[Samba] changing ldap passwords?
Hi...This is with reference to the thread posted at the given link: http://lists.samba.org/archive/samba/2005-January/099108.html The message is posted by one Mr.Javier.Leon-Gutierrez . Searching UPC directory , I found your's to be the most matching. If you are indeed the poster of this solution to changing LDAP passwords, Please reply to my mail as I am stuck somewhere midway..else, discard my post. Thanks in anticipation Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] FC3 vfs object smb.conf samba 3.0.11
When Kaspersky adds the following to smb.conf I can't connect from XP. If I comment out vfs object connection is restored. snip [store-00] # ADDED BY KASPERSKY ANTI-VIRUS FOR SAMBA SERVERS 5.0 vfs object = kavsamba5-smb-3.0.2 comment = File Directories path = /store-00 browseable = yes writeable = yes valid users = frank read only = no guest ok = no /snip Kav seems to be where it's supposed to be. /opt/kav/5.0/kavsamba/lib/kavsamba5-smb-3.0.2.so /usr/lib/samba/vfs/kavsamba5-smb-3.0.2.so I have checked all the logs can't see anything broken, then I'm no expert. I have no idead how to use gdb, but have set logs to level 10 debug -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] NTLM hash
On Mon, 2005-02-07 at 17:31 -0800, David Busby wrote: I'm looking at the NTLM hash, I need to make my own. I was going to look at somehow using libsmb or something but don't really know how to. Can I do this in perl? I can make Unicode scalars and send those to md4_hex() to get the output, but I cannot get something to match what shows up in the /etc/samba/private/smbpasswd file. Ideas? Currently I try this: The password is in UCS2-LE before the MD4, but it might be easiest to use the Crypt::SmbHash perl module. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.9 and vfs recycle on SLES9
Hi list, I have problems working samba 3.0.9 with VFS recycle. I have made an exculde to a folder on the share, but any file that was deleted out of this folder, still moved to trash. Also all files from exclude (like .tmp ...) were stored to trash. Another problem is, that any file that was saved on the share from the application (like MSOffice) was also copied to the trash. So if I save a file the the network drive, the file was also saved to the trash-repository with complete tree. Is there anything wrong in my conf ? Hope someone can find the bug: vfs objects = recycle this has to read vfs object = recycle not objects recycle:repository = .Papierkorb/%U recycle:keeptree = Yes recycle:touch = No recycle:versions = No recycle:exclude = *.tmp|*.temp|*.o|*.obj|*.pqi|*.scr|*.eml|*.mpg|*.mpe|*.mpeg|*.mov|~$* recycle:excludedir = /pmail|/PMAIL recycle:maxsize = 209715200 Hi, sorry I have made the changes, but no effect. (also with vfs objects = recycle the recycler works) The files were automaticly copied to trash, always I save a file to the network-share. Also files and folders that were excluded still moves to trash. Here ist the full share-section, hope that this will help. Thx. [homes] comment = Users HomeFileSet browseable = no read only = no create mode = 0700 directory mode = 0700 force user = %U path=/server/home/%S oplocks = true veto files = /*.mp3/*.eml/*.nws/*.{*}/ ; ; options for trashbox ; vfs object = recycle recycle:repository = .Papierkorb/%U recycle:keeptree = Yes recycle:touch = No recycle:versions = No recycle:exclude = *.tmp|*.temp|*.o|*.obj|*.pqi|*.scr|*.eml|*.mpg|*.mpe|*.mpeg|*.mov|~$* recycle:excludedir = /pmail|/PMAIL recycle:noversions = *.doc|*.xls|*.ppt recycle:maxsize = 209715200 Hi as i mailed to you personal before i guess you have to use commas on suse like this vfs objects = recycle recycle:keeptree = yes recycle:versions = yes recycle:touch = yes recycle:exclude = ?~$*,~$*,*.tmp,index*.pl,index*.htm*,*.temp,*.TMP recycle:exclude_dir= /tmp,/temp,/cache recycle:repository = .recycle/.recycle.%u recycle:noversions = *.doc,*.xls,*.ppt #hide files = /.recycle.*/.recycle/ #veto files = /.recycle.*/.recycle/ Hi again, yes - now the excludes works as well. But still I got one problem with recycle objects: When I save a file (with wordpad or editor ...) to the network-share, a 0 byte-file will automaticly be saved to the trash-folder. After removing the file from the network-share, the real file (0 byte) will be stored to the trash. Thats ok. But now I created a file named the same filename than the deleted file, the new file was again created as 0-byte file to the trash. And the trashfile was destroyed. So my questions are: 1)How do I have to configure the recycle-object that no 0-Byte file was automaticly created on the network-share ? I have tried all possible parameters (touch and versions) to turn off or on, but no effect. 2)If 1 isn't possible, how can I prevent the creation of the 0-Bytefile over the existing file, without using the version-parameter ? -- Regards, Jens Strohschnitter - *!!!LINUX LINUX LINUX LINUX LINUX!!!* * http://www.jens-strohschnitter.de * - Set the controls for the heart of the sun - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] syncing passwords
I would be interesed to read an answer to this question :) Here's the part I don't understand. How can this work with the NT user manager, if it doesn't transmit the clear text password to samba? How is the Unix password updated? My understanding is that you have to have the cleartext password to updat the Unix password. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba is screwed up
I have set up a Samba server (Version 3.0.10-1.fc2) on a Fedora 2 box, but it appears to always be allowing anonymous login now and when I try to log in with a valid user it keeps telling me the login failed. Can someone tell me why this is happening and also, why are authorized users not able to log in? Here's the content of my smbusers file: root = administrator admin apache = fred nobody = guest pcguest smbguest I've used smbpasswd to set the password for fred, and have also synched it with the local Linux account. However every time I do a test login I get an authentication error: [EMAIL PROTECTED] samba]# smbclient -L //192.168.0.3/fred Unknown parameter encountered: ' path Ignoring unknown parameter ' path Password: session setup failed: NT_STATUS_LOGON_FAILURE However, when I do the same thing but don't enter any password (left it blank) it would let me log in: [EMAIL PROTECTED] samba]# smbclient -L //192.168.0.3/fred Unknown parameter encountered: ' path Ignoring unknown parameter ' path Password: Anonymous login successful Domain=[FN] OS=[Unix] Server=[Samba 3.0.10-1.fc2] Sharename Type Comment - --- images Disk image server IPC$IPC IPC Service (Samba Server) ADMIN$ IPC IPC Service (Samba Server) Anonymous login successful Domain=[FN] OS=[Unix] Server=[Samba 3.0.10-1.fc2] Server Comment ---- BUBBLESamba Server WorkgroupMaster ---- HI BUBBLE Here's my /etc/samba/smb.conf (I've included all comments just in case): [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = HI # server string is the equivalent of the NT Description field server string = Samba Server netbios name = bubble # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the loopback interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. hosts allow = 192.168.0. 127. # if you want to automatically load your printer list rather # than setting them up individually then you'll need this # printcap name = /etc/printcap # load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user nobody is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # all log information in one file # log file = /var/log/samba/smbd.log # Put a capping on the size of the log files (in Kb). max log size = 5 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server ; password server = NT-Server-Name # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 ; username level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd # The following are needed to allow password changing from Windows to # update the Linux system password also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only #the encrypted SMB passwords. They allow the Unix password #to be kept in sync with the SMB password. ; unix password sync = Yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names username map = /etc/samba/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting include = /etc/samba/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. ; interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation
[Samba] NetBIOS wildcard queries repeated by wireless access points
I am trying to resolve a problem with NetBIOS wildcard broadcast queries being relayed/repeated by around 50 US Robotics wireless access points. The APs only re-broadcast wildcard queries from our samba3 server - our numerous windows 2003 servers do not appear to use wildcard broadcast queries (if they do, they are not causing the same problems). Any help would be appreciate as this problem is causes massive network problems as all our winxp clients repeatedly reply to each repeated query. Kind regards Lee Baker The initial NetBIOS packet from the samba server: (192.168.5.200 is the samba server, 192.168.2.185 is a USR Access Point) No. TimeSourceDestination Protocol Info 3143 200.215902 192.168.5.200 192.168.5.255 NBNS Name query NB *00 Frame 3143 (92 bytes on wire, 92 bytes captured) Arrival Time: Feb 7, 2005 18:23:30.407103000 Time delta from previous packet: 91.745643000 seconds Time since reference or first frame: 200.215902000 seconds Frame Number: 3143 Packet Length: 92 bytes Capture Length: 92 bytes Ethernet II, Src: 00:0b:db:90:9f:0b, Dst: ff:ff:ff:ff:ff:ff Destination: ff:ff:ff:ff:ff:ff (Broadcast) Source: 00:0b:db:90:9f:0b (192.168.5.200) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.5.200 (192.168.5.200), Dst Addr: 192.168.5.255 (192.168.5.255) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 78 Identification: 0x (0) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: UDP (0x11) Header checksum: 0xad87 (correct) Source: 192.168.5.200 (192.168.5.200) Destination: 192.168.5.255 (192.168.5.255) User Datagram Protocol, Src Port: 33175 (33175), Dst Port: netbios-ns (137) Source port: 33175 (33175) Destination port: netbios-ns (137) Length: 58 Checksum: 0x4190 (correct) NetBIOS Name Service Transaction ID: 0x6f69 Flags: 0x0110 (Name query) 0... = Response: Message is a query .000 0... = Opcode: Name query (0) ..0. = Truncated: Message is not truncated ...1 = Recursion desired: Do query recursively ...1 = Broadcast: Broadcast packet Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries *00: type NB, class inet Name: *00 (Workstation/Redirector) Type: NB Class: inet The packet relayed by A US Robotics Access Point: No. TimeSourceDestination Protocol Info 3151 200.216628 192.168.5.200 192.168.5.255 NBNS Name query NB *00 Frame 3151 (92 bytes on wire, 92 bytes captured) Arrival Time: Feb 7, 2005 18:23:30.407829000 Time delta from previous packet: 0.000667000 seconds Time since reference or first frame: 200.216628000 seconds Frame Number: 3151 Packet Length: 92 bytes Capture Length: 92 bytes Ethernet II, Src: 00:c0:49:a9:b8:b4, Dst: ff:ff:ff:ff:ff:ff Destination: ff:ff:ff:ff:ff:ff (Broadcast) Source: 00:c0:49:a9:b8:b4 (192.168.2.185) Type: IP (0x0800) Internet Protocol, Src Addr: 192.168.5.200 (192.168.5.200), Dst Addr: 192.168.5.255 (192.168.5.255) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 00.. = Differentiated Services Codepoint: Default (0x00) ..0. = ECN-Capable Transport (ECT): 0 ...0 = ECN-CE: 0 Total Length: 78 Identification: 0x (0) Flags: 0x04 (Don't Fragment) 0... = Reserved bit: Not set .1.. = Don't fragment: Set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 63 Protocol: UDP (0x11) Header checksum: 0xae87 (correct) Source: 192.168.5.200 (192.168.5.200) Destination: 192.168.5.255 (192.168.5.255) User Datagram Protocol, Src Port: 33175 (33175), Dst Port: netbios-ns (137) Source port: 33175 (33175) Destination port: netbios-ns (137) Length: 58 Checksum: 0x4190 (correct) NetBIOS Name Service Transaction ID: 0x6f69 Flags: 0x0110 (Name query) 0... = Response:
Re: [Samba] 'ldap passwd sync' not working
John H Terpstra: The Samba-HOWTO-Collection is literally intended to be correct and capable of being followed literally! Please document what sucks and help us to improve our documentation. I encourage you to file a bug report with details of what needs to be fixed. You can file a bug report on https://bugzilla.samba.org On the basis of what the Samba team has done over the years, its availability and quality, it would be my bounden duty to do so. However, this would mean a complete rewrite, producing a parallel doc that omitted all reference to Samba V2 (with which I'm not familiar) What in goodness name are you referring to? The current Samba-3 HOWTO Collection is NOT written around Samba-2. The Samba-3 by Example book (Samba-Guide on the Samba Web Site) is entirely based on Samba-3. I must be missing something very seriously and must be completely confused. Please help me to understand your point. I have no gripes with the official Samba docs as included in the Red Hat 3.0.9 Samba srpm. Either the Terpstra docs or Jerry Carter's O'Reilly boot. They are very clear, accurate and to the point; much trouble has been taken in compiling them, the English is perfect and there are no spelling mistakes. I *do* have a problem with Samba (v.3) PDC LDAP howto by Ignacio Coupeau of CTI, University of Navarra. I've no idea where I got it from in the first place; it isn't included with the Red Hat release. It is diametrically the opposite to what I've just written about the official Samba docs. I shall refer to it as Navarra in what follows. I've constantly referred to this document in what I wrote, not to the official Samba docs.. Unfortunately the official Samba docs do not cover ldapsam in any depth; as a complete newbie, one can obviously not judge the worth of any doc until one has followed that doc and attempted to put its content into practice. If the documentation is as bad as you say it is we should withdraw it at once and not release it again until it is fixed. What are others opinions of this situation? Should we withdraw it at once? You can't withdraw something you don't publish and for which you aren't responsible. My basic point of criticism (I started with Samba 3.0.7, Openldap V2.2.20) after following the HOWTO, finding out that it crippled my system and If the documentation is causing people to suffer crippled systems please accept my fullest apologies. That is really bad. Is this a generic problem? Have others suffered the same crippling because of misleading and bad documentation? Wow! This blows my mind! I've been a Novell NDS (eDirectory) and Openldap person for years. I know Openldap pretty well, use it for enterprise-size production and can trouble-shoot it effectively. Navarra dictates that I posess that propensity; following Navarra blindly will inevitably lead to crippled systems. asking myself how Samba/LDAP should be configured. For all of what follows I used GQ 1.0.b1 (jump from www.biot.com), since it gives a graphical representation of the DSA, drag'n drop is possible, making experimenting a breeze, shows *all* mandatory and optional attributes in different colors and gives sensible error reports when you do something wrong: OK. Please give me wording to add to the documentation - or to replace bad and misleading sections of the existing documentation. All contributions will be gladly received. I've already pointed out what didn't work and how to correct it. Since you aren't responsible for it, you can't do much about it. 1: under ou=smb, *no* groups called (cn=)Domain Admins, Domain Guests or Domain Users should be set up. cns with spaces in are not liked by Openldap 2.2 and Samba makes a hash of them; furthermore Linux doesn't like them . Anyway, these groups are NT groups and not Posix groups and are defined in the *record* for the group, as defined in the displayName attribute. Instead, under ou=smb, define 3 Posix groups domadm, domguest and domuser. Give them regular, unique gidNumbers. For domadm, set attribute displayName to Domain Admins, for domguest set displayName to Domain Guests and domuser set displayName to Domain Users. Make each group an objectClass member of sambaGroupMapping. Get your local SID using 'net getlocalsid' Give each group its SID as defined in the regular Samba HOWTO. Is this really necessary? Why? How does this advice affect the greater picture? I don't understand the question. It's important to use the correct local SID and use system RIDs, as defined in the official Samba docs. Have you discussed this advice with Idealx? I am sure they would love to hear from you. My intent so far as documentation goes is to document what works and how it works. I am not out to write a full LDAP management system. Idealx are working on that - as are others. I've not discussed it with anyone. I don't suppose Idealx is responsible for Navarra. Navarra's English is bad, it's full of spelling
[Samba] error duing executing make of samba on aix
Hi , I am facing a problem while configuring Samba on AIX 5.2. The configure completes without any issues , but getting an error while running make . Any pointers to this problem will be helpfull. Options used for Configure are - ./configure --with-winbind --with-ldap --with-ads --with-pam Here is the Error - # make Using FLAGS = -O -I/usr/local/include -I./popt -Iinclude -I/usr/samba-3.0.1/sou rce/include -I/usr/samba-3.0.1/source/ubiqx -I/usr/samba-3.0.1/source/smbwrapper -I. -I/usr/local/include -I/usr/samba-3.0.1/source LIBS = LDSHFLAGS = -Wl,-bexpall,-bM:SRE,-bnoentry,-berok LDFLAGS = Compiling nsswitch/pam_winbind.c with -O2 nsswitch/pam_winbind.c: In function `converse': nsswitch/pam_winbind.c:67: warning: passing arg 3 of `pam_get_item' from incompa tible pointer type nsswitch/pam_winbind.c:70: warning: passing arg 2 of pointer to function from in compatible pointer type nsswitch/pam_winbind.c: In function `_make_remark': nsswitch/pam_winbind.c:85: warning: assignment discards qualifiers from pointer target type nsswitch/pam_winbind.c: In function `_winbind_read_password': nsswitch/pam_winbind.c:297: warning: passing arg 3 of `pam_get_item' from incomp atible pointer type nsswitch/pam_winbind.c:309: error: `PAM_AUTHTOK_RECOVER_ERR' undeclared (first u se in this function) nsswitch/pam_winbind.c:309: error: (Each undeclared identifier is reported only once nsswitch/pam_winbind.c:309: error: for each function it appears in.) nsswitch/pam_winbind.c:330: warning: assignment discards qualifiers from pointer target type nsswitch/pam_winbind.c:338: warning: assignment discards qualifiers from pointer target type nsswitch/pam_winbind.c:344: warning: assignment discards qualifiers from pointer target type nsswitch/pam_winbind.c:402: warning: passing arg 3 of `pam_get_item' from incomp atible pointer type nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:417: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_authenticate': nsswitch/pam_winbind.c:428: warning: passing arg 2 of `pam_get_user' from incomp atible pointer type nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:461: error: syntax error before int nsswitch/pam_winbind.c:472: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_acct_mgmt': nsswitch/pam_winbind.c:482: warning: passing arg 2 of `pam_get_user' from incomp atible pointer type nsswitch/pam_winbind.c: At top level: nsswitch/pam_winbind.c:518: error: syntax error before int nsswitch/pam_winbind.c:528: error: syntax error before int nsswitch/pam_winbind.c:540: error: syntax error before int nsswitch/pam_winbind.c: In function `pam_sm_chauthtok': nsswitch/pam_winbind.c:559: warning: passing arg 2 of `pam_get_user' from incomp atible pointer type nsswitch/pam_winbind.c:636: warning: passing arg 3 of `pam_get_item' from incomp atible pointer type make: 1254-004 The error code from the last command is 1. Stop. Thanks Shaista DISCLAIMER: This message contains privileged and confidential information and is intended only for the individual named.If you are not the intended recipient you should not disseminate,distribute,store,print, copy or deliver this message.Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system.E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted,corrupted,lost,destroyed,arrive late or incomplete or contain viruses.The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] VFS Extended Auditing output situation
Hello, I'm using Samba 3.0.10 as file server and PDC for some Win2000 Pro clients, and I'd like to get detailed and clear logs of file/dir creation/open/save/deletion on some shares. The standard logs are a bit too much for me. The ideal would be a well balanced setting of the extd_audit VFS module, but when trying, some months ago, I discovered it behaved differently than expected, see http://groups-beta.google.com/group/linux.samba/msg/6207c77305925e18 Has anything changed since then? I'm trying it this very moment, using the following global parameters: log file = /var/log/samba/%m.%U.log syslog = 0 log level = 0 vfs:2 max log size = 0 The share I'm interested into has the following parameter: vfs objects = recycle extd_audit ...plus some options for recycle, and of course all standard share definition parameters. Using this configuration, according to the docs, nothing should go into syslog, and samba logs should only contain extd_audit output; quoting from the official howto: Syslog can be used to record all transaction. This can be disabled by setting in the smb.conf file syslog = 0. Logging can take place to the default log file (log.smbd) for all loaded VFS modules just by setting in the smb.conf file log level = 0 vfs:x, where x is the log level. This will disable general logging while activating all logging of VFS module activity at the log level specified. Detailed logging can be obtained per user, per client machine, etc. This requires the above together with the creative use of the log file settings. Instead, here is what I can see: - extd_audit output is going *to syslog only*, and it does not contain info about the user who executes the action, which makes it somewhat useless for multiuser environments; ok, you can find out the user by looking at the PID, but it's not an easy job if you are searching through megabytes of old logs; - almost nothing is logged by extd_audit, regarding file reads! There are 10 users currently connected and working, and in 1 hour only the following few operations have been logged: feb 8 11:37:44 gpserver smbd_audit[24489]: open Personali/SMo/Martina/Martina -1-COMPRESSA 2.jpg (fd 26) feb 8 12:01:52 gpserver smbd_audit[24506]: open rsaenh.dll (fd -1) failed: No such file or directory feb 8 12:19:39 gpserver smbd_audit[24506]: open quasi.rl4 (fd -1) failed: No such file or directory feb 8 12:19:39 gpserver smbd_audit[24506]: open sicure.rl4 (fd -1) failed: No such file or directory ...plus many failed opens of Desktop.ini, many opendirs and various connect/disconnnect messages. I also expressly asked a user (I'm remotely connected) to open a specific JPG file in that share, she did (I checked with ls -l --time=atime), and nothing was logged about it. - only a few smbd errors are logged into Samba logs in /var/log/samba, e.g. couldn't find service and string overflow by 1. This definitely is not the expected behaviour. Any clues? Thanks. -- Ciao, Marco. ...Have a Little Faith, Bill Frisell 1993 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba-HOWTO-Collection : SID for administrator
Hi, I see in Samba-HOWTO-Collection on the samba web-site that the sambaSID must be set to S-1-5-21---xxx-500, but actuelly, my SambaSID for my administrator is from uid *2 +1000 For correct usage of administrator account, do I have to change my sambaSID ? thank you --- Stéphane PURNELLE [EMAIL PROTECTED] Service Informatique Corman S.A. Tel : 00 32 087/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: FC3 vfs object smb.conf samba 3.0.11 (update)
When I set debul level = 10 vfs:10 (thanks to another post) I don't use cups, it's the vfs stuff is the bother. samba was compiled\installed from samba-3.0.11-1.src.rpm http://us4.samba.org/samba/ftp/Binary_Packages/Fedora/SRPMS/samba-3.0.11-1.src.rpm I got the following: in smbd.log.frank-01 (the XP box) [2005/02/08 11:42:53, 5] smbd/uid.c:change_to_root_user(296) change_to_root_user: now uid=(0,0) gid=(0,0) [2005/02/08 11:42:53, 6] param/loadparm.c:lp_file_list_changed(2698) lp_file_list_changed() file /etc/samba/smb.conf - /etc/samba/smb.conf last mod_time: Tue Feb 8 08:53:03 2005 file /etc/samba/smb.conf modified: Tue Feb 8 11:41:29 2005 [2005/02/08 11:42:53, 5] param/loadparm.c:free_service(2205) free_service: Freeing service IPC$ [2005/02/08 11:42:53, 5] param/loadparm.c:free_service(2205) free_service: Freeing service ADMIN$ [2005/02/08 11:42:53, 3] param/loadparm.c:lp_load(3898) lp_load: refreshing parameters [2005/02/08 11:42:53, 3] param/loadparm.c:init_globals(1314) Initialising global parameters [2005/02/08 11:42:53, 3] param/params.c:pm_process(566) params.c:pm_process() - Processing configuration file /etc/samba/smb.conf [2005/02/08 11:42:53, 3] param/loadparm.c:do_section(3400) Processing section [global] doing parameter workgroup = Frank-Local doing parameter netbios name = Frank-02 [2005/02/08 11:42:53, 4] param/loadparm.c:handle_netbios_name(2745) handle_netbios_name: set global_myname to: FRANK-02 doing parameter server string = Samba Server doing parameter log file = /var/log/samba/smbd.log.%m doing parameter smb passwd file = /etc/samba/smbpasswd doing parameter socket options = TCP_NODELAY doing parameter username level = 8 doing parameter preserve case = yes doing parameter write list = frank,@frank doing parameter username map = /etc/samba/smbusers doing parameter encrypt passwords = yes doing parameter hosts allow = 192.168.0. 127. doing parameter keepalive = 60 doing parameter password level = 8 doing parameter wins support = true doing parameter writeable = yes doing parameter read only = no doing parameter browseable = yes doing parameter os level = 20 doing parameter debug level = 0 vfs:10 [2005/02/08 11:42:53, 0] printing/print_cups.c:cups_cache_reload(85) Unable to connect to CUPS server localhost - Connection refused [2005/02/08 11:42:53, 0] printing/print_cups.c:cups_cache_reload(85) Unable to connect to CUPS server localhost - Connection refused [2005/02/08 11:43:33, 4] smbd/vfs.c:vfs_ChDir(657) vfs_ChDir to /store-01 [2005/02/08 11:43:33, 4] smbd/vfs.c:vfs_ChDir(657) vfs_ChDir to / [2005/02/08 11:43:33, 4] smbd/vfs.c:vfs_ChDir(657) vfs_ChDir to /store-00 [2005/02/08 11:43:33, 4] smbd/vfs.c:vfs_ChDir(657) vfs_ChDir to / [2005/02/08 11:46:19, 3] smbd/vfs.c:vfs_init_default(206) Initialising default vfs hooks [2005/02/08 11:46:19, 3] smbd/vfs.c:vfs_init_custom(232) Initialising custom vfs hooks from [kavsamba5-smb-3.0.2] [2005/02/08 11:46:19, 0] smbd/vfs.c:smb_register_vfs(177) Failed to register vfs module. The module was compiled against SMB_VFS_INTERFACE_VERSION 10, current SMB_VFS_INTERFACE_VERSION is 11. Please recompile against the current Samba Version! [2005/02/08 11:46:19, 0] smbd/vfs.c:vfs_init_custom(259) Can't find a vfs module [kavsamba5-smb-3.0.2] [2005/02/08 11:46:19, 0] smbd/vfs.c:smbd_vfs_init(322) smbd_vfs_init: vfs_init_custom failed for kavsamba5-smb-3.0.2 [2005/02/08 11:46:19, 0] smbd/service.c:make_connection_snum(514) vfs_init failed for service store-00 [2005/02/08 11:46:19, 3] smbd/vfs.c:vfs_init_default(206) Initialising default vfs hooks [2005/02/08 11:46:19, 0] smbd/service.c:make_connection_snum(567) Can't become connected user! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Complete posixGroups
Hello, I would like to upgrade my existing posix-groups to be sambaGroupMapping`s. Here is an example posixGroup: dn: cn=mygroup,ou=Group,ou=corp,o=Mundwerk,dc=excelsisnet,dc=com gidNumber: 1001 memberUid: jwitte description: blabla objectClass: posixGroup objectClass: top cn: cvsadmin how do i achieve this? -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Complete posixGroups
I would like to upgrade my existing posix-groups to be sambaGroupMapping`s. Here is an example posixGroup: dn: cn=mygroup,ou=Group,ou=corp,o=Mundwerk,dc=excelsisnet,dc=com gidNumber: 1001 memberUid: jwitte description: blabla objectClass: posixGroup objectClass: top cn: cvsadmin how do i achieve this? The net groupmap command. signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] syncing passwords
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Heupink, Mourik Jan C. wrote: | I would be interesed to read an answer to this question :) The new password is transmitted ina reversible encryption. The key can either be the user's old password hash (user password change) or the session key in the case of a administrative password change. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCLuOIR7qMdg1EfYRApq+AJ9GpnuIGoUKZanbRG6RDT7EjvFZHACdGpC3 AilaQwNFWM9eHf1O7anA7xE= =JeLU -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Printer settings get lost
Hi List, I have a problem with printing and cannot find a solution in the HowTo or in the mail archive. I have set up Point and click printing according to the official samba howto. I uploaded the drivers to the server and can print from the clients just fine, with one exeption: As a printer admin i can configure our printer to have the duplex unit installed and other (non privileged) users see the changed setting. But after a while (i am not sure when, maybe when i have logged out) the setting gets lost, the printer does not have a duplexer anymore and unprivileged users cannot use it because they can't configure it (it is greyed out). I use SAMBA 3.0.10 on Gentoo Linux. Client is Windows XP SP 2. Printer driver is in /var/lib/samba/printers/W32X86/3 Any ideas? This is really a showstopper for our samba printing. -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - Phone : +49/421/218-4664 Fax :-3341 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ldapsam question
I want to check my new LDAP passdb with the net command, but I get: # net user root's password: [2005/02/08 15:00:09, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call If I use a wrong password, I get: # net user root's password: [2005/02/08 15:04:05, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call Could not connect to server 127.0.0.1 The username or password was not correct. So the connection seems to be established correctly the first time. Any hints on this? -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compiling on an old system...
Hello, I would like to compile samba-latest on an old Linux system (SuSE 7.2). Everything seems to run quite well until it comes to the vfs-modules: ---snip--- Linking libsmbclient non-shared library bin/libsmbclient.a Linking libsmbclient shared library bin/libsmbclient.so Compiling modules/vfs_recycle.c with -fPIC Building plugin bin/recycle.so modules/vfs_recycle.po: In function `recycle_connect': modules/vfs_recycle.po(.text+0x23): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x31): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x55): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x6d): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_disconnect': modules/vfs_recycle.po(.text+0xc3): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0xd1): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0xf5): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x114): undefined reference to `lp_servicename' modules/vfs_recycle.po(.text+0x121): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_repository': modules/vfs_recycle.po(.text+0x197): undefined reference to `lp_parm_const_string' modules/vfs_recycle.po(.text+0x1a5): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x1b6): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x1da): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x1f1): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_keep_dir_tree': modules/vfs_recycle.po(.text+0x247): undefined reference to `lp_parm_bool' modules/vfs_recycle.po(.text+0x255): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x266): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x28a): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x2b3): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_versions': modules/vfs_recycle.po(.text+0x317): undefined reference to `lp_parm_bool' modules/vfs_recycle.po(.text+0x325): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x336): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x35a): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x383): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_touch': modules/vfs_recycle.po(.text+0x3e7): undefined reference to `lp_parm_bool' modules/vfs_recycle.po(.text+0x3f5): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x406): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x42a): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x453): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_exclude': modules/vfs_recycle.po(.text+0x4b7): undefined reference to `lp_parm_string_list' modules/vfs_recycle.po(.text+0x4c5): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x4d6): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x4fa): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x51f): undefined reference to `dbgtext' modules/vfs_recycle.po: In function `recycle_exclude_dir': modules/vfs_recycle.po(.text+0x577): undefined reference to `lp_parm_string_list' modules/vfs_recycle.po(.text+0x585): undefined reference to `DEBUGLEVEL_CLASS' modules/vfs_recycle.po(.text+0x596): undefined reference to `DEBUGLEVEL_CLASS_ISSET' modules/vfs_recycle.po(.text+0x5bd): undefined reference to `dbghdr' modules/vfs_recycle.po(.text+0x5e2): undefined reference to `dbgtext' ... ... ---snip--- What can I do? Thank You Jochen -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam question
I want to check my new LDAP passdb with the net command, but I get: # net user root's password: [2005/02/08 15:00:09, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call I don't think you should be seeing ads messages at all. What is your security setting? Perhaps shoot your whole smb.conf to the list, inline not attached. If I use a wrong password, I get: # net user root's password: [2005/02/08 15:04:05, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call Could not connect to server 127.0.0.1 This part would be a Bad Thing (TM). You're using LDAP on localhost (from your previous posts) so something is borked here. Is ldap running? Are you trying to use SSL? Again, smb.conf please. -- -- Paul GiengerOffice: 701-281-1884 Applied Engineering Inc. Systems Architect Fax:701-281-1322 URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] There is already a domain master browser at ..., but there isn't one
Hi list, I get the following message: nmbd[6294]: There is already a domain master browser at IP 10.0.0.127 for workgroup WORKGROUP registered on subnet UNICAST_SUBNET. We have no box with IP 10.0.0.127, this was the IP at installation time, it is changed now. What is the reason for this behavior? Thanks Christian -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ldapsam question
Am Dienstag, den 08.02.2005, 08:13 -0600 schrieb Paul Gienger: I want to check my new LDAP passdb with the net command, but I get: # net user root's password: [2005/02/08 15:00:09, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call I don't think you should be seeing ads messages at all. What is your security setting? Perhaps shoot your whole smb.conf to the list, inline not attached. If I use a wrong password, I get: # net user root's password: [2005/02/08 15:04:05, 0] utils/net_ads.c:ads_startup(186) ads_connect: Interrupted system call Could not connect to server 127.0.0.1 This part would be a Bad Thing (TM). You're using LDAP on localhost (from your previous posts) so something is borked here. Is ldap running? Are you trying to use SSL? Again, smb.conf please. Here we go (just the important parts): ---snip--- security = user encrypt passwords = Yes # Deprecated #min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes passdb backend = ldapsam:ldap://127.0.0.1/ ldap admin dn = cn=root,suffix ldap suffix = suffix ldap group suffix = ou=Group ldap user suffix = ou=People ldap machine suffix = ou=Hosts ldap idmap suffix = ou=People ---snip--- Do You need more? Regards Jochen -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: There is already a domain master browser at ..., but there isn't one
It is cached data, probably in wins.dat. Stop samba, drop the file, restart and the problem goes away. You can lsof while samba is running, grep for samba tasks, and see what dirs samba uses on your distro. Then grep in those dirs for the bad IP. -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: rpcclient error / printer driver issue
some more testing - I removed the printers.tbd and all the driver files then reloaded cups/samba - I still recieve the error: enumdrivers result was WERR_UNKNOWN_PRINTER_DRIVER I am wondering if this is a bug in 3.0.9 running the same command on a 2.2.8a install does not return the error - and there are no point-n-click drivers installed on that machine any ideas - thanks On Mon, 7 Feb 2005 17:58:12 -0600, Chris McKeever [EMAIL PROTECTED] wrote: SUSE 9.1 samba-3.0.9-2.6 samba-client-3.0.9-2.6 I am getting some errors that I can't seem to track down in any of the archives. I came across this problem when trying to delete a driver none of the printers are listed in the smb.conf - it is all being generated from the cups and the printcap that cups makes on load First enumprinters works: rpcclient $ enumprinters flags:[0x80] name:[\\prupref-print\ccc-tosh35] description:[\\prupref-print\ccc-tosh35,TOSHIBA e-STUDIO28-45 GL-PSL3,Call Center Toshiba 35] comment:[Call Center Toshiba 35] flags:[0x80] name:[\\prupref-print\hin-magi2300] description:[\\prupref-print\hin-magi2300,magicolor 2300 DL,Hinsdale Magicolor 2300] comment:[Hinsdale Magicolor 2300] any combination of the getdriver returns: rpcclient $ getdriver ccc-tosh35 Error opening printer handle for \\.\ccc-tosh35! result was WERR_INVALID_PRINTER_NAME rpcclient $ getdriver \\prupref-print\ccc-tosh35 Error opening printer handle for \\.\\\prupref-print\ccc-tosh35! result was WERR_INVALID_PRINTER_NAME also enumdrivers: rpcclient $ enumdrivers result was WERR_UNKNOWN_PRINTER_DRIVER -- finally - if I were to even get the getdriver to work, how would I disassociate the driver with the printer so: rpcclient $ deldriver magicolor 2300 DL Failed to remove driver magicolor 2300 DL for arch [Windows NT x86] - error 0xbb9! Failed to remove driver magicolor 2300 DL for arch [Windows NT x86] - error 0xbb9! result was WERR_UNKNOWN_PRINTER_DRIVER -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Multiple instances on one machine need to join a domain
Hello all, I'm running smb 2.2.12 on Red Hat AS 2.1. I have multiple smb instances running on this machine all bound to their own network interface. My question is how do I join each one individually to the same domain. Is there an option in the config file to point to the MACHINE.SID file? Thanks in advance, - Chris The information contained in this email and any attachments may be privileged and/or confidential and protected from disclosure. It is intended solely for the use of the recipient(s) to whom it is addressed, or an employee or agent responsible for delivering this message to the intended recipient(s). You are hereby notified that any dissemination, distribution, copying or other use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender by reply email and delete this email and all attachments from your system. Thank you. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] nfs, 64 / 32 bit, locking problem
Well, next problem. Because of samba isn't running on alphaserver 1200 with gentoo linux and kernel 2.6.9-ac12 i've simply exported my smbroot (on alpha, it is my fileserver) and have samba running on an intel pentium4 box, also gentoo, kernel 2.6.0-ac12. Seems to work, eccept some locking problems. smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(657) smbd[9450]: posix_fcntl_lock: WARNING: lock request at offset 0, length 1 returned smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(658) smbd[9450]: an No locks available error. This can happen when using 64 bit lock offsets smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(659) smbd[9450]: on 32 bit NFS mounted file systems. nsm_mon_unmon: rpc failed, status=-13 lockd: cannot monitor 10.0.0.30 lockd: failed to monitor 10.0.0.30 The win soft won't install, there is a environment checking tool shipped, it tells me that i should switch off oplocks in wins registry if my datashare comes from this machine. Two problems: as first the 64/ 32 bit locking problem, as second locking in general. Was this oplocks = false in smb.conf ? Had my last samba experiences some years ago with win98 and winNt. Regards Christian -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Logon Hours problems (Slackware)
My setup was also on Slackware 10, and the time zone was correct, but still the time was incorrect, and changing strangely on every reboot (it was a dual-boot machine). I suppose it is a bug in Slackware 10. Besides, even the time zone is the same as yours - GMT+2. /etc/localtome is a symlink to some file in /usr/share/zoneinfo. The fact is, Athens and Sofia are in the same time zone, but when symlink points to Athens, everything is o.k., when the symlink points to Sofia time is incorrect. On Tuesday 08 February 2005 08:13, David Wilson wrote: Oh hell ! Mmm.. :) I wonder how to solve this ? My /etc/localtime has a whole lot of gibberish in it, but it does say SAST at the end. I assume my timezone is set correctly then ? Perhaps I should just try setting the timezone to GMT/UTC ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED] Sent: Monday, February 07, 2005 1:27 PM Subject: Re: [Samba] Re: Logon Hours problems (Slackware) I observed this problem on Slackware 10.0 :) On Sunday 06 February 2005 10:51, you wrote: Hi, Thanks for your reply. I'll check /etc/localtime and see if it's a similar thing to what you had. Thanks for your assistance. Just for reference this is a Slackware-10.0 box and the timezone was set to GMT+2 (SAST) by using timeconfig. Perhaps someone else has picked up this issue when using Slackware too ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, February 04, 2005 1:45 PM Subject: Re: [Samba] Re: Logon Hours problems (really stuck) I had some similar time problems with some versions of glibc. The solution was to point the link /etc/localtime from Sofia to Athens (we are in the same time zone). May be you could point that to some other city in the same time zone? On Thursday 03 February 2005 10:23, David Wilson wrote: Hi guys, Unfortunately this is still happening I've tried restarting Samba. Users who should be denied access after 21:00 are being denied access at 19:00. Our time zone in South Africa is GMT+2. Perhaps I should set the timezone on the server to UTC/GMT ? Do you think this will help ? Should I then leave the time set to the current time in South Africa ? Or should I set the time to the time at UTC/GMT ? There's something I must be missing here. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: David Wilson [EMAIL PROTECTED] To: david rankin [EMAIL PROTECTED]; samba samba@lists.samba.org Sent: Monday, January 31, 2005 8:48 AM Subject: Re: [Samba] Re: Logon Hours problems (really stuck) Hi David, Nice name ! :) Thanks for your reply. I'm pretty sure I did restart Samba, to double check I will restart it again this evening. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: david rankin [EMAIL PROTECTED] To: samba samba@lists.samba.org Sent: Saturday, January 29, 2005 5:40 PM Subject: Re: [Samba] Re: Logon Hours problems (really stuck) Hi guys, The time offset option unfortunately did not solve my problem. Users that are meant to be kicked off at 21:00 keep getting kicked off at 19:00. The time on the server is right. What else could be causing my problem ? If you made changes, did you remember to restart samba? (stranger things have happened) -- David C. Rankin, J.D., P.E. RANKIN LAW FIRM, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 (936) 715-9333 (936) 715-9339 fax www.rankin-bertin.com --
Re: [Samba] Re: rpcclient error / printer driver issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris McKeever wrote: | some more testing - I removed the printers.tbd and all the driver | files then reloaded cups/samba - | | I still recieve the error: | enumdrivers | result was WERR_UNKNOWN_PRINTER_DRIVER | | I am wondering if this is a bug in 3.0.9 Did you use localhost to connect to the server ? Try using the server's real netbios name. You probably also want to give 3.0.11 a run. There's were several rpcclient and printing bugs cleaned up there. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCNkmIR7qMdg1EfYRAjoYAJ9IsX9VU8H8S+pv0vSm0XuzFPj+/ACfWbBG dgjt2khMBwU/ESReBhoTJ9M= =MNdK -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Ldapscripts v1.0 !
Hi all, I've been working on shell scripts that allow to manage ldap accounts (users, groups, machines). They are similar to the smbldap-tools but do not need PERL to work (and so on...) and are *very* simple to configure - they may be a good alternative. The only tools you need are standard ldap client commands (ldapadd, ldapdelete, ldapmodify, ldapsearch). The scripts can be used as standalone commands or within Samba configuration : add machine script = /usr/local/bin/ldapaddmachine '%u' sambamachines add user script = /usr/local/bin/ldapadduser '%u' sambausers add group script = /usr/local/bin/ldapaddgroup '%g' add user to group script = /usr/local/bin/ldapaddusertogroup '%u' '%g' delete user script = /usr/local/bin/ldapdeleteuser '%u' delete group script = /usr/local/bin/ldapdeletegroup '%g' delete user from group script = /usr/local/bin/ldapdeleteuserfromgroup '%u' '%g' set primary group script = /usr/local/bin/ldapsetprimarygroup '%u' '%g' (see README file for more details) For those who want to give a try, you can find the tarball of ldapscripts v1.0 here : http://contribs.martymac.com http://linagora.org/article108.html Just extract the tarball and type in ./install as root... These scripts are in early version, so feel free to send bug reports and any feedback ! Ganael LAPLANCHE - http://www.martymac.com [EMAIL PROTECTED] [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compiling on an old system...
Remove the flags -Wl,-Bsymbolic and maybe -Wl,--allow-shlib-undefined from your Makefile. Very old linkers don't like them. Daniel -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Ldapscripts v1.0 !
Ganael Laplanche wrote: Hi all, I've been working on shell scripts that allow to manage ldap accounts (users, groups, machines). Very cool. LDAP configuration is always an interesting beast, and I welcome a set of tools to deal with them other the the smbldap-tools. They are similar to the smbldap-tools but do not need PERL to work (and so on...) cool! i am not a perl fan. don't wanna start any language wars or anything. but sometimes its a pain to have to install a bunch of pre-req modules in order to run the thing and then you find out it doesn't do what you want. but i digress :) and are *very* simple to configure - they may be a good alternative. The only tools you need are standard ldap client commands (ldapadd, ldapdelete, ldapmodify, ldapsearch). cool cool. should be portable across lots of platforms then. anything that openldap is on should be usable. The scripts can be used as standalone commands or within Samba configuration : add machine script = /usr/local/bin/ldapaddmachine '%u' sambamachines add user script = /usr/local/bin/ldapadduser '%u' sambausers add group script = /usr/local/bin/ldapaddgroup '%g' add user to group script = /usr/local/bin/ldapaddusertogroup '%u' '%g' delete user script = /usr/local/bin/ldapdeleteuser '%u' delete group script = /usr/local/bin/ldapdeletegroup '%g' delete user from group script = /usr/local/bin/ldapdeleteuserfromgroup '%u' '%g' set primary group script = /usr/local/bin/ldapsetprimarygroup '%u' '%g' o. nice. (see README file for more details) For those who want to give a try, you can find the tarball of ldapscripts v1.0 here : http://contribs.martymac.com http://linagora.org/article108.html Just extract the tarball and type in ./install as root... These scripts are in early version, so feel free to send bug reports and any feedback ! will do. thank you for your valuable contribution of time and code to the samba community. cnw Ganael LAPLANCHE - http://www.martymac.com [EMAIL PROTECTED] [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] compiling on an old system...
BTW, are these really errors or just warnings? |Remove the flags -Wl,-Bsymbolic and maybe -Wl,--allow-shlib-undefined from your Makefile. |Very old linkers don't like them. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba patch kludge-gmt fixes red files in WinCvs
Hi all, in our LAN we use a Samba server (version 2.2.9) on Linux (Debian Woody) to provide file services to workstations running (mostly) W2K. WinCVS is a GUI frontend to the popular CVS version control system. After the swap to and from daylight savings time WinCVS erroneously flags all files in cvs working directories on Samba shares as modified (because of the icon color WinCVS users refer to modified files as red). We found this rather astonishing: CVS records time stamps in GMT/UTC just like Linux, so there shouldn't be any time zone related differences. Closer examiniation revealed that Samba doesn't send the original time stamps but converts them to so called kludge-GMT which 1. may differ by 1 hour to GMT for some files, 2. changes by 1 hour on every swap to and from daylight savings. Samba does that in order to be compatible with some combination of MS file and operating systems (for instance W2K with FAT as file server). Since we use mainly W2K with NTFS which delivers real GMT time stamps, we wanted to turn off the conversion to kludge-GMT in Samba but found no way to do it through configuration. A first workaround emerged from the observation that for a timezone without daylight savings period (like UTC) there is no difference between kludge-GMT and real GMT: we changed the timezone for the Samba processes to GMT/UTC by setting the environment variable TZ to UTC for the smbd process: export TZ=UTC smbd ... This does the job but has some small disadvantages: 1. The syslog entries of Samba are now in GMT while all other syslog entries remain in localtime which is confusing to misleading. 2. Old clients without or with incomplete timezone support (e.g. OS/2) get the wrong time from the Samba server with net time. Therefore we searched for a better solution and created the attached kludge-gmt patch for Samba. This patch adds a new option kludge GMT. For compatibility the default value is true. When set to false in the global section of smb.conf Samba always provides real GMT. Last autumn both solutions were tested in the field during the swap off daylight savings time. They worked very well. The attached patch is made against samba-2.2.9. It doesn't apply cleanly to recent versions of Samba but could put in manually (just ignore the reject for time.c and search for time offset in loadparm.c). Regards, Thomas Honigmann and Thomas Günther diff -Naur samba-2.2.9.orig/source/lib/time.c samba-2.2.9/source/lib/time.c --- samba-2.2.9.orig/source/lib/time.c Sat May 8 03:07:12 2004 +++ samba-2.2.9/source/lib/time.c Fri Oct 22 15:53:01 2004 @@ -28,6 +28,7 @@ int extra_time_offset = 0; +BOOL use_kludge_gmt = True; #ifndef CHAR_BIT #define CHAR_BIT 8 @@ -315,8 +316,11 @@ ret = (time_t)(d+0.5); /* this takes us from kludge-GMT to real GMT */ - ret -= get_serverzone(); - ret += LocTimeDiff(ret); + if (use_kludge_gmt) + { +ret -= get_serverzone(); +ret += LocTimeDiff(ret); + } return(ret); } @@ -359,8 +363,11 @@ ret = (time_t)(d+0.5); /* this takes us from kludge-GMT to real GMT */ - ret -= get_serverzone(); - ret += LocTimeDiff(ret); + if (use_kludge_gmt) + { + ret -= get_serverzone(); + ret += LocTimeDiff(ret); + } return(ret); } @@ -406,7 +413,8 @@ } /* this converts GMT to kludge-GMT */ - t -= TimeDiff(t) - get_serverzone(); + if (use_kludge_gmt) + t -= TimeDiff(t) - get_serverzone(); d = (double)(t); d += TIME_FIXUP_CONSTANT; diff -Naur samba-2.2.9.orig/source/param/loadparm.c samba-2.2.9/source/param/loadparm.c --- samba-2.2.9.orig/source/param/loadparm.cSat May 8 03:07:10 2004 +++ samba-2.2.9/source/param/loadparm.c Fri Oct 22 15:40:35 2004 @@ -94,6 +94,7 @@ BOOL use_getwd_cache = True; extern int extra_time_offset; +extern BOOL use_kludge_gmt; static BOOL defaults_saved = False; @@ -1065,6 +1066,7 @@ {socket address, P_STRING, P_GLOBAL, Globals.szSocketAddress, NULL, NULL, 0}, {homedir map, P_STRING, P_GLOBAL, Globals.szNISHomeMapName, NULL, NULL, 0}, {time offset, P_INTEGER, P_GLOBAL, extra_time_offset, NULL, NULL, 0}, + {kludge GMT, P_BOOL, P_GLOBAL, use_kludge_gmt, NULL, NULL, FLAG_ADVANCED}, {NIS homedir, P_BOOL, P_GLOBAL, Globals.bNISHomeMap, NULL, NULL, 0}, {-valid, P_BOOL, P_LOCAL, sDefault.valid, NULL, NULL, FLAG_HIDE}, -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: rpcclient error / printer driver issue
On Tue, 08 Feb 2005 09:22:15 -0600, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris McKeever wrote: | some more testing - I removed the printers.tbd and all the driver | files then reloaded cups/samba - | | I still recieve the error: | enumdrivers | result was WERR_UNKNOWN_PRINTER_DRIVER | | I am wondering if this is a bug in 3.0.9 Did you use localhost to connect to the server ? Try using the server's real netbios name. You probably also want to give 3.0.11 a run. There's were several rpcclient and printing bugs cleaned up there. ahh -- marvelous -- the localhost I think was the culprit! I will continue to play and see if any more issues arise thanks [again] ! cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCNkmIR7qMdg1EfYRAjoYAJ9IsX9VU8H8S+pv0vSm0XuzFPj+/ACfWbBG dgjt2khMBwU/ESReBhoTJ9M= =MNdK -END PGP SIGNATURE- -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] nfs, 64 / 32 bit, locking problem
Well, next problem. Because of samba isn't running on alphaserver 1200 with gentoo linux and kernel 2.6.9-ac12 i've simply exported my smbroot (on alpha, it is my fileserver) and have samba running on an intel pentium4 box, also gentoo, kernel 2.6.0-ac12. Seems to work, eccept some locking problems. smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(657) smbd[9450]: posix_fcntl_lock: WARNING: lock request at offset 0, length 1 returned smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(658) smbd[9450]: an No locks available error. This can happen when using 64 bit lock offsets smbd[9450]: [2005/02/08 17:29:51, 0] locking/posix.c:posix_fcntl_lock(659) smbd[9450]: on 32 bit NFS mounted file systems. nsm_mon_unmon: rpc failed, status=-13 lockd: cannot monitor 10.0.0.30 lockd: failed to monitor 10.0.0.30 The win soft won't install, there is a environment checking tool shipped, it tells me that i should switch off oplocks in wins registry if my datashare comes from this machine. Two problems: as first the 64/ 32 bit locking problem, as second locking in general. Was this oplocks = false in smb.conf ? Had my last samba experiences some years ago with win98 and winNt. Regards Christian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
Greetings, We have home grown user management backend system, and I have ported our v2.2.x passdb over to v3 type plugin. I am able to access files and print using our backend. I am running into trouble joining PCs to the domain. I am assuming the primary problem is that our backend system doesn't have a 'root' user. I was hoping that assigning SeMachineAccountPrivilege to our tech members would be enough to allow our tech members to join computers to our domain. net rpc rights grant 'DOMAIN\paulg' SeMachineAccountPrivilege But I get prompted for a password and naturally if I don't enter a password I get. Could not connect to server 127.0.0.1 The username or password was not correct. Now as a test I did the following o disable our plugin and used sampasswd plugin o create Samba root user o assign SeMachineAccountPrivilege to myself o comment out sampasswd backend and enable our backend o I was now able to join the PC to our domain. So the question is it possible to gant rights without using the Samba root user? Any other suggestions? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Basic Samba functionality under SuSE 9.2
I'm trying to get Samba 3.0.9-2.3 to work under Suse 9.2. This my very first Linux install and I'm a little at sea here. There are so many things that could be wrong I don't know where to start. The Windows machine I'm using as a client has TCP/IP, file/printer sharing, and Client for MS networks. He can't see the linux machine's (Tolkien) shares, but he can ping him. This might be a name services issue because issuing a net command at the windows box to enumerate the shares (I think that's net view) of the form NET VIEW \\TOLKIEN results in a timeout and error, but NET VIEW \\172.20.0.5 results in a correct list of the shares I've configured on the box! C:\WINDOWSnet view \\172.20.0.5 Shared resources at \\172.20.0.5 Samba 3.0.9-2.3-SUSE Share name Type Used as Comment --- archive Diskarchived files (etc) I know the IP addresses look odd, I won't go into the reasons using a class B but that's worked properly for years, so that's not the issue. Layer 2 connectivity is good. I'm confused about the firewall on SuSE; it's enabled and maybe it shouldn't be. All boxes on this little network are on a switch which goes to a router, thence to my DSL modem. I'm not using the SuSE box as a gateway, it's just on another switch port like the Windows boxes. The firewall has the same interface defined as the inside port and the outside port. But the YAST GUI for configuring Samba has a checkbox for opening all appropriate firewall ports, and I did that. I went back to check and it's still checked. For grins, I portscanned tolkien. TCP ports open are: 21, 22, 25, 110, 139, 445. UDP ports: None. I tried this: net use k: \\172.20.0.5\archive It works! Well, almost. It prompts for username and password, and username and pw I use to login at the linux box doesn't work. root with his password works. I need to get some permissions issues ironed out later. -Tom [Philosophy] Man's loneliness is but his fear of life. --Eugene O'neil --... ...-- -.. . -. . --.- --.- -... [EMAIL PROTECTED] (remove nospam) N9QQB (amateur radio) HEY YOU (loud shouting) WEB ADDRESS http//www.mixweb.com/tpeters 43° 7' 17.2 N by 88° 6' 28.9 W, Elevation 815', Grid Square EN53wc WAN/LAN/Telcom Analyst, Tech Writer, MCP, Cisco Certified CCNA -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Basic Samba functionality under SuSE 9.2
Top-posting only because it's short. You need to start nmbd on the Linux box. Make sure that it is not a local, domain, or preferred master, and that the OS level is low (5 or so). Misty On Tuesday 08 February 2005 11:55 am, Tom Peters wrote: I'm trying to get Samba 3.0.9-2.3 to work under Suse 9.2. This my very first Linux install and I'm a little at sea here. There are so many things that could be wrong I don't know where to start. The Windows machine I'm using as a client has TCP/IP, file/printer sharing, and Client for MS networks. He can't see the linux machine's (Tolkien) shares, but he can ping him. This might be a name services issue because issuing a net command at the windows box to enumerate the shares (I think that's net view) of the form NET VIEW \\TOLKIEN results in a timeout and error, but NET VIEW \\172.20.0.5 results in a correct list of the shares I've configured on the box! C:\WINDOWSnet view \\172.20.0.5 Shared resources at \\172.20.0.5 Samba 3.0.9-2.3-SUSE Share name Type Used as Comment --- archive Diskarchived files (etc) I know the IP addresses look odd, I won't go into the reasons using a class B but that's worked properly for years, so that's not the issue. Layer 2 connectivity is good. I'm confused about the firewall on SuSE; it's enabled and maybe it shouldn't be. All boxes on this little network are on a switch which goes to a router, thence to my DSL modem. I'm not using the SuSE box as a gateway, it's just on another switch port like the Windows boxes. The firewall has the same interface defined as the inside port and the outside port. But the YAST GUI for configuring Samba has a checkbox for opening all appropriate firewall ports, and I did that. I went back to check and it's still checked. For grins, I portscanned tolkien. TCP ports open are: 21, 22, 25, 110, 139, 445. UDP ports: None. I tried this: net use k: \\172.20.0.5\archive It works! Well, almost. It prompts for username and password, and username and pw I use to login at the linux box doesn't work. root with his password works. I need to get some permissions issues ironed out later. -Tom [Philosophy] Man's loneliness is but his fear of life. --Eugene O'neil --... ...-- -.. . -. . --.- --.- -... [EMAIL PROTECTED] (remove nospam) N9QQB (amateur radio) HEY YOU (loud shouting) WEB ADDRESS http//www.mixweb.com/tpeters 43° 7' 17.2 N by 88° 6' 28.9 W, Elevation 815', Grid Square EN53wc WAN/LAN/Telcom Analyst, Tech Writer, MCP, Cisco Certified CCNA -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Slow performance
I noticed that viewing and writing of files from my Windows 2003 server to my Samba Linux server is really slow. I can see that it's freezing up for a couple of seconds sometimes. How do I go about troubleshooting this problem to figure out where the bottleneck is? It just seems so strange because there's not much traffic on the network and both servers are idle usually (test servers). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] About rpcclient and adddriver command
Hi all!! We have 2 printers shared via samba with good results. Nowadays, we have the cups postscript driver in the server for windowsNT/2000/XP and it works fine, but i want to put the hp postscript driver as we have 2 hp printers. I put the postscript driver via rpcclient without no problem: rpcclient -U'admin%pass' -c 'adddriver \ Windows NT x86 \ printer1:driver: config:help:NULL:RAW:NULL ' \ localhost It worked okay, but when i wanted to put the hp drivers downloaded from their homepage it doesn't. The error with debug level 3 after some text... is: lsa_io_sec_qos: length c does not match size 8 result was WERR_INVALID_PARAM I 've looked rpcclient manpages and googled a lot, i've looked that all the files i mention in the rpcclient command are in the $print\W32X86 folder and... i don't know!! The rpcclient adddriver command is only for installing cups and adobe poscript drivers? or can i install hp drivers too? Thx anyway!! Xavi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: About drivers in print$ share
hi all again! i've solved the previous mail about printer drivers. But i've been surprised by the fact that when i install in a windows client a printer via samba, the driver that it downloads from the server is different from the driver i've installed in a standalone pc... but they are the same driver!! one downloaded from hp homepage. So my question is: is there a way from making fine printing things such as printing two/four... pages in a single A4 without a intermediate driver such as FinePrint? sorry if i don't explain it very well but my english is not the best of the world. Thx anyway!! Xavi -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba samba-3.0.11 Upgrade Problems
I recently upgraded a backup fileserver used for testing purposes from samba-3.0.10 to the current samba-3.0.11 using the FreeBSD portupgrade. The fileserver is setup in a W2K AD. The fileserver uses Winbind to get AD accounts and shares are created on the Samba server. Worked fine until the upgrade. Here is a copy of the current smb.conf [global] unix charset = LOCALE workgroup = DOMAIN realm = DOMAIN.COM server string = Backup Server security = ADS hosts allow = IP Address. 127. log file = /var/log/samba/log.%m max log size = 50 log level = 5 syslog = 0 ldap ssl = no enable privileges = no # added this to test with new samba version. I have tried it with set to yes or left out. Same results. idmap uid = 1-2 idmap gid = 1-2 template primary group = DOMAIN\Domain Users template shell = /usr/local/bin/bash winbind use default domain = yes interfaces = IP Address/24 local master = no domain master = no preferred master = no admin users = DOMAIN\Administrator valid users = DOMAIN\Domain Users dos filemode = yes [homes] comment = Home Directories valid users = %S read only = no browseable = no [www] comment = web directories path = /home/username read only = no browseable = yes force user = username When I try to connect to the share www from a Windows machine in the domain, I get a standard can't connect error. When I try connecting by computer name \\COMPUTER , I am prompted for a username and password, none of which works. After turning on full logging, I receive the following errors in: Computer trying to connect logfile: [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [16] failed to decrypt with error Message size is incompatible with encryption type [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [5] failed to decrypt with error Decrypt integrity check failed [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [23] failed to decrypt with error Decrypt integrity check failed [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [3] failed to decrypt with error Decrypt integrity check failed [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [2] failed to decrypt with error Decrypt integrity check failed [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_secrets_verify_ticket(201) ads_secrets_verify_ticket: enc type [1] failed to decrypt with error Decrypt integrity check failed [2005/02/08 08:28:21, 3] libads/kerberos_verify.c:ads_verify_ticket(313) ads_verify_ticket: krb5_rd_req with auth failed (Unknown error: 0) [2005/02/08 08:28:21, 1] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to verify incoming ticket! [2005/02/08 08:28:21, 3] smbd/error.c:error_packet(105) error string = Invalid argument [2005/02/08 08:28:21, 3] smbd/error.c:error_packet(129) error packet at smbd/sesssetup.c(174) cmd=115 (SMBsesssetupX) NT_STATUS_LOGON_FAILURE Winbind Logfile: [2005/02/08 08:33:32, 5] nsswitch/winbindd_ads.c:trusted_domains(842) trusted_domains: Could not open a connection to DOMAIN for PIPE_NETLOGON (NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND) Smbd Logfile: No listed errors. I can: -kinit [EMAIL PROTECTED] obtain a ticket -klist view ticket details -wbinfo -u enumerate users -wbinfo -g enumerate groups -wbinfo -r username get user groups -net ads leave -net ads join -U administrator All of the above give no errors at all. System specs: FreeBSD 5.2.1-RELEASE #0: heimdal-0.6.3_2 (configured with LDAP) samba-3.0.11,1 (configured with LDAP, ADS, WINBIND, ACL_SUPPORT and UTMP) openldap-client-2.2.23 If I try to chown on the Samba Server chown administrator or chown DOMAIN\administrator or if I try to chgrp a domain group, I get an invalid argument error, which is usually given when winbind is having problems. I could do this previously before the upgrade. When I do that the winbind log has the following errors: [2005/02/08 11:03:01, 5] nsswitch/winbindd_ads.c:trusted_domains(842) trusted_domains: Could not open a connection to DOMAIN for PIPE_NETLOGON (NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND) [2005/02/08 11:03:05, 3] nsswitch/winbindd_misc.c:winbindd_interface_version(261) [49820]: request interface version [2005/02/08 11:03:05, 3] nsswitch/winbindd_misc.c:winbindd_priv_pipe_dir(297) [49820]: request location of privileged pipe [2005/02/08 11:03:05, 5] nsswitch/winbindd.c:winbind_client_read(477) read failed on sock 20, pid 49820: EOF [2005/02/08 11:03:05, 3]
Re: [Samba] Ldapscripts v1.0 !
Hi I just tried out YOur scripts on a brand new installation. Very cool but: ldapscripts.log: 02/08/05 - 06:09:01 : Command : /usr/local/bin/ldapaddmachine Successfully added machine philippines$ to LDAP samba-log: -- [2005/02/08 18:09:01, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:02, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:03, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:04, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:05, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:06, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:07, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:08, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:09, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:10, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:11, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:12, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:13, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:14, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:15, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_search_suffix(1169) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) [2005/02/08 18:09:16, 0] rpc_server/srv_samr_nt.c:_samr_create_user (2398) could not add user/computer philippines$ to passdb. Check permissions? = I am not able to add a machine account. Any hints? /Jochen Am Dienstag, den 08.02.2005, 15:27 + schrieb Ganael Laplanche: Hi all, I've been working on shell scripts that allow to manage ldap accounts (users, groups, machines). They are similar to the smbldap-tools but do not need PERL to work (and so on...) and are *very* simple to configure - they may be a good alternative. The only tools you need are standard ldap client commands (ldapadd, ldapdelete, ldapmodify, ldapsearch). The scripts can be used as standalone commands or within Samba configuration : add machine script = /usr/local/bin/ldapaddmachine '%u' sambamachines add user script = /usr/local/bin/ldapadduser '%u' sambausers add group script = /usr/local/bin/ldapaddgroup '%g' add user to group script = /usr/local/bin/ldapaddusertogroup '%u' '%g' delete user script = /usr/local/bin/ldapdeleteuser '%u' delete group script = /usr/local/bin/ldapdeletegroup '%g' delete user from group script = /usr/local/bin/ldapdeleteuserfromgroup '%u' '%g' set primary group script = /usr/local/bin/ldapsetprimarygroup '%u' '%g' (see README file for more details) For those who want to give a try, you can find the tarball of ldapscripts v1.0 here : http://contribs.martymac.com http://linagora.org/article108.html Just extract the tarball and type in ./install as root... These scripts are in early version, so feel free to send bug reports and any feedback ! Ganael LAPLANCHE - http://www.martymac.com [EMAIL PROTECTED] [EMAIL PROTECTED] -- Jochen Witte [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA ported to SkyOS
On Tue, Feb 08, 2005 at 07:04:33AM +, Robert Szeleney wrote: Hi! I just want to announce that I successfully ported SAMBA without any modifications to SkyOS. If you want to take a look at the small SAMBA configuration utility used to configure SAMBA on SkyOS, you can take a look at http://www.skyos.org Thanks! Congratulations ! Maybe Deryk will feature this on the news page... :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 'ldap passwd sync' not working
On Tuesday 08 February 2005 02:07, Tony Earnshaw wrote: I have no gripes with the official Samba docs as included in the Red Hat 3.0.9 Samba srpm. Either the Terpstra docs or Jerry Carter's O'Reilly boot. They are very clear, accurate and to the point; much trouble has Thank-you for clarifying this. It removes all doubt. been taken in compiling them, the English is perfect and there are no spelling mistakes. Oops. I would not say that. Most spelling mistakes have now been fixed, but I am convinced there are still a few lurking in the books waiting to be found and then squashed. I *do* have a problem with Samba (v.3) PDC LDAP howto by Ignacio Coupeau of CTI, University of Navarra. I've no idea where I got it from in the first place; it isn't included with the Red Hat release. It is diametrically the opposite to what I've just written about the official Samba docs. I shall refer to it as Navarra in what follows. Ignacio's HOWTO preceded the Official Samba documentation during the days of Samba-2. Many of us owe a depth of gratitude to him for his work. The fact that it is out of date is not denied. It takes much effort to keep documentation current, particularly when the underlying project changes rapidly - as Samba-3 has done over the past few months. I've constantly referred to this document in what I wrote, not to the official Samba docs.. We need to get the message out more clearly that the Samba-HOWTO-Collection (the book The Official Samba-3 HOWTO and Reference Guide) is designed to document specific capabilities of Samba with general examples of how to use them. The Samba-Guide (the book Samba-3 by Example) was designed to demonstrate how to use the capabilities of Samba within a comprehensively documented networking environment. They serve entirely differing purposes: One explains particular features of Samba with minimal reference to deployment context, the other provides a detailed example of usage within a typical context. The Samba Team encourages the development of Unofficial HOWTOs because we are limited in our exposure and experience and need to capture the experience of others. That is the key reason behind my constant request for updates and contributions to the documentation. Jelmer, Jerry, and I do our best to update and expand the official documentation - often drawing from unofficial HOWTO sources. As much as we can, we validate the information we provide, and we try to keep it current. Criticism of documentation is a good thing! Contriubution to it is even better! Unfortunately the official Samba docs do not cover ldapsam in any depth; as a complete newbie, one can obviously not judge the worth of any doc until one has followed that doc and attempted to put its content into practice. Bearing in mind the intended nature of the HOWTO and the Guide, you have touched on an area you can materially contribute to in order to improve the documentation. Please consider providing updates notes/documenation for inclusion in these resources. Best, and thanks for taking what I wrote seriously :) Your help and input are appreciated. Please keep up the feedback - and documentation patches or contributions. :) Cheers, John T. -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbd/service.c:make_connection_snum(648) in logs
good morning all, i have a fc2 server running samba 3.0.10-1. from my daily logwatch i get these type of entries: smbd/service.c:make_connection_snum(648) workstation1 (10.19.1.2) connect to service share1 initially as user user1 (uid=802, gid=512) (pid 28851) : 5 Time(s) on all shares that user1 connects to, i get the same message identifying the share (share2, share3, etc...) with same pid number. the same thing happens with user2 with a different pid number. the setup is pretty vanilla. i use smbpasswd to authenticate. the server is the domain/local master. smb.conf [global] workgroup= office1 netbios name = server1 encrypt passwords = yes name resolve order = wins hosts lmhosts bcast login script = scripts\%U.bat logon path = \\%L\%U\profile domain logons = yes os level =65 preferred master = yes domain master = yes wins support = yes local master = true admin users = admin load printers = yes printing = cups use client driver = yes printer admin = @admin unix charset = iso8859-1 log level = 1 use sendfile = no shares are basic homes, netlogon, printing, and data shares. nothing complex. users are able to access shares, directories, files, read, write, delete, print with no noticeable problems. the log entries are my concern. much ado about nothing? thank you, stuart -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Differenet behavior when using dns name and netbios name
Hello, Here is something I have just noticed and was wondering if anyone else has noticed this. When I address the samba server with its primary dns name, there are no problems with observing and changing the settings of the printers. When I address the samba server using the netbios name (different than the dns hostname though it is a cname for this machine), I cannot see any of the printer drivers that I have installed when I go to the Printers folder and right click, properties on any of the printers. They have all of the right settings but I can't see what the printer driver is set to. Thanks in advance. Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] ACQUA SERVER
Hi, Gibson. I saw a page in the internet that you say something about ACQUA SEVER. Could you tell me more about it? I need to a sourch about it. Thank you very much. Marcio - Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador do Yahoo! agora. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Domain SID issue
Hello I have a client who historical had a machinename with an underscore in it : samba_machine I had to get rid of the underscore names and changed the name to samba-machine. At the same time I upgraded to samba-3.0.11 to get a printer queue problem resolved. Now it seems the Domain SID has changed, so I changed the new SID back to the old one with net setlocalsid, because on all machines I had problems with logging in as domain Administrator (which was added as a local administrator , but with the old SID, so instead of the domain administrator name the old SID was listed as a local administrator) and moreover, all the machines seem to have lost their domain account. But it didn't help, the domain administrator still can't login in the domain machines, and the machines still don't recognize their accounts. So the situation: All machines and domain administrator have accounts at domain sid : OLD-SID Apparently the domain sid has changed to : NEW-SID , I try to set NEW-SID back to OLD-SID with net setlocalsid OLD-SID, command net getlocalsid returns now : OLD-SID , instead of NEW-SID I restored the groupmapping, so all entries in the groupmap list command show the OLD-SID again, net getlocalsid : returns OLD-SID net getlocalsid DOMAIN : returns OLD-SID net getlocalsid samba-machine : returns OLD-SID but : net rpc info target samba-machine : returns: Domain Name: DOMAIN Domain SID: NEW-SID ! So how is that possible , why returns net getlocalsid the OLD-SID and net rpc info target samba-machine the NEW-SID. What can I do (if at all possible) to have the OLD-SID properly accepted as the domain SID . And why does the command : net getlocalsid DOMAIN return : SID for domain DOMAIN is: OLD-SID and returns : net rpc info target samba-machine : Domain Name: DOMAIN Domain SID: NEW-SID ? Apparently the domain computers use a mechanism conform net rpc and get the NEW-SID returned, which is the wrong SID , instead of the OLD-SID as set by net setlocalsid. TIA Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: rpcclient error / printer driver issue
everything seems to be working good other than this strange nuance (that doesnt seem to effect anything) drivers get listed twice - any ideas? or should I just forget I saw this -- ! rpcclient $ enumdrivers [Windows NT x86] Printer Driver Info 1: Driver Name: [magicolor 2300 DL] Printer Driver Info 1: Driver Name: [TOSHIBA e-STUDIO550-810 GL-PCL6] Printer Driver Info 1: Driver Name: [TOSHIBA e-STUDIO28-45 GL-PSL3] [Windows NT x86] Printer Driver Info 1: Driver Name: [magicolor 2300 DL] Printer Driver Info 1: Driver Name: [TOSHIBA e-STUDIO550-810 GL-PCL6] Printer Driver Info 1: Driver Name: [TOSHIBA e-STUDIO28-45 GL-PSL3] On Tue, 8 Feb 2005 09:49:01 -0600, Chris McKeever [EMAIL PROTECTED] wrote: On Tue, 08 Feb 2005 09:22:15 -0600, Gerald (Jerry) Carter [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris McKeever wrote: | some more testing - I removed the printers.tbd and all the driver | files then reloaded cups/samba - | | I still recieve the error: | enumdrivers | result was WERR_UNKNOWN_PRINTER_DRIVER | | I am wondering if this is a bug in 3.0.9 Did you use localhost to connect to the server ? Try using the server's real netbios name. You probably also want to give 3.0.11 a run. There's were several rpcclient and printing bugs cleaned up there. ahh -- marvelous -- the localhost I think was the culprit! I will continue to play and see if any more issues arise thanks [again] ! cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCNkmIR7qMdg1EfYRAjoYAJ9IsX9VU8H8S+pv0vSm0XuzFPj+/ACfWbBG dgjt2khMBwU/ESReBhoTJ9M= =MNdK -END PGP SIGNATURE- -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain A href=http://www.prupref.com;Simply Chicago Real Estate/A -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3, member of ADS, new trust between small ADS and large one
We have been running a few Linux machines (FC2) as members of our Win2k3 Active Directory domain. They were all humming along fine using winbind for logins and ldap on a local server for the SID-UID/GID mappings. Things seem to have changed, however, when a one-way trust was set up between our small AD domain and a much larger one. The trust was set up to allow members of the larger domain sit down at our computers and login, however, it seems that now winbind or ldap or both are choking on the ~3500 new people. From a Samba linux member of the domain: wbinfo -t works wbinfo -u works most of the time, but is sometimes slow at getting started and fast at printing all 3500 names once it starts wbinfo -g same as wbinfo -u getent password frequently hangs after listing the local /etc/password contents and when it does go on it seems to get incrementally further in the list of 3500 people before it finally timesout each time I run it getent group works with many fewer entries So my question is, what is going on and what can I do to help the situation? I actually would like to just deny the logins from the larger domain from logging in to the Samba ADS domain computers, but perhaps this is not possible with the trust set up between the Win2k3 domains. Is the bottleneck our ldap server, or is there some artifically configured maximum result size coming from a basically default install of openldap? Thanks in advance for any help. Alan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] SAMBA ported to SkyOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Allison wrote: | On Tue, Feb 08, 2005 at 07:04:33AM +, Robert Szeleney wrote: | |Hi! | |I just want to announce that I successfully ported SAMBA without any |modifications to SkyOS. If you want to take a look at the small SAMBA |configuration utility used to configure SAMBA on SkyOS, you can take a look at |http://www.skyos.org |Thanks! | | | Congratulations ! Maybe Deryk will feature this on the news page... :-). | | Jeremy. Sounds like a good idea to me! :-) Robert, do you archive the posts on your front page in some way? Just curious about linking to you, so that in a few days, months, etc. when the Samba item bumps down the page, we still have a decent link on our page. It's not a problem if not. Thanks, and congratulations on the successful port... deryck - -- Deryck Hodgehttp://www.devurandom.org/ Auburn University Libraries http://www.lib.auburn.edu/ Samba Team http://www.samba.org/ Inside my head's a box of stars I never dared to open. - --Sting, from _Sacred Love_(2003) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQkM4glRK0DaE8gRAu/AAJ4z6Tnobli1I/uiCdNDmDS7aTAXSQCeKO5M 4O0+6c0T4GseyiFw/5F41rE= =Ela/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ldapscripts v1.0 !
Hi Jochen, You must use the root account (or any account with an UID=0) on the client side to join a machine to the domain... The log of the ldapscripts are right : the POSIX account must has been created on the LDAP directory (you can check it by searching the accounts on the LDAP directory) BUT samba could not add its piece of info (LDAP attributes) on the LDAP... Sincerely, Ganaël LAPLANCHE [EMAIL PROTECTED] http://www.martymac.com Tel : (+33)6.84.03.57.24. -- Original Message --- From: Jochen Witte [EMAIL PROTECTED] To: Ganael Laplanche [EMAIL PROTECTED] Cc: samba@lists.samba.org, samba-technical@lists.samba.org Sent: Tue, 08 Feb 2005 18:17:37 +0100 Subject: Re: [Samba] Ldapscripts v1.0 ! Hi I just tried out YOur scripts on a brand new installation. Very cool but: ldapscripts.log: 02/08/05 - 06:09:01 : Command : /usr/local/bin/ldapaddmachine Successfully added machine philippines$ to LDAP samba-log: -- [2005/02/08 18:09:01, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:02, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:03, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:04, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:05, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:06, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:07, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:08, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:09, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:10, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:11, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:12, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:13, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:14, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:15, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_open(881) smbldap_open: cannot access LDAP when not root.. [2005/02/08 18:09:16, 0] lib/smbldap.c:smbldap_search_suffix(1169) smbldap_search_suffix: Problem during the LDAP search: (unknown) (Timed out) [2005/02/08 18:09:16, 0] rpc_server/srv_samr_nt.c:_samr_create_user (2398) could not add user/computer philippines$ to passdb. Check permissions? = I am not able to add a machine account. Any hints? /Jochen Am Dienstag, den 08.02.2005, 15:27 + schrieb Ganael Laplanche: Hi all, I've been working on shell scripts that allow to manage ldap accounts (users, groups, machines). They are similar to the smbldap-tools but do not need PERL to work (and so on...) and are *very* simple to configure - they may be a good alternative. The only tools you need are standard ldap client commands (ldapadd, ldapdelete, ldapmodify, ldapsearch). The scripts can be used as standalone commands or within Samba configuration : add machine script = /usr/local/bin/ldapaddmachine '%u' sambamachines add user script = /usr/local/bin/ldapadduser '%u' sambausers add group script = /usr/local/bin/ldapaddgroup '%g' add user to group script = /usr/local/bin/ldapaddusertogroup '%u' '%g' delete user script = /usr/local/bin/ldapdeleteuser '%u' delete group script = /usr/local/bin/ldapdeletegroup '%g' delete user from group script = /usr/local/bin/ldapdeleteuserfromgroup '%u' '%g' set primary group script = /usr/local/bin/ldapsetprimarygroup '%u' '%g' (see README file for more details) For those who want to give a try, you can find the tarball of ldapscripts v1.0 here : http://contribs.martymac.com http://linagora.org/article108.html Just extract the tarball and type in ./install as root... These scripts are in early version, so feel free to send bug reports and any feedback ! Ganael LAPLANCHE - http://www.martymac.com [EMAIL PROTECTED] [EMAIL PROTECTED] -- Jochen Witte [EMAIL PROTECTED] --- End of Original Message --- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbd/service.c:make_connection_snum(648) in logs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stuart Highlander wrote: | good morning all, | | i have a fc2 server running samba 3.0.10-1. | | from my daily logwatch i get these type of entries: | | smbd/service.c:make_connection_snum(648) workstation1 | (10.19.1.2) connect to service share1 initially as | user user1 (uid=802, gid=512) (pid 28851) : 5 Time(s) | | the log entries are my concern. | | much ado about nothing? Yeah. They're just normal successful connections. If you don't want these messages set 'debug level = 0' in smb.conf cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQpaIR7qMdg1EfYRAvQhAKCoZEF17vXj6FDQnMTtVeFKnZPkJACeMICP vobO7NnwMA7nBvygp4Zilf8= =TGQr -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Differenet behavior when using dns name and netbios name
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Taylor, Marc wrote : | When I address the samba server with its primary | dns name, there are no problems with observing and | changing the settings of the printers. | | When I address the samba server using the netbios | name (different than the dns hostname though it is a | cname for this machine), I cannot see any of the | printer drivers that I have installed when I go to the | Printers folder and right click, properties on any | of the printers. They have all of the right settings | but I can't see what the printer driver is set to. If you can reproduce this against 3.0.11. please file a bug at https://bugzilla.samba.org/ and we'll work it from there. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQrLIR7qMdg1EfYRAn1mAJ4wHlNZgl8TSNTXcTJFohzba/RbxwCg4u4r gJZ8e5yzqc2cReHo/45FXck= =GAhb -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain SID issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Samba List Unetix wrote: | show the OLD-SID again, | net getlocalsid : returns OLD-SID | net getlocalsid DOMAIN : returns OLD-SID | net getlocalsid samba-machine : returns OLD-SID | | but : | net rpc info target samba-machine : returns: | Domain Name: DOMAIN | Domain SID: NEW-SID ! | | So how is that possible , why returns net | getlocalsid the OLD-SID and net rpc info | target samba-machine the NEW-SID. The SID is read from secrets.tdb upon startup. Did you restart smbd ? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQsmIR7qMdg1EfYRAswzAJ4ptzf5bmOCQzex68yQfpwu0gGNQACg7cWY rZqMFFM/pDDAN2npvghotPs= =A4AM -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ldapscripts v1.0 !
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jochen Witte wrote: | Hi | | I just tried out YOur scripts on a brand new installation. Very cool | but: | | | ldapscripts.log: | |02/08/05 - 06:09:01 : Command : /usr/local/bin/ldapaddmachine | Successfully added machine philippines$ to LDAP | | [2005/02/08 18:09:01, 0] lib/smbldap.c:smbldap_open(881) | smbldap_open: cannot access LDAP when not root.. This error is common when you can run the add user script as a non-root user but do not have the SeMachineAccountPrivilege or are not actually connecting as root. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQtxIR7qMdg1EfYRAqMWAJ9pe23veA8WmrJeGAFRcQmOnnR4QQCghdnL OigjuRLmQrg7bVPAN5W7MGc= =WyCX -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] About rpcclient and adddriver command
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Xavi wrote: | We have 2 printers shared via samba with good | results. Nowadays, we have the cups postscript driver | in the server for windowsNT/2000/XP and it works | fine, but i want to put the hp postscript driver as we | have 2 hp printers. I put the postscript driver via | rpcclient without no problem: | rpcclient -U'admin%pass' -c 'adddriver \ | Windows NT x86 \ | printer1:driver: config:help:NULL:RAW:NULL ' \ | localhost | | It worked okay, but when i wanted to put the hp | drivers downloaded from their | homepage it doesn't. The error with debug level 3 after some text... is: | lsa_io_sec_qos: length c does not match size 8 | result was WERR_INVALID_PARAM I doubt this is the source of your problem. But I would recommend just using a Windows client to upload the drivers. You'll have more hair left at the end of the day IMO. I'm not frowning on cupsmbadd. It's just that some drivers can be a little particular. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQv1IR7qMdg1EfYRAjrVAKCLx6qYErtsrOTrQOh0ennf9/7vtgCg5fRP ofb/DhxcRYlwMZlPzclgjF4= =DMNW -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: About drivers in print$ share
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Xavi wrote: | So my question is: is there a way from making fine | printing things such as printing two/four... pages | in a single A4 without a intermediate driver such as | FinePrint? sorry if i don't explain it very well but | my english is not the best of the world. These days, it is common to see the advanced feature of a driver pushed out to the print processor. Thus requiring the print server to support server-side rendering of the print job (a.k.a. EMF printing). Samba only supports RAW printing out of the box. So my advice is to use potentially older drivers that don't have the UNIDRV.DLL file. Long term we need a better solution for this. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQ1vIR7qMdg1EfYRAsocAKCcK70GA7S3Olr2afrzik3NiD8/zgCgn0hc rLPOO8xxr9bLdsuaQp73wuk= =sDaR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: rpcclient error / printer driver issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris McKeever wrote: | everything seems to be working good other than this strange nuance | (that doesnt seem to effect anything) | | drivers get listed twice - any ideas? or should I just | forget I saw this -- ! Fixed in 3.0.11. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQ5OIR7qMdg1EfYRAi3wAJ9CExmfOKXTNg5Bmogq1VqjagKZfgCglbEY EgX0PsuDXA2fJc0No0fv2cA= =raM5 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: | Greetings, | | We have home grown user management backend system, | and I have ported our v2.2.x passdb over to v3 type plugin. | I am able to access files and print using our backend. | I am running into trouble joining PCs to the domain. | | I am assuming the primary problem is that our | backend system doesn't have a 'root' user. | | I was hoping that assigning SeMachineAccountPrivilege | to our tech members would be enough to allow our tech | members to join computers to our domain. | ... | | So the question is it possible to gant rights | without using the Samba root user? Any other suggestions? Paul, Create a group mapping for the Domain Admins group. E.g. net groupmap modify ntgroup=Domain Admins unixgroup=ntadmins now any member of the ntadmins unix group will be able to assign privileges. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCQ4vIR7qMdg1EfYRAm8oAKDfwwWrK5p8L8C2PHQ8S4rNrxsPUACeIP4i i/vp0Z6J79ht3KWbK8DwglU= =QayZ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC authentication
I have samba 3.09 installed on a solaris 8 server with winbindd running. I want to authenticate on the pdc without creating local userids - ie. no users on the unix side. Unfortunately, it does not seems to work - winbind provides pam auth crap domain and NTLM CRAP authentication for user ... messages. Is it possible to authenticate without creating local users? thank you *** This email message is confidential to the intended recipient and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. Any unauthorized use, dissemination of the information, or copying of this message is prohibited. If you are not the intended addressee, kindly notify the sender by return e-mail and delete this message. *** -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3, member of ADS, new trust between small ADS and large one
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alan Munter wrote: | So my question is, what is going on and what can I do | to help the situation? I actually would like to just deny the | logins from the larger domain from logging in to the Samba | ADS domain computers, 'allow trusted domains = no' cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCRM2IR7qMdg1EfYRAi8TAJ48viskULY9kYU64nULGAHgC60NhwCfUMKp sRaZqiQCFCOJrFIPjiCGLmo= =sbbJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] guest ok = yes, not working(?)
I've setup a samba-3.0.11 share with [General] guest account = ftp security = domain [pub] comment = pub path = /pub read only = yes browseable = no guest ok = yes And attempts to access the share from WinXP(sp2) clients anonymously fail, Appended is the (log level 2) samba.log entries (names changed to protect the innocent): [2005/02/08 13:34:30, 2] lib/util_sock.c:open_socket_out(789) error connecting to nt4_pdc:445 (Connection refused) [2005/02/08 13:34:30, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/02/08 13:34:30, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/02/08 13:34:30, 3] auth/auth.c:check_ntlm_password(268) check_ntlm_password: guest authentication for user [] succeeded [2005/02/08 13:34:30, 2] lib/access.c:check_access(324) Allowed connection from (CLIENT_IP) [2005/02/08 13:34:30, 2] lib/util_sock.c:open_socket_out(789) error connecting to nt4_pdc:445 (Connection refused) [2005/02/08 13:34:30, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/02/08 13:34:30, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/02/08 13:34:30, 2] lib/util_sock.c:open_socket_out(789) error connecting to nt4_pdc:445 (Connection refused) [2005/02/08 13:34:30, 0] auth/auth_domain.c:domain_client_validate(199) domain_client_validate: unable to validate password for user Administrator in domain DOMAIN to Domain controller \\MSTAT. Error was NT_STATUS_WRONG_PASSWORD. [2005/02/08 13:34:30, 2] auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [Administrator] - [Administrator] FAILED with error NT_STATUS_WRONG_PASSWORD [2005/02/08 13:34:30, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 13:34:30, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 13:34:30, 2] lib/util_sock.c:open_socket_out(789) error connecting to nt4_pdc:445 (Connection refused) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain SID issue
On Tuesday 08 February 2005 19:55, you wrote: Samba List Unetix wrote: | show the OLD-SID again, | net getlocalsid : returns OLD-SID | net getlocalsid DOMAIN : returns OLD-SID | net getlocalsid samba-machine : returns OLD-SID | | but : | net rpc info target samba-machine : returns: | Domain Name: DOMAIN | Domain SID: NEW-SID ! | | So how is that possible , why returns net | getlocalsid the OLD-SID and net rpc info | target samba-machine the NEW-SID. The SID is read from secrets.tdb upon startup. Did you restart smbd ? I did a killall -HUP smbd , but maybe that's not the way to do it, for an actual restart I have to wait for approval from the local administrator of that company because there are important programs running from that server on windows machines that crash when samba gets restarted, it is not allowed for the samba machine to ever be down, the upgrade was quite a hassle because samba definitely had to be restarted , but the benefits of no printer queue problems anymore where tempting so he agreed. I'll try to phone him , but h'll be angry because it's 8 in the evening and he wants quality time with his family, me not I work 24/7, I'm a robot. Thanks , I thought allready that would be the case , but needed assurance. I restarted samba and indeed , it gives now the OLD-SID back. So net getlocalsid retrieves it straight from secrets.tdb and net rpc inquires the running smbd process which returns the SID it keeps in memory from reading the secrets.tdb at first start-up ? Thanks Wim Bakker -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Away till 12th February.
