From sparky at dcs.warwick.ac.uk Mon Mar 1 03:12:34 1999 From: sparky at dcs.warwick.ac.uk (Graham) Date: Tue Dec 2 02:25:26 2003 Subject: Downloading Profiles/Policies (slow connection) In-Reply-To: <36D9D7EF.AB52F8FC@cardinalengineering.com> Message-ID: Hi, I have had the slow connection message ever since I started using NT-DOM with samba (starting from 2.0.0 beta 1, now 2.0.2). I have only a small network in our house, with 8 users and 6 machine accounts. Only 2 of the machines generally use NT-DOM logins, and on both of these we find that you nearly always get the slow login message for all users, apart from when you login to NT just as it has finished booting, or when logging in imediately after logging out. This is running on a 10base2 network, the server being an AMD K6-400 Linux box, and the NT clients being P166 and P233 NT-4.0 SP4 (it also happened previously with SP3). The samba server provides the profiles and the authorization, no NT server is involved. The server generally has very little load, and the same goes for the network. On a side note, could anyone tell if and how it possible to get Win95/98 clients to run LOGON scripts? Sorry if this is more of an NT admin question than a Samba question, but it would be really nice to get this working. Cheers, Graham ------------------------------------------------------------------------------ graham@localbar.com \ || / \--------/ 2nd Year \ . . / Computer Systems Engineering \ -- / University Of Warwick http://www.warwick.ac.uk/~esugz \ / \/ From leim at ns.nswbc.nsw.edu.au Mon Mar 1 07:23:24 1999 From: leim at ns.nswbc.nsw.edu.au (Lei Miao) Date: Tue Dec 2 02:25:27 2003 Subject: switching from NT server to SAMBA Message-ID: <199903010723.SAA06576@ns.nswbc.nsw.edu.au> A non-text attachment was scrubbed... Name: not available Type: text Size: 932 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990301/1ace9b18/attachment.bat From brian at bstc.net Mon Mar 1 12:56:50 1999 From: brian at bstc.net (Brian Roberson) Date: Tue Dec 2 02:25:27 2003 Subject: switching from NT server to SAMBA References: <199903010723.SAA06576@ns.nswbc.nsw.edu.au> Message-ID: <36DA8E92.EDC2328A@bstc.net> your on the right track, you'll need to give each a machine account ( add a user for each machine ) leave the domain and rejoin. This information should be in the NT Dom faq if you need further help. { http://us1.samba.org/samba/docs/ntdom_faq/samba_ntdom_faq.html } Lei Miao wrote: > We currently have a single NT server acting as a PDC for a collection > of a NT workstation 4.0 PC's. I am in the process of switching over to SAMBA > running on RedHat 5.2. I think I have created all of the necessary shares > and made all the necessary changes to smb.conf... pulled out the network > connection for the NT server disconnecting it from the network and started > SAMBA acting as Domain logon server (obviously with the same domain name) > tried to logon from a workstation and got the message "trust with domain > controller has been broken"... what's causing this problem? > > BTW, initially I had the SAMBA server running as just a server (not PDC) > on the network and all the machines could see it just fine. > > Could this have something to do with NT SID's etc... do you think I need > to go to each of the workstations and get them to leave the current domain > and join the "new" one (same domain name actually). > > Many thanks, > Lei -- ----------------------------------------------------------------- Brian Roberson BrainStorm Technologies Linux Solution Provider (402) 690-7306 http://www.bstc.net/ From eric.devolder at eft.be Mon Mar 1 13:06:34 1999 From: eric.devolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:25:27 2003 Subject: my real problem is ntconfig.pol Message-ID: Thank you for this answer, it solves my problem. Also I apologize if I took some bandwidth to dicuss about an off-topic subject... Eric > -----Original Message----- > From: Mike Brodbelt [SMTP:m.brodbelt@acu.ac.uk] > Sent: lundi 1 mars 1999 8:44 > To: EFT.Eric Devolder > Subject: Re: my real problem is ntconfig.pol > > EFT.Eric Devolder wrote: > > > > Hello, > > > > Now I'm sure the ntconfig.pol is *really* downloaded to the NT box. > > > > The last problem is always: When logged with samba as PDC on the SAMBA > > domain, the user of the NT box can no more start or stop services, > change > > local user config, and so on. My question is what do I have to > incorporate > > into ntconfig.pol in order to allow this behavior ? > > Do I have to recreate entries in this file for each user and/or machine > that > > logs in ? How can I do ? Please help ! > > This isn't really a Samba issue, it's just the same with an NT server. > An NT machine has a local SAM database where it stores user accounts. If > you make a user on the NT box a member of the Administrators group, they > gain admin rights to the box. The account with these rights will be > LOCALMACHINE\username. If you then make the machine a member of an NT > domain, the group DOMAIN\Domain Users will be added to > LOCALMACHINE\Users, and DOMAIN\Domain Administrators will be added to > LOCALMACHINE\Administrators. > > If you have added user accounts so that the guy who previously logged in > as LOCALMACHINE\username now logs in as DOMAIN\username, then that > person will lose Admin rights to the local box, as DOMAIN\username is > *not* a member of the LOCALMACHINE\Administrators group. To change this, > run the User Manager on each NT workstation, and add the appropriate > domain user account to that workstation's local Administrators group. > This should fix your problem. > > HTH > > Mike. From ink at inconnu.isu.edu Mon Mar 1 15:56:14 1999 From: ink at inconnu.isu.edu (Craig Kelley) Date: Tue Dec 2 02:25:27 2003 Subject: SAMBA-NTDOM digest 676 In-Reply-To: <19990301000955Z12853490-7797+17334@samba.anu.edu.au> Message-ID: Dejan Ilic wrote: > On Mon, 1 Mar 1999, Wolfgang Ratzka wrote: > > > Nuno Loureiro wrote: > > > > > > But in my case is 10BaseT, so we should never get this message :/ > > > > I get the message when I store user profiles on a samba server. > > My interpretation is that the authentication process is taking > > very long (we have ~9000 users in /etc/passwd) and therefore > > samba has a slow start, which leads NT to expect (quite wrongly ;-) > > overal slow performance.. > > Suspecting the same problem here. About 17000 accounts on samba. We never have that problem and we only have about 500 users in the passwd file. Perhaps Samba should do some password caching? It shouldn't be difficult to implement -- it wouldn't solve the problem ALL the time because there would need to be a cache miss sometimes, but it should fix the situation for most cases. Then again, how does one do password caching while using PAM? (If it is implemented, it shouldn't be 'on' by default) -- The wheel is turning but the hamster is dead. Craig Kelley -- kellcrai@isu.edu http://www.isu.edu/~kellcrai finger ink@inconnu.isu.edu for PGP block From lkcl at switchboard.net Mon Mar 1 16:26:24 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:27 2003 Subject: Trust relationship between PDCs In-Reply-To: <99022812110400.00329@puffy.epiuse.co.za> Message-ID: i started the nt domains for unix project immediately nt 5 beta 1 was released. unless someone else wants to take this on i personally am happy to wait until nt5 becomes established before taking it on. once established, it will be difficult for ms to justify massive changes just to oust the competition, despite the assistance that the competition has given microsoft in improving the security and reliability of their flagship product. i could be more politically correct and less antagonistic and if i worked for microsoft, i would be. luke On Sun, 28 Feb 1999, jan van rensburg wrote: > hi, > jerry/luke, isn't it a bit of a waste of time to try and implement trust > relationships now? should the focus of effort not rather be on > nt5/win2000 functionality? as far as i understand with nt5, trust relationships > will become "obsolete". > > --jan van rensburg > > On Fri, 26 Feb 1999, Alicia F. Balsera wrote: > >On Sat, 27 Feb 1999, Gerald Carter wrote: > > > >> > The part that I do not have clear is how to establish a > >> > trust relationship between the PDC of an NT domain and > >> > my Samba PDC. > >> > >> Trust relationships are not implemented yet. > > > >I will watch closely for new developments as my goal is to > >authenticate from the SAMBA PDC while using the resources > >controlled by the NT PDCs... > > > >What is the status of LDAP support for Samba? I am interested > >in using our Directory Server for authentication rather than > >depending on the UNIX and/or smbpasswd files. > -- > > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Mon Mar 1 16:35:50 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:27 2003 Subject: Downloading Profiles/Policies (slow connection) In-Reply-To: Message-ID: On Mon, 1 Mar 1999, Dejan Ilic wrote: > On Mon, 1 Mar 1999, Wolfgang Ratzka wrote: > > > Nuno Loureiro wrote: > > > > > > But in my case is 10BaseT, so we should never get this message :/ > > > > I get the message when I store user profiles on a samba server. > > My interpretation is that the authentication process is taking > > very long (we have ~9000 users in /etc/passwd) and therefore > > samba has a slow start, which leads NT to expect (quite wrongly ;-) > > overal slow performance.. > > Suspecting the same problem here. About 17000 accounts on samba. well, you could always use Benjamin Kuit's new mysql code!!! From rchatfie at cemrc.org Mon Mar 1 16:56:05 1999 From: rchatfie at cemrc.org (Randy Chatfield) Date: Tue Dec 2 02:25:27 2003 Subject: Existing set of credentials problem In-Reply-To: Message-ID: Hello, I now have a problem when trying to access an NT share after switching my NT machines to a samba PDC. Now I get an "existing set of credentials exists" error when trying to connect to the shares and I cannot connect to them. Some machines which have not been moved to the samba PDC, but which still use the samba workgroup do not appear to have this problem. How do I remedy the crendentials problem on NT machines connected to the samba PDC? Or is this even related to the samba PDC? Thanks. Randy Chatfield rchatfie@cemrc.org From cartegw at Eng.Auburn.EDU Mon Mar 1 18:04:39 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:27 2003 Subject: Existing set of credentials problem References: Message-ID: <36DAD6B7.F9D05753@eng.auburn.edu> Randy Chatfield wrote: > > Hello, > > I now have a problem when trying to access an NT share > after switching my NT machines to a samba PDC. Now I get > an "existing set of credentials exists" error when trying > to connect to the shares and I cannot connect to them. > Some machines which have not been moved to the samba PDC, but > which still use the samba workgroup do not appear to have this > problem. The NT network redirector will not allow you to connect to a NetbIOS name using more than one user id. The woraround is to do something like net use h: \\servername\share1 /user:user1 net use i: \\aaa.bbb.ccc.ddd\share2 /user:user2 where aaa.bbb.ccc.ddd is the IP address of servername. You can also use LMHOST entries and netbios aliases for this. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From whn at topelo.lopi.com Mon Mar 1 20:31:59 1999 From: whn at topelo.lopi.com (Bill Nugent) Date: Tue Dec 2 02:25:27 2003 Subject: my real problem is ntconfig.pol In-Reply-To: Your message of Sat, 27 Feb 1999 01:33:10 +1100. <36D6AF1B.F58C5626@eng.auburn.edu> Message-ID: <19990301203159.2041.qmail@topelo.lopi.com> On Saturday, Feb 27 1999 at 01:33:10, Gerald Carter wrote: ... >Truthfully, this is strictly an NT related issue. However, >lately this list has been more of a "how to administer >Windows NT" type list. Gerry, I'm betting that this will increasingly become an issue as Samba's use as a PDC continues to grow. There should probably be at least a pointer in the NT Domain FAQ to a good NT Domain Admin reference or two. Perhaps even a separate NT Domain Admin FAQ or some such. Bill From lkcl at switchboard.net Mon Mar 1 20:39:42 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:27 2003 Subject: my real problem is ntconfig.pol In-Reply-To: <19990301203159.2041.qmail@topelo.lopi.com> Message-ID: On Tue, 2 Mar 1999, Bill Nugent wrote: > On Saturday, Feb 27 1999 at 01:33:10, Gerald Carter wrote: > > .. > > >Truthfully, this is strictly an NT related issue. However, > >lately this list has been more of a "how to administer > >Windows NT" type list. > > Gerry, > > I'm betting that this will increasingly become an issue as Samba's use as > a PDC continues to grow. that's to be expected. how many people on this list have had significant experience with nt administration? _are_ there any mailing lists which deal with nt admin? newsgroups? > There should probably be at least a pointer in the NT Domain FAQ to a > good NT Domain Admin reference or two. Perhaps even a separate NT Domain > Admin FAQ or some such. good idea. From jbeley at astcorp.com Tue Mar 2 06:52:41 1999 From: jbeley at astcorp.com (Jeff Beley) Date: Tue Dec 2 02:25:27 2003 Subject: mysql Message-ID: <19990302005241.A23726@ns1.astcorp.com> I've just downloaded the latest CVS and saw the mysql entries in the source. How do I actually use this functionality with samba? --Jeff -- ------------------------------- Jeff Beley Network Administrator PGP Key Available upon request From a.kooijman at io.tudelft.nl Tue Mar 2 08:14:22 1999 From: a.kooijman at io.tudelft.nl (kooijman, a.) Date: Tue Dec 2 02:25:27 2003 Subject: Samba pdc: NT crashing Message-ID: <36DB9DDE.206CCBAA@io.tudelft.nl> I have been snooping around in the faq's and the archive's but did not find the answer to my problems: If I try to remove a roaming profile, logged on as (local) administrator WindowsNT returns a Blue Screen of Death to me. Using Samba 2.02 as a pdc, windowsNT clients keep complaining is I try to access the permissions of files. After I try to modify permissions I have to reboot the system to get access to the domain again. Any clues? Adrie Kooijman From eric.devolder at eft.be Tue Mar 2 08:24:42 1999 From: eric.devolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:25:27 2003 Subject: my real problem is ntconfig.pol Message-ID: > On Tue, 2 Mar 1999, Bill Nugent wrote: > > > On Saturday, Feb 27 1999 at 01:33:10, Gerald Carter wrote: > > > > .. > > > > >Truthfully, this is strictly an NT related issue. However, > > >lately this list has been more of a "how to administer > > >Windows NT" type list. > > > > Gerry, > > > > I'm betting that this will increasingly become an issue as Samba's use > as > > a PDC continues to grow. > > that's to be expected. how many people on this list have had significant > experience with nt administration? _are_ there any mailing lists which > deal with nt admin? newsgroups? > > > There should probably be at least a pointer in the NT Domain FAQ to a > > good NT Domain Admin reference or two. Perhaps even a separate NT > Domain > > Admin FAQ or some such. > > good idea. > [EFT.Eric Devolder] I think it's a very good idea, because information over the network is missing about this topic. From eric.devolder at eft.be Tue Mar 2 13:29:10 1999 From: eric.devolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:25:27 2003 Subject: Impossible to come back to a previously registered domain ? Message-ID: Hi again, I hope the following subject is not (too...) off-topic. I encounter the following problem: A Samba server is running a little network with NT & 9x Boxes, as PDC. For a special reason, a user changed his network properties in order to to leave Samba Domain an to join another Workgroup (NOT the SAMBA Domain). Later, this user wanted to reintegrate the SAMBA domain, but his request was rejected. The only thing I could do is to remove the line [MACHINE]$ in the smbpasswd file, then reinsert it again with smbpasswd -a -m . When reading samba logs, this one tells me : Session_trust_account:TRUST ACCOUNT [MACNHINE]$ - passwd failed Can someone tell me if it's a SAMBA or pure NT issue. I don't know if it's a bug, but it's very unvconvenient. Thank you, Enjoy Samba. Eric Devolder From Jean-Francois.Micouleau at dalalu.fr Tue Mar 2 13:55:28 1999 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? In-Reply-To: Message-ID: On Wed, 3 Mar 1999, EFT.Eric Devolder wrote: > Can someone tell me if it's a SAMBA or pure NT issue. I don't know if it's a > bug, but it's very unvconvenient. pure NT security design issue. Joining or RE-joining a domain is the same thing. You have to reset the machine's password to the initial state. J.F. From greg at discreet.com Tue Mar 2 13:58:21 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? In-Reply-To: Message-ID: This is NT "security" as the message on the NT workstation will tell you when you leave the domain. You simnply need to reset the password to the default when you want to rejoin the domain. Exactly the same behavior with NT server. Greg On 02-Mar-99 EFT.Eric Devolder wrote: > Hi again, > > I hope the following subject is not (too...) off-topic. I encounter the > following problem: > > A Samba server is running a little network with NT & 9x Boxes, as PDC. For a > special reason, a user changed his network properties in order to to leave > Samba Domain an to join another Workgroup (NOT the SAMBA Domain). Later, > this user wanted to reintegrate the SAMBA domain, but his request was > rejected. > The only thing I could do is to remove the line [MACHINE]$ in the smbpasswd > file, then reinsert it again with smbpasswd -a -m . > > When reading samba logs, this one tells me : > Session_trust_account:TRUST ACCOUNT [MACNHINE]$ - passwd failed > > Can someone tell me if it's a SAMBA or pure NT issue. I don't know if it's a > bug, but it's very unvconvenient. > > Thank you, > > Enjoy Samba. > > > Eric Devolder --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From cartegw at Eng.Auburn.EDU Tue Mar 2 13:59:20 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? References: Message-ID: <36DBEEB8.7EAAEB85@eng.auburn.edu> EFT.Eric Devolder wrote: > > Can someone tell me if it's a SAMBA or pure NT issue. I > don't know if it's a bug, but it's very unvconvenient. NT issue. See Q2.2 of the NTDOM FAQ for some information about wks trust account paswords. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ambidar at mairie-colombes.fr Tue Mar 2 14:11:47 1999 From: ambidar at mairie-colombes.fr (ambidar@mairie-colombes.fr) Date: Tue Dec 2 02:25:28 2003 Subject: SAMBA on AIX / NT SERVER Message-ID: I have a little problem last week i have set up my samba server on an AIX server I could see my Aix server in my network neighbourg Even when i executed server manager , i had my AIX server recognize as a SAMBA server Now it has disapeared !!!!!! When i read log files: Atlas2:/usr/local/samba/var # more log.nmb 1999/03/02 14:49:46 netbios nameserver version 1.9.18p10 started Copyright Andrew Tridgell 1994-1997 bind failed on port 137 socket_addr=0.0.0.0 (Address already in use) Atlas2:/usr/local/samba/var # more log.smb No path in service printers - using /tmp No path in service printers - using /tmp No path in service printers - using /tmp bind failed on port 139 socket_addr=0.0.0.0 (Address already in use) Why do i have these messages ?? I don't know what is going wrong If someone can help me ?? Thanks a lot in advance Abdel BIDAR Mairie de Colombes Town Hall From eric.devolder at eft.be Tue Mar 2 14:59:23 1999 From: eric.devolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? Message-ID: > This is NT "security" as the message on the NT workstation will tell you > when > you leave the domain. You simnply need to reset the password to the > default > when you want to rejoin the domain. Exactly the same behavior with NT > server. > > Greg > [EFT.Eric Devolder] In this case, do I have to remove the line from the file smbpasswd, or can I re-perform a smbpasswd -a -m directly to reinit the machine account ? From greg at discreet.com Tue Mar 2 15:04:11 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? In-Reply-To: Message-ID: you can just do a smbpasswd -m and set the password to be the machine name in lower case (the initial password). THe -a will want to add the account which won't work. Greg On 02-Mar-99 EFT.Eric Devolder wrote: > >> This is NT "security" as the message on the NT workstation will tell you >> when >> you leave the domain. You simnply need to reset the password to the >> default >> when you want to rejoin the domain. Exactly the same behavior with NT >> server. >> >> Greg >> > [EFT.Eric Devolder] In this case, do I have to remove the line from > the file smbpasswd, or can I re-perform a smbpasswd -a -m directly to reinit > the machine account ? --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From cartegw at Eng.Auburn.EDU Tue Mar 2 15:07:34 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? References: Message-ID: <36DBFEB6.914CCC99@eng.auburn.edu> EFT.Eric Devolder wrote: > >[EFT.Eric Devolder] In this case, do I have to remove the > line from the file smbpasswd, or can I re-perform a smbpasswd > -a -m directly to reinit the machine account ? smbpasswd -m will reset the password. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From eric.devolder at eft.be Tue Mar 2 15:16:39 1999 From: eric.devolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? Message-ID: machine name is supposed to be with a trailing '$' character I suppose... > > line from the file smbpasswd, or can I re-perform a smbpasswd > > -a -m directly to reinit the machine account ? > > smbpasswd -m will reset the password. > Thanks; Eric. From greg at discreet.com Tue Mar 2 15:21:26 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:28 2003 Subject: Impossible to come back to a previously registered domain ? In-Reply-To: Message-ID: -m will take care of that for you. Greg On 02-Mar-99 EFT.Eric Devolder wrote: > machine name is supposed to be with a trailing '$' character I suppose... > >> > line from the file smbpasswd, or can I re-perform a smbpasswd >> > -a -m directly to reinit the machine account ? >> >> smbpasswd -m will reset the password. >> > Thanks; Eric. --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From hulet at ittc.ukans.edu Tue Mar 2 15:31:07 1999 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: <36DBFEB6.914CCC99@eng.auburn.edu> Message-ID: I just did a cvs update and make fails in parse_samr.c. rpc_parse/parse_samr.c: In function `sam_io_sam_dispinfo_1': rpc_parse/parse_samr.c:1227: parse error before `<' rpc_parse/parse_samr.c:1230: parse error before `==' rpc_parse/parse_samr.c:1243: `i' undeclared (first use in this function) rpc_parse/parse_samr.c:1243: (Each undeclared identifier is reported only once rpc_parse/parse_samr.c:1243: for each function it appears in.) rpc_parse/parse_samr.c:1249: parse error before `<' rpc_parse/parse_samr.c:1253: `num_sam_entries' undeclared (first use in this function) .. .. .. rpc_parse/parse_samr.c:2453: parse error before `==' make: *** [rpc_parse/parse_samr.o] Error 1 >From parse_samr.c /******************************************************************* reads or writes a structure. ********************************************************************/ static void sam_io_sam_dispinfo_1(char *desc, SAM_DISPINFO_1 *sam, uint32 num_en tries, prs_struct *ps, int depth) { <<<<<<< parse_samr.c int i,x; int entries_added; ======= int i; >>>>>>> 1.50 Lots of <<<<<, =======, and >>>>>> throughout this file. Can I just delete these lines? Michael Hulet Network System Administrator ITTC, University of Kansas From alicia at usf.edu Tue Mar 2 15:35:52 1999 From: alicia at usf.edu (Alicia F. Balsera) Date: Tue Dec 2 02:25:28 2003 Subject: LDAP Support Message-ID: <36DC0557.E20BDBDD@usf.edu> I just fetched 2.0.3 and ran configure with the --with-ldap flag. That part executed fine. However, when creating the binaries, the make failed: ... Compiling smbd/ssl.c mkdir bin Linking bin/smbd Undefined first referenced symbol in file ldap_initialize_password_db passdb/passdb.o ld: fatal: Symbol referencing errors. No output written to bin/smbd *** Error code 1 make: Fatal error: Command failed for target `bin/smbd' ... Any ideas? My LDAP server is on a different machine... Gerald Carter wrote: > The LDAP backend is experientmal but working. You'll need > to configure the CVS code using the '--with-ldap-support flag' > Some other the others, (Matt, JF-?) can give a better > description of the schema and setup sublties. From ambidar at mairie-colombes.fr Tue Mar 2 15:56:15 1999 From: ambidar at mairie-colombes.fr (ambidar@mairie-colombes.fr) Date: Tue Dec 2 02:25:28 2003 Subject: =?iso-8859-1?Q?R=E9f._:_Re:_SAMBA_on_AIX_/_NT_SERVER?= Message-ID: I had on my inetd.conf These two lines : #netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd #netbios-ns dgram udp wait root /usr/local/samba/bin/nmbd nmbd These lignes are different from the lign you( Michael ) told me to have #netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd smbd #netbios-ns stream udp wait root /usr/local/samba/bin/nmbd nmbd What does dgram means . Is it important When i execute smbd -D nmbd -D I have only smbd daemon running when i check the processus. is it normal ?? From lkcl at switchboard.net Tue Mar 2 16:19:23 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: obtain a new cvs tree. On Wed, 3 Mar 1999, Michael S. Hulet wrote: > I just did a cvs update and make fails in parse_samr.c. > > rpc_parse/parse_samr.c: In function `sam_io_sam_dispinfo_1': > rpc_parse/parse_samr.c:1227: parse error before `<' > rpc_parse/parse_samr.c:1230: parse error before `==' > rpc_parse/parse_samr.c:1243: `i' undeclared (first use in this function) > rpc_parse/parse_samr.c:1243: (Each undeclared identifier is reported only > once > rpc_parse/parse_samr.c:1243: for each function it appears in.) > rpc_parse/parse_samr.c:1249: parse error before `<' > rpc_parse/parse_samr.c:1253: `num_sam_entries' undeclared (first use in > this function) > . > . > . > rpc_parse/parse_samr.c:2453: parse error before `==' > make: *** [rpc_parse/parse_samr.o] Error 1 > > > >From parse_samr.c > > /******************************************************************* > reads or writes a structure. > ********************************************************************/ > static void sam_io_sam_dispinfo_1(char *desc, SAM_DISPINFO_1 *sam, uint32 > num_en > tries, prs_struct *ps, int depth) > { > <<<<<<< parse_samr.c > int i,x; > int entries_added; > ======= > int i; > >>>>>>> 1.50 > > Lots of <<<<<, =======, and >>>>>> throughout this file. > > Can I just delete these lines? > > Michael Hulet > Network System Administrator > ITTC, University of Kansas > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From lkcl at switchboard.net Tue Mar 2 16:19:57 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:28 2003 Subject: LDAP Support In-Reply-To: <36DC0557.E20BDBDD@usf.edu> Message-ID: use cvs main http://samba.org/cvs.html. On Wed, 3 Mar 1999, Alicia F. Balsera wrote: > I just fetched 2.0.3 and ran configure with the --with-ldap > flag. That part executed fine. However, when creating > the binaries, the make failed: > .. > Compiling smbd/ssl.c > mkdir bin > Linking bin/smbd > Undefined first referenced > symbol in file > ldap_initialize_password_db passdb/passdb.o > ld: fatal: Symbol referencing errors. No output written to bin/smbd > *** Error code 1 > make: Fatal error: Command failed for target `bin/smbd' > .. > > Any ideas? My LDAP server is on a different machine... > > Gerald Carter wrote: > > > The LDAP backend is experientmal but working. You'll need > > to configure the CVS code using the '--with-ldap-support flag' > > Some other the others, (Matt, JF-?) can give a better > > description of the schema and setup sublties. > > Luke Kenneth Casson Leighton Samba and Network Development Samba and Network Consultancy From nick at wwf.org.co Wed Mar 3 04:20:46 1999 From: nick at wwf.org.co (Nicholas Waltham) Date: Tue Dec 2 02:25:28 2003 Subject: NT Roaming profile problem Message-ID: <000201be652d$35eab320$1300a8c0@roble.wwf.org.co> I have recently moved over a large number of accounts from a Windows NT server to a Linux Samba 2.02 server. I have noticed a problem with the Windows NT roaming profiles. I have the profile directory set to \\%N\%U\profile (even though it says I shouldn't but net use u: /home maps to the wrong place under 95/98 if I use the the suggested \\%N\profiles\%U ). Once I have created a profile, and then logged out, when I log bak in again, I can change no preference, nothing at all. I cannot map drives either. Why is this? Do I have something to do with sharing set wrong in the server? Thanks in advance, Nicholas Waltham From ambidar at mairie-colombes.fr Tue Mar 2 16:27:29 1999 From: ambidar at mairie-colombes.fr (ambidar@mairie-colombes.fr) Date: Tue Dec 2 02:25:28 2003 Subject: AIX and printing Message-ID: I would like to know if someone have ever done this printing from AIX to NT servers I read the AIX FAQ using samba : I have modified the qconfig files with vi but then smit failed working >From now i have Unix servers with Queues defined on it and all my print servers are Netware server I will change all my Netware server to NT servers I would like to use samba I would like not to use qconfig file how do i have to write my winprint file Thanks a lot Abdel BIDAR SAMBA beginner From chiodi+ at pitt.edu Tue Mar 2 16:33:59 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: I am having a problem with the cvs source I dled this morning. it compiles and installs fine, but upon starting smbd and nmbd, only nmbd remains running. Here is a the output of the smb.log: [1999/03/02 11:09:14, 1] smbd/server.c:main(604) smbd version 2.1.0-prealpha started. Copyright Andrew Tridgell 1992-1998 as you can see it starts without error, but a search of running processes finds it no longer there. nmbd on the other hand is running. if I revert back to version 2.0.3, smbd starts and remains running fine. any ideas what I could be doing wrong. _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From Nicolas.Sauliere at renault.com Tue Mar 2 16:19:49 1999 From: Nicolas.Sauliere at renault.com (Nicolas =?iso-8859-1?Q?Sauli=E8re?=) Date: Tue Dec 2 02:25:28 2003 Subject: (?) smbpasswd -a -m References: <001c01be61b4$b1636000$f2c6d6cf@ebola.microdisplay.com> Message-ID: <36DC0FA5.607A6A7F@renault.com> I use Samba 2.0.3 on a Solaris box. I want to test the domain control with Samba 2.0.3 on my Solaris box. I try first to create an machine account for my NT box. I use smbpasswd -a -m but it doesnt vork # /usr/local/samba/bin/smbpasswd -a -m nt4integ User "nt4integ$" was not found in system password file. # Many thanks for your help. -------------- next part -------------- A non-text attachment was scrubbed... Name: vcard.vcf Type: text/x-vcard Size: 458 bytes Desc: Card for Saul??re, Nicolas Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990302/a977216f/vcard.vcf From Nicolas.Sauliere at renault.com Tue Mar 2 17:13:44 1999 From: Nicolas.Sauliere at renault.com (Nicolas =?iso-8859-1?Q?Sauli=E8re?=) Date: Tue Dec 2 02:25:28 2003 Subject: (?) smbpasswd -a -m Message-ID: <36DC1C48.A6F87284@renault.com> I use Samba 2.0.3 on a Solaris box. I want to test the domain control with Samba 2.0.3 on my Solaris box. I try first to create an machine account for my NT box. I use smbpasswd -a -m but it doesnt vork # /usr/local/samba/bin/smbpasswd -a -m nt4integ User "nt4integ$" was not found in system password file. # Many thanks for your help. -------------- next part -------------- A non-text attachment was scrubbed... Name: vcard.vcf Type: text/x-vcard Size: 458 bytes Desc: Card for Saul??re, Nicolas Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990302/d03a7f06/vcard.vcf From chiodi+ at pitt.edu Tue Mar 2 17:57:53 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: I increased the log level to 10 and tried starting smbd again. here is the output: [1999/03/02 12:46:49, 1] smbd/server.c:main(604) smbd version 2.1.0-prealpha started. Copyright Andrew Tridgell 1992-1998 [1999/03/02 12:46:49, 2] smbd/server.c:main(608) uid=0 gid=0 euid=0 egid=0 [1999/03/02 12:46:49, 3] param/loadparm.c:init_globals(842) Initialising global parameters [1999/03/02 12:46:49, 3] param/params.c:pm_process(538) params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/sm b.conf" [1999/03/02 12:46:49, 3] param/loadparm.c:do_section(2215) Processing section "[global]" doing parameter printing = bsd doing parameter printcap name = /etc/printcap doing parameter workgroup = WORKGROUP doing parameter load printers = yes doing parameter guest account = nobody doing parameter encrypt passwords = yes doing parameter hosts allow = 192.168.1.0/255.255.255.0 doing parameter domain logons = yes doing parameter logon script = %U.bat doing parameter security = user doing parameter wide links = no doing parameter getwd cache = yes doing parameter logon drive = p: doing parameter unix password sync = yes doing parameter passwd program = /bin/passwd %u doing parameter passwd chat = *password* %n\n *password* %n\n *successfull* doing parameter logon home = "\\%N\%U" doing parameter logon path = \\%L\%U\profile doing parameter print command = lpr -r -P%p %s doing parameter wins support = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain group map = /usr/local/samba/lib/domaingroup.map doing parameter local group map = /usr/local/samba/lib/localgroup.map doing parameter domain user map = /usr/local/samba/lib/domainuser.map doing parameter lpq command = /usr/bin/lpq %p doing parameter preserve case = yes doing parameter case sensitive = no doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY doing parameter log file = /var/log/log.%m doing parameter lock directory = /var/locks doing parameter share modes = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browsable = no doing parameter path = /windows/%S doing parameter read only = no doing parameter create mode = 0750 [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[printers]" doing parameter comment = All Printers doing parameter path = /tmp doing parameter browsable = no doing parameter printable = yes doing parameter public = no doing parameter writable = no doing parameter create mode = 0700 [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[pub]" doing parameter comment = public area doing parameter path = /pub/win doing parameter writable = yes doing parameter public = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[netlogon]" doing parameter path = /smbdos/netlogon doing parameter writable = no doing parameter guest ok = no doing parameter browsable = no doing parameter public = no [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[opt]" doing parameter comment = opt doing parameter path = /opt/mov doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[txt]" doing parameter comment = txt doing parameter path = /txt doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[xmg]" doing parameter comment = xmg doing parameter path = /xmg doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[installs]" doing parameter comment = installs doing parameter path = /soft/installs/win doing parameter public = no doing parameter writable = no doing parameter write list = chiodi [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[upgrade]" doing parameter comment = upgrade doing parameter path = /soft/upgrade doing parameter public = no doing parameter writable = no doing parameter write list = chiodi [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[MSOP97]" doing parameter comment = MS Office install doing parameter path = /soft/installs/office doing parameter volume = "The_CR_ROM_Label" doing parameter read only = yes doing parameter available = yes doing parameter share modes = no doing parameter locking = no doing parameter browsable = yes doing parameter public = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[home]" doing parameter comment = home doing parameter path = /windows/%u/docs doing parameter public = no doing parameter browsable = no doing parameter writable = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[soft]" doing parameter comment = software doing parameter path = /soft/software/win doing parameter public = no doing parameter writable = yes [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[document]" doing parameter comment = Document Group doing parameter path = /documents doing parameter public = no doing parameter writable = yes doing parameter force group = document doing parameter valid users = @document doing parameter create mask = 0760 [1999/03/02 12:46:49, 2] param/loadparm.c:do_section(2232) Processing section "[backup]" doing parameter comment = backup hard drive doing parameter path = /soft/backup doing parameter public = no doing parameter browsable = no doing parameter valid users = CHIODI doing parameter writable = yes [1999/03/02 12:46:49, 3] param/loadparm.c:lp_load(2554) pm_process() returned Yes [1999/03/02 12:46:49, 3] param/loadparm.c:lp_add_ipc(1528) adding IPC service [1999/03/02 12:46:49, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find ascii [1999/03/02 12:46:49, 3] param/loadparm.c:lp_add_printer(1563) adding printer service ascii [1999/03/02 12:46:49, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find lp2 [1999/03/02 12:46:49, 3] param/loadparm.c:lp_add_printer(1563) adding printer service lp2 [1999/03/02 12:46:49, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find raw [1999/03/02 12:46:49, 3] param/loadparm.c:lp_add_printer(1563) adding printer service raw [1999/03/02 12:46:49, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find faxprint [1999/03/02 12:46:49, 3] param/loadparm.c:lp_add_printer(1563) adding printer service faxprint > john, increase the log levels to give more info, send to list. thx > > On Wed, 3 Mar 1999, John T Chiodi wrote: > > > I am having a problem with the cvs source I dled this morning. it > > compiles and installs fine, but upon starting smbd and nmbd, only nmbd > > remains running. Here is a the output of the smb.log: > > > > [1999/03/02 11:09:14, 1] smbd/server.c:main(604) > > smbd version 2.1.0-prealpha started. > > Copyright Andrew Tridgell 1992-1998 > > > > as you can see it starts without error, but a search of running > > processes finds it no longer there. nmbd on the other hand is > > running. if I revert back to version 2.0.3, smbd starts and remains > > running fine. > > > > any ideas what I could be doing wrong. > > > > > > > > > > > > _______________ > > > > > > Jt Chiodi > > Unix Administrator > > University of Pittsburgh > > chiodi@pitt.edu > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba and Network Consultancy > > _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From chiodi+ at pitt.edu Tue Mar 2 19:04:18 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: Ok Luke, i executed /usr/local/samba/smbd -d 100 -D and got the below results. [1999/03/02 13:57:22, 1] smbd/server.c:main(604) smbd version 2.1.0-prealpha started. Copyright Andrew Tridgell 1992-1998 [1999/03/02 13:57:22, 2] smbd/server.c:main(608) uid=0 gid=0 euid=0 egid=0 [1999/03/02 13:57:22, 3] param/loadparm.c:init_globals(842) Initialising global parameters [1999/03/02 13:57:22, 3] param/params.c:pm_process(538) params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" [1999/03/02 13:57:22, 3] param/loadparm.c:do_section(2215) Processing section "[global]" doing parameter printing = bsd doing parameter printcap name = /etc/printcap doing parameter workgroup = WORKGROUP doing parameter load printers = yes doing parameter guest account = nobody doing parameter encrypt passwords = yes doing parameter hosts allow = 192.168.1.0/255.255.255.0 doing parameter domain logons = yes doing parameter logon script = %U.bat doing parameter security = user doing parameter wide links = no doing parameter getwd cache = yes doing parameter logon drive = p: doing parameter unix password sync = yes doing parameter passwd program = /bin/passwd %u doing parameter passwd chat = *password* %n\n *password* %n\n *successfull* doing parameter logon home = "\\%N\%U" doing parameter logon path = \\%L\%U\profile doing parameter print command = lpr -r -P%p %s doing parameter wins support = yes doing parameter domain master = yes doing parameter local master = yes doing parameter preferred master = yes doing parameter os level = 65 doing parameter domain group map = /usr/local/samba/lib/domaingroup.map doing parameter local group map = /usr/local/samba/lib/localgroup.map doing parameter domain user map = /usr/local/samba/lib/domainuser.map doing parameter lpq command = /usr/bin/lpq %p doing parameter preserve case = yes doing parameter case sensitive = no doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY doing parameter log file = /var/log/log.%m doing parameter lock directory = /var/locks doing parameter share modes = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browsable = no doing parameter path = /windows/%S doing parameter read only = no doing parameter create mode = 0750 [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[printers]" doing parameter comment = All Printers doing parameter path = /tmp doing parameter browsable = no doing parameter printable = yes doing parameter public = no doing parameter writable = no doing parameter create mode = 0700 [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[pub]" doing parameter comment = public area doing parameter path = /pub/win doing parameter writable = yes doing parameter public = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[netlogon]" doing parameter path = /smbdos/netlogon doing parameter writable = no doing parameter guest ok = no doing parameter browsable = no doing parameter public = no [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[opt]" doing parameter comment = opt doing parameter path = /opt/mov doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[txt]" doing parameter comment = txt doing parameter path = /txt doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[xmg]" doing parameter comment = xmg doing parameter path = /xmg doing parameter valid users = CHIODI doing parameter browsable = no doing parameter public = no doing parameter writable = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[installs]" doing parameter comment = installs doing parameter path = /soft/installs/win doing parameter public = no doing parameter writable = no doing parameter write list = chiodi [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[upgrade]" doing parameter comment = upgrade doing parameter path = /soft/upgrade doing parameter public = no doing parameter writable = no doing parameter write list = chiodi [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[MSOP97]" doing parameter comment = MS Office install doing parameter path = /soft/installs/office doing parameter volume = "The_CR_ROM_Label" doing parameter read only = yes doing parameter available = yes doing parameter share modes = no doing parameter locking = no doing parameter browsable = yes doing parameter public = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[home]" doing parameter comment = home doing parameter path = /windows/%u/docs doing parameter public = no doing parameter browsable = no doing parameter writable = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[soft]" doing parameter comment = software doing parameter path = /soft/software/win doing parameter public = no doing parameter writable = yes [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[document]" doing parameter comment = Document Group doing parameter path = /documents doing parameter public = no doing parameter writable = yes doing parameter force group = document doing parameter valid users = @document doing parameter create mask = 0760 [1999/03/02 13:57:22, 2] param/loadparm.c:do_section(2232) Processing section "[backup]" doing parameter comment = backup hard drive doing parameter path = /soft/backup doing parameter public = no doing parameter browsable = no doing parameter valid users = CHIODI doing parameter writable = yes [1999/03/02 13:57:22, 3] param/loadparm.c:lp_load(2554) pm_process() returned Yes [1999/03/02 13:57:22, 3] param/loadparm.c:lp_add_ipc(1528) adding IPC service [1999/03/02 13:57:22, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find ascii [1999/03/02 13:57:22, 3] param/loadparm.c:lp_add_printer(1563) adding printer service ascii [1999/03/02 13:57:22, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find lp2 [1999/03/02 13:57:23, 3] param/loadparm.c:lp_add_printer(1563) adding printer service lp2 [1999/03/02 13:57:23, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find raw [1999/03/02 13:57:23, 3] param/loadparm.c:lp_add_printer(1563) adding printer service raw [1999/03/02 13:57:23, 7] param/loadparm.c:lp_servicenumber(2632) lp_servicenumber: couldn't find faxprint [1999/03/02 13:57:23, 3] param/loadparm.c:lp_add_printer(1563) adding printer service faxprint _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From lkcl at switchboard.net Tue Mar 2 19:14:33 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:28 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: On Wed, 3 Mar 1999, John T Chiodi wrote: > Ok Luke, > > i executed /usr/local/samba/smbd -d 100 -D and got the below > results. still nothing obvious, is there. no core dumps, no exit log messages, nothing. don't know: i changed practically nothing. ok, do a netstat -a | grep netbios (or | grep 139 depending on whether you have a correct entry for 139 in /etc/services, you should do). check that there's nothing already running, no zombies on port 139 or anything. From adam.w.cabler at lmco.com Tue Mar 2 19:15:17 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:29 2003 Subject: (?) smbpasswd -a -m Message-ID: The user name in /etc/passwd must be nt4integ$. It won't work unless you include the '$'. -----Original Message----- From: Nicolas Sauli?re [mailto:Nicolas.Sauliere@renault.com] Sent: Tuesday, March 02, 1999 11:16 AM To: Multiple recipients of list Subject: (?) smbpasswd -a -m This is a multi-part message in MIME format. --------------DFE2ADAC5BCE8C082C7FF77C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I use Samba 2.0.3 on a Solaris box. I want to test the domain control with Samba 2.0.3 on my Solaris box. I try first to create an machine account for my NT box. I use smbpasswd -a -m but it doesnt vork # /usr/local/samba/bin/smbpasswd -a -m nt4integ User "nt4integ$" was not found in system password file. # Many thanks for your help. --------------DFE2ADAC5BCE8C082C7FF77C Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: Quoted-Printable Content-Disposition: attachment; filename="vcard.vcf" Content-Description: Card for Saul??re, Nicolas begin: vcard fn: Nicolas Saul=ED=E8re n: Saul=ED=E8re;Nicolas org: RENAULT adr: Technocentre Renault;;1, avenue du Golf;78288 Guyancourt Ce= dex;;;FRANCE email;internet: nicolas.sauliere@renault.com title: DOII/DPST/ISI/IP tel;work: 01-34-95-72-05 tel;fax: 01-34-95-72-06 note: API: TCR AVA 0 74 x-mozilla-cpt: ;2 x-mozilla-html: FALSE version: 2.1 end: vcard --------------DFE2ADAC5BCE8C082C7FF77C-- From cartegw at Eng.Auburn.EDU Tue Mar 2 19:31:02 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken References: Message-ID: <36DC3C76.EB565E87@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > On Wed, 3 Mar 1999, John T Chiodi wrote: > > > Ok Luke, > > > > i executed /usr/local/samba/smbd -d 100 -D and got the below > > results. > > still nothing obvious, is there. no core dumps, no exit log messages, > nothing. don't know: i changed practically nothing. > > ok, do a netstat -a | grep netbios (or | grep 139 depending on whether you > have a correct entry for 139 in /etc/services, you should do). > > check that there's nothing already running, no zombies on port 139 or > anything. Check the log file in doing parameter log file = /var/log/log.%m Look for /var/log/log.smb. The debug log output is getting redirected to this file. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Tue Mar 2 19:37:25 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken In-Reply-To: <36DC3C76.EB565E87@eng.auburn.edu> Message-ID: > Check the log file in > > doing parameter log file = /var/log/log.%m > > Look for /var/log/log.smb. The debug log output is > getting redirected to this file. well spotted gerry. From whn at topelo.lopi.com Tue Mar 2 19:55:22 1999 From: whn at topelo.lopi.com (Bill Nugent) Date: Tue Dec 2 02:25:29 2003 Subject: =?iso-8859-1?Q?R=E9f._:_Re:_SAMBA_on_AIX_/_NT_SERVER?= In-Reply-To: Your message of Wed, 03 Mar 1999 03:03:14 +1100. Message-ID: <19990302195523.7276.qmail@topelo.lopi.com> On Wednesday, Mar 3 1999 at 03:03:14, ambidar@mairie-colombes.fr wrote: > >I had on my inetd.conf > >These two lines : >#netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd >smbd >#netbios-ns dgram udp wait root /usr/local/samba/bin/nmb d >nmbd > >These lignes are different from the lign you( Michael ) told me to have >#netbios-ssn stream tcp nowait root /usr/local/samba/bin/smbd >smbd >#netbios-ns stream udp wait root /usr/local/samba/bin/nmbd > nmbd > >What does dgram means . datagram service. This is very different than a stream. The major thing is by commenting these lines out and sending a HUP to inetd then inet will not be in the loop. >Is it important > >When i execute >smbd -D >nmbd -D > >I have only smbd daemon running when i check the processus. >is it normal ?? No. Assuming you've kicked inetd after commenting out the lines in /etc/inetd.conf (or where ever it lives in AIX-land) then you should have two smbd processes and one nmbd process. Are you sure you've restarted inetd? I'd suggest you work your way through DIAGNOSIS.txt to figure out the problem. Bill From chiodi+ at pitt.edu Tue Mar 2 20:03:53 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken In-Reply-To: Message-ID: Thank you gentlemen, It appears that I have egg on my face on this one. somehow I got two .SID files in private. I removed one and smbd start ed. One last question I get this message when I start smbd now in /var/log/log.smb. Is there anything I need to do? [1999/03/02 15:00:48, 1] smbd/files.c:file_init(219) file_init: Information only: requested 10000 open files, 246 are available. Again thank you for your help. here is the output from the /var/log/log.smb [1999/03/02 13:57:23, 0] lib/sids.c:generate_sam_sid(333) both /usr/local/samba/private/MACHINE.SID and /usr/local/samba/private/WORKGROUP.SID exist when only one should, unable to continue [1999/03/02 13:57:23, 0] lib/util_pwdb.c:pwdb_initialise(441) ERROR: Samba cannot create a SAM SID for its domain (WORKGROUP). [1999/03/02 14:22:57, 1] smbd/files.c:file_init(219) file_init: Information only: requested 10000 open files, 246 are available. [1999/03/02 14:22:57, 0] lib/sids.c:generate_sam_sid(333) both /usr/local/samba/private/MACHINE.SID and /usr/local/samba/private/WORKGROUP.SID exist when only one should, unable to continue [1999/03/02 14:22:57, 0] lib/util_pwdb.c:pwdb_initialise(441) ERROR: Samba cannot create a SAM SID for its domain (WORKGROUP). > > Check the log file in > > > > doing parameter log file = /var/log/log.%m > > > > Look for /var/log/log.smb. The debug log output is > > getting redirected to this file. > > well spotted gerry. > > _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From chiodi+ at pitt.edu Tue Mar 2 20:39:27 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken In-Reply-To: <19990302140945.A32095@ns1.astcorp.com> Message-ID: What kind of problems does it cause? > I have the same problem, I even increased the number of file handles in the > kernel!!! > > --Jeff > > Thus spake John T Chiodi (chiodi+@pitt.edu): > > > > One last question I get this message when I start smbd now in > > /var/log/log.smb. Is there anything I need to do? > > > > [1999/03/02 15:00:48, 1] smbd/files.c:file_init(219) > > file_init: Information only: requested 10000 open files, 246 are > > available. _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From whn at topelo.lopi.com Tue Mar 2 22:21:39 1999 From: whn at topelo.lopi.com (Bill Nugent) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken In-Reply-To: Your message of Wed, 03 Mar 1999 07:40:34 +1100. Message-ID: <19990302222139.7784.qmail@topelo.lopi.com> The message says it is "Information only" - this doesn't not strike me as a problem - just something that is being reported. Looking at the code makes me think the kernel should not be altered because of this message (from source/smbd/files.c): #define MAX_OPEN_FUDGEFACTOR 10 void file_init(void) { int request_max_open_files = lp_max_open_files(); int real_lim; /* * Set the max_open files to be the requested * max plus a fudgefactor to allow for the extra * fd's we need such as log files etc... */ real_lim = set_maxfiles(request_max_open_files + MAX_OPEN_FUDGEFACTOR); real_max_open_files = real_lim - MAX_OPEN_FUDGEFACTOR; if(real_max_open_files != request_max_open_files) { DEBUG(1,("file_init: Information only: requested %d \ open files, %d are available.\n", request_max_open_files, real_max_open_files)); } On Wednesday, Mar 3 1999 at 07:40:34, John T Chiodi wrote: >What kind of problems does it cause? > >> I have the same problem, I even increased the number of file handles in the >> kernel!!! >> >> --Jeff >> >> Thus spake John T Chiodi (chiodi+@pitt.edu): >> > >> > One last question I get this message when I start smbd now in >> > /var/log/log.smb. Is there anything I need to do? >> > >> > [1999/03/02 15:00:48, 1] smbd/files.c:file_init(219) >> > file_init: Information only: requested 10000 open files, 246 are >> > available. > > > > > >_______________ > > >Jt Chiodi >Unix Administrator >University of Pittsburgh >chiodi@pitt.edu > From simonmu at optimation.co.nz Tue Mar 2 23:08:31 1999 From: simonmu at optimation.co.nz (Simon Murcott) Date: Tue Dec 2 02:25:29 2003 Subject: Off the topic. Message-ID: This is completely off the topic but you have got to see this: http://support.microsoft.com/support/kb/articles/q216/6/41.asp Regards Simon Murcott Man will occasionally stumble over the truth, but most of the time he will pick himself up and continue on. -Churchill From sgy at amc.com.au Tue Mar 2 23:19:21 1999 From: sgy at amc.com.au (Stuart Young) Date: Tue Dec 2 02:25:29 2003 Subject: Latest cvs broken In-Reply-To: References: Message-ID: <3.0.6.32.19990303101921.007b6560@mail.amc.com.au> At 06:05 3/03/99 +1100, John T Chiodi wrote: > doing parameter passwd chat = *password* %n\n *password* %n\n *successfull* Just of note, isn't successful (only one l) the correct spelling? Might cause problems later, so thought I better bring that up, 'just in case'. Stuart Young - sgy@amc.com.au - cefiar@amarok.glasswings.com.au (aka Cefiar) - http://amarok.glasswings.com.au/ [All opinions expressed in the above message are my] [own and not necessarily the views of my employer..] From squeegy at c54820-a.carneg1.pa.home.com Wed Mar 3 01:10:31 1999 From: squeegy at c54820-a.carneg1.pa.home.com (Jt Chiodi "The Squeegy") Date: Tue Dec 2 02:25:29 2003 Subject: nt logon error Message-ID: I am using samba 2.1.0prealpha. I get the following error when trying to log on to my samba PDC The system can not log you on (C000019B), Please try again or consult your system administrator. Does anyone know what that error is? ___________________ Jt "The Squeegy" Chiodi http://c54820-a.carneg1.pa.home.com/ squeegy@c54820-a.carneg1.pa.home.com From greg at discreet.com Wed Mar 3 02:00:31 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:29 2003 Subject: nt logon error In-Reply-To: Message-ID: nope but I've had the same error a few times interspersed with my private little hell where smbd coredumps on me... sorry, can't really hep, Greg On 03-Mar-99 Jt Chiodi \"The Squeegy\ wrote: > I am using samba 2.1.0prealpha. I get the following error when trying to log > on to my samba PDC > > The system can not log you on (C000019B), Please try again or consult your > system administrator. > > Does anyone know what that error is? > > > > ___________________ > > Jt "The Squeegy" Chiodi > > http://c54820-a.carneg1.pa.home.com/ > squeegy@c54820-a.carneg1.pa.home.com ---------------------------------- Greg Dickie just a guy* *from Discreet Logic ---------------------------------- From cartegw at Eng.Auburn.EDU Wed Mar 3 03:22:47 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:29 2003 Subject: nt logon error References: Message-ID: <36DCAB07.31031F95@eng.auburn.edu> Jt Chiodi "The Squeegy" wrote: > > I am using samba 2.1.0prealpha. I get the following error > when trying to log on to my samba PDC > > The system can not log you on (C000019B), Please try again > or consult your system administrator. > > Does anyone know what that error is? Is this one that indicates the domain SID changed? Don't have the VC++ header files in front of me right now. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From D.Bannon at latrobe.edu.au Wed Mar 3 04:30:22 1999 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:25:29 2003 Subject: Password changing problems. In-Reply-To: <003401be5f7e$b34bcd40$0300a8c0@noway.maximilianeum.ch> Message-ID: <3.0.3.32.19990303153022.00768780@bioserve.biochem.latrobe.edu.au> I have been chasing a problem with changing password (via NTws), I believe a number of other people have experienced to same thing. Luke said he thinks there is some sort of memory overrun but is pushed for time at present. I have traced back the problem but am having some time problems myself... Maybe someone who is familiar with the principle behind samba password stuff can point me in the right direction. I have found that it always seems to default to the Lanman password protocol (in password.c/password_ok(..). The first time you try to change passwd after resetting with smbpasswd it works (using LM) but a second attempt always fails because the NTHASH has been set to all XXXX.. Am I right in saying that NTHASH method should work first time ? Should using the LMHash blank the NTHash ? (looks like it is meant to.) I am connecting with a NTsp3 to a linux 5.1 and have been seeing the problem for the last couple of week's versions. Any suggestions ?? David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From pfaff at edge.cis.McMaster.CA Wed Mar 3 04:57:17 1999 From: pfaff at edge.cis.McMaster.CA (Todd Pfaff) Date: Tue Dec 2 02:25:29 2003 Subject: nt logon error In-Reply-To: <36DCAB07.31031F95@eng.auburn.edu> Message-ID: On Wed, 3 Mar 1999, Gerald Carter wrote: > Jt Chiodi "The Squeegy" wrote: > > > > I am using samba 2.1.0prealpha. I get the following error > > when trying to log on to my samba PDC > > > > The system can not log you on (C000019B), Please try again > > or consult your system administrator. > > > > Does anyone know what that error is? > > Is this one that indicates the domain SID changed? Don't > have the VC++ header files in front of me right now. Yup, that's it. I had that one earlier today. I happened to me after I was testing 2.1.0-prealpha and then reverted to 2.0.2. I had to have my domain members rejoin. Well, I could have recovered my old SID files from tape, but it was a small test domain so it was easier to rejoin. Moral of the story is: backup your SID files before testing a new version which may change them. -- Todd Pfaff \ Email: pfaff@mcmaster.ca Computing and Information Services \ Voice: (905) 525-9140 x22920 ABB 132 \ FAX: (905) 528-3773 McMaster University \ Hamilton, Ontario, Canada L8S 4M1 \ From chrisl at seds.lpl.arizona.edu Wed Mar 3 06:38:19 1999 From: chrisl at seds.lpl.arizona.edu (Chris Lewicki) Date: Tue Dec 2 02:25:29 2003 Subject: nt logon error References: Message-ID: <36DCD8D9.85BF4793@seds.lpl.arizona.edu> Hi Todd, I had this one happen to me from 2.0.0 to 2.0.2 (it sucked). Is the only file I need to preserve ./samba/private/MACHINE.SID ? THis would be a good thing to include in the docs when PDC'ing becomes officially supported. Todd Pfaff wrote: > > On Wed, 3 Mar 1999, Gerald Carter wrote: > > > Jt Chiodi "The Squeegy" wrote: > > > > > > I am using samba 2.1.0prealpha. I get the following error > > > when trying to log on to my samba PDC > > > > > > The system can not log you on (C000019B), Please try again > > > or consult your system administrator. > > > > > > Does anyone know what that error is? > > > > Is this one that indicates the domain SID changed? Don't > > have the VC++ header files in front of me right now. > > Yup, that's it. I had that one earlier today. I happened to me after I > was testing 2.1.0-prealpha and then reverted to 2.0.2. I had to have my > domain members rejoin. Well, I could have recovered my old SID files > from tape, but it was a small test domain so it was easier to rejoin. > > Moral of the story is: backup your SID files before testing a new version > which may change them. > > -- > Todd Pfaff \ Email: pfaff@mcmaster.ca > Computing and Information Services \ Voice: (905) 525-9140 x22920 > ABB 132 \ FAX: (905) 528-3773 > McMaster University \ > Hamilton, Ontario, Canada L8S 4M1 \ -- ----------------------------------------------------------------------------- Christopher A. Lewicki KC7NYV 520.977.0758 Maintainer of SEDS.LPL.Arizona.EDU Project Manager, University of Arizona Student Satellite Project From jan.van.rensburg at epiuse.com Tue Mar 2 23:24:33 1999 From: jan.van.rensburg at epiuse.com (jan van rensburg) Date: Tue Dec 2 02:25:29 2003 Subject: Trust relationship between PDCs References: Message-ID: <36DC7331.D673B170@epiuse.com> ah, *very* good point, just thought it might give people more incentive to switch to samba. but yes, don't waste your time now. Luke Kenneth Casson Leighton wrote: > > i started the nt domains for unix project immediately nt 5 beta 1 was > released. unless someone else wants to take this on i personally am happy > to wait until nt5 becomes established before taking it on. once > established, it will be difficult for ms to justify massive changes just > to oust the competition, despite the assistance that the competition has > given microsoft in improving the security and reliability of their > flagship product. > -- --jan van rensburg From Alexandre.Lecuyer at iu-vannes.fr Wed Mar 3 10:31:06 1999 From: Alexandre.Lecuyer at iu-vannes.fr (Alexandre Lecuyer) Date: Tue Dec 2 02:25:29 2003 Subject: Bug ? Message-ID: <36DD0F6A.7B273E41@iu-vannes.fr> Hello all, I have experienced something strange while trying policies with Samba : 1 - created a local group on the NT workstation called "info2" 2 - created a UNIX user "ensinfo2", primary group "info2" and added him in group too id ensinfo2 gives uid=503(ensinfo2) gid=503(info2) groups=503(info2) (I have read it is necessary for the user to be in the group file too.. not only primary group in passwd) The policy doesn't work, and the user manager for domains says the primary group of user "ensinfo2" is "ensinfo2" ! (and I do *not* have any group called ensinfo2) I thougt maybe the fact the uid and gid are the same is confusing samba.. so I changed info2:x:503:ensinfo2 to info2:x:510:ensinfo2 now id ensinfo2 gives uid=503(ensinfo2) gid=510(info2) groups=510(info2) and bingo, the policy works now, and user manager for domains shows the correct primary group. So, did I get something wrong or is samba (or NT ??) getting confused when the uid/gid are the same ? I am using samba 2.1.0-prealpha, updated the sources yesterday the client is a NT 4.0 workstation with SP4 installed Thanx -- Alexandre L?cuyer CCRI IUT-IUP de Vannes From wagner at zeus.et.bocholt.fh-ge.de Wed Mar 3 11:27:32 1999 From: wagner at zeus.et.bocholt.fh-ge.de ( (Carsten Wagner)) Date: Tue Dec 2 02:25:29 2003 Subject: smbpasswd & NIS Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi did anyone tried to convert the unix NIS passwords into the samba password database? I tried it with mksmbpasswd.sh but I lost all passwords. Any idea? Or are there any possibilities for samba to interact with a NIS server as the password server? Thanks, Schnaggy :-) -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBNt0cmEQHsyCoPLbdEQLSnACg44iaY3aUoZPB2je1PXNCJJx2NZcAmQFG eXZmTN5sa+26qwFRkIThsOfc =sPUx -----END PGP SIGNATURE----- From Alexandre.Lecuyer at iu-vannes.fr Wed Mar 3 12:31:27 1999 From: Alexandre.Lecuyer at iu-vannes.fr (Alexandre Lecuyer) Date: Tue Dec 2 02:25:29 2003 Subject: smbpasswd & NIS References: Message-ID: <36DD2B9F.AB18332D@iu-vannes.fr> > > Or are there any possibilities for samba to interact with a NIS server as the > password server? > You can use NISGINA --> http://www.dcs.qmw.ac.uk/~williams/ -- Alexandre L?cuyer CCRI IUT-IUP de Vannes From Bas.Kelderman at eptl.elf-p.fr Wed Mar 3 12:37:15 1999 From: Bas.Kelderman at eptl.elf-p.fr (Bas.Kelderman@eptl.elf-p.fr) Date: Tue Dec 2 02:25:30 2003 Subject: smbpasswd & NIS Message-ID: I've got A SunOS 5.5.1 server and the Linux clients are mounting their home directories of this server and are also authenticating passwords through NIS .... Don't know if NIS+ will work though. Bas ---------- <| >From: Alexandre.Lecuyer@iu-vannes.fr <| >To: samba-ntdom@samba.org <| >Subject: Re: smbpasswd & NIS <| >Date: Wednesday, March 03, 1999 13:31PM <| > <| > <| > <| >> <| >> Or are there any possibilities for samba to interact with a NIS server as the <| >> password server? <| >> <| > <| >You can use NISGINA --> http://www.dcs.qmw.ac.uk/~williams/ <| > <| >-- <| >Alexandre L?cuyer <| >CCRI IUT-IUP de Vannes <| > -------------- next part -------------- A non-text attachment was scrubbed... Name: WINMAIL.DAT Type: application/ms-tnef Size: 50 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990303/9c5dddd1/WINMAIL.bin From pbm at barmentlo.net Wed Mar 3 13:13:44 1999 From: pbm at barmentlo.net (Patrick Barmentlo) Date: Tue Dec 2 02:25:30 2003 Subject: nfs server <-> samba <-> nt server 4.0 / ISS 4.0 Message-ID: <199903031313.OAA00389@mail.barmentlo.net> Hai , I m looking for some people who have experience with the construction.. I have is running.. but having trouble with multiple virutal servers running under iss, with different user id's... Hope someone out therre can help me a bit... thanks in advance.. Patrick Barmentlo (small config discribtion) have a samba server. (2.02) on freebsd box 3.0 acting like a gateway to the nfs server.. samba is an nt member. so authentication goes true the nt pdc.., which hosts the virtual web sites. (have already one running oke.. even with front page extensies ) make a new virtual server. with different user id.. (is a domain member) also know as same user (id etc.) at the samba box.. then trouble starts... greetzz From chiodi+ at pitt.edu Wed Mar 3 13:38:18 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:30 2003 Subject: nt logon error In-Reply-To: Message-ID: I tried deleting WORKSTATION.SID and letting samba recreate it. I tried smbpasswd -m MACHINE. None of this worked. I have a feeling I am missing the obvious here. Do I need to log in as a local NT admin and join the domain again? Isn't going to think I am already part of the domain because I have an entry in the smbpasswd file? What would be the proper steps to rectify this situation? > On Wed, 3 Mar 1999, Gerald Carter wrote: > > > Jt Chiodi "The Squeegy" wrote: > > > > > > I am using samba 2.1.0prealpha. I get the following error > > > when trying to log on to my samba PDC > > > > > > The system can not log you on (C000019B), Please try again > > > or consult your system administrator. > > > > > > Does anyone know what that error is? > > > > Is this one that indicates the domain SID changed? Don't > > have the VC++ header files in front of me right now. > > Yup, that's it. I had that one earlier today. I happened to me after I > was testing 2.1.0-prealpha and then reverted to 2.0.2. I had to have my > domain members rejoin. Well, I could have recovered my old SID files > from tape, but it was a small test domain so it was easier to rejoin. > > Moral of the story is: backup your SID files before testing a new version > which may change them. > > -- > Todd Pfaff \ Email: pfaff@mcmaster.ca > Computing and Information Services \ Voice: (905) 525-9140 x22920 > ABB 132 \ FAX: (905) 528-3773 > McMaster University \ > Hamilton, Ontario, Canada L8S 4M1 \ > > _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From greg at discreet.com Wed Mar 3 13:45:17 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:30 2003 Subject: nt logon error In-Reply-To: Message-ID: If you have created a new SID then you definitely must rejoin the domain since the SID of the domain is stored on the workstation. Not sure what caused the problem to begin with though. Greg On 03-Mar-99 John T Chiodi wrote: > I tried deleting WORKSTATION.SID and letting samba recreate it. I > tried smbpasswd -m MACHINE. None of this worked. I have a feeling I > am missing the obvious here. Do I need to log in as a local NT admin > and join the domain again? Isn't going to think I am already part of > the domain because I have an entry in the smbpasswd file? > What would be the proper steps to rectify this situation? > > >> On Wed, 3 Mar 1999, Gerald Carter wrote: >> >> > Jt Chiodi "The Squeegy" wrote: >> > > >> > > I am using samba 2.1.0prealpha. I get the following error >> > > when trying to log on to my samba PDC >> > > >> > > The system can not log you on (C000019B), Please try again >> > > or consult your system administrator. >> > > >> > > Does anyone know what that error is? >> > >> > Is this one that indicates the domain SID changed? Don't >> > have the VC++ header files in front of me right now. >> >> Yup, that's it. I had that one earlier today. I happened to me after I >> was testing 2.1.0-prealpha and then reverted to 2.0.2. I had to have my >> domain members rejoin. Well, I could have recovered my old SID files >> from tape, but it was a small test domain so it was easier to rejoin. >> >> Moral of the story is: backup your SID files before testing a new version >> which may change them. >> >> -- >> Todd Pfaff \ Email: pfaff@mcmaster.ca >> Computing and Information Services \ Voice: (905) 525-9140 x22920 >> ABB 132 \ FAX: (905) 528-3773 >> McMaster University \ >> Hamilton, Ontario, Canada L8S 4M1 \ >> >> > > > > > > _______________ > > > Jt Chiodi > Unix Administrator > University of Pittsburgh > chiodi@pitt.edu --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From cartegw at Eng.Auburn.EDU Wed Mar 3 13:53:35 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:30 2003 Subject: nt logon error References: Message-ID: <36DD3EDF.C8E53331@eng.auburn.edu> John T Chiodi wrote: > > I tried deleting WORKSTATION.SID and letting samba recreate it. I > tried smbpasswd -m MACHINE. None of this worked. I have a feeling I > am missing the obvious here. Do I need to log in as a local NT admin > and join the domain again? Isn't going to think I am already part of > the domain because I have an entry in the smbpasswd file? > What would be the proper steps to rectify this situation? **do not** recreate the MACHINE.SID. if you do all machine in the domain will be unable to logon. If you do, all domain members will need to leave and rejoin the domain. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From alicia at usf.edu Wed Mar 3 13:43:27 1999 From: alicia at usf.edu (Alicia F. Balsera) Date: Tue Dec 2 02:25:30 2003 Subject: Trust relationship between PDCs References: <36DC7331.D673B170@epiuse.com> Message-ID: <36DD3C7F.22DBD978@usf.edu> I can not reiterate strongly enough the comments made below. We cannot obliterate all the NT servers on campus, but we definitely can diminish our dependency on them if the trust relationship is established... Gerald Carter wrote: > jvr-, > > Anyone want to wager exactly when win2000 will come out and > exactly when people will migrate? My guess is that there is > still a few years left in NT 4. But I could be wrong? > > From the queries on this list, it still seems like people > want trust relationship functionality. Without it, a Samba > domain is currently isolated (in a manner of speaking). From chiodi+ at pitt.edu Wed Mar 3 14:13:47 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:31 2003 Subject: nt logon error In-Reply-To: <36DD3EDF.C8E53331@eng.auburn.edu> Message-ID: Yesterday I was having difficultities with smbd loading due to the fact that I had two .SID files. one was created by 2.1.0-prealpha and the other was created by 2.0.3. I was not sure which I should get rid of so I removed both and recreated the MACHINE.SID. Does upgrading to new builds of 2.1.0-prealpha cause this as well? anyway, I will now have to leave the domain and rejoin the domain. Live and learn. This might be something to include in the faq. > > **do not** recreate the MACHINE.SID. if you do all machine > in the domain will be unable to logon. If you do, all domain > members will need to leave and rejoin the domain. _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From fliegl at in.tum.de Wed Mar 3 14:16:14 1999 From: fliegl at in.tum.de (Detlef Fliegl) Date: Tue Dec 2 02:25:31 2003 Subject: How to change NT-Userprofiles without usrmgr.exe? Message-ID: <36DD442E.702A795F@in.tum.de> Hi there, samba-2.0.3 is working very well as a PDC on my linuxbox together with some NT-Clients. The only problem I face is how to change the default-settings in the userprofiles? Using usrmgr.exe causes NT to bring up a message that says I would not have the right to change anything - when I logon as a local admin it is not possible to select the linuxdomain with usrmgr. Some other curious errorbox pops up.... Can anybody help me? Is there any linuxtool which allows editing the userprofiles? Regards, Deti -- Detlef Fliegl, LRR, Technische Universitaet Muenchen Phone: +49 89 289-25770, Fax +49 89 289-28232, Room S3240 From cartegw at Eng.Auburn.EDU Wed Mar 3 14:23:14 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:31 2003 Subject: Trust relationship between PDCs References: <36DC7331.D673B170@epiuse.com> <36DD3C7F.22DBD978@usf.edu> Message-ID: <36DD45D2.C5B421A1@eng.auburn.edu> Hello again, After the discussion about trust relationships, I got to thinking. Althought I've not played with SMS (Systsme Management Server), can anyone confirm wether or not this will run on a BDC? My thinking is this... Some NT admin tools only run on an NT PDC or BDC. Therefore BDC functionality might be nice. What do the people say here? jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From cartegw at Eng.Auburn.EDU Wed Mar 3 14:30:49 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:31 2003 Subject: nt logon error References: Message-ID: <36DD4799.109603DA@eng.auburn.edu> John T Chiodi wrote: > > Yesterday I was having difficultities with smbd loading due > to the fact that > I had two .SID files. one was created by 2.1.0-prealpha and the other > was created by 2.0.3. I was not sure which I should get rid of so I > removed both and recreated the MACHINE.SID. Does upgrading to new > builds of 2.1.0-prealpha cause this as well? anyway, I will now have > to leave the domain and rejoin the domain. Live and learn. This > might be something to include in the faq. >From Q2.2... * Starting smbd will create a file name private/SAMBA.SID with permissions rw-r--r--. The file contains the domain SID for the samba PDC. The filename will differ depending + on the value of the workgroup parameter. If the contents of + this file change, no domain members will be able to logon + and will need to be readded to the domain again. Guard it carefully! ------------------------------- Note that Samba 2.0.x uses MACHINE.SID and the HEAD branch uses WORKGROUP.SID where WORKGROUP is the value of the smb.conf parameter by the same name. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From svedja at lysator.liu.se Wed Mar 3 14:47:45 1999 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:25:31 2003 Subject: unable to create .. Error was File exists Message-ID: I'm getting this since Samba 2.0.3 (I think) Solaris_x86 2.6 with GCC-2.8.1 1999/03/03 13:47:41, 1] smbd/service.c:make_connection(488) vallan00 (130.236.240.150) connect to service profiles as user dejil172 (uid=5328, gid=1000) (pid 7780) [1999/03/03 13:47:41, 0] smbd/open.c:open_directory(1062) open_directory: unable to create .. Error was File exists [1999/03/03 13:47:47, 1] smbd/service.c:make_connection(488) vallan00 (130.236.240.150) connect to service NETLOGON as user dejil172 (uid=5328, gid=1000) (pid 7780) etc.. What's wrong ? Dejan From noel at uni-bonn.de Wed Mar 3 14:45:11 1999 From: noel at uni-bonn.de (Noel =?iso-8859-1?Q?K=F6the?=) Date: Tue Dec 2 02:25:31 2003 Subject: nt WS =?iso-8859-1?Q?can=B4t?= get in samba domain Message-ID: <36DD4AF7.E80B4D29@uni-bonn.de> Hello, my problem is that I can?t add a nt WS to a samba domain. I have a linux ( 2.0.36 ) server with samba 2.0.3 and 20 Win95 ( not b ) clients. The clients connect to the samba controlled nt domain without any problems ( PW change with sync works ! ). encryption is OFF. Users can login and use their homedir without problems. Now I want to add a NT WS ( nttest ) to this domain. I use NT 4.0 with SP 2 so it is safe to use encryption = no. I have added an account for nttest ( shadow pw ): nttest$:x:1005:100::/dev/null:/bin/false nttest:*::0:60:2:0::0 and used mksmbpasswd -a -m nttest: nttest$:1005:67E5DC9874306DC5AAD3B435B51404EE:BC1A251B15F2F27F4118CE32EF8090DA:[W ]:LCT-36DD280D: But nttest is always refused. "Connection is refused by domain controller. Contact sysadmin...." ( message is translated by me. Its the german NT WS version ) log.smb witch I don?t understand: --8<-- [1999/03/03 13:28:23, 2] smbd/reply.c:reply_special(95) netbios connect: name1=SERVER name2=NTTEST [1999/03/03 13:28:48, 2] smbd/server.c:main(702) Changed root to / --8<-- My smb.conf: --8<-- [global] workgroup = enterprise server string = Master Server [ Samba %h %v ] log file = /var/log/samba/log.%m security = user password level = 8 unix password sync = Yes socket options = TCP_NODELAY local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes logon script = startup.bat name resolve order = wins lmhosts bcast wins support = yes dns proxy = yes ...[shares]... --8<-- I only have a MACHINE.SID in .../private/ Can you help me? I read the NT DOM FAQ but did it step by step and the subnetmask is ok, too. thanks. -- Noch einen sch?nen Tag Es gibt Tage da verliert man.... Noel K?the ...und es gibt Tage da gewinnen die Anderen. From whn at topelo.lopi.com Wed Mar 3 15:08:05 1999 From: whn at topelo.lopi.com (Bill Nugent) Date: Tue Dec 2 02:25:32 2003 Subject: How to change NT-Userprofiles without usrmgr.exe? In-Reply-To: Your message of Thu, 04 Mar 1999 01:18:27 +1100. <36DD442E.702A795F@in.tum.de> Message-ID: <19990303150805.12436.qmail@topelo.lopi.com> I believe section 5 of http://us2.samba.org/samba/docs/ntdom_faq/samba_ntd om_faq.html will help point the way. There is also some email in the archives from the last two or three weeks covering this as well. The rest of it is good material as well. HTH, Bill On Thursday, Mar 4 1999 at 01:18:27, Detlef Fliegl wrote: >Hi there, > >samba-2.0.3 is working very well as a PDC on my linuxbox together with >some NT-Clients. The only problem I face is how to change the >default-settings in the userprofiles? Using usrmgr.exe causes NT to >bring up a message that says I would not have the right to change >anything - when I logon as a local admin it is not possible to select >the linuxdomain with usrmgr. Some other curious errorbox pops up.... >Can anybody help me? Is there any linuxtool which allows editing the >userprofiles? > >Regards, > >Deti >-- >Detlef Fliegl, LRR, Technische Universitaet Muenchen >Phone: +49 89 289-25770, Fax +49 89 289-28232, Room S3240 > From pfaff at edge.cis.McMaster.CA Wed Mar 3 15:10:41 1999 From: pfaff at edge.cis.McMaster.CA (Todd Pfaff) Date: Tue Dec 2 02:25:32 2003 Subject: nt logon error In-Reply-To: Message-ID: On Thu, 4 Mar 1999, John T Chiodi wrote: > Yesterday I was having difficultities with smbd loading due to the fact that > I had two .SID files. one was created by 2.1.0-prealpha and the other > was created by 2.0.3. I was not sure which I should get rid of so I > removed both and recreated the MACHINE.SID. Does upgrading to new > builds of 2.1.0-prealpha cause this as well? anyway, I will now have > to leave the domain and rejoin the domain. Live and learn. This > might be something to include in the faq. > > > > > > **do not** recreate the MACHINE.SID. if you do all machine > > in the domain will be unable to logon. If you do, all domain > > members will need to leave and rejoin the domain. this is what i experienced also when i tested 2.1.0-prealpha. it seems to have changed my MACHINE.SID file because my domain members could no longer login until they rejoined the domain after i reverted to 2.0.2. but, read on... > From: Gerald Carter > > Note that Samba 2.0.x uses MACHINE.SID and the HEAD > branch uses WORKGROUP.SID where WORKGROUP is the value of > the smb.conf parameter by the same name. i think i know the source of the problem... there is code in samba-2.1.0-prealpha, file lib/sids.c, function generate_sam_sid(), that looks for an existing MACHINE.SID file and renames it to domain_name.SID before creating a new SID. so what happens if you use 2.1.0 is that MACHINE.SID is renamed to domain_name.SID and then when you revert to 2.0.x a new MACHINE.SID is created because this file no longer exists. if reverting from 2.1.0 to 2.0.x, rename domain_name.SID to MACHINE.SID after stopping 2.1.0 and before starting 2.0.x. -- Todd Pfaff \ Email: pfaff@mcmaster.ca Computing and Information Services \ Voice: (905) 525-9140 x22920 ABB 132 \ FAX: (905) 528-3773 McMaster University \ Hamilton, Ontario, Canada L8S 4M1 \ From cartegw at Eng.Auburn.EDU Wed Mar 3 15:30:24 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:32 2003 Subject: nt WS =?ISO-8859-1?Q?can=B4t?= get in samba domain References: <36DD4AF7.E80B4D29@uni-bonn.de> Message-ID: <36DD5590.8DB183ED@eng.auburn.edu> Noel K?the wrote: > > Hello, > > my problem is that I can?t add a nt WS to a samba domain. > I have a linux ( 2.0.36 ) server with samba 2.0.3 and > 20 Win95 ( not b ) clients. The clients connect to the > samba controlled nt domain without any problems ( PW change > with sync works ! ). encryption is OFF. You **must** use pasword encryption to get the PDC support. > Now I want to add a NT WS ( nttest ) to this domain. > I use NT 4.0 with SP 2 so it is safe to use encryption = no. This is a misconception. NT ha always required password encrpytion for domain control. What SP3 did was make the default behavior "do not downgrade to plain text passwords if the server does not support password encryption". Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From oroy at gwl.com Wed Mar 3 15:42:37 1999 From: oroy at gwl.com (Olivier Roy De Rives) Date: Tue Dec 2 02:25:32 2003 Subject: smbpasswd & NIS Message-ID: <199903031542.IAA21752@gp-dragon.gwl.com> I converted NIS passwords with that script and did not have any problem... I used the following syntax: ypcat passwd | ./mksmbpasswd.sh >> /opt/tools/samba/private/smbpasswd > Originator: samba-ntdom@samba.org > From: > To: Multiple recipients of list > Subject: smbpasswd & NIS > X-Listprocessor-Version: 6.0c -- ListProcessor by Anastasios Kotsikonas > X-URL: http://samba.anu.edu.au/listproc > X-Comment: Discussion of NT domain controller support in Samba > MIME-Version: 1.0 > Content-Transfer-Encoding: 7BIT > Date: Wed, 3 Mar 1999 22:29:49 +1100 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi > > > did anyone tried to convert the unix NIS passwords into the samba password > database? I tried it with mksmbpasswd.sh but I lost all passwords. Any idea? > > Or are there any possibilities for samba to interact with a NIS server as the > password server? > > Thanks, > > Schnaggy :-) > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 5.0i for non-commercial use > Charset: noconv > > iQA/AwUBNt0cmEQHsyCoPLbdEQLSnACg44iaY3aUoZPB2je1PXNCJJx2NZcAmQFG > eXZmTN5sa+26qwFRkIThsOfc > =sPUx > -----END PGP SIGNATURE----- Olivier Roy De Rives NT/UNIX Systems Administrator Great-West Life & Annuity Denver, CO (303)689-4437 Fax: 689-4850 From Jens.Skripczynski at studbox.uni-stuttgart.de Wed Mar 3 16:16:08 1999 From: Jens.Skripczynski at studbox.uni-stuttgart.de (Jens Skripczynski) Date: Tue Dec 2 02:25:33 2003 Subject: NT User List Message-ID: <19990303171608.A30595@shadowland.wh.uni-stuttgart.de> Hi, I have a Linux 2.2.2 with samba v. 2.0.3 named SHADOWLAND configured as a PDC. I also have an NT WS Client 4.0 SP4 included in the Domain. Yesterday I wanted to share some Files from the NT Client. As I wanted to add some Users the Client said someting like "Getting User List of Domain WG9" (Sorry I've got the German Version...) and then the Explorer segfaulted. Do I have to set special Parametes to the smb.conf ? Or is this not emplemented yet ? (This Error happens all the time.) Second I got a school, which wants a Linux PDC and NT 4.0 Clients. They want to use the M$ Explorer. As we have a Proxy Server I said Options->Internet... and added the Proxy but NT just forgot about it, when I clicked the OK Button. Doing the same as Administrator it works. So I think the error has to do with the Domain Concept... Has anybody had Problems like this ? Ciao Jens Skripczynski -- E-Mail: Jens.Skripczynski@studbox.uni-stuttgart.de From wagner at zeus.et.bocholt.fh-ge.de Wed Mar 3 16:21:04 1999 From: wagner at zeus.et.bocholt.fh-ge.de ( (Carsten Wagner)) Date: Tue Dec 2 02:25:33 2003 Subject: smbpasswd & NIS In-Reply-To: <199903031542.IAA21752@gp-dragon.gwl.com> Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OK, i tried again and it failed. Every user and ID was OK but the smb password fields are XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX ! I think this means: None of this users have the permission to logon!? Then I had a look at the mksmbpasswd.sh script. This script puts direct the smb password fields to the XXX'es above. So it could not run in this way. Do you ever have your script? Would you send it to me please? Thanks, Schnaggy :-) On 03-Mar-99 Olivier Roy De Rives wrote: > I converted NIS passwords with that script and did not have any problem... > > I used the following syntax: > > ypcat passwd | ./mksmbpasswd.sh >> /opt/tools/samba/private/smbpasswd > > > > Olivier Roy De Rives > NT/UNIX Systems Administrator > Great-West Life & Annuity > Denver, CO > (303)689-4437 > Fax: 689-4850 -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQA/AwUBNt1hakQHsyCoPLbdEQIQEwCfbmW85AS2LskYt/QrCjqf0oIG2PAAnAgk HYOHgD71AQ2c3IapmCY5Ernz =4fmo -----END PGP SIGNATURE----- From fliegl at in.tum.de Wed Mar 3 16:57:30 1999 From: fliegl at in.tum.de (Detlef Fliegl) Date: Tue Dec 2 02:25:33 2003 Subject: How to change NT-Userprofiles without usrmgr.exe? References: <19990303150805.12436.qmail@topelo.lopi.com> Message-ID: <36DD69FA.9E2E1831@in.tum.de> Hi Bill > I believe section 5 of http://us2.samba.org/samba/docs/ntdom_faq/samba_ntd > om_faq.html will help point the way. There is also some email in the > archives from the last two or three weeks covering this as well. Sure there is some information - but unfortunately the config options have changed in the meantime (even the docs included in the sourcepackage are not up to date). config opts. found in the faq: domain group map local group map domain user map real existent opts: domain groups domain admin group domain guest group domain admin users domain guest users Does anybody know a littlebit more about the options above? Regards, Deti -- Detlef Fliegl, LRR, Technische Universitaet Muenchen Phone: +49 89 289-25770, Fax +49 89 289-28232, Room S3240 From Jean-Francois.Micouleau at dalalu.fr Wed Mar 3 17:09:51 1999 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:25:33 2003 Subject: Trust relationship between PDCs In-Reply-To: <36DD45D2.C5B421A1@eng.auburn.edu> Message-ID: On Thu, 4 Mar 1999, Gerald Carter wrote: > Some NT admin tools only run on an NT PDC or BDC. Therefore > BDC functionality might be nice. What do the people say here? Which tools are you thinking of Jerry ? BDC functionality might be nice. What would be nicer is a netmon trace of replication and of BDC -> PDC and PDC -> BDC promote. Same thing for trust relationship. J.F. From lkcl at switchboard.net Wed Mar 3 20:07:20 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:33 2003 Subject: nt logon error In-Reply-To: Message-ID: upgrade renames. back-down to 2.0.3 re-creates. upgrade again causes "exit" in smbd-2.1.0-prealpha deliberately to tell you "you stuffed it". luke On Thu, 4 Mar 1999, John T Chiodi wrote: > Yesterday I was having difficultities with smbd loading due to the fact that > I had two .SID files. one was created by 2.1.0-prealpha and the other > was created by 2.0.3. I was not sure which I should get rid of so I > removed both and recreated the MACHINE.SID. Does upgrading to new > builds of 2.1.0-prealpha cause this as well? anyway, I will now have > to leave the domain and rejoin the domain. Live and learn. This > might be something to include in the faq. > > > > > > **do not** recreate the MACHINE.SID. if you do all machine > > in the domain will be unable to logon. If you do, all domain > > members will need to leave and rejoin the domain. > > > > > > _______________ > > > Jt Chiodi > Unix Administrator > University of Pittsburgh > chiodi@pitt.edu > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From dave at www.buffalostate.edu Wed Mar 3 20:09:27 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:34 2003 Subject: smbpasswd & NIS In-Reply-To: Message-ID: > i tried again and it failed. Every user and ID was OK but the smb password > fields are > XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > ! > I think this means: > > None of this users have the permission to logon!? > > Then I had a look at the mksmbpasswd.sh script. > This script puts direct the smb password fields to the XXX'es above. So it > could not run in this way. Do you ever have your script? Would you send it to > me please? mksmbpasswd.sh DOES NOT create the samba encrypted password. it is NOT possible to convert a unix hashed password into a Lanman one, as it is a ONE WAY hash function. You can use "unix passwd sync" to update the passwords until the smbpassword file has the encrypted passwords, and then turn "unix passwd sync" off to use encrypted passwords. Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From lkcl at switchboard.net Wed Mar 3 20:10:09 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:34 2003 Subject: nt logon error In-Reply-To: <36DD4799.109603DA@eng.auburn.edu> Message-ID: > ------------------------------- > Note that Samba 2.0.x uses MACHINE.SID and the HEAD > branch uses WORKGROUP.SID where WORKGROUP is the value of > the smb.conf parameter by the same name. > cvs main creates .SID file named after SAM database. on mem-domain this is WKSTA_NAME.SID. on pdc this is DOMAIN_NAME.SID. From bpowell at osc.edu Wed Mar 3 20:09:39 1999 From: bpowell at osc.edu (Brian Powell) Date: Tue Dec 2 02:25:34 2003 Subject: Group bug in Samba (CVS 1999/03/03) Message-ID: Could there be a bug in the way Samba handles UNIX groups as NT domain groups? let me explain what is happening... All of these file snippets are from our Solaris 2.6 Samba PDC machine running Samba code CVS'd on 1999/02/19. This PDC machine is also an NIS master for our NIS domain. The source for group handling (source/groupdb) does not seem to have changed since then... In our smb.conf file: domain group map = /usr/local/samba/private/domgroups In the "domgroups" file: ntadmin="Domain Admins" ntusers="Domain Users" ***** Now, when more than one user is ever added to the "ntadmin" or "ntusers" groups (in the /etc/group file), samba fails to authenticate anyone into the domain. For instance, this works just fine in /etc/group: ntadmin::58:super But this breaks Samba: ntadmin::58:super,bpowell I first noticed this when trying to make the log file lines of the form: trust account orion$ should be in DOMAIN_GROUP_RID_USERS go away. When I actually added these machines to the /etc/group file in the "ntusers" line, it broke samba so I had to remove them and live with these messages filling my log files. Is this a samba problem or something I'm doing wrong? -- Brian Powell http://www.osc.edu/~bpowell/ Systems Programmer/Analyst, The Ohio Supercomputer Center PGP public key at: "finger -l bpowell@osc.edu" or at the above URL From lkcl at switchboard.net Wed Mar 3 20:33:53 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:34 2003 Subject: Group bug in Samba (CVS 1999/03/03) In-Reply-To: Message-ID: On Thu, 4 Mar 1999, Brian Powell wrote: > > Could there be a bug in the way Samba handles UNIX groups as NT domain > groups? let me explain what is happening... in cvs main, yes. From m.chapman at student.unsw.edu.au Wed Mar 3 20:46:25 1999 From: m.chapman at student.unsw.edu.au (Matt Chapman) Date: Tue Dec 2 02:25:34 2003 Subject: Trust relationship between PDCs References: Message-ID: <36DD9FA0.7FD85246@student.unsw.edu.au> Jean Francois Micouleau wrote: > BDC functionality might be nice. What would be nicer is a netmon trace of > replication and of BDC -> PDC and PDC -> BDC promote. > Same thing for trust relationship. I'm playing with replication now. Almost have it figured out. There's about a half-dozen new RPC's we need including some more service control and LSA secret stuff, plus the central \NETLOGON 0x07 "enumerate changed accounts" RPC. The latter is a bit annoying in that some of it is passed as "blobs" of registry info rather than RPC parameters. Matt -- Matt Chapman m.chapman@student.unsw.edu.au From e8903122 at student.tuwien.ac.at Wed Mar 3 19:09:20 1999 From: e8903122 at student.tuwien.ac.at (Richard Kail) Date: Tue Dec 2 02:25:34 2003 Subject: NT User List In-Reply-To: <19990303171608.A30595@shadowland.wh.uni-stuttgart.de> Message-ID: Hello ! On Thu, 4 Mar 1999, Jens Skripczynski wrote: > As I wanted to add some Users the Client said someting like > "Getting User List of Domain WG9" (Sorry I've got the German Version...) > and then the Explorer segfaulted. I have a similar problem with the user manager (the one which comes with NTWS). When I try to modify the access rights for a user (the ability to change the clock, for example), Dr.Watson pops up. The only way to prevent this is to leave the Domain, change the setting and then rejoin the domain. Kind regards, Richard ------ "One day, computer power will eventually outstrip demand, and OS engineers will be free to use friendly languages like LISP again.. until then, I think we're stuck with C." -- Oliver Xymoro From victor at dial.ru.kiev.ua Wed Mar 3 20:02:35 1999 From: victor at dial.ru.kiev.ua (Victor Repetsky) Date: Tue Dec 2 02:25:34 2003 Subject: unable to create .. Error was File exists References: Message-ID: <36DD955B.DE9FB2D3@dial.ru.kiev.ua> I got same error when user can't write to c:\winnt\profiles or c:\temp. Check out acls. Dejan Ilic wrote: > I'm getting this since Samba 2.0.3 (I think) > > Solaris_x86 2.6 with GCC-2.8.1 > > 1999/03/03 13:47:41, 1] smbd/service.c:make_connection(488) > vallan00 (130.236.240.150) connect to service profiles as user > dejil172 (uid=5328, gid=1000) (pid 7780) > [1999/03/03 13:47:41, 0] smbd/open.c:open_directory(1062) > open_directory: unable to create .. Error was File exists > [1999/03/03 13:47:47, 1] smbd/service.c:make_connection(488) > vallan00 (130.236.240.150) connect to service NETLOGON as user > dejil172 (uid=5328, gid=1000) (pid 7780) > > etc.. > > What's wrong ? > Dejan From svedja at lysator.liu.se Wed Mar 3 21:11:58 1999 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:25:34 2003 Subject: unable to create .. Error was File exists In-Reply-To: <36DD955B.DE9FB2D3@dial.ru.kiev.ua> Message-ID: Well, almost right. I had roving profiles running since a while, but due to problems I changed it to mandatory profiles. C:\Temp is writable to users. Dejan On Wed, 3 Mar 1999, Victor Repetsky wrote: > I got same error when user can't write to c:\winnt\profiles or c:\temp. > Check out acls. > > Dejan Ilic wrote: > > > I'm getting this since Samba 2.0.3 (I think) > > > > Solaris_x86 2.6 with GCC-2.8.1 > > > > 1999/03/03 13:47:41, 1] smbd/service.c:make_connection(488) > > vallan00 (130.236.240.150) connect to service profiles as user > > dejil172 (uid=5328, gid=1000) (pid 7780) > > [1999/03/03 13:47:41, 0] smbd/open.c:open_directory(1062) > > open_directory: unable to create .. Error was File exists > > [1999/03/03 13:47:47, 1] smbd/service.c:make_connection(488) > > vallan00 (130.236.240.150) connect to service NETLOGON as user > > dejil172 (uid=5328, gid=1000) (pid 7780) > > > > etc.. > > > > What's wrong ? > > Dejan > > > > ===================================================================== Dejan Ilic, Tech Univ. of Linkoping, Sweden Phone:+46-13-473 01 06 Email: svedja@lysator.liu.se Web: http://www.lysator.liu.se/~svedja ===================================================================== [finger -l svedja@lysator.liu.se for public PGP key] From abakun at reac.com Wed Mar 3 21:12:58 1999 From: abakun at reac.com (Andy Bakun) Date: Tue Dec 2 02:25:34 2003 Subject: NT User List References: Message-ID: <36DDA5DA.BBD3D49C@reac.com> > I have a similar problem with the user manager (the one which comes with > NTWS). When I try to modify the access rights for a user (the ability to > change the clock, for example), Dr.Watson pops up. > > The only way to prevent this is to leave the Domain, change the setting > and then rejoin the domain. The other way to avoid this is to remove the machine from the network by unplugging the network cable from the back of the machine before you open usermgr. It takes a while for the domain controller search to time out, but it won't crash, and you just can't browse the users in the domain, which is okay because Everyone is on the local machine. Andy. From drobbins at obgyn.unm.edu Wed Mar 3 21:18:44 1999 From: drobbins at obgyn.unm.edu (Daniel Robbins) Date: Tue Dec 2 02:25:35 2003 Subject: Trust relationship between PDCs In-Reply-To: <36DD9FA0.7FD85246@student.unsw.edu.au>; from Matt Chapman on Thu, Mar 04, 1999 at 07:54:20AM +1100 References: <36DD9FA0.7FD85246@student.unsw.edu.au> Message-ID: <19990303141844.A17726@obgyn.unm.edu> Has anyone else noticed that having an NT BDC isn't all that great? From my experience, the BDC will process logons, but when the BDC isn't available for an extended period of time, domain logons will flake out, even if the PDC is available. Is there a way around this? The reason I mention this is because it would be nice if Samba would work properly in this regard. I don't know whether this is possible. Is the problem related to network browsing or a defect in some other part of the Microsoft BDC implementation? Would forcing a browser election on the network eventually resolve this problem, or is this a totally different issue? If there is some way Samba could be designed to allow BDCs to go down, and have clients transparently switch over to a functional PDC for domain logons, then Samba domains would be much more useful and reliable than Microsoft's. Does anyone else have this BDC problem with Windows NT Server 4.0, or am I doing something wrong? On Thu, Mar 04, 1999 at 07:54:20AM +1100, Matt Chapman wrote: > Jean Francois Micouleau wrote: > > > BDC functionality might be nice. What would be nicer is a netmon trace of > > replication and of BDC -> PDC and PDC -> BDC promote. > > Same thing for trust relationship. > > I'm playing with replication now. Almost have it figured out. > > There's about a half-dozen new RPC's we need including some more service > control and LSA secret stuff, plus the central \NETLOGON 0x07 "enumerate > changed accounts" RPC. The latter is a bit annoying in that some of it is > passed as "blobs" of registry info rather than RPC parameters. > > Matt > > > > -- > Matt Chapman > m.chapman@student.unsw.edu.au > > > > -- Daniel Robbins System Administrator University of New Mexico drobbins@obgyn.unm.edu From lkcl at switchboard.net Wed Mar 3 22:31:07 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:35 2003 Subject: Trust relationship between PDCs In-Reply-To: <19990303141844.A17726@obgyn.unm.edu> Message-ID: daniel, try configuring multiple (identical) machines all as samba PDCs, see what happens. they fight it out attempting to be the PDC every 5 minutes. you will need to make sure they all use the same private/smbpasswd file, and that means ensuring that if they access it [this file] over a network, the access is done securely. alternative: use ldap or mysql, run ssh redirection from localhost to _real_ ldap or mysql server, on all samba PDCs. luke On Thu, 4 Mar 1999, Daniel Robbins wrote: > Has anyone else noticed that having an NT BDC isn't all that great? From > my experience, the BDC will process logons, but when the BDC isn't > available for an extended period of time, domain logons will flake out, > even if the PDC is available. Is there a way around this? > > The reason I mention this is because it would be nice if Samba would work > properly in this regard. I don't know whether this is possible. Is the > problem related to network browsing or a defect in some other part of the > Microsoft BDC implementation? Would forcing a browser election on the > network eventually resolve this problem, or is this a totally different > issue? > > If there is some way Samba could be designed to allow BDCs to go down, and > have clients transparently switch over to a functional PDC for domain > logons, then Samba domains would be much more useful and reliable than > Microsoft's. > > Does anyone else have this BDC problem with Windows NT Server 4.0, or am I > doing something wrong? > > On Thu, Mar 04, 1999 at 07:54:20AM +1100, Matt Chapman wrote: > > Jean Francois Micouleau wrote: > > > > > BDC functionality might be nice. What would be nicer is a netmon trace of > > > replication and of BDC -> PDC and PDC -> BDC promote. > > > Same thing for trust relationship. > > > > I'm playing with replication now. Almost have it figured out. > > > > There's about a half-dozen new RPC's we need including some more service > > control and LSA secret stuff, plus the central \NETLOGON 0x07 "enumerate > > changed accounts" RPC. The latter is a bit annoying in that some of it is > > passed as "blobs" of registry info rather than RPC parameters. > > > > Matt > > > > > > > > -- > > Matt Chapman > > m.chapman@student.unsw.edu.au > > > > > > > > > > -- > Daniel Robbins > System Administrator > University of New Mexico > drobbins@obgyn.unm.edu > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From Jens.Skripczynski at studbox.uni-stuttgart.de Wed Mar 3 22:59:17 1999 From: Jens.Skripczynski at studbox.uni-stuttgart.de (Jens Skripczynski) Date: Tue Dec 2 02:25:35 2003 Subject: NT User List In-Reply-To: <36DDAF0F.A6474290@reac.com>; from Andy Bakun on Wed, Mar 03, 1999 at 03:52:15PM -0600 References: <36DDA5DA.BBD3D49C@reac.com> <19990303223053.A31822@shadowland.wh.uni-stuttgart.de> <36DDAF0F.A6474290@reac.com> Message-ID: <19990303235917.A32009@shadowland.wh.uni-stuttgart.de> Andy Bakun: > Jens Skripczynski wrote: > Er, I mean the "Everyone" user, which is who I allow to change the system time. > Sorry, I never considered that you'd want to add only a specific user to that list. > :) Sorry once again, I wanted to give specific users access to a share on the Workstation. So i said add at the share-access previligde list and the Explorer crasht. So how can I add specific Users on the M$ Client to the local share access list ? Ciao Jens Skripczynski -- E-Mail: Jens.Skripczynski@studbox.uni-stuttgart.de From josephs at ticam.utexas.edu Wed Mar 3 22:57:44 1999 From: josephs at ticam.utexas.edu (Joseph Southwell) Date: Tue Dec 2 02:25:35 2003 Subject: Something different... Message-ID: <36DDBE68.51DF504E@ticam.utexas.edu> I get The system cannot log you on to this domain because the systems computer account in it primary domain or the password on that account is wrong. Does anyone hvae any Ideas NT service pack 4.0 IRIX 6.5.2 samba latest as of 3/3/99 I installed it and set up one machine as suggested, I get the welcome to domain message, but after reboot I get the afor mentioned message when trying to login. -- Regards, Joseph Southwell TICAM/CCV U.T. at Austin josephs@ticam.utexas.edu (512)471-0982 From awilliam at whitemice.org Wed Mar 3 17:40:34 1999 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:25:35 2003 Subject: smbpasswd & NIS In-Reply-To: "Re: smbpasswd & NIS" (Mar 4, 3:21am) References: Message-ID: <9903031740.ZM32179@estate1.whitemice.org> > > i tried again and it failed. Every user and ID was OK but the smb password > fields are > XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > ! > I think this means: >> None of this users have the permission to logon!? >> Then I had a look at the mksmbpasswd.sh script. > This script puts direct the smb password fields to the XXX'es above. So it > could not run in this way. Do you ever have your script? Would you send it to > me please? > This is exactly what the script is supposed to do. It is IMPOSSIBLE to convert unix-crypts to nt-crypts, or vice versa. Both use a one way crypt function. You must start with a clear text password, the script simply set up the file to support updating your passwords. Run clear text, have everyone change there passwords, then switch to encrypted passwords. From pburch at sccd.ctc.edu Thu Mar 4 00:57:05 1999 From: pburch at sccd.ctc.edu (Burch, Phil) Date: Tue Dec 2 02:25:35 2003 Subject: Samba and Profiles Message-ID: <67DD2D8CC31BD111A8BB080009DDDED5CADB25@nsccnta01.sccd.ctc.edu> (I've posted this to a newsgroup, sorry if you've had to read it twice) I have set up Samba 2.0.2 as the PDC for a classroom of NTW4 clients. Everything is working great except it seems the NTUSER.DAT portion of roaming profiles is not getting updated properly.. (My desktop reverts to green and I get the Welcome to NT message every login) I am also not able to run User Manager for Domains, (the log talks of "TODO - change Unix times to NTTIMEs) because it crashes if I try to do something, is this related? The NTUSER.DAT file on the Unix filesystem looks like this: -rw-r--r-- 1 pburch pburch 270336 Mar 3 1999 NTUSER.DAT Is the strange date format a factor?? Thanks in advance, Phil Burch Computing Services North Seattle Community College http://nsccux.sccd.ctc.edu From greg at discreet.com Thu Mar 4 12:24:05 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:36 2003 Subject: Something different... In-Reply-To: <36DDBE68.51DF504E@ticam.utexas.edu> Message-ID: Hi Joseph, I've been having the same problem on 6.5.3f and have been trying to track it down. No luck so far though ;-( Greg On 03-Mar-99 Joseph Southwell wrote: > I get The system cannot log you on to this domain because the systems > computer account in it primary domain or the password on that account is > wrong. Does anyone hvae any Ideas > NT service pack 4.0 > IRIX 6.5.2 samba latest as of 3/3/99 > > I installed it and set up one machine as suggested, I get the welcome to > domain message, but after reboot I get the afor mentioned message when > trying to login. > -- > Regards, > Joseph Southwell > TICAM/CCV U.T. at Austin > josephs@ticam.utexas.edu > (512)471-0982 --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From parasonic at online.de Wed Mar 3 02:19:50 1999 From: parasonic at online.de (Mark Schuren) Date: Tue Dec 2 02:25:36 2003 Subject: subscribe Message-ID: <36DC9C46.5AD042DF@online.de> parasonic@online.de From svedja at lysator.liu.se Thu Mar 4 16:19:35 1999 From: svedja at lysator.liu.se (Dejan Ilic) Date: Tue Dec 2 02:25:36 2003 Subject: Bug or (mis)feature Message-ID: I recently tracked down a mysterious proble I have seen in ny domain (NT4SP4 with Samba server) Scenario is like this: User has a password with mixed uppercase and lowercase. NT4-machines are in domain with Samba 2.0.3 server and running on mandatory profile. The same problem probably happens with roving profiles too. LMFix applied on all machines. Problem: Problem happends when user log into the domain with ALL lowercase password. Reason: NT4SP4 checks with Samba, and as Samba checks agains all-lowercase passwords in second try (see "password level" in smb.conf), the user can log in on the machine. Here the problems start. User is now loged into the NT4, but when NT tries to check the profile information, server refuses because it feel that the password is incorrect. Thus prfile informatin cannot be downloaded with the error "operating system was unable to create profile directory \\server\profiles.pds. You will be logged with a local profile only" Thus mandatory profile fails, and so does mounting of homedisk. ---- I checked with a friend who has a domain with "pure" NT4 wks and NT4 server. First of all, it doesn't let you log in with all lowercase passwords, and thus you dont have problems with password-missmatch in later stage. Second, if "password level = 0" is needed, the I want a way of disabling the test with all lowercase, effectivly sacrifising compatibility for security. Has anybody else had this problem or is able to reproduce the problem ? Dejan From adam.w.cabler at lmco.com Thu Mar 4 17:36:20 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:36 2003 Subject: Can't connect to domain Message-ID: OK - Its partly working because when I change the domain name, it changes in Network Neighborhood. However, its not letting me in to browse through NN, so its not showing my server in the domain. I get 2 messages:"Computer or sharename not found" and "The specified computer not receiving your request". Any Hints? adam From pfaff at edge.cis.McMaster.CA Thu Mar 4 19:52:15 1999 From: pfaff at edge.cis.McMaster.CA (Todd Pfaff) Date: Tue Dec 2 02:25:36 2003 Subject: Samba and Profiles In-Reply-To: <67DD2D8CC31BD111A8BB080009DDDED5CADB25@nsccnta01.sccd.ctc.edu> Message-ID: a samba-2.0.x pdc does not provide the necessary domain user information to a domain client for things like user manager and ntfs access control lists to work yet. if you need these features then you have to run the samba-2.1.0prealpha version. a workaround for the roaming profile problem is available and has been posted to the samba lists in the past. it may also be on the samba nt-domain faq, i'm not sure. essentially what you have to do is to copy the profile (using the My Computer->Properties->User Profiles Copy function and change the Permitted to Use field to Everyone). you have to do this copy while not connected to the domain (either temporarily leave the domain and join a workgroup, or disconnect your network cable and wait for the timeout) because otherwise it will fail or crash when trying to get the domain user info from the pdc (like user manager does). On Thu, 4 Mar 1999, Burch, Phil wrote: > Date: Thu, 4 Mar 1999 11:53:33 +1100 > From: "Burch, Phil" > To: Multiple recipients of list > Subject: Samba and Profiles > > (I've posted this to a newsgroup, sorry if you've had to read it twice) > I have set up Samba 2.0.2 as the PDC for a classroom of NTW4 clients. > Everything is working great except it seems the NTUSER.DAT portion of > roaming profiles is not getting updated properly.. (My desktop reverts to > green and I get the Welcome to NT message every login) > I am also not able to run User Manager for Domains, (the log talks of "TODO > - change Unix times to NTTIMEs) because it crashes if I try to do something, > is this related? > The NTUSER.DAT file on the Unix filesystem looks like this: > -rw-r--r-- 1 pburch pburch 270336 Mar 3 1999 NTUSER.DAT > Is the strange date format a factor?? > > Thanks in advance, > > Phil Burch > Computing Services > North Seattle Community College > http://nsccux.sccd.ctc.edu > -- Todd Pfaff \ Email: pfaff@mcmaster.ca Computing and Information Services \ Voice: (905) 525-9140 x22920 ABB 132 \ FAX: (905) 528-3773 McMaster University \ Hamilton, Ontario, Canada L8S 4M1 \ From appro at fy.chalmers.se Fri Mar 5 11:04:07 1999 From: appro at fy.chalmers.se (Andy Polyakov) Date: Tue Dec 2 02:25:36 2003 Subject: Turning OFF Network Profiles Safely References: <003401be50a2$664b7da0$f2c6d6cf@ebola.microdisplay.com> <3.0.3.32.19990208083520.00778bb0@bioserve.biochem.latrobe.edu.au> Message-ID: <36DFBA27.B0EFDAE9@fy.chalmers.se> > >I'm betting it is not the profiles in general but the Internet Expoiter > >settings in the prifile thats is causing your problems. I've experienced that Desktop can as well get big enough to become a pain to shuffle around every time people login/logout. > > David Bannon wrote: > ... > > [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet > > Settings\Cache\Paths] > > "Directory"="c:\temp" > ... > Jamie ffolliott (jmeff@engsoc.queensu.ca) wrote: > ... > > [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths] > > "Directory"="\\SERVER\Profiles\%USERNAME%\Temporary Internet Files" > > etc. > > > > [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] > > "AppData"="\\SERVER\Profiles\%USERNAME%\Application Data" I wonder which programs use AppData? > > > > [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] > > "Cache"=""\\SERVER\Profiles\%USERNAME%\Cache"" > ... I write: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Cache"="%SystemDrive%\TEMP\%USERNAME%.cache" "Desktop"="%HOMEDRIVE%%HOMEPATH%\.nt\Desktop" In order to promote it to every user's hive, I put this into the policy: CLASS USER CATEGORY "Desktop" KEYNAME "Software\Microsoft\Windows\CurrentVersion" POLICY "Desktop Location [Check me!]" KEYNAME "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" PART "Idea is to detach Desktop from Profile..." TEXT END PART PART "Enter Desktop Location" EDITTEXT VALUENAME "Desktop" DEFAULT "%HOMEDRIVE%%HOMEPATH%\.nt\Desktop" REQUIRED #if VERSION >= 2 EXPANDABLETEXT #endif END PART END POLICY ; Desktop Location [Check me!] END CATEGORY ; Desktop CATEGORY "Internet Explorer" KEYNAME "Software\Microsoft\Windows\CurrentVersion" POLICY "Cache Size Limit [Check me!]" KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content" PART "Infamous IE Cache Size Limit can be set MB-vise now:-)" TEXT END PART PART "Enter Cache Size Limit" NUMERIC VALUENAME "CacheLimit" REQUIRED DEFAULT "5120" MAX 1048576 SPIN 1024 END PART END POLICY ; Cache Size Limit [Check me!] POLICY "Cache Location [Check me!]" KEYNAME "Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" PART "Idea is (again) to detach IE cache from profile..." TEXT END PART PART "Enter Cache Location" EDITTEXT VALUENAME "Cache" DEFAULT "%SystemDrive%\TEMP\%USERNAME%.cache" REQUIRED #if VERSION >= 2 EXPANDABLETEXT #endif END PART END POLICY ; Cache Location [Check me!] END CATEGORY ; Internet Explorer [STRINGS] Cheers. Andy. From Peter.Knoblach at berner-holding.de Fri Mar 5 14:14:41 1999 From: Peter.Knoblach at berner-holding.de (Knoblach Peter) Date: Tue Dec 2 02:25:36 2003 Subject: Unable to join DOMAIN Message-ID: Hi! I whant to join the domain 'HOLDING' with my samba server 'ema6'. According to DOMAIN_MEMBER.txt I added the 'ema6' to the domain with the servermanager for domains. o.k. but when I execute: smbpasswd -j HOLDING I get: No password server list given in smb.conf - unable to join domain. What is wrong? For info I add my smb.conf: ---------------------8<----------------------------------- ;/etc/smb.conf ; fuer ema6 [global] ; server string = Continuus Server ; Einstellungen fuer Donain-Member ; siehe docs/textdocs/DOMAIN_MEMBER.txt ; workgroup = HOLDING security = domain encrypt passwords = yes smbpasswd file = /var/samba/private password server = HLD-BDC1 HOLDING_MDC01 ; DOS Kompatibilitaet ; dos filetimes = yes dos filetime resolution = yes [homes] public = no comment = home read only = no create mode = 0750 ---------------------------------------------------------------------- Peter Knoblach mailto:Peter.Knoblach@berner-holding.de Informatik International Systemadministrator _ ___ __ __ __ __ __ Berner GmbH | | /_ | | || | ||\ || | | Bernerstra?e 6 | | | | |__||__ |__|| \ ||__ |__| D-74653 K?nzelsau | |___| | | || |\ | \|| |\ Tel: +49(0)7940-121577 |_______| |__||__ | \ | \|__ | \ Fax: +49(0)7940-121908 L e i s t u n g v e r b i n d e t http://www.berner.de mailto:info@berner-holding.de From oroy at gwl.com Fri Mar 5 14:49:15 1999 From: oroy at gwl.com (Olivier Roy De Rives) Date: Tue Dec 2 02:25:36 2003 Subject: Unable to join DOMAIN Message-ID: <199903051449.HAA27913@gp-dragon.gwl.com> Try doing: smbpasswd -j HOLDING -r PDC (where PDC is the name of your NT domain controller) But before you do that, you'll need to create an account on the PDC by using the "Add to domain" in Server Manager. Hope this helps... > Hi! > > I whant to join the domain 'HOLDING' with my samba > server 'ema6'. > According to DOMAIN_MEMBER.txt I added the 'ema6' to the > domain with the servermanager for domains. > o.k. > > but when I execute: > smbpasswd -j HOLDING > I get: > No password server list given in smb.conf - unable > to join domain. > > What is wrong? > > > For info I add my smb.conf: > ---------------------8<----------------------------------- > ;/etc/smb.conf > ; fuer ema6 > > [global] > ; > server string = Continuus Server > > ; Einstellungen fuer Donain-Member > ; siehe docs/textdocs/DOMAIN_MEMBER.txt > ; > workgroup = HOLDING > security = domain > encrypt passwords = yes > smbpasswd file = /var/samba/private > password server = HLD-BDC1 HOLDING_MDC01 > > ; DOS Kompatibilitaet > ; > dos filetimes = yes > dos filetime resolution = yes > > [homes] > public = no > comment = home > read only = no > create mode = 0750 > > ---------------------------------------------------------------------- > Peter Knoblach mailto:Peter.Knoblach@berner-holding.de > Informatik International > Systemadministrator > _ ___ __ __ __ __ __ > Berner GmbH | | /_ | | || | ||\ || | | > Bernerstra?e 6 | | | | |__||__ |__|| \ ||__ |__| > D-74653 K?nzelsau | |___| | | || |\ | \|| |\ > Tel: +49(0)7940-121577 |_______| |__||__ | \ | \|__ | \ > Fax: +49(0)7940-121908 L e i s t u n g v e r b i n d e t > http://www.berner.de > mailto:info@berner-holding.de > Olivier Roy De Rives NT/UNIX Systems Administrator Great-West Life & Annuity Denver, CO (303)689-4437 Fax: 689-4850 From ian at cecoh.com Fri Mar 5 15:17:06 1999 From: ian at cecoh.com (Ian Charboneau) Date: Tue Dec 2 02:25:37 2003 Subject: tracking daemons Message-ID: <000001be671b$3b0df160$c77ec1cf@mis-3.cecoh.com> Hello this is my first post. I am a new net admin at a web site management company and my mail and my web server failed last night. It is running slackware and is using samba to run in a NT domain. Is there any way that I can track it through my NT box and have my NT system email me or page my when a daemon fails or the server itself goes down. Thanks. I am willing to try just about anything. Ian Charboneau phone 512 485-4733 Network Administrator email ian@cecoh.com Ceco Management fax 512 328-9779 Austin Texas -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1944 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990305/88ca7ed0/winmail.bin From ng_f at hotmail.com Fri Mar 5 15:19:34 1999 From: ng_f at hotmail.com (Freddie Ng) Date: Tue Dec 2 02:25:37 2003 Subject: Basic question about Samba PDC Message-ID: <19990305151935.5268.qmail@hotmail.com> Hi all, I am sorry if this is a FAQ, but I definitely need to work this out as soon as possible. Here's the situation. I want my NT box to join a Samba domain. I have followed the steps in the document "FAQ for Samba NTDOM PDC Support" found in the Samba website. According to this document, a file name private/SAMBA.SID will be created after starting smbd. However, no such file was created. What did I do wrong? Also, when I tried switching from Workgroup to Domain on my NT box, the computer gives me the error message "You already have a connection to the domain. You must disconnect before joining the domain." I have read about how to configure the file smb.conf to make Samba a PDC. I think the problem isn't coming from misconfiguring this file. Thanks a lot in advance. Any help or suggestion would be appreciated! Fred Ng, Systems Administrator Toronto District School Board ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From brandon at iomega.com Fri Mar 5 15:24:47 1999 From: brandon at iomega.com (Brandon Gillespie) Date: Tue Dec 2 02:25:37 2003 Subject: NT Group auth for limited areas Message-ID: <19990305082447.A15862@ogg.iomega.com> Hello, we use Samba on our HP servers here at Iomega, and I am trying to integrate it with our NT network a little better. I have it as a NT Domain member, and it is doing user authorization just fine. But we have about six different areas used in our production environment where people push files onto the HP server from their windows machines (through Samba) and oracle picks up the files and does its thing. There is already seperate NT Groups for these areas, and I would simply like to limit the areas by NT Group, *exactly* like you do a unix group. Is this in the future plans? I was hoping when I saw 'domain groups' that it had to do with this, but a scan of the source doesn't seem to say that is what it is for. I have considered just hacking it, and adding another special syntax like '+ntgroup' to behave just like '@unixgroup'... but figured I would check here first. Please CC, I am not on this list. -Brandon Gillespie HP-UX Administrator, Iomega Corp. From hulet at ittc.ukans.edu Fri Mar 5 15:32:50 1999 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:25:37 2003 Subject: unix password sync In-Reply-To: <199903051449.HAA27913@gp-dragon.gwl.com> Message-ID: I have finally figured out my passwd chat string so I can change my unix password from NT. The problem is it doesn't change my samba password. NT says "The User name or old password is incorrect" etc. Samba is changing my unix password to my new password successfully. What do I need to send back to NT to say that the unix password change was successful? Or what is Samba waiting for before it proceeds to change the samba password? If I turn off unix password sync then my Samba password gets changed but not my unix password. Michael Hulet Network System Administrator ITTC, University of Kansas From cartegw at Eng.Auburn.EDU Fri Mar 5 15:35:03 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:37 2003 Subject: Basic question about Samba PDC References: <19990305151935.5268.qmail@hotmail.com> Message-ID: <36DFF9A7.D3F1F9E1@eng.auburn.edu> Freddie Ng wrote: > > Here's the situation. I want my NT box to join a Samba > domain. I have followed the steps in the document "FAQ > for Samba NTDOM PDC Support" found in the Samba website. > According to this document, a file name private/SAMBA.SID > will be created after starting smbd. However, no such > file was created. What did I do wrong? SAMBA will be replaced with whatever value for the workgroup you assigned (you are using the HEAD branch source code and not Samba 2.0.3 right?) > Also, when I tried switching from Workgroup to Domain on > my NT box, the computer gives me the error message "You > already have a connection to the domain. You must > disconnect before joining the domain." Make sure you have no network connections to the server. I will add this one to the FAQ this weekend hopefully along with a few others. > I have read about how to configure the file smb.conf > to make Samba a PDC. I think the problem isn't > coming from misconfiguring this file. If thee comments don't help, send me you smb.conf and I'll have a look. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ian at cecoh.com Fri Mar 5 15:47:07 1999 From: ian at cecoh.com (Ian Charboneau) Date: Tue Dec 2 02:25:37 2003 Subject: Talking to my server Message-ID: <000901be671f$6c811ac0$c77ec1cf@mis-3.cecoh.com> Hello again got some advice about how to check my servers but would still welcome further info about how to track specific daemons running on my linux boxes and how my PDC could contact me in the event of a failure. I have checked the internet and my hardware and NT documentation but can't seem to find anything. Would appreciate any suggestions. Thanks. Ian Charboneau phone 512 485-4733 Network Administrator email ian@cecoh.com Ceco Management fax 512 328-9979 Austin Texas -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1932 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990305/bfc84a00/winmail.bin From cartegw at Eng.Auburn.EDU Fri Mar 5 15:50:43 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:38 2003 Subject: NT Group auth for limited areas References: <19990305082447.A15862@ogg.iomega.com> Message-ID: <36DFFD53.3BA3C5AE@eng.auburn.edu> Brandon Gillespie wrote: > > Hello, we use Samba on our HP servers here at Iomega, and I am trying > to integrate it with our NT network a little better. I have it as a > NT Domain member, and it is doing user authorization just fine. But > we have about six different areas used in our production environment > where people push files onto the HP server from their windows machines > (through Samba) and oracle picks up the files and does its thing. > There is already seperate NT Groups for these areas, and I would > simply like to limit the areas by NT Group, *exactly* like you do a > unix group. Is this in the future plans? I was hoping when I saw > 'domain groups' that it had to do with this, but a scan of the source > doesn't seem to say that is what it is for. What you have to do at the moment is to create unix users and group so that samba can get a uid and gid and emumlate the group permissions from the NT side. See question 6.1 of the NTDOM FAQ linked off the Samba site under the documentation section. There are some perl scripts I wrote to help do this. There is a link under that question to download them. What they do is create /etc/passwd and /etc/group entries (with the password disabled '*' ) that mimic the group membership of the NT domain. Three steps, * create the users in /etc/passwd (not user for authentication of course) * create the necessary groups in /etc/group * add the users to the appropriate group The main problem is that UNIX only allows for controlling access by one owner, one group and for everyone else. NTFS is more flexible. However, it sounds like this will work for you. Try things out and contact me if you have questions about the scripts. BTW...I put an entire chapter in my new book about replacing an NT file and print server with a Samba box and addressing these types of issues. "Samba Teach Yourself Samba in 24 Hours" due out in late April if your interested. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From greg at discreet.com Fri Mar 5 16:05:40 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:38 2003 Subject: Basic question about Samba PDC In-Reply-To: <19990305151935.5268.qmail@hotmail.com> Message-ID: The SID file will be .SID if it is not a PDC, otherwise it will be called .SID. I'm confused about what exactly you want, do you have an NT PDC running already? Greg On 05-Mar-99 Freddie Ng wrote: > Hi all, > > I am sorry if this is a FAQ, but I definitely need to work this out as > soon as possible. > > Here's the situation. I want my NT box to join a Samba domain. I have > followed the steps in the document "FAQ for Samba NTDOM PDC Support" > found in the Samba website. According to this document, a file name > private/SAMBA.SID will be created after starting smbd. However, no such > file was created. What did I do wrong? > > Also, when I tried switching from Workgroup to Domain on my NT box, the > computer gives me the error message "You already have a connection to > the domain. You must disconnect before joining the domain." > > I have read about how to configure the file smb.conf to make Samba a > PDC. I think the problem isn't coming from misconfiguring this file. > > Thanks a lot in advance. Any help or suggestion would be appreciated! > > > > Fred Ng, > Systems Administrator > Toronto District School Board > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From harald at penti.sit.fi Fri Mar 5 16:16:53 1999 From: harald at penti.sit.fi (Harald Hannelius) Date: Tue Dec 2 02:25:38 2003 Subject: Not Related: Ban Microsoft Outlook Express MUA from this list? Message-ID: Could the manager of this list please ban all messages sent with a , I'm getting annoyed with all these crippled e-mails that keep on dropping in. Thanks.. =========================================================== Harald H Hannelius | Harald@iki.fi | GSM +358405470870 =========================================================== From mbreuer at Siac.COM Fri Mar 5 16:17:45 1999 From: mbreuer at Siac.COM (mbreuer@Siac.COM) Date: Tue Dec 2 02:25:38 2003 Subject: Turning OFF Network Profiles Safely References: <003401be50a2$664b7da0$f2c6d6cf@ebola.microdisplay.com> <3.0.3.32.19990208083520.00778bb0@bioserve.biochem.latrobe.edu.au> <36DFBA27.B0EFDAE9@fy.chalmers.se> Message-ID: <199903051622.LAA03648@pub.siac.com> Outlook Express also seems to be a large culprit. After making an aborted attempt to experment with Outlook 2000, I discovered my profile took about 10 minutes to load. Outlook Express (which I'd never used or (I thought) loaded) took a copy of my entire IMAP directory, messages, folders, etc., and replicated them into an outlook express directory deep within my profile. I don't remember the exact path (I've deleted the directory). FYI: this occured after I installed and then de-installed Outlook 2000 (which I did tell about my IMAP directory). Andy Polyakov wrote: > > >I'm betting it is not the profiles in general but the Internet Expoiter > [snip] From ldoan at mindq.com Fri Mar 5 16:35:24 1999 From: ldoan at mindq.com (Long Doan) Date: Tue Dec 2 02:25:38 2003 Subject: Turning OFF Network Profiles Safely Message-ID: <004201be6726$2dded8f0$14804ecf@long.mindq.com> The path to Outlook Express's mail directory is described at: HKCU\Software\Microsoft\Outlook Express\Store Root To change it, stop Outlook Express, move the directory, update the registry, and restart Outlook Express. Another thing to change is the address book: HKCU\Software\Microsoft\WAB\WAB4\Wab File Name\ Both of them should have been somewhere in %HOMEDRIVE%%HOMEPATH% in the first place anyway :( Long. -----Original Message----- From: mbreuer@Siac.COM To: Multiple recipients of list Date: Friday, March 05, 1999 11:28 AM Subject: Re: Turning OFF Network Profiles Safely >Outlook Express also seems to be a large culprit. After making an aborted attempt to experment with >Outlook 2000, I discovered my profile took about 10 minutes to load. Outlook Express (which I'd >never used or (I thought) loaded) took a copy of my entire IMAP directory, messages, folders, etc., >and replicated them into an outlook express directory deep within my profile. I don't remember the >exact path (I've deleted the directory). FYI: this occured after I installed and then de-installed >Outlook 2000 (which I did tell about my IMAP directory). > >Andy Polyakov wrote: > >> > >I'm betting it is not the profiles in general but the Internet Expoiter >> [snip] From adam.w.cabler at lmco.com Fri Mar 5 16:37:15 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:38 2003 Subject: Basic question about Samba PDC Message-ID: I am trying to setup Samba as a PDC, but I am having strange results. If in fact the SID is supposed to be .SID or .SID if its a Domain, mine is not working at all. I am getting only MACHINE.SID. I think I have my settings right as far as a domain, and also, I can see my domain in NetNeighborhood, but I can't access it. I get "invalid computer or sharename" -----Original Message----- From: Greg Dickie [mailto:greg@discreet.com] Sent: Friday, March 05, 1999 10:07 AM To: Multiple recipients of list Subject: RE: Basic question about Samba PDC The SID file will be .SID if it is not a PDC, otherwise it will be called .SID. I'm confused about what exactly you want, do you have an NT PDC running already? Greg On 05-Mar-99 Freddie Ng wrote: > Hi all, > > I am sorry if this is a FAQ, but I definitely need to work this out as > soon as possible. > > Here's the situation. I want my NT box to join a Samba domain. I have > followed the steps in the document "FAQ for Samba NTDOM PDC Support" > found in the Samba website. According to this document, a file name > private/SAMBA.SID will be created after starting smbd. However, no such > file was created. What did I do wrong? > > Also, when I tried switching from Workgroup to Domain on my NT box, the > computer gives me the error message "You already have a connection to > the domain. You must disconnect before joining the domain." > > I have read about how to configure the file smb.conf to make Samba a > PDC. I think the problem isn't coming from misconfiguring this file. > > Thanks a lot in advance. Any help or suggestion would be appreciated! > > > > Fred Ng, > Systems Administrator > Toronto District School Board > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From greg at discreet.com Fri Mar 5 16:50:34 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:38 2003 Subject: Basic question about Samba PDC In-Reply-To: Message-ID: Do you have "domain logons = yes" in smb.conf? Not being able to browse it can happen in many ways try setting "map to guest = bad user" Greg On 05-Mar-99 Cabler, Adam W wrote: > I am trying to setup Samba as a PDC, but I am having strange results. If in > fact the SID is supposed to be .SID or .SID if > its a Domain, mine is not working at all. I am getting only MACHINE.SID. I > think I have my settings right as far as a domain, and also, I can see my > domain in NetNeighborhood, but I can't access it. I get "invalid computer > or sharename" > > > > -----Original Message----- > From: Greg Dickie [mailto:greg@discreet.com] > Sent: Friday, March 05, 1999 10:07 AM > To: Multiple recipients of list > Subject: RE: Basic question about Samba PDC > > > > > The SID file will be .SID if it is not a PDC, otherwise it > will > be called .SID. > > I'm confused about what exactly you want, do you have an NT PDC running > already? > > Greg > > On 05-Mar-99 Freddie Ng wrote: >> Hi all, >> >> I am sorry if this is a FAQ, but I definitely need to work this out as >> soon as possible. >> >> Here's the situation. I want my NT box to join a Samba domain. I have >> followed the steps in the document "FAQ for Samba NTDOM PDC Support" >> found in the Samba website. According to this document, a file name >> private/SAMBA.SID will be created after starting smbd. However, no such >> file was created. What did I do wrong? >> >> Also, when I tried switching from Workgroup to Domain on my NT box, the >> computer gives me the error message "You already have a connection to >> the domain. You must disconnect before joining the domain." >> >> I have read about how to configure the file smb.conf to make Samba a >> PDC. I think the problem isn't coming from misconfiguring this file. >> >> Thanks a lot in advance. Any help or suggestion would be appreciated! >> >> >> >> Fred Ng, >> Systems Administrator >> Toronto District School Board >> >> ______________________________________________________ >> Get Your Private, Free Email at http://www.hotmail.com > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet logic > Montreal > (514) 954-7171 > greg@discreet.com --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From daniel at med.up.pt Fri Mar 5 18:29:44 1999 From: daniel at med.up.pt (Daniel Fonseca) Date: Tue Dec 2 02:25:38 2003 Subject: NT Group auth for limited areas In-Reply-To: <19990305082447.A15862@ogg.iomega.com> Message-ID: On Sat, 6 Mar 1999, Brandon Gillespie wrote: > Hello, we use Samba on our HP servers here at Iomega, and I am trying > to integrate it with our NT network a little better. I have it as a > NT Domain member, and it is doing user authorization just fine. But > we have about six different areas used in our production environment > where people push files onto the HP server from their windows machines > (through Samba) and oracle picks up the files and does its thing. > There is already seperate NT Groups for these areas, and I would > simply like to limit the areas by NT Group, *exactly* like you do a > unix group. Is this in the future plans? I was hoping when I saw > 'domain groups' that it had to do with this, but a scan of the source > doesn't seem to say that is what it is for. I thought I'd share one of my solutions towards this intricate problem onto this list. In fact, sharing files (for both reading and writing) amongst some more than 2/3 users is a complicated task, just out-of-the-box. The main dificulty resided in the fact that, even if one gave permissions for a set of users, them writing on the disk would make files owned by them, and the only solution would be to change the default umask for group write permissions (and/or having directories with the sgid bit set) and having one group for each set/pair of users plus dirs, making it rather large and complicated to maintain (believe me, I tried :-), plus the fact that when you create a directory, no setgid is maintained, etc. After some thinking, I came to a set of settings which work in providing just the sort of thing I needed. All things show best with an example so, straight away for a smb.conf snip and some comments: --- [SHARED MAP] comment = Shared map path = /path_to_shared_tree valid users = user1 user2 ... browseable = no public=no guest ok = no force user = original_user force group = group_of_original_user writable = yes --- So in this way what happens is that user writing problem is solved because all connections are internaly (Linux side, in this case, I mean) made by the same fixed user. All auth's still apply because before the "valid users" you have to effectively authenticate yourself and samba only permits connections from authorized/valid'ed users - you can even twist this to a group of users, naturally! (putting @group in valid users - see man page) or a group less some users with "invalid users" also used. You can also override any home share - just place it before the global [HOMES] share. Okay, that's it! If anyone has at least been amused by this little thingie I'm already glad or if you've thought of it before, well good for you! Any suggestions are always, of course, welcomed, no flames, please. Hope to help, Daniel Fonseca From lkcl at switchboard.net Fri Mar 5 20:35:51 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:38 2003 Subject: NT Group auth for limited areas In-Reply-To: <19990305082447.A15862@ogg.iomega.com> Message-ID: brandon, full nt domain integration (nt permissions) are not completely enabled yet. you can always limit permissions on unix-side on a per-share basis etc: valid users = @netgroup for example. best regards, luke. On Sat, 6 Mar 1999, Brandon Gillespie wrote: > Hello, we use Samba on our HP servers here at Iomega, and I am trying > to integrate it with our NT network a little better. I have it as a > NT Domain member, and it is doing user authorization just fine. But > we have about six different areas used in our production environment > where people push files onto the HP server from their windows machines > (through Samba) and oracle picks up the files and does its thing. > There is already seperate NT Groups for these areas, and I would > simply like to limit the areas by NT Group, *exactly* like you do a > unix group. Is this in the future plans? I was hoping when I saw > 'domain groups' that it had to do with this, but a scan of the source > doesn't seem to say that is what it is for. > > I have considered just hacking it, and adding another special syntax > like '+ntgroup' to behave just like '@unixgroup'... but figured I > would check here first. > > Please CC, I am not on this list. > > -Brandon Gillespie > HP-UX Administrator, Iomega Corp. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Fri Mar 5 20:36:49 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:38 2003 Subject: Basic question about Samba PDC In-Reply-To: Message-ID: On Sat, 6 Mar 1999, Greg Dickie wrote: > > > The SID file will be .SID if it is not a PDC, otherwise it will > be called .SID. correct. this is cvs main only. From lkcl at switchboard.net Fri Mar 5 20:39:50 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:38 2003 Subject: Not Related: Ban Microsoft Outlook Express MUA from this list? In-Reply-To: Message-ID: On Sat, 6 Mar 1999, Harald Hannelius wrote: > > > Could the manager of this list please ban all messages sent with a > , I'm getting annoyed with all these crippled e-mails that keep > on dropping in. there's been about two per day, recently. on pine (3.96 and 4.01) the messages come up with a blank content. did outlook depressed get up (or down) graded recently or something in the last month? andrew, is there a way to auto-detect outlook depressed messages or attachments and treat them as spam, e.g using spamstopper for a different purpose? regards, luke From lkcl at switchboard.net Fri Mar 5 20:40:54 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:39 2003 Subject: Basic question about Samba PDC In-Reply-To: Message-ID: On Sat, 6 Mar 1999, Cabler, Adam W wrote: > I am trying to setup Samba as a PDC, but I am having strange results. If in > fact the SID is supposed to be .SID or .SID if > its a Domain, mine is not working at all. I am getting only MACHINE.SID. I > think I have my settings right as far as a domain, and also, I can see my > domain in NetNeighborhood, but I can't access it. I get "invalid computer > or sharename" use latest cvs not 2.0.x. From lkcl at switchboard.net Fri Mar 5 22:39:00 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:39 2003 Subject: coding binge coming on. Message-ID: hm. i feel the urge to do a coding-spree again. spread wings again in unchartered territories. before i do so, does anyone have any suggestions for major areas of missing functionality that are really getting on people's wick (e.g inter-domain trust relationships?) luke rsvp. to samba-technical, thx. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From bob at durer.info-ren.org Sat Mar 6 19:06:16 1999 From: bob at durer.info-ren.org (Robert D. Carlitz) Date: Tue Dec 2 02:25:39 2003 Subject: NT login problem Message-ID: <199903061906.OAA27075@durer.info-ren.org> On Feb. 12 Michael Hulet reported a problem with the error message The system can not log you on (C000005B). Please try again or consult your system administrator. Michael said that he was able to log in when he tried again. I'm seeing the same error message, but I'm unable to log onto the Samba server. I'm running 2.1.0prealpha under BSDi 3.0. The log file for the NT Workstation from which I'm trying to log in reports groupdb/groupdb.c:iterate_getusergroupsnam(232) unable to open group database. which I presume to be related to the login problem and the other remarks in Michael's message. I'm curious what problem the error number C000005B actually refers to and what work-arounds people have discovered for this. I've tried various things with group mappings in smb.conf, but I haven't found anything that works. Thanks, Bob Carlitz From dany at databit.ro Sun Mar 7 11:30:42 1999 From: dany at databit.ro (Dan Ardelean) Date: Tue Dec 2 02:25:39 2003 Subject: Samba with security=domain to other Samba PDC Message-ID: <000401be688d$f169c1f0$169566c2@orion.databit.ro> Hi, I have a Samba server (DATABIT) which is configured to be a PDC for a domain (DBNT) I'm trying to join this domain with other Samba server ( STARGATE ) on the databit machine i have created the stargate$ account. smbpasswd -m -a stargate$ Added user stargate$. Password changed for user stargate$ Then on the STARGATE machine: smbpasswd -j DBNT -r DATABIT cli_connect_serverlist: Password server loop - not using password server STARGATE cli_connect_serverlist: Domain password server not available. get_member_domain_sid: unable to initialise client connection. Can't setup password database vectors. and ... I don't get it ... why "password server loop ???" since my smb.conf on STARGATE contains: security = domain password server = DATABIT and in the other smb.conf - on DATABIT - I have no refference to STARGATE. Any ideas ? Thanks, Dan From Michael.Keightley at quadstone.com Sun Mar 7 15:03:43 1999 From: Michael.Keightley at quadstone.com (Michael.Keightley@quadstone.com) Date: Tue Dec 2 02:25:39 2003 Subject: private/MACHINE.SID changes from 2.0.0 to 2.0.3 Message-ID: <199903071503.PAA17628@gromit.quadstone.co.uk> I'm running 2.0.0 just now. Compiled and installed 2.0.3. When I restarted samba private/MACHINE.SID changed which meant I would need to get all 40 PCs to rejoin the domain. Luckily I kept a copy of my 2.0.0 files. Is this a feature or a bug? Is there anyway to stop it changing the SID? Michael -- Michael Keightley Tel: +44 131 220 4491 Systems Manager Fax: +44 131 220 4492 Quadstone Limited WWW: http://www.quadstone.com From dany at databit.ro Sun Mar 7 15:45:18 1999 From: dany at databit.ro (Dan Ardelean) Date: Tue Dec 2 02:25:39 2003 Subject: Samba with security=domain to other Samba PDC (2) Message-ID: <001601be68b1$80dd27f0$179566c2@nemesis.databit.ro> Hi, I finally managed to join the domain ... I have manually created tha file DBNT.STARGATE.mac ... and after that smbpasswd -j DBNT -r DATABIT worked . Anyway ... there's a strange behaviour if this file does not exists - it normally should be created by the smbpasswd program. Dan From pcc at llnl.gov Sun Mar 7 01:20:04 1999 From: pcc at llnl.gov (Phil Cox) Date: Tue Dec 2 02:25:39 2003 Subject: Some NetBIOS questions In-Reply-To: <36B60393.20E43CCD@engr.sgi.com> Message-ID: <3.0.5.32.19990306172004.009f3ec0@poptop.llnl.gov> All, I was curious to see if anyone has seen nbdatagram or nbname over TCP. I do recall (I think) form the RFC's (1001 1002) that these CAN run over TCP, but I have never seen it. I was wondering under what, if any, circumstances that this would occurr? Phil - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Computer Incident Advisory Capability (CIAC) Philip C. Cox (510)422-8193 (510)422-8564 ciac@llnl.gov pcc@llnl.gov ------------------------------------------------------------------- PGP fingerprint = 1A97 AB44 406A 77B7 3EA8 3B5B E3B5 BE73 Noteable Quote : "Those who desire to give up Freedom, to gain Security, will not, and do not deserve, either." -- Thomas Jefferson From robh at acprog.ifas.ufl.edu Mon Mar 8 01:56:19 1999 From: robh at acprog.ifas.ufl.edu (Rob Holley) Date: Tue Dec 2 02:25:39 2003 Subject: NT login problem References: <199903061906.OAA27075@durer.info-ren.org> Message-ID: <36E32E43.278508B4@acprog.ifas.ufl.edu> I have the same problem in a public teaching computer lab. I have Sparc 5 running 2.1.0prealpha and NT4.0/SP4 Workstations. It seems to be some kind of persistant connection problem. My work around is to have the teaching assistants in the lab keep swat on the status page and kill the connections to the problem workstation. As soon as the connection is killed logins work with no problem. "Robert D. Carlitz" wrote: > > On Feb. 12 Michael Hulet reported a problem with the error message > > The system can not log you on (C000005B). Please try again > or consult your system administrator. > > Michael said that he was able to log in when he tried again. I'm > seeing the same error message, but I'm unable to log onto the Samba > server. I'm running 2.1.0prealpha under BSDi 3.0. The log file > for the NT Workstation from which I'm trying to log in reports > > groupdb/groupdb.c:iterate_getusergroupsnam(232) > unable to open group database. > > which I presume to be related to the login problem and the other > remarks in Michael's message. I'm curious what problem the error > number C000005B actually refers to and what work-arounds people > have discovered for this. I've tried various things with group > mappings in smb.conf, but I haven't found anything that works. > > Thanks, > Bob Carlitz -- Rob \\|// - ? (o o) /==================================oOOo=(_)=oOOo========\ | Rob Holley "UNIX Guy" robh@hal-net.com | | University of Florida robh@acprog.ifas.ufl.edu | | IFAS Academic Programs | | .oooO | | http://www.hal-net.com/~robh ( ) Oooo. | \===================================\ (==( )==========/ \_) ) / (_/ From m.chapman at student.unsw.edu.au Mon Mar 8 06:12:34 1999 From: m.chapman at student.unsw.edu.au (Matt Chapman) Date: Tue Dec 2 02:25:40 2003 Subject: Security = Server using NT PDC References: <006601be50cb$380e5880$0101a8c0@leighann> Message-ID: <36E36A52.21D58F71@student.unsw.edu.au> Dominic W. Chan wrote: > password server = password server = LEIGHANN Matt -- Matt Chapman m.chapman@student.unsw.edu.au From harald at penti.sit.fi Mon Mar 8 10:25:14 1999 From: harald at penti.sit.fi (Harald Hannelius) Date: Tue Dec 2 02:25:40 2003 Subject: Not Related: Ban Microsoft Outlook Express MUA from this list? In-Reply-To: Message-ID: On Sat, 6 Mar 1999, Luke Kenneth Casson Leighton wrote: > On Sat, 6 Mar 1999, Harald Hannelius wrote: > > > > > > > Could the manager of this list please ban all messages sent with a > > , I'm getting annoyed with all these crippled e-mails that keep > > on dropping in. > > there's been about two per day, recently. on pine (3.96 and 4.01) the > messages come up with a blank content. I can confirm this for pine 4.10 also. Is this a problem with pine or someone else? I have the feeling that pine is following the rfc's rather good, does it not? > andrew, is there a way to auto-detect outlook depressed messages or > attachments and treat them as spam, e.g using spamstopper for a different > purpose? You have my vote on that one! :) =========================================================== Harald H Hannelius | Harald@iki.fi | GSM +358405470870 =========================================================== From sansdrap at hedy.ucl.ac.be Mon Mar 8 10:28:45 1999 From: sansdrap at hedy.ucl.ac.be (Jacques Sansdrap) Date: Tue Dec 2 02:25:40 2003 Subject: coding binge coming on. References: Message-ID: <36E3A65D.FD7594C0@hedy.ucl.ac.be> > rsvp. to samba-technical, thx. This is not really technical so I will post it here... Would it be possible to have in the documentation a TODO (or STATUS) file listing the currently available features, the ones that are in the development pipe, the ones that are on the back burner...? That would help by not wasting time for the beta testers, checking for features that are not yet available. I know there are some comments in the source files about this but it is a bit heavy to read. It could also improve the recruitment of developers by pointing where some expertise would be welcome... JS From af at biomath.jussieu.fr Mon Mar 8 10:43:07 1999 From: af at biomath.jussieu.fr (FAUCONNET Alain) Date: Tue Dec 2 02:25:40 2003 Subject: Not Related: Ban Microsoft Outlook Express MUA from this list? In-Reply-To: from Harald Hannelius at "Mar 8, 99 09:25:41 pm" Message-ID: <199903081043.LAA01132@boule.biomath.jussieu.fr> Hello, I think that all the problems we see are a conjunction of two factors : 1- so-called "modern" MUAs tend to overuse MIME attachements, sometimes in very useless ways (such as HTML versions of the plain text, quotations, and all kind of "cards"). Most of the time, they can be configured to keep a lower profile. Netscape Communicator 4.5, for instance, can be set up to only send pure ASCII and quote mails replied to inline the good old way (">" prefix). Unfortunately the wise guys at Netscape did not find it fit to set those as defaults. 2- the list processor program used for Samba lists is not particularily clever in the handling of headers. Actually it's even very dumb. I know, we use the same exact one for our internal e-mail lists. More specifically, it does not handle AT ALL headers with continuation lines. He eats up all but the first line, causing incomplete multipart mails (usually the "boundary" parameters misses). So what ? unless the nice people who manage those lists can find the time to switch to a better list processor like Majordomo, all we can do is asking people : - not to send any multipart mails : * do copy/paste logs or config files inline, not as attachements * disable any HTML evil (I hope Outlook can do that, I don't use it) * avoid non-ASCII characters (many MUA would convert them to quoted-printable or even worse base64 -- the HP CDE mailer does) - disable vcards an all that nonsense - disable auto attachement of PGP signatures too, this really confuses things in digests for people reading them with elm Regards, -- Alain Fauconnet From bj at mcs.uts.edu.au Mon Mar 8 12:59:29 1999 From: bj at mcs.uts.edu.au (Benjamin Kuit) Date: Tue Dec 2 02:25:40 2003 Subject: Wkns forget passwds? Message-ID: <199903081259.XAA09550@thing.socs.uts.EDU.AU> Hiya, I have this curious problem with a few workstations. Just like many others, we add a machine entry in our smbpasswd file (samba PDC of course), and then tell the workstation to join the domain. The workstation then says 'Welcome..' and all looks happy. It then reboots, and people from the new domain try and log in but it complains that the computer account for the domain is incorrect. I dont know how to approach this problem. saying it has a bad passwd entry for that domain, and then correctly authenticate the next try. This problem is in the minority, most machines seem to be ok, but its an annoying minority. Should I check things like time differences between machines? bad I dont know how to approach this problem or what to look for. Names and uids are unique. NT names? Not using the most recent cvs release yet, only for the test server, which seems to work ok. Using a cvs release of 3/3/99 or maybe a day earlier. Any help much appreciated. Bj +-------------------------------+--------------------------------------+ | Benjamin (Bj) Kuit | Faculty Of Mathematical | | Systems Programmer | and Computing Sciences. | | Phone: 02 9514 1841 | University of Technology, Sydney | | Mobile: 0412 182 972 | bj@mcs.uts.edu.au | +-------------------------------+--------------------------------------+ From greg at discreet.com Mon Mar 8 13:13:02 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:40 2003 Subject: Wkns forget passwds? In-Reply-To: <199903081259.XAA09550@thing.socs.uts.EDU.AU> Message-ID: I have had a similar problem, check the log files for a signal 11 (grep for fault.c). In my case the smbd for that logon was segfaulting quietly and NT simply gave this message which IMHO is not really the case. Hope this helps, Greg On 08-Mar-99 Benjamin Kuit wrote: > Hiya, > > I have this curious problem with a few workstations. > > Just like many others, we add a machine entry in our smbpasswd file > (samba PDC of course), and then tell the workstation to join the > domain. The workstation then says 'Welcome..' and all looks happy. > > It then reboots, and people from the new domain try and log in but > it complains that the computer account for the domain is incorrect. > > I dont know how to approach this problem. > saying it has a bad passwd entry for that domain, and then correctly > authenticate the next try. > > This problem is in the minority, most machines seem to be ok, but > its an annoying minority. > > Should I check things like time differences between machines? bad > I dont know how to approach this problem or what to look for. Names > and uids are unique. > > NT names? > > Not using the most recent cvs release yet, only for the test server, > which seems to work ok. Using a cvs release of 3/3/99 or maybe a day > earlier. > > Any help much appreciated. > > > Bj > > +-------------------------------+--------------------------------------+ >| Benjamin (Bj) Kuit | Faculty Of Mathematical | >| Systems Programmer | and Computing Sciences. | >| Phone: 02 9514 1841 | University of Technology, Sydney | >| Mobile: 0412 182 972 | bj@mcs.uts.edu.au | > +-------------------------------+--------------------------------------+ --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From greg at discreet.com Mon Mar 8 15:51:25 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:41 2003 Subject: problem with latest CVS Message-ID: Here's a silly one: On friday I did a password change test, it worked but it put the following in smbpasswd: greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-36DE76A3: now when I try to log-in I get a segmentation violation because of the following: (dbx) list 531 * 531 if (memcmp(smb_pass->smb_passwd , lm_pwd, 16) != 0 && 532 memcmp(smb_pass->smb_nt_passwd, nt_pwd, 16) != 0) 533 { 534 status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD; 535 } 536 537 return status; 538 } 539 540 /************************************************************************* (dbx) whatis lm_pwd char lm_pwd[16]; (dbx) p lm_pwd 0x7ffe46b8 = "\342\343\213\224z\341k3\252\323\2645\265\024\004\356" (dbx) p nt_pwd 0x7ffe46c8 = "\223\205\f\323^\214\214.)\306tGq\203\325\367" (dbx) p smb_pass->smb_nt_passwd (nil) (dbx) p *smb_pass struct sam_passwd { logon_time = struct nttime_info { low = 4294967295 high = 2147483647 } logoff_time = struct nttime_info { low = 4294967295 high = 2147483647 } kickoff_time = struct nttime_info { low = 4294967295 high = 2147483647 } pass_last_set_time = struct nttime_info { low = 247812992 high = 29255223 } pass_can_change_time = struct nttime_info { low = 247812992 high = 29255223 } pass_must_change_time = struct nttime_info { low = 4294967295 high = 2147483647 } unix_name = 0x101865c0 = "greg" nt_name = 0x101866c0 = "greg" full_name = 0x10186740 = "" home_dir = 0x10186b40 = "\\\\cuba\\greg\\Windows" dir_drive = 0x10186f40 = "H:" logon_script = 0x10187340 = "logon.bat" profile_path = 0x10187740 = "\\\\madagascar\\profiles\\greg" acct_desc = 0x10187b40 = "" workstations = 0x10187f40 = "" unknown_str = (nil) munged_dial = (nil) unix_uid = 1124 unix_gid = 500 user_rid = 5496 More (n if no)? group_rid = 3001 smb_passwd = 0x10188c68 = "\275y\006r\244\022\240\376\252\323\2645\265\024\004\356\025\212t\315\036\302\02 7\021 \250-\313\3 76\243\306\302" smb_nt_passwd = (nil) acct_ctrl = 16 unknown_3 = 16777215 logon_divs = 168 hours_len = 21 hours = "\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\37 7\377" unknown_5 = 131072 unknown_6 = 1260 } (dbx) lv43/6.5.3f/work/irix/lib/libc/libc_n32_M3/strings/bcmp.s":77, 0xfad6790] > 1 net_login_interactive(id1 = 0x7ffe4bfc, smb_pass = 0x10186490, vuser = 0x101b75d0) ["/tmp_mnt/DLlocal/greg/samba/source/rp c_server/srv_netlog.c":531, 0x100a2694] 2 api_net_sam_logon(vuid = 100, data = 0x7ffe7588, rdata = 0x101b79c4) ["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_n etlog.c":725, 0x100a2e28] 3 api_rpc_command(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc", api_rpc_cmds = 0x10179948, data = 0x7ffe7588) [" /tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":693, 0x100b3b6c] 4 api_rpcTNP(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc", api_rpc_cmds = 0x10179948, data = 0x7ffe7588) ["/tmp_ mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":722, 0x100b3d4c] 5 api_netlog_rpc(p = 0x101b7898, data = 0x7ffe7588) ["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_netlog.c":885, 0x100 a331c] 6 api_pipe_request(p = 0x101b7898, pd = 0x7ffe7588) ["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":607, 0x100b3 604] 7 rpc_command(p = 0x101b7898, pd = 0x7ffe7588) ["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":643, 0x100b37bc] 8 api_fd_reply(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", setup = 0x10192320, data = 0x101bb128 = "\005", param s = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, mdrcnt = 1024, mprcnt = 0) ["/tmp_mnt/DLlocal/greg/samba/source/smbd/ipc.c":32 57, 0x10036f28] 9 named_pipe(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", name = 0x7ffe772e = "", setup = 0x10192320, data = 0x1 01bb128 = "\005", params = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, msrcnt = 0, mdrcnt = 1024, mprcnt = 0) ["/tmp_mnt/DLloc al/greg/samba/source/smbd/ipc.c":3475, 0x10037bd8] 10 reply_trans(conn = 0x101b7818, inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "", size = 372, bufsize = 61440) ["/tmp_mnt /DLlocal/greg/samba/source/smbd/ipc.c":3614, 0x10038928] 11 switch_message(type = 37, inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "", size = 372, bufsize = 61440) ["/tmp_mnt/DLlo cal/greg/samba/source/smbd/process.c":489, 0x1006f324] 12 construct_reply(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "", size = 372, bufsize = 61440) ["/tmp_mnt/DLlocal/greg/s amba/source/smbd/process.c":522, 0x1006f444] 13 process_smb(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "") ["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":592, 0x1006f764] 14 smbd_process() ["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":936, 0x100709f4] More (n if no)? In other words smb_nt_passwd is null, I assume because of the XXXXXXXs in the passwd file. The problem would appear to be twofold 1) password change should not put the XXXXs and 2) smbd should not crash because of it. Should I fix this or will some kind soul take care of it? Thx, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From Ingo.Kley at lampebank.de Mon Mar 8 17:34:33 1999 From: Ingo.Kley at lampebank.de (Ingo Kley) Date: Tue Dec 2 02:25:41 2003 Subject: Always connecting z:\... Message-ID: <199903081637.RAA28133@iris.baeurer.de> Hi, I am using 2.0.3 on a Linux System. When I connect my NTws to my Server, the system creates a connection to Z:\server\homes. How can I change this, that the system connects to H:\server\homes ?? email Ingo.Kley@lampebank.de From cartegw at Eng.Auburn.EDU Mon Mar 8 16:46:32 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:41 2003 Subject: Always connecting z:\... References: <199903081637.RAA28133@iris.baeurer.de> Message-ID: <36E3FEE8.17AB9244@eng.auburn.edu> logon drive = H: Ingo Kley wrote: > > Hi, > > I am using 2.0.3 on a Linux System. When I connect my NTws to my Server, the > system creates a connection to Z:\server\homes. How can I change this, that the > system connects to H:\server\homes ?? > email Ingo.Kley@lampebank.de -- ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ian at cecoh.com Mon Mar 8 16:53:12 1999 From: ian at cecoh.com (Ian Charboneau) Date: Tue Dec 2 02:25:41 2003 Subject: seeing with samba Message-ID: <000101be6984$2735f640$c77ec1cf@mis-3.cecoh.com> Hello I hope that I have fixed my signature so it doesn't create a huge mime attachment that seems to make everyone see red. If not I will gladly take further suggestions on how to fix it or ideas on other windows based email programs that have the functionality of outlook without its MANY downsides. Anyway I am running a NT network and I have a samba enabled database server running on Slackware. The NT network can see the drive on the Linux box but cannot open anything. I am asked to supply the password and neither the root password for the linux box nor the admin password for the NT network works. Also am still looking for network management software that will work in a mixed NT Linux enviroment. Thanks Ian Charboneau??????????????????? phone 512 485-4733 Network Administrator?????????? email ian@cecoh.com fax 512 328-9779 Ceco Management?????????????? Austin Texas From lkcl at switchboard.net Mon Mar 8 17:12:07 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:41 2003 Subject: Log file error. In-Reply-To: Message-ID: peter, use cc not gcc, and you have to switch off optimisation, there are some issues with the RISC chip versions on HP m/cs. has anyone else successfully compiled for hpux11? rsvp cc'd to Peter Kloet , thx. On Mon, 8 Mar 1999, Peter Kloet wrote: > Hello all, > > I have compiled samba 2.0.3 on a hpux11.0 and all whened > well. But if i see the log file from a pc there is a error > in it. > > [1999/03/08 09:46:11, 1] smbd/service.c:(488) > pc822 (192.87.90.101) connect to service itmaint as user admin02 (uid=249, gid=323) (pid 26374) > [1999/03/08 09:49:31, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 09:51:57, 1] smbd/service.c:(512) > pc822 (192.87.90.101) closed connection to service itmaint > [1999/03/08 09:54:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:00:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:06:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:12:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:18:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:24:57, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:30:10, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:36:10, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:42:10, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > [1999/03/08 10:48:10, 0] lib/util_sock.c:(407) > write_data: write failure. Error = Broken pipe > > What is the problem? > > I compiled it also on a hpux 10.20 system, and there i > have not the error. ?? > > Greetings, > > ---------------------- > Peter Kloet > HP-UX SystemAdministrator > Kluwer Academic Publishers > Peter.Kloet@wkap.nl > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From jgolden at bcs-systems.com Mon Mar 8 17:41:14 1999 From: jgolden at bcs-systems.com (Joel Golden) Date: Tue Dec 2 02:25:41 2003 Subject: subscribe Message-ID: <71B9DE092AD9D111B1A300A0C909C198057F06@BCS-FS1> Joel Golden www.bcs-systems.com Jgolden@bcs-systems.com BCS 1100 71 Plaza Court Suite 11 Springdale, AR 72764 (501)750-7475 From lharold at mrc.uidaho.edu Mon Mar 8 20:04:06 1999 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:25:41 2003 Subject: Wkns forget passwds? In-Reply-To: from "To:samba-ntdom@samba.anu.edu.au" at Mar 08, 99 11:56 am Message-ID: <199903082004.MAA11891@hydra.mrc.uidaho.edu> Hi guys, I just got the same results from 2.0.3. Fortunately it is a test machine. I deleted the machine entry from the smbpasswd file and then recreated it with "smbpasswd -a -m CHARA" followed by rebooting the PC and still had no luck logging in. The logfile (at debug 100) is at http://www.len.moscow.id.us/log for browsing. The samba machine is a HP C180 running a current and heavily patched HP-UX 10.20 on it. CC me directly if you want more info quickly as I keep track of this list through the web archive. Len On 08-Mar-99 Greg Dickie wrote: >I have had a similar problem, check the log files for a signal 11 (grep for >fault.c). In my case the smbd for that logon was segfaulting quietly and NT >simply gave this message which IMHO is not really the case. > >Hope this helps, >Greg > >On 08-Mar-99 Benjamin Kuit wrote: >> Hiya, >> >> I have this curious problem with a few workstations. >> >> Just like many others, we add a machine entry in our smbpasswd file >> (samba PDC of course), and then tell the workstation to join the >> domain. The workstation then says 'Welcome..' and all looks happy. >> >> It then reboots, and people from the new domain try and log in but >> it complains that the computer account for the domain is incorrect. >> >> I dont know how to approach this problem. >> saying it has a bad passwd entry for that domain, and then correctly >> authenticate the next try. >> >> This problem is in the minority, most machines seem to be ok, but >> its an annoying minority. >> >> Should I check things like time differences between machines? bad >> I dont know how to approach this problem or what to look for. Names >> and uids are unique. >> NT names? >> >> Not using the most recent cvs release yet, only for the test server, >> which seems to work ok. Using a cvs release of 3/3/99 or maybe a day >> earlier. >> >> Any help much appreciated. >> >> >> Bj From D.Bannon at latrobe.edu.au Mon Mar 8 20:59:56 1999 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:25:41 2003 Subject: problem with latest CVS In-Reply-To: Message-ID: <3.0.3.32.19990309075956.0071d718@bioserve.biochem.latrobe.edu.au> At 02:53 AM 09/03/1999 +1100, Greg Dickie wrote: > >Here's a silly one: > > On friday I did a password change test, it worked but it put the following in >smbpasswd: > >greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX :[U > ]:LCT-36DE76A3: > Greg, looks like the same bug I have been discussing with Luke for a couple of weeks. Samba fails to authenticate with the NTHash method, tries LM method, seems to work. But as it no longer has a NTpassword it cannot rewrite the second passwd field so sets it to XXXX.., as intended. Next time it fails because of the XXXXs. Might be worth confirming that your authentication (when changing passwd) is all defaulting to LMhash, see password.c/smb_password_ok(..) (?) David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From greg at discreet.com Mon Mar 8 22:06:12 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:42 2003 Subject: problem with latest CVS In-Reply-To: <3.0.3.32.19990309075956.0071d718@bioserve.biochem.latrobe.edu.au> Message-ID: sounds right, I'm frequently using the LMhash and have not yet figured out why... oh the mysteries of NT... Greg On 08-Mar-99 David Bannon wrote: > At 02:53 AM 09/03/1999 +1100, Greg Dickie wrote: >> >>Here's a silly one: >> >> On friday I did a password change test, it worked but it put the > following in >>smbpasswd: >> >>greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX >:[U >> ]:LCT-36DE76A3: >> > > Greg, looks like the same bug I have been discussing with Luke for a couple > of weeks. Samba fails to authenticate with the NTHash method, tries LM > method, seems to work. But as it no longer has a NTpassword it cannot > rewrite the second passwd field so sets it to XXXX.., as intended. Next > time it fails because of the XXXXs. > > Might be worth confirming that your authentication (when changing passwd) > is all defaulting to LMhash, see password.c/smb_password_ok(..) (?) > > David > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From stanford at sccsnetwork.com Mon Mar 8 23:02:17 1999 From: stanford at sccsnetwork.com (Stanford Law) Date: Tue Dec 2 02:25:42 2003 Subject: subscribe Message-ID: <36E456F9.7E99FF92@sccsnetwork.com> subscribe i want so subscribe to the mail list -------------- next part -------------- A non-text attachment was scrubbed... Name: stanford.vcf Type: text/x-vcard Size: 312 bytes Desc: Card for Stanford Law Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990308/eb68ccdc/stanford.vcf From m.chapman at student.unsw.edu.au Mon Mar 8 23:02:23 1999 From: m.chapman at student.unsw.edu.au (Matt Chapman) Date: Tue Dec 2 02:25:42 2003 Subject: Win95 user-level access References: Message-ID: <36E456FF.87744B0D@student.unsw.edu.au> Uwe Wendt wrote: > based on your mail I've checked the current samba cvs. > OK - I get a userlist -or better- grouplist, but it is not complete. > The first entry win95 shows is "complete network" (german: Gesamtes > Netzwerk) followed by the first eleven entries from /etc/group starting > with root to news. Uucp and later are not listed. OK, I know about that - there is indeed a hardcoded maximum of 11 which I will fix very soon - but this means the new RPCs I added are working nicely :-) Matt -- Matt Chapman m.chapman@student.unsw.edu.au From m.brodbelt at acu.ac.uk Tue Mar 9 14:08:31 1999 From: m.brodbelt at acu.ac.uk (Mike Brodbelt) Date: Tue Dec 2 02:25:42 2003 Subject: Printer sharing with Samba Message-ID: <36E52B5F.AF788A39@acu.ac.uk> This is not strictly a domain related question, but it concerns functionality most domain users would probably like, so I hope no-one minds me asking it here... I'm in the process of removing an old Novell server, and I'm replacing it with a Linux box running Samba. Clients are all NT workstations, and the domain authentication is currently done on an NT PDC (which I hope to replace in the fullness of time). When I install a printer on an NT machine, and share that printer, I can elect for other machines attaching to that printer to use the driver on the machine hosting the printer. This obviates the need to install local printer drivers everywhere, and is generally pretty useful. Is this functionality present in Samba yet? I'm aware that Samba can make drivers available for auto download to NT clients, but I'd very much like to be able to use the NT model where the driver is simple installed on the server. This may not be possible - would this require Samba to be able to execute an NT driver image, but I'd be interested to know either whether it already works, or that it's never likely to.... Thanks, Mike. From Chad.Campbell at innovision.com Tue Mar 9 14:19:14 1999 From: Chad.Campbell at innovision.com (Chad Campbell) Date: Tue Dec 2 02:25:42 2003 Subject: Strange file deletion problem Message-ID: <36E52DE2.F6671065@innovision.com> We're observing a strange problem when trying to delete 226 files out of a directory that is 7 levels deep. Each time we do "del *.*" in the command window, most of the files are deleted, and the rest report "The system cannot find the file specified." The number of errors correspond to the number of files not deleted, but the files reported as not being found do not correspond to the files that weren't deleted. This occurs exactly the same way each time. On the first pass, all but 35 files are deleted, on the second all but 9 are deleted, and then the third pass deletes the rest. Also, the same files are involved each time. We successfully deleted all 226 files using Windows NT explorer with no noticeable errors. We're running Samba 2.0.0 with the file truncation patch on an Ultra 2 running Solaris 7 in 64 bit mode. The NT client is 4.0 with SP4/128 bit. Thanks, Chad -- Chad Campbell Software Engineer, Innovision Corporation Chad.Campbell@innovision.com (913)226-8700 From cartegw at Eng.Auburn.EDU Tue Mar 9 14:24:58 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:42 2003 Subject: Printer sharing with Samba References: <36E52B5F.AF788A39@acu.ac.uk> Message-ID: <36E52F3A.959DEABD@eng.auburn.edu> Mike Brodbelt wrote: > > I'm aware that Samba can make drivers available for auto > download to NT clients, Nope. Pn;y supported currently for Windows 9x clients. > but I'd very much like to be able to use the NT model where > the driver is simple installed on the server. Samba will not support the EMF format for printing. Only raw. Reason being is that it would reqire rewriting all the NT printer drivers to run on UNIX. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From Chad.Campbell at innovision.com Tue Mar 9 14:27:48 1999 From: Chad.Campbell at innovision.com (Chad Campbell) Date: Tue Dec 2 02:25:42 2003 Subject: Strange file deletion problem References: <36E52DE2.F6671065@innovision.com> Message-ID: <36E52FE4.33E603CB@innovision.com> > We're observing a strange problem when trying to delete 226 files out of > a directory that is 7 levels deep. Each time we do "del *.*" in the > command window, most of the files are deleted, and the rest report "The > system cannot find the file specified." The number of errors correspond > to the number of files not deleted, but the files reported as not being > found do not correspond to the files that weren't deleted. This occurs > exactly the same way each time. On the first pass, all but 35 files are > deleted, on the second all but 9 are deleted, and then the third pass > deletes the rest. Also, the same files are involved each time. We > successfully deleted all 226 files using Windows NT explorer with no > noticeable errors. We're running Samba 2.0.0 with the file truncation > patch on an Ultra 2 running Solaris 7 in 64 bit mode. The NT client is > 4.0 with SP4/128 bit. Hmm - I suppose a question would have been in order - how about the general - What the hell is this??? :) Thanks again, Chad From cord at MOS.OWL-Online.DE Tue Mar 9 16:51:37 1999 From: cord at MOS.OWL-Online.DE (Cord-H. Fricke) Date: Tue Dec 2 02:25:42 2003 Subject: Configure Message-ID: <36E55199.2BF54210@mos.owl-online.de> Hi guys, I?m very new in Samba and NT4.0. I need help for configuring the smb.conf file and the NT-Clients. I don?t know what I have to do. Thank you Regards Cord From adam.w.cabler at lmco.com Tue Mar 9 16:10:06 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:42 2003 Subject: Encryption Not Enabled - Bug? Message-ID: I am still having trouble trying to get my server thats acting as a PDC to respod properly. One of the more confusing error messages that I have encountered was when I was adding a machine o smbpasswd with smbpasswd. I used the -a -m option and samba told me that "Encryption was not enabled in the makefile." I am not using the CVS branch, however. I would also like to know about samba cvs in general, particularly if CVS is just more updated since 2.0.3, or if it is just different. Also, do I have to use the cvs release if I am expecting to use samba as a PDC? Some co-workers have just returned from LinuxWorld where they met with some of the samba developers. After speaking with them, they were given the impression that the production release is sufficient for PDC operatoin. Just wondering if this is accurate with anyone else's experience. thanks, adam From jallison at cthulhu.engr.sgi.com Tue Mar 9 17:54:26 1999 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:25:43 2003 Subject: PDC with 2.0.3 Message-ID: <36E56052.CD8F1462@engr.sgi.com> Hi all, Now I *know* we say we're not supporting PDC with 2.0.3 and I'm not trying to change that, but... :-). I know that 2.0.3 broke people who were using 2.0.2 as a PDC, and I'm really sorry about that. I'm so sorry, in fact, that here is a patch for 2.0.3 that will restore the (unsupported) PDC authentication functionality to 2.0.3. This code will be in 2.0.4 and I'll try not to break this again. The actual problem was the ignoring of our standard little-endian functions in the 'hack' unicode module (I'm not naming names here :-) with the result that it would only work on little-endian machines. Hope this helps, Jeremy Allison, Samba Team. Patch follows : Index: lib/util_unistr.c =================================================================== RCS file: /data/cvs/samba/source/lib/util_unistr.c,v retrieving revision 1.3.2.1 diff -u -r1.3.2.1 util_unistr.c --- util_unistr.c 1999/02/08 21:09:18 1.3.2.1 +++ util_unistr.c 1999/03/09 17:43:40 @@ -73,7 +73,7 @@ for (p = lbuf; *src && p-lbuf < MAXUNI-2 && len > 0; len--, src++) { - *p++ = (*src & 0xff); + *p++ = (SVAL(src,0) & 0xff); } *p = 0; @@ -97,7 +97,7 @@ for (p = lbuf; *src && p-lbuf < MAXUNI-2; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -119,7 +119,7 @@ for (p = lbuf; *src && p-lbuf < max_size; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -157,7 +157,7 @@ for (p = lbuf; *src && p-lbuf < max_size; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -185,7 +185,7 @@ } else { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } } @@ -234,7 +234,7 @@ for (p = lbuf; *buf && p-lbuf < MAXUNI-2; p++, buf += 2) { - *p = *buf; + *p = (SVAL(buf,0) & 0xff); } *p = 0; return lbuf; -----------------------------end patch------------------------ -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From adam.w.cabler at lmco.com Tue Mar 9 22:34:12 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:43 2003 Subject: PDC with 2.0.3 Message-ID: Jeremy, I really appreciate the patch, since now I feel better about exactly why my pdc stopped working, but I am having trouble getting it to work. I am getting an "ERROR:Malformed patch at line 36" when applying both the sgi and gnu patch to this file. Is it me or is it the file? adam -----Original Message----- From: Jeremy Allison [mailto:jallison@cthulhu.engr.sgi.com] Sent: Tuesday, March 09, 1999 3:10 PM To: Multiple recipients of list Subject: PDC with 2.0.3 Hi all, Now I *know* we say we're not supporting PDC with 2.0.3 and I'm not trying to change that, but... :-). I know that 2.0.3 broke people who were using 2.0.2 as a PDC, and I'm really sorry about that. I'm so sorry, in fact, that here is a patch for 2.0.3 that will restore the (unsupported) PDC authentication functionality to 2.0.3. This code will be in 2.0.4 and I'll try not to break this again. The actual problem was the ignoring of our standard little-endian functions in the 'hack' unicode module (I'm not naming names here :-) with the result that it would only work on little-endian machines. Hope this helps, Jeremy Allison, Samba Team. Patch follows : Index: lib/util_unistr.c =================================================================== RCS file: /data/cvs/samba/source/lib/util_unistr.c,v retrieving revision 1.3.2.1 diff -u -r1.3.2.1 util_unistr.c --- util_unistr.c 1999/02/08 21:09:18 1.3.2.1 +++ util_unistr.c 1999/03/09 17:43:40 @@ -73,7 +73,7 @@ for (p = lbuf; *src && p-lbuf < MAXUNI-2 && len > 0; len--, src++) { - *p++ = (*src & 0xff); + *p++ = (SVAL(src,0) & 0xff); } *p = 0; @@ -97,7 +97,7 @@ for (p = lbuf; *src && p-lbuf < MAXUNI-2; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -119,7 +119,7 @@ for (p = lbuf; *src && p-lbuf < max_size; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -157,7 +157,7 @@ for (p = lbuf; *src && p-lbuf < max_size; p++, src++) { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } *p = 0; @@ -185,7 +185,7 @@ } else { - *p = (*src & 0xff); + *p = (SVAL(src,0) & 0xff); } } @@ -234,7 +234,7 @@ for (p = lbuf; *buf && p-lbuf < MAXUNI-2; p++, buf += 2) { - *p = *buf; + *p = (SVAL(buf,0) & 0xff); } *p = 0; return lbuf; -----------------------------end patch------------------------ -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at switchboard.net Tue Mar 9 23:21:03 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:43 2003 Subject: PDC with 2.0.3 In-Reply-To: <36E56052.CD8F1462@engr.sgi.com> Message-ID: > The actual problem was the ignoring of our standard > little-endian functions in the 'hack' unicode module > (I'm not naming names here :-) with the result that > it would only work on little-endian machines. matt's fixed this cleanly in cvs-main. it took a little time, bouncing back-and-forth :-) From cartegw at Eng.Auburn.EDU Wed Mar 10 02:27:04 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:43 2003 Subject: Encryption Not Enabled - Bug? References: Message-ID: <36E5D878.50034AAC@eng.auburn.edu> Cabler, Adam W wrote: > > I used the -a -m option and samba told me that "Encryption > was not enabled in the makefile." I am not using the > CVS branch, however. Sounds like an old version of Samba. > I would also like to know about samba cvs in general, > particularly if CVS is just more updated since 2.0.3, or > if it is just different. Adam, you should probably read the NT Domain FAQ linked off the main Samba site under the documentation section. It will answer a lot of questions. > Also, do I have to use the cvs release if I am expecting > to use samba as a PDC? Some co-workers have just returned from > LinuxWorld where they met with some of the samba > developers. After speaking with them, they were given the > impression that the production release is sufficient > for PDC operatoin. Just wondering if this is accurate > with anyone else's experience. The PDC support is not official in any release. It is only experiemental at the moment and really only should be tested using the CVS branch. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From Jean-Francois.Micouleau at dalalu.fr Wed Mar 10 14:05:48 1999 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:25:43 2003 Subject: Printer sharing with Samba In-Reply-To: <36E52B5F.AF788A39@acu.ac.uk> Message-ID: On Wed, 10 Mar 1999, Mike Brodbelt wrote: > When I install a printer on an NT machine, and share that printer, I can > elect for other machines attaching to that printer to use the driver on > the machine hosting the printer. This obviates the need to install local > printer drivers everywhere, and is generally pretty useful. It's not totally true. The drivers are downloaded automagically the first time you connect to the printer. Is this > functionality present in Samba yet? I'm aware that Samba can make > drivers available for auto download to NT clients, but I'd very much > like to be able to use the NT model where the driver is simple installed > on the server. Nope that's not available for NT yet. > This may not be possible - would this require Samba to be able to > execute an NT driver image, but I'd be interested to know either whether > it already works, or that it's never likely to.... That will. J.F. From greg at discreet.com Wed Mar 10 14:22:13 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:43 2003 Subject: FW: now that I can login again... Message-ID: usrmgr -> "A device attached to the system is not functioning". I know this was fixed at least once. As always this happens with the latest CVS. See I knew you would be sorry you fixed that login problem ;-) Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From whn at topelo.lopi.com Wed Mar 10 14:35:04 1999 From: whn at topelo.lopi.com (Bill Nugent) Date: Tue Dec 2 02:25:43 2003 Subject: Configure In-Reply-To: Your message of Wed, 10 Mar 1999 02:50:53 +1100. <36E55199.2BF54210@mos.owl-online.de> Message-ID: <19990310143505.547.qmail@topelo.lopi.com> Cord, Given the fact that you are new to Samba and NT means you have a very steep learning curve in front of you so expect it to take a while for you to educate yourself. The place to start is by reading the documentation. In the distribution there should be a directory called 'docs' - I suggest you read all the files. Read all the man pages. It would also be helpful to read all the online documentation http://de.samba.org/samba/docs/ - pay close attention to the documentation on smb.conf since this explains the configuration file. You will probably find you need to read all of these files two or three times. If you are having trouble getting you system to work then I suggest you work through all the steps - in order - in the file DIAGNOIS.txt. Bill On Wednesday, Mar 10 1999 at 02:50:53, "Cord-H. Fricke" wrote: >Hi guys, > >I?m very new in Samba and NT4.0. >I need help for configuring the smb.conf file and the NT-Clients. >I don?t know what I have to do. >Thank you > >Regards > >Cord > From ink at inconnu.isu.edu Wed Mar 10 16:50:16 1999 From: ink at inconnu.isu.edu (Craig Kelley) Date: Tue Dec 2 02:25:43 2003 Subject: SAMBA-NTDOM digest 694 In-Reply-To: <19990310021528Z12854949-3608+19501@samba.anu.edu.au> Message-ID: On Wed, 10 Mar 1999 samba-ntdom@samba.org wrote: > Date: Tue, 09 Mar 1999 08:19:14 -0600 > From: Chad Campbell > To: Samba List , samba-ntdom@samba.org > Subject: Strange file deletion problem > Message-ID: <36E52DE2.F6671065@innovision.com> > > We're observing a strange problem when trying to delete 226 files out of > a directory that is 7 levels deep. Each time we do "del *.*" in the > command window, most of the files are deleted, and the rest report "The > system cannot find the file specified." The number of errors correspond > to the number of files not deleted, but the files reported as not being > found do not correspond to the files that weren't deleted. This occurs > exactly the same way each time. On the first pass, all but 35 files are > deleted, on the second all but 9 are deleted, and then the third pass > deletes the rest. Also, the same files are involved each time. We > successfully deleted all 226 files using Windows NT explorer with no > noticeable errors. We're running Samba 2.0.0 with the file truncation > patch on an Ultra 2 running Solaris 7 in 64 bit mode. The NT client is > 4.0 with SP4/128 bit. We notice the same problem on our Samba-1.9 production machines (hey, they work fine so why should we upgrade?). -Craig From lkcl at switchboard.net Wed Mar 10 17:02:56 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:43 2003 Subject: problem with latest CVS In-Reply-To: Message-ID: On Tue, 9 Mar 1999, Greg Dickie wrote: > > Here's a silly one: > > On friday I did a password change test, it worked but it put the following in > smbpasswd: > > greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U > ]:LCT-36DE76A3: > > now when I try to log-in I get a segmentation violation because of the > following: > > > (dbx) list 531 > * 531 if (memcmp(smb_pass->smb_passwd , lm_pwd, 16) != 0 && > 532 memcmp(smb_pass->smb_nt_passwd, nt_pwd, 16) != 0) > 533 { > 534 status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD; > 535 } ta greg. From walter at inf.ethz.ch Wed Mar 10 17:48:31 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:43 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <199903101748.SAA09927@akane.inf.ethz.ch> Hi, I have downloaded the current NT Domain Controller source today. I managed to get it to work as a PDC according to the NTDOM FAQ and could join a NT4 workstation with SP4 to the domain of the Samba PDC. However when I try to log on to the domain as a user I get a dialog containing this message: The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect. I can log in as that user on the Samba PDC when using smbclient. I had a look at the logfile with debug level set to 20 and found this only few lines before the end of the log file (seemingly what caused NT to abort the login): [1999/03/10 18:14:57, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(387) search for pipe pnum=7004 [1999/03/10 18:14:57, 1] smbd/ipc.c:api_fd_reply(3280) api_fd_reply: INVALID PIPE HANDLE: 7004 [1999/03/10 18:14:57, 3] smbd/ipc.c:api_no_reply(3198) Unsupported API fd command If I 'grep' the log file for 7004 I get this: Opened pipe NETLOGON with handle 7004 (pipes_open=1) open pipes: name NETLOGON pnum=7004 smb_vwv[15]=28676 (0x7004) search for pipe pnum=7004 pipe name NETLOGON pnum=7004 (pipes_open=1) Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 file_offset: 1024 smb_vwv[15]=28676 (0x7004) search for pipe pnum=7004 pipe name NETLOGON pnum=7004 (pipes_open=1) Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 file_offset: 1024 smb_vwv[15]=28676 (0x7004) search for pipe pnum=7004 pipe name NETLOGON pnum=7004 (pipes_open=1) Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 file_offset: 1024 smb_vwv[15]=28676 (0x7004) search for pipe pnum=7004 pipe name NETLOGON pnum=7004 (pipes_open=1) Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 file_offset: 1024 smb_vwv[15]=28676 (0x7004) search for pipe pnum=7004 api_fd_reply: INVALID PIPE HANDLE: 7004 To me it seems the pipe 7004 was opened (never closed) and got lost somewhere. Or I have messed up smb.conf somewhere which is also quite possible. :) Here are the relevant lines of my smb.conf Ssamba runs on Solaris 2.6 at my site): ; --- snip [global] lock directory = /var/local/samba/locks smb passwd file = /var/local/samba/private/smbpasswd debug level = 20 debug timestamp = yes max log size = 5000 character set = ISO8859-1 client code page = 850 create mask = 744 force create mode = 400 directory mask = 755 force directory mode = 500 delete readonly = yes delete veto files = no map archive = no map system = no map hidden = no os level = 65 dns proxy = no domain logons = yes domain master = yes local master = yes preferred master = yes server string = SAMBA on %h workgroup = SAMBA encrypt passwords = yes revalidate = yes security = user guest account = smbguest invalid users = root daemon bin sys adm lp smtp uucp nuucp listen nobody noaccess nobody4 socket options = SO_KEEPALIVE TCP_NODELAY deadtime = 5 getwd cache = yes wide links = no default service = homes logon drive = h: logon home = "\\%N\%U" logon path = "\\%N\%U\NTprofile\profile.pds" logon script = "setup.cmd" wins support = no [netlogon] path = /var/local/samba/netlogon/ writeable = no guest ok = no [homes] comment = Your Home Directory writeable = yes ; --- snip 'setup.cmd' currently only contains a CRLF. Any idea if this is a bug or a fault in my configuration? I have dug myself through the mailing list archive and documentation but didn't find any related information. Complete log information is available on demand. Best regards, Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From lkcl at switchboard.net Wed Mar 10 19:07:59 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:43 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903101748.SAA09927@akane.inf.ethz.ch> Message-ID: check for a crash further up in the log file. On Thu, 11 Mar 1999, Stefan Walter wrote: > > Hi, > > I have downloaded the current NT Domain Controller source today. I > managed to get it to work as a PDC according to the NTDOM FAQ and could > join a NT4 workstation with SP4 to the domain of the Samba PDC. > > However when I try to log on to the domain as a user I get a dialog > containing this message: > > The system cannot log you on to this domain because the system's computer > account in its primary domain is missing or the password on that account > is incorrect. > > I can log in as that user on the Samba PDC when using smbclient. > I had a look at the logfile with debug level set to 20 and found this > only few lines before the end of the log file (seemingly what caused NT to > abort the login): > > [1999/03/10 18:14:57, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(387) > search for pipe pnum=7004 > [1999/03/10 18:14:57, 1] smbd/ipc.c:api_fd_reply(3280) > api_fd_reply: INVALID PIPE HANDLE: 7004 > [1999/03/10 18:14:57, 3] smbd/ipc.c:api_no_reply(3198) > Unsupported API fd command > > If I 'grep' the log file for 7004 I get this: > > Opened pipe NETLOGON with handle 7004 (pipes_open=1) > open pipes: name NETLOGON pnum=7004 > smb_vwv[15]=28676 (0x7004) > search for pipe pnum=7004 > pipe name NETLOGON pnum=7004 (pipes_open=1) > Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 > file_offset: 1024 > smb_vwv[15]=28676 (0x7004) > search for pipe pnum=7004 > pipe name NETLOGON pnum=7004 (pipes_open=1) > Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 > file_offset: 1024 > smb_vwv[15]=28676 (0x7004) > search for pipe pnum=7004 > pipe name NETLOGON pnum=7004 (pipes_open=1) > Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 > file_offset: 1024 > smb_vwv[15]=28676 (0x7004) > search for pipe pnum=7004 > pipe name NETLOGON pnum=7004 (pipes_open=1) > Got API command 0x26 on pipe "NETLOGON" (pnum 7004)api_fd_reply: p:123b18 > file_offset: 1024 > smb_vwv[15]=28676 (0x7004) > search for pipe pnum=7004 > api_fd_reply: INVALID PIPE HANDLE: 7004 > > To me it seems the pipe 7004 was opened (never closed) and got lost somewhere. > Or I have messed up smb.conf somewhere which is also quite possible. :) Here > are > the relevant lines of my smb.conf Ssamba runs on Solaris 2.6 at my site): > > ; --- snip > [global] > lock directory = /var/local/samba/locks > smb passwd file = /var/local/samba/private/smbpasswd > > debug level = 20 > debug timestamp = yes > max log size = 5000 > > character set = ISO8859-1 > client code page = 850 > > create mask = 744 > force create mode = 400 > directory mask = 755 > force directory mode = 500 > delete readonly = yes > delete veto files = no > map archive = no > map system = no > map hidden = no > > os level = 65 > dns proxy = no > domain logons = yes > domain master = yes > local master = yes > preferred master = yes > > server string = SAMBA on %h > workgroup = SAMBA > > encrypt passwords = yes > revalidate = yes > security = user > guest account = smbguest > invalid users = root daemon bin sys adm lp smtp uucp nuucp listen nobody > noaccess nobody4 > > socket options = SO_KEEPALIVE TCP_NODELAY > > deadtime = 5 > getwd cache = yes > wide links = no > default service = homes > > logon drive = h: > logon home = "\\%N\%U" > logon path = "\\%N\%U\NTprofile\profile.pds" > logon script = "setup.cmd" > > wins support = no > > [netlogon] > path = /var/local/samba/netlogon/ > writeable = no > guest ok = no > > [homes] > comment = Your Home Directory > writeable = yes > ; --- snip > > 'setup.cmd' currently only contains a CRLF. > > Any idea if this is a bug or a fault in my configuration? I have dug myself > through the mailing list archive and documentation but didn't find any > related information. Complete log information is available on demand. > > Best regards, > > Stefan > > -- > Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From urs at vis.ethz.ch Wed Mar 10 19:08:23 1999 From: urs at vis.ethz.ch (Urs Steiner) Date: Tue Dec 2 02:25:44 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <010101be6b29$5e90ed60$0300a8c0@noway.maximilianeum.ch> hi Stefan nice to see you use samba at the ETHZ :) >I have downloaded the current NT Domain Controller source today. I >managed to get it to work as a PDC according to the NTDOM FAQ and could >join a NT4 workstation with SP4 to the domain of the Samba PDC. > >However when I try to log on to the domain as a user I get a dialog >containing this message: > > The system cannot log you on to this domain because the system's computer > account in its primary domain is missing or the password on that account > is incorrect. did you a smbpasswd -a -m machinename? you should have a line in your smbpasswd file like this: noway$:1000:53B5EDC2147175CDC6774256E8D7F4CC:53B5EDC2147175CDC6774256E8D7F4C C:[W ]:LCT-362C56A8: where noway is the name of your workstation ... (there should also be a "user" noway$ in your /etc/passwd because otherwise you can't smbpasswd -a -m machinename ...) Urs -- mail: urs [dot] steiner [at] switzerland [dot] org http://www.vis.ethz.ch/~urs/ phone: 01/261 57 26 1/666 - reciprocal of the beast From walter at inf.ethz.ch Wed Mar 10 20:38:50 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:44 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <199903102038.VAA10309@akane.inf.ethz.ch> > check for a crash further up in the log file. I couldn't find anything that looked like a crash in the log files of smbd and nmbd. I only found [1999/03/10 18:19:57, 3] smbd/server.c:exit_server(431) Server exit (normal exit) at the very end of the failed logon attempt, after the invalid pipe error. Any hint for a keyword to look out for in the log files? I can attempt another logon with debug level 99 tomorrow to get some more output. If you like to, I can make the whole logfile available to you. - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From walter at inf.ethz.ch Wed Mar 10 20:41:23 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:44 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <199903102041.VAA10327@akane.inf.ethz.ch> >hi Stefan >nice to see you use samba at the ETHZ :) We are going to use samba for file sharing anyway for the NT workstations in the student labs. I would like to have at least the personal student accounts managed by a samba PDC to keep passwords in sync with the UNIX workstations and because it will be definitely easier to manage for ous. :) [snip] >> The system cannot log you on to this domain because the system's computer >> account in its primary domain is missing or the password on that account >> is incorrect. >did you a smbpasswd -a -m machinename? >you should have a line in your smbpasswd file like this: >noway$:1000:53B5EDC2147175CDC6774256E8D7F4CC:53B5EDC2147175CDC6774256E8D7F4C >C:[W ]:LCT-362C56A8: > >where noway is the name of your workstation ... >(there should also be a "user" noway$ in your /etc/passwd because otherwise >you can't smbpasswd -a -m machinename ...) Yes, this was set up correctly as the NT workstation I used for tests could join the 'SAMBA' domain of the samba server. I got the "Welcome to the SAMBA domain" message and rebooted the workstation. When I now try to log in with an account to the SAMBA domain, it fails. I have verified that the initial password that was created by 'smbpasswd -a -m machinename' got changed after the domain was joined. It did. >Urs - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From lkcl at switchboard.net Wed Mar 10 20:53:13 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:45 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903102038.VAA10309@akane.inf.ethz.ch> Message-ID: On Wed, 10 Mar 1999, Stefan Walter wrote: > > > check for a crash further up in the log file. > > I couldn't find anything that looked like a crash in the log files of > smbd and nmbd. I only found > > [1999/03/10 18:19:57, 3] smbd/server.c:exit_server(431) > Server exit (normal exit) > > at the very end of the failed logon attempt, after the invalid pipe > error. Any hint for a keyword to look out for in the log files? "fault.c". INTERNAL ERROR. you definitely have one else you wouldn't get "INVALID PIPE HANDLE", due to an smbd closing on you (which maintains state) and in NT the SMB layer is just an intermediary to the RPC layer. in nt, if an SMB file handle is open the client-layer thinks it _Stays_ open even if the server drops the connection. which is a bit dumb. > I can attempt another logon with debug level 99 tomorrow to get some > more output. If you like to, I can make the whole logfile available > to you. just the INTERNAL error bit. or if you see a core file, do a gdb and a "where" on it, which would be even better. From urs.steiner at switzerland.org Wed Mar 10 21:06:09 1999 From: urs.steiner at switzerland.org (Urs Steiner) Date: Tue Dec 2 02:25:45 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <01ae01be6b39$d27da4b0$0300a8c0@noway.maximilianeum.ch> hi Stefan >>nice to see you use samba at the ETHZ :) >We are going to use samba for file sharing anyway for the NT workstations >in the student labs. I would like to have at least the personal student >accounts managed by a samba PDC to keep passwords in sync with the >UNIX workstations and because it will be definitely easier to manage forus.:) i thought so when i saw this message, have fun with samba :) >[snip] >>> The system cannot log you on to this domain because the system's computer >>> account in its primary domain is missing or the password on that account >>> is incorrect. >>you should have a line in your smbpasswd file like this: >>noway$:1000:53B5EDC2147175CDC6774256E8D7F4CC:53B5EDC2147175CDC6774256E8D7F 4C >>C:[W ]:LCT-362C56A8: ^ check again if there is only a "W" there, sometimes the password changing also changed the flags there on my server IIRC :( Urs -- mail: urs [dot] steiner [at] switzerland [dot] org http://www.vis.ethz.ch/~urs/ phone: 01/261 57 26 "50% off all spiked boots at the Kahless shoe source!" From walter at inf.ethz.ch Wed Mar 10 21:51:26 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:45 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <199903102151.WAA10585@akane.inf.ethz.ch> >"fault.c". INTERNAL ERROR. you definitely have one else you wouldn't get >"INVALID PIPE HANDLE", due to an smbd closing on you (which maintains >state) and in NT the SMB layer is just an intermediary to the RPC layer. >in nt, if an SMB file handle is open the client-layer thinks it _Stays_ >open even if the server drops the connection. which is a bit dumb. Ouch, found it: 4156 lookupsmbgrpnam: unix user group cocoon 4157 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbgrpgid(1270) 4158 lookupsmbgrpgid: unix gid 10014 4159 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbpwnam(886) 4160 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(40) 4161 =============================================================== 4162 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(41) 4163 INTERNAL ERROR: Signal 11 in pid 12868 (2.1.0-prealpha) 4164 Please read the file BUGS.txt in the distribution 4165 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(43) 4166 =============================================================== 4167 [1999/03/10 18:14:49, 0] lib/util.c:smb_panic(2538) 4168 PANIC: internal error I will try to get some more information why smbd gets a SIGSEGV there as recommended in "BUGS.txt". I'll report back tomorrow. Thanks for telling me what to look out for! ^^ - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From greg at discreet.com Wed Mar 10 22:00:19 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:45 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903102151.WAA10585@akane.inf.ethz.ch> Message-ID: Hmmm this looks suspiciously like the problem I was having UNTIL the evening of March 9th when Luke fixed the group mapping code for me. Since the timing is so close could you possibly do an cvs update and see if it still happens? If it does I can tell you step by step how to find the problem since I just went through it. Thanks, Greg On 10-Mar-99 Stefan Walter wrote: > >>"fault.c". INTERNAL ERROR. you definitely have one else you wouldn't get >>"INVALID PIPE HANDLE", due to an smbd closing on you (which maintains >>state) and in NT the SMB layer is just an intermediary to the RPC layer. >>in nt, if an SMB file handle is open the client-layer thinks it _Stays_ >>open even if the server drops the connection. which is a bit dumb. > > Ouch, found it: > > 4156 lookupsmbgrpnam: unix user group cocoon > 4157 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbgrpgid(1270) > 4158 lookupsmbgrpgid: unix gid 10014 > 4159 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbpwnam(886) > 4160 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(40) > 4161 =============================================================== > 4162 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(41) > 4163 INTERNAL ERROR: Signal 11 in pid 12868 (2.1.0-prealpha) > 4164 Please read the file BUGS.txt in the distribution > 4165 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(43) > 4166 =============================================================== > 4167 [1999/03/10 18:14:49, 0] lib/util.c:smb_panic(2538) > 4168 PANIC: internal error > > I will try to get some more information why smbd gets a SIGSEGV there > as recommended in "BUGS.txt". I'll report back tomorrow. > > Thanks for telling me what to look out for! ^^ > > - Stefan > > -- > Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From jens at pr-schmidt.h.uunet.de Wed Mar 10 19:06:22 1999 From: jens at pr-schmidt.h.uunet.de (Jens-Uwe Schmidt) Date: Tue Dec 2 02:25:45 2003 Subject: PDC with 2.0.3 References: <36E56052.CD8F1462@engr.sgi.com> Message-ID: <36E6C2AE.D5EFCE81@pr-schmidt.h.uunet.de> Hi all, Jeremy Allison wrote: > > Hi all, > > Now I *know* we say we're not supporting PDC with > 2.0.3 and I'm not trying to change that, but... :-). You mean acting like a PDC don't work; using the M$-Box for pwd-auth should, doesn't it? > I know that 2.0.3 broke people who were using 2.0.2 as > a PDC, and I'm really sorry about that. > > I'm so sorry, in fact, that here is a patch for 2.0.3 > that will restore the (unsupported) PDC authentication > functionality to 2.0.3. This code will be in 2.0.4 and > I'll try not to break this again. > > The actual problem was the ignoring of our standard > little-endian functions in the 'hack' unicode module > (I'm not naming names here :-) with the result that > it would only work on little-endian machines. > > Hope this helps, > > Jeremy Allison, > Samba Team. > ...patch deleted.... Do I get this right that the user authentication against a NT-PDC won't work with 2.0.3? I'm just busy writing an Article 'bout the changes 1.X --> 2.0.X and tomorrow I'll setup some Boxes to figure exactly this out. Better downgrading to 2.0.2? Cheers jus -- Jens-Uwe Schmidt | jens@pr-schmidt.h.uunet.de Bonifatiusplatz 3 | Tel 0511/6966745 30161 Hannover | Fax 0511/697004 Microsoft spel chekar vor sail, worgs grate !! From cartegw at Eng.Auburn.EDU Wed Mar 10 23:14:33 1999 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:25:45 2003 Subject: PDC with 2.0.3 In-Reply-To: <36E6C2AE.D5EFCE81@pr-schmidt.h.uunet.de> Message-ID: On Thu, 11 Mar 1999, Jens-Uwe Schmidt wrote: > Do I get this right that the user authentication against a NT-PDC won't > work with 2.0.3? > I'm just busy writing an Article 'bout the changes 1.X --> 2.0.X and > tomorrow I'll setup some Boxes to figure exactly this out. > Better downgrading to 2.0.2? security = domain works. Using Samba 2.0.3 as a PDC is not supported. Hope this helps, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From jallison at cthulhu.engr.sgi.com Wed Mar 10 23:16:24 1999 From: jallison at cthulhu.engr.sgi.com (Jeremy Allison) Date: Tue Dec 2 02:25:45 2003 Subject: PDC with 2.0.3 References: <36E56052.CD8F1462@engr.sgi.com> <36E6C2AE.D5EFCE81@pr-schmidt.h.uunet.de> Message-ID: <36E6FD48.256A90CA@engr.sgi.com> Jens-Uwe Schmidt wrote: > You mean acting like a PDC don't work; using the M$-Box for pwd-auth > should, doesn't it? > Yes. Acting as a domain client works fine. > ...patch deleted.... > > Do I get this right that the user authentication against a NT-PDC won't > work with 2.0.3? > I'm just busy writing an Article 'bout the changes 1.X --> 2.0.X and > tomorrow I'll setup some Boxes to figure exactly this out. > Better downgrading to 2.0.2? No, you misunderstood. User authentication against a NT-PDC works *fine* with 2.0.3. It's 2.0.3 acting as a PDC that didn't work. Regards, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From walter at inf.ethz.ch Thu Mar 11 11:37:44 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:46 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: Your message of "Thu, 11 Mar 1999 09:01:37 +1100." Message-ID: <199903111137.MAA14714@akane.inf.ethz.ch> > > Hmmm this looks suspiciously like the problem I was having UNTIL the evening of > March 9th when Luke fixed the group mapping code for me. Since the timing is so > close could you possibly do an cvs update and see if it still happens? If it > does I can tell you step by step how to find the problem since I just went > through it. I did a cvs update this morning and the problem didn't go away. It *did* go away when I cleaned out the /etc/group file and the NIS table to only contain the very essential. After that the login worked like a charm. :) I will try to figure out what needs to be removed from the original /etc/group file so that things work. However if you could tell me what your solution was I'd be glad. Thanks a lot! - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From greg at discreet.com Thu Mar 11 13:28:30 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:46 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <001901be6bc3$0dcf8090$343ca8c0@bellatrix.rd.discreet.qc.ca> I hope the change I asked Luke to make is not causing your problem. I believe it is a memory corruption problem, in order to find it do the following. This will depend on the kind of system you are using but try this, assuming you are the only one trying to log onto the PDC. There should be only 1 or 2 smbd processes running, if there is 1 then hitting Ctrl-Alt-Del on your NT machine should start another one. For the process that is the child of the other smbd run dbx -p and try to log in. Hit return in dbx as it will stop when it it receives the SIGSEV. At this point do a where and post the results here. Hope this helps, Greg -----Original Message----- From: Stefan Walter To: greg@discreet.com Cc: samba-ntdom@samba.org ; walter@inf.ethz.ch Date: Thursday, March 11, 1999 8:17 AM Subject: Re: Domain logon problems with 10.Mar.99 CVS source >> >> Hmmm this looks suspiciously like the problem I was having UNTIL the evening of >> March 9th when Luke fixed the group mapping code for me. Since the timing is so >> close could you possibly do an cvs update and see if it still happens? If it >> does I can tell you step by step how to find the problem since I just went >> through it. > >I did a cvs update this morning and the problem didn't go away. It *did* go >away when >I cleaned out the /etc/group file and the NIS table to only contain the very >essential. >After that the login worked like a charm. :) > >I will try to figure out what needs to be removed from the original /etc/group >file >so that things work. However if you could tell me what your solution was I'd >be glad. > >Thanks a lot! > >- Stefan > >-- >Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland > > From walter at inf.ethz.ch Thu Mar 11 15:16:00 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:46 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: Your message of "Thu, 11 Mar 1999 08:28:30 EST." <001901be6bc3$0dcf8090$343ca8c0@bellatrix.rd.discreet.qc.ca> Message-ID: <199903111516.QAA15383@akane.inf.ethz.ch> > > I hope the change I asked Luke to make is not causing your problem. I > believe it is a memory corruption problem, in order to find it do the > following. This will depend on the kind of system you are using but try > this, assuming you are the only one trying to log onto the PDC. There should > be only 1 or 2 smbd processes running, if there is 1 then hitting > Ctrl-Alt-Del on your NT machine should start another one. For the process > that is the child of the other smbd run dbx -p and try to log in. Hit > return in dbx as it will stop when it it receives the SIGSEV. At this point > do a where and post the results here. Ok, did this: Program received signal SIGSEGV, Segmentation fault. 0xc4bb4 in Get_Pwnam () (gdb) where #0 0xc4bb4 in Get_Pwnam () #1 0xc29f0 in nametouid () #2 0xad7f0 in lookupsmbpwnam () #3 0xb1dc0 in get_unixgroup_members () #4 0xb2124 in getgrpunixpwent () #5 0xafddc in getgroupent () #6 0xafad0 in iterate_getusergroupsnam () #7 0xaffcc in getusergroupsntnam () #8 0x74878 in api_net_sam_logon () #9 0x7e714 in api_rpc_command () #10 0x7e810 in api_rpcTNP () #11 0x74c10 in api_netlog_rpc () #12 0x7e40c in api_pipe_request () #13 0x7e510 in rpc_command () #14 0x3c180 in api_fd_reply () #15 0x3c8f0 in named_pipe () #16 0x3d034 in reply_trans () #17 0x5aaf4 in switch_message () #18 0x5ab80 in construct_reply () #19 0x5ad3c in process_smb () #20 0x5b6c0 in smbd_process () #21 0x2c9bc in main () smbd is running on a Sparc 5 and compiled with GCC 2.8.1, the disassembly looks like this: (gdb) disassemble 0xc4b9c Dump of assembler code for function Get_Pwnam: 0xc4b9c : save %sp, -240, %sp 0xc4ba0 : call 0x6018c 0xc4ba4 : nop 0xc4ba8 : cmp %i0, 0 0xc4bac : be 0xc4cdc 0xc4bb0 : mov %o0, %l1 0xc4bb4 : ldsb [ %i0 ], %o0 0xc4bb8 : cmp %o0, 0 0xc4bbc : be 0xc4cdc 0xc4bc0 : add %fp, -144, %l0 0xc4bc4 : mov %l0, %o0 0xc4bc8 : mov %i0, %o1 0xc4bcc : call 0xc77d8 ... (gdb) disassemble 0xc29f0 Dump of assembler code for function nametouid: 0xc29e0 : save %sp, -112, %sp 0xc29e4 : mov %i0, %o0 0xc29e8 : call 0xc4b9c 0xc29ec : clr %o1 0xc29f0 : cmp %o0, 0 ... Some registers: o0 0x0 0 l0 0x0 0 l1 0x0 0 i0 0x6270727a 1651536506 Looks like i0 is incorrect and addressing memory at [%i0] causes the SIGSEGV: (gdb) x 0x6270727a 0x6270727a <_end+1650381810>: Cannot access memory at address 0x6270727a. Seems like a memory corruption to me too: 0> perl -e 'print "\x62\x70\x72\x7a\n";' bprz 0> ypcat group | fgrep bprz cocoon:*:10014:rys,wunderli,norrie,bprzydat,richwood,roehm Remember my logfile sniplet? > 4156 lookupsmbgrpnam: unix user group cocoon > 4157 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbgrpgid(1270) > 4158 lookupsmbgrpgid: unix gid 10014 > 4159 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbpwnam(886) > 4160 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(40) After some analysis I found out he wrong 'unix_name' originates from here: ... BOOL get_unixgroup_members(struct group *grp, int *num_mem, DOMAIN_GRP_MEMBER **members) { ... for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++) ^^^^^^^^^^^^^^^^^^^^^^^^^^ I'll try to locate the place where the memory gets corrupted but this will take some time as I'm not familiar with the code yet. Thanks so far! - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From Chad.Campbell at innovision.com Thu Mar 11 15:32:25 1999 From: Chad.Campbell at innovision.com (Chad Campbell) Date: Tue Dec 2 02:25:46 2003 Subject: ERROR:set_share_mode shmops->shm_alloc fail! Message-ID: <36E7E209.BD935859@innovision.com> We're getting lots of error messages like "ERROR:set_share_mode shmops->shm_alloc fail!" in our logs. I suspect this might be the root cause of lots of other problems we've been seeing - like the "del *.*" problem I reported a couple of days ago, and network installed software like Word closing without reporting any errors. These errors are always preceded by another error related to locking shmem_sysv.c. Here is one sequence: [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 132 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! I've attached a full log from this morning to give a broader view of what's going on. If anyone has some insight on this, let me know. We're running 2.0.0 on an Ultra 2 in Solaris 7. Thanks, Chad -- Chad Campbell Software Engineer, Innovision Corporation Chad.Campbell@innovision.com (913)226-8700 From Chad.Campbell at innovision.com Thu Mar 11 15:34:59 1999 From: Chad.Campbell at innovision.com (Chad Campbell) Date: Tue Dec 2 02:25:47 2003 Subject: ERROR:set_share_mode shmops->shm_alloc fail! References: <36E7E209.BD935859@innovision.com> Message-ID: <36E7E2A3.591FFCD1@innovision.com> DOH! Somehow I always seem to forget to attach files. Attached is the log I wrote about before. -------------- next part -------------- [1999/03/11 08:19:00, 1] smbd/service.c:make_connection(488) speedy (10.10.10.45) connect to service campbell as user campbell (uid=1006, gid=10) (pid 1344) [1999/03/11 08:19:00, 1] smbd/service.c:make_connection(488) speedy (10.10.10.45) connect to service public as user campbell (uid=1006, gid=10) (pid 1344) [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 132 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 124 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 125 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 124 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 123 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] smbd/nttrans.c:call_nt_transact_ioctl(1658) call_nt_transact_ioctl: Currently not implemented. [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 106 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 139 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 128 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 119 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 137 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 116 bytes failed [1999/03/11 08:19:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:01, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 108 bytes failed [1999/03/11 08:19:01, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:01, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 158 bytes failed [1999/03/11 08:19:01, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:02, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 125 bytes failed [1999/03/11 08:19:02, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:02, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 108 bytes failed [1999/03/11 08:19:02, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1922075 [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 542430 [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(285) PANIC ERROR:del_share_mode hash bucket 5 empty [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1922093 [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1922092 [1999/03/11 08:19:04, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1957071 [1999/03/11 08:19:08, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 115 bytes failed [1999/03/11 08:19:08, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:19:08, 0] locking/locking_shm.c:shm_del_share_mode(285) PANIC ERROR:del_share_mode hash bucket 5 empty [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 542423 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 2038530 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5597806 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5597102 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5597101 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5597810 [1999/03/11 08:19:42, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 542499 [1999/03/11 08:19:47, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1974548 [1999/03/11 08:19:47, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1042599 [1999/03/11 08:20:06, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 114 bytes failed [1999/03/11 08:20:06, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:20:06, 0] locking/locking_shm.c:shm_del_share_mode(285) PANIC ERROR:del_share_mode hash bucket 5 empty [1999/03/11 08:21:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:21:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:21:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:21:00, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:21:00, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:24:18, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 62 bytes failed [1999/03/11 08:24:18, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:24:23, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5830467 [1999/03/11 08:24:39, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 141 bytes failed [1999/03/11 08:24:39, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:24:46, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 62 bytes failed [1999/03/11 08:24:46, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:24:46, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5830467 [1999/03/11 08:24:46, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 62 bytes failed [1999/03/11 08:24:46, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:25:23, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 1817532 [1999/03/11 08:26:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:26:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:26:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:26:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:26:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:31:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:31:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:31:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:31:27, 0] locking/shmem_sysv.c:shm_alloc(214) ERROR shm_alloc : alloc of 101 bytes failed [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_set_share_mode(435) ERROR:set_share_mode shmops->shm_alloc fail! [1999/03/11 08:31:27, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 3121687 [1999/03/11 08:33:59, 0] locking/locking_shm.c:shm_del_share_mode(310) ERROR: del_share_mode no entry for dev 800010 inode 5830467 [1999/03/11 08:38:56, 1] smbd/service.c:close_cnum(514) speedy (10.10.10.45) closed connection to service public [1999/03/11 08:38:56, 1] smbd/service.c:close_cnum(514) speedy (10.10.10.45) closed connection to service campbell From lkcl at switchboard.net Thu Mar 11 18:32:25 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:47 2003 Subject: coding binge coming on. In-Reply-To: Message-ID: jean-francois just mentioned that people may be interested in rpcclient being able to view the event log. true or false? luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Thu Mar 11 18:57:00 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:47 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903111137.MAA14714@akane.inf.ethz.ch> Message-ID: probably name of user + name of group were the same. On Thu, 11 Mar 1999, Stefan Walter wrote: > > > > Hmmm this looks suspiciously like the problem I was having UNTIL the evening of > > March 9th when Luke fixed the group mapping code for me. Since the timing is so > > close could you possibly do an cvs update and see if it still happens? If it > > does I can tell you step by step how to find the problem since I just went > > through it. > > I did a cvs update this morning and the problem didn't go away. It *did* go > away when > I cleaned out the /etc/group file and the NIS table to only contain the very > essential. > After that the login worked like a charm. :) > > I will try to figure out what needs to be removed from the original /etc/group > file > so that things work. However if you could tell me what your solution was I'd > be glad. > > Thanks a lot! > > - Stefan > > -- > Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From cartegw at Eng.Auburn.EDU Thu Mar 11 19:01:10 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:47 2003 Subject: coding binge coming on. References: Message-ID: <36E812F6.DFB6D885@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > jean-francois just mentioned that people may be > interested in rpcclient being able to view the event > log. true or false? I'd vote yes. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Thu Mar 11 19:02:24 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:47 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903111516.QAA15383@akane.inf.ethz.ch> Message-ID: ok, pls recompile with -g -g. or do "./configure.developer"; make clean; make. but it looks like name is NULL, which don't wurk too well! On Fri, 12 Mar 1999, Stefan Walter wrote: > > > > I hope the change I asked Luke to make is not causing your problem. I > > believe it is a memory corruption problem, in order to find it do the > > following. This will depend on the kind of system you are using but try > > this, assuming you are the only one trying to log onto the PDC. There should > > be only 1 or 2 smbd processes running, if there is 1 then hitting > > Ctrl-Alt-Del on your NT machine should start another one. For the process > > that is the child of the other smbd run dbx -p and try to log in. Hit > > return in dbx as it will stop when it it receives the SIGSEV. At this point > > do a where and post the results here. > > Ok, did this: > > Program received signal SIGSEGV, Segmentation fault. > 0xc4bb4 in Get_Pwnam () > (gdb) where > #0 0xc4bb4 in Get_Pwnam () > #1 0xc29f0 in nametouid () > #2 0xad7f0 in lookupsmbpwnam () > #3 0xb1dc0 in get_unixgroup_members () > #4 0xb2124 in getgrpunixpwent () > #5 0xafddc in getgroupent () > #6 0xafad0 in iterate_getusergroupsnam () > #7 0xaffcc in getusergroupsntnam () > #8 0x74878 in api_net_sam_logon () > #9 0x7e714 in api_rpc_command () > #10 0x7e810 in api_rpcTNP () > #11 0x74c10 in api_netlog_rpc () > #12 0x7e40c in api_pipe_request () > #13 0x7e510 in rpc_command () > #14 0x3c180 in api_fd_reply () > #15 0x3c8f0 in named_pipe () > #16 0x3d034 in reply_trans () > #17 0x5aaf4 in switch_message () > #18 0x5ab80 in construct_reply () > #19 0x5ad3c in process_smb () > #20 0x5b6c0 in smbd_process () > #21 0x2c9bc in main () > > smbd is running on a Sparc 5 and compiled with GCC 2.8.1, the disassembly > looks like this: > > (gdb) disassemble 0xc4b9c > Dump of assembler code for function Get_Pwnam: > 0xc4b9c : save %sp, -240, %sp > 0xc4ba0 : call 0x6018c > 0xc4ba4 : nop > 0xc4ba8 : cmp %i0, 0 > 0xc4bac : be 0xc4cdc > 0xc4bb0 : mov %o0, %l1 > 0xc4bb4 : ldsb [ %i0 ], %o0 > 0xc4bb8 : cmp %o0, 0 > 0xc4bbc : be 0xc4cdc > 0xc4bc0 : add %fp, -144, %l0 > 0xc4bc4 : mov %l0, %o0 > 0xc4bc8 : mov %i0, %o1 > 0xc4bcc : call 0xc77d8 > .. > (gdb) disassemble 0xc29f0 > Dump of assembler code for function nametouid: > 0xc29e0 : save %sp, -112, %sp > 0xc29e4 : mov %i0, %o0 > 0xc29e8 : call 0xc4b9c > 0xc29ec : clr %o1 > 0xc29f0 : cmp %o0, 0 > .. > > Some registers: > > o0 0x0 0 > l0 0x0 0 > l1 0x0 0 > i0 0x6270727a 1651536506 > > Looks like i0 is incorrect and addressing memory at [%i0] causes the SIGSEGV: > > (gdb) x 0x6270727a > 0x6270727a <_end+1650381810>: Cannot access memory at address 0x6270727a. > > Seems like a memory corruption to me too: > > 0> perl -e 'print "\x62\x70\x72\x7a\n";' > bprz > 0> ypcat group | fgrep bprz > cocoon:*:10014:rys,wunderli,norrie,bprzydat,richwood,roehm > > Remember my logfile sniplet? > > > 4156 lookupsmbgrpnam: unix user group cocoon > > 4157 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbgrpgid(1270) > > 4158 lookupsmbgrpgid: unix gid 10014 > > 4159 [1999/03/10 18:14:49, 10] lib/domain_namemap.c:lookupsmbpwnam(886) > > 4160 [1999/03/10 18:14:49, 0] lib/fault.c:fault_report(40) > > After some analysis I found out he wrong 'unix_name' originates from here: > > .. > BOOL get_unixgroup_members(struct group *grp, > int *num_mem, DOMAIN_GRP_MEMBER **members) > { > ... > for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++) > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > I'll try to locate the place where the memory gets corrupted but this will take > some time as I'm not familiar with the code yet. > > Thanks so far! > > - Stefan > > -- > Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From jose at we.lc.ehu.es Thu Mar 11 19:04:07 1999 From: jose at we.lc.ehu.es (Jose M. Alcaide) Date: Tue Dec 2 02:25:47 2003 Subject: trust relationship between a Samba PDC and a WinNT PDC ? Message-ID: <36E813A7.754DC451@we.lc.ehu.es> I am new to this list; please accept my apologies if this question should be sent to another list. Also, I must say that I have little (and bad) experience with Windows/NT. I have just set up a Samba server (2.0.3) as a PDC. I can make NT workstations join the domain (let's call it SAMBA_DOM), and everything works fine. There are a number of NT workstations which are in another domain (NT_DOM) controlled by a Windows/NT PDC. What I want is that the users defined in SAMBA_DOM could log into that domain from any of the workstations which pertain to NT_DOM. In other words: add SAMBA_DOM to the domain menu which appears on the logon window. The administrator of the NT_DOM domain told me that we need to establish a "trust relationship" between my Samba PDC and the Windows/NT PDC. Can Samba do this? TIA, -- JMA ----------------------------------------------------------------------- Jose M. Alcaide | mailto:jose@we.lc.ehu.es Universidad del Pa?s Vasco | mailto:jmas@es.FreeBSD.ORG Dpto. de Electricidad y Electr?nica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Tel.: +34-946012479 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-944858139 ----------------------------------------------------------------------- "Go ahead... make my day." - H. Callahan From ng_f at hotmail.com Thu Mar 11 19:37:17 1999 From: ng_f at hotmail.com (Freddie Ng) Date: Tue Dec 2 02:25:47 2003 Subject: Set NT permissions & passwords sycronization Message-ID: <19990311193717.4922.qmail@hotmail.com> Hi all, The default user created by smbpasswd does not have the permission to write to any directory on an NT client. This causes many minor problems. I wish to give all users the permission to READ, WRITE, & EXECUTE in the C:\TEMP directory. How do I configure this on my UNIX PDC (in the smb.conf file)? Also, I remembered reading about a little utility called mksmbpasswd.sh which read in the /etc/passwd file and then create the SMB passwords. I couldn't seem to find this file. Where can I download it? Thanks! Fred Ng Get Your Private, Free Email at http://www.hotmail.com From todd at vp4.med.harvard.edu Thu Mar 11 21:47:10 1999 From: todd at vp4.med.harvard.edu (Todd M. Serulneck) Date: Tue Dec 2 02:25:47 2003 Subject: subscribe Message-ID: <36E839DE.8FE5E288@vp4.med.harvard.edu> subscribe -- Todd M. Serulneck Voice: (617) 432-4588 Computer Systems Manager Fax: (617) 738-4360 Department of BCMP Harvard Medical School 240 Longwood Avenue Boston, MA 02115 From cartegw at Eng.Auburn.EDU Thu Mar 11 21:56:56 1999 From: cartegw at Eng.Auburn.EDU (Gerald W. Carter) Date: Tue Dec 2 02:25:47 2003 Subject: trust relationship between a Samba PDC and a WinNT PDC ? In-Reply-To: <36E813A7.754DC451@we.lc.ehu.es> Message-ID: On Fri, 12 Mar 1999, Jose M. Alcaide wrote: > The administrator of the NT_DOM domain told me that we need to > establish a "trust relationship" between my Samba PDC and the > Windows/NT PDC. Can Samba do this? No. Not yet. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Fri Mar 12 05:53:08 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:48 2003 Subject: inter-domain trust account research Message-ID: [progress report] ok. not exactly sure what's going on here. i can establish a hacked version of an inter-domain trust relationship with an nt pdc. the trusting and trusted passwords are what are used in this, unmodified. however i seem to be getting "old password" stuff... eek, there appears to be some sort of "LsaChangeSecret" call happening and i bet that's what is causing me grief. ok, i need to re-examine my network traces between two nt pdcs... Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Fri Mar 12 06:27:10 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:48 2003 Subject: inter-domain trust account research In-Reply-To: Message-ID: OH YEAHH!!! done it. got an nt workstation to set up an inter-domain trust relationship between nt pdc and samba pdc. usrmgr | pol | trust | trusted-add: samba-domain, password is X. to support this on samba side, add an inter-domain trust account named after the NT PDC's *Domain* name with password X, ACB_DOMTRUST. you can expect to receive an SMBsesssetupX on NT_PDC'S_DOMAIN_NAME$ and you must respond with "NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT" error message. usrmgr | pol | trust | trusting-add: samba-domain, password is Y. to support this on samba side, add an inter-domain trust account named after the NT PDC's *NetBIOS* name with password Y, ACB_DOMTRUST. you can expect to receive \PIPE\NETLOGON NetrRequestChallenge; NetrAuthenticate2 of type 4 sec_channel; NT_PDC_NETBIOS_NAME$ and password Y is used to generate the session key. ok, i'll turn this into a real program later on, it's not documented and i need to update smbpasswd as well. server-side inter-domain trust relationships can expect to be in cvs main by next week. pass-through authentication from a workstation to a trusted domain controller, if necessary, within two. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From it-samba at computerbild.de Fri Mar 12 07:41:08 1999 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:25:48 2003 Subject: inter-domain trust account research Message-ID: <006601be6c5b$b3dd6f90$0500000a@omet-iklan.combi.de> great! thx a bunch, Ingo From hwu at www.fudan.edu.cn Fri Mar 12 10:02:23 1999 From: hwu at www.fudan.edu.cn (Wu Hui) Date: Tue Dec 2 02:25:48 2003 Subject: problem in samba nt pdc Message-ID: <006a01be6c6f$75317de0$9ee0a8c0@hwu.fudan.edu.cn> Hi All: I am a newbe in the samba. And I want to establish a samba as a PDC. But I meet some problems to do it. I wish somebody can help me. Thanks in advance. I get a file named samba_ntdom_faq.txt. I want to fellow the step in that file to establish a samba PDC. First I get the latest Samba Domain Controller source code by execute some commands as follows: cvs -d :pserver:cvs@samba.org:/cvsroot login when you are prompted for a password, enter 'cvs' without the quotes. cvs -d :pserver:cvs@samba.org:/cvsroot co samba Then, I get a directory named samba, and have src path in it. Second, I run the src/configure and make and make install The machine I used to run samba is a sun sparc, solaris 2.5.1 box. But when I run /usr/local/samba/bin/smbd -D, I get the follows: [1999/03/12 17:57:31, 1] smbd/server.c:main(604) smbd version 2.1.0-prealpha started. Copyright Andrew Tridgell 1992-1998 [1999/03/12 17:57:32, 1] smbd/files.c:file_init(219) file_init: Information only: requested 10000 open files, 1014 are available. [1999/03/12 17:57:32, 0] libsmb/clientgen.c:cli_connect_serverlist(2846) cli_connect_serverlist: Domain password server not available. [1999/03/12 17:57:32, 0] lib/sids.c:get_domain_sids(199) get_member_domain_sid: unable to initialise client connection. [1999/03/12 17:57:32, 0] smbd/server.c:main(676) ERROR: Samba cannot obtain PDC SID from PDC(s) . I don't know why domain password server not available? What's wrong with me? I really need you help. Thanks in advance. Wu Hui email: hwu@www.fudan.edu.cn or hwu@fudan.edu.cn Address: NiEC FuDan University ShangHai China http://www.fudan.edu.cn -------------- next part -------------- HTML attachment scrubbed and removed From walter at inf.ethz.ch Fri Mar 12 10:29:30 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:48 2003 Subject: problem in samba nt pdc In-Reply-To: Your message of "Fri, 12 Mar 1999 21:01:34 +1100." <006a01be6c6f$75317de0$9ee0a8c0@hwu.fudan.edu.cn> Message-ID: <199903121029.LAA21312@akane.inf.ethz.ch> > But when I run /usr/local/samba/bin/smbd -D, I get the follows: > > [1999/03/12 17:57:31, 1] smbd/server.c:main(604) > smbd version 2.1.0-prealpha started. > Copyright Andrew Tridgell 1992-1998 > [1999/03/12 17:57:32, 1] smbd/files.c:file_init(219) > file_init: Information only: requested 10000 open files, 1014 are = > available. > [1999/03/12 17:57:32, 0] libsmb/clientgen.c:cli_connect_serverlist(2846) > cli_connect_serverlist: Domain password server not available. Are you using 'security = user'? If not, give it a try. - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From greg at discreet.com Fri Mar 12 12:42:04 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:48 2003 Subject: latest CVS does not compile Message-ID: oops: Compiling smbd/password.c "smbd/password.c", line 1117: warning(1164): argument of type "unsigned char *" is incompatible with parameter of type "const char *" if(cli_nt_setup_creds(&cli, nt_pipe_fnum, trust_passwd) == False) { ^ "smbd/password.c", line 1117: error(1162): too few arguments in function call if(cli_nt_setup_creds(&cli, nt_pipe_fnum, trust_passwd) == False) { ^ 1 error detected in the compilation of "smbd/password.c". picky compilers ;-) Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From walter at inf.ethz.ch Fri Mar 12 14:33:16 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:48 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: Your message of "Thu, 11 Mar 1999 18:57:00 GMT." Message-ID: <199903121433.PAA22340@akane.inf.ethz.ch> > probably name of user + name of group were the same. Yes, that's true for several groups, here's one: 0> ypcat group | fgrep cocoon cocoon:*:10014:rys,wunderli,norrie,bprzydat,richwood,roehm inf:*:105:ammann,gonnet,monagan,bronstei,ye,wunderli,trunz,crippa,rys,relly,roo sli,foerster,kaufmann,schek,cocoon,hjs,loon,blott,norrie,luethi,raschle,william s,scheuerm,gragg,camenisc,server,simon,askoord,bickel,apalingi,galli,mmbueche,f axadm,phamquan,um,roehm,tomstr,aumbach Is this a problem? Many of the Solaris system groups also have a user with the same name: root, sys, lp, uucp,... . - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland -- Stefan Walter, Stabsoft From lkcl at switchboard.net Fri Mar 12 19:42:20 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:49 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903121433.PAA22340@akane.inf.ethz.ch> Message-ID: On Fri, 12 Mar 1999, Stefan Walter wrote: > > > probably name of user + name of group were the same. > > Yes, that's true for several groups, here's one: > > 0> ypcat group | fgrep cocoon > cocoon:*:10014:rys,wunderli,norrie,bprzydat,richwood,roehm > inf:*:105:ammann,gonnet,monagan,bronstei,ye,wunderli,trunz,crippa,rys,relly,roo > sli,foerster,kaufmann,schek,cocoon,hjs,loon,blott,norrie,luethi,raschle,william > s,scheuerm,gragg,camenisc,server,simon,askoord,bickel,apalingi,galli,mmbueche,f > axadm,phamquan,um,roehm,tomstr,aumbach > > Is this a problem? Many of the Solaris system groups also > have a user with the same name: root, sys, lp, uucp,... . i haven't specifically coded to deal with this. most definitely nt _cannot_ have group names same as user names same as domain names: the entire name space *must* be unique, end of story. try it, if you like: try adding a group named YOUR_DOMAIN_NAME on an nt box with usrmgr.exe. From frlord at webmethods.com Fri Mar 12 23:38:45 1999 From: frlord at webmethods.com (F. Ross Lord) Date: Tue Dec 2 02:25:49 2003 Subject: Smbpasswd troubles... Message-ID: <000001be6ce1$78637d20$4201010a@frl.webmethods.com> I am having a problem trying to change my samba password from the command line. When I run smbpasswd as a user (not root), I put in my old password, new password, then confirm the new password, and I get the following error: machine 127.0.0.1 rejected the session setup. Error was: code 131. Failed to change password for I have included the smb.conf: #======================= Global Settings ===================================== [global] workgroup = samba server string = Samba Server hosts allow = 10.1.1. 10.1.5. printcap name = /etc/printcap load printers = yes printing = bsd log file = /var/log/samba/log.%m max log size = 50 security = user encrypt passwords = yes smb passwd file = /etc/smbpasswd socket options = TCP_NODELAY domain logons = yes wins support = yes dns proxy = no preserve case = yes default case = lower case sensitive = no share modes = yes unix passwd sync = yes passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *successfull* Please let me know what I am doing wrong... F. Ross Lord From walter at inf.ethz.ch Fri Mar 12 21:25:14 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:49 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <199903122125.WAA23223@akane.inf.ethz.ch> > i haven't specifically coded to deal with this. most definitely nt > _cannot_ have group names same as user names same as domain names: the > entire name space *must* be unique, end of story. try it, if you like: > try adding a group named YOUR_DOMAIN_NAME on an nt box with usrmgr.exe. Did you mean NT group name + NT user name are the same? That should not be the case on my test systems. I used a freshly installed NT system + SP4 with only the default groups and the local administrator. On the PDC side the smbpasswd contains only '$' and 'walter'. No 'domain group map' or any other map is defined at the stage I am at. What is the current requirement for unix groups (at least now)? Is it required that all group names are no user names? Or at least for groups the user who logs in belongs to? Or for groups that are mapped to NT groups? - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From lkcl at switchboard.net Fri Mar 12 21:39:24 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:49 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903122125.WAA23223@akane.inf.ethz.ch> Message-ID: On Fri, 12 Mar 1999, Stefan Walter wrote: > > > i haven't specifically coded to deal with this. most definitely nt > > _cannot_ have group names same as user names same as domain names: the > > entire name space *must* be unique, end of story. try it, if you like: > > try adding a group named YOUR_DOMAIN_NAME on an nt box with usrmgr.exe. > > Did you mean NT group name + NT user name are the same? That should not by default it will be if you don't map every single unix name or unix group listed in /etc/passwd+private/smbpasswd and /etc/group that happen to be the same. > be the case on my test systems. I used a freshly installed NT system + SP4 > with only the default groups and the local administrator. On the PDC side > the smbpasswd contains only '$' and 'walter'. No 'domain group map' > or any other map is defined at the stage I am at. > > What is the current requirement for unix groups (at least now)? Is it required > that all group names are no user names? definitely and absolutely. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Fri Mar 12 21:59:02 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:49 2003 Subject: cmdat utility contributed by Internet Security Systems Message-ID: this small utility can be used to run an arbitrary program by clicking right-mouse-button on a directory. the default action is to run "ssh.exe" on a Samba server and a command prompt "cmd.exe" on an NT server. it can be obtained from the samba ftp site in the "contributed" directory, file named cmdat.zip. Copyright Internet Security Systems Inc., no warranty (expressed or implied), code provided as-is with no fitness-for-purpose rules, regs, the usual disclaimer works etc. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From walter at inf.ethz.ch Fri Mar 12 22:28:05 1999 From: walter at inf.ethz.ch (Stefan Walter) Date: Tue Dec 2 02:25:49 2003 Subject: New subject - unix group and unix user names Message-ID: <199903122228.XAA23591@akane.inf.ethz.ch> This does not go to the samba-ntdom list, first want to make sure if I understand this right (logic and English). > > Did you mean NT group name + NT user name are the same? That should not > >by default it will be if you don't map every single unix name or unix >group listed in /etc/passwd+private/smbpasswd and /etc/group that happen >to be the same. > > What is the current requirement for unix groups (at least now)? Is it required > > that all group names are no user names? > >definitely and absolutely. That meas that as an additional step in the PDC setup procedure you should verify your groups and for instance do a remap of all users that happen to be group names, eg. like this: > cat maps/domainusers.map root=Administrator sys="System Manager" ... This step would be essential for different OSes like Solaris where the /etc/group file starts like this: root::0:root another::1: bin::2:root,bin,daemon sys::3:root,bin,sys,adm adm::4:root,adm,daemon uucp::5:root,uucp mail::6:root tty::7:root,tty,adm lp::8:root,lp,adm ... And at least "root" people are going to use as "Domain Administrator". Did I get this right? - Stefan -- Stefan Walter - SysAdmin at D-INFK (StabSoft), ETH Zurich, Switzerland From cartegw at Eng.Auburn.EDU Fri Mar 12 22:48:54 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:49 2003 Subject: Domain logon problems with 10.Mar.99 CVS source References: Message-ID: <36E999D6.75B72A6A@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > i haven't specifically coded to deal with this. most > definitely nt _cannot_ have group names same as user names > same as domain names: the entire name space *must* be > unique, end of story. try it, if you like: > try adding a group named YOUR_DOMAIN_NAME on an nt > box with usrmgr.exe. I imagine the work around is to use the domain group map file to give the unix group another name. If this solution fails, we will most definitely have to deal with the UNIX tradition of users and group with the same name (root and root). Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From greg at discreet.com Fri Mar 12 22:54:26 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:49 2003 Subject: CVS update: samba/source/lib In-Reply-To: <19990312195332Z12853420-2991+20095@samba.anu.edu.au> Message-ID: Was this the memory corruption I was seeing? Crap, why did I miss that? Greg On 12-Mar-99 lkcl@samba.anu.edu.au wrote: > > Date: Saturday March 13, 1999 @ 6:53 > Author: lkcl > > Update of /data/cvs/samba/source/lib > In directory samba:/tmp/cvs-serv9602/lib > > Modified Files: > util.c > Log Message: > Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == > NULL.Stefan Walter: spotted *p_group == NULL which should be p_group == NULL. --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet logic Montreal (514) 954-7171 greg@discreet.com From m.chapman at student.unsw.edu.au Fri Mar 12 23:35:43 1999 From: m.chapman at student.unsw.edu.au (Matt Chapman) Date: Tue Dec 2 02:25:50 2003 Subject: Smbpasswd troubles... References: <000001be6ce1$78637d20$4201010a@frl.webmethods.com> Message-ID: <36E9A4CE.460548F1@student.unsw.edu.au> F. Ross Lord wrote: > hosts allow = 10.1.1. 10.1.5. hosts allow = 10.1.1. 10.1.5. 127.0.0.1 Matt -- Matt Chapman m.chapman@student.unsw.edu.au From brian at bstc.net Fri Mar 12 22:41:07 1999 From: brian at bstc.net (Brian Roberson) Date: Tue Dec 2 02:25:50 2003 Subject: Smbpasswd troubles... Message-ID: <19990312235319Z12854989-7797+20115@samba.anu.edu.au> you answered your own question.... At 07:41 AM 3/13/99 +1100, you wrote: > >machine 127.0.0.1 rejected the session setup. Error was: code 131. ^^^^^^^^^^^ >[global] > workgroup = samba > server string = Samba Server > hosts allow = 10.1.1. 10.1.5. ^^^^^^^^^^^^^^^^^ ~~~~~~ Brian Roberson ~~~~~~ ~~~ BrainStorm Technologies ~~ ~~~ Linux Solution Provider ~~~ ~~~~~~~ info@bstc.net ~~~~~~ ~~~~~ http://www.bstc.net/ ~~~~ ~~~~~~~ (402) 690-7306 ~~~~~~ From bmacy at sunshinecomputing.com Sat Mar 13 00:12:32 1999 From: bmacy at sunshinecomputing.com (Brian Macy) Date: Tue Dec 2 02:25:50 2003 Subject: Domain logon problems with 10.Mar.99 CVS source Message-ID: <01e101be6ce6$4aef0990$020210ac@paso.atasd.com> >> What is the current requirement for unix groups (at least now)? Is it required >> that all group names are no user names? > >definitely and absolutely. Hmmm... really? I use user samba and group samba for nearly all my shares. Or are we talking samba groups and not unix? Brian Macy From greg at discreet.com Sat Mar 13 15:31:39 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:50 2003 Subject: latest CVS does not compile Message-ID: Compiling rpc_parse/parse_misc.c "rpc_parse/parse_misc.c", line 376: warning(1164): argument of type "unsigned char *" is incompatible with parameter of type "char *" ascii_to_unibuf(str->buffer, buf, str->buf_len); ^ "rpc_parse/parse_misc.c", line 746: error(1143): declaration is incompatible with "void make_log_info(DOM_LOG_INFO *, char *, char *, unsigned short, char *)" (declared at line 1948 of "include/proto.h") void make_log_info(DOM_LOG_INFO *log, ^ 1 error detected in the compilation of "rpc_parse/parse_misc.c". *** Error code 2 (bu21) ---------------------------------- Greg Dickie just a guy* *from Discreet Logic ---------------------------------- From matthew at janus.law.usyd.edu.au Sat Mar 13 22:27:58 1999 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:25:50 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903122125.WAA23223@akane.inf.ethz.ch> from "Stefan Walter" at Mar 13, 99 08:26:48 am Message-ID: <199903132227.JAA24089@janus.law.usyd.edu.au> > > i haven't specifically coded to deal with this. most definitely nt > > _cannot_ have group names same as user names same as domain names: the > > entire name space *must* be unique, end of story. try it, if you like: > > try adding a group named YOUR_DOMAIN_NAME on an nt box with usrmgr.exe. > > What is the current requirement for unix groups (at least now)? Is it required > that all group names are no user names? Or at least for groups the user who > logs in belongs to? Or for groups that are mapped to NT groups? > I have user and group names the same on several places on my main server - the shared folders 'owned' by groups have a 'force user' to a user ID of the same name as the group. i presume in the NT world, such files would be owned by the group, but Unix doesnt do that. If there is no 'automatic' handling in Samba of group-user clashes for the NT model, ive got a bit of mucking about to do to change the names of all the 'group' users and amend the configs. From m.chapman at student.unsw.edu.au Sun Mar 14 01:42:27 1999 From: m.chapman at student.unsw.edu.au (Matt Chapman) Date: Tue Dec 2 02:25:50 2003 Subject: latest CVS does not compile References: Message-ID: <36EB1403.86BF6F9D@student.unsw.edu.au> Greg Dickie wrote: > "rpc_parse/parse_misc.c", line 746: error(1143): declaration is incompatible > with "void make_log_info(DOM_LOG_INFO *, char *, char *, unsigned > short, char *)" (declared at line 1948 of "include/proto.h") > void make_log_info(DOM_LOG_INFO *log, > ^ > > 1 error detected in the compilation of "rpc_parse/parse_misc.c". > *** Error code 2 (bu21) Ta, fixed. Matt -- Matt Chapman m.chapman@student.unsw.edu.au From jal at mcs.le.ac.uk Mon Mar 15 15:08:13 1999 From: jal at mcs.le.ac.uk (J. A. Landamore) Date: Tue Dec 2 02:25:50 2003 Subject: Changing acl's Message-ID: <4294.9903151508@sun2.mcs.le.ac.uk> A non-text attachment was scrubbed... Name: not available Type: text Size: 1043 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990315/811db414/attachment.bat From cartegw at Eng.Auburn.EDU Mon Mar 15 15:37:38 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:50 2003 Subject: Changing acl's References: <4294.9903151508@sun2.mcs.le.ac.uk> Message-ID: <36ED2942.E8D61F79@eng.auburn.edu> J. A. Landamore wrote: > > I'm using 2.0.2 for fileserving and login control > with NT4SP4 workstations - > don't know if I should be able to, is set the acls on > files and directories. If I look at the properties > of a directory/file and try and change the acl thru the > security tab then it fails, dropping me in Dr Watson. > The same happens with cacls. Should I be able to? Nope. Certain tools will work (such as cacls.exe) when using the HEAD branch code though. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From bkosick at nacs.net Mon Mar 15 16:30:12 1999 From: bkosick at nacs.net (Brian Kosick) Date: Tue Dec 2 02:25:50 2003 Subject: smbmount: unknown host Message-ID: <36ED3594.956B8E3F@nacs.net> Hello Everybody, I am having a fe problems with samba 2.0.3. I am able to log my machine on to the NT network and am able to use smbclient to view shares on everything but as soon as I try to mount something, I get an error: (machine_name):unknown host the -I option might be useful when I use the -I it still gives me an error unknown host. I can also do nmblookup on all the machines on the net. Help much appreciated Brian From dave at www.buffalostate.edu Mon Mar 15 17:27:07 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:50 2003 Subject: smbmount: unknown host In-Reply-To: <36ED3594.956B8E3F@nacs.net> Message-ID: > I am having a fe problems with samba 2.0.3. I am able to log my machine > on to the NT network and am able to use smbclient to view shares on > everything but as soon as I try to mount something, I get an error: > (machine_name):unknown host > the -I option might be useful > when I use the -I it still gives me an error unknown host. > I can also do nmblookup on all the machines on the net. > Help much appreciated I get the same trouble, but using -I IP_OF_MACHINE DOES work. use the IP returned by nmblookup in IP_OF_MACHINE above.. Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From bkosick at nacs.net Mon Mar 15 18:02:31 1999 From: bkosick at nacs.net (Brian Kosick) Date: Tue Dec 2 02:25:50 2003 Subject: smbmount: unknown host References: Message-ID: <36ED4B37.52584577@nacs.net> Thanks, I was trying -I DNS_hostname_of_machine. the ip address worked fine. One question? Is this a bug? I'm on an all DHCP network and with this style workaround, I can't really mount things a boottime. "Dave J. Andruczyk" wrote: > > I am having a fe problems with samba 2.0.3. I am able to log my machine > > on to the NT network and am able to use smbclient to view shares on > > everything but as soon as I try to mount something, I get an error: > > (machine_name):unknown host > > the -I option might be useful > > when I use the -I it still gives me an error unknown host. > > I can also do nmblookup on all the machines on the net. > > Help much appreciated > > I get the same trouble, but using -I IP_OF_MACHINE DOES work. > > use the IP returned by nmblookup in IP_OF_MACHINE above.. > > Dave J. Andruczyk > Instructional Support Associate > Department of Technology > Buffalo State College From pat1andrade at hotmail.com Mon Mar 15 19:56:03 1999 From: pat1andrade at hotmail.com (Pat Andrade) Date: Tue Dec 2 02:25:51 2003 Subject: mounting NT shares in Unix Message-ID: <19990315195603.597.qmail@hotmail.com> I see that Samba has many useful applications. I'm wondering if is it possible to get access/mount NT shares/folders into a Unix machine? If so, can anyone please describe how to. Thanks. Get Your Private, Free Email at http://www.hotmail.com From perrier at onera.fr Mon Mar 15 17:20:08 1999 From: perrier at onera.fr (Christian Perrier) Date: Tue Dec 2 02:25:51 2003 Subject: Kixtart Remote Procedure Calls on a samba PDC Message-ID: <19990315182007.A17129@mykerinos> I'm currently using on some domains login scripts with Kixtart (a utility from the NT Server Resource Kit). Kixtart uses Remote Procedure Calls for getting things like the list of a group a user is belonging to and so on. This is done by running a special service on the logon servers of the domain, called RPCSRV.EXE (ad far as I remember). Of course, such scripts do not work with a samba PDC. Is it planned to add a similar functionality in further releases (or is it already possible for some functions in the current releases)? My main concern is getting automatic connections to some resources on file servers depending on the groups the user is belonging to. With Kixtart, I do something like this (I'm not sure of the syntax, but you'll get the poinbt, I hope) : if ingroup("staff") connect S: \\server\staff endif This behaviour is the last one I'm missing for migrating some domains towards samba PDC (assuming, I don't want BDC). -- From hholt at utinet.net Tue Mar 16 02:25:08 1999 From: hholt at utinet.net (Harry Holt) Date: Tue Dec 2 02:25:51 2003 Subject: join Message-ID: <3.0.1.32.19990315212508.006a51f0@mail.utinet.net> join From gunnar at tripnet.se Tue Mar 16 17:43:02 1999 From: gunnar at tripnet.se (Gunnar Gustafsson) Date: Tue Dec 2 02:25:51 2003 Subject: Kixtart Remote Procedure Calls on a samba PDC Message-ID: <3.0.32.19990316184255.00c8132c@mail4.tripnet.se> >My main concern is getting automatic connections to some resources on file >servers depending on the groups the user is belonging to. We have a workaround for this. In the netlogon directory I have created a directory for each group, like this: drwxr-x--- 2 root ccwstyr 1024 Apr 29 1998 ccwstyr/ drwxr-x--- 2 root larare 1024 Apr 29 1998 larare/ drwxr-x--- 2 root stolpsko 1024 Apr 29 1998 stolpskott/ In each dir, I have a dummy file: -rw-r--r-- 1 root root 0 Apr 29 1998 dummy You can only see the dummy file in a directory if you're in that group. By using some 'if exists' in the login script its possible to make connections per group: if exist \\stalin\netlogon\ccwstyr\dummy net use s: \\stalin\styrelse /yes if not exist \\stalin\netlogon\larare\dummy goto ejlarare: net use j: \\stalin\lekstuga /yes net use l: \\stalin\larare /yes :ejlarare if not exist \\stalin\netlogon\stolpskott\dummy goto ejstolpskott: net use k: \\stalin\kommunist /yes net use n: \\stalin\ftp /yes :ejstolpskott From led at unter.encoding.com Tue Mar 16 20:15:10 1999 From: led at unter.encoding.com (led) Date: Tue Dec 2 02:25:51 2003 Subject: domain groups Message-ID: <199903162015.UAA11670@unter.encoding.com> is there any documentation for the 2.0.3 implementation of the domain group option? It does not appear that the "domain group map" exists outside of the "HEAD" tree. Alternatively, where can the "HEAD" version be found? I am working to make an existing NIS system drive a samba domain (thus, users in the NIS password file are members of the domain, likewise, groups in the NIS group map.) I found it necessary to patch chgpasswd.c in order to get the unix password syncing to work on a FreeBSD 3.0 machine. Use at own risk =) *** chgpasswd.c.hacked Tue Mar 16 11:57:28 1999 --- chgpasswd.c Tue Mar 16 11:57:38 1999 *************** *** 317,325 **** kill(pid, SIGKILL); /* be sure to end this process */ } - /* led hack */ - close(master); - while((wpid = sys_waitpid(pid, &wstat, 0)) < 0) { if(errno == EINTR) { errno = 0; --- 317,322 ---- *************** *** 346,358 **** DEBUG(3,("We were waiting for the wrong process ID\n")); return(False); } ! /* led hack */ ! /* ! * if (WIFEXITED(wstat) == 0) { ! * DEBUG(3,("The process exited while we were waiting\n")); ! * return(False); ! * } ! */ if (WEXITSTATUS(wstat) != 0) { DEBUG(3,("The status of the process exiting was %d\n", wstat)); return(False); --- 343,352 ---- DEBUG(3,("We were waiting for the wrong process ID\n")); return(False); } ! if (WIFEXITED(wstat) == 0) { ! DEBUG(3,("The process exited while we were waiting\n")); ! return(False); ! } if (WEXITSTATUS(wstat) != 0) { DEBUG(3,("The status of the process exiting was %d\n", wstat)); return(False); From lkcl at switchboard.net Wed Mar 17 05:27:48 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:51 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <01e101be6ce6$4aef0990$020210ac@paso.atasd.com> Message-ID: On Fri, 12 Mar 1999, Brian Macy wrote: > >> What is the current requirement for unix groups (at least now)? Is it > required > >> that all group names are no user names? > > > >definitely and absolutely. > > Hmmm... really? I use user samba and group samba for nearly all my shares. > Or are we talking samba groups and not unix? nt-groups. From grant at stephenson.cc Wed Mar 17 09:40:04 1999 From: grant at stephenson.cc (Grant Stephenson) Date: Tue Dec 2 02:25:51 2003 Subject: no login on ppp disconnection Message-ID: <4.1.19990317012937.00a2e930@10.0.0.2> hello.. I have been having this strange problem for a long time with samba, and I am not sure where to look to resolve it. I have samba running as a pdc to windows 98, and windows NT boxes, and that same samba machine also has a ppp connection to the internet. the samba services are only bound to the ethernet addapter on that machine, yet for some reason when my ppp connection goes away (I got disconnected for one reason or another) the machines on the lan (the win98, and NT boxes previously mentioned) are no longer capable of loggin into the domain.. the cannot find the domain controller. I must then recconnect the ppp connection, and then restart samba before the machines can login again. if the machines are still logged in they can access the shares just fine and you would never know there is a problem. and when you run a /etc/rc.d/init.d/smb stop you get a Shutting down SMB services: smbd nmbd kill: (26056) - No such pid even though the process was listed before issueing the command. any Idea what is causeing this, and how I can resolve it? ---------------------------------------------------------------- |grant@stephenson.cc http://www.stephenson.cc | ---------------------------------------------------------------- | My pgp key is avalable it http://www.stephenson.cc/grant/pgp | | #grantstomb | *The Stephensons* |bbs.stephenson.cc | | IRC DarkTombNET | Shell Account/BBS | Fax(408)364-9632 | | stephenson.cc 6669| #stephenson undernet | | ---------------------------------------------------------------- From Armin.Amon at mgm-edv.de Wed Mar 17 09:45:41 1999 From: Armin.Amon at mgm-edv.de (Armin Amon) Date: Tue Dec 2 02:25:51 2003 Subject: no login on ppp disconnection References: <4.1.19990317012937.00a2e930@10.0.0.2> Message-ID: <36EF79C5.F6A0B511@mgm-edv.de> Hi, maybe the route table is not setup correctly. Some ppp scripts modify the route table when hand-up the ppp connection. Compare the route table before connecting to the internet and afterwards. Maybe you find something there. ciao Armin Grant Stephenson wrote: > hello.. I have been having this strange problem for a long time with samba, > and I am not sure where to look to resolve it. > I have samba running as a pdc to windows 98, and windows NT boxes, and that > same samba machine also has a ppp connection to the internet. > the samba services are only bound to the ethernet addapter on that machine, > yet for some reason when my ppp connection goes away (I got disconnected > for one reason or another) the machines on the lan (the win98, and NT boxes > previously mentioned) are no longer capable of loggin into the domain.. the > cannot find the domain controller. > I must then recconnect the ppp connection, and then restart samba before > the machines can login again. > if the machines are still logged in they can access the shares just fine > and you would never know there is a problem. > and when you run a /etc/rc.d/init.d/smb stop > you get a > Shutting down SMB services: smbd nmbd kill: (26056) - No such pid > even though the process was listed before issueing the command. > > any Idea what is causeing this, and how I can resolve it? > > ---------------------------------------------------------------- > |grant@stephenson.cc http://www.stephenson.cc | > ---------------------------------------------------------------- > | My pgp key is avalable it http://www.stephenson.cc/grant/pgp | > | #grantstomb | *The Stephensons* |bbs.stephenson.cc | > | IRC DarkTombNET | Shell Account/BBS | Fax(408)364-9632 | > | stephenson.cc 6669| #stephenson undernet | | > ---------------------------------------------------------------- From lnb at freedom.cybertouch.org Wed Mar 17 10:46:52 1999 From: lnb at freedom.cybertouch.org (Lanny Baron) Date: Tue Dec 2 02:25:51 2003 Subject: nt ...who should be PDC Message-ID: Hi everyone, I am new to the list. So please bear with my questioning. I have installed NT many times over the past few days. As PDC and as stand alone. I run a sort of testing place for myself. But i have notice that with NT as stand alone, I am unable to do anything with NT. Such as add services (permission denied) and to have people who dial in to me, for me to access their pc's even though i have passwd for access. Can anyone tell me what the best way to have a mixed Samba/NT environment is? I have, as said above been at this for 3 days straight. 'With no concrete improvement. My aim is to approach small companies to show the inter-operability between the systems. My problem is my lack of knowledge as you can judge from this mail. Well thank you for taking the time to read this. And if you help, thank you in advance for any help which you may provide. Lanny Baron http://ca.samba.org/samba/samba.html http://freedom.cybertouch.org From cartegw at Eng.Auburn.EDU Wed Mar 17 13:52:02 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:52 2003 Subject: nt ...who should be PDC References: Message-ID: <36EFB382.ADC0DABC@eng.auburn.edu> Lanny Baron wrote: > > Can anyone tell me what the best way to have a > mixed Samba/NT environment is? And that is the question we spend our life answering... ;) Couple of points * You should enable password encryption on the Samba server. * if you operating in a workgroup enivironment, the set the Samba server to user level security and keep a normal list of account in the smbpasswd file. * if you are using a domain model, refer to the DOMAIN_MEMBER.txt file that is in the docs/textdocs/ directory of the Samba 2.0.x distributions. Also, here's a tag from NTDOMAIN.txt... Please note that Samba 2.0 does not **officially** support domain logons for Windows NT clients. Of course, domain logon support for Windows 9x clients is complete and official. These are two different issues. Samba's capability to act as a Primary Domain Controller for Windows NT domains is not advertised as it is not completed yet. For more information regarding how to obtain the latest development (HEAD branch) source code and what features are available, please refer to the NT Domain FAQ on-line at the Samba web site under the documentation page. Hope this helps. Contact me one on one if you need more info. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From rdab100 at hermes.cam.ac.uk Wed Mar 17 22:16:19 1999 From: rdab100 at hermes.cam.ac.uk (Dominic Baines) Date: Tue Dec 2 02:25:52 2003 Subject: nt ...who should be PDC References: Message-ID: <36F029B3.440DB52@NOSPAM.hermes.cam.ac.uk> Lanny Baron wrote: > Can anyone tell me what the best way to have a mixed Samba/NT environment is? My suggestion for the moment would be in an NT dominated environment where PDC/BDC type architecture exists would be to use NT as the authentication servers and to use the Samba servers as file/printer servers. Eventually Samba will be able to offer PDC/BDC type operations but as Gerry Carter states PDC isn't supported. It does function in v2.0.0 upwards IF there is only the one PDC and no BDC's about. This may not show all the capabilities of Samba immediately but may be the least painless way to go. You can then use lesser/older hardware for the NT servers and better/newer kit for Samba. Alternatively if you don't need the NT Servers then perhaps just use Samba as the authentication/file/print/wins/et al server and run NT workstations (roaming profiles et al) and Linux desktops with Gnome or KDE. The Samba docs especially those on WinNT, NTDomain, Encryption, and the excellent smb.conf(5).html are necessary reading. Don't forget to look at the notes on the plaintext passwords and the registry entries :-) They should be in /docs under where you extracted the Samba source to. Good luck. Dominic Baines From hulet at ittc.ukans.edu Wed Mar 17 14:41:34 1999 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:25:52 2003 Subject: Roaming Profiles In-Reply-To: <36EFB382.ADC0DABC@eng.auburn.edu> Message-ID: I just upgraded my production PDC with my test PDC (because it was working fine). The problem I am having is with roaming profiles. When I joined the NT workstations to the new domain, they still use their old roaming profiles. The profile downloads fine but they are unable to change and save any of their desktop settings, the netscape print button is greyed out, some applications say access denied (MS Outlook, ICQ, Coldfusion, ...) I put the users domain login into the local administrator group (not recommended) and all the problems go away. Has anyone else tackled this problem and can give me some hints? Hopefully I can fix it without telling the users to create a new profile. Michael Hulet Network System Administrator ITTC, University of Kansas Tel:785-864-7793 From pgmtekn at algonet.se Wed Mar 17 15:02:02 1999 From: pgmtekn at algonet.se (Michael Stockman) Date: Tue Dec 2 02:25:52 2003 Subject: srv/usrmgr and DC Message-ID: <004301be7087$1d6c8660$0300a8c0@pippi.emil.pgmt> Hello, I'm running samba, head branch from 99-03-17 14:00, and would like to point out that both usrmgr and srvmgr in W95 complains about not being able to find the domain controller (DC). The problem, which seems to be the same as once before, appears to be the reply to PIPE\NET\GETDC000 and the use of wide characters. Is this a conscious favour of NT(?) prior to W95 and is it known how NT replies (both to a NT and a W95 client)? Also I would like to know if anyone has tried to run scrips on the unix side at logon/logoff (if there at all is a clear notion of logoff in the smb world)? I would like to do this in order to configure my firewall settings for any computer depending on who is logged on. Best regards Michael Stockman pgmtekn-micke@algonet.se From aperrin at demog.Berkeley.EDU Wed Mar 17 17:36:51 1999 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:25:52 2003 Subject: srv/usrmgr and DC In-Reply-To: <004301be7087$1d6c8660$0300a8c0@pippi.emil.pgmt> Message-ID: Michael- I use a very simple logon/logoff script attached to the [homes] service, which (in our site at least) approximates login time, since users generally neither manually connect nor disconnect the share. Agreed it's not foolproof, but it works: root preexec = echo %u > /opt/samba/status/%m root postexec = rm -f /opt/samba/status/%m this just puts the logged in username in a file named after the workstation name; I can do cd /opt/samba/status grep . * and get a nice list in the form of workstation:user workstation:user etc. Hope this helps- ap --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Thu, 18 Mar 1999, Michael Stockman wrote: > Hello, > > I'm running samba, head branch from 99-03-17 14:00, and would like to point out that both usrmgr and srvmgr in W95 complains about not being able to find the domain controller (DC). The problem, which seems to be the same as once before, appears to be the reply to PIPE\NET\GETDC000 and the use of wide characters. Is this a conscious favour of NT(?) prior to W95 and is it known how NT replies (both to a NT and a W95 client)? > > Also I would like to know if anyone has tried to run scrips on the unix side at logon/logoff (if there at all is a clear notion of logoff in the smb world)? I would like to do this in order to configure my firewall settings for any computer depending on who is logged on. > > Best regards > Michael Stockman > pgmtekn-micke@algonet.se > > From lkcl at switchboard.net Wed Mar 17 18:58:06 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <36E999D6.75B72A6A@eng.auburn.edu> Message-ID: On Fri, 12 Mar 1999, Gerald Carter wrote: > Luke Kenneth Casson Leighton wrote: > > > > i haven't specifically coded to deal with this. most > > definitely nt _cannot_ have group names same as user names > > same as domain names: the entire name space *must* be > > unique, end of story. try it, if you like: > > try adding a group named YOUR_DOMAIN_NAME on an nt > > box with usrmgr.exe. > > I imagine the work around is to use the domain group map > file to give the unix group another name. If this solution correct. > fails, we will most definitely have to deal with the UNIX > tradition of users and group with the same name > (root and root). yep, by removing one of them. From lkcl at switchboard.net Wed Mar 17 19:05:26 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <199903122125.WAA23223@akane.inf.ethz.ch> Message-ID: On Sat, 13 Mar 1999, Stefan Walter wrote: > > > i haven't specifically coded to deal with this. most definitely nt > > _cannot_ have group names same as user names same as domain names: the > > entire name space *must* be unique, end of story. try it, if you like: > > try adding a group named YOUR_DOMAIN_NAME on an nt box with usrmgr.exe. > > Did you mean NT group name + NT user name are the same? That should not > be the case on my test systems. if any of: - nt group name - nt user name - nt domain name(s) ... are the same, you _will_ run into difficulties. > I used a freshly installed NT system + SP4 > with only the default groups and the local administrator. On the PDC side > the smbpasswd contains only '$' and 'walter'. No 'domain group map' > or any other map is defined at the stage I am at. then the "default" is to take all unix groups and make them nt groups, and all unix users that are also in private/smbpasswd and make them nt users. _this_ is the "nt" namespace that you, as an administrator, must guarantee is unique. > What is the current requirement for unix groups (at least now)? Is it required > that all group names are no user names? yes. that is an _nt_ requirement and we must obey it. From cartegw at Eng.Auburn.EDU Wed Mar 17 19:37:08 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source References: Message-ID: <36F00464.26063618@eng.auburn.edu> Luke Kenneth Casson Leighton wrote: > > > fails, we will most definitely have to deal with the UNIX > > tradition of users and group with the same name > > (root and root). > > yep, by removing one of them. I'm not sure that is a valid option. Comments? jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Wed Mar 17 20:09:05 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:52 2003 Subject: Kixtart Remote Procedure Calls on a samba PDC In-Reply-To: <19990315182007.A17129@mykerinos> Message-ID: xtian, try latest cvs not 2.0.x also try against nt srv, send netmon trace to me and matthew chapman. thx! luke On Tue, 16 Mar 1999, Christian Perrier wrote: > I'm currently using on some domains login scripts with Kixtart (a utility > from the NT Server Resource Kit). Kixtart uses Remote Procedure Calls for > getting things like the list of a group a user is belonging to and so on. > > This is done by running a special service on the logon servers of the > domain, called RPCSRV.EXE (ad far as I remember). > > Of course, such scripts do not work with a samba PDC. Is it planned to add a > similar functionality in further releases (or is it already possible for > some functions in the current releases)? > > My main concern is getting automatic connections to some resources on file > servers depending on the groups the user is belonging to. > > With Kixtart, I do something like this (I'm not sure of the syntax, but > you'll get the poinbt, I hope) : > > if ingroup("staff") > connect S: \\server\staff > endif > > This behaviour is the last one I'm missing for migrating some domains > towards samba PDC (assuming, I don't want BDC). > > -- > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From abs at maunsell.co.uk Wed Mar 17 20:28:18 1999 From: abs at maunsell.co.uk (Andy Smith) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <36F00464.26063618@eng.auburn.edu>; from Gerald Carter on Thu, Mar 18, 1999 at 06:44:18AM +1100 References: <36F00464.26063618@eng.auburn.edu> Message-ID: <19990317202818.01751@maunsell.co.uk> On Thu, Mar 18, 1999 at 06:44:18AM +1100, Gerald Carter wrote: > > Luke Kenneth Casson Leighton wrote: > > > > > fails, we will most definitely have to deal with the UNIX > > > tradition of users and group with the same name > > > (root and root). > > > > yep, by removing one of them. > > I'm not sure that is a valid option. > Comments? There's stuff goes on at our place which depends on users and group with the same name. If I can remap them in domain group map then perhaps it wont be too bad, but removing the group is not an option (for us). -- _ __ Maunsell Ltd, IT Unit Tel : 0181-663-6565 /_| _/ ( _ '_// 160 Croydon Road, Fax : 0181-663-6723 ( |/)(/(/ __)//)/ //) Beckenham, Kent BR3 4DE Email: abs@maunsell.co.uk / England. -or- abs@maunsl00.demon.co.uk From lkcl at switchboard.net Wed Mar 17 20:39:24 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <19990317202818.01751@maunsell.co.uk> Message-ID: On Thu, 18 Mar 1999, Andy Smith wrote: > On Thu, Mar 18, 1999 at 06:44:18AM +1100, Gerald Carter wrote: > > > > Luke Kenneth Casson Leighton wrote: > > > > > > > fails, we will most definitely have to deal with the UNIX > > > > tradition of users and group with the same name > > > > (root and root). > > > > > > yep, by removing one of them. > > > > I'm not sure that is a valid option. > > Comments? > > There's stuff goes on at our place which depends on users and group > with the same name. If I can remap them in domain group map then perhaps > it wont be too bad, but removing the group is not an option (for us). i meant "removing it from the nt / samba side" not "removing it from the unix /etc/group side" sorry! From abakun at reac.com Wed Mar 17 20:39:23 1999 From: abakun at reac.com (Andy Bakun) Date: Tue Dec 2 02:25:52 2003 Subject: Domain logon problems with 10.Mar.99 CVS source References: <36F00464.26063618@eng.auburn.edu> <19990317202818.01751@maunsell.co.uk> Message-ID: <36F012FB.A16830B7@reac.com> Andy Smith wrote: > There's stuff goes on at our place which depends on users and group > with the same name. If I can remap them in domain group map then perhaps > it wont be too bad, but removing the group is not an option (for us). What about prefixing or suffixing group names with g_ or _g respectively if a group is found to have the same name as a user? Perhaps a parameter that tells samba how to mangle group names before giving them to the clients (so you don't need to map them all individually)? Andy. From matthew at janus.law.usyd.edu.au Wed Mar 17 20:44:11 1999 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:25:53 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <19990317202818.01751@maunsell.co.uk> from "Andy Smith" at Mar 18, 99 07:31:01 am Message-ID: <199903172044.HAA13431@janus.law.usyd.edu.au> > On Thu, Mar 18, 1999 at 06:44:18AM +1100, Gerald Carter wrote: > > > > Luke Kenneth Casson Leighton wrote: > > > > > > > fails, we will most definitely have to deal with the UNIX > > > > tradition of users and group with the same name > > > > (root and root). > > > > > > yep, by removing one of them. > > > > I'm not sure that is a valid option. > > Comments? > > There's stuff goes on at our place which depends on users and group > with the same name. If I can remap them in domain group map then perhaps > it wont be too bad, but removing the group is not an option (for us). > RedHat linux by default creates a group per user. You are going to get lots of RHS linux users wondering why NT Domains dont work properly for them.. (I run the HEAD branch on RHS linux, but I dont use RedHats user create scripts...) From spd at gtc1.cps.unizar.es Wed Mar 17 20:44:48 1999 From: spd at gtc1.cps.unizar.es (J.A. Gutierrez) Date: Tue Dec 2 02:25:53 2003 Subject: srv/usrmgr and DC In-Reply-To: from "Andrew Perrin - Demography" at Mar 18, 99 04:45:40 am Message-ID: <199903172044.VAA11692@gtc1.cps.unizar.es> > > root preexec = echo %u > /opt/samba/status/%m > root postexec = rm -f /opt/samba/status/%m > > this just puts the logged in username in a file named after the > workstation name; > Interesting.... and what happends if you try the following? $ smbclient '\\yourserver\foo' -U "+ +" -n "../../../../../root/.rhosts" -- finger spd@gtc1.cps.unizar.es for PGP / So be easy and free .mailcap tip of the day: / when you're drinking with me application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day text/x-vcard; cat '%s' > /dev/null / (the pogues) From cartegw at Eng.Auburn.EDU Wed Mar 17 21:49:13 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:53 2003 Subject: domain groups References: <199903162015.UAA11670@unter.encoding.com> Message-ID: <36F02359.7E14D7D5@eng.auburn.edu> led wrote: > > is there any documentation for the 2.0.3 implementation of > the domain group option? It does not appear that the > "domain group map" exists outside of the "HEAD" tree. > Alternatively, where can the "HEAD" version be found? Check out Samba's NT Domain FAQ linked off the Samba documentation page. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From wstuart at hae.com Wed Mar 17 22:18:52 1999 From: wstuart at hae.com (William Stuart) Date: Tue Dec 2 02:25:53 2003 Subject: UNIX uname/gname [was...Domain logon problems with 10.Mar.99 CVS source] References: <36F00464.26063618@eng.auburn.edu> <19990317202818.01751@maunsell.co.uk> Message-ID: <36F02A4C.AFAE7E99@hae.com> Does it make sense to create a system that prepends a known value to each of the group names? For example: To UNIX, you have the user root and the group root. To NT, you have the user root and the group g_root. I envision a smb.conf entry like so: nt group mangling = yes/no/always no = never mangles and the sysadmin guarantees namespace uniqueness. yes = mangles when there is a conflict. always = mangles all group names wether they conflict or not. By mangling I mean adding some know value to the front or back. -- William Stuart (wstuart@hae.com) My email address, wstuart@hae.com, is (C) Copyright 1999 William Stuart... Use of this email address is restricted. See http://www.hae.com/cr.html for acceptible use. From greg at discreet.com Wed Mar 17 23:38:45 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:53 2003 Subject: Domain logon problems with 10.Mar.99 CVS source In-Reply-To: <36F012FB.A16830B7@reac.com> Message-ID: Now that would be nice ;-) REALLY REALLY nice. How about this? Our nis group database has duplicates of groups in the local /etc/groups file so now there's 2 of 'em. What will happen then? Greg On 17-Mar-99 Andy Bakun wrote: > Andy Smith wrote: > >> There's stuff goes on at our place which depends on users and group >> with the same name. If I can remap them in domain group map then perhaps >> it wont be too bad, but removing the group is not an option (for us). > > What about prefixing or suffixing group names with g_ or _g respectively if a > group is found to have the same name as a user? Perhaps a parameter that > tells > samba how to mangle group names before giving them to the clients (so you > don't > need to map them all individually)? > > Andy. > --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From tas at microdisplay.com Thu Mar 18 01:50:47 1999 From: tas at microdisplay.com (Todd Stiers) Date: Tue Dec 2 02:25:53 2003 Subject: Weirdness: MS Access Files on Samba NT Dom Message-ID: <36F05BF7.47EFD45@microdisplay.com> Hi, I have come across a very strange error since upgrading my servers to Samba NT Dom 2.0 (late January). Apparently, MS Access 97 files can no longer be opened and run from the Samba fileservers. I can copy the files to NT local machines, they work, I can put them on NT shares, MS Access works, and I can put them on samba 1.9x versions and it works. Whats changed? Was it/is it intentional? Currently, only windows 95/98 machines seem to be able to open the MS Access docs stored on Samba NT Dom servers. Access seems to create a locking file on real NT and real NT shares, but on neither of the Samba (NT Dom and regular). HELP! Thanks -Todd -- [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- Todd Stiers Director of Systems Administration The MicroDisplay Corporation http://www.microdisplay.com (510)243-9515x129 ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] From aaron at compedge.co.nz Thu Mar 18 04:05:30 1999 From: aaron at compedge.co.nz (Aaron Knauf) Date: Tue Dec 2 02:25:53 2003 Subject: Weirdness: MS Access Files on Samba NT Dom Message-ID: <4C256738.00159936.00@cel-tr1.techroom.compedge.co.nz> Works for me (standard Samba 2.0.3, configured as PDC, also worked on 2.0.2). Access creates its .ldb file quite happily. I hate to point out the obvious, but do your users have write access to the directory containing the database file? Is the share read-only? Of course, the DIRECTORY must have the w permission set for the appropriate user/group to enable them to create the lock file. If the database need not be written to, you could also try making it read-only (this allows multi-user access without designing the DB to cope with that). Aaron Knauf Technical Consultant Computing Edge Limited Auckland New Zealand Todd Stiers on 18/03/99 13:52:54 Please respond to tas@microdisplay.com To: Multiple recipients of list cc: (bcc: Aaron Knauf/AKL/CEL/compedge) Subject: Weirdness: MS Access Files on Samba NT Dom Hi, I have come across a very strange error since upgrading my servers to Samba NT Dom 2.0 (late January). Apparently, MS Access 97 files can no longer be opened and run from the Samba fileservers. I can copy the files to NT local machines, they work, I can put them on NT shares, MS Access works, and I can put them on samba 1.9x versions and it works. Whats changed? Was it/is it intentional? Currently, only windows 95/98 machines seem to be able to open the MS Access docs stored on Samba NT Dom servers. Access seems to create a locking file on real NT and real NT shares, but on neither of the Samba (NT Dom and regular). HELP! Thanks -Todd -- [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- Todd Stiers Director of Systems Administration The MicroDisplay Corporation http://www.microdisplay.com (510)243-9515x129 ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] From jmeff at engsoc.queensu.ca Thu Mar 18 05:12:45 1999 From: jmeff at engsoc.queensu.ca (Jamie ffolliott) Date: Tue Dec 2 02:25:53 2003 Subject: Weirdness: MS Access Files on Samba NT Dom In-Reply-To: <4C256738.00159936.00@cel-tr1.techroom.compedge.co.nz> Message-ID: <000001be70fd$f5692ca0$0245a8c0@dagobah.cgocable.net> I've noticed this problem has been around in 2.1prealpha since January '99, the 1st time we upgraded from 2.0, so it must have been introduced at some time in the main branch. I've been waiting for the "merge from hell" from Jeremy to see if that contains a fix. Also noted other preculiarities: Some programs like Photoshop and Excel may give you an error when opening two different documents at a time. I can't remember the exact wording of the error, but it was something like "can't open this document, it's already open". I don't see anything in the logs that would seem related, but not sure what to look for. Any suggestions anyone? These aren't errors due to write permissions, and our smb.conf configuration hasn't changed very much (except when necessary) between previous releases of samba that worked well with Access and Photoshop. Jamie ffolliott Engineering Society, Queen's U > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Aaron Knauf > Sent: Wednesday, March 17, 1999 10:06 PM > To: Multiple recipients of list > Subject: Re: Weirdness: MS Access Files on Samba NT Dom > > > Works for me (standard Samba 2.0.3, configured as PDC, also worked on > 2.0.2). Access creates its .ldb file quite happily. I hate to point out > the obvious, but do your users have write access to the directory > containing the database file? Is the share read-only? Of course, the > DIRECTORY must have the w permission set for the appropriate user/group to > enable them to create the lock file. > > If the database need not be written to, you could also try making it > read-only (this allows multi-user access without designing the DB to cope > with that). > > Aaron Knauf > Technical Consultant > Computing Edge Limited > Auckland > New Zealand > > > > > Todd Stiers on 18/03/99 13:52:54 > > Please respond to tas@microdisplay.com > > To: Multiple recipients of list > cc: (bcc: Aaron Knauf/AKL/CEL/compedge) > Subject: Weirdness: MS Access Files on Samba NT Dom > > > > > Hi, > > I have come across a very strange error since upgrading my servers > to Samba NT Dom 2.0 (late January). > > Apparently, MS Access 97 files can no longer be opened and run > from the Samba fileservers. I can copy the files to NT local machines, > they work, I can put them on NT shares, MS Access works, and I > can put them on samba 1.9x versions and it works. > > Whats changed? Was it/is it intentional? > > Currently, only windows 95/98 machines seem to be able to open > the MS Access docs stored on Samba NT Dom servers. > > Access seems to create a locking file on real NT and real NT shares, > but on neither of the Samba (NT Dom and regular). > > HELP! > > Thanks > -Todd > > > > -- > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > Todd Stiers > Director of Systems Administration > The MicroDisplay Corporation > http://www.microdisplay.com (510)243-9515x129 > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] > > > > > > > > > From samba at SE1495.spb.edu Thu Mar 18 10:36:03 1999 From: samba at SE1495.spb.edu (Sergey Esin) Date: Tue Dec 2 02:25:53 2003 Subject: smbmount question Message-ID: Hello! Please help to resolve a problem. RedHat Linux 5.1 (with updated gcc, ..), Kernel 2.2.3, samba compiled "--with smbmount". I am trying to mount a directory from NT Server 4.0: smbmount "\\\\SERVER\\SHARE" password -U Username -c "mount /mnt/share". All works except file times. Under Linux I can't see file time from WinNT 4.0 share. I've read FAQ but it seems like "smbmount" doesn't use smb.conf at all. -- Regards, Sergey Esin From frlord at webmethods.com Thu Mar 18 13:51:56 1999 From: frlord at webmethods.com (F. Ross Lord) Date: Tue Dec 2 02:25:53 2003 Subject: NT server joined to a Samba PDC. Message-ID: <000001be7146$7c8960e0$4201010a@frl.webmethods.com> I have a samba PDC, and I have joined an NT server to the domain. Currently, when I try to connect to the NT server, I get the following error: \\ is not accessible The security ID structure is invalid. I checked my log file for that server, and this is what it produces when I try to connect: [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 If anyone has any hints, it would really help. -- frl From mhw at wittsend.com Thu Mar 18 14:01:50 1999 From: mhw at wittsend.com (Michael H. Warfield) Date: Tue Dec 2 02:25:53 2003 Subject: smbmount question In-Reply-To: from Sergey Esin at "Mar 18, 1999 9:37:38 pm" Message-ID: <199903181401.JAA17600@alcove.wittsend.com> Sergey Esin enscribed thusly: > Hello! > Please help to resolve a problem. > RedHat Linux 5.1 (with updated gcc, ..), Kernel 2.2.3, > samba compiled "--with smbmount". > I am trying to mount a directory from NT Server 4.0: > smbmount "\\\\SERVER\\SHARE" password -U Username -c "mount /mnt/share". > All works except file times. Under Linux I can't see file time from WinNT 4.0 > share. I've read FAQ but it seems like "smbmount" doesn't use smb.conf at all. File time corruption from Windows NT servers it typically caused by compiling in the "WIN95 Bug Workaround" into the kernel. That compile option forces on options in the smbfs module to deal with some Windows 95 bugs. Unfortunately, it also screws up the reported time stamp from Windows NT. If you are ONLY mounting shares from Windows 95, you can use this option when compiling the kernel. If you are mounting ANY shares from Windows NT, you should NOT use this option when compiling the kernel. If you are mounting shares from BOTH Windows 95 and Windows NT, leave this option disabled in the kernel. You can enable the bug workaround on a share by share basis for the Windows 95 shares. For Windows 95 shares (only!) specify a file mode with the octal 01000 bit enabled in the mount command to smbmount similar to this: ] smbmount //SERVER/SHARE password -U Username -c "mount /mnt/share -f 1660" > -- > Regards, > Sergey Esin Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From hulet at ittc.ukans.edu Thu Mar 18 14:35:49 1999 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:25:53 2003 Subject: NT server joined to a Samba PDC. In-Reply-To: <000001be7146$7c8960e0$4201010a@frl.webmethods.com> Message-ID: I also get that error in my logs but it doesn't prevent me from logging in. I also get these for everyone of my domain machines: [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) trust account ARKTOS$ should be in DOMAIN_GROUP_RID_USERS [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) trust account APOLLO$ should be in DOMAIN_GROUP_RID_USERS Why do my machines have to be in a DOMAIN_GROUP_RID_USERS and where/how do I put them in this group? Michael Hulet Network System Administrator ITTC, University of Kansas Tel:785-864-7793 On Fri, 19 Mar 1999, F. Ross Lord wrote: > I have a samba PDC, and I have joined an NT server to the domain. > Currently, when I try to connect to the NT server, I get the following > error: > > \\ is not accessible > The security ID structure is invalid. > > I checked my log file for that server, and this is what it produces when I > try to connect: > > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > > If anyone has any hints, it would really help. > > -- frl > From frlord at webmethods.com Thu Mar 18 15:01:35 1999 From: frlord at webmethods.com (F. Ross Lord) Date: Tue Dec 2 02:25:54 2003 Subject: NT server joined to a Samba PDC. In-Reply-To: Message-ID: <000001be7150$37b258f0$4201010a@frl.webmethods.com> With a little more testing, I have found that I can fairly reliably get in on the third try. I select the sever from network neighborhood, get the error listed below with the log entry listed below the first two times, but I am able to get in the third time. Any clues? -- frl -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Michael S. Hulet Sent: Thursday, March 18, 1999 9:34 AM To: Multiple recipients of list Subject: Re: NT server joined to a Samba PDC. I also get that error in my logs but it doesn't prevent me from logging in. I also get these for everyone of my domain machines: [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) trust account ARKTOS$ should be in DOMAIN_GROUP_RID_USERS [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) trust account APOLLO$ should be in DOMAIN_GROUP_RID_USERS Why do my machines have to be in a DOMAIN_GROUP_RID_USERS and where/how do I put them in this group? Michael Hulet Network System Administrator ITTC, University of Kansas Tel:785-864-7793 On Fri, 19 Mar 1999, F. Ross Lord wrote: > I have a samba PDC, and I have joined an NT server to the domain. > Currently, when I try to connect to the NT server, I get the following > error: > > \\ is not accessible > The security ID structure is invalid. > > I checked my log file for that server, and this is what it produces when I > try to connect: > > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > [1999/03/18 08:48:47, 0] smbd/uid.c:become_root(366) > ERROR: become root depth is non zero > [1999/03/18 08:48:47, 0] smbd/uid.c:unbecome_root(387) > ERROR: unbecome root depth is 0 > > If anyone has any hints, it would really help. > > -- frl > From cartegw at Eng.Auburn.EDU Thu Mar 18 15:11:44 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:54 2003 Subject: NT server joined to a Samba PDC. References: Message-ID: <36F117B0.BFD7DBE2@eng.auburn.edu> Michael S. Hulet wrote: > > I also get that error in my logs but it doesn't prevent me from logging > in. I also get these for everyone of my domain machines: > > [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) > trust account ARKTOS$ should be in DOMAIN_GROUP_RID_USERS > [1999/03/18 08:08:13, 0] passdb/sampass.c:getsamfile21pwent(108) > trust account APOLLO$ should be in DOMAIN_GROUP_RID_USERS > > Why do my machines have to be in a DOMAIN_GROUP_RID_USERS > and where/how do I put them in this group? >From the NT Domain FAQ.... 2.6. I keep getting the message "trust account xxx should be in DOMAIN_GROUP_RID_USERS." What do I need to do? Nothing. This is a note that one of the developers put in to remind him of a issue that is yet to be resolved. It is harmless and should be ignored. If you find it filling up your debug logs, you can set it to be logged at a higher level. Edit passdb/sampass.c and locate the string. Then change the debug level from 0 to 3 or higher. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From G.Klein at edelmann.de Thu Mar 18 15:55:36 1999 From: G.Klein at edelmann.de (Gerhard Klein) Date: Tue Dec 2 02:25:54 2003 Subject: latest Samba Domain Controller source code Message-ID: <36F121F8.7C0F5428@edelmann.de> Hello, I have no cvs access. How can I get the latest Samba Domain Controller source code via web or ftp. Thanks Gerhard -- http://www.edelmann.de mailto:G.Klein@edelmann.de Phone: +49 7321 340 368 Fax: +49 7321 340 363 From lkcl at switchboard.net Thu Mar 18 18:16:43 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: CVS update: samba/source/include (fwd) Message-ID: does any1 know about lsa secrets? Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== ---------- Forwarded message ---------- Date: Thu, 18 Mar 1999 16:18:01 +1100 From: matty@samba.anu.edu.au To: Multiple recipients of list Subject: CVS update: samba/source/include Date: Thursday March 18, 1999 @ 16:16 Author: matty Update of /data/cvs/samba/source/include In directory samba:/data/people/matty/samba/source/include Modified Files: proto.h rpc_lsa.h rpc_misc.h Log Message: Adding LSA_OPENSECRET (-> LsarOpenSecret) and LSA_QUERYSECRET (-> LsarQuerySecret) on client side, including rpcclient command "querysecret" for others to play with. The major obstacle is working out the encryption algorithm used for the secret value. It definitely uses the NT hash as part of the key, and it seems the block size is 64 bits - probably DES based - but I can't work out what's done in between. Help required. From tas at microdisplay.com Thu Mar 18 18:22:09 1999 From: tas at microdisplay.com (Todd Stiers) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom References: <4C256738.00159936.00@cel-tr1.techroom.compedge.co.nz> Message-ID: <36F14451.A00BEEB6@microdisplay.com> Thanks for the reply, All the permissions were set appropriately (it has worked pre 2.0) and I even opened them further: [dbdie] comment = MDC DIE Tracking Database path = /testing1/dbdie public = yes writable = yes create mask = 0775 valid users = @users write list = @users force group = users The directory permissions: drwxrwxr-x 2 cmullin users 1024 Mar 18 10:20 dbdie The file permissions: -rw-rw-r-- 1 tas users 2484224 Mar 17 17:17 testit.mdb I then downloaded and compiled the latest CVS (19990318) (Version 2.1.0-prealpha) of the NT DOM and I still get the same result - MS Access is not putting down the lock file. -Todd Aaron Knauf wrote: > Works for me (standard Samba 2.0.3, configured as PDC, also worked on > 2.0.2). Access creates its .ldb file quite happily. I hate to point out > the obvious, but do your users have write access to the directory > containing the database file? Is the share read-only? Of course, the > DIRECTORY must have the w permission set for the appropriate user/group to > enable them to create the lock file. > > If the database need not be written to, you could also try making it > read-only (this allows multi-user access without designing the DB to cope > with that). > > Aaron Knauf > Technical Consultant > Computing Edge Limited > Auckland > New Zealand > > Todd Stiers on 18/03/99 13:52:54 > > Please respond to tas@microdisplay.com > > To: Multiple recipients of list > cc: (bcc: Aaron Knauf/AKL/CEL/compedge) > Subject: Weirdness: MS Access Files on Samba NT Dom > > Hi, > > I have come across a very strange error since upgrading my servers > to Samba NT Dom 2.0 (late January). > > Apparently, MS Access 97 files can no longer be opened and run > from the Samba fileservers. I can copy the files to NT local machines, > they work, I can put them on NT shares, MS Access works, and I > can put them on samba 1.9x versions and it works. > > Whats changed? Was it/is it intentional? > > Currently, only windows 95/98 machines seem to be able to open > the MS Access docs stored on Samba NT Dom servers. > > Access seems to create a locking file on real NT and real NT shares, > but on neither of the Samba (NT Dom and regular). > > HELP! > > Thanks > -Todd > > -- > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > Todd Stiers > Director of Systems Administration > The MicroDisplay Corporation > http://www.microdisplay.com (510)243-9515x129 > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] -- [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- Todd Stiers Director of Systems Administration The MicroDisplay Corporation http://www.microdisplay.com (510)243-9515x129 ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] From aperrin at demog.Berkeley.EDU Thu Mar 18 18:43:24 1999 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom In-Reply-To: <36F14451.A00BEEB6@microdisplay.com> Message-ID: Anything in the log file when this happens? Turn debug up to 3 or 4 or so and see if you get informative errors. ap --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 On Fri, 19 Mar 1999, Todd Stiers wrote: > Thanks for the reply, > > All the permissions were set appropriately (it has worked pre 2.0) > and I even opened them further: > > > [dbdie] > comment = MDC DIE Tracking Database > path = /testing1/dbdie > public = yes > writable = yes > create mask = 0775 > valid users = @users > write list = @users > force group = users > > > > The directory permissions: > > drwxrwxr-x 2 cmullin users 1024 Mar 18 10:20 dbdie > > > The file permissions: > -rw-rw-r-- 1 tas users 2484224 Mar 17 17:17 testit.mdb > > > > I then downloaded and compiled the latest CVS (19990318) > (Version 2.1.0-prealpha) of the NT DOM and I still get the same result - > MS Access is not putting down the lock file. > > -Todd > > > > > Aaron Knauf wrote: > > > Works for me (standard Samba 2.0.3, configured as PDC, also worked on > > 2.0.2). Access creates its .ldb file quite happily. I hate to point out > > the obvious, but do your users have write access to the directory > > containing the database file? Is the share read-only? Of course, the > > DIRECTORY must have the w permission set for the appropriate user/group to > > enable them to create the lock file. > > > > If the database need not be written to, you could also try making it > > read-only (this allows multi-user access without designing the DB to cope > > with that). > > > > Aaron Knauf > > Technical Consultant > > Computing Edge Limited > > Auckland > > New Zealand > > > > Todd Stiers on 18/03/99 13:52:54 > > > > Please respond to tas@microdisplay.com > > > > To: Multiple recipients of list > > cc: (bcc: Aaron Knauf/AKL/CEL/compedge) > > Subject: Weirdness: MS Access Files on Samba NT Dom > > > > Hi, > > > > I have come across a very strange error since upgrading my servers > > to Samba NT Dom 2.0 (late January). > > > > Apparently, MS Access 97 files can no longer be opened and run > > from the Samba fileservers. I can copy the files to NT local machines, > > they work, I can put them on NT shares, MS Access works, and I > > can put them on samba 1.9x versions and it works. > > > > Whats changed? Was it/is it intentional? > > > > Currently, only windows 95/98 machines seem to be able to open > > the MS Access docs stored on Samba NT Dom servers. > > > > Access seems to create a locking file on real NT and real NT shares, > > but on neither of the Samba (NT Dom and regular). > > > > HELP! > > > > Thanks > > -Todd > > > > -- > > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > > Todd Stiers > > Director of Systems Administration > > The MicroDisplay Corporation > > http://www.microdisplay.com (510)243-9515x129 > > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] > > > > -- > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > Todd Stiers > Director of Systems Administration > The MicroDisplay Corporation > http://www.microdisplay.com (510)243-9515x129 > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] > > > From florian at void.s.bawue.de Thu Mar 18 21:36:52 1999 From: florian at void.s.bawue.de (Florian Laws) Date: Tue Dec 2 02:25:54 2003 Subject: One half sucess story and a question about localized NT Message-ID: <19990318223652.A1192@void.s.bawue.de> Hello Samba-Team, after some months lurking on the list, I finally went to get some practical experience with samba. ;-) I have set up Samba 2.1-prealpha CVS from someday a few weeks ago as a PDC and it works like a charm! Thanks for the good work. At one step I had some serious trouble: I couldn't log in to the server until I figured out that I had to run 'smbpasswd -e' on each accout converted from /etc/passwd with mksmbpasswd.sh Perhaps you should add that to ENCRYPTION.TXT The question I have now is how to make a user Administrator of the Domain and of the local Workstations. I followed the NTDOM-FAQ but it didn't work: When I put ntadm=BUILTIN\Administrators in the local group map file, NT says "cannot login to domain" and log.smb says somthing about "DOMAINS do not match" So I put ntadm=SGS\Administrators into the file. I can log in, but don't have any Administrator privledges. Using german NT4SP4, I also tried the german term "Admistratoren" for the local group "Administrators" such as ntadm=BUILTIN\Administratoren but it seems to be ignored as well. Is that a special issue with localized NT versions at all? I found some postings from Alain Foucault and LKCL in the ntdom archive, but I didn't figure out what they mean. Any clarifications? Any solutions? Thanks, Florian (attached are smb.conf, localgroup.map, domainuser.map and domainsgroup.map) -- I am a signature-virus. Why don't copy me into your sig? -------------- next part -------------- # Samba config file created using SWAT # from platon.sgs.s.bw.schule.de (172.0.37.50) # Date: 1999/03/18 14:17:14 # Global parameters workgroup = SGS netbios name = PLATON interfaces = 192.168.0.1 encrypt passwords = Yes null passwords = Yes passwd chat debug = Yes unix password sync = Yes log level = 20 local group map = /usr/local/samba/lib/localgroup.map domain group map = /usr/local/samba/lib/domaingroup.map domain user map = /usr/local/samba/lib/domainuser.map domain logons = Yes os level = 65 preferred master = Yes domain master = Yes [homes] read only = No browseable = No -------------- next part -------------- ntadm=SGS\Administrators -------------- next part -------------- ntadm="Domain Admins" -------------- next part -------------- ntadmin=Administrator From oroy at gwl.com Thu Mar 18 21:38:28 1999 From: oroy at gwl.com (Olivier Roy De Rives) Date: Tue Dec 2 02:25:54 2003 Subject: Slow connect Message-ID: <199903182138.OAA10658@gp-dragon.gwl.com> Hi bunch! Got a rather peculiar behavior from my Wincenter servers after upgrading the Samba server to 2.0.3. It seems that the servers are "connecting" very slow to the Samba shares since the upgrade. Any account not mapping to our Unix box via Samba is working fine. Here is the smb.conf I have: [global] dead time = 5 printing = sysv printcap name = /etc/samba.printcap load printers = yes log file = /opt/tools/samba/logs/log.%m lock directory = /opt/tools/samba/var/locks netbios name = GP-DRAGON share modes = yes security = domain os level = 0 passwd program = /usr/local/bin/expasswd %u encrypt passwords = yes workgroup = ISIS-D domain logons = no password server = GP-DNT1 GP-DNT2 server string = Samba-2.0.3 smbpasswd file = /opt/tools/samba/private/smbpasswd preferred master = no domain master = no local master = no No errors in any of the logs indicate problems... any suggestions? Olivier Roy De Rives NT/UNIX Sys. Admin. Great-West Life & Annuity Denver, CO (303)689-4437 Fax: 689-4850 From lkcl at switchboard.net Thu Mar 18 22:15:21 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: One half sucess story and a question about localized NT In-Reply-To: <19990318223652.A1192@void.s.bawue.de> Message-ID: florians, try modifying the hard-coded name table in the source to match the german names (grep Administrators */*.[ch]) From lkcl at switchboard.net Thu Mar 18 22:24:18 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: Slow connect In-Reply-To: <199903182138.OAA10658@gp-dragon.gwl.com> Message-ID: On Fri, 19 Mar 1999, Olivier Roy De Rives wrote: > Hi bunch! > Got a rather peculiar behavior from my Wincenter servers after upgrading the > Samba server to 2.0.3. > It seems that the servers are "connecting" very slow to the Samba shares since > the upgrade. Any account not mapping to our Unix box via Samba is working fine. olivier, there are issues with TSE, WinDD and NTrigue where as part of a login / access they look up a registry key. the response is bad so they fail. try "nt pipe support = no". try the latest cvs versions (with tag of SAMBA_2_0 and without). let us know what happens. luke From pfaff at edge.cis.McMaster.CA Fri Mar 19 06:37:35 1999 From: pfaff at edge.cis.McMaster.CA (Todd Pfaff) Date: Tue Dec 2 02:25:54 2003 Subject: Roaming Profiles In-Reply-To: Message-ID: On Thu, 18 Mar 1999, Michael S. Hulet wrote: > I just upgraded my production PDC with my test PDC (because it was working > fine). The problem I am having is with roaming profiles. When I joined > the NT workstations to the new domain, they still use their old roaming > profiles. The profile downloads fine but they are unable to change and > save any of their desktop settings, the netscape print button is greyed > out, some applications say access denied (MS Outlook, ICQ, Coldfusion, > ..) I put the users domain login into the local administrator group (not > recommended) and all the problems go away. Has anyone else tackled this > problem and can give me some hints? Hopefully I can fix it without > telling the users to create a new profile. i think the problem is that when you changed pdcs all your domain sids changed, or something like that, and the profile has a 'permitted to use' setting that indicates which users are allowed to access the profile. the solution is to change this 'permitted to use' to either the correct user, or everyone. in samba-2.0.x you have to set it to everyone because nt workstations can't get the necessary domain user information from a samba 2.0.x pdc. with samba-2.1prealpha it may be possible to set it to a valid domain user. to change the 'permitted to use', go to My Computer->User Profiles, select the profile you want to set, click the Copy To button, and then set the copy-to location to the root directory of that users roaming profile and set the permitted to use field to a domain user name or everyone. with a samba-2.0.x pdc you have to do this while logged into a local account and not a domain account or the program will crash when it tries to get the domain user list from the pdc (alternatively, you can unplug your network cable and the nt system will just timeout trying to contact the pdc). i'm not sure about samba 2.1. unfortunately, i don't know of a quick way to do this for multiple profiles. point and click, one at a time. yuck. -- Todd Pfaff \ Email: pfaff@mcmaster.ca Computing and Information Services \ Voice: (905) 525-9140 x22920 ABB 132 \ FAX: (905) 528-3773 McMaster University \ Hamilton, Ontario, Canada L8S 4M1 \ From khan at neuro.ma.uni-heidelberg.de Fri Mar 19 11:58:26 1999 From: khan at neuro.ma.uni-heidelberg.de (Jens Beyer) Date: Tue Dec 2 02:25:54 2003 Subject: Guest account - NO PASSWORD in NT-password field Message-ID: <199903191158.MAA23175@mogli.kli-ma> A non-text attachment was scrubbed... Name: not available Type: text Size: 1026 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990319/75aaa491/attachment.bat From bkosick at nacs.net Fri Mar 19 15:29:28 1999 From: bkosick at nacs.net (Brian Kosick) Date: Tue Dec 2 02:25:54 2003 Subject: NT PDC authentication Message-ID: <36F26D57.B9F4A059@nacs.net> Hello everyone. I have a question. I have a linux bix setup at work, where we use NT domain authentication. I have my linux box setup up to join the network and can mount shares etc. However, I want to be able to share my public directory with every one on the network. The only away that I can have other people log in to my box now though is by giveing them and account on my linux box. Is there any way that I can give people access to my public share and have my linux box use the NT PDC to authenticate these users? I have looked through the guest parameters and have tried to set it up but with no luck. From bkosick at nacs.net Fri Mar 19 19:27:28 1999 From: bkosick at nacs.net (Brian Kosick) Date: Tue Dec 2 02:25:54 2003 Subject: NT PDC authentication References: <36F26D57.B9F4A059@nacs.net> Message-ID: <36F2A520.E5E08F7@nacs.net> I discovered something... having the right machine in password server = makes authenticating with an NT server much easier You know, you would think that I would have caught this before I posted but..... Brian Kosick wrote: > Hello everyone. I have a question. I have a linux bix setup at work, > where we use NT domain authentication. I have my linux box setup up to > join the network and can mount shares etc. However, I want to be able > to share my public directory with every one on the network. The only > away that I can have other people log in to my box now though is by > giveing them and account on my linux box. Is there any way that I can > give people access to my public share and have my linux box use the NT > PDC to authenticate these users? I have looked through the guest > parameters and have tried to set it up but with no luck. From kevinc at grainsystems.com Fri Mar 19 19:40:01 1999 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:25:54 2003 Subject: "security=domain" and workstation-specific NT accounts Message-ID: <36F2A811.3EBDC6A9@grainsystems.com> We're running Samba 2.0.3 (today's tarball on the site) under AIX 4.3.2, with an NT4SP3 PDC. We've set "security=domain", and this appears to be working fine--for the most part. However, if we restrict a user via the NT PDC to only be allowed to logon from a specific workstation, Samba refuses to share to the user--even from that workstation. It reports that the PDC told it the user/password pair was invalid. We tried listing the Samba server in the allowed workstations, but that caused the PDC to start refusing all requests for the NetBIOS name of the Samba server. Samba wasn't even getting the requests, and we had to remove the Samba server from the domain and re-add him (It took ~1 _hour_ for the NT PDC to release him!) before anything would work again at all. Has anyone ever tried this or know anything about this? - Kevin Colby kevinc@grainsystems.com From greg at discreet.com Sun Mar 21 14:32:24 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:54 2003 Subject: rpcclient Message-ID: Hi, I've been playing with rpcclient a bit and therefore have some questions ;-). 1) Is enumusers supposed to work? I just get an ERRDOS. 2) I see there is a way to add a group into the SAM but is there a way to add a user? This tool is becoming extremely convenient for managing our network, we query the registry of each machine every night and can keep track of changes. TIA, Greg ---------------------------------- greg dickie just a guy* *from discreet logic Linux, the choice of a GNU generation! ---------------------------------- From harald at penti.sit.fi Sun Mar 21 17:46:24 1999 From: harald at penti.sit.fi (Harald Hannelius) Date: Tue Dec 2 02:25:54 2003 Subject: status of enumusers? In-Reply-To: Message-ID: Hi there, I just wonder what the status of enumusers is. It would be neat if we could start using user-level sharing on the NT-wks's and the long name of the user would show up if the wks is locked. I have mapped around all my unix-groups in a domaingroup.map so I don't have any groupname that match a username. When I try 'rpclient -S server' and enter 'lsaquery' and 'enumgroup' the samba server returns the group list fine, but 'enumusers' just dumps core on me. Hmm, anyone want more info? (some 770 users, ~20 groups) Thanks for your time. =========================================================== Harald H Hannelius | Harald@iki.fi | GSM +358405470870 =========================================================== From lutz at zbs-ilmenau.de Mon Mar 22 13:32:15 1999 From: lutz at zbs-ilmenau.de (Lutz Jacob) Date: Tue Dec 2 02:25:54 2003 Subject: Guest account - NO PASSWORD in NT-password field Message-ID: <007601be7468$66b3c1f0$0a3f25c3@lutz.zbs-ilmenau.de> Jens Beyer wrote: >Everything runs fine except when somebody tries to login - the >attached smd process runs at 100% cpu and ist locked while processing >smbpasswd, namely the guest entry wich has > >pcguest:65533:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-36ED09B1: > >this fails in 'strhex_to_str (lib/util_str.c)' while processing "NO PASSWORD" >in the NT password field. Replacing it with There is some bad code in strhex_to_str: while (!(p1 = strchr(hexchars, toupper(strhex[i])))) { continue; } This is an endless loop if the call to strchr() fails and gives NULL. Same code also exists in 2.0.3. Lutz From matty at samba.org Mon Mar 22 13:55:16 1999 From: matty at samba.org (Matt Chapman) Date: Tue Dec 2 02:25:54 2003 Subject: Guest account - NO PASSWORD in NT-password field References: <007601be7468$66b3c1f0$0a3f25c3@lutz.zbs-ilmenau.de> Message-ID: <36F64BC4.9995B4F4@samba.org> Lutz Jacob wrote: > There is some bad code in strhex_to_str: > > while (!(p1 = strchr(hexchars, toupper(strhex[i])))) > { > continue; > } > > This is an endless loop if the call to strchr() fails and gives NULL. Same > code also exists in 2.0.3. Hmmm, that code *is* a bit strange :-) Will fix right now. Thanks, Matt -- Matt Chapman Samba Team From erik at total4.nl Mon Mar 22 15:21:13 1999 From: erik at total4.nl (Erik Duisters) Date: Tue Dec 2 02:25:54 2003 Subject: Login problems on solaris 2.5.1 with samba 2.0.3 Message-ID: <19990322151716809.AAA482@fubar02> Hi, I've installed samba 2.0.3 on a sparcstation 5 running solaris 2.5.1. I've configured samba as a logon server, created account in smbpasswd etc. There is no problem in joining PC in the domain, but as soon as I want to log in, I get the error message: C00000078. Looking through the log files, I see the following message: rpc_server/srv_netlog.c:get_md4pw(266) get_md4pw: Workstation $: no account in domain When I run the same version of samba on Linux, everything works. Does anybody have any ideas about this? Regards, Erik From lkcl at switchboard.net Mon Mar 22 16:35:28 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: rpcclient In-Reply-To: Message-ID: On Mon, 22 Mar 1999, Greg Dickie wrote: > > Hi, > > I've been playing with rpcclient which version? use latest cvs. > a bit and therefore have some questions > ;-). 1) Is enumusers supposed to work? yes. > I just get an ERRDOS. 2) I see there is > a way to add a group into the SAM but is there a way to add a user? i just cracked that on friday. > This tool is becoming extremely convenient for managing our network, we query > the registry of each machine every night and can keep track of changes. totally awesome! do you want to send example scripts to the list for putting in the contributed/ samba site? From lkcl at switchboard.net Mon Mar 22 17:16:09 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: Login problems on solaris 2.5.1 with samba 2.0.3 In-Reply-To: <19990322151716809.AAA482@fubar02> Message-ID: you have a bug in your OS which either truncates usernames to 8 chars or strips the $ off the end of accounts. this is a bug in getpwnam() implementation. On Tue, 23 Mar 1999, Erik Duisters wrote: > Hi, > > I've installed samba 2.0.3 on a sparcstation 5 running solaris 2.5.1. > I've configured samba as a logon server, created account in > smbpasswd etc. > > There is no problem in joining PC in the domain, but as soon as I > want to log in, I get the error message: C00000078. > > Looking through the log files, I see the following message: > > rpc_server/srv_netlog.c:get_md4pw(266) > get_md4pw: Workstation $: no account in domain > > When I run the same version of samba on Linux, everything works. > Does anybody have any ideas about this? > > Regards, > > Erik > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From greg at discreet.com Mon Mar 22 17:28:06 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:54 2003 Subject: rpcclient In-Reply-To: Message-ID: On 22-Mar-99 Luke Kenneth Casson Leighton wrote: > On Mon, 22 Mar 1999, Greg Dickie wrote: > >> >> Hi, >> >> I've been playing with rpcclient > > which version? use latest cvs. naturally > >> a bit and therefore have some questions >> ;-). 1) Is enumusers supposed to work? > > yes. boom! nope Stonewire.sw.man 620150062 Discreet Logic Stone & Wire Documentation greg@madagascar:~> rpcclient -S montreal1 -U gdickie Added interface ip=192.168.60.69 bcast=192.168.60.255 nmask=255.255.255.0 Enter Password: smb: \> lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: DL_MONTREAL SID: S-1-5-21-1967852569-1490712752-444732941 Domain Controller - Domain: DL_MONTREAL SID: S-1-5-21-1967852569-1490712752-444732941 smb: \> enumusers enumusers SAM Enumerate Users From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: S-1-5-21-1967852569-1490712752-444732941 cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances of the requested pipe are busy.) > >> I just get an ERRDOS. 2) I see there is >> a way to add a group into the SAM but is there a way to add a user? > > i just cracked that on friday. yahoo! > >> This tool is becoming extremely convenient for managing our network, we >> query >> the registry of each machine every night and can keep track of changes. > > totally awesome! do you want to send example scripts to the list for > putting in the contributed/ samba site? Let me refine them a bit, but it does have potential, now if only I could add a user ;-( Thx, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From lkcl at switchboard.net Mon Mar 22 17:46:00 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:54 2003 Subject: rpcclient In-Reply-To: Message-ID: ok, send me network trace. also send me example netmon trace from nt client (run usrmgr). On Mon, 22 Mar 1999, Greg Dickie wrote: > > On 22-Mar-99 Luke Kenneth Casson Leighton wrote: > > On Mon, 22 Mar 1999, Greg Dickie wrote: > > > >> > >> Hi, > >> > >> I've been playing with rpcclient > > > > which version? use latest cvs. > > naturally > > > > >> a bit and therefore have some questions > >> ;-). 1) Is enumusers supposed to work? > > > > yes. > > boom! nope > Stonewire.sw.man 620150062 Discreet Logic Stone & Wire Documentation > greg@madagascar:~> rpcclient -S montreal1 -U gdickie > Added interface ip=192.168.60.69 bcast=192.168.60.255 nmask=255.255.255.0 > Enter Password: > smb: \> lsaquery > lsaquery > > LSA Query Info Policy > Domain Member - Domain: DL_MONTREAL SID: > S-1-5-21-1967852569-1490712752-444732941 > Domain Controller - Domain: DL_MONTREAL SID: > S-1-5-21-1967852569-1490712752-444732941 > smb: \> enumusers > enumusers > > SAM Enumerate Users > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > S-1-5-21-1967852569-1490712752-444732941 > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > of the requested pipe are busy.) > > > > > >> I just get an ERRDOS. 2) I see there is > >> a way to add a group into the SAM but is there a way to add a user? > > > > i just cracked that on friday. > > yahoo! > > > > >> This tool is becoming extremely convenient for managing our network, we > >> query > >> the registry of each machine every night and can keep track of changes. > > > > totally awesome! do you want to send example scripts to the list for > > putting in the contributed/ samba site? > > Let me refine them a bit, but it does have potential, now if only I could add > a user ;-( > > Thx, > Greg > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet (no more logic) > Montreal > (514) 954-7171 > greg@discreet.com > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From cigor at EUnet.yu Mon Mar 22 22:23:26 1999 From: cigor at EUnet.yu (Colovic Igor) Date: Tue Dec 2 02:25:54 2003 Subject: A litle offtopic question Message-ID: <01be74b2$9aaad440$0200a8c0@big.co.yu> Can somebody to point me where I can find something more about smb protocol. RFC and other document. I have to write about smb/samba and to explain how to connect NT with Linux for my exam. Thanks in advance. ______________________________________________ Colovic Igor Linux Users Group of Yugoslavia www.linux.org.yu cigor@eunet.yu DelphiPro@yahoo.com From aescalan at ifcsun1.ifisiol.unam.mx Mon Mar 22 10:40:21 1999 From: aescalan at ifcsun1.ifisiol.unam.mx (Ana Maria Escalante) Date: Tue Dec 2 02:25:54 2003 Subject: A litle offtopic question In-Reply-To: <01be74b2$9aaad440$0200a8c0@big.co.yu> Message-ID: Hi Igor: Have you read : http://anu.samba.org/cifs/docs/what-is-smb.html ? On Tue, 23 Mar 1999, Colovic Igor wrote: > Can somebody to point me where I can find something more about smb protocol. > RFC and other document. > > I have to write about smb/samba and to explain how to connect NT with Linux > for my exam. > > Thanks in advance. > > > ______________________________________________ > Colovic Igor Linux Users Group of Yugoslavia > www.linux.org.yu > cigor@eunet.yu > DelphiPro@yahoo.com > > > > From cartegw at Eng.Auburn.EDU Mon Mar 22 22:45:29 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:54 2003 Subject: A litle offtopic question References: <01be74b2$9aaad440$0200a8c0@big.co.yu> Message-ID: <36F6C809.BE551007@eng.auburn.edu> Colovic Igor wrote: > > Can somebody to point me where I can find something more > about smb protocol. RFC and other document. > > I have to write about smb/samba and to explain how to > connect NT with Linux for my exam. See http://www.linuxworld.com/linuxworld/lw-1998-10/lw-10-thereandback.html Also see the references section. Hope this helps, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From tas at microdisplay.com Tue Mar 23 00:32:28 1999 From: tas at microdisplay.com (Todd Stiers) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom References: Message-ID: <36F6E11C.800E536C@microdisplay.com> I attempted to set veto oplock file = /*.*/ for the share, and still the Access file will not open. Running debug level 4 shows the file being created, then cleared very quickly: tas opened file testit.ldb read=Yes write=No (numopen=4) set_share_mode: Created share entry for testit.ldb with mode 0x8040 pid=8893 call_trans2qfilepathinfo testit.ldb level=258 call=7 total_data=0 tas closed file testit.ldb (numopen=3) unix_clean_name [/testit.ldb] unix_clean_name [testit.ldb] (this was done using a grep on tail -f of log.smb) Does "veto oplock file = /*.*/" not work or is there a better way to try this? How do I know the veto is working? Thanks -Todd gscherb@mriresearch.org wrote: > I've had similar problems with Access 97. I got it fixed by setting oplocks > to false or setting veto oplock files for *.mdb, *.ldb, ? I have similar > problems with MS Outlook *.pst files. Interestingly, NT 5.0 Beta 2 does not > have these problems. Microsoft has messed around with the SMB > implementation. NT 5 would force all filenames to upper case on Samba > 1.9.x, but that behavior is gone on 2.0.2. > > Disabling oplocks slows performance a bit, especially when attaching data > tables dynamically where the client app is on a workstation and the back end > database is on a Samba server. Once the links are attached, performance is > great, even with several users. > > Glenn A. Scherb > Programmer/Analyst > Midwest Research Institute > gscherb@mriresearch.org > > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org] On Behalf Of Todd > Stiers > Sent: Wednesday, March 17, 1999 7:52 PM > To: Multiple recipients of list > Subject: Weirdness: MS Access Files on Samba NT Dom > > Hi, > > I have come across a very strange error since upgrading my servers > to Samba NT Dom 2.0 (late January). > > Apparently, MS Access 97 files can no longer be opened and run > from the Samba fileservers. I can copy the files to NT local machines, > they work, I can put them on NT shares, MS Access works, and I > can put them on samba 1.9x versions and it works. > > Whats changed? Was it/is it intentional? > > Currently, only windows 95/98 machines seem to be able to open > the MS Access docs stored on Samba NT Dom servers. > > Access seems to create a locking file on real NT and real NT shares, > but on neither of the Samba (NT Dom and regular). > > HELP! > > Thanks > -Todd > > -- > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > Todd Stiers > Director of Systems Administration > The MicroDisplay Corporation > http://www.microdisplay.com (510)243-9515x129 > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] -- [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- Todd Stiers Director of Systems Administration The MicroDisplay Corporation http://www.microdisplay.com (510)243-9515x129 ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] From matthew at janus.law.usyd.edu.au Tue Mar 23 00:47:13 1999 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom In-Reply-To: <36F6E11C.800E536C@microdisplay.com> from "Todd Stiers" at Mar 23, 99 11:33:40 am Message-ID: <199903230047.LAA11102@janus.law.usyd.edu.au> > I attempted to set veto oplock file = /*.*/ for the share, > and still the Access file will not open. > > Running debug level 4 shows the file being created, then cleared very > quickly: > > tas opened file testit.ldb read=Yes write=No (numopen=4) > set_share_mode: Created share entry for testit.ldb with mode 0x8040 pid=8893 > call_trans2qfilepathinfo testit.ldb level=258 call=7 total_data=0 > tas closed file testit.ldb (numopen=3) > unix_clean_name [/testit.ldb] > unix_clean_name [testit.ldb] > > (this was done using a grep on tail -f of log.smb) > > > Does "veto oplock file = /*.*/" not work or is there a better > way to try this? How do I know the veto is working? > I run a couple of access DBs off samba shares. As long as the user has write permission to the DB directory (so they can create the .ldb file) it works fine for me. No oplock veto or any thing, just in my case allowing 'group' write to that directory. From ccegongw at nus.edu.sg Tue Mar 23 12:45:00 1999 From: ccegongw at nus.edu.sg (Gong Wei) Date: Tue Dec 2 02:25:54 2003 Subject: Redundant Samba Server Message-ID: <762388C091FAD01180FF00A024621378E8EBC4@exs01.ex.nus.edu.sg> Hi all, Is it possible to set up two Samba servers to minimize the service down time, using current 2.0.3 under Linux? We plan to setup two servers as master/slave. So normally the slave server will not in production (nmbd and smbd will not be started). It only starts if it detects the master server, whose NetBIOS name is MASTER1 fail. So how should we configure the second Samba server such that it can advertise itself as MASTER1 also? And more importantly, after this second Samba server starts up, all newly boot up clients should connect to this one. It seems that merely copy smb.conf and all files in the private directory to the slave server is not enough .... ^_^ Another problem that we haven't found the answer is that what if the Master server goes back online while the slave server is in production? I am not sure whether this can be done or not. The base line is that we hope there can be some mechanism to provide some level of redundancy. At least all the clients which boot up "after" a server crash should be able to switch to a backup server in a transparent/automatic manner. Please elaborate, thanks! Regards Gong Wei (ccegongw@nus.edu.sg) From cord at Team.OWL-Online.DE Tue Mar 23 16:20:43 1999 From: cord at Team.OWL-Online.DE (Cord-H. Fricke) Date: Tue Dec 2 02:25:54 2003 Subject: roaming profiles Message-ID: <36F7BF5B.BF9268CF@mos.owl-online.de> Hi there, i got a problem with roaming profiles. When I log on to ?Doze NT? I got the profile that is on the server. But anybody else got the default user profile from the NT workstation. Copying the server-profile in the logon-directory is not the right way, I think, because it dosn?t work. Thank you for help Cord ------------------------- Cord Fricke owl-online fricke@team.owl-online.de www.owl-online.de 0 52 1 / 52 51 133 From rchatfie at cemrc.org Tue Mar 23 15:38:19 1999 From: rchatfie at cemrc.org (Randy Chatfield) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom In-Reply-To: <36F6E11C.800E536C@microdisplay.com> Message-ID: Have you tried setting mode on the directory that the Access mdb file resides in to mode 1777 ? I would think that a lock could be created by Access with that mode. Randy Chatfield Programmer Analyst rchatfie@cemrc.org 505-234-5534 From pburch at sccd.ctc.edu Tue Mar 23 16:05:05 1999 From: pburch at sccd.ctc.edu (Burch, Phil) Date: Tue Dec 2 02:25:54 2003 Subject: Redundant Samba Server Message-ID: <67DD2D8CC31BD111A8BB080009DDDED5CADB8E@nsccnta01.sccd.ctc.edu> I am not to sure about this but: As far as I understand, in a Windows NT network the PDC and SDC have different netbios names but can both 'handle' domain logins, the SDC is set to a lower 'election level' so that it becomes the PDC if the PDC goes down. Did you try running samba on both servers calling them 'MASTER' and 'SLAVE' (or whatever) and setting the master (Primary domain controlled) to a higher election level than the slave (Secondary domain controller)? If there aren't any other NT servers on the subnet, this should do it for you... shouldn't it? Phil Burch Computing Services North Seattle Community College http://nsccux.sccd.ctc.edu -----Original Message----- From: Gong Wei [mailto:ccegongw@nus.edu.sg] Sent: Tuesday, March 23, 1999 4:45 AM To: Multiple recipients of list Subject: Redundant Samba Server Hi all, Is it possible to set up two Samba servers to minimize the service down time, using current 2.0.3 under Linux? We plan to setup two servers as master/slave. So normally the slave server will not in production (nmbd and smbd will not be started). It only starts if it detects the master server, whose NetBIOS name is MASTER1 fail. So how should we configure the second Samba server such that it can advertise itself as MASTER1 also? And more importantly, after this second Samba server starts up, all newly boot up clients should connect to this one. It seems that merely copy smb.conf and all files in the private directory to the slave server is not enough .... ^_^ Another problem that we haven't found the answer is that what if the Master server goes back online while the slave server is in production? I am not sure whether this can be done or not. The base line is that we hope there can be some mechanism to provide some level of redundancy. At least all the clients which boot up "after" a server crash should be able to switch to a backup server in a transparent/automatic manner. Please elaborate, thanks! Regards Gong Wei (ccegongw@nus.edu.sg) From aperrin at demog.Berkeley.EDU Tue Mar 23 16:47:46 1999 From: aperrin at demog.Berkeley.EDU (Andrew Perrin - Demography) Date: Tue Dec 2 02:25:54 2003 Subject: srv/usrmgr and DC Message-ID: Well, an interesting thought, but it appears nothing: /usr/LOCAL/samba/bin>./smbclient //population/homes -U'; touch /tmp/foo' -N load_client_codepage: filename /usr/LOCAL/samba/lib/codepages/codepage.850 does not exist. Server time is Tue Mar 23 08:38:13 1999 Timezone is UTC-8.0 Session setup failed for username=; touch /tmp/foo myname=POPULATION destname=POPULATION ERRSRV - ERRbadpw (Bad password - name/password pair in a Tree Connect or Session Setup are invalid.) Log: cli_net_sam_logon: NT_STATUS_NO_SUCH_USER domain_client_validate: unable to validate password for user ; touch /tmp/foo in domain WORKGROUP to Domain controller BOSERUP. Error was NT_STATUS_NO_SUCH_USER. And... /usr/LOCAL/samba/bin>./smbclient //population/homes -U'+ +' -n '../../../../../tmp/foo' load_client_codepage: filename /usr/LOCAL/samba/lib/codepages/codepage.850 does not exist. Server time is Tue Mar 23 08:40:52 1999 Timezone is UTC-8.0 Password: Password: Domain=[DEMOGRAPHY] OS=[Unix] Server=[Samba 1.9.19-prealpha] connected as guest security=user SMBtconX failed. ERRSRV - ERRbadpw (Bad password - name/password pair in a Tree Connect or Session Setup are invalid.) Log: cli_net_sam_logon: NT_STATUS_NO_SUCH_USER domain_client_validate: unable to validate password for user + + in domain WORKGROUP to Domain controller BOSERUP. Error was NT_STATUS_NO_SUCH_USER. Date: Thu, 18 Mar 1999 08:03:03 +1100 From: J.A. Gutierrez To: Multiple recipients of list Subject: Re: srv/usrmgr and DC > > root preexec = echo %u > /opt/samba/status/%m > root postexec = rm -f /opt/samba/status/%m > > this just puts the logged in username in a file named after the > workstation name; > Interesting.... and what happends if you try the following? $ smbclient '\\yourserver\foo' -U "+ +" -n "../../../../../root/.rhosts" -- finger spd@gtc1.cps.unizar.es for PGP / So be easy and free mailcap tip of the day: / when you're drinking with me application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day text/x-vcard; cat '%s' > /dev/null / (the pogues) --------------------------------------------------------------------- Andrew J. Perrin - aperrin@demog.berkeley.edu - NT/Unix Admin/Support Department of Demography - University of California at Berkeley 2232 Piedmont Avenue #2120 - Berkeley, California, 94720-2120 USA http://demog.berkeley.edu/~aperrin --------------------------SEIU1199 From tas at microdisplay.com Tue Mar 23 17:04:03 1999 From: tas at microdisplay.com (Todd Stiers) Date: Tue Dec 2 02:25:54 2003 Subject: Weirdness: MS Access Files on Samba NT Dom References: Message-ID: <36F7C983.D0CE3E9A@microdisplay.com> Randy Chatfield wrote: > Have you tried setting mode on the directory that the Access mdb file > resides in to mode 1777 ? > Hi, just tried this on your suggestion, I get the same results. I went back to fake oplocks = yes in the sahre and now I get The Microsoft Jet database engine cannot open the file ". It is already opened exclusively by another user, or you need permission to view its data. Other MS Access DB's in the same directory produce the same result. This is a 2.1 prealpha Samba, and I am only having issue when opening the MS Access files from NT Workstation 4.0 SP3 systems - win95/98 it works fine. Thanks -Todd > I would think that a lock could be created by Access with that mode. > > Randy Chatfield > Programmer Analyst > rchatfie@cemrc.org > 505-234-5534 -- [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- Todd Stiers Director of Systems Administration The MicroDisplay Corporation http://www.microdisplay.com (510)243-9515x129 ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] From nick at wwf.org.co Tue Mar 23 18:46:47 1999 From: nick at wwf.org.co (Nicholas Waltham) Date: Tue Dec 2 02:25:55 2003 Subject: Cannot change passwords from NT in 2.0.3 Message-ID: <000001be755d$81984180$1500a8c0@wwf.org.co> Hi There, I am using Samba 2.0.3 as a primary domain controller. I have set unix sync passwords to on, and its working fine when I change the password from a Windows 95 machine. However when I try and change from a Windows NT SP4 machine (hanv't tried other SPs) The chat script fails after the second password is entered saying that the program died while waiting for the answer. Is Windows NT sending some junk on the end of the password buffer which Samba is not stripping off before sending to my password change program? Or what could it be?. I am running Samba on Intel Red Hat Linux 5.2 Thanks in advance, Nicholas Waltham From hulet at ittc.ukans.edu Tue Mar 23 18:58:34 1999 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:25:55 2003 Subject: Roaming Profiles In-Reply-To: Message-ID: OK here is what I have to do to save my roaming profiles. 1. Change the roaming profile to a local profile. 2. Copy the profile to a directory changing the Permitted to Use to the Domain Name/User 3. Copy that profile into a newly created roaming profile directory on the server. Painful but it works. The moral of the story is never change your domain SID unless you want to start over. I always thought it only affected my workstations but I have now learned the hard way that it affects all my users too. Write your Domain SID down on paper and keep several copies around just in case. Thanks for the replys and suggestions. Michael Hulet Network System Administrator ITTC, University of Kansas Tel:785-864-7793 On Fri, 19 Mar 1999, Todd Pfaff wrote: > On Thu, 18 Mar 1999, Michael S. Hulet wrote: > > > I just upgraded my production PDC with my test PDC (because it was working > > fine). The problem I am having is with roaming profiles. When I joined > > the NT workstations to the new domain, they still use their old roaming > > profiles. The profile downloads fine but they are unable to change and > > save any of their desktop settings, the netscape print button is greyed > > out, some applications say access denied (MS Outlook, ICQ, Coldfusion, > > ..) I put the users domain login into the local administrator group (not > > recommended) and all the problems go away. Has anyone else tackled this > > problem and can give me some hints? Hopefully I can fix it without > > telling the users to create a new profile. > > i think the problem is that when you changed pdcs all your domain sids > changed, or something like that, and the profile has a 'permitted to use' > setting that indicates which users are allowed to access the profile. > > the solution is to change this 'permitted to use' to either the correct > user, or everyone. in samba-2.0.x you have to set it to everyone because > nt workstations can't get the necessary domain user information from a > samba 2.0.x pdc. with samba-2.1prealpha it may be possible to set it to a > valid domain user. > > to change the 'permitted to use', go to My Computer->User Profiles, select > the profile you want to set, click the Copy To button, and then set the > copy-to location to the root directory of that users roaming profile and > set the permitted to use field to a domain user name or everyone. > with a samba-2.0.x pdc you have to do this while logged into a local > account and not a domain account or the program will crash when it tries > to get the domain user list from the pdc (alternatively, you can unplug > your network cable and the nt system will just timeout trying to contact > the pdc). i'm not sure about samba 2.1. > > unfortunately, i don't know of a quick way to do this for multiple > profiles. point and click, one at a time. yuck. > > -- > Todd Pfaff \ Email: pfaff@mcmaster.ca > Computing and Information Services \ Voice: (905) 525-9140 x22920 > ABB 132 \ FAX: (905) 528-3773 > McMaster University \ > Hamilton, Ontario, Canada L8S 4M1 \ > From rchatfie at cemrc.org Tue Mar 23 19:52:34 1999 From: rchatfie at cemrc.org (Randy Chatfield) Date: Tue Dec 2 02:25:55 2003 Subject: Weirdness: MS Access Files on Samba NT Dom In-Reply-To: <36F7C983.D0CE3E9A@microdisplay.com> Message-ID: Here's how my share is setup for using Access. Im using Samba-2.0.0 as an NT PDC. [global] share modes = yes locking = yes [mdb] comment = General System Database files etc. path = /path/to/files public = no browseable = yes writable = yes printable = no create mode = 765 Randy Chatfield Programmer Analyst rchatfie@cemrc.org 505-234-5534 > > Randy Chatfield wrote: > > > Have you tried setting mode on the directory that the Access mdb file > > resides in to mode 1777 ? > > > > Hi, just tried this on your suggestion, I get the same results. > > I went back to fake oplocks = yes in the sahre > and now I get > > > The Microsoft Jet database engine cannot open the file ". It is already > opened exclusively by another user, or you need permission to view its > data. > > > Other MS Access DB's in the same directory produce the same result. > > > This is a 2.1 prealpha Samba, and I am only having issue when opening > the MS Access files from NT Workstation 4.0 SP3 systems - win95/98 it > works fine. > > Thanks > -Todd > > > > I would think that a lock could be created by Access with that mode. > > > > Randy Chatfield > > Programmer Analyst > > rchatfie@cemrc.org > > 505-234-5534 > > > > -- > [--- [--- [--- [--- [--- [--- [--- [--- [--- [--- > Todd Stiers > Director of Systems Administration > The MicroDisplay Corporation > http://www.microdisplay.com (510)243-9515x129 > ---] ---] ---] ---] ---] ---] ---] ---] ---] ---] > > From jochen at scram.de Tue Mar 23 16:08:08 1999 From: jochen at scram.de (Jochen Friedrich) Date: Tue Dec 2 02:25:55 2003 Subject: Redundant Samba Server In-Reply-To: <67DD2D8CC31BD111A8BB080009DDDED5CADB8E@nsccnta01.sccd.ctc.edu> Message-ID: Hi, On Wed, 24 Mar 1999, Burch, Phil wrote: > I am not to sure about this but: As far as I understand, in a Windows NT > network the PDC and SDC have different netbios names but can both 'handle' > domain logins, the SDC is set to a lower 'election level' so that it becomes > the PDC if the PDC goes down. > From: Gong Wei [mailto:ccegongw@nus.edu.sg] > > Hi all, > > Is it possible to set up two Samba servers to minimize the service down > time, using current 2.0.3 under Linux? > > We plan to setup two servers as master/slave. So normally the slave server > will not in production (nmbd and smbd will not be started). It only starts > if it detects the master server, whose NetBIOS name is MASTER1 fail. Well, in the PDC/BDC scenario, all you get is a "high avaliable" logon service, but not file or print services. I would suggest looking into http://metalab.unc.edu/pub/Linux/ALPHA/linux-ha/High-Availability-HOWTO.html and make the samba service itself high available. There already is some early software to exchange heart-beat between two server so the backup will start its application and switch its IP number once the primary server goes down. Cheers, Jochen From lkcl at switchboard.net Tue Mar 23 20:11:19 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: rpcclient In-Reply-To: Message-ID: > > enumusers > > > > SAM Enumerate Users > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > S-1-5-21-1967852569-1490712752-444732941 > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > of the requested pipe are busy.) ok i am seeing this blow up because there is a hard limit on the static alloc'd array to 250 users. From spd at gtc1.cps.unizar.es Tue Mar 23 20:15:09 1999 From: spd at gtc1.cps.unizar.es (J.A. Gutierrez) Date: Tue Dec 2 02:25:55 2003 Subject: srv/usrmgr and DC In-Reply-To: from "Andrew Perrin - Demography" at Mar 23, 99 08:47:46 am Message-ID: <199903232015.VAA13435@gtc1.cps.unizar.es> > > > > > root preexec = echo %u > /opt/samba/status/%m > > root postexec = rm -f /opt/samba/status/%m > > > > this just puts the logged in username in a file named after the > > workstation name; > > > > Interesting.... > and what happends if you try the following? > > $ smbclient '\\yourserver\foo' -U "+ +" -n "../../../../../root/.rhosts" > > Domain=[DEMOGRAPHY] OS=[Unix] Server=[Samba 1.9.19-prealpha] > connected as guest security=user > SMBtconX failed. ERRSRV - ERRbadpw (Bad password - name/password pair in a > Tree Connect or Session Setup are invalid.) > > Log: > cli_net_sam_logon: NT_STATUS_NO_SUCH_USER > domain_client_validate: unable to validate password for user + + in domain > WORKGROUP to Domain controller BOSERUP. Error was NT_STATUS_NO_SUCH_USER. Yes, since you are using "security=user" fails that way... It could be a problem with guest access and security = share, I guess. The "-n" part still could be a problem (but the evil user needs a vaild user/pass); I noticed that some time ago, when my log files where "/var/adm/samba/%m" (now they are "/var/adm/samba/log.%m") -- finger spd@gtc1.cps.unizar.es for PGP / So be easy and free .mailcap tip of the day: / when you're drinking with me application/ms-tnef; cat '%s' > /dev/null / I'm a man you don't meet every day text/x-vcard; cat '%s' > /dev/null / (the pogues) From dave at www.buffalostate.edu Tue Mar 23 20:24:10 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:55 2003 Subject: rpcclient In-Reply-To: Message-ID: > > > enumusers > > > > > > SAM Enumerate Users > > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > > S-1-5-21-1967852569-1490712752-444732941 > > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > > of the requested pipe are busy.) > > ok i am seeing this blow up because there is a hard limit on the static > alloc'd array to 250 users. Why not use a linked list? Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From lkcl at switchboard.net Tue Mar 23 20:32:58 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: rpcclient In-Reply-To: Message-ID: i'm doing malloc'd array right now. On Tue, 23 Mar 1999, Dave J. Andruczyk wrote: > > > > enumusers > > > > > > > > SAM Enumerate Users > > > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > > > S-1-5-21-1967852569-1490712752-444732941 > > > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > > > of the requested pipe are busy.) > > > > ok i am seeing this blow up because there is a hard limit on the static > > alloc'd array to 250 users. > > Why not use a linked list? > > Dave J. Andruczyk > Instructional Support Associate > Department of Technology > Buffalo State College > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From cigor at EUnet.yu Tue Mar 23 18:25:10 1999 From: cigor at EUnet.yu (Colovic Igor) Date: Tue Dec 2 02:25:55 2003 Subject: roaming profiles Message-ID: <01be755a$7c2c3150$0200a8c0@big.co.yu> >Hi there, > >i got a problem with roaming profiles. >When I log on to ?Doze NT? I got the profile that is on the server. >But anybody else got the default user profile from the NT workstation. >Copying the server-profile in the logon-directory is not the right way, >I think, because it dosn?t work. > >Thank you for help > Cord are you talking about Default User in netlogon share. If you are then for now (using samba 2.0.3) it is not possible. Why. When you copy Default User profile to server not only you have to set unix premission but you have to set NT premision on ntuser.dat. How do you do it. Using regedt32.exe you have to set that Everybody have access to hive. Hive is the name for ntuser.dat. I supouse that Microsoft set this so that you can set what users get Server Default User. This premission is set in side of ntuser.dat and when NT try to get it it first check for this internal premission. You can try to manualy edit this, but I do not know where this information is set. If I found out I will let you know. For this to be set samba have to give you list of domain users witch is not posible with samba 2.0.3 I must add that only once I was able to get list of users wint this wersion of samba, and I do not know what heppend. ______________________________________________ Colovic Igor Linux Users Group of Yugoslavia www.linux.org.yu cigor@eunet.yu DelphiPro@yahoo.com From lkcl at switchboard.net Tue Mar 23 20:49:54 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: rpcclient In-Reply-To: Message-ID: ok, committed a change which should allow rpcclient to read an unlimited number of users. groups and aliases are still limited to MAX_SAM_ENTRIES, which is hard-coded to 250 right now. On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > i'm doing malloc'd array right now. > > On Tue, 23 Mar 1999, Dave J. Andruczyk wrote: > > > > > > enumusers > > > > > > > > > > SAM Enumerate Users > > > > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > > > > S-1-5-21-1967852569-1490712752-444732941 > > > > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > > > > of the requested pipe are busy.) > > > > > > ok i am seeing this blow up because there is a hard limit on the static > > > alloc'd array to 250 users. > > > > Why not use a linked list? > > > > Dave J. Andruczyk > > Instructional Support Associate > > Department of Technology > > Buffalo State College > > > > > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > > ===================================================================== > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > ISS Connect - International User Conference - May '99 > ===================================================================== > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From adam.w.cabler at lmco.com Tue Mar 23 21:29:05 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:55 2003 Subject: Error with Domain Logons Message-ID: I get this error when trying to start samba as a PDC.? Samba starts fine otherwise, but when I set Security = Domain, samba will not start. ? [1999/03/23 15:23:13, 1] smbd/files.c:file_init(219) ? file_init: Information only: requested 10000 open files, 2490 are available. [1999/03/23 15:23:13, 0] libsmb/clientgen.c:cli_connect_serverlist(2845) ? cli_connect_serverlist: Domain password server not available. [1999/03/23 15:23:13, 0] lib/sids.c:get_domain_sids(199) ? get_member_domain_sid: unable to initialise client connection. [1999/03/23 15:23:13, 0] smbd/server.c:main(676) ? ERROR: Samba cannot obtain PDC SID from PDC(s) From duncan at msmd.org Tue Mar 23 21:35:26 1999 From: duncan at msmd.org (Josh Duncan) Date: Tue Dec 2 02:25:55 2003 Subject: question about stability/scalability... In-Reply-To: Message-ID: Hello all, My computer science department at my univ. is currently using samba as our primary file server, as well as pdc. We are using a 2.0.x release of samba, but want to move to the head code(2.1beta?) to get support for domain user lists(acls) and the like. However, we do not want, nor can we afford, to jump in blindly with the head code. My question is this: I know that people are currently using all these features in samba. How stable is it? That is, how well does your samba server handle the auth requests, etc etc before(if) it dies? Is this something that you would recommend, or have done, to implement it on a site with approx 150-250 workstations, and anywhere between 500-1000+ user accounts? We know that all this can be done, because we are already authenticating these users, with file services, but we are wondering if the access control code is stable enough for prime-time use.(functionality we now use: authenticate user, connect to shares. functionality we want: authenticate user, with proper privs/rights/policies on the local machine, and connect shares) I realize I may not have put together the clearest email here(this nt crap confooses the heck outa me.) If i sound like I am talking gobbledy gook, please let me know and I will try to enumerate better our needs. If what I said made some semblance of sense, could you please let me know your experiences with the stability of the head code with respect to what we want to do? thanks in advance for any advice on our situation, Josh On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > Date: Wed, 24 Mar 1999 07:50:28 +1100 > From: Luke Kenneth Casson Leighton > To: Multiple recipients of list > Subject: Re: rpcclient > > ok, committed a change which should allow rpcclient to read an unlimited > number of users. groups and aliases are still limited to MAX_SAM_ENTRIES, > which is hard-coded to 250 right now. > > On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > i'm doing malloc'd array right now. > > > > On Tue, 23 Mar 1999, Dave J. Andruczyk wrote: > > > > > > > > enumusers > > > > > > > > > > > > SAM Enumerate Users > > > > > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > > > > > S-1-5-21-1967852569-1490712752-444732941 > > > > > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > > > > > of the requested pipe are busy.) > > > > > > > > ok i am seeing this blow up because there is a hard limit on the static > > > > alloc'd array to 250 users. > > > > > > Why not use a linked list? > > > > > > Dave J. Andruczyk > > > Instructional Support Associate > > > Department of Technology > > > Buffalo State College > > > > > > > > > > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > > > ===================================================================== > > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > > ISS Connect - International User Conference - May '99 > > ===================================================================== > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > > ===================================================================== > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > ISS Connect - International User Conference - May '99 > ===================================================================== > > -- There is never any peace for those who resist God. ... Francois Fenelon (1651-1715) Josh Duncan duncan@msmd.org http://www.msmd.org/ From simon.mccartney at dnet.co.uk Wed Mar 24 01:36:32 1999 From: simon.mccartney at dnet.co.uk (Simon McCartney) Date: Tue Dec 2 02:25:55 2003 Subject: Problems accessing CVS Message-ID: <000001be7596$bf50cb80$2b02a8c0@zeus.dnet.co.uk> I've been trying to check out a new copy of the CVS hierarchy for a couple of days, but I allways get stuck at the same point, whether I'm co'ing or update'ing, it allways stalls at samba/packaging/Example/setup.sh. Anybody got any suggestions ? I'm running RedHat 5.2 (kernel 2.2.1), CVS 1.10.2, connected via ppp. McC -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1732 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990324/cdb9a796/winmail.bin From uwen at ekom-gmbh.de Wed Mar 24 01:39:58 1999 From: uwen at ekom-gmbh.de (Uwe Wendt) Date: Tue Dec 2 02:25:55 2003 Subject: Win95 user-level access In-Reply-To: <36E456FF.87744B0D@student.unsw.edu.au> Message-ID: On Mon, 8 Mar 1999, Matt Chapman wrote: > Uwe Wendt wrote: > > OK - I get a userlist -or better- grouplist, but it is not complete. > > OK, I know about that - there is indeed a hardcoded maximum of 11 which I > will fix very soon - but this means the new RPCs I added are working nicely Now it is working, but the log shows two problems: [1999/03/24 01:37:07, 1] smbd/ipc.c:api_fd_reply(3280) api_fd_reply: INVALID PIPE HANDLE: 0 [1999/03/24 01:37:08, 1] smbd/ipc.c:api_fd_reply(3280) api_fd_reply: INVALID PIPE HANDLE: 0 [1999/03/24 01:37:08, 0] passdb/sampass.c:getsamfile21pwent(108) trust account lux$ should be in DOMAIN_GROUP_RID_USERS Does I need a workstation account for Window95 ? There is still an other problem. Srvmgr and Usrmgr (on Win95) complain: "Could not find (primary) domain controller." Server manager shows Samba as "Windows NT Backup". Uwe Wendt From lkcl at switchboard.net Wed Mar 24 03:08:37 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: question about stability/scalability... In-Reply-To: Message-ID: josh, check the archives both samba-technical and samba-ntdom, let them speak for themselves. the "user manager for domains" functionality is actually completely unnecessary. the minimal functionality is there. there are workarounds for those bits that aren't (e.g printing). luke On Tue, 23 Mar 1999, Josh Duncan wrote: > > Hello all, > > My computer science department at my univ. is currently using samba as our > primary file server, as well as pdc. We are using a 2.0.x release of > samba, but want to move to the head code(2.1beta?) to get support for > domain user lists(acls) and the like. > > However, we do not want, nor can we afford, to jump in blindly with the > head code. > > My question is this: > I know that people are currently using all these features in samba. How > stable is it? That is, how well does your samba server handle the auth > requests, etc etc before(if) it dies? Is this something that you would > recommend, or have done, to implement it on a site with approx 150-250 > workstations, and anywhere between 500-1000+ user accounts? > > We know that all this can be done, because we are already authenticating > these users, with file services, but we are wondering if the access > control code is stable enough for prime-time use.(functionality we now > use: authenticate user, connect to shares. functionality we want: > authenticate user, with proper privs/rights/policies on the local machine, > and connect shares) > > I realize I may not have put together the clearest email here(this nt crap > confooses the heck outa me.) If i sound like I am talking gobbledy gook, > please let me know and I will try to enumerate better our needs. > > If what I said made some semblance of sense, could you please let me know > your experiences with the stability of the head code with respect to what > we want to do? > > > thanks in advance for any advice on our situation, > Josh > > On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > Date: Wed, 24 Mar 1999 07:50:28 +1100 > > From: Luke Kenneth Casson Leighton > > To: Multiple recipients of list > > Subject: Re: rpcclient > > > > ok, committed a change which should allow rpcclient to read an unlimited > > number of users. groups and aliases are still limited to MAX_SAM_ENTRIES, > > which is hard-coded to 250 right now. > > > > On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > > > i'm doing malloc'd array right now. > > > > > > On Tue, 23 Mar 1999, Dave J. Andruczyk wrote: > > > > > > > > > > enumusers > > > > > > > > > > > > > > SAM Enumerate Users > > > > > > > From: MADAGASCAR To: \\MONTREAL1 Domain: DL_MONTREAL SID: > > > > > > > S-1-5-21-1967852569-1490712752-444732941 > > > > > > > cli_pipe: return critical error. Error was ERRDOS - ERRpipebusy (All instances > > > > > > > of the requested pipe are busy.) > > > > > > > > > > ok i am seeing this blow up because there is a hard limit on the static > > > > > alloc'd array to 250 users. > > > > > > > > Why not use a linked list? > > > > > > > > Dave J. Andruczyk > > > > Instructional Support Associate > > > > Department of Technology > > > > Buffalo State College > > > > > > > > > > > > > > > > > > > > > > Luke Kenneth Casson Leighton > > > Samba and Network Development > > > Samba Web site > > > > > > ===================================================================== > > > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > > > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > > > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > > > > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > > > ISS Connect - International User Conference - May '99 > > > ===================================================================== > > > > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > > > ===================================================================== > > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > > ISS Connect - International User Conference - May '99 > > ===================================================================== > > > > > > -- > There is never any peace for those who resist God. > ... Francois Fenelon (1651-1715) > > Josh Duncan > duncan@msmd.org > http://www.msmd.org/ > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Wed Mar 24 03:16:07 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: Win95 user-level access In-Reply-To: Message-ID: On Wed, 24 Mar 1999, Uwe Wendt wrote: > On Mon, 8 Mar 1999, Matt Chapman wrote: > > > Uwe Wendt wrote: > > > OK - I get a userlist -or better- grouplist, but it is not complete. > > > > OK, I know about that - there is indeed a hardcoded maximum of 11 which I > > will fix very soon - but this means the new RPCs I added are working nicely > > Now it is working, but the log shows two problems: > > [1999/03/24 01:37:07, 1] smbd/ipc.c:api_fd_reply(3280) > api_fd_reply: INVALID PIPE HANDLE: 0 > [1999/03/24 01:37:08, 1] smbd/ipc.c:api_fd_reply(3280) > api_fd_reply: INVALID PIPE HANDLE: 0 look further up the log files, you will see a crash (INTERNAL ERROR fault.c). From simon.mccartney at dnet.co.uk Wed Mar 24 09:04:26 1999 From: simon.mccartney at dnet.co.uk (Simon McCartney) Date: Tue Dec 2 02:25:55 2003 Subject: Problems accessing CVS Message-ID: <36f8aa5d.236540@mail.d-n-a.net> Sorry about the RTF posting earlier: I've been trying to check out a new copy of the CVS hierarchy for a couple of days, but I allways get stuck at the same point, whether I'm co'ing or update'ing, it allways stalls at samba/packaging/Example/setup.sh. Anybody got any suggestions ? I'm running RedHat 5.2 (kernel 2.2.1), CVS 1.10.2, connected via ppp. McC McC From uwen at ekom-gmbh.de Wed Mar 24 10:47:15 1999 From: uwen at ekom-gmbh.de (Uwe Wendt) Date: Tue Dec 2 02:25:55 2003 Subject: Win95 user-level access In-Reply-To: Message-ID: On Wed, 24 Mar 1999, Luke Kenneth Casson Leighton wrote: > On Wed, 24 Mar 1999, Uwe Wendt wrote: > > > > [1999/03/24 01:37:07, 1] smbd/ipc.c:api_fd_reply(3280) > > api_fd_reply: INVALID PIPE HANDLE: 0 > > [1999/03/24 01:37:08, 1] smbd/ipc.c:api_fd_reply(3280) > > api_fd_reply: INVALID PIPE HANDLE: 0 > > look further up the log files, you will see a crash (INTERNAL ERROR > fault.c). > I have only found an unsupported API call. Please take a look at the logfiles (debuglevel 4 and 8) at http://www.tu-chemnitz.de/~uwen/samba Uwe From Georg.Hedderich at scc.uni-weimar.de Wed Mar 24 12:51:26 1999 From: Georg.Hedderich at scc.uni-weimar.de (Georg Hedderich) Date: Tue Dec 2 02:25:55 2003 Subject: No subject Message-ID: <9903241351.ZM8508@Bea.scc.uni-weimar.de> Hello everyone ! Our NT-login to a Samba controlled Domain fails . The "smb.conf" contains: "workgroup = SAMBA" and "domain logons = yes". We have created an account in "passwd" and "smbpasswd" for the username and workstationname. Then we changed in the NT Network Settings to the domain SAMBA and we saw the wonderful message saying "Welcome to the SAMBA Domain". Now we have access to Samba about the network, but we can not log in to the Samba-domain about the login-window of NT. It fails with the message "The system can not log in you now, the domain SAMBA is not available". Any solutions? -- Georg Hedderich Tel. : +49 3643/58-2403 Bauhaus-Universitaet-Weimar Fax : +49 3643/58-2402 Servicezentrum fuer Mail : Georg.Hedderich@SCC.Uni-Weimar.DE Computersysteme und -kommunikation D-99421 Weimar Coudraystr. 13d From adam.w.cabler at lmco.com Wed Mar 24 15:19:50 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:55 2003 Subject: Any Ideas on this one? Message-ID: Now I am getting this error dozens of times repeated in my smb.log. ? [1999/03/24 09:05:12, 0] locking/shmem_sysv.c:sysv_shm_open(590) ? ERROR semctl: can't IPC_STAT. Error was Bad address [1999/03/24 09:05:12, 0] locking/locking.c:locking_init(169) ? ERROR: Failed to initialise share modes! [1999/03/24 09:05:16, 0] locking/shmem_sysv.c:sysv_shm_open(590) ? ERROR semctl: can't IPC_STAT. Error was Bad address [1999/03/24 09:05:16, 0] locking/locking.c:locking_init(169) ? ERROR: Failed to initialise share modes! From lkcl at switchboard.net Wed Mar 24 15:55:57 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: Problems accessing CVS In-Reply-To: <36f8aa5d.236540@mail.d-n-a.net> Message-ID: delete entire copy do it again. On Wed, 24 Mar 1999, Simon McCartney wrote: > Sorry about the RTF posting earlier: > > I've been trying to check out a new copy of the CVS hierarchy for a > couple of days, but I allways get stuck at the same point, whether I'm > co'ing or update'ing, it allways stalls at > samba/packaging/Example/setup.sh. > > Anybody got any suggestions ? I'm running RedHat 5.2 (kernel 2.2.1), > CVS 1.10.2, connected via ppp. > > McC > > > McC > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From john at engineering.ucsb.edu Wed Mar 24 16:27:32 1999 From: john at engineering.ucsb.edu (John Balster) Date: Tue Dec 2 02:25:55 2003 Subject: In-Reply-To: <9903241351.ZM8508@Bea.scc.uni-weimar.de> Message-ID: At 4:45 AM -0800 3/24/99, Georg Hedderich wrote: >Hello everyone ! >Our NT-login to a Samba controlled Domain fails . >The "smb.conf" contains: "workgroup = SAMBA" and "domain logons = yes". We >have >created an account in "passwd" and "smbpasswd" for the username and >workstationname. Then we changed in the NT Network Settings to the domain >SAMBA >and we saw the wonderful message saying "Welcome to the SAMBA Domain". Now we >have access to Samba about the network, but we can not log in to the >Samba-domain about the login-window of NT. It fails with the message "The >system can not log in you now, the domain SAMBA is not available". >Any solutions? > >-- > >Georg Hedderich Tel. : +49 3643/58-2403 >Bauhaus-Universitaet-Weimar Fax : +49 3643/58-2402 >Servicezentrum fuer Mail : >Georg.Hedderich@SCC.Uni-Weimar.DE >Computersysteme und -kommunikation >D-99421 Weimar >Coudraystr. 13d Do you have "encrypt passwords = yes" or have you changed registry on your NT systems to use non encrypted passwords? Of these, I'd recommend using encrypted passwords. John +--------------------------------+----------------------------+ | John Balster | john@engineering.ucsb.edu | | University of California | | | Chemical Engineering Dept | (805) 893-3686 | | Santa Barbara, CA 93106-5080 | (805) 893-4731 (FAX) | +--------------------------------+----------------------------+ From njh1 at st-andrews.ac.uk Wed Mar 24 17:05:16 1999 From: njh1 at st-andrews.ac.uk (Nicholas Humfrey) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 Message-ID: Sorry this may be a bit off topic, but I thought someone here might have manged this: I am trying to force people to logon to my classroom domain before they can access the computer. However I cannot prevent people from typing an invalid domain name, which passes the logon over to 'Windows Logon' giving them access to the system. Is there a way of infocing a single domain or preventing logon to invalid domains ? Thanks Nicholas Humfrey Madras College From cartegw at Eng.Auburn.EDU Wed Mar 24 17:24:58 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 References: Message-ID: <36F91FEA.F77C9732@eng.auburn.edu> Nicholas Humfrey wrote: > > Sorry this may be a bit off topic, but I thought > someone here might have manged this: I am trying to > force people to logon to my classroom domain before they > can access the computer. However I cannot prevent people from > typing an invalid domain name, which passes the logon over > to 'Windows Logon' giving them access to the system. Is there > a way of infocing a single domain or preventing logon > to invalid domains ? Ooo! Oooo! Ooooo! This is my **favorite** hack! Use a resource editor (one comes with VC++) and open the mprserv.dll library in it. You must edit the file when running Windows NT as Windows 9x does not support writing change to a binary file. Now disable the DOMAIN field in the Windows network logon dialog. This will prevent changes except by modifying the registry settings. Hope this helps, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lkcl at switchboard.net Wed Mar 24 17:24:57 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: Message-ID: On Thu, 25 Mar 1999, Nicholas Humfrey wrote: > > Sorry this may be a bit off topic, but I thought someone here might have > manged this: I am trying to force people to logon to my classroom domain > before they can access the computer. However I cannot prevent people from > typing an invalid domain name, which passes the logon over to 'Windows > Logon' giving them access to the system. Is there a way of infocing a > single domain or preventing logon to invalid domains ? upgrade to nt. this really _is_ your only option. win9x does not actually have a "domain login" at all it just does an unauthenticated IPC$ call to the pdc to obtain a user's profile location. From mblack at csihq.com Wed Mar 24 17:40:09 1999 From: mblack at csihq.com (Mike Black) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 References: <36F91FEA.F77C9732@eng.auburn.edu> Message-ID: <004001be761d$5d4b7cf0$a4c809c0@mnint1.mnemonic.com> But can't the user still select the "cancel" button to bypass logon completely? I've never heard that one could secure a Win95/98 box. ___________________________________ Michael D. Black Principal Engineer mblack@csi.cc 407-676-2923,x203 http://www.csi.cc Computer Science Innovations http://www.csi.cc/~mike My home page FAX 407-676-2355 ----- Original Message ----- From: Gerald Carter To: Multiple recipients of list Sent: Wednesday, March 24, 1999 12:27 PM Subject: Re: Forcing Domain Logons in Win98 Nicholas Humfrey wrote: > > Sorry this may be a bit off topic, but I thought > someone here might have manged this: I am trying to > force people to logon to my classroom domain before they > can access the computer. However I cannot prevent people from > typing an invalid domain name, which passes the logon over > to 'Windows Logon' giving them access to the system. Is there > a way of infocing a single domain or preventing logon > to invalid domains ? Ooo! Oooo! Ooooo! This is my **favorite** hack! Use a resource editor (one comes with VC++) and open the mprserv.dll library in it. You must edit the file when running Windows NT as Windows 9x does not support writing change to a binary file. Now disable the DOMAIN field in the Windows network logon dialog. This will prevent changes except by modifying the registry settings. Hope this helps, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pburch at sccd.ctc.edu Wed Mar 24 18:04:12 1999 From: pburch at sccd.ctc.edu (Burch, Phil) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 Message-ID: <67DD2D8CC31BD111A8BB080009DDDED5CADBA2@nsccnta01.sccd.ctc.edu> I am fairly certain that a force network login can be set with policies, I thought you could restrict the domain as well. Phil Burch Computing Services North Seattle Community College http://nsccux.sccd.ctc.edu -----Original Message----- From: Mike Black [mailto:mblack@csihq.com] Sent: Wednesday, March 24, 1999 9:42 AM To: Multiple recipients of list Subject: Re: Forcing Domain Logons in Win98 But can't the user still select the "cancel" button to bypass logon completely? I've never heard that one could secure a Win95/98 box. ___________________________________ Michael D. Black Principal Engineer mblack@csi.cc 407-676-2923,x203 http://www.csi.cc Computer Science Innovations http://www.csi.cc/~mike My home page FAX 407-676-2355 ----- Original Message ----- From: Gerald Carter To: Multiple recipients of list Sent: Wednesday, March 24, 1999 12:27 PM Subject: Re: Forcing Domain Logons in Win98 Nicholas Humfrey wrote: > > Sorry this may be a bit off topic, but I thought > someone here might have manged this: I am trying to > force people to logon to my classroom domain before they > can access the computer. However I cannot prevent people from > typing an invalid domain name, which passes the logon over > to 'Windows Logon' giving them access to the system. Is there > a way of infocing a single domain or preventing logon > to invalid domains ? Ooo! Oooo! Ooooo! This is my **favorite** hack! Use a resource editor (one comes with VC++) and open the mprserv.dll library in it. You must edit the file when running Windows NT as Windows 9x does not support writing change to a binary file. Now disable the DOMAIN field in the Windows network logon dialog. This will prevent changes except by modifying the registry settings. Hope this helps, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pbm at barmentlo.net Wed Mar 24 18:06:33 1999 From: pbm at barmentlo.net (Patrick Barmentlo) Date: Tue Dec 2 02:25:55 2003 Subject: can't initialise shared memory Message-ID: Hai.. I have a strange problem. have a samba box.. (2.0.2) running on a FreeBSD 3.0 . with systemV shared mem options in my kernel.. It used to work oke.. It is an NT domain member. all authentication handeld by the PDC. suddenly.. i get the following mess: "ERROR: Failed to initialise share modes! Can't initialise shared memory - exiting" this i get with the smbstatus commmand.. I can't figure out what's the problem..it workt for a while (2 months) With some higher debugging on .. i can see it communicate with the NT pdc. put as soon as i want to use a share.. ;-( Hope anyone can point me out to some right direction.. (i use samba to be a 'nfs' gateway to use homedirs on a NFS server..) Regards. patrick From duncan at msmd.org Wed Mar 24 18:10:22 1999 From: duncan at msmd.org (Josh Duncan) Date: Tue Dec 2 02:25:55 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: <004001be761d$5d4b7cf0$a4c809c0@mnint1.mnemonic.com> Message-ID: On Thu, 25 Mar 1999, Mike Black wrote: > Date: Thu, 25 Mar 1999 04:41:41 +1100 > From: Mike Black > To: Multiple recipients of list > Subject: Re: Forcing Domain Logons in Win98 > > But can't the user still select the "cancel" button to bypass logon > completely? I've never heard that one could secure a Win95/98 box. I have heard that you can force a user to login to a domain/workgroup in win 95/98, that it is just a matter of fixing a registry setting. unfortunately, I do not know which registry setting. If you can afford to experiment on one of your win95/98 boxes I would definitely suggest trying the binary modification mentioned earlier by Mr. Carter. Josh > ___________________________________ > Michael D. Black Principal Engineer > mblack@csi.cc 407-676-2923,x203 > http://www.csi.cc Computer Science Innovations > http://www.csi.cc/~mike My home page > FAX 407-676-2355 > > ----- Original Message ----- > From: Gerald Carter > To: Multiple recipients of list > Sent: Wednesday, March 24, 1999 12:27 PM > Subject: Re: Forcing Domain Logons in Win98 > > > Nicholas Humfrey wrote: > > > > Sorry this may be a bit off topic, but I thought > > someone here might have manged this: I am trying to > > force people to logon to my classroom domain before they > > can access the computer. However I cannot prevent people from > > typing an invalid domain name, which passes the logon over > > to 'Windows Logon' giving them access to the system. Is there > > a way of infocing a single domain or preventing logon > > to invalid domains ? > > Ooo! Oooo! Ooooo! This is my **favorite** hack! > > Use a resource editor (one comes with VC++) and open > the mprserv.dll library in it. You must edit the > file when running Windows NT as Windows 9x does not > support writing change to a binary file. Now disable > the DOMAIN field in the Windows network logon dialog. > This will prevent changes except by modifying the > registry settings. > > > Hope this helps, > jerry > ________________________________________________________________________ > Gerald ( Jerry ) Carter > Engineering Network Services Auburn University > jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) > > > -- There is never any peace for those who resist God. ... Francois Fenelon (1651-1715) Josh Duncan duncan@msmd.org http://www.msmd.org/ From simon.mccartney at dnet.co.uk Wed Mar 24 18:20:53 1999 From: simon.mccartney at dnet.co.uk (Simon McCartney) Date: Tue Dec 2 02:25:55 2003 Subject: Problems accessing CVS In-Reply-To: Message-ID: <000101be7623$0d8203f0$2b02a8c0@zeus.dnet.co.uk> I have done, several times. McC > delete entire copy do it again. > > On Wed, 24 Mar 1999, Simon McCartney wrote: > > > Sorry about the RTF posting earlier: > > > > I've been trying to check out a new copy of the CVS hierarchy for a > > couple of days, but I allways get stuck at the same point, whether I'm > > co'ing or update'ing, it allways stalls at > > samba/packaging/Example/setup.sh. > > > > Anybody got any suggestions ? I'm running RedHat 5.2 (kernel 2.2.1), > > CVS 1.10.2, connected via ppp. > > > > McC > > > > > > McC > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > > ===================================================================== > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Wed Mar 24 19:53:37 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:55 2003 Subject: Problems accessing CVS In-Reply-To: <000101be7623$0d8203f0$2b02a8c0@zeus.dnet.co.uk> Message-ID: ok then report it to tridge@samba.org, the read-only-public-copy-of-cvs-repository may be corrupted. On Wed, 24 Mar 1999, Simon McCartney wrote: > I have done, several times. > > McC > > > delete entire copy do it again. > > > > On Wed, 24 Mar 1999, Simon McCartney wrote: > > > > > Sorry about the RTF posting earlier: > > > > > > I've been trying to check out a new copy of the CVS hierarchy for a > > > couple of days, but I allways get stuck at the same point, whether I'm > > > co'ing or update'ing, it allways stalls at > > > samba/packaging/Example/setup.sh. > > > > > > Anybody got any suggestions ? I'm running RedHat 5.2 (kernel 2.2.1), > > > CVS 1.10.2, connected via ppp. > > > > > > McC > > > > > > > > > McC > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > > > ===================================================================== > > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > ISS Connect - International User Conference - May '99 > ===================================================================== > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From florian at void.s.bawue.de Wed Mar 24 20:07:08 1999 From: florian at void.s.bawue.de (Florian Laws) Date: Tue Dec 2 02:25:56 2003 Subject: One half sucess story and a question about localized NT In-Reply-To: ; from Luke Kenneth Casson Leighton on Fri, Mar 19, 1999 at 09:16:22AM +1100 References: <19990318223652.A1192@void.s.bawue.de> Message-ID: <19990324210708.A315@void.s.bawue.de> On Fri, Mar 19, 1999 at 09:16:22AM +1100, Luke Kenneth Casson Leighton wrote: > > try modifying the hard-coded name table in the source to match the german > names (grep Administrators */*.[ch]) > That didn't work. I've patched util_pwdb.c to the german names, but it more or less the same behaviour as with english names. I test for Administrator privileges by looking into control panel, so I guess this shows me if I have local Administrator rights. (How do I test for domain admin privileges?) With ntadm = SGS\Administratoren in the local group map file where ntadm is the primary group of my admin account, I can log in to the domain SGS, but have no administrator rights, with ntadm = BUILTIN\Adminstratoren I can't log in and log.smb tells something about "primary group not in domain" When I put my admin account in an other primary group and add it to the ntadm group in /etc/groups I can log in, but it doesn't work neither with ntadm = SGS\Administratoren nor with ntadm = BUILTIN\Administratoren inathe local group map file. Any ideas? Thanks, Florian -- "A user interface geek is someone geeky enough to realize what the nongeeks want to work with." --Dan Kaminsky on samba-ntdom From aryosukarno at earthlink.net Wed Mar 24 20:06:57 1999 From: aryosukarno at earthlink.net (Aryo K. Sukarno) Date: Tue Dec 2 02:25:56 2003 Subject: A guide to Samba PDC Message-ID: <006801be7631$de87cf30$3eddf9d1@bhawono.com> Can someone tell me where I can find a newbie guide for installing Samba as PDC? Thank you Aryo From uwen at ekom-gmbh.de Wed Mar 24 20:15:09 1999 From: uwen at ekom-gmbh.de (Uwe Wendt) Date: Tue Dec 2 02:25:56 2003 Subject: smbpasswd segfault In-Reply-To: Message-ID: Hi, on standalone samba server (security = user, domain logons = no, current cvs) I can't add users. If I try smbpasswd -a I get a sementation fault. On startup it creates '.SID' instead of 'Servername.SID'. Uwe From dave at www.buffalostate.edu Wed Mar 24 20:59:35 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:56 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: <36F91FEA.F77C9732@eng.auburn.edu> Message-ID: > Ooo! Oooo! Ooooo! This is my **favorite** hack! > > Use a resource editor (one comes with VC++) and open > the mprserv.dll library in it. You must edit the Is there a resource editor that is FREELY available?? I don't have the dough to buy VC++.. Dave From D.Bannon at latrobe.edu.au Wed Mar 24 21:06:43 1999 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:25:56 2003 Subject: smbpasswd segfault In-Reply-To: References: Message-ID: <3.0.3.32.19990325080643.0075f72c@bioserve.biochem.latrobe.edu.au> At 07:23 AM 25/03/1999 +1100, Uwe Wendt wrote: >Hi, > >on standalone samba server (security = user, domain logons = no, current >cvs) I can't add users. If I try smbpasswd -a I get a sementation >fault. On startup it creates '.SID' instead of 'Servername.SID'. > Are you sure your server name is set correctly ? It should be domain.SID anyway, shouldn't it ? Depends on the 'workgroup= XXX' line in your smb.conf file. david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From cartegw at Eng.Auburn.EDU Wed Mar 24 22:38:53 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:56 2003 Subject: A guide to Samba PDC References: <006801be7631$de87cf30$3eddf9d1@bhawono.com> Message-ID: <36F9697D.3D12ED5B@eng.auburn.edu> Aryo K. Sukarno wrote: > > Can someone tell me where I can find a newbie > guide for installing Samba as PDC? Aryo, Have you read the NT Domain FAQ linked off the documentation page at one of the Samba mirrors? Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From awilliam at whitemice.org Wed Mar 24 23:05:43 1999 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:25:56 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: "Burch, Phil" "RE: Forcing Domain Logons in Win98" (Mar 25, 4:59am) References: <67DD2D8CC31BD111A8BB080009DDDED5CADBA2@nsccnta01.sccd.ctc.edu> Message-ID: <9903242305.ZM815@estate1.whitemice.org> On Mar 25, 4:59am, Burch, Phil wrote: > Subject: RE: Forcing Domain Logons in Win98 > I am fairly certain that a force network login can be set with policies, I > thought you could restrict the domain as well. > This is true, done easily with "System Policy Editor". On logon all my Win95 machines update their registries from a central per-user file on a Linux/Samba server. "System Policy Editor" is on the Win95 Cd under the apptools directory. From aescalan at ifcsun1.ifisiol.unam.mx Wed Mar 24 11:57:01 1999 From: aescalan at ifcsun1.ifisiol.unam.mx (Ana Maria Escalante) Date: Tue Dec 2 02:25:56 2003 Subject: Password sync Message-ID: Hi all: I have two RedHat 5.1 servers running samba. One is my E-mail server and will share the home directories over samba, the other one is my PDC and will share applications over samba. I do not have an NT server and want to sync all my passwords: linux and samba in both servers. I tried to configure one as a PDC and the other as a SDC both with UNIX password sync, but it seems that I should have at least one NT server for this to work. Any ideas? I will be very thankfull. Regards Ana Maria From matthew at janus.law.usyd.edu.au Thu Mar 25 00:02:26 1999 From: matthew at janus.law.usyd.edu.au (Matthew Geier) Date: Tue Dec 2 02:25:56 2003 Subject: Password sync In-Reply-To: from "Ana Maria Escalante" at Mar 25, 99 10:57:34 am Message-ID: <199903250002.LAA25375@janus.law.usyd.edu.au> > I have two RedHat 5.1 servers running samba. One is my E-mail server > and will share the home directories over samba, the other one is my PDC > and will share applications over samba. I do not have an NT server and > want to sync all my passwords: linux and samba in both servers. I tried to > configure one as a PDC and the other as a SDC both with UNIX password > sync, but it seems that I should have at least one NT server for this to > work. > Any ideas? I will be very thankfull. I run 'rsync' over 'ssh' to copy /etc/passwd, /etc/group, and smbpasswd over to 2 other machines. I only run the sync once a day, so passwords could take up to 24hrs to get to the other servers, but in practice this seems to work fine. rsync only sends changes, so I guess you could run more often. (Or arrange to run the sync script when one of the 3 files changes.) From dkrovich at wvu.edu Thu Mar 25 02:20:40 1999 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:25:56 2003 Subject: nisplus compile error with latest cvs Message-ID: Here's the specs: ./configure --prefix=/sys/pdcsamba --with-nisplus --with-nisplus-home Linking bin/smbd Undefined first referenced symbol in file nisplus_initialise_group_db groupdb/groupdb.o nisplus_initialise_sam_password_db passdb/sampassdb.o nisplus_initialise_alias_db groupdb/aliasdb.o nisplus_initialise_builtin_db groupdb/builtindb.o nisplus_initialise_password_grp passdb/passgrp.o nisplus_initialise_password_db passdb/passdb.o ld: fatal: Symbol referencing errors. No output written to bin/smbd make: *** [bin/smbd] Error 1 OS: Solaris 2.5.1 gcc version 2.7.2.3.f.2 It compiles fine if I don't try to include nisplus support. ----------------------------------------- David Krovich West Virginia University Manager/Information Systems Computer Science & Electrical Engineering ----------------------------------------- From dkrovich at wvu.edu Thu Mar 25 03:10:15 1999 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:25:56 2003 Subject: Malformed Lanman password entry (non hex chars) Message-ID: Ok, I'm having some weirdness going on.... I'm creating a smbpasswd file consisting of just me using the following command: niscat passwd.org_dir | grep dkrovich | cut -f1-7 -d: | mksmbpasswd.sh > smbpasswd The output looks like this: dkrovich:3685:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:David Krovich When I run smbpasswd on the user dkrovich as root to change the password, I get the following error. (Debug level is set to 10) # smbpasswd dkrovich <--lots of debugging cut out --> New SMB password: Retype new SMB password: search by name: dkrovich startfilepwent: opening file /sys/pdcsamba/private/smbpasswd getsmbfilepwent: Malformed Lanman password entry (non hex chars) getfileline: end of file reached getsmbfilepwent: end of file reached. pwdb_smb_map_names endfilepwent: closed file. pwdb_smb_map_names Failed to find entry for user dkrovich. Failed to change password entry for dkrovich If I delete the XXXXX dkrovich entry from smbpasswd, and then add the user dkrovich using smbpasswd -a dkrovich, everything seems to work fine. What am I doing wrong? ----------------------------------------- David Krovich West Virginia University Manager/Information Systems Computer Science & Electrical Engineering ----------------------------------------- From SergeyNasedkin at ntl.ru Thu Mar 25 05:27:19 1999 From: SergeyNasedkin at ntl.ru (SergeyNasedkin) Date: Tue Dec 2 02:25:56 2003 Subject: Subscribe Message-ID: <01be7680$26d160a0$c31422c3@003> -------------- next part -------------- HTML attachment scrubbed and removed From greg at discreet.com Thu Mar 25 12:44:21 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:56 2003 Subject: Samba rocks Message-ID: Just a real quick status report on my test environment. usrmgr WORKS svrmgr WORKS rpcclient enumusers WORKS rpcclient createuser seems to WORK but I get permission denied (I'm not domain admin) lsass no longer crashes domain groups WORK roaming profiles WORK executive summary: Greg is happy ;-) Thanks to the samba gang, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From lkcl at switchboard.net Thu Mar 25 12:48:59 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: Malformed Lanman password entry (non hex chars) In-Reply-To: Message-ID: On Thu, 25 Mar 1999, David Krovich wrote: > Ok, I'm having some weirdness going on.... > > I'm creating a smbpasswd file consisting of just me using the > following command: > > niscat passwd.org_dir | grep dkrovich | cut -f1-7 -d: | mksmbpasswd.sh > smbpasswd > > The output looks like this: > > dkrovich:3685:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U ]:LCT-00000000:David Krovich > > When I run smbpasswd on the user dkrovich as root to change the > password, I get the following error. (Debug level is set to 10) > > # smbpasswd dkrovich > > <--lots of debugging cut out --> > New SMB password: > Retype new SMB password: > search by name: dkrovich > startfilepwent: opening file /sys/pdcsamba/private/smbpasswd > getsmbfilepwent: Malformed Lanman password entry (non hex chars) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ i just spotted and fixed this myself. checkin later today. From lkcl at switchboard.net Thu Mar 25 12:51:30 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: Samba rocks In-Reply-To: Message-ID: On Thu, 25 Mar 1999, Greg Dickie wrote: > > Just a real quick status report on my test environment. > > usrmgr WORKS > svrmgr WORKS > > rpcclient enumusers WORKS > rpcclient createuser seems to WORK but I get permission denied (I'm not > domain admin) excellent. will have "set user info" including password etc later on. From greg at discreet.com Thu Mar 25 13:10:01 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:56 2003 Subject: groups'n'stuff Message-ID: Just a small question. Luke, I think you are playing with the groups codes again (smbgroup?). While you are in there, could you stray into the rpc server code and see why all the groups for a user are not sent back to the user manger? Your pal, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From fricke at Team.OWL-Online.DE Thu Mar 25 13:40:12 1999 From: fricke at Team.OWL-Online.DE (Cord Fricke) Date: Tue Dec 2 02:25:56 2003 Subject: Profiles Message-ID: <36FA3CBC.17FA5C1A@team.owl-online.de> Hi there, I got a problem with my downloading profiles. Only the first user, who logs onto Doze NT gets the profiles and the policies from the server. Any other user who logs onto the WS gets a default profiles with normal policy. That seems to me that the other user don?t download the profile from the server. What?s wrong Looking for help Cord From lkcl at switchboard.net Thu Mar 25 13:54:52 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: groups'n'stuff In-Reply-To: Message-ID: On Fri, 26 Mar 1999, Greg Dickie wrote: > > Just a small question. > > Luke, I think you are playing with the groups codes again (smbgroup?). While > you are in there, could you stray into the rpc server code and see why all the > groups for a user are not sent back to the user manger? it's because unix doesn't need to have the "primary" group added to a group list, this is done implicitly. From G.Klein at edelmann.de Thu Mar 25 14:08:00 1999 From: G.Klein at edelmann.de (Gerhard Klein) Date: Tue Dec 2 02:25:56 2003 Subject: machine account Message-ID: <36FA4340.A9A859A7@edelmann.de> I joined my workstation like "smbpasswd -a -m workstation_name" and I can switch to samba domain. If I want to switch a second time to samba domain I have to do "smbpasswd -a -m workstation_name" again. If I try to switch to samba domain with administrator/password, I get a message that I haven't enougth privileges. Is it a fault or not supported (samba 2.1.0). Gerhard -- http://www.edelmann.de mailto:G.Klein@edelmann.de Phone: +49 7321 340 368 Fax: +49 7321 340 363 From lkcl at switchboard.net Thu Mar 25 14:32:28 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: machine account In-Reply-To: <36FA4340.A9A859A7@edelmann.de> Message-ID: On Fri, 26 Mar 1999, Gerhard Klein wrote: > I joined my workstation like "smbpasswd -a -m workstation_name" and I > can switch to samba domain. If I want to switch a second time to samba > domain I have to do "smbpasswd -a -m workstation_name" again. > > If I try to switch to samba domain with administrator/password, I get a > message that I haven't enougth privileges. Is it a fault or not > supported (samba 2.1.0). ok, i will have it in the next few days. From lee at hsh.com Thu Mar 25 14:53:42 1999 From: lee at hsh.com (Lee Havemann) Date: Tue Dec 2 02:25:56 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: <9903242305.ZM815@estate1.whitemice.org> Message-ID: <001e01be76cf$47cbd0c0$097bfea5@hshpcf.hsh.com> Or grab poledit from any NT 4.0 system - works under win 95/98. Run poledit: Click on File > Open registry > Local Computer > Windows 95 Network > Logon > check the "Requires validation by network for Windows access" button. I think you can also enable the Remote registry service and do it remotely on all the user machines... ----- Lee Havemann, Comp Ops Dir. HSH Associates (973) 838-3330 Mailto: lee@hsh.com http://www.hsh.com "My opinions are probably not those of my employer" > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On > Behalf Of > Adam Williams > Sent: Wednesday, March 24, 1999 6:06 PM > To: Multiple recipients of list > Subject: Re: Forcing Domain Logons in Win98 > > > On Mar 25, 4:59am, Burch, Phil wrote: > > Subject: RE: Forcing Domain Logons in Win98 > > I am fairly certain that a force network login can be set > with policies, I > > thought you could restrict the domain as well. > > > > This is true, done easily with "System Policy Editor". On > logon all my Win95 > machines update their registries from a central per-user > file on a Linux/Samba > server. "System Policy Editor" is on the Win95 Cd under the apptools > directory. > From lkcl at switchboard.net Thu Mar 25 15:19:11 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: machine account In-Reply-To: <36FA4340.A9A859A7@edelmann.de> Message-ID: On Fri, 26 Mar 1999, Gerhard Klein wrote: > I joined my workstation like "smbpasswd -a -m workstation_name" and I > can switch to samba domain. If I want to switch a second time to samba > domain I have to do "smbpasswd -a -m workstation_name" again. > > If I try to switch to samba domain with administrator/password, I get a > message that I haven't enougth privileges. Is it a fault or not > supported (samba 2.1.0). what a TOTAL waste of time. you're NOT going to believe this, but when you decode the password from when you type in admin/password, it's the workstation name in lower case. we always suspected that this was the case, but to actually have an info level specifically to set an obfuscated password where the obfuscated password is a well-known value is just... words fail me. gerhard, others: i will do the "set password" call soon. the login will have to be "root"/password or "root-mapped-to-admin"/password but otherwise it should work. check for announcements and/or http://samba.org/listproc/samba-cvs messages. luke From green at UMDNJ.EDU Thu Mar 25 15:32:40 1999 From: green at UMDNJ.EDU (Cliff Green) Date: Tue Dec 2 02:25:56 2003 Subject: Forcing Domain Logons in Win98 In-Reply-To: <001e01be76cf$47cbd0c0$097bfea5@hshpcf.hsh.com> Message-ID: On Fri, 26 Mar 1999, Lee Havemann wrote: > Or grab poledit from any NT 4.0 system - works under win 95/98. > > Run poledit: > > Click on File > Open registry > Local Computer > Windows 95 Network > > Logon > check the "Requires validation by network for Windows access" > button. We do this, too. There is a problem with this, though. In Win95: if, with tweakui or some other method (e.g., custom code), you clear the last username at logon, in order to clean up the logon screen (Managment likes a clean screen :-) then there's nothing in HKLM\Network\Logon\username (it's been a while, but I'm pretty sure that's the key), and any luser can enter any name, password, and bogus domain and get access to the PC. No lan, but tcp/ip should be available. In a public facility, this is just asking for trouble. If you don't clear the last username, this seems to be closed, though I'd bet there's ways around it (other than holding down F8 at boottime). Not a clean logon screen, but it seems to work. In Win98, there's a registry key: HKLM\Network\Logon\DontShowLastUser, which seems to get around this. My point being that setting MustBeValidated isn't sufficient unto itself. However... Supposedly, you can set the workgroups/domains and restrict the user's options with a wrkgrp.ini file (see: http://msdn.microsoft.com/library/winresource/dnwin95/d1c/s6f1d.htm). I tried using this about a year ago, and ran into some problems (unfortunately, it didn't do what we wanted at the time, and I don't recall why it/I failed - sorry). c -- Cliff Green green@umdnj.edu Academic Computing Service UMDNJ voice: 732-235-5250 fax: 732-235-5252 From weejock at ferret.lmh.ox.ac.uk Thu Mar 25 15:32:28 1999 From: weejock at ferret.lmh.ox.ac.uk (Matthew Kirkwood) Date: Tue Dec 2 02:25:56 2003 Subject: machine account In-Reply-To: Message-ID: On Fri, 26 Mar 1999, Luke Kenneth Casson Leighton wrote: > > I joined my workstation like "smbpasswd -a -m workstation_name" and I > > can switch to samba domain. If I want to switch a second time to samba > > domain I have to do "smbpasswd -a -m workstation_name" again. I saw this at various times (though I haven't played with HEAD for a while). > > If I try to switch to samba domain with administrator/password, I get > > a message that I haven't enougth privileges. Is it a fault or not > > supported (samba 2.1.0). > > what a TOTAL waste of time. you're NOT going to believe this, but when > you decode the password from when you type in admin/password, it's the > workstation name in lower case. Maybe I parsed that wrong, but are you saying that when you add a domain account (machine account, whatever) from a client machine, it can't verify that you entered a correct admin password? Or at least that this check isn't done on the server end? Matthew. From spiritu at nwu.edu Thu Mar 25 15:44:27 1999 From: spiritu at nwu.edu (Jonathan Michael Hawkins) Date: Tue Dec 2 02:25:56 2003 Subject: Password sync References: Message-ID: <36FA59DB.147ADD1F@nwu.edu> Ana Maria Escalante wrote: > > Hi all: > I have two RedHat 5.1 servers running samba. One is my E-mail server > and will share the home directories over samba, the other one is my PDC > and will share applications over samba. I do not have an NT server and > want to sync all my passwords: linux and samba in both servers. I tried to > configure one as a PDC and the other as a SDC both with UNIX password > sync, but it seems that I should have at least one NT server for this to > work. Assuming you can find a good Kerberos-authenticating GINA (we have one here, but I'm pretty sure it's not for public consumption), a proper Kerb setup should do ya fine for this. I think. ;) Jonathan -- Jonathan Michael Hawkins Northwestern University Assistant Network Administrator Evanston, IL USA McCormick Computing Support http://www.tech.nwu.edu/support mailto:spiritu@nwu.edu OAS, AAS, LLS!!! -- GO CATS! From spiritu at nwu.edu Thu Mar 25 16:24:04 1999 From: spiritu at nwu.edu (Jonathan Michael Hawkins) Date: Tue Dec 2 02:25:56 2003 Subject: Password sync References: <36FA59DB.147ADD1F@nwu.edu> Message-ID: <36FA6324.66F30A33@nwu.edu> Jonathan Michael Hawkins wrote: > > Ana Maria Escalante wrote: > > > > Hi all: > > I have two RedHat 5.1 servers running samba. One is my E-mail server > > and will share the home directories over samba, the other one is my PDC > > and will share applications over samba. I do not have an NT server and > > want to sync all my passwords: linux and samba in both servers. I tried to > > configure one as a PDC and the other as a SDC both with UNIX password > > sync, but it seems that I should have at least one NT server for this to > > work. > > Assuming you can find a good Kerberos-authenticating GINA (we have one > here, but I'm pretty sure it's not for public consumption), a proper > Kerb setup should do ya fine for this. > > I think. ;) Okay, so this is bad form, but I just now realized that you have no NT box in your setup. Kerberos should do you fine for the entire thing, then :) Jonathan -- Jonathan Michael Hawkins Northwestern University Assistant Network Administrator Evanston, IL USA McCormick Computing Support http://www.tech.nwu.edu/support mailto:spiritu@nwu.edu OAS, AAS, LLS!!! -- GO CATS! From lkcl at switchboard.net Thu Mar 25 16:27:01 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: machine account In-Reply-To: Message-ID: On Thu, 25 Mar 1999, Matthew Kirkwood wrote: > On Fri, 26 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > > I joined my workstation like "smbpasswd -a -m workstation_name" and I > > > can switch to samba domain. If I want to switch a second time to samba > > > domain I have to do "smbpasswd -a -m workstation_name" again. > > I saw this at various times (though I haven't played with HEAD for a > while). > > > > If I try to switch to samba domain with administrator/password, I get > > > a message that I haven't enougth privileges. Is it a fault or not > > > supported (samba 2.1.0). > > > > what a TOTAL waste of time. you're NOT going to believe this, but when > > you decode the password from when you type in admin/password, it's the > > workstation name in lower case. > > Maybe I parsed that wrong, but are you saying that when you add a domain you did. > account (machine account, whatever) from a client machine, correct up to here. > it can't verify that you entered a correct admin password? this bit's incorrect. yes of course it [the pdc] can, it's the pdc, so it must have the admin username / password. > Or at least that this check isn't done on the server end? only if you decide not to implement this check. and both samba and nt implement this check. the _workstation_ password is encrypted (and i guessed how it's done) and the workstation password, when decrypted, is a well-known value. From dominik at cip.ica.uni-stuttgart.de Thu Mar 25 16:32:58 1999 From: dominik at cip.ica.uni-stuttgart.de (Dominik Epple) Date: Tue Dec 2 02:25:56 2003 Subject: MACHINE.SID changes from 2.0.0 to 2.0.3 Message-ID: <14074.25607.504736.104569@arve.cip.ica.uni-stuttgart.de> In the mail arhive Michael.Keightley wrote: > I'm running 2.0.0 just now. Compiled and installed 2.0.3. When I restarted > samba private/MACHINE.SID changed which meant I would need to get all 40 PCs to > rejoin the domain. > > Luckily I kept a copy of my 2.0.0 files. Is this a feature or a bug? Is > there anyway to stop it changing the SID? > > Michael > [....] We also tried to use the old MACHINE.SID file (from 2.0.0) with 2.0.3. This does not help us however. Every time samba is started it seems to change the old MACHINE.SID file. There seems to be no way to upgrade from 2.0.0 to 2.0.3 without touching all 27 clients. Any hint how to avoid touching the clients is very welcome. Dominik & Matthias From jfncoffer at ucdavis.edu Thu Mar 25 16:48:22 1999 From: jfncoffer at ucdavis.edu (Jason F. N. Coffer) Date: Tue Dec 2 02:25:56 2003 Subject: NT Domain AND cleartext passwords on same server Message-ID: <4.1.19990325082530.00b2fa80@mailbox.ucdavis.edu> It appears that encrypted passwords must be in use for samba to be a PDC -- NT workstations can't recognize they are in the domain otherwise. However, I want to use cleartext passwords to allow users to login on the workstation. Is there a way for a samba server to have dual functionality -- authenticating workstations via encrypted passwords while allowing user logins (from the same workstations) via cleartext passwords? My reading of the mailing list archives indicate that this currently isn't possible, hopefully I am wrong. Could a feature like this be implemented in a future release? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Jason F. N. Coffer - jfncoffer@ucdavis.edu Division of Biological Sciences, U.C. Davis From weejock at ferret.lmh.ox.ac.uk Thu Mar 25 16:55:13 1999 From: weejock at ferret.lmh.ox.ac.uk (Matthew Kirkwood) Date: Tue Dec 2 02:25:56 2003 Subject: machine account In-Reply-To: Message-ID: On Thu, 25 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > what a TOTAL waste of time. you're NOT going to believe this, but when > > > you decode the password from when you type in admin/password, it's the > > > workstation name in lower case. > > > > Maybe I parsed that wrong, but are you saying that when you add a domain > > you did. Thank god for that :) > > account (machine account, whatever) from a client machine, > > correct up to here. > > > it can't verify that you entered a correct admin password? > > this bit's incorrect. yes of course it [the pdc] can, it's the pdc, so it > must have the admin username / password. My original reading suggested that you meant the client didn't even /send/ the admin password, but used an encrypted machine name instead. > > Or at least that this check isn't done on the server end? > > only if you decide not to implement this check. and both samba and nt > implement this check. Good. > the _workstation_ password is encrypted (and i guessed how it's done) and > the workstation password, when decrypted, is a well-known value. Still brain-dead, but not quite so bad... :) Matthew. From adam.w.cabler at lmco.com Thu Mar 25 17:08:39 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:56 2003 Subject: Passwords Message-ID: Is there a good way to keep (and start) your smbpasswd file in line with /etc/passwd?? mksmbpasswd was not included in the cvs release that I have.? Does it still work?? If so I can get it somewhere.? If not, is there a new/better way? ? adam From lkcl at switchboard.net Thu Mar 25 17:08:58 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:56 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: <4.1.19990325082530.00b2fa80@mailbox.ucdavis.edu> Message-ID: you can do it on a per-wks basis or per-subnet by using appropriate %macros _right_ at the start. you cannot do this on a per-user basis. or set up samba with dual personality and include = smb.conf.%[macro for NetBIOS name]. On Fri, 26 Mar 1999, Jason F. N. Coffer wrote: > It appears that encrypted passwords must be in use for samba to be a PDC -- > NT workstations can't recognize they are in the domain otherwise. However, > I want to use cleartext passwords to allow users to login on the workstation. > > Is there a way for a samba server to have dual functionality -- > authenticating workstations via encrypted passwords while allowing user > logins (from the same workstations) via cleartext passwords? My reading of > the mailing list archives indicate that this currently isn't possible, > hopefully I am wrong. > > Could a feature like this be implemented in a future release? > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Jason F. N. Coffer - jfncoffer@ucdavis.edu > Division of Biological Sciences, U.C. Davis > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From sm3 at sys.uea.ac.uk Thu Mar 25 17:12:57 1999 From: sm3 at sys.uea.ac.uk (Shaun McCullagh) Date: Tue Dec 2 02:25:56 2003 Subject: NT Domain AND cleartext passwords on same server Message-ID: > >It appears that encrypted passwords must be in use for samba to be a PDC -- >NT workstations can't recognize they are in the domain otherwise. However, >I want to use cleartext passwords to allow users to login on the workstation. > >Is there a way for a samba server to have dual functionality -- >authenticating workstations via encrypted passwords while allowing user >logins (from the same workstations) via cleartext passwords? My reading of >the mailing list archives indicate that this currently isn't possible, >hopefully I am wrong. > >Could a feature like this be implemented in a future release? > Yes please too :). This would really help enormously. Thanks to all to contribute to SAMBA, the loveliest software in the world. Cheers Shaun McCullagh, IT Support Officer, School of Information Systems., University of East Anglia., Norwich England NR4 7TJ Office: E02.109 http://www.sys.uea.ac.uk/~sm Tel +44 1603 592307 mailto:sm@sys.uea.ac.uk FAX +44 1603 593344 From adam.w.cabler at lmco.com Thu Mar 25 17:16:48 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:56 2003 Subject: More Passwd Problems Message-ID: I was able to make my samba machine a PDC with no problem. However, when I try to add a machine, I get a error that says: 6dof-server:/usr/local/samba/bin 40# smbpasswd -a -m CADNT-2 smb password encryption not selected in Makefile PLEASE HELP, adam From greg at discreet.com Thu Mar 25 17:27:43 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:56 2003 Subject: Weirdness with 2.0.3 on IRIX 6.4 Message-ID: Hi, I'm having "issues" running samba 2.0.3 on IRIX 6.4 in anything other than "security=share". For example I have set "security=server" and all of a sudden my connection will drop off. Unfortunately M$ word does not react nicely when this happens so people are losing there work: This has started happening since 2.0.0. Any ideas? I get this in the logfile which does not look too healthy: [1999/03/25 10:12:06, 0] locking/locking_shm.c:(212) get_share_modes: process 2628 no longer exists [1999/03/25 10:12:06, 0] locking/locking_shm.c:(239) get_share_modes: file with dev 3000006 inode 9453639 empty [1999/03/25 11:37:45, 1] smbd/password.c:(1127) password server DUBLIN_ENC rejected the password [1999/03/25 11:37:46, 1] smbd/service.c:(488) winframe1 (192.168.60.40) connect to service pbouchar as user pbouchar (uid=1177, gid=500) (pid 18635) [1999/03/25 11:37:46, 0] locking/locking_shm.c:(212) get_share_modes: process 8944 no longer exists [1999/03/25 11:37:46, 0] locking/locking_shm.c:(239) get_share_modes: file with dev 3000006 inode 9453639 empty [1999/03/25 11:48:00, 1] smbd/service.c:(488) winframe1 (192.168.60.40) connect to service pbouchar as user pbouchar (uid=1177, gid=500) (pid 13569) [1999/03/25 11:48:00, 0] locking/locking_shm.c:(212) get_share_modes: process 18635 no longer exists [1999/03/25 11:48:00, 0] locking/locking_shm.c:(239) get_share_modes: file with dev 3000006 inode 9453639 empty [1999/03/25 12:03:34, 1] smbd/password.c:(1127) password server DUBLIN_ENC rejected the password [1999/03/25 12:03:34, 1] smbd/service.c:(488) winframe1 (192.168.60.40) connect to service pbouchar as user pbouchar (uid=1177, gid=500) (pid 22514) [1999/03/25 12:03:34, 0] locking/locking_shm.c:(212) get_share_modes: process 13569 no longer exists [1999/03/25 12:03:34, 0] locking/locking_shm.c:(239) get_share_modes: file with dev 3000006 inode 9453639 empty [1999/03/25 12:17:11, 0] smbd/nttrans.c:(1668) call_nt_transact_set_security_desc: Currently not implemented. --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From dpe at clark.net Thu Mar 25 17:29:25 1999 From: dpe at clark.net (David Edwards) Date: Tue Dec 2 02:25:56 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: <4.1.19990325082530.00b2fa80@mailbox.ucdavis.edu> Message-ID: On Fri, 26 Mar 1999, Jason F. N. Coffer wrote: > Is there a way for a samba server to have dual functionality -- > authenticating workstations via encrypted passwords while allowing user > logins (from the same workstations) via cleartext passwords? My reading of > the mailing list archives indicate that this currently isn't possible, > hopefully I am wrong. > > Could a feature like this be implemented in a future release? I'd like to see this functionality, too... Right now, I'm trying to integrate our UNIX side (uses NIS+ for authentication) with our NT side (just a bunch of stand-alone NT boxes on the network) by setting up a Samba PDC. Obviously, with encrypted user passwords, I can't use NIS+ to authenticate users. Or am I missing something really, really important? The users use both UNIX and NT, and I need for passwords to remain sync'ed, regardless of where they're changed. (I realize a kludge can be worked up to change the password files of each to update both password files every time the password changes, but frankly, I'd prefer just authenticating directly to NIS+ and avoiding the whole headache.) -- David Edwards dpe@clark.net What? Me? Worry? From led at unter.encoding.com Fri Mar 26 01:19:09 1999 From: led at unter.encoding.com (Lawrence Doan) Date: Tue Dec 2 02:25:56 2003 Subject: Printing thru 2.0.3 Message-ID: <199903260119.BAA26669@unter.encoding.com> I have 2.0.3/FreeBSD-3.0 set up as a PDC and everything seems to work fine (even another 2.0.3 box using it for password auth -- once i disabled domain logons on the slave. =) ). I can add printers normally, but test pages refuse to print. Debug 100 shows that lpq is being run on the server, and returning 0. This seems to nonplus the client which repeats the sequence attached. I note from the FAQ that nt print spooling (\PIPE) does not work even in the HEAD branch, but that as a workaround LANMAN is used as a fallback. Is there something that needs to be done on the client end to ensure that this works? Disabling spooling in the printer properties has no effect. Thanks... -L [1999/03/25 16:58:29, 10] lib/util.c:dump_data(2832) [000] 5C 50 49 50 45 5C 4C 41 4E 4D 41 4E 00 00 00 00 \PIPE\LA NMAN.... [1999/03/25 16:58:29, 10] lib/util.c:dump_data(2840) [010] 00 46 00 7A 57 72 4C 68 00 7A 57 57 57 57 7A 7A .F.zWrLh .zWWWWzz [1999/03/25 16:58:29, 10] lib/util.c:dump_data(2840) [020] 7A 7A 57 57 7A 7A 6C 00 6C 65 78 6D 61 72 6B 00 zzWWzzl. lexmark. [1999/03/25 16:58:29, 10] lib/util.c:dump_data(2840) [030] 03 00 00 04 .... [1999/03/25 16:58:29, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 6553) [1999/03/25 16:58:29, 3] lib/doscalls.c:dos_ChDir(327) dos_ChDir to /usr/local/samba/lib [1999/03/25 16:58:29, 5] smbd/uid.c:unbecome_user(295) unbecome_user now uid=(0,0) gid=(0,0) [1999/03/25 16:58:29, 5] smbd/uid.c:become_user(262) become_user uid=(0,65534) gid=(0,65534) [1999/03/25 16:58:29, 3] lib/doscalls.c:dos_ChDir(327) dos_ChDir to /tmp [1999/03/25 16:58:29, 3] smbd/ipc.c:reply_trans(3625) trans <\PIPE\LANMAN> data=0 params=35 setup=0 [1999/03/25 16:58:29, 5] smbd/ipc.c:reply_trans(3637) calling named_pipe [1999/03/25 16:58:29, 3] smbd/ipc.c:named_pipe(3480) named pipe command on name [1999/03/25 16:58:29, 3] smbd/ipc.c:api_reply(3425) Got API command 70 of form (tdscnt=0,tpscnt=35,mdrcnt =1024,mprcnt=6) [1999/03/25 16:58:29, 3] smbd/ipc.c:api_reply(3430) Doing DosPrintQGetInfo [1999/03/25 16:58:29, 3] smbd/ipc.c:api_DosPrintQGetInfo(818) PrintQueue uLevel=3 name=lexmark [1999/03/25 16:58:29, 3] printing/printing.c:get_printqueue(1011) Running the command `lpq -Plexmark' gave 0 [1999/03/25 16:58:29, 6] printing/printing.c:get_printqueue(1027) QUEUE2: No entries [1999/03/25 16:58:29, 6] printing/printing.c:get_printqueue(1027) QUEUE2: [1999/03/25 16:58:29, 4] smbd/ipc.c:api_DosPrintQGetInfo(891) printqgetinfo: errorcode 0 [1999/03/25 16:58:29, 5] smbd/ipc.c:copy_trans_params_and_data(150) copy_trans_params_and_data: params[0..6] data[0..127] [1999/03/25 16:58:29, 5] lib/util.c:show_msg(459) size=191 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1999/03/25 16:58:29, 5] lib/util.c:show_msg(465) smb_tid=1 smb_pid=33216 smb_uid=101 smb_mid=59657 smt_wct=10 [1999/03/25 16:58:29, 5] lib/util.c:show_msg(470) smb_vwv[0]=6 (0x6) [1999/03/25 16:58:29, 5] lib/util.c:show_msg(470) smb_vwv[1]=127 (0x7F) [1999/03/25 16:58:29, 5] lib/util.c:show_msg(470) smb_vwv[2]=0 (0x0) [1999/03/25 16:58:29, 5] lib/util.c:show_msg(470) From simonmu at optimation.co.nz Fri Mar 26 01:45:45 1999 From: simonmu at optimation.co.nz (Simon Murcott) Date: Tue Dec 2 02:25:56 2003 Subject: Passwords In-Reply-To: Message-ID: On Fri, 26 Mar 1999, Cabler, Adam W wrote: > Is there a good way to keep (and start) your smbpasswd file in line with > /etc/passwd?? mksmbpasswd was not included in the cvs release that I have.? > Does it still work?? If so I can get it somewhere.? If not, is there a > new/better way? Try this: #!/bin/bash for item in `cat /etc/passwd | awk -F: '{print $1}' | sort` do grep ${item} /usr/local/private/smbpasswd if [ $? -ne 0 ] then smbpasswd -a -n -e ${item} fi done This will add missing entries into the smbpasswd file with NO PASSWORD. You will need to organise whatever password changing system you have in place to also use smbpasswd. Hope this helps. Regards Simon Murcott -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Optimation New Zealand Limited Exchange Place, Willeston Street, Wellington, New Zealand Phone +64 4 4727218, Fax +64 4 4727219 S.Murcott@optimation.co.nz -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Man will occasionally stumble over the truth, but most of the time he will pick himself up and continue on. -Churchill From greg at discreet.com Fri Mar 26 00:14:32 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:56 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: Message-ID: How would you do this? If you use %m (machine) then that macro would be the same whether the machine OR the user on the machine is logging i,n no? As far as the dual personalities, would not both personalities need to be PDCs? And wouldn't WINS prevent that? Or am I misunderstanding aliases? IMHO this would really be a nice feature and would almost get rid of smbpasswd ;-) Thanks, Greg --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com On Fri, 26 Mar 1999, Luke Kenneth Casson Leighton wrote: > you can do it on a per-wks basis or per-subnet by using appropriate > %macros _right_ at the start. you cannot do this on a per-user basis. > > or set up samba with dual personality and include = smb.conf.%[macro for > NetBIOS name]. > > On Fri, 26 Mar 1999, Jason F. N. Coffer wrote: > > > It appears that encrypted passwords must be in use for samba to be a PDC -- > > NT workstations can't recognize they are in the domain otherwise. However, > > I want to use cleartext passwords to allow users to login on the workstation. > > > > Is there a way for a samba server to have dual functionality -- > > authenticating workstations via encrypted passwords while allowing user > > logins (from the same workstations) via cleartext passwords? My reading of > > the mailing list archives indicate that this currently isn't possible, > > hopefully I am wrong. > > > > Could a feature like this be implemented in a future release? > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Jason F. N. Coffer - jfncoffer@ucdavis.edu > > Division of Biological Sciences, U.C. Davis > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > > ===================================================================== > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > ISS Connect - International User Conference - May '99 > ===================================================================== > From lkcl at switchboard.net Thu Mar 25 22:19:22 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: User Manager and "Welcome to SAMBA Domain" - create accounts. Message-ID: this code now works, including password changes. typing in the root-admin username / password in the "create workstation account in domain" fields will now work successfully. in each instance, however, the unix account must _still_ be created first. "smbpasswd -a -m workstation account" which is equivalent to "server manager for domains" still operates etc, and _that_ still requires a unix account too. someone want to update various docs? luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lnb at cybertouch.org Fri Mar 26 06:34:50 1999 From: lnb at cybertouch.org (Lanny Baron) Date: Tue Dec 2 02:25:57 2003 Subject: SWAT and FreeBSD 3.1 Message-ID: <199903260634.BAA13497@freedom.cybertouch.org> Hello, I recently installed FreeBSD 3.1 on a machine and put in Samba- 2.0.3. I have installed Samba before and is currently running on another FreeBSD box. The thing is, Swat will not run or rather, when prompted for the name and passwd (root and root's passwd) it comes back as wrong. Does anyone know how to fix this? Thanks, Lanny Baron http://ca.samba.org/samba/samba.html From jose at we.lc.ehu.es Fri Mar 26 09:25:30 1999 From: jose at we.lc.ehu.es (Jose M. Alcaide) Date: Tue Dec 2 02:25:57 2003 Subject: SWAT and FreeBSD 3.1 References: <199903260634.BAA13497@freedom.cybertouch.org> Message-ID: <36FB528A.60A737CB@we.lc.ehu.es> Lanny Baron wrote: > > I recently installed FreeBSD 3.1 on a machine and put in Samba- > 2.0.3. I have installed Samba before and is currently running on > another FreeBSD box. The thing is, Swat will not run or rather, > when prompted for the name and passwd (root and root's passwd) > it comes back as wrong. > > Does anyone know how to fix this? > I think that a FreeBSD list such as freebsd-questions or freebsd-ports would be more appropriate for sending this question :-) How did you installed Samba on your FreeBSD box? I ask you about this because there is a problem with Samba 2.0.x and FreeBSD's PAM (pluggable authentication modules). This problem is solved with a small patch for the Samba source, but this patch is automatically applied if you install Samba from the wonderful FreeBSD's ports collection (/usr/ports/net/samba). If you don't want to install the Samba port, then you could apply the patch yourself: /usr/ports/net/samba/patches/patch-ad. Hoping this helps, -- JMA ----------------------------------------------------------------------- Jos? M? Alcaide | mailto:jose@we.lc.ehu.es Universidad del Pa?s Vasco | mailto:jmas@es.FreeBSD.ORG Dpto. de Electricidad y Electr?nica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Tel.: +34-946012479 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-944858139 ----------------------------------------------------------------------- "Go ahead... make my day." - H. Callahan From cigor at EUnet.yu Fri Mar 26 10:18:16 1999 From: cigor at EUnet.yu (Colovic Igor) Date: Tue Dec 2 02:25:57 2003 Subject: Please send this message on! Thank You! Please forgive mr if this message boder you Message-ID: <01be7771$f67d5010$0200a8c0@big.co.yu> TO ALL HONEST PEOPLE IN THE WORLD Over our heads fly bombing airplane. Our women and kids sitting in the cellars awaiting bombs. Who has the right to endanger their survival ? And why ? Who has the right to take into hand the justice and to punish whole nation according to its own decision? Serbs are one of the oldest nation in the Europe. With their long tradition and culture with their own kings and kingdoms. And the whole history they never attacked other countries just defending themselves. In last two wars we were allied with USA,RUSSIA,BRITAIN never against. We lost many lives in that period, over 1 million people died in last war. For freedom. Against fascism. And now, the same countries with whom we fighted in last war giving our lives, send their missals, bombs and planes killing our kids. FOR WHAT REASON? To help those who wish to separate from our country. To help savage, wild people who always were enemies with us and our allies and always fights on the side of fascists! Your government say "To prevent humanitarian disaster of women and kids." Your government shaw to your TV station the pictures of them going through the snow. Do you know that there is no snow in Yugoslavia for months? Here is the spring! Your children walk carefree on the street. They slip calmly in their beds. They have the father, the mother, the home. Our kids, small babies, are sitting in the cold cellars behind afraid, crying, helpless, not understanding completely what is happened around them. They are not guilty. We are not guilty because we wont to negotiate honestly and to offer to those savages the most autonomy possible, the greatest in the world. but we are not ready to allow them to separate, to take our territory on which our nation has been borned. Where all historical monument confirms that this territory is our Serbs cradle! They can live there as citizens of our country, but they can not take it from us. NEVER. You say that we destroy million of them. Do you know, does anybody know how many Albanians live in Kosovo? Nobody know, because they refuse to register themselves always when government make the register of all population in the country. Do you know that in the period from 1980 the Albanian was the president of Yugoslavia? do you know that they had their own schools,university,radio,tv, newspapers which has been financed by the government? Do you know that many Albanians lives in Serbia, Belgrade, Novi Sad and work normally? Nobody harm them! Ask that your politicians. Inform them about truth. And stop killing our kids! Stop killing in Yugoslavia! Let our kids to grow in piece and be happy! Let us to work, to build and develop our economy and be the part of Europe! Respect our pride and history and press your politicians to n e g o t i a t e, not to blackmail our country! Tell to NATO not to be the slave of Albanians. Tell to NATO that they have no right to intervene on territory of the country which is not their member and which did not attack the country member of NATO. Give your voice of reason and say STOP! STOP IN THE NAME OF GOD! STOP IN THE NAME OF JUSTICE! STOP IN THE NAME OF YOUR CHILDREN WHICH WILL TOMORROW BE SHAMED OF THEIR FATHERS! STOP IN THE NAME OF OWN TOMORROW! STOP IN THE NAME OF GOD!!!! Your friends from Yugoslavia living under the bombs. From G.Klein at edelmann.de Fri Mar 26 14:16:50 1999 From: G.Klein at edelmann.de (Gerhard Klein) Date: Tue Dec 2 02:25:57 2003 Subject: domaingroup.map Message-ID: <36FB96D2.323D6B3D@edelmann.de> First time I mapped edv="Domain Admins". The policy editor shows me a lot of groups but no edv or "Domain Admins" group. Then I mapped adm="Domain Admins". The policy editor shows me edv and "Domain Admins" - is it a bug or a feature? How can I map two or more unix groups to one domain group? I'm using NT 4.0 German. The most descriptions are different f.e. Adminstrators -> Administratoren. Will it cause problems? Should I use the English or German descriptions? Gerhard -- http://www.edelmann.de mailto:G.Klein@edelmann.de Phone: +49 7321 340 368 Fax: +49 7321 340 363 From dave at www.buffalostate.edu Fri Mar 26 14:37:37 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:57 2003 Subject: User Manager and "Welcome to SAMBA Domain" - create accounts. In-Reply-To: Message-ID: > this code now works, including password changes. typing in the root-admin > username / password in the "create workstation account in domain" fields > will now work successfully. > > in each instance, however, the unix account must _still_ be created first. Now this may be a stupid idea. but could a feature called "adduser" be added to samba, i.e. one that functions like password chat, maybe call it "adduser chat", or "addworkstation chat". so that the manual labor of manually adding he user could be skipped. Using the "chat" format should make it the easiest, and most portable. i.e. for redhat you would just use "adduser workstat$". I know this is a security risk, but enhanced logging would help, since the admin account is required to do it anyway, its as secure as the Domain Admin passwords. What does everyone else think? Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From bkosick at nacs.net Fri Mar 26 14:46:09 1999 From: bkosick at nacs.net (Brian Kosick) Date: Tue Dec 2 02:25:57 2003 Subject: SWAT and FreeBSD 3.1 References: <199903260634.BAA13497@freedom.cybertouch.org> Message-ID: <36FB9DB0.3B92C703@nacs.net> Actually I have the same problem. I have Samba 2.0.3 on a RH5.2 box. If anybody could shed some light on this I would appreciate it. Also I tried to smbpasswd root and it gave me the error getsmbfilepwent: malformed password entry (uid not number) Is this a normal repsonse? Lanny Baron wrote: > Hello, > > I recently installed FreeBSD 3.1 on a machine and put in Samba- > 2.0.3. I have installed Samba before and is currently running on > another FreeBSD box. The thing is, Swat will not run or rather, > when prompted for the name and passwd (root and root's passwd) > it comes back as wrong. > > Does anyone know how to fix this? > > Thanks, > > Lanny Baron > http://ca.samba.org/samba/samba.html From m.brodbelt at acu.ac.uk Fri Mar 26 15:10:46 1999 From: m.brodbelt at acu.ac.uk (Mike Brodbelt) Date: Tue Dec 2 02:25:57 2003 Subject: Samba file ownership question. Message-ID: <36FBA376.96A8B714@acu.ac.uk> This is not strictly a domain related issue, so I hope people will forgive me for asking it here. I have a Samba 2.0.3 server running on RedHat Linux 5.1, kernel 2.0.36. I have created a share for peoples home directories that maps to /home/%u/shared, which works fine. I have added a share that maps to /home, that is accessible only to two admin users, and this also works ok. However, even though I have set the setgid bit on the "shared" directory in each users home directory, Samba is creating any new files as UID root, GID root. I want the GID to be set to the appropriate user, so that the admins can create file in the users home directories that the users can edit/delete later. Help..... Mike. From kaczor at ids.pl Fri Mar 26 15:33:07 1999 From: kaczor at ids.pl (Wiktor) Date: Tue Dec 2 02:25:57 2003 Subject: FreeBSD and windows98 In-Reply-To: <36FB9DB0.3B92C703@nacs.net> Message-ID: Hello I've got problem with making my samba-2.0.3 Primary Domain Controler for my workgruop. When I try to log to Domain server (my samba) windows 98 tells me that argument is invalid, or sometimes that server is unreachable. But when I log oridinary, my server is visible. I tried to use samba 2.1, but when i tried to run it looked for PDC SID, and then quit with error free(). My another problem is, that copying reach speed about 200kb/s on 10Mbit bandwidth. Is it maximum speed, or can i reach higher, giving more cache? How much aproximetly I should have share_mem... Now highest use is about 2kb. Regards Wiktor Niesiobedzki From lkcl at switchboard.net Fri Mar 26 18:22:48 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: Message-ID: On Thu, 25 Mar 1999, Greg Dickie wrote: > > How would you do this? If you use %m (machine) then that macro would be > the same whether the machine OR the user on the machine is logging i,n no? username is irrelevant. > As far as the dual personalities, would not both personalities need to be > PDCs? no. > And wouldn't WINS prevent that? no. > Or am I misunderstanding aliases? yes. From lkcl at switchboard.net Fri Mar 26 18:36:20 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: domaingroup.map In-Reply-To: <36FB96D2.323D6B3D@edelmann.de> Message-ID: On Sat, 27 Mar 1999, Gerhard Klein wrote: > First time I mapped edv="Domain Admins". The policy editor shows me a > lot of groups but no edv or "Domain Admins" group. Then I mapped > adm="Domain Admins". this is probably a bug: you probably had a username with the same gid as a user had uid for the edv group. > The policy editor shows me edv and "Domain Admins" > - is it a bug or a feature? > > How can I map two or more unix groups to one domain group? you cannot and you should not. From lkcl at switchboard.net Fri Mar 26 18:37:20 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: User Manager and "Welcome to SAMBA Domain" - create accounts. In-Reply-To: Message-ID: On Fri, 26 Mar 1999, Dave J. Andruczyk wrote: > > > this code now works, including password changes. typing in the root-admin > > username / password in the "create workstation account in domain" fields > > will now work successfully. > > > > in each instance, however, the unix account must _still_ be created first. > > Now this may be a stupid idea. but could a feature called "adduser" be > added to samba, i.e. one that functions like password chat, maybe call it > "adduser chat", or "addworkstation chat". so that the manual labor of > manually adding he user could be skipped. there already exists a "pre user script" and "post user script" system mega-hack in 2.0.x. From greg at discreet.com Fri Mar 26 19:20:25 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:57 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: Message-ID: OK so I'm, stupid but how would you do it? Greg On 26-Mar-99 Luke Kenneth Casson Leighton wrote: > On Thu, 25 Mar 1999, Greg Dickie wrote: > >> >> How would you do this? If you use %m (machine) then that macro would be >> the same whether the machine OR the user on the machine is logging i,n no? > > username is irrelevant. > >> As far as the dual personalities, would not both personalities need to be >> PDCs? > > no. > >> And wouldn't WINS prevent that? > > no. > >> Or am I misunderstanding aliases? > > yes. --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (no more logic) Montreal (514) 954-7171 greg@discreet.com From asukarno at ricochet.net Fri Mar 26 20:11:40 1999 From: asukarno at ricochet.net (Aryo K. Sukarno) Date: Tue Dec 2 02:25:57 2003 Subject: PDC, NIS+, Samba Message-ID: <000301be77c4$dc483e50$3eddf9d1@netliaison.com> Anyone know where I can find information connecting Samba with NIS+? Thank you From lkcl at switchboard.net Fri Mar 26 20:15:04 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: NT Domain AND cleartext passwords on same server In-Reply-To: Message-ID: On Fri, 26 Mar 1999, Greg Dickie wrote: > > OK so I'm, stupid but how would you do it? ok, i'm trying not to type too much as you know, so i was hoping you'd guess. /usr/local/samba/lib/smb.conf: include=/usr/local/samba/lib/smb.conf.%m /usr/local/samba/lib/smb.conf.NETBIOSNAME: [global] blah blah netbios aliases = NETBIOSALIAS1 encrypt passwords = yes blah blah /usr/local/samba/lib/smb.conf.NETBIOSALIAS1: [global] netbios name = NETBIOSALIAS1 blah blah encrypt passwords = no etc. apart from this you must treat them as totally separate systems. > Greg > > On 26-Mar-99 Luke Kenneth Casson Leighton wrote: > > On Thu, 25 Mar 1999, Greg Dickie wrote: > > > >> > >> How would you do this? If you use %m (machine) then that macro would be > >> the same whether the machine OR the user on the machine is logging i,n no? > > > > username is irrelevant. > > > >> As far as the dual personalities, would not both personalities need to be > >> PDCs? > > > > no. > > > >> And wouldn't WINS prevent that? > > > > no. > > > >> Or am I misunderstanding aliases? > > > > yes. > > --------------------------------------------------------------------- > Greg Dickie > Just A Guy* > *from discreet (no more logic) > Montreal > (514) 954-7171 > greg@discreet.com > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From frlord at webmethods.com Fri Mar 26 21:44:07 1999 From: frlord at webmethods.com (F. Ross Lord) Date: Tue Dec 2 02:25:57 2003 Subject: Samba PDC and rsync Message-ID: <000001be77d1$c6bf5250$7701010a@oa-ntvm.webmethods.com> I have a fully functioning Samba PDC (running on redhat 5.2) here, so thanks to everyone for their help in that! Of course, there is an additional problem. We have a satellite office on the other side of the country, and I would like to be able to synchronize all users and passwords between our Samba PDC and a linux server out there. Joining that server to the domain is not practical, because there is no WAN connection between the two. Is it possible to use rsync (or something similar) to keep everything together? If so, are there a set of instructions anywhere on what files need to be synced, different smb.conf settings that have to be made, etc? Thanks again for all of the great help in getting me this far. -- frl From dlee at cse.fau.edu Sat Mar 27 01:21:28 1999 From: dlee at cse.fau.edu (Donjuma Lee) Date: Tue Dec 2 02:25:57 2003 Subject: SWAT and FreeBSD 3.1 In-Reply-To: <199903260634.BAA13497@freedom.cybertouch.org> Message-ID: don't know how to fix it but this is what is happening to me. This is my first time installing samba. Also running FreeBSD 3.1 On Fri, 26 Mar 1999, Lanny Baron wrote: > Hello, > > I recently installed FreeBSD 3.1 on a machine and put in Samba- > 2.0.3. I have installed Samba before and is currently running on > another FreeBSD box. The thing is, Swat will not run or rather, > when prompted for the name and passwd (root and root's passwd) > it comes back as wrong. > > Does anyone know how to fix this? > > Thanks, > > Lanny Baron > http://ca.samba.org/samba/samba.html > From valankar at bigfoot.com Sat Mar 27 04:22:29 1999 From: valankar at bigfoot.com (valankar@bigfoot.com) Date: Tue Dec 2 02:25:57 2003 Subject: KIX32.EXE gives Access Violation in Samba CVS PDC Message-ID: Hello, we are experiencing a problem running Kixstart for NT when using Samba CVS as a PDC. I had reported a similar problem a few months ago. I last updated CVS at Wed Mar 24 1998. The program KIX32.EXE crashes when it is run with a Dr. Watson access violation error. I have included samba debug logs at level 3, and also drwtsn32.log generated by NT. If you need the KIX32.EXE program, I have it available at: http://indiana.cse.fau.edu/~valankar/KIX32.EXE We are running Samba on a SPARC Solaris 2.5.1 machine. Any help appreciated. Viraj log.machinename --------------- [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 61 of length 93 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBntcreateX (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/nttrans.c:nt_open_pipe(514) nt_open_pipe: Known pipe samr opening. [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 62 of length 152 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=72 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)api_pipe_bind_req: \PIPE\samr -> \PIPE\lsass [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 63 of length 140 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=60 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_CONNECT [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:set_lsa_policy_samr_pol_status(195) Setting policy status=20 pnum=3 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 64 of length 95 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBntcreateX (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/nttrans.c:nt_open_pipe(514) nt_open_pipe: Known pipe lsarpc opening. [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 65 of length 152 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=72 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "lsarpc" (pnum 700d)api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsass [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 66 of length 164 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=84 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "lsarpc" (pnum 700d)Doing \PIPE\lsarpc [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: LSA_OPENPOLICY2 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 67 of length 126 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=46 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "lsarpc" (pnum 700d)Doing \PIPE\lsarpc [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: LSA_QUERYINFOPOLICY [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 68 of length 124 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=44 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "lsarpc" (pnum 700d)Doing \PIPE\lsarpc [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: LSA_CLOSE [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 69 of length 46 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBclose (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 70 of length 156 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=76 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_OPEN_DOMAIN [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:set_lsa_policy_samr_sid(216) Setting policy sid=S-1-5-21-3640219026-56508495-3524654312 pnum=4 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 71 of length 144 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=64 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_OPEN_DOMAIN [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:set_lsa_policy_samr_sid(216) Setting policy sid=S-1-5-32 pnum=5 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 72 of length 176 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=96 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_LOOKUP_NAMES [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:get_lsa_policy_samr_sid(239) Getting policy sid=S-1-5-21-3640219026-56508495-3524654312 pnum=4 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 73 of length 132 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=52 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_OPEN_USER [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:set_lsa_policy_samr_rid(175) Setting policy device rid=8c4 pnum=6 [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 74 of length 126 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=46 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_QUERY_USERINFO [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:get_lsa_policy_samr_rid(258) Getting policy device rid=8c4 pnum=6 [1999/03/24 17:35:04, 3] rpc_server/srv_samr.c:get_user_info_21(1819) User:[valankar] [1999/03/24 17:35:04, 3] smbd/process.c:process_smb(565) Transaction 75 of length 124 [1999/03/24 17:35:04, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:04, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:04, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=44 params=0 setup=2 [1999/03/24 17:35:04, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:04, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:04, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_QUERY_USERGROUPS [1999/03/24 17:35:04, 3] rpc_server/srv_lsa_hnd.c:get_lsa_policy_samr_rid(258) Getting policy device rid=8c4 pnum=6 [1999/03/24 17:35:04, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:04, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:04, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:05, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:05, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:05, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:05, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:05, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:05, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:05, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:05, 0] smbd/uid.c:become_root(366) ERROR: become root depth is non zero [1999/03/24 17:35:05, 0] smbd/uid.c:unbecome_root(387) ERROR: unbecome root depth is 0 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 76 of length 388 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=308 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_QUERY_USERALIASES [1999/03/24 17:35:05, 3] rpc_server/srv_lsa_hnd.c:get_lsa_policy_samr_sid(239) Getting policy sid=S-1-5-32 pnum=5 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 77 of length 124 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=44 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_CLOSE_HND [1999/03/24 17:35:05, 3] rpc_server/srv_lsa_hnd.c:close_lsa_policy_hnd(299) Closed policy name pnum=6 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 78 of length 124 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=44 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_CLOSE_HND [1999/03/24 17:35:05, 3] rpc_server/srv_lsa_hnd.c:close_lsa_policy_hnd(299) Closed policy name pnum=4 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 79 of length 124 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=44 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_CLOSE_HND [1999/03/24 17:35:05, 3] rpc_server/srv_lsa_hnd.c:close_lsa_policy_hnd(299) Closed policy name pnum=5 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 80 of length 156 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=76 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_OPEN_DOMAIN [1999/03/24 17:35:05, 3] rpc_server/srv_lsa_hnd.c:set_lsa_policy_samr_sid(216) Setting policy sid=S-1-5-21-3640219026-56508495-3524654312 pnum=4 [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 81 of length 126 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=46 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_QUERY_DOMAIN_INFO [1999/03/24 17:35:05, 3] smbd/process.c:process_smb(565) Transaction 82 of length 126 [1999/03/24 17:35:05, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 19089) [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:05, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp [1999/03/24 17:35:05, 3] smbd/ipc.c:reply_trans(3601) trans <\PIPE\> data=46 params=0 setup=2 [1999/03/24 17:35:05, 3] smbd/ipc.c:named_pipe(3456) named pipe command on <> name [1999/03/24 17:35:05, 3] smbd/ipc.c:api_fd_reply(3243) Got API command 0x26 on pipe "samr" (pnum 700c)Doing \PIPE\samr [1999/03/24 17:35:05, 3] rpc_server/srv_pipe.c:api_rpc_command(678) api_rpc_command: SAMR_QUERY_DOMAIN_INFO [1999/03/24 17:35:06, 3] smbd/process.c:process_smb(565) Transaction 83 of length 46 [1999/03/24 17:35:06, 3] smbd/process.c:switch_message(402) switch message SMBclose (pid 19089) [1999/03/24 17:35:06, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /usr/sambacvs/bin [1999/03/24 17:35:06, 3] lib/doscalls.c:dos_ChDir(319) dos_ChDir to /tmp drwtsn32.log ------------ Microsoft (R) Windows NT (TM) Version 4.00 DrWtsn32 Copyright (C) 1985-1996 Microsoft Corp. All rights reserved. Application exception occurred: App: (pid=130) When: 3/24/1999 @ 17:35:42.334 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: UPROC01 User Name: valankar Number of Processors: 1 Processor Type: x86 Family 6 Model 3 Stepping 4 Windows Version: 4.0 Current Build: 1381 Current Type: Uniprocessor Free Registered Organization: FAU Registered Owner: Mahesh Neelakanta *----> Task List <----* 0 Idle.exe 2 System.exe 20 smss.exe 30 csrss.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 68 SPOOLSS.exe 82 smartagt.exe 89 RPCSS.exe 44 NDDEAGNT.exe 120 EXPLORER.exe 136 systray.exe 138 comsmd.exe 140 daconfig.exe 142 em_exec.exe 71 CMD.exe 130 KIX32.exe 126 DRWTSN32.exe 0 _Total.exe (00400000 - 00400000) (77f60000 - 77fbc000) dll\ntdll.dbg (77800000 - 7783a000) dll\netapi32.dbg (779f0000 - 77a36000) dll\msvcrt.dbg (77f00000 - 77f5e000) dll\kernel32.dbg (77dc0000 - 77dfe000) dll\advapi32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (77e10000 - 77e62000) dll\rpcrt4.dbg (77840000 - 77849000) dll\NetRap.dbg (777e0000 - 777ed000) dll\samlib.dbg (77720000 - 77731000) dll\mpr.dbg (77fd0000 - 77ffa000) dll\winmm.dbg (5f600000 - 5f618000) drv\winspool.dbg (6bd00000 - 6bd1a000) d:\c151a11\bin\i386\free\cs32ba11.dll (5f810000 - 5f817000) dll\rpcltc1.dbg State Dump for Thread Id 0x86 eax=00000000 ebx=00000014 ecx=0012f4a0 edx=00140548 esi=00000000 edi=00142668 eip=7781fcfc esp=0012f43c ebp=0012f46c iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 function: NetUserModalsGet 7781fcd6 7421 jz NetUserModalsGet+0x289 (7781fcf9) 7781fcd8 83fe01 cmp esi,0x1 7781fcdb 746b jz NetUserModalsGet+0x2d8 (7781fd48) 7781fcdd 83fe02 cmp esi,0x2 7781fce0 0f84c5000000 je NetUserModalsGet+0x33b (7781fdab) 7781fce6 83fe03 cmp esi,0x3 7781fce9 0f8427010000 je NetUserModalsGet+0x3a6 (7781fe16) 7781fcef bf7c000000 mov edi,0x7c 7781fcf4 e9cafdffff jmp NetUserModalsGet+0x53 (7781fac3) 7781fcf9 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? FAULT ->7781fcfc 0fb708 movzx ecx,word ptr [eax] ds:00000000=???? 7781fcff 890f mov [edi],ecx ds:00142668=00140128 7781fd01 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd04 ff700c push dword ptr [eax+0xc] ds:00f0ea06=???????? 7781fd07 83c008 add eax,0x8 7781fd0a ff30 push dword ptr [eax] ds:00000000=???????? 7781fd0c e8a3470000 call 778244b4 7781fd11 894704 mov [edi+0x4],eax ds:0105106e=???????? 7781fd14 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd17 ff7014 push dword ptr [eax+0x14] ds:00f0ea06=???????? 7781fd1a 83c010 add eax,0x10 7781fd1d ff30 push dword ptr [eax] ds:00000000=???????? *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0012f46c 0040162b 0012f8b4 00000000 0012f4a0 77fa55b0 netapi32!NetUserModalsGet *----> Raw Stack Dump <----* 0012f43c b0 55 fa 77 ca c1 f6 77 - 00 f0 fd 7f 00 00 00 00 .U.w...w........ 0012f44c 00 00 00 00 b0 f4 12 00 - 00 00 00 00 00 00 00 00 ................ 0012f45c 00 00 00 00 48 26 14 00 - 00 00 00 00 78 1d 14 00 ....H&......x... 0012f46c e4 fc 12 00 2b 16 40 00 - b4 f8 12 00 00 00 00 00 ....+.@......... 0012f47c a0 f4 12 00 b0 55 fa 77 - ca c1 f6 77 00 f0 fd 7f .....U.w...w.... 0012f48c 00 00 00 00 00 00 00 00 - 34 ec 81 77 3b ee 81 77 ........4..w;..w 0012f49c dc f4 12 00 68 26 14 00 - fc 12 80 77 e4 f6 12 00 ....h&.....w.... 0012f4ac 1b 12 80 77 76 00 61 00 - 6c 00 61 00 6e 00 6b 00 ...wv.a.l.a.n.k. 0012f4bc 61 00 72 00 00 00 de 77 - c4 f7 12 00 00 00 00 02 a.r....w........ 0012f4cc f4 f4 12 00 00 00 00 00 - 70 f5 12 00 00 00 00 00 ........p....... 0012f4dc 00 00 00 00 00 00 00 00 - 10 00 00 00 70 f5 12 00 ............p... 0012f4ec 79 00 5c 00 4d 00 61 00 - 18 00 00 00 62 1e fd 77 y.\.M.a.....b..w 0012f4fc 54 00 00 00 3c f7 12 00 - 02 00 00 00 20 f5 12 00 T...<....... ... 0012f50c 18 02 00 00 38 f7 12 00 - 00 00 00 00 6e 4e f0 77 ....8.......nN.w 0012f51c a8 0e 14 00 78 f5 12 00 - b9 9a dd 77 10 00 00 00 ....x......w.... 0012f52c 68 f5 12 00 70 f5 12 00 - 00 00 00 00 00 00 00 02 h...p........... 0012f53c 00 00 00 00 c4 f7 12 00 - 00 00 00 00 fc 7e d0 6b .............~.k 0012f54c b8 29 f1 77 0a 00 00 00 - 4f 00 4e 00 5c 00 53 00 .).w....O.N.\.S. 0012f55c 79 00 73 00 74 00 65 00 - 6d 00 5c 00 7a 00 7c 00 y.s.t.e.m.\.z.|. 0012f56c bc f5 12 00 00 00 00 00 - 00 00 00 00 c8 f7 12 00 ................ Application exception occurred: App: (pid=132) When: 3/24/1999 @ 17:35:56.264 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: UPROC01 User Name: valankar Number of Processors: 1 Processor Type: x86 Family 6 Model 3 Stepping 4 Windows Version: 4.0 Current Build: 1381 Current Type: Uniprocessor Free Registered Organization: FAU Registered Owner: Mahesh Neelakanta *----> Task List <----* 0 Idle.exe 2 System.exe 20 smss.exe 30 csrss.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 68 SPOOLSS.exe 82 smartagt.exe 89 RPCSS.exe 44 NDDEAGNT.exe 120 EXPLORER.exe 136 systray.exe 138 comsmd.exe 140 daconfig.exe 142 em_exec.exe 71 CMD.exe 132 KIX32.exe 130 DRWTSN32.exe 0 _Total.exe (00400000 - 00400000) (77f60000 - 77fbc000) dll\ntdll.dbg (77800000 - 7783a000) dll\netapi32.dbg (779f0000 - 77a36000) dll\msvcrt.dbg (77f00000 - 77f5e000) dll\kernel32.dbg (77dc0000 - 77dfe000) dll\advapi32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (77e10000 - 77e62000) dll\rpcrt4.dbg (77840000 - 77849000) dll\NetRap.dbg (777e0000 - 777ed000) dll\samlib.dbg (77720000 - 77731000) dll\mpr.dbg (77fd0000 - 77ffa000) dll\winmm.dbg (5f600000 - 5f618000) drv\winspool.dbg (6bd00000 - 6bd1a000) d:\c151a11\bin\i386\free\cs32ba11.dll (5f810000 - 5f817000) dll\rpcltc1.dbg State Dump for Thread Id 0x81 eax=00000000 ebx=00000014 ecx=0012f4a0 edx=00140548 esi=00000000 edi=00142668 eip=7781fcfc esp=0012f43c ebp=0012f46c iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 function: NetUserModalsGet 7781fcd6 7421 jz NetUserModalsGet+0x289 (7781fcf9) 7781fcd8 83fe01 cmp esi,0x1 7781fcdb 746b jz NetUserModalsGet+0x2d8 (7781fd48) 7781fcdd 83fe02 cmp esi,0x2 7781fce0 0f84c5000000 je NetUserModalsGet+0x33b (7781fdab) 7781fce6 83fe03 cmp esi,0x3 7781fce9 0f8427010000 je NetUserModalsGet+0x3a6 (7781fe16) 7781fcef bf7c000000 mov edi,0x7c 7781fcf4 e9cafdffff jmp NetUserModalsGet+0x53 (7781fac3) 7781fcf9 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? FAULT ->7781fcfc 0fb708 movzx ecx,word ptr [eax] ds:00000000=???? 7781fcff 890f mov [edi],ecx ds:00142668=00140128 7781fd01 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd04 ff700c push dword ptr [eax+0xc] ds:00f0ea06=???????? 7781fd07 83c008 add eax,0x8 7781fd0a ff30 push dword ptr [eax] ds:00000000=???????? 7781fd0c e8a3470000 call 778244b4 7781fd11 894704 mov [edi+0x4],eax ds:0105106e=???????? 7781fd14 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd17 ff7014 push dword ptr [eax+0x14] ds:00f0ea06=???????? 7781fd1a 83c010 add eax,0x10 7781fd1d ff30 push dword ptr [eax] ds:00000000=???????? *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0012f46c 0040162b 0012f8b4 00000000 0012f4a0 77fa55b0 netapi32!NetUserModalsGet *----> Raw Stack Dump <----* 0012f43c b0 55 fa 77 ca c1 f6 77 - 00 f0 fd 7f 00 00 00 00 .U.w...w........ 0012f44c 00 00 00 00 b0 f4 12 00 - 00 00 00 00 00 00 00 00 ................ 0012f45c 00 00 00 00 48 26 14 00 - 00 00 00 00 78 1d 14 00 ....H&......x... 0012f46c e4 fc 12 00 2b 16 40 00 - b4 f8 12 00 00 00 00 00 ....+.@......... 0012f47c a0 f4 12 00 b0 55 fa 77 - ca c1 f6 77 00 f0 fd 7f .....U.w...w.... 0012f48c 00 00 00 00 00 00 00 00 - 34 ec 81 77 3b ee 81 77 ........4..w;..w 0012f49c dc f4 12 00 68 26 14 00 - fc 12 80 77 e4 f6 12 00 ....h&.....w.... 0012f4ac 1b 12 80 77 76 00 61 00 - 6c 00 61 00 6e 00 6b 00 ...wv.a.l.a.n.k. 0012f4bc 61 00 72 00 00 00 de 77 - c4 f7 12 00 00 00 00 02 a.r....w........ 0012f4cc f4 f4 12 00 00 00 00 00 - 70 f5 12 00 00 00 00 00 ........p....... 0012f4dc 00 00 00 00 00 00 00 00 - 78 00 00 00 70 f5 12 00 ........x...p... 0012f4ec 79 00 5c 00 4d 00 61 00 - 18 00 00 00 62 1e fd 77 y.\.M.a.....b..w 0012f4fc 50 00 00 00 3c f7 12 00 - 02 00 00 00 20 f5 12 00 P...<....... ... 0012f50c 18 02 00 00 38 f7 12 00 - 00 00 00 00 6e 4e f0 77 ....8.......nN.w 0012f51c a8 0e 14 00 78 f5 12 00 - b9 9a dd 77 78 00 00 00 ....x......wx... 0012f52c 68 f5 12 00 70 f5 12 00 - 00 00 00 00 00 00 00 02 h...p........... 0012f53c 00 00 00 00 c4 f7 12 00 - 00 00 00 00 fc 7e d0 6b .............~.k 0012f54c b8 29 f1 77 0a 00 00 00 - 4f 00 4e 00 5c 00 53 00 .).w....O.N.\.S. 0012f55c 79 00 73 00 74 00 65 00 - 6d 00 5c 00 7a 00 7c 00 y.s.t.e.m.\.z.|. 0012f56c bc f5 12 00 00 00 00 00 - 00 00 00 00 c8 f7 12 00 ................ Application exception occurred: App: (pid=127) When: 3/24/1999 @ 17:57:16.225 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: UPROC01 User Name: valankar Number of Processors: 1 Processor Type: x86 Family 6 Model 3 Stepping 4 Windows Version: 4.0 Current Build: 1381 Current Type: Uniprocessor Free Registered Organization: FAU Registered Owner: Mahesh Neelakanta *----> Task List <----* 0 Idle.exe 2 System.exe 20 smss.exe 30 csrss.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 68 SPOOLSS.exe 82 smartagt.exe 89 RPCSS.exe 44 NDDEAGNT.exe 120 EXPLORER.exe 136 systray.exe 138 comsmd.exe 140 daconfig.exe 142 em_exec.exe 71 CMD.exe 127 KIX32.exe 130 DRWTSN32.exe 0 _Total.exe (00400000 - 00400000) (77f60000 - 77fbc000) dll\ntdll.dbg (77800000 - 7783a000) dll\netapi32.dbg (779f0000 - 77a36000) dll\msvcrt.dbg (77f00000 - 77f5e000) dll\kernel32.dbg (77dc0000 - 77dfe000) dll\advapi32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (77e10000 - 77e62000) dll\rpcrt4.dbg (77840000 - 77849000) dll\NetRap.dbg (777e0000 - 777ed000) dll\samlib.dbg (77720000 - 77731000) dll\mpr.dbg (77fd0000 - 77ffa000) dll\winmm.dbg (5f600000 - 5f618000) drv\winspool.dbg (6bd00000 - 6bd1a000) d:\c151a11\bin\i386\free\cs32ba11.dll (5f810000 - 5f817000) dll\rpcltc1.dbg State Dump for Thread Id 0x5c eax=00000000 ebx=00000014 ecx=0012f4a0 edx=00140548 esi=00000000 edi=00142668 eip=7781fcfc esp=0012f43c ebp=0012f46c iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 function: NetUserModalsGet 7781fcd6 7421 jz NetUserModalsGet+0x289 (7781fcf9) 7781fcd8 83fe01 cmp esi,0x1 7781fcdb 746b jz NetUserModalsGet+0x2d8 (7781fd48) 7781fcdd 83fe02 cmp esi,0x2 7781fce0 0f84c5000000 je NetUserModalsGet+0x33b (7781fdab) 7781fce6 83fe03 cmp esi,0x3 7781fce9 0f8427010000 je NetUserModalsGet+0x3a6 (7781fe16) 7781fcef bf7c000000 mov edi,0x7c 7781fcf4 e9cafdffff jmp NetUserModalsGet+0x53 (7781fac3) 7781fcf9 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? FAULT ->7781fcfc 0fb708 movzx ecx,word ptr [eax] ds:00000000=???? 7781fcff 890f mov [edi],ecx ds:00142668=00140128 7781fd01 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd04 ff700c push dword ptr [eax+0xc] ds:00f0ea06=???????? 7781fd07 83c008 add eax,0x8 7781fd0a ff30 push dword ptr [eax] ds:00000000=???????? 7781fd0c e8a3470000 call 778244b4 7781fd11 894704 mov [edi+0x4],eax ds:0105106e=???????? 7781fd14 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd17 ff7014 push dword ptr [eax+0x14] ds:00f0ea06=???????? 7781fd1a 83c010 add eax,0x10 7781fd1d ff30 push dword ptr [eax] ds:00000000=???????? *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0012f46c 0040162b 0012f8b4 00000000 0012f4a0 77fa55b0 netapi32!NetUserModalsGet *----> Raw Stack Dump <----* 0012f43c b0 55 fa 77 ca c1 f6 77 - 00 f0 fd 7f 00 00 00 00 .U.w...w........ 0012f44c 00 00 00 00 b0 f4 12 00 - 00 00 00 00 00 00 00 00 ................ 0012f45c 00 00 00 00 48 26 14 00 - 00 00 00 00 78 1d 14 00 ....H&......x... 0012f46c e4 fc 12 00 2b 16 40 00 - b4 f8 12 00 00 00 00 00 ....+.@......... 0012f47c a0 f4 12 00 b0 55 fa 77 - ca c1 f6 77 00 f0 fd 7f .....U.w...w.... 0012f48c 00 00 00 00 00 00 00 00 - 34 ec 81 77 3b ee 81 77 ........4..w;..w 0012f49c dc f4 12 00 68 26 14 00 - fc 12 80 77 e4 f6 12 00 ....h&.....w.... 0012f4ac 1b 12 80 77 76 00 61 00 - 6c 00 61 00 6e 00 6b 00 ...wv.a.l.a.n.k. 0012f4bc 61 00 72 00 00 00 de 77 - c4 f7 12 00 00 00 00 02 a.r....w........ 0012f4cc f4 f4 12 00 00 00 00 00 - 70 f5 12 00 00 00 00 00 ........p....... 0012f4dc 00 00 00 00 00 00 00 00 - 70 00 00 00 70 f5 12 00 ........p...p... 0012f4ec 79 00 5c 00 4d 00 61 00 - 18 00 00 00 62 1e fd 77 y.\.M.a.....b..w 0012f4fc 50 00 00 00 3c f7 12 00 - 02 00 00 00 20 f5 12 00 P...<....... ... 0012f50c 18 02 00 00 38 f7 12 00 - 00 00 00 00 6e 4e f0 77 ....8.......nN.w 0012f51c a8 0e 14 00 78 f5 12 00 - b9 9a dd 77 70 00 00 00 ....x......wp... 0012f52c 68 f5 12 00 70 f5 12 00 - 00 00 00 00 00 00 00 02 h...p........... 0012f53c 00 00 00 00 c4 f7 12 00 - 00 00 00 00 fc 7e d0 6b .............~.k 0012f54c b8 29 f1 77 0a 00 00 00 - 4f 00 4e 00 5c 00 53 00 .).w....O.N.\.S. 0012f55c 79 00 73 00 74 00 65 00 - 6d 00 5c 00 7a 00 7c 00 y.s.t.e.m.\.z.|. 0012f56c bc f5 12 00 00 00 00 00 - 00 00 00 00 c8 f7 12 00 ................ Application exception occurred: App: (pid=98) When: 3/24/1999 @ 17:58:48.397 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: UPROC01 User Name: valankar Number of Processors: 1 Processor Type: x86 Family 6 Model 3 Stepping 4 Windows Version: 4.0 Current Build: 1381 Current Type: Uniprocessor Free Registered Organization: FAU Registered Owner: Mahesh Neelakanta *----> Task List <----* 0 Idle.exe 2 System.exe 20 smss.exe 30 csrss.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 68 SPOOLSS.exe 82 smartagt.exe 89 RPCSS.exe 44 NDDEAGNT.exe 120 EXPLORER.exe 136 systray.exe 138 comsmd.exe 140 daconfig.exe 142 em_exec.exe 71 CMD.exe 98 KIX32.exe 130 DRWTSN32.exe 0 _Total.exe (00400000 - 00400000) (77f60000 - 77fbc000) dll\ntdll.dbg (77800000 - 7783a000) dll\netapi32.dbg (779f0000 - 77a36000) dll\msvcrt.dbg (77f00000 - 77f5e000) dll\kernel32.dbg (77dc0000 - 77dfe000) dll\advapi32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (77e10000 - 77e62000) dll\rpcrt4.dbg (77840000 - 77849000) dll\NetRap.dbg (777e0000 - 777ed000) dll\samlib.dbg (77720000 - 77731000) dll\mpr.dbg (77fd0000 - 77ffa000) dll\winmm.dbg (5f600000 - 5f618000) drv\winspool.dbg (6bd00000 - 6bd1a000) d:\c151a11\bin\i386\free\cs32ba11.dll (5f810000 - 5f817000) dll\rpcltc1.dbg State Dump for Thread Id 0x7e eax=00000000 ebx=00000014 ecx=0012f4a0 edx=00140548 esi=00000000 edi=00142668 eip=7781fcfc esp=0012f43c ebp=0012f46c iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 function: NetUserModalsGet 7781fcd6 7421 jz NetUserModalsGet+0x289 (7781fcf9) 7781fcd8 83fe01 cmp esi,0x1 7781fcdb 746b jz NetUserModalsGet+0x2d8 (7781fd48) 7781fcdd 83fe02 cmp esi,0x2 7781fce0 0f84c5000000 je NetUserModalsGet+0x33b (7781fdab) 7781fce6 83fe03 cmp esi,0x3 7781fce9 0f8427010000 je NetUserModalsGet+0x3a6 (7781fe16) 7781fcef bf7c000000 mov edi,0x7c 7781fcf4 e9cafdffff jmp NetUserModalsGet+0x53 (7781fac3) 7781fcf9 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? FAULT ->7781fcfc 0fb708 movzx ecx,word ptr [eax] ds:00000000=???? 7781fcff 890f mov [edi],ecx ds:00142668=00140128 7781fd01 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd04 ff700c push dword ptr [eax+0xc] ds:00f0ea06=???????? 7781fd07 83c008 add eax,0x8 7781fd0a ff30 push dword ptr [eax] ds:00000000=???????? 7781fd0c e8a3470000 call 778244b4 7781fd11 894704 mov [edi+0x4],eax ds:0105106e=???????? 7781fd14 8b45f8 mov eax,[ebp-0x8] ss:0103de72=???????? 7781fd17 ff7014 push dword ptr [eax+0x14] ds:00f0ea06=???????? 7781fd1a 83c010 add eax,0x10 7781fd1d ff30 push dword ptr [eax] ds:00000000=???????? *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0012f46c 0040162b 0012f8b4 00000000 0012f4a0 77fa55b0 netapi32!NetUserModalsGet *----> Raw Stack Dump <----* 0012f43c b0 55 fa 77 ca c1 f6 77 - 00 f0 fd 7f 00 00 00 00 .U.w...w........ 0012f44c 00 00 00 00 b0 f4 12 00 - 00 00 00 00 00 00 00 00 ................ 0012f45c 00 00 00 00 48 26 14 00 - 00 00 00 00 78 1d 14 00 ....H&......x... 0012f46c e4 fc 12 00 2b 16 40 00 - b4 f8 12 00 00 00 00 00 ....+.@......... 0012f47c a0 f4 12 00 b0 55 fa 77 - ca c1 f6 77 00 f0 fd 7f .....U.w...w.... 0012f48c 00 00 00 00 00 00 00 00 - 34 ec 81 77 3b ee 81 77 ........4..w;..w 0012f49c dc f4 12 00 68 26 14 00 - fc 12 80 77 e4 f6 12 00 ....h&.....w.... 0012f4ac 1b 12 80 77 76 00 61 00 - 6c 00 61 00 6e 00 6b 00 ...wv.a.l.a.n.k. 0012f4bc 61 00 72 00 00 00 de 77 - c4 f7 12 00 00 00 00 02 a.r....w........ 0012f4cc f4 f4 12 00 00 00 00 00 - 70 f5 12 00 00 00 00 00 ........p....... 0012f4dc 00 00 00 00 00 00 00 00 - 70 00 00 00 70 f5 12 00 ........p...p... 0012f4ec 79 00 5c 00 4d 00 61 00 - 18 00 00 00 62 1e fd 77 y.\.M.a.....b..w 0012f4fc 50 00 00 00 3c f7 12 00 - 02 00 00 00 20 f5 12 00 P...<....... ... 0012f50c 18 02 00 00 38 f7 12 00 - 00 00 00 00 6e 4e f0 77 ....8.......nN.w 0012f51c a8 0e 14 00 78 f5 12 00 - b9 9a dd 77 70 00 00 00 ....x......wp... 0012f52c 68 f5 12 00 70 f5 12 00 - 00 00 00 00 00 00 00 02 h...p........... 0012f53c 00 00 00 00 c4 f7 12 00 - 00 00 00 00 fc 7e d0 6b .............~.k 0012f54c b8 29 f1 77 0a 00 00 00 - 4f 00 4e 00 5c 00 53 00 .).w....O.N.\.S. 0012f55c 79 00 73 00 b0 55 fa 77 - 00 00 e7 77 01 f0 fd 7f y.s..U.w...w.... 0012f56c bc f5 12 00 00 00 00 00 - 60 f5 12 00 c8 f7 12 00 ........`....... From adam.w.cabler at lmco.com Fri Mar 26 22:46:27 1999 From: adam.w.cabler at lmco.com (Cabler, Adam W) Date: Tue Dec 2 02:25:57 2003 Subject: Extremely Important Message-ID: I realize that this is way off-topic, but I wanted to save everyone a lot of trouble caused at my company by a word virus that is sweeping the internet.? This is not another "do not open this message, send this to everyone" virus, and if you would like, I can send you the visual basic code that I copied from the macro.? I could tell you more, but I will let NAI do it: http://www.avertlabs.com/public/datafiles/valerts/vinfo/melissa.asp ? I know that a lot of you are system admins, and since this could shut down your mail systems, I thought it was worth it. ? adam ? From jose at we.lc.ehu.es Sat Mar 27 14:29:08 1999 From: jose at we.lc.ehu.es (Jose M. Alcaide) Date: Tue Dec 2 02:25:57 2003 Subject: SWAT and FreeBSD 3.1 References: Message-ID: <36FCEB34.E99CEA24@we.lc.ehu.es> Donjuma Lee wrote: > > don't know how to fix it but this is what is happening to me. This is my > first time installing samba. Also running FreeBSD 3.1 > If you install Samba 2.0.x on a FreeBSD 3.1 system, NOT from /usr/ports/net/samba, but rather by hand, the so built Samba uses PAM (pluggable authentication modules). Unfortunately, the PAM module needed by Samba does not exist (yet) in FreeBSD. If you install Samba from /usr/ports/net/samba (simply typing "make install"), the so built Samba is automatically patched for disabling PAM support, and it does work. However, the ports tree included in the FreeBSD 3.1 distribution installs Samba 2.0.2, not 2.0.3. You can update you ports tree to current status; in this way, the samba port will install Samba 2.0.3 on your system. -- JMA ----------------------------------------------------------------------- Jos? M? Alcaide | mailto:jose@we.lc.ehu.es Universidad del Pa?s Vasco | mailto:jmas@es.FreeBSD.ORG Dpto. de Electricidad y Electr?nica | http://www.we.lc.ehu.es/~jose Facultad de Ciencias - Campus de Lejona | Tel.: +34-946012479 48940 Lejona (Vizcaya) - SPAIN | Fax: +34-944858139 ----------------------------------------------------------------------- "Go ahead... make my day." - H. Callahan From lkcl at switchboard.net Sat Mar 27 20:28:30 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:57 2003 Subject: KIX32.EXE gives Access Violation in Samba CVS PDC (fwd) Message-ID: Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== ---------- Forwarded message ---------- Date: Sat, 27 Mar 1999 20:19:44 +0000 (GMT) From: Luke Kenneth Casson Leighton To: valankar@bigfoot.com Cc: Multiple recipients of list Subject: Re: KIX32.EXE gives Access Violation in Samba CVS PDC the last call in this list is "query domain info". the info level being requested is probably not supported. if you can obtain a NETMON trace of the correct info level when running kixstart against an nt pdc i can code it up for you. thx, luke On Sat, 27 Mar 1999 valankar@bigfoot.com wrote: > > Hello, we are experiencing a problem running Kixstart for NT when using > Samba CVS as a PDC. I had reported a similar problem a few months ago. I > last updated CVS at Wed Mar 24 1998. The program KIX32.EXE crashes when it > is run with a Dr. Watson access violation error. I have included samba > debug logs at level 3, and also drwtsn32.log generated by NT. If you need > the KIX32.EXE program, I have it available at: > > http://indiana.cse.fau.edu/~valankar/KIX32.EXE > > We are running Samba on a SPARC Solaris 2.5.1 machine. Any help > appreciated. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From victor at dial.ru.kiev.ua Sun Mar 28 22:06:03 1999 From: victor at dial.ru.kiev.ua (Victor Repetsky) Date: Tue Dec 2 02:25:57 2003 Subject: 2 problems Message-ID: <36FEA7CB.AC86EF64@dial.ru.kiev.ua> Hi! I have samba 2.0.3 working on linux box (rh5.2, 2.0.36). It works as PDC for several NT4.0 sp4 boxes. I have following problems 1) local copy of users's roaming profile remains on nt box after log out. Regestry setting DeleteRoamingCache is set. In addition Delete Roming Profiles (or smth similar) is set in ntconfig.pol. Other settings in ntconfig.pol are working fine. 2) Quota doesn't work properly. If a user writes something via explorer or other "good" tool, it checks free space and doesn't copy big files. But programs using, for example, blockwrite from pascal, can write huge files! The following is example of such a program ==cut== {$X+} Uses CRT,DOS; Label LoopExit; Var F:File; Buf:Array[0..$8000] of byte; i:Byte; Count:LongInt; SR:SearchRec; Name:String; Begin {$I-} Count:=-1; Repeat Inc(Count); Str(Count:4,Name); For i:=1 to Byte(Name[0]) Do if Name[i]=' ' then Name[i]:='0'; Name:='Z:\'+Name+'.XXX'; FindFirst(Name,AnyFile,SR); Until DosError=18; Assign(F,Name); Rewrite(F,1); Count:=0; Repeat For i:=0 to 255 do Begin Inc(Count); FillChar(Buf,SizeOf(Buf),i); BlockWrite(F,Buf,SizeOf(Buf)); Write(#13'Writing byte ',i:3,' to file ',Name,' ',Count,' times. '); if KeyPressed then Goto LoopExit; Write(#13'Writing byte ',i:3,' to file ',Name,' ',Count,' times, total ', Count*SizeOf(Buf) div 1048576,' Mbytes. '); End; LoopExit: Until KeyPressed; While KeyPressed Do ReadKey; Close(F); Writeln(#13'Processing broken. '); End. ==cut== Unfortunetly, the only solution I found is to delete files on close if an error occuerd during writing. ugly patch. Bye! From java at blueram.whirlwind.net Mon Mar 29 03:00:23 1999 From: java at blueram.whirlwind.net (Stephen J. Anderson) Date: Tue Dec 2 02:25:57 2003 Subject: subscribe Message-ID: <36FEECC7.B8C3CEF6@blueram.whirlwind.net> subscribe From inge at cc.uit.no Mon Mar 29 13:38:58 1999 From: inge at cc.uit.no (Inge-Haavard Hunstad) Date: Tue Dec 2 02:25:57 2003 Subject: con2prt Message-ID: <36FF8272.43662635@cc.uit.no> Hello Is there anybody who have got the utility con2prt, that comes with the zero administration kit, to work with samba? This tool connects networkprinters and can set them as default printer. When I write this commando on a machine with NT Wrks 4.0 SP3: con2prt /cd \\trinket\dewshine00 I got this output: Failed to connect to Windows NT printer: \\trinket\dewshine00. Please check to see that the printer exists. Trinket is my file and printserver it is running RH5.2 with 2.2.3 kernel and samba 2.0.3 with security domain. This machine is connected to my pdc (picknose) whos running RH5.2 with 2.2.1 kernel and cvs HEAD branch of samba dated 12.03.1999 There's no problem to see the printer share using "net view \\trinket" and I can print to the printer. If I set up the samba shared printer on another machine running NT and then use con2prt on that printershare it works. But this is not a real solution for me because i want the clients to have direct contact with the server. The thing I wanted to use con2prt to, is to set the default printer in the login script. The printshares looks like this: [printers] comment = All Printers path = /var/tmp create mask = 0700 print ok = Yes browseable = No [dewshine00] comment = dewshine00 path = /var/tmp read only = No create mask = 0700 print ok = Yes share modes = No printer = dewshine00 I tried both spesifying a printshare and let samba create it automagicaly. Thanks in advance for your help. Keep up the good work! Inge Here is a little piece of the logfile for the NT Mashine: [1999/03/29 14:29:12, 10] lib/util_sock.c:read_smb_length_return_keepalive(449) got smb length of 118 [1999/03/29 14:29:12, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0x76 [1999/03/29 14:29:12, 3] smbd/process.c:process_smb(565) Transaction 29 of length 122 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(459) size=118 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(465) smb_tid=1 smb_pid=40992 smb_uid=100 smb_mid=1728 smt_wct=14 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[0]=38 (0x26) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[1]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[2]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[3]=1024 (0x400) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[4]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[5]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[6]=5000 (0x1388) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[7]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[8]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[9]=38 (0x26) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[10]=80 (0x50) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[11]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[12]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[13]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(475) smb_bcc=55 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2832) [000] 5C 50 49 50 45 5C 4C 41 4E 4D 41 4E 00 00 0B 33 \PIPE\LA NMAN...3 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [010] 45 46 00 7A 57 72 4C 68 00 7A 57 57 57 57 7A 7A EF.zWrLh .zWWWWzz [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [020] 7A 7A 57 57 7A 7A 6C 00 64 65 77 73 68 69 6E 65 zzWWzzl. dewshine [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [030] 30 30 00 03 00 00 04 00..... [1999/03/29 14:29:12, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 28803) [1999/03/29 14:29:12, 5] smbd/uid.c:become_user(262) become_user uid=(0,1011) gid=(0,1011) [1999/03/29 14:29:12, 3] lib/doscalls.c:dos_ChDir(327) dos_ChDir to /tmp [1999/03/29 14:29:12, 3] smbd/ipc.c:reply_trans(3625) trans <\PIPE\LANMAN> data=0 params=38 setup=0 [1999/03/29 14:29:12, 5] smbd/ipc.c:reply_trans(3637) calling named_pipe [1999/03/29 14:29:12, 3] smbd/ipc.c:named_pipe(3480) named pipe command on name [1999/03/29 14:29:12, 3] smbd/ipc.c:api_reply(3425) Got API command 70 of form (tdscnt=0,tpscnt=38,mdrcnt=1024,mprcnt=6) [1999/03/29 14:29:12, 3] smbd/ipc.c:api_reply(3430) Doing DosPrintQGetInfo [1999/03/29 14:29:12, 3] smbd/ipc.c:api_DosPrintQGetInfo(818) PrintQueue uLevel=3 name=dewshine00 [1999/03/29 14:29:12, 3] printing/printing.c:get_printqueue(1004) Using cached lpq output [1999/03/29 14:29:12, 6] printing/printing.c:get_printqueue(1027) QUEUE2: No entries [1999/03/29 14:29:12, 6] printing/printing.c:get_printqueue(1027) QUEUE2: [1999/03/29 14:29:12, 4] smbd/ipc.c:api_DosPrintQGetInfo(891) printqgetinfo: errorcode 0 [1999/03/29 14:29:12, 5] smbd/ipc.c:copy_trans_params_and_data(150) copy_trans_params_and_data: params[0..6] data[0..133] [1999/03/29 14:29:12, 5] lib/util.c:show_msg(459) size=197 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(465) smb_tid=1 smb_pid=40992 smb_uid=100 smb_mid=1728 smt_wct=10 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[0]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[1]=133 (0x85) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[2]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[3]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[4]=56 (0x38) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[5]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[6]=133 (0x85) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[7]=64 (0x40) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[8]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[9]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(475) smb_bcc=142 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2832) [000] 00 00 00 00 00 85 00 00 00 2C 00 00 00 05 00 00 ........ .,...... [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [010] 00 00 00 05 00 37 00 00 00 38 00 00 00 41 00 00 .....7.. .8...A.. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [020] 00 42 00 00 00 00 00 00 00 4D 00 00 00 58 00 00 .B...... .M...X.. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [030] 00 5D 00 00 00 64 65 77 73 68 69 6E 65 30 30 00 .]...dew shine00. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [040] 00 57 69 6E 50 72 69 6E 74 00 00 6E 6F 20 65 6E .WinPrin t..no en [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [050] 74 72 69 65 73 00 64 65 77 73 68 69 6E 65 30 30 tries.de wshine00 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [060] 00 4E 55 4C 4C 00 28 00 00 00 E8 03 00 00 4E 55 .NULL.(. ......NU [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [070] 4C 4C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 LL...... ........ [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ...... [1999/03/29 14:29:12, 6] lib/util_sock.c:write_socket(185) write_socket(6,201) [1999/03/29 14:29:12, 6] lib/util_sock.c:write_socket(188) write_socket(6,201) wrote 201 [1999/03/29 14:29:12, 10] lib/util_sock.c:read_smb_length_return_keepalive(449) got smb length of 118 [1999/03/29 14:29:12, 6] smbd/process.c:process_smb(564) got message type 0x0 of len 0x76 [1999/03/29 14:29:12, 3] smbd/process.c:process_smb(565) Transaction 30 of length 122 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(459) size=118 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(465) smb_tid=1 smb_pid=40992 smb_uid=100 smb_mid=1792 smt_wct=14 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[0]=38 (0x26) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[1]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[2]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[3]=1024 (0x400) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[4]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[5]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[6]=5000 (0x1388) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[7]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[8]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[9]=38 (0x26) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[10]=80 (0x50) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[11]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[12]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[13]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(475) smb_bcc=55 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2832) [000] 5C 50 49 50 45 5C 4C 41 4E 4D 41 4E 00 00 00 00 \PIPE\LA NMAN.... [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [010] 00 46 00 7A 57 72 4C 68 00 7A 57 57 57 57 7A 7A .F.zWrLh .zWWWWzz [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [020] 7A 7A 57 57 7A 7A 6C 00 64 65 77 73 68 69 6E 65 zzWWzzl. dewshine [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [030] 30 30 00 03 00 00 04 00..... [1999/03/29 14:29:12, 3] smbd/process.c:switch_message(402) switch message SMBtrans (pid 28803) [1999/03/29 14:29:12, 4] smbd/uid.c:become_user(209) Skipping become_user - already user [1999/03/29 14:29:12, 3] smbd/ipc.c:reply_trans(3625) trans <\PIPE\LANMAN> data=0 params=38 setup=0 [1999/03/29 14:29:12, 5] smbd/ipc.c:reply_trans(3637) calling named_pipe [1999/03/29 14:29:12, 3] smbd/ipc.c:named_pipe(3480) named pipe command on name [1999/03/29 14:29:12, 3] smbd/ipc.c:api_reply(3425) Got API command 70 of form (tdscnt=0,tpscnt=38,mdrcnt=1024,mprcnt=6) [1999/03/29 14:29:12, 3] smbd/ipc.c:api_reply(3430) Doing DosPrintQGetInfo [1999/03/29 14:29:12, 3] smbd/ipc.c:api_DosPrintQGetInfo(818) PrintQueue uLevel=3 name=dewshine00 [1999/03/29 14:29:12, 3] printing/printing.c:get_printqueue(1004) Using cached lpq output [1999/03/29 14:29:12, 6] printing/printing.c:get_printqueue(1027) QUEUE2: No entries [1999/03/29 14:29:12, 6] printing/printing.c:get_printqueue(1027) QUEUE2: [1999/03/29 14:29:12, 4] smbd/ipc.c:api_DosPrintQGetInfo(891) printqgetinfo: errorcode 0 [1999/03/29 14:29:12, 5] smbd/ipc.c:copy_trans_params_and_data(150) copy_trans_params_and_data: params[0..6] data[0..133] [1999/03/29 14:29:12, 5] lib/util.c:show_msg(459) size=197 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(465) smb_tid=1 smb_pid=40992 smb_uid=100 smb_mid=1792 smt_wct=10 [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[0]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[1]=133 (0x85) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[2]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[3]=6 (0x6) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[4]=56 (0x38) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[5]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[6]=133 (0x85) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[7]=64 (0x40) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[8]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(470) smb_vwv[9]=0 (0x0) [1999/03/29 14:29:12, 5] lib/util.c:show_msg(475) smb_bcc=142 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2832) [000] 00 00 00 00 00 85 00 00 00 2C 00 00 00 05 00 00 ........ .,...... [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [010] 00 00 00 05 00 37 00 00 00 38 00 00 00 41 00 00 .....7.. .8...A.. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [020] 00 42 00 00 00 00 00 00 00 4D 00 00 00 58 00 00 .B...... .M...X.. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [030] 00 5D 00 00 00 64 65 77 73 68 69 6E 65 30 30 00 .]...dew shine00. [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [040] 00 57 69 6E 50 72 69 6E 74 00 00 6E 6F 20 65 6E .WinPrin t..no en [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [050] 74 72 69 65 73 00 64 65 77 73 68 69 6E 65 30 30 tries.de wshine00 [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [060] 00 4E 55 4C 4C 00 28 00 00 00 E8 03 00 00 4E 55 .NULL.(. ......NU [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [070] 4C 4C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 LL...... ........ [1999/03/29 14:29:12, 10] lib/util.c:dump_data(2840) [080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ...... [1999/03/29 14:29:12, 6] lib/util_sock.c:write_socket(185) write_socket(6,201) [1999/03/29 14:29:12, 6] lib/util_sock.c:write_socket(188) write_socket(6,201) wrote 201 From valankar at bigfoot.com Mon Mar 29 15:41:19 1999 From: valankar at bigfoot.com (Viraj Alankar) Date: Tue Dec 2 02:25:57 2003 Subject: KIX32.EXE gives Access Violation in Samba CVS PDC (fwd) In-Reply-To: Message-ID: On Sun, 28 Mar 1999, Luke Kenneth Casson Leighton wrote: > > the last call in this list is "query domain info". the info level being > requested is probably not supported. > > if you can obtain a NETMON trace of the correct info level when running > kixstart against an nt pdc i can code it up for you. > Luke, I've attached a NETMON .CAP file of kix32 working with an NT pdc. Thanks. Viraj > > On Sat, 27 Mar 1999 valankar@bigfoot.com wrote: > > > > > Hello, we are experiencing a problem running Kixstart for NT when using > > Samba CVS as a PDC. I had reported a similar problem a few months ago. I > > last updated CVS at Wed Mar 24 1998. The program KIX32.EXE crashes when it > > is run with a Dr. Watson access violation error. I have included samba > > debug logs at level 3, and also drwtsn32.log generated by NT. If you need > > the KIX32.EXE program, I have it available at: > > > > http://indiana.cse.fau.edu/~valankar/KIX32.EXE > > > > We are running Samba on a SPARC Solaris 2.5.1 machine. Any help > > appreciated. > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > > ===================================================================== > Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 > Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 > Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 > > http://www.iss.net/ *Adaptive Network Security for the Enterprise* > ISS Connect - International User Conference - May '99 > ===================================================================== > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: kix.CAP Type: application/octet-stream Size: 16540 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/19990329/4d347e21/kix.obj From tarun at poboxes.com Mon Mar 29 17:42:43 1999 From: tarun at poboxes.com (Tarun Upadhyay) Date: Tue Dec 2 02:25:57 2003 Subject: 2.0.2 with NT PDC Message-ID: <36FFBB93.BDC0B1D5@poboxes.com> We have an NT network with both PDC and BDC as NT 4.0/SP4 machines. I would like to integrate my Redhat 5.2/x86 into the network. I have joined the domain and I could pretty well connect to other clients. But other clients cant connect to my shares. They could see my machine in Network Neighbourhood but when they double click on it, they get network access denied error. I get no messages in my logs. What is wrong? I have tried security=user and (security=server and server=our nt pdc). Thanks With Warm Regards Tarun --- visit my website at http://www.poboxes.com/tarun From joseluis at lsi.upc.es Mon Mar 29 17:54:52 1999 From: joseluis at lsi.upc.es (Jose Luis Montero Saez - Lab. Calculo LSI) Date: Tue Dec 2 02:25:57 2003 Subject: Publishing the server with another name (again) Message-ID: <199903291754.TAA11107@lsi.upc.es> Hello to everybody. I have sent this message a few weeks ago, and I haven't had any useful response. I'll try again :-) because my problem continues. I have one Samba server, 2.0 version, on solaris 2.6. My server is the domain master and the wins server for the NT clients, and it is running with encrypted passwords. When I run the server with his name (his hostname), all is correct and Nt clients can attach the domain, they can enter and they can execute the logon script I have. Ok, right. But, I would need to publish the server with another name, different to his real name. For example: "NT_server". Then, I reboot the daemons and the Samba server is on the right workgroup with the right name, "NT_server", NT clients can attach the server and they can browse the shares but the logon script is never executed. If I try to execute manually, it says: \\NT_server\netlogon isn't one valid path to the real directory. UNC path's are not allowed. Making predetermined the directory of Windows. (I have one spanish version of NT and I have translated the message error, sorry) I have tested it with debug level of 10 and I haven't seen anything bizarre. Is it possible to publish my server with a different name and to continue executing the logon script?. Can somebody help me?. Thank you in advance. Regards, Jos? Luis Montero Computing Laboratory - Dept. Software UPC Barcelona, Spain From dave at www.buffalostate.edu Mon Mar 29 18:47:30 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:57 2003 Subject: Publishing the server with another name (again) In-Reply-To: <199903291754.TAA11107@lsi.upc.es> Message-ID: > > Is it possible to publish my server with a different name and to > continue executing the logon script?. Can somebody help me?. > yes, use "netbios name = name_you_want" it works for me (samba 1.9.18p10, i know its old, but it works great for win9x logons) Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From brissing at vexcel.com Mon Mar 29 19:13:39 1999 From: brissing at vexcel.com (Dean Brissinger) Date: Tue Dec 2 02:25:57 2003 Subject: Terminal Server Message-ID: Hi, I have Samba 2.0.3 setup and working perfectly on Solaris 2.7 as a PDC. My NT WorkSP4 stations connect w/o a problem. My problem is that I need to get a Terminal server to validate against the Samba PDC. When I try, I get a blue screen of death and have to reboot (blank screen, just says "STOP"). SP4 is not available yet as Microsoft has broken yet another of their big deadlines and put this off until god knows when. Has anyone out there found a way to get NT Terminal Server 4 (sp3) to work w/ a Samba PDC? Thanks! Dean B. From lkcl at switchboard.net Mon Mar 29 19:37:36 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Terminal Server In-Reply-To: Message-ID: nt pipe support = no. On Tue, 30 Mar 1999, Dean Brissinger wrote: > Hi, > > > I have Samba 2.0.3 setup and working perfectly on Solaris 2.7 > as a PDC. My NT WorkSP4 stations connect w/o a problem. > > My problem is that I need to get a Terminal server to > validate against the Samba PDC. When I try, I get a blue screen of > death and have to reboot (blank screen, just says "STOP"). SP4 is > not available yet as Microsoft has broken yet another of their big > deadlines and put this off until god knows when. Has anyone out > there found a way to get NT Terminal Server 4 (sp3) to work w/ a > Samba PDC? > > > > Thanks! > > > Dean B. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From martin at kuppinger.com Mon Mar 29 20:00:01 1999 From: martin at kuppinger.com (Kuppinger - Martin Kuppinger) Date: Tue Dec 2 02:25:58 2003 Subject: Some questions on security Message-ID: <01BE7A30.819F9250@STRNTPMK> Hello, as a newbie to samba (not to NT) there are several questions for which I couldn't find answers in the samba documentation: - is NTLM v2 (new with NT SP4) supported by Samba? - is there some sort of documentation/information on the use of Samba as a NT PDC? I've read that it's not officially supported with 2.0.3. Any experiences with Exchange Directory oder Notes/Nt-Directory-integration when using Samba? Thanks Martin IT-Networks GmbH Martin Kuppinger Redaktionsb?ro martin@kuppinger.com http://www.it-networks.com http://www.kuppinger.com T. +49 (711) 76717-00 F. +49 (711) 76717-17 From aryosukarno at earthlink.net Mon Mar 29 21:51:07 1999 From: aryosukarno at earthlink.net (Aryo K. Sukarno) Date: Tue Dec 2 02:25:58 2003 Subject: Samba-2.0.2 Message-ID: <000301be7a2e$403ee2e0$3eddf9d1@netliaison.com> So Samba-2.0.3 is not capable to be a PDC. I've been looking to ftp.samba.org but did not find Samba-2.0.2.tar.gz for Solaris x86. Can someone tell me where I can find it, or download it from other ftp? Thank you Aryo From jmeff at engsoc.queensu.ca Mon Mar 29 21:52:46 1999 From: jmeff at engsoc.queensu.ca (Jamie ffolliott) Date: Tue Dec 2 02:25:58 2003 Subject: Terminal Server In-Reply-To: Message-ID: <000201be7a2e$7b4d4b60$0245a8c0@cgocable.net> > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > > nt pipe support = no. ^^ But this will break NT4 station logons to the Samba PDC ;) I tested this last week with Samba2.1prealpha March 3rd CVS. >> I have Samba 2.0.3 setup and working perfectly on Solaris 2.7 >> as a PDC. My NT WorkSP4 stations connect w/o a problem. Jamie From lkcl at switchboard.net Mon Mar 29 22:33:03 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Some questions on security In-Reply-To: <01BE7A30.819F9250@STRNTPMK> Message-ID: On Tue, 30 Mar 1999, Kuppinger - Martin Kuppinger wrote: > Hello, > > as a newbie to samba (not to NT) there are several questions for which I couldn't find answers in the samba documentation: > - is NTLM v2 (new with NT SP4) supported by Samba? not yet. no documentation available on its use in CIFS. From lkcl at switchboard.net Mon Mar 29 22:38:15 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Terminal Server In-Reply-To: <000201be7a2e$7b4d4b60$0245a8c0@cgocable.net> Message-ID: On Tue, 30 Mar 1999, Jamie ffolliott wrote: > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Luke Kenneth Casson Leighton > > > > nt pipe support = no. > ^^ > But this will break NT4 station logons to the Samba PDC ;) correct. 2.0.x should not be used as a PDC. From webber at sj.univali.rct-sc.br Tue Mar 30 04:58:51 1999 From: webber at sj.univali.rct-sc.br (Celso Kopp Webber) Date: Tue Dec 2 02:25:58 2003 Subject: Profile updating and "Slow connection" Message-ID: Hi! I'm having two problems with Samba, sources from today, 03/30/99. 1. When one user tries to modify his/her setting, such as the wallpaper on Windows NT workstation, nothing gets changed. The only think the user can change is the background color, but although files are created under \\SMB-logon-server\profiles, when the user logs in again, his profiles are reset to the default. 2. Whenever a user logs in, it takes a few seconds, and then she gets the message "A slow connection was detected ... ". Even if she downloads her profile, all changes are lost. These worked for me on old versions (when the domain group = parameter existed). Thanks in advance for any tip. Relevant smb.conf is attached below Prof. Celso Kopp Webber mailto://webber@sj.univali.rct-sc.br Universidade do Vale do Itajai' - UNIVALI Campus Sao Jose - Sao Jose, SC Administracao de Redes Rod. SC 407, Km. 4 88122-000 Sao Jose-SC Brazil Fone: +55 (48) 281-1505 Fax: +55 (48) 281-1506 #======================= Global Settings ===================================== # # Last change: 29/03/98, Celso # [global] # General options workgroup = COMPUTACAO server string = Servidor de logon principal netbios name = PASCAL netbios aliases = LOGONSVR # Printing options printcap name = /etc/printcap load printers = yes printing = bsd # Log options log file = /var/log/samba/log.%m max log size = 50 # Security options: allow local machines (200.135.47.*) hosts allow = 127. 200.135.47. security = user ; password level = 8 encrypt passwords = yes smb passwd file = /etc/smbpasswd guest ok = no # Automatic change of UNIX password from Win95 Change Password on Control Panel ; passwd chat debug = yes ; unix password sync = yes ; passwd program = /usr/bin/passwd %u ; passwd chat = *password* %n\n *password* %n\n *sucessfully* # Network specific options: performance, browsing, network logon, etc. socket options = TCP_NODELAY ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; remote browse sync = 192.168.3.25 192.168.5.255 ; remote announce = 192.168.1.255 192.168.2.44 # Browsing options os level = 33 domain master = yes preferred master = yes # Server capabilities options time server = yes wins support = yes dns proxy = no # Domain Logon Options domain logons = yes logon script = %m.bat logon path = \\%L\Profiles\%U logon drive = x: domain group map = /etc/domaingroup.map domain user map = /etc/domainuser.map local group map = /etc/localgroup.map unix realname = yes # File and naming conventions options preserve case = yes short preserve case = yes veto files = /lost+found/quota.user/quota.group/ #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes # autoconfigure netscape for the user root preexec = /bin/bash - /home/samba/scripts/ajusta-netscape.sh %U ; /home/samba/scripts/verifica-quota.sh %U %M # Domain Logons share [netlogon] comment = Network Logon Service path = /home/samba/netlogon browseable = no guest ok = yes # writable, but only administrators can write ant modify scripts, etc. writable = yes write list = @samba share modes = no # Roving Profiles share [Profiles] path = /home/samba/profiles browseable = no writable = yes guest ok = yes create mask = 000 force create mode = 770 directory mask = 000 force directory mode = 770 From appro at fy.chalmers.se Tue Mar 30 09:48:14 1999 From: appro at fy.chalmers.se (Andy Polyakov) Date: Tue Dec 2 02:25:58 2003 Subject: Terminal Server References: <000201be7a2e$7b4d4b60$0245a8c0@cgocable.net> Message-ID: <37009DDE.D2E01844@fy.chalmers.se> > > nt pipe support = no. > ^^ > But this will break NT4 station logons to the Samba PDC ;) search http://anu.samba.org/listproc/samba-ntdom/thread.html for "demystified" word to understand what's the problem. andy. From fricke at Team.OWL-Online.DE Tue Mar 30 08:58:31 1999 From: fricke at Team.OWL-Online.DE (Cord-H. Fricke) Date: Tue Dec 2 02:25:58 2003 Subject: Domain logons Message-ID: <37009237.171FC23A@team.owl-online.de> Hi there, my problems are going on. the first user who logs onto NT gets the profile I want. The others get the local profile because NT says there is no profile availible from the server. What am I doing wrong????????????????????? Waiting urgently for help Cord From greg at discreet.com Tue Mar 30 12:38:39 1999 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:25:58 2003 Subject: Domain logons In-Reply-To: <37009237.171FC23A@team.owl-online.de> Message-ID: Hi Cord, If you turn up the debugging level (20 or so) on samba and check the log files you should see exacly what the problem is. One note about that, if you haven't already done it, it's MUCH easier to debug if you separate your logs with a line like "log file = /var/samba/log.%m.%U" (ie: by machine and user) Greg On 30-Mar-99 Cord-H. Fricke wrote: > Hi there, > > my problems are going on. > the first user who logs onto NT gets the profile I want. The others get > the local profile because NT says there is no profile availible from the > server. > What am I doing wrong????????????????????? > > Waiting urgently for help > > Cord --------------------------------------------------------------------- Greg Dickie Just A Guy* *from discreet (the logic is gone) Montreal (514) 954-7171 greg@discreet.com From bj at mcs.uts.edu.au Tue Mar 30 13:04:25 1999 From: bj at mcs.uts.edu.au (Benjamin Kuit) Date: Tue Dec 2 02:25:58 2003 Subject: Domain logons In-Reply-To: <37009237.171FC23A@team.owl-online.de> from "Cord-H. Fricke" at "Mar 30, 99 08:00:37 pm" Message-ID: <199903301304.XAA29615@thing.socs.uts.EDU.AU> > my problems are going on. > the first user who logs onto NT gets the profile I want. The others get > the local profile because NT says there is no profile availible from the > server. > What am I doing wrong????????????????????? Without knowing what your smb.conf file is, I can only guess, but it sounds like you want a single roaming profile for all users, ie logon path = \\someserver\profile for everyone. Chances are you created the profile you wanted, copied it into place and then let the PDC fun to begin, but left the 'ntuser.dat' file as is. Leaving the ntuser.dat means the next person who uses it will have their settings written to it, including permissions on who's allowed to use it. If this is the case, after creating the profile, rename the 'ntuser.dat' file to 'ntuser.man', this changes the profile from roaming to mandatory. Of course, if this isn't the problem, then I dont know what I'm talking about, and I should get some sleep =) G'night. Bj +-------------------------------+--------------------------------------+ | Benjamin (Bj) Kuit | Faculty of Mathematical | | Systems Programmer | and Computing Sciences. | | Phone: 02 9514 1841 | University of Technology, Sydney | | Mobile: 0412 182 972 | bj@mcs.uts.edu.au | +-------------------------------+--------------------------------------+ From cartegw at Eng.Auburn.EDU Tue Mar 30 05:05:09 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:58 2003 Subject: Some questions on security References: <01BE7A30.819F9250@STRNTPMK> Message-ID: <37005B85.9C5EFB21@eng.auburn.edu> Kuppinger - Martin Kuppinger wrote: > > - is there some sort of documentation/information on > the use of Samba as a NT PDC? Have you read the NTDOM FAQ (linked off the documentation page on the Samba site)? Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From chiodi+ at pitt.edu Tue Mar 30 15:22:45 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:58 2003 Subject: nt profiles Message-ID: Hello all, I am using Samba 2.1.prealpha last mondays build on suse 5.3 kernel 2.0.36. I changed logon path from logon path = \\%L\%U\profile logon path = \\%L\profiles\%U\profile My Win9x clients are getting their profiles. My NT 4.0 sp3 clients are not getting their profiles. NT reports that it can not create the \\hostname\profiles\username\profile.pd here is the profiles share from my smb.conf: [profiles] comment = Stores Profiles browsable = no path=/windows/profiles/%S read only = no create mode = 0750 The user has a NT profile. The original logon path using the home directory works. Any suggestions? _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From cartegw at Eng.Auburn.EDU Tue Mar 30 15:32:27 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:58 2003 Subject: nt profiles References: Message-ID: <3700EE8B.1F9DCAD9@eng.auburn.edu> John T Chiodi wrote: > > logon path = \\%L\profiles\%U\profile > > [profiles] > comment = Stores Profiles > browsable = no > path=/windows/profiles/%S This path expands to /windows/profiles/profiles I think what you want is path = /windows/profiles/%U Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From dcimaro at ipruniv.cce.unipr.it Tue Mar 30 14:34:05 1999 From: dcimaro at ipruniv.cce.unipr.it (Diego Cimarosa) Date: Tue Dec 2 02:25:58 2003 Subject: Multiple login with the same account Message-ID: <001301be7aba$6546d840$655d4ea0@diego.labgiuri.unipr.it> Hi all ! How is it possible to avoid it ? I don't want that many students use the same account at the same time ... On the Windows login screen it would appear something like : "User %u already connected on %m" Is it possible ? Another question : On [global] section I have the line : preexec = echo "%T %u connected from %m" >> /tmp/"%u".log and I can trace the login date & time. Good !. ... How can I trace the logoff ? It would be nice to know the amount of time spent on per user basis. Any suggestion ? Thanks ! -------------- next part -------------- HTML attachment scrubbed and removed From spiritu at nwu.edu Tue Mar 30 15:47:54 1999 From: spiritu at nwu.edu (Jonathan Michael Hawkins) Date: Tue Dec 2 02:25:58 2003 Subject: NT Printer driver automagic install? Message-ID: <3700F22A.BBB8D7A3@nwu.edu> Hello-- I'm just wondering if the Samba team has any idea what's needed to get NT Printer driver automagic installs working. They work great so far on Win95, but I can't seem to get NT to recognize. Can anyone tell me what's up? Jonathan -- Jonathan Michael Hawkins Northwestern University Assistant Network Administrator Evanston, IL USA McCormick Computing Support http://www.tech.nwu.edu/support mailto:spiritu@nwu.edu OAS, AAS, LLS!!! -- GO CATS! From erik at total4.nl Tue Mar 30 15:50:04 1999 From: erik at total4.nl (Erik Duisters) Date: Tue Dec 2 02:25:58 2003 Subject: Login problems on solaris 2.5.1 with samba 2.0.3 Message-ID: <19990330154609883.AAA469@fubar02> Hi, I'v tried this getpwnam out in a little c prog. it works fine. I've included a log.smb at level 10. In this trace you can see that the machine name goes into the samba box ok, but then when samba processes the rpc message, it gets lost. Erik. -------------------------------------------------------------------------------------------------- you have a bug in your OS which either truncates usernames to 8 chars or strips the $ off the end of accounts. this is a bug in getpwnam() implementation. On Tue, 23 Mar 1999, Erik Duisters wrote: > Hi, > > I've installed samba 2.0.3 on a sparcstation 5 running solaris 2.5.1. > I've configured samba as a logon server, created account in > smbpasswd etc. > > There is no problem in joining PC in the domain, but as soon as I > want to log in, I get the error message: C00000078. > > Looking through the log files, I see the following message: > > rpc_server/srv_netlog.c:get_md4pw(266) > get_md4pw: Workstation $: no account in domain > > When I run the same version of samba on Linux, everything works. > Does anybody have any ideas about this? > > Regards, > > Erik > -------------- next part -------------- [1999/03/30 16:53:28, 3] smbd/ipc.c:(3264) Got API command 0x26 on pipe "NETLOGON" (pnum 7019)api_fd_reply: p:134b78 file_offset: 1024 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) 000000 smb_io_rpc_hdr [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) 0000 major : 05 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) 0001 minor : 00 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) 0002 pkt_type : 00 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) 0003 flags : 03 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0004 pack_type : 00000010 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) 0008 frag_len : 005c [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) 000a auth_len : 0000 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 000c call_id : 00000001 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) 000010 smb_io_rpc_hdr_req req [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0010 alloc_hint: 00000044 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) 0014 context_id: 0000 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) 0016 opnum : 0004 [1999/03/30 16:53:28, 3] rpc_server/srv_pipe.c:(599) Doing \PIPE\NETLOGON [1999/03/30 16:53:28, 4] rpc_server/srv_pipe.c:(665) api_rpc_command: api_netlog_rpc op 0x4 - api_rpc_command: NET_REQCHAL [1999/03/30 16:53:28, 5] rpc_server/srv_netlog.c:(285) api_net_req_chal(285): vuid 100 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) 000018 net_io_q_req_chal [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0018 undoc_buffer: 00150f08 [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) 00001c smb_io_unistr2 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 001c uni_max_len: 0000000a [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0020 undoc : 00000000 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0024 uni_str_len: 0000000a [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) 0028 buffer : \.\.A.L.X.T.M.0.8... [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) 00003c smb_io_unistr2 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 003c uni_max_len: 00000006 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0040 undoc : 00000000 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0044 uni_str_len: 00000006 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) 0048 buffer : 0.1.2.7.D... [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) 000054 smb_io_chal [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) 0054 data: 14 7f 93 5f 58 ff f2 01 [1999/03/30 16:53:28, 10] passdb/passdb.c:(140) search by name: $ [1999/03/30 16:53:28, 10] passdb/smbpass.c:(45) startsmbfilepwent: opening file /usr/local/samba/private/smbpasswd [1999/03/30 16:53:28, 6] passdb/smbpass.c:(159) getsmbfilepwent: skipping comment or blank line [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) getsmbfilepwent: returning passwd entry for user 0127d$, uid 1004 [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) getsmbfilepwent: returning passwd entry for user duistere, uid 1003 [1999/03/30 16:53:28, 4] passdb/smbpass.c:(140) getsmbfilepwent: end of file reached [1999/03/30 16:53:28, 5] passdb/smbpass.c:(306) getsmbfilepwent: end of file reached. [1999/03/30 16:53:28, 7] passdb/smbpass.c:(81) endsmbfilepwent: closed password file. [1999/03/30 16:53:28, 0] rpc_server/srv_netlog.c:(266) get_md4pw: Workstation $: no account in domain [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(56) net_reply_req_chal: 56 [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(43) make_net_r_req_chal: 43 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) 000000 net_io_r_req_chal [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) 000000 smb_io_chal [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) 0000 data: 00 00 00 00 00 00 00 00 [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) 0008 status: c0000199 [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(64) net_reply_req_chal: 64 From cartegw at Eng.Auburn.EDU Tue Mar 30 16:07:46 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:58 2003 Subject: NT Printer driver automagic install? References: <3700F22A.BBB8D7A3@nwu.edu> Message-ID: <3700F6D2.4E97124C@eng.auburn.edu> Jonathan Michael Hawkins wrote: > > Hello-- > > I'm just wondering if the Samba team has any idea > what's needed to get NT Printer driver automagic > installs working. They work great so far on > Win95, but I can't seem to get NT to recognize. > Can anyone tell me what's up? Jean Francois Micouleau is doing the spoolss RPC code (for printer support so we don't have to thunk down to LanMan ports). Once that is done, samba will be able to support the RAW format and download the printer drivers. I belive the code is under review now. jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From yuji at physics.unc.edu Tue Mar 30 16:25:59 1999 From: yuji at physics.unc.edu (Yuji Shinozaki) Date: Tue Dec 2 02:25:58 2003 Subject: Kerberos authentication Message-ID: Can you implement the Samba PDC to use KRB5 (or KRB4) authentication? The docs seem to imply that you can >From docs/textdocs/DOMAIN.txt: Support is also not complete. Samba does not yet support the sharing of the Windows NT-style SAM database with other systems. However this is only one way of having a shared user database: exactly the same effect can be achieved by having all servers in a domain share a distributed NIS or Kerberos authentication database. but I can find no explanation of how this can be set up. Has someone implemented this? yuji ---- Yuji Shinozaki Systems Administrator yuji@physics.unc.edu Dept of Physics and Astronomy http://www.physics.unc.edu Univ. of North Carolina - CH (919)962-7214 (voice) CB 3255 Philips Hall (919)962-0480 (fax) Chapel Hill, NC 27599 From skirks at coxnet.org Tue Mar 30 16:30:34 1999 From: skirks at coxnet.org (Steven Kirks) Date: Tue Dec 2 02:25:58 2003 Subject: Lurker Message-ID: To All: I've been a learning lurker on this list, but felt it was time to be heard. I would like to thank all of the contributors and the responders on the list. Answers are quick, mostly accurate, and if they aren't, people apologize. This is one of the few lists I belong too that I can be proud of. Thanks to all, Steve Kirks Network Specialist Cox Health Systems Springfield, MO USA From dave at www.buffalostate.edu Tue Mar 30 16:31:53 1999 From: dave at www.buffalostate.edu (Dave J. Andruczyk) Date: Tue Dec 2 02:25:58 2003 Subject: off topic yet useful Message-ID: For those of you who don't have enough machinesto do netmon traces, you might want to consider using "VMware" to run windoze NT/98/95 under linux, to "save a machine". I have been able to very successfully get win95 installed under vmware, and have it logon to a samba domain, with full roving profiles. vmware supports running NTserver on the virtual machine, so it might be usefull to those developers who don't have a handy machine. vmware though is a bit of a resource hog, but performs quite well if you have at least a PII with 64 megs or more... Sorry for being so off topic. but this may be of an aid to developers.. its at www.vmware.com, and is in beta test.. Dave J. Andruczyk Instructional Support Associate Department of Technology Buffalo State College From lkcl at switchboard.net Tue Mar 30 16:58:16 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Login problems on solaris 2.5.1 with samba 2.0.3 In-Reply-To: <19990330154609883.AAA469@fubar02> Message-ID: ok. can you track this further, then, by finding the point at which the conversion process fails and you end up with "$" for the workstation name instead of "0127d$". check unistr2_to_ascii first. luke On Wed, 31 Mar 1999, Erik Duisters wrote: > > --Message-Boundary-17307 > Content-type: text/plain; charset=US-ASCII > Content-transfer-encoding: 7BIT > Content-description: Mail message body > > Hi, > > I'v tried this getpwnam out in a little c prog. it works fine. > > I've included a log.smb at level 10. In this trace you can see that > the machine name goes into the samba box ok, but then when > samba processes the rpc message, it gets lost. > > Erik. > > > -------------------------------------------------------------------------------------------------- > you have a bug in your OS which either truncates usernames to 8 > chars or > strips the $ off the end of accounts. this is a bug in getpwnam() > implementation. > > On Tue, 23 Mar 1999, Erik Duisters wrote: > > > Hi, > > > > I've installed samba 2.0.3 on a sparcstation 5 running solaris > 2.5.1. > > I've configured samba as a logon server, created account in > > smbpasswd etc. > > > > There is no problem in joining PC in the domain, but as soon as I > > want to log in, I get the error message: C00000078. > > > > Looking through the log files, I see the following message: > > > > rpc_server/srv_netlog.c:get_md4pw(266) > > get_md4pw: Workstation $: no account in domain > > > > When I run the same version of samba on Linux, everything > works. > > Does anybody have any ideas about this? > > > > Regards, > > > > Erik > > > > > --Message-Boundary-17307 > Content-type: text/plain; charset=US-ASCII > Content-transfer-encoding: 7BIT > Content-description: Text from file 'trace.txt' > > [1999/03/30 16:53:28, 3] smbd/ipc.c:(3264) > Got API command 0x26 on pipe "NETLOGON" (pnum 7019)api_fd_reply: p:134b78 file_offset: 1024 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000000 smb_io_rpc_hdr > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0000 major : 05 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0001 minor : 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0002 pkt_type : 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0003 flags : 03 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0004 pack_type : 00000010 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0008 frag_len : 005c > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 000a auth_len : 0000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 000c call_id : 00000001 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000010 smb_io_rpc_hdr_req req > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0010 alloc_hint: 00000044 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0014 context_id: 0000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0016 opnum : 0004 > [1999/03/30 16:53:28, 3] rpc_server/srv_pipe.c:(599) > Doing \PIPE\NETLOGON > [1999/03/30 16:53:28, 4] rpc_server/srv_pipe.c:(665) > api_rpc_command: api_netlog_rpc op 0x4 - api_rpc_command: NET_REQCHAL > [1999/03/30 16:53:28, 5] rpc_server/srv_netlog.c:(285) > api_net_req_chal(285): vuid 100 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000018 net_io_q_req_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0018 undoc_buffer: 00150f08 > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 00001c smb_io_unistr2 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 001c uni_max_len: 0000000a > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0020 undoc : 00000000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0024 uni_str_len: 0000000a > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) > 0028 buffer : \.\.A.L.X.T.M.0.8... > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 00003c smb_io_unistr2 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 003c uni_max_len: 00000006 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0040 undoc : 00000000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0044 uni_str_len: 00000006 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) > 0048 buffer : 0.1.2.7.D... > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 000054 smb_io_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) > 0054 data: 14 7f 93 5f 58 ff f2 01 > [1999/03/30 16:53:28, 10] passdb/passdb.c:(140) > search by name: $ > [1999/03/30 16:53:28, 10] passdb/smbpass.c:(45) > startsmbfilepwent: opening file /usr/local/samba/private/smbpasswd > [1999/03/30 16:53:28, 6] passdb/smbpass.c:(159) > getsmbfilepwent: skipping comment or blank line > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) > getsmbfilepwent: returning passwd entry for user 0127d$, uid 1004 > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) > getsmbfilepwent: returning passwd entry for user duistere, uid 1003 > [1999/03/30 16:53:28, 4] passdb/smbpass.c:(140) > getsmbfilepwent: end of file reached > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(306) > getsmbfilepwent: end of file reached. > [1999/03/30 16:53:28, 7] passdb/smbpass.c:(81) > endsmbfilepwent: closed password file. > [1999/03/30 16:53:28, 0] rpc_server/srv_netlog.c:(266) > get_md4pw: Workstation $: no account in domain > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(56) > net_reply_req_chal: 56 > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(43) > make_net_r_req_chal: 43 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000000 net_io_r_req_chal > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 000000 smb_io_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) > 0000 data: 00 00 00 00 00 00 00 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0008 status: c0000199 > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(64) > net_reply_req_chal: 64 > > --Message-Boundary-17307-- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Tue Mar 30 16:58:49 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Login problems on solaris 2.5.1 with samba 2.0.3 In-Reply-To: <19990330154609883.AAA469@fubar02> Message-ID: also try the latest cvs (BACK UP YOUR private/ DIRECTORY FIRST!) On Wed, 31 Mar 1999, Erik Duisters wrote: > > --Message-Boundary-17307 > Content-type: text/plain; charset=US-ASCII > Content-transfer-encoding: 7BIT > Content-description: Mail message body > > Hi, > > I'v tried this getpwnam out in a little c prog. it works fine. > > I've included a log.smb at level 10. In this trace you can see that > the machine name goes into the samba box ok, but then when > samba processes the rpc message, it gets lost. > > Erik. > > > -------------------------------------------------------------------------------------------------- > you have a bug in your OS which either truncates usernames to 8 > chars or > strips the $ off the end of accounts. this is a bug in getpwnam() > implementation. > > On Tue, 23 Mar 1999, Erik Duisters wrote: > > > Hi, > > > > I've installed samba 2.0.3 on a sparcstation 5 running solaris > 2.5.1. > > I've configured samba as a logon server, created account in > > smbpasswd etc. > > > > There is no problem in joining PC in the domain, but as soon as I > > want to log in, I get the error message: C00000078. > > > > Looking through the log files, I see the following message: > > > > rpc_server/srv_netlog.c:get_md4pw(266) > > get_md4pw: Workstation $: no account in domain > > > > When I run the same version of samba on Linux, everything > works. > > Does anybody have any ideas about this? > > > > Regards, > > > > Erik > > > > > --Message-Boundary-17307 > Content-type: text/plain; charset=US-ASCII > Content-transfer-encoding: 7BIT > Content-description: Text from file 'trace.txt' > > [1999/03/30 16:53:28, 3] smbd/ipc.c:(3264) > Got API command 0x26 on pipe "NETLOGON" (pnum 7019)api_fd_reply: p:134b78 file_offset: 1024 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000000 smb_io_rpc_hdr > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0000 major : 05 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0001 minor : 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0002 pkt_type : 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(111) > 0003 flags : 03 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0004 pack_type : 00000010 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0008 frag_len : 005c > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 000a auth_len : 0000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 000c call_id : 00000001 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000010 smb_io_rpc_hdr_req req > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0010 alloc_hint: 00000044 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0014 context_id: 0000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(125) > 0016 opnum : 0004 > [1999/03/30 16:53:28, 3] rpc_server/srv_pipe.c:(599) > Doing \PIPE\NETLOGON > [1999/03/30 16:53:28, 4] rpc_server/srv_pipe.c:(665) > api_rpc_command: api_netlog_rpc op 0x4 - api_rpc_command: NET_REQCHAL > [1999/03/30 16:53:28, 5] rpc_server/srv_netlog.c:(285) > api_net_req_chal(285): vuid 100 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000018 net_io_q_req_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0018 undoc_buffer: 00150f08 > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 00001c smb_io_unistr2 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 001c uni_max_len: 0000000a > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0020 undoc : 00000000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0024 uni_str_len: 0000000a > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) > 0028 buffer : \.\.A.L.X.T.M.0.8... > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 00003c smb_io_unistr2 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 003c uni_max_len: 00000006 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0040 undoc : 00000000 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0044 uni_str_len: 00000006 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(218) > 0048 buffer : 0.1.2.7.D... > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 000054 smb_io_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) > 0054 data: 14 7f 93 5f 58 ff f2 01 > [1999/03/30 16:53:28, 10] passdb/passdb.c:(140) > search by name: $ > [1999/03/30 16:53:28, 10] passdb/smbpass.c:(45) > startsmbfilepwent: opening file /usr/local/samba/private/smbpasswd > [1999/03/30 16:53:28, 6] passdb/smbpass.c:(159) > getsmbfilepwent: skipping comment or blank line > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) > getsmbfilepwent: returning passwd entry for user 0127d$, uid 1004 > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(258) > getsmbfilepwent: returning passwd entry for user duistere, uid 1003 > [1999/03/30 16:53:28, 4] passdb/smbpass.c:(140) > getsmbfilepwent: end of file reached > [1999/03/30 16:53:28, 5] passdb/smbpass.c:(306) > getsmbfilepwent: end of file reached. > [1999/03/30 16:53:28, 7] passdb/smbpass.c:(81) > endsmbfilepwent: closed password file. > [1999/03/30 16:53:28, 0] rpc_server/srv_netlog.c:(266) > get_md4pw: Workstation $: no account in domain > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(56) > net_reply_req_chal: 56 > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(43) > make_net_r_req_chal: 43 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(36) > 000000 net_io_r_req_chal > [1999/03/30 16:53:28, 6] rpc_parse/parse_prs.c:(36) > 000000 smb_io_chal > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(154) > 0000 data: 00 00 00 00 00 00 00 00 > [1999/03/30 16:53:28, 5] rpc_parse/parse_prs.c:(139) > 0008 status: c0000199 > [1999/03/30 16:53:28, 6] rpc_server/srv_netlog.c:(64) > net_reply_req_chal: 64 > > --Message-Boundary-17307-- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ===================================================================== Luke Kenneth Casson Leighton | Direct Dial : (678) 443-6183 Systems Engineer / ISS XForce Team | ISS Front Desk: (678) 443-6000 Internet Security Systems, Inc. | ISS Fax : (678) 443-6477 http://www.iss.net/ *Adaptive Network Security for the Enterprise* ISS Connect - International User Conference - May '99 ===================================================================== From lkcl at switchboard.net Tue Mar 30 17:03:37 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Kerberos authentication In-Reply-To: Message-ID: On Wed, 31 Mar 1999, Yuji Shinozaki wrote: > > Can you implement the Samba PDC to use KRB5 (or KRB4) authentication? only with modification of either KRB5, KRB4 or the modification of nt clients. none of these are practical. From lkcl at switchboard.net Tue Mar 30 17:06:42 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Lurker In-Reply-To: Message-ID: On Wed, 31 Mar 1999, Steven Kirks wrote: > To All: > > I've been a learning lurker on this list, but felt it was time to be heard. hi steve. > I would like to thank all of the contributors and the responders on the > list. Answers are quick, mostly accurate, and if they aren't, people > apologize. > > This is one of the few lists I belong too that I can be proud of. COOL! [key words: surprised proud warm fuzzy pleased] From sean at compu-aid.com Tue Mar 30 17:47:59 1999 From: sean at compu-aid.com (Sean E. Millichamp) Date: Tue Dec 2 02:25:58 2003 Subject: Kerberos authentication In-Reply-To: Message-ID: On Wed, 31 Mar 1999, Luke Kenneth Casson Leighton wrote: > On Wed, 31 Mar 1999, Yuji Shinozaki wrote: > > > > > Can you implement the Samba PDC to use KRB5 (or KRB4) authentication? > > only with modification of either KRB5, KRB4 or the modification of nt > clients. none of these are practical. I don't know if this is what you are referring to by modification of the NT clients but the University of Michigan's CITI group has written (or, is writing) a new GINA in an attempt to implement a PAM for Windows NT. They say they have both a Kerberos 4 and 5 module (among others). I don't know how usable it is or how available the source code is, but it might be worth looking into if you are trying to use NT in a Kerberos environment. I also don't know how this works with regard to network authentication. The only reason I even know about it is because some of my college buddies have worked at CITI in the last couple of years :). Anyway... all the infomation I could find (admittedly not much) is at: http://www.citi.umich.edu/projects/singlesignon/poster2.html I hope this helps. Best, Sean ------------------------------------------ Sean E. Millichamp, Consultant Ingematics - A Division of Compu-Aid, Inc. From lkcl at switchboard.net Tue Mar 30 18:10:06 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: Kerberos authentication In-Reply-To: Message-ID: On Tue, 30 Mar 1999, Sean E. Millichamp wrote: > On Wed, 31 Mar 1999, Luke Kenneth Casson Leighton wrote: > > > On Wed, 31 Mar 1999, Yuji Shinozaki wrote: > > > > > > > > Can you implement the Samba PDC to use KRB5 (or KRB4) authentication? > > > > only with modification of either KRB5, KRB4 or the modification of nt > > clients. none of these are practical. > > I don't know if this is what you are referring to by modification of the > NT clients yes. > but the University of Michigan's CITI group has written (or, is > writing) a new GINA in an attempt to implement a PAM for Windows NT. > They say they have both a Kerberos 4 and 5 module (among others). GINAs are not an appropriate place to provide alternative authentication. microsoft is fully aware of this and deliberately does not provide any information about the more appropriate API interface (the Local Security Authority) except if you pay them extortionate amounts of money and if they like the way that you smell. therefore, the only _public_ way to provide alternative authentication is to have a GINA that calls into MSGINA once you have "done your own thing" sufficient to fool MSGINA into thinking that the [Kerberos, NIS etc] user exists. From chiodi+ at pitt.edu Tue Mar 30 20:51:31 1999 From: chiodi+ at pitt.edu (John T Chiodi) Date: Tue Dec 2 02:25:58 2003 Subject: kerberos Message-ID: Hello all, Here at U of Pitt, we have an enviroment that uses afs with kerberos authentication. We would like to intergrate samba into our enviroment. Is it possible for a NT user get their AFS home dir via samba? If not what are the --with-krb4 and --with afs options for? I am having difficulty compiling the current cvs on a solaris 2.5 box. I keep getting an error on compilation of passdb/pass_check.o here is the error: Compiling passdb/pass_check.c passdb/pass_check.c: In function `afs_auth': passdb/pass_check.c:150: `KA_USERAUTH_VERSION' undeclared (first use in this function) passdb/pass_check.c:150: (Each undeclared identifier is reported only once passdb/pass_check.c:150: for each function it appears in.) passdb/pass_check.c:150: `KA_USERAUTH_DOSETPAG' undeclared (first use in this function) *** Error code 1 make: Fatal error: Command failed for target `passdb/pass_check.o' thanks _______________ Jt Chiodi Unix Administrator University of Pittsburgh chiodi@pitt.edu From laird at area.com Wed Mar 31 01:55:38 1999 From: laird at area.com (Alan Laird) Date: Tue Dec 2 02:25:58 2003 Subject: simple config request: samba PDC w/ NT4SP3 clients Message-ID: Hello, I am a bit confused as to the right way to configure the current tree to support what I want to do. 1) Use NIS+ database for user authentication 2) Map a directory upon logon. My environment is such that I do not have control of the nis+ server to go changing passwords via samba. I have read ENCRYPTION.txt and understand that both auth schemes are one way and so cannot be used to auth each other. This indicates to me that I need to set "encrypt passwords = no" to use the nis+ database. Unfortunately, when I set "encrypt passwords = no", nt4sp3 systems cannot join the domain. If I set "encrypt passwords = yes" then the machine can join but I am back into the divergent auth problem. I am assuming that I need to run samba as PDC (there are no domains here) to get a client to run a logon script to mount their home directory. Is there any way around this problem? Regards, Alan Laird -------------- Alan Laird alan@laird.net From kla24 at cam.ac.uk Tue Mar 30 23:56:16 1999 From: kla24 at cam.ac.uk (Kelly L. Anderson) Date: Tue Dec 2 02:25:58 2003 Subject: initial domain logon, from NT4.0 Message-ID: <370164A0.87F30EB3@cam.ac.uk> I've got a SGI Origen 200 running Samba 2.1.0-prealpha (IRIX 6.4) The problem is getting my NT workstatsion to make that initial connection to the PDC(Samba). I know I've been warned about trying to use this yet, but it would be really nice to get the 25 users able to work cross-platform with the same disk-space. Anyway, with debugging set to 18, this is what I get from log.keller (keller being NT box) >--------------------------------------------------------- [1999/03/31 00:51:34, 4] smbd/password.c:(345) Checking SMB password for user keller$ [1999/03/31 00:51:34, 5] smbd/password.c:(356) use last SMBnegprot challenge [1999/03/31 00:51:34, 4] smbd/password.c:(373) smb_password_ok: Checking NT MD4 password [1999/03/31 00:51:34, 4] smbd/password.c:(377) NT MD4 password check succeeded [1999/03/31 00:51:34, 0] smbd/reply.c:(450) session_trust_account: Domain trust account KELLER$ denied by server [1999/03/31 00:51:34, 3] smbd/error.c:(126) 32 bit error packet at line 452 cmd=115 (SMBsesssetupX) eclass=c0000198 [Error: Unknown error (152,49152)] [1999/03/31 00:51:34, 5] lib/util.c:(487) size=35 smb_com=0x73 smb_rcls=152 smb_reh=1 smb_err=49152 smb_flg=136 smb_flg2=16384 [1999/03/31 00:51:34, 5] lib/util.c:(495) smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=0 [1999/03/31 00:51:34, 5] lib/util.c:(510) smb_bcc=0 [1999/03/31 00:51:34, 6] lib/util_sock.c:(185) write_socket(6,39) [1999/03/31 00:51:34, 6] lib/util_sock.c:(188) write_socket(6,39) wrote 39 [1999/03/31 00:51:34, 10] lib/util_sock.c:(493) receive_smb: length < 0! [1999/03/31 00:51:34, 3] smbd/process.c:(806) end of file from client [1999/03/31 00:51:34, 2] smbd/server.c:(406) Closing connections [1999/03/31 00:51:34, 3] smbd/server.c:(431) Server exit (normal exit) >---------------------------------------------------- Password seems to check fine, it just gives some 32bit error junk. Samba is domain master, blah, blah, blah. I've been through all the readme files I could find. If there are any new developments or if someone could give me a pointer at what to try next, I'd be very grateful! Cheers Kelly -- ________________________________________ Kelly L. Anderson http://www.cus.cam.ac.uk/~kla24 ICQ: 29897477 Phone: (0)1223 502410 From laird at area.com Wed Mar 31 03:42:02 1999 From: laird at area.com (Alan Laird) Date: Tue Dec 2 02:25:58 2003 Subject: initial domain logon, from NT4.0 In-Reply-To: <370164A0.87F30EB3@cam.ac.uk> Message-ID: Kelly, Why are you running 6.4? Unless you have commercial apps that are not compatible with 6.5, you should really upgrade. 6.5.3 rocks! (6.5.x where x is the number of quarters it's been out) I really like 6.5 anyways. Alan On Wed, 31 Mar 1999, Kelly L. Anderson wrote: >I've got a SGI Origen 200 running Samba 2.1.0-prealpha (IRIX 6.4) > >The problem is getting my NT workstatsion to make that initial >connection to the PDC(Samba). I know I've been warned about trying to >use this yet, but it would be really nice to get the 25 users able to >work cross-platform with the same disk-space. > >Anyway, with debugging set to 18, this is what I get from log.keller >(keller being NT box) > >>--------------------------------------------------------- >[1999/03/31 00:51:34, 4] smbd/password.c:(345) > Checking SMB password for user keller$ >[1999/03/31 00:51:34, 5] smbd/password.c:(356) > use last SMBnegprot challenge >[1999/03/31 00:51:34, 4] smbd/password.c:(373) > smb_password_ok: Checking NT MD4 password >[1999/03/31 00:51:34, 4] smbd/password.c:(377) > NT MD4 password check succeeded >[1999/03/31 00:51:34, 0] smbd/reply.c:(450) > session_trust_account: Domain trust account KELLER$ denied by server >[1999/03/31 00:51:34, 3] smbd/error.c:(126) > 32 bit error packet at line 452 cmd=115 (SMBsesssetupX) >eclass=c0000198 [Error: Unknown error (152,49152)] >[1999/03/31 00:51:34, 5] lib/util.c:(487) > size=35 > smb_com=0x73 > smb_rcls=152 > smb_reh=1 > smb_err=49152 > smb_flg=136 > smb_flg2=16384 >[1999/03/31 00:51:34, 5] lib/util.c:(495) > smb_tid=0 > smb_pid=51966 > smb_uid=0 > smb_mid=0 > smt_wct=0 >[1999/03/31 00:51:34, 5] lib/util.c:(510) > smb_bcc=0 >[1999/03/31 00:51:34, 6] lib/util_sock.c:(185) > write_socket(6,39) >[1999/03/31 00:51:34, 6] lib/util_sock.c:(188) > write_socket(6,39) wrote 39 >[1999/03/31 00:51:34, 10] lib/util_sock.c:(493) > receive_smb: length < 0! >[1999/03/31 00:51:34, 3] smbd/process.c:(806) > end of file from client >[1999/03/31 00:51:34, 2] smbd/server.c:(406) > Closing connections >[1999/03/31 00:51:34, 3] smbd/server.c:(431) > Server exit (normal exit) >>---------------------------------------------------- > >Password seems to check fine, it just gives some 32bit error junk. > > >Samba is domain master, blah, blah, blah. I've been through all the >readme files I could find. If there are any new developments or if >someone could give me a pointer at what to try next, I'd be very >grateful! > >Cheers >Kelly > >-- >________________________________________ >Kelly L. Anderson >http://www.cus.cam.ac.uk/~kla24 >ICQ: 29897477 >Phone: (0)1223 502410 > -------------- Alan Laird alan@laird.net From lkcl at switchboard.net Wed Mar 31 03:49:03 1999 From: lkcl at switchboard.net (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:25:58 2003 Subject: initial domain logon, from NT4.0 In-Reply-To: <370164A0.87F30EB3@cam.ac.uk> Message-ID: kelly, follow the ntdomain FAQ instructions. On Wed, 31 Mar 1999, Kelly L. Anderson wrote: > I've got a SGI Origen 200 running Samba 2.1.0-prealpha (IRIX 6.4) > > The problem is getting my NT workstatsion to make that initial > connection to the PDC(Samba). I know I've been warned about trying to > use this yet, but it would be really nice to get the 25 users able to > work cross-platform with the same disk-space. > > Anyway, with debugging set to 18, this is what I get from log.keller > (keller being NT box) > > >--------------------------------------------------------- > [1999/03/31 00:51:34, 4] smbd/password.c:(345) > Checking SMB password for user keller$ > [1999/03/31 00:51:34, 5] smbd/password.c:(356) > use last SMBnegprot challenge > [1999/03/31 00:51:34, 4] smbd/password.c:(373) > smb_password_ok: Checking NT MD4 password > [1999/03/31 00:51:34, 4] smbd/password.c:(377) > NT MD4 password check succeeded > [1999/03/31 00:51:34, 0] smbd/reply.c:(450) > session_trust_account: Domain trust account KELLER$ denied by server ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ you have something _weird_ going on here, what you set the ACB bits to??????? this is an inter-domain trust account!!! the line in private/smbpasswd for keller$ should have [W ] not [I ]! From led at unter.encoding.com Wed Mar 31 05:27:54 1999 From: led at unter.encoding.com (Lawrence Doan) Date: Tue Dec 2 02:25:58 2003 Subject: initial domain logon, from NT4.0 In-Reply-To: <370164A0.87F30EB3@cam.ac.uk> Message-ID: <199903310527.FAA08721@unter.encoding.com> Did you use mksmbpasswd.sh? If so, *don't!* Isn't worth a hill of beans. I always use smbpasswd -a to add users (after they are in the NIS or /etc/passwd) and smbpasswd -a -m to create machine accounts. From johanh at fusion.kth.se Wed Mar 31 07:25:29 1999 From: johanh at fusion.kth.se (Johan Hedin) Date: Tue Dec 2 02:25:59 2003 Subject: kerberos In-Reply-To: Message-ID: On Wed, 31 Mar 1999, John T Chiodi wrote: > We would like to intergrate samba into our enviroment. Is it possible > for a NT user get their AFS home dir via samba? > Yes, it should be. You will however need to enable clear text passwords on NT, or get an AFS client for NT. > > If not what are the --with-krb4 and --with afs options for? The --with-krb4 is just clear text password validation against a Kerberos 4 server instead of /etc/(passwd|shadow). It can be modified to also get an AFS ticket. Look at the example at ftp://ftp.pdc.kth.se/pub/krb/src/xdm.patch. You'll need to add the part if(k_hasafs()){ ... } This should work against the KTH Kerberos 4 distribution. /Johan Hedin > > I am having difficulty compiling the current cvs on a solaris 2.5 box. > > I keep getting an error on compilation of passdb/pass_check.o > > here is the error: > > Compiling passdb/pass_check.c > passdb/pass_check.c: In function `afs_auth': > passdb/pass_check.c:150: `KA_USERAUTH_VERSION' undeclared (first use > in this function) > passdb/pass_check.c:150: (Each undeclared identifier is reported only > once > passdb/pass_check.c:150: for each function it appears in.) > passdb/pass_check.c:150: `KA_USERAUTH_DOSETPAG' undeclared (first use > in this function) > *** Error code 1 > make: Fatal error: Command failed for target `passdb/pass_check.o' > > > thanks > > _______________ > > > Jt Chiodi > Unix Administrator > University of Pittsburgh > chiodi@pitt.edu > From cartegw at Eng.Auburn.EDU Wed Mar 31 13:57:26 1999 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:25:59 2003 Subject: initial domain logon, from NT4.0 References: <370164A0.87F30EB3@cam.ac.uk> Message-ID: <370229C6.F2237F59@eng.auburn.edu> Kelly L. Anderson wrote: > > [1999/03/31 00:51:34, 0] smbd/reply.c:(450) > session_trust_account: Domain trust account KELLER$ denied by server ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Did you add the trust account (smbpaswd -a -m )? cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) ======================================================================== See the NT Domain FAQ linked off the documentation page at any one the mirrors for http://samba.org ======================================================================== From simar at gmx.net Wed Mar 31 17:18:49 1999 From: simar at gmx.net (Omar Siam) Date: Tue Dec 2 02:25:59 2003 Subject: Problems compiling (linking) cvs Message-ID: <370258F9.23702348@gmx.net> Please look at the attachment (no virus, something wrong with mozilla 4.51 can't cut and paste) Thats what I get when I try to compile the cvs and I tried several times. Did I miss(configure) something ? Is this a samba-function ? Did you dear samba team forget something ? I'd like to test the latest samba prealpha but as you see it does'nt compile. My linux box is a tuned S.u.S.E Linux with home made glibc 2.0.6 and kernel 2.2.4 and does'nt work too well at all. In general I'd like to thank the samba team for this great peace of software btw I don't want to try a Microsoft prealpha. An older cvs works very well for me. -------------- next part -------------- smbd/password.o: In function `check_user_equiv': smbd/password.o(.text+0x16d8): undefined reference to `yp_get_default_domain' lib/username.o: In function `user_in_netgroup_list': lib/username.o(.text+0x4f6): undefined reference to `yp_get_default_domain' lib/access.o: In function `string_match': lib/access.o(.text+0x10e): undefined reference to `yp_get_default_domain'