Re: [SAMBA] Best practice in small office
[EMAIL PROTECTED] wrote on 09/28/2005 08:42:48 AM: As for laptops, still looking for a good solution there. The one laptop I have setup (out of three) uses roaming profiles and offline files for the user's home directory. This is rather kludgy, though, but I don't really know of any way to have someone log onto the domain with a local profile. (Plus she uses regular workstations, so getting info synced between the server and the laptop would be tricky.) For mobile users, I've been messing around with iFolder. Haven't quite gotten there yet, but the idea would be that the iFolder server would be universally accessible (internal/external). This would allow users to sync their files regardless of where on the planet they were at any given moment. I have it running under OES (Novell) okay, but there are some howto's out there on setting it up as a stand-alone. Anyone else using iFolder 3 yet? Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Group SID problems?
Have a site where the network users are connecting to most shares through group usage. Unfortunately, access to Samba is sporadic. Sometimes they connect okay, sometimes they can't connect at all. Looking at their system config, I notice that the SID's for the groups look. odd. The users group ends in 3005 but each user's PrimaryGroupSID is a group with a SID that ends in 1201, and there is no group that I can find with this SID. This site uses a LDAP backend. The question is - what specifically should I look for in the logs to verify that incorrect mapping of group SID's would cause the issue with sporadic connectivity? (there doesn't seem to be any issue of network connectivity). Thanks for any insight, ideas... Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Group SID problems?
Now that I look at this further, I notice that the Domain Users, Domain Admins, etc are not assigned. mapped. Unfortunately, trying to assign them using the net groupmap modify results in a complaint the first time that the group Domain Admins doesn't exist in mapping DB (which it doesn't because it's LDAP, although you can't add it due to spaces). net groupmap add Domain Users unixgroup=users complains that group 1002 already exists in LDAP So the key here is how I add Domain users to OpenLDAP, then map that group to unixgroup users. ... correct? Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 05/17/2005 11:32:39 AM: Have a site where the network users are connecting to most shares through group usage. Unfortunately, access to Samba is sporadic. Sometimes they connect okay, sometimes they can't connect at all. Looking at their system config, I notice that the SID's for the groups look. odd. The users group ends in 3005 but each user's PrimaryGroupSID is a group with a SID that ends in 1201, and there is no group that I can find with this SID. This site uses a LDAP backend. The question is - what specifically should I look for in the logs to verify that incorrect mapping of group SID's would cause the issue with sporadic connectivity? (there doesn't seem to be any issue of network connectivity). Thanks for any insight, ideas... Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Group SID problems?
[EMAIL PROTECTED] wrote on 05/17/2005 01:33:57 PM: On Tuesday 17 May 2005 12:11, jonlists wrote: Now that I look at this further, I notice that the Domain Users, Domain Admins, etc are not assigned. mapped. Unfortunately, trying to assign them using the net groupmap modify results in a complaint the first time that the group Domain Admins doesn't exist in mapping DB (which it doesn't because it's LDAP, although you can't add it due to spaces). net groupmap add Domain Users unixgroup=users complains that group 1002 already exists in LDAP So the key here is how I add Domain users to OpenLDAP, then map that group to unixgroup users. ... correct? Correct. How are you handling the interface scripts? What do you have for add user script etc.? Argh... there isn't one. Problem with this site is I'm not sure how many changes I can actually make if you know what I mean, or what changes are going to be made that affect other things I don't know about (yet). Users are being added through Yast.. so, the thing becomes i change smb.conf long enough to add the base scripts, then change it back so they can continue to use Yast. Knew I was missing something. - John T. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 05/17/2005 11:32:39 AM: Have a site where the network users are connecting to most shares through group usage. Unfortunately, access to Samba is sporadic. Sometimes they connect okay, sometimes they can't connect at all. Looking at their system config, I notice that the SID's for the groups look. odd. The users group ends in 3005 but each user's PrimaryGroupSID is a group with a SID that ends in 1201, and there is no group that I can find with this SID. This site uses a LDAP backend. The question is - what specifically should I look for in the logs to verify that incorrect mapping of group SID's would cause the issue with sporadic connectivity? (there doesn't seem to be any issue of network connectivity). Thanks for any insight, ideas... Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba 3 by Example Migrations
I agree on the migrations and Samba 3 - but I suppose the Samba team would appreciate it if rather than just requesting it, maybe some of us should provide some content, eh? Basically, with smbpasswd, if you take the /etc/shadow, etc/group, and /etc/passwd, the contents of /etc/samba, and I believe /var/lib/samba and move it to another machine, you've effectively migrated to that machine. One key here is keeping the host name the same so that the SID's remain intact. You could change the hostname if you restore the SID use the net getlocalSID - but keeping the SID intact is the key to keeping your domain structure intact. I'd do the upgrade to ldbsam (or ldap, if inclined) after you did the migration to new hardware. Good luck.. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 04/01/2005 08:01:03 AM: One topic I can't find in either Samba 3 by Example or the Offical Samba 3 Howto Reference Guide is that of migrating from a Samba3 server to a newer Samba 3 server (meaning newer hardware in this case). We are currently using the smbpasswd backend. I plan to move to tdbsam but that hasn't been done yet. All of the servers in question are running either whitebox 3 or redhat 9 (if it matters) and Samba 3.0.4. Our primary migration goal is to not have to touch all the 2000 workstations to rejoin them to the domain. I have messed around with manually merging /etc/group, /etc/passwd, /etc/shadow, /etc/samba/smbpasswd and copying /etc/samba/secrets.tdb from the old to the new server and have been able to make this work (once at least so far - I'm still experimenting) but would like to use better methods for the migration. I like 'net rpc vampire' on NT4 but that to my surprise doesn't seem to work against a Samba PDC and if it is addressed in a Samba to Samba context in either book I couldn't find it. I'm going to experiment in a little while with converting to tdbsam first but it occured to me that someone out there might be able to cut down on the time I have to spend experimenting if I just ask. Anyone done this before? -- Mike Rambo [EMAIL PROTECTED] NOTE: In order to control energy costs the light at the end of the tunnel has been shut off until further notice... -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba over ssh ?
[snip other stuff] Thanks for your suggestion. I have installed openvpn and the lzo library on which it depends. One nagging question that I still have is : Does using openvpn (or any VPN solution in general) obviate the need to open these vulnerable ports ? The little documentation that I have read so far talk a lot about encryption. While that is important, I also need to think about the ports (strangely, the firewall does not open any of those ports but nmap -P0 run on the machine reveals that these ports are open : 139/tcp open netbios-ssn 445/tcp open microsoft-ds ) Anyways, another concern I have is that while I have the samba server up and running and all my users are happy with it, how much disruption and user effort can I expect when I implement openvpn ? Like typical windows users, they value ease of use over security. Don't take me wrong, I will definitely implement this if it contributes towards security, but I need to know this to be able to tell my users what to expect. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba Maybe I'm missing something, but wouldn't you want to place the VPN connections between your firewall and the mobile/end user, but not on the Samba server? I am assuming that you're not talking about the firewall on your server itself, but your firewall on the Internet/public connection. Those ports are particularly nasty because of the Windows operating system on which they typically run, not because of problems on linux. There's always the possibility of DOS attacks, or of some buffer overrun exploit being discovered, but I believe the chances of those happening are far less than your users being angry because you've tightened security to the point it's difficult to use the network. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdbedit - question on migration
Didn't have the ldap machine suffix set. thanks for the input. Oversight on my part. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com Tony Earnshaw [EMAIL PROTECTED] wrote on 03/30/2005 03:32:41 PM: jonlists: question on pdbedit - when using it for a migration - existing data is stored in tdbsam. pbdedit -i tdbsam -e ldapsam It wants to take existing machine accounts and put them into an ou=Computers. I'd rather it put them in ou=People. Samba version is 3.09 Why not? Who said computers were different from people, anyway? What does 'ldap machine suffix say in your smb.conf? --Tonni -- mail: [EMAIL PROTECTED] http://www.billy.demon.nl -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] pdbedit - question on migration
question on pdbedit - when using it for a migration - existing data is stored in tdbsam. pbdedit -i tdbsam -e ldapsam It wants to take existing machine accounts and put them into an ou=Computers. I'd rather it put them in ou=People. Samba version is 3.09 Thanks... Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pdbedit - question on migration
[EMAIL PROTECTED] wrote on 03/30/2005 02:54:54 PM: On Wednesday 30 March 2005 12:37, jonlists wrote: question on pdbedit - when using it for a migration - existing data is stored in tdbsam. pbdedit -i tdbsam -e ldapsam It wants to take existing machine accounts and put them into an ou=Computers. I'd rather it put them in ou=People. OK. How have you configured this in smb.conf and in the smbldap-tools scripts? - John T. Aha! I have not since the implication is that is where pdbedit would be looking. In fact, I was hoping to be able to do this using Yast only, and have the end user use Yast for user and group creation, Samba management. I notice that the Samba 3 By Example guide recommend use of nis.schema instead of the Suse standard. I would assume that is because the scripts prefer this schema. My main problem is that I must provide a simple to use interface for Samba/Server/User management. I've been testing (playing with?) LAM, and trying to get IMC running (isn't working on SLES9). To be blunt, I'd rather we were using eDirectory and iManager for all of this, but in this case, I don't get a choice. Thank you.. Samba version is 3.09 Thanks... Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Using Lotus Domino LDAP as Samba Backend
[EMAIL PROTECTED] wrote on 03/29/2005 09:20:31 AM: On Tuesday 29 March 2005 04:18, [EMAIL PROTECTED] wrote: Hello, can I use the Lotus Domino LDAP Server as backend for Samba? Any LDAP server can be used so long as it has the right schema extensions and uses standard protocols. Has anyone tried this, or some experiences in that? Do a google search for Alan Bell linux lotus domino and see what you get. I know that he had this working at one point, but didn't get the chance to put it into production. There was information also available at www.openntf.org - but I'm not sure if it's there anymore. As John says, it's a matter of adding the right schema extensions. These will be added to the person document on the Domino server. Not with Lotus. - John T. Mit freundlichen GrĂ¼ssen / Kind regards Norman Trapp System Management objective partner GmbH Bergstrasse 45 D-69469 Weinheim Tel. +49 (0)6201 3986 24 Fax. +49 (0)6201 3986 12 ___ objective partner - keep IT in e.motion -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] upgrading existing tdbsam to ldap
