From zen at sprynet.com Sat Apr 1 05:04:54 2000 From: zen at sprynet.com (John Cusick) Date: Tue Dec 2 02:29:12 2003 Subject: Samba PDC - Can't Login to Domain Message-ID: <38E58375.8D73F48F@sprynet.com> I recently added a Windows 2000 Pro workstation to network so download TNG alpha-1.6, compiled and installed it on PDC Suse Linux 6.2 system. This PDC was functioning successfuly with TNG code download January 23, 2000. NT 4.0 (SvcPack 6a) workstations have now lost ability to connect to domain. Successfully created machine account for new W2K workstation, but cannot authenticate to domain. Results of samedit: samedit -S \. added interface ip=x.x.x.x broadcast=x.x.x.x network=x.x.x.x Enter password: Create user username socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: xxx Name: username ACB:[U ] socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: OK Assumed the above was good. Checked smbpasswd file and found user was added with no password. When attempting to login from the W2K workstation, receive the following: Your computer could not be joined to the domain because the following error occurred: The specified network password is not correct. Suggestions? From mmbrich at ductamerica.com Sat Apr 1 07:10:40 2000 From: mmbrich at ductamerica.com (Matthew Brichacek) Date: Tue Dec 2 02:29:12 2003 Subject: two samba servers In-Reply-To: <004a01bf9a2b$67fbf520$0302a8c0@SAMBA> References: <00032913225500.05410@comp03.binary.net> <004a01bf9a2b$67fbf520$0302a8c0@SAMBA> Message-ID: <00040101175101.00763@comp03.binary.net> Hello all, I was messing with this a bit more. I was able to get most everything working but i downloaded samba 2.0.6 and i am still unable to get the printers working. Also the only way to get the new 2.0.6 setup to authenticate is through a smbpasswd file, i was thinking that it would use TNG to authenticate. I set the password server = TNGPDC in smb.conf and have tried access = user and domain and neither work without a smbpasswd = entry i even have machine$ accounts in all the smbpasswd files and this still wouldn't work. Is there something i am overlooking? When i tried to print to the printer windows would give me a "cannot access the printer due to an unknown error. Restart and try again ya ya ya.. windows can't handle this ya ya ya, the printer will be set offline" Anyone seen this? i saw no changes in the error logs and nothing came up in the printer folder, i noticed that TNG printing would make it all the way to the spool but not quite past that. Let me know if i need to include configs or just look in the previous posts, they should all be pretty similar Thanks Matthew From snail_talk at yahoo.com Sat Apr 1 11:21:51 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:12 2003 Subject: problem with adding computer to domain In-Reply-To: <38E4ED22.D9A30742@starofthesea.pvt.k12.or.us> Message-ID: <000201bf9bcc$7a4921b0$0200000a@workstation1> yo! > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Anthony L. Sollars > Sent: Saturday, April 01, 2000 3:05 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Compilation problems on Mandrake 7.0 > > > > Dear Geoff, > > Not to put down MAndrake but the four different occassions > I have used > this distribution have always resulted in problems. In the end the ehh..i'm not using 7.0 i actually have 6.0 here, but impure ...because of all the cooker updates... but still it's strange that this problem should happen. my MAIN concern is that when my ppp0 interface is up (yeh, i should know better, but at least my block my ports with ipchains.) when i tried to add a computer to the domian it fails with cannot update local security ont eh nt box. when i ifdown ppp0 then everything works great again? yes i'm having compilation problems but this is the ntdom list ... > problems were always alleviated by switching to RedHat or SLackware. > Many have agreed that Mandrake is a buggy distribution. Of course this > is my opinion from my own experiences. I had the same compile problems > when installing samba 2.0.6 on a mandrake 7.0 box, I switched to RedHat only the core of redhat is stable IMHO. :-) Geoff. > 6.1, and it compiled without a problem. Hope this helps. > > > Sincerely, > > _____________________________________________________________ > > Anthony L. Sollars > Technology Coordinator/Computer Teacher > Star of the Sea School > 1411 Grand Avenue Astoria, Or 97103 > (503) 325-3771 > sollarsa@starofthesea.pvt.k12.or.us > http://www.starofthesea.pvt.k12.or.us > > --Never Argue with a Fool,. > --They bring you down to their level and beat you with Experience. > _____________________________________________________________ > From dominik.kubla at uni-mainz.de Sat Apr 1 11:47:33 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:12 2003 Subject: two samba servers? In-Reply-To: <20000329095403.A4496@uni-mainz.de>; from Dominik Kubla on Wed, Mar 29, 2000 at 05:54:52PM +1000 References: <20000329095403.A4496@uni-mainz.de> Message-ID: <20000401134733.F4301@uni-mainz.de> On Wed, Mar 29, 2000 at 05:54:52PM +1000, Dominik Kubla wrote: > I thought so too but it does not work, at least not with 2.0.5. smbd > will happily complain about an already running process despite the fact > that i had defined different lock directories! Maybe i am dense, but > i never got it going... (I tried this to solve my "public flag is ignored > if domain authentication is used" problem.) I wonder what i did wrong the first time... now it works. ARGH!!!! Dominik -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From peter at cadcamlab.org Sat Apr 1 14:17:37 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:12 2003 Subject: Ports References: <00b101bf9516$0b8ad410$d22befcf@weiinc.com> <38DA9CC2.77904C70@xavier.sa.edu.au> <38DD1037.FB1B08E5@kneschke.de> <38DF1CA6.9BDD758F@ic.ac.uk> <38DF80E3.A55520BF@gmx.net> Message-ID: <14566.1143.453825.476303@wire.cadcamlab.org> [Omar Siam] > Can anyone explain me what this NetBIOS-less SMB is ? > Which of the daemons provides it ? It's a Windows2000ism. It simplifies the protocol a little at the expense of some features. I don't understand too much more than that. In particular, I don't know what advantages, if any, it has over regular SMB. Anyway, smbd provides it. Peter From JasonJensen at Home.com Sat Apr 1 14:32:58 2000 From: JasonJensen at Home.com (Jason) Date: Tue Dec 2 02:29:12 2003 Subject: Acting as PDC References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4703C@xcgmd008.md.essd.northgrum.com> Message-ID: <38E6089A.33582398@Home.com> Yes.. lets store everything about our network in ONE ARRAY.. that sounds like a good idea! "Cole, Timothy D." wrote: > > -----Original Message----- > > From: Panagiotis Malakoudis [SMTP:pmal@space.gr] > > Sent: Wednesday, March 29, 2000 0:41 > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: Acting as PDC > > > > I'll be damned!!! > > It actualy worked. > > do you have any idea why this happens? Why can't you have the same netbios > > name as the workgroup name? > > > Because the Microsoft World has a flat namespace, and an even > flatter in NetBIOS Land. In NetBIOS, users, servers, workgroups and more > all exist in the same namespace. From paulnoah at noah.cnchost.com Sat Apr 1 22:01:30 2000 From: paulnoah at noah.cnchost.com (Paul Noah) Date: Tue Dec 2 02:29:12 2003 Subject: TNG 1.6 - success! In-Reply-To: <38E4B7C7.B956AA25@siac.com> Message-ID: <4.2.0.58.20000401164725.01643d00@pop3.noah.cnchost.com> At 04:54 PM 4/1/2000 +1000, Michael Breuer wrote: >With 1.6 I can now join W2K systems to the domain... usrmgr works... >overall this seems to be a great vintage. Can you share your secrets? When I try to join I get W2K saying "The credentials supplied conflict with an existing set of credentials." I stop the services. Delete everything in var. Nothing appears in the logs Also smbpasswd still gives a core dump usrmgr will administer the domain but will not create users printing doesn't work SMB.CONF [global] workgroup = MYDOMAIN #netbios name = Not Used server string = SambaTNG 1.6 encrypt passwords = Yes security = user smb passwd file = /etc/smbpasswd #following has root=Administrator domain user map = /etc/domainuser.map log level = 2 log file = /opt/samba/log/log.%m max log size = 50 #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY domain logons = Yes os level = 65 preferred master = True local master = yes domain master = True wins support = Yes guest account = nobody admin users = root interfaces = 192.168.0.11/24 hosts allow = localhost, 192.168.0.0/255.255.255.0 printcap name = /etc/printcap load printers = yes min print space = 2000 time server = yes vfs option = [netlogon] comment = Domain logon service path = /opt/samba/netlogon browseable = No [homes] comment = Home Directories read only = No create mask = 0755 browseable = No writable = yes [public] path = /home/samba/data guest account = nobody admin users = read only = No guest ok = Yes [profile] path = /opt/samba/profile read only = No [printers] browseable = no comment = Printers in printcap guest ok = no path = /var/spool/samba read only = no print ok = yes From iulica at dntis.ro Sat Apr 1 22:16:37 2000 From: iulica at dntis.ro (Iulian Ciorascu) Date: Tue Dec 2 02:29:12 2003 Subject: TNG 1.6 - success! In-Reply-To: <4.2.0.58.20000401164725.01643d00@pop3.noah.cnchost.com> Message-ID: On Sun, 2 Apr 2000, Paul Noah wrote: > At 04:54 PM 4/1/2000 +1000, Michael Breuer wrote: > >With 1.6 I can now join W2K systems to the domain... usrmgr works... > >overall this seems to be a great vintage. > > > Can you share your secrets? When I try to join I get W2K saying > > "The credentials supplied conflict with an existing set of credentials." It said the same message to me but after a W2K reboot it worked without any problem. > I stop the services. Delete everything in var. Nothing appears in the logs > > Also > > smbpasswd still gives a core dump > > usrmgr will administer the domain but will not create users > > printing doesn't work printing doesn't work for me too. But that's a minor problem for me now that I could join W2K to domain ;-). I use a Samba 2.0.5 domain member for printing. Iulian Ciorascu Networking & Communications Department Dynamic Network Technologies Iasi, Romania Phone: +40-32-252938 Fax: +40-32-252933 http://www.dntis.ro/ From neonatus at gimp.thz.net Sat Apr 1 22:26:02 2000 From: neonatus at gimp.thz.net (Bostjan Muller) Date: Tue Dec 2 02:29:12 2003 Subject: NT network, without a domain? Message-ID: <20000402002602.A3310@gimp.thz.net> Hi! I was just reading your mail when I found this. You claim that samba 2.x is capable of handeling of NT workstations logging onto a samba domain?? This is exactly what I want, but havent been able to do so at all :( I have an win NT 4.0 sp5 and a win98 client accessing a samba server on slack 7. I have never ever been able to make NT work with samba as PDC, or to log on to domain as an Administrator from NTwks4sp5 box. Win98 does everything OK. I tried samba 2.0.5, 2.0.6, some recent CVS (pre3 versin), and samba-tng that is currently running there. I would like to use file and printer services on samba from NT, logged on to domain. Can you please advise me which version of samba to compile for this task. Could you please tell me at least the beasics that I have to set up in [general] in smb.conf, since my configs have never made things work. I would really apreciate your help! THX in advance! Bostjan * On 31-03-00 at 13:11 Matthew Geddes (mgeddes@xavier.sa.edu.au) wrote: +----Here quoted text begins----+ [...] > > TNG is the best for Windows NT, but still has some issues. Samba 2.x is > good for Win9x and can control a Domain consisting of NT workstations. > [...] +----and here the quote ends----+ From peter at cadcamlab.org Sun Apr 2 05:23:12 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:12 2003 Subject: TNG "no locking available" error, HP/UX References: <20000330060350Z13078268-3940+3425@samba.org> Message-ID: <14566.54951.547217.596133@wire.cadcamlab.org> [nazard@dragoninc.on.ca] > But this should be a runtime test. Have you tried it? Try it. It's not just one test. There are many locking schemes in use on Unix and the Samba configure tries several. Some might not even link. Some might link but not work correctly due to NFS or whatnot. Samba tries to find one that will actually work. This is not easy stuff to do at runtime. > This isn't going to help joe user who installs an RPM, and points it > to /nfs_share. So now you're suggesting not only doing this at runtime, but repeating it in every directory you access? Perhaps you want to maintain a cache of (*lock_file)() pointers, one for each unique mount point? Once again. If you think it's feasible, try it. *I*'m not writing such a beast, and I'm guessing neither are any of the Samba maintainers. > I also seem to remember something about an OS which when doing > locking of NFS, only locked the file locally. It'll pass the test, > but fail the run . Yeah, and in that case there is very little you could do to detect much less prevent the situation. Either at compile time or at runtime. So you put out a BFW and let the users, who aren't stupid[*], make sure it doesn't bite them. [*] Some are. I know. I work in a training center. Possibly most users are stupid. But there's no excuse for stupid administrators. Anyone who puts software to important uses deserves anything he gets for not reading the release notes. Peter From nazard at dragoninc.on.ca Sun Apr 2 05:51:04 2000 From: nazard at dragoninc.on.ca (nazard@dragoninc.on.ca) Date: Tue Dec 2 02:29:12 2003 Subject: TNG "no locking available" error, HP/UX In-Reply-To: <14566.54951.547217.596133@wire.cadcamlab.org> Message-ID: <20000402055117Z13353321-27273+4720@samba.org> On 2 Apr, Peter Samuelson wrote: > [nazard@dragoninc.on.ca] >> But this should be a runtime test. > > Have you tried it? Try it. It's not just one test. There are many > locking schemes in use on Unix and the Samba configure tries several. > Some might not even link. Some might link but not work correctly due > to NFS or whatnot. Samba tries to find one that will actually work. > > This is not easy stuff to do at runtime. I know. I've done it. The issue I had was that the test wasn't really worth anything. It was testing if locking worked in the local directory. It wasn't testing for locking functions available in the OS. There wasn't an option to disable or redirect the test. If the test was meant to prevent running samba without locking, it wasn't doing it's job. It was preventing people from compiling samba without locking >> This isn't going to help joe user who installs an RPM, and points it >> to /nfs_share. > > So now you're suggesting not only doing this at runtime, but repeating > it in every directory you access? Perhaps you want to maintain a cache > of (*lock_file)() pointers, one for each unique mount point? Once > again. If you think it's feasible, try it. *I*'m not writing such a > beast, and I'm guessing neither are any of the Samba maintainers. The directories we were interesting in were samba specific (i.e. private/ & var/locks). >> I also seem to remember something about an OS which when doing >> locking of NFS, only locked the file locally. It'll pass the test, >> but fail the run . > > Yeah, and in that case there is very little you could do to detect much > less prevent the situation. Either at compile time or at runtime. So > you put out a BFW and let the users, who aren't stupid[*], make sure it > doesn't bite them. That's why I suggested allowing the user to specify the directory to test, a security document, and if someone was feeling bored, possibly a program to check the implementation, possibly an extension to testparm. > > [*] Some are. I know. I work in a training center. Possibly most > users are stupid. But there's no excuse for stupid administrators. > Anyone who puts software to important uses deserves anything he > gets for not reading the release notes. Which isn't going to stop some stupid media article from pointing out all the many samba "security" flaws. You know, I know, but the clients I work with haven't a clue -- Doug Nazar Dragon Computer Consultants Inc. Tel: (416) 708-1578 Fax: (416) 708-8081 From simar at gmx.net Sun Apr 2 13:07:16 2000 From: simar at gmx.net (Omar Siam) Date: Tue Dec 2 02:29:12 2003 Subject: Make a PDC for NT References: <00033101105000.00440@nanar> Message-ID: <004301bf9ca4$5f8b0860$0200a8c0@simarnet.dhs.org> This part of the code is in heavy development and AFAIK not very useful at the moment. If you want to try, you have to get the SAMBA_TNG tree via cvs. Please read the FAQ on www.kneschke.de/projekte/samba_tng . ----- Original Message ----- From: "Olivier Thauvin" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Saturday, April 01, 2000 9:13 AM Subject: Make a PDC for NT > I have a Mandrake 7.0 using samba 2.0.6 and i'm using it as Domain logon. These > work fine with client Win98 but I can access to the server with Win 2k but > never login on domain, when i configure the domain it answer the domain is no > accessible. > > How configure samba to doing a PDC for NT client ? Thinks > > What is tng in samba-tng ? > From simar at gmx.net Sun Apr 2 13:20:14 2000 From: simar at gmx.net (Omar Siam) Date: Tue Dec 2 02:29:12 2003 Subject: Win NT/2000 memory Message-ID: <005c01bf9ca6$2e8e5fd0$0200a8c0@simarnet.dhs.org> I tried to setup a samba PDC (samba-tng-alpha 1.3) recently. I don't know why, but I changed the name of my server therfore. Then I did something completele stupid and restricted the interfaces which the server respondes to to localhost (after that of course I couldn't log on) After that I fooled arround and deleted the sids and renamed the server back to its original name. Now everytime i try to join the domain with my german NT 4.0 sp6 Windows can't find the domain-controller (servermanager can, samedit, rpcclient too). Does Windows remember which computer is was the PDC ? Is this error caused by sth. completely different ? Thanks for any help. -------------- next part -------------- HTML attachment scrubbed and removed From jffolliott at home.com Sun Apr 2 19:19:35 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:12 2003 Subject: Samba PDC - Can't Login to Domain In-Reply-To: <38E58375.8D73F48F@sprynet.com> Message-ID: Yes, use 'createuser -p ' I believe by default creatuser will create the account and set it as disabled, unless you use -p to set a password. Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > John Cusick > Sent: April 1, 2000 2:17 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Samba PDC - Can't Login to Domain > > > I recently added a Windows 2000 Pro workstation to network so download > TNG alpha-1.6, compiled and installed it on PDC Suse Linux 6.2 system. > This PDC was functioning successfuly with TNG code download January 23, > 2000. > > NT 4.0 (SvcPack 6a) workstations have now lost ability to connect to > domain. Successfully created machine account for new W2K workstation, > but cannot authenticate to domain. > > Results of samedit: > > samedit -S \. > added interface ip=x.x.x.x broadcast=x.x.x.x network=x.x.x.x > Enter password: > Create user username > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > SAM Create Domain User > Domain: xxx Name: username ACB:[U ] > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > Create Domain User: OK > > Assumed the above was good. Checked smbpasswd file and found user was > added with no password. When attempting to login from the W2K > workstation, receive the following: > > Your computer could not be joined to the domain because the following > error occurred: > > The specified network password is not correct. > > Suggestions? > From mendes at mgconecta.com.br Sun Apr 2 20:31:24 2000 From: mendes at mgconecta.com.br (mendes) Date: Tue Dec 2 02:29:12 2003 Subject: [newbie]: Samba as a server for Win98 PCS Message-ID: <00040217404803.00826@armagedon> Hello I do apologize for sending a newbie question but I need to know for sure if what I am planning is worth spending the time. I have 12 Win98 PCs with public IPs connected to the Internet. I want: 1) Turn one of the PCs to a linux box with samba. 2) That the linux PC provides login access to the other PCs. (I want to eliminate the possibility of the users log in a Win98 PC and wreck the file-system and software). 3) That the linux PC controls all hard disks (12) and allocates quotas for each users. 4) That the linux PC have a share with all software (Windows 98 software) needed in the network. 5) That Samba is only seen by the 12 PCs and close for the rest the world. 6) That Linux-samba grants or not access to the Internet. Could someone tell me if the above is possible and how to do it? Specific documentation and how to setup samba-linux-windows98 would be great. Thanks a lot for your patience and help. Regards Eduardo From dcox at coxnetwork.com Sun Apr 2 20:51:16 2000 From: dcox at coxnetwork.com (Duane Cox) Date: Tue Dec 2 02:29:12 2003 Subject: problem with homes share and long user names Message-ID: <200004021551.AA59048176@mail.coxnetwork.com> Hello I have been using the samba 2.05a package on Red Hat linux 6.1 I am not sure if this is a windows NT or samba issue, but the homes share for a user like administrator (characters =>13) then the windows NT machine when trying to access this share results in the error with network path not found... I know this must be a common problem.. If the user name =< 12 characters, then things work fine.. Is there a way to get around this? Duane Cox dcox@coxnetwork.com From peter at cadcamlab.org Sun Apr 2 23:06:51 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:12 2003 Subject: TNG "no locking available" error, HP/UX References: <14566.54951.547217.596133@wire.cadcamlab.org> <200004020548.XAA37998@zeus.cadcamlab.org> Message-ID: <14567.53646.72885.994711@wire.cadcamlab.org> [nazard@dragoninc.on.ca] > The issue I had was that the test wasn't really worth anything. It > was testing if locking worked in the local directory. It wasn't > testing for locking functions available in the OS. There wasn't an > option to disable or redirect the test. OK, redirecting the test sounds actually sensible. Disabling or overriding it, maybe. [me] > > So now you're suggesting not only doing this at runtime, but > > repeating it in every directory you access? Perhaps you want to > > maintain a cache of (*lock_file)() pointers, one for each unique > > mount point? > The directories we were interesting in were samba specific (i.e. > private/ & var/locks). Ah. I was under the impression Samba still used Unix locking to provide SMB locking. I know Tridge wants to move away from that and do interal-only locking using tdb, but I thought we weren't there yet. > possibly a program to check the implementation, possibly an extension > to testparm. That too makes sense. > > Anyone who puts software to important uses deserves anything he > > gets for not reading the release notes. > Which isn't going to stop some stupid media article from pointing out > all the many samba "security" flaws. You know, I know, but the > clients I work with haven't a clue Peter From snail_talk at yahoo.com Mon Apr 3 01:46:06 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:13 2003 Subject: NT network, without a domain? In-Reply-To: <20000402002602.A3310@gimp.thz.net> Message-ID: <000401bf9d0e$6098c1b0$0200000a@workstation1> Hi, > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Bostjan Muller > Sent: Sunday, April 02, 2000 6:27 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: NT network, without a domain? > > > Hi! > > I was just reading your mail when I found this. You claim that > samba 2.x is > capable of handeling of NT workstations logging onto a samba > domain?? This is it is. 2.0.x where x >= 3 has basic nt pdc capability. i.e. logging onto domain. > exactly what I want, but havent been able to do so at all :( I > have an win NT > 4.0 sp5 and a win98 client accessing a samba server on slack 7. I > have never > ever been able to make NT work with samba as PDC, or to log on to > domain as an > Administrator from NTwks4sp5 box. Win98 does everything OK. I tried samba > 2.0.5, 2.0.6, some recent CVS (pre3 versin), and samba-tng that > is currently > running there. I would like to use file and printer services on > samba from NT, > logged on to domain. > > Can you please advise me which version of samba to compile for this task. if you need nt pdc functionality, you can use the stable branch, or you can use a mixture of the head and tng branch. just the head branch won't do, since they don't have NT PDC support there. > Could you please tell me at least the beasics that I have to set up in > [general] in smb.conf, since my configs have never made things work. > i'm guessing that you forgot to create a machien account for hte ntbox ...win9x and nt domain logons are different. > I would really apreciate your help! > > THX in advance! > > Bostjan > * On 31-03-00 at 13:11 Matthew Geddes (mgeddes@xavier.sa.edu.au) wrote: > +----Here quoted text begins----+ > [...] > > > > TNG is the best for Windows NT, but still has some issues. Samba 2.x is > > good for Win9x and can control a Domain consisting of NT workstations. > > > [...] > +----and here the quote ends----+ > From peter at cadcamlab.org Mon Apr 3 01:33:19 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:13 2003 Subject: Compilation problems on Mandrake 7.0 References: <38E3F04B.9C5C70A6@cs.ucsb.edu> Message-ID: <14567.62103.177001.618740@wire.cadcamlab.org> [Geoff Davis] > Compiling rpcclient/rpcclient.c > rpcclient/rpcclient.c: In function `main': > rpcclient/rpcclient.c:770: Internal compiler error in > `build_insn_chain', at global.c:1756 > Please submit a full bug report. > See for > instructions. > make: *** [rpcclient/rpcclient.o] Error 1 > Uhhh, is that bad? Yes. gcc should never get an "internal compiler error", *ever*. Sometimes it is buggy code that triggers these, but even if so, it still means gcc has a bug. Either that or your system is flaky (bad RAM, bad motherboard, etc). If the latter, your bug will not be reproducible -- gcc may still bomb out but it will be in a different place each time you try. In the past, I know Mandrake has shipped pgcc instead of regular gcc. I don't know if they still do. pgcc augments gcc with a lot of optimizations for Pentia, and although it *does* generate faster code, some releases have been quite buggy. This is why people are advising you to try a non-Mandrake system. Alternatively, just build your own gcc. (I say that rather than "get a gcc rpm from e.g. Red Hat" because the latter might or might not integrate smoothly into your system.) Peter From ed at schernau.com Mon Apr 3 01:51:20 2000 From: ed at schernau.com (Ed Schernau) Date: Tue Dec 2 02:29:13 2003 Subject: porting samba Message-ID: <38E7F918.C1863685@schernau.com> Any work going on to port samba to Win32? Probably be a heck of a lot more stable than native, ever-rebooting out-of-the-box MS networking... From doshea at slategroup.com Mon Apr 3 02:50:48 2000 From: doshea at slategroup.com (Dave O'Shea) Date: Tue Dec 2 02:29:13 2003 Subject: unsubscribe Message-ID: <001e01bf9d17$6bfe4da0$0b83dece@dimwit> Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2866 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000402/9658fa75/smime.bin From Richard.X.Wertheim at kp.org Mon Apr 3 03:11:03 2000 From: Richard.X.Wertheim at kp.org (Wertheim,Richard X) Date: Tue Dec 2 02:29:13 2003 Subject: Help Starting SAMBA Message-ID: <1CFF5DB65591D311997400805FBEF45011C05B@annd-exch-1.ca.kp.org> I'm trying to start SMBD and as easy as that seems I can't do it. I've tried putting the full path to where it is with -D option in my rc file and it won't start. I've tried putting it in rc.local and it won't start. I can go to the dir and type smbd -D and it runs but I can't get it to run on start up. When i do a ps -aux i can see part of the path that leads to where smbd is but it doesn't finish with smbd -D it just looks like it looked there and didn't finish. Am I doing something wrong? From lkcl at samba.org Mon Apr 3 04:29:59 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:13 2003 Subject: TNG 1.6 - success! Message-ID: Michael, this is a standard issue that you will have regardless of the type of PDC (samba, nt, cascade, as/u etc etc). you already have a preexisting connection from the wks to the PDC, which you will have to terminate. for example, you may have a share-view open on the PDC: you will have to close it. for example, if you do a net view, it may show connections open to the PDC: you will have to net use \\pdc\share /del them. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pmal at space.gr Mon Apr 3 07:11:58 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:13 2003 Subject: Execution of login script References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4703C@xcgmd008.md.essd.northgrum.com> Message-ID: <00ae01bf9d3b$e708ad00$0602000a@space.gr> Dear friends, I was wondering if there is any way of "hiding" the dos window that shows the output of the logon script. I searched numberous bulletin boards as well as the OReilly book but nothing was mentioned. Any help would be much appreciated. Panagiotis From schapiro at clerk.pi.huji.ac.il Mon Apr 3 07:47:11 2000 From: schapiro at clerk.pi.huji.ac.il (Schlomo Schapiro) Date: Tue Dec 2 02:29:13 2003 Subject: Execution of login script In-Reply-To: <00ae01bf9d3b$e708ad00$0602000a@space.gr> Message-ID: Hi, MS has a login script language called kixstart. You can try to use it. Schlomo On Mon, 3 Apr 2000, Panagiotis Malakoudis wrote: > Dear friends, > > I was wondering if there is any way of "hiding" the dos window that shows > the output of the logon script. > I searched numberous bulletin boards as well as the OReilly book but nothing > was mentioned. > Any help would be much appreciated. > > Panagiotis > -- Schlomo Schapiro Computation Authority Hebrew University of Jerusalem Tel: ++972 / 2 / 65-84404 email: schapiro@clerk.pi.huji.ac.il From jffolliott at home.com Mon Apr 3 07:53:19 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:13 2003 Subject: Execution of login script In-Reply-To: <00ae01bf9d3b$e708ad00$0602000a@space.gr> Message-ID: Yes, just comment out the line "logon script = " in your smb.conf to completely disable the login script. Of if you want the login script (idea just off the top of my head, but should work), change the parameter from "logon script = logon.bat" to "logon script = logon.lnk" and create a windows shortcut (name it logon.lnk) which has the target \\PDC\netlogon\logon.bat and set the "Run:" property of logon.lnk to "Minimized". cheers, Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On > Behalf Of Panagiotis Malakoudis > Sent: April 3, 2000 3:15 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Execution of login script > > > Dear friends, > > I was wondering if there is any way of "hiding" the dos window that shows > the output of the logon script. > I searched numberous bulletin boards as well as the OReilly book > but nothing > was mentioned. > Any help would be much appreciated. > > Panagiotis > > From lajbi at lajli.gau.hu Mon Apr 3 08:02:12 2000 From: lajbi at lajli.gau.hu (Lajber Zoltan) Date: Tue Dec 2 02:29:13 2003 Subject: samba-cvs questions In-Reply-To: Message-ID: Hi, I have two small questions about samba-cvs (not TNG) 1: when I try to compile the recent version, I get: In file included from lib/util_unistr.c:1032: include/unicode_map_table.h:35687: virtual memory exhausted make: *** [lib/util_unistr.o] Error 1 The machine has 64M ram + 64M swap, but if I put some more swap, I get same. Standard debina/slink Linux on Pentium. 2, The printing form NT4 don't work with prev. cvs which I have (I got it a few month ago). When I browsing on "connect to network printer", after one click I don't get the printer status. On a bigger debug level I see some error: smbd try to access NT_printer_hpdj file. I didn't found anything about this file in docs. What is this file? Bye, -=Lajbi=-------------------------------------------------------------------- LAJBER Zoltan lajbi@jht.gau.hu http://jht.gau.hu/~lajbi GATE Jarmu- es Hotechnika Tanszek http://jht.gau.hu A member of HuLUG http://mlf.linux.rulez.org/mlf From pmal at space.gr Mon Apr 3 08:33:20 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:13 2003 Subject: Execution of login script References: Message-ID: <00dc01bf9d47$44d65800$0602000a@space.gr> It doesn't work. Leon Leech pointed me to a technet article but I think Microsofts solution is not actually a solution. It can not be implemented with a samba server. Check it out. http://support.microsoft.com/support/kb/articles/Q176/1/97.ASP ----- Original Message ----- From: Jamie ffolliott To: ; Multiple recipients of list SAMBA-NTDOM Sent: Monday, April 03, 2000 10:53 AM Subject: RE: Execution of login script > Yes, just comment out the line "logon script = " in your smb.conf to > completely disable the login script. > > Of if you want the login script (idea just off the top of my head, but > should work), change the parameter from "logon script = logon.bat" to "logon > script = logon.lnk" and create a windows shortcut (name it logon.lnk) which > has the target \\PDC\netlogon\logon.bat and set the "Run:" property of > logon.lnk to "Minimized". > > cheers, > Jamie > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On > > Behalf Of Panagiotis Malakoudis > > Sent: April 3, 2000 3:15 AM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Execution of login script > > > > > > Dear friends, > > > > I was wondering if there is any way of "hiding" the dos window that shows > > the output of the logon script. > > I searched numberous bulletin boards as well as the OReilly book > > but nothing > > was mentioned. > > Any help would be much appreciated. > > > > Panagiotis > > > > From lkcl at samba.org Mon Apr 3 08:51:40 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:13 2003 Subject: samba-tng-alpha-1.7.tar.gz Message-ID: what you've all been waiting for: a merge of smbd from cvs main to SAMBA_TNG. please help test this one lots, i may have missed something from the code i pulled over from cvs main (70,000 lines of code pretty much copy and diff style!) i spent some time last night getting the security file/dir tab working, and lo and behold, you can view and change unix file perms (i am very impressed, jeremy!) my next will be spoolssd from cvs main, i think, which jean-francois is developing: i will pull over his cvs main work to TNG. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From neonatus at gimp.thz.net Mon Apr 3 09:08:31 2000 From: neonatus at gimp.thz.net (Bostjan Muller) Date: Tue Dec 2 02:29:13 2003 Subject: NT network, without a domain? In-Reply-To: <000401bf9d0e$6098c1b0$0200000a@workstation1>; from snail_talk@yahoo.com on Mon, Apr 03, 2000 at 11:34:07AM +1000 References: <20000402002602.A3310@gimp.thz.net> <000401bf9d0e$6098c1b0$0200000a@workstation1> Message-ID: <20000403110831.C16485@gimp.thz.net> I guess I wasnt quite clear. 1. I would like to have my nt box logon to a domain. Can that be done in a branch other than Samba-pdc? 2. How do I add a machine - I did the rpcclient logon as root, than createuser machine$ isn't that enough? 3. If 2 was wrong than what is the right way to add users and machines the way that they could login from a remote machine to samba-pdc? 4. Which version of smb do I have to use to get remote printers working on a NT wks client (the print server is linux). THX in advance! Bostjan * On 03-04-00 at 10:34 geoffrey lee (snail_talk@yahoo.com) wrote: +----Here quoted text begins----+ > > it is. 2.0.x where x >= 3 has basic nt pdc capability. i.e. logging onto > domain. > [...] > > > if you need nt pdc functionality, you can use the stable branch, or you can > use a mixture of the head and tng branch. just the head branch won't do, > since they don't have NT PDC support there. > > [...] > > i'm guessing that you forgot to create a machien account for hte ntbox > ..win9x and nt domain logons are different. > +----and here the quote ends----+ From s.striker at striker.nl Mon Apr 3 09:17:18 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:13 2003 Subject: samba-tng-alpha-1.7.tar.gz In-Reply-To: Message-ID: >what you've all been waiting for: a merge of smbd from cvs main to >SAMBA_TNG. Thumbs up Luke! This is a major milestone. Sander From pmal at space.gr Mon Apr 3 10:06:05 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:13 2003 Subject: Guest account References: <000401bf9d5b$862dda80$1e030359@poseidon> Message-ID: <004701bf9d54$39681780$0602000a@space.gr> Do I need to add the guest account to the smbpasswd file also? I'm getting " Couldn't find user 'ftp' in smb_passwd file." messages all over my log files. Almost 70% of the logs is full of these messages. -------------- next part -------------- HTML attachment scrubbed and removed From tom at ee.ucl.ac.uk Mon Apr 3 10:46:02 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:13 2003 Subject: samba-TNG cvs update 3/4/00 11:00 BST Message-ID: <200004031046.LAA22424@picard.ee.ucl.ac.uk> Hello, Sparc 64 Solaris 2.7 gcc 2.8.1 samba-TNG cvs update 11:00 BST 03/04/00 This vintage fails to compile with: Linking bin/smbd Undefined first referenced symbol in file map_lock_offset bin/.libs/libsamba.so ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd map_lock_offset is used in lib/util_file.c Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From snail_talk at yahoo.com Mon Apr 3 10:55:44 2000 From: snail_talk at yahoo.com (Snail Talk) Date: Tue Dec 2 02:29:13 2003 Subject: NT network, without a domain? Message-ID: <20000403105544.16237.qmail@web107.yahoomail.com> hi, --- Bostjan Muller wrote: > I guess I wasnt quite clear. > > 1. I would like to have my nt box logon to a domain. > Can that be done in a > branch other than Samba-pdc? > sure. you can use either the tng branch or the stable ones >= 2.0.3. i'm using stable now but i might actually try out tng, since now that luke's afctually merged the smbd with cvs main ... > 2. How do I add a machine - I did the rpcclient > logon as root, than createuser > machine$ isn't that enough? > try useradd to create a entry for the machine in /etc/passwd and then use smbpasswd -a -m machinename as root ... > 3. If 2 was wrong than what is the right way to add > users and machines the way > that they could login from a remote machine to > samba-pdc? > > 4. Which version of smb do I have to use to get > remote printers working on a NT > wks client (the print server is linux). > > > THX in advance! > > Bostjan > > > * On 03-04-00 at 10:34 geoffrey lee > (snail_talk@yahoo.com) wrote: > +----Here quoted text begins----+ > > > > it is. 2.0.x where x >= 3 has basic nt pdc > capability. i.e. logging onto > > domain. > > > [...] > > > > > > if you need nt pdc functionality, you can use the > stable branch, or you can > > use a mixture of the head and tng branch. just the > head branch won't do, > > since they don't have NT PDC support there. > > > > > [...] > > > > i'm guessing that you forgot to create a machien > account for hte ntbox > > ..win9x and nt domain logons are different. > > > +----and here the quote ends----+ > __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com From Brody.Delcambre at ctii.com Mon Apr 3 11:45:00 2000 From: Brody.Delcambre at ctii.com (Brody.Delcambre@ctii.com) Date: Tue Dec 2 02:29:13 2003 Subject: unsubscribe Message-ID: unsubscribe -------------- next part -------------- HTML attachment scrubbed and removed From Herve.Cimadomo at imag.fr Mon Apr 3 12:56:17 2000 From: Herve.Cimadomo at imag.fr (CIMADOMO =?iso-8859-1?Q?herv=E9?=) Date: Tue Dec 2 02:29:13 2003 Subject: [samba-tng 1.6 and later] : samedit or rpcclient ? trust account ? Message-ID: <38E894E4.4246DA62@imag.fr> hi, what's using : samedit or rpcclient ? I try to act my samba server as a BDC but i have always same error: I succefully create my samba server as a bdc on my pdc but when i do samsync, i have "LSA_QUERY_SECRET: cmd_sam_sync: no trust account password". how create trust account in release 1.6 ??? the http://www.kneschke.de/projekte/samba_tng link is not sufficient about that . please , help me !!! -- Herve Cimadomo Email: Herve.Cimadomo@imag.fr !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!! ATTENTION Nouvelle adresse et nouveau num?ro de t?l?phone !!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! LSR, 220 Rue de la Chimie, Domaine Universitaire BP53 38041 GRENOBLE CEDEX 9 T?l.: 04-76-63-55-63 From jph.sati at free.fr Mon Apr 3 13:14:47 2000 From: jph.sati at free.fr (jph) Date: Tue Dec 2 02:29:13 2003 Subject: subscribe to the mailing list Message-ID: <000801bf9d6e$9bda4680$eaca09c0@pc4> How subscribe to the mailing list of NT Primary Domain Controller. Marc BANZET -------------- next part -------------- HTML attachment scrubbed and removed From s.striker at striker.nl Mon Apr 3 13:31:12 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:13 2003 Subject: subscribe to the mailing list In-Reply-To: <000801bf9d6e$9bda4680$eaca09c0@pc4> Message-ID: http://lists.samba.org/ > How subscribe to the mailing list of NT Primary Domain Controller. > Marc BANZET From dcox at coxnetwork.com Mon Apr 3 13:21:05 2000 From: dcox at coxnetwork.com (Duane Cox) Date: Tue Dec 2 02:29:13 2003 Subject: Fw: problem with homes share and long user names Message-ID: <004101bf9d6f$77ab29e0$61360fc2@laptop.eiec.org> -----Original Message----- From: Duane Cox To: Multiple recipients of list SAMBA-NTDOM Date: Sunday, April 02, 2000 3:54 PM Subject: problem with homes share and long user names >Hello > >I have been using the samba 2.05a package on Red Hat linux 6.1 >I am not sure if this is a windows NT or samba issue, but the >homes share for a user like administrator (characters =>13) then >the windows NT machine when trying to access this share results >in the error with network path not found... >I know this must be a common problem.. If the user name =< 12 >characters, then things work fine.. > >Is there a way to get around this? > >Duane Cox >dcox@coxnetwork.com > > From danny at cs.huji.ac.il Mon Apr 3 13:30:59 2000 From: danny at cs.huji.ac.il (Danny Braniss) Date: Tue Dec 2 02:29:13 2003 Subject: samba-tng-alpha-1.7.tar.gz In-Reply-To: Your message of Mon, 3 Apr 2000 18:56:00 +1000 . Message-ID: hi, it seems that 'msdfs/' is missing from the tarball. danny In message you writ e: }what you've all been waiting for: a merge of smbd from cvs main to }SAMBA_TNG. } }please help test this one lots, i may have missed something from the code }i pulled over from cvs main (70,000 lines of code pretty much copy and }diff style!) } }i spent some time last night getting the security file/dir tab working, }and lo and behold, you can view and change unix file perms (i am very }impressed, jeremy!) } }my next will be spoolssd from cvs main, i think, which jean-francois is }developing: i will pull over his cvs main work to TNG. } }luke } } Luke Kenneth Casson Leighton } Samba and Network Development } Samba Web site } Macmillan Technical Publishing } }ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals } } From lkcl at samba.org Mon Apr 3 13:40:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:13 2003 Subject: samba-tng-alpha-1.7.tar.gz In-Reply-To: Message-ID: oops! On Mon, 3 Apr 2000, Danny Braniss wrote: > hi, > it seems that 'msdfs/' is missing from the tarball. > > danny > > In message you writ > e: > }what you've all been waiting for: a merge of smbd from cvs main to > }SAMBA_TNG. > } > }please help test this one lots, i may have missed something from the code > }i pulled over from cvs main (70,000 lines of code pretty much copy and > }diff style!) > } > }i spent some time last night getting the security file/dir tab working, > }and lo and behold, you can view and change unix file perms (i am very > }impressed, jeremy!) > } > }my next will be spoolssd from cvs main, i think, which jean-francois is > }developing: i will pull over his cvs main work to TNG. > } > }luke > } > } Luke Kenneth Casson Leighton > } Samba and Network Development > } Samba Web site > } Macmillan Technical Publishing > } > }ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > } > } > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From fridacw at mail.auburn.edu Mon Apr 3 14:37:36 2000 From: fridacw at mail.auburn.edu (Christopher W Friday) Date: Tue Dec 2 02:29:13 2003 Subject: samba-tng-alpha-1.7.tar.gz In-Reply-To: Message-ID: This may be over stating the obvious, but CVS seems to be missing 'msdfs/' as well. Chris From tom at ee.ucl.ac.uk Mon Apr 3 14:58:23 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:13 2003 Subject: samba-TNG cvs update 1300 BST 03/04/00 Message-ID: <200004031458.PAA07616@picard.ee.ucl.ac.uk> Hello, samba-TNG now compiles fine. Domain log ins work, but there are a few problems in lsarpcd: standard input is not a socket, assuming -D option create_pipe_socket: /opt/samba-TNG/var/locks/.msrpc perms=448 /opt/samba-TNG/var/locks/.msrpc/lsarpc perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /opt/samba-TNG/var/locks/.msrpc/lsarpc failed waiting for a connection Changed root to / msrpc_process: client_name: lsarpc my_name: sonic Closing connections Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (prs_debug, 34) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (prs_align, 458) uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_align, 458) =============================================================== INTERNAL ERROR: Signal 11 in pid 8105 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 8106 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 458) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 8108 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 458) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 8116 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 458) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 8120 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 458) uninitialised structure (_prs_uint32, 736) Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From Richard.X.Wertheim at kp.org Mon Apr 3 15:54:04 2000 From: Richard.X.Wertheim at kp.org (Wertheim,Richard X) Date: Tue Dec 2 02:29:13 2003 Subject: SMBClient Message-ID: <1CFF5DB65591D311997400805FBEF45011C05E@annd-exch-1.ca.kp.org> I'm having some trouble running smbclient. I go to run it and it says file not found. I type smbclient in the dir and it says file not found. Do i need to type the server name along with smbclient? How do I run it? From jeremy at valinux.com Mon Apr 3 17:35:27 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:14 2003 Subject: TNG "no locking available" error, HP/UX References: <14566.54951.547217.596133@wire.cadcamlab.org> <14567.53646.72885.994711@wire.cadcamlab.org> Message-ID: <38E8D65F.7164DD99@valinux.com> Peter Samuelson wrote: > > Ah. I was under the impression Samba still used Unix locking to > provide SMB locking. I know Tridge wants to move away from that and do > interal-only locking using tdb, but I thought we weren't there yet. Well HEAD currently does this, but we still need to add the mapping onto POSIX locking for interoperability with native UNIX and NFS apps. The Windows locking will "look" more correct, and we'll map onto POSIX as best we can. I've been looking at this code in HEAD, and am about to implement this mapping. Regards, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From thomas.heiligenmann at t-online.de Mon Apr 3 17:06:13 2000 From: thomas.heiligenmann at t-online.de (Thomas Heiligenmann) Date: Tue Dec 2 02:29:14 2003 Subject: NT network, without a domain? References: <20000402002602.A3310@gimp.thz.net> <000401bf9d0e$6098c1b0$0200000a@workstation1> <20000403110831.C16485@gimp.thz.net> Message-ID: <38E8CF85.21CC7018@heiligenmann.de> Bostjan Muller wrote: > > 1. I would like to have my nt box logon to a domain. Can that be done in a > branch other than Samba-pdc? "domain logon" with execution of logon script works with Samba 2.0.x I would recommend 2.0.5a > 2. How do I add a machine - I did the rpcclient logon as root, than createuser > machine$ isn't that enough? > > 3. If 2 was wrong than what is the right way to add users and machines the way > that they could login from a remote machine to samba-pdc? see DOMAIN_MEMBER.txt in the docs for details > 4. Which version of smb do I have to use to get remote printers working on a NT > wks client (the print server is linux). remote printing works with any Samba version - although remote installation of NT printer drivers doesn't work with 2.0.x yet. you have to install them as local printers and print to local port \\sambaserver\sharename -- Thomas From snail_talk at yahoo.com Mon Apr 3 17:22:12 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:14 2003 Subject: samba-tng-alpha-1.7.tar.gz In-Reply-To: Message-ID: <000001bf9d91$25f7f890$0200000a@workstation1> Yo! > > > what you've all been waiting for: a merge of smbd from cvs main to > SAMBA_TNG. > this is way cool. you've just convinced me to try out samba-tng. :-) :-) however i'm having a compilation problem ..it bails out that there is no rule for msdfs ...i've noticed that the msdfs directoryis not there i've tied specifying without-msdfs ..., what do i need to do to make samba compile? Geoff. > please help test this one lots, i may have missed something from the code > i pulled over from cvs main (70,000 lines of code pretty much copy and > diff style!) > > i spent some time last night getting the security file/dir tab working, > and lo and behold, you can view and change unix file perms (i am very > impressed, jeremy!) > > my next will be spoolssd from cvs main, i think, which jean-francois is > developing: i will pull over his cvs main work to TNG. > > luke > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > From tom at ee.ucl.ac.uk Mon Apr 3 17:25:59 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:14 2003 Subject: samba-TNG cvs update 1700BST 03/04/00 Message-ID: <200004031725.SAA16951@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 1700 03/04/00 Solaris 2.7 Sparc 64 gcc 2.8.1 There are some problems with lsarpcd crashing: more log.lsarpc added interface ip=128.40.38.34 bcast=128.40.255.255 nmask=255.255.0.0 load_unicode_map: filename /opt/samba-TNG/lib/codepages/unicode_map.850 does not exist. standard input is not a socket, assuming -D option create_pipe_socket: /opt/samba-TNG/var/locks/.msrpc perms=448 /opt/samba-TNG/var/locks/.msrpc/lsarpc perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /opt/samba-TNG/var/locks/.msrpc/lsarpc failed waiting for a connection Changed root to / msrpc_process: client_name: lsarpc my_name: sonic Closing connections Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (prs_debug, 34) uninitialised structure (prs_debug, 34) uninitialised structure (prs_align, 458) uninitialised structure (prs_align, 458) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 736) uninitialised structure (_prs_uint32, 736) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 13301 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error =============================================================== INTERNAL ERROR: Signal 11 in pid 13302 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 458) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) This means that profiles don't work on log in and logging in takes about 5 minutes. More detailed log fragment: api_pipe_request: validated auth pipe name: lsarpc search name: lsarpc Doing \PIPE\lsarpc api_rpc_command: api_ntlsa_rpc op 0x2c - api_rpc_command: LSA_OPENPOLICY2 000000 lsa_io_q_open_pol2 0000 ptr : 00000000 000004 smb_io_unistr2 - NULL 000004 lsa_io_obj_attr 0004 len : 00000000 0008 ptr_root_dir: 00000000 000c ptr_obj_name: 00000000 0010 attributes : 00000000 0014 ptr_sec_desc: 00000000 0018 ptr_sec_qos : 00000000 lsa_io_obj_attr: length 0 does not match size 18 001c des_access: 00000000 Opened policy hnd[1] register_policy_hnd: vuser [13323, 65] [000] 00 00 00 00 72 B5 D0 80 9D 91 01 BF 0F 34 00 00 ....r... .....4.. [010] 01 00 00 00 .... Found policy hnd[1] [000] 00 00 00 00 72 B5 D0 80 9D 91 01 BF 0F 34 00 00 ....r... .....4.. [010] 01 00 00 00 .... policy pnum=1 setting name to open_policy2 uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 13317 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error doing parameter logon script = %a.exe doing parameter logon drive = m: doing parameter logon home = \\sonic\homes Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From mbreuer at siac.com Mon Apr 3 17:40:03 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:14 2003 Subject: TNG 1.6: time service bug... Message-ID: <38E8D773.2D642AE8@siac.com> >From windows... net time \\: displays the correct date & time. net time \\ /set /yes: set's the Windows system to October 2, 2000 and the time ahead about 7 hours. Falling back to TNG 1.3, the problem clears. From anders at aae.wisc.edu Mon Apr 3 17:43:18 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:14 2003 Subject: SMBClient In-Reply-To: <1CFF5DB65591D311997400805FBEF45011C05E@annd-exch-1.ca.kp.org> from "Wertheim,Richard X" at "Apr 4, 2000 02:02:30 am" Message-ID: <200004031743.MAA19135@pug.aae.wisc.edu> You might want to do 'chmod +x smbclient' in its directory (if it's not set executable). In addition, you might need to do ./smbclient in its directory (if . is not in your path..) --Anders > I'm having some trouble running smbclient. I go to run it and it says file > not found. I type smbclient in the dir and it says file not found. > > Do i need to type the server name along with smbclient? > > How do I run it? > From mmbrich at binary.net Tue Apr 4 02:37:47 2000 From: mmbrich at binary.net (Matthew Brichacek) Date: Tue Dec 2 02:29:14 2003 Subject: Netmon and TNG Message-ID: <001601bf9dde$c5374ee0$a20ce5d8@binary.net> Hello, I was able to get printers working with TNG-1.6. I am not sure what i did but it decided to start working after messing with the config file. I am now finishing up all the little details of the network and i thought it would be pretty neat to run system monitor on my samba server. I downloaded capconvert.c and tcpdump-smb after invoking command $\] tcdump -w /cap/net.dump and then $\] capconvert /cap/net.dump /cap/net.cap i get the correct output but how do i get netmon to notice that cap file? and can this be done realtime, or is it all done by changing the data little by little? Thanks in advance Matthew ps i am still unable to get password changing in windows working here are my entries (Mandrake 7.0) smb.conf [global] bind interfaces only = Yes wins proxy = yes message command = sh -c 'echo interfaces = 198.172.10.113/255.255.255.0 127.0.0.1/255.0.0.0 216.229.12.163/255.255.255.248 domain master = Yes dos filetimes = Yes dos filetime resolution = Yes domain logons = yes printing = bsd server string = Linux DA Server lm announce = True workgroup = DUCTAMERICA smb passwd file = /usr/local/samba/private/smbpasswd netbios name = COMP03 keepalive = 60 case sensitive = no admin users = matthew, mmbrich, matt printcap name = /etc/printcap default = public preserve case = yes encrypt passwords = yes follow symlinks = No update encrypted = Yes time server = yes comment = Linux unix password sync = Yes socket options = SO_KEEPALIVE TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = yes security = user short preserve case = yes os level = 200 name resolve order = lmhosts, host, wins, bcast, username map = /dsk/user.map domain group map = /usr/local/samba/private/domaingroup.map domain user map = /usr/local/samba/private/domainuser.map local group map = /usr/local/samba/private/localgroup.map wins support = true lock directory = /usr/local/samba/locks wins hook = /usr/local/samba/bin/dns_update passwd program = /usr/bin/passwd %u passwd chat = *password* %n/n *password* %n/n *successfull* logon path = \\comp03\profiles\%U [netlogon] comment = Samba Network Logon Services path = /home/netlogon browseable = yes locking = No case sensitive = no writeable = yes [homes] writable = yes comment = This is your personal home directory browseable = no [public] writable = yes comment = Schedule Information force group = da path = /home/shared sync always = yes [FTPpub] comment = FTP Server Map path = /home/ftp read only = no [Deskjet] printable = yes printer = lp path = /var/spool/lpd/lp [profiles] comment = User Profiles path = /home/profile create mode = 0600 directory mode = 0700 writeable = yes browseable = no -------------- next part -------------- HTML attachment scrubbed and removed From paulnoah at noah.cnchost.com Tue Apr 4 00:53:08 2000 From: paulnoah at noah.cnchost.com (Paul Noah) Date: Tue Dec 2 02:29:14 2003 Subject: TNG 1.6 - success! In-Reply-To: <39D9024F.16706B8B@siac.com> References: <4.2.0.58.20000401164725.01643d00@pop3.noah.cnchost.com> Message-ID: <4.2.0.58.20000403205144.016b1b68@pop3.noah.cnchost.com> YES Turns out I did have a share mounted. I stopped it and then was able to join the domain. Thanks At 12:49 AM 4/4/2000 +1000, you wrote: >The "credentials" issue has been previously discussed... also there are >Microsoft support documents about it. You can't attempt to >join the domain when you have a mounted share. Do a 'net use' to unmount >your network shares and then try. As to usrmgr... I don't >believe that the feature is fully implemented. My smbpasswd is OK. You >*might* also need to make "netlogon" browsable. I did at >one point and never changed it back. > >Paul Noah wrote: > > > At 04:54 PM 4/1/2000 +1000, Michael Breuer wrote: > > >With 1.6 I can now join W2K systems to the domain... usrmgr works... > > >overall this seems to be a great vintage. > > > > Can you share your secrets? When I try to join I get W2K saying > > > > "The credentials supplied conflict with an existing set of credentials." > > > > I stop the services. Delete everything in var. Nothing appears in the logs > > > > Also > > > > smbpasswd still gives a core dump > > > > usrmgr will administer the domain but will not create users > > > > printing doesn't work > > > > SMB.CONF > > [global] > > workgroup = MYDOMAIN > > #netbios name = Not Used > > server string = SambaTNG 1.6 > > encrypt passwords = Yes > > security = user > > smb passwd file = /etc/smbpasswd > > #following has root=Administrator > > domain user map = /etc/domainuser.map > > log level = 2 > > log file = /opt/samba/log/log.%m > > max log size = 50 > > #socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 > > socket options = TCP_NODELAY > > domain logons = Yes > > os level = 65 > > preferred master = True > > local master = yes > > domain master = True > > wins support = Yes > > guest account = nobody > > admin users = root > > interfaces = 192.168.0.11/24 > > hosts allow = localhost, 192.168.0.0/255.255.255.0 > > printcap name = /etc/printcap > > load printers = yes > > min print space = 2000 > > time server = yes > > vfs option = > > > > [netlogon] > > comment = Domain logon service > > path = /opt/samba/netlogon > > browseable = No > > > > [homes] > > comment = Home Directories > > read only = No > > create mask = 0755 > > browseable = No > > writable = yes > > > > [public] > > path = /home/samba/data > > guest account = nobody > > admin users = > > read only = No > > guest ok = Yes > > > > [profile] > > path = /opt/samba/profile > > read only = No > > > > [printers] > > browseable = no > > comment = Printers in printcap > > guest ok = no > > path = /var/spool/samba > > read only = no > > print ok = yes From pkennedy at loudcloud.com Tue Apr 4 02:32:25 2000 From: pkennedy at loudcloud.com (Paul Kennedy) Date: Tue Dec 2 02:29:14 2003 Subject: Samba TNG schedule Message-ID: <38E95439.9E7F619C@loudcloud.com> I'm keen on using the PDC functionality, with LDAP-backend, of Samba-TNG. But the current state of the code is too unstable for me to use even in an alpha capacity. I haven't ever been able to get a workstation to join a domain. There's always something preventing this. Most recently (last Friday) I was stymied pretty early in the process with the appearance of PANIC messages in log.lsarpcd when I tried to create the workstation trust accounts via samedit/createuser (yes, there is a UNIX account of the same name, etc.). And today when I updated from cvs the build is broken apparently due to missing directories, the result of an incomplete cvs merge. So my question is: Is the Samba team working to a schedule, even a rough one, by which they expect the Samba PDC functionality to be stable enough to be beta-quality ? If so, when is this expected to happen ? Thanks, Pk. From lkcl at samba.org Tue Apr 4 03:30:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:14 2003 Subject: samba-tng-alpha-1.8.tar.gz Message-ID: nmbd merged. smbd merged. printing merged (couple of weird bugs, but it basically works. well done jean-francois!). NOTE: if you understand NT printing and how it works, you will do OK with the new NT-style printing. i.e you have to install a printer on the server (you will need an NT cd for this) and you should create a share [print$] which is world-readable and admin-only writeable. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From ganeshrama at hotmail.com Tue Apr 4 03:32:18 2000 From: ganeshrama at hotmail.com (Rama Ganesh) Date: Tue Dec 2 02:29:14 2003 Subject: ASCII file transfer Message-ID: <20000404033218.81082.qmail@hotmail.com> Sql files(.SQL) created on UNIX, seem to contain some special characters when opened on Win NT. Binary files are fine. Is anyone aware of a workaround to this issue ? Any help would be greatly appreciated. Thanks in advance Ganesh ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From mmbrich at binary.net Tue Apr 4 04:26:43 2000 From: mmbrich at binary.net (Matthew Brichacek) Date: Tue Dec 2 02:29:14 2003 Subject: TNG-1.8 prniting problems Message-ID: <000a01bf9ded$fd05f7e0$a20ce5d8@binary.net> Hi, I just downloaded tng 1.8 and compiled on my mandrake 7.0 machine. after starting the dameons i was unable to print a test page from win 98. This was working fine on tng-1.6 because i just used it the other day. I saw nothing strange inthe logs however i was watching the win98 que and the linux spool. After the win98 print job started it would spool and turn into a root process and say 100% complete but the top of the window said PAUSED even though it was not checked in the status area. On the linux machine 2 files would spool, with the netbios of the linux macine plus some gunk and that was it.. it would sit their an do nothing. I hope this helps. Also when i go to change the Microsoft Networking Password in win98 i get the error "no domain controller available" Thanks Matthew -------------- next part -------------- HTML attachment scrubbed and removed From jffolliott at home.com Tue Apr 4 06:17:24 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:14 2003 Subject: Netmon and TNG In-Reply-To: <001601bf9dde$c5374ee0$a20ce5d8@binary.net> Message-ID: Try: passwd chat = *password* %n\n *password* %n\n *successfull* (backslashes, not forward slashes) Also, you have "update encrypted = Yes", which won't work because you have (and need) encrypted passwords = Yes". Jamie -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Matthew Brichacek Sent: April 3, 2000 8:42 PM To: Multiple recipients of list SAMBA-NTDOM Subject: Netmon and TNG Hello, I was able to get printers working with TNG-1.6. I am not sure what i did but it decided to start working after messing with the config file. I am now finishing up all the little details of the network and i thought it would be pretty neat to run system monitor on my samba server. I downloaded capconvert.c and tcpdump-smb after invoking command $\] tcdump -w /cap/net.dump and then $\] capconvert /cap/net.dump /cap/net.cap i get the correct output but how do i get netmon to notice that cap file? and can this be done realtime, or is it all done by changing the data little by little? Thanks in advance Matthew ps i am still unable to get password changing in windows working here are my entries (Mandrake 7.0) smb.conf [global] bind interfaces only = Yes wins proxy = yes message command = sh -c 'echo interfaces = 198.172.10.113/255.255.255.0 127.0.0.1/255.0.0.0 216.229.12.163/255.255.255.248 domain master = Yes dos filetimes = Yes dos filetime resolution = Yes domain logons = yes printing = bsd server string = Linux DA Server lm announce = True workgroup = DUCTAMERICA smb passwd file = /usr/local/samba/private/smbpasswd netbios name = COMP03 keepalive = 60 case sensitive = no admin users = matthew, mmbrich, matt printcap name = /etc/printcap default = public preserve case = yes encrypt passwords = yes follow symlinks = No update encrypted = Yes time server = yes comment = Linux unix password sync = Yes socket options = SO_KEEPALIVE TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = yes security = user short preserve case = yes os level = 200 name resolve order = lmhosts, host, wins, bcast, username map = /dsk/user.map domain group map = /usr/local/samba/private/domaingroup.map domain user map = /usr/local/samba/private/domainuser.map local group map = /usr/local/samba/private/localgroup.map wins support = true lock directory = /usr/local/samba/locks wins hook = /usr/local/samba/bin/dns_update passwd program = /usr/bin/passwd %u passwd chat = *password* %n/n *password* %n/n *successfull* logon path = \\comp03\profiles\%U [netlogon] comment = Samba Network Logon Services path = /home/netlogon browseable = yes locking = No case sensitive = no writeable = yes [homes] writable = yes comment = This is your personal home directory browseable = no [public] writable = yes comment = Schedule Information force group = da path = /home/shared sync always = yes [FTPpub] comment = FTP Server Map path = /home/ftp read only = no [Deskjet] printable = yes printer = lp path = /var/spool/lpd/lp [profiles] comment = User Profiles path = /home/profile create mode = 0600 directory mode = 0700 writeable = yes browseable = no -------------- next part -------------- HTML attachment scrubbed and removed From mmbrich at binary.net Tue Apr 4 05:33:43 2000 From: mmbrich at binary.net (Matthew Brichacek) Date: Tue Dec 2 02:29:14 2003 Subject: Netmon and TNG References: Message-ID: <001401bf9df7$578e74e0$a20ce5d8@binary.net> i tried this and i still get "domain controller not available" from win 98 Also i got printing working for tng 1.8, it was a printer config problem, i don't know how it got changed but oh well.. Thanks Matthew ----- Original Message ----- From: Jamie ffolliott To: mmbrich@binary.net ; Multiple recipients of list SAMBA-NTDOM Sent: Tuesday, April 04, 2000 1:17 AM Subject: RE: Netmon and TNG Try: passwd chat = *password* %n\n *password* %n\n *successfull* (backslashes, not forward slashes) Also, you have "update encrypted = Yes", which won't work because you have (and need) encrypted passwords = Yes". Jamie -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Matthew Brichacek Sent: April 3, 2000 8:42 PM To: Multiple recipients of list SAMBA-NTDOM Subject: Netmon and TNG Hello, I was able to get printers working with TNG-1.6. I am not sure what i did but it decided to start working after messing with the config file. I am now finishing up all the little details of the network and i thought it would be pretty neat to run system monitor on my samba server. I downloaded capconvert.c and tcpdump-smb after invoking command $\] tcdump -w /cap/net.dump and then $\] capconvert /cap/net.dump /cap/net.cap i get the correct output but how do i get netmon to notice that cap file? and can this be done realtime, or is it all done by changing the data little by little? Thanks in advance Matthew ps i am still unable to get password changing in windows working here are my entries (Mandrake 7.0) smb.conf [global] bind interfaces only = Yes wins proxy = yes message command = sh -c 'echo interfaces = 198.172.10.113/255.255.255.0 127.0.0.1/255.0.0.0 216.229.12.163/255.255.255.248 domain master = Yes dos filetimes = Yes dos filetime resolution = Yes domain logons = yes printing = bsd server string = Linux DA Server lm announce = True workgroup = DUCTAMERICA smb passwd file = /usr/local/samba/private/smbpasswd netbios name = COMP03 keepalive = 60 case sensitive = no admin users = matthew, mmbrich, matt printcap name = /etc/printcap default = public preserve case = yes encrypt passwords = yes follow symlinks = No update encrypted = Yes time server = yes comment = Linux unix password sync = Yes socket options = SO_KEEPALIVE TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = yes security = user short preserve case = yes os level = 200 name resolve order = lmhosts, host, wins, bcast, username map = /dsk/user.map domain group map = /usr/local/samba/private/domaingroup.map domain user map = /usr/local/samba/private/domainuser.map local group map = /usr/local/samba/private/localgroup.map wins support = true lock directory = /usr/local/samba/locks wins hook = /usr/local/samba/bin/dns_update passwd program = /usr/bin/passwd %u passwd chat = *password* %n/n *password* %n/n *successfull* logon path = \\comp03\profiles\%U [netlogon] comment = Samba Network Logon Services path = /home/netlogon browseable = yes locking = No case sensitive = no writeable = yes [homes] writable = yes comment = This is your personal home directory browseable = no [public] writable = yes comment = Schedule Information force group = da path = /home/shared sync always = yes [FTPpub] comment = FTP Server Map path = /home/ftp read only = no [Deskjet] printable = yes printer = lp path = /var/spool/lpd/lp [profiles] comment = User Profiles path = /home/profile create mode = 0600 directory mode = 0700 writeable = yes browseable = no -------------- next part -------------- HTML attachment scrubbed and removed From pmal at space.gr Tue Apr 4 07:57:29 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:14 2003 Subject: Trust Relationships Message-ID: <001d01bf9e0b$6c99a260$0602000a@space.gr> Sorry if this has appeared in the list (which propably has) but I cannot find in the archives any piece of info tp help me? Is support for trust relationships between a samba domain and an NT domain available at the 206 head branch? If so is there any resource that someone could direct me to? I have my samba server acting as PDC with profiles and scripts working but I also want to setup trust relationship to one of my NT domain. Thanx in advance. Panagiotis From giulioo at pobox.com Tue Apr 4 08:29:29 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:14 2003 Subject: Trust Relationships In-Reply-To: <001d01bf9e0b$6c99a260$0602000a@space.gr> References: <001d01bf9e0b$6c99a260$0602000a@space.gr> Message-ID: <20000404082954.86CCD2AE8E@i3.golden.dom> On Tue, 4 Apr 2000 17:59:55 +1000, hai scritto: >Is support for trust relationships between a samba domain and an NT domain >available at the 206 head branch? No. 206 is not the head branch. Trust relationship is developed in the TNG branch. Read all messages that have "TNG" in the subject to know how it's going. -- giulioo@pobox.com From pmal at space.gr Tue Apr 4 08:51:19 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:14 2003 Subject: Trust Relationships References: <001d01bf9e0b$6c99a260$0602000a@space.gr> <20000404082954.86CCD2AE8E@i3.golden.dom> Message-ID: <008501bf9e12$f1c54320$0602000a@space.gr> Which version of the tng branch do you people think is more stable for a production environment? I have slakware linux 7 installed. Panagiotis ----- Original Message ----- From: Giulio Orsero To: Multiple recipients of list SAMBA-NTDOM Sent: Tuesday, April 04, 2000 11:33 AM Subject: Re: Trust Relationships > On Tue, 4 Apr 2000 17:59:55 +1000, hai scritto: > > >Is support for trust relationships between a samba domain and an NT domain > >available at the 206 head branch? > No. > 206 is not the head branch. > Trust relationship is developed in the TNG branch. > Read all messages that have "TNG" in the subject to know how it's going. > > -- > giulioo@pobox.com From tom at ee.ucl.ac.uk Tue Apr 4 11:15:19 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:14 2003 Subject: samba-TNG cvs update 04/04/00 1130 BST Message-ID: <200004041115.MAA16894@picard.ee.ucl.ac.uk> Hello, Solaris 2.7 Sparc 64 gcc 2.8.1 samba-TNG cvs update 1130 BST 04/04/00 There are still problems with lsarpcd crashing: Closing connections Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (prs_debug, 34) uninitialised structure (prs_debug, 34) uninitialised structure (prs_align, 457) uninitialised structure (prs_align, 457) uninitialised structure (_prs_uint32, 735) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 735) =============================================================== INTERNAL ERROR: Signal 11 in pid 17072 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 17073 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 457) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) uninitialised structure (_prs_uint32, 735) uninitialised structure (prs_debug, 34) =============================================================== INTERNAL ERROR: Signal 11 in pid 17080 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error uninitialised structure (prs_align, 457) uninitialised structure (_prs_uint32, 735) Changed root to / msrpc_process: client_name: lsarpc my_name: sonic uninitialised structure (prs_debug, 34) Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lkcl at samba.org Tue Apr 4 11:27:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:14 2003 Subject: lsarpcd crashes Message-ID: tom, please therefore follow the standard debug procedures outlined in lars' FAQ to give more information about the lsarpcd crash you reported, and send details to the list. i was able to track down the previous one you reported, because i found and repro'd the problem myself, however i haven't seen this one, so don't know where to start, and need your help finding it. thx, luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Hans-Peter.Raschke at gmx.de Tue Apr 4 09:43:43 2000 From: Hans-Peter.Raschke at gmx.de (Hans-Peter Raschke) Date: Tue Dec 2 02:29:14 2003 Subject: samba-tng-alpha-1.8.tar.gz Message-ID: <00040412152500.29512@qmpc2> Hello, with this version and with 1.7 I got the following error messages while joining the domain as a BDC root@qmpc2:/usr/local/samba/var > rpcclient -S PDC_DS -U root%entire -W DS ... [DS\root@PDC_DS]$ createuser QMPC2$ -s -j DS createuser QMPC2$ -s -j DS SAM Create Domain User Domain: DS Name: qmpc2$ ACB: [S ] failed tcon_X cli_net_use_add: connection failed ncacn_np_use_add: connection failed Connection to \\QMPC2 FAILED (Do a "use \\\\QMPC2 -U localadmin") Create Domain User: FAILED The log file log.smb states: Failed to set gid privileges to (-1,775043377) now set to (0,0) uid=(0,0) PANIC: failed to set gid I'm using Linux SuSE 6.2 (Kernel 2.2.10). Any hints? Thx HP ----------------------------------------------------------- Hans-Peter Raschke E-Mail: Hans-Peter.Raschke@gmx.de Wintermann DatenService Tel.: ++49 441 9304064 Langenweg 16 Fax: ++49 441 9304069 D-26125 Oldenburg From tom at ee.ucl.ac.uk Tue Apr 4 11:47:09 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:14 2003 Subject: lsarpcd crashes Message-ID: <200004041147.MAA18329@picard.ee.ucl.ac.uk> Hello Luke, The problem was that the binaries for the daemons have been moved to /sbin and I still had copies of yesterdays versions in bin and these were the ones that were being used. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lkcl at samba.org Tue Apr 4 11:53:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:14 2003 Subject: lsarpcd crashes In-Reply-To: <200004041147.MAA18329@picard.ee.ucl.ac.uk> Message-ID: ah!! well, that's ok, then :) On Tue, 4 Apr 2000, Tom Crummey wrote: > Hello Luke, > > The problem was that the binaries for the daemons have been moved to > /sbin and I still had copies of yesterdays versions in bin > and these were the ones that were being used. From pmal at space.gr Tue Apr 4 13:21:34 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:14 2003 Subject: error Message-ID: <015701bf9e38$b3bc9120$0602000a@space.gr> When I use the rpc client to add accounts I see the following at the log file. addedd interface ip=10.0.2.201 bcast=10.0.255.255 nmask 255.255.0.0 socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Could someone explain this to me? Many thanx From tom at ee.ucl.ac.uk Tue Apr 4 13:38:58 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:14 2003 Subject: samba-TNG cvs 11:30 BST 04/04/00 Message-ID: <200004041338.OAA23424@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 04/04/00 Solaris 2.7 Sparc 64 gcc 2.8.1 Watch out for the move of binaries from /bin to /sbin. Make sure you're using the correct ones. It's probably safest to remove bin altogether before reinstalling. Domain logins work, as do roaming profiles. Giving the wrong password at the login prompt results in the wrong messages: NT4 SP4: The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect. Win2000: The stub received bad data. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From Elrond at Wunder-Nett.org Tue Apr 4 13:51:16 2000 From: Elrond at Wunder-Nett.org (Elrond) Date: Tue Dec 2 02:29:14 2003 Subject: error In-Reply-To: <015701bf9e38$b3bc9120$0602000a@space.gr>; from Panagiotis Malakoudis on Tue, Apr 04, 2000 at 11:23:14PM +1000 References: <015701bf9e38$b3bc9120$0602000a@space.gr> Message-ID: <20000404155116.B10712@baerbel.mug.maschinenbau.tu-darmstadt.de> On Tue, Apr 04, 2000 at 11:23:14PM +1000, Panagiotis Malakoudis wrote: > When I use the rpc client to add accounts I see the following at the log > file. > addedd interface ip=10.0.2.201 bcast=10.0.255.255 nmask 255.255.0.0 That's for your information. > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused That's a simple warning. Ignore it. (The code should be modified here anyway, it's partly a security problem) [...] Elrond From pmal at space.gr Tue Apr 4 14:01:27 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:14 2003 Subject: error References: <015701bf9e38$b3bc9120$0602000a@space.gr> <20000404155116.B10712@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <017501bf9e3e$450e76c0$0602000a@space.gr> I have another question for you. I cannot login from the win9x box. I get a message that the password is invalid. What are excactly the accounts that must be created either from smbpasswd and rpcclient in order to be able to login from a win9x box? Do I need to add a trust account of some sort? Thank you for your help on the subject. ----- Original Message ----- From: Elrond To: Panagiotis Malakoudis Cc: Multiple recipients of list SAMBA-NTDOM Sent: Tuesday, April 04, 2000 4:51 PM Subject: Re: error > On Tue, Apr 04, 2000 at 11:23:14PM +1000, Panagiotis Malakoudis wrote: > > When I use the rpc client to add accounts I see the following at the log > > file. > > > addedd interface ip=10.0.2.201 bcast=10.0.255.255 nmask 255.255.0.0 > That's for your information. > > > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > That's a simple warning. Ignore it. > > (The code should be modified here anyway, it's partly a > security problem) > > [...] > > Elrond From alet at unice.fr Tue Apr 4 14:11:08 2000 From: alet at unice.fr (Jerome Alet) Date: Tue Dec 2 02:29:14 2003 Subject: what does this error or warning message really mean ? Message-ID: Hi, I'm using Samba-2.0.6 as a PDC under a RedHat 4.2 SparcLinux system with a 2.0.35 kernel and libc 5.3.12 it works fine, however I've got this message in samba-log.smb: [2000/04/03 17:12:17, 1] smbd/files.c:file_init(216) file_init: Information only: requested 10000 open files, 246 are available. Is it important or not (all seem to work fine and I've got only 5 NT4SP5WKS clients) ? I've tried to modify the maximum number of files in /proc/sys/kernel/file-max but it doesn't change anything. could someone tell me if it's ok to continue with this very old configuration or if I have to upgrade my kernel+libc ? I plan to set up a new machine ASAP, but unfortunately ASAP is not soon at all :-( thanks in advance. Jerome ALET - alet@unice.fr - http://cortex.unice.fr/~jerome Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30 28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE From timothy_d_cole at md.northgrum.com Tue Apr 4 14:30:41 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:14 2003 Subject: ASCII file transfer Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F4703E@xcgmd008.md.essd.northgrum.com> > -----Original Message----- > From: Rama Ganesh [SMTP:ganeshrama@hotmail.com] > Sent: Monday, April 03, 2000 23:36 > To: Multiple recipients of list SAMBA-NTDOM > Subject: ASCII file transfer > > Sql files(.SQL) created on UNIX, seem to contain some special characters > when opened on Win NT. Binary files are fine. > This is a FAQ. NT and POSIX-compliant (e.g. Unix) systems use different characters to terminate lines. > Is anyone aware of a workaround to this issue ? > Not any reliable ones. It's not an issue specific to Samba -- it's been around for at least the past 20 years, and probably more, any place people were moving data between DOS/Windows/VMS and POSIX/Unix. Every attempt to automatically solve it has failed miserably, because if the system guesses wrong and the file is really binary, it will be corrupted. For example, the (off by default) conversion in the Linux msdos fs driver was removed entirely because too many people were having problems with data corruption. Even if the conversion always guesses right, if this is being done transparently in the filesystem (or in Samba) the conversion also changes the effective length of the file (NT uses two characters, Unix uses one), the length of individual lines, and thus file offsets change unpredictably. seek() can't work reliably under those circumstances, and so you're STILL at the risk of data corruption. So that's why Samba doesn't even try to convert text files. The only reliable way to deal with this is to get a conversion program of some sort that you can manually run the file through on the NT side (or on the Unix side, if you're taking files the other way, from NT to Unix). Plenty exist, and there are also editors like UltraEdit which will let you convert files too. Check winfiles.com. Sorry there isn't an easier solution. It's a 20-year-old problem; if anyone ever manages to solve it reliably, they would deserve a Nobel Prize in information theory. From neonatus at gimp.thz.net Tue Apr 4 15:59:00 2000 From: neonatus at gimp.thz.net (Bostjan Muller) Date: Tue Dec 2 02:29:14 2003 Subject: what does this error or warning message really mean ? In-Reply-To: ; from alet@unice.fr on Wed, Apr 05, 2000 at 12:14:58AM +1000 References: Message-ID: <20000404175900.A867@gimp.thz.net> * On 04-04-00 at 16:35 Jerome Alet (alet@unice.fr) wrote: +----Here quoted text begins----+ > Hi, > > I'm using Samba-2.0.6 as a PDC under a RedHat 4.2 SparcLinux system with a > 2.0.35 kernel and libc 5.3.12 +----and here the quote ends----+ How did you do that??!! I cannot make my samba 2.0.6 or 2.0.5a a domain controller no way :( I have a nt workstation and whenever I set domain instead of workgroup I get that no domain servers vwere available - could you please post your smb.conf or mail it to me directly? THX in advance! Bostjan From tom at ee.ucl.ac.uk Tue Apr 4 16:25:57 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:14 2003 Subject: samba-TNG cvs update 1600 BST 04/04/00 Message-ID: <200004041625.RAA02462@picard.ee.ucl.ac.uk> Hello, Solaris 2.7 Sparc 64 samba-TNG cvs 1600 BST 04/04/00 gcc 2.8.1 Changing passwords from a Win2k domain client does not work on this version. The error message on the client is: The system cannot change your password now because the domain EE_TEST is not available. Log files are available at http://www.ee.ucl.ac.uk/~tom/samba/log4/index.html Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lists at baerecke.de Tue Apr 4 16:44:39 2000 From: lists at baerecke.de (Rene Baerecke) Date: Tue Dec 2 02:29:14 2003 Subject: minor 2.0.7-pre3 problems Message-ID: <00040418542400.17540@harry.bos-systemhaus.de> Hi, I just compiled 2.0.7-pre3 with ssl support and had two problems: I had to user --with-sslinc since the includes are in /usr/local/include/openssl/* But the compilation failed as /include was appended to this. (I solved this by creating a link "include" in that directory). The second "problem" is a compiler warning: Compiling smbd/ssl.c smbd/ssl.c: In function `sslutil_init': smbd/ssl.c:160: warning: passing arg 2 of `SSL_CTX_set_tmp_rsa_callback' from incompatible pointer type This is with openssl 0.9.4 René From s.striker at striker.nl Tue Apr 4 17:28:05 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:14 2003 Subject: Samba on Linux with no ACL's is making things tough In-Reply-To: <38EA148B.22923A92@voicerite.com> Message-ID: I forwarded this to samba-technical and samba-ntdom because this issue is something someone is working on. I only can't remember who... Luke? This looks very promising. Michael Marschall wrote: >I am not sure who suggested it, but I have checked out the Linux Trustee >Project and the ACL support seems to work very well. It gives you quite >a bit of granularity and there is no noticeable performance hit. If you >are replacing an NT box with Linux/Samba and need to have shares with >advanced permission sets then something like this is a must. All you >have to do is patch/compile the kernel, compile the settrustee >executable and setup your ACL's in a config file. Run the executable to >set the acl's and you are in business. I will be testing it thoroughly >over the next few weeks to make sure it will not break on me. > >If anybody has any questions on setup you can email me personally and I >will help where I can. > >Here is a link to the site: > >http://www.braysystems.com/linux/trustees.html > >The developer's first language is not English so please disregard the >spelling and grammar mistakes. I have offered to help him with >documentation and editing. > >-- >Michael Marschall >Infrastructure Manager >VoiceRite, Inc. >7725 NW 48th St. >Miami, Florida 33166 >Phone / Fax / Pager : 305 436 1574 From jeremy at valinux.com Tue Apr 4 18:30:00 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:14 2003 Subject: Samba on Linux with no ACL's is making things tough References: Message-ID: <38EA34A8.454ACD1F@valinux.com> Sander Striker wrote: > > I forwarded this to samba-technical and samba-ntdom because this > issue is something someone is working on. I only can't remember > who... Luke? > This looks very promising. This is something I'm working on at the moment in 2.0.x and HEAD. The Linux trustee patch seems ok for the particular problem, but doesn't allow Windows clients access to modify ACLS for files that they own. To do that you need POSIX ACL support - that's the API we'll be adding into Samba 2.0.8 and HEAD (and TNG with the merge going on). Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From s.striker at striker.nl Tue Apr 4 18:26:36 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:14 2003 Subject: Samba on Linux with no ACL's is making things tough In-Reply-To: <38EA34A8.454ACD1F@valinux.com> Message-ID: >This is something I'm working on at the moment in 2.0.x >and HEAD. The Linux trustee patch seems ok for the particular >problem, but doesn't allow Windows clients access to modify >ACLS for files that they own. To do that you need POSIX >ACL support - that's the API we'll be adding into Samba >2.0.8 and HEAD (and TNG with the merge going on). Ahh. Oops, sorry. Is it possible to interface the api to the trustee patch? Or am I talking stupid now? :-) Sander From ed at schernau.com Tue Apr 4 20:59:41 2000 From: ed at schernau.com (Ed Schernau) Date: Tue Dec 2 02:29:14 2003 Subject: Samba on Linux with no ACL's is making things tough References: <38EA34A8.454ACD1F@valinux.com> Message-ID: <38EA57BD.6DA60825@schernau.com> So 2.0.8 WILL have ACLs? Or only IF you have some sort of POSIX ACL support in your OS (Linux 2.2.x) ? Can you clarify this please? I'm actually thinking of *gasp* dumping Samba since it can't give me the granularity I need. (stupid unix group issues) Jeremy Allison wrote: > > Sander Striker wrote: > > > > I forwarded this to samba-technical and samba-ntdom because this > > issue is something someone is working on. I only can't remember > > who... Luke? > > This looks very promising. > > This is something I'm working on at the moment in 2.0.x > and HEAD. The Linux trustee patch seems ok for the particular > problem, but doesn't allow Windows clients access to modify > ACLS for files that they own. To do that you need POSIX > ACL support - that's the API we'll be adding into Samba > 2.0.8 and HEAD (and TNG with the merge going on). > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- From jeremy at valinux.com Tue Apr 4 22:02:00 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:14 2003 Subject: Samba on Linux with no ACL's is making things tough References: <38EA34A8.454ACD1F@valinux.com> <38EA57BD.6DA60825@schernau.com> Message-ID: <38EA6658.86143E54@valinux.com> Ed Schernau wrote: > > So 2.0.8 WILL have ACLs? Or only IF you have some sort of POSIX > ACL support in your OS (Linux 2.2.x) ? The plan is to integrate the HP donated code into Samba 2.0.8 so that Samba will provide ACLs *ONLY* if your underlying OS provides ACL support on the filesystem. For each ACL type a mapping will have to be written from the filesystem ACLs to NT ACLs. Currently this is planned for HPUX (of course :-), IRIX, Solaris and (maybe) AIX. A mapping *may* be done for one of the experimental Linux ACL implementations (the one at http://acl.bestbits.at/ is probably the one we'll use) but this code is not currently in any stable or developement kernel so it will definately be a configure option on Linux. If your underlying filesystem doesn't provide any ACL support then the current mapping (to UNIX user/group/world) will be used by default. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From ed at schernau.com Tue Apr 4 21:26:49 2000 From: ed at schernau.com (Ed Schernau) Date: Tue Dec 2 02:29:15 2003 Subject: Samba on Linux with no ACL's is making things tough References: <38EA34A8.454ACD1F@valinux.com> <38EA57BD.6DA60825@schernau.com> <38EA6658.86143E54@valinux.com> Message-ID: <38EA5E19.B615DFEA@schernau.com> Jeremy Allison wrote: > > Ed Schernau wrote: > > > > So 2.0.8 WILL have ACLs? Or only IF you have some sort of POSIX > > ACL support in your OS (Linux 2.2.x) ? > > The plan is to integrate the HP donated code into > Samba 2.0.8 so that Samba will provide ACLs *ONLY* > if your underlying OS provides ACL support on the > filesystem. And these are real ACLs, i.e. the POSIX draft, not some sort of Trustee thingy? Just wondering where I should be going with my linux boxes on this. The trustee package looks pretty cool. From mam1281 at osfmail.isc.rit.edu Tue Apr 4 21:19:25 2000 From: mam1281 at osfmail.isc.rit.edu (Matt Monacelli) Date: Tue Dec 2 02:29:15 2003 Subject: BDC problem Message-ID: I followed the instructions for setting up samba as a PDC. I am getting a bunch of network errors in the logs, for example: *** there is a race condition to be exploited. *** socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused [2000/04/04 16:33:05, 1] msrpc/msrpcd.c:main(459) lsarpcd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /opt/samba-tng/var/locks/.msrpc perms=448 /opt/samba-tng/va$ *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /opt/samba-tng/var/locks/.msrpc/lsarpc failed I do not yet have any NT machines (one 95, one 98, one Linux) bu will shortly. I am getting all sorts of errors. When I bring up the Server Manager NT tool for Win95, it says that my amba server is a BDC. When I try to promote it to PDC, it says "RPC Server not available". I'm assuming this has to do with the "cannot connect to 192.168.0.1:455 connection refused" error message. I looked in my services file and there is no entry for port 445. A little guidance please? Thanks. -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Cell: (716)734-1379 ITS Technical Support Services Helpdesk: 475-HELP(4357) Rochester Institute of Technology "...Linux is free only if your time has no value!" From trevor at steinmetznet.com Tue Apr 4 21:55:37 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:15 2003 Subject: TNG 1.8 and NT user groups Message-ID: <38EA64D9.83C9AA4@steinmetznet.com> Hi all, I've got 1.8 installed and working, but I hav one problem that I can't figure out. I hav had this problem since the early day of TNG. I cannot map myself as an "Adminstrator" on my NT machine and still join the domain. I have tried useing mapping, but the conf directives appear deprecitated, and Domain Admin Group and Domain Admin User don't seem to help. It is frustrating that everything seems to work, but when I sign on I do not even have permision to change my wall paper. Is there some documentation on this? -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From Richard.X.Wertheim at kp.org Tue Apr 4 21:49:47 2000 From: Richard.X.Wertheim at kp.org (Wertheim,Richard X) Date: Tue Dec 2 02:29:15 2003 Subject: SMBClient Message-ID: <1CFF5DB65591D311997400805FBEF45011C065@annd-exch-1.ca.kp.org> > I'm having some trouble running smbclient. I go to run it and it says > file not found. I type smbclient in the dir and it says file not found. > > Do i need to type the server name along with smbclient? > > How do I run it? > I also can't connect to the server I get access error 5 even after I have changed the registry setting?? What can I change now? From kasi.mir at melzone.snafu.de Tue Apr 4 21:43:45 2000 From: kasi.mir at melzone.snafu.de (Karim 'Kasi Mir' Senoucci) Date: Tue Dec 2 02:29:15 2003 Subject: "domain group map" and HEAD? Message-ID: <4724.954884625.90703.13807@> Hello everyone, I was trying to implement some UNIX<->NT group mapping with a compiled HEAD tree this morning, as it is written down in the NT-Domain FAQ (and the "Samba in 24 hours" book by Sams I was using as a reference), but to my surprise found out that the parameter (in fact, any of these "map" parameters) wheren't recognized by the server. Were they excluded/superseded/made obsolete by something I couldn't find in FAQ or by browsing the NT-DOM archives? Or am I in fact NOT using the correct cvs tree? I downloaded the source tree via CVS by issuing the following command (after login): cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba -r HEAD samba Is this the wrong version, or doesn't HEAD release support those keywords anymore? What can I do to make it work? I wanted to test those features in a mixed NT WS/Win9x environment, by the way. Thanks and bye Kasi Mir -- * Kasi Mir aka Karim Senoucci ----------- e-mail: kasi.mir@melzone.shnet.org *** Computer, movie, TV and general freak from beautiful Northern Germany ?? From lkcl at samba.org Wed Apr 5 02:37:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:15 2003 Subject: Samba on Linux with no ACL's is making things tough In-Reply-To: Message-ID: *laugh*. this is fantastic, and very funny. i should mention at this point that one of my sub-projects that i am seriously considering is abstracting security in the linux kernel (i.e doing a decent job) and then adding the VAX/VMS (i.e NT) security model as an option. i wonder what linus and others would think? :-) On Tue, 4 Apr 2000, Sander Striker wrote: > I forwarded this to samba-technical and samba-ntdom because this > issue is something someone is working on. I only can't remember > who... Luke? > This looks very promising. > > Michael Marschall wrote: > >I am not sure who suggested it, but I have checked out the Linux Trustee > >Project and the ACL support seems to work very well. It gives you quite > >a bit of granularity and there is no noticeable performance hit. If you > >are replacing an NT box with Linux/Samba and need to have shares with > >advanced permission sets then something like this is a must. All you > >have to do is patch/compile the kernel, compile the settrustee > >executable and setup your ACL's in a config file. Run the executable to > >set the acl's and you are in business. I will be testing it thoroughly > >over the next few weeks to make sure it will not break on me. > > > >If anybody has any questions on setup you can email me personally and I > >will help where I can. > > > >Here is a link to the site: > > > >http://www.braysystems.com/linux/trustees.html > > > >The developer's first language is not English so please disregard the > >spelling and grammar mistakes. I have offered to help him with > >documentation and editing. > > > >-- > >Michael Marschall > >Infrastructure Manager > >VoiceRite, Inc. > >7725 NW 48th St. > >Miami, Florida 33166 > >Phone / Fax / Pager : 305 436 1574 > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From mam1281 at ritvax.isc.rit.edu Wed Apr 5 06:45:45 2000 From: mam1281 at ritvax.isc.rit.edu (Matthew Monacelli) Date: Tue Dec 2 02:29:15 2003 Subject: unicode_map Message-ID: <001101bf9eca$d5558fc0$0200a8c0@home.net> I am getting an error from load_unicode_map saying that it can't find the file unicode_map.437 (used to say 850, but i tried changing it to 437 in smb.conf). The codepage.437 (and 850) are there, but i don't have this unicode_map file (with the codepage extension). Please help! -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Helpdesk: 475-HELP(4357) ITS Technical Support Services Cell: (716)734-1379 Rochester Institute of Technology "...Linux is free only if your time has no value!" From alet at unice.fr Wed Apr 5 07:13:03 2000 From: alet at unice.fr (Jerome Alet) Date: Tue Dec 2 02:29:15 2003 Subject: what does this error or warning message really mean ? In-Reply-To: <20000404175900.A867@gimp.thz.net> Message-ID: Here's my smb.conf, with IP adresses and domain modified. It seem to work fine, however I haven't completely configured it yet: the user groups and users are not mapped correctly I think, I'm still working on it. I suppose your problem is the same as mine when I configured it: look at the type of your workstations entries in smbpasswd, it should be W instead of U. This produced exactly the same problem you mention. good luck. Jerome ALET - alet@unice.fr - http://cortex.unice.fr/~jerome Faculte de Medecine de Nice - http://noe.unice.fr - Tel: 04 93 37 76 30 28 Avenue de Valombrose - 06107 NICE Cedex 2 - FRANCE On Wed, 5 Apr 2000, Bostjan Muller wrote: > * On 04-04-00 at 16:35 Jerome Alet (alet@unice.fr) wrote: > +----Here quoted text begins----+ > > Hi, > > > > I'm using Samba-2.0.6 as a PDC under a RedHat 4.2 SparcLinux system with a > > 2.0.35 kernel and libc 5.3.12 > +----and here the quote ends----+ > > How did you do that??!! I cannot make my samba 2.0.6 or 2.0.5a a domain > controller no way :( I have a nt workstation and whenever I set domain instead > of workgroup I get that no domain servers vwere available - could you please > post your smb.conf or mail it to me directly? > > THX in advance! > > Bostjan > -------------- next part -------------- ; The global setting for a RedHat default install ; smbd re-reads this file regularly, but if in doubt stop and restart it: ; /etc/rc.d/init.d/smb stop ; /etc/rc.d/init.d/smb start ;======================= Global Settings ===================================== [global] workgroup = MYDOMAIN comment = Cortex RedHat Samba Server volume = RedHat4 load printers = no log file = /var/log/samba-log.%m max log size = 500 short preserve case = yes preserve case = yes lock directory = /var/lock/samba share modes = yes security = user domain logons = yes encrypt passwords = yes admin users = root domain admin users = root hosts allow = 192.168.1.0/255.255.255.0 interfaces = 192.168.1.1/24 bind interfaces only = yes read prediction = yes hide dot files = no socket address = 192.168.1.1 socket options = IPTOS_LOWDELAY TCP_NODELAY os level = 33 domain master = yes logon drive = z: logon path = \\%N\%U\ntprofile logon home = \\%N\%U\ntprofile logon script = STARTUP.CMD deadtime = 15 time server = yes ;============================ Share Declarations ============================== [homes] comment = Repertoires Personnels browseable = no read only = no preserve case = yes short preserve case = yes create mode = 0664 ; Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Samba Network Logon Service path = /home/netlogon ; Case sensitivity breaks logon script processing!!! case sensitive = no guest ok = no writeable = no [tmp] comment = Repertoire Temporaire path = /tmp writeable = yes public = yes printable = no browseable = yes [cdrom] comment = Lecteur de CDROM path = /mnt/cdrom read only = yes public = yes printable = no locking = no [usrlocal] comment = Logiciels Locaux path = /usr/local read only = yes public = yes printable = no locking = no [home] comment = Comptes Utilisateurs path = /home read only = yes public = yes printable = no locking = no [staro] comment = StarOffice path = /home/staroffice/Office51W read only = yes public = yes locking = no [java] comment = Outils Java path = /home/java read only = yes public = yes locking = no From pmal at space.gr Wed Apr 5 07:41:16 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:15 2003 Subject: "This request is not supported by the network" References: Message-ID: <001b01bf9ed2$5316ff00$0602000a@space.gr> When I try to login from my window 98 box I get through the authentication but I get (on windows) the message "This request is not supported by the network. The log file for the windows machine has as its only records "authorise_login: TODO. split function, it's 6 levels!" which I din't believe is an error message. Anyone has any ideas? From mam1281 at ritvax.isc.rit.edu Wed Apr 5 07:45:57 2000 From: mam1281 at ritvax.isc.rit.edu (Matthew Monacelli) Date: Tue Dec 2 02:29:15 2003 Subject: 4-4-00 tng release problem Message-ID: <001301bf9ed2$fb60a940$0200a8c0@home.net> I just finished compliling the new code from the cvs server and now i'm not able to log in to the domain. the password is authenticated but i get a dialog stating "This request is not supported by the server". I've never seen this one before. This may be related to the unicode_map error i've been getting (see previous post). I added the users with the rpcclient, but to change the passwords, i was unable to use the new smbpasswd, as in the past. i used the one lingering from the 2.0.6 binary rpm install of a while ago (renamed of course). Any suggestions? Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Helpdesk: 475-HELP(4357) ITS Technical Support Services Cell: (716)734-1379 Rochester Institute of Technology "...Linux is free only if your time has no value!" From tm at cx.north.ru Wed Apr 5 08:08:28 2000 From: tm at cx.north.ru (Maxim V. Tsyplakov) Date: Tue Dec 2 02:29:15 2003 Subject: BDC Message-ID: <38EAF47C.D120E82A@cx.north.ru> Hello all Samba as Backup Domain Controller, any solutions? Thx -- Max From johanh at fusion.kth.se Wed Apr 5 08:31:14 2000 From: johanh at fusion.kth.se (Johan Hedin) Date: Tue Dec 2 02:29:15 2003 Subject: Domain unavailable Message-ID: I get domain anavilable with TNG since the merge? File server works good though. Do I need to rejoin the NT Clients? I'm running with the --with-srvtab, which messes around a bit with the groups due to the internal structure of AFS. Could this be triggerig it? TIA Johan Hedin From geniusbhatti at hotmail.com Wed Apr 5 13:32:04 2000 From: geniusbhatti at hotmail.com (Naseer Bhatti) Date: Tue Dec 2 02:29:15 2003 Subject: SWAT Problem Message-ID: <20000405083204.90643.qmail@hotmail.com> Hello, I have recently download the lattest samba-tng but Unable to use SWAT. It asks for the user and passwd authentication but dos'nt verifies the root's passwd. Please assist me why it is not working properly. I am running Linux RedHat 6.0 ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From Skripi at hrzpub.tu-darmstadt.de Wed Apr 5 08:55:23 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:15 2003 Subject: "domain group map" and HEAD? In-Reply-To: <4724.954884625.90703.13807@>; from kasi.mir@melzone.snafu.de on Wed, Apr 05, 2000 at 08:14:02AM +1000 References: <4724.954884625.90703.13807@> Message-ID: <20000405105523.A1406@shadowland.sc> Karim 'Kasi Mir' Senoucci: > Hello everyone, > I was trying to implement some UNIX<->NT group mapping with a > compiled HEAD tree this morning, as it is written down in the > NT-Domain FAQ (and the "Samba in 24 hours" book by Sams I was > using as a reference), but to my surprise found out that the > parameter (in fact, any of these "map" parameters) wheren't > recognized by the server. > > Were they excluded/superseded/made obsolete by something I > couldn't find in FAQ or by browsing the NT-DOM archives? Or > am I in fact NOT using the correct cvs tree? > > I downloaded the source tree via CVS by issuing the following > command (after login): > > cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba -r HEAD samba cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba -r SAMBA_TNG samba have a look at the new FAQ: http://www.kneschke.de/projekte/samba_tng/index.php3 There you should find the newest anwsers. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Wed Apr 5 08:58:34 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:15 2003 Subject: BDC In-Reply-To: <38EAF47C.D120E82A@cx.north.ru>; from tm@cx.north.ru on Wed, Apr 05, 2000 at 06:08:19PM +1000 References: <38EAF47C.D120E82A@cx.north.ru> Message-ID: <20000405105834.B1406@shadowland.sc> Maxim V. Tsyplakov: > Hello all > Samba as Backup Domain Controller, any solutions? Could you please ask a more specific question: - are you interested in a specific Branch or generally ? - what kind of System have you got .... Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From paul.rogers at mis-cds.com Wed Apr 5 08:34:22 2000 From: paul.rogers at mis-cds.com (Paul Rogers) Date: Tue Dec 2 02:29:15 2003 Subject: Samba on Linux with no ACL's is making things tough Message-ID: > -----Original Message----- > From: Jeremy Allison [mailto:jeremy@valinux.com] > > A mapping *may* be done for one of > the experimental Linux ACL implementations (the one > at http://acl.bestbits.at/ is probably the one we'll > use) but this code is not currently in any stable or > developement kernel so it will definately be a configure > option on Linux. So, are you saying that with Linux, you might and might not implement ACLs for Linux? If you don't, I think there will be a number of people dropping Samba servers on Linux boxes in favour of NT - a great shame. I for one have been hoping this would be implemented for a long time. Paul Rogers, Development Analyst. MIS Corporate Defence Solutions Limited Tel: +44 (0)1622 723422 (Direct Line) +44 (0)1622 723400 (Switchboard) Fax: +44 (0)1622 728580 Website: http://www.mis-cds.com/ ********************************************************************** The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the addressee. If you are not the addressee any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited. The views expressed in this e-mail are those of the individual and not neccessarily of MIS Corporate Defence Solutions Ltd. Any prices quoted are only valid if followed up by a formal written quote. If you have received this transmission in error, please contact our Security Manager on 44 (0) 1622 723400. From pmal at space.gr Wed Apr 5 09:14:05 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:15 2003 Subject: Followup: "This request is not supported by the network" References: <001b01bf9ed2$5316ff00$0602000a@space.gr> Message-ID: <00b801bf9edf$4abd9fa0$0602000a@space.gr> Followup: After each attempt to logon to the domain, the log.netlogon adds the following entry: ERROR: setgroups call failed! TODO: verify that the rid exists ----- Original Message ----- From: Panagiotis Malakoudis To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 05, 2000 10:43 AM Subject: "This request is not supported by the network" > When I try to login from my window 98 box I get through the authentication > but I get (on windows) the message "This request is not supported by the > network. > The log file for the windows machine has as its only records > "authorise_login: TODO. split function, it's 6 levels!" which I din't > believe is an error message. > Anyone has any ideas? > > From hdkutz at media-support.de Wed Apr 5 09:33:26 2000 From: hdkutz at media-support.de (Hans-Dieter Kutz) Date: Tue Dec 2 02:29:15 2003 Subject: SWAT Problem References: <20000405083204.90643.qmail@hotmail.com> Message-ID: <38EB0866.D490D50A@media-support.de> Got the same problem on SunOS 5.7 Generic_106542-08 i86pc i386 i86pc. mfg. ku Naseer Bhatti wrote: > Hello, I have recently download the lattest samba-tng but Unable to use > SWAT. It asks for the user and passwd authentication but dos'nt verifies the > root's passwd. Please assist me why it is not working properly. I am running > Linux RedHat 6.0 > > ______________________________________________________ > Get Your Private, Free Email at http://www.hotmail.com -- \\\___/// \\ - - // ( @ @ ) +---------------oOOo-(_)-oOOo-------------+ Hiroshima 45, Tschjernobyl 86, Windows 95 hans-dieter kutz primus services group GmbH Bonner Strasse 172 - 176 D-50968 Koeln phone +49 221 3091-565 fax +49 221 3091-566 hdkutz@rzag.net Germany +------------------------Oooo-------------+ oooO ( ) ( ) ) / \ ( (_/ \_) From tm at cx.north.ru Wed Apr 5 10:21:57 2000 From: tm at cx.north.ru (Maxim V. Tsyplakov) Date: Tue Dec 2 02:29:15 2003 Subject: BDC References: <38EAF47C.D120E82A@cx.north.ru> <20000405105834.B1406@shadowland.sc> Message-ID: <38EB13C5.37599147@cx.north.ru> Jens Skripczynski wrote: > > Samba as Backup Domain Controller, any solutions? > Could you please ask a more specific question: > - are you interested in a specific Branch or generally ? Generally samba-2.0.6 > - what kind of System have you got .... OpenBSD 2.6 -- real programmers don't die, they just get out of beta From tom at ee.ucl.ac.uk Wed Apr 5 11:48:52 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:15 2003 Subject: samba-TNG Question Message-ID: <200004051148.MAA04488@picard.ee.ucl.ac.uk> Hello, Is a trust account for the domain controller required? For example I have a domain EE_TEST with a DC sonic. Does sonic need a machine account to enable things like domain password changing? Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From snail_talk at yahoo.com Wed Apr 5 13:19:02 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng 1.8 woes.. Message-ID: <000001bf9f01$8292ddb0$0200000a@workstation1> hi all, i've gotten samba tng 1.8 to compile and it runs fine. but i'm having problems with logging on to the domain. i'm new to samba-tng ...(upping from 2.0.6) after installing and running the daemons i (tried to) recreate the nt workstation machine account on the samba box. (samedit createuser machine$). it said that it failed because it was unable to connect to /tmp/.smb ...and that connection to 255.255.255.255 port 139 and 445 failed. :( i tried doing this both as root (with no admin privileges for samba ntdomain) and as a normal user with admin privileges for the samba ntdomain. well i went on anyway and i rejoined the domain wiht the ntworkstation and surprsingly i got a welcome message but after i went through the obligatory reboot and tried to logon it said that it was unable to log me on because the machine account passwd is incorrect... can someone guide me through (even the obvious points ;-) since i'm new) how to join the domain with an nt box? thanks. Geoff. From pmal at space.gr Wed Apr 5 13:36:44 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng 1.8 woes.. References: <000001bf9f01$8292ddb0$0200000a@workstation1> Message-ID: <05e101bf9f03$fb8244c0$0602000a@space.gr> Have you tried running the command as samedit -S . -U root Hope that helps... ----- Original Message ----- From: geoffrey lee To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 05, 2000 4:07 PM Subject: samba-tng 1.8 woes.. > hi all, > > i've gotten samba tng 1.8 to compile and it runs fine. > but i'm having problems with logging on to the domain. i'm new to samba-tng > ..(upping from 2.0.6) > > > after installing and running the daemons i (tried to) recreate the nt > workstation machine account on the samba box. (samedit createuser machine$). > it said that it failed because it was unable to connect to /tmp/.smb ...and > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried doing > this both as root (with no admin privileges for samba ntdomain) and as a > normal user with admin privileges for the samba ntdomain. > > well i went on anyway and i rejoined the domain wiht the ntworkstation and > surprsingly i got a welcome message but after i went through the obligatory > reboot and tried to logon it said that it was unable to log me on because > the machine account passwd is incorrect... > > can someone guide me through (even the obvious points ;-) since i'm new) how > to join the domain with an nt box? > > thanks. > > Geoff. From olegario at noc.rutgers.edu Wed Apr 5 14:04:16 2000 From: olegario at noc.rutgers.edu (Alan Olegario) Date: Tue Dec 2 02:29:15 2003 Subject: Default File Permissions Message-ID: <002201bf9f07$d4864520$1a37e6a5@rutgers.edu> Hello all- I'm kind of new to samba, so please bear with me. Whenever a user creates a new document, it's created with 664 permissions. Also, whenever a user creates a directory, it's created with 755 permissions. I want everything to be created with 775 permissions. Please find attached smb.conf and if anyone can help me out, I'd appreciate it. Thanks. [global] socket options = TCP_NODELAY case sensitive = no default case = lower mangle case = no preserve case = yes short preserve case = yes workgroup = RU2K dead time = 600 getwd cache = yes hide dot files = no debug level = 3 security = user server string = RUNET2K Samba Server wins proxy = yes wins server = duh.rutgers.edu encrypt passwords = Yes admin users = duh [td-runet2k] comment = NetApp Export browseable = yes writable = yes path = /td/runet2k create mode = 0775 ------------- Alan Olegario Rutgers University Computing Services Systems Administrator RUNet 2000 Project Office 63 Road 1 Piscataway, NJ 08854 Voice: 732-445-1470x606 Fax: 732-445-1481 Cell: 732-433-6840 Email: olegario@noc.rutgers.edu Pager: 732-954-9158 or olegario@pager.rutgers.edu -------------- next part -------------- A non-text attachment was scrubbed... Name: Alan Olegario.vcf Type: text/x-vcard Size: 544 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000405/94946635/AlanOlegario.vcf From pmal at space.gr Wed Apr 5 13:57:21 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:15 2003 Subject: Default File Permissions References: <002201bf9f07$d4864520$1a37e6a5@rutgers.edu> Message-ID: <05f901bf9f06$dd43ee20$0602000a@space.gr> Within each share you must use the force directive as follows: [td-runet2k] comment = NetApp Export browseable = yes writable = yes path = /td/runet2k force create mode = 0775 force directory mode = 0775 This works for me.. Panagiotis ----- Original Message ----- From: Alan Olegario To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 05, 2000 4:51 PM Subject: Default File Permissions > Hello all- > > I'm kind of new to samba, so please bear with me. Whenever a user > creates a new document, it's created with 664 permissions. Also, > whenever a user creates a directory, it's created with 755 > permissions. I want everything to be created with 775 permissions. > Please find attached smb.conf and if anyone can help me out, I'd > appreciate it. Thanks. > > [global] > socket options = TCP_NODELAY > case sensitive = no > default case = lower > mangle case = no > preserve case = yes > short preserve case = yes > workgroup = RU2K > dead time = 600 > getwd cache = yes > hide dot files = no > debug level = 3 > security = user > server string = RUNET2K Samba Server > wins proxy = yes > wins server = duh.rutgers.edu > encrypt passwords = Yes > admin users = duh > > [td-runet2k] > comment = NetApp Export > browseable = yes > writable = yes > path = /td/runet2k > create mode = 0775 > ------------- > Alan Olegario > Rutgers University Computing Services > Systems Administrator > RUNet 2000 Project Office > 63 Road 1 > Piscataway, NJ 08854 > Voice: 732-445-1470x606 > Fax: 732-445-1481 > Cell: 732-433-6840 > Email: olegario@noc.rutgers.edu > Pager: 732-954-9158 or olegario@pager.rutgers.edu > > From giulioo at pobox.com Wed Apr 5 14:00:35 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:15 2003 Subject: unicode_map In-Reply-To: <001101bf9eca$d5558fc0$0200a8c0@home.net> References: <001101bf9eca$d5558fc0$0200a8c0@home.net> Message-ID: <20000405140105.4E3EE2B0A6@i3.golden.dom> On Wed, 5 Apr 2000 16:47:19 +1000, hai scritto: >file unicode_map.437 (used to say 850, but i tried changing it to 437 in >smb.conf). The codepage.437 (and 850) are there, but i don't have this >unicode_map file (with the codepage extension). Please help! I use pre3 and I have $ ls /etc/samba/codepages/ codepage.1251 codepage.866 unicode_map.737 unicode_map.949 codepage.437 codepage.932 unicode_map.850 unicode_map.950 codepage.737 codepage.936 unicode_map.852 unicode_map.ISO8859-1 codepage.775 codepage.949 unicode_map.861 unicode_map.ISO8859-2 codepage.850 codepage.950 unicode_map.866 unicode_map.ISO8859-5 codepage.852 src unicode_map.932 unicode_map.ISO8859-7 codepage.861 unicode_map.437 unicode_map.936 unicode_map.KOI-R Did you execute the samba install scripts? Something similar to: for p in 437 737 775 850 852 861 866 932 936 949 950 1251 \ ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 CPKOI8-R do if [ -f $CP_SRC/codepage_def.$p ]; then /usr/bin/make_smbcodepage c $p $CP_SRC/codepage_def.$p $CP/codepage.$p fi if [ -f $CP_SRC/CP${p}.TXT ]; then /usr/bin/make_unicodemap $p $CP_SRC/CP${p}.TXT $CP/unicode_map.$p fi done -- giulioo@pobox.com From mam1281 at osfmail.isc.rit.edu Wed Apr 5 14:15:32 2000 From: mam1281 at osfmail.isc.rit.edu (Matt Monacelli) Date: Tue Dec 2 02:29:15 2003 Subject: unicode_map In-Reply-To: <000201bf9eff$07b00b10$0200000a@workstation1> Message-ID: Actually, I'm using the TNG branch. There's a make_smbcodepage binary, but non for the unicode_map file. On Wed, 5 Apr 2000, geoffrey lee wrote: >hi, > >you're using the 2.0.7pre aren't you? >there's a new binary, you need ot use make_unicodemap to make the unicode >map files. > > >Geoff,. > > >> -----Original Message----- >> From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of >> Matthew Monacelli >> Sent: Wednesday, April 05, 2000 2:47 PM >> To: Multiple recipients of list SAMBA-NTDOM >> Subject: unicode_map >> >> >> I am getting an error from load_unicode_map saying that it can't find the >> file unicode_map.437 (used to say 850, but i tried changing it to 437 in >> smb.conf). The codepage.437 (and 850) are there, but i don't have this >> unicode_map file (with the codepage extension). Please help! >> >> -- >> Matthew A. Monacelli >> mam1281@rit.edu >> Software Support Rep (Mac Team) Helpdesk: 475-HELP(4357) >> ITS Technical Support Services Cell: (716)734-1379 >> Rochester Institute of Technology >> "...Linux is free only if your time has no value!" >> >> >> >> > > -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Cell: (716)734-1379 ITS Technical Support Services Helpdesk: 475-HELP(4357) Rochester Institute of Technology "...Linux is free only if your time has no value!" From jeremy at axistangent.net Wed Apr 5 14:23:25 2000 From: jeremy at axistangent.net (Jeremy M. Dolan) Date: Tue Dec 2 02:29:15 2003 Subject: SWAT Problem References: <20000405083204.90643.qmail@hotmail.com> <38EB0866.D490D50A@media-support.de> Message-ID: <002f01bf9f0a$81891fc0$464de9d8@axistangent.net> > Got the same problem on SunOS 5.7 Generic_106542-08 i86pc i386 i86pc. Same problem, Slackware 7.0. I thought it was due to Slackware not using PAM for its MD5 shadowed passwords. -- Jeremy M. Dolan Systems Administrator AxisTangent & Technologies From Richard.X.Wertheim at kp.org Wed Apr 5 14:33:07 2000 From: Richard.X.Wertheim at kp.org (Wertheim,Richard X) Date: Tue Dec 2 02:29:15 2003 Subject: SMBClient, Using SMBD Message-ID: <1CFF5DB65591D311997400805FBEF45011C069@annd-exch-1.ca.kp.org> > I'm having some trouble running smbclient. I go to run it and it > says file not found. I type smbclient in the dir and it says file not > found. > > Do i need to type the server name along with smbclient? forexample > smbclient servername\\sharename > How do I run it? > > I also can't connect to the server I get access denied error 5 even after > I have changed the registry setting?? I am connecting from a WINNT 4 machine that is on the same network. Is there anything else I should look at? From mam1281 at osfmail.isc.rit.edu Wed Apr 5 14:47:01 2000 From: mam1281 at osfmail.isc.rit.edu (Matt Monacelli) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng 1.8 woes.. In-Reply-To: <000001bf9f01$8292ddb0$0200000a@workstation1> Message-ID: First, check the smbpasswd file to make sure the password is there (not the XXXNO PASSWORDXXX). If you're ok there, then you may need to user the domainuser.map and domaingroup.map (see the TNG FAQ at http://www.kneschke.de/projekte/samba_tng/faq/index.php3 Good luck! On Wed, 5 Apr 2000, geoffrey lee wrote: >hi all, > >i've gotten samba tng 1.8 to compile and it runs fine. >but i'm having problems with logging on to the domain. i'm new to samba-tng >..(upping from 2.0.6) > > >after installing and running the daemons i (tried to) recreate the nt >workstation machine account on the samba box. (samedit createuser machine$). >it said that it failed because it was unable to connect to /tmp/.smb ...and >that connection to 255.255.255.255 port 139 and 445 failed. :( i tried doing >this both as root (with no admin privileges for samba ntdomain) and as a >normal user with admin privileges for the samba ntdomain. > >well i went on anyway and i rejoined the domain wiht the ntworkstation and >surprsingly i got a welcome message but after i went through the obligatory >reboot and tried to logon it said that it was unable to log me on because >the machine account passwd is incorrect... > >can someone guide me through (even the obvious points ;-) since i'm new) how >to join the domain with an nt box? > >thanks. > >Geoff. > > -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Cell: (716)734-1379 ITS Technical Support Services Helpdesk: 475-HELP(4357) Rochester Institute of Technology "...Linux is free only if your time has no value!" From snail_talk at yahoo.com Wed Apr 5 15:12:25 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng 1.8 woes.. In-Reply-To: <05e101bf9f03$fb8244c0$0602000a@space.gr> Message-ID: <000101bf9f11$599c5020$0200000a@workstation1> hi, > > Have you tried running the command as samedit -S . -U root > Hope that helps... > erm ...actually i ran something like samedit -S machinename -U root do i have to use the . , or can i use my machine's name? (on myconfiguration root doesn't have nt domain admin privileges, does that matter?) i also tried running samedit -S machinename -U user where user is a user account with domain admin privileges, but that doesn't work. it gives the same error. can't connect to 255.255.255.255 port 139 and port 445 access denied. and that it wasn unable to connect to /tmp/.smb.xxx/agent. Geoff. > ----- Original Message ----- > From: geoffrey lee > To: Multiple recipients of list SAMBA-NTDOM > Sent: Wednesday, April 05, 2000 4:07 PM > Subject: samba-tng 1.8 woes.. > > > > hi all, > > > > i've gotten samba tng 1.8 to compile and it runs fine. > > but i'm having problems with logging on to the domain. i'm new to > samba-tng > > ..(upping from 2.0.6) > > > > > > after installing and running the daemons i (tried to) recreate the nt > > workstation machine account on the samba box. (samedit createuser > machine$). > > it said that it failed because it was unable to connect to /tmp/.smb > ..and > > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried > doing > > this both as root (with no admin privileges for samba ntdomain) and as a > > normal user with admin privileges for the samba ntdomain. > > > > well i went on anyway and i rejoined the domain wiht the > ntworkstation and > > surprsingly i got a welcome message but after i went through the > obligatory > > reboot and tried to logon it said that it was unable to log me > on because > > the machine account passwd is incorrect... > > > > can someone guide me through (even the obvious points ;-) since i'm new) > how > > to join the domain with an nt box? > > > > thanks. > > > > Geoff. > From tom at ee.ucl.ac.uk Wed Apr 5 15:57:08 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:15 2003 Subject: samba-TNG cvs udpate 100 BST 05/04/00 Message-ID: <200004051557.QAA16593@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 11:00 BST 05/04/00 Solaris 2.7 Sparc 64 gcc 2.8.1 Password changing still doesn't happen. >From NT4 SP4 I get Unable to change the password on this account (C00000BE). Please consult your system adminstrator. On Win2k I get: The system cannot change your password now because the domain EE_TEST is not available. In log.samr for the NT case there is the following: Skipping become_unix_sec_ctx - already user Doing \PIPE\samr api_rpc_command: api_samr_rpc op 0x26 - unknown api_pipe_fault_resp: make response 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 03 0003 flags : 23 0004 pack_type : 10 00 00 00 0008 frag_len : 0020 000a auth_len : 0000 000c call_id : 00000006 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000000 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 000000 smb_io_rpc_hdr_fault fault 0000 status : 1c010002 0004 reserved: 00000000 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type : 10 00 00 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000007 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type : 10 00 00 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000007 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type : 10 00 00 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000007 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 000000 vuid_io_key key Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From swaters at amicus.com Wed Apr 5 16:27:40 2000 From: swaters at amicus.com (Stephen Waters) Date: Tue Dec 2 02:29:15 2003 Subject: Samba on Linux with no ACL's is making things tough References: Message-ID: <38EB697C.95DA1844@amicus.com> Paul Rogers wrote: > > > -----Original Message----- > > From: Jeremy Allison [mailto:jeremy@valinux.com] > > > > A mapping *may* be done for one of > > the experimental Linux ACL implementations (the one > > at http://acl.bestbits.at/ is probably the one we'll > > use) but this code is not currently in any stable or > > developement kernel so it will definately be a configure > > option on Linux. > > So, are you saying that with Linux, you might and might not implement ACLs > for Linux? If you don't, I think there will be a number of people dropping > Samba servers on Linux boxes in favour of NT - a great shame. I for one have > been hoping this would be implemented for a long time. When ACLs are stable in the kernel and Linus is happy, then i expect you'll see full SAMBA support for them. Getting ACL support going in SAMBA on HPUX and Solaris is good test work for the issues that might come up in the Linux version... conceptually akin to making the kernel 64-bit clean for Alpha made it easier to code the other 64-bit ports. Just guessing, I suspect the Linux ACL guys will make an effort to get their code in 2.5. When that happens, you'll probably see ACL support in SAMBA on Linux come up to speed shortly thereafter. -s From jeremy at valinux.com Wed Apr 5 17:36:04 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:15 2003 Subject: Samba on Linux with no ACL's is making things tough References: Message-ID: <38EB7984.A1B491E8@valinux.com> Luke Kenneth Casson Leighton wrote: > > *laugh*. > > this is fantastic, and very funny. > > i should mention at this point that one of my sub-projects that i am > seriously considering is abstracting security in the linux kernel (i.e > doing a decent job) and then adding the VAX/VMS (i.e NT) security model as > an option. > > i wonder what linus and others would think? :-) Well my guess is it would become a separate patch, to be maintained by you outside the main kernel. There are several such patches, with various degrees of success and maintainability already for Linux. Maintaining a security subsystem is a tricky job though, not something to be taken lightly. Cheers, Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From Christian.Duclou at eeigm.inpl-nancy.fr Wed Apr 5 16:43:54 2000 From: Christian.Duclou at eeigm.inpl-nancy.fr (Christian Duclou) Date: Tue Dec 2 02:29:15 2003 Subject: Default File Permissions References: <002201bf9f07$d4864520$1a37e6a5@rutgers.edu> Message-ID: <38EB6D4A.6559F14C@eeigm.inpl-nancy.fr> Take a look on that http://www.oreilly.com/catalog/samba/index.html It seems to me that create mode = 0775 is automatic change to create mode = 0755 you can try force create mask = 0775 C.D. Alan Olegario wrote: > Hello all- > > I'm kind of new to samba, so please bear with me. Whenever a user > creates a new document, it's created with 664 permissions. Also, > whenever a user creates a directory, it's created with 755 > permissions. I want everything to be created with 775 permissions. > Please find attached smb.conf and if anyone can help me out, I'd > appreciate it. Thanks. > > [global] > socket options = TCP_NODELAY > case sensitive = no > default case = lower > mangle case = no > preserve case = yes > short preserve case = yes > workgroup = RU2K > dead time = 600 > getwd cache = yes > hide dot files = no > debug level = 3 > security = user > server string = RUNET2K Samba Server > wins proxy = yes > wins server = duh.rutgers.edu > encrypt passwords = Yes > admin users = duh > > [td-runet2k] > comment = NetApp Export > browseable = yes > writable = yes > path = /td/runet2k > create mode = 0775 > ------------- > Alan Olegario > Rutgers University Computing Services > Systems Administrator > RUNet 2000 Project Office > 63 Road 1 > Piscataway, NJ 08854 > Voice: 732-445-1470x606 > Fax: 732-445-1481 > Cell: 732-433-6840 > Email: olegario@noc.rutgers.edu > Pager: 732-954-9158 or olegario@pager.rutgers.edu > > ------------------------------------------------------------------------ > > Alan Olegario > Systems Administrator > Rutgers, The State University of New Jersey > Telecommunications Division > > Alan Olegario > Systems Administrator > Rutgers, The State University of New Jersey > Telecommunications Division > RUNet 2000 Project Office Work Voice: 732-445-1470x606 > 63 Road 1 Voice Pager: 732-433-6840 > Piscataway Work Fax: 732-445-1481 > New Jersey > 08854 > USA > Additional Information: > Version 2.1 > Last Name Olegario > First NameAlan > Label WorkRUNet 2000 Project Office 63 Road 1 Piscataway, New Jersey 088540D USA > Revision 20000405T140416Z -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE - 54010 NANCY - CEDEX - France Phone: (33) 383.36.83.27 - Fax: (33) 383.36.83.36 _______________ http://eeigm.inpl-nancy.fr _____________ From lharold at mrc.uidaho.edu Wed Apr 5 17:17:33 2000 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:29:15 2003 Subject: HP-UX compile problem Message-ID: <200004051717.KAA17051@hydra.mrc.uidaho.edu> Guys, I've been getting this error compiling since tng-alpha.0.15 and it still exists in tng-alpha.1.8. I'm guess that it is a simple library problem but I'm no programer. Linking bin/smbd libtool: link: warning: this platform does not like uninstalled shared libraries libtool: link: `bin/smbd' will be relinked during installation collect2: ld returned 1 exit status /usr/bin/ld: Unsatisfied symbols: dlclose (code) /usr/bin/ld: Invalid loader fixup for symbol "global_myworkgroup". *** Error exit code 1 Len Harold From simar at gmx.net Wed Apr 5 18:47:12 2000 From: simar at gmx.net (Omar Siam) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng 1.8 woes.. References: <000001bf9f01$8292ddb0$0200000a@workstation1> Message-ID: <003e01bf9f2f$5abb0af0$0200a8c0@simarnet.dhs.org> Samba-tng does some wired things. One is that all the programs try to connect to port 445 which is normally not in use. Another thing is that you can't say rpcclient -S. as non-root for security-reasons use rpcclient -S YourServersName instead as non-root. An don't be bothered to much about those warnings. If you can change/display things it works. And the last thing: You neither can delete accounts using rpcclient/samedit nor do they recognize that an account already exists. They simply fail to (re)create it. Thats why you couldn't add the machines account but you could join. ----- Original Message ----- From: "geoffrey lee" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Wednesday, April 05, 2000 3:08 PM Subject: samba-tng 1.8 woes.. > hi all, > > i've gotten samba tng 1.8 to compile and it runs fine. > but i'm having problems with logging on to the domain. i'm new to samba-tng > ..(upping from 2.0.6) > > > after installing and running the daemons i (tried to) recreate the nt > workstation machine account on the samba box. (samedit createuser machine$). > it said that it failed because it was unable to connect to /tmp/.smb ...and > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried doing > this both as root (with no admin privileges for samba ntdomain) and as a > normal user with admin privileges for the samba ntdomain. > > well i went on anyway and i rejoined the domain wiht the ntworkstation and > surprsingly i got a welcome message but after i went through the obligatory > reboot and tried to logon it said that it was unable to log me on because > the machine account passwd is incorrect... > > can someone guide me through (even the obvious points ;-) since i'm new) how > to join the domain with an nt box? > > thanks. > > Geoff. > From hulet at ittc.ukans.edu Wed Apr 5 19:12:43 2000 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:29:15 2003 Subject: samba-tng-alpha-1.8.tar.gz In-Reply-To: Message-ID: I was busy for a week and Samba went from alpha-1.3 to 1.8 (amazing!). I have some interesting observations playing with samba-tng-alpha-1.8. I'm using a Digital Unix 4.0E machine and a Redhat 6.0 machine for testing samba. 1. As far as Administrative priviledges, if you are in several groups and the first group is not the "Domain Admins" mapped group, you lose administrative priviledges. For examples: group1:hulet,root group2:test,hulet,root If group1="Domain Admins" (in domaingroup.map) hulet and root are administrators If group2="Domain Admins" (in domaingroup.map) test is the only administrator Put group2 first in the group file test,hulet, and root are administrators 2. The group requirement is still there. If I clean out my group file everything works. I haven't found the offending lines yet but some of them match user names (root -> root, adm -> adm). My working group file also has some group names that match user names (adm -> adm) but adm is not part of the nt domain (smbpasswd). The working group file only has 20 lines, the broken group file has 111 lines. 3. I have a Digital Unix 4.0E server for samba and a Redhat 6.0 server for samba. Profiles on the Redhat box are updated a lot faster on logout 30 seconds versus Digital Unix 2 minutes 30 seconds. There is a lot of activity on the profile share although not much is changed. 4. If you make any changes to /etc/group, /etc/password, or try and delete log files while samba is running, samba gets very angry. I have to stop samba before deleting the logs (it doesn't like cat /dev/null > logs either) or updating my /etc/group file. 5. samba-tng-alpha-1.8 compiled right out of the box for Redhat 6.0 (gcc version egcs-2.91.66) and Digital Unix 4.0E (gcc version 2.8.1) 6. Still had to do a chmod 755 on install-sh for Digital Unix 4.0E however. Please tell me if you prefer more formal reports. This way was the fastest way for me to report my observations. The administrator priviledge thing was interesting so I wanted to send a quick note. Sorry I can only send observations and not solutions. Michael Hulet Network System Administrator ITTC, University of Kansas From jsembera at atlas.cz Wed Apr 5 19:14:01 2000 From: jsembera at atlas.cz (Jan Sembera) Date: Tue Dec 2 02:29:15 2003 Subject: Samba, domain logons & individual access control Message-ID: <000001bf9f33$bc99ae80$0aafa8c4@antigo.cz> Hi, (first, pardon my English) Here is our situation.We have ethernet network with about 50 stations (Win 95/98, 3.11 and DOS) and one server, now on Netware 4.12. We'll be connected to the inet with leased line in few months, so I want to install Linux instead of Netware, and of course, to use Samba. We want to emulate NT Domain server (provide some storage space on server, provide some applications on server to be run on clients - for example some windows apps instalations etc.). But we've some questions about it: 1) I'll want to make individual access control in windows loading userlist from samba server. How to do this? I found config lines like domain groups, domain admin group, domain guest group etc., but man pages says that it is experimental, but nothing more. 2) Same question, but for global policies for windows. I guess it will have same solution like the first question, but microsoft products are unpredictable. 3) Which security level should I use? 4) Which client for DOS should be used to logon onto samba domain? Thanx, Jan Sembera From lists at baerecke.de Wed Apr 5 22:01:28 2000 From: lists at baerecke.de (Rene Baerecke) Date: Tue Dec 2 02:29:15 2003 Subject: Samba SSL Problems Message-ID: <00040600084100.01845@harry.bos-systemhaus.de> Hi, I have a problem when I connect from NT to a ssl-samba server. With smbclient I have no problems, but when I use NT with sslproxy, I can't use the share like any other share. I can see the directory, but when I select another directory from that share the connection hangs for a long time (or until I restart sslproxy). Then I can see the next dir, perhaps another one, then same game again.... Has anyone had the problem and knows how to solve it? I tried NT in vmware and real NT, cert auth and user auth both work, but then it hangs. Again, when I use smbclient w/ssl everything seems OK. René From mendes at mgconecta.com.br Wed Apr 5 18:38:50 2000 From: mendes at mgconecta.com.br (mendes) Date: Tue Dec 2 02:29:15 2003 Subject: Newbie: samba tng?? What is it? Message-ID: <00040515401101.00866@armagedon> Hello I have been using samba-2.0.5 for quite a while. I didn't know that there is samba tng. What is it? Samba for NT? Where to get? Many thanks Eduardo From gadavis at cs.ucsb.edu Wed Apr 5 22:30:54 2000 From: gadavis at cs.ucsb.edu (Geoff Davis) Date: Tue Dec 2 02:29:15 2003 Subject: Problem with compilation of SAMBA_TNG Message-ID: <38EBBE9E.DAE95022@cs.ucsb.edu> Thanks to all that responded to my previous question about gcc eating it while compiling HEAD from CVS. I was able to compile the CVS version of TNG a week ago, and everything ran all right, but when I switch to the .tar.gz releases, I am no longer able to compile at all. ./configure fails saying that I have no locking available, but this is a Mandrake 7.0 system with glibc 2.1. Doesn't that have the fnctl locking that configure is looking for? Also, after doing a CVS update of TNG and a make distclean, ./configure fails there too. Where is it checking for locking, and how do I con it into actually doing the compile? Thanks again, Geoff Davis From anders at aae.wisc.edu Wed Apr 5 22:56:21 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:15 2003 Subject: Trust Relationships In-Reply-To: <008501bf9e12$f1c54320$0602000a@space.gr> from Panagiotis Malakoudis at "Apr 4, 2000 06:53:30 pm" Message-ID: <200004052256.RAA21722@pug.aae.wisc.edu> You should go for the latest ver. of 2.0.x 2.0.6 is the latest, but 2.0.7 is shipping soon.. Right Jeremy..? --Anders From gadavis at cs.ucsb.edu Wed Apr 5 23:00:19 2000 From: gadavis at cs.ucsb.edu (Geoff Davis) Date: Tue Dec 2 02:29:15 2003 Subject: More diddling with ./configure Message-ID: <38EBC583.9C3AE6AF@cs.ucsb.edu> Well, I did some poking around in ./configure to see what was happening. According to confdefs.h at the point of checking for fcntl (mispelled in my last email), #define HAVE_SYS_FCNTL_H 1 #define HAVE_FCNTL_H 1 The program that it runs to check compiles, but exits with a 1 status. According to config.log, configure:9780: checking for fcntl locking configure:9793: gcc -o conftest -O conftest.c -ldl -lcrypt 1>&5 configure: failed program was: #line 9789 "configure" #include "confdefs.h" #include "./tests/fcntl_lock.c" Uhh, why did this work last week but not this week? Once again, this is a Mandrake 7.0 system, AMD K6-2. Also fails at home on my Intel Celerey 400 system. /geoff From gadavis at cs.ucsb.edu Thu Apr 6 01:19:02 2000 From: gadavis at cs.ucsb.edu (Geoff Davis) Date: Tue Dec 2 02:29:16 2003 Subject: Fixed compile problems. Message-ID: <38EBE606.587DD7E1@cs.ucsb.edu> Ok, the problem was that I was compiling this stuff in my home direcotry via nfs, and I didn't have nfslock running. /me goes duh. note to future compiling peoples... if you are compliling stuff on an nfs mounted volume, make sure that rpc.nfslockd is running, or else the configure scripts will do bad things. /geoff From dbarba at yahoo-inc.com Thu Apr 6 03:53:57 2000 From: dbarba at yahoo-inc.com (Deborah Barba) Date: Tue Dec 2 02:29:16 2003 Subject: Please inform samba@samba.org Serge Gavrilov Ed Schernau Jeremy Allison Cristian POP Ed Schernau John Evans David Bullock Gunnar Lindholm Junaid Iqbal Dennis Gray Carsten =?iso-8859-1?Q?Nordstr=F8m?= Jensen Mike Brodbelt Dennis Gray c.m.e.reniers@philips.com Edward Schernau Giulio Orsero Sebastien Boving Masopust Christian Eric Dahnke Noyer Gilles "Harondel J. Sibble" Serge Gavrilov "David Dyer-Bennet" of your address change Message-ID: <20000406035357.AAA22747@promenade.geocities.com> samba@samba.org Serge Gavrilov Ed Schernau Jeremy Allison Cristian POP Ed Schernau John Evans David Bullock Gunnar Lindholm Junaid Iqbal Dennis Gray Carsten =?iso-8859-1?Q?Nordstr=F8m?= Jensen Mike Brodbelt Dennis Gray c.m.e.reniers@philips.com Edward Schernau Giulio Orsero Sebastien Boving Masopust Christian Eric Dahnke Noyer Gilles "Harondel J. Sibble" Serge Gavrilov "David Dyer-Bennet" sent you the email "Subject: SAMBA digest 2478 Subject: Samba + Win98: please help Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Authentication failure Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Domain Authorization Subject: Samba Wins server gives wrong address Subject: strange problem Subject: getting GROUPS under Samba Subject: smbsh questions Subject: Re: network connection crashes Subject: Re: Domain Authorization Subject: Problems with compiling 2.0.6 on Linux Subject: problem with excel and samba Subject: ACL on Linux 2.2 HOWTO? Subject: Re: smbsh questions Subject: pwload / reversed pwget Subject: Compiling samba-2.0.6 with the sfio-library under Solaris 2.6 Subject: logon script works only on some machines Subject: How customize samba for large directory Subject: Problems with Intel Netport Printserver and Samba Subject: File corruption Subject: Re: strange problem" and used your old email address (To: Multiple recipients of list SAMBA To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org). Please notify them of your new address as appropriate. Your email address To: Multiple recipients of list SAMBA To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org will be discontinued June 1, 2000. From Richard.X.Wertheim at kp.org Thu Apr 6 04:13:28 2000 From: Richard.X.Wertheim at kp.org (Wertheim,Richard X) Date: Tue Dec 2 02:29:16 2003 Subject: SMBClient, Using SMBD Message-ID: <1CFF5DB65591D311997400805FBEF45011C06C@annd-exch-1.ca.kp.org> Little help? > I'm having some trouble running smbclient. I go to run it > and it says file not found. I type smbclient in the dir and it says file > not found. > > Do i need to type the server name along with smbclient? > forexample smbclient servername\\sharename > How do I run it? > > I also can't connect to the server I get access denied error 5 even > after I have changed the registry setting?? > I am connecting from a WINNT 4 machine that is on the same network. > Is there anything else I should look at? > > > From Hans-Peter.Raschke at gmx.de Wed Apr 5 19:15:22 2000 From: Hans-Peter.Raschke at gmx.de (Hans-Peter Raschke) Date: Tue Dec 2 02:29:16 2003 Subject: samba-tng-alpha-1.8.tar.gz References: <20000405083204.90643.qmail@hotmail.com> Message-ID: <00040512454301.03935@qmpc2> > with this version and with 1.7 I got the following error messages while > joining the domain as a BDC > > root@qmpc2:/usr/local/samba/var > rpcclient -S PDC_DS -U root%entire -W DS > ... > [DS\root@PDC_DS]$ createuser QMPC2$ -s -j DS > createuser QMPC2$ -s -j D> S > > SAM Create Domain User > Domain: DS Name: qmpc2$ ACB: [S ] > failed tcon_X > cli_net_use_add: connection failed > ncacn_np_use_add: connection failed > Connection to \\QMPC2 FAILED > (Do a "use \\\\QMPC2 -U localadmin") > Create Domain User: FAILED My mistake. I didn't realize the change in the path of the demons (from bin to sbin). HP ----------------------------------------------------------- Hans-Peter Raschke E-Mail: Hans-Peter.Raschke@gmx.de Wintermann DatenService Tel.: ++49 441 9304064 Langenweg 16 Fax: ++49 441 9304069 D-26125 Oldenburg From snail_talk at yahoo.com Thu Apr 6 04:40:17 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:16 2003 Subject: samba-tng 1.8 woes..(add IPC service fail) References: <000001bf9f01$8292ddb0$0200000a@workstation1> <003e01bf9f2f$5abb0af0$0200a8c0@simarnet.dhs.org> Message-ID: <38EC1531.EF912144@yahoo.com> Omar Siam wrote: > > Samba-tng does some wired things. One is that all the programs try to > connect to port 445 which is normally not in use. Another thing is that you > can't say rpcclient -S. as non-root for security-reasons use rpcclient -S > YourServersName instead as non-root. An don't be bothered to much about > those warnings. If you can change/display things it works. And the last > thing: You neither can delete accounts using rpcclient/samedit nor do they > recognize that an account already exists. They simply fail to (re)create it. > Thats why you couldn't add the machines account but you could join. ok thanks, samedit now works :-) , but i'm still unable to fire up the samba DC because lsarpcd, samrd and netlogond all fail. they seem to start up OK but it quietly exits. i set the debug level up to 10 and it said that when it's adding the IPC service the it fails. i've attached 3 log files, one for lsarpcd, one for netlogond and one for samrd. i'm updating from CVS right now, i'll see if that fixes the problem. > ----- Original Message ----- > From: "geoffrey lee" > To: "Multiple recipients of list SAMBA-NTDOM" > Sent: Wednesday, April 05, 2000 3:08 PM > Subject: samba-tng 1.8 woes.. > > > hi all, > > > > i've gotten samba tng 1.8 to compile and it runs fine. > > but i'm having problems with logging on to the domain. i'm new to > samba-tng > > ..(upping from 2.0.6) > > > > > > after installing and running the daemons i (tried to) recreate the nt > > workstation machine account on the samba box. (samedit createuser > machine$). > > it said that it failed because it was unable to connect to /tmp/.smb > ...and > > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried > doing > > this both as root (with no admin privileges for samba ntdomain) and as a > > normal user with admin privileges for the samba ntdomain. > > > > well i went on anyway and i rejoined the domain wiht the ntworkstation and > > surprsingly i got a welcome message but after i went through the > obligatory > > reboot and tried to logon it said that it was unable to log me on because > > the machine account passwd is incorrect... > > > > can someone guide me through (even the obvious points ;-) since i'm new) > how > > to join the domain with an nt box? > > > > thanks. > > > > Geoff. > > -- #!/bin/sh shutdown -k now && echo Hahahahaha... || echo You arent root? scheesh ... cat << EOF > /dev/stdout regards, geoff. EOF -------------- next part -------------- [2000/04/06 02:38:46, 1] msrpc/msrpcd.c:main(457) samrd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 [2000/04/06 02:38:46, 2] msrpc/msrpcd.c:main(461) uid=0 gid=0 euid=0 egid=0 [2000/04/06 02:38:46, 3] param/loadparm.c:init_globals(986) Initialising global parameters [2000/04/06 02:38:46, 3] param/params.c:pm_process(552) params.c:pm_process() - Processing configuration file "/etc/smb.conf" [2000/04/06 02:38:46, 3] param/loadparm.c:do_section(2658) Processing section "[global]" doing parameter workgroup = STARWARS doing parameter server string = Samba Server doing parameter hosts allow = 10.0.0. 127. doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter security = user doing parameter encrypt passwords = yes doing parameter smb passwd file = /etc/smbpasswd doing parameter socket options = TCP_NODELAY doing parameter interfaces = 10.0.0.1/255.0.0.0 127.0.0.1/24 doing parameter bind interfaces only = true doing parameter local master = yes doing parameter os level = 66 doing parameter domain master = yes doing parameter preferred master = yes doing parameter domain logons = yes doing parameter domain group map = /etc/domaingroup.map doing parameter local group map = /etc/localgroup.map doing parameter dns proxy = no [2000/04/06 02:38:46, 2] param/loadparm.c:do_section(2675) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browseable = no doing parameter writable = yes [2000/04/06 02:38:46, 2] param/loadparm.c:do_section(2675) Processing section "[netlogon]" doing parameter comment = Network Logon Service doing parameter path = /home/netlogon doing parameter guest ok = yes doing parameter writable = no doing parameter share modes = no [2000/04/06 02:38:46, 2] param/loadparm.c:do_section(2675) Processing section "[tmp]" doing parameter comment = Temporary file space doing parameter path = /tmp doing parameter read only = no doing parameter public = yes [2000/04/06 02:38:46, 2] param/loadparm.c:do_section(2675) Processing section "[public]" doing parameter comment = Public Stuff doing parameter path = /home/samba doing parameter public = yes doing parameter writable = yes doing parameter printable = no [2000/04/06 02:38:46, 3] param/loadparm.c:lp_load(3041) pm_process() returned Yes [2000/04/06 02:38:46, 3] param/loadparm.c:lp_add_ipc(1768) adding IPC service -------------- next part -------------- [2000/04/06 02:12:12, 1] msrpc/msrpcd.c:main(457) lsarpcd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 [2000/04/06 02:12:12, 2] msrpc/msrpcd.c:main(461) uid=0 gid=0 euid=0 egid=0 [2000/04/06 02:12:12, 3] param/loadparm.c:init_globals(986) Initialising global parameters [2000/04/06 02:12:12, 3] param/params.c:pm_process(552) params.c:pm_process() - Processing configuration file "/etc/smb.conf" [2000/04/06 02:12:12, 3] param/loadparm.c:do_section(2658) Processing section "[global]" doing parameter workgroup = MYGROUP doing parameter server string = Samba Server doing parameter printcap name = /etc/printcap doing parameter load printers = yes doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter security = user doing parameter socket options = TCP_NODELAY doing parameter dns proxy = no [2000/04/06 02:12:12, 2] param/loadparm.c:do_section(2675) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browseable = no doing parameter writable = yes [2000/04/06 02:12:12, 2] param/loadparm.c:do_section(2675) Processing section "[printers]" doing parameter comment = All Printers doing parameter path = /var/spool/samba doing parameter browseable = no doing parameter guest ok = no doing parameter writable = no doing parameter printable = yes [2000/04/06 02:12:12, 3] param/loadparm.c:lp_load(3041) pm_process() returned Yes [2000/04/06 02:12:12, 3] param/loadparm.c:lp_add_ipc(1768) adding IPC service [2000/04/06 02:12:53, 1] msrpc/msrpcd.c:main(457) lsarpcd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 [2000/04/06 02:12:53, 2] msrpc/msrpcd.c:main(461) uid=0 gid=0 euid=0 egid=0 [2000/04/06 02:12:53, 3] param/loadparm.c:init_globals(986) Initialising global parameters [2000/04/06 02:12:53, 3] param/params.c:pm_process(552) params.c:pm_process() - Processing configuration file "/etc/smb.conf" [2000/04/06 02:12:53, 3] param/loadparm.c:do_section(2658) Processing section "[global]" doing parameter workgroup = MYGROUP doing parameter server string = Samba Server doing parameter printcap name = /etc/printcap doing parameter load printers = yes doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter security = user doing parameter socket options = TCP_NODELAY doing parameter dns proxy = no [2000/04/06 02:12:53, 2] param/loadparm.c:do_section(2675) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browseable = no doing parameter writable = yes [2000/04/06 02:12:53, 2] param/loadparm.c:do_section(2675) Processing section "[printers]" doing parameter comment = All Printers doing parameter path = /var/spool/samba doing parameter browseable = no doing parameter guest ok = no doing parameter writable = no doing parameter printable = yes [2000/04/06 02:12:53, 3] param/loadparm.c:lp_load(3041) pm_process() returned Yes [2000/04/06 02:12:53, 3] param/loadparm.c:lp_add_ipc(1768) adding IPC service -------------- next part -------------- [2000/04/06 12:19:43, 1] msrpc/msrpcd.c:main(457) netlogond version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 [2000/04/06 12:19:43, 2] msrpc/msrpcd.c:main(461) uid=0 gid=0 euid=0 egid=0 [2000/04/06 12:19:43, 3] param/loadparm.c:init_globals(986) Initialising global parameters [2000/04/06 12:19:43, 3] param/params.c:pm_process(552) params.c:pm_process() - Processing configuration file "/etc/smb.conf" [2000/04/06 12:19:43, 3] param/loadparm.c:do_section(2658) Processing section "[global]" doing parameter workgroup = STARWARS doing parameter server string = Samba Server doing parameter hosts allow = 10.0.0. 127. doing parameter load printers = no doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter security = user doing parameter encrypt passwords = yes doing parameter smb passwd file = /etc/smbpasswd doing parameter socket options = TCP_NODELAY doing parameter interfaces = 10.0.0.1/255.0.0.0 127.0.0.1/24 doing parameter bind interfaces only = true doing parameter local master = yes doing parameter os level = 66 doing parameter domain master = yes doing parameter preferred master = yes doing parameter domain logons = yes doing parameter domain admin group = @glee [2000/04/06 12:19:43, 0] param/loadparm.c:map_parameter(1855) Unknown parameter encountered: "domain admin group" [2000/04/06 12:19:43, 0] param/loadparm.c:lp_do_parameter(2422) Ignoring unknown parameter "domain admin group" doing parameter wins support = no doing parameter wins proxy = no doing parameter dns proxy = no [2000/04/06 12:19:43, 2] param/loadparm.c:do_section(2675) Processing section "[homes]" doing parameter comment = Home Directories doing parameter browseable = no doing parameter writable = yes [2000/04/06 12:19:43, 2] param/loadparm.c:do_section(2675) Processing section "[netlogon]" doing parameter comment = Network Logon Service doing parameter path = /home/netlogon doing parameter guest ok = yes doing parameter writable = no doing parameter share modes = no [2000/04/06 12:19:43, 3] param/loadparm.c:lp_load(3041) pm_process() returned Yes [2000/04/06 12:19:43, 3] param/loadparm.c:lp_add_ipc(1768) adding IPC service [2000/04/06 12:19:43, 3] param/loadparm.c:lp_load(3050) From lkcl at samba.org Thu Apr 6 06:08:19 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:16 2003 Subject: samba-tng-alpha-1.8.tar.gz In-Reply-To: Message-ID: On Wed, 5 Apr 2000, Michael S. Hulet wrote: > I was busy for a week and Samba went from alpha-1.3 to 1.8 (amazing!). I :) > 3. I have a Digital Unix 4.0E server for samba and a Redhat 6.0 server > for samba. Profiles on the Redhat box are updated a lot faster on logout > 30 seconds versus Digital Unix 2 minutes 30 seconds. There is a lot of > activity on the profile share although not much is changed. yes, i think NT clients check the time/date stamp on individual profile components, and don't write them in if the file hasn't changed. now that smbd is from cvs main, jeremy should probably assess this one. i take it that's taking a really, really long time on DG/UX.... > 6. Still had to do a chmod 755 on install-sh for Digital Unix 4.0E > however. elrond? > Please tell me if you prefer more formal reports. This way was the > fastest way for me to report my observations. The administrator > priviledge thing was interesting so I wanted to send a quick note. Sorry > I can only send observations and not solutions. > these are fine, michael, and much appreciated. we're working on the group/alias/user - related thing, all i can say is, it's horrendously tricky, and it's got to be right. still thinking about it (two years and counting!) From pmal at space.gr Thu Apr 6 07:48:45 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:16 2003 Subject: "This request is not supported by the network" References: <001b01bf9ed2$5316ff00$0602000a@space.gr> <00b801bf9edf$4abd9fa0$0602000a@space.gr> Message-ID: <076501bf9f9c$89cb9b80$0602000a@space.gr> Unfortunatelly I had to downgrade tp version 1.0 (I choose that one by chance) Now it don't get this error message anymore. ----- Original Message ----- From: Panagiotis Malakoudis To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 05, 2000 12:16 PM Subject: Followup: "This request is not supported by the network" > Followup: > > After each attempt to logon to the domain, the log.netlogon adds the > following entry: > > ERROR: setgroups call failed! > TODO: verify that the rid exists > > ----- Original Message ----- > From: Panagiotis Malakoudis > To: Multiple recipients of list SAMBA-NTDOM > Sent: Wednesday, April 05, 2000 10:43 AM > Subject: "This request is not supported by the network" > > > > When I try to login from my window 98 box I get through the authentication > > but I get (on windows) the message "This request is not supported by the > > network. > > The log file for the windows machine has as its only records > > "authorise_login: TODO. split function, it's 6 levels!" which I din't > > believe is an error message. > > Anyone has any ideas? > > > > From giulioo at pobox.com Thu Apr 6 07:53:24 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:16 2003 Subject: Samba, domain logons & individual access control In-Reply-To: <000001bf9f33$bc99ae80$0aafa8c4@antigo.cz> References: <000001bf9f33$bc99ae80$0aafa8c4@antigo.cz> Message-ID: <20000406075404.2EE1A2AE84@i3.golden.dom> On Thu, 6 Apr 2000 12:59:26 +1000, hai scritto: >1) I'll want to make individual access control in windows loading userlist >from samba server. How to do this? I found config lines like domain groups, Win9x cannot load userlists from samba-2.0.x. You have to use win9x in share level security. You can try TNG branch if this is important to you. Or see a manual workaround: http://bstc.net/~brian/docs/ >2) Same question, but for global policies for windows. I guess it will have >same solution like the first question, but microsoft products are >unpredictable. You can use policies made with poledit. However I don't know if you can apply them to groups. >3) Which security level should I use? In samba security = user In win9x share level, unless TNG or workaround. >4) Which client for DOS should be used to logon onto samba domain? http://huizen.dds.nl/~jacco2/samba/dos.html -- giulioo@pobox.com From fd at bop4.biologie.uni-freiburg.de Thu Apr 6 08:08:35 2000 From: fd at bop4.biologie.uni-freiburg.de (Friedel Drepper) Date: Tue Dec 2 02:29:16 2003 Subject: subscribe Message-ID: Friedel Drepper University of Freiburg e-mail: drepper@uni-freiburg.de From mg at plum.de Fri Apr 7 08:59:12 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:16 2003 Subject: "This request is not supported by the network" References: <001b01bf9ed2$5316ff00$0602000a@space.gr> <00b801bf9edf$4abd9fa0$0602000a@space.gr> <076501bf9f9c$89cb9b80$0602000a@space.gr> Message-ID: <38EDA360.A249705A@plum.de> Panagiotis Malakoudis wrote: > > Unfortunatelly I had to downgrade tp version 1.0 (I choose that one by > chance) > Now it don't get this error message anymore. > > > authentication > > > but I get (on windows) the message "This request is not supported by the > > > network. > > > The log file for the windows machine has as its only records > > > "authorise_login: TODO. split function, it's 6 levels!" which I din't > > > believe is an error message. > > > Anyone has any ideas? I can reproduce the message here. The strange thing is, that it seems, that autorisattion seems to work, i.e. if I enter a wrong password, it tells me so ;) regards, Michael From Meerwaldt at t-online.de Thu Apr 6 09:21:41 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:16 2003 Subject: Problem with validating users In-Reply-To: Message-ID: Hi all, I wanted to set up a FreeBSD-Samba computer, that it has a share, on which only 1 user has access to. The problem is: The password of this user must be verified through the NT-PDC. What I did is: I read the NT-Dom FAQ, I created an computer account for the Samba-Computer on my NT4-PDC, I configured my Samba computer, I did a smbpasswd -j NTDOMAIN (which seems to be OK (Successfully joined Domain NTDOMAIN)). Now I created a user called domaintest on my PDC. Then I created a entry in the /etc/passwd file (with vipw), which looks like: domaintest:*:1100:1001::0:0:Domain Test Account:/dev/null:/nonexistent Then I have added a new section to my smb.conf: [test] revalidate = yes only user = yes valid users = domaintest comment = Only for domaintest account write list = domaintest writable = yes path = /temp user = domaintest Other lines in my smb.conf (which I think are important to list here) are: workgroup = NTDOMAIN security = domain password server = PROBE username map = /usr/local/etc/user.map (I've only mapped domaintest to domaintest here) That's it. If I logon from a Windows 95 Box to the Domain (with the domaintest account) (which works), and I connect to \\sambasrv\test then it asks for a password. If I enter domaintest (which I have defined as the password (umane domaintest, passwd domaintest)), it tells me: "Password incorrect, please try again". But only this user is allowed to connect to this share. Tell my if I have to supply more information. PLEASE HELP!!! Thanks in advance! -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ From dbarba at yahoo-inc.com Thu Apr 6 10:05:31 2000 From: dbarba at yahoo-inc.com (Deborah Barba) Date: Tue Dec 2 02:29:16 2003 Subject: Please inform samba@samba.org David Barroso Jeremy Allison "Tulipant Gergely" Edwards Philip M Contr AFRL/SNRR Drenning Bruce Glenn Valenta "Grosen, Mark" "Deborah Barba" Wade Burgett Carsten =3D?iso-8859-1?Q?Nordstr=3DF8m?=3D Jensen Heiko Nardmann "JEFFERY, Stuart" Message-ID: <20000406100531.AAA29382@promenade.geocities.com> Steve Frampton [mailto:frampton@j-com.co.jp] of your address change Content-Length: 7142 samba@samba.org David Barroso Jeremy Allison "Tulipant Gergely" Edwards Philip M Contr AFRL/SNRR Drenning Bruce Glenn Valenta "Grosen, Mark" "Deborah Barba" Wade Burgett Carsten =3D?iso-8859-1?Q?Nordstr=3DF8m?=3D Jensen Heiko Nardmann "JEFFERY, Stuart" Steve Frampton [mailto:frampton@j-com.co.jp] sent you the email "Subject: SAMBA digest 2479 Subject: How to assignate a password to a share ? Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Re: problem with excel and samba Subject: weep, wail -- Unix client, NT server Subject: 2.06 server showing as released in WINS Subject: Re: network connection crashes Subject: smbmount problem with GNU make on RedHat Linux Subject: Please inform samba@samba.org Subject: Samba + Win98: please help Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Authentication failure Subject: Re: Samba on Linux with no ACL's is making things tough Subject: Domain Authorization Subject: Samba Wins server gives wrong address Subject: strange problem Subject: getting GROUPS under Samba Subject: smbsh questions Subject: Re: network connection crashes Subject: Re: Domain Authorization Subject: Problems with compiling 2.0.6 on Linux Subject: problem with excel and samba Subject: ACL on Linux 2.2 HOWTO? Subject: Re: smbsh questions Subject: pwload / reversed pwget Subject: Compiling samba-2.0.6 with the sfio-library under Solaris 2.6 Subject: logon script works only on some machines Subject: How customize samba for large directory Subject: Problems with Intel Netport Printserver and Samba Subject: File corruption Subject: Re: strange problem" and used your old email address (To: Multip= Subject: smbclient -L Subject: Re: network connection crashes Subject: Re: SAMBA digest 2477 Subject: Congratulations from hotrate.com Subject: printcap printer names Subject: RE: PC Virus scanning on *nix side? Subject: PC Virus scanning on *nix side?" and used your old email address (To: Multiple recipients of list SAMBA To: samba@samba.org To: Paul Rogers , samba@samba.org, To: samba@samba.org To: samba@samba.org To: "'samba@samba.org'" To: north@get2net.dk To: "'samba@samba.org'" To: "'samba@samba.org'", "samba@samba.org", Allison, Ed, Jeremy, List= To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org). To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org will be discontinued June 1, 2000. To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@anu.edu.au" To: Samba To: Samba Mailing List To: Multiple recipients of list SAMBA). Please notify them of your new address as appropriate. Your email address To: Multiple recipients of list SAMBA To: samba@samba.org To: Paul Rogers , samba@samba.org, To: samba@samba.org To: samba@samba.org To: "'samba@samba.org'" To: north@get2net.dk To: "'samba@samba.org'" To: "'samba@samba.org'", "samba@samba.org", Allison, Ed, Jeremy, List= To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org). To: samba@samba.org To: jeremy@valinux.com, samba@samba.org, samba-ntdom@samba.org To: Ed Schernau To: Samba List To: Jeremy Allison To: Samba List To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@samba.org" To: samba@kilnar.com To: samba@samba.org To: To: samba@samba.org To: Multiple recipients of list SAMBA To: samba@samba.org To: "'samba@samba.org'" To: Multiple recipients of list SAMBA To: "'samba@samba.org'" To: samba@samba.org To: samba@samba.org To: samba@samba.org will be discontinued June 1, 2000. To: samba@samba.org To: samba@samba.org To: samba@samba.org To: "samba@anu.edu.au" To: Samba To: Samba Mailing List To: Multiple recipients of list SAMBA will be discontinued June 1, 2000. From olivier.wegria at novactiongroup.com Thu Apr 6 10:45:23 2000 From: olivier.wegria at novactiongroup.com (Olivier Wegria) Date: Tue Dec 2 02:29:16 2003 Subject: printing from win98, win95 and winnt4 to samba on redhat6.1 Message-ID: <500C66C7BF87D311A7F400A0C907E8D83CD3D6@NSA4> Hi, I am using samba 2.06 for a few month now to share files because I want to replace all nt4 servers with linux rh6.1 + samba servers. I would like now to replace our nt print server with a samba print server on the same linux rh6.1. I can share a spool directory via samba and share the printer driver but the lpd use isn't running. I read some how-to and a few mails but there are still a coupple of question unclear to me. 1. Where can I find indepth information on how to setup lpd with samba? 2. Is it possible to manage the samba printer queues from NT,95 & 98 (suspend, resume) 3. can we manage documents in the queues from NT,95,98 (suspend, resume, cancel) Thank you for your answers Olivier From Meerwaldt at t-online.de Thu Apr 6 10:42:33 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:16 2003 Subject: Problem with validating users In-Reply-To: Message-ID: Hi all, now I answer my question myself. IT WORKS *happy*.... I had to set encrypted passwords to yes. So. EOT -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ On Thu, 6 Apr 2000, Frederik Meerwaldt wrote: > Hi all, > > I wanted to set up a FreeBSD-Samba computer, that it has a share, on which > only 1 user has access to. The problem is: The password of this user must > be verified through the NT-PDC. What I did is: I read the NT-Dom FAQ, I > created an computer account for the Samba-Computer on my NT4-PDC, I > configured my Samba computer, I did a smbpasswd -j NTDOMAIN (which seems > to be OK (Successfully joined Domain NTDOMAIN)). Now I created a user > called domaintest on my PDC. Then I created a entry in the /etc/passwd > file (with vipw), which looks like: > > domaintest:*:1100:1001::0:0:Domain Test Account:/dev/null:/nonexistent > > Then I have added a new section to my smb.conf: > > [test] > revalidate = yes > only user = yes > valid users = domaintest > comment = Only for domaintest account > write list = domaintest > writable = yes > path = /temp > user = domaintest > > Other lines in my smb.conf (which I think are important to list here) are: > > workgroup = NTDOMAIN > security = domain > password server = PROBE > username map = /usr/local/etc/user.map > (I've only mapped domaintest to domaintest here) > > That's it. If I logon from a Windows 95 Box to the Domain (with the > domaintest account) (which works), and I connect to \\sambasrv\test then > it asks for a password. If I enter domaintest (which I have defined as the > password (umane domaintest, passwd domaintest)), it tells me: "Password > incorrect, please try again". But only this user is allowed to connect to > this share. > > Tell my if I have to supply more information. PLEASE HELP!!! > > Thanks in advance! > -- > > Best regards, > Freddy > > Homepage: fmeerwaldt.homepage.com > Last update: 11.03.2000 > Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a > little bit about me. > ------------------------------------------------------------------------ > NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. > ------------------------------------------------------------------------ > > > > From snail_talk at yahoo.com Thu Apr 6 11:06:48 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:16 2003 Subject: samba-tng 1.8 woes.. In-Reply-To: Message-ID: <000001bf9fb8$340b5520$0200000a@workstation1> hi, ok thanks, i've got the computer to join the domain ..but, i can't get it an account to be the admin. all the dameons started fine when i delted the *.SID files in /etc and redid everything. i would like to up to tng as soon as possible to save me futuer NT PDC trouble when upgrading to the next major samba release. i'm using domain group map = /etc/domaingroup.map and local group map = /etc/localgroup.map in smb.conf, and in domain gruop map i have group="Domain Admins" and in local group map i have group=BUILTIN\Administrators user=Administrator can someone help me out here? oh btw, i'm upping from my 2.0.6 box, and profiles are stored on /home/user/profile. i can't get the old profiles to load ..i've not set any specific profile settingsin smb.conf, (i.e. no [profiles] share, etc.) it's all the default settings. Geoff. > -----Original Message----- > From: Shahar.Shaynis@ecitele.com [mailto:Shahar.Shaynis@ecitele.com] > Sent: Wednesday, April 05, 2000 11:35 PM > To: snail_talk@yahoo.com > Subject: Re: samba-tng 1.8 woes.. > > > > Hey! > > Firrst you have to create a "trust" account on your UNiX passwd : > ntmachine$:*:Trust Account:/dev/null:/dev/null > then you have to use samedit with createuser NTMACHINE$ > > > This should do. > > > Shahar. > > > > > "geoffrey > > lee" To: Multiple > recipients of list SAMBA-NTDOM > > yahoo.com> Subject: samba-tng > 1.8 woes.. > Sent by: > > samba-ntdom@ > > samba.org > > > > > > 05/04/2000 > > 15:07 > > Please > > respond to > > snail_talk > > > > > > > > > > hi all, > > i've gotten samba tng 1.8 to compile and it runs fine. > but i'm having problems with logging on to the domain. i'm new to > samba-tng > ..(upping from 2.0.6) > > > after installing and running the daemons i (tried to) recreate the nt > workstation machine account on the samba box. (samedit createuser machine > $). > it said that it failed because it was unable to connect to > /tmp/.smb ...and > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried > doing > this both as root (with no admin privileges for samba ntdomain) and as a > normal user with admin privileges for the samba ntdomain. > > well i went on anyway and i rejoined the domain wiht the ntworkstation and > surprsingly i got a welcome message but after i went through the > obligatory > reboot and tried to logon it said that it was unable to log me on because > the machine account passwd is incorrect... > > can someone guide me through (even the obvious points ;-) since i'm new) > how > to join the domain with an nt box? > > thanks. > > Geoff. > > > > From tom at ee.ucl.ac.uk Thu Apr 6 11:25:38 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:16 2003 Subject: Problems with oplocks on samba-TNG cvs update 11:00BST 05/04/00 Message-ID: <200004061125.MAA23658@picard.ee.ucl.ac.uk> Hello, I am having trouble with smbds going away without clearing oplocks. This is breaking login scripts and makes loging in a very slow process. Q1. Is there any way to manually clear the lock? Q2. What is the long term fix for this? request_oplock_break: no response received to oplock break request to pid 14157 on port 36555 for dev = 800005, inode = 681 for dev = 800005, inode = 681, tv_sec = 38eb6592, tv_usec = 9594 request_oplock_break: no response received to oplock break request to pid 14157 on port 36555 for dev = 800005, inode = 681 for dev = 800005, inode = 681, tv_sec = 38eb6592, tv_usec = 9594 request_oplock_break: no response received to oplock break request to pid 14157 on port 36555 for dev = 800005, inode = 681 for dev = 800005, inode = 681, tv_sec = 38eb6592, tv_usec = 9594 request_oplock_break: no response received to oplock break request to pid 14157 on port 36555 for dev = 800005, inode = 681 for dev = 800005, inode = 681, tv_sec = 38eb6592, tv_usec = 9594 Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From mbreuer at siac.com Thu Apr 6 13:37:05 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:16 2003 Subject: TNG 1.8 compile problem... Message-ID: <38EC9300.20226E6B@siac.com> smbwrapper/smbw.c & smbwrapper/smbw_dir.c both contain calls to string_sub() with two few parameters (the length is missing). (Luke, I'm sending you a patch). From John at katy.com Thu Apr 6 15:05:34 2000 From: John at katy.com (John Schmerold) Date: Tue Dec 2 02:29:16 2003 Subject: Samba & Windows 2000 Message-ID: <200004061005.AA2251620968@katy.com> Will Samba work with Windows 2000? Can someone please point me to a good resource for issues associated with Windows 2000 & Samba PDC issues in general? TIA From giulioo at pobox.com Thu Apr 6 15:07:51 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:16 2003 Subject: printing from win98, win95 and winnt4 to samba on redhat6.1 In-Reply-To: <500C66C7BF87D311A7F400A0C907E8D83CD3D6@NSA4> References: <500C66C7BF87D311A7F400A0C907E8D83CD3D6@NSA4> Message-ID: <20000406150829.2DE4D2AE84@i3.golden.dom> On Thu, 6 Apr 2000 20:45:34 +1000, hai scritto: >I can share a spool directory via samba and share the printer driver but the >lpd use isn't running. Have you set printing = ? Have you used an 1777 dir as spool dir? -- giulioo@pobox.com From tom at ee.ucl.ac.uk Thu Apr 6 18:04:32 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:16 2003 Subject: Patches for building unicode maps in TNG Message-ID: <200004061804.TAA08981@picard.ee.ucl.ac.uk> Hello, Please find attached patches to build the unicode maps in TNG. I guess someone in the know should check them... installcp.sh: 25a26,27 > echo Creating unicode codepage file $CODEPAGEDIR/unicode_map.$p > $BINDIR/make_unicodemap $p ${srcdir}/codepages/CP$p.TXT $CODEPAGEDIR/unicode_map.$p Makefile.in: 116c116 < PROGS2 = bin/rpcclient bin/smbpasswd bin/make_smbcodepage bin/debug2html --- > PROGS2 = bin/rpcclient bin/smbpasswd bin/make_smbcodepage bin/make_unicodemap bin/debug2html 468a469,470 > MAKE_UNICODEMAP_OBJ = utils/make_unicodemap.o > 1031a1034,1037 > bin/make_unicodemap: $(SAMBALIB) $(MAKE_UNICODEMAP_OBJ) bin/.dummy > @echo Linking $@ > @$(LINK) -o $@ $(MAKE_UNICODEMAP_OBJ) $(SAMBALIB) $(LIBS) > Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9307 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From Skripi at hrzpub.tu-darmstadt.de Thu Apr 6 19:58:57 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:16 2003 Subject: samba-TNG 1.8-make_unicodemap.c In-Reply-To: <200004061917.PAA28748@elektra.warbeast.com>; from kill-9@elektra.warbeast.com on Fri, Apr 07, 2000 at 05:19:25AM +1000 References: <200004061917.PAA28748@elektra.warbeast.com> Message-ID: <20000406215857.A19298@shadowland.sc> kill -9: > Where and when is this file supposed to get compiled? > make_unicodemap.c ? > I do not have this binary by default, and trying to compile > it alone is next to impossible. How can I get this binary compiled > correctly? Is there an option to the configuration or original > make? Could you please also supply your OS and your Compiler ? Further you might want to look at http://www.kneschke.de/projekte/samba_tng/index.php3 for a detailed describtion on how to supply bug reports. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From jeremy at axistangent.net Thu Apr 6 20:40:47 2000 From: jeremy at axistangent.net (Jeremy M. Dolan) Date: Tue Dec 2 02:29:17 2003 Subject: tng 1.8 profile not found Message-ID: <002f01bfa008$63cb17a0$464de9d8@axistangent.net> I'm trying to set up TNG 1.8 as a PDC for three NT workstations and do auth for one 98 box. I created a new NT domain name, seperate from the workgroup name they were using before, and started all the services. Theres a ton of those suckers now, so I made a little script to save time between restarts, it's up at http://turbogeek.org/samba/sambactl if your sick of starting them manually. If theres a better order to start/stop them in, tip me off. I had quite a bit of problems with rpcclient, trying to add users and such. I ended up with a log file with this, repeated over and over. added interface ip=216.233.77.65 bcast=216.233.77.255 nmask=255.255.255.0 socket connect to /tmp/.smb.0/agent failed: Connection refused error connecting to 255.255.255.255:445 (Network is unreachable) error connecting to 255.255.255.255:139 (Network is unreachable) cli_establish_connection: failed to connect to ORION<00> (255.255.255.255) cli_net_use_add: connection failed I don't know if its supposted to be trying to connect to ORION as 255.255.255.255, but both nslookup and nmblookup show its correct address. I ended up giving up trying to add workstation accounts through rpcclient, as the FAQ describes, and tryed from a NT workstation. This worked fine using the user root. After reboot, when I try to log in as a user form the workstation, I get two dialogs, the first saying roaming profile could not be found and a local profile will try to load, the second saying a local profile could not be loaded, at which point I'm kicked back out to the login prompt. This happens regardless of if there is a profile share in smb.conf. I simply need Samba to do authentication for a few NT machines. At this point, at least for now, I don't really care one way or the other about roaming profiles, BDCs, and being able to set permissions via the workstations. I've heard varying reports on what Samba 2.0 is capable of... can this be done in 2.0.x? Thanks. -- Jeremy M. Dolan Systems Administrator AxisTangent & Technologies From verzachris at hotmail.com Thu Apr 6 21:33:20 2000 From: verzachris at hotmail.com (verdelli christian) Date: Tue Dec 2 02:29:17 2003 Subject: Ldap problem Message-ID: <20000406213320.12659.qmail@hotmail.com> I have SAMBA_TNG with compiled with LDAP , and it works fine; I Can add user with smbpasswd ecc. For testing purpose at the beginning I only add the user root to Ldap and I can connect with smbclient. Then adding all the users with smbpasswd it gives all them the same rid , so when I try to connect with some user , it use the filter base="ou=sambaUser,ou=mydomain.it" scope=1 filter="(&(rid=3e8)(objectclass=sambaAccount))". The result is that it always gives me back the same user , nothing mather what is the -U option to smbclient ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From rvargo at enterprise.iserv.net Thu Apr 6 21:34:42 2000 From: rvargo at enterprise.iserv.net (Rick Vargo) Date: Tue Dec 2 02:29:17 2003 Subject: Windows 2000 and Samba PDC Message-ID: <4.1.20000406172459.00a1ac18@mail.vargo.org> I am using Windows 2000 Professional trying to get it to join my samba domain. Anybody able to get this to work? I was unable to find any information on this, but I assume that since it will connect to a NT 4.0 domain via netbios, that you can get Win 2K to join a samba domain. I am using pre-3.0 with the latest (of 4/6) patches. I have followed all the directions from the samba web help, and my regular windows clients connect fine, but I don't have an NT 4.0 box to check against this because it was reformatted and installed with Win 2K. I have set logging high and they appear to communicate, but the result always comes out that "The specified domain does not exist or cannot be contacted." The samba machine is the master browser and is setup to do authentication, the SID file exists, password encryption is active, a machine account was added in the password and smbpassword files, etc to no evail. Any help would be greatly appreciated! Rick From mhw at wittsend.com Fri Apr 7 00:02:49 2000 From: mhw at wittsend.com (Michael H. Warfield) Date: Tue Dec 2 02:29:17 2003 Subject: samba-TNG 1.8-make_unicodemap.c In-Reply-To: <20000406215857.A19298@shadowland.sc>; from Skripi@hrzpub.tu-darmstadt.de on Fri, Apr 07, 2000 at 05:52:13AM +1000 References: <200004061917.PAA28748@elektra.warbeast.com> <20000406215857.A19298@shadowland.sc> Message-ID: <20000406200249.C22069@alcove.wittsend.com> On Fri, Apr 07, 2000 at 05:52:13AM +1000, Jens Skripczynski wrote: > kill -9: > > Where and when is this file supposed to get compiled? > > make_unicodemap.c ? > > I do not have this binary by default, and trying to compile > > it alone is next to impossible. How can I get this binary compiled > > correctly? Is there an option to the configuration or original > > make? > Could you please also supply your OS and your Compiler ? I can confirm his observation with mine. I've been in private discussion with Luke about it. Samba-tng-alpha.1.8 RedHat 6.1 gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) No reference to make_unicodemap appears in the source/Makefile after configure. No make_unicodemap gets built and no unicode_map files appear in the codepage directory after installation. No unicode_map appears in any of the configure files or autoconf files. I'm about to confirm it from CVS shortly. > Further you might want to look at > http://www.kneschke.de/projekte/samba_tng/index.php3 > for a detailed describtion on how to supply bug reports. > Ciao > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > Computers are like airconditioners: They stop working > properly if you open windows. Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From snail_talk at yahoo.com Fri Apr 7 03:21:43 2000 From: snail_talk at yahoo.com (geoffrey lee) Date: Tue Dec 2 02:29:17 2003 Subject: samba-tng 1.8 woes.. In-Reply-To: Message-ID: <000301bfa040$65cfede0$0200000a@workstation1> hi, well basically i'm having trouble with becoming the domain administrator on samba tng, and profiles. after it's done, i'll definitely make the switch. right now, when i logon, i only get guest access from the windows nt diagnostics. i want domain admin access. i understand that this has changed from the 2.0.x branch to tng, from domain admin user/group to domain group map = file and local group map = file in smb.conf i have in domaingroup.map : user="Domain Admins" and in localgroup.map : group="BUILTIN\Administrators" user=Administrator and i hve specifieed hem accordingly in smb.conf, and tried to restart the deaemons and logout and log back in. result is i still don't hae domain admin access.. :-( does the user need to be root to have domain admin access, or can i designate any account to be a domain admin? also profiles are not working for me .. :-( i'm updating from 2.0.6 and my prfiles are stored in teh defualt place i.e. /home/user/profile but afterr upgrading to tng the profile doesn't load ... :-( :-( :-( gEoff. > -----Original Message----- > From: Shahar.Shaynis@ecitele.com [mailto:Shahar.Shaynis@ecitele.com] > Sent: Thursday, April 06, 2000 7:01 PM > To: snail_talk@yahoo.com > Subject: RE: samba-tng 1.8 woes.. > > > > Hey! > > What are you reffering to when you say "want it to be teh admin" > ? the user > or the mchine? > > > Shahar. > > > > > "geoffrey > > lee" To: Multiple > recipients of list SAMBA-NTDOM > > yahoo.com> Subject: RE: > samba-tng 1.8 woes.. > Sent by: > > samba-ntdom@ > > samba.org > > > > > > 06/04/2000 > > 12:54 > > Please > > respond to > > snail_talk > > > > > > > > > > hi, > > ok thanks, i've got the computer to join the domain ..but, i can't get it > an > account to be the admin. all the dameons started fine when i delted the > *.SID files in /etc and redid everything. i would like to up to > tng as soon > as possible to save me futuer NT PDC trouble when upgrading to the next > major samba release. > > i'm using domain group map = /etc/domaingroup.map and local group map = > /etc/localgroup.map in smb.conf, and > > in domain gruop map i have > > group="Domain Admins" > > and in local group map i have > > group=BUILTIN\Administrators > user=Administrator > can someone help me out here? oh btw, i'm upping from my 2.0.6 box, and > profiles are stored on /home/user/profile. i can't get the old profiles to > load ..i've not set any specific profile settingsin smb.conf, (i.e. no > [profiles] share, etc.) it's all the default settings. > > Geoff. > > > > -----Original Message----- > > From: Shahar.Shaynis@ecitele.com [mailto:Shahar.Shaynis@ecitele.com] > > Sent: Wednesday, April 05, 2000 11:35 PM > > To: snail_talk@yahoo.com > > Subject: Re: samba-tng 1.8 woes.. > > > > > > > > Hey! > > > > Firrst you have to create a "trust" account on your UNiX passwd : > > ntmachine$:*:Trust Account:/dev/null:/dev/null > > then you have to use samedit with createuser NTMACHINE$ > > > > > > This should do. > > > > > > Shahar. > > > > > > > > > > "geoffrey > > > > lee" To: Multiple > > recipients of list SAMBA-NTDOM > > > > > yahoo.com> Subject: samba-tng > > 1.8 woes.. > > Sent by: > > > > samba-ntdom@ > > > > samba.org > > > > > > > > > > > > 05/04/2000 > > > > 15:07 > > > > Please > > > > respond to > > > > snail_talk > > > > > > > > > > > > > > > > > > > > hi all, > > > > i've gotten samba tng 1.8 to compile and it runs fine. > > but i'm having problems with logging on to the domain. i'm new to > > samba-tng > > ..(upping from 2.0.6) > > > > > > after installing and running the daemons i (tried to) recreate the nt > > workstation machine account on the samba box. (samedit > createuser machine > > $). > > it said that it failed because it was unable to connect to > > /tmp/.smb ...and > > that connection to 255.255.255.255 port 139 and 445 failed. :( i tried > > doing > > this both as root (with no admin privileges for samba ntdomain) and as a > > normal user with admin privileges for the samba ntdomain. > > > > well i went on anyway and i rejoined the domain wiht the ntworkstation > and > > surprsingly i got a welcome message but after i went through the > > obligatory > > reboot and tried to logon it said that it was unable to log me > on because > > the machine account passwd is incorrect... > > > > can someone guide me through (even the obvious points ;-) since i'm new) > > how > > to join the domain with an nt box? > > > > thanks. > > > > Geoff. > > > > > > > > > > > > From rasmus at diku.dk Fri Apr 7 07:22:09 2000 From: rasmus at diku.dk (Rasmus Andersen) Date: Tue Dec 2 02:29:17 2003 Subject: A clue to FAQ *2.4( Message-ID: <200004070722.JAA22347@ask.diku.dk> Hi. I just used samba to move a cluster of NT workstations from one domain to another, the former being controlled by a NT PDC and the new being controlled by Samba (CVS chechout 30/3). During that process I ran into the problem described in the NT Domains Sambaq FAQ Q. 2.4 for some of the machines. After fiddling around a while I realized that the problem occurred for the machines with the longest identification strings. After I changed them to something shorter (and did the papershuffling at the Samba server) it worked without a hitch. Examples: at-marie-louise (didnt work) -> at-mla (worked) at-mfrederiksen (didnt work) -> at-mfred (worked) Names like at-randersen did work, so I guess the magic number is around 12-15 characters. Please note that the old NT 4.0 PDC handled these named fine. Otherwise thanks for a great product. Rasmus(rasmus@diku.dk) With Microsoft products, failure is not an option - it's a standard component. -- Anonymous Rasmus(rasmus@diku.dk) Writing a new OS only for the 386 in 1991 gets you your second F for this term. -- Prof. Andrew S. Tanenbaum, author of Minix, in a newsgroup posting to Linus Torvalds From lkcl at samba.org Fri Apr 7 07:29:40 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:17 2003 Subject: A clue to FAQ *2.4( In-Reply-To: <200004070722.JAA22347@ask.diku.dk> Message-ID: sounds like netbios name resolution limit (15 chars max). On Fri, 7 Apr 2000, Rasmus Andersen wrote: > Hi. > > I just used samba to move a cluster of NT workstations from one domain to > another, the former being controlled by a NT PDC and the new being controlled > by Samba (CVS chechout 30/3). During that process I ran into the problem > described in the NT Domains Sambaq FAQ Q. 2.4 for some of the machines. > > After fiddling around a while I realized that the problem occurred for the > machines with the longest identification strings. After I changed them to > something shorter (and did the papershuffling at the Samba server) it worked > without a hitch. > > Examples: at-marie-louise (didnt work) -> at-mla (worked) > at-mfrederiksen (didnt work) -> at-mfred (worked) > > Names like at-randersen did work, so I guess the magic number is around 12-15 > characters. Please note that the old NT 4.0 PDC handled these named fine. > > Otherwise thanks for a great product. > > Rasmus(rasmus@diku.dk) > > With Microsoft products, failure is not an option - it's a standard component. > -- Anonymous > > > > Rasmus(rasmus@diku.dk) > > Writing a new OS only for the 386 in 1991 gets you your second F for this term. > -- Prof. Andrew S. Tanenbaum, author of Minix, in a newsgroup > posting to Linus Torvalds > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From dsantos at ipg.net Fri Apr 7 07:21:57 2000 From: dsantos at ipg.net (Dioni Santos) Date: Tue Dec 2 02:29:17 2003 Subject: subscibe Message-ID: <000001bfa061$f64bd520$d70aa8c0@nb3> subscribe From lkcl at samba.org Fri Apr 7 08:20:42 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:17 2003 Subject: samba-tng 1.8 woes... Message-ID: hi, if you put (as you have) the same unix name (from passwd or group) in two map files, in your case user = in one map and user = in another, this will fail. change this and it will work. more details in archives, old posts. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 7 08:23:52 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:17 2003 Subject: samba-tng 1.8 woes... In-Reply-To: Message-ID: oh, and you've _also_ been bitten by TNG renaming MACHINE.SID to SAMDBNAME.SID, and 2.0.x then finding that MACHINE.SID doesn't exist, and recreating it, thereby making all your user profiles invalid (until you rename SAMDBNAME.SID to MACHINE.SID) and _also_ stopping TNG from running because it checks for the broken case where MACHINE.SID _and_ SAMDBNAME.SID exist, and terminates. p.s subst SAMDBNAME for YOURSAMDATABASENAME, not SAMDBNAME, in above. p.p.s this is _also_ described in the archives, old posts. On Fri, 7 Apr 2000, Luke Kenneth Casson Leighton wrote: > hi, if you put (as you have) the same unix name (from passwd or group) in > two map files, in your case user = in one map and user = in another, this > will fail. > > change this and it will work. more details in archives, old posts. > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Meerwaldt at t-online.de Fri Apr 7 08:37:38 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:17 2003 Subject: Joining a Domain on a multiple-domain Server Message-ID: Hi all, I want to replace a NT 4 Server with a FreeBSD Server running Samba. Now we have in our company a Domain, which supplies multiple domains. In NT4 I enter in the Join a domain field a domain (Let's say alldomains) and when I log on, I see 3 domains (which this domain supplies). Do you know what I mean? But I can't logon to alldomains directly. I have to log on to DOMAIN1 (this domain is supplied by the main-domain alldomains). Now I want to join the Domain DOMAIN1, but I want to share folders with users of other domains (which supplies the main-domain alldomains, too), too. For example: I tell Windows NT 4 to join a domain. Domain Name: alldomains. Username to Join is: DOMAIN1\frederik and my normal password. Then it tells me, that I have successfully joined the domain alldomains. At the Login Screen I see the domains DOMAIN1, 2 and 3. But I log on to DOMAIN1. My Questions: - How can I log on to DOMAIN1 over the main-domain alldomains - When I share a directory, I have to create a local user, and then I share the directory and the username will be verificated with the PDC of the Domain I am logged on to. But now, I am logged on to Domain1 and want to let a user, which is on Domain2, access the share. How do I have to do this? Hope I have explained my question clearly. If there are any further questions, ask. THANKS IN ADVANCE -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ From jens.skripczynski at igd.fhg.de Fri Apr 7 09:02:59 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:17 2003 Subject: subscibe In-Reply-To: <000001bfa061$f64bd520$d70aa8c0@nb3>; from dsantos@ipg.net on Fri, Apr 07, 2000 at 05:37:59PM +1000 References: <000001bfa061$f64bd520$d70aa8c0@nb3> Message-ID: <20000407110259.A19489@pclinux.igd.fhg.de> Dioni Santos: > subscribe see http://lists.samba.org/cgi-bin/weblist Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. From dqpr10 at canal-plus.fr Fri Apr 7 09:33:22 2000 From: dqpr10 at canal-plus.fr (dqpr10@canal-plus.fr) Date: Tue Dec 2 02:29:17 2003 Subject: Joining a Domain on a multiple-domain Server References: Message-ID: <38EDAB62.6C4F73EE@canal-plus.fr> This is not a samba question, this is a NT domain management question. MASTERDOMAIN | +-----------------+----------------+ | | | DOMAIN1 DOMAIN2 DOMAIN3 MASTERDOMAIN: authentification domain DOMAIN1/2/3: "data" domains, they have to approve MASTERDOMAIN You should have your accounts base into MASTERDOMAIN PDC and DOMAIN1/2/3 approving the MASTERDOMAIN. This will ensure accounts connected into the MASTERDOMAIN domain to view ressources holded by DOMAIN1/2/3. The next step is to define Global Groups in the MASTERDOMAIN domain to pass the trust relationship. IE: Let's say DOMAIN1 is for sales, you have a share on the DOMAIN1 PDC's for salers: \\DOMAIN1_PDC\sales Ensure DOMAIN1\Administrators have the following members: DOMAIN1\Domain Administrators MASTERDOMAIN\Domain Administrators You can create a LOCAL group in DOMAIN1 called L_SALES, then create a GLOBAL group in MASTERDOMAIN called G_SALES. Set share security for \\DOMAIN1_PDC\sales to: DOMAIN1_PDC\Administrators Full Control DOMAIN1_PDC\L_SALES Modify Add NTFS security if you really want a secured share. Add MASTERDOMAIN\G_SALES as member of DOMAIN1\L_SALES. Add users in MASTERDOMAIN\G_SALES, they'll have access to \\DOMAIN1_PDC\sales. The workaround is the same for DOMAIN2 & DOMAIN3. Use MASTERDOMAIN as the LOGON domain and DOMAIN1/2/3 as private domains. If you wish to use DOMAIN1/2/3 as logon domain for certain users, they won't be able to access other domains' ressources if they don't have an account on them too. If you wish to add a private user to more than one sub-domain (ie: DOMAIN1 & DOMAIN2), ensure they have the same name & passowrd (as Windows clients tests against matching username/password first). Note that if you have a real file server (that is not a DC), that'll obviously works the same. I suggest learning NT before trying Samba. Meerwaldt@t-online.de a ?crit : > > Hi all, > > I want to replace a NT 4 Server with a FreeBSD Server running Samba. Now > we have in our company a Domain, which supplies multiple domains. In NT4 I > enter in the Join a domain field a domain (Let's say alldomains) and when > I log on, I see 3 domains (which this domain supplies). Do you know what I > mean? But I can't logon to alldomains directly. I have to log on to > DOMAIN1 (this domain is supplied by the main-domain alldomains). Now I > want to join the Domain DOMAIN1, but I want to share folders with users of > other domains (which supplies the main-domain alldomains, too), too. For > example: I tell Windows NT 4 to join a domain. Domain > Name: alldomains. Username to Join is: DOMAIN1\frederik and my normal > password. Then it tells me, that I have successfully joined the domain > alldomains. At the Login Screen I see the domains DOMAIN1, 2 and 3. But I > log on to DOMAIN1. > > My Questions: > > - How can I log on to DOMAIN1 over the main-domain alldomains > - When I share a directory, I have to create a local user, and then I > share the directory and the username will be verificated with the PDC of > the Domain I am logged on to. But now, I am logged on to Domain1 and want > to let a user, which is on Domain2, access the share. How do I have to do > this? > > Hope I have explained my question clearly. If there are any further > questions, ask. THANKS IN ADVANCE > -- > > Best regards, > Freddy > > Homepage: fmeerwaldt.homepage.com > Last update: 11.03.2000 > Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a > little bit about me. > ------------------------------------------------------------------------ > NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. > ------------------------------------------------------------------------ -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =- Benoit Boudeville | CANAL+ Technologies -= -= Computer System Engineer | 34, place Raoul Dautry =- =- mailto:bboudev@canal-plus.fr | 75516 Paris Cedex 15 -= -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -------------- next part -------------- A non-text attachment was scrubbed... Name: bboudevi.vcf Type: text/x-vcard Size: 324 bytes Desc: Carte pour Benoit Boudeville - Admin Syst?me Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000407/cce0bab6/bboudevi.vcf From johanh at fusion.kth.se Fri Apr 7 09:37:49 2000 From: johanh at fusion.kth.se (Johan Hedin) Date: Tue Dec 2 02:29:17 2003 Subject: Need help with printing on TNG (updated today from CVS) Message-ID: I have created a share called printer$ --- From smb.conf --- [global] printer driver file = /home/ktest/printer/printers.def nt forms file = /home/ktest/printer/ntforms.def nt printer driver = /home/ktest/printer [printer$] path = /home/ktest/printer read only = no --- End from smb.conf --- The directory /home/ktest/printer/ is empty. I log on locally as Administrator and open a skare as ktest on the Samba server. I click on "Add a printer", selects a printer and calls it the same as in Unix. After the test page prompt I get, "Printer driver for NT 4.0 x86 could not be installed. This function is only valid in Windows NT mode.". Is this the way to go, or am I on the wrong track? TIA Johan Hedin /---------------------------------------------------------------------\ | Johan Hedin | johanh@fusion.kth.se | | Ph.D. Student and System Manager | http://www.fusion.kth.se/~johanh | \---------------------------------------------------------------------/ From tom at ee.ucl.ac.uk Fri Apr 7 12:13:14 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:17 2003 Subject: samba-TNG Re: Problems with oplocks Message-ID: <200004071213.NAA04446@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 11:00BST 05/04/00 Solaris 2.7 gcc 2.8.1 Sparc 64 I've found that smbd is crashing. [2000/04/07 10:09:37, 1] smbd/service.c:make_connection(639) thriller (128.40.40.38) connect to service mjackson as user mjackson (uid=608, gid=400) (pid 739) [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(40) =============================================================== [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 739 (TNG-prealpha) Please read the file BUGS.txt in the distribution [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(43) =============================================================== [2000/04/07 10:09:44, 0] lib/util.c:smb_panic(2627) PANIC: internal error Unfortunately, this isn't enough information to track the bug, but as soon as I get a corefile from the next one I'll send in a stack trace. In the meantime, what is the correct behaviour for smbd and oplocks when it crashes like this? Should the signal handler clear the locks or should they be handed on to another smbd process? Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lkcl at samba.org Fri Apr 7 12:19:24 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:17 2003 Subject: samba-TNG Re: Problems with oplocks In-Reply-To: <200004071213.NAA04446@picard.ee.ucl.ac.uk> Message-ID: hi tom, there is a way to catch this with gdb if there is no corefile: you put a sleep(20) or maybe even a sleep(60)) which gives you more than enough time to notice the problem if you are running grep INTERNAL log.*, and fire up gdb bin/.libs/smbd in advance, and then jump on that and do attach 739 (in this case, because 739 is the process id). On Fri, 7 Apr 2000, Tom Crummey wrote: > Hello, > > samba-TNG cvs update 11:00BST 05/04/00 Solaris 2.7 gcc 2.8.1 Sparc 64 > > I've found that smbd is crashing. > > [2000/04/07 10:09:37, 1] smbd/service.c:make_connection(639) > thriller (128.40.40.38) connect to service mjackson as user mjackson (uid=608, > gid=400) (pid 739) > [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(40) > =============================================================== > [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(41) > INTERNAL ERROR: Signal 11 in pid 739 (TNG-prealpha) > Please read the file BUGS.txt in the distribution > [2000/04/07 10:09:44, 0] lib/fault.c:fault_report(43) > =============================================================== > [2000/04/07 10:09:44, 0] lib/util.c:smb_panic(2627) > PANIC: internal error > > Unfortunately, this isn't enough information to track the bug, but as > soon as I get a corefile from the next one I'll send in a stack trace. > In the meantime, what is the correct behaviour for smbd and oplocks when > it crashes like this? Should the signal handler clear the locks or > should they be handed on to another smbd process? > > > Tom. > > ---------------------------------------------------------------------------- > Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > University College London, TEL: +44 (0)20 7679 3898 > Torrington Place, FAX: +44 (0)20 7388 9325 > London, UK, WC1E 7JE. > ---------------------------------------------------------------------------- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From mendes at mgconecta.com.br Fri Apr 7 13:42:32 2000 From: mendes at mgconecta.com.br (mendes) Date: Tue Dec 2 02:29:17 2003 Subject: Error compiling smbwrapper Message-ID: <00040710440904.00824@armagedon> Hello I wonder whether someone could tell me what is missing on my system so as to get smbwrapper compiled. Here is the error message: Compiling smbwrapper/shared.c Linking bin/smbsh Compiling smbwrapper/smbw.c with -fpic In file included from smbwrapper/smbw.c:23: smbwrapper/realcalls.h:62: #error No open64() wrapper smbwrapper/realcalls.h:82: #error No opendir() wrapper smbwrapper/realcalls.h:102: #error No closedir() wrapper smbwrapper/realcalls.h:113: #error No seekdir() wrapper smbwrapper/realcalls.h:123: #error No telldir() wrapper smbwrapper/realcalls.h:212: #error No stat64() wrapper smbwrapper/realcalls.h:220: #error No lstat64() wrapper smbwrapper/realcalls.h:228: #error No fstat64() wrapper smbwrapper/realcalls.h:236: #error No readdir64() wrapper smbwrapper/realcalls.h:248: #error No llseek() wrapper smbwrapper/realcalls.h:257: #error No pread() wrapper smbwrapper/realcalls.h:273: #error No pwrite() wrapper make: *** [smbwrapper/smbw.po] Error 1 Thanks a lot. Eduardo From swaters at amicus.com Fri Apr 7 15:17:25 2000 From: swaters at amicus.com (Stephen Waters) Date: Tue Dec 2 02:29:17 2003 Subject: A clue to FAQ *2.4( References: Message-ID: <38EDFC05.27485EB1@amicus.com> Luke Kenneth Casson Leighton wrote: > > sounds like netbios name resolution limit (15 chars max). i find that anything more than 12 gives me trouble. -s From dqpr10 at canal-plus.fr Fri Apr 7 15:29:57 2000 From: dqpr10 at canal-plus.fr (dqpr10@canal-plus.fr) Date: Tue Dec 2 02:29:17 2003 Subject: Error compiling smbwrapper References: <00040710440904.00824@armagedon> Message-ID: <38EDFEF5.D76AB458@canal-plus.fr> You're missing some .h files such as dir.h, dirent.h, fcntl.c maybe, don't know them by heart. The #error are generated by configure. mendes@mgconecta.com.br a ?crit : > > Hello > I wonder whether someone could tell me what is missing on my system so > as to get smbwrapper compiled. > Here is the error message: > > Compiling smbwrapper/shared.c > Linking bin/smbsh > Compiling smbwrapper/smbw.c with -fpic > In file included from smbwrapper/smbw.c:23: > smbwrapper/realcalls.h:62: #error No open64() wrapper > smbwrapper/realcalls.h:82: #error No opendir() wrapper > smbwrapper/realcalls.h:102: #error No closedir() wrapper > smbwrapper/realcalls.h:113: #error No seekdir() wrapper > smbwrapper/realcalls.h:123: #error No telldir() wrapper > smbwrapper/realcalls.h:212: #error No stat64() wrapper > smbwrapper/realcalls.h:220: #error No lstat64() wrapper > smbwrapper/realcalls.h:228: #error No fstat64() wrapper > smbwrapper/realcalls.h:236: #error No readdir64() wrapper > smbwrapper/realcalls.h:248: #error No llseek() wrapper > smbwrapper/realcalls.h:257: #error No pread() wrapper > smbwrapper/realcalls.h:273: #error No pwrite() wrapper > make: *** [smbwrapper/smbw.po] Error 1 > > Thanks a lot. > > Eduardo -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =- Benoit Boudeville | CANAL+ Technologies -= -= Computer System Engineer | 34, place Raoul Dautry =- =- mailto:bboudev@canal-plus.fr | 75516 Paris Cedex 15 -= -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- -------------- next part -------------- A non-text attachment was scrubbed... Name: bboudevi.vcf Type: text/x-vcard Size: 324 bytes Desc: Carte pour Benoit Boudeville - Admin Syst?me Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000407/86514c47/bboudevi.vcf From tom at ee.ucl.ac.uk Fri Apr 7 15:43:44 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:17 2003 Subject: samba-TNG Re: Problems with oplocks Message-ID: <200004071543.QAA16924@picard.ee.ucl.ac.uk> Hello Luke, I got a crash at debug level 5. dos_ChDir to /pc/samba-TNG/etc/netlogon oplock_break: returning success for dev = 2200007, inode = 121091 Current exclusive_oplocks_open = 1 calling open_file with flags=0x0 flags2=0x0 mode=0744 Re-used file_fd_struct dev = 2200007, inode = 121091, ref_count = 2 =============================================================== INTERNAL ERROR: Signal 11 in pid 11517 (TNG-prealpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error claiming 100000 init msg_type=0x81 msg_flags=0x0 Transaction 1 of length 137 Still no core dump and I haven't had a chance to put the sleep in smbd. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From giulioo at pobox.com Fri Apr 7 16:33:50 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:17 2003 Subject: Error compiling smbwrapper In-Reply-To: <00040710440904.00824@armagedon> References: <00040710440904.00824@armagedon> Message-ID: <20000407163434.B105A2B0AC@i3.golden.dom> On Sat, 8 Apr 2000 01:19:34 +1000, hai scritto: > I wonder whether someone could tell me what is missing on my system so >as to get smbwrapper compiled. > Here is the error message: I suppose you are on linux: smbwrapper does not work on linux systems with recent glibc libraries. There's no solution. -- giulioo@pobox.com From Meerwaldt at t-online.de Fri Apr 7 16:25:06 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:18 2003 Subject: Joining a Domain on a multiple-domain Server In-Reply-To: <38EDAB62.6C4F73EE@canal-plus.fr> Message-ID: I know how it is set up, thanks, but I want to know how I can configure the client things (see my original mail (logon to Domain1 via Masterdomain)) on the samba box. And BTW: I _do_ know NT very well. -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ On Fri, 7 Apr 2000 dqpr10@canal-plus.fr wrote: > > This is not a samba question, this is a NT domain management question. > > > MASTERDOMAIN > | > +-----------------+----------------+ > | | | > DOMAIN1 DOMAIN2 DOMAIN3 > > MASTERDOMAIN: authentification domain > DOMAIN1/2/3: "data" domains, they have to approve MASTERDOMAIN > > You should have your accounts base into MASTERDOMAIN PDC and DOMAIN1/2/3 > approving the MASTERDOMAIN. > This will ensure accounts connected into the MASTERDOMAIN domain to view > ressources holded by DOMAIN1/2/3. The next step is to define Global > Groups > in the MASTERDOMAIN domain to pass the trust relationship. > > IE: > Let's say DOMAIN1 is for sales, you have a share on the DOMAIN1 PDC's > for salers: > > \\DOMAIN1_PDC\sales > > Ensure DOMAIN1\Administrators have the following members: > DOMAIN1\Domain Administrators > MASTERDOMAIN\Domain Administrators > > You can create a LOCAL group in DOMAIN1 called L_SALES, then create a > GLOBAL group > in MASTERDOMAIN called G_SALES. > Set share security for \\DOMAIN1_PDC\sales to: > DOMAIN1_PDC\Administrators Full Control > DOMAIN1_PDC\L_SALES Modify > Add NTFS security if you really want a secured share. > Add MASTERDOMAIN\G_SALES as member of DOMAIN1\L_SALES. > Add users in MASTERDOMAIN\G_SALES, they'll have access to > \\DOMAIN1_PDC\sales. > > The workaround is the same for DOMAIN2 & DOMAIN3. > > Use MASTERDOMAIN as the LOGON domain and DOMAIN1/2/3 as private domains. > If you wish to use DOMAIN1/2/3 as logon domain for certain users, they > won't be > able to access other domains' ressources if they don't have an account > on them > too. If you wish to add a private user to more than one sub-domain (ie: > DOMAIN1 & > DOMAIN2), ensure they have the same name & passowrd (as Windows clients > tests against > matching username/password first). > > Note that if you have a real file server (that is not a DC), that'll > obviously > works the same. > > > I suggest learning NT before trying Samba. > > Meerwaldt@t-online.de a ?crit : > > > > Hi all, > > > > I want to replace a NT 4 Server with a FreeBSD Server running Samba. Now > > we have in our company a Domain, which supplies multiple domains. In NT4 I > > enter in the Join a domain field a domain (Let's say alldomains) and when > > I log on, I see 3 domains (which this domain supplies). Do you know what I > > mean? But I can't logon to alldomains directly. I have to log on to > > DOMAIN1 (this domain is supplied by the main-domain alldomains). Now I > > want to join the Domain DOMAIN1, but I want to share folders with users of > > other domains (which supplies the main-domain alldomains, too), too. For > > example: I tell Windows NT 4 to join a domain. Domain > > Name: alldomains. Username to Join is: DOMAIN1\frederik and my normal > > password. Then it tells me, that I have successfully joined the domain > > alldomains. At the Login Screen I see the domains DOMAIN1, 2 and 3. But I > > log on to DOMAIN1. > > > > My Questions: > > > > - How can I log on to DOMAIN1 over the main-domain alldomains > > - When I share a directory, I have to create a local user, and then I > > share the directory and the username will be verificated with the PDC of > > the Domain I am logged on to. But now, I am logged on to Domain1 and want > > to let a user, which is on Domain2, access the share. How do I have to do > > this? > > > > Hope I have explained my question clearly. If there are any further > > questions, ask. THANKS IN ADVANCE > > -- > > > > Best regards, > > Freddy > > > > Homepage: fmeerwaldt.homepage.com > > Last update: 11.03.2000 > > Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a > > little bit about me. > > ------------------------------------------------------------------------ > > NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. > > ------------------------------------------------------------------------ > > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > =- Benoit Boudeville | CANAL+ Technologies -= > -= Computer System Engineer | 34, place Raoul Dautry =- > =- mailto:bboudev@canal-plus.fr | 75516 Paris Cedex 15 -= > -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From ksmelser at uindy.edu Fri Apr 7 19:49:31 2000 From: ksmelser at uindy.edu (Kelly S. Smelser) Date: Tue Dec 2 02:29:18 2003 Subject: Joining domain Message-ID: I have been having a similar problem using 2.0.7pre3 as far as joining the domain as Mr. Muffett. I consistently get an "Unable to up date local security in order to join domain" error under WinNT 4.0, and I get a "Domain is not available or does not exist" error in Win2K, but all works fine with Win98. Downgrading to 2.0.6 works fine as far as the Win98 and WinNT 4.0 machines go. Has anyone else encountered this problem or have found a solution? K. -- "I am seized by a melancholy though quite tranquil amazement at my own lack of feeling...that simply by consequence of my fixation upon letters I am everywhere else uninterested and in consequence heartless." -Franz Kafka on himself From perickson at mail.ipool.com Fri Apr 7 19:53:32 2000 From: perickson at mail.ipool.com (perickson@mail.ipool.com) Date: Tue Dec 2 02:29:18 2003 Subject: request not supported (setgroups call) Message-ID: Hi everyone - I'm having problems logging into my samba-tng 1.9 domain. I get an error stating "The request is not supported by the network" on my Win98 laptop. The computer trust account and username are both added to the smbpasswd file as well as /etc/passwd . My log.netlogon files contains the following error: ERROR: sys setgroups call failed! TODO: verify that the rid exists In a previous post regarding this problem, someone said that they solved the problem by reverting to tng-1.0 . I was wondering if there's some other way to solve this without reverting to an old version. If anyone has any info or suggestions, I would greatly appreciate it. Thanks, Pete Erickson perickson@ipool.com From mmbrich at binary.net Fri Apr 7 22:33:44 2000 From: mmbrich at binary.net (Matthew Brichacek) Date: Tue Dec 2 02:29:18 2003 Subject: TNG-1.9 smbd porblems Message-ID: <001401bfa0e1$56fa6740$a20ce5d8@binary.net> Hello, All through the configure make and make install of TNG-1.9 everything seemed to compile file, when i went to restart the smbd daemon it would fail with a "smbd: error in loading shared libraries: smbd: undefined symbol: string_init" then all the other daemons would load o problem. I have a mandrake 7.0 machine and my config file work fine on tng-1.8 so i assume that means it's still ok. Any ideas? Thanks Matthew -------------- next part -------------- HTML attachment scrubbed and removed From lkcl at samba.org Sat Apr 8 03:32:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: A clue to FAQ *2.4( In-Reply-To: <38EDFC05.27485EB1@amicus.com> Message-ID: hmmm... interesting. can you do a comparative netmon trace, and demonstrate the packets leading up to the failure? thx. On Fri, 7 Apr 2000, Stephen Waters wrote: > Luke Kenneth Casson Leighton wrote: > > > > sounds like netbios name resolution limit (15 chars max). > > i find that anything more than 12 gives me trouble. > > -s > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sat Apr 8 03:57:15 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: Joining domain In-Reply-To: Message-ID: ah -- that will be because of incorrect nmbd process_logon_packet responses. On Sat, 8 Apr 2000, Kelly S. Smelser wrote: > I have been having a similar problem using 2.0.7pre3 as far as > joining the domain as Mr. Muffett. I consistently get an "Unable to up > date local security in order to join domain" error under WinNT 4.0, and I > get a "Domain is not available or does not exist" error in Win2K, but all > works fine with Win98. Downgrading to 2.0.6 works fine as far as the > Win98 and WinNT 4.0 machines go. Has anyone else encountered this > problem or have found a solution? > > K. > > -- > "I am seized by a melancholy though quite tranquil amazement at my own > lack of feeling...that simply by consequence of my fixation upon letters I > am everywhere else uninterested and in consequence heartless." -Franz > Kafka on himself > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sat Apr 8 03:59:53 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: request not supported (setgroups call) In-Reply-To: Message-ID: pete, all, you don't need TNG if you are using lose9x. these clients do not have the concept of domains in them in any way, shape, or form. they can, however, download profiles from a server, and you need to type in a username, domain name and password to get it. On Sat, 8 Apr 2000 perickson@mail.ipool.com wrote: > Hi everyone - I'm having problems logging into my samba-tng 1.9 domain. I > get an error stating "The request is not supported by the network" on my > Win98 laptop. The computer trust account and username are both added to > the smbpasswd file as well as /etc/passwd . My log.netlogon files > contains the following error: > > ERROR: sys setgroups call failed! > TODO: verify that the rid exists > > In a previous post regarding this problem, someone said that they solved > the problem by reverting to tng-1.0 . I was wondering if there's some > other way to solve this without reverting to an old version. If anyone > has any info or suggestions, I would greatly appreciate it. > > Thanks, > Pete Erickson > perickson@ipool.com > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sat Apr 8 04:00:23 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: TNG-1.9 smbd porblems In-Reply-To: <001401bfa0e1$56fa6740$a20ce5d8@binary.net> Message-ID: binaries are now installed in sbin. On Sat, 8 Apr 2000, Matthew Brichacek wrote: > Hello, > > All through the configure make and make install of TNG-1.9 everything seemed to compile file, when i went to restart the smbd daemon it would fail with a "smbd: error in loading shared libraries: smbd: undefined symbol: string_init" then all the other daemons would load o problem. I have a mandrake 7.0 machine and my config file work fine on tng-1.8 so i assume that means it's still ok. Any ideas? > Thanks > Matthew > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From swaters at amicus.com Sat Apr 8 04:42:13 2000 From: swaters at amicus.com (Stephen Waters) Date: Tue Dec 2 02:29:18 2003 Subject: A clue to FAQ *2.4( References: Message-ID: <38EEB8A4.7855F12C@amicus.com> hrm... i'll take a look if i can. i'm in a production environment though on a busy network so pinpointing it will be difficult... any hints? Luke Kenneth Casson Leighton wrote: > > hmmm... interesting. can you do a comparative netmon trace, and > demonstrate the packets leading up to the failure? > > thx. > > On Fri, 7 Apr 2000, Stephen Waters wrote: > > > Luke Kenneth Casson Leighton wrote: > > > > > > sounds like netbios name resolution limit (15 chars max). > > > > i find that anything more than 12 gives me trouble. > > > > -s > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -- What you end up with, after running an operating system concept through these many marketing coffee filters, is something not unlike plain hot water. -- Matt Welsh From anders at aae.wisc.edu Sat Apr 8 05:10:51 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:18 2003 Subject: Trust Relationships In-Reply-To: from "Shahar.Shaynis@ecitele.com" at "Apr 6, 2000 10:01:28 am" Message-ID: <200004080510.AAA24306@pug.aae.wisc.edu> Damn! You're using Lotus Notes (with its annoyning formatting..) Ok.. There's three "current" versions of samba. 2.0.x is the STABLE tree 2.0.6 is the latest STABLE 2.0.7 is soon to be released STABLE The HEAD Tree incorporates general new samba functionality, and is based / in sync with STABLE (i.e. it's got same functions + several EXPERIMENTAL ones to increase functionality) The TNG Tree has NTDOMAIN support, however this tree is based on pre-2.0.x (i.e. one split into what would become STABLE 2.0.x, and continued working on domain support.) TNG Has poor (read: unusable) file-sharing support. It also has other bugs. It's NTDOMAIN support is experimental however... TNG supports Trustrelationships, with some issues: The user anders in DOMAIN1 is assumed to be the same as anders in DOMAIN2.. i.e. even if these are different users, thy'll ovn the same files on Unix. Personal advice: Wait until the fall, when 3.0 is expected to be complete.. This release is also expected to have most of the NTDOMAIN support. You're just going to break your neck on incorporating this stuff in a production environment.. Perhaps you could use 2.0.6 or 2.0.7 with joined in your domains, or with password server = NTSERVER. (see manpage smb.conf) --Anders > > Hey! > > > Does Samba 2.0.7 supports Inter-Domain trusted Relationships? > > > Shahar. > > > > "Anders C. > Thorsen" To: Multiple recipients of list SAMBA-NTDOM > aae.wisc.edu> Subject: Re: Trust Relationships > Sent by: > samba-ntdom@ > samba.org > > > 06/04/2000 > 05:06 > Please > respond to > anders > > > > > > > > You should go for the latest ver. of 2.0.x > 2.0.6 is the latest, but 2.0.7 is shipping soon.. Right Jeremy..? > > --Anders > > > From lkcl at samba.org Sat Apr 8 05:49:22 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: Trust Relationships In-Reply-To: <200004080510.AAA24306@pug.aae.wisc.edu> Message-ID: > The TNG Tree has NTDOMAIN support, however this tree is based on > pre-2.0.x (i.e. one split into what would become STABLE 2.0.x, > and continued working on domain support.) smbd and nmbd have been merged from 3.0 (cvs main) into TNG. From anders at aae.wisc.edu Sat Apr 8 06:02:50 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:18 2003 Subject: Trust Relationships In-Reply-To: from Luke Kenneth Casson Leighton at "Apr 8, 2000 03:49:22 pm" Message-ID: <200004080602.BAA24995@pug.aae.wisc.edu> > > The TNG Tree has NTDOMAIN support, however this tree is based on > > pre-2.0.x (i.e. one split into what would become STABLE 2.0.x, > > and continued working on domain support.) > > smbd and nmbd have been merged from 3.0 (cvs main) into TNG. > Is TNG the "final" tree then..? I seem to remember that the idea was to do this to ease migration of TNG back into HEAD. Please correct me if I'm wrong. --Anders From lkcl at samba.org Sat Apr 8 06:10:36 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:18 2003 Subject: Trust Relationships In-Reply-To: <200004080602.BAA24995@pug.aae.wisc.edu> Message-ID: On Sat, 8 Apr 2000, Anders C. Thorsen wrote: > > > The TNG Tree has NTDOMAIN support, however this tree is based on > > > pre-2.0.x (i.e. one split into what would become STABLE 2.0.x, > > > and continued working on domain support.) > > > > smbd and nmbd have been merged from 3.0 (cvs main) into TNG. > > > Is TNG the "final" tree then..? not quite! > I seem to remember that the idea was to do this to ease migration of TNG back > into HEAD. well, it turns out that it was far easier to go the other way round: andrew and i did nmbd in... a day, and i did smbd in two, maybe three. now, all of 2_0, main and TNG can be simultaneously updated. andrew and i are going to do an architecture review of TNG, deciding what bits are suitable and what bits need rewriting, my hope is to maintain the same aims / flexibility, just done in better ways. luke From giulioo at pobox.com Sat Apr 8 07:25:38 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:18 2003 Subject: [newbie]: Samba as a server for Win98 PCS In-Reply-To: <00040217404803.00826@armagedon> References: <00040217404803.00826@armagedon> Message-ID: <20000408072632.3C5E12AE67@i3.golden.dom> On Mon, 3 Apr 2000 05:35:57 +1000, hai scritto: > I have 12 Win98 PCs with public IPs connected to the Internet. I want: Why did you do that? To assign a public ip to a win9x box is a waste :) >2) That the linux PC provides login access to the other PCs. (I want to >eliminate the possibility of the users log in a Win98 PC and wreck the >file-system and software). If you have smart users, then you can't do that. Win9x is not designed for this. You could force authentication to the samba domain, but the users could boot in safe mode and disable this. >3) That the linux PC controls all hard disks (12) and allocates quotas for each >users. Very unlikely. >4) That the linux PC have a share with all software (Windows 98 software) >needed in the network. This is possible, if the software package is ok to be run over the network. >5) That Samba is only seen by the 12 PCs and close for the rest the world. I think you should re-think the network design. You'd better use private ip addresses. If the win9x is accessible from the internet, and it mounts a samba share..... Maybe you can do ip-masq on the same linux box for all the win9x. >6) That Linux-samba grants or not access to the Internet. So you need to install a proxy on the linux box, or do it via ipchains. >Could someone tell me if the above is possible and how to do it? Specific >documentation and how to setup samba-linux-windows98 would be great. ppp howto, ipmasq howto, ipchains howto..... ww.oreilly.com for the "Using Samba" book -- giulioo@pobox.com From mmbrich at ductamerica.com Sat Apr 8 08:43:02 2000 From: mmbrich at ductamerica.com (Matthew Brichacek) Date: Tue Dec 2 02:29:18 2003 Subject: TNG-1.9 login problems Message-ID: <00040804024100.00862@comp03.binary.net> Hello, I compliled tng-1.9 on my linux mandrake 7.0 machine and the install went fine, i executed all of the daemons in sbin and loged out of my win98 machine, after this i was unable to gain access to the network and windows would say "The Request is not supported by the network. My config file has not changed though the versions so i am sure that is not it. here are some of my logfiles. i had debug = 20so they may be large, i will put in the ones that i saw a change through. Thanks Matthew log.smb load_unicode_map: loading unicode map for codepage 850. loaded services Becoming a daemon. fcntl_lock 4 6 0 1 1 Lock call successful bind succeeded on port 139 bind succeeded on port 139 waiting for a connection do_reseed: got 40 bytes from /dev/urandom. get_sam_domain_name: PDC/BDC DUCTAMERICA read_sid: Domain: DUCTAMERICA sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 read_sid_from_file /usr/local/samba/private/DUCTAMERICA.SID: sid S-1-5-21-1027092324-3789277122-2277139020 get_member_domain_sid: sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-32 Map: Domain: BUILTIN SID: S-1-5-32 sid_to_string returning S-1-1 Map: Domain: Global Domain SID: S-1-1 sid_to_string returning S-1-1-0 Map: Domain: Everyone SID: S-1-1-0 sid_to_string returning S-1-2-0 Map: Domain: LOCAL SID: S-1-2-0 sid_to_string returning S-1-3-0 Map: Domain: Creator Owner SID: S-1-3-0 sid_to_string returning S-1-3-1 Map: Domain: Creator Group SID: S-1-3-1 sid_to_string returning S-1-3-2 Map: Domain: Creator Server Owner SID: S-1-3-2 sid_to_string returning S-1-3-3 Map: Domain: Creator Server Group SID: S-1-3-3 sid_to_string returning S-1-5 Map: Domain: NT Authority SID: S-1-5 sid_to_string returning S-1-5-1 Map: Domain: DIALUP SID: S-1-5-1 sid_to_string returning S-1-5-2 Map: Domain: NETWORK SID: S-1-5-2 sid_to_string returning S-1-5-3 Map: Domain: BATCH SID: S-1-5-3 sid_to_string returning S-1-5-4 Map: Domain: Interactive SID: S-1-5-4 sid_to_string returning S-1-5-6 Map: Domain: Service SID: S-1-5-6 sid_to_string returning S-1-5-7 Map: Domain: SID: S-1-5-7 sid_to_string returning S-1-5-9 Map: Domain: SERVER LOGON SID: S-1-5-9 sid_to_string returning S-1-5-11 Map: Domain: Authenticated Users SID: S-1-5-11 sid_to_string returning S-1-5-18 Map: Domain: SYSTEM SID: S-1-5-18 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 Map: Domain: DUCTAMERICA SID: S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 Map: Domain: DUCTAMERICA SID: S-1-5-21-1027092324-3789277122-2277139020 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Sat Apr 8 03:49:25 2000 Changed root to / open_oplock_ipc: opening loopback UDP socket. bind succeeded on port 0 open_oplock ipc: pid = 20670, global_oplock_port = 1027 Serverzone is 18000 got smb length of 68 got message type 0x81 of len 0x44 Transaction 0 of length 72 NBT message [000] 81 00 00 44 20 45 44 45 50 45 4E 46 41 44 41 44 ...D EDE PENFADAD [010] 44 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 DCACACAC ACACACAC [020] 41 43 41 43 41 00 20 45 4E 45 42 46 45 46 45 43 ACACA. E NEBFEFEC [030] 41 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 ACACACAC ACACACAC [040] 41 43 41 43 ACAC netbios connect: name1=COMP03 name2=MATT lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Sat Apr 8 03:49:25 2000 claiming 100000 init msg_type=0x81 msg_flags=0x0 write_socket(8,4) write_socket(8,4) wrote 4 got smb length of 154 got message type 0x0 of len 0x9a Transaction 1 of length 158 size=154 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=1 smb_pid=6703 smb_uid=0 smb_mid=20227 smt_wct=0 smb_bcc=119 [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO [020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 33 2E 30 00 FT NETWO RKS 3.0. [030] 02 44 4F 53 20 4C 4D 31 2E 32 58 30 30 32 00 02 .DOS LM1 .2X002.. [040] 44 4F 53 20 4C 41 4E 4D 41 4E 32 2E 31 00 02 57 DOS LANM AN2.1..W [050] 69 6E 64 6F 77 73 20 66 6F 72 20 57 6F 72 6B 67 indows f or Workg [060] 72 6F 75 70 73 20 33 2E 31 61 00 02 4E 54 20 4C roups 3. 1a..NT L [070] 4D 20 30 2E 31 32 00 M 0.12. switch message SMBnegprot (pid 20670) Requested protocol [PC NETWORK PROGRAM 1.0] Requested protocol [MICROSOFT NETWORKS 3.0] Requested protocol [DOS LM1.2X002] Requested protocol [DOS LANMAN2.1] Requested protocol [Windows for Workgroups 3.1a] Requested protocol [NT LM 0.12] lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Sat Apr 8 03:49:25 2000 switch message SMBsesssetupX (pid 20670) vuid_init_db: opened lookup user 50be,1 000000 vuid_io_key key 0000 pid : 000050be 0004 vuid: 0001 000000 vuid_io_user_struct usr _prs_uint32 error (uid) ps: io Yes align 4 offset 0 err 1 data (nil) passlen: 24 0 Domain=[] NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0] sesssetupX:name=[MATTHEW] lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Sat Apr 8 03:49:25 2000 lookupsmbpwntnam: nt user name \matthew name 'matthew' split into domain:DUCTAMERICA and nt name:matthew' initialising map /usr/local/samba/private/domainuser.map file_modified: /usr/local/samba/private/domainuser.map modified load_name_map: Scanning name map /usr/local/samba/private/domainuser.map Read line |root=Administrator| make_name_entry:,Administrator,root unix_name_to_nt_name_info: unix_name:root unix_name_to_nt_name_info: unix gid:0 map_domain_name_to_sid: overriding blank name to DUCTAMERICA map_domain_name_to_sid: DUCTAMERICA compare: BUILTIN compare: Global Domain compare: Everyone compare: LOCAL compare: Creator Owner compare: Creator Group compare: Creator Server Owner compare: Creator Server Group compare: NT Authority compare: DIALUP compare: NETWORK compare: BATCH compare: Interactive compare: Service compare: compare: SERVER LOGON compare: Authenticated Users compare: SYSTEM compare: DUCTAMERICA sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 found S-1-5-21-1027092324-3789277122-2277139020 reset_wk_maps: Initializing maps sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 nt name DUCTAMERICA\Administrator gid 0 mapped to S-1-5-21-1027092324-3789277122-2277139020-500 unixname = root, ntname = DUCTAMERICA\Administrator type = 1 Read line || load_name_map: Added 1 entries to name map. Scanning username map /dsk/user.map Checking SMB password, user matthew domain password_ok: check SMB auth check_domain_security: COMP03(2) get_any_dc_name: domain DUCTAMERICA local domain server list: cli_connection_init_auth: \\. \PIPE\lsarpc copy_nt_creds: null creds ncalrpc_l_use_add ncalrpc_l_find: lsarpc [20670,0] root is in 10 groups: 0, 1, 2, 3, 4, 6, 10, 11, 50, 509 uid 0 registered to name root Clearing default real name uid 0 vuid 100 registered to unix name root storing user 50be,64 000000 vuid_io_key key 0000 pid : 000050be 0004 vuid: 0064 000000 vuid_io_user_struct usr 0000 uid: 00000000 0004 gid: 00000000 0008 name: root 0010 requested_name: root 0018 real_name: 0024 guest: 00000000 0028 n_groups: 0000000a 002c : 00000000 0030 : 00000001 0034 : 00000002 0038 : 00000003 003c : 00000004 0040 : 00000006 0044 : 0000000a 0048 : 0000000b 004c : 00000032 0050 : 000001fd 000054 net_io_user_info3 usr ncalrpc_l_establish_connection: connecting to lsarpc socket open succeeded. file name: /tmp/.msrpc/.lsarpc/agent socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused redirect failed, attempt direct connection socket open succeeded. file name: /usr/local/samba/var/locks/.msrpc/lsarpc create_user_creds: lsarpc 0 0 000004 creds_io_cmd creds 0004 version: 0000 0006 command: 0000 000008 vuid_io_key key 0008 pid : 000050be 000c vuid: 0064 000e name : lsarpc 0018 ptr_creds: 00000000 write_socket(13,28) write_socket(13,28) wrote 28 ncalrpc_l_use_add: num_users: 1 Bind RPC Pipe: \PIPE\lsarpc Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg.. [010] 00 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... create_rpc_noauth_bind_req 000000 smb_io_rpc_hdr_rb 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 1630 0002 max_rsize: 1630 0004 assoc_gid: 000050be 0008 num_elements: 01 000c context_id : 0064 000e num_syntaxes: 01 00000f smb_io_rpc_iface 000010 smb_io_rpc_uuid uuid 0010 time_low: 12345778 0014 time_mid: 1234 0016 time_hiv: abcd 0018 rem: ef 00 01 23 45 67 89 ab 0020 version: 00000000 000024 smb_io_rpc_iface 000024 smb_io_rpc_uuid uuid 0024 time_low: 8a885d04 0028 time_mid: 1ceb 002a time_hiv: 11c9 002c rem: 9f e8 08 00 2b 10 48 60 0034 version: 00000002 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 00 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 ncalrpc_l_send_prs: data: 0x809f0a0 len 72 [000] 05 00 0B 00 10 00 00 00 48 00 00 00 01 00 00 00 ........ H....... [010] 30 16 30 16 BE 50 00 00 01 00 00 00 64 00 01 00 0.0..P.. ....d... [020] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg.. [030] 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....].. ........ [040] 2B 10 48 60 02 00 00 00 +.H`.... write_socket(13,72) write_socket(13,72) wrote 72 ncalrpc_l_receive: 123 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [000] 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 00 ........ D....... [010] 30 16 30 16 BE 50 00 00 0E 00 5C 50 49 50 45 5C 0.0..P.. ..\PIPE\ [020] 6C 73 61 72 70 63 64 00 01 00 00 00 00 00 00 00 lsarpcd. ........ [030] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [040] 02 00 00 00 .... ncalrpc_l_receive: len 68 rpc_check_hdr: rdata->data_size: 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 rpc_check_hdr: (after smb_io_rpc_hdr call) rdata->data_size: 68 prs_set_packtype: bigendian: No cli_pipe: fragment first and last both set rpc_api_pipe: return OK 000000 smb_io_rpc_hdr_ba 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 1630 0002 max_rsize: 1630 0004 assoc_gid: 000050be 000008 smb_io_rpc_addr_str 0008 len: 000e 000a str: \PIPE\lsarpcd. 000018 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 000020 smb_io_rpc_iface 000020 smb_io_rpc_uuid uuid 0020 time_low: 8a885d04 0024 time_mid: 1ceb 0026 time_hiv: 11c9 0028 rem: 9f e8 08 00 2b 10 48 60 0030 version: 00000002 bind_rpc_pipe: searching pipe name: client:\PIPE\lsarpc server:\PIPE\lsass bind_rpc_pipe: pipe_name \PIPE\lsass != expected pipe \PIPE\lsarpcd. oh well! bind_rpc_pipe: accepted! LSA Open Policy2 make_open_pol2: attr:0 da:33554432 make_lsa_obj_attr Setting 528 in 5 groups: 1076361344, 1076361344, 50, 61, 502 become_unix_sec_ctx uid=(0,0) gid=(0,0) vuser=(20670,66) dos_ChDir to /tmp trans <\PIPE\LANMAN> data=0 params=94 setup=0 calling named_pipe named pipe command on name Got API command 132 of form (tdscnt=0,tpscnt=94,mdrcnt=373,mprcnt=6) Doing WWkstaUserLogon lookup user 0,66 000000 vuid_io_key key 0000 pid : 00000000 0004 vuid: 0066 000000 vuid_io_user_struct usr _prs_uint32 error (uid) ps: io Yes align 4 offset 0 err 1 data (nil) Unsupported API command send_trans_reply: max_data_ret: 0 datalen: 0 plen: 4 copy_trans_params_and_data: params[0..4] data[0..0] size=60 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=1 smb_tid=1 smb_pid=6703 smb_uid=102 smb_mid=20483 smt_wct=10 smb_vwv[0]=4 (0x4) smb_vwv[1]=0 (0x0) smb_vwv[2]=0 (0x0) smb_vwv[3]=4 (0x4) smb_vwv[4]=56 (0x38) smb_vwv[5]=0 (0x0) smb_vwv[6]=0 (0x0) smb_vwv[7]=60 (0x3C) smb_vwv[8]=0 (0x0) smb_vwv[9]=0 (0x0) smb_bcc=5 [000] 00 32 00 00 00 .2... write_socket(8,64) write_socket(8,64) wrote 64 receive_smb: length < 0! end of file from client dos_ChDir to /downloads/samba-tng-alpha.1.9/source unbecome_user now uid=(0,0) gid=(0,0) Closing connections matt (19 closed connection to service IPC$ Yielding connection to IPC$ Server exit (normal exit) log.nmbd is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 is_myname("MATT") returns 0 is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 is_myname("OFFICE") returns 0 is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 write_browse_list: Wrote browse list into file /usr/local/samba/locks/browse.dat find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. read_udp_socket: lastip 2 lastport 138 read: 212 Received a packet of len 212 from (2) port 138 nmbd_subnetdb:namelist_entry_compare() 0 == memcmp( "DUCTAMERICA<1d>", "DUCTAMERICA<1d>", 88 ) find_name_on_subnet: on subnet 216.2- found name DUCTAMERICA<1d> source=2 process_dgram: datagram from MATT<00> to DUCTAMERICA<1d> IP for \MAILSLOT\BROWSE of type 1 len=44 is_myname("MATT") returns 0 debug_browse_data(): 0 char ......MATT...... hex 01 87 a0 bb 0d 00 4d 41 54 54 00 00 00 00 00 00 10 char ......... A...U. hex 00 00 00 00 00 00 04 00 03 20 41 00 15 04 55 aa 20 char athalon 550. hex 61 74 68 61 6c 6f 6e 20 35 35 30 00 process_host_announce: from MATT<00> IP to DUCTAMERICA<1d> for server MATT. process_host_announce: ttl=900 server type=00412003 comment=athalon 550 find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. is_myname("MATT") returns 0 create_server_on_workgroup: Created server entry MATT of type 40412003 (athalon 550) on workgroup DUCTAMERICA. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet 198.172.10.113: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. announce_myself_to_domain_master_browser: t (955183858) - last(955183798) < 900 find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. announce_myself_to_domain_master_browser: t (955183858) - last(955183798) < 900 find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. announce_myself_to_domain_master_browser: t (955183868) - last(955183798) < 900 dump_workgroups() dump workgroup on subnet 198.172.10.113: netmask= 255.255.255.0: DUCTAMERICA(1) current master browser = COMP03 COMP03 400c9b0b (Linux DA Server) DA-DRIVE 40009a0b (Linux DA Server) MATT 40412003 (athalon 550) dump_workgroups() dump workgroup on subnet 216.229.12.163: netmask=255.255.255.248: DUCTAMERICA(1) current master browser = COMP03 COMP03 400c9b0b (Linux DA Server) DA-DRIVE 40009a0b (Linux DA Server) OFFICE 40402203 (Ductamerica Workstation) MATT 40412003 (athalon 550) dump_workgroups() dump workgroup on subnet UNICAST_SUBNET: netmask= DUCTAMERICA(1) current master browser = UNKNOWN COMP03 40099b0b (Linux DA Server) DA-DRIVE 40009a0b (Linux DA Server) find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet : found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet 21 found. find_workgroup_on_subnet: workgroup search for DUCTAMERICA on subnet UNICAST_SUBNET: found. is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 is_myname("MATT") returns 0 is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 is_myname("OFFICE") returns 0 is_myname("MATT") returns 0 is_myname("COMP03") returns 1 is_myname("DA-DRIVE") returns 1 log.netlogon deal_with_creds: clnt_cred=548F4C69A6EC6425 cred_store: make_creds_key: dom DUCTAMERICA wks COMP03 [000] 64 75 63 74 61 6D 65 72 69 63 61 00 63 6F 6D 70 ductamer ica.comp [010] 30 33 00 03. SAM Logon (Network). Domain:[DUCTAMERICA]. User:[matthew] Opened policy hnd[3] register_policy_hnd: vuser [20670, 65] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 01 00 00 00 .... Found policy hnd[3] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 01 00 00 00 .... policy pnum=3 setting name to sam_connect Found policy hnd[3] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 01 00 00 00 .... Found policy hnd[3] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 01 00 00 00 .... Getting policy vuser_key pnum=3 pid=20670 vuid=65 Opened policy hnd[4] register_policy_hnd: vuser [20670, 65] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... Found policy hnd[4] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... policy pnum=4 setting name to sam_domain sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 Setting policy sid=S-1-5-21-1027092324-3789277122-2277139020 Found policy hnd[4] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... policy(pnum=4 sam_domain): Setting policy state Service setting policy sid=S-1-5-21-1027092324-3789277122-2277139020 _samr_open_domain: 260 samr_lookup_names: 1434 Found policy hnd[4] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... policy(pnum=4 sam_domain): Getting policy state sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 Getting policy sid=S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 pol_sid: S-1-5-21-1027092324-3789277122-2277139020 name 'matthew' split into domain:DUCTAMERICA and nt name:matthew' reset_wk_maps: Initializing maps lookupsmbpwntnam: nt user name matthew name 'matthew' split into domain:DUCTAMERICA and nt name:matthew' initialising map /usr/local/samba/private/domainuser.map file_modified: /usr/local/samba/private/domainuser.map modified load_name_map: Scanning name map /usr/local/samba/private/domainuser.map Read line |root=Administrator| make_name_entry:,Administrator,root unix_name_to_nt_name_info: unix_name:root unix_name_to_nt_name_info: unix gid:0 map_domain_name_to_sid: overriding blank name to DUCTAMERICA map_domain_name_to_sid: DUCTAMERICA compare: BUILTIN compare: Global Domain compare: Everyone compare: LOCAL compare: Creator Owner compare: Creator Group compare: Creator Server Owner compare: Creator Server Group compare: NT Authority compare: DIALUP compare: NETWORK compare: BATCH compare: Interactive compare: Service compare: compare: SERVER LOGON compare: Authenticated Users compare: SYSTEM compare: DUCTAMERICA sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 found S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 nt name DUCTAMERICA\Administrator gid 0 mapped to S-1-5-21-1027092324-3789277122-2277139020-500 unixname = root, ntname = DUCTAMERICA\Administrator type = 1 Read line || load_name_map: Added 1 entries to name map. search by uid: 210 startfileent: opening file /usr/local/samba/private/smbpasswd getsamfile21pwent get_number: 502:AB94A67DCBF0DCC0AAD3B435B51404EE:D4A85E1EB082A2E55B22877FE2879D18:Matthew Brichacek:/home/mmbrich:/bin/bash -> 502 getsmbfilepwent: returning passwd entry for unix user mmbrich, unix uid 502 unixuser:mmbrich uid:502 acb:10 pwdb_smb_map_names: unix mmbrich nt NULL unix 502 nt-1 lookupsmbpwnam: unix user name mmbrich lookupsmbpwuid: unix uid 502 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=mmbrich, unix_name=mmbrich Home server: comp03 getsamfile21pwent get_number: 503:6FD899DC607CA814AAD3B435B51404EE:2A5B19109F46E699C909E42C4A8F1478:Kristy Schlickbernd:/home/kristy:/bin/bash -> 503 getsmbfilepwent: returning passwd entry for unix user kristy, unix uid 503 unixuser:kristy uid:503 acb:10 pwdb_smb_map_names: unix kristy nt NULL unix 503 nt-1 lookupsmbpwnam: unix user name kristy lookupsmbpwuid: unix uid 503 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=kristy, unix_name=kristy Home server: comp03 getsamfile21pwent get_number: 521:71CC48557B3DE521AAD3B435B51404EE:82CAF3379861794804020A9DEF2B6273:Jethro Hopkins:/home/jethro:/bin/bash -> 521 getsmbfilepwent: returning passwd entry for unix user jethro, unix uid 521 unixuser:jethro uid:521 acb:10 pwdb_smb_map_names: unix jethro nt NULL unix 521 nt-1 lookupsmbpwnam: unix user name jethro lookupsmbpwuid: unix uid 521 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=jethro, unix_name=jethro Home server: comp03 getsamfile21pwent get_number: 528:AB94A67DCBF0DCC0AAD3B435B51404EE:D4A85E1EB082A2E55B22877FE2879D18:Matthew Brichacek:/home/mmbrich:/bin/bash -> 528 getsmbfilepwent: returning passwd entry for unix user matthew, unix uid 528 unixuser:matthew uid:528 acb:10 pwdb_smb_map_names: unix matthew nt NULL unix 528 nt-1 lookupsmbpwnam: unix user name matthew lookupsmbpwuid: unix uid 528 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=matthew, unix_name=matthew Home server: comp03 found by unix_uid: 210 endfileent: closed file. pwdb_sam_map_names: unix matthew nt matthew unix 528 nt3112 lookupsmbpwnam: unix user name matthew lookupsmbpwuid: unix uid 528 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 pwdb_sam_map_name: found unix user matthew nt matthew uid 528 rid 0xc28 lookupsmbgrpgid: unix gid 0 initialising map /usr/local/samba/private/localgroup.map file_modified: /usr/local/samba/private/localgroup.map modified load_name_map: Scanning name map /usr/local/samba/private/localgroup.map Read line |smb=BUILTIN\Administrators| make_name_entry:BUILTIN,Administrators,smb unix_name_to_nt_name_info: unix_name:smb unix_name_to_nt_name_info: unix gid:61 map_domain_name_to_sid: BUILTIN compare: BUILTIN sid_to_string returning S-1-5-32 found S-1-5-32 map_domain_name_to_sid: BUILTIN compare: BUILTIN sid_to_string returning S-1-5-32 found S-1-5-32 make_mydomain_sid: group Administrators in builtin domain sid_to_string returning S-1-5-32-544 nt name BUILTIN\Administrators gid 61 mapped to S-1-5-32-544 unixname = smb, ntname = BUILTIN\Administrators type = 4 load_name_map: Added 1 entries to name map. sid_to_string returning S-1-5-32-544 map_unixid: enum entry unix group smb 61 nt Administrators S-1-5-32-544 initialising map /usr/local/samba/private/domaingroup.map file_modified: /usr/local/samba/private/domaingroup.map modified load_name_map: Scanning name map /usr/local/samba/private/domaingroup.map Read line |smb="Domain Admins"| make_name_entry:,Domain Admins,smb unix_name_to_nt_name_info: unix_name:smb unix_name_to_nt_name_info: unix gid:61 map_domain_name_to_sid: overriding blank name to DUCTAMERICA map_domain_name_to_sid: DUCTAMERICA compare: BUILTIN compare: Global Domain compare: Everyone compare: LOCAL compare: Creator Owner compare: Creator Group compare: Creator Server Owner compare: Creator Server Group compare: NT Authority compare: DIALUP compare: NETWORK compare: BATCH compare: Interactive compare: Service compare: compare: SERVER LOGON compare: Authenticated Users compare: SYSTEM compare: DUCTAMERICA sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 found S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-512 nt name DUCTAMERICA\Domain Admins gid 61 mapped to S-1-5-21-1027092324-3789277122-2277139020-512 unixname = smb, ntname = DUCTAMERICA\Domain Admins type = 2 load_name_map: Added 1 entries to name map. sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-512 map_unixid: enum entry unix group smb 61 nt Domain Admins S-1-5-21-1027092324-3789277122-2277139020-512 pwdb_sam_map_name: found gid 0 and group rid 0x3e9 for unix user matthew not yet root: unbecome root depth is 1 lookup_added_user_name: nt name: matthew rid: c28 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 name: matthew sid: S-1-5-21-1027092324-3789277122-2277139020 rid: c28 type: 1 Found policy hnd[4] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... policy(pnum=4 sam_domain): Getting policy state sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020 Getting policy sid=S-1-5-21-1027092324-3789277122-2277139020 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-3112 lookupsmbpwsid: nt sid S-1-5-21-1027092324-3789277122-2277139020-3112 file_modified: /usr/local/samba/private/domainuser.map not modified search by uid: 210 startfileent: opening file /usr/local/samba/private/smbpasswd getsamfile21pwent get_number: 502:AB94A67DCBF0DCC0AAD3B435B51404EE:D4A85E1EB082A2E55B22877FE2879D18:Matthew Brichacek:/home/mmbrich:/bin/bash -> 502 getsmbfilepwent: returning passwd entry for unix user mmbrich, unix uid 502 unixuser:mmbrich uid:502 acb:10 pwdb_smb_map_names: unix mmbrich nt NULL unix 502 nt-1 lookupsmbpwnam: unix user name mmbrich lookupsmbpwuid: unix uid 502 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=mmbrich, unix_name=mmbrich Home server: comp03 getsamfile21pwent get_number: 503:6FD899DC607CA814AAD3B435B51404EE:2A5B19109F46E699C909E42C4A8F1478:Kristy Schlickbernd:/home/kristy:/bin/bash -> 503 getsmbfilepwent: returning passwd entry for unix user kristy, unix uid 503 unixuser:kristy uid:503 acb:10 pwdb_smb_map_names: unix kristy nt NULL unix 503 nt-1 lookupsmbpwnam: unix user name kristy lookupsmbpwuid: unix uid 503 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=kristy, unix_name=kristy Home server: comp03 getsamfile21pwent get_number: 521:71CC48557B3DE521AAD3B435B51404EE:82CAF3379861794804020A9DEF2B6273:Jethro Hopkins:/home/jethro:/bin/bash -> 521 getsmbfilepwent: returning passwd entry for unix user jethro, unix uid 521 unixuser:jethro uid:521 acb:10 pwdb_smb_map_names: unix jethro nt NULL unix 521 nt-1 lookupsmbpwnam: unix user name jethro lookupsmbpwuid: unix uid 521 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=jethro, unix_name=jethro Home server: comp03 getsamfile21pwent get_number: 528:AB94A67DCBF0DCC0AAD3B435B51404EE:D4A85E1EB082A2E55B22877FE2879D18:Matthew Brichacek:/home/mmbrich:/bin/bash -> 528 getsmbfilepwent: returning passwd entry for unix user matthew, unix uid 528 unixuser:matthew uid:528 acb:10 pwdb_smb_map_names: unix matthew nt NULL unix 528 nt-1 lookupsmbpwnam: unix user name matthew lookupsmbpwuid: unix uid 528 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 getsamfile21pwent getsamfile21pwent: nt_name=matthew, unix_name=matthew Home server: comp03 found by unix_uid: 210 endfileent: closed file. pwdb_sam_map_names: unix matthew nt matthew unix 528 nt3112 lookupsmbpwnam: unix user name matthew lookupsmbpwuid: unix uid 528 file_modified: /usr/local/samba/private/domainuser.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-500 map_unixid: enum entry unix group root 0 nt Administrator S-1-5-21-1027092324-3789277122-2277139020-500 pwdb_sam_map_name: found unix user matthew nt matthew uid 528 rid 0xc28 lookupsmbgrpgid: unix gid 0 file_modified: /usr/local/samba/private/localgroup.map not modified sid_to_string returning S-1-5-32-544 map_unixid: enum entry unix group smb 61 nt Administrators S-1-5-32-544 file_modified: /usr/local/samba/private/domaingroup.map not modified sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-512 map_unixid: enum entry unix group smb 61 nt Domain Admins S-1-5-21-1027092324-3789277122-2277139020-512 pwdb_sam_map_name: found gid 0 and group rid 0x3e9 for unix user matthew not yet root: unbecome root depth is 1 Found policy hnd[4] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 02 00 00 00 .... Getting policy vuser_key pnum=4 pid=20670 vuid=65 Opened policy hnd[5] register_policy_hnd: vuser [20670, 65] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 03 00 00 00 .... TODO: verify that the rid exists sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-3112 Setting policy sid=S-1-5-21-1027092324-3789277122-2277139020-3112 Found policy hnd[5] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 03 00 00 00 .... policy(pnum=5 ): Setting policy state Service setting policy sid=S-1-5-21-1027092324-3789277122-2277139020-3112 samr_query_usergroups: 2256 Found policy hnd[5] [000] 00 00 00 00 00 CB 39 66 37 A1 BF 01 C0 50 00 00 ......9f 7....P.. [010] 03 00 00 00 .... policy(pnum=5 ): Getting policy state sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-3112 Getting policy sid=S-1-5-21-1027092324-3789277122-2277139020-3112 sid_to_string returning S-1-5-21-1027092324-3789277122-2277139020-3112 lookupsmbpwsid: nt sid S-1-5-21-1027092324-3789277122-2277139020-3112 file_modified: /usr/local/samba/private/domainuser.map not modified search by uid: 210 startfileent: opening file /usr/local/samba/private/smbpasswd getsamfile21pwent get_number: 502:AB94A67DCBF0DCC0AAD3B435B51404EE:D4A85E1EB082A2E55B22877FE2879D18:Matthew Brichacek:/home/mmbrich:/bin/bash -> 502 getsmbfilepwent: returning passwd entry for unix user mmbrich, unix uid 502 unixuser:mmbrich uid:502 acb:10 pwdb_smb_map_names: unix mmbrich nt NULL unix 502 nt-1 according to all the logs i actually get logged on and then it disconnects after that. I tried a few different things as far as turning off daemons and replacing them too. When i would turn off or replace the lsarpcd with a later version(tng-1.7) i would get a "invalid username/password" at the domain login on win98. From philquinney at hotmail.com Sat Apr 8 13:22:36 2000 From: philquinney at hotmail.com (Philip Quinney) Date: Tue Dec 2 02:29:18 2003 Subject: request not supported (setgroups call) Message-ID: <20000408132236.56091.qmail@hotmail.com> Luke, I'm sure everybody understands that TNG really is not compatible with win9x but a large number of people support networks that have both 9x and NT. Anyway, the work you and the samba team are doing is great - keep it up. Phil Quinney. ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From jrhett at isite.net Sat Apr 8 18:50:20 2000 From: jrhett at isite.net (Joe Rhett) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: <200004081418.KAA10015@elektra.warbeast.com>; from kill-9@elektra.warbeast.com on Sun, Apr 09, 2000 at 12:21:15AM +1000 References: <200004081418.KAA10015@elektra.warbeast.com> Message-ID: <20000408115020.A21020@isite.net> You didn't read what you quoted of what he said. Win9x systems aren't domain clients. You - the user - can authenticate against a domain server, load your profile and run login scripts. But the system itself doesn't login to the domain, like NT systems do. Thus, no need to create entries in smbpasswd for win9x systems. On Sun, Apr 09, 2000 at 12:21:15AM +1000, kill -9 wrote: > I know I for one need the domain functionality to use in our network, for nt > clients. Therefore, I need to be able to log into it from a win98 machine as > well. I am getting the same problems. While I'm posting, I have a question. > When upgrading the samba tng package, what does one need to do to > ensure it works properly. IE. Do I need to recreate anything, (smbpasswd file, > SIDS, anything?), after redoing the binaries, etc? Or do I just need to > make install and restart everything? > Alex > > > > pete, all, > > > > you don't need TNG if you are using lose9x. > > > > these clients do not have the concept of domains in them in any way, > > shape, or form. > > > > they can, however, download profiles from a server, and you need to type > > in a username, domain name and password to get it. > > > > > > On Sat, 8 Apr 2000 perickson@mail.ipool.com wrote: > > > > > Hi everyone - I'm having problems logging into my samba-tng 1.9 domain. I > > > get an error stating "The request is not supported by the network" on my > > > Win98 laptop. The computer trust account and username are both added to > > > the smbpasswd file as well as /etc/passwd . My log.netlogon files > > > contains the following error: > > > > > > ERROR: sys setgroups call failed! > > > TODO: verify that the rid exists > > > > > > In a previous post regarding this problem, someone said that they solved > > > the problem by reverting to tng-1.0 . I was wondering if there's some > > > other way to solve this without reverting to an old version. If anyone > > > has any info or suggestions, I would greatly appreciate it. > > > > > > Thanks, > > > Pete Erickson > > > perickson@ipool.com > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > Macmillan Technical Publishing > > > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > > > -- Joe Rhett Chief Technology Officer JRhett@ISite.Net ISite Services, Inc. PGP keys and contact information: http://www.noc.isite.net/Staff/ From michael at mouling.de Sat Apr 8 19:02:55 2000 From: michael at mouling.de (=?ISO-8859-1?Q?Michael_M=FChle?=) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: <20000408115020.A21020@isite.net> Message-ID: On Sun, 9 Apr 2000, Joe Rhett wrote: > You didn't read what you quoted of what he said. > > Win9x systems aren't domain clients. You - the user - can authenticate > against a domain server, load your profile and run login scripts. But the > system itself doesn't login to the domain, like NT systems do. Thus, no > need to create entries in smbpasswd for win9x systems. > The question is not wether I need entries for win9x systems on Samba-TNG but that I can not login anymore to the server with error message request not supported in latest cvs. Because of this I can not use any share provided by my samba server from win9x client. michael -- eMail: michael@mouling.de WWW: www.mouling.de From lkcl at samba.org Sun Apr 9 01:25:48 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: TNG-1.9 login problems In-Reply-To: <00040804024100.00862@comp03.binary.net> Message-ID: On Sat, 8 Apr 2000, Matthew Brichacek wrote: > > Hello, > > I compliled tng-1.9 on my linux mandrake 7.0 machine and the install went fine, > i executed all of the daemons in sbin and loged out of my win98 machine, after > this i was unable to gain access to the network and windows would say "The > Request is not supported by the network. My config file has not changed though > the versions so i am sure that is not it. here are some of my logfiles. i had > debug = 20so they may be large, i will put in the ones that i saw a change > through. > Thanks hi matthew, ok, i give up. please can you try earlier versions, going back until you find the one that works and the one that doesn't. i'll then compare the source of each and see what made it break. thanks. From lkcl at samba.org Sun Apr 9 01:29:36 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: <20000408132236.56091.qmail@hotmail.com> Message-ID: On Sat, 8 Apr 2000, Philip Quinney wrote: > Luke, > > I'm sure everybody understands that TNG really is not compatible with win9x > but a large number of people support networks that have both 9x and NT. *sigh*. yeah, i know. i can't help my pathological hatred of 9x, i respect DOS with MSCLIENT 3.0 more than 9x. i'll try to keep it under control, plus the other samba team members keep me in line, not just you :) > Anyway, the work you and the samba team are doing is great - keep it up. thx phil. p.s. i know what the setgroups problem is, it's gonna take a while to fix. From lkcl at samba.org Sun Apr 9 01:32:02 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: <200004081418.KAA10015@elektra.warbeast.com> Message-ID: On Sat, 8 Apr 100, kill -9 wrote: > I know I for one need the domain functionality to use in our network, for nt > clients. Therefore, I need to be able to log into it from a win98 machine as > well. I am getting the same problems. While I'm posting, I have a question. > When upgrading the samba tng package, what does one need to do to > ensure it works properly. IE. Do I need to recreate anything, (smbpasswd file, > SIDS, anything?), after redoing the binaries, etc? Or do I just need to > make install and restart everything? yeah, that's pretty much it. if starting from scratch, you need to do touch private/smbpasswd because it won't create smbpasswd if it doesn't exist. > Alex > > > > pete, all, > > > > you don't need TNG if you are using lose9x. > > > > these clients do not have the concept of domains in them in any way, > > shape, or form. > > > > they can, however, download profiles from a server, and you need to type > > in a username, domain name and password to get it. > > > > > > On Sat, 8 Apr 2000 perickson@mail.ipool.com wrote: > > > > > Hi everyone - I'm having problems logging into my samba-tng 1.9 domain. I > > > get an error stating "The request is not supported by the network" on my > > > Win98 laptop. The computer trust account and username are both added to > > > the smbpasswd file as well as /etc/passwd . My log.netlogon files > > > contains the following error: > > > > > > ERROR: sys setgroups call failed! > > > TODO: verify that the rid exists > > > > > > In a previous post regarding this problem, someone said that they solved > > > the problem by reverting to tng-1.0 . I was wondering if there's some > > > other way to solve this without reverting to an old version. If anyone > > > has any info or suggestions, I would greatly appreciate it. > > > > > > Thanks, > > > Pete Erickson > > > perickson@ipool.com > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > Macmillan Technical Publishing > > > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sun Apr 9 01:51:56 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: <20000408115020.A21020@isite.net> Message-ID: On Sun, 9 Apr 2000, Joe Rhett wrote: > You didn't read what you quoted of what he said. > > Win9x systems aren't domain clients. You - the user - can authenticate > against a domain server, load your profile and run login scripts. But the > system itself doesn't login to the domain, like NT systems do. Thus, no > need to create entries in smbpasswd for win9x systems. [the workstation trust accounts, that is]. From lkcl at samba.org Sun Apr 9 01:55:09 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) In-Reply-To: Message-ID: On Sun, 9 Apr 2000, Michael M?hle wrote: > On Sun, 9 Apr 2000, Joe Rhett wrote: > > > You didn't read what you quoted of what he said. > > > > Win9x systems aren't domain clients. You - the user - can authenticate > > against a domain server, load your profile and run login scripts. But the > > system itself doesn't login to the domain, like NT systems do. Thus, no > > need to create entries in smbpasswd for win9x systems. > > > > The question is not wether I need entries for win9x systems on Samba-TNG > but that I can not login anymore to the server with error message > request not supported in latest cvs. track it down by doing a cvs -t co -D "4 days ago" -r SAMBA_TNG samba then narrow it down with a binary search till you find the version that does and does not work. tell me the cvs date and time and the +/- range, do a diff -r on the two directories you find. this will tell exactly what code went into cvs that broke it. i don't use win9x, so if win9x matters to people, they will need to do this themselves, not me. i will fix the problem... _if_ someone else tracks it down. thx ppl. p.s. big hint: it's likely to be in nmbd/nmbd_processlogon.c. p.p.s. another hint: try running with 2.0.6 nmbd and see if that works. From dbraun at home.com Sun Apr 9 02:05:10 2000 From: dbraun at home.com (dan braun) Date: Tue Dec 2 02:29:19 2003 Subject: subscribe Message-ID: <38EFE556.57B0128F@home.com> subscribe -- Dan Braun - PegaSoft Canada Linux Solutions, Design and Administration Toronto, Ontario, Canada http://www.vaxxine.com/pegasoft mailto:dbraun@home.com, mailto:dan@tiamet.vaxxine.com From lkcl at samba.org Sun Apr 9 03:16:02 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: samba-tng-alpha-2.0.tar.gz Message-ID: - fixed nmbd short request GETDC responses (for win9x). - added pam_ntdom and installation instructions. From mmbrich at ductamerica.com Sun Apr 9 05:06:48 2000 From: mmbrich at ductamerica.com (Matthew Brichacek) Date: Tue Dec 2 02:29:19 2003 Subject: TNG-2.0 Still no win98 login Message-ID: <00040900171903.00862@comp03.binary.net> Hello, I just downloaded the TNG-2.0 code and it still doesn't fix the win98 login problem, whenever i login from my win98 machine i get a "The request is not supported by the network" According to all the log files the user logs in fine, the only difference i noticed was in log.nmbd the process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 0 and it used to be process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 7 is this any help? Here are my log-config files Thanks Matthew log.smb [2000/04/09 00:03:37, 1] smbd/server.c:main(679) smbd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1998 file_init: Information only: requested 10000 open files, 1014 are available. authorise_login: TODO. split function, it's 6 levels! matthew logged in as admin user (root privileges) log.nmb Samba name server COMP03 is now a local master browser for workgroup DUCTAMERICA on subnet xxx.xxx.xx.xxx ***** ***** Samba name server COMP03 is now a local master browser for workgroup DUCTAMERICA on subnet xxx.xxx.xx.xxx ***** process_logon_packet: Logon from xxx.xx.xxx.xx: code = 0 process_logon_packet: Logon from xxx.xx.xxx.xx: code = 0 log.netlogon [2000/04/09 00:04:07, 1] msrpc/msrpcd.c:main(457) netlogond version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /usr/local/samba/var/locks/.msrpc perms=448 /usr/local/samba/var/locks/.msrpc/netlogon perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /usr/local/samba/var/locks/.msrpc/netlogon failed ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! smb.conf [global] bind interfaces only = Yes wins proxy = yes message command = sh -c 'echo interfaces = xxx.xx.xxx.xx/255.255.255.0 xxx.xx.xxx.xx/255.255.255.248 domain master = Yes dos filetimes = Yes dos filetime resolution = Yes domain logons = yes printing = bsd logon path = \\comp03\profiles\%U server string = Linux DA Server lm announce = True workgroup = DUCTAMERICA passwd chat = *password* %n/n *password* %n/n *successfull* smb passwd file = /usr/local/samba/private/smbpasswd netbios name = COMP03 domain user map = /usr/local/samba/private/domainuser.map keepalive = 60 case sensitive = no admin users = matt, matthew, mmbrich printcap name = /etc/printcap domain group map = /usr/local/samba/private/domaingroup.map default = public preserve case = yes passwd program = /usr/bin/passwd %u encrypt passwords = yes follow symlinks = No update encrypted = Yes wins hook = /usr/local/samba/bin/dns_update comment = Linux unix password sync = Yes socket options = SO_KEEPALIVE TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 netbios aliases = da-drive local group map = /usr/local/samba/private/localgroup.map load printers = yes short preserve case = yes security = user os level = 200 name resolve order = lmhosts, host, wins, bcast, username map = /dsk/user.map wins support = true lock directory = /usr/local/samba/locks [netlogon] comment = Samba Network Logon Services path = /home/netlogon browseable = yes locking = No case sensitive = no writeable = yes [homes] writable = yes comment = This is your personal home directory browseable = no [public] writable = yes comment = Schedule Information force group = da path = /home/shared sync always = yes [FTPpub] comment = FTP Server Map path = /home/ftp read only = no [Deskjet] printable = yes printer = lp path = /var/spool/lpd/lp [profiles] comment = User Profiles path = /home/profile create mode = 0600 directory mode = 0700 writeable = yes browseable = no From lkcl at samba.org Sun Apr 9 05:35:29 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: TNG-2.0 Still no win98 login In-Reply-To: <00040900171903.00862@comp03.binary.net> Message-ID: On Sun, 9 Apr 2000, Matthew Brichacek wrote: > > Hello, > > I just downloaded the TNG-2.0 code and it still doesn't fix the win98 login > problem, whenever i login from my win98 machine i get a "The request is not > supported by the network" According to all the log files the user logs in > fine, the only difference i noticed was in log.nmbd the > process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 0 > and it used to be > process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 7 give!!!! DEBUG level 100!!!! gimme!!! > is this any help? YES!! :) From lkcl at samba.org Sun Apr 9 05:42:53 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: TNG-2.0 Still no win98 login In-Reply-To: Message-ID: michael, it is not possible to reply to your "ductamerica" address, please can you investigate this. thinking about this some more, can you please send me a complete section of all process_logon_packet requests and responses. thx. On Sun, 9 Apr 2000, Luke Kenneth Casson Leighton wrote: > On Sun, 9 Apr 2000, Matthew Brichacek wrote: > > > > > Hello, > > > > I just downloaded the TNG-2.0 code and it still doesn't fix the win98 login > > problem, whenever i login from my win98 machine i get a "The request is not > > supported by the network" According to all the log files the user logs in > > fine, the only difference i noticed was in log.nmbd the > > > process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 0 > > and it used to be > > process_logon_packet: Logon from xxx.xxx.xx.xxx: code = 7 > > give!!!! DEBUG level 100!!!! gimme!!! > > > is this any help? > > YES!! :) > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From miles at turboflux.ab.ca Sun Apr 9 06:19:18 2000 From: miles at turboflux.ab.ca (Miles A. Peterson) Date: Tue Dec 2 02:29:19 2003 Subject: Windows can't find my PDC Message-ID: I'm having some problems.. I've looked at a ton of docs, all kinds of pages and such, but none of them have any new information for me. im trying to use samba 2.0.6 as a PDC.. i have it all setup, and when i try to logon via one of my windows machines, it just hangs for a second and says it couldnt find a domain server.. i cant figure out why not.. i've seen many posts about this TNG thing, i have no idea what it is.. do i need it? and do the IPs of my network have to be INTERNAL to work? or can they just be other IP's that i own (which are externaL)? i'd appreciate ANY help at all.. -Miles From lkcl at samba.org Sun Apr 9 06:45:10 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: samba-tng-alpha-2.1.tar.gz Message-ID: ftp://samba.org/pub/samba/alpha and all mirror sites. plenty of alpha releases have got to be good for the soul. - fixed security = domain. i had some nice recursion problems, i love filling up my process table with samrd and lsarpcd calling each other (...only kidding). - fixed up netlogond so that pam_ntdom can contact it on a domain loopback _even_ for domain logons, and netlogond will notice, oh wow, this is not my domain, and find and call out to the real domain controller -- this is now netlogond's job, not pam_ntdom's. hey presto, no configuration of pam_ntdom required, whatsoever. - win98 still doesn't work. and guess what? if people want it fixed, send a full report of all process_logon_request request / response sections of log.nmb. the ones that show the GETDC request and response. anything less is insufficient to solve the problem (if that's where the problem lies). a netmon trace would do just as well. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From arielez at cs.huji.ac.il Sun Apr 9 07:28:41 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:19 2003 Subject: tng1.8 problems Message-ID: I've been using a CVS version (from ~6 month ago) of samba-tng for 6 month now, and my nt4 clients had no problems loging on it. I've tried to upgrade to tng1.8 yesterday, but I got several problems: 1) NT workstation won't login anymore (I've remmoved then from the domain and re-added them when upgrading) 2) I get erros like: socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused 3) I started with an empty smbpasswd and created a root acount using smbpasswd -a root I set the password temporarily to 123456. The problem is that I can logon with rpcclient with any password I want, i.e. I don't get any error if I do rpcclient -S . -W HOME -U root%abcdef 4) Changing passwords using rpcclient/samedit and the ntpass command always fails: More examples of errors: [HOME\root@.]$ createuser excalibur$ createuser excalibur$ socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: HOME Name: excalibur$ ACB: [W ] Resetting Trust Account to insecure, initial, well-known value: "excalibur" excalibur can now be joined to the domain, which should be done on a private, secure network as soon as possible socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: OK [root@ds9 var]# rpcclient -S . -W HOME -U root%123456 added interface ip=192.168.1.5 bcast=192.168.1.255 nmask=255.255.255.0 [HOME\root@.]$ ntpass ntpass SAM NT Password Change socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused User: root Domain: HOME New Password: retype: socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused NT Password change FAILED [HOME\root@.]$ ntlog ntlog Enter NT Login password: socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused socket connect to /tmp/.msrpc/.NETLOGON/agent failed: Connection refused cmd_nt_login: login (root) test succeeded: Yes Does anyone have any ideas? From lkcl at samba.org Sun Apr 9 07:38:43 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: tng1.8 problems In-Reply-To: Message-ID: On Sun, 9 Apr 2000, Eizenberg Ariel wrote: > I've been using a CVS version (from ~6 month ago) of samba-tng for 6 month > now, and my nt4 clients had no problems loging on it. > I've tried to upgrade to tng1.8 yesterday, but I got several problems: that's 3 versions old :) try 2.1. > 1) NT workstation won't login anymore (I've remmoved then from the > domain and re-added them when upgrading) > 2) I get erros like: > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused ignore them. > 3) I started with an empty smbpasswd and created a root acount using > smbpasswd -a root use samedit -S . -U root% -l log and issue a createuser command. see archives for details, these things have all been said and done, before, welcome to the experimenters :) > I set the password temporarily to 123456. The problem is that I can > logon with rpcclient with any password I want, i.e. > I don't get any error if I do > rpcclient -S . -W HOME -U root%abcdef yes, that's correct behaviour: you can only run this as root (-S .) and you can specify any username. it's the functional equivalent of "su". > 4) Changing passwords using rpcclient/samedit and the ntpass command > always fails: oops, not again. try it with 2.1, send in another report. From ed at schernau.com Sun Apr 9 08:29:40 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:19 2003 Subject: OT: ACLs for Linux Message-ID: <38F03F74.D18562A5@schernau.com> If anyone has any experience setting this up, I'd love to hear it. -- Edward Schernau http://www.schernau.com Network Architect mailto:ed@schernau.com Rational Computing Providence, RI, USA From moser at egu.schule.ulm.de Sun Apr 9 08:29:40 2000 From: moser at egu.schule.ulm.de (Steffen Moser) Date: Tue Dec 2 02:29:19 2003 Subject: Windows can't find my PDC References: Message-ID: <38F03F74.66C73FDF@egu.schule.ulm.de> Hello, "Miles A. Peterson" wrote: > I'm having some problems.. I've looked at a ton of docs, all kinds of > pages and such, but none of them have any new information for me. im > trying to use samba 2.0.6 as a PDC.. i have it all setup, and when i try > to logon via one of my windows machines, it just hangs for a second and > says it couldnt find a domain server.. Which OS are you running on your Windows machines? If you are running "Windows 2000", you cannot use "samba-2.0.x" as a domain controller. You have to use "samba-TNG" then. > i've seen many posts about this TNG thing, i have no idea what it is.. do > i need it? I think it depends on what client machines you are running. If you have only "Win9x" machines, you should continue in using "samba-2.0.x". > and do the IPs of my network have to be INTERNAL to work? or > can they just be other IP's that i own (which are externaL)? i'd > appreciate ANY help at all.. You can use external or internal (e.g. "10.x.y.z") addresses. Regards, Steffen From dominik.kubla at uni-mainz.de Sun Apr 9 09:22:09 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:19 2003 Subject: OT: ACLs for Linux In-Reply-To: <38F03F74.D18562A5@schernau.com>; from Edward Schernau on Sun, Apr 09, 2000 at 06:20:43PM +1000 References: <38F03F74.D18562A5@schernau.com> Message-ID: <20000409112209.A18353@uni-mainz.de> On Sun, Apr 09, 2000 at 06:20:43PM +1000, Edward Schernau wrote: > If anyone has any experience setting this up, I'd love to hear it. Look at http://acl.bestbits.at/. I had it working on x86, SPARC and Alpha until i had to migrate to the 2.3.x kernels for my development work. Not much of a problem to set it up if you follow the instructions. Most important is to replace the fsck tool so you don't "fix" the ACL disk blocks. Biggest problem right now is that nobody implemented the ACL over NFS protocol, so using ACL's together with NFS is not supported. (I started once, but never got very far...) And you are locked to the 2.2.x kernel series at the moment. Most important: This is BETA quality code. Use it at your own risk! Andreas, did i miss something? Dominik -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From a.gruenbacher at bestbits.at Sun Apr 9 09:35:56 2000 From: a.gruenbacher at bestbits.at (Andreas Gruenbacher) Date: Tue Dec 2 02:29:19 2003 Subject: [ACL-Devel] Re: OT: ACLs for Linux References: <38F03F74.D18562A5@schernau.com> <20000409112209.A18353@uni-mainz.de> Message-ID: <38F04EFC.CA096448@bestbits.at> Dominik Kubla wrote: > > On Sun, Apr 09, 2000 at 06:20:43PM +1000, Edward Schernau wrote: > > If anyone has any experience setting this up, I'd love to hear it. > > Look at http://acl.bestbits.at/. I had it working on x86, SPARC and Alpha > until i had to migrate to the 2.3.x kernels for my development work. Not > much of a problem to set it up if you follow the instructions. > > Most important is to replace the fsck tool so you don't "fix" the ACL disk > blocks. Biggest problem right now is that nobody implemented the ACL over > NFS protocol, so using ACL's together with NFS is not supported. (I started > once, but never got very far...) And you are locked to the 2.2.x kernel > series at the moment. > > Most important: This is BETA quality code. Use it at your own risk! > > Andreas, did i miss something? There's even some ALPHA quality stuff. Anyone who is willing to do some testing/debugging should take a look at the latest acc-* code. This is going to support ACLs as well as Capabilities etc. For (semi-)production systems I really recommend the latest stable version on a 2.2.13 kernel. Andreas ------------------------------------------------------------------------ Andreas Gruenbacher, a.gruenbacher@computer.org Contact information: http://www.bestbits.at/~ag/ From admin at geoksc.apatity.ru Sun Apr 9 10:26:30 2000 From: admin at geoksc.apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) References: Message-ID: <003401bfa20e$2db2d600$0a02a8c0@SAMBA> > you don't need TNG if you are using lose9x. i'm use NT 4.0 W2K and win95/win98 machines in my network. I want to enable the users to distribute to the resources under the list users from the server. At present it is realized on Netware and it would be desirable to proceed on Samba. > these clients do not have the concept of domains in them in any way, > shape, or form. > they can, however, download profiles from a server, and you need to type > in a username, domain name and password to get it. On logon i'm received message "The request is not supported by the network" What is wrong? log.lsarpc: lsarpcd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /usr/local/samba/var/locks/.msrpc perms=448 /usr/local/samba/var/ locks/.msrpc/lsarpc perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** ERROR: sys_setgroups call failed! ERROR: sys_setgroups call failed! ERROR: sys_setgroups call failed! ERROR: sys_setgroups call failed! log.netlogon: [2000/04/09 12:46:08, 1] msrpc/msrpcd.c:main(457) netlogond version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /usr/local/samba/var/locks/.msrpc perms=448 /usr/local/samba/var/ locks/.msrpc/netlogon perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! log.samr: [2000/04/09 12:46:09, 1] msrpc/msrpcd.c:main(457) samrd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /usr/local/samba/var/locks/.msrpc perms=448 /usr/local/samba/var/ locks/.msrpc/samr perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** TODO: verify that the rid exists TODO: verify that the rid exists ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! TODO: verify that the rid exists ERROR: sys_setgroups call failed! ERROR: sys_setgroups call failed! TODO: verify that the rid exists log.smb [2000/04/09 12:46:06, 1] smbd/server.c:main(679) smbd version TNG-prealpha started. Copyright Andrew Tridgell 1992-1998 file_init: Information only: requested 10000 open files, 1014 are available. authorise_login: TODO. split function, it's 6 levels! System: Linux BlackCat 6.02(RedHat 6.0 based) or Linux Mandrake 7.0 Kernel 2.2.14, gcc 2.92.2, samba-TNG-1.8(1.9) From schs at apatity.ru Sun Apr 9 10:49:34 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported (setgroups call) References: <200004081418.KAA10015@elektra.warbeast.com> <20000408115020.A21020@isite.net> Message-ID: <006501bfa211$50e51f40$0a02a8c0@SAMBA> > Win9x systems aren't domain clients. You - the user - can authenticate > against a domain server, load your profile and run login scripts. But the > system itself doesn't login to the domain, like NT systems do. Thus, no > need to create entries in smbpasswd for win9x systems. Whether probably to receive the list of the users from the server to the client win98 and to distribute to the resources with its help? From Meerwaldt at t-online.de Sun Apr 9 09:29:14 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:19 2003 Subject: Windows can't find my PDC In-Reply-To: Message-ID: Please post your smb.conf. Have you nmbd and smbd running? -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ On Sun, 9 Apr 2000, Miles A. Peterson wrote: > I'm having some problems.. I've looked at a ton of docs, all kinds of > pages and such, but none of them have any new information for me. im > trying to use samba 2.0.6 as a PDC.. i have it all setup, and when i try > to logon via one of my windows machines, it just hangs for a second and > says it couldnt find a domain server.. i cant figure out why not.. > > i've seen many posts about this TNG thing, i have no idea what it is.. do > i need it? and do the IPs of my network have to be INTERNAL to work? or > can they just be other IP's that i own (which are externaL)? i'd > appreciate ANY help at all.. > > -Miles > From print4me at nfmail.com Sun Apr 9 04:23:06 2000 From: print4me at nfmail.com (print4me@nfmail.com) Date: Tue Dec 2 02:29:19 2003 Subject: AD:Family Reunion T Shirts & More Message-ID: <868.816149.740506@mailmach.40900.net> Message sent by: Kuppler Graphics, 32 West Main Street, Maple Shade, New Jersey, 08052, 1-800-810-4330. This list will NOT be sold. All addresses are automatically added to our remove list. Hello. My name is Bill from Kuppler Graphics. We do screenprinting on T Shirts, Sweatshirts, Jackets, Hats, Tote Bags and more! Do you or someone you know have a Family Reunion coming up? Kuppler Graphics would like to provide you with some great looking T Shirts for your Reunion. Kuppler Graphics can also provide you with custom T's and promotional items such as imprinted magnets, keychains, pens, mugs, hats, etc. for your business or any fundraising activity (church, school, business etc.) We also can provide you with quality embroidery. We are a family owned company with over 15 years of experience. All work is done at this location. No middle man. Our prices are great! Click reply to email us or call 1-800-810-4330 for more info Bill Kuppler Graphics From nord at cdt.luth.se Sun Apr 9 21:25:56 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:19 2003 Subject: TNG 2.1 compile errors Message-ID: <200004092125.XAA12657@basil.cdt.luth.se> Samba tng 2.1 fails compiling :-( /James configured with: ./configure --prefix=/usr/local/samba_tng --program- suffix=_tng --with-dfs --with-automount --with- smbmount --with-syslog --with-profile --with-utmp -- with-msdfs Error: Using FLAGS = -O -Iinclude -I./include -I./ubiqx - I./smbwrapper - DLOGFILEBASE="/usr/local/samba_tng/var" - DSMBLOGFILE="/usr/local/samba_tng/var/log.smb" - DNMBLOGFILE="/usr/local/samba_tng/var/log.nmb" - DCONFIGFILE="/usr/local/samba_tng/lib/smb.conf" - DLMHOSTSFILE="/usr/local/samba_tng/lib/lmhosts" - DSWATDIR="/usr/local/samba_tng/swat" - DSBINDIR="/usr/local/samba_tng/sbin" - DLOCKDIR="/usr/local/samba_tng/var/locks" - DSMBRUN="/usr/local/samba_tng/bin/smbrun" - DCODEPAGEDIR="/usr/local/samba_tng/lib/codepages" - DDRIVERFILE="/usr/local/samba_tng/lib/printers.def" - DBINDIR="/usr/local/samba_tng/bin" - DFORMSFILE="/usr/local/samba_tng/lib/ntforms.def" - DNTDRIVERSDIR="/usr/local/samba_tng/lib" - DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" - DSMB_PASSWD_PROGRAM="/usr/local/samba_tng/bin/smbpasswd" - DSMB_PASSWD_FILE="/usr/local/samba_tng/private/smbpasswd " -DSAM_DIR="/usr/local/samba_tng/sam" - DSMB_PASSGRP_FILE="/usr/local/samba_tng/private/smbpassg rp" - DSMB_GROUP_FILE="/usr/local/samba_tng/private/smbgroup" -DSMB_ALIAS_FILE="/usr/local/samba_tng/private/smbalias" Using LIBS = -lreadline -ldl -lcrypt Compiling smbd/connection.c smbd/connection.c: In function `utmp_yield': smbd/connection.c:332: `i' undeclared (first use in this function) smbd/connection.c:332: (Each undeclared identifier is reported only once smbd/connection.c:332: for each function it appears in.) smbd/connection.c: At top level: smbd/connection.c:344: conflicting types for `utmp_claim' smbd/connection.c:32: previous declaration of `utmp_claim' smbd/connection.c: In function `utmp_claim': smbd/connection.c:358: `i' undeclared (first use in this function) make: *** [smbd/connection.o] Error 1 From nord at cdt.luth.se Sun Apr 9 21:33:02 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:19 2003 Subject: TNG 2.1 compile errors In-Reply-To: <200004092125.XAA12657@basil.cdt.luth.se> References: <200004092125.XAA12657@basil.cdt.luth.se> Message-ID: <200004092133.XAA12749@basil.cdt.luth.se> Quoting James Nord : Linux 2.2.14 Redhat 6.1 based. /James > Samba tng 2.1 fails compiling :-( > > /James > > configured with: > /configure --prefix=/usr/local/samba_tng --program- > suffix=_tng --with-dfs --with-automount --with- > smbmount --with-syslog --with-profile --with-utmp -- > with-msdfs > > Error: > Using FLAGS = -O -Iinclude -I./include -I./ubiqx - > I./smbwrapper - > DLOGFILEBASE="/usr/local/samba_tng/var" - > DSMBLOGFILE="/usr/local/samba_tng/var/log.smb" - > DNMBLOGFILE="/usr/local/samba_tng/var/log.nmb" - > DCONFIGFILE="/usr/local/samba_tng/lib/smb.conf" - > DLMHOSTSFILE="/usr/local/samba_tng/lib/lmhosts" - > DSWATDIR="/usr/local/samba_tng/swat" - > DSBINDIR="/usr/local/samba_tng/sbin" - > DLOCKDIR="/usr/local/samba_tng/var/locks" - > DSMBRUN="/usr/local/samba_tng/bin/smbrun" - > DCODEPAGEDIR="/usr/local/samba_tng/lib/codepages" - > DDRIVERFILE="/usr/local/samba_tng/lib/printers.def" - > DBINDIR="/usr/local/samba_tng/bin" - > DFORMSFILE="/usr/local/samba_tng/lib/ntforms.def" - > DNTDRIVERSDIR="/usr/local/samba_tng/lib" - > DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" - > DSMB_PASSWD_PROGRAM="/usr/local/samba_tng/bin/smbpasswd" > - > DSMB_PASSWD_FILE="/usr/local/samba_tng/private/smbpasswd > " -DSAM_DIR="/usr/local/samba_tng/sam" - > DSMB_PASSGRP_FILE="/usr/local/samba_tng/private/smbpassg > rp" - > DSMB_GROUP_FILE="/usr/local/samba_tng/private/smbgroup" > - DSMB_ALIAS_FILE="/usr/local/samba_tng/private/smbalias" > Using LIBS = -lreadline -ldl -lcrypt > Compiling smbd/connection.c > smbd/connection.c: In function `utmp_yield': > smbd/connection.c:332: `i' undeclared (first use in > this function) > smbd/connection.c:332: (Each undeclared identifier is > reported only once > smbd/connection.c:332: for each function it appears in.) > smbd/connection.c: At top level: > smbd/connection.c:344: conflicting types for > `utmp_claim' > smbd/connection.c:32: previous declaration of > `utmp_claim' > smbd/connection.c: In function `utmp_claim': > smbd/connection.c:358: `i' undeclared (first use in > this function) > make: *** [smbd/connection.o] Error 1 > From michael at mouling.de Sun Apr 9 21:54:03 2000 From: michael at mouling.de (Michael Muehle) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported References: Message-ID: <38F0FBFB.C6145D54@mouling.de> Hi with the latest cvs ( 9.4.00 20:00 CEST +2) Win9x login is running again. User manage for domain and server manage still did not find my pdc from Win9x but thats not so important for me. May be I will hava a close look on this tomorow. cu michael From ed at schernau.com Sun Apr 9 22:10:10 2000 From: ed at schernau.com (Ed Schernau) Date: Tue Dec 2 02:29:19 2003 Subject: FYI: re: ACLs for Linux 2.2.14 Message-ID: <38F0FFC2.545A5A5@schernau.com> the bestbits.at ACL stuff is typical downloable, beta Linux software. Scant docs, numerous patches, all of which subtly fail in some way or another. From lkcl at samba.org Mon Apr 10 00:58:27 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: TNG 2.1 compile errors In-Reply-To: <200004092125.XAA12657@basil.cdt.luth.se> Message-ID: hm, this is the utmp stuff. that's not been cut over properly from cvs main. On Mon, 10 Apr 2000, James Nord wrote: > Samba tng 2.1 fails compiling :-( > > /James > > configured with: > /configure --prefix=/usr/local/samba_tng --program- > suffix=_tng --with-dfs --with-automount --with- > smbmount --with-syslog --with-profile --with-utmp -- > with-msdfs > > Error: > Using FLAGS = -O -Iinclude -I./include -I./ubiqx - > I./smbwrapper - > DLOGFILEBASE="/usr/local/samba_tng/var" - > DSMBLOGFILE="/usr/local/samba_tng/var/log.smb" - > DNMBLOGFILE="/usr/local/samba_tng/var/log.nmb" - > DCONFIGFILE="/usr/local/samba_tng/lib/smb.conf" - > DLMHOSTSFILE="/usr/local/samba_tng/lib/lmhosts" - > DSWATDIR="/usr/local/samba_tng/swat" - > DSBINDIR="/usr/local/samba_tng/sbin" - > DLOCKDIR="/usr/local/samba_tng/var/locks" - > DSMBRUN="/usr/local/samba_tng/bin/smbrun" - > DCODEPAGEDIR="/usr/local/samba_tng/lib/codepages" - > DDRIVERFILE="/usr/local/samba_tng/lib/printers.def" - > DBINDIR="/usr/local/samba_tng/bin" - > DFORMSFILE="/usr/local/samba_tng/lib/ntforms.def" - > DNTDRIVERSDIR="/usr/local/samba_tng/lib" - > DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" - > DSMB_PASSWD_PROGRAM="/usr/local/samba_tng/bin/smbpasswd" > - > DSMB_PASSWD_FILE="/usr/local/samba_tng/private/smbpasswd > " -DSAM_DIR="/usr/local/samba_tng/sam" - > DSMB_PASSGRP_FILE="/usr/local/samba_tng/private/smbpassg > rp" - > DSMB_GROUP_FILE="/usr/local/samba_tng/private/smbgroup" > -DSMB_ALIAS_FILE="/usr/local/samba_tng/private/smbalias" > Using LIBS = -lreadline -ldl -lcrypt > Compiling smbd/connection.c > smbd/connection.c: In function `utmp_yield': > smbd/connection.c:332: `i' undeclared (first use in > this function) > smbd/connection.c:332: (Each undeclared identifier is > reported only once > smbd/connection.c:332: for each function it appears in.) > smbd/connection.c: At top level: > smbd/connection.c:344: conflicting types for > `utmp_claim' > smbd/connection.c:32: previous declaration of > `utmp_claim' > smbd/connection.c: In function `utmp_claim': > smbd/connection.c:358: `i' undeclared (first use in > this function) > make: *** [smbd/connection.o] Error 1 > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon Apr 10 01:00:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: TNG 2.1 compile errors In-Reply-To: <200004092125.XAA12657@basil.cdt.luth.se> Message-ID: urr.... there's no difference (significant ones) from cvs main! can someone who is doing the utmp work please take a look at this, and provide a fix? thx, and thx james. luke On Mon, 10 Apr 2000, James Nord wrote: > Samba tng 2.1 fails compiling :-( > > /James > > configured with: > /configure --prefix=/usr/local/samba_tng --program- > suffix=_tng --with-dfs --with-automount --with- > smbmount --with-syslog --with-profile --with-utmp -- > with-msdfs > > Error: > Using FLAGS = -O -Iinclude -I./include -I./ubiqx - > I./smbwrapper - > DLOGFILEBASE="/usr/local/samba_tng/var" - > DSMBLOGFILE="/usr/local/samba_tng/var/log.smb" - > DNMBLOGFILE="/usr/local/samba_tng/var/log.nmb" - > DCONFIGFILE="/usr/local/samba_tng/lib/smb.conf" - > DLMHOSTSFILE="/usr/local/samba_tng/lib/lmhosts" - > DSWATDIR="/usr/local/samba_tng/swat" - > DSBINDIR="/usr/local/samba_tng/sbin" - > DLOCKDIR="/usr/local/samba_tng/var/locks" - > DSMBRUN="/usr/local/samba_tng/bin/smbrun" - > DCODEPAGEDIR="/usr/local/samba_tng/lib/codepages" - > DDRIVERFILE="/usr/local/samba_tng/lib/printers.def" - > DBINDIR="/usr/local/samba_tng/bin" - > DFORMSFILE="/usr/local/samba_tng/lib/ntforms.def" - > DNTDRIVERSDIR="/usr/local/samba_tng/lib" - > DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" - > DSMB_PASSWD_PROGRAM="/usr/local/samba_tng/bin/smbpasswd" > - > DSMB_PASSWD_FILE="/usr/local/samba_tng/private/smbpasswd > " -DSAM_DIR="/usr/local/samba_tng/sam" - > DSMB_PASSGRP_FILE="/usr/local/samba_tng/private/smbpassg > rp" - > DSMB_GROUP_FILE="/usr/local/samba_tng/private/smbgroup" > -DSMB_ALIAS_FILE="/usr/local/samba_tng/private/smbalias" > Using LIBS = -lreadline -ldl -lcrypt > Compiling smbd/connection.c > smbd/connection.c: In function `utmp_yield': > smbd/connection.c:332: `i' undeclared (first use in > this function) > smbd/connection.c:332: (Each undeclared identifier is > reported only once > smbd/connection.c:332: for each function it appears in.) > smbd/connection.c: At top level: > smbd/connection.c:344: conflicting types for > `utmp_claim' > smbd/connection.c:32: previous declaration of > `utmp_claim' > smbd/connection.c: In function `utmp_claim': > smbd/connection.c:358: `i' undeclared (first use in > this function) > make: *** [smbd/connection.o] Error 1 > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon Apr 10 01:01:48 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:19 2003 Subject: request not supported In-Reply-To: <38F0FBFB.C6145D54@mouling.de> Message-ID: On Mon, 10 Apr 2000, Michael Muehle wrote: > Hi > > with the latest cvs ( 9.4.00 20:00 CEST +2) Win9x login is running > again. hooray! > User manage for domain and server manage still did not find my pdc from > Win9x > but thats not so important for me. May be I will hava a close look on > this tomorow. if you have an NT PDC, please carry out a netmon trace (preferably v1 else i will be using hexedit to examine the trace!!!) of win95/usrmgr vs nt PDC. thanks! From peter at cadcamlab.org Mon Apr 10 02:00:04 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:20 2003 Subject: TNG 2.1 compile errors References: <200004092125.XAA12657@basil.cdt.luth.se> Message-ID: <14577.13095.205701.342729@wire.cadcamlab.org> [Luke Kenneth Casson Leighton] > can someone who is doing the utmp work please take a look at this, > and provide a fix? Well it's just debug messages, and one prototype mismatch, and the prototype mismatch shouldn't matter because the two structs involved are identical. So it's easy to make it at least compile. Peter P.S. While I'm at it, can you apply the patch for configure.developer? I like to compile in a separate tree, which makes it easier to generate patches.... --- samba-tng/source/configure.developer.old Tue Mar 21 10:59:53 2000 +++ samba-tng/source/configure.developer Sun Apr 9 20:53:29 2000 @@ -1,3 +1,3 @@ #!/bin/sh -CFLAGS="-g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD"; export CFLAGS -./configure $* +CFLAGS="-g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD" \ + `dirname $0`/configure "$@" --- samba-tng/source/smbd/connection.c.old Sat Apr 8 04:03:25 2000 +++ samba-tng/source/smbd/connection.c Sun Apr 9 20:47:40 2000 @@ -328,8 +328,8 @@ return; } - DEBUG(2,("utmp_yield: conn: user:%s cnum:%d i:%d\n", - conn->user, conn->cnum, i)); + DEBUG(2,("utmp_yield: conn: user:%s cnum:%d\n", + conn->user, conn->cnum)); memset((char *)&u, '\0', sizeof(struct utmp)); u.ut_type = DEAD_PROCESS; @@ -340,7 +340,7 @@ } } -static void utmp_claim(const struct connect_record *crec, const connection_struct *conn) +static void utmp_claim(const struct connections_data *crec, const connection_struct *conn) { struct utmp u; @@ -354,8 +354,8 @@ return; } - DEBUG(2,("utmp_claim: conn: user:%s cnum:%d i:%d\n", - conn->user, conn->cnum, i)); + DEBUG(2,("utmp_claim: conn: user:%s cnum:%d\n", + conn->user, conn->cnum)); DEBUG(2,("utmp_claim: crec: pid:%d, cnum:%d name:%s addr:%s mach:%s DNS:%s\n", crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_connection_name())); From lkcl at samba.org Mon Apr 10 02:05:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: TNG 2.1 compile errors In-Reply-To: <14577.13095.205701.342729@wire.cadcamlab.org> Message-ID: okie, then. On Sun, 9 Apr 2000, Peter Samuelson wrote: > > [Luke Kenneth Casson Leighton] > > can someone who is doing the utmp work please take a look at this, > > and provide a fix? > > Well it's just debug messages, and one prototype mismatch, and the > prototype mismatch shouldn't matter because the two structs involved > are identical. So it's easy to make it at least compile. > > Peter > > P.S. While I'm at it, can you apply the patch for configure.developer? > I like to compile in a separate tree, which makes it easier to generate > patches.... > > --- samba-tng/source/configure.developer.old Tue Mar 21 10:59:53 2000 > +++ samba-tng/source/configure.developer Sun Apr 9 20:53:29 2000 > @@ -1,3 +1,3 @@ > #!/bin/sh > -CFLAGS="-g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD"; export CFLAGS > -./configure $* > +CFLAGS="-g -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith -Wcast-qual -Wcast-align -DDEBUG_PASSWORD" \ > + `dirname $0`/configure "$@" > --- samba-tng/source/smbd/connection.c.old Sat Apr 8 04:03:25 2000 > +++ samba-tng/source/smbd/connection.c Sun Apr 9 20:47:40 2000 > @@ -328,8 +328,8 @@ > return; > } > > - DEBUG(2,("utmp_yield: conn: user:%s cnum:%d i:%d\n", > - conn->user, conn->cnum, i)); > + DEBUG(2,("utmp_yield: conn: user:%s cnum:%d\n", > + conn->user, conn->cnum)); > > memset((char *)&u, '\0', sizeof(struct utmp)); > u.ut_type = DEAD_PROCESS; > @@ -340,7 +340,7 @@ > } > } > > -static void utmp_claim(const struct connect_record *crec, const connection_struct *conn) > +static void utmp_claim(const struct connections_data *crec, const connection_struct *conn) > { > struct utmp u; > > @@ -354,8 +354,8 @@ > return; > } > > - DEBUG(2,("utmp_claim: conn: user:%s cnum:%d i:%d\n", > - conn->user, conn->cnum, i)); > + DEBUG(2,("utmp_claim: conn: user:%s cnum:%d\n", > + conn->user, conn->cnum)); > DEBUG(2,("utmp_claim: crec: pid:%d, cnum:%d name:%s addr:%s mach:%s DNS:%s\n", > crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_connection_name())); > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon Apr 10 02:53:41 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz Message-ID: update: - fixed smbd for win95-style profile-locating (it now works, thank you to everyone who sent in log files to get this fixed) - various modes tested and confirmed as working: * ROLE_STANDALONE security = user encrypt passwords = yes domain master = no domain logons = no * ROLE_DOMAIN_PDC security = user encrypt passwords = yes domain master = yes domain logons = yes * ROLE_DOMAIN_MEMBER security = domain password server = PDC [BDC1 BDC2...] encrypt passwords = yes domain master = no domain logons = no - modes NOT tested recently: * ROLE_DOMAIN_BDC security = user password server = PDC encrypt passwords = yes domain master = no domain logons = yes - a reminder that in this version of TNG, smbd, spoolssd and nmbd are now up-to-date from cvs main. oh, and they work. we _have_ had one report of a coredump from smbd for an oplock issue [REALLY important to track this down, people!] - i am also impressed (even though i wrote it) that pam_ntdom actually works. just for fun, i added an account named DOMAIN\administrator to /etc/passwd yesterday, and was stunned to find that it actually worked. i typed in DOMAIN\administrator, and password of test, and got a login prompt. in combination with winbindd, this is going to be great. it's _such_ a pity that not many more OSes support PAM, oh well. anyway, here follows a copy of the WHATSNEW.txt file, which i thought you'd appreciate. all the best, luke (samba team) WHATS NEW IN Samba (The Next Generation) 2.2 ============================================ This is an ALPHA release of Samba TNG, the UNIX based SMB/CIFS file, print and login server for Windows systems. This release is to enlist the help of people who are unable to use cvs (http://samba.org/cvs.html) in a major development project to integrate Samba into a Windows NT (tm) Domain environment - the NT Domains for Unix project. If you are running Windows 9x and do not forsee the need for or need to use any Windows NT Workstations on your network in the near future, you will not need Samba TNG or any of its functionality, and your assistance is not being solicited in the development of this project. [lkcl: There is, however, a large enough Windows 9x user-base to warrant ensuring that Samba TNG remains compatible, it's just that personally i will not touch it with a ten foot barge pole (I got as far as setting up a vmware session called win98, and it's still empty). This is a personal view, not held by any other Samba Team members who are cracking the whip in my direction, and I keep getting into trouble over this. I apologise sincerely and wholeheartedly to all Windows 9x users for any offense and inconvenience I may have caused to anyone using this stupid OS.] Major changes in Samba TNG -------------------------- There are many major changes in Samba TNG. Here are some of them: 1). Windows NT (tm) Primary Domain Controller compatibility ----------------------------------------------------------- Samba TNG can act as a Primary Domain Controller to Windows NT 3.5, 4.0 and 5.0 (in 4.0 backwards-compatible mode) Workstations. Backup Domain Controller and Inter-Domain Trust Relationships are at an early, but functional and very hands-on, stage. 2). Support for Windows NT (tm) Administrative tools ---------------------------------------------------- Significant in-roads have been made into providing support for at least the following Windows NT (tm) tools and services: - User Manager for Domains - Server Manager for Domains - Event Log - Service Control Manager - Registry Editor - Command Scheduler - NT-style Printing A command-line tool named rpcclient, with a command-syntax similar to smbclient, has over sixty five commands that provide equivalent functionality for the same Windows NT (tm) Administrative tools, including the ability to remotely shut down a Windows NT (tm) Server. rpcclient has now been joined by net, samedit, regedit, ntspool, eventlog, lsa, cmdat and svccontrol. If anyone can think of better names for these, suggestions are welcomed. 3). Portability --------------- Samba is now self-configuring using GNU autoconf and libtool, removing the need for people installing Samba to have to hand-configured Makefiles, as was needed in previous versions. You now configure Samba by running "./configure" then "make". See docs/textdocs/UNIX_INSTALL.txt for details. The use of libtool dramatically reduces the size of samba binaries. As we are using libtool in a slightly different way from usual, you may encounter run-time or compilation errors, so please report them to us. 4). New SAM Database Daemons ---------------------------- The SAM database daemon, samrd, is being considered "legacy", and the aim is to replace it. To this end, some new SAM database daemons are being developed - samrtdbd and samrnt5ldapd. They will need to be run with their counterparts, netlogontdbd or netlogonnt5ldapd. None of these are built as part of the standard make, they have to be explicitly built because they are in development: samrd and lsarpcd are compiled by default. 5). pam_ntdom and winbindd -------------------------- The Windows Bind Daemon and the Plugin Authentication Module for NT Domains are now part of the Samba TNG Development effort. winbindd presents, when installed using nsswitch, a unix-like view of a Windows NT Domain environment, allowing Unix applications and the Unix Operating system to enumerate NT users, groups and aliases as Unix users and groups. pam_ntdom, when installed as part of a PAM-enabled Unix Authentication system, allows Unix users to be authenticated against a Windows NT Domain environment. @begin marketing-speak " The powerful combination of winbindd and pam_ntdom allows Unix to be integrated seamlessly into Windows NT Domain environments, which moves us closer to the Holy Grail of 'Single Sign-on'. " @end marketing-speak ===================================================================== NOTE - Some important information --------------------------------- Samba TNG up to alpha-0.3 required that the samba server be joined. to its own Domain. This requirement has been removed. It is important that you read the source/README file for instructions, and it is recommended that you join samba-ntdom@samba.org for update information and status reports. For details, please see: http://samba.org/listproc/samba-ntdom ===================================================================== NOTE - Primary Domain Controller Functionality ---------------------------------------------- This version of Samba contains code that correctly implements the undocumented Primary Domain Controller authentication protocols. However, there is much more to being a Primary Domain Controller than serving Windows NT logon requests. A useful version of a Primary Domain Controller contains many remote procedure calls to do things like enumerate users, groups, and security information, 98% of which Samba TNG currently implements. This work is being done in the CVS (developer) versions of Samba, development of which continues at a fast pace. If you are interested in participating in or helping with this development please join the Samba-NTDOM mailing list. Details on joining are available at : http://samba.org/listproc/ Details on obtaining CVS (developer) versions of Samba are available at: http://samba.org/cvs.html For this version, use a tag of SAMBA_TNG ===================================================================== NOTE - Known Bugs ----------------- It is *not* recommended that this version of Samba be run in a production environment, for at least the following reasons: 1) The new MSRPC architecture forks() one MSRPC daemon per incoming service request. The msrpc daemon stays around for as long as the remote server maintains a connection to it. An investigation is underway to attempt to minimise the number of outstanding connections, because a *single* NT user logon can result in up to 5 or 6 msrpc daemons waiting around, doing nothing but take up process table space. Connection reuse has now been added and debugged: the number of incoming connections is reduced but still fairly large. ===================================================================== If you have problems, or think you have found a bug please email a full, detailed report to: samba-technical@samba.org As always, all bugs are our responsibility. Regards, The Samba Team. From pmal at space.gr Mon Apr 10 07:05:38 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz References: Message-ID: <004201bfa2bb$2d05c480$0602000a@space.gr> Is it just me this version boosts the login procedure speed. I've never seen a login so fast. I guess this is mainly why most of us are using TNG. To get rid of you-know-what. Grear job Luke. I just cannot figure out what are the steps to create an inter-domain trust relationship. Are there any docus? ----- Original Message ----- From: Luke Kenneth Casson Leighton To: Multiple recipients of list SAMBA-NTDOM Sent: Monday, April 10, 2000 5:56 AM Subject: samba-tng-alpha-2.2.tar.gz > update: > > - fixed smbd for win95-style profile-locating (it now works, thank you to > everyone who sent in log files to get this fixed) > > - various modes tested and confirmed as working: > > * ROLE_STANDALONE > security = user > encrypt passwords = yes > domain master = no > domain logons = no > > * ROLE_DOMAIN_PDC > security = user > encrypt passwords = yes > domain master = yes > domain logons = yes > > * ROLE_DOMAIN_MEMBER > security = domain > password server = PDC [BDC1 BDC2...] > encrypt passwords = yes > domain master = no > domain logons = no > > - modes NOT tested recently: > > * ROLE_DOMAIN_BDC > security = user > password server = PDC > encrypt passwords = yes > domain master = no > domain logons = yes > > - a reminder that in this version of TNG, smbd, spoolssd and nmbd are now > up-to-date from cvs main. oh, and they work. we _have_ had one report of > a coredump from smbd for an oplock issue [REALLY important to track this > down, people!] > > - i am also impressed (even though i wrote it) that pam_ntdom actually > works. just for fun, i added an account named DOMAIN\administrator to > /etc/passwd yesterday, and was stunned to find that it actually worked. > i typed in DOMAIN\administrator, and password of test, and got a login > prompt. in combination with winbindd, this is going to be great. it's > _such_ a pity that not many more OSes support PAM, oh well. > > > anyway, here follows a copy of the WHATSNEW.txt file, which i thought > you'd appreciate. > > all the best, > > luke (samba team) > > > WHATS NEW IN Samba (The Next Generation) 2.2 > ============================================ > > This is an ALPHA release of Samba TNG, the UNIX based SMB/CIFS file, > print and login server for Windows systems. > > This release is to enlist the help of people who are unable to use > cvs (http://samba.org/cvs.html) in a major development project to > integrate Samba into a Windows NT (tm) Domain environment - the > NT Domains for Unix project. > > If you are running Windows 9x and do not forsee the need for or > need to use any Windows NT Workstations on your network in the near > future, you will not need Samba TNG or any of its functionality, > and your assistance is not being solicited in the development of > this project. > > [lkcl: There is, however, a large enough Windows 9x user-base > to warrant ensuring that Samba TNG remains compatible, it's just that > personally i will not touch it with a ten foot barge pole (I got > as far as setting up a vmware session called win98, and it's still > empty). This is a personal view, not held by any other Samba > Team members who are cracking the whip in my direction, and I > keep getting into trouble over this. I apologise sincerely and > wholeheartedly to all Windows 9x users for any offense and > inconvenience I may have caused to anyone using this stupid OS.] > > > Major changes in Samba TNG > -------------------------- > > There are many major changes in Samba TNG. Here are some of them: > > > 1). Windows NT (tm) Primary Domain Controller compatibility > ----------------------------------------------------------- > > Samba TNG can act as a Primary Domain Controller to Windows NT 3.5, > 4.0 and 5.0 (in 4.0 backwards-compatible mode) Workstations. Backup > Domain Controller and Inter-Domain Trust Relationships are at an > early, but functional and very hands-on, stage. > > 2). Support for Windows NT (tm) Administrative tools > ---------------------------------------------------- > > Significant in-roads have been made into providing support for at least > the following Windows NT (tm) tools and services: > > - User Manager for Domains > - Server Manager for Domains > - Event Log > - Service Control Manager > - Registry Editor > - Command Scheduler > - NT-style Printing > > A command-line tool named rpcclient, with a command-syntax similar to > smbclient, has over sixty five commands that provide equivalent > functionality for the same Windows NT (tm) Administrative tools, > including the ability to remotely shut down a Windows NT (tm) Server. > > rpcclient has now been joined by net, samedit, regedit, ntspool, > eventlog, lsa, cmdat and svccontrol. If anyone can think of better > names for these, suggestions are welcomed. > > 3). Portability > --------------- > > Samba is now self-configuring using GNU autoconf and libtool, removing > the need for people installing Samba to have to hand-configured > Makefiles, as was needed in previous versions. > > You now configure Samba by running "./configure" then "make". See > docs/textdocs/UNIX_INSTALL.txt for details. > > The use of libtool dramatically reduces the size of samba binaries. > As we are using libtool in a slightly different way from usual, > you may encounter run-time or compilation errors, so please report > them to us. > > 4). New SAM Database Daemons > ---------------------------- > > The SAM database daemon, samrd, is being considered "legacy", and > the aim is to replace it. To this end, some new SAM database > daemons are being developed - samrtdbd and samrnt5ldapd. > They will need to be run with their counterparts, netlogontdbd or > netlogonnt5ldapd. None of these are built as part of the standard > make, they have to be explicitly built because they are in > development: samrd and lsarpcd are compiled by default. > > 5). pam_ntdom and winbindd > -------------------------- > > The Windows Bind Daemon and the Plugin Authentication Module for NT > Domains are now part of the Samba TNG Development effort. > > winbindd presents, when installed using nsswitch, a unix-like view > of a Windows NT Domain environment, allowing Unix applications and > the Unix Operating system to enumerate NT users, groups and aliases > as Unix users and groups. > > pam_ntdom, when installed as part of a PAM-enabled Unix Authentication > system, allows Unix users to be authenticated against a Windows NT > Domain environment. > > @begin marketing-speak > " The powerful combination of winbindd and pam_ntdom allows Unix > to be integrated seamlessly into Windows NT Domain environments, > which moves us closer to the Holy Grail of 'Single Sign-on'. " > @end marketing-speak > > > ===================================================================== > > NOTE - Some important information > --------------------------------- > > Samba TNG up to alpha-0.3 required that the samba server be joined. > to its own Domain. This requirement has been removed. > > It is important that you read the source/README file for > instructions, and it is recommended that you join samba-ntdom@samba.org > for update information and status reports. For details, please see: > > http://samba.org/listproc/samba-ntdom > > ===================================================================== > > NOTE - Primary Domain Controller Functionality > ---------------------------------------------- > > This version of Samba contains code that correctly implements > the undocumented Primary Domain Controller authentication > protocols. However, there is much more to being a Primary > Domain Controller than serving Windows NT logon requests. > > A useful version of a Primary Domain Controller contains > many remote procedure calls to do things like enumerate users, > groups, and security information, 98% of which Samba TNG currently > implements. > > This work is being done in the CVS (developer) versions of Samba, > development of which continues at a fast pace. If you are > interested in participating in or helping with this development > please join the Samba-NTDOM mailing list. Details on joining > are available at : > > http://samba.org/listproc/ > > Details on obtaining CVS (developer) versions of Samba > are available at: > > http://samba.org/cvs.html > > For this version, use a tag of SAMBA_TNG > > > ===================================================================== > > NOTE - Known Bugs > ----------------- > > It is *not* recommended that this version of Samba be run in a > production environment, for at least the following reasons: > > 1) The new MSRPC architecture forks() one MSRPC daemon per incoming > service request. The msrpc daemon stays around for as long as > the remote server maintains a connection to it. An investigation > is underway to attempt to minimise the number of outstanding > connections, because a *single* NT user logon can result in up to > 5 or 6 msrpc daemons waiting around, doing nothing but take up > process table space. > > Connection reuse has now been added and debugged: the number of > incoming connections is reduced but still fairly large. > > > ===================================================================== > > If you have problems, or think you have found a bug please email > a full, detailed report to: > > samba-technical@samba.org > > As always, all bugs are our responsibility. > > Regards, > > The Samba Team. > From lkcl at samba.org Mon Apr 10 07:13:59 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz In-Reply-To: <004201bfa2bb$2d05c480$0602000a@space.gr> Message-ID: On Mon, 10 Apr 2000, Panagiotis Malakoudis wrote: > Is it just me this version boosts the login procedure speed. I've never seen > a login so fast. whoa, that's kinda cool. i wonder why it's so slow here... um, oh yes: vmware and log level = 100, that'd do it :) > I guess this is mainly why most of us are using TNG. To get > rid of you-know-what. be nice, i work _with_ you-know-what, not against you-know-what. > Grear job Luke. thx! thanks to everyone who keeps sending bug-reports, patches, log-files and encouragement. > I just cannot figure out what are the steps to create an inter-domain trust > relationship. Are there any docus? hmmm... you want to write them? :) ok, you can try it out (i haven't for a while). firstly, can your system cope with unix usernames (/etc/passwd) like this: DOMAINNAME\username (*tee hee* :) guess what i'm up to :) me and andrew have been talking, again... > > ----- Original Message ----- > From: Luke Kenneth Casson Leighton > To: Multiple recipients of list SAMBA-NTDOM > Sent: Monday, April 10, 2000 5:56 AM > Subject: samba-tng-alpha-2.2.tar.gz > > > > update: > > > > - fixed smbd for win95-style profile-locating (it now works, thank you to > > everyone who sent in log files to get this fixed) > > > > - various modes tested and confirmed as working: > > > > * ROLE_STANDALONE > > security = user > > encrypt passwords = yes > > domain master = no > > domain logons = no > > > > * ROLE_DOMAIN_PDC > > security = user > > encrypt passwords = yes > > domain master = yes > > domain logons = yes > > > > * ROLE_DOMAIN_MEMBER > > security = domain > > password server = PDC [BDC1 BDC2...] > > encrypt passwords = yes > > domain master = no > > domain logons = no > > > > - modes NOT tested recently: > > > > * ROLE_DOMAIN_BDC > > security = user > > password server = PDC > > encrypt passwords = yes > > domain master = no > > domain logons = yes > > > > - a reminder that in this version of TNG, smbd, spoolssd and nmbd are now > > up-to-date from cvs main. oh, and they work. we _have_ had one report of > > a coredump from smbd for an oplock issue [REALLY important to track this > > down, people!] > > > > - i am also impressed (even though i wrote it) that pam_ntdom actually > > works. just for fun, i added an account named DOMAIN\administrator to > > /etc/passwd yesterday, and was stunned to find that it actually worked. > > i typed in DOMAIN\administrator, and password of test, and got a login > > prompt. in combination with winbindd, this is going to be great. it's > > _such_ a pity that not many more OSes support PAM, oh well. > > > > > > anyway, here follows a copy of the WHATSNEW.txt file, which i thought > > you'd appreciate. > > > > all the best, > > > > luke (samba team) > > > > > > WHATS NEW IN Samba (The Next Generation) 2.2 > > ============================================ > > > > This is an ALPHA release of Samba TNG, the UNIX based SMB/CIFS file, > > print and login server for Windows systems. > > > > This release is to enlist the help of people who are unable to use > > cvs (http://samba.org/cvs.html) in a major development project to > > integrate Samba into a Windows NT (tm) Domain environment - the > > NT Domains for Unix project. > > > > If you are running Windows 9x and do not forsee the need for or > > need to use any Windows NT Workstations on your network in the near > > future, you will not need Samba TNG or any of its functionality, > > and your assistance is not being solicited in the development of > > this project. > > > > [lkcl: There is, however, a large enough Windows 9x user-base > > to warrant ensuring that Samba TNG remains compatible, it's just that > > personally i will not touch it with a ten foot barge pole (I got > > as far as setting up a vmware session called win98, and it's still > > empty). This is a personal view, not held by any other Samba > > Team members who are cracking the whip in my direction, and I > > keep getting into trouble over this. I apologise sincerely and > > wholeheartedly to all Windows 9x users for any offense and > > inconvenience I may have caused to anyone using this stupid OS.] > > > > > > Major changes in Samba TNG > > -------------------------- > > > > There are many major changes in Samba TNG. Here are some of them: > > > > > > 1). Windows NT (tm) Primary Domain Controller compatibility > > ----------------------------------------------------------- > > > > Samba TNG can act as a Primary Domain Controller to Windows NT 3.5, > > 4.0 and 5.0 (in 4.0 backwards-compatible mode) Workstations. Backup > > Domain Controller and Inter-Domain Trust Relationships are at an > > early, but functional and very hands-on, stage. > > > > 2). Support for Windows NT (tm) Administrative tools > > ---------------------------------------------------- > > > > Significant in-roads have been made into providing support for at least > > the following Windows NT (tm) tools and services: > > > > - User Manager for Domains > > - Server Manager for Domains > > - Event Log > > - Service Control Manager > > - Registry Editor > > - Command Scheduler > > - NT-style Printing > > > > A command-line tool named rpcclient, with a command-syntax similar to > > smbclient, has over sixty five commands that provide equivalent > > functionality for the same Windows NT (tm) Administrative tools, > > including the ability to remotely shut down a Windows NT (tm) Server. > > > > rpcclient has now been joined by net, samedit, regedit, ntspool, > > eventlog, lsa, cmdat and svccontrol. If anyone can think of better > > names for these, suggestions are welcomed. > > > > 3). Portability > > --------------- > > > > Samba is now self-configuring using GNU autoconf and libtool, removing > > the need for people installing Samba to have to hand-configured > > Makefiles, as was needed in previous versions. > > > > You now configure Samba by running "./configure" then "make". See > > docs/textdocs/UNIX_INSTALL.txt for details. > > > > The use of libtool dramatically reduces the size of samba binaries. > > As we are using libtool in a slightly different way from usual, > > you may encounter run-time or compilation errors, so please report > > them to us. > > > > 4). New SAM Database Daemons > > ---------------------------- > > > > The SAM database daemon, samrd, is being considered "legacy", and > > the aim is to replace it. To this end, some new SAM database > > daemons are being developed - samrtdbd and samrnt5ldapd. > > They will need to be run with their counterparts, netlogontdbd or > > netlogonnt5ldapd. None of these are built as part of the standard > > make, they have to be explicitly built because they are in > > development: samrd and lsarpcd are compiled by default. > > > > 5). pam_ntdom and winbindd > > -------------------------- > > > > The Windows Bind Daemon and the Plugin Authentication Module for NT > > Domains are now part of the Samba TNG Development effort. > > > > winbindd presents, when installed using nsswitch, a unix-like view > > of a Windows NT Domain environment, allowing Unix applications and > > the Unix Operating system to enumerate NT users, groups and aliases > > as Unix users and groups. > > > > pam_ntdom, when installed as part of a PAM-enabled Unix Authentication > > system, allows Unix users to be authenticated against a Windows NT > > Domain environment. > > > > @begin marketing-speak > > " The powerful combination of winbindd and pam_ntdom allows Unix > > to be integrated seamlessly into Windows NT Domain environments, > > which moves us closer to the Holy Grail of 'Single Sign-on'. " > > @end marketing-speak > > > > > > ===================================================================== > > > > NOTE - Some important information > > --------------------------------- > > > > Samba TNG up to alpha-0.3 required that the samba server be joined. > > to its own Domain. This requirement has been removed. > > > > It is important that you read the source/README file for > > instructions, and it is recommended that you join samba-ntdom@samba.org > > for update information and status reports. For details, please see: > > > > http://samba.org/listproc/samba-ntdom > > > > ===================================================================== > > > > NOTE - Primary Domain Controller Functionality > > ---------------------------------------------- > > > > This version of Samba contains code that correctly implements > > the undocumented Primary Domain Controller authentication > > protocols. However, there is much more to being a Primary > > Domain Controller than serving Windows NT logon requests. > > > > A useful version of a Primary Domain Controller contains > > many remote procedure calls to do things like enumerate users, > > groups, and security information, 98% of which Samba TNG currently > > implements. > > > > This work is being done in the CVS (developer) versions of Samba, > > development of which continues at a fast pace. If you are > > interested in participating in or helping with this development > > please join the Samba-NTDOM mailing list. Details on joining > > are available at : > > > > http://samba.org/listproc/ > > > > Details on obtaining CVS (developer) versions of Samba > > are available at: > > > > http://samba.org/cvs.html > > > > For this version, use a tag of SAMBA_TNG > > > > > > ===================================================================== > > > > NOTE - Known Bugs > > ----------------- > > > > It is *not* recommended that this version of Samba be run in a > > production environment, for at least the following reasons: > > > > 1) The new MSRPC architecture forks() one MSRPC daemon per incoming > > service request. The msrpc daemon stays around for as long as > > the remote server maintains a connection to it. An investigation > > is underway to attempt to minimise the number of outstanding > > connections, because a *single* NT user logon can result in up to > > 5 or 6 msrpc daemons waiting around, doing nothing but take up > > process table space. > > > > Connection reuse has now been added and debugged: the number of > > incoming connections is reduced but still fairly large. > > > > > > ===================================================================== > > > > If you have problems, or think you have found a bug please email > > a full, detailed report to: > > > > samba-technical@samba.org > > > > As always, all bugs are our responsibility. > > > > Regards, > > > > The Samba Team. > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon Apr 10 08:01:48 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. Message-ID: hi, this is to let you all know that we're going to be very, very mean to you all and mandate that usernames can be of the following format... in /etc/passwd: DOMAINNAME\username. oh, dear: what a pity! that's more than 8 chars. @begin sympathy well... umm... tough! you'll just have to change all your domain names to two chars and have usernames of less than 5. sorry! @end sympathy any objections? [linux copes nicely, i just tried DOMAIN\Administrator and pam_ntdom let me log in.] luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From arielez at cs.huji.ac.il Mon Apr 10 08:07:53 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: Does this mean that for each user I have I'll need to entries in /etc/passwd?: arielez:...... HOME\arielez:...... Won't that make to many synchronizations neccessary? (I can't ask my users to login with 'HOME\name' on unix machines - it doesn't make sense) On Mon, 10 Apr 2000, Luke Kenneth Casson Leighton wrote: | hi, | | this is to let you all know that we're going to be very, very mean to you | all and mandate that usernames can be of the following format... in | /etc/passwd: | | DOMAINNAME\username. | | oh, dear: what a pity! that's more than 8 chars. | | @begin sympathy | well... umm... tough! you'll just have to change all your domain names to | two chars and have usernames of less than 5. sorry! | @end sympathy | | any objections? | | [linux copes nicely, i just tried DOMAIN\Administrator and pam_ntdom let | me log in.] | | luke | | Luke Kenneth Casson Leighton | Samba and Network Development | Samba Web site | Macmillan Technical Publishing | | ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals | | | From lkcl at samba.org Mon Apr 10 08:16:44 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: On Mon, 10 Apr 2000, Eizenberg Ariel wrote: > Does this mean that for each user I have I'll need to entries in > /etc/passwd?: > arielez:...... > HOME\arielez:...... > > Won't that make to many synchronizations neccessary? > (I can't ask my users to login with 'HOME\name' on unix machines - it > doesn't make sense) the default will be that for entries with the "workgroup = YOUROWNDOMAIN" you will _not_ need /etc/passwd YOUROWNDOMAIN\username. let's say you have security = domain, workgroup = MYWORKGROUP, your samba server is called MYWORKSTATIONNAME. this means that the local administrator account will have to be: MYWORKSTATIONNAME\Administrator. or, MYWORKSTATIONNAME\root, if you prefer. From dugan at libwais.sonoma.edu Mon Apr 10 08:18:56 2000 From: dugan at libwais.sonoma.edu (ME) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: If this is a serious suggestions, then... Though I do not find the idea of exceeding the 8 character unix username system, it seems that a dual compatible system could be created by using duplicate UID/GID/Home dir information for each user... eg:(/etc/passwd) userdude:x:1001:100:Samba User,,,:/home/userdude:/bin/bash HOME\userdude:x:1001:100:Samba User,,,:/home/uuserdude:/bin/bash The thought of tampering with /etc/passwd's fields which may be misunderstood, or poorly truncated by other programs rubs me wrong. At least you are not suggesting using the ":" as your field seperator. ]:> Any reason why smbpasswd cannot be setup to check for the existance of a "\" in its username field, and then parse it into two parts without tampering with the /etc/passwd system file? This would isolate the changes needed by it to its own config files. User matching would need to catch on UID, not string comparisons of username in /etc/passwd when creating new smb accounts with smbpasswd, but you people are spending the time to make the code. Thanks for your work on SaMBa. (long time user, long time multi-samba mailing list lurker) -M On Mon, 10 Apr 2000, Eizenberg Ariel wrote: > Subject: Re: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. > > Does this mean that for each user I have I'll need to entries in > /etc/passwd?: > arielez:...... > HOME\arielez:...... > > Won't that make to many synchronizations neccessary? > (I can't ask my users to login with 'HOME\name' on unix machines - it > doesn't make sense) > > On Mon, 10 Apr 2000, Luke Kenneth Casson Leighton wrote: > > | hi, > | > | this is to let you all know that we're going to be very, very mean to you > | all and mandate that usernames can be of the following format... in > | /etc/passwd: > | > | DOMAINNAME\username. > | > | oh, dear: what a pity! that's more than 8 chars. > | > | @begin sympathy > | well... umm... tough! you'll just have to change all your domain names to > | two chars and have usernames of less than 5. sorry! > | @end sympathy > | > | any objections? > | > | [linux copes nicely, i just tried DOMAIN\Administrator and pam_ntdom let > | me log in.] > | > | luke > | > | Luke Kenneth Casson Leighton > | Samba and Network Development > | Samba Web site > | Macmillan Technical Publishing > | > | ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > | > | > | > > From lkcl at samba.org Mon Apr 10 08:44:28 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: On Mon, 10 Apr 2000, ME wrote: > If this is a serious suggestions, then... yes it is. the imposition on samba of map files is ... painful, to say the least. it's causing problems. most people, running without trusted domains, will be completely unaffected. some people _may_ want a MYSAMBASERVER\Administrator account in /etc/passwd. > Though I do not find the idea of exceeding the 8 character unix username > system, it seems that a dual compatible system could be created by using > duplicate UID/GID/Home dir information for each user... > > eg:(/etc/passwd) > userdude:x:1001:100:Samba User,,,:/home/userdude:/bin/bash > HOME\userdude:x:1001:100:Samba User,,,:/home/uuserdude:/bin/bash hmm, good point, can think of horrible reasons for doing this, plus it's not necessary: default domain is HOME anyway. > The thought of tampering with /etc/passwd's fields which may be > misunderstood, or poorly truncated by other programs rubs me wrong. At > least you are not suggesting using the ":" as your field seperator. ]:> eek > Any reason why smbpasswd cannot be setup to check for the existance of a > "\" in its username field, and then parse it into two parts without > tampering with the /etc/passwd system file? This would isolate the changes > needed by it to its own config files. User matching would need to catch on > UID, not string comparisons of username in /etc/passwd when creating new > smb accounts with smbpasswd, but you people are spending the time to make > the code. ... hmm, smbpasswd is "local SAM database" accounts. can do some name-munging there. for ROLE_DOMAIN_PDC, samdbname = domainname. therefore, entries in /etc/passwd would not have domainname in front of them. for ROLE_DOMAIN_MEMBER and ROLE_STANDALONE, samdbname = wkstaname, therefore for checking entries in smbpasswd against /etc/passwd, you'd have to strip out WKSTANAME from the /etc/passwd name. > Thanks for your work on SaMBa. (long time user, long time multi-samba > mailing list lurker) hi there :) From david.allan at finch.org Mon Apr 10 10:02:58 2000 From: david.allan at finch.org (David Allan Finch) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz References: Message-ID: <38F1A6D2.E831FC1E@finch.org> > --with-utmp Include experimental utmp accounting > --without-utmp Don't include experimental utmp accounting (default) > --with-msdfs Include MS Dfs support > --without-msdfs Don't include MS Dfs support (default) > --with-sambaconfdir=DIR Where to put smb.conf etc. (/usr/local/samba/lib) > --with-privatedir=DIR Where to put smbpasswd (/usr/local/samba/private) > --with-lockdir=DIR Where to put lock files (/usr/local/samba/var/locks) > --with-swatdir=DIR Where to put SWAT files (/usr/local/samba/swat) should these not default to PREFIX/x? -- / The whole history of this invention has been a struggle /\|/\ against time - Charles Babbage 1837 on the Analytical Engine | K | All Hail Discordia - Burn all Orange Books! \___/ david.allan@finch.org - http://www.vger.demon.co.uk From Olivier.Brousselle at univ-lehavre.fr Mon Apr 10 10:13:25 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:20 2003 Subject: [TNG 2.2] upgrade failed Message-ID: <38F1A945.1D6F348F@univ-lehavre.fr> Hi all, I have upgraded Samba TNG this morning from 0.1 to 1.8 and to 2.2. But, there is a problem, when I want to connect from a workstation, the domain is unavailable. I can connect with smbclient on users account, but not root account. I can't add a new workstation on the domain. Samedit's createuser work, but the workstation can't join the domain, and says that the account of the workstation is not available. What can i do ? -- Olivier Brousselle mailto:Olivier.Brousselle@univ-lehavre.fr ================================================================== Facult? des sciences Laboratoire de m?canique du lundi au mercredi jeudi et vendredi Tel : 02/32/74/43/37 02/32/74/49/67 Fax : 02/32/74/43/14 02/32/74/49/60 From mmbrich at binary.net Mon Apr 10 10:17:33 2000 From: mmbrich at binary.net (Matthew Brichacek) Date: Tue Dec 2 02:29:20 2003 Subject: Password Script Message-ID: <017401bfa2d5$fcc27780$a20ce5d8@binary.net> Hello all, Well now that Luke has fixed up the major win9x bugs i was wondering if anyone had wrote a script to allow password changing in samba by taking the samrd output and creating a new password without having the old passwd (i guess samr doesn't want to send the old password so it has to be changed without it) If anyone has put one together i would appreciate a copy of it, i would take on writing a script like this myself but i have little to no programing experience and will probably cause a full system crash or even worse withone of my scripts. Cheers, Matthew B -------------- next part -------------- HTML attachment scrubbed and removed From johanh at fusion.kth.se Mon Apr 10 11:13:16 2000 From: johanh at fusion.kth.se (Johan Hedin) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz In-Reply-To: <38F1A6D2.E831FC1E@finch.org> Message-ID: They do. The options are used by us who like to have the binaries (/usr/local) on read only NFS/AFS. Johan Hedin /---------------------------------------------------------------------\ | Johan Hedin | johanh@fusion.kth.se | | Ph.D. Student and System Manager | http://www.fusion.kth.se/~johanh | \---------------------------------------------------------------------/ On Mon, 10 Apr 2000, David Allan Finch wrote: > > --with-utmp Include experimental utmp accounting > > --without-utmp Don't include experimental utmp accounting (default) > > --with-msdfs Include MS Dfs support > > --without-msdfs Don't include MS Dfs support (default) > > --with-sambaconfdir=DIR Where to put smb.conf etc. (/usr/local/samba/lib) > > --with-privatedir=DIR Where to put smbpasswd (/usr/local/samba/private) > > --with-lockdir=DIR Where to put lock files (/usr/local/samba/var/locks) > > --with-swatdir=DIR Where to put SWAT files (/usr/local/samba/swat) > > should these not default to PREFIX/x? > From david.allan at finch.org Mon Apr 10 11:36:46 2000 From: david.allan at finch.org (David Allan Finch) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz References: Message-ID: <38F1BCCE.7EC28374@finch.org> Johan Hedin wrote: > They do. The options are used by us who like to have the binaries > (/usr/local) on read only NFS/AFS. Perhaps it should be made clear that these are used to override the default values, because I almost used them to override /usr/local/samba/lib to /opt/samba/etc. I did not only because I was seeing if this version built. -- / The whole history of this invention has been a struggle /\|/\ against time - Charles Babbage 1837 on the Analytical Engine | K | All Hail Discordia - Burn all Orange Books! \___/ david.allan@finch.org - http://www.vger.demon.co.uk From admin at geoksc.apatity.ru Mon Apr 10 11:59:11 2000 From: admin at geoksc.apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:20 2003 Subject: User list Message-ID: <001801bfa2e4$4c5a6920$0a02a8c0@SAMBA> Thank Luke for correction of a bug w95! Whether the reception of the list of the users with samba-TNG by the client w95/w98 is possible? It is necessary for export of resources of one client for another by the instruction of the users, to which this resource will be accessible. From fricke at Team.OWL-Online.DE Mon Apr 10 12:08:38 2000 From: fricke at Team.OWL-Online.DE (fricke@Team.OWL-Online.DE) Date: Tue Dec 2 02:29:20 2003 Subject: Two Samba in same network Message-ID: Hi, I have to setup a second Samba in the same network. Just to map one drive. Can I do it with the same configuration? The NT?s have to map the drive on systemstart like the first Samba. Know what I mean? -------------------------------------------------------------------------------------------------- Mit freundlichen Gr??en Cord-H. Fricke Fon: 0 52 1 / 52 51-133 Fax: 0 52 1 / 52 51-115 ...keep on headbangin? , that rocks!!! From tom at ee.ucl.ac.uk Mon Apr 10 12:31:10 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:20 2003 Subject: samba-TNG smbd crashing Message-ID: <200004101231.NAA27634@picard.ee.ucl.ac.uk> Hello Jeremy, Luke asked me to contact you direct about the problem I'm having with smbd crashing. As I see it there are two issues to address: 1) Fix the problem causing the crash 2) Define what should happen to locks when an instance of smbd crashes. 