Re: [Samba] How to install a replacement PDC?
On Mon, Jul 29, 2013 at 6:47 AM, sam...@nym.hush.com wrote: I’d appreciate some pointers on what to do. I don’t want to have the exact same users on the new Debian server (some of the users on the Unix server have left) so was hoping to just create users and groups manually rather than copy existing files across. Do I need to edit the UIDs and GIDs somehow, and then export/import some password/security files? I’ve seen that on the Unix server there’s a file named /etc/smbpasswd, but that isn’t on the Debian server, so I’m wondering if they’re using a different type of security back- end… Is there a command which will report this, or which smb.conf parameters will identify this? I don’t do a lot of this stuff, so any help would be appreciated. Most likely is that It would have simplest to copy the old Samba configuration to the new system. Update the smb.conf for necessary changes (review all of the Changelog's from the old version to the new version), change from the smbpasswd backend to the tdbsam backend (the new default), then remove the users you no longer want or need. Having said that I just finished migrating an NT4 PDC with Exchange 5.5 to two new VM's; the PDC part to a new Debian Samba installation by hand (the long way), and the Exchange 5.5 part to a new NT4 server install (sounds like fun, right?). Fortunately the client install base was under 25 so doing it the long way was not out of the question. Had I been moving between Samba version I would not even have been tempted to do anything except follow the first paragraph above. Basically, in the long way, you need the same domain SID, the same user SID's and I believe also the same machine SID's (I manually set all of these as well), etc. and the proper group mappings (no longer automatic, see chapter 9 of the official howto). Then you'll have to rejoin all machines to the new PDC although really you are just resetting the trust password. The UID/GID's are meaningless to the Windows side, no need to mess with those, although I prefer to use different ranges for Windows users, and Machines (and also a different group for Machines - just a nicety for scripting later on). Done properly the users will see no difference when they login to the domain, same profile, etc. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to install a replacement PDC?
You may want to look into using the Sernet packages instead of the Debian ones, then you'll have an up-to-date Samba 3.6.16 installation. Only problem I had was that I needed to add Samba to run level 2 as it appears my CLI only install of Wheezy doesn't boot into run level 3 (as Debian claims is their default). Chris On Tue, Jul 30, 2013 at 9:00 AM, sam...@nym.hush.com wrote: Thanks very much for your detailed reply. I’m sure it will be very helpful. Is there an easy way to search for your earlier posts? I’m looking in the archives, and opening them by month, then searching for your name. It just seems a bit long-winded – I’m not sure when you would have posted them! Thanks again. On Mon, 29 Jul 2013 16:49:48 +0100 Gaiseric Vandal gaiseric.van...@gmail.com wrote: Run the testparm -v to see full details, including defaults that may not have been explicitly specified in smb.conf. You want to look out for the passdb backend value. On samba 3.4 or later tdbsam is probably the only valid local option. If you were using the smbpasswd file (text?) format on 3.0.x you may need to use the smbpasswd command to export / import to the TDB (trivial data base) format. With the old primary domain server running you should join the new machine to the domain as a member server. (net join.) The localsid on all dc's should match the domainsid. You can probably then make the new machine a DC by changing the smb.conf to allow domain logons and by changing the localsid to be the domain sid.Verify that they user accounts are the same on each DC with pdbedit -Lv. You may find that some accounts did not export properly. Also make sure that each domain controller has the same group mappings (net rpc groupmap list ?) From 3.0. to 3.4 or later you may find you need to explicitly some of the well known groups. You may also need to create an explicit nobody user in linux (and specify guest account = nobody in smb.conf.) Search for earlier post by me that cover DC migration and 3.0x to 3.4. upgrades. On 07/29/13 11:24, sam...@nym.hush.com wrote: Also, here are the 'global' sections from the 'testparm' command. Existing Unix server [global] workgroup = DDOMAIN server string = Samba Server PDC smb passwd file = /etc/smbpasswd log file = /usr/lib/samba/var/log.%m max log size = 50 time server = Yes keepalive = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No disable spoolss = Yes logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes hosts allow = 192.0.0., 127. New Debian server [global] workgroup = DDOMAIN server string = %h server (Samba %v) interfaces = 127.0.0.0/8, eth0 bind interfaces only = Yes obey pam restrictions = Yes smb passwd file = /etc/smbpasswd ### I added this, but the file doesn’t exit pam password change = Yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . unix password sync = Yes syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 logon script = %U.bat logon drive = G: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes panic action = /usr/share/samba/panic-action %d -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] How to install a replacement PDC?
On Tue, Jul 30, 2013 at 12:36 PM, Chris Smith smb...@chrissmith.org wrote: Only problem I had was that I needed to add Samba to run level 2 as it appears my CLI only install of Wheezy doesn't boot into run level 3 (as Debian claims is their default). Just read somewhere else the run level 2 is the default for Debian - in that case I think Sernet should modify the init script. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3 and Windows 8 Point'n'Print drivers
On Thu, Jun 6, 2013 at 9:56 AM, Lukasz Zalewski lu...@eecs.qmul.ac.uk wrote: According to http://msdn.microsoft.com/en-us/library/windows/hardware/hh852373.aspx Windows 8 should be able to use level 3 drivers, but it does not seem to work for me. Are they any workarounds that can be applied (client or server side) to make this happen? If you're getting error 0x06d1 see my blog post: http://blog.realcomputerguy.com/2013/06/fix-error-0x06d1-using-level-3.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3 and Windows 8 Point'n'Print drivers
On Thu, Jun 6, 2013 at 12:24 PM, Lukasz Zalewski lu...@eecs.qmul.ac.uk wrote: Thank you for this. Unfortunately i do not even get that far. Windows claims that there is no driver found :( Does the driver have to be installed manually? I'm using the standard CUPS drivers. They work with all of the printers I need to support (HP, Konica, Kyocera, Toshiba, Xerox, etc.). I have another blog post about using those: http://blog.realcomputerguy.com/2011/10/cups-samba-64bit-driver-installation.html Unfortunately the links to the CUPS drivers are now defunct - a sad day when Apple bought EasySW. Regretting the day when those will become unusable... they make things so easy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] guest share on a security = user server
My blog has the method I've used for years: http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html On Fri, May 3, 2013 at 6:44 AM, Michael Wood esiot...@gmail.com wrote: On 3 May 2013 12:42, Michael Wood esiot...@gmail.com wrote: [...] Maybe the map to guest option will help you solve your problem? Never mind, I see you've tried that. -- Michael Wood esiot...@gmail.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Winbind in 3.6.14 crashes against NT4 DC
Filed as bug 9847: Customer, in the 3.6.x series, has run 3.6.10 through 3.6.13 successfully. After upgrading to 3.6.14 Winbind crashes and their data is no longer accessible. Reverting to 3.6.13 brings back stability. [2013/05/01 23:15:16.303789, 0] winbindd/winbindd.c:212(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) [2013/05/02 07:23:15.894065, 0] lib/fault.c:47(fault_report) === [2013/05/02 07:23:15.894202, 0] lib/fault.c:48(fault_report) INTERNAL ERROR: Signal 11 in pid 30869 (3.6.14) Please read the Trouble-Shooting section of the Samba3-HOWTO [2013/05/02 07:23:15.894262, 0] lib/fault.c:50(fault_report) Sorry, could not troubleshoot this during business hours. Can get whatever is requested after hours. Thanks. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Static entries NOT working (Debian, Ubuntu)
On Sun, Apr 21, 2013 at 1:24 PM, thomas t.macai...@beware.fr wrote: Are you sure this is working ? I tried it and it doesnt. Yes, I have static entries that are still there from months ago. I have winbind installed and can findsmb / smbtree . pinging the NetBIOS names found by previous commandes works. pinging the ones I added manually doesn't. I also tried copy/pasting entries and just changing the IP with no success Even the entries with TTL set to zero are overwritten when restarting SAMBA. I think any entry will get over written if a client registers that same name. I'm using the entries for things like WPAD and ISATAP. You can't force an IP address with WINS. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Static entries NOT working (Debian, Ubuntu)
On Tue, Apr 16, 2013 at 10:48 AM, Thomas Macaigne t.macai...@beware.fr wrote: I am trying to add static WINS entries in my Samba server, running on Ubuntu server. I read various forums and inputs on this mailing list mentionning the use of wins.dat which is located at /var/lib/samba/wins.dat I believe you must stop Samba (or at least nmbd) before editing. I use the #20 entry as well as in: MADMAN#20 0 192.168.1.2 66R Edit the the entries for all of types and then restart Samba/nmbd: MADMAN#00 0 192.168.1.2 66R MADMAN#03 0 192.168.1.2 66R MADMAN#20 0 192.168.1.2 66R Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Anonymous Samba share across subnets (without WINS?)
