Re: [Samba] Windows 8 pro and Samba 4
Just be sure you did no registry hack on the windows 8 machine!? --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von Marc Muehlfeld Gesendet: Sonntag, 28. Juli 2013 18:54 An: iss...@aralar.edunet.es Cc: samba@lists.samba.org Betreff: Re: [Samba] Windows 8 pro and Samba 4 Hello Emeka, Am 28.07.2013 18:39, schrieb iss...@aralar.edunet.es: I installed opensuse 12.2, and upgraded the samba 3 it came with to samba 4. I successfully joined win xp, win 7 clients to the samba as domain controller but couldn´t join win 8 prof (it keeps displaying domain does not exist message). Does samba 4 really support win 8 prof or we have to wait for some time? I have one w8 prof in my Samba AD test environment and it works without problems. - Are there any messages/erros in the samba/windows log? - Can the DNS on your w8 resolve the Samba Domain? Please give some more information. That would make it easier to help you. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Compiling Samba 4.0.7 - make test results
Thank You Dňa 24.07.2013 15:38, L.P.H. van Belle wrote / napísal(a): Hai, Just look here http://www.enterprisesamba.com/samba/ make an account so you can use the packages of sernet samba. and use this one for very basic setup. ( this also works for debian, since ubuntu is based on debian ) http://www.ferrara.com.au/mediawiki/index.php/Ubuntu:_Samba_4_Active_Directory_Domain_Master Best regards, Louis -Oorspronkelijk bericht- Van: tuhar...@misbb.sk [mailto:samba-boun...@lists.samba.org] Namens Mgr. Peter Tuharsky, MsU Banska Bystrica Verzonden: woensdag 24 juli 2013 14:08 Aan: samba@lists.samba.org Onderwerp: Re: [Samba] Compiling Samba 4.0.7 - make test results The tests eventually finished, however several errors have been reported. Sincerely, I don't understand them. I'm sending the st/summary file in attachment. Please, is there anybody capable telling me, what's the problem with my compilation? Am I missing some package, or is there some lack of information on Wiki, or...? Or should I better contact the technical mailing list? I'm not eager to compile samba myself, however Debian packages are rather old even in experimental branch... Peter D?a 23.07.2013 14:17, Mgr. Peter Tuharsky, MsU Banska Bystrica wrote / napísal(a): Hallo, I'm new here. Doing compilation of Samba 4.0.7 on Debian Wheezy accordingly to Samba Wiki page. I have used configure parameters --enable-debug --enable-selftest and after make, I ran make test. Now I'm puzzled, because it apparently stops at step 96 (after 15 minutes, CPU still running at full speed), and I don't know how to interpret the results. I'm sending the output in attachment. Please, is my samba ready to go or not? What is the 1 error reported about? And why the test dosen't end up correctly? Or how long should one normally wait for test to complete? Sincerely, Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Question on approach to authenticate Linux against Samba4
So first of all winbind is the fastest and easiest solution with samba 4: Just be sure winbind is loaded in your samba4 smb.conf. So winbind can read from samba: wbinfo -u Administrator Guest krbtgt dns-s4master then do a ldconfig -v | grep winbind If the result is ex: ldconfig: /etc/ld.so.conf.d/kernel-2.6.32-358.11.1.el6.x86_64.conf:6: duplicate hwcap 1 nosegneg libnss_winbind.so - libnss_winbind.so.2 You have to link libnss_winbind this way ex.: ln -s /usr/local/samba/lib/libnss_winbind.so.2 /lib64/libnss_winbind.so ln -s /lib64/libnss_winbind.so /lib64/libnss_winbind.so.2 In your nsswitch.conf: passwd: files winbind shadow: files group: files winbind now you get all your ads members and groups with getent passwd and group. Good luck Daniel --- EDV Daniel Müller Leitung EDV Tropenklinik Paul-Lechler-Krankenhaus Paul-Lechler-Str. 24 72076 Tübingen Tel.: 07071/206-463, Fax: 07071/206-499 eMail: muel...@tropenklinik.de Internet: www.tropenklinik.de --- -Ursprüngliche Nachricht- Von: samba-boun...@lists.samba.org [mailto:samba-boun...@lists.samba.org] Im Auftrag von dahopk...@comcast.net Gesendet: Donnerstag, 25. Juli 2013 18:59 An: samba@lists.samba.org Betreff: [Samba] Question on approach to authenticate Linux against Samba4 This is in a test environment: Also, it is wordy, but I'm hoping it explains my scenario. I am migrating from a custom LDAP+Samba3 authentication solution to Samba4. I have used the classicupgrade option to pull off the data from the existing ldap server to populate the samba4 database. I've installed AD DS and Server for NIS tools on a Windows 2008 server that is connected to the Samba4 DC as a member server. All the information appears to be correct, including the Unix uid and group memberships, and the unixHomedirectory. Now I need to authenticate a Linux system against the Samba4 DC and I need to have the unixHomedirectory used. There is a lot of older information on the net on how to authenticate. I'd prefer to not be required to install samba4 on these other Linux systems which a lot of these approaches seem to require. These linux systems are running LTSP so I have 50+ users logged in at any given time. I currently NFS mount home directories for the linux systems from a central fileserver. Home directories are of the pattern /home/Graduation_year/username. I've tested the Windows logins. I have an issue with mapped drives to the fileservers but I expected this since the fileservers don't exist on the test network. I expect this issue to be resolved once the fileservers are upgraded to samba4 and joined as member servers. I found http://zachbethel.com/2013/04/10/linux-ldap-authentication-with-samba4/ which I think will work, The ldbsearch works but before embarking further on this approach, I have some concerns. 1) will the unixHomedirectory be honored? 2) will I be able to easily add users so that the unix settings will be properly configured? I currently use the IDEALX smbldap tools. Being able to script account creation is very important to me .. adding 200+ user accounts manually each year is not very appealing. ;) 3) Will the scripting tools be able to automatically assign a unique uid for each unix account. Current approach uses NextFreeUnixID but this does not exist in the Samba4 database (the ldap entry is shown below ) dn: cn=NextFreeUnixId,dc=ncs,dc=k12,dc=de,dc=us objectClass: inetOrgPerson objectClass: sambaUnixIdPool cn: NextFreeUnixId sn: NextFreeUnixId structuralObjectClass: inetOrgPerson entryUUID: 4a73a856-83a5-1029-8294-b4ff885ef639 creatorsName: cn=Manager,dc=ncs,dc=k12,dc=de,dc=us createTimestamp: 20050708023946Z gidNumber: 1002 uidNumber: 3885 I have read through the recent thread on winbind and honestly I am not sure that I want to pursue either winbind or sssd if it is possible to use nss_pam_ldap which seems closest to the current approach. Thank you for your patience and taking the time to read the above. Sincerely, Dave Hopkins -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba server accessible but not browsable from network
Hi. I recently moved a Samba v3.4.7 from being a PDC to a member of a Windows 2008 domain. Everything works fine, shares are visible and usable by users, but only by typing the server name, the server is NOT visible while browsing the network. The only issue i noticed is the DNS update error when doing net ads join command. I then manually added the DNS entry in windows and now it's accessible via \\fileserver, but still when browsing the domain network the pc is missing. Another strange thing is that smbtree still shows pieces of the old domain, showing the old name as top level domain, but without any PC in it. I never restarted the server after the configuration change, just restarted smbd and nmbd. I attach below the current configuration. What could be the problem? Should I restart the host? thanks maxxer # testparm -s Load smb config files from /etc/samba/smb.conf Processing section [homes] Processing section [netlogon] Processing section [profiles] Processing section [profdata] Processing section [printers] Processing section [print$] Processing section [ufficio] Loaded services file OK. 'winbind separator = +' might cause problems with group membership. Server role: ROLE_DOMAIN_MEMBER [global] workgroup = COEL2008 realm = COEL.LAN netbios name = FILESERVER server string = %h server (YetOpen) security = ADS password server = WServer2008.coel.lan username map = /etc/samba/smbusers restrict anonymous = 2 ntlm auth = No client NTLMv2 auth = Yes syslog = 3 log file = /var/log/samba/%m max log size = 50 idmap backend = rid:MSG=7-100 idmap uid = 7-100 idmap gid = 7-100 template homedir = /home/%U template shell = /bin/bash winbind separator = + winbind cache time = 10 winbind enum users = Yes winbind enum groups = Yes winbind use default domain = Yes map acl inherit = Yes -- Lorenzo Milesi - lorenzo.mil...@yetopen.it YetOpen S.r.l. - http://www.yetopen.it/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 - Classicupgrade - pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain
Hi Team, *I'm migrating to samba4 (samba 4.0.7) and doing Upgrading In Place **and running classicupgrade; *I have installed openldap-devel...as im migrating database from ldap.* * *while doing this am getting the following error message:* # /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/samba-backup/ --use-xattrs=yes --realm=mydomain.com/samba-backup/smb.conf --dns-backend=BIND9_DLZ Reading smb.conf Provisioning smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=mydomain.com))] smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server The LDAP server is successfully connected smbldap_search_domain_info: Problem during LDAPsearch: Timed out pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it. pdb backend ldapsam:ldap://x.x.x.x/ did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) ERROR(class 'passdb.error'): uncaught exception - Cannot load backend methods for 'ldapsam:ldap:/x.x.x.x/' backend (-1073741606,NT_STATUS_CANT_ACCESS_DOMAIN_INFO) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 1318, in run useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs) File /usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py, line 616, in upgrade_from_samba3 s3db = samba3.get_sam_db() File /usr/local/samba/lib64/python2.6/site-packages/samba/samba3/__init__.py, line 390, in get_sam_db return passdb.PDB(self.lp.get('passdb backend')) Im also cleaning etc and private directories in order to re-run classicupgrade but no luck. rm -rf /usr/local/samba/etc/* rm -rf /usr/local/samba/private/* Please help. I AM Netizen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] How to install a replacement PDC?
I’m testing moving a current Samba PDC configuration from an existing Unix server to a new Debian server, and as expected, can’t login to the new PDC from a PC which had been connected to the old PDC. The new Debian Samba configuration is working okay in that I can join a new PC to it, login, and access shares. In a test environment I renamed the Debian server’s host and domain names to be the same as that of the Unix server, and manually created a user account in Debian and Samba for an existing test user and PC. I noted that the UIDs and GIDs are within different ranges on the two servers – In Unix they’re allocated from 100, whereas in Debian they’re allocated from 1000, so the test user and machine have been allocated different IDs on the two servers. Also, the SIDs are obviously different between the two servers. I used ‘net getlocalsid’ to find the two SIDs, and ‘net setlocalsid’ to set the SID of the new server to that of the old server. I’d appreciate some pointers on what to do. I don’t want to have the exact same users on the new Debian server (some of the users on the Unix server have left) so was hoping to just create users and groups manually rather than copy existing files across. Do I need to edit the UIDs and GIDs somehow, and then export/import some password/security files? I’ve seen that on the Unix server there’s a file named /etc/smbpasswd, but that isn’t on the Debian server, so I’m wondering if they’re using a different type of security back- end… Is there a command which will report this, or which smb.conf parameters will identify this? I don’t do a lot of this stuff, so any help would be appreciated. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: About samba 3.0.28 trust AD
On Mon, Jul 29, 2013 at 2:26 AM, Wong siu yu lmark1834...@gmail.com wrote: Redhat given me the samba-3.6.6 with samba-winbind-3.6.6. I can setup the trust relationship with my AD. Thanks for your supporting. Good! And seriously consider updating from RHEL 5.2 to RHEL 5.9. There are inevitable security and performance patches from any OS that was released 5 years ago, like RHEL 5.2. As long as you haven't building too much funky software locally, it should be just a yum update, then a reboot. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 - Classicupgrade - pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain
I would guess this is your problem: --realm=mydomain.com/samba-backup/smb.conf Should be --realm=mydomain.com On Mon, Jul 29, 2013 at 6:19 AM, I Am Netizen iamneti...@gmail.com wrote: Hi Team, *I'm migrating to samba4 (samba 4.0.7) and doing Upgrading In Place **and running classicupgrade; *I have installed openldap-devel...as im migrating database from ldap.* * *while doing this am getting the following error message:* # /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/samba-backup/ --use-xattrs=yes --realm=mydomain.com/samba-backup/smb.conf --dns-backend=BIND9_DLZ Reading smb.conf Provisioning smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=mydomain.com))] smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server The LDAP server is successfully connected smbldap_search_domain_info: Problem during LDAPsearch: Timed out pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it. pdb backend ldapsam:ldap://x.x.x.x/ did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) ERROR(class 'passdb.error'): uncaught exception - Cannot load backend methods for 'ldapsam:ldap:/x.x.x.x/' backend (-1073741606,NT_STATUS_CANT_ACCESS_DOMAIN_INFO) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 1318, in run useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs) File /usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py, line 616, in upgrade_from_samba3 s3db = samba3.get_sam_db() File /usr/local/samba/lib64/python2.6/site-packages/samba/samba3/__init__.py, line 390, in get_sam_db return passdb.PDB(self.lp.get('passdb backend')) Im also cleaning etc and private directories in order to re-run classicupgrade but no luck. rm -rf /usr/local/samba/etc/* rm -rf /usr/local/samba/private/* Please help. I AM Netizen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 on ubuntu precise LTS
I installed and configured samba 4.2.0pre1 on this ubuntu server 12.04.2. It's purpose is to server as an PDC. During provisioning, I had to specify --use-ntvfs as option. However, i now read that s3fs is the default. Can i change to s3fs without reinstalling ? What is the best permission setting for a share on the linux server ? chmod 0777 and then do all the permission settings from an AD tool in windows ? Do these permission settings in linux have something to do with the samba filesystem ntvfs or s3fs ? Some howto's specify that you still have to use directory mask = 0777 and create mask = 0777 ? jef peeraer -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to install a replacement PDC?
Sorry, forgot to say that the Unix server has Samba 3.0.10, and the Debian server is 3.5.6. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba4 - Classicupgrade - pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain
Sorry, that was copy-past error. Actual command im using is this - /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/samba-backup/--use-xattrs=yes --realm=mydomain.com /samba-backup/smb.conf --dns-backend=BIND9_DLZ as per the instructions from https://wiki.samba.org/index.php/Samba4/samba-tool/domain/classicupgrade/HOWTO # /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/path/to/samba3/tdbfiles --use-xattrs=yes --realm=myname.org /path/to/samba3.conf Parvez 2013/7/29 Thomas Simmons twsn...@gmail.com I would guess this is your problem: --realm=mydomain.com/samba-backup/smb.conf Should be --realm=mydomain.com On Mon, Jul 29, 2013 at 6:19 AM, I Am Netizen iamneti...@gmail.com wrote: Hi Team, *I'm migrating to samba4 (samba 4.0.7) and doing Upgrading In Place **and running classicupgrade; *I have installed openldap-devel...as im migrating database from ldap.* * *while doing this am getting the following error message:* # /usr/local/samba/bin/samba-tool domain classicupgrade --dbdir=/samba-backup/ --use-xattrs=yes --realm=mydomain.com/samba-backup/smb.conf --dns-backend=BIND9_DLZ Reading smb.conf Provisioning smbldap_search_domain_info: Searching for:[((objectClass=sambaDomain)(sambaDomainName=mydomain.com))] smbldap_open_connection: connection opened ldap_connect_system: successful connection to the LDAP server The LDAP server is successfully connected smbldap_search_domain_info: Problem during LDAPsearch: Timed out pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it. pdb backend ldapsam:ldap://x.x.x.x/ did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) ERROR(class 'passdb.error'): uncaught exception - Cannot load backend methods for 'ldapsam:ldap:/x.x.x.x/' backend (-1073741606,NT_STATUS_CANT_ACCESS_DOMAIN_INFO) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py, line 1318, in run useeadb=eadb, dns_backend=dns_backend, use_ntvfs=use_ntvfs) File /usr/local/samba/lib64/python2.6/site-packages/samba/upgrade.py, line 616, in upgrade_from_samba3 s3db = samba3.get_sam_db() File /usr/local/samba/lib64/python2.6/site-packages/samba/samba3/__init__.py, line 390, in get_sam_db return passdb.PDB(self.lp.get('passdb backend')) Im also cleaning etc and private directories in order to re-run classicupgrade but no luck. rm -rf /usr/local/samba/etc/* rm -rf /usr/local/samba/private/* Please help. I AM Netizen -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to install a replacement PDC?
Also, here are the 'global' sections from the 'testparm' command. Existing Unix server [global] workgroup = DDOMAIN server string = Samba Server PDC smb passwd file = /etc/smbpasswd log file = /usr/lib/samba/var/log.%m max log size = 50 time server = Yes keepalive = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No disable spoolss = Yes logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes hosts allow = 192.0.0., 127. New Debian server [global] workgroup = DDOMAIN server string = %h server (Samba %v) interfaces = 127.0.0.0/8, eth0 bind interfaces only = Yes obey pam restrictions = Yes smb passwd file = /etc/smbpasswd ### I added this, but the file doesn’t exit pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to install a replacement PDC?
Run the testparm -v to see full details, including defaults that may not have been explicitly specified in smb.conf. You want to look out for the passdb backend value. On samba 3.4 or later tdbsam is probably the only valid local option. If you were using the smbpasswd file (text?) format on 3.0.x you may need to use the smbpasswd command to export / import to the TDB (trivial data base) format. With the old primary domain server running you should join the new machine to the domain as a member server. (net join.) The localsid on all dc's should match the domainsid. You can probably then make the new machine a DC by changing the smb.conf to allow domain logons and by changing the localsid to be the domain sid.Verify that they user accounts are the same on each DC with pdbedit -Lv. You may find that some accounts did not export properly. Also make sure that each domain controller has the same group mappings (net rpc groupmap list ?) From 3.0. to 3.4 or later you may find you need to explicitly some of the well known groups. You may also need to create an explicit nobody user in linux (and specify guest account = nobody in smb.conf.) Search for earlier post by me that cover DC migration and 3.0x to 3.4. upgrades. On 07/29/13 11:24, sam...@nym.hush.com wrote: Also, here are the 'global' sections from the 'testparm' command. Existing Unix server [global] workgroup = DDOMAIN server string = Samba Server PDC smb passwd file = /etc/smbpasswd log file = /usr/lib/samba/var/log.%m max log size = 50 time server = Yes keepalive = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No disable spoolss = Yes logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes hosts allow = 192.0.0., 127. New Debian server [global] workgroup = DDOMAIN server string = %h server (Samba %v) interfaces = 127.0.0.0/8, eth0 bind interfaces only = Yes obey pam restrictions = Yes smb passwd file = /etc/smbpasswd ### I added this, but the file doesn’t exit pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 8 pro and Samba 4
Hello, Am 29.07.2013 16:10, schrieb iss...@aralar.edunet.es: The win8 machine is able to resolve the netbios name of the server. ping works fine. I ping the netbios name and it returns the ip address. I attach the 4 screenshots. - the first is the message I get on trying to join the domain - the 2nd - 4th is just to show the network settings of the client. We normally leave all on default settings. The surprising thing is that win7 and winxp join the domain without problems and use exactly the same network settings as the win8. I send you also my samba 4.x global configuration. [global] workgroup = CMARALAR server string = Servidor interfaces = 192.168.1.1/255.255.255.0 bind interfaces only = Yes deadtime = 5 load printers = No add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ logon script = conecta.vbs logon path = \\%N\profiles\%U logon drive = Z: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes ldap ssl = no idmap config * : range = idmap config * : backend = tdb hide special files = Yes hide unreadable = Yes hide unwriteable files = Yes veto files = /*-China*/*-runtime*/*.desktop*/ Note, I installed opensuse 12.2, after installation, I uninstalled completely samba 3.x and installed samba 4.x, winxp, win7 joins the domain without problems but win8 no! I remember we had the same problem with the samba version that comes with opensuse 11.x and win7, it is only when we installed opensuse 12.x that win7 was able to connect to the samba version. Now the problem is with samba 3.x that comes with opensuse 12.2 and also samba 4.x that is rumoured to support When you wrote Samba 4 I automatically though AD. Sorry. My fault. I run Samba 4 as AD DC. There XP, 7 and 8 doesn't require any changes to join the domain. If you run Samba in a NT4 style domain, it seems that the DomainCompatibilityMode and DNSNameResolutionRequired changes are still required (at least in this articla about W8 and Samba 3.6.9): http://www.admin-magazine.com/Articles/Linux-with-Windows-8 Does it work if you change this two values? Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 8 pro and Samba 4
Am 29.07.2013 08:00, schrieb Daniel Müller: I have one w8 prof in my Samba AD test environment and it works without problems. Just be sure you did no registry hack on the windows 8 machine!? No registry hack here. Under HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManWorkstation\Parameters I don't have the entries DomainCompatibilityMode and DNSNameResolutionRequired: http://s1.directupload.net/images/130729/juvqft2b.png So both are on default. My Samba 4 installation is AD (not a NT4-style domain). So I would say, it's not required for Samba AD. But maybe if Samba is providing a NT4 style domain. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] memory consumption with treesize pro and cifs shares
More info on this: The NAS running FreeBSD has 48GB RAM, same as the test NAS we are duplicating the error on. Both machines see this error with 3.6.9 Samba. The initial try at duplicating the error didn't produce it. It wasn't until we increased the amount of files in the CIFS share that we were able to duplicate it. Number of files is in the millions. Drive freespace is large on the test machine and the error still occurs. According to LindaW here, the test hasn't been reproduce yet using Samba 3.6.16, so we're looking into another test on our box using the updated version. Has anyone else encountered an issue like with using TreeSize Pro? Does anyone need more information to help sort this out? We'll be running additional tests today looking for a solution and I will post back more on this later. Thanks, Mike On Tue, Jul 23, 2013 at 6:59 PM, Cy Mike cym...@gmail.com wrote: Hi everyone. I'm looking to solve an issue with Samba on a NAS being accessed with TreeSize Pro. Using that program to scan through millions of files is eating up memory on swap and eventually crashing the system. It's scanning mounted CIFS shares on the NAS running TrueNAS with samba version 3.6.9 We have a test case and have been able to replicate the issue on another machine. The solution right now is to simply not run TreeSize Pro. Not the best of plans. In the meantime, I'm going to continue to check the usual manuals/google sources to see if I can find anything. I haven't as yet and am short on time with this. Basically looking to see if this is an actual bug that might require a patch/upgrade, or something I can fix with some tuneables. Thanks, Mike -- that's not a bald head, that's a solar panel for a dumbass machine - jon stewart 5/9/12 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 8 pro and Samba 4
I have a win 8 member on my test domain and it joined fine. Did you try joining using full domain name as well as the NETBIOS name? Chris On 29 Jul 2013 18:46, Marc Muehlfeld sa...@marc-muehlfeld.de wrote: Am 29.07.2013 08:00, schrieb Daniel Müller: I have one w8 prof in my Samba AD test environment and it works without problems. Just be sure you did no registry hack on the windows 8 machine!? No registry hack here. Under HKEY_LOCAL_MACHINE\System\**CurrentControlSet\Services\**LanManWorkstation\Parameters I don't have the entries DomainCompatibilityMode and DNSNameResolutionRequired: http://s1.directupload.net/**images/130729/juvqft2b.pnghttp://s1.directupload.net/images/130729/juvqft2b.png So both are on default. My Samba 4 installation is AD (not a NT4-style domain). So I would say, it's not required for Samba AD. But maybe if Samba is providing a NT4 style domain. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Compiling Samba 4.0.7 - make test results
Nice to see my how to is helping out. Sent from my iPhone On 29/07/2013, at 4:12 PM, Mgr. Peter Tuharsky, MsU Banska Bystrica tuhar...@misbb.sk wrote: Thank You Dňa 24.07.2013 15:38, L.P.H. van Belle wrote / napísal(a): Hai, Just look here http://www.enterprisesamba.com/samba/ make an account so you can use the packages of sernet samba. and use this one for very basic setup. ( this also works for debian, since ubuntu is based on debian ) http://www.ferrara.com.au/mediawiki/index.php/Ubuntu:_Samba_4_Active_Directory_Domain_Master Best regards, Louis -Oorspronkelijk bericht- Van: tuhar...@misbb.sk [mailto:samba-boun...@lists.samba.org] Namens Mgr. Peter Tuharsky, MsU Banska Bystrica Verzonden: woensdag 24 juli 2013 14:08 Aan: samba@lists.samba.org Onderwerp: Re: [Samba] Compiling Samba 4.0.7 - make test results The tests eventually finished, however several errors have been reported. Sincerely, I don't understand them. I'm sending the st/summary file in attachment. Please, is there anybody capable telling me, what's the problem with my compilation? Am I missing some package, or is there some lack of information on Wiki, or...? Or should I better contact the technical mailing list? I'm not eager to compile samba myself, however Debian packages are rather old even in experimental branch... Peter D?a 23.07.2013 14:17, Mgr. Peter Tuharsky, MsU Banska Bystrica wrote / napísal(a): Hallo, I'm new here. Doing compilation of Samba 4.0.7 on Debian Wheezy accordingly to Samba Wiki page. I have used configure parameters --enable-debug --enable-selftest and after make, I ran make test. Now I'm puzzled, because it apparently stops at step 96 (after 15 minutes, CPU still running at full speed), and I don't know how to interpret the results. I'm sending the output in attachment. Please, is my samba ready to go or not? What is the 1 error reported about? And why the test dosen't end up correctly? Or how long should one normally wait for test to complete? Sincerely, Peter -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] NT4 clients
I'm attempting to get an old NT4 client participating in a Samba4 domain. Users can logon to the machine locally and access network shares on other machines in the network. However, no one can access shares on the NT4 machine using the machine name. Attempting this results in an error The account is not authorized to log in from this station. Using the IP address does work however. The clients are configured to allow no smb signing and NTLMv1, I think I have all the security settings covered. I noticed while looking at wireshark though that the client is doing TGS-REQ for cifs/nt4test and Samba is returning a full TGS-REP. This feels very odd to me since there is no such SPN cifs/nt4test on the network. 'setspn -Q cifs/nt4test' confirms this. I've also noticed that the MS docs state: 94 Section 3.2.5.2: http://msdn.microsoft.com/en-us/library/d367854f-5eee-45e8-a588-eed596a1a521#endNote94When the server completes negotiation and returns the CAP_EXTENDED_SECURITY flag as not set, Windows-based SMB clients query the Key Distribution Center (KDC)http://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDCto verify whether a service ticket is registered for the given security principal name (SPN)http://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spn. If the query indicates that the SPNhttp://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spnis registered with the KDChttp://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDC, then the SMB client terminates the connection and returns an implementation-specific security downgrade error to the caller. The client does have CAP_EXTENDED_SECURITY set and I'm guessing the TGS-REQ is how Windows is testing the presence of the SPN. Since the test is succeeding and the server doesn't advertise the extended security capability, Windows disconnects. Can someone confirm my hypothesis? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 clients
Oh, forgot to mention. Samba 4.0.7-4 Sernet packages running on CentOS 6.4. On Mon, Jul 29, 2013 at 5:00 PM, Ryan Bair ryandb...@gmail.com wrote: I'm attempting to get an old NT4 client participating in a Samba4 domain. Users can logon to the machine locally and access network shares on other machines in the network. However, no one can access shares on the NT4 machine using the machine name. Attempting this results in an error The account is not authorized to log in from this station. Using the IP address does work however. The clients are configured to allow no smb signing and NTLMv1, I think I have all the security settings covered. I noticed while looking at wireshark though that the client is doing TGS-REQ for cifs/nt4test and Samba is returning a full TGS-REP. This feels very odd to me since there is no such SPN cifs/nt4test on the network. 'setspn -Q cifs/nt4test' confirms this. I've also noticed that the MS docs state: 94 Section 3.2.5.2: http://msdn.microsoft.com/en-us/library/d367854f-5eee-45e8-a588-eed596a1a521#endNote94When the server completes negotiation and returns the CAP_EXTENDED_SECURITY flag as not set, Windows-based SMB clients query the Key Distribution Center (KDC)http://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDCto verify whether a service ticket is registered for the given security principal name (SPN)http://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spn. If the query indicates that the SPNhttp://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spnis registered with the KDChttp://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDC, then the SMB client terminates the connection and returns an implementation-specific security downgrade error to the caller. The client does have CAP_EXTENDED_SECURITY set and I'm guessing the TGS-REQ is how Windows is testing the presence of the SPN. Since the test is succeeding and the server doesn't advertise the extended security capability, Windows disconnects. Can someone confirm my hypothesis? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 clients
I wouldn't have even guessed that NT4 would join a modern AD domain. It looks like MS did provide client software to join a Windows 2000 AD domain.Or does the NT4 machine think it is in an NT4 / Samba3 type domain? Presumably you can see the domain users in the local user manager program on the NT4 machine? And verify the security options. http://www.windowsnetworking.com/articles-tutorials/windows-nt/nt4user.html Do you have a a WINS server running? With XP/Windows 7 when you join an AD domain, the machine name usually gets set to a fully qualified domain name. e.g. mypc.mydomain.com. Does the host name of the NT4 machine match the expected AD fully qualified domain name (does nslookup ip_address on the NT4 machine return the expected hostname? ) Are all machines in DNS? I think a hostname or dns mismatch could cause problems validating AD kerberos tickets. I am running Samba 3, not 4, but found that using a WINS server and making sure key systems were in DNS helped solve some issues. On 07/29/13 17:05, Ryan Bair wrote: Oh, forgot to mention. Samba 4.0.7-4 Sernet packages running on CentOS 6.4. On Mon, Jul 29, 2013 at 5:00 PM, Ryan Bair ryandb...@gmail.com wrote: I'm attempting to get an old NT4 client participating in a Samba4 domain. Users can logon to the machine locally and access network shares on other machines in the network. However, no one can access shares on the NT4 machine using the machine name. Attempting this results in an error The account is not authorized to log in from this station. Using the IP address does work however. The clients are configured to allow no smb signing and NTLMv1, I think I have all the security settings covered. I noticed while looking at wireshark though that the client is doing TGS-REQ for cifs/nt4test and Samba is returning a full TGS-REP. This feels very odd to me since there is no such SPN cifs/nt4test on the network. 'setspn -Q cifs/nt4test' confirms this. I've also noticed that the MS docs state: 94 Section 3.2.5.2: http://msdn.microsoft.com/en-us/library/d367854f-5eee-45e8-a588-eed596a1a521#endNote94When the server completes negotiation and returns the CAP_EXTENDED_SECURITY flag as not set, Windows-based SMB clients query the Key Distribution Center (KDC)http://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDCto verify whether a service ticket is registered for the given security principal name (SPN)http://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spn. If the query indicates that the SPNhttp://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spnis registered with the KDChttp://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDC, then the SMB client terminates the connection and returns an implementation-specific security downgrade error to the caller. The client does have CAP_EXTENDED_SECURITY set and I'm guessing the TGS-REQ is how Windows is testing the presence of the SPN. Since the test is succeeding and the server doesn't advertise the extended security capability, Windows disconnects. Can someone confirm my hypothesis? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 clients
Yes, AD has explicit support for pre-2000 clients. WINS is alive and well and name resolution is working. I really think the bogus TGS reply is messing things up, but I'd like to have someone more knowledgeable confirm the behavior is incorrect. On Mon, Jul 29, 2013 at 5:23 PM, Gaiseric Vandal gaiseric.van...@gmail.comwrote: I wouldn't have even guessed that NT4 would join a modern AD domain. It looks like MS did provide client software to join a Windows 2000 AD domain. Or does the NT4 machine think it is in an NT4 / Samba3 type domain? Presumably you can see the domain users in the local user manager program on the NT4 machine? And verify the security options. http://www.windowsnetworking.**com/articles-tutorials/** windows-nt/nt4user.htmlhttp://www.windowsnetworking.com/articles-tutorials/windows-nt/nt4user.html Do you have a a WINS server running? With XP/Windows 7 when you join an AD domain, the machine name usually gets set to a fully qualified domain name. e.g. mypc.mydomain.com. Does the host name of the NT4 machine match the expected AD fully qualified domain name (does nslookup ip_address on the NT4 machine return the expected hostname? ) Are all machines in DNS? I think a hostname or dns mismatch could cause problems validating AD kerberos tickets. I am running Samba 3, not 4, but found that using a WINS server and making sure key systems were in DNS helped solve some issues. On 07/29/13 17:05, Ryan Bair wrote: Oh, forgot to mention. Samba 4.0.7-4 Sernet packages running on CentOS 6.4. On Mon, Jul 29, 2013 at 5:00 PM, Ryan Bair ryandb...@gmail.com wrote: I'm attempting to get an old NT4 client participating in a Samba4 domain. Users can logon to the machine locally and access network shares on other machines in the network. However, no one can access shares on the NT4 machine using the machine name. Attempting this results in an error The account is not authorized to log in from this station. Using the IP address does work however. The clients are configured to allow no smb signing and NTLMv1, I think I have all the security settings covered. I noticed while looking at wireshark though that the client is doing TGS-REQ for cifs/nt4test and Samba is returning a full TGS-REP. This feels very odd to me since there is no such SPN cifs/nt4test on the network. 'setspn -Q cifs/nt4test' confirms this. I've also noticed that the MS docs state: 94 Section 3.2.5.2: http://msdn.microsoft.com/en-**us/library/d367854f-5eee-45e8-** a588-eed596a1a521#endNote94http://msdn.microsoft.com/en-us/library/d367854f-5eee-45e8-a588-eed596a1a521#endNote94 **When the server completes negotiation and returns the CAP_EXTENDED_SECURITY flag as not set, Windows-based SMB clients query the Key Distribution Center (KDC)http://msdn.microsoft.**com/en-us/library/0aa17e1f-** b3c1-478a-9bf0-2d826888d081#**key_distribution_center_KDChttp://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDCto verify whether a service ticket is registered for the given security principal name (SPN)http://msdn.microsoft.**com/en-us/library/54af12e1- **fcc1-4d62-bd47-c80514ac2615#**spnhttp://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spn . If the query indicates that the SPNhttp://msdn.microsoft.com/** en-us/library/54af12e1-fcc1-**4d62-bd47-c80514ac2615#spnhttp://msdn.microsoft.com/en-us/library/54af12e1-fcc1-4d62-bd47-c80514ac2615#spnis registered with the KDChttp://msdn.microsoft.com/**en-us/library/0aa17e1f-b3c1-** 478a-9bf0-2d826888d081#key_**distribution_center_KDChttp://msdn.microsoft.com/en-us/library/0aa17e1f-b3c1-478a-9bf0-2d826888d081#key_distribution_center_KDC , then the SMB client terminates the connection and returns an implementation-specific security downgrade error to the caller. The client does have CAP_EXTENDED_SECURITY set and I'm guessing the TGS-REQ is how Windows is testing the presence of the SPN. Since the test is succeeding and the server doesn't advertise the extended security capability, Windows disconnects. Can someone confirm my hypothesis? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/**mailman/options/sambahttps://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Consistent Inter-Samba UID/GID Mappings
Hi everyone, I'm trying to ensure my various Samba3 fileservers have consistent Samba User/Group - Linux UID/GID mappings between them. The domain is controlled by a Samba4 DC. Samba3 is used because it's maintained in the distributions that we have deployed already. I believe that using Winbind with idmap_rid is probably the easiest way to accomplish this, however I have had no luck with this after spending hours trying different configurations. And after searching online, it appeared that several people have suggested that this idmap backend no longer works in 3.6, and that explicitly stored mappings (via RFC2307 / SFU) is now considered the appropriate way to do what I'm wanting. Can anyone confirm this? In an attempt to implement RFC2307 in the Samba directory, I rebuilt my test domain (Samba4) using the --use-rfc2307 option in the samba-tool domain provision command. The --use-rfc2307 option enables your Samba AD automatically to store posix attributes. -- https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Provisioning_Samba_.28Setting_up_a_new_domain.29 This sounded like it would work perfectly for my needs. However it doesn't. I'd hoped that it would ensure that any new user or group is automagically assigned a uidNumber or gidNumber, etc. Currently I'm using RSAT to administer the directory. I'm rather hoping that someone can point out something important that I've not realised. Any information would be enthusiastically received. I'll update this with further information tomorrow (Samba versions -- I believe that the DC is 4.0.6 and the fileserver 3.6.3). Thanks for your time. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Samba4 DNS (bind_dlz) management issue on CentOS
To whom it may concern, Not long ago, I joined a Samba4 box as a DC to a single DC Windows 2003 Active Directory domain to begin the process of learning Samba4. Unfortunately, before I was ready to make the total switch, my Windows 2003 server died, and the remnants of my domain were left with Samba4. While I have got my Samba4 running fairly smoothly (after forcing it to take on fsmo roles), there are still a few snags - and DNS happens to be one of them. Right now I'm running two CentOS 6.4 (x64) servers that are operating as Active Directory DCs. Both are utilizing Samba 4.0.7 (provided by SerNet) on Linux kernel 2.6.32. Both are running BIND 9.8.2 with the Samba DLZ plugin for DNS (and for the record, these servers do more than run Samba and require BIND for DNS). I have two primary problems with DNS. One, I can't manage any of my AD DNS zones from Windows using MMC, or from samba-tool. MMC either complains the DNS server is unreachable, or that the Active Directory service is unavailable. The samba-tool utility returns the error code ERROR(runtime): uncaught exception - (-1073741249, 'NT_STATUS_PORT_UNREACHABLE'). Two, while my reverse zone (for a 10.0.0.0/24 subnet) is being served out of the DLZ, my forward Active Directory office zone is not. Right now it is running as a master zone in BIND. Employees can login via AD without issue. Replication appears to be working correctly so far as I can tell. -- Here's my smb.conf file: # Global parameters [global] workgroup = OFFICE realm = office.domain.com netbios name = CARBON netbios aliases = COBALT COBALT-DC FS1 server role = active directory domain controller server services = +web -smb +s3fs -dns +dns_update +kdc +rpc +nbt +wrepl +drepl +ldap +cldap +ntp_signd +kcc dcerpc endpoint servers = +epmapper +wkssvc +rpcecho +samr +netlogon +lsarpc +spoolss +drsuapi +dssetup +unixinfo +browser +eventlog6 +backupkey -winreg -srvsvc -dnsserver -dns load printers = no log file = /var/log/samba/log.%m log level = 5 encrypt passwords = yes idmap config *:backend = tdb idmap config *:range = 70001-8 idmap config OFFICE:backend = ad idmap config OFFICE:schema_mode = rfc2307 idmap config OFFICE:range = 1-4 winbind nss info = rfc2307 winbind trusted domains only = no winbind use default domain = yes winbind enum users = yes winbind enum groups = yes vfs objects = acl_xattr recycle shadow_copy2 acl_xattr:ignore system acls = no recycle:keeptree = True recycle:versions = False recycle:touch = False recycle:repository = .recycle recycle:exclude = *.tmp recycle:exclude_dir = logon drive = U: logon script = \\CARBON\netlogon\NetDrives.vbs logon path = \\CARBON\data\users\%U -- Here's my named.conf file: # Loads Samba Active Directory zone include /var/lib/samba/private/named.conf; # Global options options { auth-nxdomain yes; directory /var/named; notify no; empty-zones-enable no; allow-query { 127.0.0.0/8; 10.0.0.0/24; }; allow-recursion { 127.0.0.0/8; 10.0.0.0/24; }; allow-transfer { 10.0.0.0/24; 127.0.0.1; }; forwarders { 66.111.113.7; 66.111.113.8; }; tkey-gssapi-keytab /var/lib/samba/private/dns.keytab; tkey-domain OFFICE.DOMAIN.COM; }; controls { inet 127.0.0.1 port 953 allow { 10.0.0.0/24; 127.0.0.1; } keys { rndc-key; }; }; key rndc-key { algorithm hmac-md5; secret OMMITTED ; }; # Root servers (required zone for recursive queries) zone . { type hint; file named.root; }; # Required localhost forward-/reverse zones zone localhost { type master; file master/localhost.zone; }; zone 0.0.127.in-addr.arpa { type master; file master/0.0.127.zone; }; #zone 0.0.10.in-addr.arpa { # type master; # file master/0.0.10.in-addr.arpa.zone; # update-policy { #grant *.COM wildcard *.0.0.10.in-addr.arpa. PTR; #grant OFFICE.DOMAIN.COM ms-self * A ; # }; #}; zone domain.com { type master; file master/domain.com.zone; }; zone office.domain.com { type master; check-names ignore; # Required for MS AD domain file master/office.domain.com.zone; include /var/lib/samba/private/named.conf.update; }; -- The office.domain.com zone file came of the fact that I had a backup of the zone file because one of my Samba servers was once a slave DNS server to the Windows 2003 server that I lost (it was running Samba3 before my move to Samba4).
Re: [Samba] memory consumption with treesize pro and cifs shares
(some more followup---sorry if I ask too much / too many Q's, if so, just don't respond! I won't be offended).. You might look for a file system loop and check for options in treesize pro to detect such. Another program to try is WinDirStat's home is http://windirstat.sourceforge.net/. The reason I mention the loop stuff is that windir stat has options to detect remote mounts and remote symbolic links and to follow them or not. That can cause it to go in loops but not exhaust memory on th server. Running it now in normal mode, it runs more aggressively against the server and I see the smbd process at 90% cpu usage (the fact that the protocol is single-server/client makes it difficult to parallelize cpu usage, so 90% is how much of 1 core it is using, vs. system wide it would be about 6.3%). Note -- my instance of 3.6.12 is running with millions of files as well (a bit over 9 million at last count) and is running on linux-3.9.8. I'm not sure, but I think linux's multi-tasking ability is considered more efficient than BSD's, though BSD is has had some record of better security -- though to both those figures the relative user bases need to be considered (fewer users, fewer bugs found, more users, more need for different types of HW and efficient algorithms to handle high loads across diverse platforms, as well as the ability to keep source closed under BSD (security through obscurity)). Of note -- on the server, I see two instances of smbd running -- the other is from another machine where I have a logon instance in windows that I left suspended (disconnected from a remote session, so not really suspended -- looks like explorer doing some sort of indexing (which MS refuses to allow their indexer to use to update a computer's local index)). Anyway, the two of them are running right around 129-137MB Virtual size for each with 24MB resident and 20M Shared... Server's cpu's are Xeon X5660 @2.8Gh currently running at 1600MHz (demand based scheduler), so they aren't the fastest or the slowest. Main disk subsystem is a RAID50 of reasonable speed. I would think it unlikely, but perhaps a slow disk might cause a backlog of requests... but I don't see that as likely. Evidence points to the BSD-samba combination you are using. :(. You didn't mention -- * what processor/how many cores the NAS is using/has available? * What type of disk are in use (Sata/SAS 4000RPM - 15K RPM); * Is the system using RAID? Type? * What file system is it using (options?) Personally, in my limited exploration of home NAS units, I didn't find any that were well powered; not as even as much as a low-end workstation based server. With 48G, your's already sounds better than most, but that's only 1 measure. Also note, my version of treesizepro isn't the latest, it's officially 'OUTDATED' (says so next to the version 5.4.4.707);-). Newer versions may be more aggressive or have different options. Cy Mike wrote: More info on this: The NAS running FreeBSD has 48GB RAM, same as the test NAS we are duplicating the error on. Both machines see this error with 3.6.9 Samba. The initial try at duplicating the error didn't produce it. It wasn't until we increased the amount of files in the CIFS share that we were able to duplicate it. Number of files is in the millions. Drive freespace is large on the test machine and the error still occurs. According to LindaW here, the test hasn't been reproduce yet using Samba 3.6.16, so we're looking into another test on our box using the updated version. Has anyone else encountered an issue like with using TreeSize Pro? Does anyone need more information to help sort this out? We'll be running additional tests today looking for a solution and I will post back more on this later.� Thanks, Mike� On Tue, Jul 23, 2013 at 6:59 PM, Cy Mike cym...@gmail.com mailto:cym...@gmail.com wrote: Hi everyone. I'm looking to solve an issue with Samba on a NAS being accessed with TreeSize Pro. Using that program to scan through millions of files is eating up memory on swap and eventually crashing the system. It's scanning mounted CIFS shares on the NAS running TrueNAS with samba version 3.6.9 We have a test case and have been able to replicate the issue on another machine. The solution right now is to simply not run TreeSize Pro. Not the best of plans. In the meantime, I'm going to continue to check the usual manuals/google sources to see if I can find anything. I haven't as yet and am short on time with this. Basically looking to see if this is an actual bug that might require a patch/upgrade, or something I can fix with some tuneables.� Thanks, Mike -- that's not a bald head, that's a solar panel for a dumbass machine - jon stewart 5/9/12 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba4 - classicupgrade - problem - passdb.error uncaught exception - Cannot load backend methods for 'ldapsam:ldap://localhost' backend NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Even after cleaning etc and private directories im still getting the same error: Provisioning convert_string_talloc: Conversion not supported.*pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it.* pdb backend ldapsam:ldap://localhost did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) ERROR(class 'passdb.error'): uncaught exception - Cannot load backend methods for 'ldapsam:ldap://localhost' backend (-1073741606,NT_STATUS_CANT_ACCESS_DOMAIN_INFO) Any clues? Thanks in advance! Saheb -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 clients
On Mon, 2013-07-29 at 19:29 -0400, Ryan Bair wrote: Yes, AD has explicit support for pre-2000 clients. WINS is alive and well and name resolution is working. I really think the bogus TGS reply is messing things up, but I'd like to have someone more knowledgeable confirm the behavior is incorrect. NT4 doesn't know about Kerberos, I think any TGS traffic is highly likely a red herring. Are you really sure the client is issuing it, and you have not additional software installed on the NT4 machine? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba4 - classicupgrade - problem - passdb.error uncaught exception - Cannot load backend methods for 'ldapsam:ldap://localhost' backend NT_STATUS_CANT_ACCESS_DOMAIN_INFO
On Tue, 2013-07-30 at 10:27 +0530, itsaheb wrote: Even after cleaning etc and private directories im still getting the same error: Provisioning convert_string_talloc: Conversion not supported.*pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it.* pdb backend ldapsam:ldap://localhost did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) ERROR(class 'passdb.error'): uncaught exception - Cannot load backend methods for 'ldapsam:ldap://localhost' backend (-1073741606,NT_STATUS_CANT_ACCESS_DOMAIN_INFO) I think you may have cleaned too much, or not have the right settings - this means that the ldap server listning on port 389 localhost does not have a copy of your Samba3 domain. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Consistent Inter-Samba UID/GID Mappings
Hello Chris, Am 30.07.2013 01:36, schrieb chris.ha...@proporta.com: In an attempt to implement RFC2307 in the Samba directory, I rebuilt my test domain (Samba4) using the --use-rfc2307 option in the samba-tool domain provision command. The --use-rfc2307 option enables your Samba AD automatically to store posix attributes. -- https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO#Provisioning_Samba_.28Setting_up_a_new_domain.29 This sounded like it would work perfectly for my needs. However it doesn't. I'd hoped that it would ensure that any new user or group is automagically assigned a uidNumber or gidNumber, etc. Currently I'm using RSAT to administer the directory. I'm rather hoping that someone can point out something important that I've not realised. Any information would be enthusiastically received. I'll update this with further information tomorrow (Samba versions -- I believe that the DC is 4.0.6 and the fileserver 3.6.3). the --use-rfc2307 option doesn't automatically assigns xIDs on your DC. It add's the additionals schemas to your directory that allows you among others to assign xIDs to user/groups. If you migrate to Samba AD, then the values from your old Samba PDC are filled in this fields. If you provision a new domain and add users/groups, the fields you require are not set. You can administrate them through ADUC or other ways. If you don't want to administrate the posix stuff in your AD, have a look on sssd instead of winbind. Regards, Marc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[SCM] CTDB repository - branch master updated - ctdb-2.3-20-g57aa2df
The branch, master has been updated via 57aa2dffea60abd73a95233f8b761cc676adebb6 (commit) via 37ccc7c6cc43a80aaa92291aea7a438f4225488a (commit) via 782814288bb560099ee44b607bf35f3eddf37f82 (commit) via a20d94717d2e4ab866d8a002cdf39c0669b74c6a (commit) via af5aa369c266430fe912df0c26116b68bac3572e (commit) via a69e03a5e4671e998d45b4fef8611a421bbdb3e1 (commit) via bf4a7c1ad87e0e848296d15d63eb8cd901ca5335 (commit) via 1b016b2dfc5d7d3f2a42ce4dfe569608e90eb714 (commit) via e0f3fa1020e13b84bdd672538168d148f1847d57 (commit) via 29e98017221326bdc9b1c4f7c05b3b495c1de29b (commit) via 9d6e1c147bd036d832b98c155f405ee2a5d6f57f (commit) via ae3c03d80264e997b7da9f3279d7810e18b8a1df (commit) via 90d792cf28d6a823141e4c417b6978f02a9cf596 (commit) via 3dd5b925dcf0e9a5b877638e471c5ecf36b46c58 (commit) via 53e4eca74429f76adc81d98e3d11d1bd61194d71 (commit) via 501f19b16fd6d67fbb754248868c38ee5bcf79ef (commit) via c6ab0f9405d5fa5b0b1693bc92e59da0d555a9d7 (commit) via 57ef5d3827ea3417a32703e259a53ce6fd10ac45 (commit) from 5740155cc5de1a223412e8529aa1a383a5412514 (commit) http://gitweb.samba.org/?p=ctdb.git;a=shortlog;h=master - Log - commit 57aa2dffea60abd73a95233f8b761cc676adebb6 Author: Martin Schwenke mar...@meltin.net Date: Fri Jul 26 15:09:24 2013 +1000 doc: Update XML files to use standard DocBook DTD This simplifies building since we don't use any of the Samba extensions. Signed-off-by: Martin Schwenke mar...@meltin.net commit 37ccc7c6cc43a80aaa92291aea7a438f4225488a Author: Martin Schwenke mar...@meltin.net Date: Fri Jul 26 11:20:47 2013 +1000 initscript: The wrapper script should export CTDB_SOCKET This ensures that any invocation of the ctdb tool (within the wrapper) gets the desired value. This at least ensures that ctdbd will be started. If a non-standard value is set for CTDB_SOCKET then command-line users will still need the variable in their environment. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit 782814288bb560099ee44b607bf35f3eddf37f82 Author: Martin Schwenke mar...@meltin.net Date: Thu Jul 25 16:17:07 2013 +1000 ctdbd: Kill client process without checking for tracked child Commit f73a4b1495830bcdd094a93732a89dd53b3c2f78 added a safety check to ensure that CTDB never kills unrelated processes. However, client processes are unrelated. Signed-off-by: Martin Schwenke mar...@meltin.net commit a20d94717d2e4ab866d8a002cdf39c0669b74c6a Author: Martin Schwenke mar...@meltin.net Date: Thu Jul 25 13:40:43 2013 +1000 eventscripts: kill_tcp_connections() should send connections to stdin This avoids issuing multiple ctdb killtcp commands to terminate tcp connections, one per connection. This will considerably reduce the time when there is a large number of tcp connections. This also makes it possible to avoid calling ctdb killtcp when there are no connections. Add a couple of unit tests for killtcp and update eventscript unit test infrastructure to support. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit af5aa369c266430fe912df0c26116b68bac3572e Author: Martin Schwenke mar...@meltin.net Date: Thu Jul 25 13:28:26 2013 +1000 tools/ctdb: Allow killtcp to read connections from standard input This will allows eventscripts to send information about multiple tcp connections to a single ctdb killtcp command, saving the overhead of setting up a client connection per tcp connection. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit a69e03a5e4671e998d45b4fef8611a421bbdb3e1 Author: Martin Schwenke mar...@meltin.net Date: Mon Jul 22 20:11:58 2013 +1000 tests: Always tally the number of passed/failed tests Regardless of whether a summary is being printed! Signed-off-by: Martin Schwenke mar...@meltin.net commit bf4a7c1ad87e0e848296d15d63eb8cd901ca5335 Author: Martin Schwenke mar...@meltin.net Date: Mon Jul 22 16:39:46 2013 +1000 recoverd: Call takeover fail callback only once per node Currently the fail callback is called once per (takeip/releaseip) control failure. This is overkill and can get a node banned much too quickly. Instead, keep track of control failures per node and only call fail callback once per failed node. Signed-off-by: Martin Schwenke mar...@meltin.net Pair-programmed-with: Amitay Isaacs ami...@gmail.com commit 1b016b2dfc5d7d3f2a42ce4dfe569608e90eb714 Author: Martin Schwenke mar...@meltin.net Date: Mon Jul 22 15:08:32 2013 +1000 scripts:
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 45f5ea0 dns: Update TODO list from 73a9e6a selftest: Print error message when smbd does not have ADS support http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 45f5ea0b57952b7050279ae10402fa7d570f1c93 Author: Kai Blin k...@samba.org Date: Sun Jul 28 23:59:18 2013 +0200 dns: Update TODO list A lot of the todo items have been resolved, avoid confusing people. Signed-off-by: Kai Blin k...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Mon Jul 29 09:12:17 CEST 2013 on sn-devel-104 --- Summary of changes: source4/dns_server/TODO | 13 + 1 files changed, 5 insertions(+), 8 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/dns_server/TODO b/source4/dns_server/TODO index c6024d7..1949650 100644 --- a/source4/dns_server/TODO +++ b/source4/dns_server/TODO @@ -3,13 +3,10 @@ DNS server todo list Just so we don't forget the required features for an AD-compatible DNS server: -- Forwarding to other nameservers if we don't know the domain -- Additional record handling (especially in SOA records, but we'll want off of - this stuff) -- TSIG-GSSAPI handling -- Symmetric Bind-style key handling (not strictly needed for AD, but needed for +- Symmetric Bind-style TKEY handling (not strictly needed for AD, but needed for integration to other name servers / tools) -- Command line tools that unix admins are used to -- Zone transfer support (XFER, IFER) +(- Command line tools that unix admins are used to) +- Zone transfer support (XFER, IFER) (look at AD for permission settings) - Caching -- Tests, tests, tests (probably based on python's dns implementation) +- dynamic zone reloading +- Tests, tests, tests -- Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated via 8f8e843 s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list via 482212e s3:winbind: change getgroups to only do one sids2xids call instead of many via 6e41745 s3:winbind: fix the getgroups implementation to include the user sid's GID in case of ID_TYPE_BOTH via f62219e s3:winbind: fix gid counting and error handling in the getgroups implementation from 45f5ea0 dns: Update TODO list http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log - commit 8f8e843267636b5fea076014980031afc2c0a7b4 Author: Michael Adam ob...@samba.org Date: Fri Jul 26 12:26:30 2013 +0200 s3:winbind: add a warning DEBUG message when skipping a sid from the mapped GID list This presents a potential security problem when ACLs contain DENY ACEs. Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org Autobuild-User(master): Michael Adam ob...@samba.org Autobuild-Date(master): Mon Jul 29 14:42:27 CEST 2013 on sn-devel-104 commit 482212e3d348e4247759cbca9507db74f61f9703 Author: Michael Adam ob...@samba.org Date: Fri Jul 26 12:25:27 2013 +0200 s3:winbind: change getgroups to only do one sids2xids call instead of many Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org commit 6e41745173989dff1b4e2f03e174e9d1020857d5 Author: Michael Adam ob...@samba.org Date: Fri Jul 26 11:32:34 2013 +0200 s3:winbind: fix the getgroups implementation to include the user sid's GID in case of ID_TYPE_BOTH This is important for acl checks on the unix level where only a group ace has been added to the ACL for the user sid, e.g. when accessing Files with nfs or local unix processes. Signed-off-by: Michael Adam ob...@samba.org Reviewed-by: Stefan Metzmacher me...@samba.org commit f62219e71af69ec8b331500b75fd5fd77d51a636 Author: Michael Adam ob...@samba.org Date: Fri Jul 26 11:31:41 2013 +0200 s3:winbind: fix gid counting and error handling in the getgroups implementation Pair-Programmed-With: Stefan Metzmacher me...@samba.org Signed-off-by: Michael Adam ob...@samba.org Signed-off-by: Stefan Metzmacher me...@samba.org --- Summary of changes: source3/winbindd/winbindd_getgroups.c | 102 +++-- 1 files changed, 71 insertions(+), 31 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c index 1774901..b899beb 100644 --- a/source3/winbindd/winbindd_getgroups.c +++ b/source3/winbindd/winbindd_getgroups.c @@ -29,7 +29,6 @@ struct winbindd_getgroups_state { enum lsa_SidType type; int num_sids; struct dom_sid *sids; - int next_sid; int num_gids; gid_t *gids; }; @@ -124,18 +123,13 @@ static void winbindd_getgroups_gettoken_done(struct tevent_req *subreq) /* * Convert the group SIDs to gids. state-sids[0] contains the user -* sid, so start at index 1. +* sid. If the idmap backend uses ID_TYPE_BOTH, we might need the +* the id of the user sid in the list of group sids, so map the +* complete token. */ - state-gids = talloc_array(state, gid_t, state-num_sids-1); - if (tevent_req_nomem(state-gids, req)) { - return; - } - state-num_gids = 0; - state-next_sid = 1; - subreq = wb_sids2xids_send(state, state-ev, - state-sids[state-next_sid], 1); + state-sids, state-num_sids); if (tevent_req_nomem(subreq, req)) { return; } @@ -149,38 +143,84 @@ static void winbindd_getgroups_sid2gid_done(struct tevent_req *subreq) struct winbindd_getgroups_state *state = tevent_req_data( req, struct winbindd_getgroups_state); NTSTATUS status; - struct unixid xid; + struct unixid *xids; + int i; - xid.type = ID_TYPE_NOT_SPECIFIED; - xid.id = UINT32_MAX; + xids = talloc_array(state, struct unixid, state-num_sids); + if (tevent_req_nomem(xids, req)) { + return; + } + for (i=0; i state-num_sids; i++) { + xids[i].type = ID_TYPE_NOT_SPECIFIED; + xids[i].id = UINT32_MAX; + } - status = wb_sids2xids_recv(subreq, xid); + status = wb_sids2xids_recv(subreq, xids); TALLOC_FREE(subreq); - if (xid.type == ID_TYPE_GID || xid.type == ID_TYPE_BOTH) { - state-gids[state-num_gids] =
[SCM] Samba Shared Repository - branch v4-1-test updated
The branch, v4-1-test has been updated via 216b3f4 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr() via 580b51c s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr() via 4bbb4c8 docs-xml: Remove obsolete swat manpage and references. from f65b92c pam_winbind: update documentation for DIR krb5ccname pragma. http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test - Log - commit 216b3f46753a8641ca269840b5548ffeaab50393 Author: Stefan Metzmacher me...@samba.org Date: Wed Jul 24 10:19:26 2013 +1200 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_my_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. (similar to commit e9ae36e9683372b86f1efbd29904722a33fea083) Bug: https://bugzilla.samba.org/show_bug.cgi?id=10042 Signed-off-by: Stefan Metzmacher me...@samba.org Reviewed-by: Andrew Bartlett abart...@samba.org Autobuild-User(master): Andrew Bartlett abart...@samba.org Autobuild-Date(master): Wed Jul 24 14:37:43 CEST 2013 on sn-devel-104 (cherry picked from commit 077dfd0a89a854c21b91b0f871d034fd9fe82a9a) Autobuild-User(v4-1-test): Karolin Seeger ksee...@samba.org Autobuild-Date(v4-1-test): Mon Jul 29 23:44:45 CEST 2013 on sn-devel-104 commit 580b51cd4841230ad82a2d8168b8506ba04b Author: Andrew Bartlett abart...@samba.org Date: Wed Jul 24 10:19:26 2013 +1200 s4-lib/socket: Allocate a the larger sockaddr_un and not just a sockaddr_in in unixdom_get_peer_addr() This caused crashes in _tsocket_address_bsd_from_sockaddr() when we read past the end of the allocation. Andrew Bartlett Signed-off-by: Andrew Bartlett abart...@samba.org Reviewed-by: Jeremy Allison j...@samba.org (cherry picked from commit e9ae36e9683372b86f1efbd29904722a33fea083) commit 4bbb4c8966ec9aefeee016c9549cd35db6adb8ac Author: Andreas Schneider a...@samba.org Date: Wed Jul 24 10:12:19 2013 +0200 docs-xml: Remove obsolete swat manpage and references. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10041 Signed-off-by: Andreas Schneider a...@samba.org Reviewed-by: Kai Blin k...@samba.org Autobuild-User(master): Andreas Schneider a...@cryptomilk.org Autobuild-Date(master): Wed Jul 24 12:42:29 CEST 2013 on sn-devel-104 (cherry picked from commit a7801db32afb25cc88f171d9b8896b2f663ba351) Signed-off-by: Andreas Schneider a...@samba.org --- Summary of changes: docs-xml/manpages/samba.7.xml |8 - docs-xml/manpages/smb.conf.5.xml|5 +- docs-xml/manpages/swat.8.xml| 237 --- docs-xml/smbdotconf/base/bindinterfacesonly.xml | 15 +-- docs-xml/wscript_build |1 - source4/lib/socket/socket_unix.c|8 +- 6 files changed, 7 insertions(+), 267 deletions(-) delete mode 100644 docs-xml/manpages/swat.8.xml Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/samba.7.xml b/docs-xml/manpages/samba.7.xml index 9299660..fd9297f 100644 --- a/docs-xml/manpages/samba.7.xml +++ b/docs-xml/manpages/samba.7.xml @@ -202,14 +202,6 @@ /varlistentry varlistentry - termciterefentryrefentrytitleswat/refentrytitle - manvolnum8/manvolnum/citerefentry/term - listitemparacommandswat/command is a web-based - interface to configuring filenamesmb.conf/filename. - /para/listitem - /varlistentry - - varlistentry termciterefentryrefentrytitlewbinfo/refentrytitle manvolnum1/manvolnum/citerefentry/term listitemparacommandwbinfo/command is a utility diff --git a/docs-xml/manpages/smb.conf.5.xml b/docs-xml/manpages/smb.conf.5.xml index dd4f858..750eef8 100644 --- a/docs-xml/manpages/smb.conf.5.xml +++ b/docs-xml/manpages/smb.conf.5.xml @@ -21,10 +21,8 @@ para The filename moreinfo=nonesmb.conf/filename file is a configuration file for the Samba suite. filename moreinfo=nonesmb.conf/filename contains runtime configuration information for the Samba programs. The -filename moreinfo=nonesmb.conf/filename file is designed to be configured and administered by the -citerefentryrefentrytitleswat/refentrytitle manvolnum8/manvolnum/citerefentry program. The complete description of the file format and possible parameters held within are here for reference purposes. - /para + /para /refsect1 refsect1 id=FILEFORMATSECT @@ -800,7 +798,6 @@ chmod 1770