1) Background to the problem: samba-TNG cvs update 11:00BST 05/04/00 Solaris 2.7 gcc 2.8.1 Sparc 64 I realise this isn't the latest version, but I don't think anyone has addressed the problem as yet. I have several Win2k clients using a samba-TNG server for domain logins and profiles. Sometimes smbd crashes while the client is performing the login script and leaves an oplock against it: (Extract from smbstatus:) 1163 DENY_WRITE RDONLY EXCLUSIVE+BATCH /opt/samba-TNG/etc/netlogon/UNKNOWN.exe Mon Apr 10 09:55:47 2000 1163 DENY_NONE RDONLY LEVEL_II /opt/samba-TNG/etc/netlogon/kixtart.scr Mon Apr 10 09:55:58 2000 A core is not dumped because on Solaris a process will not produce a core if its euid is different from its real uid. I have logs at level 8: [2000/04/10 09:55:58, 5] rpc_parse/parse_prs.c:_prs_uint32s(890) 0210 sub_auths : 00000015 ccfe2690 ace38d7c c4a0db2f [2000/04/10 09:55:58, 4] smbd/uid.c:become_userk(84) Skipping become_user - already user [2000/04/10 09:55:58, 3] smbd/oplock.c:oplock_break(1075) oplock_break: returning success for dev = 800005, inode = 682 Current exclusive_oplocks_open = 1 [2000/04/10 09:55:58, 4] smbd/open.c:open_file_shared(1012) calling open_file with flags=0x0 flags2=0x0 mode=0744 [2000/04/10 09:55:58, 3] smbd/files.c:fd_get_already_open(132) Re-used file_fd_struct dev = 800005, inode = 682, ref_count = 2 [2000/04/10 09:55:58, 0] lib/fault.c:fault_report(40) =============================================================== [2000/04/10 09:55:58, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 1163 (TNG-prealpha) Please read the file BUGS.txt in the distribution [2000/04/10 09:55:58, 0] lib/fault.c:fault_report(43) =============================================================== [2000/04/10 09:55:58, 0] lib/util.c:smb_panic(2627) PANIC: internal error [2000/04/10 09:55:58, 6] param/loadparm.c:lp_file_list_changed(2057) lp_file_list_changed() file /opt/samba-TNG/lib/smb.conf -> /opt/samba-TNG/lib/smb.conf last mod_time: Sun Apr 9 23:11:53 2000 [2000/04/10 09:55:58, 5] smbd/connection.c:claim_connection(84) claiming 100000 I don't know if this is enough to track the problem. If it isn't, let me know and I'll try and hack the code to allow me to get a core dump. Unfortunately, this problem does not occur on every login, so I can't reproduce it at will, though it seems to be something to do with re-using file structs. 2) When smbd crashes what should happen to file locks? Should they be released by the crashing smbd? Should they be handed to another smbd? Leaving them open is not satisfactory, especially when there isn't a way to easily remove them by hand. Also, should smbd be forced to drop a core when it crashes no matter what euid it has at the time? i.e. change the euid back to root and then force the core dump. (I'm not sure if this is possible, but perhaps others can comment.) If you need any further information, please email me. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From p.grimmerink at home.nl Mon Apr 10 12:45:13 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > Sent: maandag 10 april 2000 4:56 > To: Multiple recipients of list SAMBA-NTDOM > Subject: samba-tng-alpha-2.2.tar.gz > - i am also impressed (even though i wrote it) that pam_ntdom actually > works. just for fun, i added an account named DOMAIN\administrator to > /etc/passwd yesterday, and was stunned to find that it actually worked. > i typed in DOMAIN\administrator, and password of test, and got a login > prompt. Is there already a way to let unixusers authenticate agains an NT server, using this pam_ntdom funcionality? I would like to let users dial into a linux server, using their NT domain accounts. Best regards, Pieter From dominik.kubla at uni-mainz.de Mon Apr 10 12:49:31 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:20 2003 Subject: FYI: re: ACLs for Linux 2.2.14 In-Reply-To: <38F0FFC2.545A5A5@schernau.com>; from Ed Schernau on Mon, Apr 10, 2000 at 08:01:53AM +1000 References: <38F0FFC2.545A5A5@schernau.com> Message-ID: <20000410144931.C31903@uni-mainz.de> On Mon, Apr 10, 2000 at 08:01:53AM +1000, Ed Schernau wrote: > the bestbits.at ACL stuff is typical downloable, beta Linux > software. Scant docs, numerous patches, all of which subtly > fail in some way or another. Nonsense. First of all nobody ever claimed it was suitable for production systems. Second I told you the stuff applied cleanly and i can prove it: - Applying linux-2.2.13-acl-0.5.5d.patch.gz to pristine linux-2.2.13 tree: no rejects. - Applying linux-2.2.14-acl-0.5.6-pre100.patch.gz to pristine linux-2.2.14 tree: no rejects. - Applying linux-2.2.14-acc-0.6.0-pre8.patch.gz to pristine linux-2.2.14 tree: no rejects. And i have a 2.2.15pre17 kernel working with the 2.2.14-acc-0.6.0 patch applied: it works exactly as documented. So what the hell are you talking about? And since you did not (up until now) bother to report exactely what went wrong on your side, there is no way i can help you. And given the attitude your post shows, i am very reluctant to offer you further assistance ... Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From pmal at space.gr Mon Apr 10 12:53:14 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:20 2003 Subject: samba-tng-alpha-2.2.tar.gz References: Message-ID: <018a01bfa2eb$bc2f6460$0602000a@space.gr> I believe what you need is the pam module that lets you authenticate users against an NT domain (linux pam modules). Not the samba pam support features. ----- Original Message ----- From: Pieter Grimmerink To: Multiple recipients of list SAMBA-NTDOM Sent: Monday, April 10, 2000 3:47 PM Subject: RE: samba-tng-alpha-2.2.tar.gz > > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Luke Kenneth Casson Leighton > > Sent: maandag 10 april 2000 4:56 > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: samba-tng-alpha-2.2.tar.gz > > > - i am also impressed (even though i wrote it) that pam_ntdom actually > > works. just for fun, i added an account named DOMAIN\administrator to > > /etc/passwd yesterday, and was stunned to find that it actually worked. > > i typed in DOMAIN\administrator, and password of test, and got a login > > prompt. > > Is there already a way to let unixusers authenticate agains an NT server, > using this pam_ntdom funcionality? > I would like to let users dial into a linux server, using their NT domain > accounts. > > Best regards, > > Pieter From fricke at Team.OWL-Online.DE Mon Apr 10 13:25:21 2000 From: fricke at Team.OWL-Online.DE (fricke@Team.OWL-Online.DE) Date: Tue Dec 2 02:29:20 2003 Subject: Problems with authentification Message-ID: After installing a second samba-server in the same network I can?t authentificate on this server. I made a symlink to the smbpasswd-file of the first samba-server and the /etc/passwd-files are the same, too. But on NT-Boxes there is no authentification possible. Any help outside? -------------------------------------------------------------------------------------------------- Mit freundlichen Gr??en Cord-H. Fricke Fon: 0 52 1 / 52 51-133 Fax: 0 52 1 / 52 51-115 ...keep on headbangin? , that rocks!!! From tom at ee.ucl.ac.uk Mon Apr 10 15:15:00 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:20 2003 Subject: samba-TNG smbd crashing Message-ID: <200004101515.QAA06133@picard.ee.ucl.ac.uk> Hello I can confirm that the crashing is still occurring on the latest cvs update of samba-TNG (1300BST 10/4/00). I happened to be tracing the process at the time and that confirmed that the problem occurs in the Re-use of file structs. I have also found out that Solaris 2.7 MU 08/99 allows the customization of core file behaviour, so I've ordered it and will endeavour to get a core file later this week. Here is the relevant part of the trace output: 10458: write(4, " C u r r e n t e x c l".., 35) = 35 10458: getuid() = 0 [1747] 10458: fcntl(8, F_SETLKW64, 0xFFBEEEC8) = 0 10458: getpid() = 10458 [10037] 10458: write(4, " c a l l i n g o p e n".., 54) = 54 10458: getuid() = 0 [1747] 10458: write(4, " R e - u s e d f i l e".., 68) = 68 10458: getuid() = 0 [1747] 10458: Incurred fault #6, FLTBOUNDS %pc = 0x0004AC2C 10458: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000068 10458: Received signal #11, SIGSEGV [caught] 10458: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000068 10458: write(4, " = = = = = = = = = = = =".., 64) = 64 10458: getuid() = 0 [1747] 10458: getpid() = 10458 [10037] 10458: write(4, " I N T E R N A L E R R".., 51) = 51 10458: getuid() = 0 [1747] 10458: write(4, " P l e a s e r e a d ".., 50) = 50 10458: getuid() = 0 [1747] 10458: write(4, " = = = = = = = = = = = =".., 64) = 64 10458: getuid() = 0 [1747] 10458: write(4, " P A N I C : i n t e r".., 22) = 22 10458: getuid() = 0 [1747] 10458: getuid() = 0 [1747] 10458: sigaction(SIGABRT, 0x00000000, 0xFFBEE1D8) = 0 10458: llseek(0, 0, SEEK_CUR) = 0 10458: sigaction(SIGABRT, 0xFFBEE0A8, 0xFFBEE128) = 0 10458: sigprocmask(SIG_UNBLOCK, 0xFFBEE158, 0x00000000) = 0 10458: getpid() = 10458 [10037] 10458: kill(10458, SIGABRT) = 0 10458: Received signal #6, SIGABRT [default] 10458: siginfo: SIGABRT pid=10458 uid=0 10458: *** process killed *** Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From ctooley at joslyn.org Mon Apr 10 15:34:52 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:20 2003 Subject: samedit In-Reply-To: Message-ID: <001701bfa302$50e96b80$1900a8c0@joslyn.org> Is there a readme or HOWTO on how to use samedit? I can't seem to get any of my machines to join the dowmain and it says that smpasswd -m functionality is disabled use samedit. Unfortunately this is something I don't know how to do. Chris Tooley From mg at plum.de Tue Apr 11 15:36:55 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:20 2003 Subject: samedit References: <001701bfa302$50e96b80$1900a8c0@joslyn.org> Message-ID: <38F34697.A74DC25E@plum.de> Chris Tooley wrote: > > Is there a readme or HOWTO on how to use samedit? I can't seem to get any > of my machines to join the dowmain and it says that smpasswd -m > functionality is disabled use samedit. Unfortunately this is something I > don't know how to do. use samedit -S . then use "?" or "help" or "help " Regards, Michael From ctooley at joslyn.org Mon Apr 10 15:47:25 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:20 2003 Subject: samedit In-Reply-To: <38F34697.A74DC25E@plum.de> Message-ID: <001801bfa304$12256320$1900a8c0@joslyn.org> Thanks for the extremely quick response Chris -----Original Message----- From: Michael Glauche [mailto:mg@plum.de] Sent: Tuesday, April 11, 2000 10:37 AM To: ctooley@joslyn.org Cc: Multiple recipients of list SAMBA-NTDOM Subject: Re: samedit Chris Tooley wrote: > > Is there a readme or HOWTO on how to use samedit? I can't seem to get any > of my machines to join the dowmain and it says that smpasswd -m > functionality is disabled use samedit. Unfortunately this is something I > don't know how to do. use samedit -S . then use "?" or "help" or "help " Regards, Michael From Meerwaldt at t-online.de Mon Apr 10 16:02:36 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:20 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: Hi all, I'm running Samba 2.0.6 and I want to install it on a production business-critical Machine in a week (Upgrade from NT4 --> FreeBSD). I gonna have usernames which look like DOMAIN1\MyUsername (In this length). I just want the password validation for shares (they don't need to log on). Can I do that, or not.... -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ On Mon, 10 Apr 2000, Luke Kenneth Casson Leighton wrote: > hi, > > this is to let you all know that we're going to be very, very mean to you > all and mandate that usernames can be of the following format... in > /etc/passwd: > > DOMAINNAME\username. > > oh, dear: what a pity! that's more than 8 chars. > > @begin sympathy > well... umm... tough! you'll just have to change all your domain names to > two chars and have usernames of less than 5. sorry! > @end sympathy > > any objections? > > [linux copes nicely, i just tried DOMAIN\Administrator and pam_ntdom let > me log in.] > > luke > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > From tom at ee.ucl.ac.uk Mon Apr 10 17:38:05 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:20 2003 Subject: samba-TNG smbd crashing Message-ID: <200004101738.SAA13800@picard.ee.ucl.ac.uk> Hello, Well, I've narrowed the crash down to the following: [ Line 131 smbd/open.c ] static void fd_attempt_reopen(char *fname, mode_t mode, files_struct *fsp) { int fd = fsp->conn->vfs_ops.open(dos_to_unix(fname, False), O_RDWR, mode); file_fd_struct *fd_ptr = fsp->fd_ptr; On entry to this function, the variables are: fname = kixtart.scr, mode = 484, fsp addr = -4263772 (Numbers are %d). However, I note that fsp->fd_ptr is set to 0 at fsp->fd_ptr = 0; [line 332] and I can't see anywhere where it is set to anything else before this point in the code. I'll continue to dig into this tomorrow. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lisa at hermes.ewlab.usna.edu Mon Apr 10 17:40:32 2000 From: lisa at hermes.ewlab.usna.edu (Lisa Becktold {CADIG STAFF}) Date: Tue Dec 2 02:29:20 2003 Subject: make install/codepage segmentation fault Message-ID: <200004101740.NAA12977@leto15.usna.navy.mil> Hi: I've downloaded samba-tng-alpha.1.6 and am installing it on a Sun Ultra Enterprise 2, using gcc. The operating system is Solaris 2.7. I had no trouble running "configure" and "make". But when I run "make install", I first see an error message about install-sh not being executable. So I chmod 755 install-sh so it can be run. Then when I run "make install", I see error messages about the codepages: Installing codepage files in /usr/local/samba/lib/codepages Creating codepage file /usr/local/samba/lib/codepages/codepage.437 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.737 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.850 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.852 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.861 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.932 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.866 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.949 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.950 Segmentation Fault - core dumped Creating codepage file /usr/local/samba/lib/codepages/codepage.936 Segmentation Fault - core dumped ====================================================================== The code pages have been installed. You may uninstall them using the command "make uninstallcp" or make "uninstall" to uninstall binaries, man pages, shell scripts and code pages. ====================================================================== Then when I try to run the newly installed smbd, I get this error output: !# ./smbd Segmentation Fault - core dumped Same with all the other samba binaries - I can't start them up. Am I doing something incorrectly? Any help you could offer would be greatly appreciated! Lisa ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 ---------------------------------------------------------- ------------- End Forwarded Message ------------- ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 From jeremy at valinux.com Mon Apr 10 18:44:46 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:20 2003 Subject: samba-TNG smbd crashing References: <200004101231.NAA27634@picard.ee.ucl.ac.uk> Message-ID: <38F2211E.3EB3EC07@valinux.com> Tom Crummey wrote: > Luke asked me to contact you direct about the problem I'm having with > smbd crashing. I'm sorry but I'm concentrating on shipping 2.0.7 at the moment so cannot spend much time on fixing TNG branch bugs. > 2) When smbd crashes what should happen to file locks? Should they > be released by the crashing smbd? Should they be handed to another > smbd? Leaving them open is not satisfactory, especially when there > isn't a way to easily remove them by hand. Also, should smbd be forced > to drop a core when it crashes no matter what euid it has at the time? > i.e. change the euid back to root and then force the core dump. > (I'm not sure if this is possible, but perhaps others can comment.) The 2.0.x and HEAD code releases all locks on crash. I don't know why the TNG code isn't doing the same, sorry. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From miksa at lysya.kajaani.fi Mon Apr 10 23:38:58 2000 From: miksa at lysya.kajaani.fi (Mikko Hurskainen) Date: Tue Dec 2 02:29:20 2003 Subject: CVS problem Message-ID: Why cvs always stops in trans2.h and it is so slow ? Can I get newest CVS tree in .tar.gz packet. - Miksa Root of lysya.kajaani.fi From doverbey at att.com Mon Apr 10 17:27:16 2000 From: doverbey at att.com (Overbey, Alfred D (Dudley), ALCOO) Date: Tue Dec 2 02:29:20 2003 Subject: how to migrate from clear text to encrypted passwords. Message-ID: Would someone kindly point me in the direction of the documentation on migrating from clear text passwords to encrypted passwords with in the Samba realm? Thanks Dudley doverbey@att.com From hulet at ittc.ukans.edu Mon Apr 10 18:50:54 2000 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:29:20 2003 Subject: CVS problem In-Reply-To: Message-ID: Assuming you are asking for the latest tng source code: ftp://ftp.samba.org/pub/samba/alpha/ Michael Hulet Network System Administrator ITTC, University of Kansas On Tue, 11 Apr 2000, Mikko Hurskainen wrote: > Why cvs always stops in trans2.h and it is so slow ? > Can I get newest CVS tree in .tar.gz packet. > > - Miksa > Root of lysya.kajaani.fi > > From mg at plum.de Tue Apr 11 18:58:20 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:20 2003 Subject: CVS problem References: Message-ID: <38F375CC.975525F3@plum.de> Mikko Hurskainen wrote: > > Why cvs always stops in trans2.h and it is so slow ? > Can I get newest CVS tree in .tar.gz packet. You can use the TNG-Alpha-Versions. They are released so frequently, you could take them as daily snapshots ;)) You can get them from http://www.samba.org/samba/ftp/alpha/ Regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de From ctooley at joslyn.org Mon Apr 10 19:11:14 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:20 2003 Subject: samedit In-Reply-To: <38F34697.A74DC25E@plum.de> Message-ID: <004f01bfa320$8acdfe60$1900a8c0@joslyn.org> Ok, this gets me into samedit mode (I guess that's what you would call it.) What do I while I'm there?? Is this the new tool to create users and machine accounts? I've been trying to dig through the mailing list but can't find where this change occured. I'm not in a horrible hurry to get a TNG server running in production, 2.0.6 is running and doing fine serving files. I'm just trying to figure out TNG so if it goes live one of these days so I won't be totally lost. If someone can give the details of how samedit works (this isn't an equivalent of an NT command line tool is it?) I'll be happy to write some documentation for it. Chris Tooley -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Michael Glauche Sent: Monday, April 10, 2000 10:36 AM To: Multiple recipients of list SAMBA-NTDOM Subject: Re: samedit Chris Tooley wrote: > > Is there a readme or HOWTO on how to use samedit? I can't seem to get any > of my machines to join the dowmain and it says that smpasswd -m > functionality is disabled use samedit. Unfortunately this is something I > don't know how to do. use samedit -S . then use "?" or "help" or "help " Regards, Michael From p.grimmerink at home.nl Mon Apr 10 19:16:21 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:20 2003 Subject: samedit In-Reply-To: <004f01bfa320$8acdfe60$1900a8c0@joslyn.org> Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Chris Tooley > Sent: maandag 10 april 2000 21:08 > To: Multiple recipients of list SAMBA-NTDOM > Subject: RE: samedit > > > Ok, this gets me into samedit mode (I guess that's what you would > call it.) > What do I while I'm there?? Is this the new tool to create users and > machine accounts? Users: createuser username Machine accounts: createuser machinename$ Best regards, Pieter From ctooley at joslyn.org Mon Apr 10 20:55:50 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:21 2003 Subject: samedit In-Reply-To: <20000410195411.16758.qmail@hotmail.com> Message-ID: <000201bfa32f$275d9ca0$1900a8c0@joslyn.org> Ok, I have to add the Samba server as part of the domain as well, correct? -----Original Message----- From: Philip Quinney [mailto:philquinney@hotmail.com] Sent: Monday, April 10, 2000 2:54 PM To: ctooley@joslyn.org Subject: Re: samedit Hi, This is my first posting, so here we go: cd to your samba bin directory. ./samedit -S . -U root (or user with admin priveledges) createuser [workstation name]$ This should work, now go to the workstation and join it to the domain. Philip Quinney. ----Original Message Follows---- From: "Chris Tooley" Reply-To: ctooley@joslyn.org To: Multiple recipients of list SAMBA-NTDOM Subject: samedit Date: Tue, 11 Apr 2000 01:32:21 +1000 Is there a readme or HOWTO on how to use samedit? I can't seem to get any of my machines to join the dowmain and it says that smpasswd -m functionality is disabled use samedit. Unfortunately this is something I don't know how to do. Chris Tooley ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com From lisa at hermes.ewlab.usna.edu Mon Apr 10 21:42:56 2000 From: lisa at hermes.ewlab.usna.edu (Lisa Becktold {CADIG STAFF}) Date: Tue Dec 2 02:29:21 2003 Subject: Microsoft "Address Book" Message-ID: <200004102142.RAA14092@leto15.usna.navy.mil> Hi: We have Samba installed on an SGI Challenger 2000, and it has replaced our NT Server. All the NT workstations in our classrooms log into the Samba domain. This has worked very well all semester. We also use Samba for file sharing - users on Windows 95/98 PCs can access their UNIX home directories. O.K., so here's a wierd question - does Samba provide Microsoft "Address Book" emulation? A PC/Network administrator here is trying to run Microsoft Remote Registry on a Windows 98 machine, which would allow him to remotely administer other Windows 98 machines. However, when he tries to add a user to the "Remote Administrator's List"? he is prompted to enter a machine that is an "Address Book Provider". The administrator enters the name of our Samba server, but then a box pops up with this error message: "An error occurred trying to access the Address Book Provider" But when he enters the name of the Windows NT PDC, a list of users immediately pops up. Is there any way around this? Or is this "Address Book" definitely a Microsoft thing? Do we have to home the Windows 95/98 PC to an NT server, instead of our Samba server? Has anyone else run into this? Lisa ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 ---------------------------------------------------------- ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 From cartegw at Eng.Auburn.EDU Mon Apr 10 22:25:15 2000 From: cartegw at Eng.Auburn.EDU (Gerald Carter) Date: Tue Dec 2 02:29:21 2003 Subject: Microsoft "Address Book" References: <200004102142.RAA14092@leto15.usna.navy.mil> Message-ID: <38F254CB.D71BC9A4@eng.auburn.edu> Lisa Becktold {CADIG STAFF} wrote: > > O.K., so here's a wierd question - does Samba provide Microsoft > "Address Book" emulation? Short answer is no... Look at http://www.openldap.org for an Open Source LDAP project. You can use this to implement you directory service. Cheers, jerry ________________________________________________________________________ Gerald ( Jerry ) Carter Engineering Network Services Auburn University jerry@eng.auburn.edu http://www.eng.auburn.edu/users/cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ryagatich at csn1.com Tue Apr 11 00:45:53 2000 From: ryagatich at csn1.com (Ryan Yagatich) Date: Tue Dec 2 02:29:21 2003 Subject: Two Samba in same network In-Reply-To: Message-ID: <001f01bfa34f$4a8c0f20$3001a8c0@r2> simple i think..... mkdir /mounts/pdc1 ;this is your first mapped drive mkdir /mounts/pdc1/drive ;this is the v-directory mkdir /mounts/pdc2 ;this is the 'shared' directory location cd /mounts/pdc1/drive ;obvious ln -s d2 /mounts/pdc2 ;create a link to the 'shared' directory location smbmount //server-2/sharename-2 /mounts/pdc2 -U username -W workgroup -I interface (ip) ;mount the shared directory to where the link points. /etc/smb.conf - server-1 [sharename-1] ;the sharename from server one path=/mounts ;the path, must include both paths so you can see them from windows boxes. ... ;put whatever else you need down here... I hope this helps a little. if not, sorry. Ryan --signatures are overrated-- >-----Original Message----- >From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of >fricke@Team.OWL-Online.DE >Sent: Monday, April 10, 2000 8:11 AM >To: Multiple recipients of list SAMBA-NTDOM >Subject: Two Samba in same network > > >Hi, > >I have to setup a second Samba in the same network. >Just to map one drive. >Can I do it with the same configuration? >The NT?s have to map the drive on systemstart like the first Samba. >Know what I mean? >------------------------------------------------------------------- >------------------------------- >Mit freundlichen Gr??en > >Cord-H. Fricke >Fon: 0 52 1 / 52 51-133 >Fax: 0 52 1 / 52 51-115 > >..keep on headbangin? , that rocks!!! > From lkcl at samba.org Tue Apr 11 01:08:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: User list In-Reply-To: <001801bfa2e4$4c5a6920$0a02a8c0@SAMBA> Message-ID: hi sergey. well... sort-of. if you look at smbd/lanman.c, searching for "Domain Users", you see it's faked up. it has been for years! i am wondering what to do about it... On Mon, 10 Apr 2000, Sergey Shibeko wrote: > Thank Luke for correction of a bug w95! > > Whether the reception of the list of the users with samba-TNG by the client > w95/w98 is possible? It is necessary for export of resources of one client > for another by the instruction of the users, to which this resource will be > accessible. > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 01:11:12 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samba-TNG smbd crashing In-Reply-To: <200004101231.NAA27634@picard.ee.ucl.ac.uk> Message-ID: On Mon, 10 Apr 2000, Tom Crummey wrote: > Hello Jeremy, > > Luke asked me to contact you direct about the problem I'm having with > smbd crashing. > > As I see it there are two issues to address: > > 1) Fix the problem causing the crash > 2) Define what should happen to locks when an instance of smbd crashes. > > 1) Background to the problem: > > samba-TNG cvs update 11:00BST 05/04/00 Solaris 2.7 gcc 2.8.1 Sparc 64 > > I realise this isn't the latest version, but I don't think anyone has > addressed the problem as yet. > > I have several Win2k clients using a samba-TNG server for domain logins > and profiles. Sometimes smbd crashes while the client is performing the > login script and leaves an oplock against it: (Extract from smbstatus:) > > 1163 DENY_WRITE RDONLY EXCLUSIVE+BATCH > /opt/samba-TNG/etc/netlogon/UNKNOWN.exe Mon Apr 10 09:55:47 2000 > 1163 DENY_NONE RDONLY LEVEL_II > /opt/samba-TNG/etc/netlogon/kixtart.scr Mon Apr 10 09:55:58 2000 > > A core is not dumped because on Solaris a process will not produce > a core if its euid is different from its real uid. interesting! ok, you could disable that by taking out the configure tests for HAVE_SETRESUID and HAVE_SETEUID. then again, put a sleep(60) in the smb_panic() function, i do this _all_ the time. then again, if you are running X-windows, do this: "panic action = DISPLAY=:0 xeyes" :) then, when the eyes appear, go do a gdb attach :) From lkcl at samba.org Tue Apr 11 01:13:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samba-tng-alpha-2.2.tar.gz In-Reply-To: <018a01bfa2eb$bc2f6460$0602000a@space.gr> Message-ID: On Mon, 10 Apr 2000, Panagiotis Malakoudis wrote: > I believe what you need is the pam module that lets you authenticate users > against an NT domain (linux pam modules). yep, that's pam_ntdom. you could also use pam_smb. > Not the samba pam support features. correct. > > ----- Original Message ----- > From: Pieter Grimmerink > To: Multiple recipients of list SAMBA-NTDOM > Sent: Monday, April 10, 2000 3:47 PM > Subject: RE: samba-tng-alpha-2.2.tar.gz > > > > > > > > > -----Original Message----- > > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > > Luke Kenneth Casson Leighton > > > Sent: maandag 10 april 2000 4:56 > > > To: Multiple recipients of list SAMBA-NTDOM > > > Subject: samba-tng-alpha-2.2.tar.gz > > > > > - i am also impressed (even though i wrote it) that pam_ntdom actually > > > works. just for fun, i added an account named DOMAIN\administrator to > > > /etc/passwd yesterday, and was stunned to find that it actually worked. > > > i typed in DOMAIN\administrator, and password of test, and got a login > > > prompt. > > > > Is there already a way to let unixusers authenticate agains an NT server, > > using this pam_ntdom funcionality? > > I would like to let users dial into a linux server, using their NT domain > > accounts. > > > > Best regards, > > > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 01:20:00 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samedit In-Reply-To: <001701bfa302$50e96b80$1900a8c0@joslyn.org> Message-ID: there is a man page, it should be enough to get you started. On Tue, 11 Apr 2000, Chris Tooley wrote: > Is there a readme or HOWTO on how to use samedit? I can't seem to get any > of my machines to join the dowmain and it says that smpasswd -m > functionality is disabled use samedit. Unfortunately this is something I > don't know how to do. > > Chris Tooley > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 01:21:39 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: for share-level security? you shouldn't be affected at all. if you run with TNG at all and find that "security = share" doesn't work for you at any time, bitch about it, ok? thanks frederik. On Mon, 10 Apr 2000, Frederik Meerwaldt wrote: > Hi all, > > I'm running Samba 2.0.6 and I want to install it on a production > business-critical Machine in a week (Upgrade from NT4 --> FreeBSD). > I gonna have usernames which look like DOMAIN1\MyUsername (In this > length). I just want the password validation for shares (they don't need > to log on). Can I do that, or not.... > > -- > > Best regards, > Freddy > > Homepage: fmeerwaldt.homepage.com > Last update: 11.03.2000 > Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a > little bit about me. > ------------------------------------------------------------------------ > NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. > ------------------------------------------------------------------------ > > On Mon, 10 Apr 2000, Luke Kenneth Casson Leighton wrote: > > > hi, > > > > this is to let you all know that we're going to be very, very mean to you > > all and mandate that usernames can be of the following format... in > > /etc/passwd: > > > > DOMAINNAME\username. > > > > oh, dear: what a pity! that's more than 8 chars. > > > > @begin sympathy > > well... umm... tough! you'll just have to change all your domain names to > > two chars and have usernames of less than 5. sorry! > > @end sympathy > > > > any objections? > > > > [linux copes nicely, i just tried DOMAIN\Administrator and pam_ntdom let > > me log in.] > > > > luke > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > Macmillan Technical Publishing > > > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 01:25:23 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samba-TNG smbd crashing In-Reply-To: <200004101738.SAA13800@picard.ee.ucl.ac.uk> Message-ID: tom, andrew just did some updates to cvs main, i'm going to see if they compile, and then if they do, cut them over. On Mon, 10 Apr 2000, Tom Crummey wrote: > Hello, > > Well, I've narrowed the crash down to the following: > > [ Line 131 smbd/open.c ] > static void fd_attempt_reopen(char *fname, mode_t mode, files_struct *fsp) > { > int fd = fsp->conn->vfs_ops.open(dos_to_unix(fname, False), O_RDWR, mode); > file_fd_struct *fd_ptr = fsp->fd_ptr; > > On entry to this function, the variables are: > > fname = kixtart.scr, mode = 484, fsp addr = -4263772 > > (Numbers are %d). > > However, I note that fsp->fd_ptr is set to 0 at fsp->fd_ptr = 0; [line 332] > and I can't see anywhere where it is set to anything else before this point > in the code. > > I'll continue to dig into this tomorrow. > > > Tom. > > ---------------------------------------------------------------------------- > Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > University College London, TEL: +44 (0)20 7679 3898 > Torrington Place, FAX: +44 (0)20 7388 9325 > London, UK, WC1E 7JE. > ---------------------------------------------------------------------------- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 01:29:19 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: CVS problem In-Reply-To: Message-ID: mikko, keep retrying, i sometimes rm -fr samba/ and re-check-out about five times, over a modem link, before getting everything. On Tue, 11 Apr 2000, Mikko Hurskainen wrote: > Why cvs always stops in trans2.h and it is so slow ? > Can I get newest CVS tree in .tar.gz packet. > > - Miksa > Root of lysya.kajaani.fi > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From acd at woods.net Tue Apr 11 01:29:04 2000 From: acd at woods.net (Aaron Dewell) Date: Tue Dec 2 02:29:21 2003 Subject: samba-TNG smbd crashing In-Reply-To: References: <200004101231.NAA27634@picard.ee.ucl.ac.uk> Message-ID: <14578.32736.219198.425415@snowy.woods.net> You may also want to try egcs instead of gcc 2.8.1. I've been told gcc 2.8 generates interesting code on Solaris/Sparc. You can get a precompiled version from www.sunfreeware.com. I don't know that that will work, my Samba server isn't on Solaris (though it will be later), but just a generic suggestion. Luke Kenneth Casson Leighton wrote: > > 1) Background to the problem: > > > > samba-TNG cvs update 11:00BST 05/04/00 Solaris 2.7 gcc 2.8.1 Sparc 64 _______________________________________________________________________ |Aaron Dewell ===> acd@woods.net | |http://www.woods.net/~acd http://www.woods.net/ | |PGP keyid 0x0D12A6B9 available from http://keys.pgp.com/ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From lkcl at samba.org Tue Apr 11 01:46:28 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samedit In-Reply-To: <004f01bfa320$8acdfe60$1900a8c0@joslyn.org> Message-ID: > If someone can give the details of how samedit works (this isn't an > equivalent of an NT command line tool is it?) I'll be happy to write some he he, ... sort-of. "net.exe", but not really. it's the same sort-of-thing as usrmgr.exe, only command-line based. > documentation for it. > > Chris Tooley > > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Michael Glauche > Sent: Monday, April 10, 2000 10:36 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: samedit > > > Chris Tooley wrote: > > > > Is there a readme or HOWTO on how to use samedit? I can't seem to get any > > of my machines to join the dowmain and it says that smpasswd -m > > functionality is disabled use samedit. Unfortunately this is something I > > don't know how to do. > > use > > samedit -S . > > then use "?" or "help" or "help " > > > Regards, > Michael > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 02:00:13 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samedit In-Reply-To: Message-ID: On Tue, 11 Apr 2000, Pieter Grimmerink wrote: > > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Chris Tooley > > Sent: maandag 10 april 2000 21:08 > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: RE: samedit > > > > > > Ok, this gets me into samedit mode (I guess that's what you would > > call it.) > > What do I while I'm there?? Is this the new tool to create users and > > machine accounts? this creates "disabled" accounts, with no password. > > Users: > createuser username > > Machine accounts: > > createuser machinename$ > > Best regards, > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 11 02:02:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samedit In-Reply-To: <000201bfa32f$275d9ca0$1900a8c0@joslyn.org> Message-ID: On Tue, 11 Apr 2000, Chris Tooley wrote: > Ok, I have to add the Samba server as part of the domain as well, correct? yep! From nazard at dragoninc.on.ca Tue Apr 11 03:23:16 2000 From: nazard at dragoninc.on.ca (nazard@dragoninc.on.ca) Date: Tue Dec 2 02:29:21 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: <20000411032334Z13093535-3940+9527@samba.org> On 10 Apr, Luke Kenneth Casson Leighton wrote: > hi, > > this is to let you all know that we're going to be very, very mean to you > all and mandate that usernames can be of the following format... in > /etc/passwd: > > DOMAINNAME\username. > > oh, dear: what a pity! that's more than 8 chars. > > @begin sympathy > well... umm... tough! you'll just have to change all your domain names to > two chars and have usernames of less than 5. sorry! > @end sympathy > > any objections? Don't tie it to the user name. In some cases (i.e. LDAP) it would be much better to add another multi-valued attribute like "NTDOMAIN". That way we could use that account for multiple domains, or move domains easily. -- Doug Nazar Dragon Computer Consultants Inc. Tel: (416) 708-1578 Fax: (416) 708-8081 From lkcl at samba.org Tue Apr 11 04:36:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: <20000411032334Z13093504-27273+9620@samba.org> Message-ID: > Don't tie it to the user name. In some cases (i.e. LDAP) it would be > much better to add another multi-valued attribute like "NTDOMAIN". That > way we could use that account for multiple domains, or move domains > easily. good idea. From admin at geoksc.apatity.ru Tue Apr 11 05:04:00 2000 From: admin at geoksc.apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:21 2003 Subject: User list References: <001801bfa2e4$4c5a6920$0a02a8c0@SAMBA> Message-ID: <004301bfa373$5b700de0$0a02a8c0@SAMBA> > Thank Luke for correction of a bug w95! > > Whether the reception of the list of the users with samba-TNG by the client > w95/w98 is possible? It is necessary for export of resources of one client > for another by the instruction of the users, to which this resource will be > accessible. I bring my apologies! It is a problem in win98, the system did not work correctly. After reinstall - all perfectly works. The large thank, Luke! From nazard at dragoninc.on.ca Tue Apr 11 05:08:17 2000 From: nazard at dragoninc.on.ca (nazard@dragoninc.on.ca) Date: Tue Dec 2 02:29:21 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: <20000411050833Z13352812-27273+9651@samba.org> On 11 Apr, Luke Kenneth Casson Leighton wrote: >> Don't tie it to the user name. In some cases (i.e. LDAP) it would be >> much better to add another multi-valued attribute like "NTDOMAIN". That >> way we could use that account for multiple domains, or move domains >> easily. > > good idea. I've been thinking about this a bit since I'm raining on your parade What if we added a config file/options so you can specify how to handle each domain. This would allow us to better support multiple backends. Maybe something like: [DRAGONREALM] Type = PDC NameDatabase = LDAP SambaDatabase = LDAP LDAP Server = blah LDAP blah ... EncryptPasswords = yes logon path = other domain related options.... [TRUSTED_DOMAIN] Type = Trusted NameDatabase = Samba SambaDatabase = Samba Samba Server = Samba_Pdc [TRUSTED_DOMAIN_2] Type = Trusted NameDatabase = File GroupDatabase = File SambaDatabase = NT NT Server = NT_Pdc NameFile = /opt/samba/private/trusted_domain_2_users GroupFile = /opt/samba/private/trusted_domain_2_groups -- Doug Nazar Dragon Computer Consultants Inc. Tel: (416) 708-1578 Fax: (416) 708-8081 From admin at geoksc.apatity.ru Tue Apr 11 05:10:53 2000 From: admin at geoksc.apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:21 2003 Subject: User list References: Message-ID: <008c01bfa374$69b88f20$0a02a8c0@SAMBA> > well... sort-of. if you look at smbd/lanman.c, searching for "Domain > Users", you see it's faked up. > > it has been for years! > > i am wondering what to do about it... I bring my apologies! It is a problem in win98, the system did not work correctly. After reinstall - all perfectly works. The large thank! From lkcl at samba.org Tue Apr 11 05:19:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: <20000411050831Z13353282-3940+9553@samba.org> Message-ID: iihhhhhh... *thinks*. for a SAM-database-that-is-our-own-LDAP-server, only one set of config options are needed. for a SAM-database-on-a-remote-system-that-happens-to-also-use-LDAP-as-its-back-end, we don't care what it uses, we use NT-style DCE/RPC functions. _however_, for uid/SID and gid/SID resolutions, we use SURS. that's different. so, potentially, these could be options in /etc/surs.conf. On Tue, 11 Apr 2000 nazard@dragoninc.on.ca wrote: > On 11 Apr, Luke Kenneth Casson Leighton wrote: > >> Don't tie it to the user name. In some cases (i.e. LDAP) it would be > >> much better to add another multi-valued attribute like "NTDOMAIN". That > >> way we could use that account for multiple domains, or move domains > >> easily. > > > > good idea. > > I've been thinking about this a bit since I'm raining on your parade > > What if we added a config file/options so you can specify how to handle > each domain. This would allow us to better support multiple backends. > > Maybe something like: > > [DRAGONREALM] > Type = PDC > NameDatabase = LDAP > SambaDatabase = LDAP > LDAP Server = blah > LDAP blah ... > EncryptPasswords = yes > logon path = > other domain related options.... > > [TRUSTED_DOMAIN] > Type = Trusted > NameDatabase = Samba > SambaDatabase = Samba > Samba Server = Samba_Pdc > > [TRUSTED_DOMAIN_2] > Type = Trusted > NameDatabase = File > GroupDatabase = File > SambaDatabase = NT > NT Server = NT_Pdc > NameFile = /opt/samba/private/trusted_domain_2_users > GroupFile = /opt/samba/private/trusted_domain_2_groups > > > > -- > Doug Nazar > Dragon Computer Consultants Inc. > Tel: (416) 708-1578 Fax: (416) 708-8081 > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pmal at space.gr Tue Apr 11 05:57:38 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:21 2003 Subject: Interdomain References: Message-ID: <007301bfa37a$d76ac6e0$0602000a@space.gr> For the past couple of days I've been trying to setup an interdomain trust relationship between my samba domain and a windows nt domain. I'm not there yet but I think I'm close. Here is what I've done so far: I added a couple of accounts for the login process. I added my samba server with samedit I added the Nt PDC machine with the -i parameter. Now ehwn I look at the smbpasswd file I see that my samba server was added with the W flag and a password while the NT PDC was added with the NDI flag and no password (why no password? Isn't one necessary to create the trust?) Using User manager now from my windows NT box and when I try to create the trust I get an error message saying "Could not find domain controller for this domain". My log files show nothing at all. Any hints? From lkcl at samba.org Tue Apr 11 06:51:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: calling all windows 9x lovers Message-ID: ok, you wooses, i'm doing work that affects you. yes, you lot. the ones that insist on not paying through the nose for nt workstation licenses, and make do with 9x, for your pain and your sins. i am looking forward to the days when it is not necessary to maintain two sets of code for NT and 9x support in samba, so have made some of the LANMAN support call DCE/RPC functions. to this end, please could people do the following tests, from win9x: - NET VIEW - NET VIEW \\SAMBA-TNG - NET TIME \\SAMBA-TNG - password change - win9x-style profile-login-thing (i can't bring myself to call it a domain logon, sorry). you will need either the latest cvs or samba-tng-alpha-2.3.tar.gz (just being built as we speak... um... as i type.) From lkcl at samba.org Tue Apr 11 07:05:02 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:21 2003 Subject: samba-tng-alpha-2.3.tar.bz2 Message-ID: yes, there's a .gz, too. there's also always patch files (diff.gz) for those people with really slow links [in russia, hi there, thanks for wanting to keep up with this stuff!] this release may be a bit dodgy, it contains three separate sets of changes: - andrew's simplified the file-opening. however, it doesn't deal with the shared NFS / SMB case, so jeremy is investigating that. - the msrpc loop-back unix-socket-interface-thing i made some nice, simple, trivial mods that make it clear what i am doing... and my first tests showed i broke it :) heck, it i got it wrong, i'll do another alpha release :) - smbd receives win-9x/smbclient requests, it now passes them on to DCE/RPC functions (e.g api_NetShareEnum calls srv_net_share_enum on loop-back. api_NetServerTOD calls srv_net_srv_tod. there _isn't_ a srv_net_server_enum, so i am a bit lost, there, i'd _love_ to know what microsoft is doing, there...) ok, have fun. luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Olivier.Brousselle at univ-lehavre.fr Tue Apr 11 07:09:12 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:21 2003 Subject: [TNG 2.2] no domain Message-ID: <38F2CF98.F3D4C5AC@univ-lehavre.fr> I've tried TNG 2.2, and there is a problem : my domain isn't recognized. When I try to connect from a workstation, that says "the domain is unavailable". logs of the workstation : SMB LM/NT Password did not match! authorise_login: TODO. split function, it's 6 levels! But, when I try smbclient //TNG_PDC/user -U user, the session is OK, no problem. Another problem is when I use smbpasswd to change the password of an user, the password is not changed and smbpasswd makes a segmentation fault. My server is running on a Slackware 7.0, TNG 2.2. Any idea ? From Olivier.Brousselle at univ-lehavre.fr Tue Apr 11 07:35:37 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:22 2003 Subject: [TNG 2.2] domain unavailable (more info) Message-ID: <38F2D5C9.68B47416@univ-lehavre.fr> I've tried TNG 2.2, and there is a problem : my domain isn't recognized. When I try to connect from a workstation, that says "the domain is unavailable". But, when I try smbclient //TNG_PDC/user -U user, the session is OK, no problem. Info : 172.16.1.23 TNG_PDC 172.16.1.68 the workstation Logs of the workstation : ================================ >SMB LM/NT Password did not match! >authorise_login: TODO. split function, it's 6 levels! ================================ Log.nmb : ================================ >[2000/04/11 08:50:50, 1] nmbd/nmbd.c:main(760) > Netbios nameserver version TNG-alpha started. > Copyright Andrew Tridgell 1994-1998 >[2000/04/11 08:50:50, 0] param/loadparm.c:map_parameter(1855) > Unknown parameter encountered: "domain admin group" >[2000/04/11 08:50:50, 0] param/loadparm.c:lp_do_parameter(2422) > Ignoring unknown parameter "domain admin group" >[2000/04/11 08:50:50, 0] param/loadparm.c:map_parameter(1855) > Unknown parameter encountered: "domain admin users" >[2000/04/11 08:50:50, 0] param/loadparm.c:lp_do_parameter(2422) > Ignoring unknown parameter "domain admin users" >add_domain_logon_names: >Attempting to become logon server for workgroup MY_GROUP on subnet 172.16.1.23 >become_domain_master_browser_bcast: >Attempting to become domain master browser on workgroup MY_GROUP on subnet 172.16.1.23 >become_domain_master_browser_bcast: querying subnet 172.16.1.23 for domain master browser on workgroup MY_GROUP >become_logon_server_success: Samba is now a logon server for workgroup MY_GROUP on subnet 172.16.1.23 >***** > >Samba server TNG_PDC is now a domain master browser for workgroup MY_GROUP on subnet 172.16.1.23 > >***** >***** > >Samba name server TNG_PDC is now a local master browser for workgroup MY_GROUP on subnet 172.16.1.23 > >***** >process_logon_packet: Logon from 172.16.1.68: code = 12 ================================ log.netlogon : ================================ [2000/04/11 08:50:50, 1] msrpc/msrpcd.c:main(457) netlogond version TNG-alpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /home/samba-tng/var/locks/.msrpc perms=448 /home/samba-tng/var/locks/.msrpc/netlogon perms=448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /home/samba-tng/var/locks/.msrpc/netlogon failed TODO: verify that the rid exists write_socket: Error writing 36 bytes to socket 7: ERRNO = Broken pipe Error writing 36 msrpc bytes. -1. ================================= Another problem is when I use smbpasswd to change the password of an user, the password is not changed and smbpasswd makes a segmentation fault. My server is running on a Slackware 7.0, TNG 2.2. Any idea ? -------------- next part -------------- # Global parameters workgroup = MY_GROUP server string = Serveur Samba pour le domaine encrypt passwords = Yes update encrypted = Yes username map = /home/samba-tng/private/users.map log file = /home/samba-tng/var/log.%m max log size = 50 domain group map = /home/samba-tng/private/groups.map domain user map = /home/samba-tng/private/users.map domain admin group = @admindom domain admin users = root logon script = logon.bat logon path = \\%N\Profiles\%U logon drive = H: domain logons = Yes preferred master = True domain master = True dns proxy = No admin users = root @admindom printing = bsd print command = lpr -P %p load printers = yes lpq command = lpq lprm command = lprm lppause command = lpresume command = [homes] comment = Repertoire personnel valid users = %S read only = No browseable = No [printers] comment = All Printers path = /home/samba-tng/spool print ok = Yes postscript = Yes browseable = No [netlogon] comment = service NETLOGON path = /home/samba-tng/netlogon locking = No [Profiles] comment = Profils utilisateurs path = /home/samba-tng/profiles read only = No guest ok = Yes writable = Yes browseable = No From lonnie at borntreger.com Tue Apr 11 08:33:11 2000 From: lonnie at borntreger.com (Lonnie J. Borntreger) Date: Tue Dec 2 02:29:22 2003 Subject: calling all windows 9x lovers In-Reply-To: Message-ID: <000101bfa390$933056a0$0500000a@borntreger.com> Server: Solaris 7, CVS as of 3:15AM CDT Client: Win98 SE Format: Quick results listed below. I could get log 100 if you want. TTFN, Lonnie Borntreger > -----Original Message----- > ok, you wusses, i'm doing work that affects you. yes, you > lot. the ones > that insist on not paying through the nose for nt workstation > licenses, > and make do with 9x, for your pain and your sins. I prefer the term "cheap". :) > i am looking forward to the days when it is not necessary to > maintain two > sets of code for NT and 9x support in samba, so have made some of the > LANMAN support call DCE/RPC functions. > > to this end, please could people do the following tests, from win9x: > - NET VIEW C:\WINDOWS>net view Servers available in workgroup WHNET. Server name Remark ---------------------------------------------------------------------------- --- \\GTO Borntreger PDC (TNG-alpha,gto) The command was completed successfully. In log.smb: domain_client_validate: unable to validate password for user 67goat in domain WHNET to Domain controller \\.. > - NET VIEW \\SAMBA-TNG --This took a while to return the first couple of tries C:\WINDOWS>net view \\gto Error 50: You attempted an operation that cannot be performed from your computer or that is not supported on the specified server. Make sure you are using the correct server for the command or task that you want to perform. If the problem persists, contact your network administrator. > - NET TIME \\SAMBA-TNG Same error 50 The first couple of times I saw : prs_grow_data: 4 > 0 domain_client_validate: unable to validate password for user 67goat in domain WHNET to Domain controller \\.. api_fd_reply: INVALID PIPE HANDLE: 0 Then I started getting the error 50 really fast with: ncalrpc_l_establish_connection: failed srvsvc) ncalrpc_l_use_add: connection failed (The change in command returns and log entries is reproducible - after a server restart.) "net view" still works, after these problems. If I try to run server/user manager, it seems to find the PDC (for a change), but complains that "the server is too busy to complete this operation". No SEG faults of any kind. (Oh. I tried to use Network Neighborhood. Saw the networked computers, couldn't see any shares.) Too scared to try the rest. :) > - password change > > - win9x-style profile-login-thing (i can't bring myself to call it a > domain logon, sorry). > > you will need either the latest cvs or > samba-tng-alpha-2.3.tar.gz (just > being built as we speak... um... as i type.) From it-samba at computerbild.de Tue Apr 11 08:43:03 2000 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:22 2003 Subject: User list References: <001801bfa2e4$4c5a6920$0a02a8c0@SAMBA> <004301bfa373$5b700de0$0a02a8c0@SAMBA> Message-ID: <014401bfa392$7022e130$012ca8c0@combi.de> Hi, ok, this is OT, but quite related;-) > > Whether the reception of the list of the users with samba-TNG by the > client > > w95/w98 is possible? > I bring my apologies! > It is a problem in win98, the system did not work correctly. > After reinstall - all perfectly works. Netscape and/or OE tend to replace mapi32.dll when selected as standard MAPI clients. No idea, why this breaks domain user level security on W98, but it does. Fortunately the fix is simple: they leave a backup (s.th. like mapi32.oe) in the system directory. Just rename it back and you won't have to reinstall. Cheers, Ingo From mg at plum.de Wed Apr 12 09:17:06 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:22 2003 Subject: calling all windows 9x lovers References: <000101bfa390$933056a0$0500000a@borntreger.com> Message-ID: <38F43F12.68E2D8F2@plum.de> "Lonnie J. Borntreger" wrote: > Only 2.2 here, (it takes > 1h to recompile on my old p133 home-server ;) > Too scared to try the rest. :) > > - password change Does not work .. Will test it against 2.3 > > > > - win9x-style profile-login-thing (i can't bring myself to call it a > > domain logon, sorry). > > That one worked .. I just got my profile uploaded to .. *oops* its not there ... ;) Ok .. screw that one, profiles are not in \\server\profiles\ Will test 2.3 later ... Regards, Michael From mg at plum.de Wed Apr 12 09:28:35 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:22 2003 Subject: samba-tng-alpha-2.3.tar.bz2 References: Message-ID: <38F441C3.7514118@plum.de> Luke Kenneth Casson Leighton wrote: > > yes, there's a .gz, too. there's also always patch files (diff.gz) for > those people with really slow links [in russia, hi there, thanks for > wanting to keep up with this stuff!] > There's no diff.gz in the alpha dir, but that .bz2 reduces the tarball to 1 MB less than the .gz ;) *wow* regards, Michael From im.haupt at rznb0.rz.tu-bs.de Tue Apr 11 09:37:36 2000 From: im.haupt at rznb0.rz.tu-bs.de (Matthias Haupt) Date: Tue Dec 2 02:29:22 2003 Subject: Where is the .SID file? Message-ID: <38F2F25E.1F6254F8@tu-bs.de> Dear samba specialists, i have started with samba few days ago, compiling 2.0.6 on our hpux-10.20 server and edit the smb.conf with the following contents: [global] encrypt passwords = yes local master = yes domain master = yes os level = 65 preferred master = yes domain logons = yes logon path = \\%L\home\profiles\%U wins support = no workgroup = IFLDOM netbios name = IFLHP301 server string = IFL-Samba Server hosts allow = 134.169.44. 127. security = user [homes] read only = no [WINDIR] path = /home/opt/windir read only = no users = @users [netlogon] path = /usr/local/samba/lib/netlogon writeable = no share modes = no [Profiles] path = /home/profiles read only = no case sensitive = No I have one NT4.0 SP5 client calles "ifllin05($)" added to /etc/passwd and to smbpasswd with smbpasswd -a -m ifllin05 Then I hopefully started smbd and nmbd, and I see in /usr/local/samba/private the MACHINE.SID file but no IFLDOM.SID file announced in the samba documentation. What's the reason for this missing file ? Therefore I think the change from Workgroup to Domain in the NT network configuration fails. The access to the server directories works. Some lines of the smb-log file during the Workgroup to Domain change are [2000/04/11 10:57:16, 3] smbd/process.c:(448) switch message SMBsesssetupX (pid 1833) [2000/04/11 10:57:16, 3] smbd/reply.c:(788) Domain=[IFLDOM] NativeOS=[Windows NT 1381] NativeLanMan=[] [2000/04/11 10:57:16, 3] smbd/reply.c:(793) sesssetupX:name=[IFLLIN05$] [2000/04/11 10:57:16, 10] passdb/passdb.c:(142) search by name: IFLLIN05$ [2000/04/11 10:57:16, 10] passdb/smbpass.c:(45) startsmbfilepwent: opening file /usr/local/samba/private/smbpasswd [2000/04/11 10:57:16, 6] passdb/smbpass.c:(159) getsmbfilepwent: skipping comment or blank line [2000/04/11 10:57:16, 5] passdb/smbpass.c:(257) getsmbfilepwent: returning passwd entry for user i6071001, uid 1730 [2000/04/11 10:57:16, 10] passdb/smbpass.c:(212) getsmbfilepwent: entry invalidated for user i6070701 [2000/04/11 10:57:16, 10] passdb/smbpass.c:(212) getsmbfilepwent: entry invalidated for user i6070801 [2000/04/11 10:57:16, 5] passdb/smbpass.c:(257) getsmbfilepwent: returning passwd entry for user ifllin05$, uid 102 [2000/04/11 10:57:16, 10] passdb/passdb.c:(158) found by name: IFLLIN05$ [2000/04/11 10:57:16, 7] passdb/smbpass.c:(81) endsmbfilepwent: closed password file. [2000/04/11 10:57:16, 4] smbd/password.c:(404) Checking SMB password for user ifllin05$ [2000/04/11 10:57:16, 5] smbd/password.c:(415) use last SMBnegprot challenge [2000/04/11 10:57:16, 4] smbd/password.c:(432) smb_password_ok: Checking NT MD4 password [2000/04/11 10:57:16, 4] smbd/password.c:(436) NT MD4 password check succeeded [2000/04/11 10:57:16, 4] smbd/reply.c:(484) session_trust_account: Wksta trust account IFLLIN05$ denied by server [2000/04/11 10:57:16, 3] smbd/error.c:(126) 32 bit error packet at line 486 cmd=115 (SMBsesssetupX) eclass=c0000199 [Error: Unknown error (153,49152)] [2000/04/11 10:57:16, 5] lib/util.c:(451) size=35 smb_com=0x73 smb_rcls=153 smb_reh=1 smb_err=49152 smb_flg=136 smb_flg2=16384 [2000/04/11 10:57:16, 5] lib/util.c:(459) smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=0 [2000/04/11 10:57:16, 5] lib/util.c:(474) smb_bcc=0 [2000/04/11 10:57:16, 6] lib/util_sock.c:(557) write_socket(6,39) [2000/04/11 10:57:16, 6] lib/util_sock.c:(560) write_socket(6,39) wrote 39 [2000/04/11 10:57:16, 10] lib/util_sock.c:(468) read_socket_data: recv of 4 returned 0. Error = Error 0 [2000/04/11 10:57:16, 10] lib/util_sock.c:(651) receive_smb: length < 0! [2000/04/11 10:57:16, 3] smbd/process.c:(854) end of file from client [2000/04/11 10:57:16, 2] smbd/server.c:(408) Closing connections ... [2000/04/11 10:57:16, 6] param/loadparm.c:(1855) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Apr 11 09:53:14 2000 [2000/04/11 10:57:16, 2] smbd/server.c:(735) Changed root to / [2000/04/11 10:57:16, 3] smbd/oplock.c:(86) open_oplock_ipc: opening loopback UDP socket. [2000/04/11 10:57:16, 3] lib/util_sock.c:(865) bind succeeded on port 0 [2000/04/11 10:57:16, 3] smbd/oplock.c:(113) open_oplock ipc: pid = 1834, global_oplock_port = 2896 [2000/04/11 10:57:16, 4] lib/time.c:(110) Serverzone is -7200 [2000/04/11 10:57:16, 10] lib/util_sock.c:(599) got smb length of 68 [2000/04/11 10:57:16, 2] lib/access.c:(257) Allowed connection from ifllin05 (134.169.44.25) [2000/04/11 10:57:16, 6] smbd/process.c:(614) got message type 0x81 of len 0x44 [2000/04/11 10:57:16, 3] smbd/process.c:(615) Transaction 0 of length 72 [2000/04/11 10:57:16, 2] smbd/reply.c:(96) netbios connect: name1=IFLHP301 name2=IFLLIN05 [2000/04/11 10:57:16, 6] param/loadparm.c:(1855) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Apr 11 09:53:14 2000 [2000/04/11 10:57:16, 5] smbd/connection.c:(127) trying claim /usr/local/samba/var/locks STATUS. 100000 [2000/04/11 10:57:16, 8] lib/util.c:(2747) fcntl_lock 7 7 0 1 2 [2000/04/11 10:57:16, 8] lib/util.c:(2838) Lock call successful [2000/04/11 10:57:16, 8] lib/util.c:(2747) fcntl_lock 7 7 0 1 3 [2000/04/11 10:57:16, 8] lib/util.c:(2838) Lock call successful [2000/04/11 10:57:16, 5] smbd/reply.c:(148) init msg_type=0x81 msg_flags=0x0 [2000/04/11 10:57:16, 6] lib/util_sock.c:(557) write_socket(6,4) [2000/04/11 10:57:16, 6] lib/util_sock.c:(560) write_socket(6,4) wrote 4 [2000/04/11 10:57:16, 10] lib/util_sock.c:(599) got smb length of 170 [2000/04/11 10:57:16, 6] smbd/process.c:(614) got message type 0x0 of len 0xaa [2000/04/11 10:57:16, 3] smbd/process.c:(615) Transaction 1 of length 174 [2000/04/11 10:57:16, 5] lib/util.c:(451) size=170 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [2000/04/11 10:57:16, 5] lib/util.c:(459) smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=0 [2000/04/11 10:57:16, 5] lib/util.c:(474) smb_bcc=135 [2000/04/11 10:57:16, 10] lib/util.c:(2980) [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [2000/04/11 10:57:16, 10] lib/util.c:(2988) [010] 52 41 4D 20 31 2E 30 00 02 58 45 4E 49 58 20 43 RAM 1.0. .XENIX C [2000/04/11 10:57:16, 10] lib/util.c:(2988) [020] 4F 52 45 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E ORE..MIC ROSOFT N [2000/04/11 10:57:16, 10] lib/util.c:(2988) [030] 45 54 57 4F 52 4B 53 20 31 2E 30 33 00 02 4C 41 ETWORKS 1.03..LA [2000/04/11 10:57:16, 10] lib/util.c:(2988) [040] 4E 4D 41 4E 31 2E 30 00 02 57 69 6E 64 6F 77 73 NMAN1.0. .Windows [2000/04/11 10:57:16, 10] lib/util.c:(2988) [050] 20 66 6F 72 20 57 6F 72 6B 67 72 6F 75 70 73 20 for Wor kgroups [2000/04/11 10:57:16, 10] lib/util.c:(2988) [060] 33 2E 31 61 00 02 4C 4D 31 2E 32 58 30 30 32 00 3.1a..LM 1.2X002. [2000/04/11 10:57:16, 10] lib/util.c:(2988) [070] 02 4C 41 4E 4D 41 4E 32 2E 31 00 02 4E 54 20 4C .LANMAN2 .1..NT L [2000/04/11 10:57:16, 10] lib/util.c:(2988) [080] 4D 20 30 2E 31 32 00 M 0.12. [2000/04/11 10:57:16, 3] smbd/process.c:(448) switch message SMBnegprot (pid 1834) [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [PC NETWORK PROGRAM 1.0] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [XENIX CORE] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [MICROSOFT NETWORKS 1.03] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [LANMAN1.0] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [Windows for Workgroups 3.1a] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [LM1.2X002] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [LANMAN2.1] [2000/04/11 10:57:16, 3] smbd/negprot.c:(341) Requested protocol [NT LM 0.12] [2000/04/11 10:57:16, 6] param/loadparm.c:(1855) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Apr 11 09:53:14 2000 [2000/04/11 10:57:16, 6] param/loadparm.c:(1855) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Apr 11 09:53:14 2000 [2000/04/11 10:57:16, 3] smbd/negprot.c:(421) Selected protocol NT LM 0.12 [2000/04/11 10:57:16, 5] smbd/negprot.c:(428) negprot index=7 [2000/04/11 10:57:16, 5] lib/util.c:(451) size=84 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=1 [2000/04/11 10:57:16, 5] lib/util.c:(459) smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=17 [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[0]=7 (0x7) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[1]=12803 (0x3203) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[2]=256 (0x100) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[3]=65280 (0xFF00) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[4]=255 (0xFF) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[5]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[6]=256 (0x100) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[7]=10752 (0x2A00) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[8]=7 (0x7) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[9]=12544 (0x3100) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[10]=3 (0x3) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[11]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[12]=19774 (0x4D3E) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[13]=37871 (0x93EF) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[14]=49059 (0xBFA3) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[15]=34817 (0x8801) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[16]=2303 (0x8FF) [2000/04/11 10:57:16, 5] lib/util.c:(474) smb_bcc=15 [2000/04/11 10:57:16, 10] lib/util.c:(2980) [000] 5C 15 DE DA 64 11 62 74 49 46 4C 44 4F 4D 00 \...d.bt IFLDOM. [2000/04/11 10:57:16, 6] lib/util_sock.c:(557) write_socket(6,88) [2000/04/11 10:57:16, 6] lib/util_sock.c:(560) write_socket(6,88) wrote 88 [2000/04/11 10:57:16, 10] lib/util_sock.c:(599) got smb length of 131 [2000/04/11 10:57:16, 6] smbd/process.c:(614) got message type 0x0 of len 0x83 [2000/04/11 10:57:16, 3] smbd/process.c:(615) Transaction 2 of length 135 [2000/04/11 10:57:16, 5] lib/util.c:(451) size=131 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [2000/04/11 10:57:16, 5] lib/util.c:(459) smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=13 [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[0]=117 (0x75) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[1]=97 (0x61) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[2]=61440 (0xF000) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[3]=50 (0x32) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[4]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[5]=1834 (0x72A) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[6]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[7]=1 (0x1) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[8]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[9]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[10]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[11]=212 (0xD4) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[12]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(474) smb_bcc=36 [2000/04/11 10:57:16, 10] lib/util.c:(2980) [000] 00 00 00 57 69 6E 64 6F 77 73 20 4E 54 20 31 33 ...Windo ws NT 13 [2000/04/11 10:57:16, 10] lib/util.c:(2988) [010] 38 31 00 00 57 69 6E 64 6F 77 73 20 4E 54 20 34 81..Wind ows NT 4 [2000/04/11 10:57:16, 10] lib/util.c:(2988) [020] 2E 30 00 00 .0.. [2000/04/11 10:57:16, 3] smbd/process.c:(448) switch message SMBsesssetupX (pid 1834) [2000/04/11 10:57:16, 3] smbd/reply.c:(788) Domain=[] NativeOS=[Windows NT 1381] NativeLanMan=[] [2000/04/11 10:57:16, 3] smbd/reply.c:(793) sesssetupX:name=[] [2000/04/11 10:57:16, 6] param/loadparm.c:(1855) lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue Apr 11 09:53:14 2000 [2000/04/11 10:57:16, 3] smbd/password.c:(197) nobody is in 0 groups: [2000/04/11 10:57:16, 3] smbd/password.c:(275) uid -2 registered to name nobody [2000/04/11 10:57:16, 3] smbd/password.c:(277) Clearing default real name [2000/04/11 10:57:16, 6] smbd/reply.c:(992) Client requested max send size of 61440 [2000/04/11 10:57:16, 3] smbd/process.c:(773) Chained message [2000/04/11 10:57:16, 5] lib/util.c:(451) size=131 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=3 [2000/04/11 10:57:16, 5] lib/util.c:(459) smb_tid=0 smb_pid=51966 smb_uid=100 smb_mid=0 smt_wct=4 [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[0]=255 (0xFF) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[1]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[2]=0 (0x0) [2000/04/11 10:57:16, 5] lib/util.c:(468) smb_vwv[3]=1 (0x1) [2000/04/11 10:57:16, 5] lib/util.c:(474) smb_bcc=23 [2000/04/11 10:57:16, 10] lib/util.c:(2980) [000] 00 5C 5C 49 46 4C 48 50 33 30 31 5C 49 50 43 24 .