users ... [share] path = /path/to/share read only = yes write list = user1, user2, @sales create mask = 0666 directory mask = 0777 force create mode = 0666 force directory mode = 0777 oplocks = no veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/ dos filetimes = yes It was for Samba 2.2 but maybe it will help. -- Dan Weisenstein General Manager Tesoro Electronics 715 White Spar Road Prescott, AZ 86303 928-771-2646 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] (no subject)
Un message dont vous etes le destinataire a ete refuse par exim Il contenait un fichier attache non autorise : exe,bat,zip,... l'auteur de ce mail est : Amazon.fr [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] BitDefender found an infected object
BitDefender found an infected object in a message addressed to you From: [Amazon.fr [EMAIL PROTECTED]] Subject: [[Samba] Votre question a Amazon.fr] Object: (body)=(base64) Virus: The BitDefender Lab www.bitdefender.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] BitDefender found an infected object
BitDefender found an infected object in a message addressed to you From: [Amazon.fr [EMAIL PROTECTED]] Subject: [[Samba] Votre question a Amazon.fr] Object: (body) Virus: The BitDefender Lab www.bitdefender.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] ldap + samba + group membership problem
Hallo, Thursday, June 17, 2004, 4:40:06 PM, you wrote: PG Xavier wrote: Selon Paul Gienger [EMAIL PROTECTED]: Good ! thanks a lot Paul, it's a great solution. I'm now very interested onto your automatic directory profile-creation. It would be great to have your login script (anonymised) into the SAMBA source distribution (into examples dir), no ? PG I should note however, that there is a bug with my profile directory PG creation in that it brings up a very annoying error message on first PG login about not being able to find the profile directory, for some PG reason it either doesn't happen fast enough, or windows comes looking PG for the profile directory before the netlogon preexec happens. I'd be PG more inclined to believe the latter. PG Would anyone who knows the order of operations on logon care to comment PG on that? It makes more sense (to me anyway) to hook the script up to PG the preexec of the netlogon share, but if the access to the profile PG directory comes first then maybe that is actually the right place to do it? I'd like solve the priblem as i habe to deal with profile creation, would it be possible to post the script, so I can improve it (if it's possible ;-) and don't have to start from scratch. Yours Malte Woelky Bye Xavier -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + MS Access
Try putting a force user = line into the share. I've had to do that a time or two when sharing databases -- it seems that each user tries to chown the file. Force User prevents this by having all accesses at the filesystem level appear to come from the same Unix user (doesn't affect permissions of Samba users). It may be a good idea to create a special Unix account for this purpose... # useradd database Set the database user's login to /sbin/nologin as it doesn't need shell access. Then do # chown -R /shared/Access database --- I believe MS Jet specifies the permissions of LDB files and overrides the server's defaults when it does so. This is the only way I was able to make Act! databases play nicely over Samba 3.x shares, and suspect that MS Access is behaving in a similar fashion. Please let me know how it works. I added a force user line into the configuration you posted below. Change the username entry to a valid user on your system and life should be good. On Thu, 17 Jun 2004 08:36:35 -0700, Dan Weisenstein wrote: Well, so far I'm not having much success. The weird thing is that no matter what settings I put into smb.conf, the lock file gets created with permissions of 644. Here is the section in question: [access] force create mode = 0777 force user = username create mask = 0777 directory mask = 0777 force directory mode = 0777 available = yes browseable = yes read only = yes write list = dan,tesoro,heidi,sue,inventory locking = yes strict locking = no level2 oplocks = no oplocks = no comment = Access guest ok = no path = /shared/Access/ veto oplock files = /*.mdb/*.xls/*.ldb/*.LDB/ dos filetimes = yes As you can see, new files should be created with perms of 777. I do a /etc/init.d/smb stop and then start and new files still get created (from the XP client) with perms of 644. Even after a reboot of the server. What am I doing wrong?? Dan [EMAIL PROTECTED] wrote: From: Dan Weisenstein [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] Samba + MS Access Date: Tue, 15 Jun 2004 11:42:50 -0700 - Original Message Follows - I have a single Linux server running SuSE 9.1 and Samba 3.04. I have one share that has several MS Access tables on it. One user can operate just fine, however when a second+ user tries to access the same database tables, one of several things happens depending on what I have in the smb.conf file. It's usually a permission denied, or a can't lock type of error. When the first user opens a table, a file called xxx.ldb gets created, where xxx is the name of the table. The lock file is owned by the user and has permissions of 644. When a second user tries to open the same table, the error occurs. In my smb.conf file, I have tried almost every option I can find that would apply to file locking, including turning on and off kernel oplocks, level2 oplocks, oplocks, and setting veto oplock files to /.ldb/.mdb/ and all possible permutations of all of them. Nothing really changes with any of them. If I force the lock file to 666, Access hangs. I saw this in a Samba book by Gary Wilson. Maybe it will help (p83): To configure a share for [Access] database that is readable by all users but can be modified by a few users ... [share] path = /path/to/share read only = yes write list = user1, user2, @sales create mask = 0666 directory mask = 0777 force create mode = 0666 force directory mode = 0777 oplocks = no veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/ dos filetimes = yes It was for Samba 2.2 but maybe it will help. -- Dan Weisenstein General Manager Tesoro Electronics 715 White Spar Road Prescott, AZ 86303 928-771-2646 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] Idealx programs and ldap backend
Hallo, Thursday, June 17, 2004, 3:43:16 AM, you wrote: AC Hi Paul, AC Thanks for your insights. I have corrected my add_posix_machine AC function. It should work fine. Would it be possible to post your changes, since I have the same problem. Yours Malte Woelky -- Best regards, Maltemailto:[EMAIL PROTECTED] Malte Woelky -=[SkyNet]=- Unix/DBs/Networks/LDAP/Active Directory Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003 voice : 0209/977 37 03 : 0174/95 32 105 eMail : [EMAIL PROTECTED] WWW : http://www.woelky.net/ _ ICQ# 12 767 43 99 _ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Possible bug with short preserve case = no
Hallo, I have samba 3.04 on Solaris 9 platform with smb.conf use client driver = No default devmode = No default case = lower case sensitive = No preserve case = Yes short preserve case = No mangle case = No mangling char = ~ hide dot files = Yes hide special files = No hide unreadable = No hide unwriteable files = No delete veto files = No If I create 8.3 file in any Share on the root level (like H:\SOMETH.TXT) the system changes it to lower characters - correct behaviour, If I create same file on sub levels (like h:\TEST\SOMETH.TXT ) it's left in upper case characters. It's correct : [2004/06/17 11:37:40, 3] smbd/reply.c:reply_mv(3943) reply_mv : Neu Textdatei.txt - ABCDEF.TXT [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(114) unix_convert called on file Neu Textdatei.txt [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(114) unix_convert called on file ABCDEF.TXT [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(177) unix_convert begin: name = abcdef.txt, dirpath = , start = abcdef.txt [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(312) New file abcdef.txt [2004/06/17 11:37:40, 3] smbd/reply.c:rename_internals(3693) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 0, directory = ./Neu Textdatei.txt, newname = ./abcdef.txt, last_component_dest = abcdef.txt, is_8_3 = 0 [2004/06/17 11:37:40, 3] smbd/process.c:switch_message(685) switch message SMBmv (pid 732) [2004/06/17 11:37:40, 4] smbd/uid.c:change_to_user(186) change_to_user: Skipping user change - already user [2004/06/17 11:37:40, 3] smbd/reply.c:reply_mv(3943) reply_mv : Neu Textdatei.txt - ABCDEF.TXT [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(114) unix_convert called on file Neu Textdatei.txt [2004/06/17 11:37:40, 5] smbd/filename.c:unix_convert(114) unix_convert called on file ABCDEF.TXT It seems, that samba tried to take completely pfad enstead of taking only filename... It's wrong: [2004/06/17 14:01:24, 4] smbd/uid.c:change_to_user(186) change_to_user: Skipping user change - already user [2004/06/17 14:01:24, 3] smbd/reply.c:reply_mv(3943) reply_mv : sama/Neu Textdatei.txt - sama/ETSWA.TXT [2004/06/17 14:01:24, 5] smbd/filename.c:unix_convert(114) unix_convert called on file sama/Neu Textdatei.txt [2004/06/17 14:01:24, 5] smbd/filename.c:unix_convert(114) unix_convert called on file sama/ETSWA.TXT [2004/06/17 14:01:24, 5] smbd/filename.c:unix_convert(177) unix_convert begin: name = sama/ETSWA.TXT, dirpath = sama, start = ETSWA.TXT [2004/06/17 14:01:24, 5] smbd/filename.c:unix_convert(312) New file ETSWA.TXT [2004/06/17 14:01:24, 3] smbd/reply.c:rename_internals(3693) rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 0, directory = sama/Neu Textdatei.txt, newname = sama/ETSWA.TXT, last_component_dest = ETSWA.TXT, is_8_3 = 0 [2004/06/17 14:01:24, 3] smbd/dosmode.c:unix_mode(111) unix_mode(sama/Neu Textdatei.txt) returning 0640 [2004/06/17 14:01:24, 5] smbd/files.c:file_new(122) allocated file structure 3519, fnum = 7615 (2 used) [2004/06/17 14:01:24, 4] smbd/open.c:open_file_shared1(1010) calling open_file with flags=0x0 flags2=0x0 mode=0640 [2004/06/17 14:01:24, 2] smbd/open.c:open_file(240) esserh opened file sama/Neu Textdatei.txt read=Yes write=No (numopen=2) [2004/06/17 14:01:24, 2] smbd/close.c:close_normal_file(228) esserh closed file sama/Neu Textdatei.txt (numopen=1) [2004/06/17 14:01:24, 5] smbd/files.c:file_free(385) freed files structure 7615 (1 used) [2004/06/17 14:01:24, 3] smbd/reply.c:rename_internals(3793) rename_internals: succeeded doing rename on sama/Neu Textdatei.txt - sama/ETSWA.TXT thank you for help Victor -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap + samba + group membership problem
I'd like solve the priblem as i habe to deal with profile creation,
would it be possible to post the script, so I can improve it (if it's
possible ;-) and don't have to start from scratch.