On Tue, Apr 9, 2013 at 1:00 PM, Jon Heese jhe...@co.weld.co.us wrote: My next idea was to use Samba to create an anonymous share, and following this quick-n-dirty HowTo: http://www.debuntu.org/samba-how-to-share-files-for-your-lan-without-userpassword/, I set up a Lucid Lynx box with samba (3.4.7~dfsg-1ubuntu3.10) to do just that. See my blog post here: http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] determining Samba version
Is there a way to determine (or at least get close) what version of Samba an embedded client may be running (or based on) via packet sniffing (tcpdump, wireshark)? Thanks. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] determining Samba version
On Thu, Apr 4, 2013 at 2:00 PM, Richard Sharpe realrichardsha...@gmail.com wrote: If they have not changed the version string to obscure the version, then the following will work: cc1# smbclient //some-node/some-share -U[some-dom/]some-user%some-password Failed to load upcase.dat, will use lame ASCII-only case sensitivity rules Failed to load lowcase.dat, will use lame ASCII-only case sensitivity rules Domain=[some-dom] OS=[Unix] Server=[Samba 3.6.12] It's not a server, just a client, so I cannot connect to it as such. You can also look at the Session Setup X Responses for SMB1 only and will see something like: Samba 3.6.6 in something like the Native Lanmanager Version field. That gives something: == Native OS: Linux version 2.6.35 Native LAN Manager: CIFS VFS Client for Linux == Doesn't seem to be any detail about what CIFS version they're using. Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] determining Samba version
On Thu, Apr 4, 2013 at 2:21 PM, Chris Smith smb...@chrissmith.org wrote: == Native OS: Linux version 2.6.35 Native LAN Manager: CIFS VFS Client for Linux == It advertises these protocols: === Dialect: PC NETWORK PROGRAM 1.0 Dialect: MICROSOFT NETWORKS 1.03 Dialect: MICROSOFT NETWORKS 3.0 Dialect: LANMAN1.0 Dialect: LM1.2X002 Dialect: DOS LANMAN2.1 Dialect: LANMAN2.1 Dialect: Samba Dialect: NT LANMAN 1.0 Dialect: NT LM 0.12 === and has issues with later OSX and Windows 8 SMB. Didn't know there was a specific Samba dialect. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Recomendations for working with existing DNS setups
On Mon, Apr 1, 2013 at 7:05 PM, Andrew Bartlett abart...@samba.org wrote: If I could change the subject somewhat, I am also not clear on how to configure SAMBA4 and the DNS server if my network has an existing DNS server on another machine and I don't really want to move it. The DNS server is a stock install of bind from the distro's repository: bind-9.8.2-0.17.rc1.el6_4.4.x86_64 Samba must locally host it's own DNS domain, on the Samba 4.0 AD DC. You may wish to have your existing BIND instance forward the Samba 4.0 subdomain to Samba using a zone type of 'forward'. I've been wondering... Do the Windows clients, if they aren't sharing anything, actually need DNS resolution? Could Samba just host the DNS for the SRV (and other special) records as a subdomain and therefore have all queries go to another DNS server which, for the special subdomain, forwards only those requests to the Samba server? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba (3.6.12) - Different Home Directories for Different Users
On Fri, Mar 15, 2013 at 4:59 PM, TMason c.koe...@live.com wrote: What I would like to do now is have different /etc/skel directories for different groups. So, for example, if someone from the Finance department logs in one set of default settings are copied for that person but if someone from sales logs in another set of default settings are copied over for that user. How can I do this with Samba/Linux? Maybe you can use the group variable %G in the add user script as part of the skel name: -k /etc/skel%G and make sure you have a corresponding skeleton directory for each group. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.6.10 not reading groups
Might be related to my bug: https://bugzilla.samba.org/show_bug.cgi?id=9561 Unfortunately I'm not getting any traction on it. From my testing there still hasn't, after 10 releases, been a fully usable 3.6.x and now it's claimed to be in maintenance mode due to the release of Samba 4.x, which I guess must not have any major issues. On Mon, Jan 21, 2013 at 1:06 PM, Benjamin Huntsman bhunts...@mail2.cu-portland.edu wrote: It isn't honoring groups specified in the valid users clause of the share configuration. I'm running in security = SHARE mode, and user authentication is working just fine. Even if I specify individual users on the valid users = line, it works. Just not groups. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] static only wins server
Since there's only a couple of server systems on the network that actually need name resolution or to be seen via NetBIOS browsing. Is there any reason not to run a static only WINS server with just the information for those systems listed? If not, then how can one stop the other systems from registering themselves? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] static only wins server
On Tue, Dec 18, 2012 at 2:08 PM, Gaiseric Vandal gaiseric.van...@gmail.com wrote: If your windows clients use login scripts to map drives, then they don't need WINS at all, since they resolve hosts via DNS. I think that WINS is necessary for the clients to find the Domain Controller. However, if a client isn't using wins it will still use netbios browser to locate resource on the network.I am not sure if you can totally defeat this by pointing the windows clients to an inactive WINS server. I want the WINS server to be active - just read only. Clients will receive P-Node instructions (WINS only) from the DHCP server. If you don't have file and print sharing enable on the windows client that should prevent them from showing up a netbios resources. Many of the client systems will not be under management control. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] static only wins server
I'm not referring to Active Directory, the Domain Controller is a Samba 3 box. On Tue, Dec 18, 2012 at 4:24 PM, Adam Tauno Williams awill...@whitemice.org wrote: ??? With Active Directory I'm pretty sure that happens via a DNS query (or series of them). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba is not starting automatically on boot, installed on Ubuntu
Ubuntu AFAIK has never fixed their Bug 951087 which is one reason I cannot recommend it as a server where Samba is a critical package. On Thu, Sep 6, 2012 at 7:33 AM, Eitan Orgil eitan.or...@gmail.com wrote: Hi, I have installed an Ubuntu server 12.04.01 with Smba 3.6.3 I have configured it to be a file server as well as a PDC. When I restart the Linux system, the Samba service will not start automatically. I tried using: chkconfig smbd 3, for that I got a lot of ... missing LSB tags and overrides messages. Then when I run: chkconfig smbd I get: smbd 3 Rebooting the Linux, the service is up, but not responding, restarting the smbd service and it is OK. I also tryed to ussysv-rc-confe with the same resoults,the service is up, but not responding, restarting the smbd service and it is OK. Can anybody help? -- Best regards Orgil Eitan please consider the environment before printing this email. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Upgrade to 3.6.6 fails - Couldn't migrate printers tdb file
Upgrading from 3.5.15 to 3.6.6 failed. Looks a bit like Bug 8235: [2012/07/04 09:02:38.341747, 0, effective(0, 0), real(0, 0)] lib/charcnv.c:543(convert_string_talloc) Conversion error: Illegal multibyte sequence() [2012/07/04 09:02:38.349010, 0, effective(0, 0), real(0, 0)] printing/nt_printing_migrate_internal.c:237(nt_printing_tdb_migrate) Couldn't migrate printers tdb file: NT_STATUS_NO_MEMORY [2012/07/04 09:02:38.349108, 0, effective(0, 0), real(0, 0)] rpc_server/srv_pipe_register.c:222(rpc_srv_register) rpc_srv_register: Failed to call the spoolss init function! -- Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrade to 3.6.6 fails - Couldn't migrate printers tdb file
From the smbd.log level 10 log there is this: = [2012/07/04 10:41:28.146531, 5, effective(0, 0), real(0, 0)] printing/nt_printing_migrate_internal.c:54(rename_file_with_suffix) moved '/var/lib/samba/ntdrivers.tdb' to '/var/lib/samba/ntdrivers.tdb.bak' [2012/07/04 10:41:28.146688, 3, effective(0, 0), real(0, 0)] lib/charcnv.c:537(convert_string_talloc) convert_string_talloc: Conversion error: Illegal multibyte sequence(â0) [2012/07/04 10:41:28.146750, 0, effective(0, 0), real(0, 0)] lib/charcnv.c:543(convert_string_talloc) Conversion error: Illegal multibyte sequence(â0) [2012/07/04 10:41:28.146823, 1, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:414(ndr_pull_error) ndr_pull_error(5): Bad character conversion with flags 0x42 [2012/07/04 10:41:28.146882, 2, effective(0, 0), real(0, 0)] printing/nt_printing_migrate.c:207(printing_tdb_migrate_printer) printer pull failed: Character Conversion Error [2012/07/04 10:41:28.146947, 0, effective(0, 0), real(0, 0)] printing/nt_printing_migrate_internal.c:237(nt_printing_tdb_migrate) Couldn't migrate printers tdb file: NT_STATUS_NO_MEMORY = Seems it doesn't like the ntdrivers.tdb file. It verifies fine with tdbbackup and I can backup and restore with tdbbackup or tdbdump/tdbrestore yet the same issue remains. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrade to 3.6.6 fails - Couldn't migrate printers tdb file
Thank you. Done. Bug 9026. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Upgrade to 3.6.6 fails - Couldn't migrate printers tdb file
Just to note that ntprinters.tdb does not fail tdbbackup validation and a backup/restore of it does not resolve the issue. On Wed, Jul 4, 2012 at 11:35 AM, David Disseldorp dd...@suse.de wrote: ntdrivers.tdb is ok, it appears to be ntprinters.tdb which is processed afterwards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] requesting help setting share permissions
This: chgrp GRP\sales /opt/group/sales chmod 0770 /opt/group/sales if you already have a bunch of directories and files use find with xargs to properly set the permissions With this: [sales] comment = Sales files path = /opt/group/sales valid users = @GRP\sales force group = GRP\sales create mask = 0660 directory mask = 0770 nt acl support = No inherit permissions = No Works fine in Samba 3.6.5, don't know about possible behavior changes with that old 3.3.3. Or you can use SGID as Dale suggested instead of force group. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba-3.5.15 croaks linking pam_winbind
Samba is throwing this when trying to build version 3.5.15: === Compiling ../nsswitch/pam_winbind.c ../nsswitch/pam_winbind.c: In function ‘_pam_parse’: ../nsswitch/pam_winbind.c:440:76: warning: comparison between pointer and integer ../nsswitch/pam_winbind.c:445:7: warning: comparison between pointer and integer ../nsswitch/pam_winbind.c:447:7: warning: comparison between pointer and integer ../nsswitch/pam_winbind.c: In function ‘get_conf_item_string’: ../nsswitch/pam_winbind.c:2293:12: warning: assignment makes pointer from integer without a cast Linking shared library bin/pam_winbind.so ../nsswitch/pam_winbind.o: In function `_pam_parse': pam_winbind.c:(.text+0x3a6): undefined reference to `iniparser_getstr' pam_winbind.c:(.text+0x3ce): undefined reference to `iniparser_getstr' pam_winbind.c:(.text+0x6b6): undefined reference to `iniparser_getstr' ../nsswitch/pam_winbind.o: In function `get_conf_item_string': pam_winbind.c:(.text+0x12bb): undefined reference to `iniparser_getstr' collect2: ld returned 1 exit status === Seems to build OK on amd64 but not on x86. Any ideas on troubleshooting this? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba-3.5.15 croaks linking pam_winbind
Sorry, not an x86 vs. amd64 problem at all. My amd64 system had an older iniparser. Appears that this is an incompatibility with anything newer than iniparser-3.0b which is apparently no longer available @ http://ndevilla.free.fr/. The Samba build fails with both iniparser-3.0.0 and iniparser-3.1.0. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UID/GID mapping consistency across at least two Linux machines
On Tue, Apr 10, 2012 at 2:27 PM, bakytn bak...@gmail.com wrote: Would you recommend me to use IDMAP_RID with Winbind? I use it successfully. idmap backend = idmap_rid:DOMAIN=2000-1 Depending upon your Samba version the syntax may be a bit different. idmap config DOMAIN : backend = rid idmap config DOMAIN : range = 1000-99 What would change? Would it mess my current UID/GID's??? Probably, but that's as easy one time fix using find with xargs to update the old uid, gid to the new one. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] UID/GID mapping consistency across at least two Linux machines
On Wed, Apr 11, 2012 at 3:50 PM, bakytn bak...@gmail.com wrote: I tried the old config and newer. idmap backend = rid:DOMAIN=4000-2 idmap uid = 4000-2 idmap gid = 4000-2 Doesn't look right - man smb.conf - for the correct syntax. For your version I think it should be more like: idmap backend = tdb idmap uid = 30-40 idmap gid = 30-40 idmap config DOMAIN:backend = rid idmap config DOMAIN:range = 2000-29 from man smb.conf: winbind uses this parameter to find the backend that is authoritative for a unix ID to SID mapping, so it must be set for each individually configured domain, and it must be disjoint from the ranges set via idmap uid and idmap gid. My version is SAMBA 3.5.11 If you check the release notes you'll find that 3.5.12 fixed a winbind race issue in 3.5.11. Also there's a security exploit and it's a good idea to update to 3.5.14, or 3.6.4. I'm still a bit leery of the 3.6 series for production and hopefully 3.6.5 will be released soon fixing some outstanding issues. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba server does not list shares of type Pritner
On Thu, Mar 29, 2012 at 4:07 PM, Shirish Pargaonkar shirishpargaon...@gmail.com wrote: printcap name = /etc/printcap #obtain list of printers automatically on SystemV ; printcap name = lpstat printing = cups Have you tried: printcap name = cups ? I use it with success. From man smb.conf: To use the CUPS printing interface set printcap name = cups. This should be supplemented by an addtional setting printing = cups in the [global] section. Also check with testparm that your config is what you expect. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] NT4 PDC w/Exchange 5.5 migration
Hello, I'm working on migrating an NT4 PDC to a Samba 3 PDC. The tricky part, is that the NT4 server is also running Exchange 5.5 which needs to remain running. So unlike a migrate and toss the NT4 system, I need to migrate, then demote the NT4 PDC to an NT4 Server, then (probably) rejoin the domain as Exchange Server will not run on a non-domain member system. Basically looking for any caveats, tips or hints from anyone who has wrestled (or thought about wrestling) with this. Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 PDC w/Exchange 5.5 migration
On Tue, Mar 27, 2012 at 12:28 PM, Chris Weiss cwe...@gmail.com wrote: to clarify, this sounds kind of like you are running exchange on the PDC? Indeed. you can't demote an NT4 PDC to a stand alone or member server, it requires a re-install. Officially, yes. In reality, no. Changing ProductType (under HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions) from LanmanNT to ServerNT accomplishes this. Also, has upgrading exchange or migrating to something else been considered, like zimbra or Kerio (which is what i use now) that's still Outlook friendly but more flexible? There's a custom Exchange/Outlook app that eventually needs to be replaced. The procedure is only a temporary fix to allow new Win7 workstations to join the domain, albeit they wont be able to use the latest version of Outlook. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 PDC w/Exchange 5.5 migration
On Tue, Mar 27, 2012 at 1:03 PM, Gaiseric Vandal gaiseric.van...@gmail.com wrote: So presumably you would use the net vampire command to extract all the account info from the NT server. The samba server is then a BDC, you then promote it to a PDC and make the NT server a BDC (or even a member server.) Have already done this. Since you have to keep the NT4 server as a DC anyway, I don't see how temporarily making it a member server helps anything. It doesn't have to be a DC, but does need to at least be a domain member server or Exchange Server will not run. I wouldn't count on being able to join it back to a Samba 3.5.x domain. That was the original sticking point but it now appears I've accomplished this, basically needed to remove the NT4 system (no longer a PDC) from the Samba (3.6.3) domain, join it to a workgroup, then rejoin it to the domain. Even Exchange came up after the reboot, although I'm not sure it's actually usable yet. Seems that there are a bunch of things that vampire didn't handle well and some account membership, group mapping, rights, etc. that need some attending to. Thanks to virtualization I get to make a lot of mistakes along the path to finding out if this is workable or not. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] APW and Windows 7
On Tue, Feb 7, 2012 at 6:07 PM, Mike Vallabh m...@waikato.ac.nz wrote: What I haven't figured out (but have managed to work around) is that when you install the driver via APW, it presents a list of Manufacturers and Printer Models. If I do the above from a Win7 (32-bit) client everything works as you would expect. If however I do the above from a Win7 (64-bit) client I do not get presented with the Manufacturers/Models window. Instead the drivers windows says No drivers found for your device. Does this have something to so with how the Windows Active Directory views \\myprinter as either a 32-bit or 64-bit server when I joined it to the domain? Didn't have a local 32 bit client to test with but I can duplicate the APW problem with a raw queue and a 64 bit client. I normally would not run across this as I use cupsaddsmb to add drivers but decided to create a raw print queue and give it a shot. In following the instructions at: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/classicalprinting.html#id2627720 which I've used successfully many times in the past (with older versions of Samba and 32 bit clients) the APW does not provide a driver list. If I ignore Do not click on Yes! Instead, click on No in the error dialog. and click on Yes the APW will present a driver list, but unless things have changed we know method that is incorrect. Suggest you create a bug report for this. Also it's been mentioned many times on this list that with a modern distro the socket options = should not be specified. I don't know that distro but you may be hurting performance by using it. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] APW and Windows 7
On Wed, Feb 8, 2012 at 12:45 PM, Christ Schlacta li...@aarcane.org wrote: Were you careful to install both the 32 and 64 bit printer drivers on the samba server? I think you're missing the point. Installing the drivers on the Samba server is what we're trying to do :) Using the APW is a known, and documented (see the link in my previous post) method way to accomplish this. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Share-based security
On Sat, Feb 4, 2012 at 6:22 AM, Bruno Martins bmart...@galileu.pt wrote: [formacao] comment = Partilha Formacao path = /home/joe/Formacao guest ok = yes browseable = yes read only = no write list = bmartins, amoreira Share to expose is 'formacao' but I want it to be only writable by two AD users and read-only for everyone else. Then you would want read only = yes, yes? With the smb.conf above mentioned, Windows keeps asking me for authentication. Is the AD guest account enabled? If not, it may fall back to local authentication as in http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html but I haven't tried it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Share-based security
On Sun, Feb 5, 2012 at 3:12 PM, Nico Kadel-Garcia nka...@gmail.com wrote: Share to expose is 'formacao' but I want it to be only writable by two AD users and read-only for everyone else. Then you would want read only = yes, yes? Then the admin users wouldn't be able to write to it, would they? The write list parameter overrides the read only status for those listed. I'm assuming that the two users listed in write list = are the the two AD users that are desired to be the only ones who can write to the share. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Share-based security
On Sun, Feb 5, 2012 at 5:09 PM, Nico Kadel-Garcia nka...@gmail.com wrote: And you're correct, the man page points this out. I've tried to avoid this particular kind of manipulation ever since I first used Samba (way, way too long ago!!!) because the difference between the permissions management of of specific shares in smb.conf and the underlying POSIX compatible filesystem based permissions were easier to audit, safer and more robust to manage on the fileserver side, rather than being overlaid or overwritten by any mismatched CIFS based ownership. Just the opposite, from a long time Samba (and Windows) user as well. I prefer to do whatever can be done at share level security first and only deal with file lever security if needed. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Ignoring unknown parameter hosts equiv
On Thu, Jan 19, 2012 at 3:41 PM, Antsu an...@antsu.eu wrote: I dont want to print via samba Checked your configuration with testparm, it will provide some good clues. Some parameters are enabled by default and just remming them out does not disable them, you need to explicitly do so. Ex: testparm -sv |grep print Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 There are currently no logon servers available to service the logon request
On Sat, Jan 14, 2012 at 7:53 AM, Suraj Rathod suraj.rat...@solutionenterprises.co.in wrote: but I am still facing There are currently no logon servers available to service the logon request Check out the official howto: http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/ Make sure your clients have NetBIOS enabled and configured with the WINS server address (easily done via dhcp). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] issues with printing
On Fri, Jan 6, 2012 at 3:06 PM, Dale Schroeder d...@briannassaladdressing.com wrote: Samba 3.6 had a rewrite of the printing code. If you haven't already, you can read about it here: http://www.samba.org/samba/history/samba-3.6.0.html With the winbind and printing issues I've seen with 3.6 my take is that it isn't quite ready for prime time. I dropped back to the 3.5 series and will look at it again when 3.6.2 is released. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] limiting netbios browsing
On Tue, Jan 3, 2012 at 11:59 AM, TAKAHASHI Motonobu mo...@monyo.com wrote: To set browse list = no solves your issue? I think that may do what I want. Just need to make sure that the Domain Controller can be discovered by the clients. Thanks! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] samba bugzilla access denied
Is this normal or a bug? When accessing samba's bugzilla for bug #8674 I get an access denied: You are not authorized to access bug #8674 A bug in bugzilla? I know Microsoft hides bugs and fixes, didn't know it happened in open source. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba bugzilla access denied
On Tue, Jan 3, 2012 at 4:35 PM, Volker Lendecke volker.lende...@sernet.de wrote: If it's something reported to us that we think might be relevant for security it can happen. Sorry. Thought that might be a possibility. Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] limiting netbios browsing
Given a DC environment where very few (1-3) hosts actually need to be discovered via browsing is there a good way to limit what is browseable? I'm thinking of something like a read-only WINS - where WINS provides only those servers that need be contacted and doesn't allow client registrations. Such as a wins.dat that only contains the following: VERSION 1 0 MYDOMAIN#1e 1325615798 0.0.0.0 e4R MYDOMAIN#1c 1325572378 192.168.1.4 e4R FILESERVER#00 1325615798 192.168.1.6 64R FILESERVER#20 1325615798 192.168.1.6 64R MYDOMAIN#00 1325615798 0.0.0.0 e4R DOMCONTROL#20 1325572378 192.168.1.4 66R DOMCONTROL#00 1325572378 192.168.1.4 66R DOMCONTROL#03 1325572378 192.168.1.4 66R MYDOMAIN#1b 1325572378 192.168.1.4 64R FILESERVER#03 1325615798 192.168.1.6 64R With a p-p node type clients can browse for the needed info as shown above but wouldn't see all of the other client systems in the browse list. Unfortunately the wins.dat file will not maintain a read only status and all of the clients will end up getting registered (and in the browse list). Am I missing something? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] remove machines from login list
On Fri, Nov 11, 2011 at 3:06 AM, steve st...@steve-ss.com wrote: add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ The machine name (e.g. computer_1$) now appears in the kdm login list for Linux clients using kde4. This looks a mess and doesn't make sense. Can I add the machine without using 'useradd'? Or some other way to avoid this? Not sure if this will help. I use the following script that's very similar: = add machine script = /usr/sbin/useradd -d /dev/null -g 'nofiles' -c 'Machine Account' -s /bin/false '%u' = I have a group named nofiles and the addition of -g 'nofiles' puts all machines in their own group so their gid is different than that that the users are in. If KDE gets possible user login accounts from a particular gid this may help. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 SP3 PDC with MS Exchange 5.5 to Samba 3.x ldapbac ked PDC and MS Exchange 5.5 still
On Fri, Oct 28, 2011 at 2:16 PM, Robert Schetterer rob...@schetterer.org wrote: for info long time ago i tested exchange 5.5 / win2000 server working with a samba pdc controller it worked like charme, but thats years ago Thanks, good to know. I was pretty sure it would with a Samba PDC, just not sure what the effect of would on the current installation after demoting the NT4 PDC and having it become a member server. these days you shouldnt use such setups, there are a lot of other solutions, based on open source or ms solutions exchange 5.5 is too much outdated Yes, the plan is to get out from under that lock in as soon as possible, but until the workflow app is rewritten and migrated we're in workaround mode. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 SP3 PDC with MS Exchange 5.5 to Samba 3.x ldapbacked PDC and MS Exchange 5.5 still
On Fri, Oct 28, 2011 at 10:34 AM, Derek Werthmuller dwert...@ctg.albany.edu wrote: Looking to make some changes to an old but working LAN, that has about 10 samba servers serving printers and network shares and a NT 4 PDC server with Exchange 5.5 on it. The samba servers are members of the nt4 domain, XP systems are members of the nt 4 domain also. I'd like to be able to support windows 7 clients as domain members, right now the clients are all XP. Keeping the exchange is really a stop gap till we can move that function to the cloud. Have others done similar upgrades successfully? Does this sound reasonable? I have a client in a similar situation. NT4 PDC w/Exchange 5.5 and Samba member servers. Main problem is that they're running an old custom Outlook/Exchange workflow app which locks them in until it can be replaced. As you're aware newer then XP cannot join an NT4 domain but can join a Samba domain - and they will eventually need some new desktops. So my thoughts have been running along the lines of demoting the NT4 PDC and having a Samba server take over those duties. Problem's are the NT4 PDC is not a supported task, and even if a registry hack can accomplish it (according to an old post by Minasi it should) but the effect on Exchange after this is apparently unknown. Also a test attempt to vampire the PDC did not work due to capitalization problems (if the vampire script did a lower case conversion this might have been a big start). All services except for PDC, WINS and Exchange have been moved from the NT4 box. Outside email is handled by Google Apps. DNS, NTP, file and print services, etc. all handled by Linux servers, firewall is OpenBSD/PF. Also to protect from failure of the old hardware the PDC has been virtrualized and running under VirtualBox where regular snapshots can be taken. The virtualization of the NT4 PDC also provides an opportunity to experiment with copies/snapshots so I hope to tackle this a bit more in depth when time permits. Of course any clues, hints, experience to be shared in this area are very welcome. I will gladly provide anything I find out that may be useful. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] NT4 SP3 PDC with MS Exchange 5.5 to Samba 3.x ldapbac ked PDC and MS Exchange 5.5 still
On Fri, Oct 28, 2011 at 1:51 PM, Derek Werthmuller dwert...@ctg.albany.edu wrote: I did consider this, though the issue is what do I do with the existing NT4 PDC - I can demote this to BDC but from the samba docs samba PDC and Windows BDC is not supported. And I don't think it can demote the PDC to server role. There is no supported NT4 PDC demotion scenario. But via registry hack I think you can demote to server and then become a member server. And Exchange 5.5 can run on member server. I'm also trying to be very careful not to make substantial changes to the exchange host - I need that working for a short while longer. That's one reason for dealing with the VM's. I'll be able to test these changes in a separate virtual environment. Just would be nice to know if anyone has actually done this and, if doable, what the caveats and gotchas were. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Windows 7 64-bit drivers / cupsaddsmb
On Thu, May 13, 2010 at 12:24 PM, Allison Jones ajo...@answers4families.org wrote: I'm getting ready to migrate my office of 50+ Windows XP machines to Windows 7, in a mix of 64-bit and 32-bit clients. I've setup a new samba server on a separate domain to prepare and test for this transition. I've gotten everything to work so far except for printing, and I'm at a loss on how to proceed. It appears to me as if adding the printer drivers in the usual way, via cupsaddsmb will not work for the 64-bit clients (see http://www.cups.org/articles.php?L376 and http://www.cups.org/str.php?L2566). I've searched for a solution, and asked on IRC. My goal is to be able to print with 64-bit Windows 7 to a samba/cups server, with automatic printer driver download. If cupsaddsmb is not the answer, what is? Just posted a blog entry on using the CUPS 64 bit drivers and cupsaddsmb for this scenario. See: http://blog.realcomputerguy.com/2011/10/cups-samba-64bit-driver-installation.html File under better late than never :) Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 3.6.0 winbind issues
Bug #8371 is still alive in 3.6.1 making it unusable for a member server. On Thu, Aug 18, 2011 at 1:33 PM, Jeremy Allison j...@samba.org wrote: On Tue, Aug 16, 2011 at 03:11:00AM -0700, Linda Walsh wrote: ` Michael Wood wrote: Hi Linda Yeah...reported this a month ago... as well as other TDB/SID backend probs: http://lists.samba.org/archive/samba-technical/2011-July/078663.html http://lists.samba.org/archive/samba-technical/2011-July/078826.html --- I wasn't sure if it was a 3.6 problem or some type of cockpit error, but both emails were ignored. If you find something that looks like a bug and nobody responds to your e-mail, perhaps you should report it via Bugzilla so that it won't get lost. I don't feel that's something many developers want -- and I know some don't. If you don't have firm evidence that it's the SW that is broken, they'll just close out the bug with Works for Me, and I've wasted my time. Too many times -- even with repeatable test cases on too many different projects. This is especially true with something like samba where when I asked for any help in tracking down this, I was asked to submit a 15-25MB samba log with debug set to 10 to the samba list -- NOT to upload it to a bug, but dump huge amounts of data to the list. I didn't feel comfortable doing that. For all I know, unencrypted passwords might be buried in that logfile and I'd never catch them -- not to mention the flack I'd get for posting something so large to the list. What were you thinking? Well so and so told me, ...you gonna jump off a cliff if he tells you to do that...etc.. No, for Samba if you have a reproducible problem a bug report is *essential*. Reporting on the list is useful, but easliy ignored. A bug reported set to a high priority is *always* responded to before any code is released. Even if it's to set to a lower priority and mark as known problem - you'll get a response. No such guarentees for the list. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need help getting colour printing features restricted to a specific group
On Thu, Sep 29, 2011 at 3:00 PM, Gary Greene ggre...@minervanetworks.com wrote: I¹ve got a Ricoh multi-function printer/copier that I need to restrict the colour printing functions to only members of the @ColorPrinting group. I¹ve two print queues for the Ricoh, one colour, one not. Unfortunately, even users on the BW queue can change the colour settings on the print dialog in Windows and bypass the restriction and prints in colour. Never thought about trying such a thing, but maybe editing the PPD of the BW printer so that it mimics a similar non-color capable printer and therefore doesn't offer color options. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need help getting colour printing features restricted to a specific group
2011/9/29 Gary Greene ggre...@minervanetworks.com: I think that the raw option for the -o raw is the culprit here on the print command option line for lpr-cups. Do Samba shared printers require this option? I don't believe so. Removing the color option from the PPD should be straightforward, although the BW printer will need to be removed and reinstalled. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] samba cups printer defaults
On Thu, Aug 18, 2011 at 2:47 PM, John G. Heim jh...@math.wisc.edu wrote: I have 7 color laser printers configured in cups. Linux users can successfully print in color to them but Windows users cannot Try adding: cups options = raw to [global] -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Question regarding shares
On Tue, Aug 16, 2011 at 12:50 PM, Keith Lynn l...@cis.usouthal.edu wrote: In particular, what I mean is, is it possible to have a printer shared through Samba so that everytime a user tries to print through the share, they are asked to reaunthenticate? Not an answer (sorry), but I'm curious as to why you would want to do that? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 3.6.0 winbind issues
On Fri, Aug 12, 2011 at 10:25 AM, Chris Smith smb...@chrissmith.org wrote: With the standard: idmap config * : backend = tdb no results are returned by getent, and wbinfo does not always work, also no winbind_idmap.tdb file is ever created. by changing to: idmap config * : backend = rid or idmap config * : backend = hash results are obtained but are the same regardless of range (or base_rid). Turns out that sometimes (during various restarts) results will be obtained with: idmap config * : backend = tdb However, as previously noted, no winbind_idmap.tdb file is created and the results are always the same. Basically the idmap config settings seem to have no effect, regardless of type (tdb, rid, hash) or range the result for 'getent passwd' (when I get one) is always: TESTDOMAIN\root:*:322438120:322437633:root:/home/TESTDOMAIN/root:/bin/false TESTDOMAIN\me:*:322438122:322437633::/home/TESTDOMAIN/me:/bin/false TESTDOMAIN\you:*:322438123:322437633::/home/TESTDOMAIN/you:/bin/false TESTDOMAIN\test:*:322438126:322437633::/home/TESTDOMAIN/test:/bin/false Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] 3.6.0 winbind issues
Testing 3.6.0 on a member server of a 3.5.8 domain shows some strange problems. With the standard: idmap config * : backend = tdb no results are returned by getent, and wbinfo does not always work, also no winbind_idmap.tdb file is ever created. by changing to: idmap config * : backend = rid or idmap config * : backend = hash results are obtained but are the same regardless of range (or base_rid). -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] 3.6.0 winbind issues
On Fri, Aug 12, 2011 at 10:30 AM, Marc Muehlfeld marc.muehlf...@medizinische-genetik.de wrote: Do you see the bad packet messages also on your PDCs nmbd.log when wbinfo tries to fetch information? Yes, but not 100% correlated. IOW, there are some, but there should be more with all of the attempts I made. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] tattooing of tdbsam backend with logon script value
All users whose logon script values have not been explicitly defined automagically inherit the value that logon script is set to in smb.conf. And one can change the logon script for all such users simply by changing said value in smb.conf. However, once a logon script value value has been explicitly defined for a user this inheritance ability (as the explicit definition should not be overwritten) seems forever lost. I have not found a method to undo this tattooed state to allow for the automagic inheritance of the smb.conf logon script value. Therefore said users, who have once had an explicitly defined logon script value can (seemingly) no longer returned to the state where they use whatever logon script is defined in smb.conf. Is there a way to reset said users, removing the tattooing effect? Thanks, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] OS X LION issue with Samba printing
A user who upgraded to OS X Lion could no longer add the Samba hosted printers to his system. In this account the user logon rights are limited by workstation. Checking the Samba logs showed that OS X Lion was sending workstation as the NetBIOS name instead of the configured NetBIOS name (same as hostname). The configured hostname is clearly sent to the DHCP server. Once I allowed that user rights from workstation workstation the printers worked just fine. I am a bit concerned if the other Mac users (fortunately not too many - never thought I would say that) upgrade - multiple systems sending the same NetBIOS name of workstation (assuming they will all break in the same way) may be problematic. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Win7 unable to join domain if PDC has a static IP address
On Fri, Jul 8, 2011 at 1:00 PM, Thomas Harvey tom.har...@onefinestay.com wrote: When the server gets it's IP address by DHCP the Lenovo will join just fine. Does: hostname -f ...provide the same info in both cases? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] pdbedit password must change not following policy
On Fri, Jul 1, 2011 at 7:57 PM, Chris Beach chr...@pintys.com wrote: [root@success]# pdbedit -P maximum password age account policy value for maximum password age is 90 At one time I used pdbedit to force a password change and that stopped working. Apparently it was deprecated in favor of net sam set pwdmustchangenow. I'm guessing the same thing happened to maximum password age. Try using net sam policy set maximum password age instead. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] pdbedit password must change not following policy
On Sat, Jul 2, 2011 at 9:27 AM, John Drescher dresche...@gmail.com wrote: He is using an ancient version of samba (3.0.10-1.4E) though so the depreciation probably does not apply. Thanks. Missed that sorta - wasn't going to dig through the changelog back to the stone ages. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access denied to samba server from win7 64bit behind a VPN
On Mon, May 16, 2011 at 8:37 AM, Vincent Malien ad...@socofer.com wrote: this morning, I added entries to the files lmhosts.sam FYI, the sam in lmhosts.sam stands for sample - you need to put the valid data in a file named lmhosts (no .sam, .txt, etc.) or it isn't being used at all. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.8 - windows XP workstations disapear from browselist
On Wed, May 11, 2011 at 7:58 AM, BartekR bojle...@gmail.com wrote: So it is impossible to solve this issue ? Maybe :) Try running: = net config server /autodisconnect:-1 = on the XP workstations. Check the network device in device manager and make sure that power management isn't allowed to turn it off. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.8 - windows XP workstations disapear from browselist
On Mon, May 9, 2011 at 10:41 AM, BartekR bojle...@gmail.com wrote: name resolve order = wins host bcast As You wrote below. Am I correct ? 3) make sure that your DHCP server (you seem to have enough systems that manual configuration would be undesirable) provides the proper information for NetBIOS and WINS. And fix the name resolve order in smb.conf (you have a typo - hosts instead of host). For example: testparm does not report this as error. Are You sure ? Yes, I'm sure but you don't have to take my word for it. Read the man page for smb.conf: http://samba.org/samba/docs/man/manpages-3/smb.conf.5.html Basically testparm tests the parameters: the left hand side, and not the values: the right hand side. You'll find you can put all kinds of nonsense on the right hand side of most statements and get no errors (try it). Is it normal that workstation gets registered more than one time ? Yes. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.8 - windows XP workstations disapear from browselist
On Sun, May 8, 2011 at 1:59 PM, BartekR bojle...@gmail.com wrote: So it is Windows XP workstations to blame or maybe there is another thing that i should check ? I run several Samba installations with no such issues with XP. So unless your XP installs are tweaked in some weird fashion I wouldn't suspect off-hand that they are the problem. I find it strange that they are in the browse list for a while and then disappear. In your scenario these are the changes I would make: 1) running Samba as a DC, even though you aren't using it for centralized authentication (I suspect, but have no proof, that it's more likely to remain the LMB/DMB). You'll need to also add domain logons = yes to the settings in the previous post. 2) eliminating the added hosts and lmhosts entries since you state you have adequate DNS support and are running a WINS server as well (this will eliminate any possible conflicts in that area). 3) make sure that your DHCP server (you seem to have enough systems that manual configuration would be undesirable) provides the proper information for NetBIOS and WINS. And fix the name resolve order in smb.conf (you have a typo - hosts instead of host). For example: dhcpd.conf: option netbios-name-servers 192.168.7.1; option netbios-node-type 2; option netbios-scope ; In smb.conf: name resolve order = wins host bcast What netbios-node-type 2 does is set the systems to P-node, eliminating a lot of broadcast noise, but WINS must be operational. If P node doesn't work that tells you WINS isn't fully functional. Netbios-scope is basically unused today but I always unset it just to be sure. Eliminating the hosts and lmhosts entries mean that there is no need for lmhosts in the name resolve order. And with the order as I have it Samba will use WINS first (most desirable), DNS second, and then broadcasts (least desirable, and not very useful in P-node anyway). 4) double-check that all systems are registering themselves with the WINS server (peek at wins.dat). If the above doesn't ameliorate the problem it may at least assist in troubleshooting further. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Samba 3.5.8 - windows XP workstations disapear from browselist
On Sat, May 7, 2011 at 3:38 PM, BartekR bojle...@gmail.com wrote: socket options = TCP_NODELAY SO_SNDBUF=16384 SO_RCVBUF=16384 security = share os level = 255 domain master = no preferred master = yes Try changing the above parameters. Eliminate, or comment out: === # socket options = TCP_NODELAY SO_SNDBUF=16384 SO_RCVBUF=16384 === Change the rest to either: === security = user os level = 32 domain master = no # preferred master = yes === or preferably this: === security = user os level = 32 domain master = yes preferred master = yes === You can still have guest shares with security = user, see: http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html The smb.conf man page states that preferred master is best used with domain master. It doesn't hurt to have a domain controller even you don't join any systems to it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't get 'dos filemode' to work as expected
On Thu, Mar 24, 2011 at 5:09 AM, Felix Brack f...@ltec.ch wrote: A 'getfacl' on /srv/samba/file-shares/tmp returns: # file: srv/samba/file-shares/tmp # owner: root # group: root # flags: -s- user::rwx group::r-x group:Development:rwx mask::rwx other::--- default:user::rwx default:group::r-x default:group:Development:rwx default:mask::rwx default:other::--- Are you sure this is a Samba issue? What does a 'getfacl' on the files you create in the share look like? Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Can't get 'dos filemode' to work as expected
On Mon, Apr 4, 2011 at 11:41 AM, Felix Brack f...@ltec.ch wrote: # file: test-file # owner: root # group: root user::rwx group::rwx #effective:r-- group:Development:rwx #effective:r-- mask::r-- other::--- That's the same thing you would get if were logged into the system as root and created the file. So it is an ACL issue. # file: test-file # owner: root # group: root user::rwx group::rwx group:Development:rwx mask::rwx other::--- At least now , If I am member of supplementary group 'Development', I should have the same rights in directory 'test-directory' as if this was owned by me (felix), right? I would think so. I don't know entirely what you want to accompplish, but it may be better to: chgrp -R Development test-directory And eliminate: force group = Development invalid users = root administrator from the share. While adding: valid users = +Development (and any other groups you want have access) The -s- flag will propagate new files and directories with the Development group. Basically a performance issue. See the section Override controls in: http://samba.org/samba/docs/man/Samba-Guide/kerberos.html#id2613307 Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new created files belong to root instead samba user
On Mon, Mar 28, 2011 at 4:28 AM, Werner Durgarten wernerdurgar...@gmx.de wrote: I wonder why the advanced settings dialog works, but permissions are not properly displayed on the security settings tab - is this normal? Yes. I think so. Pretty sure it's mentioned in the official docs as well. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new created files belong to root instead samba user
On Fri, Mar 25, 2011 at 5:03 AM, Werner Durgarten wernerdurgar...@gmx.de wrote: Are you able to view and modify permissions via windows explorer and could you give me i a hint how i can get this working (without admin users)? Yes, anyone with the proper file and share permissions can do so. You really want to use the advanced settings dialog. Study chapter 16 of the Official HowTo: http://samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html it should have pretty much anything you need. If you want to use ACLs, make sure you mount the file system to support them. Start simple with your shares (don't use everything you see in tables 16.3, and 16.4) and work toward getting to what you desire. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] new created files belong to root instead samba user
On Thu, Mar 24, 2011 at 12:05 PM, Werner Durgarten wernerdurgar...@gmx.de wrote: i just noticed, that files that are created by any samba user who is in the admin users list, belong to root in the unix filesystem. This is not what i want. Are there any other options to allow sb. else than the fileowner to change file permissions (via samba connection)? man smb.conf admin users - This is a list of users who will be granted administrative privileges on the share. This means that they will do all file operations as the super-user (root). I run several samba servers and none use an admin users list. Rights/privileges, file permissions, acls, share permissions, etc. can avoid the need to use admin users. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] strange anomaly/bug with cupsaddsmb and 64bit drivers
This is probably a CUPS bug but maybe not, I'll mention it here just in case. When using cupsaddsmb to install 64bit drivers the drivers must be in the (maybe distro/configure dependent): /usr/share/cups/drivers/x64 to be sure that's x64 with a lower case x. The cupsaddsmb app ignores the drivers if the subdirectory is named with an uppercase X (X64). Now if Samba's printers (/var/lib/samba/printers in my case) directory already contains an X64 (uppercase X) directory cupsaddsmb will work all the way up to the setdriver stage and then fail with: result was WERR_INVALID_PARAM A workaround is to delete the X64 directory (unless it is being used otherwise, then I presume that renaming it with a lower case x will work) and cupsaddsmb will create an x64 directory, and with a lowercase x the setdriver stage completes with no issues. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Fri, Mar 11, 2011 at 2:00 PM, Mike Brady mike.br...@devnull.net.nz wrote: netbios aliases = filesshares name resolve order = wins bcast hosts Sorry Mike, I don't have much of a clue. There is a typo in your name resolve order - hosts should be host but I doubt that has anything to do with the log entries. Maybe a possibility is the use of netbios aliases, as any aliases will not be advertised as browse or logon servers the log entries may just be informational, although I cannot reproduce the scenario here with 3.5.8. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Sat, Mar 12, 2011 at 1:43 PM, Mike Brady mike.br...@devnull.net.nz wrote: Thanks for looking any way. I have fixed hosts, which isn't picked up by testparm Testparm mostly tests the parameters (the left side of =) and not the arguments. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Fri, Mar 11, 2011 at 12:58 PM, Mike Brady mike.br...@devnull.net.nz wrote: No. Is nmbd running on the PDC? Do you have a wins.dat file (possible location of /var/lib/samba/wins.dat - depends on configure)? Maybe post the global section (minus comments) of your smb.conf. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Thu, Mar 10, 2011 at 2:59 PM, Mike Brady mike.br...@devnull.net.nz wrote: wins server = yes is set man smb.conf wins server = the ip address of the wins server (unneeded on the actual wins server) wins support = yes (on the actual wins server) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] WINS Server TIme out registering IP
On Thu, Mar 10, 2011 at 5:44 PM, Mike Brady mike.br...@devnull.net.nz wrote: Sorry, I do have wins support = yes on the PDC. Faulty memory on my part. Do you also have a wins server = a.b.c.d entry on the PDC? If so remove it and restart Samba. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] [Announce] Samba 3.5.7, 3.4.12 and 3.3.15 Security Releases Available
On Mon, Feb 28, 2011 at 8:35 AM, Karolin Seeger ksee...@samba.org wrote: Samba 3.5.7, 3.4.12 and 3.3.15 are security releases in order to address CVE-2011-0719. Will there be a new 3.5.7 Jumbo Patch available for those using it with 3.5.6 and strict allocate? Or does the current 3.5.6 Jumbo Patch work fine with 3.5.7 (I'm assuming it's not included as there was no mention of any other fixes in the release notes)? Thank you, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Fri, Feb 25, 2011 at 10:22 AM, J. L. Cabral jelocab...@gmail.com wrote: I want to access a Linux share resource in /var/share without password from WXP desktop FROM ANY USER. See: http://blog.realcomputerguy.com/2010/12/samba-and-guest-shares-with-security.html -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Fri, Feb 25, 2011 at 2:15 PM, J. L. Cabral jelocab...@gmail.com wrote: 1) The Linux local user guest must be added to samba with smbpasswd -a guest ??? In the example I show their is no local 'nix user named guest. The purpose of the username map file is to map the Windows guest user/account to the 'nix nobody user/account - this (nobody) is typically, in the distros I have run across, the 'nix default guest account (no login privileges necessary). 2) The Windows XP desktops must have a guest account enable named guest, or it can be named Invited or Invitado (Spanish Windows version) ??? No reason whatsoever to enable the guest account on the Windows box. 3) What owner and group must have the share /var/share ??? Whatever you want that allows the proper access. Don't over complicate it, it's pretty straight forward. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Access to a share resource without password
On Fri, Feb 25, 2011 at 3:17 PM, Helmut Hullen hul...@t-online.de wrote: Have I to add nobody to the samba password file? No. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Reserved WINS name records and Samba WINS
Does Samba implement Microsoft's reserved WINS name capability? From: http://support.microsoft.com/kb/934864 == To register a reserved name record in WINS, you must register both the name and the qualified name. (A qualified name is a name that is followed by a period (.) character.) For example, to register the reserved WPAD name record in WINS, you must register both of the following names: WPAD WPAD. When you register both the name and the qualified name, the following conditions are true: All reserved name registrations are blocked. WINS is prevented from replying to WINS clients that request reserved name record resolution. == The article goes on to explain the procedure for an MS WINS server: == WPAD example Use the following procedure for the WPAD reserved name as a model, and complete the steps for the following items: Every WINS server Every reserved name, such as the WPAD reserved name Any other names that you want to block Open the WINS Manager. Create a statically-assigned Internet group that is named WPAD with a single IP address of 0.0.0.0. Click Apply. Remove the address, and then click Apply. You now have a multi-record entry in WINS that has no records. Create a statically-assigned Internet group that is named WPAD. with a single IP address of 0.0.0.0. Click Apply. Remove the address, and then click Apply. You now have a multi-record entry in WINS that has no records. == Having only an old NT4 server to work with I can create an Internet Group name with no IP address. However I don't understand their term multi-record entry as the old NT4 server only makes a type #20 record when I select the Internet Group radio button and it does not create type #00 or type #03 records. I'm wondering if this is any different with newer MS servers. With Samba's WINS I can add a static entries like: == WPAD#20 0 66R WPAD.#20 0 66R == However they simply get deleted unless I use an IP address such as: == WPAD#20 0 0.0.0.0 66R WPAD.#20 0 0.0.0.0 66R == Does the qualified name (ending with a .) have any meaning in Samba's WINS? Does this have the same effect as the MS configuration above? Is WINS prevented from replying to requests for the reserved name as is implemented by MS or does it reply with 0.0.0.0 ? Do I need the #00 and #03 type entries as well to fully reserve these names? Thank you, Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] call for a forum to replace the mailing list?
On Fri, Feb 18, 2011 at 3:26 PM, Mac webreg.samba@panscend.com wrote: May be a forum would be better? Forums suck. Mailling lists are good. An NNTP newsgroup might even be better - but they seem to have gone the way of the Dodo as the main frontend. This list archived as such - nntp://news.gmane.org/gmane.network.samba.general Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] xp to samba domain member
On Thu, Feb 10, 2011 at 2:29 PM, Dale Schroeder d...@briannassaladdressing.com wrote: smb ports = 139 You're only using the netbios port. Maybe this is worth checking: That's a pretty normal configuration. Should not affect XP's ability to connect. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Seperate BIND server for Samba 4
On Mon, Feb 7, 2011 at 7:49 PM, Andrew Bartlett abart...@samba.org wrote: On the basis of that discussion and other research, Kai and Metze started writing Samba4's own DNS server. Then tridge and the BIND folks got together, and given the excellent progress made, not reinventing this particular wheel seems to be the best way forward at the moment. How about NSD? Or something to interface with it to provide what's missing. I'm sure it supports all of the record types. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] application can not delete from samba share
On Thu, Feb 3, 2011 at 7:07 AM, Nemeth Zoltan nzol...@freemail.hu wrote: How can I found out the reason, why delete from samba is different from winappl. point of view then other shares. Read all of the changelogs between versions. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Setting up a guest share
On Tue, Feb 1, 2011 at 11:56 AM, Erik Bloodaxe e.blood...@gold.ac.uk wrote: I am trying to set up a share on a domain controlled by SAMBA that anyone can access See this: http://goo.gl/AKk0K -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Basic question for user/pass authentication
On Fri, Jan 28, 2011 at 2:57 PM, J. L. Cabral jelocab...@gmail.com wrote: I've seen an implementation where the Windows desktops belong to Company.com domain and the Samba server was a stand-alone server with workgroup = SALES, and Windows clients access to Samba resources succesfully. I mean here the Samba's workgroup is different from Windows' domain, so is this implementation ok ??? Don't confuse a DNS (or Internet or AD) domain and a NetBIOS domain. A NetBIOS domain is flat, non-hierarchical, no dots and it has little to do with its hierarchical cousin. It is a common configuration to have a DNS domain of example.com and a NetBIOS workgroup or domain of EXAMPLE but there's no rule or necessity to do so, the workgroup could easily be called BUTTERCUP instead with no operating difference. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ubuntu doesn't daemonize smbd
On Thu, Jan 13, 2011 at 1:38 AM, Christian PERRIER bubu...@debian.org wrote: And I have seen reported instances of Samba issues on Ubuntu being resolved by avoiding the distro packages and compiling from source. Hmmm, could be interesting to learn about which ones. The reports I allude to I've read on this list. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ubuntu doesn't daemonize smbd
On Thu, Jan 13, 2011 at 1:34 AM, Christian PERRIER bubu...@debian.org wrote: I just forwarded your mail to Steve and I think he'll make sure this reaches the right folks in Ubuntu server team. Thank you. Would be nice to see these startup scripts work properly. I'll be happy to provide any additional information that may help resolve the issue. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] ubuntu doesn't daemonize smbd
OK, not exactly a samba issue but maybe the Ubuntu maintainer reads this list and can provide some input. Problem: Ubuntu doesn't daemonize smbd. System: Ubuntu Lucid where a recent update moved many startup scripts into the upstart system. Now smbd is started and runs as smbd -F. If I edit the upstart script (/etc/init/smbd.conf) so that it runs as smbd -D (the default and what I would like) it doesn't work. I see no inet.d running so I have no clue how it works at all like this. Also this change to upstart did not resolve the problem of nmbd not starting correctly, it just nullified the script I had in rc.local to restart nmbd (guess I will rewrite this). On the plus side, I am thankful that I have continued to avoid Ubuntu as a candidate in any critical server role. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ubuntu doesn't daemonize smbd
On Wed, Jan 12, 2011 at 1:14 PM, Chris Smith smb...@chrissmith.org wrote: Now smbd is started and runs as smbd -F. If I edit the upstart script (/etc/init/smbd.conf) so that it runs as smbd -D (the default and what I would like) it doesn't work. Must have been a fluke - it does appear now that editing smbd.conf to start as -D is working except the service smbd stop command no longer functions. Guess this should really be on an Ubuntu forum. Sorry for the noise. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] ubuntu doesn't daemonize smbd
On Wed, Jan 12, 2011 at 4:20 PM, William E Jojo w.j...@hvcc.edu wrote: It's similar to the way you can use startsrc or stopsrc on AIX. -F If specified, this parameter causes the main smbd process to not daemonize, i.e. double-fork and disassociate with the terminal. Child processes are still created as normal to service each connection request, but the main process does not exit. This operation mode is suitable for running smbd under process supervisors such as supervise and svscan from Daniel J. Bernstein´s daemontools package, or the AIX process monitor. I've seen the man page :) AFAIK, running it as a daemon is preferable, and I've always run it that way. If you had read further up the man page you would have found: Operating the server as a daemon is the recommended way of running smbd for servers that provide more than casual use file and print services. This switch is assumed if smbd is executed on the command line of a shell. On the plus side, I am thankful that I have continued to avoid Ubuntu as a candidate in any critical server role. Really, why? Is it unstable for you in some way? Just curious as I've not had any issues thus far and Canonical support is very responsive. The problem with needed to restart nmbd manually (or via an additional script) that I alluded is one reason. Choosing to not run smbd as a daemon seems to be mistake in one way or another - you can set daemon or inetd mode in /etc/default/samba but the smbd.conf upstart script is hardcoded to run smbd -F and just as oddly the nmbd.conf script is hardcoded to run nmbd -D, both ignoring the setting in /etc/default/samba. And I have seen reported instances of Samba issues on Ubuntu being resolved by avoiding the distro packages and compiling from source. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Pdbedit problem
On Tue, Jan 4, 2011 at 9:30 AM, Michel, Loubert lmic...@astoriafederal.com wrote: I think I am using passdb backend = smbpasswd. How do I change it to passdb backend = tdbsam in Solaris10? I am unable to find the passdb command even whithin Samba. See the official docs: http://samba.org/samba/docs/man/Samba-HOWTO-Collection/passdb.html#acctmgmttools -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly [Closed]
On Mon, Jan 3, 2011 at 8:36 AM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC robert.hodges@hill.af.mil wrote: Workgroup only, no domain Solaris with Samba loaded, a few shares, enabled as WINS server, configured as Master Browser Did you ever correct the underscore in the hostname issue and then test? Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Pdbedit problem
On Fri, Dec 31, 2010 at 10:38 AM, Michel, Loubert lmic...@astoriafederal.com wrote: I am not using ldap however. Is that the reason why it is not working. Are you using: passdb backend = tdbsam ? With: passdb backend = smbpasswd you will find some limitations. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly [Closed]
On Mon, Jan 3, 2011 at 10:17 AM, Hodges, Robert CTR USAF AFMC 520 SMXS/MXDEC robert.hodges@hill.af.mil wrote: A key item I have to keep remembering is that all of this works great in Windows 2000. It's only XP that's having the problem. Don't know if I would put so much weight on that - a difference, yes, but not a key item. XP may just be more finicky when it comes to things like proper naming conventions. I haven't run a Samba-2.x installation in years but I have at one time or another had Samba working successfully with everything from the workgroup add-on for MS-DOS to Windows 7. Chris -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Need Help Getting Windows XP To Use Samba Properly [Closed]
On Thu, Dec 30, 2010 at 5:03 PM, Jeremy Allison j...@samba.org wrote: We have been networking Windowx XP boxes to Samba for longer than anyone still working in Microsoft Tech support, trust me on that :-). Cute :) -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba