[Samba] Samba 3.0.28 failing to authenticate on Win2003 Server Active Directory
I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora yum package version). I have successfully joined the server to the AD realm of a Win2003 server on the office network. Configuration was done following this guide: http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3 However Authentication against the AD server does not work. When I test winbind with: # wbinfo -u I get: Error looking up domain users I have also found the following output in /var/log/messages/ It is generated each time Samba is started (note: date and time have been removed for clarity) srv winbindd[6850]: [2008/05/06 11:18:14, 0] param/loadparm.c:service_ok(3031) srv winbindd[6850]: WARNING: No path in service public - making it unavailable! srv winbindd[6851]: [2008/05/06 11:18:14, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache() srv winbindd[6851]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(41) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(42) srv winbindd[6853]: INTERNAL ERROR: Signal 11 in pid 6853 (3.0.28a-0.fc8) srv winbindd[6853]: Please read the Trouble-Shooting section of the Samba3-HOWTO srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(44) srv winbindd[6853]: srv winbindd[6853]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(45) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655) srv winbindd[6853]: PANIC (pid 6853): internal error srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:log_stack_trace(1759) srv winbindd[6853]: BACKTRACE: 19 stack frames: srv winbindd[6853]:#0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d] srv winbindd[6853]:#1 winbindd(smb_panic+0x5d) [0xb7d5dfcd] srv winbindd[6853]:#2 winbindd [0xb7d48a4a] srv winbindd[6853]:#3 [0x12d420] srv winbindd[6853]:#4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638] srv winbindd[6853]:#5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6] srv winbindd[6853]:#6 winbindd [0xb7cea8f9] srv winbindd[6853]:#7 winbindd [0xb7ced6e7] srv winbindd[6853]:#8 winbindd [0xb7cd2649] srv winbindd[6853]:#9 winbindd [0xb7cd2d29] srv winbindd[6853]:#10 winbindd [0xb7cd31a8] srv winbindd[6853]:#11 winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008] srv winbindd[6853]:#12 winbindd [0xb7cf3622] srv winbindd[6853]:#13 winbindd(init_child_connection+0x19a) [0xb7ccfdaa] srv winbindd[6853]:#14 winbindd(async_domain_request+0xb6) [0xb7cf4f86] srv winbindd[6853]:#15 winbindd(rescan_trusted_domains+0x110) [0xb7cd03f0] srv winbindd[6853]:#16 winbindd(main+0x75d) [0xb7cc5e0d] srv winbindd[6853]:#17 /lib/libc.so.6(__libc_start_main+0xe0) [0x2e3390] srv winbindd[6853]:#18 winbindd [0xb7cc42a1] srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181) srv winbindd[6853]: dumping core in /var/log/samba/cores/winbindd srv winbindd[6853]: The Samba config file /etc/samba/smb.conf [global] log file = /var/log/samba/log.%m workgroup = SLA realm = SLA.COM.AU preferred master = no server string = Merit1 security = ADS encrypt passwords = yes log level = 3 max log size = 50 printcap name = cups printing = cups winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + idmap uid = 600-2 idmap gid = 600-2 template shell = /bin/bash template homedir = /home/domain/%D/%U [homes] comment = Home Direcotries valid users = %S read only = No browseable = No [netlogon] comment = Network Logon Service path = /var/lib/samba/netlogon guest ok = yes writable = no share modes = no I have used Samba in small workgroups for some years, but this is the first time that I have tried anything with Active Directory, so I am way out of my depth. Can anyone recommend how I should go about troubleshooting this issue? if you require more information please let me know. Regards, Langdon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] smbmount deprecated - what about Windows 9x?
Hallo, I've just installed Kernel 2.6.25.2 - works fine. But now when I use smbmount for mounting shares from my Win9x clients the system (kernel) tells me smbfs is deprecated and will be removed from the 2.6.27 kernel. Please migrate to cifs. But at least Win9x seems not to like cifs. Mounting via smbfs works since years, mounting (with the same options) via cifs produces several error messages. The ugliest is no such file or directory and strace shows that mount.cifs (or some subroutine) doesn't accept the share. It finds the other server ... Can I use smbmount even with kernel 2.6.27 (or newer)? May be cifs is better, but I need to mount Win9x shares. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Group quotas on shares
Hello, Samba 3.0.23d PDC on CentOS 4.4, smbpasswd backend, Windows XP clients. I recently took over the administration of a small LAN (~35 hosts). The shared drives had been implemented in a hurry and the configuration had never been revisited. Linux groups had been enabled for different shares, but this had never been enforced on the file server. I have implemented linux group quotas on the file system that contains our shared folders, but it has not worked according to my expectations. I changed the group ownership of each share and its contents according to the relevant role and appropriate access level, and set the group sticky on each share and its subfolders. I also added the default create modes for each share into smb.conf: force create mode = 0770 force directory mode = 0770 After this I enabled quotas on the filesystem for the specific group that owns each share. However, in Windows every folder shows with the same usage and quota regardless of the assigned quota, and that quota seems to be the quota assigned to the primary group that each user belongs to i.e. users. If I remove the quota on the users group then the full filesystem space is displayed in Windows Explorer for every share. If I add the option: force group = +sales to the sales share, for example, the correct quota for sales is visible in explorer, however any user can then access the sales folder regardless of the groups that they belong to. Is there a way I can enable group quotas that are displayed correctly in Explorer and also limit access to only the members of the appropriate groups for each share? Best regards, Simon Barrett - Find the home of your dreams with eircom net property Sign up for email alerts now http://www.eircom.net/propertyalerts -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Group quotas on shares
Hey, We have a similar setup here. I have all the users of a share in a secondary group together. chown whomever:sharegroup on the share directory chmod 2770 on the share directory Here is the relevant bit of my smb.conf [IT] comment = IT Test Share path = /home/it valid users = @it force group = it read only = No create mask = 0770 directory mask = 0770 strict allocate = Yes use sendfile = Yes preserve case = No hide special files = Yes hide unreadable = Yes browseable = No fstype = FAT wide links = No For maintainability I would recommend reading up on the copy option of smb.conf for shares. I have 20+ shares which are all setup identically and have but one place to make changes to all of them. As a side note for a shortcut I suspect you are looking for the valid users option of smb.conf. Pat On Mon, 2008-05-12 at 11:24 +0100, [EMAIL PROTECTED] wrote: Hello, Samba 3.0.23d PDC on CentOS 4.4, smbpasswd backend, Windows XP clients. I recently took over the administration of a small LAN (~35 hosts). The shared drives had been implemented in a hurry and the configuration had never been revisited. Linux groups had been enabled for different shares, but this had never been enforced on the file server. I have implemented linux group quotas on the file system that contains our shared folders, but it has not worked according to my expectations. I changed the group ownership of each share and its contents according to the relevant role and appropriate access level, and set the group sticky on each share and its subfolders. I also added the default create modes for each share into smb.conf: force create mode = 0770 force directory mode = 0770 After this I enabled quotas on the filesystem for the specific group that owns each share. However, in Windows every folder shows with the same usage and quota regardless of the assigned quota, and that quota seems to be the quota assigned to the primary group that each user belongs to i.e. users. If I remove the quota on the users group then the full filesystem space is displayed in Windows Explorer for every share. If I add the option: force group = +sales to the sales share, for example, the correct quota for sales is visible in explorer, however any user can then access the sales folder regardless of the groups that they belong to. Is there a way I can enable group quotas that are displayed correctly in Explorer and also limit access to only the members of the appropriate groups for each share? Best regards, Simon Barrett - Find the home of your dreams with eircom net property Sign up for email alerts now http://www.eircom.net/propertyalerts -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Robert Gehr is NOT in the house
Ich werde ab 12.05.2008 nicht im Büro sein. Ich kehre zurück am 23.05.2008. In dringenden Fällen Elmar Pöpperl o. Michael Feige kontaktieren -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Using AD groups for samba access
Hi, I'm trying to use AD groups to control access to samba exported disk space. The model is as follows: A unix group ad_samba_group owns the space to be exported. This group has no members. There is an AD group test-ad-group that has as members the people who are to be able to access the space. All users who access the space have local (nis) unix accounts. The machine serving the space is a member of the active directory I was hoping that by setting up a group mapping between the AD and unix group that any member of the AD group would be able to access the space owned by the (mapped) unix group. Alas this does not seem to be the case. My questions are: Is this model actually possible? How does the group mapping work and is winbind required for it? Are there any magic ingredients required for smb.conf ? Is there a saner way to achieve this? I'm really trying to avoid using the winbind group/user mapping functionality as it maps every group in the AD to a unix group and would involve manually editing the winbindd_idmap.tdb to get the correct GID and UID assignment which is critical. The details are [Samba 3.0.28-35] [RHEL 5 2.6.18-53.1.14.el5 #1 SMP x86_64] The following SID was put in with net groupmap and is obtained from the AD. [EMAIL PROTECTED] samba]# net groupmap list verbose test-ad-group SID : S-1-5-21-861567501-1417001333-682003330-319925 Unix gid : 273021 Unix group: ad_samba_group Group type: Domain Group Comment : Domain Unix group [EMAIL PROTECTED] samba]# cat /etc/samba/smb.conf [global] workgroup = ED realm = ED.AC.UK netbios name = NAS-TEST log file = /var/log/samba/%m.log max log size = 1000 log level = 3 security = ADS encrypt passwords = yes password server = aviemore.ucs.ed.ac.uk wins server = 129.215.13.14 dns proxy = yes #=== Share Definitions === [test2] comment = AD permissions test path = /data/test2 valid users = @ad_samba_group msdfs root = yes public = no writable = yes If I try and connect to the share I get the following error ristretto smbclient //nas-test.ecdf.ed.ac.uk/test2 -W ED Password: Domain=[ED] OS=[Unix] Server=[Samba 3.0.28-SerNet-RedHat] tree connect failed: NT_STATUS_ACCESS_DENIED The interesting bits of the logfile seem to be: [2008/05/12 12:14:50, 3] auth/auth.c:check_ntlm_password(221) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface [2008/05/12 12:14:50, 3] auth/auth.c:check_ntlm_password(224) check_ntlm_password: mapped user is: [EMAIL PROTECTED] .. .. [2008/05/12 12:14:50, 3] lib/util_sid.c:string_to_sid(223) string_to_sid: Sid @ad_samba_group does not start with 'S-'. .. .. [2008/05/12 12:14:50, 2] smbd/service.c:make_connection_snum(616) user 'eroche' (from session setup) not permitted to access this share (test2) [2008/05/12 12:14:50, 3] smbd/error.c:error_packet_set(106) error packet at smbd/reply.c(514) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED Thanks Ewan -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] What does this warning mean and how do I fix it
WARNING: The write cache size option is deprecated -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What does this warning mean and how do I fix it
On Mon, May 12, 2008 at 10:47 AM, Glenn, Skeeter [EMAIL PROTECTED] wrote: WARNING: The write cache size option is deprecated Remove write cache size from smb.conf John -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount deprecated - what about Windows 9x?
Am Montag, 12. Mai 2008 schrieb Helmut Hullen: Hallo, I've just installed Kernel 2.6.25.2 - works fine. But now when I use smbmount for mounting shares from my Win9x clients the system (kernel) tells me smbfs is deprecated and will be removed from the 2.6.27 kernel. Please migrate to cifs. But at least Win9x seems not to like cifs. Mounting via smbfs works since years, mounting (with the same options) via cifs produces several error messages. The ugliest is no such file or directory and strace shows that mount.cifs (or some subroutine) doesn't accept the share. It finds the other server ... Can I use smbmount even with kernel 2.6.27 (or newer)? May be cifs is better, but I need to mount Win9x shares. Viele Gruesse! Helmut Hi Helmut, you can use cifs vfs to mount win9x shares, but need to add the following to the mount options: servernetbiosname=W9XSERVER or the shorter form servern=W9XSERVER where W9XSERVER is the upper case netbios name of the legacy server. Legacy servers like OS/2 in addition need the option sec=lanman Example: mount -t cifs //server/SHARE /mount/point -o credentials=/root/sec/.creds, \ servern=MYWIN98,dir_mode=0755,file_mode=0764,uid=test,gid=users ... Also have a look at 'man mount.cifs' about the meaning of - dir_mode - file_mode - uid - gid - ... when the server is not supporting the unix extensions. Also note that uppercasing the share name (i.e. //server/SHARE ) will avoid a duplicate treeconX call. IMPORTANT NOTE! When connecting to remote *legacy* servers like - win9x/me - OS/2 - others I strongly advise to *not* use current cifs vfs in a production environment! Initial testing should only be done against special test shares, which should not contain any valuable data! There are glitches with readonly files and the time stamps of directories/files - and possibly more... The cifs vfs developers are aware of this and are working on fixes. Everyone is invited to work with the developers to fix remaining legacy problems. Testing and reporting of bugs is very much appreciated :-) The main mailing list for the linux cifs client vfs is [EMAIL PROTECTED] Send bug reports to https://bugzilla.samba.org/ and choose the product CifsVFS These days lots of support talks are also happening on IRC. Samba/cifs related talks are done on irc.freenode.net in channels #samba (user related) #samba-technical (development only!) My irc nickname is kukks and you can also reach me via email at [EMAIL PROTECTED] Cheers, Günter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Can't get 3.0.23d from SuSE RPM to be a member in an NT4 domain
A week ago, May 06, 2008 at 11:22:24AM -0400, I wrote: I followed (I think) the instructions on how to do this in TOSHARG (which are about as disjointed as the book, which I took back), but I continue to be unable to get the box, running winbind, to reliably authenticate users off the PDC, which is running NT4 (and I'm not sure which SP, if it matters) and Exchange 5.5, which precludes me from simply vampiring it and decommissioning it... unless there's no solution on the Samba front. [ ... ] I'll be happy to supply smb.conf and any other information that seems warranted, but hopefully this is enough to provide a start to some helpful person... :-) This seems to be a question that is much-asked and little-answered, based on all my googling... No help on this at all, huh? Is Samba 3 as a member server in an NT domain not a supported configuration, then? Cheers, -- jra -- Jay R. Ashworth Baylink [EMAIL PROTECTED] Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com '87 e24 St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274 Those who cast the vote decide nothing. Those who count the vote decide everything. -- (Joseph Stalin) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba 3.0.28 failing to authenticate on Win2003 ServerActive Directory
http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3 I believe these directions are for setting up Samba as an NT4 style PDC. From your description it sounds like you want the samba server to be a domain member server in a Win2003 AD and use winbind to authenticate users. If that's the case and you followed the directions on that website, then your samba config is definitely not going to work for you. I suggest reading chapters 3 and 6 here if you haven't already: http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ Here's some good troubleshooting tips: http://us3.samba.org/samba/docs/using_samba/ch12.html#samba2-CHP-12-SECT -2.5.3 Matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Langdon Stevenson Sent: Sunday, May 11, 2008 11:36 PM To: samba@lists.samba.org Subject: [Samba] Samba 3.0.28 failing to authenticate on Win2003 ServerActive Directory I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora yum package version). I have successfully joined the server to the AD realm of a Win2003 server on the office network. Configuration was done following this guide: http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3 However Authentication against the AD server does not work. When I test winbind with: # wbinfo -u I get: Error looking up domain users I have also found the following output in /var/log/messages/ It is generated each time Samba is started (note: date and time have been removed for clarity) srv winbindd[6850]: [2008/05/06 11:18:14, 0] param/loadparm.c:service_ok(3031) srv winbindd[6850]: WARNING: No path in service public - making it unavailable! srv winbindd[6851]: [2008/05/06 11:18:14, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache() srv winbindd[6851]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(41) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(42) srv winbindd[6853]: INTERNAL ERROR: Signal 11 in pid 6853 (3.0.28a-0.fc8) srv winbindd[6853]: Please read the Trouble-Shooting section of the Samba3-HOWTO srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(44) srv winbindd[6853]: srv winbindd[6853]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(45) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655) srv winbindd[6853]: PANIC (pid 6853): internal error srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:log_stack_trace(1759) srv winbindd[6853]: BACKTRACE: 19 stack frames: srv winbindd[6853]:#0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d] srv winbindd[6853]:#1 winbindd(smb_panic+0x5d) [0xb7d5dfcd] srv winbindd[6853]:#2 winbindd [0xb7d48a4a] srv winbindd[6853]:#3 [0x12d420] srv winbindd[6853]:#4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638] srv winbindd[6853]:#5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6] srv winbindd[6853]:#6 winbindd [0xb7cea8f9] srv winbindd[6853]:#7 winbindd [0xb7ced6e7] srv winbindd[6853]:#8 winbindd [0xb7cd2649] srv winbindd[6853]:#9 winbindd [0xb7cd2d29] srv winbindd[6853]:#10 winbindd [0xb7cd31a8] srv winbindd[6853]:#11 winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008] srv winbindd[6853]:#12 winbindd [0xb7cf3622] srv winbindd[6853]:#13 winbindd(init_child_connection+0x19a) [0xb7ccfdaa] srv winbindd[6853]:#14 winbindd(async_domain_request+0xb6) [0xb7cf4f86] srv winbindd[6853]:#15 winbindd(rescan_trusted_domains+0x110) [0xb7cd03f0] srv winbindd[6853]:#16 winbindd(main+0x75d) [0xb7cc5e0d] srv winbindd[6853]:#17 /lib/libc.so.6(__libc_start_main+0xe0) [0x2e3390] srv winbindd[6853]:#18 winbindd [0xb7cc42a1] srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181) srv winbindd[6853]: dumping core in /var/log/samba/cores/winbindd srv winbindd[6853]: The Samba config file /etc/samba/smb.conf [global] log file = /var/log/samba/log.%m workgroup = SLA realm = SLA.COM.AU preferred master = no server string = Merit1 security = ADS encrypt passwords = yes log level = 3 max log size = 50 printcap name = cups printing = cups winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes winbind nested groups = Yes winbind separator = + idmap uid = 600-2 idmap gid = 600-2 template shell = /bin/bash template homedir = /home/domain/%D/%U [homes] comment = Home Direcotries valid users = %S read only = No browseable = No [netlogon] comment = Network Logon Service path =
Re: [Samba] smbmount deprecated - what about Windows 9x?
Hallo, Günter, Du meintest am 12.05.08 zum Thema Re: [Samba] smbmount deprecated - what about Windows 9x?: smbfs is deprecated and will be removed from the 2.6.27 kernel. Please migrate to cifs. Can I use smbmount even with kernel 2.6.27 (or newer)? May be cifs is better, but I need to mount Win9x shares. you can use cifs vfs to mount win9x shares, but need to add the following to the mount options: servernetbiosname=W9XSERVER or the shorter form servern=W9XSERVER where W9XSERVER is the upper case netbios name of the legacy server. Legacy servers like OS/2 in addition need the option sec=lanman Example: mount -t cifs //server/SHARE /mount/point -o credentials=/root/sec/.creds,servern=MYWIN98,dir_mode=0755,file_mo de=0764,uid=test,gid=users ... Thank you - it works! sec=lanman seems not to be necessary (or outdated). man mount.cifs (Samba 3.0.28a) doesn't show the option lanman for sec. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount deprecated - what about Windows 9x?
Hi Helmut, Am Montag, 12. Mai 2008 schrieb Helmut Hullen: Hallo, Günter, Du meintest am 12.05.08 zum Thema Re: [Samba] smbmount deprecated - what about Windows 9x?: smbfs is deprecated and will be removed from the 2.6.27 kernel. Please migrate to cifs. Can I use smbmount even with kernel 2.6.27 (or newer)? May be cifs is better, but I need to mount Win9x shares. you can use cifs vfs to mount win9x shares, but need to add the following to the mount options: servernetbiosname=W9XSERVER or the shorter form servern=W9XSERVER where W9XSERVER is the upper case netbios name of the legacy server. Legacy servers like OS/2 in addition need the option sec=lanman Example: mount -t cifs //server/SHARE /mount/point -o credentials=/root/sec/.creds,servern=MYWIN98,dir_mode=0755,file_mo de=0764,uid=test,gid=users ... Thank you - it works! sec=lanman seems not to be necessary (or outdated). man mount.cifs (Samba 3.0.28a) doesn't show the option lanman for sec. 'man mount.cifs' atm is not completely uptodate - in the near future even more mount options might be added... When mounting OS/2 shares, sec=lanman _is_ needed! From the README of the cifs vfs kernel source: ... secSecurity mode. Allowed values are: noneattempt to connection as a null user (no name) krb5Use Kerberos version 5 authentication krb5i Use Kerberos authentication and packet signing ntlmUse NTLM password hashing (default) ntlmi Use NTLM password hashing with signing (if /proc/fs/cifs/PacketSigningEnabled on or if server requires signing also can be the default) ntlmv2 Use NTLMv2 password hashing ntlmv2i Use NTLMv2 password hashing with packet signing lanman (if configured in kernel config) use older lanman hash ... All readers of this thread should also note that the cifs vfs kernel module must be build with the option CONFIG_CIFS_WEAK_PW_HASH=y to support legacy servers which depend on the weak lanman hash! Some distros have already started to ship kernels without setting this build flag (but have removed smbfs, too). Many distro maintainers have now been informed about this. Please drop me a note when a distro does not support cifs vfs legacy servers connections, so we can contact the maintainers. Cheers, Günter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] solaris 8 native ldap support
There seems to be only minimimal discussion on this. I'd like avoid having to build openldap on solaris if at all possible. Is building samba with native solaris ldap simply not possible? Thanks for any clues. Brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] File Lock Issue
Check out the deadtime and keepalive parameters, they might help. --Charlie On Fri, May 9, 2008 at 8:49 AM, Matt Ingram [EMAIL PROTECTED] wrote: Hi All, I've seen a few messages similar to my problem, looking back through the mailing list but the issue I'm having is a little more unique. We have a user, who uses both wireless and wired connection. He uses truecrypt, that has the encrypted file sitting on a samba share. What I think is happening is he will unplugged his wired connection and move to a meeting room and connect through the wireless (might be worth noting - our wireless sits in our DMZ and users have to VPN into the inside of our network). When he connects to the wireless and tries to access his truecrypt drive, if complains that the file is already in use - and upon checking smbstatus -L the file is indeed locked. I was looking at the //|reset on zero vc|/ = |no |/option, but that seem to be for a connection of the same IP Address. Once he switches to wireless, he will have a different IP Address, so I don't think this option will help him. This server is running Samba Version 3.0.24-2.23-1296-SUSE-CODE10 on SUSE SLES 10 and the client is using Windows XP. I've seen many people asking this... what is the default time for a file to be locked if the connection is dropped? Also, is there a configurable option to change that time? If anyone has any idea for this issue, I'd be grateful to hear them! Thanks, Matt. -- Matt Ingram Intermediate Unix Administrator, IS Canadian Bank Note Company, Limited \m/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] smbmount deprecated - what about Windows 9x?
Hallo, Günter, Du meintest am 12.05.08 zum Thema Re: [Samba] smbmount deprecated - what about Windows 9x?: sec=lanman seems not to be necessary (or outdated). man mount.cifs (Samba 3.0.28a) doesn't show the option lanman for sec. From the README of the cifs vfs kernel source: ... [...] All readers of this thread should also note that the cifs vfs kernel module must be build with the option CONFIG_CIFS_WEAK_PW_HASH=y to support legacy servers which depend on the weak lanman hash! Ok - I hope none of my clients uses OS2 ... (I had just compiled kernel 2.6.25.2 - without this option of course). Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Users SID problem
Don't these tests make some presumptions? For instance, Shacky didn't say that he was attempting to join an active directory domain. In fact, he has security=User, security=ADS. I'd like to understand the problem he is having, because I am having the same one. However, I don't want to be distracted if ADS is a red herring. Wes Linux Addict wrote: Its okay not to have domain's SID. This is not the reason you are not able to login. What is the output of 1.wbinfo -t 2.wbinfo -g 3.testparm 4.net ads info 5.kinit AD username On Tue, May 6, 2008 at 3:41 AM, shacky [EMAIL PROTECTED] wrote: Hi. I realized that I have a problem with the users SID. Thy are different between the SID of the domain. Let's see the output of these commands: server:/home/utenti/user# net getlocalsid SID for domain SERVER is: S-1-5-21-1375271547-2371556575-3111006354 server:/home/utenti/user# pdbedit -Lv test Unix username:test NT username: Account Flags:[U ] User SID: S-1-5-21-73733321-1646160496-1160744844-3004 Primary Group SID:S-1-5-21-73733321-1646160496-1160744844-513 Full Name:Test Home Directory: HomeDir Drive: Logon Script: test.bat Profile Path: Domain: MYDOMAIN Account desc: Workstations: Munged dial: Logon time: 0 Logoff time: 9223372036854775807 seconds since the Epoch Kickoff time: 9223372036854775807 seconds since the Epoch Password last set:lun, 05 mag 2008 10:44:20 CEST Password can change: lun, 05 mag 2008 10:44:20 CEST Password must change: 9223372036854775807 seconds since the Epoch Last bad password : 0 Bad password count : 0 Logon hours : FF Please note that the User SID and the Primary Group SID don't contain the SID of the domain, are completely different. It is the same for all user. Is it normal or is it a problem? I cannot logon to the domain from the Windows clients. How I can solve this problem, and how I can make the change definitive for all new users too? Thank you very much! Ciao. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- Wes Modes Server Administrator Programmer Analyst McHenry Library Computing Network Services Information and Technology Services 459-5208 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] User SID problem with home directory
I'm having the problem in which users can access their group shares, but not their home shares. These two shares are defined thusly in smb.conf: [seref] comment = Science Engineering Reference Section path = /data/group/seref valid users = @seref, @seref-read, @admin read list = @seref-read write list = @seref, @admin force group = seref create mask = 0664 directory mask = 0770 [home] comment = %u's Personal Share Directory path = /data/home/%U valid users = %U, @admin write list = %U, @admin create mask = 0600 directory mask = 0700 browseable = No It seems that the %U variable, causes Samba to do a lookup_global_sam_name which fails. [EMAIL PROTECTED] smbclient -Ujoeblow '\\edgar.library.ucsc.edu\home' tree connect failed: NT_STATUS_ACCESS_DENIED Here's the relevant section of the log: passdb/pdb_ldap.c:init_sam_from_ldap(545) init_sam_from_ldap: Entry found for user: joeblow passdb/pdb_ldap.c:init_group_from_ldap(2158) init_group_from_ldap: Entry found for group: 30023 passdb/passdb.c:lookup_global_sam_name(596) User joeblow with invalid SID S-1-5-21-2642364908-3785178431-1037763545-61756 in passdb passdb/pdb_ldap.c:init_group_from_ldap(2158) init_group_from_ldap: Entry found for group: 1001 smbd/service.c:make_connection_snum(616) user 'joeblow' (from session setup) not permitted to access this share (home) Please note that I am not using the ADS security model, nor do I care to at the moment. Here's the significant part of my smb.conf: ### Basic information for server workgroup = MCHSTAFF netbios name = EDGAR server string = Library Samba Server hosts allow = 169.233. hosts allow = 128.114. enable privileges = yes security = user encrypt passwords = yes preferred master = yes domain master = yes domain logons = yes local master = yes username map = /etc/samba/smbusers logon path = wins support = yes dns proxy = no So why I am I getting the failure User joeblow with invalid SID? Wes -- Wes Modes Server Administrator Programmer Analyst McHenry Library Computing Network Services Information and Technology Services 459-5208 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User SID problem with home directory
Hallo, Wes, Du (wmodes) meintest am 12.05.08: It seems that the %U variable, causes Samba to do a lookup_global_sam_name which fails. [EMAIL PROTECTED] smbclient -Ujoeblow '\\edgar.library.ucsc.edu\home' tree connect failed: NT_STATUS_ACCESS_DENIED I've seen this message when winbindd is running - my samba server (now 3.0.28a) doesn't need winbindd. It's the one and only server. Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] PDC replacement
Hi all, I am at a small organization that has been using Samba for authentication for a while now, and I have inherited our Samba setup from our previous administrator. The server is in disrepair software-wise and would really benefit from a good reinstall. The problem is that our Samba implementation is mission-critical, so we need to get it replicated to another machine which can handle the load while the main server is being rebuilt. Enough of the background, here's the question: I have my temp server setup as a BDC (or at least I think that I do) and it is joined to the domain. I am trying to vampire the users off of it, but I always receive the error: Fetching DOMAIN database Failed to fetch domain database: NT code 0x1c010002 Does anyone have any ideas what that is about/how to fix it? Thank you, Bob Bregant McKinley Foundation at the University of Illinois PS~ Here are some of the lines from my temp server's smb.conf: workgroup = MCKINLEY netbios name = ESTHER-TEMP security = user encrypt passwords = true passdb backend = tdbsam domain logons = yes domain master = no preferred master = no PPS~ The old server is a Debian Etch machine on the 2.4.33 kernel with Samba 3.0.14a-Debian. The temporary server is running Ubuntu on the 2.6.22-14 kernel with Samba 3.0.26a. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User SID problem with home directory
You are correct that I should have had wins support set to no rather than yes. Here's how the smb.conf man page describes that option: This boolean controls if the nmbd(8) http://us3.samba.org/samba/docs/man/manpages-3/nmbd.8.html process in Samba will act as a WINS server. You should not set this to |yes| unless you have a multi-subnetted network and you wish a particular |nmbd| to be your WINS server. Note that you should /NEVER/ set this to |yes| on more than one machine in your network. HOWEVER, setting it to No, did not fix this problem: User joeblow with invalid SID user 'joeblow' (form session setup) not permitted to access this share (home) Wes Helmut Hullen wrote: Hallo, Wes, Du (wmodes) meintest am 12.05.08: It seems that the %U variable, causes Samba to do a lookup_global_sam_name which fails. [EMAIL PROTECTED] smbclient -Ujoeblow '\\edgar.library.ucsc.edu\home' tree connect failed: NT_STATUS_ACCESS_DENIED I've seen this message when winbindd is running - my samba server (now 3.0.28a) doesn't need winbindd. It's the one and only server. Viele Gruesse! Helmut -- Wes Modes Server Administrator Programmer Analyst McHenry Library Computing Network Services Information and Technology Services 459-5208 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] User SID problem with home directory
Hallo, Wes, Du (wmodes) meintest am 12.05.08: It seems that the %U variable, causes Samba to do a lookup_global_sam_name which fails. [EMAIL PROTECTED] smbclient -Ujoeblow '\\edgar.library.ucsc.edu\home' tree connect failed: NT_STATUS_ACCESS_DENIED I've seen this message when winbindd is running - my samba server (now 3.0.28a) doesn't need winbindd. It's the one and only server. You are correct that I should have had wins support set to no rather than yes. Here's how the smb.conf man page describes that Do you need winbindd? Works the system even with no running winbindd? Viele Gruesse! Helmut -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] solaris 8 native ldap support
Brian C. Hill wrote: There seems to be only minimimal discussion on this. I'd like avoid having to build openldap on solaris if at all possible. Is building samba with native solaris ldap simply not possible? The 3.2 branch of Samba has support to build with the Mozilla/Netscape/FedoraDS/Solaris/JavaDS/mps ldap libraries. If you are patched in Solaris 8 to a level such that you have the secure ldap client that was back-ported from Solaris 9 then you should have a set of libraries and header files that Samba can use. I'm not sure if the 3.2 release candidates have been explicitly tested against the Solaris 8 native ldap libraries, but I'm sure the developers would like to hear your feedback as this is now a mainline feature of Samba. Neal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba on Virtual Machines
Hi, After a lot more investigation and testing (as well as identifying a error in my set up) I have determined the problem that I am having is related to the way that Windows handles mount to a samba share that is getting it's share via nfs through automounting. My configuration is a system running RHEL5 and either the stock samba with the release or 3.0.28a compiled from source. User home directories are accessed via automounting using NIS; auto.home is pointed to the NIS map. I have been able to prove that it is a auto.home indirect mount problem only. I have set up a test share using the /net indirect mount (i.e., path = /net/machine namedevicedirectory) and it works perfectly. However, when I mount the share via the auto.home, the explorer window comes up showing the files but any attempt to read/write/properties/etc. hangs and eventually times out. I have spent many hours trying many different configurations to make the work but have had absolutely no luck. And unfortunately the log messages (samba side) do not give any indication of a failure. My system configuration is RHEL Client release 5.1 (basically everything), samba 3.0.28a, automount 5.0.1-0.rc2-55-el5.3. My samba configuration is below. workgroup = testgroup server string = Samba Server log level = 2 log file = /var/log/samba/log.%m max log size = 1 security = server password server = passwdserver encrypt passwords = yes client ntlmv2 auth = yes client lanman auth = no max protocol = lanman2.0 map to guest = Bad User load printers = yes socket options = TCP_NODELAY bind interfaces only = True use kerberos keytab = yes local master = no domain master = no preferred master = no wins support = no wins server = winserver wins proxy = no dns proxy = no preserve case = yes short preserve case = yes default case = lower case sensitive = no strict locking = no # Share Definitions == [Home] comment = User Files path = /home/%u browseable = no writable = yes # Test net access [Test] comment = Net Test path = /net/sass4001/u74/%u browseable = no writable = yes Any help would be greatly appreciated. Thanks, Joe -- Joe Mervini Scientific Applications and User Support Sandia National Laboratories Department 09326 MS-0823 PO Box 5800 Albuquerque, NM 87120 (505) 844.6770 -Original Message- From: Rune Tønnesen [mailto:[EMAIL PROTECTED] Sent: Monday, May 05, 2008 9:27 AM To: Mervini, Joseph A; samba@lists.samba.org Subject: Re: [Samba] Samba on Virtual Machines Hi Joseph It sounds more like a vmware problem. How is the network configurated on your vmware machine? Best Regards Rune Tønnesen Den 5/5/2008, skrev Mervini, Joseph A [EMAIL PROTECTED]: Hi, We have deployed Samba on VMware (ESX) on IBM Bladecenter H. I am having a serious problem with Samba related to Window client access. I can mount the samba share with no problem whatsoever and see all the files that exist within that share. However, when I try to open/write/copy/get properties on any file in either direction the operation stalls and eventually I will get a message similar to Cannot copy file: The specified network name is no longer available. on the Windows client. We are running stock RHEL5 workstatiom with most packages installed (sound/telephony excluded). Our samba security is set to domain but this has also been tested with security set to user. I have an identical samba server (except IP/hostname, etc.) on a standalone blade that works flawlessly. I have scoured the web looking for answers but have come up empty. Has anyone on this list ever had a similar problem that might be able to share some insight? Thanks in advance. -- Joe Mervini Scientific Applications and User Support Sandia National Laboratories Department 09326 MS-0823 PO Box 5800 Albuquerque, NM 87120 (505) 844.6770 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba on Virtual Machines
Mervini, Joseph A wrote: [snip] # Share Definitions == [Home] comment = User Files path = /home/%u browseable = no writable = yes Is there a particular reason you are not using the [Homes] auto-magic share that does exactly what you are doing here, but magically. Neal -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3.0.28 failing to authenticate on Win2003 ServerActive Directory
Thanks for the reply Matt I included a link to the wrong resource as you point out. The howto that I used was actually: http://www.enterprisenetworkingplanet.com/netos/article.php/3487081 Sorry for the confusion, I was also setting up a PDC machine last week and got the references mixed up. I will go through the samba documentation chapters that you referred to again more thoroughly. I spent some time looking at them when I was preparing to setup the server. The troubleshooting guide also looks like useful. Thanks again for the input. Regards, Langdon Humrick, Matt wrote: http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3 I believe these directions are for setting up Samba as an NT4 style PDC. From your description it sounds like you want the samba server to be a domain member server in a Win2003 AD and use winbind to authenticate users. If that's the case and you followed the directions on that website, then your samba config is definitely not going to work for you. I suggest reading chapters 3 and 6 here if you haven't already: http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/ Here's some good troubleshooting tips: http://us3.samba.org/samba/docs/using_samba/ch12.html#samba2-CHP-12-SECT -2.5.3 Matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Langdon Stevenson Sent: Sunday, May 11, 2008 11:36 PM To: samba@lists.samba.org Subject: [Samba] Samba 3.0.28 failing to authenticate on Win2003 ServerActive Directory I have set up a Fedora 8 server running Samba 3.0.28a-0.fc8 (the Fedora yum package version). I have successfully joined the server to the AD realm of a Win2003 server on the office network. Configuration was done following this guide: http://www.howtoforge.com/samba-domaincontroller-swat-fedora8-p3 However Authentication against the AD server does not work. When I test winbind with: # wbinfo -u I get: Error looking up domain users I have also found the following output in /var/log/messages/ It is generated each time Samba is started (note: date and time have been removed for clarity) srv winbindd[6850]: [2008/05/06 11:18:14, 0] param/loadparm.c:service_ok(3031) srv winbindd[6850]: WARNING: No path in service public - making it unavailable! srv winbindd[6851]: [2008/05/06 11:18:14, 0] nsswitch/winbindd_cache.c:initialize_winbindd_cache() srv winbindd[6851]: initialize_winbindd_cache: clearing cache and re-creating with version number 1 srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(41) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(42) srv winbindd[6853]: INTERNAL ERROR: Signal 11 in pid 6853 (3.0.28a-0.fc8) srv winbindd[6853]: Please read the Trouble-Shooting section of the Samba3-HOWTO srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(44) srv winbindd[6853]: srv winbindd[6853]: From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:fault_report(45) srv winbindd[6853]: === srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:smb_panic(1655) srv winbindd[6853]: PANIC (pid 6853): internal error srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/util.c:log_stack_trace(1759) srv winbindd[6853]: BACKTRACE: 19 stack frames: srv winbindd[6853]:#0 winbindd(log_stack_trace+0x2d) [0xb7d5de9d] srv winbindd[6853]:#1 winbindd(smb_panic+0x5d) [0xb7d5dfcd] srv winbindd[6853]:#2 winbindd [0xb7d48a4a] srv winbindd[6853]:#3 [0x12d420] srv winbindd[6853]:#4 winbindd(pwd_get_cleartext+0x18) [0xb7d9b638] srv winbindd[6853]:#5 winbindd(cm_connect_sam+0x156) [0xb7ce89f6] srv winbindd[6853]:#6 winbindd [0xb7cea8f9] srv winbindd[6853]:#7 winbindd [0xb7ced6e7] srv winbindd[6853]:#8 winbindd [0xb7cd2649] srv winbindd[6853]:#9 winbindd [0xb7cd2d29] srv winbindd[6853]:#10 winbindd [0xb7cd31a8] srv winbindd[6853]:#11 winbindd(winbindd_dual_list_trusted_domains+0x78) [0xb7ce3008] srv winbindd[6853]:#12 winbindd [0xb7cf3622] srv winbindd[6853]:#13 winbindd(init_child_connection+0x19a) [0xb7ccfdaa] srv winbindd[6853]:#14 winbindd(async_domain_request+0xb6) [0xb7cf4f86] srv winbindd[6853]:#15 winbindd(rescan_trusted_domains+0x110) [0xb7cd03f0] srv winbindd[6853]:#16 winbindd(main+0x75d) [0xb7cc5e0d] srv winbindd[6853]:#17 /lib/libc.so.6(__libc_start_main+0xe0) [0x2e3390] srv winbindd[6853]:#18 winbindd [0xb7cc42a1] srv winbindd[6853]: [2008/05/06 11:18:14, 0] lib/fault.c:dump_core(181) srv winbindd[6853]: dumping core in /var/log/samba/cores/winbindd srv winbindd[6853]: The Samba config file /etc/samba/smb.conf [global] log file = /var/log/samba/log.%m workgroup = SLA realm = SLA.COM.AU preferred master = no server string =
[Samba] BDC problem joining domain
We have a PDC running Samba Version 3.0.24 while the BDC is running Samba Version 3.0.28a. Both domain controllers are running Gentoo. The problem seems to be a compatibility issue between two versions of Samba. Please see below the error when I tried joining the BDC. [2008/05/12 15:15:25, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(310) error setting trust account password: NT code 0x1c010002 I believe that upgrading Samba on the PDC to version 3.0.28a will fix the problem but upgrade is not an option at this time. Upgrading Samba 3.0.28a will break a lot of its (PDC) functionalities. I've found similar issue on the web and the fix was to upgrade or downgrade Samba. I was wondering that maybe Simo or Gerry Carter can help me on this. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] [SAMBA4] command net
hello , i'm a french student and i'm working on samba 4. I would use the command Net to manage my DC but i have some problems. When i want to add a new user ( net user add [username]) this user is always disable. I must going to my dsa.msc console to validate it . So i would like to known how can i do ? I'm looking for information about the command Net in Samba 4 , if you have information or url , i'am open ... thank you , and excuse me for my bad english -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Does samba modify print queues?
I have the following situation at the hospital I work at. we are a windows shop (not my fault), and as such use windows 2k3 file and print servers. Recently passing 400 printers has apparently put too much strain on our main printserver - called ntprn (been a windows shop for a while). Okay, so now we are going to split the load amongst two or more printservers... ntprn1 and ntprn2. Our users have decided that this is most inconvenient - remembering which server their printer resides on. The windows admins looked for a while for a solution, but found nothing easy to implement, and handed it down to me. I thought Cups can do this - be a front for those windows servers and I'm right. it does a great job of being a face in front of one or more w2k3 server - just using raw queues, everything is perfect. Again, the issues of the user rears it head - they don't want to change their printers to this foreign idea of IPP. Okay, so samba can front for this and pass the print request to Cups and cups passes it to windows, all should be fine. Except it isn't. the prints are changing now. So somewhere in the line of windowsXPclient - samba -cups -Win2k3printserver - printer, we are changing the output. I'm trying to use raw queues in cups and just printers=cups in samba. Prints from WinXPclients directly to Win2k3printserver are the control Prints from WinXPClients to Cups To Win2k3printserver are exact match Prints from WinXPClients to Samba to Cups to Win2k3 are different - fonts are usually smaller, things are bold that are not on the control, some italics are sometimes missing. I've checked and rechecked the drivers on the WinXPClients and the Win2k3 server .. tried making more generic, etc. No difference. Can someone tell me if this is expected behavior or not? If this is a known issue, is there a work around? thanks, Jack -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[SCM] CTDB repository - branch master updated - 13d3eb9a8bc7fad14fcd3e7e023c1336657424d6
The branch, master has been updated via 13d3eb9a8bc7fad14fcd3e7e023c1336657424d6 (commit) from 8d6ecf47318188448d934ab76e40da7e4cece67d (commit) http://gitweb.samba.org/?p=sahlberg/ctdb.git;a=shortlog;h=master - Log - commit 13d3eb9a8bc7fad14fcd3e7e023c1336657424d6 Author: Ronnie Sahlberg [EMAIL PROTECTED] Date: Mon May 12 16:44:33 2008 +1000 When we run the init script to start the ctdb service Use tdbdump to verify that all persistent database files are good before we start the daemon. --- Summary of changes: config/ctdb.init | 13 + 1 files changed, 13 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/config/ctdb.init b/config/ctdb.init index 922a53d..95845d1 100755 --- a/config/ctdb.init +++ b/config/ctdb.init @@ -85,6 +85,19 @@ fi start() { killall -q ctdbd echo -n $Starting ctdbd service: + + # check all persistent databases that they look ok + PERSISTENT_DB_DIR=/var/ctdb/persistent + [ -z $CTDB_DBDIR ] || { + PERSISTENT_DB_DIR=$CTDB_DBDIR/persistent + } + for PDBASE in `ls $PERSISTENT_DB_DIR/*.tdb.[0-9]`; do + /usr/bin/tdbdump $PDBASE /dev/null 2/dev/null || { + echo Persistent database $PDBASE is corrupted! CTDB will not start. + return 1 + } + done + case $init_style in suse) startproc /usr/sbin/ctdbd $CTDB_OPTIONS -- CTDB repository
[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-2416-gaebae0b
The branch, v3-3-test has been updated via aebae0b71b427838fdc6344d69d6dea87a5dd58b (commit) from 88423a17b966652eba4085e88f7ddb5c86b463dd (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log - commit aebae0b71b427838fdc6344d69d6dea87a5dd58b Author: coffeedude [EMAIL PROTECTED] Date: Mon May 12 17:33:01 2008 -0500 net ads: Upper case he realm name when calling kinit() using machine creds. Needed fix for the DNS Update option as part of net ads join --- Summary of changes: source/utils/net_ads.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c index 8efc64f..77d1629 100644 --- a/source/utils/net_ads.c +++ b/source/utils/net_ads.c @@ -1228,6 +1228,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) ads_dns-auth.password = secrets_fetch_machine_password( r-out.netbios_domain_name, NULL, NULL ); ads_dns-auth.realm = SMB_STRDUP( r-out.dns_domain_name ); + strupper_m(ads_dns-auth.realm ); ads_kinit_password( ads_dns ); } -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-2-test updated - release-3-2-0pre2-2315-g437a595
The branch, v3-2-test has been updated via 437a59598d886b316fd58ca88ed40f5fb325c47f (commit) from 8bab6d651f1cd0efe5aa1e7808b3f043602a3dfa (commit) http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log - commit 437a59598d886b316fd58ca88ed40f5fb325c47f Author: coffeedude [EMAIL PROTECTED] Date: Mon May 12 17:33:01 2008 -0500 net ads: Upper case he realm name when calling kinit() using machine creds. Needed fix for the DNS Update option as part of net ads join (cherry picked from commit aebae0b71b427838fdc6344d69d6dea87a5dd58b) --- Summary of changes: source/utils/net_ads.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c index 3df9e2c..ad8882c 100644 --- a/source/utils/net_ads.c +++ b/source/utils/net_ads.c @@ -1227,6 +1227,7 @@ int net_ads_join(int argc, const char **argv) ads_dns-auth.password = secrets_fetch_machine_password( r-out.netbios_domain_name, NULL, NULL ); ads_dns-auth.realm = SMB_STRDUP( r-out.dns_domain_name ); + strupper_m(ads_dns-auth.realm ); ads_kinit_password( ads_dns ); } -- Samba Shared Repository
Build status as of Tue May 13 00:00:02 2008
URL: http://build.samba.org/ --- /home/build/master/cache/broken_results.txt.old 2008-05-12 00:00:47.0 + +++ /home/build/master/cache/broken_results.txt 2008-05-13 00:00:39.0 + @@ -1,4 +1,4 @@ -Build status as of Mon May 12 00:00:03 2008 +Build status as of Tue May 13 00:00:02 2008 Build counts: Tree Total Broken Panic @@ -7,7 +7,7 @@ ctdb 0 0 0 distcc 1 0 0 ldb 31 12 0 -libreplace 30 10 0 +libreplace 30 11 0 lorikeet-heimdal 27 23 0 pidl 17 13 0 ppp 11 0 0 @@ -15,8 +15,8 @@ samba-docs 0 0 0 samba-gtk4 4 0 samba_3_2_test 31 19 0 -samba_4_0_test 29 23 1 +samba_4_0_test 28 23 1 smb-build29 5 0 talloc 31 6 0 -tdb 31 12 0 +tdb 31 13 0
[SCM] SAMBA-CTDB repository - branch break-samba created - aced114588c73161dfcd434feee6a5285ecab974
The branch, break-samba has been created at aced114588c73161dfcd434feee6a5285ecab974 (commit) - Log - commit aced114588c73161dfcd434feee6a5285ecab974 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 09:44:25 2008 +0200 deliberate breakage of locking --- -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch ipv6 created - a0d1561c16ced6b1ffb23be732ccc434e37e2c7a
The branch, ipv6 has been created at a0d1561c16ced6b1ffb23be732ccc434e37e2c7a (commit) - Log - commit a0d1561c16ced6b1ffb23be732ccc434e37e2c7a Author: Andrew Tridgell [EMAIL PROTECTED] Date: Tue May 13 10:36:28 2008 +1000 work in progress for IPv6 support commit d486e75244890e8108bd3b23eafbd16ecf390d6d Author: Andrew Tridgell [EMAIL PROTECTED] Date: Tue Apr 29 08:33:47 2008 +0200 new IP utility functions commit 3157bb3dfad60e28815fe27269942ef9deb068d2 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Sat Apr 19 11:24:52 2008 +0200 added prototype for is_ipv6address commit bc34916454fca6829e0795c4e529a260d1934772 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Sat Apr 19 11:24:24 2008 +0200 fixed kdc startup with specified interfaces commit 8ce656b0ad6e99dbb45e723a40236c102cef206a Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 14:43:37 2008 +0200 use is_ipv4address to make v4/v6 distinction clearer commit db6958329f7d5aff82ea3cc689e7d8f5466ce8fb Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 11:32:40 2008 +0200 ipv6 patch from David Holder This patch converts Samba4 to use the ipv6 API instead of the IPv4 API This should allow smbd to work with either IPv6 or IPv4 networks commit 10faa251b56fe8accc71b966d0853839744aea35 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 11:17:37 2008 +0200 add \n in panic debug (patch from David Holder) --- -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch v4-0-test created - 13a0941d3432dc7dae552048265ad1e762b781d4
The branch, v4-0-test has been created at 13a0941d3432dc7dae552048265ad1e762b781d4 (commit) - Log - --- -- SAMBA-CTDB repository
[SCM] SAMBA-CTDB repository - branch ipv6 created - 6a949202de77399978288e988aa0bf39d983d38f
The branch, ipv6 has been created at 6a949202de77399978288e988aa0bf39d983d38f (commit) - Log - commit 6a949202de77399978288e988aa0bf39d983d38f Author: Andrew Tridgell [EMAIL PROTECTED] Date: Tue May 13 10:36:28 2008 +1000 work in progress for IPv6 support commit 4a9f7aaf9bbbf84b048aca01201a02553dce6983 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Tue Apr 29 08:33:47 2008 +0200 new IP utility functions commit 8852886089b6e845319bd4bf4d9a85b268eff863 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Sat Apr 19 11:24:52 2008 +0200 added prototype for is_ipv6address commit f2ef02c9cb97ba600989731098e7d0393bf3ad61 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Sat Apr 19 11:24:24 2008 +0200 fixed kdc startup with specified interfaces commit a6435796e15831653aeb66efa405a87ffd6c9cf9 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 14:43:37 2008 +0200 use is_ipv4address to make v4/v6 distinction clearer commit 075cf4f8a0ecddbc68d2834501bb83c072511496 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 11:32:40 2008 +0200 ipv6 patch from David Holder This patch converts Samba4 to use the ipv6 API instead of the IPv4 API This should allow smbd to work with either IPv6 or IPv4 networks commit 5bee4d04489dd6240204a9482e328d55d8ebafd2 Author: Andrew Tridgell [EMAIL PROTECTED] Date: Thu Apr 17 11:17:37 2008 +0200 add \n in panic debug (patch from David Holder) --- -- SAMBA-CTDB repository