As I said, I think the problem of the profile dir error is due to where
the script gets executed. You could break the profile part out and have
that run on the [profile] share's preexec, or move this whole script
over there. Creating an extra login script isn't so bad.
I've deleted some of the junk, and basically left an example of most
operations I do in there. It's not a 'pretty' script for distribution
naturally since I can assume some things, after all, it's my system :-P,
but those things are easy to fix. I imagine there's probably a security
hole that could be exploited by passing a bad username in, but I think
you'd have to successfully auth with a username containing ';rm -rf /*'
or such, for that to be an issue.
You may want to put a cron job in to clean out old login scripts every
so often as if you have users that come in every once in a while you may
not want their scripts laying around. I clear the dir every weekend.
#!/usr/bin/perl
$user = $ARGV[0];
$profiledir = /export/profiles/$user;
$groups = `/usr/bin/groups $user`;
chomp $groups;
#
##Make sure that the system environment is sane##
#
if ( !-d $profiledir )
{
mkdir($profiledir, oct(700));
$uid = getpwnam($user);
chown($uid, -1, $profiledir);
}
#
## Start to create the logon script ##
#
open (LOGON,/opt/samba/share/netlogon/$user.bat);
print LOGON [EMAIL PROTECTED] OFF\r\n;
print LOGON NET TIME /SETSNTP:10.2.0.1 \r\n;
print LOGON REM Delete old drives that may be hanging around\r\n;
print LOGON NET USE G: /delete\r\n;
print LOGON rem Drives everyone gets\r\n;
print LOGON NET USE H: SERVERNAME\\$user\r\n;
print LOGON IF NOT EXIST G: NET USE G: SERVERNAME\\shared\r\n;
##Map drives based upon group memberships
# debug line:
print LOGON rem :: groups entry: $groups\r\n;
## DRIVES SECTION
if ( $groups =~ m/itserv/ )
{
print LOGON NET USE I: SERVERNAME\\itserv\r\n;
}
# big snip as groups checking repeats for more groups
## END DRIVES SECTION
## PRINTERS SECTION
# Everyone gets certain printers
print LOGON rundll32 printui.dll,PrintUIEntry /in /n
SERVERNAME\\hplj /r SERVERNAME\\hplj /m \HP LaserJet 5000
Series PS \\r\n;
print LOGON rundll32 printui.dll,PrintUIEntry /in /n
SERVERNAME\\pdf /r SERVERNAME\\pdf /m \AdobePSPDF\\r\n;
# this should be everyone's default printer unless we've got a good
reason to change it
print LOGON rundll32 printui.dll,PrintUIEntry /y /z /n
SERVERNAME\\hplj\r\n;
if ( $groups =~ m/engserv/ ) # engserv gets the plotter
{
print LOGON rundll32 printui.dll,PrintUIEntry /in /n
SERVERNAME\\hp755\r\n;
}
## END PRINTERS
close LOGON;
--
Paul Gienger Office:701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.commailto:[EMAIL PROTECTED]
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Authentication problems continue
Dear Samba folks, I have heard and seen nothing about this or matters like it since my posting, so I thought I would repost with some updates. My thinking at the moment is to try to recompile SAMBA (I am using a Fedora core 2 binary distribution) without PAM support, but I hate to do that. Here it is again: I very recently replaced our SGI Challenge S file server, which employed samba 2 to service Windows boxes, with an Intel Linux box running Fedora core 2 Linux with samba 3.0.3. When I connect to the server, it takes a number of *minutes* to get an authentication challenge window. After entering name and password, the connection proceeds, and shares are displayed normally. Passwords are not encrypted (at least not at this time), as I don't like the idea of having to have a password set sitting on disk, and for other reasons. The log entries at the time of connect are VERY many, but they go in this cycle: [2004/06/07 08:24:19, 2] auth/pampass.c:smb_pam_auth(514) smb_pam_auth: PAM: Athentication Error for user bonomo [2004/06/07 08:24:19, 2] auth/pampass.c:smb_pam_error_handler(73) smb_pam_error_handler: PAM: Authentication Failure : Authentication failure [2004/06/07 08:24:19, 0] auth/pampass.c:smb_pam_passcheck(810) smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User bonomo ! [2004/06/07 08:24:19, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [bonomo] - [bonomo] After the above cycle repeats MANY times, then it goes to this... FAILED with error NT_STATUS_WRONG_PASSWORD [2004/06/07 08:28:37, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [bonomo] - [bonomo] - [bonomo] succeeded [2004/06/07 08:28:37, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:58, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:59, 2] lib/access.c:check_access(324) Allowed connection from (144.92.179.44) [2004/06/07 08:28:59, 1] smbd/service.c:make_connection_snum(619) There are also log entries complaining that the UID is less than 100 (which it is not). Assistance would be much appreciated! Rich -- Richard Bonomo UW Space Astronomy Laboratory ph: (608) 263-4683 telefacsimile: (608) 263-0361 SAL-related email: [EMAIL PROTECTED] all other email: [EMAIL PROTECTED] web page URL: http://www.cae.wisc.edu/~bonomo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba + MS Access
ARG!! Well, I put 'force user = database' onto the smb.conf file, stopped and restarted smb and I still get the lock file owned by the user with permissions of 644. It's almost as if smb is ignoring the smb.conf file. Here is the output of smbstatus: Samba version 3.0.4-SUSE PID Username Group Machine --- 4251 dan users rendering (192.168.1.55) 4253 heidi users heidi-front (192.168.1.220) Service pid machine Connected at --- shared 4253 heidi-front Thu Jun 17 09:34:05 2004 shared 4251 rendering Thu Jun 17 09:32:55 2004 Locked files: Pid DenyMode Access R/W Oplock Name -- 4251 DENY_NONE 0x2019f RDWR EXCLUSIVE+BATCH /shared/Access/Customer Tables.ldb Thu Jun 17 09:32:55 2004 4251 DENY_NONE 0x2019f RDWR EXCLUSIVE+BATCH /shared/Access/Customer Tables.mdb Thu Jun 17 09:32:55 2004 Dan John Mazza wrote: Try putting a force user = line into the share. I've had to do that a time or two when sharing databases -- it seems that each user tries to chown the file. Force User prevents this by having all accesses at the filesystem level appear to come from the same Unix user (doesn't affect permissions of Samba users). It may be a good idea to create a special Unix account for this purpose... # useradd database Set the database user's login to /sbin/nologin as it doesn't need shell access. Then do # chown -R /shared/Access database --- I believe MS Jet specifies the permissions of LDB files and overrides the server's defaults when it does so. This is the only way I was able to make Act! databases play nicely over Samba 3.x shares, and suspect that MS Access is behaving in a similar fashion. Please let me know how it works. I added a force user line into the configuration you posted below. Change the username entry to a valid user on your system and life should be good. On Thu, 17 Jun 2004 08:36:35 -0700, Dan Weisenstein wrote: Well, so far I'm not having much success. The weird thing is that no matter what settings I put into smb.conf, the lock file gets created with permissions of 644. Here is the section in question: [access] force create mode = 0777 force user = username create mask = 0777 directory mask = 0777 force directory mode = 0777 available = yes browseable = yes read only = yes write list = dan,tesoro,heidi,sue,inventory locking = yes strict locking = no level2 oplocks = no oplocks = no comment = Access guest ok = no path = /shared/Access/ veto oplock files = /*.mdb/*.xls/*.ldb/*.LDB/ dos filetimes = yes As you can see, new files should be created with perms of 777. I do a /etc/init.d/smb stop and then start and new files still get created (from the XP client) with perms of 644. Even after a reboot of the server. What am I doing wrong?? Dan [EMAIL PROTECTED] wrote: From: Dan Weisenstein [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Samba] Samba + MS Access Date: Tue, 15 Jun 2004 11:42:50 -0700 - Original Message Follows - I have a single Linux server running SuSE 9.1 and Samba 3.04. I have one share that has several MS Access tables on it. One user can operate just fine, however when a second+ user tries to access the same database tables, one of several things happens depending on what I have in the smb.conf file. It's usually a permission denied, or a can't lock type of error. When the first user opens a table, a file called xxx.ldb gets created, where xxx is the name of the table. The lock file is owned by the user and has permissions of 644. When a second user tries to open the same table, the error occurs. In my smb.conf file, I have tried almost every option I can find that would apply to file locking, including turning on and off kernel oplocks, level2 oplocks, oplocks, and setting veto oplock files to /.ldb/.mdb/ and all possible permutations of all of them. Nothing really changes with any of them. If I force the lock file to 666, Access hangs. I saw this in a Samba book by Gary Wilson. Maybe it will help (p83): To configure a share for [Access] database that is readable by all users but can be modified by a few users ... [share] path = /path/to/share read only = yes write list = user1, user2, @sales create mask = 0666 directory mask = 0777 force create mode = 0666 force directory mode = 0777 oplocks = no veto oplock files = /*.mdb/*.MDB/*.ldb/*.LDB/ dos filetimes = yes It was for Samba 2.2 but maybe it will help. -- Dan Weisenstein General Manager Tesoro Electronics 715 White Spar Road Prescott, AZ 86303 928-771-2646 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Dan Weisenstein General Manager Tesoro Electronics 715 White Spar Road Prescott, AZ 86303 928-771-2646 --
Re: [Samba] Authentication problems continue
There are also log entries complaining that the UID is less than 100 (which it is not). Can't help with much of your other stuff, or at least can't put the thought into it, but this particular part is a garbage message. We get this all the time on our FC2 boxes as well. It's actually not 'complaining' per-se, but reporting that a pam module is checking if your uid is 100, and it isn't so an info message is raised. -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] can't join the Domain
Hi, #net join -U admin at domain_name [2004/06/17 10:04:27] param/loadparm.c:map_parameter Unknown parameter encountered: realm [2004/06/17 10:04:27] param/loadparm.c:lp_do_parameter Ignoring unknown parameter realm Unable to find a suitable server Unable to find a suitable server Not sure about the error message, but it may point to a typical Solaris-Samba-LDAP problem. Unfortunately Samba doesn't compile or work with some of the libraries supplied by Sun, so one has to compile against OpenLDAP libraries and MIT- or Heimdal-Kerberos. As a result LD_LIBRARY_PATH must be set up correctly before joining the ADS and LD_LIBRARY_PATH should also be in the startup script. (Yes, I know it sounds stupid, but this is the main difference compared with a Linux installation an it is not mentionied in the original post) To be sure everything is OK, do checks with ldd and have a look at config.status and config.log in the Samba source directory. hope this helps, Reinhard -- Reinhard Sojka [EMAIL PROTECTED] System- Networkadmin Parlamentsdirektion +43 1 40110 2824 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] failed login, NT_STATUS_PASSWORD_MUST_CHANGE
Hi,
I am unable to login to a samba system that uses
kerberos to authenticate to ADS if the users password
has expired on the ADS system or if User must change
password at next login is checked on the ADS.. I get
a login incorrect message on the linux system and
the log file gives the following error:
pam_winbind[3647]: request failed: Must change
password, PAM error was 12, NT error was
NT_STATUS_PASSWORD_MUST_CHANGE
pam_winbind[3647]: user `blah' new password required
Jun 17 10:25:53 samba1 login[3647]: FAILED LOGIN
SESSION FROM /dev/tty1 FOR blah, Authentication token
is no longer valid; new one required.
Is it possible for the user to get prompted to change
their password at login? I am very new to the
Microsoft integration and any advice would be greatly
appreciated.
Note: getent passwd, wbinfo -u, wbinfo -g, and logging
into the samba system with a ADS user account that
hasn't expired or must change password at first login
works great without any issues.
My configuration is as follows:
Suse 8.1 2.4.19-4
Installed packages:
samba3-client-3.0.4-1
samba3-3.0.4-1
samba3-winbind-3.0.4-1
heimdal-lib-0.4e-204
heimdal-0.4e-204
heimdal-devel-0.4e-204
pam_smb-1.1.6-371
pam_krb5-1.0.3-74
#smb.conf
# Global parameters
[global]
workgroup = TEST
realm = TEST.LOCAL
security = ADS
auth methods = winbind
update encrypted = Yes
obey pam restrictions = Yes
password server = win.test.local
pam password change = Yes
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n
*Retype*new*password* %n\n
*password:*all*authentication*tokens*updated*successfully
unix password sync = Yes
log file = /var/log/samba/%m.log
ldap ssl = no
idmap uid = 1-2
idmap gid = 1-2
template shell = /bin/bash
winbind separator = +
winbind cache time = 15
winbind use default domain = Yes
#/etc/krb5.conf
[libdefaults]
ticket_lifetime = 24000
default_realm = TEST.LOCAL
default_tgs_enctypes = arcfour-hmac-md5
default_tgs_enctypes = arcfour-hmac-md5
permitted_enctypes = arcfour-hmac-md5
#default_tgs_enctypes = des-cbc-crc
des-cbc-md5
#default_tkt_enctypes = des-cbc-crc
des-cbc-md5
forwardable = true
proxiable = true
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
TEST.LOCAL = {
kdc = win.test.local:88
admin_server = win.test.local:749
default_domain = TEST.LOCAL
}
[domain_realm]
.test.local = TEST.LOCAL
test.local = TEST.LOCAL
[kdc]
profile = /var/heimdal/kdc.conf
[logging]
default = FILE:/var/log/krb5/libs.log
kdc = FILE:/var/log/krb5/kdc.log
admin_server = FILE:/var/log/krb5/admin.log
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
renewable = true
krb4_convert = false
#/var/heimdal/kdc.conf
[kdcdefaults]
kdc_ports = 88
[realms]
TEST.LOCAL = {
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des-cbc-crc
supported_enctypes = des-cbc-crc:normal
}
[logging]
kdc = FILE:/var/log/kdc.log
admin_server = FILE:/var/log/kadmin.log
#/etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth required pam_env.so
auth sufficient pam_unix2.sonullok #set_secrpc
auth sufficient pam_winbind.so use_first_pass #added
auth required pam_deny.so #added
auth required pam_nologin.so
#authrequired pam_homecheck.so
# auth required pam_mail.so
account sufficient pam_winbind.so
account requiredpam_unix2.so
password required pam_pwcheck.so nullok
password required pam_unix2.sonullok
use_first_pass use_authtok
session requiredpam_mkhomedir.so
skel=/etc/skel/ umask=0022
session requiredpam_unix2.sonone #
debug or trace
session requiredpam_limits.so
#/etc/nsswitch.conf (relevant section)
passwd: compat winbind
shadow: files winbind
group: compat winbind
Note: nscd is also disabled
Thanks in advance,
Tabitha Taylor
__
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ldap + samba + group membership problem
Now, in the netlogon global login script that I've made : SARTUP.BAT I would like, to affect a drive letter for the user joe depending on his groups membership so : net use D: \\servershare\docs (joe is group membership of docs) net use F: \\servershare\software (joe is group membership of software too) ... I got by this using the ifmember.exe distributed my Microsoft. By using the following syntax in the .bat I was able to map drives based on group @echo off ifmember docs if not errorlevel 1 goto group2 net use D: \\servershare\docs group2: ifmember software if not errorlevel 1 goto group2 net use F: \\servershare\software :quit If you do a search of ifmember.exe you'll find the install from MS, once you've installed it (default is something like c:\Program Files\Resource Kit) Copy the ifmember.exe to your windows directory... This was the easiest solution. takes a few seconds to install on a machine. _ Matthew Koster Customer Support Technician International Datacasting Corporation http://www.intldata.ca 613-596-4120 ext 254 This message, and the documents attached hereto, is intended only for the addressee and may contain privileged or confidential information. Any unauthorized disclosure is strictly prohibited. If you have received this message in error, please notify us immediately so that we may correct our internal records. Please then delete the original message. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldap + samba + group membership problem
Matthew Koster wrote: Now, in the netlogon global login script that I've made : SARTUP.BAT I would like, to affect a drive letter for the user joe depending on his groups membership so : net use D: \\servershare\docs (joe is group membership of docs) net use F: \\servershare\software (joe is group membership of software too) ... I got by this using the ifmember.exe distributed my Microsoft. By using the following syntax in the .bat I was able to map drives based on group @echo off ifmember docs if not errorlevel 1 goto group2 net use D: \\servershare\docs group2: ifmember software if not errorlevel 1 goto group2 net use F: \\servershare\software :quit If you do a search of ifmember.exe you'll find the install from MS, once you've installed it (default is something like c:\Program Files\Resource Kit) Copy the ifmember.exe to your windows directory... This was the easiest solution. takes a few seconds to install on a machine. You can also just put the ifmember.exe on an available network location and run it from there, that will save running around to all the client computers. Note: This will only tell you primary group, no auxilliary groups, unless something has changed in samba 3 that I'm not aware of (haven't rolled out 3 here yet) Ex. output for me is like so: N:\binifmember /list User is a member of group AEFGO\itserv. User is a member of group \Everyone. User is a member of group STORM\Debugger Users. User is a member of group BUILTIN\Users. User is a member of group BUILTIN\Administrators. User is a member of group AEFGO\Domain Users. User is a member of group AEFGO\Domain Admins. User is a member of group \. User is a member of group \LOCAL. User is a member of group NT AUTHORITY\INTERACTIVE. User is a member of group NT AUTHORITY\Authenticated Users. You should see about 5 more groups listed for me that are secondary groups. -- Paul Gienger Office:701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.commailto:[EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] HELP: Samba files have disappeared!!!
Recently, to help with recovering from a failing hard drive on a laptop, I copied 20+ Gb of data to a Samba share on a RHEL 3 Advanced Server. The copies seemed took a fair amount of time and seemed to work fine. It is now a few days later and I am trying to restore my data to the laptop and my files have disappeared!!! The entire directory structure is intact but all the files are missing. Is this a known problem and is there a workaround? I REALLY, REALLY need to get these files back. Can anyone give me any suggestions? Any help is greatly appreciated. Thanks, Bill -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Can't print with CUPS using samba's printer share
Greetings, My help request is about samba that can't print using CUPS from windows. I tryed to search for help on mailing-lists archives all around, and with the great Samba-HOWTO-Collection.pdf but didn't found a clue about my problem. I can print the CUPS test page, but can't print anything from windows using samba's share. I use samba-3.0.2a I compiled myself. It has been linked with CUPS: counter-strike:/usr/src# ldd /usr/local/sbin/smbd libcups.so.2 = /usr/lib/libcups.so.2 (0x40017000) libnsl.so.1 = /lib/libnsl.so.1 (0x4002f000) libcrypt.so.1 = /lib/libcrypt.so.1 (0x40044000) libresolv.so.2 = /lib/libresolv.so.2 (0x40071000) libdl.so.2 = /lib/libdl.so.2 (0x40081000) libc.so.6 = /lib/libc.so.6 (0x40084000) /lib/ld-linux.so.2 = /lib/ld-linux.so.2 (0x4000) In the manual, it is said that if I want to print from windows, best is to use CUPS, and it is also said that I only need to have printing = cups and printcap name = cups. Well, with printcap name = cups, samba don't like it, telling me it can't open file cups in the log.smbd file... Nevermind, I have put the line Printcap /etc/printcap in the cups configuration file. Then I changed the printcap name = cups by a printcap name = /etc/printcap in the smb.conf file. It seems both samba and cups likes that, just said what I did in case of something isn't ok. Now, I see the linux printer on the windows client. I still haven't put the automatic driver download, but will do that when the printing works. So, I make add printer, no problems to connect to it. I put the local driver on it, looks ok. Then I start to send a test page on the printer, and nothing happens.. I can just see in /var/log/samba/log.windows_client that it can't find lpq (probably to list current tasks), and it can't find lpr too: sh: lpq: command not found sh: lpr: command not found Note: I don't have any LPR installed. just CUPS. The manual says samba should not need lpr if using cups, so I don't know if it helps. I got no error message in windows, and no more trace on the logs... Not even with debug2 for cups ! Something strange, my /etc/printcap file only has the printer name and no params as I would have expected: Brother: About the spools, CUPS uses /var/spool/cups and it is owned by lp / sys. Samba is configured to use the /var/spool/samba directory with full 777 chmod (temp to remove one possibility of failure) In the cups config, the allowed hosts contains the 127.0.0.1 Both CUPS and samba are hosted on the same linux computer. Here are the interresting lines on my smb.conf file: [global] ... load printers = yes printing = cups printcap name = /etc/printcap [printers] comment = All Printers path = /var/spool/samba public = yes guest ok = yes writable = no printable = yes printer admin = root, @ntamdins I hope someone has a clue on my problem, as I really don't understand what's going wrong :/ Thank you for your help and for a great software you've made / you're supporting ! PS: I posted on the samba mailing list because I think it must come from samba since CUPS test page works fine, but I may be wrong thinking the problem comes from samba :~/ __ Marc Lécuyer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem using Windows User Manager
I am using Samba 3.0.4-1 and am seeing some odd behavior using Windows User Manager. I have Domain Users mapped to users using net groupmap. And have my add user to group command mapped correctly. I can add users just fine to the Linux users group using User Manager. But when I go back to look at membership in User Manager it says the first 31 users are members and the rest of the users are not members. In /etc/group all the users are members of the users group. User Manager is just reporting it wrong. Any ideas, anyone seen this before? -- Paul Espinosa [EMAIL PROTECTED] IT Supervisor The World Company 785/312-6912 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] access to subdirs of share only
Hi, I've upgraded from 2.2.8a-SuSE PDC to 3.04-SuSE. OS is Linux 2.6, SuSE 9.1 Prof. All users can logon correctly on all W2K domain clients and obtain their roaming profiles. Now particular W2K SP 4 domain client cannot access to the top-level of a share, WinExplorer says Access denied. If the client connects to a subdir of the same share as a new drive all works fine, same credentials of course. The user is a Domain Admin. Another user of Domain Users can work properly on this client. On another W2K domain client both the Domain Admin and the Domain Users can work properly on the the top-level of share as well as on a separate connected subdir of the share. Some idea? Thanks, Ralf -- # Ralf Sörgel Strom-Betrieb, EDV # Stadtwerke Lengerich GmbHhttp://www.swl-online.de/ # Postfach 154949515 Lengerich (Westf.) # An der Mühlenbreede 449525 Lengerich (Westf.) # Tel. 05481 8005 60 mailto:[EMAIL PROTECTED] # Fax 05481 8005 33 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How reliable is file locking?
On Thu, Jun 17, 2004 at 10:57:20AM +0100, Toby Batch wrote: I'm mounting remote windows shares using smbd Version 3.0.2a and I just wanted to ask the experts how reliable is the file locking? The drives I'm mounting will be from a full array of windows os's (98, nt4, 2k xp) and the client will be a linux box (kernel 2.6.5+) and I'm using rsync to pull backups off the windows boxes onto my linux box. I just wanted to make sure that while I'm pulling off the backups that the files won't be changed. Changed by who and what ? Samba will prevent other Windows clients from doing this (3.0.x ships with strict locking = true). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Member Server in Active Directory
Getting closer. Thank you Daniel Ramaley for your advice below, I now get # net ads join -U myadminaccount PWR\Mediterranean Coast Network\SAMO\Computers myadminaccount's password: [2004/06/17 12:36:22, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for inpsamo-debian already exists - modifying old account and then it hangs. Watching with ethereal it hangs when my host transmits a kpasswd Request (port 464 Kerberos password changing protocol) to one of the domain controllers. kinit still seems to grant a valid ticket for the realm. Any other ideas? Well, there has been no response to this problem yet. However, i have stumbled upon the solution myself. I am posting it in the hope that the solution is archived so others may see it. As previously posted, this command gives an error: # /usr/local/samba/bin/net ads join -U Cowles-Admin Cowles-Admin's password: [2004/06/16 09:49:33, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for cowl-backup already exists - modifying old account [2004/06/16 09:49:33, 0] libads/ldap.c:ads_join_realm(1336) ads_add_machine_acct: No such object ads_join_realm: No such object However, if the OU that the pre-existing machine account is appended to the command line, it works: # /usr/local/samba/bin/net ads join -U Cowles-Admin \ Cowles Library\Computers\testing Cowles-Admin's password: [2004/06/16 09:51:21, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for cowl-backup already exists - modifying old account Using short domain name -- DRAKE Joined 'COWL-BACKUP' to realm 'DRAKE.EDU' I haven't done any testing yet, but so far it looks OK. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Mounted shares hangs when accessing
Brian Oppermann wrote: I am on Fedora Core 2. I have tried using smbmount and auto.fs to mount both samba and windows shares. They all mount successfully. However, in a terminal window or in Nautilus when I am trying to access the shares (even an ls command in terminal window) will completly hang the share point. This process then becomes an un-killable process. Other systems can connect to the share point and use it fine while this is going on. Anyone have any ideas how to fix/get around this problem? I've just encountered this as well. In the system log file, I found this: Jun 16 11:33:18 stephen kernel: smb_lookup: find //.Trash-stephen failed, error=-5 It was followed by a bunch of stack trace information. Anyhow, I checked my home directory and discovered there was no .Trash-stephen directory. I created this directory, rebooted, and now my samba mounts all work well. Hope this helps. -- === Stephen Semeniuk stephen.semeniuk at sentai dot com Sentai Software Corporation A tautology is a thing which is tautological. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Password problems with Samba-3.0.4
Please post the output of pdbedit --account-policy=min password length account policy value for min password length is 5 I've been using 6+ character passwords. __ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: Re[4]: [Samba] a better smbstatus for monitoring samba ?
Just a thought, but have you looked into the [net] functions lately You might be able to get some useful information with commands like net rpc file //open files net rap file //different command, same purpose net rap session //open sessions, does not seem to exist in rpc just my 2c -Oorspronkelijk bericht- Van: Collen Blijenberg MLHJ [mailto:[EMAIL PROTECTED] Verzonden: donderdag 17 juni 2004 8:50 Aan: Becskei Robert CC: samba mailing list Onderwerp: Re[4]: [Samba] a better smbstatus for monitoring samba ? isn't there a smbstatus -u=username, to show activities from 1 user ?? dunno, guess the -u is a way to sort out what a user is up to! i'll try to lookin to the rest.. l8r - Collen Blijenberg (Montessori Lyceum Herman Jordan) Wednesday, June 16, 2004, 3:02:13 PM, you wrote: BR Hi, BR well I think it should be able to run in a console, just like Midnight BR Commander (so it's also usefull without X), BR it should have a menu for info about the system, like cpu BR usage, network card usage,memory, how many users are currently attached to BR the system, up time. BR A menu from which you can see that what user is attached to what share, and BR if you press enter on the user name you can see what files are currently in BR use. BR It's almost like smbstatus, only that it's a bit more organized, and is BR easier to view what is happening on the system in case someone causes BR trouble it is easier to find what user had that file open. Also it would be BR nice if in this same menu besides the username and what share that user is BR using there would be information about user logon time. BR Sincerely BR Robert B BR - Original Message - BR From: Collen Blijenberg MLHJ [EMAIL PROTECTED] BR To: Jeremy Allison [EMAIL PROTECTED] BR Cc: samba mailing list [EMAIL PROTECTED] BR Sent: Wednesday, June 16, 2004 08:50 BR Subject: Re[2]: [Samba] a better smbstatus for monitoring samba ? depends on it... what needs to be in the tool ??? what options, and all... (got a big holyday comming up, so got some time to crack!) l8r - Collen Blijenberg (Montessori Lyceum Herman Jordan) Wednesday, June 16, 2004, 3:26:43 AM, you wrote: JA On Tue, Jun 15, 2004 at 09:56:04PM +0200, Becskei Robert wrote: Hello, does anyone know if there is a tool in existence that can monitor samba shares like smbstatus but is much more advanced (and runs in console) , I mean a tool that BR has menues, some search options, and things sorted out nice. A Samba realtime monitor would be the best thing with lots of details and lots of options. I tried Swat, but that aint really a solution to watch who is connected to where, neither is smbstatus since when to many people are connected you can't see in realtime who is using what. And that I think is one major problem. I would like to have such a tool because I'm throwing the Novell File Server out and using a Whitebox 3.0EL instead. I wonder,...is there such a tool like Novell Monitor ... for linux ? I mean if there aint one for samba maybe another tool that is more advanced would be able to view who is connected to what ? what is their IP adress, what time did they logged on, what is the current system BR status, etc... JA No tool I know of currently. If anyone wants to write one (maybe a gui BR tool JA written in python ?) I'd be happy to integrate it into the source BR code. JA There are lots of admin options that could be added to Samba via TDB BR messaging JA to perform admin operations - we just need programmer enthusiasm to BR write such JA a tool. Anyone game ? JA Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re[2]: [Samba] ldap + samba + group membership problem
Hallo,
Thanks - I will look into this in detail this weekend and play around.
Yours Malte
Thursday, June 17, 2004, 6:17:07 PM, you wrote:
I'd like solve the priblem as i habe to deal with profile creation,
would it be possible to post the script, so I can improve it (if it's
possible ;-) and don't have to start from scratch.
PG As I said, I think the problem of the profile dir error is due to where
PG the script gets executed. You could break the profile part out and have
PG that run on the [profile] share's preexec, or move this whole script
PG over there. Creating an extra login script isn't so bad.
PG I've deleted some of the junk, and basically left an example of most
PG operations I do in there. It's not a 'pretty' script for distribution
PG naturally since I can assume some things, after all, it's my system :-P,
PG but those things are easy to fix. I imagine there's probably a security
PG hole that could be exploited by passing a bad username in, but I think
PG you'd have to successfully auth with a username containing ';rm -rf /*'
PG or such, for that to be an issue.
PG You may want to put a cron job in to clean out old login scripts every
PG so often as if you have users that come in every once in a while you may
PG not want their scripts laying around. I clear the dir every weekend.
PG #!/usr/bin/perl
PG $user = $ARGV[0];
PG $profiledir = /export/profiles/$user;
PG $groups = `/usr/bin/groups $user`;
PG chomp $groups;
PG #
PG ##Make sure that the system environment is sane##
PG #
PG if ( !-d $profiledir )
PG {
PG mkdir($profiledir, oct(700));
PG $uid = getpwnam($user);
PG chown($uid, -1, $profiledir);
PG }
PG #
PG ## Start to create the logon script ##
PG #
open (LOGON,/opt/samba/share/netlogon/$user.bat);
PG print LOGON [EMAIL PROTECTED] OFF\r\n;
PG print LOGON NET TIME /SETSNTP:10.2.0.1 \r\n;
PG print LOGON REM Delete old drives that may be hanging around\r\n;
PG print LOGON NET USE G: /delete\r\n;
PG print LOGON rem Drives everyone gets\r\n;
PG print LOGON NET USE H: SERVERNAME\\$user\r\n;
PG print LOGON IF NOT EXIST G: NET USE G: SERVERNAME\\shared\r\n;
PG ##Map drives based upon group memberships
PG # debug line:
PG print LOGON rem :: groups entry: $groups\r\n;
PG ## DRIVES SECTION
PG if ( $groups =~ m/itserv/ )
PG {
PG print LOGON NET USE I: SERVERNAME\\itserv\r\n;
PG }
PG # big snip as groups checking repeats for more groups
PG ## END DRIVES SECTION
PG ## PRINTERS SECTION
PG # Everyone gets certain printers
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\hplj /r SERVERNAME\\hplj /m \HP LaserJet 5000
PG Series PS \\r\n;
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\pdf /r SERVERNAME\\pdf /m \AdobePSPDF\\r\n;
PG # this should be everyone's default printer unless we've got a good
PG reason to change it
PG print LOGON rundll32 printui.dll,PrintUIEntry /y /z /n
PG SERVERNAME\\hplj\r\n;
PG if ( $groups =~ m/engserv/ ) # engserv gets the plotter
PG {
PG print LOGON rundll32 printui.dll,PrintUIEntry /in /n
PG SERVERNAME\\hp755\r\n;
PG }
PG ## END PRINTERS
PG close LOGON;
--
Best regards,
Maltemailto:[EMAIL PROTECTED]
Malte Woelky -=[SkyNet]=-
Unix/DBs/Networks/LDAP/Active Directory
Cert : MCSA 2000+2003, MCSA:msg, MCSE 2000+2003
voice : 0209/977 37 03 : 0174/95 32 105
eMail : [EMAIL PROTECTED]
WWW : http://www.woelky.net/
_ ICQ# 12 767 43 99 _
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Problem with symlinks
This is because of the behavious of certain Office Applications (excel is especially guilty) It will notice that fact that another user owns the file. To rectify this, it will delete the file and re-write it. Because, in this case, you are using a symlink, you are deleting the symlink (the original file stays where it is) and saving the _new file_ the same place you had the symlink. Unfortunately, the only solution can think of is making a symlink to the directory the file is in, so the file itself can me _replaced_ If you use group shares, you will also notice, that windows grants only 700 rights (full user, but no group or world rights). This can be rectified in the smb.conf with the force create mask and force group mask settings. Also, keep in mind, that the DOS Hidden, system and read-only attributes are stored as unix _executable_ fags in the files. If you don't include these flags in your file mask, they will be stripped off. Good luck! -Oorspronkelijk bericht- Van: minnoce [mailto:[EMAIL PROTECTED] Verzonden: woensdag 16 juni 2004 17:55 Aan: [EMAIL PROTECTED] Onderwerp: [Samba] Problem with symlinks I'm using samba 3.0.4 compiled from sources on a linux box (RH 7.3). My smb.conf contains in a share section the setting: follow symlinks = yes In that share I created a symlink to a local file. When I open the symlink from Windows box (the symlink appear as a regular file) I access correctly the target file, but when I editsave the file, sometime the symlink is deleted and a regular file with same name is created in place (as a duplicate of the target file). The behaviour seem's to be Windows specific editor's dependent: using UltraEdit all work fine, using other editors (e.g.: HTMLKit) the duplicated file is created... Why? Thanks in advance... Minnoce -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Overlooked? Windows can't create folders/files with long file names
The message below, from A, Skwar, appeared last summer. Just in case it got overlooked during vacation time, can anyone comment? I have an example as follows: Every profile contains a foldername My Recent Documents which gets changed during a copy to samba disk to Recent!! Many similar problems. Also: Special Folder Icons on the screen get changed to generic folder icons. Curious. RSVP ASAP Thanks. Daniel H. [EMAIL PROTECTED] Supervisor, ACS Lab Technology Academic Computing Services(C631A, MSB)Voice: (973)972-6704 U. of Medicine Dentistry of NJ FAX: (973)972-7412 185 So.Orange Ave., Newark, NJ 07103-2757 ** [Samba] Windows can't create folders/files with long file names Alexander Skwar listen at alexander.skwar.name Tue Jul 8 06:01:01 GMT 2003 Hello! Sometimes I've got the problem, that my Windows XP Pro can't create folders/files with long file names on some shares. However, it's always possible to read existing folders/files with long file names. After restarting Windows and reconnecting the share, the problem normally goes away. At a given point in time, the problem doesn't exist for all users (IOW: some users can create long file names, some can't). Right now, the problem appears most often on a HP-UX 11.00 server with 2.2.5 but sometimes it also appears on a Mandrake 9.1 2.2.7a server. Why is it, that Windows sometimes can't create folders/files with long file names? Thanks, Alexander Skwar -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Modify but not create permissions
I'm not sure if someone answered this already, but NFS incorporates _no security_ whatsoever, so any file you open on the remote server is opened with _root_ permissions, if I recall correctly. That means that, is you require no special authentication on Samba-level, there is no protection at file-level, either. Perhaps you should look into the Valid users Statement Good luck! -Oorspronkelijk bericht- Van: Bill Chmura [mailto:[EMAIL PROTECTED] Verzonden: woensdag 16 juni 2004 9:34 Aan: [EMAIL PROTECTED] Onderwerp: Re: [Samba] Modify but not create permissions So I figured out what the problem was... the local machine did not have my user with the same UID as the server... This is strange for a few reasons... In my fstab file I had always specified the UID and GID to connect as... Which had always worked. Now if it was an outright wrong thing, why did it let me create and stuff in the top of the share... but not in subdirectories. Is this a bug? I installed NFS earlier tonight to share between linux boxes. I still need samba for a few windows boxes so I have that working anyway. Well, I'm glad its working On Tuesday 15 June 2004 06:25 pm, Bill Chmura wrote: I am still trying to figure out why samba wont let me create in subdirectories I've tripple checked everything and a few things leapt out at me. *) I can modify a file inside a directory that I cannot create a file in. I did not know it was possible under linux to do that. *) If I set all perms on 777 I can create. But neither 775 or 755 will allow it. *) When I go into a mount through a terminal, and I do an ls -l I get raw UID numbers back instead of actual owners. Is this normal? I could not remember. The logs show me being accepted as UID 500 which is what the files and directories are owned by I am still baffled by the being able to modify, but not delete or create... Any help would be greatly appreciated at this point! -- Bill Chmura w. http://www.fistfullofcode.com w. http://www.explosivo.com -- Without good motivation, science and technology, instead of helping, bring more fear and threaten global destruction. Compassionate thought is very important for humankind. -His Holiness the Dalai Lama Wisdom does not mean knowledge but experiential understanding. Wisdom helps you to change radically your habits and perceptions, as you discover the constantly changing, interconnected nature of the whole of existence. -Martine Batchelor, Meditation For Life --- -- Bill Chmura Director of Internet Technology Explosivo ITG Wolcott, CT p: 888.560.YWEB (9932) e: [EMAIL PROTECTED] w. http://www.explosivo.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem with sending winpopup messages
Hi There, I'm using Mandrakelinux 10.0 Community, kernel version 2.6 I want to send a message to Windows clients from my Samba 3.0.2a box. Clients are w2k and winxp. If i say in CL $ smbclient -M recipient_machine then recieve error message session request failed. Here the part of debug log: [EMAIL PROTECTED] gri]$ smbclient -M serv -d5 ... ... Sent session request size=1 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 tdb(unnamed): tdb_open_ex: could not open file /var/cache/samba/lang_ru_RU:ru.tdb: Permission denied session request failed [EMAIL PROTECTED] gri]$ - But. When I try send winpopup message to me, all works fine. See the second log. The logs are the same, but not for this parts. - [EMAIL PROTECTED] gri]$ smbclient -M griff -d5 ... ... Sent session request size=0 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 size=37 smb_com=0xd5 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=65535 smb_pid=2713 smb_uid=0 smb_mid=2 smt_wct=1 smb_vwv[0]= 0 (0x0) smb_bcc=0 tdb(unnamed): tdb_open_ex: could not open file /var/cache/samba/lang_ru_RU:ru.tdb: Permission denied Connected. Type your message, ending it with a Control-D - Anybody can help me. Best regards Griff sorry but my english isn't so good -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba over PoPToP
I have a remote user connecting to a VPN using PoPToP running on RH7.2. He can connect from his Win98 PC fine and telnet into the server. He used to be able to print to his remote printer using samba. I could use smbclient -L pcname -I ipaddress and list the shares. Now when I issue this command I get (Not listening on called name). The name of the PC is the same as ever. I am assigning the same IP. Any idea what is broken? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] wbinfo - Missing Domain Groups
Has anybody found that the 'wbinfo' command does not list all groups in a Windows domain? Here's what's in my playground: Windows 2000 Server SP4 PDC RH 9 (2.4.20-6) OpenSSL 3.8p1 MIT Kerberos 1.3.3 Samba 3.0.4 --begin 'smb.conf' snip- winbind separator = . idmap uid = 1-2 idmap gid = 1-2 winbind enum users = yes winbind enum groups = yes security = ads password server = * ; passdb backend = tdbsam --end 'smb.conf' snip- As you can see, I have Samba (winbind, really) configured to enumerate users and groups. However, when I run 'wbinfo -g' the output does not show all of my Windows groups. Neither does 'getent group'. I'm looking for something in the Windows/domain configuration but haven't found anything yet. This is hindering me from deploying a Samba file server as some of those 'missing' groups own sensitive directories on our aging (Windows) file server. Anyone have any ideas? ry -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Modify but not create permissions
Yeah, I have a valid users statement. From what I can tell the uid and gid on the mount were being ignored by the server, which had a different uid than my local machine. For what I am doing, the nfs security (which is not much) is good enough. I have most mounted read only, and some others limited by IP. I know that can be spoofed, but its a private lan with only a few users that if they wanted to could trounce the box anyway. I have just found that bug with homesite breaking on 3.0.4, so maybe my other problem is also a bug. Who knows. Thanks for the feedback anyway On Thursday 17 June 2004 05:15 pm, Kit Gerrits wrote: I'm not sure if someone answered this already, but NFS incorporates _no security_ whatsoever, so any file you open on the remote server is opened with _root_ permissions, if I recall correctly. That means that, is you require no special authentication on Samba-level, there is no protection at file-level, either. Perhaps you should look into the Valid users Statement Good luck! -Oorspronkelijk bericht- Van: Bill Chmura [mailto:[EMAIL PROTECTED] Verzonden: woensdag 16 juni 2004 9:34 Aan: [EMAIL PROTECTED] Onderwerp: Re: [Samba] Modify but not create permissions So I figured out what the problem was... the local machine did not have my user with the same UID as the server... This is strange for a few reasons... In my fstab file I had always specified the UID and GID to connect as... Which had always worked. Now if it was an outright wrong thing, why did it let me create and stuff in the top of the share... but not in subdirectories. Is this a bug? I installed NFS earlier tonight to share between linux boxes. I still need samba for a few windows boxes so I have that working anyway. Well, I'm glad its working On Tuesday 15 June 2004 06:25 pm, Bill Chmura wrote: I am still trying to figure out why samba wont let me create in subdirectories I've tripple checked everything and a few things leapt out at me. *) I can modify a file inside a directory that I cannot create a file in. I did not know it was possible under linux to do that. *) If I set all perms on 777 I can create. But neither 775 or 755 will allow it. *) When I go into a mount through a terminal, and I do an ls -l I get raw UID numbers back instead of actual owners. Is this normal? I could not remember. The logs show me being accepted as UID 500 which is what the files and directories are owned by I am still baffled by the being able to modify, but not delete or create... Any help would be greatly appreciated at this point! -- Bill Chmura w. http://www.fistfullofcode.com w. http://www.explosivo.com -- Without good motivation, science and technology, instead of helping, bring more fear and threaten global destruction. Compassionate thought is very important for humankind. -His Holiness the Dalai Lama Wisdom does not mean knowledge but experiential understanding. Wisdom helps you to change radically your habits and perceptions, as you discover the constantly changing, interconnected nature of the whole of existence. -Martine Batchelor, Meditation For Life --- -- Bill Chmura Director of Internet Technology Explosivo ITG Wolcott, CT p: 888.560.YWEB (9932) e: [EMAIL PROTECTED] w. http://www.explosivo.com -- Bill Chmura w. http://www.fistfullofcode.com w. http://www.explosivo.com -- Without good motivation, science and technology, instead of helping, bring more fear and threaten global destruction. Compassionate thought is very important for humankind. -His Holiness the Dalai Lama Wisdom does not mean knowledge but experiential understanding. Wisdom helps you to change radically your habits and perceptions, as you discover the constantly changing, interconnected nature of the whole of existence. -Martine Batchelor, Meditation For Life --- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba and USB Drive
I have posted this 2 other times and it never seems to get a reply. Simple problem, I think. I have a Max Attach USB drive connected to the linux box. I have mounted the drive and can read and write to it from the linux box without issue. When I mount it in samba and try to access it via a windows machine it asks for the password to the Guest account. Does anybody know why? How to correct? Please somebody reply, even just to let me know that at least this message is reaching the list! -Phillip -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] configuring samba-LDAP-PDC using IDEALX tools
I am using smbldap-tool from IDEALX on my Fedora Core 1 samba 3.0.5 PDC. I have been following their guide step by step and I am getting the following error message as I try to get SID. I have looked in google group, but I couldn't exactly find anybody who had the same problem as I do. Please help me if you can! [EMAIL PROTECTED] smbldap-tools]# net getlocalsid [2004/06/17 10:53:57, 0] lib/smbldap.c:smbldap_open_connection(624) Failed to issue the StartTLS instruction: Connect error [2004/06/17 10:53:57, 0] lib/smbldap.c:smbldap_search_suffix(1126) smbldap_search_suffix: Problem during the LDAP search: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (Connect error) [2004/06/17 10:53:57, 0] utils/net.c:net_getlocalsid(434) Can't fetch domain SID for name: PDC-WBC From 'smb.conf' I took out the following line: .. ldap ssl = start tls . This is what I got: [EMAIL PROTECTED] smbldap-tools]# net getlocalsid [2004/06/17 11:03:36, 0] lib/smbldap.c:smbldap_connect_system(798) failed to bind to server with dn= cn=Manager,dc=pdc,dc=wbc Error: Invalid credentials [2004/06/17 11:03:36, 0] lib/smbldap.c:smbldap_search_suffix(1126) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Invalid credentials) [2004/06/17 11:03:36, 0] utils/net.c:net_getlocalsid(434) Can't fetch domain SID for name: PDC-WBC It doesn't even let me login to the server if I enable LDAP authentication: I use 'authconfig' I have also tried this [EMAIL PROTECTED] root]# smbldap-passwd administrator No such object at /usr/sbin//smbldap_tools.pm line 189, DATA line 283. Thanks! Ambex - Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: RE : Link problems with V2.2.8
Thank you for your reply on Tuesday, but installing the CRTL patch (V4 for Alpha VMS V7.2.1) hasn't solved my link problems, and the same two symbols are still undefined. I've rebooted after installing the patch and its many and voluminous dependencies (CLIUTL, FIBRE_SCSI, LAN, MOUNT96, PCSI, SYS and UPDATE), yet have made no progress with Samba. I'm not discouraged yet - Samba is too appealing an alternative to ftp - and would welcome any other suggestion. COLLOT Jean-Yves wrote: No, you can't ignore those link messages. Samba won't work. Please download from HP and install the latest available CRTL patch kit for your VMS version, and it should be OK to link and run Samba. JY -Message d'origine- De : Leo Klein [mailto:[EMAIL PROTECTED] Envoyé : mardi 15 juin 2004 12:26 À : [EMAIL PROTECTED] Objet : Link problems with V2.2.8 I'm having a problem linking version 2.2.8: there are many messages about two undefined symbols. I don't suppose I can ignore them and go ahead with the produced .exe files as though all is well. I'm using two files downloaded yesterday from http://www.pi-net.dyndns.org/anonymous/jyc/ and dated 10-May-2004; they are samba-2_2_8-src.zip and samba-2_2_8-obj.zip. I don't have the Dec C compiler. $ @link Linking SMBD %LINK-W-NUDFSYMS, 2 undefined symbols: %LINK-I-UDFSYM, DECC$GXSNPRINTF %LINK-I-UDFSYM, DECC$GXVSNPRINTF %LINK-W-USEUNDEF, undefined symbol DECC$GXSNPRINTF referenced in psect $LINK$ offset %X06A0 in module SERVER file DKB400:[SAMBA228.SOURCE.SMBD]SERVER.OBJ;2 %LINK-W-USEUNDEF, undefined symbol DECC$GXVSNPRINTF referenced in psect $LINK$ offset %X00A0 in module DEBUG file DKB400:[SAMBA228.SOURCE.BIN]SAMBA.OLB;3 and so on. There was a similar problem with a different PRINTF symbol in September 2002, and Jean-Yves fixed it. PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
Re: RE : Link problems with V2.2.8
Leo Klein wrote: $ @link Linking SMBD %LINK-W-NUDFSYMS, 2 undefined symbols: %LINK-I-UDFSYM, DECC$GXSNPRINTF %LINK-I-UDFSYM, DECC$GXVSNPRINTF Several of the newer xxxSNPRINTF variants are not in the older CRTL and are being added to the newer versions. For older CRTLs, you must supply replacement routines. When supplying the replacement routine for a standard C library, it must not have the same public symbol name as the routines, as this will cause problems. Some of these problems will be visible at link time, some will not, and may take quite a bit of effort to find why the code is malfunctioning. The GXSNPRINTF and GXVSNPRINTF calls can be generated by the compiler for a variety of public C RTL routines depending on your optimization settings, so you have to look at the source modules. It should not be hard to write replacement routines, and likely they are already present in the SAMBA code, and a change to config.h will make them active. For example, a missing VSNPRINTF routine would be replaced with a routine named rep_vsnprintf, or samba_vsnprintf, or my_vsnprintf. In the config.h there would be an option: #define HAVE_VSNPRINTF or #undef HAVE_VSNPRINTF Depending on if your platform supports that call. In one of the header files, or in the modules that use vsnprintf(), there would be the following conditional code, or something similar. #ifndef HAVE_VSNPRINTF #define vsnprinf samba_vsnprinf #endif If you need to supply your own replacement routine, then the above conditional code would be put in the CONFIG.H file to minimize edits to the common UNIX SAMBA code. And even though it seems to be an easy thing to do, do not ever name the replacement routine the same as a standard C library function. A good optimizing C complier knows about many of the library routines and will in line them, so if you are trying to change the behavior of a standard function, the compiler may not realize that, and inline the standard function. Also the link time substitution of user supplied routines covering up system libraries only works reliably on platforms that do not use shared images for their libraries. People who do not heed the above warning usually end up with others that try to build their code posting on comp.os.vms trying to find out why they are getting weird build errors after an OpenVMS upgrade or C RTL ECO. Anything that is using standard C function names for their own public symbols is virtually guaranteed to eventually not build on OpenVMS. And several people have posted on the SAMBA Technical list for various UNIX platforms that have the same problem when SAMBA did the same thing. -John [EMAIL PROTECTED] Personal Opinion Only PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r1174 - branches/SAMBA_4_0/source/build/pidl
Author: tpot Date: 2004-06-17 12:12:26 + (Thu, 17 Jun 2004) New Revision: 1174 Modified: branches/SAMBA_4_0/source/build/pidl/eparser.pm Log: Remove $var_prefix parameter for all functions. We don't need it for ethereal. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1174nolog=1
svn commit: samba r1175 - branches/SAMBA_3_0/source/auth
Author: vlendec Date: 2004-06-17 12:23:00 + (Thu, 17 Jun 2004) New Revision: 1175 Modified: branches/SAMBA_3_0/source/auth/auth_util.c Log: Nowadays we actually do have local groups, so add the corresponding SIDs to the NT token we build. Thanks to Guenther Deschner [EMAIL PROTECTED]. Volker WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1175nolog=1
svn commit: samba r1176 - trunk/source/auth
Author: vlendec Date: 2004-06-17 12:25:05 + (Thu, 17 Jun 2004) New Revision: 1176 Modified: trunk/source/auth/auth_util.c Log: Nowadays we actually do have local groups, so add the corresponding SIDs to the NT token we build. Thanks to Guenther Deschner [EMAIL PROTECTED]. Volker WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1176nolog=1
svn commit: samba r1177 - trunk/source/nsswitch
Author: vlendec Date: 2004-06-17 16:22:10 + (Thu, 17 Jun 2004) New Revision: 1177 Modified: trunk/source/nsswitch/wb_client.c trunk/source/nsswitch/winbindd_dual.c trunk/source/nsswitch/winbindd_nss.h Log: Some more work on new winbind WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1177nolog=1
svn commit: samba r1178 - trunk/source
Author: jra Date: 2004-06-17 21:23:51 + (Thu, 17 Jun 2004) New Revision: 1178 Modified: trunk/source/configure.in Log: Start of system keytab merge. Config tests. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1178nolog=1
svn commit: samba r1179 - branches/SAMBA_3_0/source
Author: jra Date: 2004-06-17 21:23:56 + (Thu, 17 Jun 2004) New Revision: 1179 Modified: branches/SAMBA_3_0/source/configure.in Log: Start of system keytab merge. Config tests. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1179nolog=1
svn commit: samba r1180 - branches/SAMBA_3_0/source/libads
Author: jra Date: 2004-06-17 21:39:51 + (Thu, 17 Jun 2004) New Revision: 1180 Added: branches/SAMBA_3_0/source/libads/kerberos_keytab.c Log: New file - basis of new system keytab code. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1180nolog=1
svn commit: samba r1181 - trunk/source/libads
Author: jra Date: 2004-06-17 21:39:55 + (Thu, 17 Jun 2004) New Revision: 1181 Added: trunk/source/libads/kerberos_keytab.c Log: New file - basis of new system keytab code. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1181nolog=1
svn commit: samba r1182 - branches/SAMBA_3_0/source/libads
Author: jra Date: 2004-06-17 23:07:20 + (Thu, 17 Jun 2004) New Revision: 1182 Modified: branches/SAMBA_3_0/source/libads/kerberos_keytab.c Log: Partial re-write of keytab code to clean up, remove memory leaks etc. Work in progress ! It seems the krb5 interfaces are so horrible it's impossible to write good error checking code :-(. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1182nolog=1
svn commit: samba r1183 - branches/SAMBA_3_0/source/libads
Author: jra Date: 2004-06-18 00:24:53 + (Fri, 18 Jun 2004) New Revision: 1183 Modified: branches/SAMBA_3_0/source/libads/kerberos_keytab.c Log: Updates to the code cleanup so I don't lose my changes... Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1183nolog=1
svn commit: samba r1184 - branches/SAMBA_3_0/source/libads
Author: jra Date: 2004-06-18 02:07:42 + (Fri, 18 Jun 2004) New Revision: 1184 Modified: branches/SAMBA_3_0/source/libads/kerberos_keytab.c Log: Keep latest changes... not compilable yet. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1184nolog=1
svn commit: samba-web r103 - trunk
Author: vance Date: 2004-06-18 02:34:38 + (Fri, 18 Jun 2004) New Revision: 103 Modified: trunk/team.html Log: Add myself to the list of team members. You're going to have to poke me with a sharp object to get me to welcome myself. Vance WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=103nolog=1
