[Samba] ACL rights switches back to full control with Samba + Windows 2003 ADS integration
Hi Samba mailinglist-users I'm installing a Samba server for a customer who already has a Windows 2003 network. The Win 2003 server is DC, DNS and fileserver and works fine but the customer wants the Samba server for more file capacity. In fact everything is working fine except changing the special ACL rights from users: When I logon on the Windows 2003 server and wants to change the ACL's from a share on the Linux server I can see the groups, add them and so on, but as soon as I change the special permissions from a user who has read and write access on this share and add in the advanced permissions create folders / write data and push the apply button the rights from this user jumps to full control.(see screenshots 1-5) When I do the same actions on a share on the Windows 2003 server it's working fine as expected so It's something in the samba server. This is my samba configuration: [EMAIL PROTECTED] ~]# more /etc/samba/smb.conf [global] workgroup = CCC netbios name = VMWARE realm = CCC.LOCAL security = ads encrypt passwords = yes password server = 192.168.2.10 socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384 os level = 20 preferred master = no max log size = 50 log file = /var/log/samba.ads/log.%m dns proxy = no wins server = 192.168.2.10 wins proxy = no # separate domain and username with '/', like DOMAIN/username winbind separator = / # use UIDs from 1 to 2 for domain users idmap uid = 1-2 # use GIDs from 1 to 2 for domain groups idmap gid = 1-2 # allow enumeration of winbind users and groups winbind enum users = yes winbind enum groups = yes #winbind user default domain = yes printcap name = /etc/printcap load printers = no printing = no SHARES [Test] comment = TestShare path = /storage/Testshare read only = no writable = yes admin users = @CCC/domain admins browseable = yes inherit acls = yes inherit permissions = yes create mask = 700 directory mask = 700 valid users = @CCC/domain users This is my fstab: [EMAIL PROTECTED] samba.ads]# more /etc/fstab /dev/VolGroup00/LogVol00 / ext3defaults1 1 LABEL=/boot /boot ext3defaults1 2 devpts /dev/ptsdevpts gid=5,mode=620 0 0 tmpfs /dev/shmtmpfs defaults0 0 proc/proc procdefaults0 0 sysfs /syssysfs defaults0 0 /dev/VolGroup00/LogVol01 swapswapdefaults0 0 /dev/sdb1 /storageext3defaults,acl0 0 I'm using the following Samba version: [EMAIL PROTECTED] samba.ads]# rpm -q samba samba-3.0.23c-2.el5.2.0.2 Somebody any idea what the problem could be? Thanks in advance, Bart Hendrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] GUI administration for Samba+LDAP
HI Ninjacrap Search on sourceforge for the Ldap Account Manager (LAM) This works really good Met vriendelijke groeten, Bart Hendrix = NLcom - Official Neuberger Hughes Distributor Support Center Benelux - Sint Maartenslaan 26, 6221 AX Maastricht The Netherlands Phone: +31-(0)43-3500190 Fax : +31-(0)43-3500192 Web : http://www.nlcom.nl Mail : [EMAIL PROTECTED] = - Original Message - From: ninjacrap [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, August 23, 2005 1:33 PM Subject: [Samba] GUI administration for Samba+LDAP I'm running a Samba Primary Domain Controller, with an LDAP backend. I'm currently using the smbldap-tools from IDEALX, and is searching for a GUI to manage the users instead. I've been looking at the IMC Samba-Console, also from IDEALX, but this doesn't have any rpm's for RHEL v4, and building of the source keeps getting errors. An rpm for RHEL or another GUNI would be most helpful. Any suggestions? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Two questions
Hi All, I have the following questions: We have some folders / shares where we store for example only .doc files. But some users also saves the .jpg files in this share. We don't want this and we wondered if we can block saving .jpg files with samba. Is there an option to set in smb.conf so we can block the saving of .jpg files? Second one: Some users saves the .doc files for example as thisisanexampleforarealylongnameforawordfile.doc Is there an option to prevent these long names? Thanx Met vriendelijke groeten, Bart Hendrix -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Only show shares a user have permission to access
Hi Jacob You can do this with the optio: hide unreadable = yes in smb.conf You have to set it for each share. Greetz Bart - Original Message - From: Jacob Friis Larsen [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Friday, January 21, 2005 2:34 PM Subject: [Samba] Only show shares a user have permission to access How can I make Samba only show shares a user have permission to access? Thanks, Jacob -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Problem adding computer to domain
