;ve not tested it (my vmware setup is toast ATM) but this patch should
help a little. It just removes all the things there were blocking
accounts ending in $ from appearing.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Sa
On Tue, 2003-11-11 at 10:49, Mike Fedyk wrote:
> On Sun, Nov 09, 2003 at 12:02:21PM +1100, Andrew Bartlett wrote:
> > Under windows, I don't think you can delete a 'read only' file.
> >
> > Samba takes the missing 'w' for any user as meaning a rea
n discussing with Jerry Haltom (on IRC) is the
possibility of using ntlm_auth and Cyrus-SASL to handle the
authentication. This should allow the Windows clients to use their
windows passwords, but more importantly for Windows not to prompt for
them.
We will let you know how it g
equivalent (nss_ldap etc).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
utility
(NT resourse kit, I think) will help a lot here.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http:/
g the text, and not altering the format, references etc.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org htt
CVS tree is 'samba-docs' on pserver.samba.org.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://
cessfully,
> and I could see my Linuxbox listed in ADS user&computer management console.
To use AD properly, you need to join with 'net ads join'. Now, there
really should not be a difference, but when we use the HOST/... form
there is.
Andrew Bartlett
--
Andrew Bartlett
due to some nasty 'change on BDC' machine password
semantics).
Clustering CIFS is about more than saving and restoring a roaming
profile and the PDC/BDC stuff really is better dealt with by MS's native
scheme.
Andrew Bartlett
--
Andrew Bartlett
On Tue, 2003-11-11 at 21:25, Stefan G. Weichinger wrote:
> Hi, Andrew Bartlett,
>
> 11. November 2003 um 10:58 you wrote:
>
> AB> On Tue, 2003-11-11 at 20:32, rruegner wrote:
> >> Hi, we decide t make translation in html first,
> >> afterwards convert it to
urce,
Add them with smbpasswd. The passwords in LDAP is simply not the
password that the user is sending.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker C
ting tools for
>syncing entries between two ldap servers?
You really should have one master LDAP server, and slaves for all the
remote sites. These slaves will only need to contact the master on
machine account change, adding machines etc.
Andrew Bartlett
--
Andrew Bartlett
1d2f03]
>#18 /lib/libc.so.6(__libc_start_main+0x90) [0x401aa1c4]
>#19 smbd(yp_get_default_domain+0x69) [0x80721d1]
This looks like a simple bug introduced by the 'munged dialback string'
changes. Another in my untested patch series follows...
Andrew Bartlett
--
Andr
istakes you want us to avoid.
I don't speak a word of german (so I'm not quite sure why I'm in this
discussion at all :-) but I think we can get a reasonable process going.
> I am sure we will find a good solution to those starting problems.
I think this is starting to move i
w to do this.
Now you just need the posixAccount attributes for all the users.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://
' that NTLMSSP authentication needs.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://bui
uinted right. That is, it was something we didn't want to enable on
all systems - just on systems that needed it for squid interoperability.
In Samba 3.0, we fixed it by implementing an ACL mechanism, so we didn't
need to make it a compile-time on-or-off.
Andrew Bartlett
--
makes winbind just hang in there, so you can attach the debugger
Then you can attach gdb in the normal way:
gdb /path/to/samba/winbind 2348
where 2348 is the pid of the near-dead winbindd.
Run 'bt full' and give us the result.
Andrew Bartlett
--
Andrew Bartlett
, I have seen no
indications this is likely to change in the near future.
Sorry,
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTE
time, it
> allways need to talk to master LDAP, right? what happen if the
> wan link break?
How often does this happen?
In any case, it just fails, and the machine tries again later.
Similarly if your users change their passwords or you do some admin
changes they will just need to ju
them, and there isn't anything that stands out?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samb
has also been enabled by default in 3.0
The 'utmp = yes' option in the smb.conf enables it, and it is described
in the manpage.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
en i think this architechture
> plus ur "ldap rebind sleep" patch is a beautiful solution for
> me!!
Yep - it would be pointless having a BDC that couldn't work without a
PDC around, and this should be fine :-)
>and since all machine account change their password against
>
amba
> clients ?
Make sure you use security=domain or security=ads. security=server is
not reliable, particularly for TSE connections.
An upgrade to Samba 3.0 might also help, particularly if you cannot move
away from 'security=server'.
Andrew Bartlett
--
Andrew Bartlett
rd changes correct?
It is not currently implemented. There is interest on the
samba-technical list in fixing this however.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Ad
reading the logs, or taking a network
trace? That will certainly get you a long way, and help the list in
solving your problem...
#include "jht/crystal_ball_reference.h"
;-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authen
install. Also
> make sure to change the SID's of any computers you added.
>
> When I initially found this problem I created a new function in the adduser
> script to find the highest UID and increment by one. The user sid is
> calculated by UID+RID*2
UID*2 + 1000
GID*2 +
ll do this for you, on
installation/reconfiguration.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://bui
y..
> I'll get some logs.. and when you say "network trace" I'm guessing
> you're meaning packet captures like tcpdump?
Yep.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMA
about the "printcap"
> inside the service is still there.
> i tried testprns and it ignores my gloal "printcap name" completely and
> defaults to /etc/printcap. the same for smbd.
>
> it's a little bit confusing.
With cups, if you set 'printing = cups
esents in the LDAP
Yep - we have a very simple bit of code that does a very dumb check for
uid==0. This should be fixed, it might even be in bugzilla, but that's
the deal for the moment.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authenti
en Samba and software-raid?
Samba doesn't know it's software raid. Any issue will be generic to
that.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator,
depages.
So, you have files on your disk in CP850, but Samba 3.0's default
charset is UTF8, for perfect unicode rendition.
Your options are to rename the files into their UTF8 form, or to just
use CP850 as the unix charset. The command line 'iconv' utility will
help with
> servers.
You still need user accounts, sorry. Use winbind (which needs nsswitch,
which needs some bleeding edge version of FreeBSD) or add the users
manually.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team
trying to
> figure out how much of this data to include. I don't want to overwhelm
> anyone who is kind enough to help with a bunch of stuff. The files
> sizes are:
This list takes only small text attachments - so post stuff on a
website. (And CC me if you actually want
hence
the need to apply registry hacks, and the re-enter the password.
At the very least, move to encrypted passwords, but if you moved to a
'domain' (no matter how trivial) all the servers would automatically
share the password database, and they would not prompt you any more.
A
t) Samba 3.0.1pre3, and setting the right
'can dialin' things in usrmgr.exe (User manager for domains in NT4
server). Basically, this area needs work.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [E
On Sat, 2003-11-15 at 20:27, Andrew Bartlett wrote:
> On Sat, 2003-11-15 at 06:36, Sean Cook wrote:
> > I have a samba ldap pdc set up. (2.2.8a). I have a windows domain
> > member that is joined to the domain running ras. When users try to dial
> > in to the server they ge
org - that way they don't get lost in the noise on this
list. Or just e-mail the doco guys directly - [EMAIL PROTECTED] and
[EMAIL PROTECTED]
Thank you,
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [
ugzilla about the fact that we do not use that
password. But in the meantime, they need to be encrypted. There is a
perl module Crypt::SmbHash that does a nice job of this, if you are
using perl ldap scripts. Otherwise, mkntpwd.
Andrew Bartlett
--
Andrew Bartlett
list and samba-technical, and make sure it's
marked up as a bug in bugzilla.samba.org.
Sorry,
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker Co
lled to samba, installing and accessing the printer would crash
> any windows app.
>
> There wasn't anything useful in my logs, either.
Jerry fixed a bug in the point-and-print code for 3.0.1pre3, which might
have caused this.
Andrew Bartlett
--
Andrew Bartlett
are things like
CODA, or the very promising NFSv4.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org h
ol, as are the manpages and the Samba
HOWTO collection. These are all online at
http://www.samba.org/samba/docs/
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Ha
Samba 3.0.1pre3, it does something funky for linking Samba and
AFS.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://s
ng that ~user would resolve correctly. It didn't seem to work.
>
> The problem is that the profile handling may do some anonymous file access
> to the Windows users' profile. This may fail if you store the profile in
> the home directory and 'others' do not have acce
On Tue, 2003-11-18 at 07:28, John H Terpstra wrote:
> On Mon, 18 Nov 2003, Andrew Bartlett wrote:
>
> > On Tue, 2003-11-18 at 05:56, John H Terpstra wrote:
> > > On Mon, 17 Nov 2003, Jeff Gardiner wrote:
> > >
> > > > QUESTION
> > > >
using as their DOS
charset (for example, CP850).
If you can manage it, then converting the filenames is a much better
option - as UTF8 can represent all possible unicode values that can
occour in CIFS. Bad things happen when we cannot convert names :-(
But changing the 'unix charset
ccounts - like W (normal machine trust accounts),
but for BDCs.
> Regards, Tilo
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
psam:"ldap://server1 ldap://server2";
This gives the problem to the LDAP libraries, which may or may not know
how to handle server-failover. (But it works very well for OpenLDAP).
If you specify two ldapsam entires, you are really saying that you have
two distinct databases you wish to c
7;ll test out if I can actually make this work, and document
it, but at least in theory, you should never need the userPassword if
the NT password is present, for plaintext at least.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsyste
tion of the Samba-3.0-documentation.
Congratulations on getting this all up and running!
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTEC
; ability to do all of those things, or can you do older, NT-style versions
> of some of them by having the XP clients fallback into NT domain
> compatibility?
This is correct - we match NT4 here, and XP will run NT login scripts,
and NT policy files.
Andrew Bartlett
-
nts is to avoid the need to
specify anything in the smb.conf. For an import from 2.2 ldap you would
need:
pdbedit -i "ldapsam_compat:ldap://my.ldap.server"; -e tdbsam
Then you would set
passdb backend = tdbsam
Anyway, we will get the munged dial-back string into LDA
n other unix systems, these tests can be important however)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba
bpasswd -U -r uses a 'null session', which is defeated by
'restrict anonymous'.
A kerberos password change might still work, and pam_winbind is
certainly a good option (Samba 3.0)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Mana
oes NOT, and this can get in your
way.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org
ERROR: ERRSRV - ERRaccess opening remote file Test
> #
I think this was raised recently - we are using a new SMB command than
this particular server would like us to, and it complains. I'm not sure
if the current 3.0 CVS includes 'backdown' code, but it needs to.
If this isn
I would suggest running winbind under valgrind, but there might
be some other ways to help track this down:
Are there any debugging malloc libraries for Solaris?
Is it reasonable to try and setup a linux box in a matching setup?
Andrew Bartlett
--
Andrew
1.3.1, but I can't tell you exactly which heimdal
version (and heimdal had some bugs in this particular enctype earlier).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Netwo
do I roll back to redhat 8 or 9?
Just rebuild the RPM. The RPMs were built with RH9, which did not have
krb5 1.3.1.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrato
one clue me in, or are Win95 clients just out of luck?
Win9X is out of luck, unless you install the 'AD intergration' patch.
(I can't recall it's exact name). Win9X can't even do NTLM
authentication (only LM), so NTLMv2 is well beyond it
t there, I think, but LDAP is the standard
way of doing this.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org
s the stock RPM compiled with
> debug?
It probably was (an error in the release, actually) but rpm stipped
it...
A valgrind run would help.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTE
(I have valgrind :-), but somebody must have
found it useful, given somebody put in the configure magic :-).
BTW, have you tried the simple task of updating to Samba 3.0.1pre3? It
may well be we have fixed this one (not that I recall a particular bug).
Andrew Bartlett
--
Andrew Bartlett
> Is there any way to have all in LDAP?
It should all be in ldap - what is your smb.conf?
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL P
password database type you are using.
>passdb backend = tdbsam ldapsam_compat:ldap://localhost
Samba is doing exactly what it was told to do - use tdbsam!
If you don't want to use tdbsam, remove it :-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL
uette.html
Samba is used (quite surprisingly) by Windows users. Some are so
unfortunate as to use (by their choice or otherwise) MS Outlook.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED
rpc vampire can
do everything you need.
> Which is the best way to translate users, groups and machines from NT to
> Samba3 LDAP ?
Follow the advice in the HOWTO collection, I suppose :-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authenticatio
but particularly RPC services don't handle this
kind of fault well (printing is a good example).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College
only talks to NT/Win2k/Samba
servers (no Win9X in particular).
- smbclient is the preferred tool for operations that do not need to
involve a real kernel filesystem. If you are just shifting files for
backups, then you really do not need an in-kernel filesyst
topic ain´t new ...
If you cannot use smbclient (really, it is easier!), and you want to
patch your kernel, then patch it with the CIFS VFS:
http://www.samba.org/samba/Linux_CIFS_client.html
However, in your case, you don't even need to go this far - with the 2.6
kernel, CIFS is standard! J
eir password on next logon.
If you setup Samba 3.0 to use ldap, you can trivially set the
sambaPwdMustChange field to 0.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administr
ckage by mistake.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
e written a tool called ntlm_auth to
allow arbitary external programs to use NTLM authentication.
FreeRadius just needs to be told how to use it. I have told pppd how
to use ntlm_auth, see my paper at
http://hawkerc.net/staff/abartlet/comp3700 for the patch (which should serve as a good
example).
On Fri, Dec 05, 2003 at 02:43:30PM -0800, Brian Spiegel wrote:
> Hi. I'm running a RH 9 machine with Samba 3.0.0 as a domain member of a
> Win2003 ADS domain. I've setup samba w/ winbind and added a test share on
> the Linux box.
>
> I can see and access Windows shares from my Linux box, but I
erous failings.
The CIFS VFS - http://www.samba.org/samba/Linux_CIFS_client.htm - does
not have this issue.
Andrew Bartlett
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
on in Samba 3.0.1 should indicate how to make this work.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samb
we are not connecting 'securely'.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.o
ngs? even if its a tinkering kind of job?
Samba can do most things, it's just a matter of how much tinkering ;-)
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator,
trength passwords.
We can't include this directly in Samba, as cracklib is not under a
GPL-compatible licence :-(
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Admin
On Wed, 2003-12-24 at 22:01, Andrew Bartlett wrote:
> On Fri, 2003-12-12 at 21:23, Todd O'Bryan wrote:
> > Does anyone know of an add-on you can use with a Windows domain to
> > check the security of the password before it allows a change? With a
> > terminal serve
ed to use winbindd_pam_auth_crap"
> means. I've searched with Google.com but still no solution. I guess this
> is the place to go.
It means something isn't right with those permissions.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
M
much better -
pity about the security...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.o
> Everything off the PDC works fine.
> passdb backend = ldapsam:"ldap://172.16.0.3 ldap://127.0.0.1";
Swap the order of ldap servers - then we will read the slave, and only
talk to the master if for some reason the local ldap server is do
a real, unprivileged user.
> and
> restrict anonymous = yes
If you want a non-PDC, non-browsing machine, you can set 'restrict
anonymous = 2' in Samba 3.0. In Samba 2.2, this did an unrelated
(useless) thing.
Andrew Bartlett
--
Andrew Bartlett
ing...
Really, ask Samba-TNG questions on the TNG lists. Samba 3.0 cannot
vampire off a TNG server, but given the data is in open, documented
formats, running some scripts should not be a particular challenge.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECT
d not
performing any browsing services.
'restrict anonymous' had no security benifit in Samba 2.2, but may have
fooled the scanner.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Stud
ons, but will prevent
> them from
> connecting to IPC$.
This is matched by 'restrict anonymous' parameter in Samba 3.0.
> Please see http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html.
> All the smb tests will be done as ''/'whatever' in d
cal set of accounts as the PDC, that's the
definition of a BDC.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http:
to what this error
> is caused by. Can someone at least point me in the right direction?
Either you must run winbind, have a local account for the user you wish
to login as, or have an add user script to make one.
Andrew Bartlett
--
Andrew Bartlett
and does not work as advertised. Is it OK to just copy that file from
> the old machine?
If you don't have a secrets.tdb, then we will read that file on startup.
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems,
.
>
> Any ideas???
These are probably bugs in squid. (There is occasional discussion about
this on the squid-dev list, see the archives).
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PRO
AD
server's LDAP (TCP/UDP), DNS and Kerberos (TCP/UDP) ports...
Finally, when publishing technical documents, personal insults (no
matter who they are directed at) simply remove any sense of
professionalism from the result.
Andrew Bartlett
--
Andrew Bartlett
On Sat, 2003-12-27 at 07:10, Information Technology wrote:
> Andrew Bartlett writes:
>
> > On Sat, 2003-12-20 at 05:53, Kevin Fries wrote:
> >> Kevin Fries wrote:
> >>
> >> > I have a Samba 2.2.7 PDC, and I am now trying to set up a new 3.0.1
> >
would be headache if caching is not
> >> many (>possibel.
> >> Tks.
>
> > The caching involves the use of pure kerberos based authentication. Samba
> > does not do that as this is solely supported by Active Directory.
>
> Caching is working on Win NT4.0 domain w
+username. How can I get Winbind to pass the proper case. It's a
> sure thing that Micro$oft won't provide me a fix. Has anyone else run into
> this?
It shouldn't matter. What makes you think that the case of the username
is causing this problem?
Andrew Bartlett
--
thority of
> updating this replica)?
> No way to prevent samba to using other ldap account to update the
> directory?
You should never list the Manager account as the replicator. Instead,
create a new account, and use it only for the replication. That way,
everybody who is
ies.com/st3lly/cmd.tgz
> > 186 tar zxvf cmd.tgz
I would suggest the rootkits start here...
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, H
On Mon, Dec 29, 2003 at 04:34:02PM +0700, Beast wrote:
> Saturday, December 27, 2003, 1:45:33 PM, Andrew wrote:
>
> > On Sat, 2003-12-27 at 15:51, Beast wrote:
> >> Saturday, December 27, 2003, 5:41:37 AM, Andrew wrote:
>
> >> If I put PDC in slave ldap, is this means that it will update the
> >
101 - 200 of 2760 matches
Mail list logo