From vegardw at sv.uit.no Wed Jul 1 09:09:48 1998 From: vegardw at sv.uit.no (Vegard Wallin) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: Message-ID: We're setting up samba as a PDC on a system running OSF1 v4.0. Most things work OK, but the nice sounding "unix password sync" option does not. When running smbpasswd as a regular user, I get no errormessages, but the passwords are not updated and I get a coredump. The logfile says: INTERNAL ERROR: Signal 11 in pid 31668 (1.9.19-prealpha) [some memory dump] Dumping core in /usr/local/samba/system/var/corefiles When running smbpasswd as root, cnanging password for a regular user, I dont get the coredump and error in logfile, but only the smbpassword gets updated. If this feature would work it would save us a lot of work, we have about 500 members in this domain. smbpasswd works OK when disabling this feature (only the entry in smbpasswd gets updated). We're running latest CVS as of yesterday. Am I missing something? Bye, /Vegard vegardw@sv.uit.no From wasse at CS.bgu.ac.il Wed Jul 1 12:20:34 1998 From: wasse at CS.bgu.ac.il (wass eran) Date: Tue Dec 2 02:24:18 2003 Subject: syntax for subscribing to this mailing list/novell stuff/irc stuff/cvs Message-ID: Hi, I am a sysadmin at ben-gurion univ. Israel. I have installed the latest samba with branch-ntdom (1.9.19-prealpha). I think it's the best thing ever - and if it works well i will be able to get rid at last of the NT server and Novell server i have here and run everything from the unix. i wanted to ask and say a few things : 1) how do i subscribe to this list ? 2) i have installed the samba on IRIX 6.4, and the sharing works just fine, and authentication with client for windows networks on NT workstations works fine too- BUT - i discovered that if one uses the "novell client32" on the NT workstation instead of the regular MSclient, to login into the domain (even when u mark the "login into MS domain only" - without logining into novell) then the winlogon.exe crashes with a blue screen saying there was an illegal mem reference. has anyone encountered this problem ??? 3) is there an irc group on some irc net dealing with samba ? (preferably on EFnet) if not we can try to make one .... 4) another suggestion i have is - maybe someone could maintain the latest samba version with branches on some site as a .TAR.GZ file instead of the regular cvs method of obtaining it (some ppl - like myself have very bad connections abroad and i had to ask someone to tar.gz it for me so i can DL the whole thing in one bunch through a fast http proxy). ________________________________________________ \ Ayranne(Eran) Wass \ \ System Administration Group \ | Ben Gurion University - Computer Science | \ | \ E-MAIL: wasse@cs.bgu.ac.il \ \ HOME-PAGE: www.cs.bgu.ac.il/~wasse \ \ \ \_______________________________________________\ From cartegw at Eng.Auburn.EDU Wed Jul 1 12:48:58 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <359A303A.4A9E1C1@eng.auburn.edu> Vegard Wallin wrote: > > We're setting up samba as a PDC on a system running OSF1 v4.0. Most > things work OK, but the nice sounding "unix password sync" option does > not. When running smbpasswd as a regular user, I get no errormessages, > but the passwords are not updated and I get a coredump. The logfile > says: "unix password sync" is only for Win95 password changes, not NT user password changes. That is not implemented yet. > INTERNAL ERROR: Signal 11 in pid 31668 (1.9.19-prealpha) > [some memory dump] > Dumping core in /usr/local/samba/system/var/corefiles Is this when run from a "password chat" script? Or from a shell on the unix as the user? also, what the server OS? > When running smbpasswd as root, cnanging password for a regular user, > I dont get the coredump and error in logfile, but only the smbpassword > gets updated. See notes above. > If this feature would work it would save us a lot of work, we have > about 500 members in this domain. > > smbpasswd works OK when disabling this feature (only the entry in > smbpasswd gets updated). We're running latest CVS as of yesterday. Someone please correct if I am wrong, but I didn't that that smbd called 'smbpasswd' to update the encrypted password hash. Rather the code was built in. The "unix password sync" tells smbd to call the password program if the password change is successful. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Wed Jul 1 14:10:59 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:18 2003 Subject: syntax for subscribing to this mailing list/novell stuff/irc stuff/cvs References: Message-ID: <359A4373.AD5C2448@eng.auburn.edu> wass eran wrote: > > Hi, > > 1) how do i subscribe to this list ? See http://samba.anu.edu.au/listproc/listproc.txt. The list name is samba-ntdom > 2) i have installed the samba on IRIX 6.4, and the sharing works just > fine, and authentication with client for windows networks on NT > workstations works fine too- BUT - i discovered that if one uses the > "novell client32" on the NT workstation instead of the regular > MSclient, to login into the domain (even when u mark the "login into > MS domain only" - without logining into novell) then the winlogon.exe > crashes with a blue screen saying there was an illegal mem reference. > has anyone encountered this problem ??? I don't know of any testing done in this environment... Sorry. > 3) is there an irc group on some irc net dealing with samba ? > (preferably on EFnet) if not we can try to make one .... Don't know. > 4) another suggestion i have is - maybe someone could maintain the > latest samba version with branches on some site as a .TAR.GZ file > instead of the regular cvs method of obtaining it (some ppl - like > myself have very bad connections abroad and i had to ask someone to > tar.gz it for me so i can DL the whole thing in one bunch through a > fast http proxy). Someone said they were going to set this up. Updates every 24 hours I think. Who was it....JF maybe? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Wed Jul 1 14:23:17 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:18 2003 Subject: using samba with nt References: <35987203.930C4AD8@hotmail.com> Message-ID: <359A4655.76E124D3@eng.auburn.edu> Chan Fook Sheng wrote: > > Hello everybody, > > I would appreciate if anyone can help me with the below: > > I have a FreeBSD 2.2.6 with samba 1.9.18.3, I wish to share out my > harddisk on FreeBSD to Win95 users, and controlling access of > directories on FreeBSD through WinNT Domain Controller, is this > possible? Yes. > Do I still need users account on the FreeBSD? If so are they normal > unix users created by adduser? No. I don't think they will need a unix account. All username/password validation should be done by the NT PDC. > Can I use user groups (from NT domain controller) in samba to control > directories access? Nope. Not yet. > > I tried to join my freebsd to the nt domain, but when I type smbpasswd > -j domain I got "./smbpasswd: Unable to get UNIX password entry for > user." does this mean I have to create an account for domain? If so, > how to do that? Did you create the machine account on the NT PDC? If so, could you up the debug level in smbpaswd and send the output? > I have read the faq and mailing list on the samba site, but I just > can't figure out what to do, I'm confused, pls help me. > > fook sheng j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From twinders at SPC.cc.tx.us Wed Jul 1 14:46:19 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <359A303A.4A9E1C1@eng.auburn.edu> Message-ID: On Wed, 1 Jul 1998, Gerald Carter wrote: > Vegard Wallin wrote: > > > > We're setting up samba as a PDC on a system running OSF1 v4.0. Most > > things work OK, but the nice sounding "unix password sync" option does > > not. When running smbpasswd as a regular user, I get no errormessages, > > but the passwords are not updated and I get a coredump. The logfile > > says: > > "unix password sync" is only for Win95 password changes, not NT user > password changes. That is not implemented yet. > > > INTERNAL ERROR: Signal 11 in pid 31668 (1.9.19-prealpha) > > [some memory dump] > > Dumping core in /usr/local/samba/system/var/corefiles > > Is this when run from a "password chat" script? Or from a shell on the > unix as the user? > > also, what the server OS? He said above he is running OSF/1 4.0 (Digital Unix). I too am running Digital UNIX and have the same problem. I can use the smbpasswd program just fine, but when I try to change the password using the Win95 password control panel, I get a core dump. I sent a gdb trace, log file etc, but this hasn't been fixed. I think the short answer is that "Win95 password changing is not supported under Digital Unix". === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From BARTH at cck.uni-kl.de Wed Jul 1 16:56:16 1998 From: BARTH at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:24:18 2003 Subject: syntax for subscribing to this mailing list/novell stuff/ir Message-ID: > i wanted to ask and say a few things : > > > 2) i have installed the samba on IRIX 6.4, and the sharing works just > fine, and authentication with client for windows networks on NT > workstations works fine too- BUT - i discovered that if one uses the > "novell client32" on the NT workstation instead of the regular MSclient, > to login into the domain (even when u mark the "login into MS domain only" - > without logining into novell) then the winlogon.exe crashes with a blue > screen saying there was an illegal mem reference. > has anyone encountered this problem ??? Well, we have a lot of "funny" bugs with novell (that's why will will get rid of it soon and use samba), but we managed to join the domain. Christian From jallison at whistle.com Wed Jul 1 16:38:45 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <359A6615.77ACF8F6@whistle.com> Vegard Wallin wrote: > > We're setting up samba as a PDC on a system running OSF1 v4.0. Most things > work OK, but the nice sounding "unix password sync" option does not. When > running smbpasswd as a regular user, I get no errormessages, but the > passwords are not updated and I get a coredump. The logfile says: > > INTERNAL ERROR: Signal 11 in pid 31668 (1.9.19-prealpha) > [some memory dump] > Dumping core in /usr/local/samba/system/var/corefiles Vegard, Could you give me a stack backtrace from the core dump please ? This should help track things down. Thanks, Jeremy Allison. Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jallison at whistle.com Wed Jul 1 16:50:26 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <359A68D2.AAF0AB0B@whistle.com> Tim Winders wrote: > . I too am running > Digital UNIX and have the same problem. I can use the smbpasswd program > just fine, but when I try to change the password using the Win95 password > control panel, I get a core dump. I sent a gdb trace, log file etc, but > this hasn't been fixed. I think the short answer is that "Win95 password > changing is not supported under Digital Unix". > Oh yes, you did. I'm sorry, it sort of fell off my plate and I forgot about it. I'll look up the mail message and see if I can fix it. Sorry, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From twinders at SPC.cc.tx.us Wed Jul 1 17:06:59 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <359A68D2.AAF0AB0B@whistle.com> Message-ID: On Wed, 1 Jul 1998, Jeremy Allison wrote: > Tim Winders wrote: > > . I too am running > > Digital UNIX and have the same problem. I can use the smbpasswd program > > just fine, but when I try to change the password using the Win95 password > > control panel, I get a core dump. I sent a gdb trace, log file etc, but > > this hasn't been fixed. I think the short answer is that "Win95 password > > changing is not supported under Digital Unix". > > > > Oh yes, you did. I'm sorry, it sort of fell off my plate > and I forgot about it. > > I'll look up the mail message and see if I can fix it. Great! Thanks. I figured you all were busy with other things and it would get done when someone had a chance. === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From lkcl at switchboard.net Wed Jul 1 18:21:58 1998 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:24:18 2003 Subject: out of the picture Message-ID: hi, because i have rsi (if you get this, _stop_ typing!) i am resting for a while. i am still keeping an eye on my email every day or three. if i start work again, it will be with someone else doing the typing. so, i'm still here! lots of love, luke (samba team) From chen68 at hotmail.com Thu Jul 2 09:36:26 1998 From: chen68 at hotmail.com (Fook Sheng) Date: Tue Dec 2 02:24:18 2003 Subject: using samba with nt Message-ID: <359B5499.C0006469@hotmail.com> Hi Chan Fook Sheng wrote: > > Hello everybody, > > I would appreciate if anyone can help me with the below: > > I have a FreeBSD 2.2.6 with samba 1.9.18.3, I wish to share out my > harddisk on FreeBSD to Win95 users, and controlling access of > directories on FreeBSD through WinNT Domain Controller, is this > possible? Yes. for my smb.conf I have : workgroup = sgnet guest account is not enabled security = domain password server = sgnt encrypt password = yes domian master = no wins server = dns proxy = no [mis] comment = mis folder path = /usr/home/mis writable = yes valid users = mis public = no guest ok = no [public] comment = blah ... path = /usr/home/public public = yes read only = no guest ok = yes > Do I still need users account on the FreeBSD? If so are they normal > unix users created by adduser? No. I don't think they will need a unix account. All username/password validation should be done by the NT PDC. I still can't achieve that, can you kindly tell me how to do it, or give me the url. With the above config, when I access the public, I don't have to give any passwords, when I access the mis folder, I need to type the password for the mis account, the setup the mis account on FreeBSD using passwd. NT is not doing the authentication. I have the mis account in NT. Also what is the use of smbpasswd, and when should I use it? > Can I use user groups (from NT domain controller) in samba to control > directories access? Nope. Not yet. > > I tried to join my freebsd to the nt domain, but when I type smbpasswd > -j domain I got "./smbpasswd: Unable to get UNIX password entry for > user." does this mean I have to create an account for domain? If so, > how to do that? Did you create the machine account on the NT PDC? If so, could you up the debug level in smbpaswd and send the output? Can you teach me how to up the debug level ? I have registered the machine account for samba using server manager. In addition I found out that if I login using the built-in visitor account(guest), I can access my mis resource without being prompt for password, is it because I have missed something? > I have read the faq and mailing list on the samba site, but I just > can't figure out what to do, I'm confused, pls help me. > > fook sheng j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) Best Regards, Chan Fook Sheng From mblack at csihq.com Thu Jul 2 10:55:47 1998 From: mblack at csihq.com (Mike Black) Date: Tue Dec 2 02:24:18 2003 Subject: .pid files Message-ID: <010f01bda5a7$faf343d0$32de11cc@mblack.csihq.com> #1 - Just upgraded a server to the new ntdom code #2 - Just had a system lockup -- had to do a hard reset #3 - Samba says: ERROR: nmbd is already running #4 - Trace shows: open("/usr/local/samba/var/locks/nmbd.pid", O_RDONLY) = 4 fstat(4, {st_mode=S_IFREG|0644, st_size=20, ...}) = 0 mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|0x20, 4294967295, 0) = 0x40008000 read(4, "106\n\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096) = 20 close(4) = 0 munmap(0x40008000, 4096) = 0 kill(106, SIGNULL) = 0 kill(106, SIGNULL) = 0 write(3, "ERROR: nmbd is already running\n"..., 31) = 31 #5 - Removed .pid files and all is fine Shouldn't the error message be: ERROR: Lock file '/usr/local/samba/var/locks/nmbd.pid' exists -- improper shutdown? Do you want to start anyway (y or n)? And...shouldn't the error show up on the console (as it is EXTREMELY severe)?? It would be nice if it offered to continue and overwrite the pid file anyway. But, at LEAST give a good error message please!! Actually, it would probably be better for a command line switch to FORCE overwriting (like during the boot process). I've added an "rm" to my startup script to fix this for now... This reminds me of one my favorite pet peeves -- "Error opening file (or DLL)" -- prompting the questions "What file(DLL)?" and "Why"... _________________________________________________________ Mike Black mblack@csihq.com 407-676-2923, x203 FAX 407-676-2355 Computer Science Innovations, Inc. http://www.csihq.com From canfield at uindy.edu Thu Jul 2 15:23:26 1998 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:24:18 2003 Subject: Netware crashed by samba PDC? Message-ID: <359BA5ED.F2EF4756@uindy.edu> Has anyone had any problems using the Netware client for NT with samba as a PDC? When I was using samba about 3 months ago, it worked fine with the Netware client. Then we upgraded our server, and I just now installed samba again. After the Novell client has been installed, if I try to log into the domain, the machine crashes with a blue screen of death. This happens on all the machines I've tried. I've also tried the novell client versions 4.10 and 4.3, both with the same effect. I can log in to the machines locally, and then use the network fine. It's just using domain logins that cause the problem. Any ideas? Could there be something in my smb.conf that Netware wouldn't like? Thanks From jallison at whistle.com Thu Jul 2 16:51:28 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <359BBA90.30257146@whistle.com> Tim Winders wrote: > He said above he is running OSF/1 4.0 (Digital Unix). I too am running > Digital UNIX and have the same problem. I can use the smbpasswd program > just fine, but when I try to change the password using the Win95 password > control panel, I get a core dump. I sent a gdb trace, log file etc, but > this hasn't been fixed. I think the short answer is that "Win95 password > changing is not supported under Digital Unix". > I was about to look into this when someone sent me a fix to Samba-bugs ! This is why I *love* Open Source software :-). Tim - short patch follows (I will be checking this into the 1.9.18 branch and the head branch later today). Cheers, Jeremy (ah, hayve always depended on the kindness of strangers :-) Allison. -------------cut here----------------------------- =================================================================== RCS file: /data/cvs/samba/source/chgpasswd.c,v retrieving revision 1.24 diff -u -r1.24 chgpasswd.c --- chgpasswd.c 1998/05/18 21:30:34 1.24 +++ chgpasswd.c 1998/07/02 16:54:43 @@ -77,7 +77,7 @@ #else /* defined(SVR4) || defined(SUNOS5) */ fstrcpy( line, "/dev/ptyXX" ); - dirp = OpenDir(-1, "/dev", True); + dirp = OpenDir(-1, "/dev", False); if (!dirp) return(-1); while ((dpname = ReadDirName(dirp)) != NULL) { if (strncmp(dpname, "pty", 3) == 0 && strlen(dpname) == 5) { -------------end patch---------------------------- -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From twinders at SPC.cc.tx.us Thu Jul 2 19:22:50 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <359BBA90.30257146@whistle.com> Message-ID: On Thu, 2 Jul 1998, Jeremy Allison wrote: > Tim Winders wrote: > > > He said above he is running OSF/1 4.0 (Digital Unix). I too am running > > Digital UNIX and have the same problem. I can use the smbpasswd program > > just fine, but when I try to change the password using the Win95 password > > control panel, I get a core dump. I sent a gdb trace, log file etc, but > > this hasn't been fixed. I think the short answer is that "Win95 password > > changing is not supported under Digital Unix". > > > > I was about to look into this when someone sent me a fix > to Samba-bugs ! This is why I *love* Open Source software :-). Yeah! No more core dumps. Thanks whoever submitted this to samba-bugs! Now I just have to figure out the correct passwd chat to use for MY system.... ugh! I keep getting an Invalid Password response from Win95. nothing shows up on the smb.log file. Unfortunately, I don't have a cable sniffer handy to track down what is happening. Any ideas where to start? === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From jallison at whistle.com Thu Jul 2 23:16:05 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <359C14B5.CDEE13F7@whistle.com> Tim Winders wrote: > Now I just have to figure out the correct passwd chat to use for MY > system.... ugh! I keep getting an Invalid Password response from Win95. > nothing shows up on the smb.log file. Unfortunately, I don't have a cable > sniffer handy to track down what is happening. Any ideas where to start? > Check out the "password chat debug" parameter. Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From gero at faveve.uni-stuttgart.de Fri Jul 3 00:15:45 1998 From: gero at faveve.uni-stuttgart.de (Gero Treuner) Date: Tue Dec 2 02:24:18 2003 Subject: NT 4.0 (WS) refuses to join domain Message-ID: <19980703021545.D18809@faveve.uni-stuttgart.de> Hi! I carefully have read the "NT Domain FAQ" and have the impression I have done the described steps. But, still I get the message that NT doesn't find the machine account (in german language because of german version). The configuration is: World | | 129.69.139.1/24 (muppet.faveve.uni-stuttgart.de) Linux 2.0.33 with libc5 (Slackware) Samba 1.9.19-prealpha(Snapshot at 1st July 1998) 129.69.139.129/30 (muppet-if2.faveve.uni-stuttgart.de) | | 129.69.139.130/30 (brainbug.faveve.uni-stuttgart.de) NT 4.0 Workstation with service pack 3 installed The net for the NT machine (129.69.139.128/30) isn't real because the routing is done via an static arp entry at muppet, but this should interfere with connections beyond muppet only and therefore doesn't affect NetBIOS protocol. The following things does work: - Connections of any kind from brainbug to any host in the internet - Registrating Brainbug in the workgroup for which Samba is responsible (named 'NILI'), mounting SMB filesystems with encrypted password from Muppet on Brainbug. But if I try to get Brainbug a member of the NILI domain, I get the error message that the Brainbug machine account does not exist. I assume nmbd is working right, because I can see all the things described in the NT domain FAQ in the paragraph 'You should get a wonderful message saying "Welcome to the SAMBA Domain." If you don't, then please first increase your debug log levels ... and you may also see a "Net Server Get Info" being issued on the srvsvc pipe. Assuming you got the Welcome message, go through the obligatory reboot (the NT box, not the Samba server).' Hm, everything happens as described in the FAQ, execpt the message "Welcome to the NILI domain". There is a hint in the next section of the FAQ that inconsistent network masks can produce this problem. I double checked that they match, and tried a full class C subnet (192.168.1.0/24) instead of the sub-C subnet 129.69.139.128/30 to eliminate a possible problem with netmasks not bound to a full byte. Has anyone an idea what maybe goes wrong? I attach my smb.conf file to this message, and the log files (log.nmb, log.smb, log.brainbug) are available at http://muppet.faveve.uni-stuttgart.de/~gero/. Gero P.S.: Please respond with a Cc to me because I am not (yet) a member of the mailing list. -------------- next part -------------- ; ; /etc/smb.conf ; ; Knut und Gero, Tue Jun 9 04:00:12 MET DST 1998 [global] log file = /var/log/samba/log.%m lock directory = /var/lock/samba share modes = yes ; SMB machen wir nur auf dem Brainbug-Segment interfaces = 129.69.139.129/30 ; durch Komma getrennte Liste von erlaubten Hosts allow hosts = brainbug.faveve.uni-stuttgart.de guest account = samba wins support = yes workgroup = NILI encrypt passwords = yes ; announce as = NT local master = yes ; preferred master = true domain master = yes domain logons = yes browseable = yes client code page = 437 time server = true ; security = user [homes] comment = Home Directories ; Nicht browsable, da ohne Passwoerter ohnehin nur Fehler erzeugt wuerden browseable = no read only = no create mode = 0755 From jallison at whistle.com Thu Jul 2 23:54:08 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: .pid files References: <010f01bda5a7$faf343d0$32de11cc@mblack.csihq.com> Message-ID: <359C1DA0.7948DD5A@whistle.com> Mike Black wrote: > > #1 - Just upgraded a server to the new ntdom code > #2 - Just had a system lockup -- had to do a hard reset > #3 - Samba says: > ERROR: nmbd is already running > Shouldn't the error message be: > > ERROR: Lock file '/usr/local/samba/var/locks/nmbd.pid' exists -- improper > shutdown? > It would be nice if it offered to continue and overwrite the pid file > anyway. But, at LEAST give a good error message please!! Actually, it > would probably be better for a command line switch to FORCE overwriting > (like during the boot process). I've added an "rm" to my startup script to > fix this for now... > Ok, ok - you're right. I've fixed it in the latest CVS source to give a good error message. Cheers, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From twinders at SPC.cc.tx.us Fri Jul 3 20:50:40 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <359C14B5.CDEE13F7@whistle.com> Message-ID: On Thu, 2 Jul 1998, Jeremy Allison wrote: > Check out the "password chat debug" parameter. Sorry, I don't mean to be "thick" but I can't find reference to this parameter in the smb.conf man page nor any of the files in /docs. Can you give me a pointer here? === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From peloy at ven.ra.rockwell.com Fri Jul 3 22:30:41 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:18 2003 Subject: .pid files References: <359C1DA0.7948DD5A@whistle.com> Message-ID: <6njm2h$cq1$1@zeus.ven.ra.rockwell.com> Humm, this is new, isn't it (nmbd storing its pid in a file)? This is great. What about smbd? How are multiple instances handled? E.- Jeremy Allison wrote: > Mike Black wrote: >> >> #1 - Just upgraded a server to the new ntdom code >> #2 - Just had a system lockup -- had to do a hard reset >> #3 - Samba says: >> ERROR: nmbd is already running > >> Shouldn't the error message be: >> >> ERROR: Lock file '/usr/local/samba/var/locks/nmbd.pid' exists -- improper >> shutdown? >> It would be nice if it offered to continue and overwrite the pid file >> anyway. But, at LEAST give a good error message please!! Actually, it >> would probably be better for a command line switch to FORCE overwriting >> (like during the boot process). I've added an "rm" to my startup script to >> fix this for now... >> > > Ok, ok - you're right. I've fixed it in the latest > CVS source to give a good error message. > > Cheers, > > Jeremy Allison, > Samba Team. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > -- Eloy A. Paris Information Technology Department Rockwell Automation Venezuela Telephone: +58-2-9432311 Fax: +58-2-9431645 From peloy at ven.ra.rockwell.com Fri Jul 3 22:31:56 1998 From: peloy at ven.ra.rockwell.com (peloy@ven.ra.rockwell.com) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: Message-ID: <6njm4s$cq1$2@zeus.ven.ra.rockwell.com> Tim Winders wrote: >> Check out the "password chat debug" parameter. > > Sorry, I don't mean to be "thick" but I can't find reference to this > parameter in the smb.conf man page nor any of the files in /docs. Can you > give me a pointer here? "Use the source Luke, use the source" doesn't help here? :-) peloy.- -- Eloy A. Paris Information Technology Department Rockwell Automation Venezuela Telephone: +58-2-9432311 Fax: +58-2-9431645 From secret at kearneydev.com Sat Jul 4 16:55:57 1998 From: secret at kearneydev.com (secret) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync References: <359C14B5.CDEE13F7@whistle.com> Message-ID: <359E5E9D.472C15AE@kearneydev.com> Jeremy Allison wrote: > Tim Winders wrote: > > > Now I just have to figure out the correct passwd chat to use for MY > > system.... ugh! I keep getting an Invalid Password response from Win95. > > nothing shows up on the smb.log file. Unfortunately, I don't have a cable > > sniffer handy to track down what is happening. Any ideas where to start? > > > > Check out the "password chat debug" parameter. > Doesn't password chat debug diagnose problems with "unix password sync" IE once the smbpasswd is updated successfully making /etc/passwd update successfully? I've been trying to diagnose a problem with that myself, I can't seem to get the unix password sync correct, even though I'm sure what I've typed in as the responses(if root is running the program) are correct. I can't find any useful debug information from "password chat debug = true" in my smb.conf file, I've tried looking in "log.smb" and "log.machinename" to no avail, and I've also run smbd at debug level 100 because smb.conf implied that things are logged at level 100... ANy hints on finding useful debug information between smbd and /usr/bin/passwd? --David From peo at ludd.luth.se Sun Jul 5 16:47:49 1998 From: peo at ludd.luth.se (Per-Ove Carlsson) Date: Tue Dec 2 02:24:18 2003 Subject: HELP changing from win95 clients to nt4 wks clients. smbpasswd Message-ID: <199807051650.SAA11924@zed.ludd.luth.se> Hello! I have a working Samba server ( 1.9.18p4 )with the following typical specs. security = user Everything is working great...! Roming profiles each for every user Shares for different groups... adm user poweruser and so on. Printers Now we will change all clients to NT4 wks, from win95 machines. I have changed the registry of win95 so that the passwords are clear in win95. Now we will use encrypted passwords. and the users has to change their passwords every now and then How do I set up smbpasswd to work properly in my system The network don't have any NT server. Only one Linux server running S.u.S.E. 5.2 kernel 2.0.33. Please give me some advice on how to change to get this to work. Regards / Peo From canfield at uindy.edu Mon Jul 6 14:15:20 1998 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:24:18 2003 Subject: How to debug NWClient problem? Message-ID: <35A0DBF8.E301E2C5@uindy.edu> Just wondering if anyone had some suggestions as to how I can go about helping figure out what is causing the Novell Netware client to crash Windows NT when logging into a Samba PDC? Basically what I know is that my May-ish CVS snapshot of Samba worked fine with the Netware Client. The current CVS snapshot causes a blue screen of death (related to winlogon.exe) when logging into a Samba PDC. For those that don't know, the Novell Client replaces msgina.dll and basically takes over the login process for NT. Without the Novell client installed, Samba PDC domain logons work fine. With the Novell client installed (4.10 or 4.3) I can log into the machine if I use the "local" domain, and I can then connect to the Samba PDC and the novell network. If I try logging into our Samba PDC-controlled domain, however, I get the previously mentioned Blue Screen. My only guess is that this is somehow related to the stuff mentioned on the list about some changes that would break "old" profiles. I didn't really understand the tech talk, but it's the only thing I can think of that has changed in the NTDOM code that would cause this. Anyone have any ideas as to how we can debug this? From jdblair at cobaltmicro.com Mon Jul 6 13:48:34 1998 From: jdblair at cobaltmicro.com (John D. Blair) Date: Tue Dec 2 02:24:18 2003 Subject: Gartner Group says don't deploy NT 5.0 until the end of 2000 Message-ID: <35A0D5B2.B54C4FA5@cobaltmicro.com> This is from a recent GartnerFlash. A lot of IT professionals listen to the Gartner Group's recommendations. This latest analysis is a very good thing for non-microsoft server solutions, including Samba. The best part is the suggestion that people planning to use Active Directory or Zero Admin Windows wait until well into 2001 before making large deployments. This is a HUGE "window" of opportunity. later, -john. > Microsoft Misses Major NT 5.0 Commitment > > EVENT: On 30 June 1998, Microsoft announced the > delay of the second beta of NT 5 until "sometime > during the summer." In conjunction, Microsoft > announced a previously unplanned beta three > program. > > ANALYSIS: The beta software for NT 5 released at > Microsoft's Windows deployment conference this week > in San Jose, Calif. is an interim release of beta one. > We expect Microsoft will release a beta version of NT > 5 marketed as "beta two" in 3Q98 (0.7 probability); > however, this beta should not be considered feature- > complete since Microsoft acknowledges that code may > be present for some features (e.g., Terminal Server) > that is not stable for testing purposes The fully > functional, feature-complete beta of NT 5 that beta two > was promised to be will now become beta three. We > expect beta three by 2Q99 (0.7 probability). > > RECOMMENDATION: Enterprises waiting on NT 5 > should: > > -Limit testing efforts with beta one and beta two. > Beta three will be made more widely available and > will provide a test-worthy, working, feature- > complete version of NT 5. > > -Not expect to see a shipping version NT 5 available > until the first half of 2000. We have downgraded > our expectation for general availability of a > reasonably stable, feature-complete release of NT > 5 until at least the first half of 2000 (0.7 probability). > > -Not plan on NT 5 production deployments until at > least year-end 2000. We reiterate our > recommendation that all NT 5 deployments wait at > least until the first major working service pack is > released, expected six to nine months after general > availability of NT 5. Larger deployments utilizing > Active Directory or Zero Administration Windows > should wait 12 to 18 months after the service pack, > i.e., well into 2001. > > With the delay in NT 5, we expect Microsoft to > aggressively push other revenue-generating products. > Enterprises should: > > -Ignore pressure from Microsoft that an upgrade to > NT 4 positions an organization for an easier > upgrade to NT 5 > > -Delay deployments of NT 4 until 1999 to obtain > expected pricing discounts and promotions from > Microsoft > > SERVICES: Local Area Networking and NT Strategies > ANALYSTS: Neil MacDonald, Joe Barkan and Michael > Gartenberg --------------------------------------------------------------------- John D. Blair jdblair@cobaltmicro.com Software Engineer, Cobalt Microserver --------------------------------------------------------------------- From twinders at SPC.cc.tx.us Mon Jul 6 15:03:44 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <359C14B5.CDEE13F7@whistle.com> Message-ID: On Thu, 2 Jul 1998, Jeremy Allison wrote: > Check out the "password chat debug" parameter. OK, I finally decided to do a search of the archives and found this is just a switch, Yes or No. So, I set it to Yes, but NOTHING was logged to the log.smb file. So, I used SWAT to change the passwd program and passwd chat values to default and STILL nothing is logged. I checked the makefile and I have this FLAGSM = -DOSF1 -DFAST_SHARE_MODES -DALLOW_CHANGE_PASSWORD so, I guess we are at square one, in that the code for changing the password isn't there for Digital Unix (I am running 4.0D). At least smbd does dump core now... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From awilliam at whitemice.org Mon Jul 6 19:04:13 1998 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:24:18 2003 Subject: Problems with Samba PDC and Citrix Winframe In-Reply-To: root "Problems with Samba PDC and Citrix Winframe (fwd)" (Jun 30, 12:01pm) References: Message-ID: <9807061904.ZM14050@estate1.whitemice.org> > > We have a PC running Citrix Winframe Enterprise 1.7 SP5. > It managed to join our domain ok after adding it to the hosts file and > smbpasswd file. But when you try to login it fails. You get the following > message in the event log: > > "The redirector received an SMB that was too short." > > Has anyone managed to get Citrix to work with Samba PDC? We are using Samba > 1.9.19-prealpha from 17th May. Does anyone know if someone is looking into the "Winframe" issue? From jallison at whistle.com Mon Jul 6 22:45:14 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:18 2003 Subject: Problems authenticating Win95 with ntdom server References: Message-ID: <35A1537A.FF62FF6@whistle.com> > I am having the same problem as evanc@synapse.net, I have a linux based > samba server as a member of my domain with shares on that machine. All my > NT based clients have no problem accessing this shares and having their > passwords authenticated by the domain controller. However my Windows 95 > clients cannot access any of the shares on the samba machine (including > the IPC$ share) because their passwords always fail. Ok, I think I have fixed this problem and have checked new code into the HEAD branch for it. Can you please try re-checking out via CVS and testing if Win95 clients will connect correctly to Samba domain clients (it works here now). Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From william at hae.com Mon Jul 6 23:39:26 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: Message-ID: On Sat, 4 Jul 1998, Tim Winders wrote: > Date: Sat, 4 Jul 1998 06:49:29 +1000 > From: Tim Winders > To: Multiple recipients of list > Subject: Re: unix password sync > > On Thu, 2 Jul 1998, Jeremy Allison wrote: > > > Check out the "password chat debug" parameter. > > Sorry, I don't mean to be "thick" but I can't find reference to this > parameter in the smb.conf man page nor any of the files in /docs. Can you > give me a pointer here? > I think he's playing a joke on us 'merkins! --- William Stuart (william@hae.com) "If Netscape is giving their software away, how do they make money?" "Volume." From william at hae.com Mon Jul 6 23:46:57 1998 From: william at hae.com (William Stuart) Date: Tue Dec 2 02:24:18 2003 Subject: unix password sync In-Reply-To: <6njm4s$cq1$2@zeus.ven.ra.rockwell.com> Message-ID: On Sat, 4 Jul 1998 peloy@ven.ra.rockwell.com wrote: > > "Use the source Luke, use the source" doesn't help here? :-) > > peloy.- "Ignorant of the source are we. Doco do we require. That is the way of the lusership." William From wasse at CS.bgu.ac.il Tue Jul 7 09:35:38 1998 From: wasse at CS.bgu.ac.il (wass eran) Date: Tue Dec 2 02:24:18 2003 Subject: just a test mail Message-ID: ________________________________________________ \ Ayranne(Eran) Wass \ \ System Administration Group \ | Ben Gurion University - Computer Science | \ | \ E-MAIL: wasse@cs.bgu.ac.il \ \ HOME-PAGE: www.cs.bgu.ac.il/~wasse \ \ \ \_______________________________________________\ From wasse at CS.bgu.ac.il Tue Jul 7 09:55:23 1998 From: wasse at CS.bgu.ac.il (wass eran) Date: Tue Dec 2 02:24:18 2003 Subject: domain admin users / samba wins support/massive file transfers Message-ID: Hi, I am running the 1.9.19-prealpha samba with NTDOM on IRIX 6.4 . and this mail is another one of those multi-question mails... smb.conf "domain admin users" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ i went through this mailing list previous posts looking for ways to make my login a samba domain administor equiv. - i saw references to : > see 'domain admins' parameter in smb.conf man page and in another place : domain groups = domain controller = domain admin users = domain guest users = Well i really tried hard to find a man reference for these entries - but i couldn't - not in my docs subdir (the tar.gz of the latest cvs that jerry compiled for me) and not in the cvsweb latest version of smb.conf.5 . Where is it ? i even searched the whole samba web tree but could find only references with questions about these parameters .... can someone please explain to me the syntax of these parameters in smb.conf or maybe if someone has a smb.conf.5 with explaination of them he/she can tell me where i can aquire it ... wins ~~~~ I have a strange phenomenon when i state in smb.conf that samba be the wins server -> what happens when i HUP inetd and kill nmbd and smbd, is that nmbd goes up and makes a child nmbd but smbd refuses to go up - even if i run it manually with -D, no errors , no nothing. help ? massive transfers ~~~~~~~~~~~~~~~~~ While testing samba - i made an experiment - transfering from the SGI which had a share with the linux slackware dist. - i tried to transfer the whole linux dist. from the SGI to a local HD on an NT4 Server that was using that share. top on the sgi showed smbd was taking 3% which is very good, [ stats on sgi machine: FPU: MIPS R10010 Floating Point Chip Revision: 0.0 CPU: MIPS R10000 Processor Chip Revision: 2.6 2 180 MHZ IP27 Processors Main memory size: 128 Mbytes ] but the problem is that the transfer always stops on CRC errors - each time on different files... :( i dont know if this problem might be related to the fact that the SGI filesystem is on a 60Gig raid .... or maybe becuase i am using the prealpha version of samba ? any suggestion ? thank you and sorry for the long letter. ________________________________________________ \ Ayranne(Eran) Wass \ \ System Administration Group \ | Ben Gurion University - Computer Science | \ | \ E-MAIL: wasse@cs.bgu.ac.il \ \ HOME-PAGE: www.cs.bgu.ac.il/~wasse \ \ \ \_______________________________________________\ From cartegw at Eng.Auburn.EDU Tue Jul 7 12:56:16 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:18 2003 Subject: Problems with Samba PDC and Citrix Winframe References: <9807061904.ZM14050@estate1.whitemice.org> Message-ID: <35A21AF0.E15D84A3@eng.auburn.edu> Adam Williams wrote: > > > > > We have a PC running Citrix Winframe Enterprise 1.7 SP5. > > It managed to join our domain ok after adding it to the hosts file and > > smbpasswd file. But when you try to login it fails. You get the following > > message in the event log: > > > > "The redirector received an SMB that was too short." > > > > Has anyone managed to get Citrix to work with Samba PDC? We are using Samba > > 1.9.19-prealpha from 17th May. > > Does anyone know if someone is looking into the "Winframe" issue? I'll look into it today. I have the NCD Wincenter 3.x CD's ( based on WinFrame 1.7 ) j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From Michel.Christaller at cea.fr Tue Jul 7 13:50:11 1998 From: Michel.Christaller at cea.fr (Michel Christaller) Date: Tue Dec 2 02:24:18 2003 Subject: browsing break 18p8 Message-ID: <35A22793.D033548D@cea.fr> Hi, I have a 1.9.18p8 regular server and on the same subnet, on another workgroup, a alpha nt-domain server. When I set up this secondary server as domain master browser, it "kills" the regular samba domain master browser. eg. client w95 PCs of the regular server can't browse any more. But clients of the alpha server can browse ! (to be more precise I suspect that the browsing is broken on one side: either browsing of one workgroup works, or on the other: Maybe a problem of speed of answer ?) When I reconfigure the alpha server as a non browser master (the master browser then becomes a NT WS PC), then all is fine. So, for me and my snapshot of the alpha nt-domain (which is not the latest), alpha nt-domain browsing seems broken... excerpts of my smb.conf files. on the regular server: ; it can be a local master browser server local master = yes ; it can be a domain master browser server domain master = yes ; force election on startup for browsing preferred master = yes ; it wins browse elections over winNT servers... os level = 65 ; will serve a browse list to clients browse list = yes ; don't show services by default browseable = no ; will broadcast its browse list remote announce = 132.x.y.255 ; it is a WINS server ;wins support = yes ; it answers broadcast WINS queries wins proxy = yes ; it uses a WINS server wins server = 132.x.y.1 Then on the alpha server (when browing broken): ; it can be a master browser server domain master = yes ; it has preference as master browser server preferred master = yes ; it wins browse elections over winNT servers... os level = 36 ; will serve a browse list to clients browse list = yes ; don't show services by default browseable = no ; will broadcast its browse list remote announce = 132.x.y.254 ; it is a WINS server ;wins support = yes ; it answers broadcast WINS queries wins proxy = yes ; it uses a WINS server wins server = 132.x.y.1 From cartegw at Eng.Auburn.EDU Tue Jul 7 16:47:09 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: domain admin users / samba wins support/massive file transfers References: Message-ID: <35A2510D.26AFD010@eng.auburn.edu> wass eran wrote: > > domain groups = "domain groups = RID1 RID2" where the RIDS are for the domain groups > domain controller = Don't use. > domain admin users = "domain admin users = username1 username2" (do these need top be separated by a comma? I don;t remember right now ). > domain guest users = "domain guest users = username1 username2" These three paprmeters are going away in the near future. And be replaced by a more manageable solution to NT <-> unix username / group mapping > Where is it ? i even searched the whole samba web tree but could > find only references with questions about these parameters .... These were in the man pages in the BRANCH_NTDOM source and didn't get transfered to the head branch. > I have a strange phenomenon when i state in smb.conf that samba be the > wins server -> what happens when i HUP inetd and kill nmbd and smbd, > is that nmbd goes up and makes a child nmbd but smbd refuses to go up > - even if i run it manually with -D, no errors , no nothing. > help ? What do the logs say ( up the debug level to about 20 )? > but the problem is that the transfer always stops on CRC errors - each > time on different files... :( Might want to update the source tree. Let me know if you need another tarred and zipped version of the tree. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From canfield at uindy.edu Tue Jul 7 18:57:24 1998 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:24:19 2003 Subject: How to debug NWClient problem? References: <35A0DBF8.E301E2C5@uindy.edu> <19980707112031.A12392@caffeine.ix.net.nz> Message-ID: <35A26F94.6C076338@uindy.edu> Chris Wedgwood wrote: > Novell write code almost as badly as M$ do. It could be anything. Yeah, I would easily write it off, except that it used to work. > Have you tried contact Novell about this - although I suspect you might get > the 'we only support blah' crap from them. That's what I expected as well. > Re: BSOD - what modules is it occuring in, and what kind of fault does it > report? I get "STOP: c000021a {Fatal System Error} Windows Logon Process terminated unexpectedly"Also, just before the BSOD I get a brief Dr. Watson prompt regarding winlogon.exe (can't read much else). I'm "hoping" it's something like a malformed packet that Novell is less tolerant of than Microsoft, since that might be easier to find, and stands more of a chance of being fixed. From jallison at whistle.com Tue Jul 7 19:48:58 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:19 2003 Subject: How to debug NWClient problem? References: <35A26F94.6C076338@uindy.edu> Message-ID: <35A27BAA.10293933@whistle.com> Dana Canfield wrote: > > > I get "STOP: c000021a {Fatal System Error} Windows Logon Process terminated > unexpectedly"Also, just before the BSOD I get a brief Dr. Watson prompt > regarding winlogon.exe (can't read much else). > > I'm "hoping" it's something like a malformed packet that Novell is less > tolerant of than Microsoft, since that might be easier to find, and stands more > of a chance of being fixed. Do you have a packet trace between the NWclient and the Samba PDC ? Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From mblack at csihq.com Wed Jul 8 14:37:12 1998 From: mblack at csihq.com (Mike Black) Date: Tue Dec 2 02:24:19 2003 Subject: Printer name is invalid Message-ID: <00fc01bdaa7d$e5943050$32de11cc@mblack.csihq.com> I'm running the latest (as of Jul 7) cvs distribution and now I can't connect to my printers any more. All printer names return "Printer name is invalid" when using the Add Printer Wizard. I CAN do a "net use lptx: \\server\printer". Also, existing connections work just fine (but if you drop a connection you can't reestablish it). The behaviour appears to be that an NT Server requests "\pipe\spoolss" which is not a currently offered service, then requests printer status (lpq returns 0). Here's a level 3 debug of an attempt to connect to "lexmark". For reference the lpq command returns "no entries" from the command line: Initialised IPC area of size 102400 1998/07/08 09:42:27 changed root to / open_oplock_ipc: opening loopback UDP socket. bind succeeded on port 0 open_oplock ipc: pid = 16699, oplock_port = 4629 priming nmbd sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM 1998/07/08 09:42:27 Transaction 0 of length 72 netbios connect: name1=PICARD name2=MBLACK Trying username mblacK 1998/07/08 09:42:27 Transaction 1 of length 174 switch message SMBnegprot (pid 16699) Requested protocol [PC NETWORK PROGRAM 1.0] Requested protocol [XENIX CORE] Requested protocol [MICROSOFT NETWORKS 1.03] Requested protocol [LANMAN1.0] Requested protocol [Windows for Workgroups 3.1a] Requested protocol [LM1.2X002] Requested protocol [LANMAN2.1] Requested protocol [NT LM 0.12] Selected protocol NT LM 0.12 1998/07/08 09:42:27 Transaction 2 of length 190 switch message SMBsesssetupX (pid 16699) Domain=[CSI_MELB] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[mike] adding home directory mike at /home/mike mike is in 8 groups 105 2 100 102 104 107 108 109 uid 1177 registered to name mike Clearing default real name Chained message switch message SMBtconX (pid 16699) Allowed connection from mblack.csihq.com (204.17.222.50) to IPC$ Trying username ipc$ ACCEPTED: validated uid ok as non-guest found free connection number 110 Connect path is /tmp chdir to /tmp chdir to /usr/local/samba/var 1998/07/08 09:42:27 mblack (204.17.222.50) connect to service IPC$ as user mike (uid=1177,gid=105) (pid 16699) 1998/07/08 09:42:27 tconX service=ipc$ user=mike cnum=110 1998/07/08 09:42:27 Transaction 3 of length 83 switch message SMBopenX (pid 16699) chdir to /tmp 1998/07/08 09:42:27 error packet at line 78 cmd=45 (SMBopenX) eclass=2 ecode=4 1998/07/08 09:42:27 Transaction 4 of length 108 switch message SMBtrans (pid 16699) trans <\PIPE\LANMAN> data=0 params=24 setup=0 named pipe command on name Got API command 70 of form (tdscnt=0,tpscnt=24,mdrcnt=0,mprcnt=6) Doing DosPrintQGetInfo PrintQueue uLevel=0 name=lexmark Running the command `/usr/bin/lpq -PLEXMARK' gave 0 1998/07/08 09:42:27 Transaction 5 of length 82 switch message SMBopenX (pid 16699) Known pipe srvsvc opening. 1998/07/08 09:42:27 Transaction 6 of length 82 switch message SMBtrans (pid 16699) trans <\PIPE\> data=0 params=2 setup=2 named pipe command on <> name Got API command 0x1 on pipe "srvsvc" (pnum 801)(tdscnt=0,tpscnt=2,mdrcnt=0,mprcnt=0,cnum=110,vuid=100) 1998/07/08 09:42:27 Setting pipe device state=4300 on pipe (name=srvsvc cnum=110) 1998/07/08 09:42:27 Transaction 7 of length 152 switch message SMBtrans (pid 16699) trans <\PIPE\> data=72 params=0 setup=2 named pipe command on <> name Got API command 0x26 on pipe "srvsvc" (pnum 801)(tdscnt=72,tpscnt=0,mdrcnt=1024,mprcnt=0,cnum=110,vuid=100) api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\ntsvcs 1998/07/08 09:42:27 Transaction 8 of length 144 switch message SMBtrans (pid 16699) trans <\PIPE\> data=64 params=0 setup=2 named pipe command on <> name Got API command 0x26 on pipe "srvsvc" (pnum 801)(tdscnt=64,tpscnt=0,mdrcnt=1024,mprcnt=0,cnum=110,vuid=100) Doing \PIPE\srvsvc api_rpc_command: SRV_NET_SRV_GET_INFO 1998/07/08 09:42:27 Transaction 9 of length 46 switch message SMBclose (pid 16699) 1998/07/08 09:42:27 Closed pipe name srvsvc pnum=801 cnum=110 Here's a tcpdump also: Script started on Wed Jul 8 09:45:06 1998 root@picard:/usr/local/samba/var# tcpdump -s 2000 host mblack | gre | grep -v telnet tcpdump: listening on eth0 09:45:22.686108 mblack.csihq.com.ntp > picard.csihq.com.ntp: v1 client strat 0 poll 0 prec 0 09:45:22.686298 picard.csihq.com.ntp > mblack.csihq.com.ntp: v1 server strat 0 poll 4 prec -17 09:45:23.669661 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 788601967:788602050(83) ack 236963865 win 7350 >>> NBT Packet NBT Session Packet Flags=0x0 Length=79 SMB PACKET: SMBopenX (REQUEST) SMB Command = 0x2D Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 960 Word Count = 15 smbvwv[]= Com2=0xFF Off2=0 Flags=0x1 Mode=0x42 SearchAttrib=HIDDEN SYSTEM DIR Attrib= Time=Fri Jan 20 06:45:06 2012 OFun=0x1 Size=0 TimeOut=-1 Res=0x0 smbbuf[]= Path=\pipe\spoolss (DF) 09:45:23.670195 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 1:40(39) ack 83 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=35 SMB PACKET: SMBopenX (REPLY) SMB Command = 0x2D Error class = 0x2 Error code = 4 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 960 Word Count = 0 SMBError = ERRSRV - ERRaccess (The requester does not have the necessary access rights within the specified context for the requested function. The context is defined by the TID or the UID.) smbvwv[]= Com2=smb_bcc=0 (DF) 09:45:23.676166 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 83:191(108) ack 40 win 7311 >>> NBT Packet NBT Session Packet Flags=0x0 Length=104 SMB PACKET: SMBtrans (REQUEST) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1024 Word Count = 14 TotParamCnt=24 TotDataCnt=0 MaxParmCnt=6 MaxDataCnt=0 MaxSCnt=0 TransFlags=0x0 Res1=0x1388 Res2=0x0 Res3=0x0 ParamCnt=24 ParamOff=80 DataCnt=0 DataOff=0 SUCnt=0 Name=\PIPE\LANMAN Data: (4 bytes) [000] 00 73 00 00 .s.. Command=0x46 Str1=zWrLh Str2=B13 Data: (12 bytes) [000] 6C 65 78 6D 61 72 6B 00 00 00 00 00 lexmark. .... (DF) 09:45:23.690806 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: . ack 191 win 32120 (DF) 09:45:23.748414 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 40:107(67) ack 191 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=63 SMB PACKET: SMBtrans (REPLY) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1024 Word Count = 10 TotParamCnt=6 TotDataCnt=0 Res1=0 ParamCnt=6 ParamOff=55 Res2=0 DataCnt=0 DataOff=63 Res3=0 Lsetup=0 Unknown Data: (2 bytes) [000] EA 00 .. Param Data: (6 bytes) [000] EA 00 00 00 0D 00 ...... (DF) 09:45:23.752403 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 191:273(82) ack 107 win 8760 >>> NBT Packet NBT Session Packet Flags=0x0 Length=78 SMB PACKET: SMBopenX (REQUEST) SMB Command = 0x2D Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1088 Word Count = 15 smbvwv[]= Com2=0xFF Off2=0 Flags=0x1 Mode=0x42 SearchAttrib=HIDDEN SYSTEM DIR Attrib= Time=Fri Jan 20 06:45:06 2012 OFun=0x1 Size=0 TimeOut=-1 Res=0x0 smbbuf[]= Path=\PIPE\srvsvc (DF) 09:45:23.763266 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 107:176(69) ack 273 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=65 SMB PACKET: SMBopenX (REPLY) SMB Command = 0x2D Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1088 Word Count = 15 smbvwv[]= Com2=0xFF Off2=0 Handle=2049 Attrib= Time=NULL Size=0 Access=0x0 Type=0x2 State=0xC700 Action=0x0 FileID=0x0 Res=0x0 smb_bcc=0 (DF) 09:45:23.764944 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 273:355(82) ack 176 win 8691 >>> NBT Packet NBT Session Packet Flags=0x0 Length=78 SMB PACKET: SMBtrans (REQUEST) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1152 Word Count = 16 TotParamCnt=2 TotDataCnt=0 MaxParmCnt=0 MaxDataCnt=0 MaxSCnt=0 TransFlags=0x0 Res1=0x0 Res2=0x0 Res3=0x0 ParamCnt=2 ParamOff=76 DataCnt=0 DataOff=0 SUCnt=2 Data: (4 bytes) [000] 01 00 01 08 .... Name=\PIPE\ Data: (2 bytes) [000] 73 76 sv Param Data: (2 bytes) [000] 00 43 .C (DF) 09:45:23.778964 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 176:235(59) ack 355 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=55 SMB PACKET: SMBtrans (REPLY) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1152 Word Count = 10 TotParamCnt=0 TotDataCnt=0 Res1=0 ParamCnt=0 ParamOff=55 Res2=0 DataCnt=0 DataOff=55 Res3=0 Lsetup=0 (DF) 09:45:23.781685 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 355:507(152) ack 235 win 8632 >>> NBT Packet NBT Session Packet Flags=0x0 Length=148 SMB PACKET: SMBtrans (REQUEST) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1216 Word Count = 16 TotParamCnt=0 TotDataCnt=72 MaxParmCnt=0 MaxDataCnt=1024 MaxSCnt=0 TransFlags=0x0 Res1=0x0 Res2=0x0 Res3=0x0 ParamCnt=0 ParamOff=76 DataCnt=72 DataOff=76 SUCnt=2 Data: (4 bytes) [000] 26 00 01 08 &... Name=\PIPE\ Data: (2 bytes) [000] 4E 00 N. Data Data: (72 bytes) [000] 05 00 0B 00 10 00 00 00 48 00 00 00 01 00 00 00 ........ H....... [010] 30 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 0.0..... ........ [020] C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88 .O2Kp... .xZG.n.. [030] 03 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....].. ........ [040] 2B 10 48 60 02 00 00 00 +.H`.... (DF) 09:45:23.794747 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 235:362(127) ack 507 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=123 SMB PACKET: SMBtrans (REPLY) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1216 Word Count = 10 TotParamCnt=0 TotDataCnt=68 Res1=0 ParamCnt=0 ParamOff=55 Res2=0 DataCnt=68 DataOff=55 Res3=0 Lsetup=0 Data Data: (68 bytes) [000] 05 00 0C 03 10 00 00 00 34 00 00 00 01 00 00 00 ........ 4....... [010] 30 16 30 16 00 00 00 00 0D 00 5C 50 49 50 45 5C 0.0..... ..\PIPE\ [020] 6E 74 73 76 63 73 00 00 01 00 00 00 00 00 00 00 ntsvcs.. ........ [030] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [040] 02 00 00 00 .... (DF) 09:45:23.811132 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 507:651(144) ack 362 win 8505 >>> NBT Packet NBT Session Packet Flags=0x0 Length=140 SMB PACKET: SMBtrans (REQUEST) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1280 Word Count = 16 TotParamCnt=0 TotDataCnt=64 MaxParmCnt=0 MaxDataCnt=1024 MaxSCnt=0 TransFlags=0x0 Res1=0x0 Res2=0x0 Res3=0x0 ParamCnt=0 ParamOff=76 DataCnt=64 DataOff=76 SUCnt=2 Data: (4 bytes) [000] 26 00 01 08 &... Name=\PIPE\ Data: (2 bytes) [000] 73 76 sv Data Data: (64 bytes) [000] 05 00 00 03 10 00 00 00 40 00 00 00 01 00 00 00 ........ @....... [010] 28 00 00 00 00 00 15 00 6C F3 D5 02 09 00 00 00 (....... l....... [020] 00 00 00 00 09 00 00 00 5C 00 5C 00 70 00 69 00 ........ \.\.p.i. [030] 63 00 61 00 72 00 64 00 00 00 C9 11 65 00 00 00 c.a.r.d. ....e... (DF) 09:45:23.820293 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 362:565(203) ack 651 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=199 SMB PACKET: SMBtrans (REPLY) SMB Command = 0x25 Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1280 Word Count = 10 TotParamCnt=0 TotDataCnt=144 Res1=0 ParamCnt=0 ParamOff=55 Res2=0 DataCnt=144 DataOff=55 Res3=0 Lsetup=0 Data Data: (144 bytes) [000] 05 00 02 03 10 00 00 00 90 00 00 00 01 00 00 00 ........ ........ [010] 78 00 00 00 00 00 00 00 65 00 00 00 01 00 00 00 x....... e....... [020] F4 01 00 00 01 00 00 00 05 00 00 00 04 00 00 00 ........ ........ [030] 0B 10 04 00 01 00 00 00 07 00 00 00 00 00 00 00 ........ ........ [040] 07 00 00 00 50 00 49 00 43 00 41 00 52 00 44 00 ....P.I. C.A.R.D. [050] 00 00 00 00 16 00 00 00 00 00 00 00 16 00 00 00 ........ ........ [060] 53 00 61 00 6D 00 62 00 61 00 20 00 31 00 2E 00 S.a.m.b. a. .1... [070] 39 00 2E 00 31 00 39 00 2D 00 70 00 72 00 65 00 9...1.9. -.p.r.e. [080] 61 00 6C 00 70 00 68 00 61 00 00 00 00 00 00 00 a.l.p.h. a....... (DF) 09:45:23.822614 mblack.csihq.com.4001 > picard.csihq.com.netbios-ssn: P 651:697(46) ack 565 win 8302 >>> NBT Packet NBT Session Packet Flags=0x0 Length=42 SMB PACKET: SMBclose (REQUEST) SMB Command = 0x4 Error class = 0x0 Error code = 0 Flags1 = 0x18 Flags2 = 0x3 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1344 Word Count = 3 smbvwv[]= Handle=2049 Time=NULL smb_bcc=0 (DF) 09:45:23.833226 picard.csihq.com.netbios-ssn > mblack.csihq.com.4001: P 565:604(39) ack 697 win 32120 >>> NBT Packet NBT Session Packet Flags=0x0 Length=35 SMB PACKET: SMBclose (REPLY) SMB Command = 0x4 Error class = 0x0 Error code = 0 Flags1 = 0x88 Flags2 = 0x1 Tree ID = 110 Proc ID = 51966 UID = 100 MID = 1344 Word Count = 0 smb_bcc=0 ________________________________________________________ Mike Black mblack@csihq.com 407-676-2923, x203 FAX 407-676-2355 Computer Science Innovations, Inc. http://www.csihq.com From chen68 at hotmail.com Thu Jul 9 11:24:52 1998 From: chen68 at hotmail.com (Fook Sheng) Date: Tue Dec 2 02:24:19 2003 Subject: pls help Message-ID: <35A4A884.C4A467D2@hotmail.com> Hi everybody, I really need your help. Here is what I wish to accomplish: I have a real NT domain controller, and I wish to share out disk space from my unix machine(FreeBSD 2.2.6) to mainly Win95 users (with some on NT workstation) so that I can limit the disk space usage. (I would also want to implement print and fax services on samba too, but first I would like to solve the file sharing problem first.) I wish to limit the different shares on samba to different groups of NT domain users, and if possible, also to individual users. I know that I don't need to create accounts for my users on the unix(from a response I got from this mailing list). So my question is how do I go about accomplishng this? Your kind help is greatly appreciated. Fook Sheng From samba at bonza.xs4all.nl Thu Jul 9 15:34:49 1998 From: samba at bonza.xs4all.nl (samba mailing list) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. Message-ID: Hi All after my last cvs update (7 July) i can't add anymore NT4 boxes to my samba domain (LOKAAL) After the password check of the machine account something goes wrong. Hope that one of you can understand this logfile. (because i don't) Greetings Jeroen smb_bcc=98 [000] E4 4D 87 38 86 7D 98 C6 3E A9 69 57 BA E9 B2 7C .M.8.}.. >.iW...| [010] B2 C2 FD 26 E4 66 05 C6 48 0F 41 9E 30 D4 A2 B6 ...&.f.. H.A.0... [020] 56 57 7C 1A DF F9 09 6F 11 EF 73 E7 0E 12 49 62 VW|....o ..s...Ib [030] 53 43 53 49 2D 42 41 4B 24 00 4C 4F 4B 41 41 4C SCSI-BAK $.LOKAAL [040] 00 57 69 6E 64 6F 77 73 20 4E 54 20 31 33 38 31 .Windows NT 1381 [050] 00 00 57 69 6E 64 6F 77 73 20 4E 54 20 34 2E 30 ..Window s NT 4.0 [060] 00 00 .. switch message SMBsesssetupX (pid 19110) Domain=[LOKAAL] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[SCSI-BAK$] iterate_getsmbpwnam: search by name: SCSI-BAK$ startsmbfilepwent: opening file /usr/local/samba/private/smbpasswd getsmbfilepwent: returning passwd entry for user root, uid 0 getsmbfilepwent: returning passwd entry for user guest, uid 1018 getsmbfilepwent: returning passwd entry for user jeroen, uid 1002 getsmbfilepwent: returning passwd entry for user scsi-bak$, uid 1024 iterate_getsmbpwnam: found by name: SCSI-BAK$ endsmbfilepwent: closed password file. smb_password_ok: Checking SMB password for user scsi-bak$ smb_password_ok: Checking NT MD4 password smb_password_ok: NT MD4 password check succeeded 1998/07/09 17:22:00 32 bit error packet at line 463 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 write_socket(4,39) write_socket(4,39) wrote 39 end of file from client Closing connections Gr Jeroen -- Jeroen Hendriks mailto: Jeroen.Hendriks@bonza.xs4all.nl http://www.xs4all.nl/~bonza "The box said: 'install on Windows 95, NT 4.0 or better'. So I installed it on Linux." "Linux, WinNT and MS-DOS. The Good, The Bad and The Ugly" From jallison at whistle.com Thu Jul 9 18:47:04 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. References: Message-ID: <35A51028.471E5971@whistle.com> samba mailing list wrote: > 1998/07/09 17:22:00 32 bit error packet at line 463 cmd=115 > (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] Jeroen, You would get this error if the account in the smbpasswd file was not flagged correctly as a machine account. Can you post the line in your smbpasswd containing the scsi-bak$ username please ? Cheers, Jeremy Allison. Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From elw at wc-rt.tntech.edu Fri Jul 10 02:16:06 1998 From: elw at wc-rt.tntech.edu (Elijah L. Wright) Date: Tue Dec 2 02:24:19 2003 Subject: pls help In-Reply-To: <35A4A884.C4A467D2@hotmail.com> Message-ID: > I wish to limit the different shares on samba to different groups of NT > domain users, and if possible, also to individual users. > So my question is how do I go about accomplishng this? an excellent start would be the manpage from smb.conf, as well as the documentation directory that comes with the samba distribution. there is a section in the smb.conf manpage telling you about the parameter "domain users", as well as several files in the documentation directory that have revealing names... like "ntdomains.txt" :) is implementation offtopic for this list??? ;) perhaps this might be better handled on the main samba list....... --elijah From ken at sdd.hp.com Fri Jul 10 04:16:15 1998 From: ken at sdd.hp.com (Ken Stone) Date: Tue Dec 2 02:24:19 2003 Subject: pls help In-Reply-To: Your message of Fri, 10 Jul 1998 12:11:55 +1000. Message-ID: <199807100416.VAA16997@hpsdlz.sdd.hp.com> > > I wish to limit the different shares on samba to different groups of NT > > domain users, and if possible, also to individual users. > > So my question is how do I go about accomplishng this? > > an excellent start would be the manpage from smb.conf, as well as the > documentation directory that comes with the samba distribution. there is > a section in the smb.conf manpage telling you about the parameter "domain > users", as well as several files in the documentation directory that have > revealing names... like "ntdomains.txt" :) > > is implementation offtopic for this list??? ;) perhaps this might be > better handled on the main samba list....... Hmmm, I have the latest cvs bits and there is no mention of "domain users" in smb.conf.5 and the cifsntomain.txt was last touched in Jan 1998 and does not cover and of the real NT domain participation topics ? Am I missing something ? I've been playing with the cvs bits for a couple of weeks now and have LOTS of questions as to how NT domain credentials interact with UNIX permissions, groups, username matches/mismatches, etc ... and can find NO docs yet. I just thought that was due to the "alpha" tag :-) -- Ken From elw at wc-rt.tntech.edu Fri Jul 10 05:43:56 1998 From: elw at wc-rt.tntech.edu (Elijah L. Wright) Date: Tue Dec 2 02:24:19 2003 Subject: pls help In-Reply-To: <199807100416.VAA16997@hpsdlz.sdd.hp.com> Message-ID: > Hmmm, I have the latest cvs bits and there is no mention of "domain users" > in smb.conf.5 and the cifsntomain.txt was last touched in Jan 1998 and does > not cover and of the real NT domain participation topics ? > Am I missing something ? *blush* oops. :) i think you're right. domain groups (in my very old cvs tree....) is only referred to in NTDOMAIN.txt.... i think i probably mostly intuited that it was in the docs from reading the list... i can visualize the way domain groups looks on the smbconf man page, so that's probably imagination.... :) anyway..... =) --elijah From Jeroen.Hendriks at bonza.xs4all.nl Fri Jul 10 11:35:11 1998 From: Jeroen.Hendriks at bonza.xs4all.nl (Jeroen Hendriks) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. Message-ID: <001301bdabf6$cc552ac0$fa01a8c0@scsi-bak.bonza.xs4all.nl> -----Original Message----- From: Jeremy Allison To: samba@bonza.xs4all.nl Cc: Multiple recipients of list Date: Thursday, July 09, 1998 8:58 PM Subject: Re: Strange error while adding a Win NT4 machine to a samba domain. >samba mailing list wrote: > >> 1998/07/09 17:22:00 32 bit error packet at line 463 cmd=115 >> (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] > >Jeroen, > > You would get this error if the account in the >smbpasswd file was not flagged correctly as a machine >account. > >Can you post the line in your smbpasswd containing the >scsi-bak$ username please ? > ok here is my machine account entry: scsi-bak$:1024:D695B66012ABC4CBC482C03F54CDB5D9:253EBF08F7BB3E97AEB6ABF405D4 5F3C:[U]:LCT-35A4DD2F: the machine password is 'scsi-bak' in my /etc/passwd , shadow files the scsi-bak account also excist. (uid 1024) >Cheers, > > Jeremy Allison. > Samba Team. > >-- >-------------------------------------------------------- >Buying an operating system without source is like buying >a self-assembly Space Shuttle with no instructions. >-------------------------------------------------------- > From cartegw at Eng.Auburn.EDU Fri Jul 10 12:51:29 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. References: <001301bdabf6$cc552ac0$fa01a8c0@scsi-bak.bonza.xs4all.nl> Message-ID: <35A60E51.7183D7D9@eng.auburn.edu> Jeroen Hendriks wrote: > > ok here is my machine account entry: > > scsi-bak$:1024:D695B66012ABC4CBC482C03F54CDB5D9:253EBF08F7BB3E97AEB6ABF405D4 > 5F3C:[U]:LCT-35A4DD2F: ^ This should be a [W]. Did you add the machine account by smbpasswd -a -m scsi-bak ? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From airlied at skynet.csn.ul.ie Fri Jul 10 12:59:57 1998 From: airlied at skynet.csn.ul.ie (Dave Airlie) Date: Tue Dec 2 02:24:19 2003 Subject: slightly non-samba question about PDC & BDC Message-ID: Does anyone know if there any major differences between the NT3.51 and NT4.0 PDC->BDC linkages? Dave. ------------ David Airlie, David.Airlie@ul.ie,airlied@linux.ie ------ Telecommunications Research Centre, ECE Dept, University of Limerick \ http://www.csn.ul.ie/~airlied -- Telecommunications Researcher \ --- TEL: +353-61-202695 ----------------------------------------------- From cartegw at Eng.Auburn.EDU Fri Jul 10 16:15:54 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: pls help References: <199807100416.VAA16997@hpsdlz.sdd.hp.com> Message-ID: <35A63E3A.4EA20DF9@eng.auburn.edu> Ken Stone wrote: > > Hmmm, I have the latest cvs bits and there is no mention of "domain > users" in smb.conf.5 and the cifsntomain.txt was last touched in Jan > 1998 and does not cover and of the real NT domain participation > topics ? These tags will become obsolete in the future. I just sent an explanation of the parameters to the list about a week ago I think. > and can find NO docs yet. I just > thought that was due to the "alpha" tag :-) The original documentation in the smb.conf man page was lost when BRANCH_NTDOM got merged into the head branch. And yes alot of it is due the alpha tag. The main documentation for the moment is docs/NTDOMAIN.txt and the on-line FAQ linked off the main page. BTW...A note on the FAQ, I am updating it today to include a wqorkaround for printing to a Samba PDC as well a solution to using a value for "logon path" that dopes not use the %U ( or %u ) macro. Will be there in a few hours on the maion site. Thanks, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jallison at whistle.com Fri Jul 10 16:32:21 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. References: <001301bdabf6$cc552ac0$fa01a8c0@scsi-bak.bonza.xs4all.nl> Message-ID: <35A64215.2A954623@whistle.com> Jeroen Hendriks wrote: > >Can you post the line in your smbpasswd containing the > >scsi-bak$ username please ? > > > ok here is my machine account entry: > > scsi-bak$:1024:D695B66012ABC4CBC482C03F54CDB5D9:253EBF08F7BB3E97AEB6ABF405D4 > 5F3C:[U]:LCT-35A4DD2F: > > the machine password is 'scsi-bak' > Ok - the [U] is your problem. That denotes a 'U'ser account. Remove the line and re-add the account as a machine (workstation) account by doing : smbpasswd -a -m scsi-bak You should end up with a line that looks like : Notice the difference. | V scsi-bak$:1024:::[W]:LCT-: Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From twinders at SPC.cc.tx.us Fri Jul 10 17:14:05 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:19 2003 Subject: Domain Admin Users Message-ID: I have added a new WinNT 4.0 Workstation to my network and I can successfully login to my Samba Domain (CVS from ~ 1 week ago) running under Digital Unix 4.0. I have this line in my smb.conf domain admin users = twinders I login to the NT workstaion at twinders for the Samba domain, but I do not have local Administrator privs. What am I doing wrong? Are the domain admin users, domain guest users, and domain groups documented anywhere. I would like to map a Unix group to the NTW Power Users local group, but don't know how to do so. Thanks... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From ankit at drillbit.tamu.edu Fri Jul 10 16:18:02 1998 From: ankit at drillbit.tamu.edu (Ankit Shah) Date: Tue Dec 2 02:24:19 2003 Subject: SUBSCRIBE Message-ID: How do i subscribe ? @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ ANKIT SHAH @ @ Petroleum Engineering Departement @ @ Phone: (409) 260-9750 (Home) @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ From samba at bonza.xs4all.nl Fri Jul 10 13:15:47 1998 From: samba at bonza.xs4all.nl (samba mailing list) Date: Tue Dec 2 02:24:19 2003 Subject: Strange error while adding a Win NT4 machine to a samba domain. In-Reply-To: <35A60E51.7183D7D9@eng.auburn.edu> Message-ID: Hi Thanks for the help I forgot to use te -m flag while creating the machine accounts Greeting Jeroen -- Jeroen Hendriks mailto: Jeroen.Hendriks@bonza.xs4all.nl http://www.xs4all.nl/~bonza "The box said: 'install on Windows 95, NT 4.0 or better'. So I installed it on Linux." "Linux, WinNT and MS-DOS. The Good, The Bad and The Ugly" On Fri, 10 Jul 1998, Gerald Carter wrote: > Jeroen Hendriks wrote: > > > > ok here is my machine account entry: > > > > scsi-bak$:1024:D695B66012ABC4CBC482C03F54CDB5D9:253EBF08F7BB3E97AEB6ABF405D4 > > 5F3C:[U]:LCT-35A4DD2F: > ^ > This should be a [W]. Did you add the machine account by > > smbpasswd -a -m scsi-bak > > ? > > > j- > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) > From transier at uni-mannheim.de Fri Jul 10 18:06:37 1998 From: transier at uni-mannheim.de (Matthias Transier) Date: Tue Dec 2 02:24:19 2003 Subject: Servicenumber not found Message-ID: Can anyone tell me what that means? (log.nmb) lp_servicenumber: couldn't find homes Greetings, Matthias Transier From tremors at newjackswing.dyn.ml.org Sun Jul 12 06:47:19 1998 From: tremors at newjackswing.dyn.ml.org (George Vieira) Date: Tue Dec 2 02:24:19 2003 Subject: Security issue Message-ID: <01BDADB4.BC914F00@TREMORS> Hi People, I am not from the list so please reply to all.. And sorry if this has been brought up before... I had a look on the www.rootshell.com web site and saw an exploit or slight security hole for Samba or Windows file sharing.. I did a test on the site and it did report shares available from my machine. I have noticed that it only reported shares which had the browesable=yes option in my smb.conf file. Is there a way that Samba could run through the TCP wrappers or any other way to protect Samba from outside intruders? Thanks George Vieira http://newjackswing.dyn.ml.org tremors@newjackswing.dyn.ml.org please reply if bouncing occurs to rotary@tig.com.au From frank at engineer.com Sun Jul 12 12:21:36 1998 From: frank at engineer.com (Frank Berger) Date: Tue Dec 2 02:24:19 2003 Subject: SUBSCRIBE Message-ID: <01bdad8f$9cfd0c80$6664a8c0@192.168.100.102.wonderland.wg> Better not at all, because you can't unsubscribe afterwards!!! No chance to get rid of that stupid list! Good luck! Frank From mlaurent at eie.fceia.unr.edu.ar Sun Jul 12 20:35:14 1998 From: mlaurent at eie.fceia.unr.edu.ar (Marcelo E. Laurenti) Date: Tue Dec 2 02:24:19 2003 Subject: RPC Server Message-ID: <3.0.5.32.19980712173514.008259b0@eie.fceia.unr.edu.ar> Hi Everybody I have samba working well but qhen I run some srvtools from microsoft I get the following error message RPC server not available Anybody can give me a hand Thanks From makayg at math.u-szeged.hu Mon Jul 13 06:02:33 1998 From: makayg at math.u-szeged.hu (Geza Makay) Date: Tue Dec 2 02:24:19 2003 Subject: Security issue In-Reply-To: <19980712065022Z12610602-8191+10948@samba.anu.edu.au> Message-ID: <3.0.1.16.19980713080233.35f777ec@sol.math.u-szeged.hu> At 04:50 PM 7/12/98 +1000, you wrote: > I am not from the list so please reply to all.. And sorry if this has been brought up before... > > I had a look on the www.rootshell.com web site and saw an exploit or slight security hole for Samba or Windows file sharing.. I did a test on the site and it did report shares available from my machine. I have noticed that it only reported shares which had the browesable=yes option in my smb.conf file. > > Is there a way that Samba could run through the TCP wrappers or any other way to protect Samba from outside intruders? Look at the "hosts allow" option in the smb.conf manual page. It does work for me. I hope this helps, Geza ************************************************************************* * Name: Geza Makay (Mr., Dr., Prof.) * * Institute: Jozsef Attila University of Szeged * * Mail: Bolyai Institute, Aradi vertanuk tere 1. * * H-6720, Szeged, Hungary * * Tel: (62) 454-091 (Hungary's code: 36) * * Fax/Message: (62) 326-246 (Hungary's code: 36) * * E-mail: makayg@math.u-szeged.hu * * World Wide Web: http://www.math.u-szeged.hu/ * ************************************************************************* * "To err is human, but to really mess things up you need a computer." * ************************************************************************* From wasse at CS.bgu.ac.il Mon Jul 13 07:04:15 1998 From: wasse at CS.bgu.ac.il (wass eran) Date: Tue Dec 2 02:24:19 2003 Subject: domain admin users / samba wins support/massive file transfers (fwd) Message-ID: On Wed, 8 Jul 1998, Gerald Carter wrote: > > domain admin users = > > "domain admin users = username1 username2" (do these need top be > separated by a comma? I don;t remember right now ). it works - but there is no way to add the global admin group to the local admin group so I couldn't make myself as a domain admin to have full rights on the NT workstation i am logging into the domain from. i even tried to lower the amount of users to 1 in smbpasswd (only me) so i might be able to run usrmgr on SAMBA and i could but i couldn't do any operations on the domain ... i also tried a different tool to administer domains called "hyena" [which is much better than usrmgr - if it can help you with the samba project i would be glad to send it to you] but i got the same results... > These three paprmeters are going away in the near future. And be > replaced by a more manageable solution to NT <-> unix username / group > mapping i'm very glad to hear about that ! > > > but the problem is that the transfer always stops on CRC errors - each > > time on different files... :( [i had a problem here transfering a lot of files in one copy from samba share to local NT4WKS harddisk - i was copying the slackware linux dist.] the errors don't seem to be CRC - but i upped debug lev. to 20 and i saw the copy just stops because smbd gets a SIGPIPE and quits the copy, is this because smbd fills the client's buffer too fast and the client sends the smbd a sigpipe and the smbd doesn't know how to handle it ? > > Might want to update the source tree. Let me know if you need another > tarred and zipped version of the tree. i sure wish you had a url with the tgz of the latest alpha/prealpha version (same as cvs) - a script can be cron'ed to do it i'm sure .... ________________________________________________ \ Ayranne(Eran) Wass \ \ System Administration Group \ | Ben Gurion University - Computer Science | \ | \ E-MAIL: wasse@cs.bgu.ac.il \ \ HOME-PAGE: www.cs.bgu.ac.il/~wasse \ \ \ \_______________________________________________\ From cartegw at Eng.Auburn.EDU Mon Jul 13 12:55:27 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: RPC Server References: <3.0.5.32.19980712173514.008259b0@eie.fceia.unr.edu.ar> Message-ID: <35AA03BF.7A3DBDD1@eng.auburn.edu> Marcelo E. Laurenti wrote: > > Hi Everybody > I have samba working well but qhen I run some srvtools from > microsoft I get the following error message RPC server not > available All the RPC calls are not currently implemented. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Mon Jul 13 13:17:18 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: domain admin users / samba wins support/massive file transfers (fwd) References: Message-ID: <35AA08DE.6345970E@eng.auburn.edu> wass eran wrote: > > it works - but there is no way to add the global admin group to the > local admin group so I couldn't make myself as a domain admin to have > full rights on the NT workstation i am logging into the domain from. Something changed recently ( past month or so ). I don't remember exactly what. Luke, Jeremy? > i even tried to lower the amount of users to 1 in smbpasswd (only me) > so i might be able to run usrmgr on SAMBA and i could but i > couldn't do any operations on the domain ... i also tried a different > tool to administer domains called "hyena" [which is much better than > usrmgr - if it can help you with the samba project i would be glad to > send it to you] but i got the same results... There's a lot of the RPC calls that are not implemented. > the copy just stops because smbd gets a SIGPIPE and quits the copy, > is this because smbd fills the client's buffer too fast and the client > sends the smbd a sigpipe and the smbd doesn't know how to handle it ? I'm asumming that you do not experience this problem on the main distribution. Check the logs for "getpeername failed" entries. > i sure wish you had a url with the tgz of the latest alpha/prealpha > version (same as cvs) - a script can be cron'ed to do it i'm sure .... I tarred up one on July 10th. It's located at ftp.eng.auburn.edu/pub/cartegw/samba-1.9.19-prealpha.tar.gz j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From twinders at SPC.cc.tx.us Mon Jul 13 14:09:15 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:19 2003 Subject: Update Encrypted? Message-ID: Oh boy, you make one little change and everybody calls you! Geez. OK, the situation is that I would like to get all my users' passwords into the encrypted smbpasswd database, so I have the update encrypted = yes flag and encrypt passwords = no. But, the smbpasswd database doesn't seem to be updating. This is on Digital Unix 4.0D. Am I missing something? === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From twinders at SPC.cc.tx.us Wed Jul 15 19:19:45 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:19 2003 Subject: NT4WS SP4beta no Samba access? Message-ID: I received my MCSE a few months ago and with that started to get the Microsoft Beta CDs. This month's mailing includes the NT Service Pack 4 beta build 1.43. I had an NT Workstation with SP1 installed which was logging into my Samba Domain just fine. I decided to try the SP4 beta and now I get a message that the domain controller can't be found. If I try to do a start run \\barney (the server name) I get a error, saying it can't be found. If I open the Network Neighborhood and double click Barney, I get an RPC error. Has anyone here installed SP4 beta and gotten it to work with Samba? (I have the head branch from about 2 weeks ago running under Digital Unix 4.0D). I have changed a couple things in my smb.conf, but I think it's all OK, here is the [global] section, just in case I missed anything... # Samba config file created using SWAT # from support.spc.cc.tx.us (206.76.22.15) # Date: 1998/07/14 09:51:27 # Global parameters netbios aliases = Alpha_1000 server string = SPC Internet Alpha Server interfaces = 206.76.17.2/255.255.255.0 206.76.20.2/255.255.255.0 206.76.21.2/255.255.255.0 206.76.22.2/255.255.255.0 security = USER encrypt passwords = Yes null passwords = Yes username map = /usr/local/samba/lib/users.map password level = 15 unix password sync = Yes max log size = 1024 name resolve order = wins host lmhosts bcast time server = Yes socket options = TCP_NODELAY domain admin users = twinders domain guest users = guest,nobody logon script = logon.bat logon drive = h: domain logons = Yes preferred master = Yes domain master = Yes dns proxy = No wins server = 206.76.21.5 preload = homes default service = netlogon unix realname = Yes write list = twinders create mask = 0775 directory mask = 0775 hosts allow = 206.76.17.,206.76.18.,206.76.19.,206.76.20., 206.76.21.,206.76.22.,206.76.23.,204.158.18., 204.158.19.,127.0.0.1 hide files = /.*/DesktopFolderDB/TrashFor%m/resource.frk/ oplocks = No Thanks for any help... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From twinders at SPC.cc.tx.us Wed Jul 15 20:15:25 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:19 2003 Subject: NT4/SP4beta more info Message-ID: Well, I have tried some more things, to no avail... I changed the DOMAIN from SPC to the workgroup SPC on the NT workstation. I received a welcome to the SPC workgroup message, restarted and still couldn't get to the Samba server. I tried to change back to the SPC domain and got a message saying the domain controller can't be found. So, I joined an NT4 Domain (STUDENT) and it worked just fine. Restarted and still can't get to the Samba server. My 95 workstation can join the SPC (Samba) domain without problems. Unfortunately, I didn't make the SP4 install uninstallable and I can't install SP3 becuase a newer service pak is already installed. I guess I have been "microsoft'd"... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From do_sawye at yumahs.k12.az.us Wed Jul 15 21:29:25 1998 From: do_sawye at yumahs.k12.az.us (Craig Sawyer) Date: Tue Dec 2 02:24:19 2003 Subject: WFW 3.11 & Samba NTDOM Message-ID: <3.0.5.32.19980715142925.007c85d0@pop3.yumahs.k12.az.us> HI! I am having a problem with WFW 3.11 and logon/logoff problems on my samba server(Debian Linux). Logging on, the login script works just fine, and my drives get mapped, but when I Logoff(using logoff.exe), and then logon again, the login script doesn't work. It appears to be calling the login script( it says "now processing login script"), and the dos window pops up, but it never does anything, and it just sits there. It does eventually time out, but it never maps the drives(but it does say "you logged in successfully", even if you hit the cancel button on the WFW login script). I am not really familiar with how WFW and the NTDOMAIN stuff works, ----- Craig Sawyer CIS Department Yuma Union High School District #70 (520) 726-7268 ----- From jallison at whistle.com Wed Jul 15 22:09:21 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:19 2003 Subject: NT4WS SP4beta no Samba access? References: Message-ID: <35AD2890.4DD4EC2@whistle.com> Tim Winders wrote: > > I received my MCSE a few months ago and with that started to get the > Microsoft Beta CDs. This month's mailing includes the NT Service Pack 4 > beta build 1.43. I had an NT Workstation with SP1 installed which was > logging into my Samba Domain just fine. I decided to try the SP4 beta and > now I get a message that the domain controller can't be found. > > If I try to do a start run \\barney (the server name) I get a error, > saying it can't be found. If I open the Network Neighborhood and double > click Barney, I get an RPC error. > > Has anyone here installed SP4 beta and gotten it to work with Samba? (I > have the head branch from about 2 weeks ago running under Digital Unix > 4.0D). > Get level 100 logs from Samba when doing this. This will tell us what they have changed. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From astrom at dev.tv3.se Wed Jul 15 22:28:10 1998 From: astrom at dev.tv3.se (Patrik Astrom) Date: Tue Dec 2 02:24:19 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? Message-ID: <000001bdb03f$da419040$21df7383@100377> I have a FreeBSD box running Samba version 1.9.19-prealpha. I have succesfully added a NT4 server to our domain but I can't figure out how to give some users Domain Admin rights. This is my "global" part of smb.conf... ------------------- smb.conf [global] server string = SMB EXP1 STHLM01 protocol = NT1 mangle case = yes mangled names = yes default case = lower case sensitive = no preserve case = yes short preserve case = yes printing = bsd printcap name = /etc/printcap lpq cache time = 0 os level = 65 debug level = 1 share modes = yes socket options = TCP_NODELAY IPTOS_LOWDELAY netbios aliases = ns security = user workgroup = GRUPP domain controller = yes domain logons = yes domain master = yes local master = yes encrypt passwords = yes logon path = \\%L\profiles\%U logon script = logon.bat domain admin users = user1 user2 user3 ; domain guest users = astrom admin users = user1 user2 user3 ----- As you can see I have tried the "domain admin users" and the regular "admin users" but none of those works, I need to be able to give some users rights to setup local printers and etc... I have searched for an answer at "http://samba.anu.edu.au/listproc/samba-ntdom/" without luck... I would be most gratefull for any hints or suggestions. P.S Are there any time table for completing the RPC calls in samba ? D.S Best regards Patrik Astrom From amol at memcad.com Thu Jul 16 16:37:37 1998 From: amol at memcad.com (Amol Karnik) Date: Tue Dec 2 02:24:19 2003 Subject: setting up samba : new to NT question. Message-ID: <35AE2C51.CEE99436@memcad.com> hi folks, i am totally new to NT, and from what i've seen so far, i'm totally frustrated. i've tried going through the docs and the archives, but am still clueless. the docs explain how to set up samba on a unix machine, but there is no explanation of what i need to do on an NT workstation. i would really appreciate it if someone can give me brief guidelines, or steps to setup this up. just the basic steps will be fine, i'll dig up the details under each. here's how my network looks like. A lan of sun's. hp's and sgi's. all machines share disks with each other. Password authentication is via nis, which runs on a sun master and a sun slave server. i've received three new NT workstation machines, and i need to get them networked, so that those NT machines, can mount disks from any of these unix machines. also, it is possible for NT to use NIS password, instead of its own? also, i dont have a NT server machine, and would like the unix-samba server to be the PDC. this machine is also my unix printserver. if someone has a similar setup, could you please send me a sample smb.conf file? security is not of major concern here, since these machines are not on the internet. also, all my unix users ( 20+ ) need to be given logins to these NT machines, and they should be able to mount any filesystem from any unix machine, at all. They can currently do that from the unix machines. any pointers would be greatly appreciated. at the end , i'll post a summary to this list, for future newcomers to samba/nt benefit. thanks! amol ----------------------------------------------------- Amol Karnik Senior Development Engineer amol@memcad.com Microcosm Technologies, Inc. (617) 225-0094 x248 215 First St., Suite #2D (617) 621-7838 FAX Cambridge MA, 02142 http://www.memcad.com ----------------------------------------------------- From twinders at SPC.cc.tx.us Thu Jul 16 19:25:46 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:19 2003 Subject: log.smb lp error Message-ID: I pulled down the HEAD CVS yesterday and started to see this error message repeated over and over in my log.smb file: lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Thu Jul 16 11:06:30 1998 I just (2pm Central Time) updated my CVS source and I noticed some util and printing stuff had been updated, but I am still seeing this error message. Any idea what it means and how to stop it? === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From cartegw at Eng.Auburn.EDU Fri Jul 17 02:50:11 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:19 2003 Subject: Samba HTML pages In-Reply-To: <01BDB16E.0C65A9B0.frank@bushlife.com.au> Message-ID: Frank, I have placed a disclaimer at the top of the table of contents for the NTDOM FAQ. The functionality described ( ie, Samba as a PDC and the security=domain ) is only available in the head branch. See Q2.1 for information about downloading the devleopment code via cvs. I have an archived version of the head branch dated July 10th available at ftp://www.eng.auburn.edu/pub/cartegw/samba-1.9.19-prealpha.tar.gz if anyone needs it. I will update it when I have a chance, but do not consider it to be valid forever. Hope this clears up somethings. Sorry about the confusion. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) On Fri, 17 Jul 1998, Frank Adcock wrote: > 1.9.18p8. > > I presumed that the NT code had been merged into this code again, based > on some comments on the web pages. > > -----Original Message----- > From: Gerald W. Carter [SMTP:cartegw@eng.auburn.edu] > Sent: Friday, July 17, 1998 2:20 AM > To: Frank Adcock > Subject: Re: Samba HTML pages > > On Thu, 16 Jul 1998, Frank Adcock wrote: > > > Gidday Jerry, > > > > Just to let you know that smbpasswd doesn't have a -j option anymore. > > > > http://samba.anu.edu.au/samba/ntdom_faq/page6.html > > What version of samba are you using? The -j option is currently only > implemented in the HEAD branch. > From janet at bioss.sari.ac.uk Fri Jul 17 10:39:49 1998 From: janet at bioss.sari.ac.uk (Janet Dickson) Date: Tue Dec 2 02:24:19 2003 Subject: NT4WS SP4beta no Samba access? References: <19980715191951Z12613742-390+1438@samba.anu.edu.au> Message-ID: <35AF29F5.8DFCC131@bioss.sari.ac.uk> Hi I have no solution to your problem I'm afraid. However, I had the same problem when I had to re-install NT on my PC. I reinstlled to SP3 as before. Same symptoms - doamin controlled cannot be found etc. I had made no changes at all to my samba server, so it must be NT related. I tried the Samba list to no avail. I'd be grateful if you could let me know if you get a solution. Cheers Janet -- *************************************************************************** Janet Dickson | http://www.bioss.sari.ac.uk/~janet Biomathematics and Statistics Scotland | email: janet@bioss.sari.ac.uk The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 *************************************************************************** From samba at aquasoft.com.au Fri Jul 17 10:57:26 1998 From: samba at aquasoft.com.au (Samba Bugs) Date: Tue Dec 2 02:24:19 2003 Subject: NT4WS SP4beta no Samba access? In-Reply-To: <35AF29F5.8DFCC131@bioss.sari.ac.uk> Message-ID: Janet, Please take a look at the documentation in the samba distribution "docs" directory. In particular, please refer to the document "WinNT.txt" and "ENCRYPTION.txt". If after reading these you are still without a solution then please mail me direct at: jht@samba.anu.edu.au and I will do my best to help you. Cheers, John H Terpstra - Samba-Team On Fri, 17 Jul 1998, Janet Dickson wrote: > Hi > I have no solution to your problem I'm afraid. However, I had the same > problem when I had to re-install NT on my PC. I reinstlled to SP3 as > before. Same symptoms - doamin controlled cannot be found etc. I had > made no changes at all to my samba server, so it must be NT related. > > I tried the Samba list to no avail. I'd be grateful if you could let > me know if you get a solution. > > Cheers > Janet > -- > *************************************************************************** > Janet Dickson | > http://www.bioss.sari.ac.uk/~janet > Biomathematics and Statistics Scotland | email: janet@bioss.sari.ac.uk > The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 > Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 > *************************************************************************** > From BARTH at cck.uni-kl.de Fri Jul 17 13:54:39 1998 From: BARTH at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:24:19 2003 Subject: setting up samba : new to NT question. Message-ID: <14B825946FB@novell-fbk1.mv.uni-kl.de> > the docs explain how to set up samba on a unix machine, but there is no > explanation of what i need to do on an NT workstation. With samba you have to do on an NT workstation the same who would do with an NT-server. Starting very simpel with conetcing to shares (filesystems or printers): It can be found some were in the NT-Explorer. Futher more you will need some kind of authentication to controll access to the NT workstation. NT uses the domain controller concept, which has nothing to do with NIS. But there is a NIS "plug-in" for NT: It is written by Nigal Williams and called NISGINA; sorry, i don't havbe the URL handy right know. I don't have any expirences with it and i don't know how it works with samba. Then you may want to give the users of NT centralised profiles, i.g. their desktop should look the same independed of the PC they are using und depending only on the user. In the docs to NT-server there should be descriebed how to do this, it is some were in the NT user management. Finally you can give the NT-users a login-script, to do the things that should be done all the time a user starts to use NT: sycronising the time, conecting shares, .... The good thing is, you can do all these step by step: Once you are familliar with conacting share, start thinking about the authentication and user managemant to be sycronised between unix and NT. Then think about profiles, ... Hope that helps at least a bit, Christian From secret at kearneydev.com Fri Jul 17 15:21:27 1998 From: secret at kearneydev.com (secret) Date: Tue Dec 2 02:24:19 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? References: <000001bdb03f$da419040$21df7383@100377> Message-ID: <35AF6BF7.31880370@kearneydev.com> I just got samba NT Domain logons working and I'm very happy about that, after figuring out how to add a machine account (smbpasswd -m) and set the password to the same name as the machine the domain logon worked... Now I'm faced with the same problem: How do I assign domain admin rights to users? When I do a domain logon I can't share files or other common tasks that my users will need to do... David Secret Systems Administrator Kearney Development Co., Inc. From ankit at drillbit.tamu.edu Fri Jul 17 17:23:40 1998 From: ankit at drillbit.tamu.edu (Ankit Shah) Date: Tue Dec 2 02:24:19 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? In-Reply-To: <35AF6BF7.31880370@kearneydev.com> Message-ID: I have the same problem. I am at a point, where logon works, but nothing else. I also got printers to work. But permissions on file, or administartion doesnt work. If somebody has idea, plase post it on this mailing list. thanks ankit Petroleum Engineering Dept. Texas A & M University On Sat, 18 Jul 1998, secret wrote: :-) I just got samba NT Domain logons working and I'm very happy about that, :-)after figuring out how to add a machine account (smbpasswd -m) and set the :-)password to the same name as the machine the domain logon worked... :-) :-) Now I'm faced with the same problem: How do I assign domain admin rights :-)to users? When I do a domain logon I can't share files or other common tasks :-)that my users will need to do... :-) :-)David Secret :-)Systems Administrator :-)Kearney Development Co., Inc. :-) @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ ANKIT SHAH @ @ Petroleum Engineering Departement @ @ Phone: (409) 260-9750 (Home) @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ From allan at power.aste.usu.edu Fri Jul 17 11:05:15 1998 From: allan at power.aste.usu.edu (Allan K. Neal) Date: Tue Dec 2 02:24:19 2003 Subject: NT clients and logon path Message-ID: I am attempting to set up a Samba server for 21 NT clients. I do have an NT server on the network so i was planning to use it at the authentiction machine with security = server and password server = XXX.XXX.XX.XX. I would like the students to be able to log into the domain on the NT clients and have the NT box authenticate their passwd and then give them a profile, and I would like to have their home dir on the samba server to be mapped to drive F:\ for them to have disk space to write too and store their info and work. Any help on how to do this is very much appreciated. I have the Samba book by John Blair and have been reading the FAQ's but I still need some help. Thankyou -Allan -- |--------------------------------------------------------------------| | Allan K. Neal | Electronics and Computer Technology | | neal@cache.net | Utah State University | | http://cc.usu.edu/~slvkd/ | ASTE Network Administrator | |--------------------------------------------------------------------| |"The mind is like a parachute; it works much better when it's open. | |--------------------------------------------------------------------| From tavis at mahler.econ.columbia.edu Fri Jul 17 18:56:36 1998 From: tavis at mahler.econ.columbia.edu (Tavis Barr) Date: Tue Dec 2 02:24:19 2003 Subject: -DALLOW_CHANGE_PASSWORD In-Reply-To: <35AF29F5.8DFCC131@bioss.sari.ac.uk> Message-ID: Samba folk-- Last time I checked (a couple of weeks ago), Samba couldn't compile with the ALLOW_CHANGE_PASSWORD flag on SunOS, which means I can't sync Unix and NT passwords. Is there a plan to get this running, can I help in any way, or should I modify the smbpasswd routine to run setuid root and change Unix passwords by itself? Thanks, Tavis From cartegw at Eng.Auburn.EDU Fri Jul 17 20:14:36 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:19 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? References: Message-ID: <35AFB0AC.3318E754@eng.auburn.edu> Ankit Shah wrote: > > I have the same problem. I am at a point, where logon works, but > nothing else. > > I also got printers to work. But permissions on file, or > administartion doesnt work. After looking at the code in passdb.c the following things appear suspect... pdb_name_to_rid() ----------------- - If the user's name appears in lp_domain_admin_users, the the user RID is set to DOMAIN_USER_RID_ADMIN (500). The happens correctly. I just verified that a user specified in the smb.conf file this way does get the RID off 500. At this part I am speculating... The user's GROUP RID is set using the standard algorithm (gid*8)+1001 | GROUP_RID_TYPE Does this cause a problem by not specifing the DOMAIN_GROUP_RID_ADMINS as the user's group? I have not had time to test this yet. Neither do I have the older code to which to compare. Also one more question ( Luke, Jeremy, JF? ). The code seems to be only passing one group RID pack in passdb.c. Is this correct? and if so then how does NT send back membership in multiple groups? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jallison at whistle.com Fri Jul 17 21:35:31 1998 From: jallison at whistle.com (Jeremy Allison) Date: Tue Dec 2 02:24:19 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? References: <35AFB0AC.3318E754@eng.auburn.edu> Message-ID: <35AFC3A3.42A6DEFB@whistle.com> > Also one more question ( Luke, Jeremy, JF? ). The code seems to be only > passing one group RID pack in passdb.c. Is this correct? and if so > then how does NT send back membership in multiple groups? Yes this is correct I think. I have the groupname map code half done but got sidetracked in implementing the NT SMB calls (which has become much more of a priority recently due to external issues). I will fix this up once I'm happy with the NT SMB code I've just checked in (it's not turned on by default yet). On a side note, as I'm moving to SGI to start on Monday I may be intermittent in answering email until I'm fully set up again at SGI (which I'm aiming for the end of day Monday, if I'm lucky :-). Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jwf at platinum.com Mon Jul 20 15:54:57 1998 From: jwf at platinum.com (Jim Farrell) Date: Tue Dec 2 02:24:19 2003 Subject: HELP -- upgrade to 1.9.18p8 causing print/disk trouble ... Message-ID: I recently upgraded all our site's samba servers to 1.9.18p8, and I seem to be having many strange problems where they didn't exist before. I haven't made any changes to smb.conf. The biggest trouble I seem to have is that people can no longer access printers ... NT/95 just gives a generic "path to server not available" message. Some nodes even have trouble connecting to shares. When the PC's browse the network, then can see the server just fine, but often cannot browse any shares on the server. Rebooting the PC doesn't help. I've found that if I configure the WINS services on the PC's, the trouble often goes away. On NT I set "use DNS for WINS resolution". Once WINS is properly configured, the PC seems to work fine. smbclient from any machine on the network, and on other subnets has no trouble connecting to the samba services at all. I've never had to use WINS services before on my local PC's .... but I set the samba server up (a long while ago) to serve WINS anyway just in case people needed it. Now, it looks as if the PC's won't work at all unless WINS services are enabled. The [global] section of my smb.conf appears below .... any pointers/help would be appreciated. If I cannot solve this issue soon, I'll have to back the server upgrade out and continue running older versions. Thanks, -- jim (IP of this server is 192.168.45.20) [global] deadtime = 10 domain master = yes encrypt passwords = yes guest account = nobody load printers = yes log file = /usr/local/samba/var/logs/log.%m null passwords = no os level = 60 preferred master = yes printcap name = /usr/local/samba/lib/printcap printing = sysv remote announce = 192.168.166.255/ABLAB 192.168.112.255/ASTLAB 192.168.45.255/ABLAB remote browse sync = 192.168.166.100 192.168.112.18 security = user server string = ablab server share modes = no socket options = TCP_NODELAY strict locking = no time server = true username map = /usr/local/samba/private/mapnames wins proxy = yes wins support = yes workgroup = ABLAB From jwf at platinum.com Mon Jul 20 16:29:23 1998 From: jwf at platinum.com (Jim Farrell) Date: Tue Dec 2 02:24:20 2003 Subject: update: HELP -- upgrade to 1.9.18p8 causing print/disk trouble ... In-Reply-To: Message-ID: I've confirmed that our 1.9.18p8 master samba server is indeed having some sort of problem on our network. On my personal PC, if I disable WINS, I cannot connect to any shares or printers on this server at all. If I enable WINS, it all works fine. Has anyone else seen similar behavior? I was previously running 1.9.18p4 without any trouble .... then I upgraded and a whole slew of PC's suddenly couldn't connect to the server any longer. What's even stranger is that I upgraded 4 server with the same exact binaries ... the other three server authenticate against the master server and have similar configurations. If WINS isn't set on a PC, they can still get to the other slave servers just fine, but the master server refuses all connections to that PC. Any thoughts? -- jim On Mon, 20 Jul 1998, Jim Farrell wrote: > > I recently upgraded all our site's samba servers to 1.9.18p8, and I seem to > be having many strange problems where they didn't exist before. I haven't > made any changes to smb.conf. > > The biggest trouble I seem to have is that people can no longer access > printers ... NT/95 just gives a generic "path to server not available" > message. Some nodes even have trouble connecting to shares. When the > PC's browse the network, then can see the server just fine, but often > cannot browse any shares on the server. Rebooting the PC doesn't help. > > I've found that if I configure the WINS services on the PC's, the trouble > often goes away. On NT I set "use DNS for WINS resolution". Once WINS is > properly configured, the PC seems to work fine. smbclient from any > machine on the network, and on other subnets has no trouble connecting to > the samba services at all. > > I've never had to use WINS services before on my local PC's .... but I set > the samba server up (a long while ago) to serve WINS anyway just in case > people needed it. Now, it looks as if the PC's won't work at all unless > WINS services are enabled. > > The [global] section of my smb.conf appears below .... any pointers/help > would be appreciated. If I cannot solve this issue soon, I'll have to > back the server upgrade out and continue running older versions. > > Thanks, > > -- jim > > (IP of this server is 192.168.45.20) > > [global] > deadtime = 10 > domain master = yes > encrypt passwords = yes > guest account = nobody > load printers = yes > log file = /usr/local/samba/var/logs/log.%m > null passwords = no > os level = 60 > preferred master = yes > printcap name = /usr/local/samba/lib/printcap > printing = sysv > remote announce = 192.168.166.255/ABLAB 192.168.112.255/ASTLAB > 192.168.45.255/ABLAB > remote browse sync = 192.168.166.100 192.168.112.18 > security = user > server string = ablab server > share modes = no > socket options = TCP_NODELAY > strict locking = no > time server = true > username map = /usr/local/samba/private/mapnames > wins proxy = yes > wins support = yes > workgroup = ABLAB > From cartegw at Eng.Auburn.EDU Mon Jul 20 18:22:15 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: HELP -- upgrade to 1.9.18p8 causing print/disk trouble ... References: Message-ID: <35B38AD7.E26DFC2D@eng.auburn.edu> Jim, This really is more appropriate for the main samba mailing list. I have cc'd this message there. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) ------------------------------------------------------------------------ Subject: HELP -- upgrade to 1.9.18p8 causing print/disk trouble ... Date: Tue, 21 Jul 1998 02:02:26 +1000 From: Jim Farrell I recently upgraded all our site's samba servers to 1.9.18p8, and I seem to be having many strange problems where they didn't exist before. I haven't made any changes to smb.conf. The biggest trouble I seem to have is that people can no longer access printers ... NT/95 just gives a generic "path to server not available" message. Some nodes even have trouble connecting to shares. When the PC's browse the network, then can see the server just fine, but often cannot browse any shares on the server. Rebooting the PC doesn't help. I've found that if I configure the WINS services on the PC's, the trouble often goes away. On NT I set "use DNS for WINS resolution". Once WINS is properly configured, the PC seems to work fine. smbclient from any machine on the network, and on other subnets has no trouble connecting to the samba services at all. I've never had to use WINS services before on my local PC's .... but I set the samba server up (a long while ago) to serve WINS anyway just in case people needed it. Now, it looks as if the PC's won't work at all unless WINS services are enabled. The [global] section of my smb.conf appears below .... any pointers/help would be appreciated. If I cannot solve this issue soon, I'll have to back the server upgrade out and continue running older versions. Thanks, -- jim (IP of this server is 192.168.45.20) [global] deadtime = 10 domain master = yes encrypt passwords = yes guest account = nobody load printers = yes log file = /usr/local/samba/var/logs/log.%m null passwords = no os level = 60 preferred master = yes printcap name = /usr/local/samba/lib/printcap printing = sysv remote announce = 192.168.166.255/ABLAB 192.168.112.255/ASTLAB 192.168.45.255/ABLAB remote browse sync = 192.168.166.100 192.168.112.18 security = user server string = ablab server share modes = no socket options = TCP_NODELAY strict locking = no time server = true username map = /usr/local/samba/private/mapnames wins proxy = yes wins support = yes workgroup = ABLAB From webber at sj.univali.rct-sc.br Mon Jul 20 22:38:04 1998 From: webber at sj.univali.rct-sc.br (Celso Kopp Webber) Date: Tue Dec 2 02:24:20 2003 Subject: How do I asign Doman Admin rights to a NT4 server?? References: Message-ID: <35B3C6CA.D6ADCF68@sj.univali.rct-sc.br> Hi Ankit! I've had these problems in the past, and as far as I know, the current 1.9.18p7 production release doesn't support these options by default, at least they didn't work as samba came from my RedHat Linux 5.x installation. So, I downloaded the latest development version, with these two commands: cvs -d :pserver:cvs@samba.anu.edu.au:/cvsroot login (when prompted for a password, type: cvs). cvs -d :pserver:cvs@samba.anu.edu.au:/cvsroot co samba The last command retrieves the latest sources, creating a directory called 'samba' on your current directory. You could also try: cvs -z 9 -d :pserver:cvs@samba.anu.edu.au:/cvsroot co samba This option (-z number) uses gzip (if you have it installed) to transfer the files compressed by gzip. It worked for me. (A question for the Samba Team: does this increases too much the load on the CVS server?). Ankit Shah escreveu: > Thanks for the tip. > > Though it did not work for me. I put the line in my smb.conf and it still > does not recognize users as being able to share files or do > adminstration. > > There is no help for this, i guess because this is in pre-alpha version. > > Can you tell me more about this, or do i need to do something else. > > Also, because NT is not able to write to the registry somehow, the > virusscan and some other programs whcich requires administration > privileges to run wont run. > > Thanks in advance. > > Ankit shah > Microcomputer Specialist > Petrolem Engineering Department > Texas A & M University. > > On Fri, 17 Jul 1998, Celso Kopp Webber wrote: > > :-) Hi! > :-) > :-) Try the option 'domain admin users = user1 user2 @group1'. Its sintax is the > :-)same as 'admin users'. > :-) > :-) Hope this helps. > :-) > :-) Celso. > :-) > :-)Ankit Shah escreveu: > :-) > :-)> I have the same problem. I am at a point, where logon works, but nothing > :-)> else. > :-)> > :-)> I also got printers to work. But permissions on file, or administartion > :-)> doesnt work. > :-)> > :-)> If somebody has idea, plase post it on this mailing list. > :-)> > :-)> thanks > :-)> > :-)> ankit > :-)> Petroleum Engineering Dept. > :-)> Texas A & M University > :-)> > :-)> On Sat, 18 Jul 1998, secret wrote: > :-)> > :-)> :-) I just got samba NT Domain logons working and I'm very happy about that, > :-)> :-)after figuring out how to add a machine account (smbpasswd -m) and set the > :-)> :-)password to the same name as the machine the domain logon worked... > :-)> :-) > :-)> :-) Now I'm faced with the same problem: How do I assign domain admin rights > :-)> :-)to users? When I do a domain logon I can't share files or other common tasks > :-)> :-)that my users will need to do... > :-)> :-) > :-)> :-)David Secret > :-)> :-)Systems Administrator > :-)> :-)Kearney Development Co., Inc. > :-)> :-) > :-)> > :-)> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > :-)> @ ANKIT SHAH @ > :-)> @ Petroleum Engineering Departement @ > :-)> @ Phone: (409) 260-9750 (Home) @ > :-)> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > :-) > :-) > :-) > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ ANKIT SHAH @ > @ Petroleum Engineering Departement @ > @ Phone: (409) 260-9750 (Home) @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ From webber at sj.univali.rct-sc.br Tue Jul 21 20:31:45 1998 From: webber at sj.univali.rct-sc.br (Celso Kopp Webber) Date: Tue Dec 2 02:24:20 2003 Subject: Problem with "domain admin users" Message-ID: <35B4FAAF.3977B5C9@sj.univali.rct-sc.br> Hi all! Recently, Ankit Shah posted a message to this list saying that he couldn't make an user listed on "domain admin users" parameter be granted administrative privileges on an NT workstation. We exchanged a couple of messages and I discovered, after I did a 'checkout' on the samba cvs sources, that Ankit was right. Alghough the user is listed under the key HKEY_USERS with a SID of S-1-5-21-123-456-789-500 when he/she is logged on, he doesn't get administrative privileges. This worked well with sources I`ve checked out about a month ago. Has anything changed? Regards, Celso. From cartegw at Eng.Auburn.EDU Tue Jul 21 21:47:06 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: Problem with "domain admin users" References: <35B4FAAF.3977B5C9@sj.univali.rct-sc.br> Message-ID: <35B50C5A.CFADEA4E@eng.auburn.edu> Celso Kopp Webber wrote: > > key HKEY_USERS with a SID of S-1-5-21-123-456-789-500 when he/she is > logged on, he doesn't get administrative privileges. This worked well > with source I`ve checked out about a month ago. > Yup. A lot has changed. Jeremy has been working on the uid <-> RID mapping. The GROUP_RID that is passed back is derived from the user's actual unix gid rather than the DOMAIN_ADMIN_GROUP_RID. This is probably what has broken the functionality for the moment. I posted some more comments about this recently ( in this same thread ). j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jallison at cthulhu.engr.sgi.com Wed Jul 22 15:03:25 1998 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:24:20 2003 Subject: Problem with "domain admin users" References: <35B50C5A.CFADEA4E@eng.auburn.edu> Message-ID: <35B5FF3D.D3C878F1@engr.sgi.com> Gerald Carter wrote: > > Celso Kopp Webber wrote: > > > > key HKEY_USERS with a SID of S-1-5-21-123-456-789-500 when he/she is > > logged on, he doesn't get administrative privileges. This worked well > > with source I`ve checked out about a month ago. > > > > Yup. A lot has changed. Jeremy has been working on the uid <-> RID > mapping. The GROUP_RID that is passed back is derived from the user's > actual unix gid rather than the DOMAIN_ADMIN_GROUP_RID. This is > probably what has broken the functionality for the moment. > Ok - the parameter "domain admin users" is no longer used. I will remove it from the sources soon. What it was doing was changing the primary SID of the user logging on into the well known Domain SID "Administrator" for all users who were in the "domain admin users" list. This meant that the userid being used on the UNIX side would be completely different to the one being sent back to the NT workstation logging on. This is actually what an NT PDC does, but it means that all users who are in the "Administrators" group are totally anonymous when they create files - everything is created as "Administrator". To get the same effect in the current head branch of the code, add the user into the "domain admin group" parameter list. What this does is to add the well known domain SID "Domain Admins" to the group SID list generated for the logon token for the user loggin on to the NT workstation. If the "Domain Admins" group is a member of the local "Administrators" group on the NT workstation (as it is by default), then the user will have Administrator access on that machine. Hope this helps, Jeremy Allison, Samba Team. PS. I'm starting to get things set up now at SGI - I have mail and CVS access working so I'm off to a good start :-). -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From janet at bioss.sari.ac.uk Thu Jul 23 17:31:51 1998 From: janet at bioss.sari.ac.uk (Janet Dickson) Date: Tue Dec 2 02:24:20 2003 Subject: Adding an NT server to a Samba Domain Message-ID: <35B77387.F1423C32@bioss.sari.ac.uk> Hi I'm getting very frustrated right now. Last week I had a problem where my NT workstation could not find my Samba domain controller. I solved it (I thought) by reinstalling Win NT (plus SP3). However, I have now installed Win NT Server (plus SP3) on the same machine (as a stand alone server, not as a PDC or anything) and, again, it cannot find my Samba domain controller. Nothing has changed at the Samba end since a couple of hours ago when I could connect happily. (Dont ask me why I changed - that is another long story:-( If I connect to the workgroup rather than the domain, it is quite happy, until I try and log in when it wont accept my password. Is there anything different about setting up an NT Server to an NT Workstation ? Can someone help me before I throw the wretched machine out the window ? Janet -- *************************************************************************** Janet Dickson | http://www.bioss.sari.ac.uk/~janet Biomathematics and Statistics Scotland | email: janet@bioss.sari.ac.uk The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 *************************************************************************** From sudarsan.varadan at wang.com Thu Jul 23 20:23:29 1998 From: sudarsan.varadan at wang.com (Sudarsan Varadan) Date: Tue Dec 2 02:24:20 2003 Subject: public parameter in smb.conf Message-ID: <000301bdb677$c1a82e70$b66ebd81@cbinfrasv.olsy-na.com> Hi I am trying to setup an environment in which I have the samba server running on an SCO UNIXWARE machine and have an NT PDC and an NT workstation as clients. Password authentication takes place through the PDC. In my smb.conf file when I for my services set "public = no" I am not able to access the service/share from my NT workstation. It works fine if I have "public = yes". Kindly advise as to how I can get rid of this problem since I do not want everyone to access this share. Thanks Sonny Varadan From anthonm at tams.com.au Fri Jul 24 06:31:51 1998 From: anthonm at tams.com.au (Michael Anthon) Date: Tue Dec 2 02:24:20 2003 Subject: Slowdown when copying large files Message-ID: I am currently investigating using samba on a Linux box to provide file server services on our NT LAN (I'm a bit sick of NT doing dummy spits on me). I'm running RH5.1, and have just upgraded samba to samba-1.9.18p8-51.3 (using the rpm from http://samba.anu.edu.au/samba/ftp/Binary_Packages/redhat/RPMS/5.1/samba- 1.9.18p8-51.3.i386.rpm) The setup includes several NT servers, one set up as a PDC and 2 BDCs and samba is confiigured to use the PDC for password authentication. Everything seems to work fine, except that when I try copying a largeish file (the test one I'm using is about 12M) it takes about 8-10 minutes to copy (this is on a 10M LAN). I ran top on the Linux box while I was doing this and smbd seems to start off using around 8% of CPU time, but at the point things seem to start slowing down, the usage jumps up to 75-80%. I'm wondering if this is a known problem and if it's not, perhaps a few pointers on where to start looking might help me a bit. TIA Michael Anthon TAMS Systems From D.Bannon at latrobe.edu.au Fri Jul 24 07:03:12 1998 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:24:20 2003 Subject: Slowdown when copying large files In-Reply-To: Message-ID: <3.0.3.32.19980724170312.0072a8ac@bioserve.biochem.latrobe.edu.au> At 04:33 PM 24/07/1998 +1000, Michael Anthon wrote: >Everything seems to work fine, except that when I try copying a largeish >file (the test one I'm using is about 12M) it takes about 8-10 minutes >to copy (this is on a 10M LAN). I have RH5.0 running on an old 586-100 with 32 meg ram. (I use it for a range of 'odd jobs'). I just copied a 14meg file to its IDE drive in 1m 16sec using samba. And this was from another network drive on another system. I wonder if your system is lacking a bit of memory or some other resource ? Might be a good question to ask on the regular samba/linux channels. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From janet at bioss.sari.ac.uk Fri Jul 24 09:20:56 1998 From: janet at bioss.sari.ac.uk (Janet Dickson) Date: Tue Dec 2 02:24:20 2003 Subject: Adding an NT server to a Samba Domain Message-ID: <35B851F8.F6B55512@bioss.sari.ac.uk> Hi Things are looking up - what a great way to start a Friday ! I set the debug level to 100 in my smb.conf.%m file for the NT server and found messages of the form : doing parameter encrypt passwords = yes Global parameter encrypt passwords found in service section! I realised my smb.conf.%m file contained a [profiles] section. Moved the line 'include = /usr/local/samba/lib/smb.conf.%m' in smb.conf to the end of the [global] section and .. bingo , my NT Server says 'Welcome to the BIOSSTEST domain' Obvious when you think about it (my brain wasnt up to it last night) ! Cheers Janet -- *************************************************************************** Janet Dickson | http://www.bioss.sari.ac.uk/~janet Biomathematics and Statistics Scotland | email: janet@bioss.sari.ac.uk The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 *************************************************************************** From cartegw at Eng.Auburn.EDU Fri Jul 24 15:33:23 1998 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:24:20 2003 Subject: NT4WS SP4beta no Samba access? References: Message-ID: <35B8A943.6E451605@eng.auburn.edu> Tim Winders wrote: > > Has anyone here installed SP4 beta and gotten it to work with Samba? > (I have the head branch from about 2 weeks ago running under Digital > Unix 4.0D). > I'm betting that NT4 with SP4 will act a lot like NT5. Ihave been playing around with NT5 Beta 1 Wks for the past few days trying to get it to join my samba domain. Here's why I have noted so far. - The NT5 box sends a SAMLOGON to the PDC but does not specify a username. - The QUERYFORDC response being sent back did not contain all the information it needed. If the mailslot was NETLOGON\NET\NTLOGON, it would. After working on the code locally here I got past the previous two problems. Still could not join the domain though due to the fact that it was trying to connect to \\SAMBA_PDC\IPC$ as user "Administrator" (which I was logged in under ). So I thought, "I'll try to browse the Samba PDC and see what happens"....Blue-Screen-of-Death!!!! This is reproducible. The packet trace shows that the NT5 box dies after trying to connect to \\SAMBA_PDC\WEB$. Looking at the response from an NT4 PDC, the return code is different, but I do not think this is major. Has anyone tried this with NT5 yet? As an aside, I noticed that in nmbd_processlogon.c, process_logon_packet(), the uint32 "ntversion" value being sent back in the response packet is the same as the value recieved. I have noticed in the packet traces that NT5 sets this value to 0x3 while NT4 sets it to 0x1. Not sure about 3.51 ( probably 0x1 as well ). I have read though the CIFS spec and din;t see any reference. Did I miss it? Any comments? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From twinders at SPC.cc.tx.us Fri Jul 24 21:23:52 1998 From: twinders at SPC.cc.tx.us (Tim Winders) Date: Tue Dec 2 02:24:20 2003 Subject: NT4WS SP4beta no Samba access? In-Reply-To: <35B8A943.6E451605@eng.auburn.edu> Message-ID: On Fri, 24 Jul 1998, Gerald W. Carter wrote: > Tim Winders wrote: > > > > Has anyone here installed SP4 beta and gotten it to work with Samba? > > (I have the head branch from about 2 weeks ago running under Digital > > Unix 4.0D). > > > > I'm betting that NT4 with SP4 will act a lot like NT5. Ihave been > playing around with NT5 Beta 1 Wks for the past few days trying to get > it to join my samba domain. > > Here's why I have noted so far. > > - The NT5 box sends a SAMLOGON to the PDC but does not specify a > username. > > - The QUERYFORDC response being sent back did not contain all the > information it needed. If the mailslot was NETLOGON\NET\NTLOGON, it > would. > > After working on the code locally here I got past the previous two > problems. Still could not join the domain though due to the fact that > it was trying to connect to \\SAMBA_PDC\IPC$ as user "Administrator" > (which I was logged in under ). > > So I thought, "I'll try to browse the Samba PDC and see what > happens"....Blue-Screen-of-Death!!!! This is reproducible. The packet > trace shows that the NT5 box dies after trying to connect to > \\SAMBA_PDC\WEB$. Looking at the response from an NT4 PDC, the return > code is different, but I do not think this is major. > > Has anyone tried this with NT5 yet? > > As an aside, I noticed that in nmbd_processlogon.c, > process_logon_packet(), the uint32 "ntversion" value being sent back in > the response packet is the same as the value recieved. I have noticed > in the packet traces that NT5 sets this value to 0x3 while NT4 sets it > to 0x1. Not sure about 3.51 ( probably 0x1 as well ). I have read > though the CIFS spec and din;t see any reference. Did I miss it? Thanks for the info Jerry. I sent a level 100 trace to Jeremy last week, but I suspect he has been too busy to look at it... === Tim --------------------------------------------------------------------- | Tim Winders, CNE, MCSE | Email: TWinders@SPC.cc.tx.us | | Network Administrator | Phone: 806-894-9611 x 2369 | | South Plains College | Fax: 806-897-4711 | --------------------------------------------------------------------- From mblack at csihq.com Sat Jul 25 12:50:38 1998 From: mblack at csihq.com (Mike Black) Date: Tue Dec 2 02:24:20 2003 Subject: Core dump on latest cvs update Message-ID: <00bb01bdb7ca$d3fb23d0$0101a8c0@mikehome.csihq.com> Just updated this morning 7/25/98 (last time was Wed or Thur) and I now get a coredump from nmbd. Well...it tries to coredump with no core file produced. This is on Linux 1.1.110. I was able to "make revert" and everything is OK now. Here's the last part of a 100-level dump is_myname("PICARD") returns 1 send_host_announcement: type 19a03 for host PICARD on subnet 204.17.222.1 for workgroup CSIHQ send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from PICARD<00> IP 204.17.222.1 to CSIHQ<1d> IP 204.17.222.255 0 char ..`...PICARD.... hex 01 00 60 ea 00 00 50 49 43 41 52 44 00 00 00 00 10 char ..............U. hex 00 00 00 00 00 00 04 02 03 9a 01 00 0f 01 55 aa 20 char Samba 1.9.19-pre hex 53 61 6d 62 61 20 31 2e 39 2e 31 39 2d 70 72 65 30 char alpha. hex 61 6c 70 68 61 00 1998/07/25 08:45:29 sending a packet of len 222 to (204.17.222.255) on port 138 announce_myself_to_domain_master_browser: t (901370729) - last(901370729) < 900 announce_remote: Doing remote announce for server PICARD to IP 204.17.222.255. send_mailslot: Sending to mailslot \MAILSLOT\BROWSE from PICARD<00> IP 204.17.222.1 to CSI_MELB<1d> IP 204.17.222.255 0 char .. ...PICARD.... hex 01 00 20 bf 02 00 50 49 43 41 52 44 00 00 00 00 10 char ..............U. hex 00 00 00 00 00 00 04 02 03 9a 00 00 0f 01 55 aa 20 char Samba 1.9.19-pre hex 53 61 6d 62 61 20 31 2e 39 2e 31 39 2d 70 72 65 30 char alpha. hex 61 6c 70 68 61 00 1998/07/25 08:45:29 sending a packet of len 222 to (204.17.222.255) on port 138 =============================================================== INTERNAL ERROR: Signal 11 in pid 4211 (1.9.19-prealpha) Please read the file BUGS.txt in the distribution =============================================================== Core limits now 2147482624 2147483647 Dumping core in /usr/local/samba/var/corefiles ----------------------------------------------------------------------------------------- Michael D. Black 407-676-2923,x203 FAX 407-676-2355 Principal Engineer, CSI Inc Melbourne FL mblack@csihq.com http://www.csihq.com -------------- next part -------------- HTML attachment scrubbed and removed From tonnesen at cmsd.bc.ca Sat Jul 25 16:00:22 1998 From: tonnesen at cmsd.bc.ca (tonnesen@cmsd.bc.ca) Date: Tue Dec 2 02:24:20 2003 Subject: Domain logins with ip aliasing under Linux Message-ID: I'm having trouble with domain logins under Linux. I have an ip alias on my ethernet card on the samba server so that I have a real ip subnet, and a fake, masqueraded subnet. eth0 209.xxx.xxx.1 netmask 255.255.255.192 eth0:0 192.168.1.1 netmask 255.255.255.0 If the client machine has a "real" ip address (209.xxx.xxx.2) everything works fine, if it has a "fake" ip address (192.168.1.2) I get the following in the nmb log: process_logon_packet: Logon from 192.168.1.2: code = 0 And the logon on the client fails with a "Bad password or access to server denied" message. I've tried adding: interfaces 192.168.1.1/24 209.xxx.xxx.1/26 to the smb.conf file, but I get the same result. Is this a known problem, or do I have something set up wrong here? I could always chuck out the real ip addressses and just use the fake subnet if I must, but I'm bound to run into a situation where a workstation needs a real ip address at some point. Software Version Info: samba 1.9.18p8 debian 2.0 (kernel 2.0.32) Steve Tonnesen --- tonnesen@cmsd.bc.ca Coast Mountains School District Terrace, British Columbia, CANADA From icoupeau at unav.es Sat Jul 25 16:19:17 1998 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:24:20 2003 Subject: CVS 980725 nmbd errors? Message-ID: <35BA0585.A8D87341@unav.es> I found the CVS (Sat Jul 25 18:04:28 MET DST 1998) distribution fails in the nmdb (I tested under linux): > [root@bilbo bin]# ./nmblookup bilbo > Sending queries to 159.237.12.255 > name_query failed to find name bilbo and, of course, the workstations can't login in the PDC (bilbo). The CVS-980722's nmbd runs: root@bilbo bin]# ./nmblookup.old bilbo Sending queries to 159.237.12.255 159.237.12.42 bilbo<00> ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: +48 425619 University of Navarra voice: +48 425600 Pamplona, SPAIN http://www.unav.es/cti/ From aperrin at demog.Berkeley.EDU Sat Jul 25 18:11:26 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:20 2003 Subject: Slowdown when copying large files In-Reply-To: Message-ID: This question would really be better asked on the general samba newsgroup (comp.protocol.smb) or on the samba general mailing list -- people who hang out here are usually concerned specifically with Samba as an NT domain server. --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Fri, 24 Jul 1998, Michael Anthon wrote: > I am currently investigating using samba on a Linux box to provide file > server services on our NT LAN (I'm a bit sick of NT doing dummy spits on > me). I'm running RH5.1, and have just upgraded samba to > samba-1.9.18p8-51.3 (using the rpm from > http://samba.anu.edu.au/samba/ftp/Binary_Packages/redhat/RPMS/5.1/samba- > 1.9.18p8-51.3.i386.rpm) > > The setup includes several NT servers, one set up as a PDC and 2 BDCs > and samba is confiigured to use the PDC for password authentication. > > Everything seems to work fine, except that when I try copying a largeish > file (the test one I'm using is about 12M) it takes about 8-10 minutes > to copy (this is on a 10M LAN). I ran top on the Linux box while I was > doing this and smbd seems to start off using around 8% of CPU time, but > at the point things seem to start slowing down, the usage jumps up to > 75-80%. > > I'm wondering if this is a known problem and if it's not, perhaps a few > pointers on where to start looking might help me a bit. > > TIA > Michael Anthon > > TAMS Systems > From samba at aquasoft.com.au Sun Jul 26 01:49:46 1998 From: samba at aquasoft.com.au (Samba Bugs) Date: Tue Dec 2 02:24:20 2003 Subject: Slowdown when copying large files In-Reply-To: Message-ID: We are aware of this and I am looking into this right now. We hope to have a solution in place for release of 1.9.18p9. Cheers, John H Terpstra - Samba-Team (and RPM packager). On Sun, 26 Jul 1998, Andrew Perrin - Demography wrote: > This question would really be better asked on the general samba newsgroup > (comp.protocol.smb) or on the samba general mailing list -- people who > hang out here are usually concerned specifically with Samba as an NT > domain server. > > --------------------------------------------------------------------- > Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support > Department of Demography - University of California at Berkeley > 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA > http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 > > On Fri, 24 Jul 1998, Michael Anthon wrote: > > > I am currently investigating using samba on a Linux box to provide file > > server services on our NT LAN (I'm a bit sick of NT doing dummy spits on > > me). I'm running RH5.1, and have just upgraded samba to > > samba-1.9.18p8-51.3 (using the rpm from > > http://samba.anu.edu.au/samba/ftp/Binary_Packages/redhat/RPMS/5.1/samba- > > 1.9.18p8-51.3.i386.rpm) > > > > The setup includes several NT servers, one set up as a PDC and 2 BDCs > > and samba is confiigured to use the PDC for password authentication. > > > > Everything seems to work fine, except that when I try copying a largeish > > file (the test one I'm using is about 12M) it takes about 8-10 minutes > > to copy (this is on a 10M LAN). I ran top on the Linux box while I was > > doing this and smbd seems to start off using around 8% of CPU time, but > > at the point things seem to start slowing down, the usage jumps up to > > 75-80%. > > > > I'm wondering if this is a known problem and if it's not, perhaps a few > > pointers on where to start looking might help me a bit. > > > > TIA > > Michael Anthon > > > > TAMS Systems > > > From max.wheatley at telecom.co.nz Mon Jul 27 00:15:27 1998 From: max.wheatley at telecom.co.nz (Max Wheatley) Date: Tue Dec 2 02:24:20 2003 Subject: NT Domain Controller Code Message-ID: Hi Guys Where can I download the latest DC code from ??? I tried the CVS "stuff" as per the FAQ, but it down work. I guess a "patch" file would be the most usefull Thanks Max max@zl2max.gen.nz From mlaurent at eie.fceia.unr.edu.ar Mon Jul 27 03:43:08 1998 From: mlaurent at eie.fceia.unr.edu.ar (Marcelo E. Laurenti) Date: Tue Dec 2 02:24:20 2003 Subject: User lists Message-ID: HI! I have a samba server(Debian Linux) working well, but I can't get the users lists from the server when I try to give acces rigths to a share in a Windows 95 machine. I ned some help, thanks -- Marcelo E. Laurenti Escuela de Ingenieria Electronica Fac. de Cs. Exactas e Ingenieria Universidad Nacional de Rosario From z2232203 at student.unsw.edu.au Mon Jul 27 09:45:41 1998 From: z2232203 at student.unsw.edu.au (Matthew Chapman) Date: Tue Dec 2 02:24:20 2003 Subject: Core dump on latest cvs update Message-ID: <35BC4C45.974B3432@student.unsw.edu.au> Hi Mike, > Just updated this morning 7/25/98 (last time was Wed or Thur) and I > now get a coredump from nmbd. I cvs updated today 7/27/98 & had the same problem; the attached diff on nmbd_browsesync.c should hopefully fix it (have sent a copy to samba-bugs). Matt. -- Matt Chapman E-mail: mattyc@cyberdude.com -------------- next part -------------- --- nmbd_browsesync.old Mon Jul 27 17:20:18 1998 +++ nmbd_browsesync.c Mon Jul 27 18:52:33 1998 @@ -32,7 +32,7 @@ extern fstring global_myworkgroup; /* This is our local master browser list database. */ -extern struct browse_cache_record *lmb_browserlist; +extern struct ubi_dlList lmb_browserlist[]; static struct work_record *call_work; static struct subnet_record *call_subrec; @@ -205,7 +205,7 @@ void dmb_expire_and_sync_browser_lists(time_t t) { static time_t last_run = 0; - struct browse_cache_record *browc; + ubi_dlNodePtr browc; /* Only do this every 20 seconds. */ if (t - last_run < 20) @@ -215,12 +215,12 @@ expire_lmb_browsers(t); - for( browc = (struct browse_cache_record *)ubi_dlFirst( lmb_browserlist ); + for( browc = ubi_dlFirst( lmb_browserlist ); browc; - browc = (struct browse_cache_record *)ubi_dlNext( browc ) ) + browc = ubi_dlNext( browc ) ) { - if (browc->sync_time < t) - sync_with_lmb(browc); + if ( ((struct browse_cache_record *)browc) -> sync_time < t) { + sync_with_lmb( (struct browse_cache_record *) browc ); } } } From cartegw at Eng.Auburn.EDU Mon Jul 27 12:53:22 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: User lists References: Message-ID: <35BC7842.2EE95AC3@eng.auburn.edu> Marcelo E. Laurenti wrote: > > I have a samba server(Debian Linux) working well, but I can't > get the users lists from the server when I try to give acces rigths > to a share in a Windows 95 machine. This is not implmented yet. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Mon Jul 27 13:15:03 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: NT Domain Controller Code References: Message-ID: <35BC7D57.B89146F5@eng.auburn.edu> Max Wheatley wrote: > > Where can I download the latest DC code from ??? > > I tried the CVS "stuff" as per the FAQ, but it down work. I have an archived version from July 10th at ftp://ftp.eng.auburn.edu/pub/cartegw/samba-1.9.19-prealpha.tar.gz j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From secret at kearneydev.com Mon Jul 27 20:17:28 1998 From: secret at kearneydev.com (secret) Date: Tue Dec 2 02:24:20 2003 Subject: Problem with "domain admin users" References: <35B5FF3D.D3C878F1@engr.sgi.com> Message-ID: <35BCE057.B55B18DD@kearneydev.com> The latest CVS update completely killed my nmbd, I sent a bug report to the suggested address with a Level 15 log and such, I have yet to see if the latest CVS update fixed it(Left it compiling this morning:)) [nmbd immediately died with an INTERNAL ERROR] One simple question, when it starts working again what is an easy thing to check and see if I have domain admin rights?(from the NT side) I don't have a "Sharing" tab, which is what I was using for the check, but this can be unreliable too. Also, could someone give me some hints on running the pre_alpha samba _AND_ the normal samba on the same machine at the same time? Or should I really not attempt this?(For NT domain logons) Fianally, when the NTDOM version of samba is working, does it support grabbing user and group lists from the server in order to be able to use user level access on the clients properly?(This is the main reason I want to use it) David Secret System Administrator Kearney Development Co., Inc. From cartegw at Eng.Auburn.EDU Mon Jul 27 21:46:29 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: Problem with "domain admin users" References: <35B5FF3D.D3C878F1@engr.sgi.com> <35BCE057.B55B18DD@kearneydev.com> Message-ID: <35BCF535.1DEED6E@eng.auburn.edu> secret wrote: > > > One simple question, when it starts working again what is an easy > thing to check and see if I have domain admin rights?(from the NT > side) I don't have a "Sharing" tab, which is what I was using for > the check, but this can be unreliable too. Add a local user or try accessing the security event log ( assuming you have enabled auditing ). > Also, could someone give me some hints on running the pre_alpha samba > _AND_ the normal samba on the same machine at the same time? Or > should I really not attempt this?(For NT domain logons) One two machines ( or just two interfaces ) it works fine. > Fianally, when the NTDOM version of samba is working, does it support > grabbing user and group lists from the server in order to be able to > use user level access on the clients properly?(This is the main reason > I want to use it) Nope. Not there yet. NT clients will defer authentication for shares to the PDC but you cannot brose a listy of users and group mapping isn't completed. j- -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From herron at informatik.uni-hamburg.de Tue Jul 28 09:29:07 1998 From: herron at informatik.uni-hamburg.de (Dan Herron) Date: Tue Dec 2 02:24:20 2003 Subject: User lists In-Reply-To: <35BC7842.2EE95AC3@eng.auburn.edu> Message-ID: <3.0.5.32.19980728112907.009627a0@nats13.informatik.uni-hamburg.de> I know this has surely been answered twice a day, but I always see the answer below and I don't fully understand the consequences: (a) domain logons work for me (b) I _cannot_ get the user lists from the server in order to give access rights (as below) What I still don't understand is: is there some way to achieve that? Can I (via any other method) refer to user "domainname\username", in order to grant access to files, etc? Not to in any way knock the excellent work being done on Samba, but that _is_ a big part of having domains, right? So that I can control things from one central place? (I'm new to both NT and Samba). Possible or not, I don't think this is clearly stated in the FAQs. (Since I've seen this question asked already several times in my brief time on the list, I'd even be happy to summarize whatever the answer is and send it to be added to the FAQ, if that would help!) thanks, Dan At 10:59 PM 7/27/98 +1000, Gerald Carter wrote: >Marcelo E. Laurenti wrote: >> >> I have a samba server(Debian Linux) working well, but I can't >> get the users lists from the server when I try to give acces rigths >> to a share in a Windows 95 machine. > >This is not implmented yet. Daniel Herron Universitaet Hamburg / Fachbereich Informatik phone: (49-40) 54 94 - 25 19 AB Natuerlichsprachliche Systeme fax: (49-40) 54 94 - 25 15 Vogt-Koelln-Strasse 30 herron@informatik.uni-hamburg.de D-22527 Hamburg From mblack at csihq.com Tue Jul 28 13:05:45 1998 From: mblack at csihq.com (Mike Black) Date: Tue Dec 2 02:24:20 2003 Subject: Core dump on latest cvs update Message-ID: <00a001bdba28$8e5427e0$32de11cc@mblack.csihq.com> OK...latest CVS update (07/28/98 0900 EST) now has fixed the nmbd core dump problem...Thanx guys!! -----Original Message----- From: Matthew Chapman To: Multiple recipients of list Date: Monday, July 27, 1998 5:55 AM Subject: Re: Core dump on latest cvs update >Hi Mike, > >> Just updated this morning 7/25/98 (last time was Wed or Thur) and I >> now get a coredump from nmbd. > >I cvs updated today 7/27/98 & had the same problem; the attached diff on >nmbd_browsesync.c should hopefully fix it (have sent a copy to >samba-bugs). > > Matt. > >-- >Matt Chapman >E-mail: mattyc@cyberdude.com From cartegw at Eng.Auburn.EDU Tue Jul 28 13:44:33 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: User lists References: <3.0.5.32.19980728112907.009627a0@nats13.informatik.uni-hamburg.de> Message-ID: <35BDD5C1.CA162C99@eng.auburn.edu> Dan Herron wrote: > > What I still don't understand is: is there some way to achieve that? > Can I (via any other method) refer to user "domainname\username", in > order to grant access to files, etc? The username <-> RID mapping is not completed. Remember that you are dealing with experimental code not designed for a production environment. > Not to in any way knock the excellent work being done on Samba, but > that _is_ a big part of having domains, right? So that I can control > things from one central place? (I'm new to both NT and Samba). Correct, but we're not through yet. The actual PDC support will not be released as stable until around samba version2 or so. This is more of a testing environment. **use at your own risk** There is a lot more to be done. > Possible or not, I don't think this is clearly stated in the FAQs. > (Since I've seen this question asked already several times in my > brief time on the list, I'd even be happy to summarize whatever the > answer is and send it to be added to the FAQ, if that would help!) I'll update the FAQ now and try to state things more clearly. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From webber at sj.univali.rct-sc.br Mon Jul 27 22:15:06 1998 From: webber at sj.univali.rct-sc.br (Celso Kopp Webber) Date: Tue Dec 2 02:24:20 2003 Subject: Has smbpasswd -a -m changed?? Message-ID: <35BCFBE8.111344AB@sj.univali.rct-sc.br> Hi all! My Samba PDC is working very well, thanks! However, when I use "smbpasswd -am machine" to add a machine to the samba domain, it complains that machine$ user doesn't exist in /etc/passwd. If I add machine$ to /etc/passwd I can do "smbpasswd -am machine". Then I can remove machine$ from /etc/passwd. Is this the correct new behaviour, or am I missing something? TIA, Celso. From webber at sj.univali.rct-sc.br Mon Jul 27 22:34:09 1998 From: webber at sj.univali.rct-sc.br (Celso Kopp Webber) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! Message-ID: <35BD0060.A226D734@sj.univali.rct-sc.br> Hi again! I'm having a weird problem using a Samba PDC and NT Workstations. Samba is configured to enable roving profiles. Everything works pretty well, except this: Suppose that a user logs on a workstation called MACHINE-1, and creates a shortcut in his desktop which points to a program under \WINNT (say, cmd.exe). When he logs off, the shortcut and the corresponding icon is correctly saved to the user's profile in the Samba server. If this user logs on MACHINE-2, all his preferences (including the newly created shortcut) are loaded, but when he tries to access the previously created shortcut by double-clicking on it, he is prompted for a username/password pair for the share \\MACHINE-1\ADMIN$. The only way to go on is to type "admin" as username and a blank password. I've noticed also that the system directory, \WINNT, is exported by default under NT as ADMIN$ (a hidden share). I couldn't notice anything suspicious in the logs, also. Being frustrated by this, I've quickly setup an NT server machine (blarghhh!!!), and this problem simply doesn't happen. Has anyone had this problem? My smb.conf file is available under http://www.sj.univali.rct-sc.br/~webber/smb.conf , so that I could make this looonggg message a little shorter ;-) TIA again, Celso From cartegw at Eng.Auburn.EDU Tue Jul 28 14:17:26 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: Has smbpasswd -a -m changed?? References: <35BCFBE8.111344AB@sj.univali.rct-sc.br> Message-ID: <35BDDD76.C1F13C50@eng.auburn.edu> Celso Kopp Webber wrote: > > If I add machine$ to /etc/passwd I can do > "smbpasswd -am machine". Then I can remove > machine$ from /etc/passwd. This is correct. It was implmented to give us away to ensure that NT workstation accounts had a unique ID. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Tue Jul 28 14:19:24 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! References: <35BD0060.A226D734@sj.univali.rct-sc.br> Message-ID: <35BDDDEC.BA12EE67@eng.auburn.edu> Celso Kopp Webber wrote: > > by double-clicking on it, he is prompted > for a username/password pair for the > share \\MACHINE-1\ADMIN$. Where the machines imaged by chance? I disabled hidden shares and have never had this problem. There is a utility ( in the ResourceKit? ) to disable path tracking ( or something like that ). I don't remember exactly where it is. Sorry. Similar to the shortcut.exe found on the win95 install CD. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Tue Jul 28 14:33:51 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: What's done and what's not Message-ID: <35BDE14F.7F20CC69@eng.auburn.edu> Here the latest list of stuff that works and stuff that doesn't. Any suggesstions, clarifications, things to add, etc... ------------------------------------------------------------------- 1.1. How do I know if I need Samba Primary Domain Controller (PDC) support and how much of its functionality is currently implemented? If you wish to have Samba act as a PDC for Windows NT 3.51 and 4.0 client, then you will need to obtain the latest main branch source code (see 2.1). The following is a list of included currently features * The ability to act as a PDC for Windows NT 3.51 and 4.0 clients. This includes adding NT machines to the domain and authenticating users logging into the domain. * Domain account can be viewed using the "User Manager for Domains" for a small number ( ~4-8) of accounts. * Viewing resources on the Samba PDC via the "Server Manager for Domains" from the NT client. * Windows 95 clients will allow "user level" security to be set but will not currently allow browsing of accounts. * Machine account password updates. Release of a stable, full featured Samba PDC is currently slated for version 2. The NT domain client code is planeed to be made available in release 1.9.19 series. The following are not currently available in the NTDOM PDC support but eventually will be. * Trust relationships * PDC <=> BDC integration * Network printing (see question 2.5 for a workaround) * Changing user passwords from the NT client. * Windows NT ACLs * LDAP support * Windows NT groups * Username <-> RID mapping (ie. you can't get a list of users to control access to NT shares or for local ACL's ). There is also a samba PDC TODO list on line at http://peng1.uindy.edu/samba/todo.html. ------------------------------------------------------------------- Thanks, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From aperrin at demog.Berkeley.EDU Tue Jul 28 15:26:03 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:20 2003 Subject: Has smbpasswd -a -m changed?? In-Reply-To: <35BCFBE8.111344AB@sj.univali.rct-sc.br> Message-ID: No, that's the way it's always been - check out the archives, ntdom requires that machines have valid /etc/passwd (or NIS) accounts. My understanding is that removing them from /etc/passwd is a bad idea, but someone more familiar with samba should explain why. --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Wed, 29 Jul 1998, Celso Kopp Webber wrote: > Hi all! > > My Samba PDC is working very well, thanks! > However, when I use "smbpasswd -am machine" > to add a machine to the samba domain, it complains > that machine$ user doesn't exist in /etc/passwd. > > If I add machine$ to /etc/passwd I can do > "smbpasswd -am machine". Then I can remove > machine$ from /etc/passwd. > > Is this the correct new behaviour, or am I > missing something? > > TIA, > > Celso. > From aperrin at demog.Berkeley.EDU Tue Jul 28 15:28:13 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! In-Reply-To: <35BD0060.A226D734@sj.univali.rct-sc.br> Message-ID: I've got similar behavior here -- it seems to me that the desktop shortcut is set up with a complete UNC path, i.e., \\machine-1\admin$\cmd.exe not simply %systemroot%\cmd.exe (which is of course what it should be). Anybody know why or care to comment? --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Wed, 29 Jul 1998, Celso Kopp Webber wrote: > Hi again! > > I'm having a weird problem using a Samba > PDC and NT Workstations. Samba is configured > to enable roving profiles. Everything works > pretty well, except this: > > Suppose that a user logs on a workstation > called MACHINE-1, and creates a > shortcut in his desktop which points to a program > under \WINNT (say, cmd.exe). When he logs > off, the shortcut and the corresponding icon is > correctly saved to the user's profile > in the Samba server. > > If this user logs on MACHINE-2, all > his preferences (including the newly created > shortcut) are loaded, but when he tries to > access the previously created shortcut > by double-clicking on it, he is prompted > for a username/password pair for the > share \\MACHINE-1\ADMIN$. > > The only way to go on is to type > "admin" as username and a blank > password. > > I've noticed also that the system > directory, \WINNT, is exported > by default under NT as ADMIN$ > (a hidden share). > > I couldn't notice anything > suspicious in the logs, also. > > Being frustrated by this, I've quickly > setup an NT server machine (blarghhh!!!), > and this problem simply doesn't happen. > > Has anyone had this problem? My > smb.conf file is available under > http://www.sj.univali.rct-sc.br/~webber/smb.conf , > so that I could make this looonggg message > a little shorter ;-) > > TIA again, > > Celso > From alex at gsm.adelaide.edu.au Tue Jul 28 23:40:25 1998 From: alex at gsm.adelaide.edu.au (Alex Ardalich) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! In-Reply-To: <35BD0060.A226D734@sj.univali.rct-sc.br>; from Celso Kopp Webber on Wed, Jul 29, 1998 at 12:02:04AM +1000 References: <35BD0060.A226D734@sj.univali.rct-sc.br> Message-ID: <19980729091025.A1345@gsm.adelaide.edu.au> On Wed, Jul 29, 1998 at 12:02:04AM +1000, Celso Kopp Webber wrote: > > If this user logs on MACHINE-2, all > his preferences (including the newly created > shortcut) are loaded, but when he tries to > access the previously created shortcut > by double-clicking on it, he is prompted > for a username/password pair for the > share \\MACHINE-1\ADMIN$. > > The only way to go on is to type > "admin" as username and a blank > password. > > I've noticed also that the system > directory, \WINNT, is exported > by default under NT as ADMIN$ > (a hidden share). > > I couldn't notice anything > suspicious in the logs, also. > > Being frustrated by this, I've quickly > setup an NT server machine (blarghhh!!!), > and this problem simply doesn't happen. > > Has anyone had this problem? My > smb.conf file is available under > http://www.sj.univali.rct-sc.br/~webber/smb.conf , > so that I could make this looonggg message > a little shorter ;-) This seems to be normal behaviour, I have this problem with NT Server. On machine-2, put in a username and password to connect to machine-1 then get properties of the shortcut and delete the \\machine-1\blah\ part of the shortcut. I found this making profiles for the Lab, I did that then took a copy of the profile which I just now copy for everyone so I don't get a similar problem (but this also means you have to make the profiles userable to Users Domain Group which isn't up and running yet on Samba?) Alex From NERA at celsiustech.com.au Tue Jul 28 23:57:21 1998 From: NERA at celsiustech.com.au (Neale Rankin) Date: Tue Dec 2 02:24:20 2003 Subject: Problems setting up Internet Information Server which has a virtu al directory on a SAMBA share Message-ID: <6B7D1B96881FD211BEBA0000F8796E05092B99@elmo.celsiustech.com.au> Hi, I am new at using Samba and I am having a problem setting up a Internet Information Server which is run on a Windows NT 4.0 SP3 PDC. A lot of the WEB information is to be stored on a SAMBA share. It appears to work OK, the virtual directory is Indexed correctly, but when I go to that document, I come up with the "Username and Password Required" window. (I do not have to enter a username just hit OK.) The share is set up for public access. Also some times I get the authorisation failure, if you try and access another document. The SAMBA set up is as follows: SAMBA release 1.9.18p3 SAMBA global security set up security = server SAMBA Share set up readable, writeable and public = yes At the UNIX level, everybody has read access. Windows NT PDC set up: Windows NT version 4.0 service pack 3 Internet Information Server Index Server Client Access WinDD version 3.5 session running Netscape running on a X-terminal. I would much appreciate any suggestions on how to get around this problem, so that the user's do not get this message any more. Thank you. > Neale Rankin > CelsiusTech > Australia > Celsius Group Email: nera@celsiustech.com.au Phone: +61 8 8343 3854 Fax: +61 8 8343 3778 CelsiusTech Australia Pty Ltd Endeavour House Fourth Avenue, Mawson Lakes The Levels, SA 5095 Australia From ratzka at HRZ.Uni-Marburg.DE Wed Jul 29 06:50:26 1998 From: ratzka at HRZ.Uni-Marburg.DE (Wolfgang Ratzka) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! In-Reply-To: <35BD0060.A226D734@sj.univali.rct-sc.br> References: <35BD0060.A226D734@sj.univali.rct-sc.br> Message-ID: <199807290650.IAA26140@pprz04.HRZ.Uni-Marburg.DE> >>>>> "CKW" == Celso Kopp Webber writes: CKW> (...) CKW> If this user logs on MACHINE-2, all his preferences CKW> (including the newly created shortcut) are loaded, but when CKW> he tries to access the previously created shortcut by CKW> double-clicking on it, he is prompted for a username/password CKW> pair for the share \\MACHINE-1\ADMIN$. This is a quite common problem and not related to Samba. The reason is a (mis-)feature of Microsoft's *.lnk files, which sometimes try to be too smart (store the UNC name of a ressource where it is not appropriate). One way to repair this is to use the "scut" program provided with the NT Resource Kit: - Cd into your program menu folder (on a German NT this would be %USERPROFILE%\Startmen?\Programme --- this obviously needs to be translated) - Change all your *.lnk files to non-smart links using "scut *.lnk -s" CKW> The only way to go on is to type "admin" as username and CKW> a blank password. Now if *that* really works, you have yet another problem: an admin with a blank password is generally not a goot idea... -- Wolfgang Ratzka Phone: +49 6421 28 3531 FAX: +49 6421 28 6994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany ------------------------------Where do you want to go tomorrow? From sudarsan.varadan at wang.com Wed Jul 29 16:27:57 1998 From: sudarsan.varadan at wang.com (Sudarsan Varadan) Date: Tue Dec 2 02:24:20 2003 Subject: User Access from NT3.51 workstation to a share on Unixware Samba Server Message-ID: <000501bdbb0d$d8317210$b66ebd81@cbinfrasv.olsy-na.com> Hi I have this problem where I have SAMBA 1.9.18 installed on a SCO unixware server 2.1.3. I have a workstation running NT3.51, and the following are my settings from my smb.conf file. [global] admin users = user1 debuglevel = 4 browse list = no workgroup = ONT_DOMAIN server string = SCO Unixware Server hosts allow = 115.189.112.0/255.255.255.0 load printers = no guest account = pcguest log file = /usr/local/samba/var/log.%m max log size = 500 security = domain password server = 115.189.112.46 local master = no domain master = no preferred master = no domain logons = yes revalidate = yes name resolve order = wins host lmhosts bcast wins support = no wins server = 115.189.112.46 wins proxy = no [PUBLIC] comment = Public Stuff path = /home/pwrchute public = no writable = no printable = no hosts allow = 115.189.112.47 valid users = user1, user2, user3 If I have public = no, I am not able to authenticate any user to connect to the service/share, though I have valid users = user1, user2 etc. I am new to samba and have gone thru a lot of the documentation and tried various combinations with no success. If I set public = yes then everytime anyone comes in they come in as guest, which I do not want. Also I have network monitor running on my pdc and I do not see any authentication going thru it. My NT3.51 PDC is my password server , thus the setting server = domain. Can anybody help me this and point out what I am doing wrong. I have spent almost a week and would like to get this resolved. Please advise.... Sudarsan Varadan From hulet at ittc.ukans.edu Wed Jul 29 21:44:08 1998 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:24:20 2003 Subject: Strange problem with icons! In-Reply-To: <199807290650.IAA26140@pprz04.HRZ.Uni-Marburg.DE> Message-ID: Thanks for the info. Here is what I found while searching for SCUT. SCUT.EXE is a freeware program. You can download it from www.coffeecomputing.com Shortcut.exe is Microsoft's program. There is also a registry setting to disable the UNC tracking. The name of the value is LinkResolveIgnoreLinkInfo. Read Microsoft's Knowledgebase Article Q158682 for directions on how to implement this in the registry. On Wed, 29 Jul 1998, Wolfgang Ratzka wrote: > >>>>> "CKW" == Celso Kopp Webber writes: > > CKW> (...) > CKW> If this user logs on MACHINE-2, all his preferences > CKW> (including the newly created shortcut) are loaded, but when > CKW> he tries to access the previously created shortcut by > CKW> double-clicking on it, he is prompted for a username/password > CKW> pair for the share \\MACHINE-1\ADMIN$. > > This is a quite common problem and not related to Samba. The reason is > a (mis-)feature of Microsoft's *.lnk files, which sometimes try to be > too smart (store the UNC name of a ressource where it is not > appropriate). One way to repair this is to use the "scut" program > provided with the NT Resource Kit: > > - Cd into your program menu folder (on a German NT this would be > %USERPROFILE%\Startmenü\Programme --- this obviously needs to be > translated) > - Change all your *.lnk files to non-smart links using "scut *.lnk -s" > > CKW> The only way to go on is to type "admin" as username and > CKW> a blank password. > > Now if *that* really works, you have yet another problem: an admin > with a blank password is generally not a goot idea... > > -- > Wolfgang Ratzka Phone: +49 6421 28 3531 FAX: +49 6421 28 6994 > Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany > ------------------------------Where do you want to go tomorrow? > From aperrin at demog.Berkeley.EDU Wed Jul 29 20:29:56 1998 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:24:20 2003 Subject: NTDOM losing machine account Message-ID: Greetings- We've had the NTDOm stuff working well for several months now, but just the other day had to add a new machine to the domain (NT Workstation 4.0, SP3). We added the machine account to /etc/passwd and ~samba/private/smbpasswd, joined the domain, and it seemed to join fine; but both yesterday and today, when logging in users got the "machine password is wrong" error message, and to fix it we had to un-join then rejoin the domain. It then worked fine, until the following day. No tweaking of the smbpsswd file is necessary when doing the re-join. Any ideas why this might be happening? A level 3 log is at http://demog.berkeley.edu/samba.fecundity.log.bad Thanks in advance- --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 From cartegw at Eng.Auburn.EDU Wed Jul 29 22:25:42 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: Problems setting up Internet Information Server which has a virtu References: <6B7D1B96881FD211BEBA0000F8796E05092B99@elmo.celsiustech.com.au> Message-ID: <35BFA166.B36FBCD3@eng.auburn.edu> Neale, You'll probably get better help on the main samba list as this is not directly related to the Samba PDC support. j- Neale Rankin wrote: > > Hi, > I am new at using Samba and I am having a problem setting up a > Internet Information Server which is run on a Windows NT 4.0 SP3 PDC. > A lot of the WEB information is to be stored on a SAMBA share. It > appears to work OK, the virtual directory is Indexed correctly, but when > I go to that document, I come up with the "Username and Password > Required" window. (I do not have to enter a username just hit OK.) The > share is set up for public access. > > Also some times I get the authorisation failure, if you try and > access another document. > > The SAMBA set up is as follows: > > SAMBA release > 1.9.18p3 > SAMBA global security set up security = > server > SAMBA Share set up > readable, writeable and public = yes > At the UNIX level, everybody has read access. > > Windows NT PDC set up: > Windows NT version 4.0 service pack 3 > Internet Information Server > Index Server > > Client Access > WinDD version 3.5 session running Netscape running on a > X-terminal. > > I would much appreciate any suggestions on how to get around > this problem, so that the user's do not get this message any more. > > Thank you. > > > Neale Rankin > > CelsiusTech > > Australia > > Celsius Group > Email: nera@celsiustech.com.au > Phone: +61 8 8343 3854 > Fax: +61 8 8343 3778 > > CelsiusTech Australia Pty Ltd > Endeavour House > Fourth Avenue, Mawson Lakes > The Levels, SA 5095 Australia -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Wed Jul 29 22:30:29 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:20 2003 Subject: User Access from NT3.51 workstation to a share on Unixware Samba Server References: <000501bdbb0d$d8317210$b66ebd81@cbinfrasv.olsy-na.com> Message-ID: <35BFA285.A4DF4C6E@eng.auburn.edu> Sudarsan Varadan wrote: > > Hi > > I have this problem where I have SAMBA 1.9.18 installed on a > SCO unixware server 2.1.3. I have a workstation running NT3.51, > and the following are my settings from my smb.conf file. > > [global] > > security = domain ^^^^^^ This option is only supported under the HEAD branch. See the disclaimer at the top of the Table of Contents on the NTDOM FAQ (linked off the main samba page ). > domain logons = yes Domain logins require "security = user" and a [netloong] share. Chech the docs/DOMAIN.txt file ( or something like that ). > My NT3.51 PDC is my password server , thus the setting > server = domain. Use security = server password server = to get this working under the main branch. Or try out the security = domain option **only** available by downloading the head branch via cvs. See the NTDOM FAQ for instruictions on how to do this. > Can anybody help me this and point out what I am doing wrong. > I have spent almost a week and would like to get this resolved. Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From greg at discreet.com Thu Jul 30 00:36:29 1998 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:24:20 2003 Subject: User Access from NT3.51 workstation to a share on Unixware S In-Reply-To: <000501bdbb0d$d8317210$b66ebd81@cbinfrasv.olsy-na.com> Message-ID: try security =server password server = On 29-Jul-98 Sudarsan Varadan wrote: > Hi > > I have this problem where I have SAMBA 1.9.18 installed on a SCO unixware > server 2.1.3. I have a workstation running NT3.51, and the following are my > settings from my smb.conf file. > > [global] > > admin users = user1 > debuglevel = 4 > browse list = no > workgroup = ONT_DOMAIN > server string = SCO Unixware Server > hosts allow = 115.189.112.0/255.255.255.0 > load printers = no > guest account = pcguest > log file = /usr/local/samba/var/log.%m > max log size = 500 > security = domain > password server = 115.189.112.46 > local master = no > domain master = no > preferred master = no > domain logons = yes > revalidate = yes > name resolve order = wins host lmhosts bcast > wins support = no > wins server = 115.189.112.46 > wins proxy = no > > [PUBLIC] > comment = Public Stuff > path = /home/pwrchute > public = no > writable = no > printable = no > hosts allow = 115.189.112.47 > valid users = user1, user2, user3 > > If I have public = no, I am not able to authenticate any user to connect to > the service/share, though I have valid users = user1, user2 etc. I am new > to samba and have gone thru a lot of the documentation and tried various > combinations with no success. If I set public = yes then everytime anyone > comes in they come in as guest, which I do not want. Also I have network > monitor running on my pdc and I do not see any authentication going thru it. > My NT3.51 PDC is my password server , thus the setting server = domain. Can > anybody help me this and point out what I am doing wrong. I have spent > almost a week and would like to get this resolved. Please advise.... > > > Sudarsan Varadan --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From z2232203 at student.unsw.edu.au Thu Jul 30 02:38:33 1998 From: z2232203 at student.unsw.edu.au (Matthew Chapman) Date: Tue Dec 2 02:24:21 2003 Subject: Reminder: setres(u/g)id broken on Redhat 5.0 Message-ID: <35BFDCA9.5637134E@student.unsw.edu.au> Hi all, Just for those people who don't know and are having problems... Redhat Linux 5.0 has broken setresuid/setresgid functions, so (now that the autoconf branch has been merged in) you will have to comment out the autoconf'ed #define HAVE_SETRESUID 1 after running configure. Just wondering, is there any way to test for this in the configure script? Matt -- Matt Chapman mattyc@cyberdude.com From tridge at samba.anu.edu.au Thu Jul 30 06:59:53 1998 From: tridge at samba.anu.edu.au (Andrew Tridgell) Date: Tue Dec 2 02:24:21 2003 Subject: ntdom branch Message-ID: <19980730065958Z12607261-20049+95@samba.anu.edu.au> The ntdom branch has been dead for a while (the main branch now has the ntdom code), but its legacy still lives on in the tree because it created directories that aren't in other branches. CVS can't tag directories as belonging to a particular branch (in fact, CVS doesn't tag directories at all) so these directories end up cluttering our tree permanently. I propose to forcibly remove these directories (and any contents) soon using brute force on the repository. This means that anyone still using CVS to access the ntdom branch will see things break badly. You have been warned :) I will take a backup of anything I delete, but it won't be available via CVS. Any objections? Cheers, Tridge From Michel.Christaller at cea.fr Thu Jul 30 06:58:48 1998 From: Michel.Christaller at cea.fr (Michel Christaller) Date: Tue Dec 2 02:24:21 2003 Subject: domain admin users and roaming profiles Message-ID: <35C019A8.EE8C94E3@cea.fr> Hello, I have met a "bug", I think: when using roaming profiles, and a domain admin users list, profiles a used as they are to be with normal users, but all domain admin users take only one profile (that of the first domain admin user logging on the station). When I log with another domain admin user, his profile is not downloaded, and when putting icons on desk, they are stored in the first (domain admin) user's desk directory. I use a pretty outdated cvs snapshot, so maybe this is due to using the same SID for all domain admin users (??). If so, will it be the same with the new mechanism not using a unique SID ? -- Michel Christaller System Engineer - Ath?sa > Support open source software ! < From z2232203 at student.unsw.edu.au Thu Jul 30 12:17:36 1998 From: z2232203 at student.unsw.edu.au (Matthew Chapman) Date: Tue Dec 2 02:24:21 2003 Subject: GPF on logon to Samba domain Message-ID: <35C06460.3CFBF0FF@student.unsw.edu.au> Latest CVS update of Samba (after the autoconf merge) seems to have broken a lot of things. For a start the NT logon process segfaults shortly after the "Logon in progress" dialog disappears. This is bad for people logging in. >From a quick examination of the logs the only thing that seems abnormal is that NT tries to access a pipe \browser, which fails since it's not implemented. I don't remember this happening before when things were working. Anyone else having similar problems? Any ideas what has happened or where to look to fix it? Matt -- Matt Chapman mattyc@cyberdude.com From cartegw at Eng.Auburn.EDU Thu Jul 30 12:37:39 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: domain admin users and roaming profiles References: <35C019A8.EE8C94E3@cea.fr> Message-ID: <35C06913.7510E546@eng.auburn.edu> Michel Christaller wrote: > > when using roaming profiles, and a domain admin > users list, profiles a used as they are to be with > normal users, but all domain admin users take only > one profile (that of the first domain admin user > logging on the station). When I log with another > domain admin user, his profile is not downloaded, > and when putting icons on desk, they are stored > in the first (domain admin) user's desk directory. > > I use a pretty outdated cvs snapshot, so maybe > this is due to using the same SID for all domain > admin users (??). If so, will it be the same with > the new mechanism not using a unique SID ? >From the NTDOM FAQ... ---------------------------------------------------------------------- 4.2 Why are all the users listed in the "domain admin users" using the same profile? There are several well known RIDs in Windows NT. One of these the the admin RID which is 500. Currently samba supports domain admin users by assigning them the Administrator RID of 500 rather than the way that normal user RID are generated ( by 1000 to the unix uid ). The will change in the future as more is learned about the methods to implement this and as NT groups become supported. The hard coded RID for domain admins can cause users to share profiles if you are not deleting the cached copy of the of the user profile after the user logs out. ---------------------------------------------------------------------- Things have changed a little. Jeremy recently posted the correct way for setting up domain admin accounts. Check the list archives. I've got it saved somewhere if you can't find it. Should have been in the past two weeks or so. Don't remember the subject. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From foxfire at lancelot.fe.up.pt Thu Jul 30 12:50:33 1998 From: foxfire at lancelot.fe.up.pt (Joao Carvalho) Date: Tue Dec 2 02:24:21 2003 Subject: Policies Message-ID: <98073014075300.23098@tcpgate> Hi, just 1 question do the policies work with samba ? 1 i tried to put the file in \\server\netlogon\NTconfig.dat but it didn't seem to work. Is it because of the RID's are not implemented ? I got a way around this by editing the NT workstation registry by hand HKEY_USERS/.DEFAULT/... i use the flags : NoDispSettingPage and DisableRegistryTools so each new user get's the restriction imposed from the start. Later it is saved in his profile. 2 if any1 needs a printer-accounting software for samba, i just finished writing one, the only condition is that the printer is suported by gs, so printers like epson , hp , PS , oki , ... will work. At least mine is a OKI 6e. It is free of course ,:-) , therefor i take no responsibility if ... Hope you keep up the good work. Thanx guys -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joao de Deus Carvalho Phone: 351-2-2041896 Fax : 351-2-2074210 Faculdade de Engenharia da Pager: 351-943-915599 Email: foxfire@fe.up.pt Universidade do Porto Webpage: http://ae.fe.up.pt/~foxfire/ From cartegw at Eng.Auburn.EDU Thu Jul 30 13:31:21 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: Policies References: <98073014075300.23098@tcpgate> Message-ID: <35C075A9.BB10AA19@eng.auburn.edu> Joao Carvalho wrote: > > i tried to put the file in \\server\netlogon\NTconfig.dat should be NTconfig.POL. You may have to play with the case setting for the [netlogon] share as well. also need to set locking = no public = no for [netlogon] j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From foxfire at lancelot.fe.up.pt Thu Jul 30 13:39:54 1998 From: foxfire at lancelot.fe.up.pt (Joao Carvalho) Date: Tue Dec 2 02:24:21 2003 Subject: Policies References: <35C075A9.BB10AA19@eng.auburn.edu> Message-ID: <98073014420300.23960@tcpgate> On Thu, 30 Jul 1998, Gerald Carter wrote: >Joao Carvalho wrote: >> >> i tried to put the file in \\server\netlogon\NTconfig.dat > i meant NTconfig.POL of course sorry about that little mixup >should be NTconfig.POL. You may have to play with the case >setting for the [netlogon] share as well. > >also need to set > > locking = no > public = no > >for [netlogon] > > thanx ,so they work . > -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joao de Deus Carvalho Phone: 351-2-2041896 Fax : 351-2-2074210 Faculdade de Engenharia da Pager: 351-943-915599 Email: foxfire@fe.up.pt Universidade do Porto Webpage: http://ae.fe.up.pt/~foxfire/ From secret at kearneydev.com Thu Jul 30 14:05:06 1998 From: secret at kearneydev.com (secret) Date: Tue Dec 2 02:24:21 2003 Subject: domain admin users and roaming profiles References: <35C019A8.EE8C94E3@cea.fr> Message-ID: <35C07D92.1D2EFCC9@kearneydev.com> Michel Christaller wrote: > Hello, > > I have met a "bug", I think: > > when using roaming profiles, and a domain admin > users list, profiles a used as they are to be with > normal users, but all domain admin users take only > one profile (that of the first domain admin user > logging on the station). When I log with another > domain admin user, his profile is not downloaded, > and when putting icons on desk, they are stored > in the first (domain admin) user's desk directory. > > I use a pretty outdated cvs snapshot, so maybe > this is due to using the same SID for all domain > admin users (??). If so, will it be the same with > the new mechanism not using a unique SID? It was suggested to use "domain admin group = ..,..,..." instead of domain admin user, and was also mentioned that the user version will be going away in the future in favor of domain admin group. With the latest CVS snapshot I have domain admin group working just fine, apparently I came in too late for "domain admin users" to work properly as it was broken by some updates. David Secret Systems Administrator Kearney Development Co., Inc. From sni at ide.hk-r.se Thu Jul 30 19:34:54 1998 From: sni at ide.hk-r.se (sni) Date: Tue Dec 2 02:24:21 2003 Subject: Using a Samba PDC as the password server for an Intranet solution Message-ID: <35C0CADE.47E110AA@ide.hk-r.se> I'm currently working in a project that aims to create an intranet. We are using a standalone NT-server as the web server, and a Samba machine as a PDC for the domain in which the web server participates. Besides the trouble with actually getting the NT machine and the Samba PDC to accept eachother and let the web server be part of the domain, I have encountered some small difficulties. The system now handles around 4000 users, who all have their own entities in the smbpasswd and the passwd file on the Samba machine, which by the way is a SUN box. I have successfully managed to set up the configuration so that the samba PDC validates users that log on to the NT web server, which actually seems to work really well. However, when I want to set the access permissions for a certain directory in NT and bring up the user list to select users that should be granted access, an error occurs and is displayed in the NT dialog box saying: Unable to browse the selected domain because the following error occured: Invalid access to memory location The only things I get in my samba log are some: getsmbfilepwent: malformed password entry (no terminating :) What I want to know is whether this is a misconfiguration error or if it is not possible to use the Samba PDC like this? Regards /Staffan From cartegw at Eng.Auburn.EDU Thu Jul 30 19:52:35 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: Using a Samba PDC as the password server for an Intranet solution References: <35C0CADE.47E110AA@ide.hk-r.se> Message-ID: <35C0CF03.22656542@eng.auburn.edu> sni wrote: > > actually seems to work really well. However, when I want to set the > access permissions for a certain directory in NT and bring up the user > list to select users that should be granted access, an error occurs > and is displayed in the NT dialog box saying: > > Unable to browse the selected domain because the following error > occured: > Invalid access to memory location I am in the process of updating the NTDOM FAQ to better explain the current state of browsing domain account lists, etc... The bottom line is that a lot of work still needs to be done. The work has not stopped ( or really even slowed ), there is just a lot of it. Your specific problem is due to limitation in the current source code. Hope this helps. j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From mlaurent at eie.fceia.unr.edu.ar Fri Jul 31 02:12:46 1998 From: mlaurent at eie.fceia.unr.edu.ar (Marcelo E. Laurenti) Date: Tue Dec 2 02:24:21 2003 Subject: Problem with NT4 WS SP3 Message-ID: Hi All I have an NT 4 WS with SP3 but when I try to change in control panel / net , from member of workgroup to domain, the error message is that can?t connect to the domain controler, check the machine account.. I created an account for the NT box with : smbpasswd -a -m MACHINE ( MACHINE$ int /etc/passwd ) can anybody help me Thanks -- Marcelo E. Laurenti Escuela de Ingenieria Electronica Fac. de Cs. Exactas e Ingenieria Universidad Nacional de Rosario From foxfire at lancelot.fe.up.pt Fri Jul 31 07:47:28 1998 From: foxfire at lancelot.fe.up.pt (Joao Carvalho) Date: Tue Dec 2 02:24:21 2003 Subject: Policies still don't work Message-ID: <98073108562902.12382@tcpgate> I followed your advice here is my netlogon share definition : [netlogon] comment = Network Logon Service path = /usr/local/samba/netlogon # guest ok = no public = no locking = no writable = yes share modes = yes case sensitive=no # mangle case=no preserve case = yes short preserve case = yes the file is "ntconfig.pol" . at first i didn't add any users and left "default" with the restrictions i want , then i tried adding some users but nothing seems to work. So i CVS's the last version of samba , which gave me a blue-screen when i tried to log in. Does Any1 have a tar.gz of samba where he tested the polices ? -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joao de Deus Carvalho Phone: 351-2-2041896 Fax : 351-2-2074210 Faculdade de Engenharia da Pager: 351-943-915599 Email: foxfire@fe.up.pt Universidade do Porto Webpage: http://ae.fe.up.pt/~foxfire/ From secret at kearneydev.com Fri Jul 31 12:59:59 1998 From: secret at kearneydev.com (secret) Date: Tue Dec 2 02:24:21 2003 Subject: Policies References: <98073014075300.23098@tcpgate> Message-ID: <35C1BFCE.524DA917@kearneydev.com> How did you make policies for users(if you did) without being able to retrieve a user list from the samba server? If there is a way to directly specify accounts that would be ideal. Anyone know if users in policies are stored as numbers or strings like \domain\user? Joao Carvalho wrote: > Hi, > just 1 question do the policies work with samba ? > > 1 > i tried to put the file in \\server\netlogon\NTconfig.dat > > but it didn't seem to work. Is it because of the RID's are not implemented ? > > I got a way around this by editing the NT workstation registry by hand > > HKEY_USERS/.DEFAULT/... > i use the flags : > NoDispSettingPage and DisableRegistryTools > > so each new user get's the restriction imposed from the start. Later it is > saved in his profile. > > 2 > if any1 needs a printer-accounting software for samba, i just finished > writing one, the only condition is that the printer is suported by gs, so > printers like epson , hp , PS , oki , ... will work. At least mine is a OKI 6e. > It is free of course ,:-) , therefor i take no responsibility if ... > > Hope you keep up the good work. > Thanx guys > > -- > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Joao de Deus Carvalho Phone: 351-2-2041896 Fax : 351-2-2074210 > Faculdade de Engenharia da Pager: 351-943-915599 Email: foxfire@fe.up.pt > Universidade do Porto Webpage: http://ae.fe.up.pt/~foxfire/ From cartegw at Eng.Auburn.EDU Fri Jul 31 13:13:22 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: Policies still don't work References: <98073108562902.12382@tcpgate> Message-ID: <35C1C2F2.65E06339@eng.auburn.edu> Joao Carvalho wrote: > > I followed your advice here is my netlogon share definition : > > [netlogon] > comment = Network Logon Service > path = /usr/local/samba/netlogon > # guest ok = no > public = no > locking = no > writable = yes > share modes = yes > case sensitive=no > # mangle case=no > preserve case = yes > short preserve case = yes > > the file is "ntconfig.pol" . My guess is that it is a case issue somehow. Here are the settings I use [netlogon] default case = lower preserve case = yes case sensitive = no and the file is named 'ntconfig.pol' A couple of simple things to look for are that the file is world readable and that the update settings on the client are set correctly. You may want to try configuring a manual update to \\\nertlogon\ntconfig.pol and see what happens. Some people have reported that the filename had to NTconfig.POL or NTconfig.pol depending on their case settings. When all else fails ( you may want to do this first ), crank up the debug level on smbd to about 20 and see if the client is actually looking for the policy. Network Monitor traces will show an "open & X" for ntconfig.pol during the login if things are set right on the client. > So i CVS's the last version of samba , which gave me a blue-screen > when i tried to log in. Does Any1 have a tar.gz of samba where he > tested the polices ? You can grab an archive from July 10 at ftp:/ftp.eng.auburn.edu/pub/cartegw/samba-1.9.19-prealpha.tar.gz Hope this helps, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ratzka at HRZ.Uni-Marburg.DE Fri Jul 31 13:24:34 1998 From: ratzka at HRZ.Uni-Marburg.DE (Wolfgang Ratzka) Date: Tue Dec 2 02:24:21 2003 Subject: Policies In-Reply-To: <35C1BFCE.524DA917@kearneydev.com> References: <98073014075300.23098@tcpgate> <35C1BFCE.524DA917@kearneydev.com> Message-ID: <199807311324.PAA17230@pprz04.HRZ.Uni-Marburg.DE> >>>>> "JC" == secret writes: JC> Anyone know if users in policies are stored as numbers or JC> strings like \domain\user? They are stored as strings. -- Wolfgang Ratzka Phone: +49 6421 28 3531 FAX: +49 6421 28 6994 Uni Marburg, HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany ------------------------------Where do you want to go tomorrow? From cartegw at Eng.Auburn.EDU Fri Jul 31 13:33:10 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: Policies References: <98073014075300.23098@tcpgate> <35C1BFCE.524DA917@kearneydev.com> Message-ID: <35C1C796.D00F8F80@eng.auburn.edu> secret wrote: > > How did you make policies for users(if you did) without being able > to retrieve a user list from the samba server? If there is a way to > directly specify accounts that would be ideal. Just add a valid username. NT looks at the name. There is no SID associated with it. Kind of inconsistent I agree but.... Edit -> Add user -> type the username -> click ok OK > Anyone know if users in policies are stored as numbers or > strings like \domain\user? j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Fri Jul 31 13:37:54 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: Problem with NT4 WS SP3 References: Message-ID: <35C1C8B2.A74FA434@eng.auburn.edu> Marcelo E. Laurenti wrote: > > I have an NT 4 WS with SP3 but when I try to change in control > panel / net , from member of workgroup to domain, the error message is > that can?t connect to the domain controler, check the machine > account.. I created an account for the NT box with : > > smbpasswd -a -m MACHINE ( MACHINE$ int /etc/passwd ) > Could you send the smbpasswd entry for MACHINE$? Thanks, j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Fri Jul 31 15:47:35 1998 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:24:21 2003 Subject: update to FAQ Message-ID: <35C1E717.2C4902AD@eng.auburn.edu> I have updated Section 4 of the NTDOM FAQ. Here are the Questions. Send suggestions, typos, comments, etc directly to me (unless you feel the list needs to see it). The FAQ has been updated on the ANU samba site and will go to mirrors shortly. ------------------------------------------------------------------ Roaming Profiles 4.1.1 Why is it bad to set "logon path = \\%N\%U\profile" in smb.conf? 4.1.2 Why are all the users listed in the "domain admin users" using the same profile? 4.1.3 How can I create a user's profile directory on the fly without user the \\%N\%U\profile type of setup? User & Groups 4.2.1. When I try to view the accounts in my Samba Domain using User Manager for Domains I get 'The Remote Procedure Call failed.' 4.2.2. When I run command line tool "x", that tries to use a domain account, I get the message 'No mapping between usernames and ID's was done.' 4.2.3. I really need to include domain accounts and groups in the ACL's, but it won't work. Domain Administration 4.3.1. How do I configure an account as a domain administrator? 4.3.2. I can't get system policies to work. ------------------------------------------------------------------ j- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 )