Hi All I have the following problem: I'm using samba with ldap. Everybody can login on the domain, access shares and so on. But when I want to add a new computer to the domain, windows asks for a password (this is normal) and as ever we tried to login with root and the password. But unfortunately , now it says: can't find user. I check with phpldapadmin and I see the user root in the ldap database. I can also access shares as user root This is the ldap logging and I don't see any errors: Jan 20 12:48:46 localhost slapd[8709]: daemon: conn=97 fd=20 connection from IP=172.16.6.3:52231 (IP=0.0.0.0:389) accepted. Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=0 BIND dn=CN=MANAGER,DC=SIF-GROUP,DC=NL method=128 Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaDomain)(sambaDomainName=SIF-GROUP)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=2 SRCH base=dc=sif-group,dc=nl scope=2 filter=((uid=root)(objectClass=sambaSamAccount)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=2 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: daemon: conn=98 fd=25 connection from IP=127.0.0.1:52232 (IP=0.0.0.0:389) accepted. Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=0 BIND dn= method=128 Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=(uid=root) Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=2 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=1 filter=((objectClass=posixGroup)(|(memberUid=root)(uniqueMember=uid=root,ou=People,dc=sif-group,dc=nl))) Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=2 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=3 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=0)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=3 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=4 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=1)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=4 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=5 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=2)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=5 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=6 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=3)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=6 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=7 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=4)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=7 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=8 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=6)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=8 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=9 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=10)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=9 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=10 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=512)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=10 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=-1 fd=20 closed Jan 20 12:48:46 localhost slapd[8709]: conn=-1 fd=25 closed Jan 20 12:48:47 localhost slapd[8709]: daemon: conn=99 fd=20 connection from IP=172.16.6.3:52233 (IP=0.0.0.0:389) accepted. Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=0 BIND dn=CN=MANAGER,DC=SIF-GROUP,DC=NL method=128 Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaDomain)(sambaDomainName=SIF-GROUP)) Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=2 SRCH base=dc=sif-group,dc=nl scope=2 filter=((uid=root)(objectClass=sambaSamAccount)) Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=2 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:47 localhost slapd[8709]: daemon: conn=100 fd=25 connection from
Re: [Samba] Problem adding computer to domain
If somebody wants to kow: I'musing Samba version 3.0.9-1.3E.1 greetz Bart - Original Message - From: Bart Hendrix [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Thursday, January 20, 2005 12:56 PM Subject: [Samba] Problem adding computer to domain Hi All I have the following problem: I'm using samba with ldap. Everybody can login on the domain, access shares and so on. But when I want to add a new computer to the domain, windows asks for a password (this is normal) and as ever we tried to login with root and the password. But unfortunately , now it says: can't find user. I check with phpldapadmin and I see the user root in the ldap database. I can also access shares as user root This is the ldap logging and I don't see any errors: Jan 20 12:48:46 localhost slapd[8709]: daemon: conn=97 fd=20 connection from IP=172.16.6.3:52231 (IP=0.0.0.0:389) accepted. Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=0 BIND dn=CN=MANAGER,DC=SIF-GROUP,DC=NL method=128 Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaDomain)(sambaDomainName=SIF-GROUP)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=2 SRCH base=dc=sif-group,dc=nl scope=2 filter=((uid=root)(objectClass=sambaSamAccount)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=2 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: daemon: conn=98 fd=25 connection from IP=127.0.0.1:52232 (IP=0.0.0.0:389) accepted. Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=0 BIND dn= method=128 Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=(uid=root) Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=2 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=1 filter=((objectClass=posixGroup)(|(memberUid=root)(uniqueMember=uid=root,ou=People,dc=sif-group,dc=nl))) Jan 20 12:48:46 localhost slapd[8709]: conn=98 op=2 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=3 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=0)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=3 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=4 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=1)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=4 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=5 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=2)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=5 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=6 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=3)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=6 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=7 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=4)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=7 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=8 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=6)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=8 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=9 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=10)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=9 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=10 SRCH base=ou=Groups,dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaGroupMapping)(gidNumber=512)) Jan 20 12:48:46 localhost slapd[8709]: conn=97 op=10 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:46 localhost slapd[8709]: conn=-1 fd=20 closed Jan 20 12:48:46 localhost slapd[8709]: conn=-1 fd=25 closed Jan 20 12:48:47 localhost slapd[8709]: daemon: conn=99 fd=20 connection from IP=172.16.6.3:52233 (IP=0.0.0.0:389) accepted. Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=0 BIND dn=CN=MANAGER,DC=SIF-GROUP,DC=NL method=128 Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=0 RESULT tag=97 err=0 text= Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=1 SRCH base=dc=sif-group,dc=nl scope=2 filter=((objectClass=sambaDomain)(sambaDomainName=SIF-GROUP)) Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=1 SEARCH RESULT tag=101 err=0 text= Jan 20 12:48:47 localhost slapd[8709]: conn=99 op=2 SRCH base=dc=sif-group,dc=nl scope=2
Re: [Samba] Free space calculation gets it wrong
Hi Could you please do the following command: df -h And paste the result ;-) Thanx bart - Original Message - From: Alexander Skwar [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, January 19, 2005 9:22 AM Subject: [Samba] Free space calculation gets it wrong Hello! Running Samba 3.x on HP-UX 11.00, Linux and Solaris. I've got a problem with the free space calculation of Samba. The problem is, that Samba only seems to return the free space available in the top directory of a share and not the free space available in the current directory. That's a problem for me, since I share a directory on the server and then mount the actual stuff into it. Let me give you an example: I shared the directory /Shares on server with the name Shares. The directory /Shares is on / on the server. In /Shares, there's the directory CAD. This directory is a seperate file system. Now I start the Windows Explorer (from Windows XP) and go to \\server\Shares\CAD. The free space available is the same as shown in \\server\Shares - IOW: it shows the free space from /, and not from /Shares/CAD Directory Mountpoint Free space /Shares / 20MiB /Shares/CAD /Shares/CAD 40GiB Going to \\server\Shares\CAD shows me that 20MiB is available and not, as wanted, 40GiB. What do I have to do, to make Samba return the free space in the current directory and not from the top most directory of the share? First, I thought to write a script which I hook into the dfree command option of Samba. But sadly this did not work :( Just like the man page says, the script is only given ./ as the first (and only) parameter. I also did not see anything of interest in the environment (as printed by the env command). I don't quite see how to get to what directory ./ (the current directory) is referring. Do you have any clues on how to solve that problem? BTW: Also sharing /Shares/CAD is not a solution I'm after :) Thanks a lot, Alexander Skwar -- If there were a school for, say, sheet metal workers, that after three years left its graduates as unprepared for their careers as does law school, it would be closed down in a minute, and no doubt by lawyers. -- Michael Levin, The Socratic Method - -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] user-rights
Hi Mr. Buchbach You have to check what the rights are of the owner, group and other. Also check the owner and group after a user creates / modifies a file You can set rights in the smb.conf (for example force create mode = ) or you can use the setfacl commands. Greetz Bart - Original Message - From: M. Buchbach [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, January 19, 2005 7:21 PM Subject: [Samba] user-rights Hello! I've got some problems with the user-rights setting to my linux-machine. I want to create a file-server-system with samba where I can create a copy-directory, too. To this copy-directory every person, who can connect to the samba-machine, should be able to write through this directory and to make changes on documents, like word-documents, which are saved in this directory. My problem is that only the person, who has created a file through this directory, is able to make changes on this file. Other persons only can open this file to watch the content. I have no idea, which options I must change in the smb.conf-file so that every person is able to make changes on every file that is saved in the copy-directory. The security-level is set to user-security and every person connects with a username and a password to the samba-machine. Can anyone help me to solve my problem? Thanks! Buchbach -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] ACL Win XP problem
Hello Jamison, I'm not if I'm right, but if you want tosearch for a username when you want to set acl, you have to do this as root. So if the popup comes up, try username root and the password of root. Then you will see al users and you can add / modify and so on. Greetz Bart - Original Message - From: Jamison Stepan [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, January 19, 2005 10:37 PM Subject: [Samba] ACL Win XP problem Ok, I've been searching Google for two days and can't seem to find an answer for this. I want to use ACL's, but I need to be able to administer them in Win XP. My distro is Suse 9.1 and I'm running a standalone Samba server. I can create acl's just fine in Linux/shell, and when I view a file in the Security tab I can see and edit all the ACL parameter's just fine. However, when I attempt to add a user I get a box asking me to search for a user name. When I enter a username I then get a box that asks for a username and password. However, no matter what username and password I put in here I still get a message back that it cannot find the object. As I've read through the posts about this in the past everything seems to revolve around having a domain running, which we do not/cannot have. Is it possible to add users to an file's ACL with a standalone samba server? And if so, is there a configuration part that you need in order to add users? Thanks, Jamison Stepan -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba log analyzer
Hi All, We use LogWatch for our Samba server. The reports looks like the following: ### LogWatch 4.3.2 (02/18/03) Processing Initiated: Thu Jan 13 04:02:13 2005 Date Range Processed: yesterday Detail Level of Output: 0 Logfiles for Host: samba3 - Named Begin Zone update refused: 172.17.6.3 (intra.nlcom.nl/IN): 43 Time(s) -- Named End - - samba Begin **Unmatched Entries** auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [COMMERS2]\[Commers [EMAIL PROTECTED] with the new password interface : 1 Time(s) auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface : 6 Time(s) auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface : 7 Time(s) auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface : 1 Time(s) auth/auth.c:check_ntlm_password(219) check_ntlm_password: Checking password for unmapped user [EMAIL PROTECTED] with the new password interface : 1 Time(s) auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [NLCOM-NL]\[Commers [EMAIL PROTECTED] : 1 Time(s) auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] : 6 Time(s) auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] : 7 Time(s) auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] : 1 Time(s) auth/auth.c:check_ntlm_password(222) check_ntlm_password: mapped user is: [EMAIL PROTECTED] : 1 Time(s) auth/auth.c:check_ntlm_password(268) check_ntlm_password: guest authentication for user [] succeeded : 15 Time(s) auth/auth.c:check_ntlm_password(312) check_ntlm_password: Authentication for user [Commers Health] - [Commers Health] FAILED with error NT_STATUS_NO_SUCH_USER : 1 Time(s) auth/auth_sam.c:check_sam_security(244) check_sam_security: Couldn't find user 'Commers Health' in passdb file. : 1 Time(s) auth/auth_winbind.c:check_winbind_security(80) check_winbind_security: Not using winbind, requested domain [NLCOM-NL] was for this SAM. : 1 Time(s) lib/interface.c:add_interface(79) added interface ip=172.16.20.1 bcast=172.16.20.255 nmask=255.255.255.0 : 2 Time(s) lib/interface.c:add_interface(79) added interface ip=172.17.6.3 bcast=172.17.255.255 nmask=255.255.0.0 : 2 Time(s) lib/interface.c:add_interface(79) added interface ip=192.168.184.1 bcast=192.168.184.255 nmask=255.255.255.0 : 2 Time(s) lib/smbldap.c:smbldap_connect_system(804) ldap_connect_system: succesful connection to the LDAP server : 125 Time(s) lib/smbldap.c:smbldap_connect_system(804) ldap_connect_system: succesful connection to the LDAP server smbldap_open_connection: connection opened : 1 Time(s) lib/smbldap.c:smbldap_open_connection(638) : 1 Time(s) lib/smbldap.c:smbldap_open_connection(638) smbldap_open_connection: connection opened : 125 Time(s) lib/smbldap.c:smbldap_search_domain_info(1319) Searching for:[((objectClass=sambaDomain)(sambaDomainName=NLCOM-NL))] : 126 Time(s) lib/sysquotas.c:sys_get_quota(413) sys_get_vfs_quota() failed for mntpath[/work] bdev[/dev/sda1] qtype[2] id[1007]: Invalid argument : 1 Time(s) lib/sysquotas.c:sys_get_quota(413) sys_get_vfs_quota() failed for mntpath[/work] bdev[/dev/sda1] qtype[4] id[513]: Invalid argument : 1 Time(s) lib/util_seaccess.c:se_access_check(251) : 38 Time(s) lib/util_seaccess.c:se_access_check(252) se_access_check: user sid is S-1-5-21-1415303871-1163983296-3890754924-3014 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-2027 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-512 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-513 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-2089 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-3001 : 6 Time(s) lib/util_seaccess.c:se_access_check(252) se_access_check: user sid is S-1-5-21-1415303871-1163983296-3890754924-501 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-514 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-32-546 se_access_check: also S-1-5-21-1415303871-1163983296-3890754924-1199 : 32 Time(s) lib/util_sock.c:get_peer_addr(1000) getpeername failed. Error was Transport endpoint is not connected : 23 Time(s) lib/util_sock.c:send_smb(647) : 1 Time(s)
Re: [Samba] Multiple Permissions within a share for the same userid
Hi Tom. The most easiest way is to create two shares, but you can also set with setfacl the rights. Then you don't have to use the readlist and writelist in samba.conf. With this tool you can set rights for every share / folder in this share, or one folder in a share. If you want to learn more about setfacl: google is one of your best friends. Greetz Bart - Original Message - From: Tom Skeren [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: samba@lists.samba.org Sent: Wednesday, January 12, 2005 10:50 PM Subject: Re: [Samba] Multiple Permissions within a share for the same userid Michael Lueck wrote: Simply what I would like to create is the following Default, the share is read only The share has a write list, for admins allowed to update the share Now for the twist... Read Only Users have ability to write to one dir within the share Any simple way to configure this, or is two shares easier? Two shares are the easiest way to do this, IMHO. TMS III Here is the share as it stands today... [blablabla] comment = Bla Bla Bla browseable = no path = /shares/blablabla guest ok = no read only = yes write list = mradmin And lets say I would like to allow /shares/blablabla/app/logs to be a user writable directory tree. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] sharing Outlook Contacts Calendar
Hi Ilia Please check exchange4linux There are two versions - Open source version: http://www.exchange4linux.org/ You can install the open source version on your existing Linux Samba server - Commercial packet: http://www.exchange4linux.com Good luck. Bart Hendrix - Original Message - From: Ilia Chipitsine [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Tuesday, January 11, 2005 11:51 AM Subject: [Samba] sharing Outlook Contacts Calendar Dear Sirs, what can You advice on sharing MS Outlook Conatacs Calendar for samba domain ? (I did some investigation on this subject, but I didn't find any beautiful solution at all) Cheers, Ilia Chipitsine -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] force create mode
Hi Patrick, Try to use the following in your smb.conf. force create mode = 0770 Greetz Bart - Original Message - From: Patrick DUBAU [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Monday, January 10, 2005 5:30 PM Subject: Re: [Samba] force create mode This is an update. I found for question 2. Just putforce group = group name or set the setgid bit on the root directory of the share But i still can't solve my first problem. What do i have to do so that each file that a user creates has the following rights rwx rwx --- ? Were is the trick ? i read about force mask , creat mask ... in man smb.conf but i really don't understand i wan to force the rights of a file that is created by a user at rwx rwx --- in the shared folder (samba 3.10) here's the section in smb.conf file of the share [compta] comment = fichiers du service comptable path = /home/services/compta public = yes writeable = yes read only = no force create mode = 0034 valid users = @compta # le groupe superviseur a tous les droits sur ce partage admin users = @superviseur browseable = no i put force create mode = 0034, because i read that samba will make a 'OR' bit operation on it The default creat mask is 0744 so when i create a file the rights are rwx r-- r--. Ok But when i put force create mode = 0034 i get rwx rwx r-- instead of rwx rwx --- !! Where is the mistake? Second question : What instruction do i have to add in the [compta] section so that all the files are created with the right group (for now they are created with 'Domain Users' group) Thanks for ant help -- Patrick DUBAU IUFM d'Alsace - Service Informatique : Parfois détruire, souvent construire, toujours Servir 200 avenue de Colmar 67100 STRASBOURG Téléphone: 03.88.40.79.76 -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] cant logon when i change winxp hostname
Hi Leandro Try to delete the original hostname from your host-list in your LDAP, change the domain to workgroup, reboot your machine, and change the workgroup again to domain. Bart - Original Message - From: Leandro (uyuyuy) [EMAIL PROTECTED] To: samba@lists.samba.org Sent: Wednesday, January 05, 2005 2:53 PM Subject: [Samba] cant logon when i change winxp hostname (excuse for my bad english) When I change WinXP hostname (both hostnames are in my hosts-list in ldap) I can´t logon onto domain. Now, when I use original hostname I logon successfully. I use samba 3.0.1pre1 Is this a bug ?! Leandro. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] LDAP problem, with samba and groups
Hi All We have the following problem: We configured samba with LDAP and this works fine. As soon as they try to login wit a user who is member of 15 groups, it takes very long to login with Windows and then an mostly an errormessage appears. On win 2000 is the error: There has been made a change to the server. Contact you sysadmin When a user logins (member of 15 groups) ldap shows the following logging: Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6 Dec 24 10:43:45 localhost slapd[3322]: = test_filter Dec 24 10:43:45 localhost slapd[3322]: EQUALITY Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: search access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6 Dec 24 10:43:45 localhost slapd[3322]: = test_filter_and 6 Dec 24 10:43:45 localhost slapd[3322]: = test_filter 6 Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl entry requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl objectClass requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl cn requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl cn requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl gidNumber requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:45 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl description requested Dec 24 10:43:45 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl description requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaSID requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaSID requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaGroupType requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl sambaGroupType requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl displayName requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted Dec 24 10:43:46 localhost slapd[3322]: = access_allowed: read access to cn=engineering_w,ou=Groups,dc=sif-group,dc=nl displayName requested Dec 24 10:43:46 localhost slapd[3322]: = root access granted And then really realy much, very long. With continuesly an other cn = groupname Now I see that the logging winbindd in /etc/samba/ shows: [2004/12/24 10:58:36, 1] lib/smbldap.c:another_ldap_try(936) Connection to LDAP server failed for the 11 try! [2004/12/24 10:58:37, 0] lib/smbldap.c:smbldap_open_connection(545) ldap_initialize: Time limit exceeded [2004/12/24 10:58:37, 1] lib/smbldap.c:another_ldap_try(936) Connection to LDAP server failed for the 12 try! [2004/12/24 10:58:38, 0] lib/smbldap.c:smbldap_open_connection(545) ldap_initialize: Time limit exceeded [2004/12/24 10:58:38, 1] lib/smbldap.c:another_ldap_try(936) Connection to LDAP server failed for the 13 try! [2004/12/24 10:58:39, 0]
[Samba] Question about win2000 and samba
Hi All, I setup Samba 3.09 with LDAP and everything seems to work fine. (shres, permissions, startscripts) But we have the following problem on Win2000 machines: If you start the machine and Login on the domain everythings seems to go fine. Then the startscript will be loaded and works fine. When I go to my computer, I see a red cross in every sharemapping. But when I click on the sharemapping it seems to work fine end I can see al files. Windows XP works fine, and doesn't show the red cross. Any idea why the red cross is showed? Thanks Bart -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question about win2000 and samba
Hi Everybody, According to the response below: You think that the connections idled out, but the red cross is there immediatly. As soon as I login and go to my computer, the connections are red crossed. Any idea why? Bart - Original Message - From: Adam Tauno Williams [EMAIL PROTECTED] To: Spike Burkhardt [EMAIL PROTECTED] Cc: Bart Hendrix [EMAIL PROTECTED]; samba@lists.samba.org Sent: Thursday, December 23, 2004 6:28 PM Subject: Re: [Samba] Question about win2000 and samba I setup Samba 3.09 with LDAP and everything seems to work fine. (shres, permissions, startscripts) But we have the following problem on Win2000 machines: If you start the machine and Login on the domain everythings seems to go fine. Then the startscript will be loaded and works fine. When I go to my computer, I see a red cross in every sharemapping. But when I click on the sharemapping it seems to work fine end I can see al files. Windows XP works fine, and doesn't show the red cross. Any idea why the red cross is showed? The connections have been idled out, this is normal Windows 2000 behaviour. There are many articles about changing the value or disabling the 'feature' -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Question about size folder
Hi everybody Does somebody know if it's possible to send a email when a folder has a specific size? thanks Bart -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Find who deleted a folder
Hello We are using samba. Somebody in our company deleted two days ago a folder called 995 Is it possible with samba to check who did this? Thank you very mucn, Bart Hendrix -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba + Share Quota's
Hi Samba users. I have the following problem and I hope somebody can help me: I installed Samba on a White Box linux machine and used LDAP for authentication. I created a directory /work/shares. In /work/shares are all share directories created. The problem I'm having now is that the total capacity of each share is the same because they are on the same partition. (So /work/shares/test and /work/shares/software both used 80 GB from a total of 120 GB free space, but /test used 20 GB and /software 60 GB) Is it possible to configure the free space size with smbcquota's? I tried this but I couldn't configure it because I dont know the values of soft/hard limit. (smbcquotas //fileserver/test -S FSQLIM:softlimit/hardlimit) Is smbcquota's the right program or is there a different solution? Thank you very much Bart Hendrix -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba