Re: [Samba] Access Windows 2003 Machine Accounts for ADS group policy software deployment

;ve not tested it (my vmware setup is toast ATM) but this patch should help a little. It just removes all the things there were blocking accounts ending in $ from appearing. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Sa

Re: [Samba] Fwd: Samba semantics error?

On Tue, 2003-11-11 at 10:49, Mike Fedyk wrote: > On Sun, Nov 09, 2003 at 12:02:21PM +1100, Andrew Bartlett wrote: > > Under windows, I don't think you can delete a 'read only' file. > > > > Samba takes the missing 'w' for any user as meaning a rea

Re: [Samba] Re: AW: Samba Success Story

n discussing with Jerry Haltom (on IRC) is the possibility of using ntlm_auth and Cyrus-SASL to handle the authentication. This should allow the Windows clients to use their windows passwords, but more importantly for Windows not to prompt for them. We will let you know how it g

Re: [Samba] Win2K Password Hash

equivalent (nss_ldap etc). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org

Re: [Samba] Machine account pasword change failed (NT 4)

utility (NT resourse kit, I think) will help a lot here. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http:/

Re: [Samba] Samba Translation Dok to German, first file, deutsche Übersetzung Der Samba Doku erste Datei

g the text, and not altering the format, references etc. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org htt

Re: [Samba] Translation samba 3 how to in german, Übersetzung des Samab 3 How to ins deutsch

CVS tree is 'samba-docs' on pserver.samba.org. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://

Re: [Samba] winbind cannot run correctly

cessfully, > and I could see my Linuxbox listed in ADS user&computer management console. To use AD properly, you need to join with 'net ads join'. Now, there really should not be a difference, but when we use the HOST/... form there is. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] High Availability with Samba and Heartbeat

due to some nasty 'change on BDC' machine password semantics). Clustering CIFS is about more than saving and restoring a roaming profile and the PDC/BDC stuff really is better dealt with by MS's native scheme. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] Samba Translation Dok to German, first file, deutsche Übersetzung Der Samba Doku erste Datei

On Tue, 2003-11-11 at 21:25, Stefan G. Weichinger wrote: > Hi, Andrew Bartlett, > > 11. November 2003 um 10:58 you wrote: > > AB> On Tue, 2003-11-11 at 20:32, rruegner wrote: > >> Hi, we decide t make translation in html first, > >> afterwards convert it to

Re: [Samba] Samba 3.0.0 - LDAP Authetication trouble

urce, Add them with smbpasswd. The passwords in LDAP is simply not the password that the user is sending. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker C

Re: [Samba] my samba3+ldap+SSO plan

ting tools for >syncing entries between two ldap servers? You really should have one master LDAP server, and slaves for all the remote sites. These slaves will only need to contact the master on machine account change, adding machines etc. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] Test Samba 3.0.1pre2 smb panic xp client

1d2f03] >#18 /lib/libc.so.6(__libc_start_main+0x90) [0x401aa1c4] >#19 smbd(yp_get_default_domain+0x69) [0x80721d1] This looks like a simple bug introduced by the 'munged dialback string' changes. Another in my untested patch series follows... Andrew Bartlett -- Andr

Re: [Samba] Samba Translation Dok to German, first file, deutsche Übersetzung Der Samba Doku erste Datei

istakes you want us to avoid. I don't speak a word of german (so I'm not quite sure why I'm in this discussion at all :-) but I think we can get a reasonable process going. > I am sure we will find a good solution to those starting problems. I think this is starting to move i

Re: [Samba] Win2K Password Hash

w to do this. Now you just need the posixAccount attributes for all the users. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://

Re: [Samba] ntlm_auth and squid authentication problems

' that NTLMSSP authentication needs. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://bui

Re: [Samba] FreeBSD and Samba Windbind questions

uinted right. That is, it was something we didn't want to enable on all systems - just on systems that needed it for squid interoperability. In Samba 3.0, we fixed it by implementing an ACL mechanism, so we didn't need to make it a compile-time on-or-off. Andrew Bartlett --

RE: [Samba] RE: winbindd panic daemon dies

makes winbind just hang in there, so you can attach the debugger Then you can attach gdb in the normal way: gdb /path/to/samba/winbind 2348 where 2348 is the pid of the near-dead winbindd. Run 'bt full' and give us the result. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] Likelihood of WINS Replication?

, I have seen no indications this is likely to change in the near future. Sorry, Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTE

Re: [Samba] my samba3+ldap+SSO plan

time, it > allways need to talk to master LDAP, right? what happen if the > wan link break? How often does this happen? In any case, it just fails, and the machine tries again later. Similarly if your users change their passwords or you do some admin changes they will just need to ju

Re: [Samba] Samba 3 home dirs not going.

them, and there isn't anything that stands out? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samb

Re: [Samba] FreeBSD and Samba Windbind questions

has also been enabled by default in 3.0 The 'utmp = yes' option in the smb.conf enables it, and it is described in the manpage. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]

Re: [Samba] my samba3+ldap+SSO plan

en i think this architechture > plus ur "ldap rebind sleep" patch is a beautiful solution for > me!! Yep - it would be pointless having a BDC that couldn't work without a PDC around, and this should be fine :-) >and since all machine account change their password against >

Re: [Samba] samba 2.2.8 and win2k/tse

amba > clients ? Make sure you use security=domain or security=ads. security=server is not reliable, particularly for TSE connections. An upgrade to Samba 3.0 might also help, particularly if you cannot move away from 'security=server'. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] Samba 3 Password Ageing and History

rd changes correct? It is not currently implemented. There is interest on the samba-technical list in fixing this however. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Ad

Re: [Samba] NT4 PDC and Samba 3 issues...

reading the logs, or taking a network trace? That will certainly get you a long way, and help the list in solving your problem... #include "jht/crystal_ball_reference.h" ;-) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authen

Re: [Samba] Re: Samba 3.0.0 - LDAP Authetication trouble

install. Also > make sure to change the SID's of any computers you added. > > When I initially found this problem I created a new function in the adduser > script to find the highest UID and increment by one. The user sid is > calculated by UID+RID*2 UID*2 + 1000 GID*2 +

Re: [Samba] Win2K Password Hash

ll do this for you, on installation/reconfiguration. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://bui

Re: [Samba] NT4 PDC and Samba 3 issues...

y.. > I'll get some logs.. and when you say "network trace" I'm guessing > you're meaning packet captures like tcpdump? Yep. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMA

Re: [Samba] printing / printcap name in samba-3.0.0 BUG

about the "printcap" > inside the service is still there. > i tried testprns and it ignores my gloal "printcap name" completely and > defaults to /etc/printcap. the same for smbd. > > it's a little bit confusing. With cups, if you set 'printing = cups

Re: [Samba] Join Machine to Domain

esents in the LDAP Yep - we have a very simple bit of code that does a very dumb check for uid==0. This should be fixed, it might even be in bugzilla, but that's the deal for the moment. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authenti

Re: [Samba] Samba3 password backend

en Samba and software-raid? Samba doesn't know it's software raid. Any issue will be generic to that. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator,

Re: [Fwd: Re: [Samba] Corruption of floppy link when upgrading to 3.0.0]

depages. So, you have files on your disk in CP850, but Samba 3.0's default charset is UTF8, for perfect unicode rendition. Your options are to rename the files into their UTF8 form, or to just use CP850 as the unix charset. The command line 'iconv' utility will help with

Re: [Samba] Authentication against AD

> servers. You still need user accounts, sorry. Use winbind (which needs nsswitch, which needs some bleeding edge version of FreeBSD) or add the users manually. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team

Re: [Samba] NT4 PDC and Samba 3 issues...

trying to > figure out how much of this data to include. I don't want to overwhelm > anyone who is kind enough to help with a bunch of stuff. The files > sizes are: This list takes only small text attachments - so post stuff on a website. (And CC me if you actually want

Re: [Samba] URGENT problem: Win-NT4 connecting to Samba

hence the need to apply registry hacks, and the re-enter the password. At the very least, move to encrypted passwords, but if you moved to a 'domain' (no matter how trivial) all the servers would automatically share the password database, and they would not prompt you any more. A

Re: [Samba] RAS dialin

t) Samba 3.0.1pre3, and setting the right 'can dialin' things in usrmgr.exe (User manager for domains in NT4 server). Basically, this area needs work. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [E

Re: [Samba] RAS dialin

On Sat, 2003-11-15 at 20:27, Andrew Bartlett wrote: > On Sat, 2003-11-15 at 06:36, Sean Cook wrote: > > I have a samba ldap pdc set up. (2.2.8a). I have a windows domain > > member that is joined to the domain running ras. When users try to dial > > in to the server they ge

Re: [Samba] doc bugreport 3.0.0. install.html

org - that way they don't get lost in the noise on this list. Or just e-mail the doco guys directly - [EMAIL PROTECTED] and [EMAIL PROTECTED] Thank you, Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [

Re: [Samba] Samba and LDAP troubles

ugzilla about the fact that we do not use that password. But in the meantime, they need to be encrypted. There is a perl module Crypt::SmbHash that does a nice job of this, if you are using perl ldap scripts. Otherwise, mkntpwd. Andrew Bartlett -- Andrew Bartlett

RE: [Samba] ADS with Kerberos trust

list and samba-technical, and make sure it's marked up as a bug in bugzilla.samba.org. Sorry, Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker Co

Re: [Samba] Samba 3 and CUPs printer causes explorer to abend

lled to samba, installing and accessing the printer would crash > any windows app. > > There wasn't anything useful in my logs, either. Jerry fixed a bug in the point-and-print code for 3.0.1pre3, which might have caused this. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] samba (vs. nfs) in all unix environment

are things like CODA, or the very promising NFSv4. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org h

Re: [Samba] The boss will discharge me, I spoiled the system. HELP!

ol, as are the manpages and the Samba HOWTO collection. These are all online at http://www.samba.org/samba/docs/ Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Ha

Re: [Samba] Kerberos-authentication to a Samba server without a Windows KDC ?

Samba 3.0.1pre3, it does something funky for linking Samba and AFS. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://s

Re: [Samba] UNIX paths vs UNC names in [profile]

ng that ~user would resolve correctly. It didn't seem to work. > > The problem is that the profile handling may do some anonymous file access > to the Windows users' profile. This may fail if you store the profile in > the home directory and 'others' do not have acce

Re: [Samba] UNIX paths vs UNC names in [profile]

On Tue, 2003-11-18 at 07:28, John H Terpstra wrote: > On Mon, 18 Nov 2003, Andrew Bartlett wrote: > > > On Tue, 2003-11-18 at 05:56, John H Terpstra wrote: > > > On Mon, 17 Nov 2003, Jeff Gardiner wrote: > > > > > > > QUESTION > > > >

Re: [Samba] Caracteres ñ á é ó ú en archives names not are reading

using as their DOS charset (for example, CP850). If you can manage it, then converting the filenames is a much better option - as UTF8 can represent all possible unicode values that can occour in CIFS. Bad things happen when we cannot convert names :-( But changing the 'unix charset

Re: [Samba] N-Flag gone?

ccounts - like W (normal machine trust accounts), but for BDCs. > Regards, Tilo -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org

Re: [Samba] [Bug?Report] ldapsam duplication of output if two ldapsam sources

psam:"ldap://server1 ldap://server2"; This gives the problem to the LDAP libraries, which may or may not know how to handle server-failover. (But it works very well for OpenLDAP). If you specify two ldapsam entires, you are really saying that you have two distinct databases you wish to c

Re: [Samba] pamsmb_pass, userPassword & samba(LM/NT)Password

7;ll test out if I can actually make this work, and document it, but at least in theory, you should never need the userPassword if the NT password is present, for plaintext at least. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsyste

Re: [Samba] German Translation of Samba-3.0-documentation online with first translated pages

tion of the Samba-3.0-documentation. Congratulations on getting this all up and running! Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTEC

Re: [Samba] Having Samba integrate/replace existing mixed Unix/Windows network

; ability to do all of those things, or can you do older, NT-style versions > of some of them by having the XP clients fallback into NT domain > compatibility? This is correct - we match NT4 here, and XP will run NT login scripts, and NT policy files. Andrew Bartlett -

Re: [Samba] Migration from LDAP to tdbsam

nts is to avoid the need to specify anything in the smb.conf. For an import from 2.2 ldap you would need: pdbedit -i "ldapsam_compat:ldap://my.ldap.server"; -e tdbsam Then you would set passdb backend = tdbsam Anyway, we will get the munged dial-back string into LDA

Re: [Samba] Building as non-root user

n other unix systems, these tests can be important however) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba

Re: [Samba] Is smbpasswd against windows 2003 server working?

bpasswd -U -r uses a 'null session', which is defeated by 'restrict anonymous'. A kerberos password change might still work, and pam_winbind is certainly a good option (Samba 3.0) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Mana

Re: [Samba] Which Linux best suits Samba3?

oes NOT, and this can get in your way. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org

Re: [Samba] Printing to Intel InBusiness Print Station from SAMBA

ERROR: ERRSRV - ERRaccess opening remote file Test > # I think this was raised recently - we are using a new SMB command than this particular server would like us to, and it complains. I'm not sure if the current 3.0 CVS includes 'backdown' code, but it needs to. If this isn&#x

RE: [Samba] RE: winbindd panic daemon dies

I would suggest running winbind under valgrind, but there might be some other ways to help track this down: Are there any debugging malloc libraries for Solaris? Is it reasonable to try and setup a linux box in a matching setup? Andrew Bartlett -- Andrew

Re: [Samba] samba 3 + heimdal

1.3.1, but I can't tell you exactly which heimdal version (and heimdal had some bugs in this particular enctype earlier). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Netwo

Re: [Samba] Which Linux best suits Samba3?

do I roll back to redhat 8 or 9? Just rebuild the RPM. The RPMs were built with RH9, which did not have krb5 1.3.1. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrato

Re: [Samba] NTLMv2 and Win95 clients

one clue me in, or are Win95 clients just out of luck? Win9X is out of luck, unless you install the 'AD intergration' patch. (I can't recall it's exact name). Win9X can't even do NTLM authentication (only LM), so NTLMv2 is well beyond it&#

Re: [Samba] PDC Machine Trust Accounts

t there, I think, but LDAP is the standard way of doing this. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org

RE: [Samba] RE: winbindd panic daemon dies

s the stock RPM compiled with > debug? It probably was (an error in the release, actually) but rpm stipped it... A valgrind run would help. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTE

RE: [Samba] RE: winbindd panic daemon dies

(I have valgrind :-), but somebody must have found it useful, given somebody put in the configure magic :-). BTW, have you tried the simple task of updating to Samba 3.0.1pre3? It may well be we have fixed this one (not that I recall a particular bug). Andrew Bartlett -- Andrew Bartlett

Re: [Samba] ldapsam_compat & machine accounts

> Is there any way to have all in LDAP? It should all be in ldap - what is your smb.conf? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL P

Re: [Samba] ldapsam_compat & machine accounts

password database type you are using. >passdb backend = tdbsam ldapsam_compat:ldap://localhost Samba is doing exactly what it was told to do - use tdbsam! If you don't want to use tdbsam, remove it :-) Andrew Bartlett -- Andrew Bartlett [EMAIL

Re: [Samba] Just a thought, all this "swen" stuff, this list

uette.html Samba is used (quite surprisingly) by Windows users. Some are so unfortunate as to use (by their choice or otherwise) MS Outlook. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED

Re: [Samba] Best way to migrate NT4 SAM db to Samba3+LDAP ?

rpc vampire can do everything you need. > Which is the best way to translate users, groups and machines from NT to > Samba3 LDAP ? Follow the advice in the HOWTO collection, I suppose :-) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authenticatio

Re: [Samba] Samba and the use of smart cards for authentication

but particularly RPC services don't handle this kind of fault well (printing is a good example). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College

Re: [Samba] smbmount discontinued?

only talks to NT/Win2k/Samba servers (no Win9X in particular). - smbclient is the preferred tool for operations that do not need to involve a real kernel filesystem. If you are just shifting files for backups, then you really do not need an in-kernel filesyst

Re: [Samba] smbfs size limit

topic ain´t new ... If you cannot use smbclient (really, it is easier!), and you want to patch your kernel, then patch it with the CIFS VFS: http://www.samba.org/samba/Linux_CIFS_client.html However, in your case, you don't even need to go this far - with the 2.6 kernel, CIFS is standard! J

Re: [Samba] User must change password on next logon

eir password on next logon. If you setup Samba 3.0 to use ldap, you can trivially set the sambaPwdMustChange field to 0. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administr

Re: [Samba] ntlm_auth in samba 3.0 backported to debian stable

ckage by mistake. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net

Re: [Samba] SAMBA and FreeRadius

e written a tool called ntlm_auth to allow arbitary external programs to use NTLM authentication. FreeRadius just needs to be told how to use it. I have told pppd how to use ntlm_auth, see my paper at http://hawkerc.net/staff/abartlet/comp3700 for the patch (which should serve as a good example).

Re: [Samba] attempting login with hostname not username

On Fri, Dec 05, 2003 at 02:43:30PM -0800, Brian Spiegel wrote: > Hi. I'm running a RH 9 machine with Samba 3.0.0 as a domain member of a > Win2003 ADS domain. I've setup samba w/ winbind and added a test share on > the Linux box. > > I can see and access Windows shares from my Linux box, but I

Re: [Samba] error:SMB signing is mandatory error.

erous failings. The CIFS VFS - http://www.samba.org/samba/Linux_CIFS_client.htm - does not have this issue. Andrew Bartlett -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba

Re: [Samba] using more than one ldap server in smb.conf

on in Samba 3.0.1 should indicate how to make this work. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samb

Re: [Samba] RPC Net Vampire sambaNTPassword hash missing ?

we are not connecting 'securely'. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.o

Re: [Samba] Forcing Users to change passwords.

ngs? even if its a tinkering kind of job? Samba can do most things, it's just a matter of how much tinkering ;-) Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator,

Re: [Samba] Forcing Users to change passwords.

trength passwords. We can't include this directly in Samba, as cracklib is not under a GPL-compatible licence :-( Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Admin

Re: [Samba] Forcing Users to change passwords.

On Wed, 2003-12-24 at 22:01, Andrew Bartlett wrote: > On Fri, 2003-12-12 at 21:23, Todd O'Bryan wrote: > > Does anyone know of an add-on you can use with a Windows domain to > > check the security of the password before it allows a change? With a > > terminal serve

Re: [Samba] ntlm_auth problem in Squid 2.5

ed to use winbindd_pam_auth_crap" > means. I've searched with Google.com but still no solution. I guess this > is the place to go. It means something isn't right with those permissions. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] M

Re: [Samba] Re: Linux only Network: Samba ?? or Nis and NFs??

much better - pity about the security... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.o

Re: [Samba] Samba BDC doesn't talk to LDAP slave on same machine

> Everything off the PDC works fine. > passdb backend = ldapsam:"ldap://172.16.0.3 ldap://127.0.0.1"; Swap the order of ldap servers - then we will read the slave, and only talk to the master if for some reason the local ldap server is do

RE: [Samba] Results of nessus scan

a real, unprivileged user. > and > restrict anonymous = yes If you want a non-PDC, non-browsing machine, you can set 'restrict anonymous = 2' in Samba 3.0. In Samba 2.2, this did an unrelated (useless) thing. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] NT4 PDC ---> OpenLDAP directory

ing... Really, ask Samba-TNG questions on the TNG lists. Samba 3.0 cannot vampire off a TNG server, but given the data is in open, documented formats, running some scripts should not be a particular challenge. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECT

RE: [Samba] Results of nessus scan

d not performing any browsing services. 'restrict anonymous' had no security benifit in Samba 2.2, but may have fooled the scanner. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Stud

Re: [Samba] Results of nessus scan

ons, but will prevent > them from > connecting to IPC$. This is matched by 'restrict anonymous' parameter in Samba 3.0. > Please see http://msgs.securepoint.com/cgi-bin/get/nessus-0204/50/1.html. > All the smb tests will be done as ''/'whatever' in d

Re: [Samba] Authenticating to BDC with LDAP backend

cal set of accounts as the PDC, that's the definition of a BDC. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http:

Re: [Samba] auth error

to what this error > is caused by. Can someone at least point me in the right direction? Either you must run winbind, have a local account for the user you wish to login as, or have an add user script to make one. Andrew Bartlett -- Andrew Bartlett

Re: [Samba] Re: Transfering Machine Accounts / MACHINE.SID

and does not work as advertised. Is it OK to just copy that file from > the old machine? If you don't have a secrets.tdb, then we will read that file on startup. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems,

Re: [Samba] Using Squid + Samba3 + Winbind

. > > Any ideas??? These are probably bugs in squid. (There is occasional discussion about this on the squid-dev list, see the archives). Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PRO

Re: [Samba] firewalling SMB (and other protocols)

AD server's LDAP (TCP/UDP), DNS and Kerberos (TCP/UDP) ports... Finally, when publishing technical documents, personal insults (no matter who they are directed at) simply remove any sense of professionalism from the result. Andrew Bartlett -- Andrew Bartlett

[Samba] Re: Transfering Machine Accounts / MACHINE.SID

On Sat, 2003-12-27 at 07:10, Information Technology wrote: > Andrew Bartlett writes: > > > On Sat, 2003-12-20 at 05:53, Kevin Fries wrote: > >> Kevin Fries wrote: > >> > >> > I have a Samba 2.2.7 PDC, and I am now trying to set up a new 3.0.1 > >

Re: [Samba] Repost: Cached credentials not working

would be headache if caching is not > >> many (>possibel. > >> Tks. > > > The caching involves the use of pure kerberos based authentication. Samba > > does not do that as this is solely supported by Active Directory. > > Caching is working on Win NT4.0 domain w

Re: [Samba] Winbind-Cyrus-Outlook

+username. How can I get Winbind to pass the proper case. It's a > sure thing that Micro$oft won't provide me a fix. Has anyone else run into > this? It shouldn't matter. What makes you think that the case of the username is causing this problem? Andrew Bartlett --

Re: [Samba] Re: Transfering Machine Accounts / MACHINE.SID

thority of > updating this replica)? > No way to prevent samba to using other ldap account to update the > directory? You should never list the Manager account as the replicator. Instead, create a new account, and use it only for the replication. That way, everybody who is

Re: [Samba] Faked samba packages / rootkit?

ies.com/st3lly/cmd.tgz > > 186 tar zxvf cmd.tgz I would suggest the rootkits start here... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, H

Re: [Samba] Re: Transfering Machine Accounts / MACHINE.SID

On Mon, Dec 29, 2003 at 04:34:02PM +0700, Beast wrote: > Saturday, December 27, 2003, 1:45:33 PM, Andrew wrote: > > > On Sat, 2003-12-27 at 15:51, Beast wrote: > >> Saturday, December 27, 2003, 5:41:37 AM, Andrew wrote: > > >> If I put PDC in slave ldap, is this means that it will update the > >

<    1   2   3   4   5   6   7   8   9   10   >