Hi, I am away till 12th February. For urgent issues contact Sanjeev Gupta. Thanks. -- Venkat +65 9855 1209 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Domain SID issue
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Samba List Unetix wrote: | The SID is read from secrets.tdb upon startup. Did you restart | smbd ? | | I did a killall -HUP smbd , but maybe that's not the way to do it, Nope. it will take an actual restart here. | So net getlocalsid retrieves it straight from | secrets.tdb and net rpc inquires the running smbd | process which returns the SID it keeps in memory | from reading the secrets.tdb at first start-up ? Correct. Unless someone changed the code and I didn't see it. That is how iot works. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCRzHIR7qMdg1EfYRAizBAKDI8WhWxkSe0rDyO3xLm5RfUXvGOwCg1hlk H70AxbYRse4MQT/XJ+VecBQ= =sn+k -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
On Tue, Feb 08, 2005 at 01:08:31PM -0600, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: | Greetings, | | We have home grown user management backend system, | and I have ported our v2.2.x passdb over to v3 type plugin. | I am able to access files and print using our backend. | I am running into trouble joining PCs to the domain. | | I am assuming the primary problem is that our | backend system doesn't have a 'root' user. | | I was hoping that assigning SeMachineAccountPrivilege | to our tech members would be enough to allow our tech | members to join computers to our domain. | ... | | So the question is it possible to gant rights | without using the Samba root user? Any other suggestions? Paul, Create a group mapping for the Domain Admins group. E.g. net groupmap modify ntgroup=Domain Admins unixgroup=ntadmins now any member of the ntadmins unix group will be able to assign privileges. cheers, jerry Thanks, but still no go. 1 - I am now a member of ntadmins. % id uid=2381(paulg) gid=1000(tech) groups=1000(tech),512(ntadmins),5001(intern),11000(macadm),32000(tdb),32030(webapp),31002(wwwprism) 2 - as root I then did this: net groupmap modify ntgroup=Domain Admins unixgroup=ntadmins net groupmap list System Operators (S-1-5-32-549) - -1 Replicators (S-1-5-32-552) - -1 Guests (S-1-5-32-546) - -1 Domain Admins (S-1-5-21-1048414848--xx-512) -ntadmins Domain Guests (S-1-5-21-1048414848--xx-514) - -1 Power Users (S-1-5-32-547) - -1 Print Operators (S-1-5-32-550) - -1 Administrators (S-1-5-32-544) - -1 Account Operators (S-1-5-32-548) - -1 Domain Users (S-1-5-21-1048414848-xx-xx-513) - -1 Backup Operators (S-1-5-32-551) - -1 Users (S-1-5-32-545) - -1 3 - Now try to assign SeMachineAccountPrivilege to paulg net rpc rights grant 'PAULWG\paulg' SeMachineAccountPrivilege Password: [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] rpc_client/cli_pipe.c:rpc_api_pipe(435) cli_pipe: return critical error. Error was Call returned zero bytes (EOF) [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] rpc_client/cli_pipe.c:rpc_api_pipe(435) cli_pipe: return critical error. Error was Call returned zero bytes (EOF) Anymore tips or suggestions ? Thanks Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba v3.0.11 assigning privileges with custom pdb plugin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Paul Griffith wrote: | net rpc rights grant 'PAULWG\paulg' SeMachineAccountPrivilege | Password: | | [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] | rpc_client/cli_pipe.c:rpc_api_pipe(435) | cli_pipe: return critical error. Error was Call returned zero bytes | (EOF) | [2005/02/08 15:19:48, 0, effective(5989, 6000), real(5989, 6000)] | rpc_client/cli_pipe.c:rpc_api_pipe(435) | cli_pipe: return critical error. Error was Call returned zero bytes | (EOF) Paul, Sorry. You misunderstood. Members of the domain admins group can *assign* rights. So the command would be something like: net -S server -U 'PAULWG\paulg' rpc rights grant \ 'PAULWG\Domain Admins' SeMachineAccountPrivilege of course, replace Domain Admins with whatever group you choose. cheers, jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCSPYIR7qMdg1EfYRAqtKAJ9ngecBAaNsdNISz3ZJgfoMkyjYgQCg8UVI j4z21RWBJByTqzB5z4W1mA0= =UGGa -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3, member of ADS, new trust between small ADS and large one
It works! Just confirmed that this solved the problem. Thanks, Jerry! On Tue, 2005-02-08 at 14:29, Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alan Munter wrote: | So my question is, what is going on and what can I do | to help the situation? I actually would like to just deny the | logins from the larger domain from logging in to the Samba | ADS domain computers, 'allow trusted domains = no' cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCRM2IR7qMdg1EfYRAi8TAJ48viskULY9kYU64nULGAHgC60NhwCfUMKp sRaZqiQCFCOJrFIPjiCGLmo= =sbbJ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Troubles creating machine trust accounts
I have set up several machine trusts with samba and they have worked correctly. However for some reason the last machine accounts I tried to make are not working correctly. Here is what I did to create the trust accounts: useradd -g machines -d /dev/null -c ids8 -s /bin/false ids8$ passwd -l ids8$ (it even tells me that I have success) smbpaswd -a -m ids8 ids8 of course being the machine name. So I try to connect my machine to the domain and it give me an access denied, it basically is acting like it can not create the trust relationship between samba and the workstation and not even allowing root to log in. When I checked the smbpasswd file I noticed that all of the successfull accounts had X's instead of a password hash, but the machine accounts that I made since this problem have actual numbers in the password has column of the entry. Any help would be greatly appreciated, and I will provide any information you think would be usefull in resolving this problem. -- Respectfully yours, Jason Self Electrical Designer / Network Administrator Intertech Design Services, Inc. Get Firefox http://getfirefox.com/Get Thunderbird http://www.mozilla.org/products/thunderbird/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] samba 3.0.11, security=server and smbpasswd as fallback not working
Hi, with samba 2.2.12 a user was able to connect to a share with his local smbpasswd if he had no user on the password server. I updated the samba server to 3.0.11 and this is not working anymore. I kept the config files and the smbpasswd file. The smb.conf man page describes old behavior, but if the password server rejects the password the connection gets terminated with NT_STATUS_LOGON_FAILURE. Is there anything I have to change in the config? The smb.conf is an old version from the beginning of samba 2.x, but it worked fine until now. Any ideas? Ralf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Joining a domain with a non-administrator account
I'm trying to set it up so I can join the domain with a regular user that is part of the domain admin group. I have a user dsonenberg that is in the domain admin group(512), but I can't join the domain with that account. For the record I can login with that account and Administrator can join the domain. The PDC has an LDAP backend. Here's the log. 2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:25, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:25, 2] smbd/server.c:exit_server(571) Closing connections [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:26, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2005/02/08 10:26:26, 2] smbd/server.c:exit_server(571) Closing connections -- David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane 15th Floor New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Basic Samba functionality under SuSE 9.2
At 08:00 PM 2/8/2005 +, you wrote: On Tuesday 08 February 2005 11:55 am, Tom Peters wrote: I'm trying to get Samba 3.0.9-2.3 to work under Suse 9.2. This my very first Linux install and I'm a little at sea here. There are so many things that could be wrong I don't know where to start. The Windows machine I'm using as a client has TCP/IP, file/printer sharing, and Client for MS networks. He can't see the linux machine's (Tolkien) shares, but he can ping him. This might be a name services issue because issuing a net command at the windows box to enumerate the shares (I think that's net view) of the form NET VIEW \\TOLKIEN results in a timeout and error, but NET VIEW \\172.20.0.5 results in a correct list of the shares I've configured on the box! C:\WINDOWSnet view \\172.20.0.5 Shared resources at \\172.20.0.5 Samba 3.0.9-2.3-SUSE Share name Type Used as Comment --- archive Diskarchived files I'm confused about the firewall on SuSE; it's enabled and maybe it shouldn't be. All boxes on this little network are on a switch which goes to a router, thence to my DSL modem. I'm not using the SuSE box as a gateway, it's just on another switch port like the Windows boxes. The firewall has the same interface defined as the inside port and the outside port. But the YAST GUI for configuring Samba has a checkbox for opening all appropriate firewall ports, and I did that. I went back to check and it's still checked. For grins, I portscanned tolkien. TCP ports open are: 21, 22, 25, 110, 139, 445. UDP ports: None. I tried this: net use k: \\172.20.0.5\archive It works! Well, almost. It prompts for username and password, and username and pw I use to login at the linux box doesn't work. root with his password works. I need to get some permissions issues ironed out later. You need to start nmbd on the Linux box. Make sure that it is not a local, domain, or preferred master, and that the OS level is low (5 or so). Misty Ok, thanks for that info. A few questions, remembering that this is my first Linux box: 1. Doesn't this seem to imply that nmbd is running already? tolkien:~ # ps -ef|grep nmbd root 4036 1 0 10:35 ?00:00:00 /usr/sbin/nmbd -D -s /etc/samba/ 2. There is a config step in YAST setup of Samba that asks, in a dialog called Base Settings, for Workgroup or Domain Name and Domain Controller. Under WG or DN I have Rivendell, which is the name of the workgroup that all the WIndows boxes use to talk to each other. It's not further qualified, it's just the one lowercase word. Under Domain controller, it's a pulldown, and the two choices are: Primary (PDC) and No DC and I picked Primary (PDC). Is that a bad choice? 3. I don't see where to set OS level or understand what you mean by that. You don't mean runlevel, I think. You can live to be a hundred if you give up all the things that make you want to live to be a hundred. -- Woody Allen --... ...-- -.. . -. . --.- --.- -... [EMAIL PROTECTED] (remove nospam) N9QQB (amateur radio) HEY YOU (loud shouting) WEB ADDRESS http//www.mixweb.com/tpeters 43° 7' 17.2 N by 88° 6' 28.9 W, Elevation 815', Grid Square EN53wc WAN/LAN/Telcom Analyst, Tech Writer, MCP, Cisco Certified CCNA -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: guest ok = yes, not working(?)
Rex Dieter wrote: I've setup a samba-3.0.11 share with [General] guest account = ftp security = domain [pub] comment = pub path = /pub read only = yes browseable = no guest ok = yes And attempts to access the share from WinXP(sp2) clients anonymously fail. Found it! (documented at http://de.samba.org/samba/docs/man/smb.conf.5.html#SECURITY) Turns out, when using other than security = share one needs to set (in [General] ) map to guest = Bad User to make guest ok work. -- Rex -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining a domain with a non-administrator account
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Sonenberg wrote: | I'm trying to set it up so I can join the domain with | a regular user that is part of the domain admin group. I | have a user dsonenberg that is in the domain admin | group(512), but I can't join the domain with that | account. For the record I can login with that | account and Administrator can join the domain. The | PDC has an LDAP backend. Here's the log. Are you running 3.0.11 ? Did you set 'enable privileges = yes' ? Did you grant the SeMachineAccountPrivilege to the 'DOMAIN\Domain Admins' group ? cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCTG7IR7qMdg1EfYRAuUiAJ4zAZ+zEE7WyTCeSDey+SIZ1cwrcQCg465K 8pGYu43aSucE+A05hZb4pVM= =alRe -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Core dump starting smbd
Apparently the group didn't like my fancy e-mail format. Here's another try: I tried installing samba 2.2.12 on SCO Openserver 5.0.6 today. Installation went fairly smoothly, but I have the following problems: 1) Smbd fails with a core dump. 2) Testparm fails with the message : Insufficient or invalid memory Error loading services. 3) When I access the swat webpage, all the links take me to what appears to be the main page. 4) The button images to not appear on the swat webpage. I'm hoping there's a connection between all these failures. Eric Maher Systems Analyst Slocum-Dickson Medical Group, PLLC [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Joining a domain with a non-administrator account
In Active Directory, make sure the console is view-Advance Features. In the OU there should be a computer account for this machine. Open it and go to the security tab. Click on the add button, then add the user you are using with kinit. Go to the permissions section for this user, make sure he has the following permissions or checked to allow: Read, Write, Reset Password, Validate Write to DNS Hostname, Validate Write to Service Principal Name. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Sonenberg Sent: Tuesday, February 08, 2005 8:14 AM To: samba@lists.samba.org Subject: [Samba] Joining a domain with a non-administrator account I'm trying to set it up so I can join the domain with a regular user that is part of the domain admin group. I have a user dsonenberg that is in the domain admin group(512), but I can't join the domain with that account. For the record I can login with that account and Administrator can join the domain. The PDC has an LDAP backend. Here's the log. 2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:25, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:25, 2] smbd/server.c:exit_server(571) Closing connections [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:26, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2005/02/08 10:26:26, 2] smbd/server.c:exit_server(571) Closing connections -- David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane 15th Floor New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba 3.0.11, security=server and smbpasswd as fallback not working
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralf Gross wrote: | Hi, | | with samba 2.2.12 a user was able to connect to a share with his local | smbpasswd if he had no user on the password server. I updated the samba | server | to 3.0.11 and this is not working anymore. I kept the config files and the | smbpasswd file. The smb.conf man page describes old behavior, but if the | password server rejects the password the connection gets terminated | with NT_STATUS_LOGON_FAILURE. Fallover to the next auth method only occurs when the current auth method (e.g. the remote server) returns NT_STATUS_NOT_IMPLEMENTED I think. This is by design. You'll have better luck setting 'auth methods = guest sam_ignoredomain smbserver' But I rarely ever recommend setting the 'auth methods' parameter. So keep that in mind. This will authenticate first against the smbpasswd and the fall over to server authentication if the user is not listed in the smbpasswd file. Last recommendation, you should really explore security = domain. security = server has been deprecated. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCCTKxIR7qMdg1EfYRArwHAKCc1pRxuELCCkTbyJHhiAPRnB5aBACdEUYH DodgGGckT0AirH0CQeclZB8= =EuEP -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Joining a domain with a non-administrator account
I guess I wasn't clear. My PDC is samba box. It's not Active Directory. Wayne Rasmussen wrote: In Active Directory, make sure the console is view-Advance Features. In the OU there should be a computer account for this machine. Open it and go to the security tab. Click on the add button, then add the user you are using with kinit. Go to the permissions section for this user, make sure he has the following permissions or checked to allow: Read, Write, Reset Password, Validate Write to DNS Hostname, Validate Write to Service Principal Name. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Sonenberg Sent: Tuesday, February 08, 2005 8:14 AM To: samba@lists.samba.org Subject: [Samba] Joining a domain with a non-administrator account I'm trying to set it up so I can join the domain with a regular user that is part of the domain admin group. I have a user dsonenberg that is in the domain admin group(512), but I can't join the domain with that account. For the record I can login with that account and Administrator can join the domain. The PDC has an LDAP backend. Here's the log. 2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:25, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:25, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:25, 2] smbd/server.c:exit_server(571) Closing connections [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511) init_sam_from_ldap: Entry found for user: dsonenberg [2005/02/08 10:26:26, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011) init_group_from_ldap: Entry found for group: 512 [2005/02/08 10:26:26, 2] auth/auth.c:check_ntlm_password(305) check_ntlm_password: authentication for user [dsonenberg] - [dsonenberg] - [dsonenberg] succeeded [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_object(93) _samr_open_domain: ACCESS DENIED (requested: 0x0211) [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482) Returning domain sid for domain STROZLLC - S-1-5-21-1001378032-4272845324-1772824492 [2005/02/08 10:26:26, 2] rpc_server/srv_samr_nt.c:access_check_samr_function(115) _samr_create_user: ACCESS DENIED (granted: 0x0201; required: 0x0010) [2005/02/08 10:26:26, 2] smbd/server.c:exit_server(571) Closing connections -- David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane 15th Floor New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- David Sonenberg Systems / Network Administrator Stroz Friedberg, LLC 15 Maiden Lane 15th Floor New York, NY 10038 212.981.6527 (o) | 917.495.4918 (c) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Operation not permitted mounting samba-share via cifs
Christian Anton wrote: Hi everybody, I want to use my samba-shared Homedirectory from my Linux-Server on my Linux-workstation. I was using smbfs until now, but since i upgraded my hardware i'm not any more able to use smbfs, i get error-messages (timeouts) in the kernel logs and I/O-Errors on the console. Having this problems i read about cifs and that's much better, nicer, sexyer and faster than smbfs. The two public-accesible shares runs very nice and very performant, much better than ever. I'm mounting them as user 'chris' having the following lines in my /etc/fstab: //serv01.kdorf.local/Fileman /mnt/Filemanagement cifs user,noauto,guest,uid=501,gid=100 0 0 //serv01.kdorf.local/Ablage /mnt/Ablage cifs user,noauto,guest,uid=501,gid=100 0 0 Now i'm wanting to mount //serv01/chris on /mnt/chris on my machine, also using cifs. I'm trying as root with the following command: mount -t cifs //serv01/chris /mnt/temp -o user=chris,password=password,uid=501,gid=100 and get: mount error 1 = Operation not permitted Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) The samba-log looks something like this: schnipp --- [2005/02/07 17:05:27, 3] smbd/oplock.c:init_oplocks(1302) open_oplock_ipc: opening loopback UDP socket. [2005/02/07 17:05:27, 3] smbd/oplock_linux.c:linux_init_kernel_oplocks(303) Linux kernel oplocks enabled [2005/02/07 17:05:27, 3] smbd/oplock.c:init_oplocks(1333) open_oplock ipc: pid = 22435, global_oplock_port = 33239 [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 0 of length 51 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBnegprot (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_negprot(457) Requested protocol [NT LM 0.12] [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_nt1(323) not using SPNEGO [2005/02/07 17:05:27, 3] smbd/negprot.c:reply_negprot(545) Selected protocol NT LM 0.12 [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 1 of length 242 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBsesssetupX (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655) wct=13 flg2=0xc001 [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(789) Domain=[] NativeOS=[Linux version 2.6.10-gentoo-r7] NativeLanMan=[CIFS VFS Client for Linux] PrimaryDomain=[] [2005/02/07 17:05:27, 2] smbd/sesssetup.c:setup_new_vc_session(608) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2005/02/07 17:05:27, 3] smbd/sesssetup.c:reply_sesssetup_and_X(804) sesssetupX:[EMAIL PROTECTED] [2005/02/07 17:05:27, 3] smbd/sesssetup.c:check_guest_password(116) Got anonymous request [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:push_sec_ctx(256) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/uid.c:push_conn_ctx(365) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] auth/auth.c:check_ntlm_password(268) check_ntlm_password: guest authentication for user [] succeeded [2005/02/07 17:05:27, 3] smbd/process.c:process_smb(1092) Transaction 2 of length 84 [2005/02/07 17:05:27, 3] smbd/process.c:switch_message(887) switch message SMBtconX (pid 22435) conn 0x0 [2005/02/07 17:05:27, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2005/02/07 17:05:27, 3] smbd/service.c:find_service(145) checking for home directory chris gave
[Samba] upgrade to 3.0.11, lost domain control
Hello-- I upgraded my RH9 samba PDC server from 3.0.9pre3 to 3.0.11 using packaged RH9 rpm from samba site, using rpm -U samba*rpm. no complaints from rpm. samba stops/starts fine. However, clients can no longer log in to domain. All clients (W2k,XP) get the same error message The system could not log you on,...etc. clients can mount samba shares, however. I saved a copy of /etc/samba before the upgrade, and copied old secrets.tdb smbpasswd to /etc/samba/., but this made no difference, I still have no domain control. Im at a loss to where to go next and this will really be a drag tommorrow when everyone comes in to work if I cant get domain control working again thanks--- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] upgrade to 3.0.11, lost domain control
Hello-- I upgraded my RH9 samba PDC server from 3.0.9pre3 to 3.0.11 using packaged RH9 rpm from samba site, using rpm -U samba*rpm. no complaints from rpm. samba stops/starts fine. However, clients can no longer log in to domain. All clients (W2k,XP) get the same error message The system could not log you on,...etc. clients can mount samba shares, however. I saved a copy of /etc/samba before the upgrade, and copied old secrets.tdb smbpasswd to /etc/samba/., but this made no difference, I still have no domain control. Im at a loss to where to go next and this will really be a drag tommorrow when everyone comes in to work if I cant get domain control working again thanks--- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba for solaris
Emilio, go to www.sunfreeware.com. You'll find a whole bunch of stuff including Samba 3.0.10 for solaris 9! spike Emilio Brusa wrote: Hi: I need install in one solaris9-sparc Samba, but in the http://us4samba.org/ftp/Binary_Packages/solaris/ http://us4samba.org/ftp/Binary_Packages/solaris/ I dont see the binaries. Somebody could please help me to find samba for solaris sparc. Thanks a lot E. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.11 won't compile on Solaris 8
Samba 3.0.11 won't compile on my Solaris 8 machine. It keeps getting compile errors in clitar, although I am using exactly the same configuration options as in Samba 3.0.10. Here is the basic configuration from config.log $ ./configure --with-ldap --with-ads --with-acl-support --with-pam --with-krb5=/usr/local --enable-shared --without-gnu-ld --with-mysql-prefix=/usr/local/mysql --enable-cups --with-xml-prefix=/usr/local/lib/ --with-python ## - ## ## Platform. ## ## - ## hostname = geobase1 uname -m = sun4u uname -r = 5.8 uname -s = SunOS uname -v = Generic_117350-05 ... ## --- ## ## Core tests. ## ## --- ## configure:1765: checking for gcc configure:1791: result: gcc configure:2035: checking for C compiler version configure:2038: gcc --version /dev/null 5 gcc (GCC) 3.4.1 The program errors read as follows- Compiling client/client.c client/client.c: In function `do_get': client/client.c:699: warning: passing arg 4 of `cli_getattrE' from incompatible pointer type client/client.c: In function `do_put': client/client.c:1075: warning: passing arg 4 of `cli_getattrE' from incompatible pointer type Compiling client/clitar.c client/clitar.c:91: error: parse error before '*' token client/clitar.c:91: warning: data definition has no type or storage class client/clitar.c: In function `tar_parseargs': client/clitar.c:1754: error: `regex_t' undeclared (first use in this function) client/clitar.c:1754: error: (Each undeclared identifier is reported only once client/clitar.c:1754: error: for each function it appears in.) client/clitar.c:1754: error: parse error before ')' token client/clitar.c:1760: error: `errcode' undeclared (first use in this function) client/clitar.c:1760: error: `REG_EXTENDED' undeclared (first use in this function) client/clitar.c: At top level: client/clitar.c:1775: error: parse error before if client/clitar.c:1797: error: redefinition of 'dry_run' client/clitar.c:94: error: previous definition of 'dry_run' was here client/clitar.c:1797: warning: data definition has no type or storage class client/clitar.c:1798: error: parse error before '}' token client/clitar.c:1799: error: non-static declaration of 'tarhandle' follows static declaration client/clitar.c:118: error: previous declaration of 'tarhandle' was here client/clitar.c:1799: warning: data definition has no type or storage class client/clitar.c:1800: error: parse error before '}' token gmake: *** [client/clitar.o] Error 1 Thanks in advance for any help. Celeste Suliin Burris Systems Administrator Tacoma Economic Development Department Phone - 253-591-5093 Email - [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Re: upgrade to 3.0.11, lost domain control
I have determined that members of the root group can logon to domain, no problem. If you are not a member of the unix root group, you are sol... file permissions somewhere not right? please, i dont want to have to add all my users to root group before tomorrow morning ;-) g Gordon Russell wrote: Hello-- I upgraded my RH9 samba PDC server from 3.0.9pre3 to 3.0.11 using packaged RH9 rpm from samba site, using rpm -U samba*rpm. no complaints from rpm. samba stops/starts fine. However, clients can no longer log in to domain. All clients (W2k,XP) get the same error message The system could not log you on,...etc. clients can mount samba shares, however. I saved a copy of /etc/samba before the upgrade, and copied old secrets.tdb smbpasswd to /etc/samba/., but this made no difference, I still have no domain control. Im at a loss to where to go next and this will really be a drag tommorrow when everyone comes in to work if I cant get domain control working again thanks--- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.11 won't compile on Solaris 8
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 8 Feb 2005, Celeste Suliin Burris wrote: Samba 3.0.11 won't compile on my Solaris 8 machine. It keeps getting compile errors in clitar, although I am using exactly the same configuration options as in Samba 3.0.10. Hmmmthis file hasn't changed since 3.0.10. Here is the basic configuration from config.log $ ./configure --with-ldap --with-ads --with-acl-support --with-pam --with-krb5=/usr/local --enable-shared --without-gnu-ld --with-mysql-prefix=/usr/local/mysql --enable-cups --with-xml-prefix=/usr/local/lib/ --with-python Compiling client/clitar.c client/clitar.c:91: error: parse error before '*' token client/clitar.c:91: warning: data definition has no type or storage class Wonder why it is failing with #ifdef HAVE_REGEX_H ? That macro is not defined anywhere. We don't even test for regex.h anyways. Can you check and see where HAVE_REGEX_H is defined. cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFCCWhzIR7qMdg1EfYRAkUHAJ4s44CVbRrc9eNOB8oV7t1FRGfs6QCgptEp SMdzmV4OyJ9IUWf5Cc0uKHg= =t+gN -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] upgrade to 3.0.11, lost domain control
Have you checked the domain for a master browser? It's possible that a Windows XP (or other) client has taken over whilst smbd was down. Do a browstat status from an XP machine and see what it reports. You may need to force a browser election. Justin On Wed, 2005-02-09 at 08:20, Gordon Russell wrote: Hello-- I upgraded my RH9 samba PDC server from 3.0.9pre3 to 3.0.11 using packaged RH9 rpm from samba site, using rpm -U samba*rpm. no complaints from rpm. samba stops/starts fine. However, clients can no longer log in to domain. All clients (W2k,XP) get the same error message The system could not log you on,...etc. clients can mount samba shares, however. I saved a copy of /etc/samba before the upgrade, and copied old secrets.tdb smbpasswd to /etc/samba/., but this made no difference, I still have no domain control. Im at a loss to where to go next and this will really be a drag tommorrow when everyone comes in to work if I cant get domain control working again thanks--- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: upgrade to 3.0.11, lost domain control
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 8 Feb 2005, Gordon Russell wrote: I have determined that members of the root group can logon to domain, no problem. If you are not a member of the unix root group, you are sol... file permissions somewhere not right? please, i dont want to have to add all my users to root group before tomorrow morning ;-) g I would look for name resolution issues. Perhaps you have a bad wins.dat. Also get a level 10 debug log from smbd and `grep NT_STATUS log.smbd | grep -v OK`. Then locate any messages in the log file such as ACCESS_DENIED, NONE_MAPPED, etc... cheers, jerry = Alleviating the pain of Windows(tm) --- http://www.samba.org GnuPG Key- http://www.plainjoe.org/gpg_public.asc I never saved anything for the swim back. Ethan Hawk in Gattaca -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQFCCWlHIR7qMdg1EfYRAjDAAKDxPQzy5GxsmYL1f2wQPdMzc5ZNpQCcCGyt GEHebWqipITMq40fdgxiSQE= =LPx3 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: upgrade to 3.0.11, lost domain control
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 8 Feb 2005, Gordon Russell wrote: I have determined that members of the root group can logon to domain, no problem. If you are not a member of the unix root group, you are sol... file permissions somewhere not right? please, i dont want to have to add all my users to root group before tomorrow morning ;-) g I would look for name resolution issues. Perhaps you have a bad wins.dat. Also get a level 10 debug log from smbd and `grep NT_STATUS log.smbd | grep -v OK`. Then locate any messages in the log file such as ACCESS_DENIED, NONE_MAPPED, etc... I had upped the debug level to 3 and started seeing NT_STATUS_WRONG_PASSWORD errors when users were failing to log in. I reset those users passwords in smbpasswd and passwd and everything works fine. At this point I have about 6 out of 50+ users whose passwords seem to have been corrupted for some reason. -- the root group logon was a red herring. As usual, thanks for the quick responses and great work gordon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] 3.0.11 - configure can't see ldap.h
Gerald (Jerry) Carter wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mike wrote: | As my luck would have it, OpenLDAP won't configure now. | | configure: error: BDB/HDB: BerkeleyDB version incompatible add --enable-slapd=no to configure for openldap). You only need the client libs. Thanks. =] So here is where I am at now. BerkeleyDB - built and installed OpenLDAP - built and installed Samba - got past the ldap.h configure issue and got past a krb5.h after that. Now I'm stuck on this: # CPPFLAGS=-I/usr/include/kerberosV # LDFLAGS=-L/usr/lib # export CPPFLAGS LDFLAGS # ./configure --with-ldap --with-ads snip # configure: error: libkrb5 is needed for Active Directory support If I do a directory listing: # ls -al /usr/lib/ | grep libkrb5 -r--r--r-- 5 root bin 648772 Sep 17 11:01 libkrb5.a -r--r--r-- 4 root bin 457791 Mar 29 2004 libkrb5.so.13.0 -r--r--r-- 4 root bin 459006 Sep 17 11:02 libkrb5.so.14.0 -r--r--r-- 5 root bin 704612 Sep 17 11:01 libkrb5_p.a -r--r--r-- 4 root bin 689852 Sep 17 11:02 libkrb5_pic.a OpenBSD comes with Heimdal Kerberos 5. I have seen other posts on the Google groups with this same problem, but no solutions. I am thinking the specific file name it's looking for is not present and that I may need to symlink? Or how do I verify what version of Heimdal I have installed? Here is part of the config.log: configure: failed program was: | /* confdefs.h. */ | | #define PACKAGE_NAME | #define PACKAGE_TARNAME snip #define HAVE_COM_ERR_H 1 | /* end confdefs.h. */ | | /* Override any gcc2 internal prototype to avoid an error. */ | #ifdef __cplusplus | extern C | #endif | /* We use char because int might match the return type of a gcc2 |builtin and then its argument prototype would still apply. */ | char krb5_mk_req_extended (); | int | main () | { | krb5_mk_req_extended (); | ; | return 0; | } configure:29365: result: no -- Regards, Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Compile on RHAS/RHEL3?
List, both on RHAS3 update3, update 4, Samba source code 3.0.9 thru 11 gives SIGSEGVs on make check. Installing the buggers and trying to run them gives the same. *THOUGH*. The Red Hat beta 3.0.9 srpm at fr2.rpmfind.net comples and runs like a little sun (net als een zonnetje, in Dutch). Anyone compiled Samba 3.0.11 on Red Hat RHAS3/RHEL3? Not how, just yes, please ;) I'll get onto you by private mail if yes, otherwise I won't bother you. --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Logon Hours problems (Slackware)
Thanks for your reply. Wow ! That is weird. I've changed it to be UTC-based. hopefully it helps. If I'm still battling I'll try setting my time zone to Athens and see what happens ? Perhaps this will be fixed in Slackware 10.1 ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, February 08, 2005 5:19 PM Subject: Re: [Samba] Re: Logon Hours problems (Slackware) My setup was also on Slackware 10, and the time zone was correct, but still the time was incorrect, and changing strangely on every reboot (it was a dual-boot machine). I suppose it is a bug in Slackware 10. Besides, even the time zone is the same as yours - GMT+2. /etc/localtome is a symlink to some file in /usr/share/zoneinfo. The fact is, Athens and Sofia are in the same time zone, but when symlink points to Athens, everything is o.k., when the symlink points to Sofia time is incorrect. On Tuesday 08 February 2005 08:13, David Wilson wrote: Oh hell ! Mmm.. :) I wonder how to solve this ? My /etc/localtime has a whole lot of gibberish in it, but it does say SAST at the end. I assume my timezone is set correctly then ? Perhaps I should just try setting the timezone to GMT/UTC ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: [EMAIL PROTECTED] To: David Wilson [EMAIL PROTECTED] Sent: Monday, February 07, 2005 1:27 PM Subject: Re: [Samba] Re: Logon Hours problems (Slackware) I observed this problem on Slackware 10.0 :) On Sunday 06 February 2005 10:51, you wrote: Hi, Thanks for your reply. I'll check /etc/localtime and see if it's a similar thing to what you had. Thanks for your assistance. Just for reference this is a Slackware-10.0 box and the timezone was set to GMT+2 (SAST) by using timeconfig. Perhaps someone else has picked up this issue when using Slackware too ? Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, February 04, 2005 1:45 PM Subject: Re: [Samba] Re: Logon Hours problems (really stuck) I had some similar time problems with some versions of glibc. The solution was to point the link /etc/localtime from Sofia to Athens (we are in the same time zone). May be you could point that to some other city in the same time zone? On Thursday 03 February 2005 10:23, David Wilson wrote: Hi guys, Unfortunately this is still happening I've tried restarting Samba. Users who should be denied access after 21:00 are being denied access at 19:00. Our time zone in South Africa is GMT+2. Perhaps I should set the timezone on the server to UTC/GMT ? Do you think this will help ? Should I then leave the time set to the current time in South Africa ? Or should I set the time to the time at UTC/GMT ? There's something I must be missing here. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: David Wilson [EMAIL PROTECTED] To: david rankin [EMAIL PROTECTED]; samba samba@lists.samba.org Sent: Monday, January 31, 2005 8:48 AM Subject: Re: [Samba] Re: Logon Hours problems (really stuck) Hi David, Nice name ! :) Thanks for your reply. I'm pretty sure I did restart Samba, to double check I will restart it again this evening. Kindest regards David Wilson ___ D c D a t a Tel +27 33 342 7003 Fax +27 33 345 4155 Cell +27 82 4147413 http://www.dcdata.co.za [EMAIL PROTECTED] Powered by Linux, driven by passion ! ___ Computers are not intelligent. They only think they are. - Original Message - From: david rankin [EMAIL PROTECTED] To: samba samba@lists.samba.org Sent: Saturday, January 29, 2005 5:40 PM Subject: Re: [Samba] Re: Logon Hours
svn commit: samba-web r545 - in trunk/support: .
Author: deryck Date: 2005-02-08 17:07:33 + (Tue, 08 Feb 2005) New Revision: 545 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=545 Log: Adding 2 companies to support lists per the individual company rep's request. deryck Modified: trunk/support/argentina.html trunk/support/germany.html Changeset: Modified: trunk/support/argentina.html === --- trunk/support/argentina.html2005-02-04 20:54:58 UTC (rev 544) +++ trunk/support/argentina.html2005-02-08 17:07:33 UTC (rev 545) @@ -17,4 +17,25 @@ basadas en tecnologiacute;as libres, automatizacioacute;n de tareas y optimizacioacute;n de recursos. Ofrecemos consultoriacute;a y capacitacioacute;n; y la recuperacioacute;n de informacioacute;n y sistemas. -/small/pre \ No newline at end of file +/small/pre + + +!-- Added: 08 February 2005 -- +hr / +presmall +diff Informaacute;tica +a href=http://www.diff.com.ar;http://www.diff.com.ar/a ++54 - 358 - 4647695 +Gral. Paz 563 P.B. +(X5800ACK) Riacute;o Cuarto, Coacute;rdoba, Argentina. + +Especialistas en la instalacioacute;n de servidores Samba sobre GNU/Linux. +Contamos con amplia experiencia en migraciones desde sistemas Windows NT/2000 +y Novell Netware a GNU/Linux con Samba, tanto en PyMES como en grandes empresas. +Proveemos servicios de consultoriacute;a, soporte y capacitaciioacute;n de +personal teacute;cnico. Brindamos soluciones integrales basadas en software +libre. +/small/pre + + +!--#include virtual=footer_support.html-- Modified: trunk/support/germany.html === --- trunk/support/germany.html 2005-02-04 20:54:58 UTC (rev 544) +++ trunk/support/germany.html 2005-02-08 17:07:33 UTC (rev 545) @@ -276,7 +276,40 @@ /small/pre +!-- Added: 08 February 2005 -- +hr / +h3Lage/h3 +presmall +OSSystems.de - IT-Service +Christian Augustin +Kleinenheide 33 +D-32791 Lage +TEL: +49 (0) 52 32 / 69 75 91 +Fax: +49 (0) 52 32 / 69 75 89 + +Web: a href=http://www.ossystems.de;http://www.ossystems.de/a +Email: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a + +Ihr IT-Dienstleister fuuml;r einfach zu bedienende, sichere und kostenguuml;nstige +Open Source-Louml;sungen. Wir analysieren, beraten und entwickeln Konzepte fuuml;r +Ihr Unternehmen. + +Wir sind Spezialisten fuuml;r GNU/Linux und Applikationen, die auf Freier Software +und auf Open Source Software basieren. Kompetente Schulungen, exzellenter +Service und hilfreicher Support sind unsere Basis fuuml;r eine langfristige +Kundenbeziehung. + +Wir administrieren Ihr Netzwerk, Ihre Server und Workstations ebenso Ihre +Firewall oder Ihren Virenschutz. Wir managen heterogene Netzwerke mit +folgenden Betriebssystemen: + +LINUX, UNIX, MAC amp; WINDOWS + +Ihr Open Source Service Partner +/small/pre + + !-- Updated: 9 June 2004 -- hr / h3Muuml;nchen/h3
svn commit: samba-web r546 - in trunk/support: .
Author: deryck Date: 2005-02-08 18:31:16 + (Tue, 08 Feb 2005) New Revision: 546 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=546 Log: oops. List the support provider by the correct area. deryck Modified: trunk/support/germany.html Changeset: Modified: trunk/support/germany.html === --- trunk/support/germany.html 2005-02-08 17:07:33 UTC (rev 545) +++ trunk/support/germany.html 2005-02-08 18:31:16 UTC (rev 546) @@ -276,40 +276,8 @@ /small/pre -!-- Added: 08 February 2005 -- -hr / -h3Lage/h3 -presmall -OSSystems.de - IT-Service -Christian Augustin -Kleinenheide 33 -D-32791 Lage -TEL: +49 (0) 52 32 / 69 75 91 -Fax: +49 (0) 52 32 / 69 75 89 -Web: a href=http://www.ossystems.de;http://www.ossystems.de/a -Email: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a - -Ihr IT-Dienstleister fuuml;r einfach zu bedienende, sichere und kostenguuml;nstige -Open Source-Louml;sungen. Wir analysieren, beraten und entwickeln Konzepte fuuml;r -Ihr Unternehmen. - -Wir sind Spezialisten fuuml;r GNU/Linux und Applikationen, die auf Freier Software -und auf Open Source Software basieren. Kompetente Schulungen, exzellenter -Service und hilfreicher Support sind unsere Basis fuuml;r eine langfristige -Kundenbeziehung. - -Wir administrieren Ihr Netzwerk, Ihre Server und Workstations ebenso Ihre -Firewall oder Ihren Virenschutz. Wir managen heterogene Netzwerke mit -folgenden Betriebssystemen: - -LINUX, UNIX, MAC amp; WINDOWS - -Ihr Open Source Service Partner -/small/pre - - !-- Updated: 9 June 2004 -- hr / h3Muuml;nchen/h3 @@ -386,6 +354,41 @@ /small/pre + +!-- Added: 08 February 2005 -- +hr / +presmall +OSSystems.de - IT-Service +Christian Augustin +Kleinenheide 33 +D-32791 Lage + +TEL: +49 (0) 52 32 / 69 75 91 +Fax: +49 (0) 52 32 / 69 75 89 + +Web: a href=http://www.ossystems.de;http://www.ossystems.de/a +Email: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a + +Ihr IT-Dienstleister fuuml;r einfach zu bedienende, sichere und kostenguuml;nstige +Open Source-Louml;sungen. Wir analysieren, beraten und entwickeln Konzepte fuuml;r +Ihr Unternehmen. + +Wir sind Spezialisten fuuml;r GNU/Linux und Applikationen, die auf Freier Software +und auf Open Source Software basieren. Kompetente Schulungen, exzellenter +Service und hilfreicher Support sind unsere Basis fuuml;r eine langfristige +Kundenbeziehung. + +Wir administrieren Ihr Netzwerk, Ihre Server und Workstations ebenso Ihre +Firewall oder Ihren Virenschutz. Wir managen heterogene Netzwerke mit +folgenden Betriebssystemen: + +LINUX, UNIX, MAC amp; WINDOWS + +Ihr Open Source Service Partner +/small/pre + + + !-- Added: 9 June 2004 -- hr / h3Pliezhausen/h3
svn commit: samba r5278 - in branches/SAMBA_3_0/source/sam: .
Author: jerry Date: 2005-02-08 19:27:18 + (Tue, 08 Feb 2005) New Revision: 5278 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5278 Log: BUG 2327: fix compile bug in idmap_rid.c Modified: branches/SAMBA_3_0/source/sam/idmap_rid.c Changeset: Modified: branches/SAMBA_3_0/source/sam/idmap_rid.c === --- branches/SAMBA_3_0/source/sam/idmap_rid.c 2005-02-08 01:10:34 UTC (rev 5277) +++ branches/SAMBA_3_0/source/sam/idmap_rid.c 2005-02-08 19:27:18 UTC (rev 5278) @@ -49,12 +49,13 @@ { const char *p; int i; - trust.number = 0; fstring sid_str; BOOL known_domain = False; p = init_param; fstring tok; + trust.number = 0; + /* falling back to automatic mapping when there were no options given */ if (!*init_param) {
svn commit: samba r5279 - in trunk/source/python: .
Author: tpot Date: 2005-02-08 20:19:55 + (Tue, 08 Feb 2005) New Revision: 5279 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5279 Log: Fix for bugzilla #1564 thanks to Daniel Jarboe. Convert printer info dependent files list to a list of strings instead of just returning 'asdf'. Modified: trunk/source/python/py_spoolss.h trunk/source/python/py_spoolss_drivers.c trunk/source/python/py_spoolss_drivers_conv.c Changeset: Modified: trunk/source/python/py_spoolss.h === --- trunk/source/python/py_spoolss.h2005-02-08 19:27:18 UTC (rev 5278) +++ trunk/source/python/py_spoolss.h2005-02-08 20:19:55 UTC (rev 5279) @@ -67,7 +67,8 @@ BOOL py_from_DRIVER_INFO_2(PyObject **dict, DRIVER_INFO_2 *info); BOOL py_to_DRIVER_INFO_2(DRIVER_INFO_2 *info, PyObject *dict); BOOL py_from_DRIVER_INFO_3(PyObject **dict, DRIVER_INFO_3 *info); -BOOL py_to_DRIVER_INFO_3(DRIVER_INFO_3 *info, PyObject *dict); +BOOL py_to_DRIVER_INFO_3(DRIVER_INFO_3 *info, PyObject *dict, +TALLOC_CTX *mem_ctx); BOOL py_from_DRIVER_INFO_6(PyObject **dict, DRIVER_INFO_6 *info); BOOL py_to_DRIVER_INFO_6(DRIVER_INFO_6 *info, PyObject *dict); BOOL py_from_DRIVER_DIRECTORY_1(PyObject **dict, DRIVER_DIRECTORY_1 *info); Modified: trunk/source/python/py_spoolss_drivers.c === --- trunk/source/python/py_spoolss_drivers.c2005-02-08 19:27:18 UTC (rev 5278) +++ trunk/source/python/py_spoolss_drivers.c2005-02-08 20:19:55 UTC (rev 5279) @@ -365,7 +365,7 @@ case 3: ctr.info3 = dinfo.driver_3; - if (!py_to_DRIVER_INFO_3(dinfo.driver_3, info)) { + if (!py_to_DRIVER_INFO_3(dinfo.driver_3, info, mem_ctx)) { PyErr_SetString(spoolss_error, error converting to driver info 3); goto done; Modified: trunk/source/python/py_spoolss_drivers_conv.c === --- trunk/source/python/py_spoolss_drivers_conv.c 2005-02-08 19:27:18 UTC (rev 5278) +++ trunk/source/python/py_spoolss_drivers_conv.c 2005-02-08 20:19:55 UTC (rev 5279) @@ -78,9 +78,49 @@ { NULL } }; -static uint16 *to_dependentfiles(PyObject *dict) +static uint16 *to_dependentfiles(PyObject *list, TALLOC_CTX *mem_ctx) { - return (uint16 *)abcd\0; + uint32 elements, size=0, pos=0, i; + char *str; + uint16 *ret = NULL; + PyObject *borrowedRef; + + if (!PyList_Check(list)) { + goto done; + } + + /* calculate size for dependentfiles */ + elements=PyList_Size(list); + for (i = 0; i elements; i++) { + borrowedRef=PyList_GetItem(list, i); + if (!PyString_Check(borrowedRef)) + /* non string found, return error */ + goto done; + size+=PyString_Size(borrowedRef)+1; + } + + if (!(ret = (uint16*) talloc(mem_ctx,(size+1)*sizeof(uint16 + goto done; + + /* create null terminated sequence of null terminated strings */ + for (i = 0; i elements; i++) { + borrowedRef=PyList_GetItem(list, i); + str=PyString_AsString(borrowedRef); + do { + if (pos = size) { + /* dependentfiles too small. miscalculated? */ + ret = NULL; + goto done; + } + SSVAL(ret[pos], 0, str[0]); + pos++; + } while (*(str++)); + } + /* final null */ + ret[pos]='\0'; + +done: + return ret; } BOOL py_from_DRIVER_INFO_1(PyObject **dict, DRIVER_INFO_1 *info) @@ -122,16 +162,17 @@ return True; } -BOOL py_to_DRIVER_INFO_3(DRIVER_INFO_3 *info, PyObject *dict) +BOOL py_to_DRIVER_INFO_3(DRIVER_INFO_3 *info, PyObject *dict, +TALLOC_CTX *mem_ctx) { PyObject *obj, *dict_copy = PyDict_Copy(dict); BOOL result = False; - if (!(obj = PyDict_GetItemString(dict_copy, dependent_files)) || - !PyList_Check(obj)) + if (!(obj = PyDict_GetItemString(dict_copy, dependent_files))) goto done; - info-dependentfiles = to_dependentfiles(obj); + if (!(info-dependentfiles = to_dependentfiles(obj, mem_ctx))) + goto done; PyDict_DelItemString(dict_copy, dependent_files);
svn commit: samba r5280 - in trunk/source/python: .
Author: tpot Date: 2005-02-08 20:25:41 + (Tue, 08 Feb 2005) New Revision: 5280 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=sambarev=5280 Log: Add wrappers for cli_open(), cli_read() written by Daniel Jarbee. Bugzilla #1557. Modified: trunk/source/python/py_smb.c Changeset: Modified: trunk/source/python/py_smb.c === --- trunk/source/python/py_smb.c2005-02-08 20:19:55 UTC (rev 5279) +++ trunk/source/python/py_smb.c2005-02-08 20:25:41 UTC (rev 5280) @@ -179,6 +179,83 @@ return PyInt_FromLong(result); } +static PyObject *py_smb_open(PyObject *self, PyObject *args, PyObject *kw) +{ + cli_state_object *cli = (cli_state_object *)self; + static char *kwlist[] = { filename, flags, + share_mode, NULL }; + char *filename; + uint32 flags, share_mode = DENY_NONE; + int result; + + /* Parse parameters */ + + if (!PyArg_ParseTupleAndKeywords( + args, kw, si|i, kwlist, filename, flags, share_mode)) + return NULL; + + result = cli_open(cli-cli, filename, flags, share_mode); + + if (cli_is_error(cli-cli)) { + PyErr_SetString(PyExc_RuntimeError, open failed); + return NULL; + } + + /* Return FID */ + + return PyInt_FromLong(result); +} + +static PyObject *py_smb_read(PyObject *self, PyObject *args, PyObject *kw) +{ + cli_state_object *cli = (cli_state_object *)self; + static char *kwlist[] = { fnum, offset, size, NULL }; + int fnum, offset=0, size=0; + ssize_t result; + size_t fsize; + char *data; + PyObject *ret; + + /* Parse parameters */ + + if (!PyArg_ParseTupleAndKeywords( + args, kw, i|ii, kwlist, fnum, offset, size)) + return NULL; + + if (!cli_qfileinfo(cli-cli, fnum, NULL, fsize, NULL, NULL, + NULL, NULL, NULL) + !cli_getattrE(cli-cli, fnum, NULL, fsize, NULL, NULL, NULL)) { + PyErr_SetString(PyExc_RuntimeError, getattrib failed); + return NULL; + } + + if (offset 0) + offset = 0; + + if (size 1 || size fsize - offset) + size = fsize - offset; + + if (!(data = (char *) malloc((size_t) size))) { + PyErr_SetString(PyExc_RuntimeError, malloc failed); + return NULL; + } + + result = cli_read(cli-cli, fnum, data, (off_t) offset, (size_t) size); + + if (result==-1 || cli_is_error(cli-cli)) { + SAFE_FREE(data); + PyErr_SetString(PyExc_RuntimeError, read failed); + return NULL; + } + + /* Return a python string */ + + ret = Py_BuildValue(s#, data, result); + SAFE_FREE(data); + + return ret; +} + static PyObject *py_smb_close(PyObject *self, PyObject *args, PyObject *kw) { @@ -323,6 +400,33 @@ { nt_create_andx, (PyCFunction)py_smb_nt_create_andx, METH_VARARGS | METH_KEYWORDS, NT CreateX }, + { open, (PyCFunction)py_smb_open, + METH_VARARGS | METH_KEYWORDS, + Open a file\n +\n +This function returns a fnum handle to an open file. The file is\n +opened with flags and optional share mode. If unspecified, the\n +default share mode is DENY_NONE\n +\n +Example:\n +\n + fnum=conn.open(filename, os.O_RDONLY) }, + + { read, (PyCFunction)py_smb_read, + METH_VARARGS | METH_KEYWORDS, + Read from an open file\n +\n +This function returns a string read from an open file starting at\n +offset for size bytes (until EOF is reached). If unspecified, the\n +default offset is 0, and default size is the remainder of the file.\n +\n +Example:\n +\n + conn.read(fnum) # read entire file\n + conn.read(fnum,5) # read entire file from offset 5\n + conn.read(fnum,size=64) # read 64 bytes from start of file\n + conn.read(fnum,4096,1024) # read 1024 bytes from offset 4096\n }, + { close, (PyCFunction)py_smb_close, METH_VARARGS | METH_KEYWORDS, Close },
svn commit: lorikeet r220 - in trunk/white-papers: .
Author: abartlet Date: 2005-02-08 21:01:36 + (Tue, 08 Feb 2005) New Revision: 220 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=220 Log: Clarify the meaning of 'security' in this paper. Andrew Bartlett Modified: trunk/white-papers/gensec-white-paper.lyx Changeset: Modified: trunk/white-papers/gensec-white-paper.lyx === --- trunk/white-papers/gensec-white-paper.lyx 2005-01-28 23:56:35 UTC (rev 219) +++ trunk/white-papers/gensec-white-paper.lyx 2005-02-08 21:01:36 UTC (rev 220) @@ -66,7 +66,7 @@ Finally, while the word `security' does mean many different things, this paper addresses the issues as they stem from authentication and the related - problems. + problems of data privacy and integrity over a network. \layout Section* Security functions
svn commit: lorikeet r221 - in trunk/white-papers: . dcom
Author: jelmer Date: 2005-02-08 21:16:14 + (Tue, 08 Feb 2005) New Revision: 221 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=221 Log: Add paper on DCOM. I'm trying to write down how DCOM works and how it should implemented in Samba. This is mostly based on my third rewrite of DCOM support in Samba 4 (which is almost finished) on which I have been working for the past few months. I'm writing this paper alongside the implementation. Added: trunk/white-papers/dcom/ trunk/white-papers/dcom/Makefile trunk/white-papers/dcom/call-local.dia trunk/white-papers/dcom/call-remote.dia trunk/white-papers/dcom/dcom.bib trunk/white-papers/dcom/dcom.tex trunk/white-papers/dcom/interface-implementation.dia trunk/white-papers/dcom/object-exporter.dia Changeset: Sorry, the patch is too large (632 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=lorikeetrev=221
svn commit: samba-web r547 - in trunk: style support
Author: deryck Date: 2005-02-08 21:31:17 + (Tue, 08 Feb 2005) New Revision: 547 WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=revroot=samba-webrev=547 Log: Add a Denmark company to support lists. Also, fix a style goof (not at all sure why I had a px value for the support countries list.) deryck Added: trunk/support/denmark.html Modified: trunk/style/support.css trunk/support/countries.html Changeset: Modified: trunk/style/support.css === --- trunk/style/support.css 2005-02-08 18:31:16 UTC (rev 546) +++ trunk/style/support.css 2005-02-08 21:31:17 UTC (rev 547) @@ -34,7 +34,7 @@ list-style-type:none; } #countries a { - font-size:12px; + font-size:small; } #countries h4 { margin-top:10px; Modified: trunk/support/countries.html === --- trunk/support/countries.html2005-02-08 18:31:16 UTC (rev 546) +++ trunk/support/countries.html2005-02-08 21:31:17 UTC (rev 547) @@ -8,6 +8,7 @@ lia href=brazil.htmlBrazil/a/li lia href=canada.htmlCanada/a/li lia href=colombia.htmlColombia/a/li + lia href=denmark.htmlDenmark/a/li lia href=finland.htmlFinland/a/li lia href=france.htmlFrance/a/li lia href=germany.htmlGermany/a/li Added: trunk/support/denmark.html === --- trunk/support/denmark.html 2005-02-08 18:31:16 UTC (rev 546) +++ trunk/support/denmark.html 2005-02-08 21:31:17 UTC (rev 547) @@ -0,0 +1,36 @@ +!--#include virtual=/samba/header.html -- + titleSamba Support--Denmark/title +!--#include virtual=header_support.html -- + +h2Commercial Support - Denmark/h2 +hr / + +presmall +Midtfyns Computer Center +Stationsvej 33 +DK-5792 Aarslev +phone: +45 63 90 30 40 +fax: +45 63 90 30 41 +web: a href=http://www.midtfyns-it.dk;http://www.midtfyns-it.dk/a +mail: a href=mailto:[EMAIL PROTECTED][EMAIL PROTECTED]/a + +Midtfyns Computer Center offer a complete solution for companies who wishes +to implement a Samba server in their corporate network. This includes +presales information, installation, configuration, updates and support. If +necessary, the portation from former servers such as Microsoft Windows NT +servers, are also taken care of. + +For those who may be interested but not sure if this is a safe solution that +may handle their needs fully, it is possible to borrow a server from here for a +period in order to try out the system. Thus it won't be necessary to make a +complete portation right away, the server will only act as a supplement in this +period and won't interfere with the existing setup. We're confident that after +such a period of trial, you won't let go of this server again, but wish to port +your existing server(s) to this platform. + +Beside the Samba server, UNIX platforms offer a wide range of other options +such as web servers, mailservers, DNS servers, firewalls, database servers +etc. - you name it! +/small/pre + +!--#include virtual=footer_support.html-- Property changes on: trunk/support/denmark.html ___ Name: svn:executable + *