moving a system to SLES9 w/OpenLDAP. Existing system used tdbsam. Set up new server, configured w/openldap and LAM. Things appear to be working fine with the new config, but there are problems in migrating user and machine accounts. The new domain, nor users are recognized in LAM. The machine accounts are listed as existing, but hostnames are not showing. I suppose that this is due to the fact that the migration using the pdbedit -v -i tdbsam -e ldapsam did not properly assign machines to the proper OU, and users to the proper default groups, etc. The pdbedit command was done after the ldap db was populated with the IDEALX smbldap-populate tool. I had built the new server, then simply moved the /etc/samba and /var/lib/samba/*.tdb files into place before doing the pdbedit. Is there a method of moving the existing accounts and machine information into the proper groups, or do I need to start over and do this in a different order? Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Advice on a samba setup im considering
You need to take a look at the Samba 3 By Example guide provided on the www.samba.org web site. It'll step you through much of this. Putting user accounts on the system? If it's only going to be you, you can use the command line tools provided with the operating system and base Samba. If someone else - maybe consider something like easier to use like webmin. Jon Johnston Creative Business Solutions IBM, Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com blog:http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 03/29/2005 02:11:52 PM: Hello! Was hoping to get some suggestion and ideas for a samba server I will be implementing here in the next couple of weeks. I have gone through the websites documentation, but I was hoping some of the veterans of samba could maybe lend some ideas, advice and recommendations. I will try to be as detailed as possible. The samba server would server roughly 50-60 people. We have 3, maybe 4 departments that I would need to setup shares for (obviously, not all departments would need access to all the shares.) The other thing im considering is maybe trying to design this with the idea in mind of future expansion of the company (6-12 months down the road possibly) I've already installed the OS and Samba and I am in the process of configuring samba. What would be the recommended method for putting user accounts on the system? I know I have a few options, but is there one I should consider morethan the other? All the machines on the network are windows desktop. I would simply just map a drive to the shares needed for each user. I'm not going to setup this up as a PDC at this time. That would be something I may revisit in about 6-12 months as well. I have a lot to consider. Just hoping to get some ideas here. Cheers, Jason -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba PDC setting up user groups and policies (Help)
Ouch I assume that your XP Workstations are domain members, then, right? Jon Johnston Creative Business Solutions IBM,Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com 952-544-1108 Blog: http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 01/28/2005 01:08:29 PM: I have a Samba PDC, and have problems setting up user groups to limit activity and access to file folders in Windows XP. I have administrative users that work fine. New users added as power users or regular users can log into machine client but dont even have access to the local C: drive. Cant change backgrounds or even unlock the taskbar. As long as they are added as user to the machine with admin priveleges or added to admin group the account works fine. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] Restoring PDC after Crash, Confused
Samba PDC system drive crashed. running 3.01. rebuilt system drive - kept the hostname the same, restored contents of /etc/samba, plus /etc/shadow, /etc/group, /etc/password PDC isn't recognizing machines for SOME machines. Users appear fine. I know that I should have gotten the domain sid previously by doing getlocalsid and then restored it by doing smbpasswd -W SID# but my understanding was that you no longer had to do the backup and restoration of the SID in version 3.0x. Is that incorrect? What did I miss? Any way out of this other than restoring each machine to the domain? Thanks. Jon Johnston Creative Business Solutions IBM,Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com 952-544-1108 Blog: http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Restoring PDC after Crash, Confused
Crud. I missed backing up and restoring /var/lib/samba, didn't I? Jon Johnston Creative Business Solutions IBM,Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com 952-544-1108 Blog: http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 09/24/2004 11:56:59 AM: Samba PDC system drive crashed. running 3.01. rebuilt system drive - kept the hostname the same, restored contents of /etc/samba, plus /etc/shadow, /etc/group, /etc/password PDC isn't recognizing machines for SOME machines. Users appear fine. I know that I should have gotten the domain sid previously by doing getlocalsid and then restored it by doing smbpasswd -W SID# but my understanding was that you no longer had to do the backup and restoration of the SID in version 3.0x. Is that incorrect? What did I miss? Any way out of this other than restoring each machine to the domain? Thanks. Jon Johnston Creative Business Solutions IBM,Microsoft, Novell/Suse, Sophos Consultants http://www.cbsol.com 952-544-1108 Blog: http://bingo.cbsol.com -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] How to re-introduce a Samba server into a Win/NT domain?
What version of samba are you running? Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 Blog: http://bingo.cbsol.com [EMAIL PROTECTED] wrote on 04/20/2004 06:53:49 PM: Hello. I'm hoping that you will provide some help with a Samba problem that I'm experiencing. We have an Alphaserver that has been functioning as the Samba-server in a Windows/NT Domain for about 5 years now. It was set up by an engineer here at Raytheon Missile Systems Company and he left the company about 2 years ago. I've inherited the administration of it. Last week the Alphaserver's unix (TRU-64 V 4.0F) boot-drive crashed and a replacement disk was built from a (5 day old) backup tape. Samba did not work after that and I'm quite sure - from the error-messages - that it's because the Alphaserver's NT-machine-account's password is out-of-sync with what the PC/winNT side remembers it to be last set to. I can not get Samba to run as it had been running all of these years - i.e.: with security = domain and password server = * specified in the smb.conf file. I can get Samba up and running with security = server and password server = PDC,BDC,Alphaserver. But the Samba-functionality ceases after a while, even though the Samba-daemons are still running. How can I remove the Alphaserver from the NT Domain and thereby delete its machine-account, so that I can then add it back into the Domain with a new machine account-name and associated machine-account-password? (I'd like to also go back to using security = domain in the smb.conf file.) I have read the html help files but nothing there referrences taking an existing Samba-server out of a Windows Domain and then adding it back in again in order to re-set the machine-accountname and its password. Any help light that you could shed on this issue would be greatly appreciated. Sincerely, Bob Shaffo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Photoshop can't save files, gives bogus Disk is full erro r
Maybe it's an oversight, but what are the current file and directory rights? Maybe instead of a Samba issue, it's deeper than that to the file system Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 [EMAIL PROTECTED] wrote on 02/05/2004 04:57:05 PM: Hello, I am having dreadful problems with Win2k workstations running Photoshop not being unable to save files to a new file server which we just installed for the direct purpose of serving graphics files. When trying to Save As a new file or Save an edited (existing) file we're getting a response that the disk is full, which is far from true because we have 1.6 TB free. This happens both with a mapped drive and through Network Neighborhood. Photoshop is the _only_ application that causes this behavior. I have had similar issues a couple years ago with intermittant problem on a small SAMBA server but I never found a solution for it. I currently have access to a few other LANs where both Photoshop on Win2k and a nearly identical SAMBA setup (SuSE 9.0, samba-2.2.8a-107 are installed, these locations do not seem to have the same problem. There is also another (older) samba server on the same lan as the one we are having trouble with, and the exact same clients do not seem to have this problem with the other SAMBA server. I have duplicated the smb.conf off the working server, changing only the netbios name and the map-to-guest user, and still have the problem. I do not know why the one works. It is not much older, and the pervious server I had trouble with a few years ago was, if anything, even older than the working server (whereas the new non-working server has a newer samba version). I do not have direct access to the LAN where the current problem is, so I can't send any logs or give too many details right now, sorry. I will say that I have worked over the phone with another tech who was on-site for several hours yesterday, and we have tried nearly every possible configuration with turning on/off locking, changing all the create modes/masks, changing users, security level, and everything else we could think of that could possibly effect this situation. A quick search shows that a few dozen people have had either exactly the same problem or a very similar one: http://marc.theaimsgroup.com/?l=sambaw=2r=1s=photoshopq=b This is a very bad problem for us, and I'm feeling quite discoraged to see that there are reports of this from 1, 2 even 3 years ago, and no reported solution[s]. Did anyone ever find a solution for the problem? If not, what must I do to help find it -- it is very, very important that we get this solved once and for all. I will try to get a copy of the log file. Thanks! -JW -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] RE: Samba 3.0.1a Cannot Browse Server
The TOSHARG book has a chapter on troubleshooting, btw, but my guess is that you need to remove the browseable = No from the netlogon directory. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 [EMAIL PROTECTED] wrote on 02/03/2004 03:47:40 PM: Ok, the saga continues. I've figured out the cause, now I'm hoping someone will tell me the fix! When you browse the server, your workstation is requesting access to the IPC$ share. In the log file I found an error where it said it couldn't access '/root/tmp', thus giving an access denied error. I did a little test by changing my /root to world writeable and /root/tmp to world writeable. After that I could browse. So the cause is Samba wanting to use /root/tmp as a temporary directory for 'something' to do with the IPC$ connection. How do I change this to point to a directory of my choosing? IS it linked to a user that Samba starts up as? Suggestions? Thanks Norm -Original Message- From: Norm Dressler [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 03, 2004 5:08 PM To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Samba 3.0.1a Cannot Browse Server Further to my inability to browse, I've caught the following in my workstation log: [2004/02/03 17:04:59, 0] smbd/service.c:make_connection_snum(677) '/root/tmp' does not exist or is not a directory, when connecting to [IPC$] [2004/02/03 17:04:59, 3] smbd/sec_ctx.c:set_sec_ctx(288) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2004/02/03 17:04:59, 5] auth/auth_util.c:debug_nt_user_token(486) NT user token: (NULL) [2004/02/03 17:04:59, 5] auth/auth_util.c:debug_unix_user_token(505) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2004/02/03 17:04:59, 5] smbd/uid.c:change_to_root_user(218) change_to_root_user: now uid=(0,0) gid=(0,0) [2004/02/03 17:04:59, 3] smbd/connection.c:yield_connection(69) Yielding connection to IPC$ [2004/02/03 17:04:59, 3] smbd/error.c:error_packet(94) error string = Permission denied [2004/02/03 17:04:59, 3] smbd/error.c:error_packet(118) error packet at smbd/reply.c(286) cmd=117 (SMBtconX) NT_STATUS_BAD_NETWORK_NAME [2004/02/03 17:04:59, 5] lib/util.c:show_msg(456) [2004/02/03 17:04:59, 5] lib/util.c:show_msg(466) I'm not sure why /root/tmp claims to not exist, etc... it does but shouldn't be accessible to regular users -- The other area I'm concerned about is the nt_status_bad_network_name ... could this be a clue to my problem? Norm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Norm Dressler Sent: Tuesday, February 03, 2004 1:11 PM To: [EMAIL PROTECTED] Subject: [Samba] Samba 3.0.1a Cannot Browse Server Hi All, I've migrated my samba 2.2.8/OpenLDAP configuration to a Samba 3.0.1/OpenLDAP configuration. Things went well in the LDAP conversion using scripts, etc. I've set things up using the new LDAP schema and not the compatibility schema. I can see the server listed in the machines on my workgroup. I can even explicitly map a drive letter to a share on the new samba server. I cannot, however, browse the server! A windows 2000 workstation gives me the error: The Server is not configured for Transactions. The log files have not been helpful for me in determining where the problem is. Has anyone else seen this problem? My smb.conf file looks like this: [global] log level = 1024 log file = /usr/local/samba/var/%m.log os level = 65 passdb backend = ldapsam:ldap://localhost/ ldap suffix = dc=dinmar,dc=com ldap machine suffix = ou=Computers ldap user suffix = ou=People ldap admin dn = cn=root,dc=dinmar,dc=com ldap delete dn = no workgroup = DINMAR-OTT01 netbios name = FPOTT04 server string = DINMAR FPOTT04 Server interfaces = 192.168.40.246 encrypt passwords = Yes null passwords = Yes domain logons = Yes domain master = 192.168.40.250 local master = Yes hosts allow = 192.168. security = user comment = DINMAR FPOTT04 Server guest ok = yes wins server = 192.168.40.250 browse list = yes printing=bsd printcap=lpstat [netlogon] path = /usr/local/samba/netlogon read only = No browseable = No locking = No guest ok = yes [Users] comment = User Home Directories path = /data2/users read only = No hide dot files = yes hide files = /.* /public_html create mask = 0700 directory mask = 0700 [homes] comment = Personal Home Directory read only = No hide dot files = yes browseable = No hide files = /.* create mask = 0700
[Samba] disappearing files
Samba 2.2.7-3.7.2 on Redhat 7.3 Have a samba server setup that has been running for over a year now. fairly simple configuration - it is functioning as a stand=alone server with smbpasswd backend. Everything has been working properly until recently - now randomly some directories do not display their contents. There are files in the directory, I've checked the ownership/rights on the files themselves - the logged in user owns the files, and the directory. They have rights to the Samba share by the valid users parameter. The directory (in this case) that isn't showing up is three levels deep: /Sambashare /ME /Tempstuff this directory of files isn't showing up. I've set the log level to 10, and I'm not seeing anything glaring going on there, either. I cannot upgrade this server to 3.0x, otherwise, I'd probably go in that direction. Any thoughts are greatly appreciated. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] disappearing files
To reply to my own message, I have finally found something in the logs that indicates a permission denied error, as follows: when attempting to read the directory, on one entry the following shows: get_lanman2_dir_entry: Couldn't stat [Filename in directory structure] (Permission Denied) At the samba/share level, things should be okay. At the unix file system level, like I said, the user is the owner of the file. Ideas? Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 [EMAIL PROTECTED] wrote on 01/14/2004 02:49:35 PM: Samba 2.2.7-3.7.2 on Redhat 7.3 Have a samba server setup that has been running for over a year now. fairly simple configuration - it is functioning as a stand=alone server with smbpasswd backend. Everything has been working properly until recently - now randomly some directories do not display their contents. There are files in the directory, I've checked the ownership/rights on the files themselves - the logged in user owns the files, and the directory. They have rights to the Samba share by the valid users parameter. The directory (in this case) that isn't showing up is three levels deep: /Sambashare /ME /Tempstuff this directory of files isn't showing up. I've set the log level to 10, and I'm not seeing anything glaring going on there, either. I cannot upgrade this server to 3.0x, otherwise, I'd probably go in that direction. Any thoughts are greatly appreciated. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba w/tdb recovery
Experienced a server crash on a site that's using Samba 3.01 for a PDC, using tdb database. I have all of the information to recover Samba properly, including unix accounts, etc. However, can someone point me to a resource regarding recovery of linux user accounts and passwords? Thanks Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] samba w/tdb recovery
Forget this.. simply copy back the /etc/group, /etc/shadow, and /etc/passwd and they're back. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 [EMAIL PROTECTED] wrote on 01/12/2004 11:36:47 AM: Experienced a server crash on a site that's using Samba 3.01 for a PDC, using tdb database. I have all of the information to recover Samba properly, including unix accounts, etc. However, can someone point me to a resource regarding recovery of linux user accounts and passwords? Thanks Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] copy old profile - samba pdc - access denied
migrating a group of workstations to a Samba PDC-based domain. Machines join to domain fine, but when I try to copy the existing local profiles to the roaming profiles, I get a Failed to set security on destination profile - Access is denied I have added the domain user to the local machine as an administrator. When attempting to do the copy, I am logged into the samba domain as root. When I do the copy, I'm doing the following on Windows XP: Control Panel/System - Advanced - User Profiles - I select the old profile - which was local only (machine wasn't previously in another domain). I select Copy To, then browse to select the local documents and settings folder for the Samba domain user. Under permitted to use - I select the Samba domain as the location. I enter the user's name, then check name, and the user name is returned without error in the form of DOMAIN/user. However, when I attempt to do the copy, I get the error: Failed to set security on destination profile - Access is denied ideas? Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] problem destroying /dev/null
Working with Samba 3.0 on rh9. Set up samba to use tdbsam (small network, maybe 30-40 users tops) and be a PDC for the internal network. Will be joining machines to this domain. My smb.conf file has been configured to use tdbsam as the backend, and with an add machine script, add user script, etc. However, using the command: pdbedit -a jdoe results in could not create account to add new user jdoe running the useradd script manually (as found in smb.conf) results in the user being added. running pdbedit -a -m jdoewks results in tdb_update_sam: SAM_ACCOUNT (jdoewks$) with no RID! unable to add machine! (does it already exist) However, running the machine script adds the machine to the user list (/etc/passwd), but obviously not the tdbsam. If I then use the RH9 user and groups tool to delete the machine account, it asks if I wish to delete the user's home directory, which is /dev/null. Deleting this is bad, basically destroys the system, and leads to recovery. Ouch. I'm missing something. Not sure what. here is SMB.CONF #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = MINNESOTA netbios name = MORPHEUS server string = Morpheus Samba Server # if you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes passdb backend = tdbsam add user script = /usr/sbin/useradd %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd %g add machine script = /usr/sbin/useradd -d /dev/null -s /bin/false %u # this tells Samba to use a separate log file for each machine # that connects log file = /var/log/samba/log.%m # Put a capping on the size of the log files (in Kb). max log size = 50 security = user encrypt passwords = yes # smb passwd file = /etc/samba/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to different SMB User names ; username map = /etc/samba/smbusers # Most people will find that this option gives better performance. socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 33 domain master = yes preferred master = yes domain logons = yes logon drive = U: logon path = \\morpheus\home\profiles\%u logon home = \\morpheus\%u logon script = scripts\%u.cmd # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no # this is to allow Samba to crete Unix accounts on the samba server # Share Definitions == [homes] comment = Home Directories valid users = %S browseable = no read only = no # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes write list = root share modes = no #NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes # A publicly accessible directory, but read only, except for people in # the staff group [public] comment = Public Stuff path = /data/shared/public public = yes read only = yes write list = @users guest ok = no # Thanks for assistance. Jon Johnston Creative Business Solutions http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] /dev/null corruption
Any ideas on what would cause the /dev/null device to become corrupted, and become set to a user's home directory? This is on a system in which I'm used tdbsam, and adding machine accounts through the unix command rather than smb.conf scripts. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] clarify issues on joining Samba PDC, machines, RIDs,
I'm running into issues trying to configure a server to be a Samba PDC in a small network that contains only Win2k/XP workstations. This will be going into an environment where there are no Windows server. There is a pre-existing Samba server that will be replaced, but it'll be easier to recreate user accounts than attempt migration (there were no machine accounts). Due to time/budget - we're not integrating this one with LDAP. We'll be sticking with smbpasswd. I'd like clarification on some things: - I did the net groupmap add commands, attempting to map a unix-created group - ntadmin - to the Domain Admins group. However, when i do a groupmap list, I get a double listing for the group, as is shown below. Domain Admins (S-1-5-21-4140922544-3110978470-4188555357-2005) - ntadmin Domain Admins (S-1-5-21-4140922544-3110978470-4188555357-512) - -1 I assume this will cause problems when attempting to join machines to the domain, as one or the other SID will be recognized as a member of domain admins. Am I correct, and if so, how do I fix this? - If someone goes in and deletes the unix user - say jimmy without using pdbedit or the samba tools, pdbedit later complains that jimmy no longer exists, but will not allow me to delete him using pdbedit -r. How can I clean this up so that jimmy can be fixed - I'm not finding any info on how to rebuild or fix the samba information. (Administration of this system will be turned over to someone else, and I need to be sure I can help them fix if they do this). Thanks for any info Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] clarify issues on joining Samba PDC, machines, RIDs,
John H Terpstra [EMAIL PROTECTED] wrote on 11/06/2003 04:00:54 PM: On Thu, 6 Nov 2003, jonlists wrote: [snip other issued resolved - thank you very much] - If someone goes in and deletes the unix user - say jimmy without using pdbedit or the samba tools, pdbedit later complains that jimmy no longer exists, but will not allow me to delete him using pdbedit -r. How can I clean this up so that jimmy can be fixed - I'm not finding any info on how to rebuild or fix the samba information. (Administration of this system will be turned over to someone else, and I need to be sure I can help them fix if they do this). Add to your smb.conf [globals] passdb backend = tdbsam smbpasswd Run: pdbedit -i tdbsam -e smbpasswd I get the error... Unable to open/create TDB passwd Can't sampwent! I have to believe I'm missing a required package, or is this all installed w/samba 3.0? Edit your the smbpasswd file to remove the dead entries. Remove the passdb.tdb file. Run: pdbedit -i smbpasswd -e tdbsam Edit smb.conf to have: passdb backend = tdbsam Delete the smbpasswd file. Done. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] Other naive question (I'm trying to RTFM, but I'm running out of time) - where can I find info on whether or not I need to add scripts to smb.conf for using tdbsam backend? Thanks for the pointers on tdbsam - shouldn't have overlooked that one. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] clarify issues on joining Samba PDC, machines, RIDs,
John H Terpstra [EMAIL PROTECTED] wrote on 11/06/2003 05:57:31 PM: On Thu, 6 Nov 2003, jonlists wrote: John H Terpstra [EMAIL PROTECTED] wrote on 11/06/2003 04:00:54 PM: On Thu, 6 Nov 2003, jonlists wrote: [snip other issued resolved - thank you very much] - If someone goes in and deletes the unix user - say jimmy without using pdbedit or the samba tools, pdbedit later complains that jimmy no longer exists, but will not allow me to delete him using pdbedit -r. How can I clean this up so that jimmy can be fixed - I'm not finding any info on how to rebuild or fix the samba information. (Administration of this system will be turned over to someone else, and I need to be sure I can help them fix if they do this). Add to your smb.conf [globals] passdb backend = tdbsam smbpasswd Run: pdbedit -i tdbsam -e smbpasswd I get the error... Unable to open/create TDB passwd Can't sampwent! Try adding root with smbpasswd: smbpasswd -a root Created the passwd database, pdb_getsampwnam: TDB passwd (/etc/samba/passdb.tdb) did not exist. File successfully created. However, same failure when attempting the migration process. If that fails you have real issues! :) Oddly enough, doing a net user list asks for a password (even though I'm already in as root), and then does nothing. Doing a pdbedit -L gives: Unable to open/create TDB passwd At least this isn't in production (yet). G If it works, then try the migration process again. I have to believe I'm missing a required package, or is this all installed w/samba 3.0? Edit your the smbpasswd file to remove the dead entries. Remove the passdb.tdb file. Run: pdbedit -i smbpasswd -e tdbsam Edit smb.conf to have: passdb backend = tdbsam Delete the smbpasswd file. Done. - John T. -- John H Terpstra Email: [EMAIL PROTECTED] Other naive question (I'm trying to RTFM, but I'm running out of time) - where can I find info on whether or not I need to add scripts to smb.conf for using tdbsam backend? Sure do need the scripts for tdbsam. - John T. Thanks for the pointers on tdbsam - shouldn't have overlooked that one. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- John H Terpstra Email: [EMAIL PROTECTED] Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] clarify issues on joining Samba PDC, machines, RIDs,
John H Terpstra [EMAIL PROTECTED] wrote on 11/06/2003 06:21:54 PM: On Thu, 6 Nov 2003, jonlists wrote: Add to your smb.conf [globals] passdb backend = tdbsam smbpasswd Run: pdbedit -i tdbsam -e smbpasswd I get the error... Unable to open/create TDB passwd Can't sampwent! Try adding root with smbpasswd: smbpasswd -a root Created the passwd database, pdb_getsampwnam: TDB passwd (/etc/samba/passdb.tdb) did not exist. File successfully created. Good. However, same failure when attempting the migration process. If that fails you have real issues! :) Then something is broken in your samba build. What is the origin or your samba-3.0.0 package? http://us3.samba.org/samba/ftp/Binary_Packages/RedHat/RPMS/i386/9.0/ using 3.0.0-2_rh9 Oddly enough, doing a net user list asks for a password (even though I'm already in as root), and then does nothing. Doing a pdbedit -L gives: Unable to open/create TDB passwd Looks very broken. Replace the binaries with the RPMS from samba FTP sites. At least this isn't in production (yet). G You bet! - John T. -- John H Terpstra Email: [EMAIL PROTECTED] Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] HowTo 3 book?
John. when is your book (and your co-author's G) available? Amazon says November, but early november, late, or plan for a christmas present for myself?? thanks. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] role of Idealx scripts
trying to get Samba 3b3 working with opendap - getting rid of the need to use /etc/passwd file. My confusion comes in where the idealx scripts comes in - i know that they are not updated to be used with samba 3.x. From my understanding - under samba 2.x - the idealx scripts provide a means of adding users to the system, by properly adding them to both the smb and the ldap configurations, correct? When using samba 3.x - if we do not have the idealx scripts - isn't it possible to accomplish the same thing by using something like gq, provided we get the new user template correct (the correct ldap attributes)? What am I missing that the idealx scripts might provided otherwise? As you can guess, I'm fairly new to this configuration. Thanks for any assistance/clarification. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] What kind of performance can I expect on this setup...
Not to be rude, and I'm fairly new at this, but I've pretty much noticed that you're not going to get answers without answering specific questions. You have a nice, hefty server. You have plenty of RAM. I have 20 people using file sharing on much less stellar stuff than this without performance issues. The server I have is also running a gob of other processes, i.e., DNS, DHCP, Lotus Domino, PPP server. Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 [EMAIL PROTECTED] wrote on 08/07/2003 01:18:55 PM: Running Samba 2.2.8a as a PDC, which will service about 40 people.(grow to about 60-70 by end of the year) They will also be accessing shares on the server from a program. Server is: Xeon 2.8ghz 2gigs of RAM 3 320 SCSI 36 gig drives: setup in RAID 5 with 70 gigs of room Running on RH 7.3 Swap is 2048 (Was highest I could set it for 7.3) Anyone wanna take a gander and tell me what to expect? Any problems I may run into? What they would change, update etc. Thank you. Jason -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba ForwardSourceID:NT00039F96 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Offline Folders Samba
I've inherited a samba server providing file services to a group of Windows XP workstations. Samba is 2.2.7 -security-rollup-fix security is user level. I'm trying to configure the ability for the XP laptop users to use offline folders. The folder will synchronize, but not fully. When the XP user disconnects, the files are not accessible (Access is denied errors). I resolved by chmod'ing the files to 777, although this still didn't take care of all of them. It does synchronize some of the files, but not all. If we go into windows attribute, and change any of them, they will synchronize. Questions: - can someone confirm offline folders works with samba? - what is the typical create mask on a folder set to? - any configuration ideas are certainly welcome. Thank you Jon Johnston Creative Business Solutions IBM, Lotus, Microsoft Consultants http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Best configuration?
Have a site in which we currently have samba deployed, but I do not like the existing configuration. What I'd like to do is deploy it in such a manner that the environment can be made redundant, not necessarily clustered - but in the case of a server crash, another server could easily be brought up to replace the main server. What I'm looking at is how to store user information for redundancy - with regards to samba, which is better for this situation - interfacing samba to OpenLDAP or NIS/yellow pages?? Thanks for any comments Jon Johnston Creative Business Solutions http://www.cbsol.com 952-544-1108 -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba