[Samba] Read list/write list users - only given read access
Hi all! A question regarding rights assigned based on read/write list user membership. The doc says: write list (S) This is a list of users that are given read-write access to a service. If the connecting user is in this list then they will be given write access, no matter what the read only option is set to. The list can include group names using the @group syntax. Note that if a user is in both the read list and the write list then they will be given write access. BUT (!)? If I have a user listed in Valid users, read list and write list That user IS NOT ALLOWED TO WRITE to a share, only read! Removing him from the READ LIST solves the problem. Is THE DOC wrong? Thanks all in advance! I just want to make it clear. P.S. If a user NOT listed in VALID USERS BUT listed in write list - I assume he should not be able to connect to a share. Is that correct ? Sincerely yours, Mike -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
abebe lsslp [EMAIL PROTECTED] 30.07.2004 01:35 To: [EMAIL PROTECTED] cc: Subject:Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED Hey Christian, Thanks for your response and your willingness to help me out! However, I am so excited to tell you that I have been able to join the domain for right now. As you said, commenting out root=administrator in '/etc/samba/smbusers' and then 'smbpasswd -a administrator' fixed the problem. #nss_base_passwd ou=People,dc=icw,dc=com?sub # uncomment when usin NIS #nss_base_shadow ou=People,dc=icw,dc=com?sub # uncomment when using NIS :)) Don't you have to have the n 'nss_base_shadow'? Only when your using NIS. The problem is when joining Machine to Domain samba searches in ou=Peolple because of nss_base_shadow|passwd And I read this in the smbldap-tools Mailinglist (www.idealx.org) nss_base_group ou=Groups,dc=icw,dc=com?sub nss_base_hosts ou=Machines,dc=icw,dc=com?sub What version did the samba team fix the ou= Machines for hosts? I started manage LDAP with LAM and there are Machines and not Computers so I stayed on Machines. Now I make quick mods on LDAP with phpMyLDAPAdmin it's great. I will contact you if I have trouble with this as I configure Samba+LDAP on the production box. OK Thanks again, Ambex Chris Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind + ext3 ACLs
You don't care, 'cos your server is working with ldap. If your server do by ldap, you will modify only /etc/nsswitch.conf like that: file /etc/nsswitch.conf passwd: files ldap winbind group: files ldap winbind shadow: files ldap winbind The system is going to search users in /etc/passwd, then ldap db, then winbind (in other domains). 'winbind trusted domains only = yes' will give you a way to map domain users from local users, 'cos the ; so ldap will search the users in ldap db. Don't forget: your shares must have 'profile acls = no'. I do hope my explanation make clear your question. u. Il ven, 2004-07-30 alle 00:36, Sean Kennedy ha scritto: Umberto Zanatta wrote: You should set up smb.conf like that: winbind trusted domains only = yes winbind use default domain = no When you change acl in files server, you will do: setacl -m u:skennedy:rwx,d:u:skennedy:rwx vattelapesca.doc u. I am so confused. :) I tried it out on my test server, and your advice worked flawlessly! Then...I tried it on my work server, and it failed, displaying the domains as well. So then, after I fixed that, I checked out the man page, and found this: winbind trusted domains only (G) This parameter is designed to allow Samba servers that are mem- bers of a Samba controlled domain to use UNIX accounts dis- tributed via NIS, rsync, or LDAP as the uids for winbindd users in the hosts primary domain. Therefore, the user DOMAIN\user1 would be mapped to the account user1 in /etc/passwd instead of allocating a new uid for him or her. Default: winbind trusted domains only = no Given my setup, I have no users in /etc/passwd, beyond what the system is installed with, so it shouldn't have worked, even on my test system. I mean, if that's what I need to do, then that's what i need to do, but I want to understand what this is doing before I jump into it. :) Thank you for your help thus far! Sean Il gio, 2004-07-29 alle 23:06, Sean Kennedy ha scritto: /Hi folks, For the longest time, I've had a problem changing or modifying ACLs from my window clients. Whenever I tried, I'd get this in the logs: [2004/07/29 12:36:26, 0] smbd/posix_acls.c:create_canon_ace_lists(823) create_canon_ace_lists: unable to map SID S-1-5-21-1292428093-651377827-x-1333 to uid or gid. I could change the ACLs using getfacl/setfacl, btw. After a little investigation, I think I've found the problem. I'm using winbind here, but I'm using this option: winbind use default domain = yes Which, for the sake of completeness, strips out domain info out of the username. So instead of `BOCA/skennedy`, it comes out as `skennedy`. This is where I think my problem is. Using wbinfo, I resolved that SID to BOCA/skennedy, who happens to be a completely different user name. My question is this: Does my logic seem correct to everyone else? Is there anything else I should be looking at? Further, does anybody have a solution to this problem? This server is also a web/email server for the intranet, and I am trying to avoid setting up a new server ( we have 4 going already, mainly for window crap ) if at all possible. Any help is greatly apprecaited. Sean/ ___ Umberto Zanatta linuxDidattica tel: +39 (335) 54 71 385 email: [EMAIL PROTECTED] web: http://linuxdidattica.org ___ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba3 - LDAP - USRMGR.EXE
Jim C. [EMAIL PROTECTED]
29.07.2004 21:09
To: [EMAIL PROTECTED]
cc:
Subject:Re: [Samba] Re: Samba3 - LDAP - USRMGR.EXE
It may have been fixed but in 3.0.2a there is a bug having to do with
the users OU. Due to this bug, we have to put users and machines in the
same OU. Can't wait till they fix that one.
I'm using 3.0.4.
And it works fine for me with two OU's, ou=Machines and ou=People
Chris
Jim C. [EMAIL PROTECTED]
Sent by:
[EMAIL PROTECTED]
28.07.2004 18:05
To: [EMAIL PROTECTED]
cc:
Subject:[Samba] Re: Samba3 - LDAP - USRMGR.EXE
Post your add user script line from smb.conf
You might be missing a flag or something.
add user script = smbldap-useradd -m %u
My line in was correct but /etc/ldap.conf was not.
The problem was that LDAP searches the Machine in ou=People but it
should
search in ou=Machines.
So I had to modifiy /etc/ldap.conf as following
---snip
# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be 'd with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd ou=People,
# to append the default base DN but this
# may incur a small performance impact.
#nss_base_passwdou=People,dc=icw,dc=com?sub
#nss_base_shadowou=People,dc=icw,dc=com?sub
nss_base_group ou=Groups,dc=icw,dc=com?sub
nss_base_hosts ou=Machines,dc=icw,dc=com?sub
I needed to comment nss_base_passwd, nss_base_shadow ( not using NIS ,
Jerome Tournier)
Now it works without any problems
Thanks
Christian
--
-
| I can be reached on the following Instant Messenger services: |
|---|
| MSN: [EMAIL PROTECTED] AIM: WyteLi0n ICQ: 123291844 |
|---|
| Y!: j_c_llings Jabber: [EMAIL PROTECTED]|
-
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] move samba file and print shares
Hello, Am Donnerstag, 29. Juli 2004 17:26 schrieben Sie: Thanks Odi I have no LDAP running, authentication is all through the 2003 AD server, do any users details get stored on the samba box (ie winbind tdbs)? The windows user to unix user mappings are stored in the winbind tdb(s). If you take the disk, which already contains data with user-mappings and you don't move your winbind.tdb, those mappings will be lost and the newly creating mapping will be not the same as on the other box. e.g. file blabla was owned by user testuser1(mapped unix id 10001), on the new box, the owner will be e.g. testuser15 (new mapped unix id 10001). This is because if you are using winbind, the unix user id will be generated at runtime if it is not already in the winbind.tdb (or LDAP), so if you plan to implement more than one member server, its better to migrate the idmapping to an ldap backend, then the windows user will have the same unix user id on all member server and a transfer of data-only disk will be no problem. regards odi Manfred Odenstein wrote: Hello, Am Donnerstag, 29. Juli 2004 15:47 schrieb Hamish: Hello all Is this possible?: samba3.0.3pre2 running as domain member with winbind, acls on reiser providing file security this is all on a seperate disk mounted as 'data1' you have to check, if your ReiserFS implementation supports ACL Could I take this disk, put it in a new box, mount it again as data1, then copy the old smb.conf over to the new box? (I would also join the domain with the same name as the old box) 1.) My proposal is only a suggestion with no working waranty :-), maybe another will post the right way 2.) if you use LDAP for you id mapping, it should work, you also have to transfer the winbind tdb(s) (should be located in /var/lib/samba/ to the new box. Maybe it's better to transfer the whole directory (/var/lib/samba) and also the security tdb(s), located elsewhere (distribution dependent), then its not nescessary to join the domain again, then you have all your printer default settings, drivers, and so on. regards odi Thanks in advance, H -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Upgrade question - please be gentle! - failed dependencies?
Lat night I removed samba 3.0.3pre2 from the suse 9.0 box, then tried to install 3.0.5 from rpms from the suse ftp mirror on mirror.ac.uk - I had a lot of failed dependencies with it: error: Failed dependencies: liblber.so.199 is needed by samba-3.0.5-0.1 libldap.so.199 is needed by samba-3.0.5-0.1 libpopt.so.0 is needed by samba-3.0.5-0.1 liblber.so.199 is needed by samba-client-3.0.5-0.1 libldap.so.199 is needed by samba-client-3.0.5-0.1 libpopt.so.0 is needed by samba-client-3.0.5-0.1 liblber.so.199 is needed by samba-winbind-3.0.5-0.1 libldap.so.199 is needed by samba-winbind-3.0.5-0.1 libpopt.so.0 is needed by samba-winbind-3.0.5-0.1 samba conflicts with samba3-3.0.5-1 samba-client conflicts with samba3-client-3.0.5-1 samba-client conflicts with samba3-winbind-3.0.5-1 After hunting through google to try and find what provides these and just ending up with source code, I gave up and reinstalled 3.0.3pre2 from suse rpms, this did not comlain of any dependencies and (seemed to) install perfectly. I had to change the smb.conf, but otherwise everything seemed the same. This morning, people cannot print to its printers (access denied) and the samba log is full of this: [2004/07/30 09:58:35, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. [2004/07/30 09:58:35, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. [2004/07/30 09:58:35, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. [2004/07/30 09:58:35, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. [2004/07/30 09:58:35, 0] rpc_server/srv_lsa_hnd.c:create_policy_hnd(111) create_policy_hnd: ERROR: too many handles (1025) on this pipe. Once again, google returns nothing useful. I have no clue what this could be about, any help welcome! Thanks H Craig White wrote: On Thu, 2004-07-29 at 09:34, Hamish wrote: Thanks Craig, Will it work if I remove samba 3.0.3 completely (rpm -e) and then install 3.0.5? Craig White wrote: This is an act of pure desperation and nothing that I could ever in good conscience suggest to someone. Not charming doesn't begin to describe the consequences that may occur. --- that is what I would do if it were me Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] MailMonitor for Exchange has processed a suspicious mail[Scanned]
A mail sent by you has been identified as suspicious by MailMonitor for Exchange. Event: infection Action: Message quarantined Message ID: [EMAIL PROTECTED] Message subject:unknown Recipient: [EMAIL PROTECTED] [EMAIL PROTECTED] = Attachment information: Event: infection Action: Unable to disinfect Filename: talk.zip Virus: W32/Netsky-B = Attachment information: Event: infection Action: Unable to disinfect Filename: talk.zip Virus: W32/Netsky-B = -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] PDC ACL's
hi, i want to use samba 3.0.5 as PDC for w98, w2k, XP with windows acl's. so, i've a few questions: - is there a comprehensive doc describing this (i know the std. samba docs) - do i need a filesystem supporting acl's (xfs) to get this ? if the server is used by win clients only. (no nfs) - if i need a special fs, which one is to be prefered ? TIA -- Matthias Henze[EMAIL PROTECTED] Use PGP!! http://www.mhcsoftware.de/MatthiasHenze.asc - - - - - - - - - - - - - - - - - - - - - - - - - - - - MHC SoftWare GmbH voice: +49-(0)9533-92006-0 Fichtera 17 fax: +49-(0)9533-92006-6 96274 Itzgrund/Germanye-Mail: [EMAIL PROTECTED] - - - - - - - - - - - - - - - - - - - - - - - - - - - - pgplg6n7G95RF.pgp Description: PGP signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] XP does not join domain
Hi, i think this DNS-fixes weren't a good idea. These entrys are generated by ADS (AKA win2kx) servers to tell the other windows-machines where to get the info's for ADS. samba can't do ADS stuff at the moment, so you don't want these info's in your DNS. They only confuse the clients about the environment the live in. If your xp-client complains about these entry's missing, then there is something seriously wrong either with this client or with the way you try to join it to your domain. Christoph [EMAIL PROTECTED] schrieb: hi, i've the following problem: i want a XP pro sp1 to join my samba (3.0.5) domain (MHC). with my first try it complained that it could not resolve: _ldap._tcp.dc._msdcs.MHC i've fixed this with the following DNS setup: -- _ldap._tcp.MHC. 600 IN SRV 0 100 389 server.MHC. _ldap._tcp.Default-First-Site-Name._sites.MHC. 600 IN SRV 0 100 389 server.MHC. _ldap._tcp.pdc._msdcs.MHC. 600 IN SRV 0 100 389 server.MHC. _ldap._tcp.gc._msdcs.MHC. 600 IN SRV 0 100 3268 server.MHC. _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.MHC.600 IN SRV 0 100 3268 server.MHC. gc._msdcs.MHC. 600 IN A 192.168.100.100 _kerberos._tcp.dc._msdcs.MHC. 600 IN SRV 0 100 88 server.MHC. _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.MHC.600 IN SRV 0 100 88 server.MHC. _ldap._tcp.dc._msdcs.MHC. 600 IN SRV 0 100 389 server.MHC. _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.MHC.600 IN SRV 0 100 389 server.MHC. _kerberos._tcp.MHC. 600 IN SRV 0 100 88 server.MHC. _kerberos._tcp.Default-First-Site-Name._sites.MHC. 600 IN SRV 0 100 88 server.MHC. _gc._tcp.MHC. 600 IN SRV 0 100 3268 server.MHC. _gc._tcp.Default-First-Site-Name._sites.MHC.600 IN SRV 0 100 3268 server.MHC. _kerberos._udp.MHC. 600 IN SRV 0 100 88 server.MHC. _kpasswd._tcp.MHC. 600 IN SRV 0 100 464 server.MHC. _kpasswd._udp.MHC. 600 IN SRV 0 100 464 server.MHC. MHC. 600 IN A 192.168.100.100 -- i do not use ldap or kerberos by now. i've apllied the XP reg patches. now, i get the following (german, sorry) message: -- Hinweis: Diese Informationen sind für einen Netzwerkadministrator bestimmt. Wenden Sie sich an den Netzwerkadministrator, wenn Sie kein Netzwerkadministrator sind, und leiten Sie die Informationen in der Datei C:\WINDOWS\debug\dcdiag.txt weiter. Der Domänenname MHC ist möglicherweise ein NetBIOS-Domänenname. Sollte dies der Fall sein, stellen Sie sicher, dass der Name bei WINS registriert ist. Wenn Sie sicher sind, dass es sich nicht um einen NetBIOS-Domänennamen handelt, können folgende Information bei der Fehlersuche in der DNS-Konfiguration behilflich sein: Die DNS-Abfrage über den Ressourceneintrag der Dienstidentifizierung (SRV), der zur Suche eines Domänencontrollers für die Domäne MHC verwendet wird, wurde ordnungsgemäß abgeschlossen: Die Abfrage war für den SRV-Eintrag für _ldap._tcp.dc._msdcs.MHC Die folgenden Domänencontroller wurde von der Abfrage identifiziert: server.mhc Die häufigsten Ursachen dieses Fehlers sind: - Host (A)-Einträge, die den Namen des Domänencontroller dessen IP-Adressen zuordnen, fehlen oder enthalten nicht die richtigen Adressen. - Die in DNS registrierten Domänencontroller verfügen nicht über eine Netzwerkverbindung oder werden nicht ausgeführt. Klicken Sie auf Hilfe, um weitere Informationen über die Fehlerbehebung zu erhalten. -- server.mhc IS resolvable. even from this XP. i've started a tcpdump on the samba server. and while i try to join the domain i do not see a single packate origination form the XP machine. due to this here are no samba log's. it even does not try to connect to the samba server. there is no firewall etc. installed on the XP. when i do local auth and the try to connect to samba every thing works as expected. any suggestions ? TIA matthias -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Quota on Share
Hi all, I've been banging my head against smbcquota with no results, other than a major headache, and i've not been able to find any info ( maybe looking in the wrong places). Issuing smbcquotas -vv -d 2 //masterdc/admin -F -U Administrator returns: File System QUOTAS: Limits: Default Soft Limit:NO LIMIT Default Hard Limit:NO LIMIT Quota Flags: Quotas Enabled: Off Deny Disk: Off Log Soft Limit: Off Log Hard Limit: Off Whenever I issue smbcquotas -vv -d 2 //masterdc/admin --set FSQFLAGS:QUOTA_ENABLED -U Administrator I get NT_STATUS_UNSUCCESSFUL cli_set_fs_quota_info The file system is Ext3 with ACL's and Quota's This is my smb.conf: [global] dos charset = 860 unix charset = ISO8859-1 workgroup = xxx server string = MASTER DC interfaces = eth0 min passwd length = 3 passdb backend = ldapsam:ldap://xxx.yyy.www.zzz username map = /etc/samba/smbusers log level = 3 log file = /var/log/samba/log.%m max log size = 10 name resolve order = wins lmhosts bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 add user script = /usr/local/sbin/smbldap-useradd -m %u add group script = /usr/local/sbin/smbldap-groupadd -p %g add user to group script = /usr/local/sbin/smbldap-groupmod -m %u %g delete user from group script = /usr/local/sbin/smbldap-groupmod -x %u %g set primary group script = /usr/local/sbin/smbldap-usermod -g %g %u add machine script = /usr/local/sbin/smbldap-useradd -w %u logon path = logon home = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins proxy = Yes wins support = Yes ldap suffix = dc=xxx,dc=xxx ldap machine suffix = ou=Computers ldap user suffix = dc=users ldap group suffix = ou=Groups ; ldap idmap suffix = ou=Idmap ldap admin dn = cn=xxx,ou=xxx,dc=xxx,dc=xxx ldap ssl = no ldap passwd sync = Yes remote announce = xxx.yyy.www.zzz remote browse sync = xxx.yyy.www.zzz ; idmap uid = 1000-1 ; idmap gid = 1000-1 admin users = '@Domain Admins', root [netlogon] path = /dados/netlogon/ guest ok = Yes [admin] path = / valid users = '@Domain Admins' write list = '@Domain Admins' read only = No writable = yes nt acl support = yes [users] path = /dados/Users/DSII valid users = '@Domain Users', '@Domain Admins' writable = yes All help is welcome. Bruno Guerreiro -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2 Server's over VPN
Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Access Denied
In article [EMAIL PROTECTED], Bill Mann wrote: I enabled wins32 and put the line server =2.0 and it works! Try it! Bill Mann The Benefits Office CONFIDENTIALITY NOTICE: This e-mail (including attachments), is covered by the Electronic Communications Privacy Act, §§ 2510-2521 and is confidential. The information contained in this message and the accompanying documents is confidential information that is legally privileged and intended only for the use of the above-named recipient. If the reader of this message is not the named recipient or an employee or agent responsible for delivering the telecopy to the named recipient, please notify us immediately to arrange for the return of the original documents to us. You are hereby notified that any review, disclosure, copying, distribution, or the taking of any action in reliance on the contents of this information is strictly prohibited. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vermyndax Sent: Monday, July 26, 2004 12:42 AM To: [EMAIL PROTECTED] Subject: Re: [Samba] Access Denied Bill Mann wrote: Samba 3.0.5 on Unix. I can map to the share but Access is denied. I've configured the share so this would not happen. Any ideas? This started happening to me as of 3.0.4, and I never found a solution. Now I'm trying to mount via cifs, but getting missing or invalid username even though I'm using the correct credentials file. :( The last good version of Samba that worked for me was 3.0.2a. Let me see if I understand you correctly. After upgrading to samba 3.0.5, you get Access denied errors on your clients (XP?) when for example saving documents to the mapped drive? This started to happen randomly on our XP-clients after Redhat's up2date updated samba from 3.0.2-6.3E to 3.0.4-6.3E. Rolling back to 3.0.2-6.3E solved the problem. I am having a hard time reproducing this on our test-servers, and I really don't want to try it out again on the production-servers... Could you please be more specific on your solution. Is it something on the client? smb.conf? Thanks, Sten Sletbak Oslo University College -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2 Server's over VPN
it depends on VPN bandwidth. you might also user RDP over VPN we use something like that, w2k3 server is samba domain member, and also it is RDP server Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
The problem is that there are some users ho have 1 GB or more profiles The bandwidth isnt that good Outlook PST is the main problem -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Ursprüngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 + LDAP as PDC join domain problem
Jacky C.K Tsoi wrote: Hi all, I've setup Samba 3.0.5 + OpenLDAP (ldapsam) and everything work correctly. However, while my Windows 200x workstation join the domain, I need to join it twice. Here is what I do: 1. Go to Computer properties - Computer Name - Change 2. Enter the new domain name 3. Enter Administrator and password then, it will return me that the user name cannot be found. I've checked the LDAP directory that the computer account is created successfully without any problem. So, I click OK again and enter the Administrator account password again, and it success. How is your network set up with regard to the PDC and your LDAP server(s)? I would guess that when you say the account is created properly that the posix account is created, but that it has no samba attributes, then the second time it adds those attributes to the object. I had a similar issue when I was testing using a local samba PDC and a remote LDAP master with a local slave. The issue was that the replication from master-slave was not happening quick enough for the smbldap-tools script to find the posix account on the local slave when it needed to. I hacked a 2 (or maybe it was 5) second sleep into the add machine account part of the script. If this is what you're seeing I can tell you where I did it. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
I'm from brasil Here the internet isn't very reliable Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
I'm from brasil Here the internet isn't very reliable there are two kinds of connections: 1) fast, dirty cheap and reliable those connections usually called LAN 2) not so fast, not so reliable, not so cheap those connections usually called WAN fileserver protocols like SMB do not work within WAN, they work for LAN only. if you are dealing with 2) you can use http/sql/rdp protocols they were specially designed for WAN connections. in your case you can use rdp. or citrix. samba will not work good over unreliable connections. actually, windows timeouts are somewhat hardcoded. most probably you won't be able to describe your windows workstation to wait for hours for file locking. Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
I´m Going to use the OpenVPN bridge, for the machines is invisble, the bridge allow's broadcast and netbios Do you think i still will have a problem??? What do you suggest??? -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:07 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I'm from brasil Here the internet isn't very reliable there are two kinds of connections: 1) fast, dirty cheap and reliable those connections usually called LAN 2) not so fast, not so reliable, not so cheap those connections usually called WAN fileserver protocols like SMB do not work within WAN, they work for LAN only. if you are dealing with 2) you can use http/sql/rdp protocols they were specially designed for WAN connections. in your case you can use rdp. or citrix. samba will not work good over unreliable connections. actually, windows timeouts are somewhat hardcoded. most probably you won't be able to describe your windows workstation to wait for hours for file locking. Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
I?m Going to use the OpenVPN bridge, for the machines is invisble, the bridge allow's broadcast and netbios Do you think i still will have a problem??? What do you suggest??? if connection is unreliable (from SMB networking point of view :) I suggest to use rdp instead of SMB -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:07 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I'm from brasil Here the internet isn't very reliable there are two kinds of connections: 1) fast, dirty cheap and reliable those connections usually called LAN 2) not so fast, not so reliable, not so cheap those connections usually called WAN fileserver protocols like SMB do not work within WAN, they work for LAN only. if you are dealing with 2) you can use http/sql/rdp protocols they were specially designed for WAN connections. in your case you can use rdp. or citrix. samba will not work good over unreliable connections. actually, windows timeouts are somewhat hardcoded. most probably you won't be able to describe your windows workstation to wait for hours for file locking. Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Server's over VPN
Sorry my ignorance but what is rdp??? what's the diference bettwen smb and rdp??? -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:24 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I?m Going to use the OpenVPN bridge, for the machines is invisble, the bridge allow's broadcast and netbios Do you think i still will have a problem??? What do you suggest??? if connection is unreliable (from SMB networking point of view :) I suggest to use rdp instead of SMB -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:07 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I'm from brasil Here the internet isn't very reliable there are two kinds of connections: 1) fast, dirty cheap and reliable those connections usually called LAN 2) not so fast, not so reliable, not so cheap those connections usually called WAN fileserver protocols like SMB do not work within WAN, they work for LAN only. if you are dealing with 2) you can use http/sql/rdp protocols they were specially designed for WAN connections. in your case you can use rdp. or citrix. samba will not work good over unreliable connections. actually, windows timeouts are somewhat hardcoded. most probably you won't be able to describe your windows workstation to wait for hours for file locking. Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions:
[Samba] Read Write by everyone over network
Hi I have managed to successfully set samba up so that I can access my windows shares from linux and my linux shares from windows, but, when I access my linux shares from windows I cannot write to them. Here is an excerpt from my smb.conf file: [shared] comment = Shared directory on Linux box path = /shared guest ok = yes writeable = yes Why doesn't this work? What should I be doing instead? Thanks in advance Robin --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.732 / Virus Database: 486 - Release Date: 30/07/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2 Server's over VPN
Varjao, Marcio wrote: Sorry my ignorance but what is rdp??? what's the diference bettwen smb and rdp??? If the suggestion here is Remote Desktop Protocol what place does that have in a discussion of file sharing techniques?? For your suggestion, I would suggest using two samba machines, with a network backend such as LDAP. This would ensure that when your connection is down you can still log in and such. There are many finer points, but I'd start down on this road and post back when you have issues. About your client machines, are they mostly desktops or laptops? Point being, do people from office 1 ever/often go to office 2 and vice versa? -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:24 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I?m Going to use the OpenVPN bridge, for the machines is invisble, the bridge allow's broadcast and netbios Do you think i still will have a problem??? What do you suggest??? if connection is unreliable (from SMB networking point of view :) I suggest to use rdp instead of SMB -Original Message- From: Ilia Chipitsine [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 10:07 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN I'm from brasil Here the internet isn't very reliable there are two kinds of connections: 1) fast, dirty cheap and reliable those connections usually called LAN 2) not so fast, not so reliable, not so cheap those connections usually called WAN fileserver protocols like SMB do not work within WAN, they work for LAN only. if you are dealing with 2) you can use http/sql/rdp protocols they were specially designed for WAN connections. in your case you can use rdp. or citrix. samba will not work good over unreliable connections. actually, windows timeouts are somewhat hardcoded. most probably you won't be able to describe your windows workstation to wait for hours for file locking. Sometimes the Net stops and comes back only hours later, the internet providers are the problem What hapens with outlook in the process??? And other files... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ilia Chipitsine Sent: sexta-feira, 30 de julho de 2004 09:52 To: Varjao, Marcio Cc: Samba (E-mail) Subject: RE: [Samba] 2 Server's over VPN The problem is that there are some users ho have 1 GB or more profiles what is content of those profiles ? recently I modified domain policy and after that, for example, Application Data, My Documents and Desktop are not moving across network anymore. They are put on network shares, but they are not anymore parts of roaming profile. The bandwidth isnt that good Outlook PST is the main problem Outlook doesn't have to be part of roaming profile also. for example, you can move outlook.pst out of roaming profile (on \\server\username\outlook-folder) and after you start Outlook, it will not find Outlook.pst ... and it will kindly ask You where can it find outlook.pst yes, that file is damn big, but data transfer across network are not that big when it is used. -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 09:43 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, it should work...but think about the sync for the profiles that you have on each server all profiles -Urspr?ngliche Nachricht- Von: Varjao, Marcio [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 30. Juli 2004 13:51 An: [EMAIL PROTECTED]; Samba (E-mail) Betreff: RE: [Samba] 2 Server's over VPN If i Make a PDC and BDC but use on the profiles sharing local folders on each server will it work??? -Original Message- From: Arno Seidel [mailto:[EMAIL PROTECTED] Sent: sexta-feira, 30 de julho de 2004 08:48 To: Varjao, Marcio Subject: AW: [Samba] 2 Server's over VPN Hi, basicaly depends this on your vpn-connection speed maybe it would be easier to syncronize the profiles on both servers with rsync -Ursprungliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Varjao, Marcio Gesendet: Freitag, 30. Juli 2004 13:40 An: Samba (E-mail) Betreff: [Samba] 2 Server's over VPN Hi, I'm installing a VPN bridge. So the localareas are on the same IP class and we have broadcast And i want on both ends to have a Samba Server what do you recomend??? I'm Using mobile profiles so its better on each end we have its on profile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To
Re: [Samba] Read Write by everyone over network
The shared folder in Linux needs to be writable by the same user you are loggin in as under Samba. In a pinch, as the super user, try: chmod uog+rwx /shared or: chmod 777 /shared To grant all permissions to all users for that folder. You may want to pursue resources on Unix file system permissions and security for ideas on how to better do this in your enviroment (without leaving the directory wide open) On Fri, Jul 30, 2004 at 02:31:03PM +0100, Robin Wilson wrote: Hi I have managed to successfully set samba up so that I can access my windows shares from linux and my linux shares from windows, but, when I access my linux shares from windows I cannot write to them. Here is an excerpt from my smb.conf file: [shared] comment = Shared directory on Linux box path = /shared guest ok = yes writeable = yes Why doesn't this work? What should I be doing instead? Thanks in advance Robin --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.732 / Virus Database: 486 - Release Date: 30/07/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Read Write by everyone over network
Hi, who owns /shared and whatare the permisions on it on the linux-side? Christoph Robin Wilson schrieb: Hi I have managed to successfully set samba up so that I can access my windows shares from linux and my linux shares from windows, but, when I access my linux shares from windows I cannot write to them. Here is an excerpt from my smb.conf file: [shared] comment = Shared directory on Linux box path = /shared guest ok = yes writeable = yes Why doesn't this work? What should I be doing instead? Thanks in advance Robin --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.732 / Virus Database: 486 - Release Date: 30/07/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] nmblookup of client using bcast address fails
Hi, I've been trying unsuccessfully over the past couple of days to get my windows machines to recognize my linux box. I've been working through the troubleshooting guides I can't get the query of the client machine to work using the broadcast address: I have the following 3 machine network: lifebookSUSE192.168.1.100 renegadeWXP 192.168.1.101 maverickW2K 192.168.1.105 lifebook:/var/log/samba # nmblookup -B 192.168.1.255 -d10 renegade Initialising global parameters params.c:pm_process() - Processing configuration file /etc/samba/smb.conf Processing section [global] doing parameter netbios name = LIFEBOOK handle_netbios_name: set global_myname to: LIFEBOOK doing parameter workgroup = @HOME doing parameter server string = Samba %v on host %h, NetBIOS %L doing parameter encrypt passwords = Yes doing parameter guest account = smbguest doing parameter security = share doing parameter log file = /var/log/samba/samba-log.%m doing parameter socket options = IPTOS_LOWDELAY SO_RCVBUF=8182 SO_SNDBUF=8192 doing parameter wins support = yes doing parameter os level = 33 doing parameter domain master = yes doing parameter preferred master = yes doing parameter log level = 3 pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: ROLE_STANDALONE added interface ip=192.168.1.100 bcast=192.168.1.255 nmask=255.255.255.0 bind succeeded on port 0 socket option SO_KEEPALIVE = 0 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 1 Could not test socket option TCP_NODELAY. socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 65535 socket option SO_RCVBUF = 65535 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 Socket opened. querying renegade on 192.168.1.255 Sending a packet of len 50 to (192.168.1.255) on port 137 Sending a packet of len 50 to (192.168.1.255) on port 137 Sending a packet of len 50 to (192.168.1.255) on port 137 name_query failed to find name renegade lifebook:/var/log/samba # I believe the broadcast address of the windows machines are also 192.168.1.255, but how do I confirm this? A ping on the broadcast address only hits the linux machine and the Linksys switch: lifebook:/var/log/samba # ping -b 192.168.1.255 WARNING: pinging broadcast address PING 192.168.1.255 (192.168.1.255) from 192.168.1.100 : 56(84) bytes of data. 64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.090 ms 64 bytes from 192.168.1.1: icmp_seq=1 ttl=150 time=0.665 ms (DUP!) 64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.080 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=150 time=0.635 ms (DUP!) Shouldn't the ping also be hitting the windows machines? Windows IP Config: C:\Documents and Settings\Brian Leonardipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : Renegade Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Local Area Connection 3: Connection-specific DNS Suffix . : attbi.com Description . . . . . . . . . . . : DAVICOM 9102/A PCI Fast Ethernet Adapter Physical Address. . . . . . . . . : 00-03-B3-01-2E-8B Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : No IP Address. . . . . . . . . . . . : 192.168.1.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 204.127.202.4 216.148.227.68 204.127.202.4 Primary WINS Server . . . . . . . : 192.168.1.100 Lease Obtained. . . . . . . . . . : Friday, July 30, 2004 1:01:40 AM Lease Expires . . . . . . . . . . : Saturday, July 31, 2004 1:01:40 AM Thanks for your assistance, Brian -- Brian Leonard Java Enterprise System Sun Microsystems, Inc. http://java.sun.com 408.404.6884 x68134 (Internal) P.S. Please consider donating to a worthy cause and help me fight blood related cancers with the Leukemia Lymphoma Society. Check out http://www.active.com/donate/tntct/kristiandbrian for more details. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Read Write by everyone over network
Hi Robin, Make sure that the directory /shared is writeable by the user you are connecting as: the easiest way to do this is `chmod 777 /shared` (not sure if there is a better permission to put on it, but it works) Hope that helps, H Robin Wilson wrote: Hi I have managed to successfully set samba up so that I can access my windows shares from linux and my linux shares from windows, but, when I access my linux shares from windows I cannot write to them. Here is an excerpt from my smb.conf file: [shared] comment = Shared directory on Linux box path = /shared guest ok = yes writeable = yes Why doesn't this work? What should I be doing instead? Thanks in advance Robin --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.732 / Virus Database: 486 - Release Date: 30/07/04 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining Linux to Windows 2000 domain
Hi Tim Have you edited your /etc/nsswitch.conf file? This needs to be edited if you are running as a domain member server. Look in the documentation if you have problems, but you should be able to edit this file fairly easily. Look for the lines that look like this: passwd: files (winbind) shadow: files group: files (winbind) they should be similar to that (the stuff in brackets is what you should add (without the brackets). Restart winbind and smb and you should be good to go. (Make sure your shares are writeable as well ie your [public] share: as root type `chmod 777 /export/public` - this gives the world read, write and execute on the dir. PS. Try to respond via the samba list, this makes it possible for other people to search (so if someone else has the same problem, they can just search the list - reply all works!) Tim Barone wrote: Hamish, I feel like I'm getting close! I worked on it for a while yesterday and when I tried to access the e2efileserver from windows explorer, I got a Connect to e2efileserver login window. After entering name and password, it just hung, nothing happended. I was reading some documentation on modifying PAM files to allow users to access the Linux box. Do you think this is needed in my case Thanks again for your time and trying to help a beginning Linux user!!! Tim From: Hamish [EMAIL PROTECTED] To: Tim Barone [EMAIL PROTECTED], Samba List [EMAIL PROTECTED] Subject: Re: [Samba] Joining Linux to Windows 2000 domain Date: Thu, 29 Jul 2004 16:12:43 +0100 Hi Tim You might not see the e2efileserver there because you are not running netbios - this is easy to check, just type `/etc/init.d/nmb start`. This will start the netbios daemon and you should then be able to get to your server from windows explorer by \\e2efileserver. You will also need to make sure all those services start when the server reboots (hopefully not too often!), im not too sure how fedora gives a gui to your services, but from a console this should work: `chkconfig --level 35 smb on` repeat this for nmb and winbind (swap nmb etc for smb) - this will make samba winbind and nmb start when the server switches to runlevel 3 or 5 (by default you will be starting in runlevel 5). Since you will be running e2efileserver as a domain member, I think it would be a good idea to also make sure it does not try to win browser elections (i may be wrong, but i saw some strange things happening when my server started trying) you can do this by adding: local master = no and preferred master = no to your smb.conf Hopefully that should give you all you need to run ;) H Tim Barone wrote: Hamish, thanks so much for getting back to me! I made sure to follow all of your suggestions. Also, I made a few changes to smb.conf and now wbinfo -u gives me a list of users and wbinfo -g gives me a list of groups. Making some progress!!! I made the following changes to smb.conf: security = ads When I go to a Windows machine and view the entire network, I do not see an e2efileserver icon (e2efileserver is my Linux box). Any further ideas on what I can do Tim From: Hamish [EMAIL PROTECTED] To: Tim Barone [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [Samba] Joining Linux to Windows 2000 domain Date: Thu, 29 Jul 2004 09:42:18 +0100 Make sure winbind is running (have you edited nsswitch.conf to include winbind?) and that nscd is not running. You can stop nscd and restart all the samba services with `/etc/init.d/nscd stop` then `/etc/init.d/smb restart` `/etc/init.d/nmb restart` `/etc/init.d/winbind restart` Hope this helps Tim Barone wrote: Hello, I am new to Linux, Samba, and actually servers in general. I am attempting to set up a Linux file server and join it to a Windows 2000 domain. All I want to be able to do is get files from the linux file server and put files on it. I do not want it to be the domain controller. I join the domain using: net join -S 10.10.10.40 -UAdministrator%password It tells me that I have joined the domain. wbinfo -t wbinfo -p work fine! Wbinfo -u gives me: Error looking up domain members Wbinfo -g gives me: Error looking up domain groups Any ideas on what to do? Thanks a bunch! Linux is Fedora Core 1 Samba is 3.0 smb.conf file: [global] workgroup = EIIECOMM netbios name = e2efileserver1 realm = EIIECOMM.COM idmap uid = 1 - 15000 idmap gid = 1 - 15000 winbind separator = + winbind use default domain = Yes use sendfile = Yes server string= Samba Server printcap anme = /etc/printer load printers = yes log file = /var/log/samba/%m.log max log size = 50 security = domain password server = * socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = no os level = 33 wins support = no wins server = 10.10.10.40 (I'm not sure this is a wins server) dns proxy = no [homes] comment = Home Directories valid users = %S browseable = yes writeable = yes [tmp] comment = Temporary file space path = /tmp writeable = yes guest ok = yes
[Samba] hidding mapped drives with samba
Hi everybody is there a way to hide the mapped drives on a samba server even for the client users who has access to it.??? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Anyone have Solaris 8/9, W2K AD, NIS working?
Paul Gienger wrote: It sounds like you need to pick a network directory service and go with it, I'd suggest LDAP over NIS any day. I have had a solaris (9 I think) box running happily over LDAP and AD2000, although it was just for test. Oh, I totally agree with you on choosing LDAP over NIS. The problem is that if I go LDAP, I'd prefer a non-proprietary solution, and that means OpenLDAP. There are known conflicts between Solaris's built-in LDAP libraries and OpenLDAP (but those can, in theory, be gotten around, although I've run into grief attempting to do so). I inherited the NIS setup when I took this job, and because it's been working fine, I haven't bothered to change it. Chalk that up to other projects taking priority. I'm trying to get Solaris authentication to work using AD user accounts. According to The Official Samba 3 Howto and Reference Guide, this should be a simple thing. Well, it is, as long as you don't care that the UNIX userid to SID mapping isn't consistent across NIS clients, which really screws up file ownership. You need a central structure to hold your SID mappings if you're traversing machines, AFAICT, the only network structure supported is LDAP. In theory, AD is LDAP-compliant, although Microsoft's added a bunch of tweaks. So I was hoping to us AD as the LDAP repository. That many not work, though, and may be the cause of a lot of my problems. When you got it to work, did you use a separate LDAP repository for SID mappings? Or did you manage to store them in AD? Well, it just isn't working. I've tried the instructions in there, which are laughably inadequate. They don't cover NIS or the SID-userid mapping problem properly. I've searched this mailing list for answers, and haven't found much. I simply cannot get Samba to store the userid mapping in the AD Idmap OU. Perhaps some expansion on your issues here would help: What kind of errors is samba spitting back What configurations have you done. The reason I didn't supply them is that I've been playing with so many different configurations over the last few months that listing them all would be counterproductive. So I adopted a new strategy: find out if anyone got it working and what config they used. I'm curious, why the insistance on NIS? Do you have other apps that require it? Are you having problems getting autofs on solaris to talk to LDAP? If so, a guy can short circuit it by making files from the ldap structure, that's what I do. Are you an old school sun guy from way back that can't let go of it? Give in to the dark side of the DIT,... err... I mean use ldap, its better over here... or something, you get my drift hopefully. I agree. I wanted to use NIS because it's already installed and working. My thinking was that, if I could get Samba working with AD as the LDAP repository for SID mappings, I could eventually move my maps over to AD and get rid of NIS completely. I'd prefer to have only one LDAP server running, and the architecture here already has AD. So I'd like to keep things simple and use AD as that repository if I can. I'm willing to build an OpenLDAP server if I have to, but that seems redundant to me. I am an old school Sun guy (but System V, not BSD!), but I agree that NIS is obsolete, has a million security holes in it, and deserves to be given a decent burial. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] 2 Samba server
Hi, If I run 2 Samba server on 2 diferent Domains but on the same IP Class Will I have problems -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 2 Samba server
On Fri, 30 Jul 2004 10:31:17 -0400 Varjao, Marcio [EMAIL PROTECTED] wrote: Hi, If I run 2 Samba server on 2 diferent Domains but on the same IP Class Will I have problems you shouldn't have any problem. having two samba server on different domains has nothing to do with th e ip class -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Anyone have Solaris 8/9, W2K AD, NIS working?
Erwin Fritz wrote: Paul Gienger wrote: It sounds like you need to pick a network directory service and go with it, I'd suggest LDAP over NIS any day. I have had a solaris (9 I think) box running happily over LDAP and AD2000, although it was just for test. Oh, I totally agree with you on choosing LDAP over NIS. The problem is that if I go LDAP, I'd prefer a non-proprietary solution, and that means OpenLDAP. There are known conflicts between Solaris's built-in LDAP libraries and OpenLDAP (but those can, in theory, be gotten around, although I've run into grief attempting to do so). Solaris 9 works fine with OLDAP, maybe even AD if your structure looks right, and provided you add some non-standard things (DUAConfig) to your schema it will even stop complaining about most things, 8 not so much. 8 was a PITA in general. You need a central structure to hold your SID mappings if you're traversing machines, AFAICT, the only network structure supported is LDAP. In theory, AD is LDAP-compliant, although Microsoft's added a bunch of tweaks. So I was hoping to us AD as the LDAP repository. That many not work, though, and may be the cause of a lot of my problems. When you got it to work, did you use a separate LDAP repository for SID mappings? Or did you manage to store them in AD? We went oldap, but I believe I've seen someone using AD for that. I'm no AD wizard, so I can't offer too much of a suggestion there. I'd prefer to have only one LDAP server running, and the architecture here already has AD. So I'd like to keep things simple and use AD as that repository if I can. I'm willing to build an OpenLDAP server if I have to, but that seems redundant to me. As an FYI, you'll have to build the oldap server to compile samba against, but that doesn't mean you have to 'run' it. I am an old school Sun guy (but System V, not BSD!), but I agree that NIS is obsolete, has a million security holes in it, and deserves to be given a decent burial. I'd settle for burning it at the stake. Most of my hostility for NIS comes from NIS+ (or NIS- as I called it 'round these parts), but a NIS by a different name... still stinks like poo. -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] 2 Samba server
Will the users of each one be able to acess the shares on the servers and on the clients Do I have to add anything to that work?? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of HeRnAn DeL bOcA Sent: sexta-feira, 30 de julho de 2004 08:39 To: [EMAIL PROTECTED] Subject: Re: [Samba] 2 Samba server Importance: High On Fri, 30 Jul 2004 10:31:17 -0400 Varjao, Marcio [EMAIL PROTECTED] wrote: Hi, If I run 2 Samba server on 2 diferent Domains but on the same IP Class Will I have problems you shouldn't have any problem. having two samba server on different domains has nothing to do with th e ip class -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3 smbstatus not as good
I use a lot of force user and force group directives on various shares. With smbstatus of Samba 2 I could always verify with a glance what uid and gid a particular service is being accessed as, with Samba 3 you can't. I'd REALLY like to see that come back to smbstatus. Here's a real world example of my complaint... Samba 2 smbstatus output... Samba version 2.2.8a Service uid gid pid machine -- htdocs schaefert cfusion 8004 medusa (192.168.0.5) Fri Jul 30 09:21:18 2004 optometryschaefert cfusion2 8004 medusa (192.168.0.5) Fri Jul 30 09:21:22 2004 Samba 3 smbstatus output... Samba version 3.0.2a PID Username Group Machine --- 293 schaefert cfusion medusa (192.168.0.5) Service pid machine Connected at --- htdocs 293 medusa Thu Jul 29 15:31:47 2004 optometry 293 medusa Thu Jul 29 15:30:45 2004 With Samba 3 I am connected to the optometry share with gid cfusion2 but there's no way to know that. Btw, no, smbstatus -v doesn't show it either. Basically this message is just a plea to the Samba developers to put back the uid and gid information. Thankyou, Tom Schaefer -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] domain admin issue
I have a new Debian testing machine running the Debian Samba 3.0.5. Everything seems OK except that I cannot get users to have domain admin rights. I have Windows XP workstations. The workstations join and log onto the domain fine. A net groupmap list yields: server:/home/tnolen# net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Users (S-1-5-21-3876029557-4061927837-2224609541-513) - users Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - domadm Domain Admins (S-1-5-21-3876029557-4061927837-2224609541-512) - domadm Account Operators (S-1-5-32-548) - -1 Domain Guests (S-1-5-21-3876029557-4061927837-2224609541-514) - nogroup Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 My user, for example, is in the domadm group: server:/home/tnolen# groups tnolen tnolen : users domadm I have tried several combinations of group mappings but all yield the same result. Basically, the user is just a regular user. When the workstations join the domain, the Domain Admins group DOES get added to the local Administrators group as it should. I've checked Debian's website to see if this is a known bug with their version of Samba, but there is no mention of it. Relevant parts of smb.conf: [global] workgroup = SRB server string = %h server interfaces = 192.168.1.254/24 bind interfaces only = Yes passdb backend = smbpasswd, guest passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . unix password sync = Yes syslog = 0 max log size = 1000 name resolve order = wins lmhosts host bcast socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M %u logon script = startup.bat logon path = logon home = domain logons = Yes os level = 60 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d hosts allow = 192.168.1. use client driver = Yes [netlogon] path = /etc/samba/netlogon browseable = No [shared] comment = Shared files path = /home/shared read only = No force create mode = 0777 force directory mode = 0777 Any help would be greatly appreciated. Trey Nolen -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Failed to initialise SAM_ACCOUNT for user
Hi, trying to add users to my samba machine I got the following error: magroup1:~ # smbpasswd -a samba New SMB password: Retype new SMB password: Failed to initialise SAM_ACCOUNT for user samba. Failed to modify password entry for user samba What does it mean? I didn't find documentation about. Thanks, Luca -- Luca Ferrari, [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining Linux to Windows 2000 domain
Hamish, Many thanks! I'm connected!! It works! If I need any additional advice I'll be in touch. Thank you again! Have a great weekend! Tim From: Hamish [EMAIL PROTECTED] To: Tim Barone [EMAIL PROTECTED], Samba List [EMAIL PROTECTED] Subject: Re: [Samba] Joining Linux to Windows 2000 domain Date: Fri, 30 Jul 2004 15:16:17 +0100 Hi Tim Have you edited your /etc/nsswitch.conf file? This needs to be edited if you are running as a domain member server. Look in the documentation if you have problems, but you should be able to edit this file fairly easily. Look for the lines that look like this: passwd: files (winbind) shadow: files group: files (winbind) they should be similar to that (the stuff in brackets is what you should add (without the brackets). Restart winbind and smb and you should be good to go. (Make sure your shares are writeable as well ie your [public] share: as root type `chmod 777 /export/public` - this gives the world read, write and execute on the dir. PS. Try to respond via the samba list, this makes it possible for other people to search (so if someone else has the same problem, they can just search the list - reply all works!) Tim Barone wrote: Hamish, I feel like I'm getting close! I worked on it for a while yesterday and when I tried to access the e2efileserver from windows explorer, I got a Connect to e2efileserver login window. After entering name and password, it just hung, nothing happended. I was reading some documentation on modifying PAM files to allow users to access the Linux box. Do you think this is needed in my case Thanks again for your time and trying to help a beginning Linux user!!! Tim From: Hamish [EMAIL PROTECTED] To: Tim Barone [EMAIL PROTECTED], Samba List [EMAIL PROTECTED] Subject: Re: [Samba] Joining Linux to Windows 2000 domain Date: Thu, 29 Jul 2004 16:12:43 +0100 Hi Tim You might not see the e2efileserver there because you are not running netbios - this is easy to check, just type `/etc/init.d/nmb start`. This will start the netbios daemon and you should then be able to get to your server from windows explorer by \\e2efileserver. You will also need to make sure all those services start when the server reboots (hopefully not too often!), im not too sure how fedora gives a gui to your services, but from a console this should work: `chkconfig --level 35 smb on` repeat this for nmb and winbind (swap nmb etc for smb) - this will make samba winbind and nmb start when the server switches to runlevel 3 or 5 (by default you will be starting in runlevel 5). Since you will be running e2efileserver as a domain member, I think it would be a good idea to also make sure it does not try to win browser elections (i may be wrong, but i saw some strange things happening when my server started trying) you can do this by adding: local master = no and preferred master = no to your smb.conf Hopefully that should give you all you need to run ;) H Tim Barone wrote: Hamish, thanks so much for getting back to me! I made sure to follow all of your suggestions. Also, I made a few changes to smb.conf and now wbinfo -u gives me a list of users and wbinfo -g gives me a list of groups. Making some progress!!! I made the following changes to smb.conf: security = ads When I go to a Windows machine and view the entire network, I do not see an e2efileserver icon (e2efileserver is my Linux box). Any further ideas on what I can do Tim From: Hamish [EMAIL PROTECTED] To: Tim Barone [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: [Samba] Joining Linux to Windows 2000 domain Date: Thu, 29 Jul 2004 09:42:18 +0100 Make sure winbind is running (have you edited nsswitch.conf to include winbind?) and that nscd is not running. You can stop nscd and restart all the samba services with `/etc/init.d/nscd stop` then `/etc/init.d/smb restart` `/etc/init.d/nmb restart` `/etc/init.d/winbind restart` Hope this helps Tim Barone wrote: Hello, I am new to Linux, Samba, and actually servers in general. I am attempting to set up a Linux file server and join it to a Windows 2000 domain. All I want to be able to do is get files from the linux file server and put files on it. I do not want it to be the domain controller. I join the domain using: net join -S 10.10.10.40 -UAdministrator%password It tells me that I have joined the domain. wbinfo -t wbinfo -p work fine! Wbinfo -u gives me: Error looking up domain members Wbinfo -g gives me: Error looking up domain groups Any ideas on what to do? Thanks a bunch! Linux is Fedora Core 1 Samba is 3.0 smb.conf file: [global] workgroup = EIIECOMM netbios name = e2efileserver1 realm = EIIECOMM.COM idmap uid = 1 - 15000 idmap gid = 1 - 15000 winbind separator = + winbind use default domain = Yes use sendfile = Yes server string= Samba Server printcap anme = /etc/printer load printers = yes log file = /var/log/samba/%m.log max log size = 50 security = domain password server = * socket
RE: [Samba] hidding mapped drives with samba
Hi everybody is there a way to hide the mapped drives on a samba server even for the client users who has access to it.??? Do you mean something like [share$] comment = \\server\share$ is a hidden share -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] ACL propegation problem - any known issues?
We use POSIX ACLs (under ext2fs) with a fairly complicated set of permissions. Each folder has default permissions that should cause anything created under it to also have the correct permissions. What I'm seeing is occasionally a folder will be created and its default permissions are not set. When files are created under this folder, they of course have the wrong permissions because there are no defaults to inherit. It doesn't happen every time, and I've had trouble trying to reproduce it myself, but I see the results pretty frequently. I'm not entirely sure if it happens when the folder is created, or if the permissions are dropped later when it's modified. This has been cropping up from time to time ever since we switched from Samba 2.2.8a to Samba 3.0.2-debian, and I'm wondering if it's a known bug. I'm getting tired of having to patch up permissions by hand. I've set inherit acls=yes, but it doesn't seem to have completely solved the problem. --- David Brodbeck, System Administrator InterClean Equipment, Inc. 3939 Bestech Drive Suite B Ypsilanti, MI 48197 (734) 975-2967 x221 (734) 975-1646 (fax) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] workstation service failing on Windows XP (Samba + LDAP)
Greetings, I am having problems with about 80% of my Windows XP machines that are connected to a PDC. The PDC is running Fedora Core 2, Samba 3.0.3-5, openldap 2.1.29-1 ***, and kernel 2.6.5-1.358. The XPs that don't work are all very new machines and I am guessing that they are running a different version of XP than the ones that do work. All of the Win98 machines I have connected to the PDC work without any problems. Whenever the troublesome XPs successfully authenticate to the PDC, the workstation service (a.k.a. svchost.exe) dies. This closes the connection to the PDC (no drives can be mapped, roaming profiles cannot be found, etc). I can manually restart the workstation service, log off, then log back in and everything works fine until the XP machine is rebooted. Searching the internet, I have concluded that this is either a Samba bug or an ldap misconfiguration (or both) combined with the usual Microsoft crud. My question is : Is there a newer version of samba or a hotfix for XP that will correct this? If it is a ldap misconfiguration, can someone guide through a unmisconfiguration :) ? I am willing to post my smb.conf, any ldap conf file, and any more info upon request. I greatly appreciate anyone who helps. Thank You, Terry Wood -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Failed to verify incoming ticket
Hi,
I'm trying to get Samba 3.0.2 working against a Windows 2003 Active
Directory. I can join the Linux box (RedHat Advanced Server) to the
domain using net ads join and it appears in the Windows machine's
Users and Computers snap in but when trying to map a drive from Windows
you just get a continuous password dialog bog and on the Linux box Samba
produces the following error in the Samba log:
Smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!
Here is smb.conf:
###
#=== Global Settings
=
[global]
workgroup = w2k3
netbios name = fs
server string = Samba Server
log file = /var/log/samba/smbd.log
max log size = 50
security = ads
realm = W2K3.TEST
client use spnego = yes
use spnego = yes
client signing = yes
server signing = yes
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; local master = no
; os level = 33
dns proxy = no
# Share Definitions
==
[homes]
comment = Home Directories
browseable = no
writable = yes
##
And here's krb5.conf:
##
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
# ticket_lifetime = 24000
default_realm = W2K3.TEST
# dns_lookup_realm = false
# dns_lookup_kdc = false
[realms]
W2K3.TEST = {
kdc = test-dc.w2k3.test:88
admin_server = test-dc.w2k3.test:749
default_domain = w2k3.test
}
[domain_realm]
.w2k3.test = W2K3.TEST
w2k3.test = W2K3.TEST
[kdc]
# profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
##
Thanks,
Mark
--
Mark Warbeck
Systems Engineer
Engineering Science and Mechanics
Virginia Tech
323A Norris Hall
Mail Code 0219
Blacksburg, VA 24061
540.231.7489
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Failed to verify incoming ticket
Hi,
This is probably a problem with your kerberos version.
Try mapping with ip address like this:
C:\ net use t: \\10.10.10.1\teste
_
Nuno Silva
Engineering Solutions / Enterprise Computing
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Warbeck, Mark
Sent: sexta-feira, 30 de Julho de 2004 17:57
To: [EMAIL PROTECTED]
Subject: [Samba] Failed to verify incoming ticket
Hi,
I'm trying to get Samba 3.0.2 working against a Windows 2003 Active
Directory. I can join the Linux box (RedHat Advanced Server) to the
domain using net ads join and it appears in the Windows machine's
Users and Computers snap in but when trying to map a drive from Windows
you just get a continuous password dialog bog and on the Linux box Samba
produces the following error in the Samba log:
Smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!
Here is smb.conf:
###
#=== Global Settings
=
[global]
workgroup = w2k3
netbios name = fs
server string = Samba Server
log file = /var/log/samba/smbd.log
max log size = 50
security = ads
realm = W2K3.TEST
client use spnego = yes
use spnego = yes
client signing = yes
server signing = yes
encrypt passwords = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
; local master = no
; os level = 33
dns proxy = no
# Share Definitions
==
[homes]
comment = Home Directories
browseable = no
writable = yes
##
And here's krb5.conf:
##
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
# ticket_lifetime = 24000
default_realm = W2K3.TEST
# dns_lookup_realm = false
# dns_lookup_kdc = false
[realms]
W2K3.TEST = {
kdc = test-dc.w2k3.test:88
admin_server = test-dc.w2k3.test:749
default_domain = w2k3.test
}
[domain_realm]
.w2k3.test = W2K3.TEST
w2k3.test = W2K3.TEST
[kdc]
# profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
##
Thanks,
Mark
--
Mark Warbeck
Systems Engineer
Engineering Science and Mechanics
Virginia Tech
323A Norris Hall
Mail Code 0219
Blacksburg, VA 24061
540.231.7489
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] An Interesting Issue in Samba Performance
Okay Ive had a day of it today , and I thought I would share this little support event experienced today. A Client site of mine runs Samba 2.2.8a connecting to a series of Windows XP boxes via a Netgear Switch/Hub. Earlier in the week they reported that certain applications, most notorously Symantec ACT were performing at super slow speeds. A non site investigation showed that any file opened from the Server , copied to the desktop client was being copied at super slow speeds, as if all the bandwidth on the network had gone. Checking configuration of the smb.conf and local machines proved no use at all and for a part of the hour I scratched my head as I tried to understand what was slowing down all file open, copy and move performance over the network. Since local file activity ( on the server or client ) was more than adequate I was non plussed, until I reasoned that the only other device between Client and Server was the Network Switch. A Quick power cycle of the Netgear switch later , and the performance was back where it should have been ! Just a salutory tail to tell really since the problem was neither Server or Client based, but the architecture was clearly malfunctioning. Does anyone know of a test I could have carried out in order to trouble shoot that particular issue ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] An Interesting Issue in Samba Performance
On Fri, Jul 30, 2004 at 06:12:13PM +0100, Nicholas Butler wrote: Okay Ive had a day of it today , and I thought I would share this little support event experienced today. A Client site of mine runs Samba 2.2.8a connecting to a series of Windows XP boxes via a Netgear Switch/Hub. Earlier in the week they reported that certain applications, most notorously Symantec ACT were performing at super slow speeds. A non site investigation showed that any file opened from the Server , copied to the desktop client was being copied at super slow speeds, as if all the bandwidth on the network had gone. Checking configuration of the smb.conf and local machines proved no use at all and for a part of the hour I scratched my head as I tried to understand what was slowing down all file open, copy and move performance over the network. Since local file activity ( on the server or client ) was more than adequate I was non plussed, until I reasoned that the only other device between Client and Server was the Network Switch. A Quick power cycle of the Netgear switch later , and the performance was back where it should have been ! Just a salutory tail to tell really since the problem was neither Server or Client based, but the architecture was clearly malfunctioning. Does anyone know of a test I could have carried out in order to trouble shoot that particular issue ? When I used to work on problems like that for Vantive all I did was put a sniffer on client and server and look for dropped packets. Once I found one or more on a lan segment I knew there was an equipment problem. Few people bother to do this these days - even though the lan equipment has got cheaper (and worse) than it used to be. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] An Interesting Issue in Samba Performance
-Original Message- From: Jeremy Allison [mailto:[EMAIL PROTECTED] When I used to work on problems like that for Vantive all I did was put a sniffer on client and server and look for dropped packets. Once I found one or more on a lan segment I knew there was an equipment problem. Few people bother to do this these days - even though the lan equipment has got cheaper (and worse) than it used to be. People tend to overlook the basics. I've seen several performance problems fixed just by correcting mismatched duplex settings. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy - bug in documentation
Hi jeremy, You not going to like this but I am still getting the errors String overflow in safe_strcpy with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Many Thanks, Carl. Jeremy Allison wrote: On Mon, Jul 26, 2004 at 10:21:09AM +0100, Carl Matthews wrote: Hi Jeremy, Ive been checking the svn for mangling fixes but didnt see any should i just add it to bugzilla so it theres a record of it? It's definately been fixed in the samba-docs svn tree. Jeremy. Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [28-07~CU.ZIP] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (20 - 19) in safe_strcpy [28-07-2004 02-37-34.zip] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~N0.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (24 - 23) in safe_strcpy [samba-swat-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~SE.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (19 - 18) in safe_strcpy [samba-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~R7.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (26 - 25) in safe_strcpy [samba-client-3.0.5-2.i386.rpm] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (9 - 8) in safe_strcpy [SAMBA~54.RPM] Jul 30 17:12:24 mandrake1 smbd[30156]: [2004/07/30 17:12:24, 0] lib/util_str.c:safe_strcpy_fn(602) Jul 30 17:12:24 mandrake1 smbd[30156]: ERROR: string overflow by 1 (26 - 25) in safe_strcpy [samba-common-3.0.5-2.i386.rpm] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Anyone have Solaris 8/9, W2K AD, NIS working?
It is difficult to give a good answer to questions like this one.
I would suggest thinking on major objectives first and then plan your
deployment on tour own.
I learned Sun ONE DS offers many things oldap doesn't yet have.
It is specially so if you have more then few Solaris machines. You could
go with SEAM/Ldap config which means native Solaris client and I
think it is much more secure then what Padl offers. You could have full
unix SSO and Samba connectivity at the same time. Moreover you can
ditch Microsoft AD completely which would lessen the burden factor
significantly and would make it much more secure. The same allies to
NIS.
You can also choose Directory Server on it's own which works great
for samba but will not give SSO. But you wouldn't have to configure
GSS-API on Solaris. You would also want SSL client config instead of
SASL.
There's always some confusion when choosing authentication and
authorization processes in a mixed environment. I think choosing
SEAM (which is MIT Kerberos 1.3.1) for the former and DS 5.2 for the
latter is the most mature solution for Solaris now. Solaris 9,
of course ;-)
HTH,
--
Michal Kurowski
perl -e '$_=q#: 13_2: 12/o{: 8_4) (_4: 6/2^-2; 3;-2^\2: 5/7\_/\7: 12m m::#;
y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] An Interesting Issue in Samba Performance
Nicholas Butler wrote: A Client site of mine runs Samba 2.2.8a connecting to a series of Windows XP boxes via a Netgear Switch/Hub. Budget constraints lead to me having to purchase Netgear managed switches (as opposed to something a little more traditionaly robust) a couple of years ago. They *were* horrible. Dropped packets, network slowdowns, entire print jobs vanishing. . . that sort of thing. I was forced to go back to some daisy chained hubs while I had it out with Netgear. A couple of firmware flashes later and everything's just fine. I still wonder how a company could have let a (highly priced) piece of equipment out the door in that state though, they should be ashamed. --J(K) -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: String overflow in safe_strcpy - bug in documentation
On Fri, Jul 30, 2004 at 07:58:59PM +0100, Carl wrote: Hi jeremy, You not going to like this but I am still getting the errors String overflow in safe_strcpy with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Ok, can you give me a tarball containing the directory and also the *exact* client you're using to reproduce this so I can check. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problem changing password - rejected the tconX error
Hello, I've recently been having a bit of a problem with changing my smb password. Any help would be appreciated. Configuration is : Server OS: SCO Unixware v7.1.1 Samba 2.2.7a Using smbusers and smbpasswd files. The smbusers file only has those users whose NT ID is different from thier Unix ID. I have tried googling for the error and have read the pertinent parts of the SAMBA HowTo http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#acctmgmttools but have not made any headway. When logged in as root, there is no problem changing any users password. When a user tries to change their password from the unix command line, they get the following: /u/usr/naleblansmbpasswd Old SMB password: New SMB password: Retype new SMB password: machine 127.0.0.1 rejected the tconX on the IPC$ share. Error was : NT_STATUS_WRONG_PASSWORD. Failed to change password for naleblan I have reset the password to a known value (using root) and tried again to change the password as when logged in to unix as the user, but still get the same message. However, using the same [Old SMB] password with smbclient seems to work fine. /u/usr/naleblan/usr/lib/samba/bin/smbclient -L localhost added interface ip=10.134.28.152 bcast=10.134.28.255 nmask=255.255.255.0 Password: Domain=[RXADMINWEB] OS=[Unix] Server=[Samba 2.2.7a] Sharename Type Comment - --- Eagle Disk /u/usr/Eagle tmpDisk Temporary file space IPC$ IPC IPC Service (Samba 2.2.7a on CVS9011c) ADMIN$ Disk IPC Service (Samba 2.2.7a on CVS9011c) naleblan Disk Home directory for naleblan Server Comment ---- CVS9011C Samba 2.2.7a on CVS9011c RXADMINWEB Samba 2.2.7a on RxAdminWeb WorkgroupMaster ---- RXADMINWEB RXADMINWEB -- Tom Brand CVS/Pharmacy IS Rx SysAdmin Store Support 401-770-4932 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba pwd in kerberos?
Hi. As I said... I will bother you. :) I'm wondering if it's possible to make samba as a primary domain controller without having samba passwords, but instead using my two KDCs (MIT K5). Is it possible? What should I use in my smb.conf? The wonderful and less painful thing is samba authenticating via pam... but I don't know how... the documentation is quite misty. -- Senseimailto:[EMAIL PROTECTED] icqnum:241572242 msn-id:[EMAIL PROTECTED] A)bort, R)etry, I)nfluence with large hammer. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy - bug in documentation
Hi, We have 98se2 and xp home sp1 and xp pro sp1 clients, i know for sure win98 and xp home when listing a directory cause this problem, we only have a few xp pro laptops so i cant be 100% sure about those. as for the directory i can on monday when i go back to work, but it will happen with any file over the limit, i end up with error logs of about 500-600mb full of these errors. The clients are windows 98 se and windows xp home, I know that errors are reported for them im pretty sure its any client but i cant say i have proven that. I have a fedora box here so i might try to reproduce the errors on it tonight so i have sumthing to send you. Its a shame are old compilers and our old pcb cad system dont like the hash2. Thanks, Carl. On Fri, Jul 30, 2004 at 07:58:59PM +0100, Carl wrote: Hi jeremy, You not going to like this but I am still getting the errors String overflow in safe_strcpy with the same config file as before and with the latest release (3.0.5.2 - fedora2 rpms from http://www.mirror.ac.uk/sites/ftp.samba.org/Binary_Packages/Fedora/RPMS/i386/core/2/ ) I have included the errors in the attached .txt file. all i had to do to reproduce the error was goto a directory containing the samba rpm files ( which are over the 8.3 ) and of course the same happens for any other file over the 8.3 but not for directories. Ok, can you give me a tarball containing the directory and also the *exact* client you're using to reproduce this so I can check. Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP/IDMAP/3.0.4
I've written a program according to what I learned from all the docs and John T.'s assessment of what I intended to do from an email about a month back. I've got everything in LDAP *no* winbind is in use and my ldap value from [global] are: passdb backend = ldapsam:ldap://ldap.hvcc.edu; ldap suffix = dc=hvcc,dc=edu ldap machine suffix = ou=People ldap user suffix = ou=People ldap group suffix = ou=Groups ldap idmap suffix = ou=Idmap ldap admin dn = cn=root,dc=hvcc,dc=edu idmap backend = ldap:ldap://ldap.hvcc.edu But I'm stuck on joining the PC to the domain. I'm getting No mapping between account names and security IDs was done. But from the logs, I can't seem to gleen *which* mapping it's referring to. I'm still looking and I'm sure it's something dreadfully ignorant on my part. It is authing the root user properly because if I give the wrong root password, it tells me so and the log reflects this as well. I have an idmap entry for every user for every one of the seven domains we have and I calculated all the rid values using the legacy algorithmic method and populated the LDAP DIT with it all. Every sambaSamAccount is also a posix and shadow account. It loads perfectly, AIX is (surprisingly :-P ) happy and Samba seems truly happy up until this point. I'll keep digging, but if the experts have seen this and can suggest a quick fix, I'd appreciate it. All hits I've found so far are relative to 2.2. The only strange error I just found (while composing this email) is: [2004/07/30 15:51:07, 3] smbd/connection.c:yield_connection(76) yield_connection: tdb_delete for name failed with error Record does not exist. Thank you! Bill -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Fw: reduce skin lines skin spots
bnrmtl.cpl-sleafsgducks dr_,u'~gs from amer'`ica 0v~ernig-_ht sh_,ipp^ing ,~distichlisvirinf http://js.mlb.retyping8911rneds.us/f74/ Should this prove to be true, he might now consider himself a prisoner of this piratical band, the members of which, although temporarily disabled, would soon regain consciousnessHowever, the armed caravan was scarcely out of sight before Rob discovered he was approaching a rich, wooded oasis of the desert, in the midst of which was built the walled city of Yarkand -Original Message- From: Genna Sims [mailto:[EMAIL PROTECTED] To: val roofe; jarrod stratton; federico farley; donte grande Sent: Wednesday, November, 2004 8:42 PM Subject: Wtnlxon`line medsDhgetqs darwinia^yabbawhap_ The brilliantly polished Tin Woodman marched next, at the head of the Royal Army of Oz which consisted of twenty-eight officers, from Generals down to Captains I'm NOT wise enough amansada11desintestinar15empaquetador,desvanecimiento cururu`. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba problems in stable?
Recently a production stable samba server started producing this: samba-log.cpr8r: oplock_break failed for file Share1/Files/Financial/Comms.xls (dev = b, inode = 151073815, file_id = 31). samba-log.cpr8r: oplock_break failed for file Share1/Files/Financial/Futures.xls (dev = b, inode = 411546895, file_id = 31). samba-log.cpr8r: oplock_break failed for file Share1/Files/Financial/Historical.xls (dev = b, inode = 402910038, file_id = 8). etc etc for many many files. My samba logs currently give this 580 times in the last 2 days since the server was restarted. The closest match is on google from 1999 and there's no reply. Samba.org doesn't even have any matches on their search page I can find. Anyone have any ideas what could cause this? Kernel 2.4.26-bk1 Samba 2.0.7-1 Debian Stable The hardware is a P3-850 with 512Megs of ram. Most of the files being accessed are nfs mounted from a hardare appliance (SNAP). Robert :wq! --- Robert L. Harris | GPG Key ID: E344DA3B @ x-hkp://pgp.mit.edu DISCLAIMER: These are MY OPINIONS ALONE. I speak for no-one else. With Dreams To Be A King First One Should Be A Man - Manowar signature.asc Description: Digital signature -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file server
I'm so close I can feel it :-) I'm having a problem connecting users to their home directories. Under My Network Places on XP clients I can see my Samba file server (Hobbes) just fine. When I double click on it to open it, I get a login/password prompt that I can't bypass even though I try logins/passwords that exist on the ADS server and/or the UNIX accounts. Do I have to add these users under Samba specifically? I am joined to the ADS domain, I can pull users/groups from wbinfo -t, -u, and -g. When I use webmin I can even go into the Samba module to add users to a share and see all the users from my ADS domain pop up in a window. Here's a copy of my smb.conf (where I think my problem might lie): workgroup = NLES realm = NLES.LOCAL security = ads password server = calvin.nles.local username map = /etc/samba/smbusers os level = 10 dns proxy = No idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind separator = + winbind use default domain = Yes [homes] comment = %U Home Folder path = /home/%u valid users = %U cgoff administrator # force user = %u writeable = yes browseable = no I think my problem is with the [homes] share, but I'm not sure. Can anyone give me any pointers on what my issue might be? As I said I can talk to the ADS server just fine, seeing lists of users and groups. I'm almost positive I'm not setting up my shares correctly. Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file server
Hmm, What's your kerberos version? I would bet it is MIT-kerberos and the version is something lower then 1.3.3, isn't it? If i'm correct you'll have to update your kerberos to a version =1.3.3 Christoph Chris Goff schrieb: I'm so close I can feel it :-) I'm having a problem connecting users to their home directories. Under My Network Places on XP clients I can see my Samba file server (Hobbes) just fine. When I double click on it to open it, I get a login/password prompt that I can't bypass even though I try logins/passwords that exist on the ADS server and/or the UNIX accounts. Do I have to add these users under Samba specifically? I am joined to the ADS domain, I can pull users/groups from wbinfo -t, -u, and -g. When I use webmin I can even go into the Samba module to add users to a share and see all the users from my ADS domain pop up in a window. Here's a copy of my smb.conf (where I think my problem might lie): workgroup = NLES realm = NLES.LOCAL security = ads password server = calvin.nles.local username map = /etc/samba/smbusers os level = 10 dns proxy = No idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind separator = + winbind use default domain = Yes [homes] comment = %U Home Folder path = /home/%u valid users = %U cgoff administrator # force user = %u writeable = yes browseable = no I think my problem is with the [homes] share, but I'm not sure. Can anyone give me any pointers on what my issue might be? As I said I can talk to the ADS server just fine, seeing lists of users and groups. I'm almost positive I'm not setting up my shares correctly. Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] An Interesting Issue in Samba Performance
Does anyone know of a test I could have carried out in order to trouble shoot that particular issue ? Taking Ethereal and looking for large gaps between pakets. Seeing a lot of connection reset by peer messages in the log. Always check for full/halfduplex settings of the network cards. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file
I have MIT Kerberos 1.3.4 installed. This is the exact file I used on my Slackware 10 server: http://web.mit.edu/kerberos/www/dist/krb5/1.3/krb5-1.3.4-i686-pc-linux-gnu.tar Maybe I made a mistake in using binaries instead of compiling from source? Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us [EMAIL PROTECTED] writes: Hmm, What's your kerberos version? I would bet it is MIT-kerberos and the version is something lower then 1.3.3, isn't it? If i'm correct you'll have to update your kerberos to a version =1.3.3 Christoph Chris Goff schrieb: I'm so close I can feel it :-) I'm having a problem connecting users to their home directories. Under My Network Places on XP clients I can see my Samba file server (Hobbes) just fine. When I double click on it to open it, I get a login/password prompt that I can't bypass even though I try logins/passwords that exist on the ADS server and/or the UNIX accounts. Do I have to add these users under Samba specifically? I am joined to the ADS domain, I can pull users/groups from wbinfo -t, -u, and -g. When I use webmin I can even go into the Samba module to add users to a share and see all the users from my ADS domain pop up in a window. Here's a copy of my smb.conf (where I think my problem might lie): workgroup = NLES realm = NLES.LOCAL security = ads password server = calvin.nles.local username map = /etc/samba/smbusers os level = 10 dns proxy = No idmap uid = 1-2 idmap gid = 1-2 template shell = /bin/bash winbind separator = + winbind use default domain = Yes [homes] comment = %U Home Folder path = /home/%u valid users = %U cgoff administrator # force user = %u writeable = yes browseable = no I think my problem is with the [homes] share, but I'm not sure. Can anyone give me any pointers on what my issue might be? As I said I can talk to the ADS server just fine, seeing lists of users and groups. I'm almost positive I'm not setting up my shares correctly. Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file server
On Fri, 2004-07-30 at 16:27, Chris Goff wrote:
[...]
Used MIT KRB5 v1.3.4, Samba 3.0.5, Also make sure that all the /lib and
/lib/security files related to each get replaced.
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.COM
server string = BIG Storage
security = ADS
auth methods = winbind, sam
obey pam restrictions = Yes
password server = mydc1.mydomain.com
username level = 3
lanman auth = No
ntlm auth = No
client NTLMv2 auth = Yes
client lanman auth = No
client plaintext auth = No
log level = 0
syslog = 0
log file = /var/log/samba/%m.log
max log size = 1
smb ports = 445
disable netbios = Yes
max xmit = 65535
name resolve order = wins hosts bcast
server signing = auto
deadtime = 10080
socket options = IPTOS_LOWDELAY TCP_NODELAY
logon path =
logon home =
preferred master = No
local master = No
domain master = No
dns proxy = No
ldap ssl = no
idmap uid = 1-4
idmap gid = 1-4
template homedir = /home/%D/%U
template shell = /bin/bash
winbind separator = +
winbind cache time = 20
winbind nested groups = Yes
ea support = Yes
use client driver = Yes
hide special files = Yes
map archive = No
[homes]
comment = Home Directories
read only = No
create mask = 0700
directory mask = 0700
browseable = No
My krb5.conf
===
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = MYNETWORK.COM
default_tkt_enctypes = des-cbc-md5 des-cbc-crc
default_tgs_enctypes = des-cbc-md5 des-cbc-crc
kdc_timesync = 1
dns_lookup_realm = true
dns_lookup_kdc = true
forward = true
forwardable = true
proxiable = true
autologin = true
encrypt = true
[realms]
NETWORKMCS.COM = {
kdc = mydc1.mynetwork.com:88
admin_server = mydc1.mynetwork.com:749
default_domain = mynetwork.com
}
[domain_realm]
.mynetwork.com = MYNETWORK.COM
mynetwork.com = MYNETWORK.COM
[pam]
debug = false
ticket_lifetime = 24000
renew_lifetime = 24000
forward = true
forwardable = true
autologin = true
encrypt = true
krb4_convert = false
My /etc/pam.d/login
==
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_winbind.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
accountsufficient pam_winbind.so
accountrequired pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
sessionrequired pam_mkhomedir.so skel=/etc/skel/ umask=0022
sessionrequired pam_stack.so service=system-auth
sessionoptional pam_console.so
--
greg, [EMAIL PROTECTED]
The technology that is
Stronger, better, faster: Linux
signature.asc
Description: This is a digitally signed message part
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file
Did you install the PAM from the Samba FTP server, or PAM from padl.com? I ended up following another tutorial than my original post here on the mailing list a day or so back: http://www.rongage.org/manual_samba_howto.html Everything has worked like a charm, although there was no mention of PAM. Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us [EMAIL PROTECTED] writes: My /etc/pam.d/login == #%PAM-1.0 auth required pam_securetty.so auth sufficient pam_winbind.so auth required pam_stack.so service=system-auth auth required pam_nologin.so accountsufficient pam_winbind.so accountrequired pam_stack.so service=system-auth password required pam_stack.so service=system-auth sessionrequired pam_mkhomedir.so skel=/etc/skel/ umask=0022 sessionrequired pam_stack.so service=system-auth sessionoptional pam_console.so -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file
On Fri, 2004-07-30 at 17:08, Chris Goff wrote: Did you install the PAM from the Samba FTP server, or PAM from padl.com? I ended up following another tutorial than my original post here on the mailing list a day or so back: http://www.rongage.org/manual_samba_howto.html Everything has worked like a charm, although there was no mention of PAM. I actually used the pam src rpm from fedora core 1/2 which ever was 0.77. rpmbuild --rebuild that.src.rpm Then install it. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] security = ADS with libkrb53.
I've been trying to get samba to integrate with a Win2000 ADS, with very limited success.. but from recent postings I think I have found my problem. I am only using libkrb 1.2.4. I know I need 1.3.3, but don't particularly want to compile from source. I'm running a Debian Stable machine, so was wondering if anyone knows of where I can get a backport to woody of the newest Kerberos packages. I've tried the normal places and even a few not so normal. Anyone? TIA.. Mat Allgood -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba server onto a Windows 2000 server
How do I install any version of samba onto a Windows 2000 server? Larry -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Trouble authenticating clients from ADS domain on Samba 3.0.5 file
Hmm, Slackware doesn't support PAM due to security issues. I tried installing the RPM anyway (somewhat of a no-no on Slackware boxes), but it didn't seem to effect anything (still getting a login/pass prompt on WinXP clients attempting to login, and when entering a login/pass it doesn't take it). Looking at some Samba manuals it looks like I can autheticate using LDAP instead of PAM. Anyone know if this is possible/feasible? Chris Goff NLES Network Administrator cgoff at nles.k12.wi.us [EMAIL PROTECTED] writes: On Fri, 2004-07-30 at 17:08, Chris Goff wrote: Did you install the PAM from the Samba FTP server, or PAM from padl.com? I ended up following another tutorial than my original post here on the mailing list a day or so back: http://www.rongage.org/manual_samba_howto.html Everything has worked like a charm, although there was no mention of PAM. I actually used the pam src rpm from fedora core 1/2 which ever was 0.77. rpmbuild --rebuild that.src.rpm Then install it. -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as IIS Clusters common data store
We are migrating three IIS5 servers, to an IIS6 Cluster and are wanting to use a Samba Server as the common data store. The IIS servers will be hosting ~100 Websites, so each site will be an individual share on the Samba server(As we want to enforce quotas for each site). I'm assuming each Site in IIS will utilise UNC path for the Site Location, and use Connect As option for the Samba Share. I would really appreciate feedback from people already doing something similar to this... - Is the above considered a normal setup when using Samba as the common data store? - Should we be utilising any special mount options to ensure security/performance? Debian Testing Samba 3.0.4-5 Any feedback is greatly appreciated. Regards, Michael -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Undeliverable message returned to sender
This message was created automatically by mail delivery software. Delivery failed for the following recipient(s): [EMAIL PROTECTED] The message you sent contained an attachment which the recipient has chosen to block. Usually these sort of attachments are blocked to prevent malicious software from being sent to the recipient in question. The name(s) of the blocked file(s) follow: message.scr To send this file, please place it in a compressed archive using WinZip (http://www.winzip.com) or the archive software of your choice. - Original Message Header - Received: by mail40-red.bigfish.com (MessageSwitch) id 1091230667569406_23726; Fri, 30 Jul 2004 23:37:47 + (UCT) Received: from changewave.com (adsl-64-166-23-10.dsl.snfc21.pacbell.net [64.166.23.10]) by mail40-red.bigfish.com (Postfix) with ESMTP id 970F44369DD for [EMAIL PROTECTED]; Fri, 30 Jul 2004 23:36:45 + (UCT) From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Mail Delivery (failure [EMAIL PROTECTED]) Date: Fri, 30 Jul 2004 16:37:56 -0700 MIME-Version: 1.0 Content-Type: multipart/related; type=multipart/alternative; boundary==_NextPart_000_001B_01C0CA80.6B015D10 X-Priority: 3 X-MSMail-Priority: Normal Message-Id: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.5 PANIC
Hi, David: I don't use printers at all. so i think it has nothing with printer lock. Best Regards! Jacky Kim . Hi, This is worrying as we have had exactly the same error with 3.0.2a on Solaris/cups. Have you had a problem with printers as well? I believe our error was caused by printing crashing samba, and a quick fix was to delete the printer lock file. However, when I emailed the problem, we were told by Samba.org to upgrade to 3.0.5! David -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba server onto a Windows 2000 server
On Fri, 2004-07-30 at 18:20, [EMAIL PROTECTED] wrote: How do I install any version of samba onto a Windows 2000 server? Come again? Anything that samba provides ( except for stability and compatibility ) is already available on a Windows 2000 Server. Please explain why you would want to do such an INSANE thing! -- greg, [EMAIL PROTECTED] The technology that is Stronger, better, faster: Linux signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Wonky browsing
Terrence Branscombe wrote:: IS~ISZKAZ#00 1091364496 192.168.0.2 64R- I 'solved' at half of my browsing puzzles when I found a reference list of Microsoft NetBIOS name suffixes in a KB article (163409). The 'IS~computer name#00' format is simply how IIS registers itself in WINS.DAT by IIS servers. My apologies for not finding this before I posted. The problem remains, however, with 'ISZKAZ' not appearing in BROWSE.DAT. From the Samba host, a query of 'ISZKAZ' shares produces this: $ smbclient -U username%password -L iszkaz added interface ip=192.168.0.3 bcast=192.168.0.255 nmask=255.255.255.0 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 Got a positive name query response from 127.0.0.1 ( 192.168.0.2 ) Domain=[EREBUS] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] Sharename Type Comment - --- Public Disk Public file share IPC$ IPC Remote IPC iszkaz_c Disk boris_1 F$ Disk Default share ADMIN$ Disk Remote Admin C$ Disk Default share Server Comment ---- WorkgroupMaster ---- $ The same query run against the other W2K node, 'KIRALY', which happens to be the local master browser, produces what you might expect: $ smbclient -U username%password -L kiraly added interface ip=192.168.0.3 bcast=192.168.0.255 nmask=255.255.255.0 added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 Got a positive name query response from 127.0.0.1 ( 192.168.0.1 ) Domain=[EREBUS] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] Sharename Type Comment - --- E$ Disk Default share IPC$ IPC Remote IPC D$ Disk Default share print$ Disk Printer Drivers G$ Disk Default share PS$PRINT Printer Postscript printer F$ Disk Default share CanonBJC Printer Connected on LPT1: port of node KIRALY ADMIN$ Disk Remote Admin H$ Disk Default share SETUPS Disk Network-installable packages C$ Disk Default share Server Comment ---- ISZKAZ W2K PIII workstation KIRALY W2K ICS Gateway SZEGED Alpha Quadrant (Samba 2.2.8) WorkgroupMaster ---- EREBUS KIRALY $ Thanks, Terry PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba-web r181 - branches/tmp.samba.org
Author: deryck Date: 2004-07-30 07:28:49 + (Fri, 30 Jul 2004) New Revision: 181 Removed: branches/tmp.samba.org/index.html Modified: branches/tmp.samba.org/header2.html Log: The mirror drop-list is ready now. SSI hasn't been working when calling pages from /html/samba that aren't checked in svn (like mirror-related pages), so this may not work until merge. The index is being removed to move samba.html to the front page. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=181nolog=1
svn commit: samba-web r182 - branches/tmp.samba.org
Author: deryck Date: 2004-07-30 07:31:30 + (Fri, 30 Jul 2004) New Revision: 182 Added: branches/tmp.samba.org/index.html Removed: branches/tmp.samba.org/samba.html Log: And now tmp.samba.org is the front page rather than tmp.samba.org/samba/samba.html. This will apply to samba.org as well. People will be at the home page when they go to www.samba.org. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=182nolog=1
svn commit: samba-web r183 - in branches/tmp.samba.org: . download style
Author: deryck Date: 2004-07-30 07:55:35 + (Fri, 30 Jul 2004) New Revision: 183 Added: branches/tmp.samba.org/download/ branches/tmp.samba.org/download/header_download.html branches/tmp.samba.org/download/index.html branches/tmp.samba.org/style/download.css Removed: branches/tmp.samba.org/download.html Modified: branches/tmp.samba.org/header2.html Log: Working toward two-coloumn layout on the larger pages that are content heavy. Also reorganzing a bit. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/branches/tmp.samba.orgrev=183nolog=1
svn commit: samba r1612 - branches/SAMBA_3_0/source/libsmb
Author: abartlet Date: 2004-07-30 11:14:47 + (Fri, 30 Jul 2004) New Revision: 1612 Modified: branches/SAMBA_3_0/source/libsmb/cliconnect.c Log: Fix bug #1571 found by Guenter Kukkukk [EMAIL PROTECTED] (Botched LANMAN2 session setup code) Andrew Bartlett WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1612nolog=1
svn commit: samba-docs r174 - trunk/Samba-HOWTO-Collection
Author: jelmer Date: 2004-07-30 19:32:39 + (Fri, 30 Jul 2004) New Revision: 174 Modified: trunk/Samba-HOWTO-Collection/ServerType.xml Log: Add link to appropriate chapter. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/rev=174nolog=1
svn commit: samba-docs r175 - trunk/Samba-HOWTO-Collection
Author: jelmer Date: 2004-07-30 19:46:26 + (Fri, 30 Jul 2004) New Revision: 175 Modified: trunk/Samba-HOWTO-Collection/VFS.xml Log: Updated entry of samba-vscan WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/rev=175nolog=1
svn commit: samba-docs r176 - trunk/xslt
Author: jelmer Date: 2004-07-30 20:23:24 + (Fri, 30 Jul 2004) New Revision: 176 Modified: trunk/xslt/generate-attributions.xsl Log: Fix incorrect transformation for prefaces WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/rev=176nolog=1
svn commit: samba-docs r177 - in trunk: . Samba-Guide Samba-HOWTO-Collection
Author: jelmer Date: 2004-07-30 22:21:25 + (Fri, 30 Jul 2004) New Revision: 177 Modified: trunk/Makefile.in trunk/Samba-Guide/index.xml trunk/Samba-HOWTO-Collection/index.xml trunk/aclocal.m4 trunk/configure.in Log: Use gpl.xml instead of gpl.tex WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/trunkrev=177nolog=1
svn commit: samba-docs r178 - trunk/smbdotconf/printing
Author: jelmer Date: 2004-07-31 00:54:44 + (Sat, 31 Jul 2004) New Revision: 178 Modified: trunk/smbdotconf/printing/cupsserver.xml Log: Better example WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/rev=178nolog=1
svn commit: samba r1613 - branches/SAMBA_3_0/source/nsswitch
Author: jra Date: 2004-07-31 01:50:35 + (Sat, 31 Jul 2004) New Revision: 1613 Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_user.c Log: Patch from Tom Shaw [EMAIL PROTECTED] to use winbindd_fill_pwent consistently. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1613nolog=1
svn commit: samba r1614 - trunk/source/nsswitch
Author: jra Date: 2004-07-31 01:50:39 + (Sat, 31 Jul 2004) New Revision: 1614 Modified: trunk/source/nsswitch/winbindd_user.c Log: Patch from Tom Shaw [EMAIL PROTECTED] to use winbindd_fill_pwent consistently. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1614nolog=1
svn commit: samba-web r184 - in branches/news.samba.org: . style
Author: deryck Date: 2004-07-31 05:03:17 + (Sat, 31 Jul 2004) New Revision: 184 Added: branches/news.samba.org/footer.html branches/news.samba.org/header.html branches/news.samba.org/index.html branches/news.samba.org/story_template.html Removed: branches/news.samba.org/date.html branches/news.samba.org/foot.html branches/news.samba.org/head.html branches/news.samba.org/story.html Modified: branches/news.samba.org/style/news.css Log: Nothing to see here yet. Just getting the basic files in place. -- deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/branches/news.samba.orgrev=184nolog=1