\\IFLHP 301\IPC$ [2000/04/11 10:57:16, 10] lib/util.c:(2988) [010] 00 3F 3F 3F 3F 3F 00 .?????. [2000/04/11 10:57:16, 3] smbd/process.c:(448) switch message SMBtconX (pid 1834) [2000/04/11 10:57:16, 4] smbd/reply.c:(312) Got device type ????? [2000/04/11 10:57:16, 2] lib/access.c:(257) Allowed connection from ifllin05 (134.169.44.25) [2000/04/11 10:57:16, 3] smbd/password.c:(784) ACCEPTED: guest account and guest ok [2000/04/11 10:57:16, 3] smbd/service.c:(426) Connect path is /tmp [2000/04/11 10:57:16, 0] lib/util_sec.c:(67) Failed to set gid privileges to (-1,-2) now set to (0,0) uid=(0,0) [2000/04/11 10:57:16, 0] lib/util.c:(2456) PANIC: failed to set gid -- ------------------------------------------------------------------------------ Dr. Matthias Haupt Institut fuer Flugzeugbau und Leichtbau Technische Universitaet Braunschweig Tel.: +49 / (0) 531/391-2688 Langer Kamp 19 Fax : +49 / (0) 531/391-2695 38106 Braunschweig/Germany E-Mail: m.haupt@tu-bs.de ------------------------------------------------------------------------------ -------------- next part -------------- HTML attachment scrubbed and removed From James.Nord at cdt.luth.se Tue Apr 11 09:44:16 2000 From: James.Nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:22 2003 Subject: how to migrate from clear text to encrypted passwords. References: Message-ID: <38F2F3F0.E45D07CA@cdt.luth.se> You must be running > 2.0.0 for this, get the samba source. what you need is samba-x.x.x/source/script/mksmbpasswd.sh (seing as this is large I have attached just the mksmbpasswd.sh file from 2.0.6) Assuming you have installed in /usr/local/samba su root cd /usr/local/samba mkdir private getent passwd | /path/to/samba/src/samba-x.x.x/source/script/mksmbpasswd.sh > /usr/local/samba/private/smbpasswd chmod -R go= private -- smb.conf [Global] encrypt passwords = no update encrypted = yes After you have gathered all of your smbpasswords -- smb.conf [Global] encrypt passwords = yes And then go and turn off send unecrypted passwords on all you 9x /NT boxes. You will probably want also to do some sort of password syncing from UNIX -> Samba and Samba -> Unix but I haven't got that far yet ;-) /James "Overbey, Alfred D (Dudley), ALCOO" wrote: > > Would someone kindly point me in the direction of the documentation on > migrating from clear text passwords to encrypted passwords with in the Samba > realm? > > Thanks > Dudley > doverbey@att.com -------------- next part -------------- A non-text attachment was scrubbed... Name: mksmbpasswd.sh Type: application/x-sh Size: 205 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000411/0ed0512b/mksmbpasswd.sh From lkcl at samba.org Tue Apr 11 10:04:19 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:22 2003 Subject: [TNG] modes Message-ID: encrypt passwords = no works. all encrypt passwords = yes modes work except i haven't tested BDC or inter-domain, recently. clientgen.c can't do non-encrypted at the moment... but it _can_ talk to NT5! Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From kirk at n0tia.ampr.org Tue Apr 11 10:02:29 2000 From: kirk at n0tia.ampr.org (Kirk Wolff) Date: Tue Dec 2 02:29:22 2003 Subject: No subject Message-ID: <004b01bfa39d$0c74aff0$69115e2c@IRONY> Is there a FAQ for this mailing list? -------------- next part -------------- HTML attachment scrubbed and removed From lkcl at samba.org Tue Apr 11 10:45:25 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:22 2003 Subject: your mail In-Reply-To: <004b01bfa39d$0c74aff0$69115e2c@IRONY> Message-ID: yes, and it says please don't post html :) On Tue, 11 Apr 2000, Kirk Wolff wrote: > Is there a FAQ for this mailing list? > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From tom at ee.ucl.ac.uk Tue Apr 11 11:39:58 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:22 2003 Subject: samba-TNG smbd crashing Message-ID: <200004111139.MAA10873@picard.ee.ucl.ac.uk> Hello Luke, The changes seem to have broken the loading of profiles: Skipping become_user - already user map_create_disposition: Mapped create_disposition 1 to 1 get_filename: data_offset = 87, data_len = 72, fname_len = 72 map_share_mode: Mapped desired access 20089, share access 3, file attributes 0 to open_mode 40 unix_convert called on file "\tom\Application Data\Identities\{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}" unix_clean_name [/tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] Checking {DA32DA5B-6539-40E6-9921-E8170BC0F0BB} for 8.3 allocated file structure 412, fnum = 4508 (1 used) open_file_shared: fname = tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, share_mode = 40, ofun = 1, mode = 744, oplock request = 3 is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. unix_clean_name [tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] calling open_file with flags=0x0 flags2=0x0 mode=0744 tom opened file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} read=Yes write=No (numopen=1) is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. set_file_oplock: granted oplock on file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, dev = 2200007, inode = 610944, tv_sec = 38f30b98, tv_usec = 5210d dos_mode: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. dos_mode returning d tom closed file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} (numopen=0) freed files structure 4508 (0 used) error packet at line 898 cmd=162 (SMBntcreateX) eclass=1 ecode=5 error string = Not owner size=35 smb_com=0xa2 smb_rcls=1 smb_reh=0 smb_err=5 smb_flg=136 smb_flg2=1 smb_tid=2 smb_pid=204 The error message on the client is that it cannot open the above file. The error is access denied. smbstatus shows that the profile share is opened with uid tom. The file permissions have not changed (and indeed the file (actually a directory) has perms 755, owner tom). Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From Meerwaldt at t-online.de Tue Apr 11 13:21:51 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:22 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. In-Reply-To: Message-ID: Hi! > for share-level security? you shouldn't be affected at all. > > if you run with TNG at all and find that "security = share" doesn't work > for you at any time, bitch about it, ok? I have security = domain. And the passwords of my users must be verificated. > > thanks frederik. I hope that works (please report it), else I can't install on this machine. Regards, Freddy From ertl at emp.paed.uni-muenchen.de Tue Apr 11 14:48:36 2000 From: ertl at emp.paed.uni-muenchen.de (Bernhard Ertl) Date: Tue Dec 2 02:29:22 2003 Subject: share disappeares smbd/server.c:exit_server(408) Message-ID: <38F33B44.3BA7E59F@emp.paed.uni-muenchen.de> Hello I have a question to this list, even if I am using samba 2.0.6: Sometimes I get some strange behaviour. Some Application like to write back data to the server, but can't get any connection. The share isn't available anymore. The most parts of the client system (NT) are hanging for a while (ca 5 minutes), afterwards everything is fine. The machine log shows the exit_server(408) message, log.smb and log.nmb seem to be normal. The server itself is nearly idle (no extensive find processes or anything else) in cpu usage and load and netload. Does anyone have an idea, maybe the semantics of the exit message? -------------- next part -------------- [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5470220 [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) reiserer closed file netscape/Mail/Drafts (numopen=1) [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(355) del_share_modes Deleting share mode entry dev=3004 ino=5466114 [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5466114 [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) reiserer closed file netscape/News/fat (numopen=0) [2000/04/11 11:34:41, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:37:47, 1] smbd/service.c:make_connection(535) bommel (141.84.224.145) connect to service reiserer as user reiserer (uid=626, gid=116) (pid 27576) [2000/04/11 11:39:46, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:41:42, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:42:12, 2] smbd/server.c:exit_server(408) Closing connections From lkcl at samba.org Tue Apr 11 14:19:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:22 2003 Subject: share disappeares smbd/server.c:exit_server(408) In-Reply-To: <38F33B44.3BA7E59F@emp.paed.uni-muenchen.de> Message-ID: AH! someone else reported this happening. GIVE INFO! details. operating system arch compiler etc. On Wed, 12 Apr 2000, Bernhard Ertl wrote: > Hello > > I have a question to this list, even if I am using samba 2.0.6: > > Sometimes I get some strange behaviour. Some Application like to write > back data to the server, but can't get any connection. The share isn't > available anymore. The most parts of the client system (NT) are hanging > for a while (ca 5 minutes), afterwards everything is fine. > > The machine log shows the exit_server(408) message, log.smb and log.nmb > seem to be normal. The server itself is nearly idle (no extensive find > processes or anything else) in cpu usage and load and netload. > > Does anyone have an idea, maybe the semantics of the exit message? > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -------------- next part -------------- [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5470220 [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) reiserer closed file netscape/Mail/Drafts (numopen=1) [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(355) del_share_modes Deleting share mode entry dev=3004 ino=5466114 [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5466114 [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) reiserer closed file netscape/News/fat (numopen=0) [2000/04/11 11:34:41, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:37:47, 1] smbd/service.c:make_connection(535) bommel (141.84.224.145) connect to service reiserer as user reiserer (uid=626, gid=116) (pid 27576) [2000/04/11 11:39:46, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:41:42, 2] smbd/server.c:exit_server(408) Closing connections [2000/04/11 11:42:12, 2] smbd/server.c:exit_server(408) Closing connections From tom at ee.ucl.ac.uk Tue Apr 11 15:03:52 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:22 2003 Subject: samba-TNG smbd crashing Message-ID: <200004111503.QAA23607@picard.ee.ucl.ac.uk> Hello Luke, TNG: cvs update 1200BST 11/04/00 Sparc 64 Solaris 2.7 MAIN: cvs co 1400BST 11/04/00 Sparc 64 Solaris 2.7 I've got samba-MAIN running. It gives exactly the same problem with profile loading as TNG. It doesn't make sense to me as the profile share is local to the samba server machine, so if smbd were running as root, it could access the file and if it were running as the user, it should still ba able to access the file. Any clues?? You'll may be pleased to know that neither TNG or MAIN have crashed on me today. I should also be able to produce core files from tomorrow onwards if it does crash again. Also, I could reinstal the crashing version and get you a stack trace from it if you want. Extract from log file of MAIN: [000] 5C 74 6F 6D 5C 41 70 70 6C 69 63 61 74 69 6F 6E \tom\App lication [010] 20 44 61 74 61 5C 49 64 65 6E 74 69 74 69 65 73 Data\Id entities [020] 5C 7B 44 41 33 32 44 41 35 42 2D 36 35 33 39 2D \{DA32DA 5B-6539- [030] 34 30 45 36 2D 39 39 32 31 2D 45 38 31 37 30 42 40E6-992 1-E8170B [040] 43 30 46 30 42 42 7D 00 C0F0BB}. switch message SMBntcreateX (pid 1533) Skipping become_user - already user map_create_disposition: Mapped create_disposition 1 to 1 get_filename: data_offset = 87, data_len = 72, fname_len = 72 map_share_mode: Mapped desired access 20089, share access 3, file attributes 0 to open_mode 40 unix_convert called on file "\tom\Application Data\Identities\{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}" unix_clean_name [/tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] Checking {DA32DA5B-6539-40E6-9921-E8170BC0F0BB} for 8.3 allocated file structure 915, fnum = 5011 (1 used) open_file_shared: fname = tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, share_mode = 40, ofun = 1, mode = 744, oplock request = 3 is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. unix_clean_name [tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] calling open_file with flags=0x0 flags2=0x0 mode=0744 tom opened file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} read=Yes write=No (numopen=1) is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. set_file_oplock: granted oplock on file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, dev = 2200007, inode = 781572, tv_sec = 38f33b5c, tv_usec = 73a92 dos_mode: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} is_in_path: no name list. dos_mode returning d tom closed file tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} (numopen=0) freed files structure 5011 (0 used) error packet at line 895 cmd=162 (SMBntcreateX) eclass=1 ecode=5 error string = Not owner size=35 smb_com=0xa2 smb_rcls=1 smb_reh=0 smb_err=5 smb_flg=136 smb_flg2=1 smb_tid=1 smb_pid=204 smb_uid=102 smb_mid=45763 smt_wct=0 smb_bcc=0 write_socket(7,39) write_socket(7,39) wrote 39 ls -al of file in question: drwxr-xr-x 2 tom staff 512 Mar 6 17:56 {DA32DA5B-6539-40E6-9921-E8170BC0F0BB}/ extract from smb.conf logon script = %a.exe logon drive = m: logon home = \\sonic\homes logon path = \\sonic\profile\%username% [profile] comment = User Profiles path = /opt/samba-MAIN/profile writeable = yes Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From timothy_d_cole at md.northgrum.com Tue Apr 11 15:21:16 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:22 2003 Subject: Problems with authentification Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F4704B@xcgmd008.md.essd.northgrum.com> Could you elaborate on your configuration? e.g. are both servers in the same domain? what does your smb.conf on each look like? > -----Original Message----- > From: fricke@Team.OWL-Online.DE [SMTP:fricke@Team.OWL-Online.DE] > Sent: Monday, April 10, 2000 9:27 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Problems with authentification > > After installing a second samba-server in the same network I can?t > authentificate on this server. > I made a symlink to the smbpasswd-file of the first samba-server and the > /etc/passwd-files are the same, too. > But on NT-Boxes there is no authentification possible. > Any help outside? > -------------------------------------------------------------------------- > ------------------------ > Mit freundlichen Gr??en > > Cord-H. Fricke > Fon: 0 52 1 / 52 51-133 > Fax: 0 52 1 / 52 51-115 > > ..keep on headbangin? , that rocks!!! From ertl at emp.paed.uni-muenchen.de Tue Apr 11 16:09:28 2000 From: ertl at emp.paed.uni-muenchen.de (Bernhard Ertl) Date: Tue Dec 2 02:29:22 2003 Subject: share disappeares smbd/server.c:exit_server(408) References: Message-ID: <38F34E38.CF61EC61@emp.paed.uni-muenchen.de> > AH! someone else reported this happening. GIVE INFO! details. > operating system arch compiler etc. The operating system is linux, SuSE 6.4 distribution, kernel 2.2.14 (but it also appeared with the old version 6.2 and Kernel 2.2.?) I used the sources from the samba site, dated on November ~11th (directly after the information about the new release came across this list.) As I think it was not available as bindist, i suppose I have compiled it myself with gcc and glibc2. (I have to do some research about the version, because we just have run a server update). The system runs on a dual PIII system with a mylex raid controller and two ethernet interfaces, serving around 50 clients as login- wins- and fileserver. The problem occurrs if * there are find processes on the hdd (understandeable) * someone publishes a big Frontpage web located on the server (also understandeable) +++ but also in situations where everything seems to be idle +++ (even if it is not too fine that the shares get problems while some finds run) Situation: Netscape tries to write it$ history file on the server, but this operation fails. Then no network drives are available anymore. I am monitoring the server, but nothing is going on Processes, etc. and the workstation and the server are connected via 100 MB, both located on the same TP switch (and there also seems not to bee too much traffic. In another special segment of the network the fail rate increases, but this might because they hace to acces the server via an 10 MB router with sometimes heavy traffic, I suppose. I could imagine this problem is related to some kind of timeouts, but I am not sure. The question is: if the connection is broken and I try to open it via the explorer, why does it need such a long time to reopen it. I just checked it, this message apppeared in several logfiles, nearly all 2 to 10 minutes (during office hours, of course), but it isn't that there would be a server-crash, the possibility that there are two or more exits at the same is estimated < 1%. On the old server with 2.0.5 the problem didn't exist (there only were the exit codes 406 and 431). Enough? If you need some more logs, config files or anything else, please ask for them Be > > > On Wed, 12 Apr 2000, Bernhard Ertl wrote: > > > Hello > > > > I have a question to this list, even if I am using samba 2.0.6: > > > > Sometimes I get some strange behaviour. Some Application like to write > > back data to the server, but can't get any connection. The share isn't > > available anymore. The most parts of the client system (NT) are hanging > > for a while (ca 5 minutes), afterwards everything is fine. > > > > The machine log shows the exit_server(408) message, log.smb and log.nmb > > seem to be normal. The server itself is nearly idle (no extensive find > > processes or anything else) in cpu usage and load and netload. > > > > Does anyone have an idea, maybe the semantics of the exit message? > > > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > ------------------------------------------------------------------------ > [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) > del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5470220 > [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) > reiserer closed file netscape/Mail/Drafts (numopen=1) > [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(355) > del_share_modes Deleting share mode entry dev=3004 ino=5466114 > [2000/04/11 11:33:14, 2] locking/locking_shm.c:shm_del_share_mode(376) > del_share_modes num entries = 0, deleting share_mode dev=3004 ino=5466114 > [2000/04/11 11:33:14, 2] smbd/close.c:close_normal_file(165) > reiserer closed file netscape/News/fat (numopen=0) > [2000/04/11 11:34:41, 2] smbd/server.c:exit_server(408) > Closing connections > [2000/04/11 11:37:47, 1] smbd/service.c:make_connection(535) > bommel (141.84.224.145) connect to service reiserer as user reiserer (uid=626, gid=116) (pid 27576) > [2000/04/11 11:39:46, 2] smbd/server.c:exit_server(408) > Closing connections > [2000/04/11 11:41:42, 2] smbd/server.c:exit_server(408) > Closing connections > [2000/04/11 11:42:12, 2] smbd/server.c:exit_server(408) > Closing connections From Olivier.Brousselle at univ-lehavre.fr Tue Apr 11 15:27:53 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:22 2003 Subject: [TNG 2.3] smbpasswd crash Message-ID: <38F34479.439229A2@univ-lehavre.fr> hi, I have problem with smbpasswd. It make a segmentation fault. System : Slackware 7.0 on a PC Samba : TNG 2.3 Gcc : egcs 2.91.66 Any hints ? From tkollar at lerc.nasa.gov Tue Apr 11 15:50:51 2000 From: tkollar at lerc.nasa.gov (Tad Kollar) Date: Tue Dec 2 02:29:22 2003 Subject: [TNG 2.3] smbpasswd crash References: <38F34479.439229A2@univ-lehavre.fr> Message-ID: <38F349DB.984F8036@lerc.nasa.gov> I saw this a little while back (TNG 1.7 or so) when I had my username map delimited with equal signs... changing to spaces fixed it... Olivier Brousselle wrote: > hi, > > I have problem with smbpasswd. It make a segmentation fault. > > System : Slackware 7.0 on a PC > Samba : TNG 2.3 > Gcc : egcs 2.91.66 > > Any hints ? From Hans.Groschwitz at telekom.de Tue Apr 11 15:56:31 2000 From: Hans.Groschwitz at telekom.de (Groschwitz, Hans) Date: Tue Dec 2 02:29:22 2003 Subject: Making root a "Domain Admin" on a Samba TNG 2.2 as PDC Message-ID: <5FC5AB326FBFD211A0920800060D9A9F47EAB5@U8P16> Hi there, perhaps these are some newby question. All the same: How can I make root (remapped to Administrator using "domain user map=") my domain admin? Via "domain group map=" I have remapped system="Domain Admins" (system is gid=0). Checking testparm output I found that there are new switches, not mentioned in man smb.conf: "sam directory =" which is preset to /usr/local/samba/sam. This directory does not ex. Should it be /usr/local/samba/var/locks instead, where the tdb files reside? "builtin user map=" "builtin group map=" "builtin rid file=" and does anyone know the format of those files and the values of the RIDs ? Thank you for any help Hans From trevor at steinmetznet.com Tue Apr 11 16:06:17 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:22 2003 Subject: Group map files Message-ID: <38F34D78.5D0F1A0B@steinmetznet.com> Hello, This is starting to really drive me nuts. I have been downloading and compileing the TNG branch since about 0.4 and most recently 2.2. Everytime I hope it will solve the problem I am having and it doesn't. I can only conclude that I am doing something wrong. When I restart Samba (or start it) I get a message in my log that the commands domain user map, domain group map, and local group map are unknown and being ignored. I can only log into the doamin as a guest, and my user manager is some kinda screwed up right now, because of the weird info it is getting from Samba. Since no one else is reporting this problem, I have to assume it is not a bug (as I first thought). Right now we are running TNG 2.2 on a SuSE Linux 6.1 Intel box. I am includeing the relavent parts of smb.conf, and log.smb. smb.conf # Unix users can map to different SMB User names domain user map = /etc/smbusers local group map = /etc/smbgroupmap domain group map = /etc/smbgroup ; domain admin group = wheel ; domain admin users = trevor rootnt ; admin users = trevor rootnt log.smb [2000/04/11 08:11:24, 1] smbd/server.c:main(614) smbd version 2.0.3 started. Copyright Andrew Tridgell 1992-1998 [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) Unknown parameter encountered: "domain user map" [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) Ignoring unknown parameter "domain user map" [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) Unknown parameter encountered: "local group map" [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) Ignoring unknown parameter "local group map" [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) Unknown parameter encountered: "domain group map" [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) Ignoring unknown parameter "domain group map" -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From hulet at ittc.ukans.edu Tue Apr 11 16:25:28 2000 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:29:22 2003 Subject: Group map files In-Reply-To: <38F34D78.5D0F1A0B@steinmetznet.com> Message-ID: > [2000/04/11 08:11:24, 1] smbd/server.c:main(614) > smbd version 2.0.3 started. It doesn't look like you are running tng code otherwise your smbd version should be TNG-alpha. It looks like you are messing with 2.0.7 code and tng alpha. Install the TNG code in a unique directory and try again. These parameters are TNG parameters: domain user map = /etc/smbusers local group map = /etc/smbgroupmap domain group map = /etc/smbgroup Michael Hulet Network System Administrator ITTC, University of Kansas On Wed, 12 Apr 2000, Trevor Antczak wrote: > Hello, > > This is starting to really drive me nuts. I have been downloading and > compileing the TNG branch since about 0.4 and most recently 2.2. > Everytime I hope it will solve the problem I am having and it doesn't. > I can only conclude that I am doing something wrong. When I restart > Samba (or start it) I get a message in my log that the commands domain > user map, domain group map, and local group map are unknown and being > ignored. I can only log into the doamin as a guest, and my user manager > is some kinda screwed up right now, because of the weird info it is > getting from Samba. Since no one else is reporting this problem, I have > to assume it is not a bug (as I first thought). Right now we are > running TNG 2.2 on a SuSE Linux 6.1 Intel box. I am includeing the > relavent parts of smb.conf, and log.smb. > > smb.conf > > # Unix users can map to different SMB User names > domain user map = /etc/smbusers > local group map = /etc/smbgroupmap > domain group map = /etc/smbgroup > ; domain admin group = wheel > ; domain admin users = trevor rootnt > ; admin users = trevor rootnt > > > log.smb > > [2000/04/11 08:11:24, 1] smbd/server.c:main(614) > smbd version 2.0.3 started. > Copyright Andrew Tridgell 1992-1998 > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "domain user map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "domain user map" > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "local group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "local group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "domain group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "domain group map" > > > -- > Thank you, > Trevor Antczak > Technology Manager > Steinmetz & Associates > > From healer at monet.fh-friedberg.de Mon Apr 10 18:21:00 2000 From: healer at monet.fh-friedberg.de (Andreas Grimmel) Date: Tue Dec 2 02:29:22 2003 Subject: How do I configure TNG x.x ? Message-ID: <38F21B8C.F43ED9FC@monet.fh-friedberg.de> Hi everybody, I'm new to Samba-TNG (I was using 2.0.6 before) and I already (WOW! :-) ) found out that smbpasswd -a -m has been replaced by samedit createuser. So I tried to set up my first domain user by typing "samedit -S seniormember", and I got the following message running TNG 2.2 (same with 1.9): Server: \\SENIORMEMBER: User: ROOT Domain: Connection: socket connect to /tmp/.smb.0/agent failed: Connection refused error connecting to 192.168.77.5:445 (Connection refused) failed session setup cli_net_use_add: connection failed FAILED where 192.168.77.5 is the correct IP of my TNG Server. Why does it not show my domain name in the header line, and what is the right way to get Samba to work ? (I started EVERY daemon in the sbin directory, I hope this was OK) Is there a howto or another helpfile where I can get general informations about setting up TNG and doing things like create users, create machine accounts,etc etc. ? Please help me, I tried the whole night to get things to work, and I'm not far away from getting a heartache ;-)) thanks in advance, Andreas Grimmel System Administrator, Additive GmbH Germany From ggeorge at digisolv.com Tue Apr 11 18:30:46 2000 From: ggeorge at digisolv.com (Gerry George) Date: Tue Dec 2 02:29:22 2003 Subject: Issues with SAMBA install Message-ID: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> I just completed installing a SAMBA "PDC" serving a number of Win9x clients. I am using encrypted passwords, and Domain logons. Works well on Red Hat Linux 6.0. Still tweaking, though. My install was based on the documentation from the online version of O'Reily's Samba book (at http://us3.samba.org/samba/oreilly/samba) and the Samba - Integrating Unix & Windows, plus the online docs. I did come across some issues not mentioned in any of the docs. I thought I should mention it here for those who may come across it and not be stumped as I was. I am using DHCP to serve IP addresses to the clients. Initial connections were failing. The logs stated that the "gethostbydomain" (I think) failed. As such, I needed to create entries for all my clients in my DNS. I used generic ws-100 thru to ws-200, my range of IP's and also create reverse records for those. It down not seem critical to have the correct workgroup name in the "Logon to Domain" section of Win9x Microsoft Client networking. Mine seems to work regardless. My login script was apparently not having any effect. Turned out that my first mapping, to drive "z" was disconnecting the "netlogon" share and the "batch file not found" error was being returned. Solution - do not use a "Z" drive mapping. I have two interfaces on my server. when I use the "interfaces" keyword, clients cannot connect. Dunno why. In the "hosts allow" section, the networks are specified as 192.168.201. as opposed to the 192.168.201.0/24 (as specified in the docs). I am trying to set some environment variables in my login script. It does not work. (I know this is not a SAMBA issue, but someone may have experienced and solved it) I am using a single/global login script in [netlogon] Also, how do I launch a windows app (winpopup, e-mail client) minimized? On occasion, my SAMBA did not initialize as a domain master. There is some conversation between its two interfaces, one complaining that the packet was from ourself and the broadcast name is ours. A shutdown-long pause-restart took care of it. smbclient would now show the domain master and clients can connect. Altogether, I am thrilled and pleased with SAMBA - thanks to all of the developers and all those on the mailing lists whose issues serve to enlighten me further. Suggestions and other questions: Can one create a share for a specific user or group **which is only visible to that group**? I would like to create a share of the entire file system accesible *only* to the admin group to allow for easy transfer of system files, since my server is not easily accessible. However, I do not want it to be visible to all users even though they do not have access to it. I realized that the smbd process is dynamically reading the smb file. some changes are automatically updated once the file is saved. - I must have missed this from the docs. Suggestion: could someone suggest minimum permissions desirable and file/directory create modes on the files and directories for the "system" shares for a reasonably secure system. e.g. netlogon, profiles, homes, etc. I eventually figured it out, but some time could have been saved. I am not near the system now, so I can't post what i configured. I may do so later. Is there an X-client for SMB to allow one to browse and use SMB shares from within X? Altogether, thanks again. I am looking at another 3-4 SAMBA installs in the very near future. HW: P-III 600, 128MB, dual 9GB IBM 72000RPM drives (for s/w RAID), 2 ethernets, possible third for a link into an enterprise WAN., RedHat 6.0, SAMBA 2.0.3-8 (downloaded but not yet upgraded to 2.0.6). Approx 20 - 30 clients Gerry George Gerry E. George Information Technology Specialist, DigiSolv, Inc. http://www.digisolv.com .. From lisa at hermes.ewlab.usna.edu Tue Apr 11 18:34:37 2000 From: lisa at hermes.ewlab.usna.edu (Lisa Becktold {CADIG STAFF}) Date: Tue Dec 2 02:29:22 2003 Subject: make install/codepage segmentation Message-ID: <200004111834.OAA03743@leto15.usna.navy.mil> Thanks to Michael Glauche, Tom Crummey, and Luke Kenneth Casson Leighton for their responses. I did download both samba-tng-alpha-2.2 and samba-tng-alpha-2.3. Configure and make ran fine (although I saw a few warnings when I ran make). But again, when I ran "make install", the library and binary installation ran o.k., but the codepage installation bombed out! I tacked the "make install" output onto the end of this message.... Tom, you asked what version of gcc I was using, and whether I'm running a 32-bit or a 64-bit kernel. I'm using gcc 2.8.1, and I'm running a 64-bit kernel (On a Sun Enterprise 2, Solaris 2.7). These are the steps I'm using: Download latest samba-tng-alpha code ftp://samba.org/pub/samba/alpha/samba-tng-alpha.2.2.tar.gz Gunzip, untar samba-tng-alpha.2.2.tar.gz - it creates the directory samba-tng-alpha.2.2 Make a directory for the compiled code, libraries, etc. mkdir /usr/samba-tng-2.2 Run "configure" cd samba-tng-alpha.2.2/source ./configure --prefix=/usr/samba-tng-2.2 Run "make" Run "make install" Do you see any problems with the above? I'm trying to compile samba-tng-alpha-2.2 on a Sparc 20 (32-bit kernel) using the SUNWspro C compiler, but I don't think the compiled code will be too reliable (if it actually finishes compiling). I see lots of these messages: "warning: argument #x is incompatible with prototype" "rpc_parse/parse_lsa.c", line 470: warning: statement not reached" If you have any ideas, please let me know - I'd really like to get this version of Samba up and running. Here's "make install" output for samba-tng-alpha-2.2: ========================================================================= # make install Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLOGFILEBASE="/usr/usna/samba-tng-2.2/var" -DSMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.smb" -DNMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.nmb" -DCONFIGFILE="/usr/usna/samba-tng-2.2/lib/smb.conf" -DLMHOSTSFILE="/usr/usna/samba-tng-2.2/lib/lmhosts" -DSWATDIR="/usr/usna/samba-tng-2.2/swat" -DSBINDIR="/usr/usna/samba-tng-2.2/sbin" -DLOCKDIR="/usr/usna/samba-tng-2.2/var/locks" -DSMBRUN="/usr/usna/samba-tng-2.2/bin/smbrun" -DCODEPAGEDIR="/usr/usna/samba-tng-2.2/lib/codepages" -DDRIVERFILE="/usr/usna/samba-tng-2.2/lib/printers.def" -DBINDIR="/usr/usna/samba-tng-2.2/bin" -DFORMSFILE="/usr/usna/samba-tng-2.2/lib/ntforms.def" -DNTDRIVERSDIR="/usr/usna/samba-tng-2.2/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/usr/usna/samba-tng-2.2/bin/smbpasswd" -DSMB_PASSWD_FILE="/usr/usna/samba-tng-2.2/private/smbpasswd" -DSAM_DIR="/usr/usna/samba-tng-2.2/sam" -DSMB_PASSGRP_FILE="/usr/usna/samba-tng-2.2/private/smbpassgrp" -DSMB_GROUP_FILE="/usr/usna/samba-tng-2.2/private/smbgroup" -DSMB_ALIAS_FILE="/usr/usna/samba-tng-2.2/private/smbalias" Using LIBS = -lsec -lgen -lsocket -lnsl -ldl Installing bin/libmsrpc.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmb.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libnmb.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsamba.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libubiqx.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsamrpass.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsurs.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/smbclient in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/testparm in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/testprns in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbrun in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbstatus in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/rpcclient in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbpasswd in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_smbcodepage in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_unicodemap in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/regedit in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/samedit in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/net in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/svccontrol in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/cmdat in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/ntspool in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/nmblookup in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_printerdef in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/lsarpcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/svcctld in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/spoolssd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/samrd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/srvsvcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/wkssvcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/browserd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/netlogond in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/winregd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/nmbd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/swat in /usr/usna/samba-tng-2.2/sbin using libtool Installing man pages in /usr/usna/samba-tng-2.2/man ====================================================================== The man pages have been installed. You may uninstall them using the command the command "make uninstallman" or make "uninstall" to uninstall binaries, man pages and shell scripts. ====================================================================== Installing scripts in /usr/usna/samba-tng-2.2/bin ====================================================================== The scripts have been installed. You may uninstall them using the command "make uninstallscripts" or "make install" to install binaries, man pages and shell scripts. You may recover the previous version (if any by "make revert". ====================================================================== Installing codepage files in /usr/usna/samba-tng-2.2/lib/codepages Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.437 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.437 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.737 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.737 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.775 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.775 /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CP775.TXT. Error was No such file or directory Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.850 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.850 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.852 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.852 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.861 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.861 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.932 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.932 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.866 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.866 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.949 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.949 Illegal Instruction - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.950 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.950 Illegal Instruction - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.936 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.936 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.1251 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.1251 /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CP1251.TXT. Error was No such file or directory Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-1 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-1 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-1 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-2 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-2 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-2 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-5 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-5 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-5 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-7 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-7 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-7 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.KOI-R /usr/usna/samba-tng-2.2/bin/make_smbcodepage: KOI-R is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.KOI-R /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CPKOI-R.TXT. Error was No such file or directory ====================================================================== The code pages have been installed. You may uninstall them using the command "make uninstallcp" or make "uninstall" to uninstall binaries, man pages, shell scripts and code pages. ====================================================================== Installing SWAT in /usr/usna/samba-tng-2.2/swat Installing the Samba Web Admisistration Tool /usr/usna/samba-tng-2.2/swat/images/globals.gif /usr/usna/samba-tng-2.2/swat/images/home.gif /usr/usna/samba-tng-2.2/swat/images/passwd.gif /usr/usna/samba-tng-2.2/swat/images/printers.gif /usr/usna/samba-tng-2.2/swat/images/samba.gif /usr/usna/samba-tng-2.2/swat/images/shares.gif /usr/usna/samba-tng-2.2/swat/images/status.gif /usr/usna/samba-tng-2.2/swat/images/viewconfig.gif /usr/usna/samba-tng-2.2/swat/help/welcome.html /usr/usna/samba-tng-2.2/swat/help/DOMAIN_MEMBER.html /usr/usna/samba-tng-2.2/swat/help/LDAP.html /usr/usna/samba-tng-2.2/swat/help/debug2html.1.html /usr/usna/samba-tng-2.2/swat/help/lmhosts.5.html /usr/usna/samba-tng-2.2/swat/help/make_smbcodepage.1.html /usr/usna/samba-tng-2.2/swat/help/nmbd.8.html /usr/usna/samba-tng-2.2/swat/help/nmblookup.1.html /usr/usna/samba-tng-2.2/swat/help/rpcclient.1.html /usr/usna/samba-tng-2.2/swat/help/samba.7.html /usr/usna/samba-tng-2.2/swat/help/smb.conf.5.html /usr/usna/samba-tng-2.2/swat/help/smbclient.1.html /usr/usna/samba-tng-2.2/swat/help/smbd.8.html /usr/usna/samba-tng-2.2/swat/help/smbpasswd.5.html /usr/usna/samba-tng-2.2/swat/help/smbpasswd.8.html /usr/usna/samba-tng-2.2/swat/help/smbrun.1.html /usr/usna/samba-tng-2.2/swat/help/smbstatus.1.html /usr/usna/samba-tng-2.2/swat/help/smbtar.1.html /usr/usna/samba-tng-2.2/swat/help/swat.8.html /usr/usna/samba-tng-2.2/swat/help/testparm.1.html /usr/usna/samba-tng-2.2/swat/help/testprns.1.html /usr/usna/samba-tng-2.2/swat/include/footer.html /usr/usna/samba-tng-2.2/swat/include/header.html ====================================================================== The SWAT files have been installed. Remember to read the swat/README for information on enabling and using SWAT ====================================================================== ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 From mg at plum.de Wed Apr 12 18:40:19 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:22 2003 Subject: How do I configure TNG x.x ? References: <38F21B8C.F43ED9FC@monet.fh-friedberg.de> Message-ID: <38F4C313.97CB930F@plum.de> Andreas Grimmel wrote: > > Hi everybody, > > I'm new to Samba-TNG (I was using 2.0.6 before) and I already (WOW! :-) > ) found out that smbpasswd -a -m has been replaced by samedit > createuser. > So I tried to set up my first domain user by typing "samedit -S > seniormember", and I got the following message running TNG 2.2 (same > with 1.9): > > Server: \\SENIORMEMBER: User: ROOT Domain: > Connection: socket connect to /tmp/.smb.0/agent failed: Connection > refused this is normal > error connecting to 192.168.77.5:445 (Connection refused) that is also normal ;) > failed session setup > cli_net_use_add: connection failed > FAILED Hmm .. that one is strange .. Can you try "samedit -S ." on the server ? in samedit you can also try "ntlogin" to simulate a NT machine login request, and see if it works. Regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From ksmelser at uindy.edu Tue Apr 11 20:21:45 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:22 2003 Subject: ...continued samedit issues Message-ID: <38F38959.64B31E11@uindy.edu> After: ./samedit -S . -U root [root@.] createuser somename or [root@.] createuser somemachine$ I get: socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused socket connet to /opt/samba-tng/var/locks/.msrpc/samr failed: Connection refused ncalrpm_l_establish_connection: failed samr) ncalrpc_l_use_add: connection failed please use 'lsaquery' first to acertain the SID Can anyone offer any assistance on this? The daemons are started and all appears to be well, but this is what I get when I attempt to add users with samedit. K. From kevinc at grainsystems.com Tue Apr 11 21:12:58 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:23 2003 Subject: Issues with SAMBA install References: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> Message-ID: <38F3955A.22FF0CD1@grainsystems.com> I can't answer all your questions, but I thought I'd hit a few. Gerry George wrote: > > I am trying to set some environment variables in my login script. > It does not work. (I know this is not a SAMBA issue, but someone > may have experienced and solved it) Yes, this is really a DOS batch file question. Setting environment variables in batch files is weird and tricky. The best thing I ever did though, was get a replacement for the DOS "set" command. "ASET" is a wonderful free one I found that has some good documentation on this. > Can one create a share for a specific user or group **which is > only visible to that group**? How about hidden shares? (e.g. "\\MACHINE\SHARENAME$") > Is there an X-client for SMB to allow one to browse and use > SMB shares from within X? Not quite. If you're running Linux, mount the shares in question and simply use your favorite X file manager. - Kevin Colby kevinc@grainsystems.com From swaters at amicus.com Tue Apr 11 21:23:21 2000 From: swaters at amicus.com (Stephen Waters) Date: Tue Dec 2 02:29:23 2003 Subject: Issues with SAMBA install References: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> <38F3955A.22FF0CD1@grainsystems.com> Message-ID: <38F397C9.3060705@amicus.com> > > Is there an X-client for SMB to allow one to browse and use > > SMB shares from within X? http://freshmeat.net/search.php3?query=gnomba From healer at monet.fh-friedberg.de Mon Apr 10 23:13:53 2000 From: healer at monet.fh-friedberg.de (Andreas Grimmel) Date: Tue Dec 2 02:29:23 2003 Subject: How do I configure TNG x.x ? References: <38F21B8C.F43ED9FC@monet.fh-friedberg.de> <38F4C313.97CB930F@plum.de> Message-ID: <38F26031.7B687858@monet.fh-friedberg.de> Michael Glauche schrieb: > Andreas Grimmel wrote: > > > > Hi everybody, > > > > I'm new to Samba-TNG (I was using 2.0.6 before) and I already (WOW! :-) > > ) found out that smbpasswd -a -m has been replaced by samedit > > createuser. > > So I tried to set up my first domain user by typing "samedit -S > > seniormember", and I got the following message running TNG 2.2 (same > > with 1.9): > > > > Server: \\SENIORMEMBER: User: ROOT Domain: > > Connection: socket connect to /tmp/.smb.0/agent failed: Connection > > refused > > this is normal > > > error connecting to 192.168.77.5:445 (Connection refused) > > that is also normal ;) > > > failed session setup > > cli_net_use_add: connection failed > > FAILED > > Hmm .. that one is strange .. > > Can you try "samedit -S ." on the server ? > > in samedit you can also try "ntlogin" to simulate a NT machine login > request, > and see if it works. > > Regards, > Michael > > -- > Samba Information HQ (in german) > http://www.sambahq.de/ Hi Michael, Thanks for the tip with "samedit -S .", that one works better (don't know why but that's the more unimportant thing at the moment). But still got problems with createuser (by the way: am I just too blind to see or can't i try ntlogin when no user/machine account exists, because that fails at the moment?), this is what I get when I try to set up a new user: [ROOT@.]$ createuser healer createuser healer socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: DB-TEST Name: healer ACB: [U ] socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: FAILED thanks a lot again... :-) Andreas From lkcl at samba.org Wed Apr 12 02:19:23 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: samba-TNG smbd crashing In-Reply-To: <200004111503.QAA23607@picard.ee.ucl.ac.uk> Message-ID: On Tue, 11 Apr 2000, Tom Crummey wrote: > Hello Luke, > > TNG: cvs update 1200BST 11/04/00 Sparc 64 Solaris 2.7 > MAIN: cvs co 1400BST 11/04/00 Sparc 64 Solaris 2.7 > > > I've got samba-MAIN running. It gives exactly the same problem with > profile loading as TNG. good. > It doesn't make sense to me as the profile share is local to the samba > server machine, so if smbd were running as root, it could access the > file and if it were running as the user, it should still ba able to > access the file. Any clues?? no, but i will run it by andrew. if we can't repro it here, we may need your entire profile directory :) > You'll may be pleased to know that neither TNG or MAIN have crashed > on me today. > > I should also be able to produce core files from tomorrow onwards if > it does crash again. Also, I could reinstal the crashing version and > get you a stack trace from it if you want. that's ok, that was last decade's code... > Extract from log file of MAIN: > > [000] 5C 74 6F 6D 5C 41 70 70 6C 69 63 61 74 69 6F 6E \tom\App lication > [010] 20 44 61 74 61 5C 49 64 65 6E 74 69 74 69 65 73 Data\Id entities > [020] 5C 7B 44 41 33 32 44 41 35 42 2D 36 35 33 39 2D \{DA32DA 5B-6539- > [030] 34 30 45 36 2D 39 39 32 31 2D 45 38 31 37 30 42 40E6-992 1-E8170B > [040] 43 30 46 30 42 42 7D 00 C0F0BB}. > switch message SMBntcreateX (pid 1533) > Skipping become_user - already user > map_create_disposition: Mapped create_disposition 1 to 1 > get_filename: data_offset = 87, data_len = 72, fname_len = 72 > map_share_mode: Mapped desired access 20089, share access 3, file attributes 0 > to open_mode 40 > unix_convert called on file "\tom\Application > Data\Identities\{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}" > unix_clean_name [/tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] > Checking {DA32DA5B-6539-40E6-9921-E8170BC0F0BB} for 8.3 > allocated file structure 915, fnum = 5011 (1 used) > open_file_shared: fname = tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, share_mode = 40, ofun = > 1, mode = 744, oplock request = 3 > is_in_path: tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} > is_in_path: no name list. > unix_clean_name [tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}] > calling open_file with flags=0x0 flags2=0x0 mode=0744 > tom opened file tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} read=Yes write=No > (numopen=1) > is_in_path: tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} > is_in_path: no name list. > set_file_oplock: granted oplock on file tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB}, dev = 2200007, inode = > 781572, tv_sec = 38f33b5c, tv_usec = 73a92 > dos_mode: tom/Application Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} > is_in_path: tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} > is_in_path: no name list. > dos_mode returning d > tom closed file tom/Application > Data/Identities/{DA32DA5B-6539-40E6-9921-E8170BC0F0BB} (numopen=0) > freed files structure 5011 (0 used) > error packet at line 895 cmd=162 (SMBntcreateX) eclass=1 ecode=5 > error string = Not owner > size=35 > smb_com=0xa2 > smb_rcls=1 > smb_reh=0 > smb_err=5 > smb_flg=136 > smb_flg2=1 > smb_tid=1 > smb_pid=204 > smb_uid=102 > smb_mid=45763 > smt_wct=0 > smb_bcc=0 > write_socket(7,39) > write_socket(7,39) wrote 39 > > ls -al of file in question: > > drwxr-xr-x 2 tom staff 512 Mar 6 17:56 > {DA32DA5B-6539-40E6-9921-E8170BC0F0BB}/ > > extract from smb.conf > > logon script = %a.exe > logon drive = m: > logon home = \\sonic\homes > logon path = \\sonic\profile\%username% > [profile] > comment = User Profiles > path = /opt/samba-MAIN/profile > writeable = yes > > Tom. > > ---------------------------------------------------------------------------- > Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > University College London, TEL: +44 (0)20 7679 3898 > Torrington Place, FAX: +44 (0)20 7388 9325 > London, UK, WC1E 7JE. > ---------------------------------------------------------------------------- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 12 02:23:15 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: share disappeares smbd/server.c:exit_server(408) In-Reply-To: <38F34E38.CF61EC61@emp.paed.uni-muenchen.de> Message-ID: On Wed, 12 Apr 2000, Bernhard Ertl wrote: > > AH! someone else reported this happening. GIVE INFO! details. > > > operating system arch compiler etc. > > The operating system is linux, SuSE 6.4 distribution, kernel 2.2.14 (but it also appeared with the old > version 6.2 and Kernel 2.2.?) I used the sources from the samba site, dated on November ~11th (directly > after the information about the new release came across this list.) As I think it was not available as > bindist, i suppose I have compiled it myself with gcc and glibc2. (I have to do some research about the > version, because we just have run a server update). > > The system runs on a dual PIII system with a mylex raid controller and two ethernet interfaces, serving > around 50 clients as login- wins- and fileserver. > > The problem occurrs if > * there are find processes on the hdd (understandeable) > * someone publishes a big Frontpage web located on the server (also understandeable) bernhard, thank you very much, because someone else reported a similar problem, you see. From lkcl at samba.org Wed Apr 12 02:25:52 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: Group map files In-Reply-To: <38F34D78.5D0F1A0B@steinmetznet.com> Message-ID: On Wed, 12 Apr 2000, Trevor Antczak wrote: > Hello, > > This is starting to really drive me nuts. I have been downloading and > compileing the TNG branch since about 0.4 and most recently 2.2. > Everytime I hope it will solve the problem I am having and it doesn't. > I can only conclude that I am doing something wrong. When I restart > Samba (or start it) I get a message in my log that the commands domain > user map, domain group map, and local group map are unknown and being > ignored. that says you are not running with TNG. check your entire system (find / -name smbd -print) for samba daemons. > I can only log into the doamin as a guest, and my user manager > is some kinda screwed up right now, because of the weird info it is > getting from Samba. Since no one else is reporting this problem, I have > to assume it is not a bug (as I first thought). well, it may well be. there is still the issue where identical names in /etc/passwd and /etc/group cause recursion problems. > smb.conf > > # Unix users can map to different SMB User names > domain user map = /etc/smbusers > local group map = /etc/smbgroupmap > domain group map = /etc/smbgroup > ; domain admin group = wheel > ; domain admin users = trevor rootnt > ; admin users = trevor rootnt > > > log.smb > > [2000/04/11 08:11:24, 1] smbd/server.c:main(614) > smbd version 2.0.3 started. > Copyright Andrew Tridgell 1992-1998 > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "domain user map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "domain user map" > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "local group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "local group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > Unknown parameter encountered: "domain group map" > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > Ignoring unknown parameter "domain group map" > > > -- > Thank you, > Trevor Antczak > Technology Manager > Steinmetz & Associates > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 12 02:26:22 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: Group map files In-Reply-To: <38F34D78.5D0F1A0B@steinmetznet.com> Message-ID: > [2000/04/11 08:11:24, 1] smbd/server.c:main(614) > smbd version 2.0.3 started. ^^^^^ From lkcl at samba.org Wed Apr 12 02:34:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: Issues with SAMBA install In-Reply-To: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> Message-ID: > I am using DHCP to serve IP addresses to the clients. Initial connections > were failing. The logs stated that the "gethostbydomain" (I think) > failed. As such, I needed to create entries for all my clients in my > DNS. I used generic ws-100 thru to ws-200, my range of IP's and also > create reverse records for those. use the "wins hook" script option. run bind 8.something (the dynamic one). run a script to add NetBIOS names to your bind daemon. From lkcl at samba.org Wed Apr 12 02:36:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: make install/codepage segmentation In-Reply-To: <200004111834.OAA03743@leto15.usna.navy.mil> Message-ID: can someone take a look at this, i cut make_codepage over from cvs main, thx. On Wed, 12 Apr 2000, Lisa Becktold {CADIG STAFF} wrote: > Thanks to Michael Glauche, Tom Crummey, and Luke Kenneth Casson Leighton > for their responses. > > I did download both samba-tng-alpha-2.2 and samba-tng-alpha-2.3. Configure > and make ran fine (although I saw a few warnings when I ran make). > But again, when I ran "make install", the library and binary installation > ran o.k., but the codepage installation bombed out! > > I tacked the "make install" output onto the end of this message.... > > Tom, you asked what version of gcc I was using, and whether I'm running > a 32-bit or a 64-bit kernel. I'm using gcc 2.8.1, and I'm running > a 64-bit kernel (On a Sun Enterprise 2, Solaris 2.7). > > These are the steps I'm using: > > Download latest samba-tng-alpha code > ftp://samba.org/pub/samba/alpha/samba-tng-alpha.2.2.tar.gz > > Gunzip, untar samba-tng-alpha.2.2.tar.gz - it creates the directory > samba-tng-alpha.2.2 > > Make a directory for the compiled code, libraries, etc. > mkdir /usr/samba-tng-2.2 > > Run "configure" > cd samba-tng-alpha.2.2/source > ./configure --prefix=/usr/samba-tng-2.2 > > Run "make" > > Run "make install" > > > Do you see any problems with the above? > > I'm trying to compile samba-tng-alpha-2.2 on a Sparc 20 (32-bit kernel) > using the SUNWspro C compiler, but I don't think the compiled code will > be too reliable (if it actually finishes compiling). I see lots of > these messages: > > "warning: argument #x is incompatible with prototype" > "rpc_parse/parse_lsa.c", line 470: warning: statement not reached" > > If you have any ideas, please let me know - I'd really like to get this > version of Samba up and running. > > Here's "make install" output for samba-tng-alpha-2.2: > > ========================================================================= > # make install > > Using FLAGS = -O -Iinclude -I./include -I./ubiqx > -I./smbwrapper > -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 > -DLOGFILEBASE="/usr/usna/samba-tng-2.2/var" > -DSMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.smb" > -DNMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.nmb" > -DCONFIGFILE="/usr/usna/samba-tng-2.2/lib/smb.conf" > -DLMHOSTSFILE="/usr/usna/samba-tng-2.2/lib/lmhosts" > -DSWATDIR="/usr/usna/samba-tng-2.2/swat" > -DSBINDIR="/usr/usna/samba-tng-2.2/sbin" > -DLOCKDIR="/usr/usna/samba-tng-2.2/var/locks" > -DSMBRUN="/usr/usna/samba-tng-2.2/bin/smbrun" > -DCODEPAGEDIR="/usr/usna/samba-tng-2.2/lib/codepages" > -DDRIVERFILE="/usr/usna/samba-tng-2.2/lib/printers.def" > -DBINDIR="/usr/usna/samba-tng-2.2/bin" > -DFORMSFILE="/usr/usna/samba-tng-2.2/lib/ntforms.def" > -DNTDRIVERSDIR="/usr/usna/samba-tng-2.2/lib" -DHAVE_INCLUDES_H > -DPASSWD_PROGRAM="/bin/passwd" > -DSMB_PASSWD_PROGRAM="/usr/usna/samba-tng-2.2/bin/smbpasswd" > -DSMB_PASSWD_FILE="/usr/usna/samba-tng-2.2/private/smbpasswd" > -DSAM_DIR="/usr/usna/samba-tng-2.2/sam" > -DSMB_PASSGRP_FILE="/usr/usna/samba-tng-2.2/private/smbpassgrp" > -DSMB_GROUP_FILE="/usr/usna/samba-tng-2.2/private/smbgroup" > -DSMB_ALIAS_FILE="/usr/usna/samba-tng-2.2/private/smbalias" > Using LIBS = -lsec -lgen -lsocket -lnsl -ldl > Installing bin/libmsrpc.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsmb.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libnmb.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsamba.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libubiqx.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsamrpass.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/libsurs.la in /usr/usna/samba-tng-2.2/lib using libtool > ---------------------------------------------------------------------- > Libraries have been installed in: > /usr/usna/samba-tng-2.2/lib > > If you ever happen to want to link against installed libraries > in a given directory, LIBDIR, you must either use libtool, and > specify the full pathname of the library, or use `-LLIBDIR' > flag during linking and do at least one of the following: > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > during execution > - use the `-RLIBDIR' linker flag > > See any operating system documentation about shared libraries for > more information, such as the ld(1) and ld.so(8) manual pages. > ---------------------------------------------------------------------- > Installing bin/smbclient in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/testparm in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/testprns in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/smbrun in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/smbstatus in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/rpcclient in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/smbpasswd in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/make_smbcodepage in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/make_unicodemap in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/regedit in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/samedit in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/net in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/svccontrol in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/cmdat in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/ntspool in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/nmblookup in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/make_printerdef in /usr/usna/samba-tng-2.2/bin using libtool > Installing bin/smbd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/lsarpcd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/svcctld in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/spoolssd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/samrd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/srvsvcd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/wkssvcd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/browserd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/netlogond in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/winregd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/nmbd in /usr/usna/samba-tng-2.2/sbin using libtool > Installing bin/swat in /usr/usna/samba-tng-2.2/sbin using libtool > Installing man pages in /usr/usna/samba-tng-2.2/man > ====================================================================== > The man pages have been installed. You may uninstall them using the command > the command "make uninstallman" or make "uninstall" to uninstall binaries, > man pages and shell scripts. > ====================================================================== > Installing scripts in /usr/usna/samba-tng-2.2/bin > ====================================================================== > The scripts have been installed. You may uninstall them using > the command "make uninstallscripts" or "make install" to install binaries, > man pages and shell scripts. You may recover the previous version (if any > by "make revert". > ====================================================================== > Installing codepage files in /usr/usna/samba-tng-2.2/lib/codepages > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.437 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.437 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.737 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.737 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.775 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.775 > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > file ./codepages/CP775.TXT. Error was No such file or directory > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.850 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.850 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.852 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.852 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.861 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.861 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.932 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.932 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.866 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.866 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.949 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.949 > Illegal Instruction - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.950 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.950 > Illegal Instruction - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.936 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.936 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.1251 > Segmentation Fault - core dumped > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.1251 > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > file ./codepages/CP1251.TXT. Error was No such file or directory > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-1 > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-1 is not a valid codepage. > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-1 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-2 > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-2 is not a valid codepage. > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-2 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-5 > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-5 is not a valid codepage. > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-5 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-7 > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-7 is not a valid codepage. > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-7 > Segmentation Fault - core dumped > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.KOI-R > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: KOI-R is not a valid codepage. > Creating unicode codepage file > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.KOI-R > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > file ./codepages/CPKOI-R.TXT. Error was No such file or directory > ====================================================================== > The code pages have been installed. You may uninstall them using the > command "make uninstallcp" or make "uninstall" to uninstall binaries, > man pages, shell scripts and code pages. > ====================================================================== > Installing SWAT in /usr/usna/samba-tng-2.2/swat > Installing the Samba Web Admisistration Tool > /usr/usna/samba-tng-2.2/swat/images/globals.gif > /usr/usna/samba-tng-2.2/swat/images/home.gif > /usr/usna/samba-tng-2.2/swat/images/passwd.gif > /usr/usna/samba-tng-2.2/swat/images/printers.gif > /usr/usna/samba-tng-2.2/swat/images/samba.gif > /usr/usna/samba-tng-2.2/swat/images/shares.gif > /usr/usna/samba-tng-2.2/swat/images/status.gif > /usr/usna/samba-tng-2.2/swat/images/viewconfig.gif > /usr/usna/samba-tng-2.2/swat/help/welcome.html > /usr/usna/samba-tng-2.2/swat/help/DOMAIN_MEMBER.html > /usr/usna/samba-tng-2.2/swat/help/LDAP.html > /usr/usna/samba-tng-2.2/swat/help/debug2html.1.html > /usr/usna/samba-tng-2.2/swat/help/lmhosts.5.html > /usr/usna/samba-tng-2.2/swat/help/make_smbcodepage.1.html > /usr/usna/samba-tng-2.2/swat/help/nmbd.8.html > /usr/usna/samba-tng-2.2/swat/help/nmblookup.1.html > /usr/usna/samba-tng-2.2/swat/help/rpcclient.1.html > /usr/usna/samba-tng-2.2/swat/help/samba.7.html > /usr/usna/samba-tng-2.2/swat/help/smb.conf.5.html > /usr/usna/samba-tng-2.2/swat/help/smbclient.1.html > /usr/usna/samba-tng-2.2/swat/help/smbd.8.html > /usr/usna/samba-tng-2.2/swat/help/smbpasswd.5.html > /usr/usna/samba-tng-2.2/swat/help/smbpasswd.8.html > /usr/usna/samba-tng-2.2/swat/help/smbrun.1.html > /usr/usna/samba-tng-2.2/swat/help/smbstatus.1.html > /usr/usna/samba-tng-2.2/swat/help/smbtar.1.html > /usr/usna/samba-tng-2.2/swat/help/swat.8.html > /usr/usna/samba-tng-2.2/swat/help/testparm.1.html > /usr/usna/samba-tng-2.2/swat/help/testprns.1.html > /usr/usna/samba-tng-2.2/swat/include/footer.html > /usr/usna/samba-tng-2.2/swat/include/header.html > ====================================================================== > The SWAT files have been installed. Remember to read the swat/README > for information on enabling and using SWAT > ====================================================================== > > > > > > ---------------------------------------------------------- > Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 > United States Naval Academy - CADIG > 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 12 02:39:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues In-Reply-To: <38F38959.64B31E11@uindy.edu> Message-ID: On Wed, 12 Apr 2000, Kelly Smelser wrote: > After: > > /samedit -S . -U root > [root@.] createuser somename > > or > > [root@.] createuser somemachine$ > > I get: > > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > socket connet to /opt/samba-tng/var/locks/.msrpc/samr failed: this is the important one, it tells you that you're not running samrd. > Connection refused > ncalrpm_l_establish_connection: failed samr) > ncalrpc_l_use_add: connection failed > please use 'lsaquery' first to acertain the SID > > Can anyone offer any assistance on this? The daemons are started and > all appears to be well, but this is what I get when I attempt to add > users with samedit. check the log.samr file. always, if you get an error in the client-side log files, your instant, knee-jerk reaction should be to look in the server-side logs. From lkcl at samba.org Wed Apr 12 02:50:43 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: How do I configure TNG x.x ? In-Reply-To: <38F26031.7B687858@monet.fh-friedberg.de> Message-ID: On Wed, 12 Apr 2000, Andreas Grimmel wrote: > Thanks for the tip with "samedit -S .", that one works better (don't know why it's a bit like "su" > But still got problems with createuser (by the way: am I just too blind to > see or can't i try ntlogin when no user/machine account exists, because that > fails at the moment?), this is what I get when I try to set up a new user: > > [ROOT@.]$ createuser healer > createuser healer you forgot to specify -U root, in the samedit command-line. From Olivier.Brousselle at univ-lehavre.fr Wed Apr 12 06:45:46 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:23 2003 Subject: [TNG 2.3] upgrade failed Message-ID: <38F41B9A.223EBC26@univ-lehavre.fr> Hello all, I have a little problem, after upgrading TNG to 2.3. I'm using a PC with Slackware 7.0 as a PDC. My domain have at least 50 workstations, and 1 Citrix Winframe. My problem is that the domain is recognized by the PDC, but not by workstations. Winframe says that the account is missing or the password is incorrect. When I create a new workstation, this one can't connect to the domain and ask me to reverify the machine account. Log of workstation : write_socket: Error writing 36 bytes to socket 11: ERRNO = broken pipe log.nmb : process_logon_packet: Logon from : code = 12 Any idea ? Thx From lkcl at samba.org Wed Apr 12 07:39:07 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:23 2003 Subject: [TNG 2.3] upgrade failed In-Reply-To: <38F41B9A.223EBC26@univ-lehavre.fr> Message-ID: olivier, your description is ambiguous. the domain is controlled by what? the domain is recognised by which PDC? where is your smb.conf file? i repeat, again, to everybody, please be more explicit. thanks. On Wed, 12 Apr 2000, Olivier Brousselle wrote: > Hello all, > > I have a little problem, after upgrading TNG to 2.3. I'm using > a PC with Slackware 7.0 as a PDC. My domain have at least 50 > workstations, > and 1 Citrix Winframe. > > My problem is that the domain is recognized by the PDC, but not by > workstations. Winframe says that the account is missing or the > password is incorrect. > > When I create a new workstation, this one can't connect to the domain > and ask me to reverify the machine account. > > Log of workstation : > write_socket: Error writing 36 bytes to socket 11: ERRNO = broken pipe > > log.nmb : > process_logon_packet: Logon from : code = 12 > > Any idea ? Thx > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From vadjan at mail.ru Wed Apr 12 09:18:08 2000 From: vadjan at mail.ru (Vadim Kimlaychuk) Date: Tue Dec 2 02:29:23 2003 Subject: Changing passwords from NT Message-ID: Hello All. How can I change SAMBA passwords from NT workstation (what tool should I use?). And one more problem - users (on UNIX server) coldn't change SAMBA passwords. smbpasswd wrote : 'The specified password is invalid'. From petersv at psv.nu Wed Apr 12 09:36:54 2000 From: petersv at psv.nu (Peter Svensson) Date: Tue Dec 2 02:29:23 2003 Subject: Group map files In-Reply-To: Message-ID: On Wed, 12 Apr 2000, Luke Kenneth Casson Leighton wrote: > well, it may well be. there is still the issue where identical names in > /etc/passwd and /etc/group cause recursion problems. Thre was some talk a while ago about automatically prepending/appending a string to the group names when they are read from /etc/groups (e.g. system -> G_system). For us poor souls out here that have lots of identical group/usernames this would be a boon. Peter -- Peter Svensson ! Pgp key available by finger, fingerprint: ! 8A E9 20 98 C1 FF 43 E3 07 FD B9 0A 80 72 70 AF ! ------------------------------------------------------------------------ Remember, Luke, your source will be with you... always... From vadjan at mail.ru Wed Apr 12 09:44:45 2000 From: vadjan at mail.ru (Vadim Kimlaychuk) Date: Tue Dec 2 02:29:23 2003 Subject: TNG?? Message-ID: What is TNG ? From arielez at cs.huji.ac.il Wed Apr 12 09:47:23 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:23 2003 Subject: TNG?? In-Reply-To: Message-ID: TNG - The Next Generation (like in startrek ...) On Wed, 12 Apr 2000, Vadim Kimlaychuk wrote: | | | | What is TNG ? | | From giulioo at pobox.com Wed Apr 12 09:41:37 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:23 2003 Subject: Issues with SAMBA install In-Reply-To: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> References: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> Message-ID: <20000412094259.B99602AE82@i3.golden.dom> On Wed, 12 Apr 2000 04:33:57 +1000, hai scritto: >failed. As such, I needed to create entries for all my clients in my >DNS. I used generic ws-100 thru to ws-200, my range of IP's and also >create reverse records for those. Even /etc/hosts would be ok. You can even use "wins hook" to update the dns dinamically with the real names, provided the win9x use samba as a wins server. >Can one create a share for a specific user or group **which is only visible >to that group**? I would like to create a share of the entire file system include = /path/file.conf.%U then in /path/file.conf. put the share definitions for the specific user. -- giulioo@pobox.com From chris_allen at aurema.com Wed Apr 12 09:51:16 2000 From: chris_allen at aurema.com (Chris Allen) Date: Tue Dec 2 02:29:23 2003 Subject: Bad stub data? - Win2K + TNG Message-ID: <955532788.534754@swelter.sw.oz.au> Hi, I am trying to get Windows 2000 Prof to work with TNG - I can get the workstation to join the domain OK, but when I try to login I get this error (on the Win box): The stub received bad data. This happens with both TNG alpha-2.1 and alpha-2.2 (RedHat 6.0). I can't get alpha-2.3 to work it all - the workstation won't join the domain because: "The RPC call failed". Has anyone had any success? Am I missing something? Logs and smb.conf are attached. Thanks, Chris begin 666 smb.conf M6V=L;V)A;%T*"B-.971"24]3(&YA;64@:7-N)W0@;F5E9&5D(&EF(&ET)W,@ M=&AE('-A;64@87,@=&AE(&AO"!G'!O2 ]("]E>'!O2!A;F0@=V4@;F5E9"!E;F-R>7!T960@"B-P87-S=V]R9',@ M*'-E92!%3D-265!424].+G1X="D@"G-E8W5R:71Y(#T@=7-E65S"FEN M=&5R9F%C97,@/2 Q.3(N,38X+C4N-#0O,C4U+C(U-2XR-34N,3(X"FUE7-T96T@<&]L:6-I97,@86YD(&QO9VEN('-CF4@,"!N='8@8@IP M2!32$%:6D$@;V8@='EP92 T M,# P,3 P,R H*2!O;B!W;W)K9W)O=7 @055214U!5$Y'+@IP'!OF4@,"!N='8@8@IP3H@0I#:&%I;F5D(&UEF$@*#$Y M,BXQ-C@N-2XR-"D@8V]N;F5C="!T;R!S97)V:6-E($E00R0@87,@=7-E#TQ,#(T(&YR96%D/3,R"E1R86YS86-T M:6]N(#$P(&]F(&QE;F=T:" Q.#0*#TQ,#(T(&YR96%D/30P"E1R86YS86-T:6]N(#$R(&]F(&QE;F=T:" Q M,S<*"!N86UE(&YO8F]D>0I# M:&%I;F5D(&UEF$@*#$Y,BXQ-C@N-2XR-"D@8V]N;F5C="!T;R!S M97)V:6-E($E00R0@87,@=7-E#TQ,#(T(&YR96%D/30X"E1R86YS86-T:6]N M(#$X(&]F(&QE;F=T:" Q,#0*#TQ,#(T(&YR96%D/30X"E1R86YS M86-T:6]N(#(R(&]F(&QE;F=T:" T-0IS=VET8V@@;65SF$@*#$Y,BXQ-C@N-2XR-"D@8VQO'!OGIA("@Q.3(N,38X M+C4N,C0I(&-L;W-E9"!C;VYN96-T:6]N('1O('-E Message-ID: <00ed01bfa46c$a7bbf700$0a02a8c0@SAMBA> > can someone take a look at this, i cut make_codepage over from cvs main, > thx. Is not compiled unicode_map for koi8-r encoding. Logs: Creating unicode codepage file /usr/local/samba/lib/codepages/unicode_map.KOI-R /usr/local/samba/bin/make_unicodemap: failed to get the file size for file. /codepages/CPKOI-R.TXT. Error was No such file or directory The correct name for it - koi8-r instead of KOI-R. Has corrected in Makefile - CODEPAGELIST = 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 KOI8-R It for TNG-2.2, 2.3 did not look yet From Meerwaldt at t-online.de Wed Apr 12 11:38:18 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:23 2003 Subject: Logging on, access denied Message-ID: Hi all, I have a computer account in my Domain, but when I join the domain, it tells me, that he's unable to change the password and thus cannot join the Domain. If I remove the Computer account from the Server and add it again, it works. Any suggestions how I can do that without adding and removing the account? -- Best regards, Freddy Homepage: fmeerwaldt.homepage.com Last update: 11.03.2000 Very good OpenVMS HowTo's, DHCPD Howto, VXT2k NetBooting HowTo, and a little bit about me. ------------------------------------------------------------------------ NetBSD Vax, Alpha, i386. Tru64 Unix, OpenVMS, FreeBSD, Ultrix. ------------------------------------------------------------------------ From olivier.wegria at novactiongroup.com Wed Apr 12 12:56:44 2000 From: olivier.wegria at novactiongroup.com (Olivier Wegria) Date: Tue Dec 2 02:29:23 2003 Subject: samba 2.0.6 Message-ID: <500C66C7BF87D311A7F400A0C907E8D83CD9EC@NSA4> I am running Samba 2.0.6 on RH 6.1 Samba shares a lot of files on the network for winnt4 SP5 clients. I am sometimes having problems to access the linux server from the network neighborhood icon. When I click on the server Name, it says error with RPC protocol. But if I give the complete path to the shared resource, I can access it. There are no error messages in samba logs any ideas? From ksmelser at uindy.edu Wed Apr 12 13:22:55 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues References: Message-ID: <38F478AF.3977177B@uindy.edu> Yes, I forgot to include the logs in my post. In the logs there is an error regarding codepage.000. It says it cannot be found. I verified that there was no codepage present. Suggestions? K. From mbreuer at siac.com Wed Apr 12 13:16:45 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:23 2003 Subject: Bad stub data? - Win2K + TNG References: <955532788.534754@swelter.sw.oz.au> Message-ID: <38F4773C.EF8EE6DB@siac.com> I've seen the "bad stub" message when entering an incorrect password (or at least a password that Samba believed was incorrect). Pay particular attention to the mapping between /etc/passwd, smbpasswd and the various usermap entries. I've also seen in several older alpha releases that to join a domain required the unix root account and that the samba administrator account had to be the unix root account and share the same password. I don't know if this is still true... I haven't retested this lately. Lastly, if this is not your problem, then the others on the list more proficient than I will likely need debug level 100 logs from a system compiled with password debugging enabled (built with configure.developer). From alex at gs.nsc.ru Wed Apr 12 13:26:00 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:23 2003 Subject: WIN2K shares Message-ID: <0851.000412@gs.nsc.ru> Hello All, There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) When connecting from PDC to Win200-Professional(controlled by this PDC) using smbclient: #smbclient -L WIN2K -W DOMAIN -U user Password: 1st session setup ok 2nd session setup ok failed tcon_X failed session request # The same when using samba-tng 2.3 What does it mean? Best regards, Alex mailto:alex@gs.nsc.ru From ctooley at joslyn.org Wed Apr 12 13:35:54 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues In-Reply-To: <38F478AF.3977177B@uindy.edu> Message-ID: <000301bfa484$07302fa0$1900a8c0@joslyn.org> I have been fighting this same issue for three days, albeit not full time three days. I thought I was doing something wrong and was just going to keep fighting it for a while to see if I could figure it out or if 2.3tar fixed it. I know samrd is runing, but the only log file I have is log.samedit no log.samrd and it contains this entry a bunch of times: [2000/04/10 14:53:00, 0] lib/charset.c:load_client_codepage(215) load_client_codepage: filename /usr/local/sambatngcvs/lib/codepages/codepage.0 00 does not exist I could not find the codepage and samba should not be looking in sambatngcvs in the first place. I copied the samba directory to sambatngcvs before this install and installed everything to samba. Any ideas? Chris Tooley -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Kelly Smelser Sent: Wednesday, April 12, 2000 8:15 AM To: Multiple recipients of list SAMBA-NTDOM Subject: Re: ...continued samedit issues Yes, I forgot to include the logs in my post. In the logs there is an error regarding codepage.000. It says it cannot be found. I verified that there was no codepage present. Suggestions? K. From ctooley at joslyn.org Wed Apr 12 13:37:44 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues In-Reply-To: <38F478AF.3977177B@uindy.edu> Message-ID: <000401bfa484$48bac020$1900a8c0@joslyn.org> I forgot this entry goes with the other one: [2000/04/10 14:53:00, 0] lib/util_wunistr.c:load_unicode_map(428) load_unicode_map: filename /usr/local/sambatngcvs/lib/codepages/unicode_map.85 0 does not exist. Sorry, and thanks for all the hard work on TNG, Chris Tooley -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Kelly Smelser Sent: Wednesday, April 12, 2000 8:15 AM To: Multiple recipients of list SAMBA-NTDOM Subject: Re: ...continued samedit issues Yes, I forgot to include the logs in my post. In the logs there is an error regarding codepage.000. It says it cannot be found. I verified that there was no codepage present. Suggestions? K. From schs at apatity.ru Wed Apr 12 13:49:31 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues References: <38F478AF.3977177B@uindy.edu> Message-ID: <003e01bfa486$1ddda0a0$0a02a8c0@SAMBA> > Yes, I forgot to include the logs in my post. In the logs there is an > error regarding codepage.000. It says it cannot be found. I verified > that there was no codepage present. Suggestions? > > K. It is possible to specify the required coding in smb.conf Example: client code page = 850 From hulet at ittc.ukans.edu Wed Apr 12 14:45:34 2000 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:29:23 2003 Subject: Group map files In-Reply-To: Message-ID: My experience with the /etc/group thing has been this. If any of your samba users (smbpasswd) are in a group (/etc/group) which is also a user (/etc/passwd), you will have trouble. If you have an adm group and an adm user but no samba users are in the group and adm is not a samba user, it doesn't affect samba. I also had trouble with large /etc/group files ( > 4000 characters). You get the message: "A domain controller for your domain could not be contacted. You have been logged on using cached account information. Changes to your profile since you last logged on may not be available." If any of your samba users (smbpasswd) are in a group (/etc/group) which is also a user (/etc/passwd), you get: "The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect." The size of the /etc/group observation is not definitive. It seems to also be affected by the load on the server. But if my /etc/group is < 3500 characters, everything seems to work as advertised. Michael Hulet Network System Administrator ITTC, University of Kansas On Wed, 12 Apr 2000, Peter Svensson wrote: > On Wed, 12 Apr 2000, Luke Kenneth Casson Leighton wrote: > > > well, it may well be. there is still the issue where identical names in > > /etc/passwd and /etc/group cause recursion problems. > > Thre was some talk a while ago about automatically prepending/appending a > string to the group names when they are read from /etc/groups (e.g. > system -> G_system). For us poor souls out here that have lots of > identical group/usernames this would be a boon. > > Peter > -- > Peter Svensson ! Pgp key available by finger, fingerprint: > ! 8A E9 20 98 C1 FF 43 E3 07 FD B9 0A 80 72 70 AF > ! > ------------------------------------------------------------------------ > Remember, Luke, your source will be with you... always... > > From neonatus at gimp.thz.net Wed Apr 12 15:30:29 2000 From: neonatus at gimp.thz.net (Bostjan Muller) Date: Tue Dec 2 02:29:23 2003 Subject: adding a list of users Message-ID: <20000412173029.A31056@gimp.thz.net> Hi! I have found no way to make samba-tng (latest cvs - or the previous ones) to work with both NT wks and win9x, so I am gong back to samba 2.0.6, but I am still wondering if there is a way to make samba 2.0.6 (is there anything newer) to enable users on the workstations to enable shares per user list that they get from samba server (like samba TNG does)? THX in advance! Bostjan From ksmelser at uindy.edu Wed Apr 12 15:45:29 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:23 2003 Subject: ...continued samedit issues References: <38F478AF.3977177B@uindy.edu> <003e01bfa486$1ddda0a0$0a02a8c0@SAMBA> Message-ID: <38F49A19.B66963B8@uindy.edu> Here is a continuation of my samedit problems. First of all, when I tried to initially add root to the smbpasswd file by doing smbpasswd -a root I came up with "connection refused" errors and failed entry. As far as samedit goes I get the connection refused message I cited earlier, and the log.samedit states that "/opt/samba-tng/lib/codepages/codepage.000 does not exist". In the smb.conf I add the client code page = 850 line, yet I still get the error in log.samedit saying codepage.000 could not be found when load_client_codepage was attempted. Suggestions? K. From gkopp at ideastar.com Wed Apr 12 15:30:08 2000 From: gkopp at ideastar.com (Greg Kopp) Date: Tue Dec 2 02:29:23 2003 Subject: Help a rookie: Samba 2.0.5+RH 6.1+Existing NT domain working Message-ID: I installed Samba on my RH 6.1 with the RPM's. I have this as my smb.conf file: [global] netbios name = 7OF9 workgroup = IDEASTAR guest account = nobody security = domain password server = ISTAR-FS1 encrypt passwords = Yes domain master = no wins server = 207.206.15.64 interfaces = 207.206.15.3/255.255.255.128 dns proxy = no [test] comment = For testing only path = /samba/test read only = No public = yes guest ok = Yes Yet, I am still unable to view this machine in the network neighborhood. Although if I go to a second Linux box and install samba, I am able to connect to it via the smbclient program. I added the machine to the existing NT domain as directed and recieved no errors. I am able to do to the NT 4.0 Server Manager and see the properties of the server. Yet, when logged into the domain on my Win 98 machine, I do NOT see the Linux Samba server listed in my NN. Any ideas? Here's what we are trying to do: We are a web development firm and I want to use Samba on the Web server so that our web designers can just use Micro$oft networking to move files to the web server and not FTP. Please help if you can. Greg --- Greg Kopp IdeaStar, Inc. v.(216) 587-9300 f.(216) 587-9301 gkopp@ideastar.com From danch at danch.com Wed Apr 12 16:17:40 2000 From: danch at danch.com (Dan Christopherson) Date: Tue Dec 2 02:29:23 2003 Subject: Help a rookie: Samba 2.0.5+RH 6.1+Existing NT domain working In-Reply-To: Message-ID: Have you tried connecting by the full UNC name ('\\7OF9\test') - you can do 'Start|Run...' from the Win98 desktop and type this to open an window on that share without mounting it. A common problem is that Win98 likes to use NetBEUI rather than NetBIOS over TCP/IP. I simply remove NetBEUI from my windows machines, but I hear that they can be persuaded to use TCP first. Dan Christopherson (danch) STR Technical Architect (www.str.com) On Thu, 13 Apr 2000, Greg Kopp wrote: > I installed Samba on my RH 6.1 with the RPM's. > > I have this as my smb.conf file: > > [global] > netbios name = 7OF9 > workgroup = IDEASTAR > guest account = nobody > security = domain > password server = ISTAR-FS1 > encrypt passwords = Yes > domain master = no > wins server = 207.206.15.64 > interfaces = 207.206.15.3/255.255.255.128 > dns proxy = no > > [test] > comment = For testing only > path = /samba/test > read only = No > public = yes > guest ok = Yes > > Yet, I am still unable to view this machine in the network neighborhood. > Although if I go to a second Linux box and install samba, I am able to > connect to it via the smbclient program. > > I added the machine to the existing NT domain as directed and recieved no > errors. I am able to do to the NT 4.0 Server Manager and see the properties > of the server. > > Yet, when logged into the domain on my Win 98 machine, I do NOT see the > Linux Samba server listed in my NN. > > Any ideas? > > Here's what we are trying to do: > > We are a web development firm and I want to use Samba on the Web server so > that our web designers can just use Micro$oft networking to move files to > the web server and not FTP. > > Please help if you can. > > Greg > > --- > Greg Kopp > IdeaStar, Inc. > v.(216) 587-9300 f.(216) 587-9301 > gkopp@ideastar.com > From trevor at steinmetznet.com Wed Apr 12 16:29:00 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:24 2003 Subject: Group map files References: Message-ID: <38F4A44C.AC895409@steinmetznet.com> Thanks all, The problem was (exactly as stated) that I was starting old smbd and nmbd processes. (I though I was resolveing this by deleteing the old sambe tree before installing TNG, but SuSE hides smbd and nmbd in /usr/sbin, and the startup script points to them there. Doh!) Now that I have found the correct daemons, I have noticed that there are alot more of them in TNG. I assume I want to start all of them? Luke Kenneth Casson Leighton wrote: > On Wed, 12 Apr 2000, Trevor Antczak wrote: > > > Hello, > > > > This is starting to really drive me nuts. I have been downloading and > > compileing the TNG branch since about 0.4 and most recently 2.2. > > Everytime I hope it will solve the problem I am having and it doesn't. > > I can only conclude that I am doing something wrong. When I restart > > Samba (or start it) I get a message in my log that the commands domain > > user map, domain group map, and local group map are unknown and being > > ignored. > > that says you are not running with TNG. > > check your entire system (find / -name smbd -print) for samba daemons. > > > I can only log into the doamin as a guest, and my user manager > > is some kinda screwed up right now, because of the weird info it is > > getting from Samba. Since no one else is reporting this problem, I have > > to assume it is not a bug (as I first thought). > > well, it may well be. there is still the issue where identical names in > /etc/passwd and /etc/group cause recursion problems. > > > smb.conf > > > > # Unix users can map to different SMB User names > > domain user map = /etc/smbusers > > local group map = /etc/smbgroupmap > > domain group map = /etc/smbgroup > > ; domain admin group = wheel > > ; domain admin users = trevor rootnt > > ; admin users = trevor rootnt > > > > > > log.smb > > > > [2000/04/11 08:11:24, 1] smbd/server.c:main(614) > > smbd version 2.0.3 started. > > Copyright Andrew Tridgell 1992-1998 > > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > > Unknown parameter encountered: "domain user map" > > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > > Ignoring unknown parameter "domain user map" > > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > > Unknown parameter encountered: "local group map" > > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > > Ignoring unknown parameter "local group map" > > [2000/04/11 08:11:24, 0] param/loadparm.c:map_parameter(1582) > > Unknown parameter encountered: "domain group map" > > [2000/04/11 08:11:24, 0] param/loadparm.c:lp_do_parameter(1954) > > Ignoring unknown parameter "domain group map" > > > > > > -- > > Thank you, > > Trevor Antczak > > Technology Manager > > Steinmetz & Associates > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From oliver at hydraweb.com Wed Apr 12 17:46:07 2000 From: oliver at hydraweb.com (Oliver Stockhammer) Date: Tue Dec 2 02:29:24 2003 Subject: subscribe Message-ID: subscribe -- ,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ' Oliver Stockhammer / Hydraweb Technologies ' Unix Sys Admin / 40 Broad St., ste2175 NY,NY,10004 , oliver@hydraweb.com / ph.212.809.5900 fx.212.809.5932 , ''''''''''''''''''''''''' ''''''''' From Skripi at hrzpub.tu-darmstadt.de Wed Apr 12 17:58:34 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:24 2003 Subject: Group map files In-Reply-To: <38F4A44C.AC895409@steinmetznet.com>; from trevor@steinmetznet.com on Thu, Apr 13, 2000 at 02:31:15AM +1000 References: <38F4A44C.AC895409@steinmetznet.com> Message-ID: <20000412195834.A2055@shadowland.sc> Trevor Antczak: > Thanks all, > > The problem was (exactly as stated) that I was starting old smbd and nmbd > processes. (I though I was resolveing this by deleteing the old sambe tree > before installing TNG, but SuSE hides smbd and nmbd in /usr/sbin, and the > startup script points to them there. Doh!) Now that I have found the correct > daemons, I have noticed that there are alot more of them in TNG. I assume I > want to start all of them? reading the docs like source/README does help avoiding this. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From oliver at hydraweb.com Wed Apr 12 18:10:44 2000 From: oliver at hydraweb.com (Oliver Stockhammer) Date: Tue Dec 2 02:29:24 2003 Subject: Adding a NT BDC to the Samba PDC Message-ID: Hello, I am attempting to install a windows NT BDC on my Samba Controlled domain. When I install the NT BDC, it crashes hard when I add the machine to the domain. Basically it gives me a fatal error during installation. When I add the NT box to the domain (HYDRANET), and submit the administrative user name and password (smbroot), NT gives back an application error has occurred and reboots. Any ideas? We are attempting to run Samba as a PDC for our NT servers and therefore would like them to act as BDCs to the sambe run domain. I have provided a tcpdump and the log.smb below. tcpdump: ---Cut Text--- 13:00:31.924234 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: S 1743106:1743106(0) win 8192 (DF) (ttl 128, id 9216) 13:00:31.924282 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: S 2368684107:2368684107(0) ack 1743107 win 32120 (DF) (ttl 64, id 49771) 13:00:31.924472 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: . 1:1(0) ack 1 win 8760 (DF) (ttl 128, id 9472) 13:00:31.924489 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P 1:73(72) ack 1 win 8760>>> NBT (DF) (ttl 128, id 9728) 13:00:31.924551 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: . 1:1(0) ack 73 win 32120 (DF) (ttl 64, id 49772) 13:00:31.934316 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P 1:5(4) ack 73 win 32120>>> NBT (DF) (ttl 64, id 49787) 13:00:31.934633 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P 73:247(174) ack 5 win 8756>>> NBT (DF) (ttl 128, id 9984) 13:00:31.937167 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P 5:95(90) ack 247 win 32120>>> NBT (DF) (ttl 64, id 49788) 13:00:31.938809 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P 247:444(197) ack 95 win 8666>>> NBT (DF) (ttl 128, id 10240) 13:00:31.940940 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: . 95:95(0) ack 444 win 32120 (DF) (ttl 64, id 49792) 13:00:31.955024 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P 95:134(39) ack 444 win 32120>>> NBT (DF) (ttl 64, id 49800) 13:00:31.955277 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: F 444:444(0) ack 134 win 8627 (DF) (ttl 128, id 10496) 13:00:31.955320 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: . 134:134(0) ack 445 win 32120 (DF) (ttl 64, id 49801) 13:00:31.955569 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: F 134:134(0) ack 445 win 32120 (DF) (ttl 64, id 49802) 13:00:31.955738 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: . 445:445(0) ack 135 win 8627 (DF) (ttl 128, id 10752) 13:00:49.890805 < 192.168.1.97.netbios-dgm > 192.168.1.76.netbios-dgm: NBT UDP (138) (ttl 128, id 11008) 13:00:49.891719 > 192.168.1.76.netbios-dgm > 192.168.1.97.netbios-dgm: NBT UDP (138) (ttl 64, id 49813) 13:00:49.899222 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: S 1761082:1761082(0) win 8192 (DF) (ttl 128, id 11264) 13:00:49.899271 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: S 2393645878:2393645878(0) ack 1761083 win 32120 (DF) (ttl 64, id 49815) 13:00:49.899489 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: . 1:1(0) ack 1 win 8760 (DF) (ttl 128, id 11520) 13:00:49.899507 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1:73(72) ack 1 win 8760>>> NBT (DF) (ttl 128, id 11776) 13:00:49.899565 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: . 1:1(0) ack 73 win 32120 (DF) (ttl 64, id 49816) 13:00:49.909134 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 1:5(4) ack 73 win 32120>>> NBT (DF) (ttl 64, id 49831) 13:00:49.909449 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 73:247(174) ack 5 win 8756>>> NBT (DF) (ttl 128, id 12032) 13:00:49.911725 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: . 5:5(0) ack 247 win 32120 (DF) (ttl 64, id 49832) 13:00:49.911997 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 5:95(90) ack 247 win 32120>>> NBT (DF) (ttl 64, id 49833) 13:00:49.913473 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 247:441(194) ack 95 win 8666>>> NBT (DF) (ttl 128, id 12288) 13:00:49.921722 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: . 95:95(0) ack 441 win 32120 (DF) (ttl 64, id 49840) 13:00:49.980151 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 95:184(89) ack 441 win 32120>>> NBT (DF) (ttl 64, id 49860) 13:00:50.017614 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 441:536(95) ack 184 win 8577>>> NBT (DF) (ttl 128, id 12544) 13:00:50.020325 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 184:291(107) ack 536 win 32120>>> NBT (DF) (ttl 64, id 49861) 13:00:50.020750 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 536:688(152) ack 291 win 8470>>> NBT (DF) (ttl 128, id 12800) 13:00:50.025510 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 291:419(128) ack 688 win 32120>>> NBT (DF) (ttl 64, id 49862) 13:00:50.025857 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 688:836(148) ack 419 win 8342>>> NBT (DF) (ttl 128, id 13056) 13:00:50.031181 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 419:611(192) ack 836 win 32120>>> NBT (DF) (ttl 64, id 49863) 13:00:50.031526 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 836:882(46) ack 611 win 8150>>> NBT (DF) (ttl 128, id 13312) 13:00:50.032414 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 611:650(39) ack 882 win 32120>>> NBT (DF) (ttl 64, id 49864) 13:00:50.037042 < 192.168.1.97.netbios-dgm > 192.168.1.76.netbios-dgm: NBT UDP (138) (ttl 128, id 13568) 13:00:50.037849 > 192.168.1.76.netbios-dgm > 192.168.1.97.netbios-dgm: NBT UDP (138) (ttl 64, id 49865) 13:00:50.062002 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 882:975(93) ack 650 win 8111>>> NBT (DF) (ttl 128, id 13824) 13:00:50.064685 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 650:757(107) ack 975 win 32120>>> NBT (DF) (ttl 64, id 49866) 13:00:50.065058 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 975:1127(152) ack 757 win 8004>>> NBT (DF) (ttl 128, id 14080) 13:00:50.069877 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 757:885(128) ack 1127 win 32120>>> NBT (DF) (ttl 64, id 49867) 13:00:50.070208 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1127:1275(148) ack 885 win 7876>>> NBT (DF) (ttl 128, id 14336) 13:00:50.074752 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 885:993(108) ack 1275 win 32120>>> NBT (DF) (ttl 64, id 49868) 13:00:50.075563 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1275:1370(95) ack 993 win 7768>>> NBT (DF) (ttl 128, id 14592) 13:00:50.078327 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 993:1100(107) ack 1370 win 32120>>> NBT (DF) (ttl 64, id 49869) 13:00:50.078660 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1370:1522(152) ack 1100 win 7661>>> NBT (DF) (ttl 128, id 14848) 13:00:50.083534 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 1100:1228(128) ack 1522 win 32120>>> NBT (DF) (ttl 64, id 49870) 13:00:50.083855 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1522:1694(172) ack 1228 win 7533>>> NBT (DF) (ttl 128, id 15104) 13:00:50.088394 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P 1228:1336(108) ack 1694 win 32120>>> NBT (DF) (ttl 64, id 49871) 13:00:50.088734 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P 1694:1820(126) ack 1336 win 7425>>> NBT (DF) (ttl 128, id 15360) ---END CUT--- log.smb : ---CUT TEXT--- [2000/04/12 13:00:31, 6] param/loadparm.c:lp_file_list_changed(1855) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 2000 [2000/04/12 13:00:31, 10] lib/genrand.c:do_reseed(135) do_reseed: got 40 bytes from /dev/urandom. [2000/04/12 13:00:31, 6] param/loadparm.c:lp_file_list_changed(1855) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 2000 [2000/04/12 13:00:31, 2] smbd/server.c:main(735) Changed root to / [2000/04/12 13:00:31, 3] smbd/oplock.c:open_oplock_ipc(86) open_oplock_ipc: opening loopback UDP socket. [2000/04/12 13:00:31, 3] lib/util_sock.c:open_socket_in(865) bind succeeded on port 0 [2000/04/12 13:00:31, 3] smbd/oplock.c:open_oplock_ipc(114) open_oplock ipc: pid = 13474, global_oplock_port = 1073 [2000/04/12 13:00:31, 4] lib/time.c:TimeInit(110) Serverzone is 14400 [2000/04/12 13:00:31, 10] lib/util_sock.c:read_smb_length_return_keepalive(599) got smb length of 68 [2000/04/12 13:00:31, 1] lib/util_sock.c:client_name(997) Gethostbyaddr failed for 192.168.1.97 [2000/04/12 13:00:31, 2] lib/access.c:check_access(258) Allowed connection from 192.168.1.97 (192.168.1.97) [2000/04/12 13:00:31, 6] smbd/process.c:process_smb(614) got message type 0x81 of len 0x44 [2000/04/12 13:00:31, 3] smbd/process.c:process_smb(615) Transaction 0 of length 72 [2000/04/12 13:00:31, 2] smbd/reply.c:reply_special(97) netbios connect: name1=NYCSERV1 name2=WS [2000/04/12 13:00:49, 10] lib/genrand.c:do_reseed(135) do_reseed: got 40 bytes from /dev/urandom. [2000/04/12 13:00:49, 6] param/loadparm.c:lp_file_list_changed(1855) lp_file_list_changed() file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 2000 [2000/04/12 13:00:49, 2] smbd/server.c:main(735) Changed root to / [2000/04/12 13:00:49, 3] smbd/oplock.c:open_oplock_ipc(86) open_oplock_ipc: opening loopback UDP socket. [2000/04/12 13:00:49, 3] lib/util_sock.c:open_socket_in(865) bind succeeded on port 0 [2000/04/12 13:00:49, 3] smbd/oplock.c:open_oplock_ipc(114) open_oplock ipc: pid = 13475, global_oplock_port = 1074 [2000/04/12 13:00:49, 4] lib/time.c:TimeInit(110) Serverzone is 14400 [2000/04/12 13:00:49, 10] lib/util_sock.c:read_smb_length_return_keepalive(599) got smb length of 68 [2000/04/12 13:00:49, 1] lib/util_sock.c:client_name(997) Gethostbyaddr failed for 192.168.1.97 [2000/04/12 13:00:49, 2] lib/access.c:check_access(258) Allowed connection from 192.168.1.97 (192.168.1.97) [2000/04/12 13:00:49, 6] smbd/process.c:process_smb(614) got message type 0x81 of len 0x44 [2000/04/12 13:00:49, 3] smbd/process.c:process_smb(615) Transaction 0 of length 72 [2000/04/12 13:00:49, 2] smbd/reply.c:reply_special(97) netbios connect: name1=NYCSERV1 name2=WS ---END CUT--- -- ,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ' Oliver Stockhammer / Hydraweb Technologies ' Unix Sys Admin / 40 Broad St., ste2175 NY,NY,10004 , oliver@hydraweb.com / ph.212.809.5900 fx.212.809.5932 , ''''''''''''''''''''''''' ''''''''' From gosha at arvid.ee Wed Apr 12 17:16:24 2000 From: gosha at arvid.ee (Dmitri B.Gofmekler) Date: Tue Dec 2 02:29:24 2003 Subject: TNG Strange problems. Message-ID: <4.3.1.0.20000412201348.00b3e7f0@mail> Hi, Somebody saw the situation when all machines logged into domain successfully but users from NT Machines unable to rename any files or directories with the message "permission denied" and Windows 98 machines unable to access NT shares? (BTW, it is necessary to manually create win98pc$ accounts in smbpasswd?) Running RedHAT 6.1 TNG-alpha-2.3 ? Thanks in advance, ---- Dmitri B. Gofmekler , ICQ: 8168758 ---- "http://www.sill.ee/~gosha/gosha.asc" - for PGP Encrypted messages. ===================================== Phone: (+372) 6 563981 Fax: (+372) 6 563000 A-Arvid Computers Ltd. < http://www.arvid.ee > From gkopp at ideastar.com Wed Apr 12 20:48:06 2000 From: gkopp at ideastar.com (Greg Kopp) Date: Tue Dec 2 02:29:24 2003 Subject: More NT PDC and Samba troubles - can you help? Message-ID: I have the Samba 2.0.5 RPM's installed on my RedHat 6.1 linux box. Here is my smb.conf file: [global] netbios name = 7OF9 workgroup = IDEASTAR guest account = nobody security = domain password server = ISTAR-FS1 encrypt passwords = Yes domain master = no interfaces = 207.206.15.3/25 localhost bind interfaces only = yes dns proxy = no username map = /etc/smbusers [www] comment = Voyager Web Files path = /usr/local/www writable = yes My smbusers file looks like this: webuser = user1, user2, user3 The share above is owned by the unix user account webuser. BUT, in order for the users on the network to actually use this volume, I had to manually add them tp the smbusers file. If I remove that file and it's corresponding username map entry, you can't browse the volume. It asks you for a password. Is there a way to have true NT domain authentication? What steps do I need to take so I can add persons to a "Web" group on the NT domain and automatically give that group access to the listed share? Any help would be appreciated. Thanks. Greg --- Greg Kopp IdeaStar, Inc. v.(216) 587-9300 f.(216) 587-9301 gkopp@ideastar.com From bradyw at tamu.edu Wed Apr 12 21:17:59 2000 From: bradyw at tamu.edu (Brady Wied) Date: Tue Dec 2 02:29:24 2003 Subject: CVS question Message-ID: I know this is a dumb question, but how do I pull the latest TNG down with cvs? I have been using cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba but this doesn't seem to do it. Brady ---------------------------------- Brady Wied bradyw@tamu.edu Fightin' Texas Aggie Class of 2003 From mg at plum.de Thu Apr 13 21:25:51 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:24 2003 Subject: CVS question References: Message-ID: <38F63B5F.442289CE@plum.de> Brady Wied wrote: > > I know this is a dumb question, but how do I pull the latest TNG down with > cvs? > > I have been using cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba but > this doesn't seem to do it. This gets the current HEAD branch. To get the TNG, you should use: cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co -r SAMBA_TNG samba regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From ksmelser at uindy.edu Wed Apr 12 21:39:04 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:24 2003 Subject: CVS question References: Message-ID: <38F4ECF8.C0B1685D@uindy.edu> cvs -d :pserver:cvs@cvs.samba.org:/cvsroot login enter "cvs" at password prompt create local dir (ie, /usr/src/samba-tng) cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co -r SAMBA_TNG samba From karl at marvin.ERTW.ca Wed Apr 12 21:46:22 2000 From: karl at marvin.ERTW.ca (Karl Rossing) Date: Tue Dec 2 02:29:24 2003 Subject: No subject Message-ID: Hi, For some reason http://us1.samba.org/search/smb-mail.shtml doesn't seem to be working right now. are there any alternate sites for searching this email list? Karl From mgeddes at xavier.sa.edu.au Thu Apr 13 00:39:52 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:24 2003 Subject: Signals Message-ID: <200004130039.KAA28452@mail.xavier.sa.edu.au> Just a quicky, Does either TNG or Samba 2.x react to any signals to make it re-read smb.conf? We have a number of servers which are constantly used and I\'d rather not have to kill connections each time I make changes. Do the child processes re-read the config file? Prob. not. Too slow. :-(. Thanks in advance, Matt From chris_allen at aurema.com Thu Apr 13 01:19:45 2000 From: chris_allen at aurema.com (Chris Allen) Date: Tue Dec 2 02:29:24 2003 Subject: Bad stub data? - Win2K + TNG In-Reply-To: <4.2.0.58.20000412084739.00aabb20@pop3.noah.cnchost.com> Message-ID: Hi Paul, > Remove the old instances of TNG first then install the new > Some of the programs have moved to different directories and > you are mixing different versions. Look in sbin for all the daemons. Hmm - between each version I tried I completely removed all the binaries and config files. However, there is another Samba server (v2) on the network but serving a different workgroup - surely that's not affecting it? Thanks, Chris From chris_allen at aurema.com Thu Apr 13 01:25:56 2000 From: chris_allen at aurema.com (Chris Allen) Date: Tue Dec 2 02:29:24 2003 Subject: Bad stub data? - Win2K + TNG In-Reply-To: <38F4773C.EF8EE6DB@siac.com> Message-ID: Hi Michael, > I've seen the "bad stub" message when entering an incorrect > password (or at least a password that Samba believed was incorrect). > Pay particular attention to the mapping between /etc/passwd, > smbpasswd and the various usermap entries. Actually I don't have any usermap entries - maybe that's where I am going wrong. According to the smb.conf man page it didn't seem like I needed any in DC mode. > I've also seen in several > older alpha releases that to join a domain required the unix root > account and that the samba administrator account had to be the > unix root account and share the same password. I don't know if > this is still true... I haven't retested this lately. OK - I'll investigate this. > > Lastly, if this is not your problem, then the others on the list > more proficient than I will likely need debug level 100 logs from a > system compiled with password debugging enabled (built with > configure.developer). Eeeks - I thought level 6 debug level messages was more than enough to sift through :o) Thanks, Chris From karl at marvin.ERTW.ca Thu Apr 13 01:49:37 2000 From: karl at marvin.ERTW.ca (Karl Rossing) Date: Tue Dec 2 02:29:24 2003 Subject: i searched the archives... Message-ID: Since the listserve archive website does not currently work and www.deja.com did not anwer my question... here i go: Situation: Head office has 2 Windows NT 4.0 Domain Controllers Head office users login to the "Company" domain. 6 Branch offices have linux servers all on different subnets The branch office routers currently do not support Vlans. Each branch office is connected to head office via frame lines Goal: For the branch office users to login to the "Company" domain. This would allow allow laptop users to in and print from any branch office Questions: I was going to install samba as a BDC for each branch so that users can authenticate using the same username and passwd. Does the TNG support BDC's? If BDC"s are not supported currently under TNG, does anyone have any other sugestions? From lkcl at samba.org Thu Apr 13 02:41:53 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Group map files In-Reply-To: Message-ID: On Wed, 12 Apr 2000, Peter Svensson wrote: > On Wed, 12 Apr 2000, Luke Kenneth Casson Leighton wrote: > > > well, it may well be. there is still the issue where identical names in > > /etc/passwd and /etc/group cause recursion problems. > > Thre was some talk a while ago about automatically prepending/appending a > string to the group names when they are read from /etc/groups (e.g. > system -> G_system). For us poor souls out here that have lots of > identical group/usernames this would be a boon. yeah, i plan a regexp system, like this: domaingroup.map ($1)grp=($1) From lkcl at samba.org Thu Apr 13 02:43:00 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Bad stub data? - Win2K + TNG In-Reply-To: <955532788.534754@swelter.sw.oz.au> Message-ID: On Wed, 12 Apr 2000, Chris Allen wrote: > > Hi, > > I am trying to get Windows 2000 Prof to work with TNG - I can get the > workstation to join the domain OK, but when I try to login I get this error > (on the Win box): > > The stub received bad data. i fixed that. From lkcl at samba.org Thu Apr 13 02:49:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: WIN2K shares In-Reply-To: <0851.000412@gs.nsc.ru> Message-ID: On Wed, 12 Apr 2000, Alex A. Emanov wrote: > Hello All, > There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) > When connecting from PDC to Win200-Professional(controlled by this PDC) > using smbclient: > > #smbclient -L WIN2K -W DOMAIN -U user > Password: > 1st session setup ok > 2nd session setup ok > failed tcon_X > failed session request urr...... urr... no, it's not because of RestrictAnonymous=0x2, you specified user/dom/pass. urr... don't know! From lkcl at samba.org Thu Apr 13 02:52:35 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Group map files In-Reply-To: Message-ID: On Thu, 13 Apr 2000, Michael S. Hulet wrote: > The size of the /etc/group observation is not definitive. It seems to > also be affected by the load on the server. But if my /etc/group is > < 3500 characters, everything seems to work as advertised. yeah, it's going order n-cubed, stowing your cpu at 100% for a few seconds: enough for nt clients to think you've taken a walk... From lkcl at samba.org Thu Apr 13 03:09:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Adding a NT BDC to the Samba PDC In-Reply-To: Message-ID: oh, that's funny. sorry, i never tried that. i _think_ we are missing some of the sam sync APIs. On Thu, 13 Apr 2000, Oliver Stockhammer wrote: > Hello, > I am attempting to install a windows NT BDC on my Samba Controlled > domain. When I install the NT BDC, it crashes hard when I add the machine > to the domain. Basically it gives me a fatal error during > installation. When I add the NT box to the domain (HYDRANET), and submit > the administrative user name and password (smbroot), NT gives back an > application error has occurred and reboots. Any ideas? > We are attempting to run Samba as a PDC for our NT servers and > therefore would like them to act as BDCs to the sambe run domain. > > I have provided a tcpdump and the log.smb below. > > tcpdump: > ---Cut Text--- > 13:00:31.924234 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: S > 1743106:1743106(0) win 8192 (DF) (ttl 128, id 9216) > 13:00:31.924282 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: S > 2368684107:2368684107(0) ack 1743107 win 32120 (DF) (ttl 64, id > 49771) > 13:00:31.924472 < 192.168.1.97.rdpsig > > 192.168.1.76.netbios-ssn: . 1:1(0) ack 1 win 8760 (DF) (ttl 128, id 9472) > 13:00:31.924489 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P > 1:73(72) ack 1 win 8760>>> NBT (DF) (ttl 128, id 9728) > 13:00:31.924551 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpsig: . 1:1(0) ack 73 win 32120 (DF) (ttl 64, id 49772) > 13:00:31.934316 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P > 1:5(4) ack 73 win 32120>>> NBT (DF) (ttl 64, id 49787) > 13:00:31.934633 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P > 73:247(174) ack 5 win 8756>>> NBT (DF) (ttl 128, id 9984) > 13:00:31.937167 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P > 5:95(90) ack 247 win 32120>>> NBT (DF) (ttl 64, id 49788) > 13:00:31.938809 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: P > 247:444(197) ack 95 win 8666>>> NBT (DF) (ttl 128, id 10240) > 13:00:31.940940 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpsig: . 95:95(0) ack 444 win 32120 (DF) (ttl 64, id 49792) > 13:00:31.955024 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: P > 95:134(39) ack 444 win 32120>>> NBT (DF) (ttl 64, id 49800) > 13:00:31.955277 < 192.168.1.97.rdpsig > 192.168.1.76.netbios-ssn: F > 444:444(0) ack 134 win 8627 (DF) (ttl 128, id 10496) > 13:00:31.955320 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpsig: . 134:134(0) ack 445 win 32120 (DF) (ttl 64, id > 49801) > 13:00:31.955569 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpsig: F > 134:134(0) ack 445 win 32120 (DF) (ttl 64, id 49802) > 13:00:31.955738 < 192.168.1.97.rdpsig > > 192.168.1.76.netbios-ssn: . 445:445(0) ack 135 win 8627 (DF) (ttl 128, id > 10752) > 13:00:49.890805 < 192.168.1.97.netbios-dgm > 192.168.1.76.netbios-dgm: NBT > UDP (138) (ttl 128, id 11008) > 13:00:49.891719 > 192.168.1.76.netbios-dgm > 192.168.1.97.netbios-dgm: NBT > UDP (138) (ttl 64, id 49813) > 13:00:49.899222 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: S > 1761082:1761082(0) win 8192 (DF) (ttl 128, id 11264) > 13:00:49.899271 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: S > 2393645878:2393645878(0) ack 1761083 win 32120 (DF) (ttl 64, id > 49815) > 13:00:49.899489 < 192.168.1.97.rdpdata > > 192.168.1.76.netbios-ssn: . 1:1(0) ack 1 win 8760 (DF) (ttl 128, id 11520) > 13:00:49.899507 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1:73(72) ack 1 win 8760>>> NBT (DF) (ttl 128, id 11776) > 13:00:49.899565 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpdata: . 1:1(0) ack 73 win 32120 (DF) (ttl 64, id 49816) > 13:00:49.909134 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 1:5(4) ack 73 win 32120>>> NBT (DF) (ttl 64, id 49831) > 13:00:49.909449 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 73:247(174) ack 5 win 8756>>> NBT (DF) (ttl 128, id 12032) > 13:00:49.911725 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpdata: . 5:5(0) ack 247 win 32120 (DF) (ttl 64, id 49832) > 13:00:49.911997 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 5:95(90) ack 247 win 32120>>> NBT (DF) (ttl 64, id 49833) > 13:00:49.913473 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 247:441(194) ack 95 win 8666>>> NBT (DF) (ttl 128, id 12288) > 13:00:49.921722 > 192.168.1.76.netbios-ssn > > 192.168.1.97.rdpdata: . 95:95(0) ack 441 win 32120 (DF) (ttl 64, id 49840) > 13:00:49.980151 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 95:184(89) ack 441 win 32120>>> NBT (DF) (ttl 64, id 49860) > 13:00:50.017614 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 441:536(95) ack 184 win 8577>>> NBT (DF) (ttl 128, id 12544) > 13:00:50.020325 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 184:291(107) ack 536 win 32120>>> NBT (DF) (ttl 64, id 49861) > 13:00:50.020750 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 536:688(152) ack 291 win 8470>>> NBT (DF) (ttl 128, id 12800) > 13:00:50.025510 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 291:419(128) ack 688 win 32120>>> NBT (DF) (ttl 64, id 49862) > 13:00:50.025857 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 688:836(148) ack 419 win 8342>>> NBT (DF) (ttl 128, id 13056) > 13:00:50.031181 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 419:611(192) ack 836 win 32120>>> NBT (DF) (ttl 64, id 49863) > 13:00:50.031526 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 836:882(46) ack 611 win 8150>>> NBT (DF) (ttl 128, id 13312) > 13:00:50.032414 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 611:650(39) ack 882 win 32120>>> NBT (DF) (ttl 64, id 49864) > 13:00:50.037042 < 192.168.1.97.netbios-dgm > 192.168.1.76.netbios-dgm: NBT > UDP (138) (ttl 128, id 13568) > 13:00:50.037849 > 192.168.1.76.netbios-dgm > 192.168.1.97.netbios-dgm: NBT > UDP (138) (ttl 64, id 49865) > 13:00:50.062002 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 882:975(93) ack 650 win 8111>>> NBT (DF) (ttl 128, id 13824) > 13:00:50.064685 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 650:757(107) ack 975 win 32120>>> NBT (DF) (ttl 64, id 49866) > 13:00:50.065058 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 975:1127(152) ack 757 win 8004>>> NBT (DF) (ttl 128, id 14080) > 13:00:50.069877 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 757:885(128) ack 1127 win 32120>>> NBT (DF) (ttl 64, id 49867) > 13:00:50.070208 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1127:1275(148) ack 885 win 7876>>> NBT (DF) (ttl 128, id 14336) > 13:00:50.074752 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 885:993(108) ack 1275 win 32120>>> NBT (DF) (ttl 64, id 49868) > 13:00:50.075563 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1275:1370(95) ack 993 win 7768>>> NBT (DF) (ttl 128, id 14592) > 13:00:50.078327 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 993:1100(107) ack 1370 win 32120>>> NBT (DF) (ttl 64, id 49869) > 13:00:50.078660 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1370:1522(152) ack 1100 win 7661>>> NBT (DF) (ttl 128, id 14848) > 13:00:50.083534 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 1100:1228(128) ack 1522 win 32120>>> NBT (DF) (ttl 64, id 49870) > 13:00:50.083855 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1522:1694(172) ack 1228 win 7533>>> NBT (DF) (ttl 128, id 15104) > 13:00:50.088394 > 192.168.1.76.netbios-ssn > 192.168.1.97.rdpdata: P > 1228:1336(108) ack 1694 win 32120>>> NBT (DF) (ttl 64, id 49871) > 13:00:50.088734 < 192.168.1.97.rdpdata > 192.168.1.76.netbios-ssn: P > 1694:1820(126) ack 1336 win 7425>>> NBT (DF) (ttl 128, id 15360) > ---END CUT--- > > log.smb : > ---CUT TEXT--- > [2000/04/12 13:00:31, 6] param/loadparm.c:lp_file_list_changed(1855) > lp_file_list_changed() > file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 > 2000 > > [2000/04/12 13:00:31, 10] lib/genrand.c:do_reseed(135) > do_reseed: got 40 bytes from /dev/urandom. > [2000/04/12 13:00:31, 6] param/loadparm.c:lp_file_list_changed(1855) > lp_file_list_changed() > file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 > 2000 > > [2000/04/12 13:00:31, 2] smbd/server.c:main(735) > Changed root to / > [2000/04/12 13:00:31, 3] smbd/oplock.c:open_oplock_ipc(86) > open_oplock_ipc: opening loopback UDP socket. > [2000/04/12 13:00:31, 3] lib/util_sock.c:open_socket_in(865) > bind succeeded on port 0 > [2000/04/12 13:00:31, 3] smbd/oplock.c:open_oplock_ipc(114) > open_oplock ipc: pid = 13474, global_oplock_port = 1073 > [2000/04/12 13:00:31, 4] lib/time.c:TimeInit(110) > Serverzone is 14400 > [2000/04/12 13:00:31, 10] > lib/util_sock.c:read_smb_length_return_keepalive(599) > got smb length of 68 > [2000/04/12 13:00:31, 1] lib/util_sock.c:client_name(997) > Gethostbyaddr failed for 192.168.1.97 > [2000/04/12 13:00:31, 2] lib/access.c:check_access(258) > Allowed connection from 192.168.1.97 (192.168.1.97) > [2000/04/12 13:00:31, 6] smbd/process.c:process_smb(614) > got message type 0x81 of len 0x44 > [2000/04/12 13:00:31, 3] smbd/process.c:process_smb(615) > Transaction 0 of length 72 > [2000/04/12 13:00:31, 2] smbd/reply.c:reply_special(97) > netbios connect: name1=NYCSERV1 name2=WS > [2000/04/12 13:00:49, 10] lib/genrand.c:do_reseed(135) > do_reseed: got 40 bytes from /dev/urandom. > [2000/04/12 13:00:49, 6] param/loadparm.c:lp_file_list_changed(1855) > lp_file_list_changed() > file /etc/smb.conf -> /etc/smb.conf last mod_time: Wed Apr 12 10:34:08 > 2000 > > [2000/04/12 13:00:49, 2] smbd/server.c:main(735) > Changed root to / > [2000/04/12 13:00:49, 3] smbd/oplock.c:open_oplock_ipc(86) > open_oplock_ipc: opening loopback UDP socket. > [2000/04/12 13:00:49, 3] lib/util_sock.c:open_socket_in(865) > bind succeeded on port 0 > [2000/04/12 13:00:49, 3] smbd/oplock.c:open_oplock_ipc(114) > open_oplock ipc: pid = 13475, global_oplock_port = 1074 > [2000/04/12 13:00:49, 4] lib/time.c:TimeInit(110) > Serverzone is 14400 > [2000/04/12 13:00:49, 10] > lib/util_sock.c:read_smb_length_return_keepalive(599) > got smb length of 68 > [2000/04/12 13:00:49, 1] lib/util_sock.c:client_name(997) > Gethostbyaddr failed for 192.168.1.97 > [2000/04/12 13:00:49, 2] lib/access.c:check_access(258) > Allowed connection from 192.168.1.97 (192.168.1.97) > [2000/04/12 13:00:49, 6] smbd/process.c:process_smb(614) > got message type 0x81 of len 0x44 > [2000/04/12 13:00:49, 3] smbd/process.c:process_smb(615) > Transaction 0 of length 72 > [2000/04/12 13:00:49, 2] smbd/reply.c:reply_special(97) > netbios connect: name1=NYCSERV1 name2=WS > ---END CUT--- > > > -- > ,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, > ' Oliver Stockhammer / Hydraweb Technologies ' > Unix Sys Admin / 40 Broad St., ste2175 NY,NY,10004 > , oliver@hydraweb.com / ph.212.809.5900 fx.212.809.5932 , > ''''''''''''''''''''''''' ''''''''' > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu Apr 13 03:10:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: CVS question In-Reply-To: Message-ID: On Thu, 13 Apr 2000, Brady Wied wrote: > I know this is a dumb question, but how do I pull the latest TNG down with > cvs? > > I have been using cvs -d :pserver:cvs@cvs.samba.org:/cvsroot co samba but co -r SAMBA_TNG samba new directory needed. From kirk at n0tia.ampr.org Thu Apr 13 03:14:32 2000 From: kirk at n0tia.ampr.org (Kirk Wolff) Date: Tue Dec 2 02:29:24 2003 Subject: Fw: Bad stub data? - Win2K + TNG Message-ID: <001101bfa4f6$644707f0$69115e2c@n0tia.ampr.org> What is TNG? I am running the latest samba from the cvs: [root@ip-fwd source]# smbd -V Version pre-3.0.0 Is this TNG? I am also having trouble with NTDC... I am so lost to how to get NTDc to> work I am going to pull my hair out. I 'think' that I got the ENCRYPTION.txt stuff all set up properly, and I have smb.conf set for domain controller and security=domain. Before I moved to pre3.0.0, the password for swat worked properly, but when I moved to this version, the password for root stopped working. But when I log in as a smbpasswd-registered-user (or manbe just linux-registered) I can log in. (But then I have to re-enter my username and password every time a button comes up (i.e. shares, status, etc) on the browser) I am running win2k-pro and I cannot get it to recognise the domain. Is is possible that I cannot use numbers and letters in the domain name such as the one I am using? I am using my call sign: N0TIA I hope you can help. I know you don't like it, but I have appended the output of my smb.conf Thanks ----- Original Message ----- From: "Luke Kenneth Casson Leighton" > To: "Multiple recipients of list SAMBA-NTDOM" > Sent: Wednesday, April 12, 2000 9:46 PM > Subject: Re: Bad stub data? - Win2K + TNG > > > > On Wed, 12 Apr 2000, Chris Allen wrote: > > > > > > > > Hi, > > > > > > I am trying to get Windows 2000 Prof to work with TNG - I can get the > > > workstation to join the domain OK, but when I try to login I get this > error > > > (on the Win box): > > > > > > The stub received bad data. > > > > i fixed that. > # Samba config file created using SWAT # from irony (44.94.17.105) # Date: 2000/04/11 03:47:28 # Global parameters [global] debuglevel = 20 workgroup = N0TIA netbios name = IP-FWD server string = Samba Server interfaces = 44.94.17.110/255.255.255.248 bind interfaces only = Yes security = DOMAIN encrypt passwords = Yes unix password sync = No log level = 4 log file = /var/log/samba/log.%m max log size = 50 time server = No socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins proxy = No wins support = Yes comment = Linux Samba Server [homes] comment = Home Directories path = /home/%u read only = No [printers] comment = All Printers path = /var/spool/samba print ok = Yes browseable = No [doc] comment = Documentation From lkcl at samba.org Thu Apr 13 03:22:14 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Signals In-Reply-To: <200004130039.KAA28452@mail.xavier.sa.edu.au> Message-ID: kill -HUP. doesn't help you on pre-established connections, only new ones. On Thu, 13 Apr 2000, Matthew Geddes wrote: > Just a quicky, > > Does either TNG or Samba 2.x react to any signals to > make it re-read smb.conf? We have a number of servers > which are constantly used and I\'d rather not have to > kill connections each time I make changes. > > Do the child processes re-read the config file? Prob. > not. Too slow. :-(. > > Thanks in advance, > Matt > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu Apr 13 03:22:46 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: Bad stub data? - Win2K + TNG In-Reply-To: Message-ID: > Eeeks - I thought level 6 debug level messages was more than enough to sift > through :o) no, it's never enough. From kirk at n0tia.ampr.org Thu Apr 13 03:34:07 2000 From: kirk at n0tia.ampr.org (Kirk Wolff) Date: Tue Dec 2 02:29:24 2003 Subject: OKOKOK... Message-ID: <002c01bfa4f9$203ffe60$69115e2c@n0tia.ampr.org> Sorry again. I stumbled upon the Correct FAQ for this page: http://www.kneschke.de/projekte/samba_tng/faq/index.php3, which is, of course, NOT SAMBA, but Samba TNG... I now know what you gues are using and talking about. I am now downloading TNG -------------- next part -------------- HTML attachment scrubbed and removed From alex at gs.nsc.ru Thu Apr 13 04:01:12 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:24 2003 Subject: TNG Strange problems. In-Reply-To: <4.3.1.0.20000412201348.00b3e7f0@mail> References: <4.3.1.0.20000412201348.00b3e7f0@mail> Message-ID: <9459.000413@gs.nsc.ru> Hello, Thursday, April 13, 2000, 1:21:17 AM, you wrote: DBG> Hi, DBG> Somebody saw the situation when all machines logged into domain DBG> successfully but users from NT Machines unable to rename any files or DBG> directories with the message "permission denied" and Windows 98 machines DBG> unable to access NT shares? (BTW, it is necessary to manually create DBG> win98pc$ accounts in smbpasswd?) Similar situation when connecting from win98 to Win2k professional in samba controlled domain. It returns either Eroor 31, or password incorect. DBG> Running RedHAT 6.1 DBG> TNG-alpha-2.3 From alex at gs.nsc.ru Thu Apr 13 04:54:47 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:24 2003 Subject: WIN2K shares In-Reply-To: References: Message-ID: <0496.000413@gs.nsc.ru> Hello, Thursday, April 13, 2000, 9:49:32 AM, you wrote: LKCL> On Wed, 12 Apr 2000, Alex A. Emanov wrote: >> There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) >> When connecting from PDC to Win200-Professional(controlled by this PDC) >> using smbclient: >> >> #smbclient -L WIN2K -W DOMAIN -U user >> Password: >> 1st session setup ok >> 2nd session setup ok >> failed tcon_X >> failed session request LKCL> urr...... LKCL> urr... no, it's not because of RestrictAnonymous=0x2, you specified LKCL> user/dom/pass. Can the same local username affect it? LKCL> urr... don't know! I can't to conect to win2k shares from win98 in samba controlled domain. It would be similar problem......? May be log level 9 can show somthing? alex@mpool# ./smbclient -L alex -U alex -d 9 doing parameter timestamp logs = Yes doing parameter debug hires timestamp = Yes doing parameter debug pid = Yes doing parameter debug uid = Yes doing parameter announce version = 5.2 doing parameter name resolve order = wins lmhosts host bcast doing parameter time server = Yes doing parameter deadtime = 5 doing parameter keepalive = 60 doing parameter load printers = No doing parameter local group map = /usr/local/samba/private/domainalias.map doing parameter domain group map = /usr/local/samba/private/domaingroup.map doing parameter logon script = login.bat doing parameter logon path = \\MPOOL\profile\%U doing parameter logon drive = U: doing parameter logon home = \\MPOOL\%U doing parameter domain logons = Yes doing parameter os level = 65 doing parameter lm announce = False doing parameter preferred master = True doing parameter domain master = True doing parameter wins proxy = Yes doing parameter wins server = 192.168.1.1 doing parameter remote announce = 192.168.1.255/GSN 192.168.1.255/GS doing parameter remote browse sync = 192.168.1.255 doing parameter wide links = No doing parameter follow symlinks = No pm_process() returned Yes added interface ip=192.168.1.11 bcast=192.168.1.255 nmask=255.255.255.0 not adding duplicate interface 192.168.1.11 Client started (version TNG-alpha). Password: cli_establish_connection: MPOOL<00> connecting to ALEX<20> (0.0.0.0) - alex [GSN ] with NTLMv1, nopw: No resolve_wins: Attempting wins lookup for name alex<0x20> bind succeeded on port 0 Sending a packet of len 50 to (192.168.1.1) on port 137 Received a packet of len 62 from (192.168.1.1) port 137 nmb packet from 192.168.1.1(137) header: id=6125 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=ALEX<20> rr_type=32 rr_class=1 ttl=450420 answers 0 char `..... hex 6000C0A80184 Got a positive name query response from 192.168.1.1 ( 192.168.1.132 ) Connecting to 192.168.1.132 at port 139 write_socket(3,76) write_socket(3,76) wrote 76 Sent session request size=0 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 size=164 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=0 smb_mid=1 smt_wct=0 smb_bcc=129 write_socket(3,168) write_socket(3,168) wrote 168 size=85 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[0]=7 (0x7) smb_vwv[1]=2563 (0xA03) smb_vwv[2]=256 (0x100) smb_vwv[3]=1024 (0x400) smb_vwv[4]=17 (0x11) smb_vwv[5]=0 (0x0) smb_vwv[6]=256 (0x100) smb_vwv[7]=0 (0x0) smb_vwv[8]=0 (0x0) smb_vwv[9]=64768 (0xFD00) smb_vwv[10]=227 (0xE3) smb_vwv[11]=28800 (0x7080) smb_vwv[12]=17018 (0x427A) smb_vwv[13]=65054 (0xFE1E) smb_vwv[14]=49060 (0xBFA4) smb_vwv[15]=23553 (0x5C01) smb_vwv[16]=254 (0xFE) smb_bcc=16 size=85 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[0]=7 (0x7) smb_vwv[1]=2563 (0xA03) smb_vwv[2]=256 (0x100) smb_vwv[3]=1024 (0x400) smb_vwv[4]=17 (0x11) smb_vwv[5]=0 (0x0) smb_vwv[6]=256 (0x100) smb_vwv[7]=0 (0x0) smb_vwv[8]=0 (0x0) smb_vwv[9]=64768 (0xFD00) smb_vwv[10]=227 (0xE3) smb_vwv[11]=28800 (0x7080) smb_vwv[12]=17018 (0x427A) smb_vwv[13]=65054 (0xFE1E) smb_vwv[14]=49060 (0xBFA4) smb_vwv[15]=23553 (0x5C01) smb_vwv[16]=254 (0xFE) smb_bcc=16 size=139 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=0 smb_mid=1 smt_wct=12 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=17408 (0x4400) smb_vwv[3]=2 (0x2) smb_vwv[4]=31713 (0x7BE1) smb_vwv[5]=0 (0x0) smb_vwv[6]=0 (0x0) smb_vwv[7]=67 (0x43) smb_vwv[8]=0 (0x0) smb_vwv[9]=0 (0x0) smb_vwv[10]=68 (0x44) smb_vwv[11]=32768 (0x8000) smb_bcc=80 write_socket(3,143) write_socket(3,143) wrote 143 size=207 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=4 smb_vwv[0]=255 (0xFF) smb_vwv[1]=207 (0xCF) smb_vwv[2]=0 (0x0) smb_vwv[3]=127 (0x7F) smb_bcc=164 size=207 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=4 smb_vwv[0]=255 (0xFF) smb_vwv[1]=207 (0xCF) smb_vwv[2]=0 (0x0) smb_vwv[3]=127 (0x7F) smb_bcc=164 1st session setup ok make_rpc_auth_ntlmssp_resp dom: GSN user: alex wks: MPOOL neg_flgs: 0x82b1 000000 smb_io_rpc_auth_ntlmssp_resp ntlmssp_resp 000000 smb_io_strhdr hdr_lm_resp 0000 str_str_len: 0018 0002 str_max_len: 0018 0004 buffer : 00000058 000008 smb_io_strhdr hdr_nt_resp 0008 str_str_len: 0018 000a str_max_len: 0018 000c buffer : 00000070 000010 smb_io_strhdr hdr_domain 0010 str_str_len: 0006 0012 str_max_len: 0006 0014 buffer : 00000040 000018 smb_io_strhdr hdr_user 0018 str_str_len: 0008 001a str_max_len: 0008 001c buffer : 00000046 000020 smb_io_strhdr hdr_wks 0020 str_str_len: 000a 0022 str_max_len: 000a 0024 buffer : 0000004e 000028 smb_io_strhdr hdr_sess_key 0028 str_str_len: 0000 002a str_max_len: 0000 002c buffer : 00000088 0030 neg_flags: 000082b1 0034 domain : G.S.N. 003a user : a.l.e.x. 0042 wks : M.P.O.O.L. 004c lm_resp : 9d 26 3f f5 98 05 38 5a 83 41 2f 3b 20 7e 92 8d 58 37 e2 82 1 5 b9 23 15 0064 nt_resp : f3 1f 7a a7 3b 36 2e d1 93 1c c6 8f 40 7d 08 2e 94 d6 2f c0 b 0 45 6a 54 size=224 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=12 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=17408 (0x4400) smb_vwv[3]=2 (0x2) smb_vwv[4]=31713 (0x7BE1) smb_vwv[5]=0 (0x0) smb_vwv[6]=0 (0x0) smb_vwv[7]=152 (0x98) smb_vwv[8]=0 (0x0) smb_vwv[9]=0 (0x0) smb_vwv[10]=68 (0x44) smb_vwv[11]=32768 (0x8000) smb_bcc=165 write_socket(3,228) write_socket(3,228) wrote 228 size=35 smb_com=0x73 smb_rcls=252 smb_reh=241 smb_err=49087 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=0 smb_bcc=0 size=35 smb_com=0x73 smb_rcls=252 smb_reh=241 smb_err=49087 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=0 smb_bcc=0 2nd session setup ok size=62 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=4 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=0 (0x0) smb_vwv[3]=1 (0x1) smb_bcc=19 write_socket(3,66) write_socket(3,66) wrote 66 size=35 smb_com=0x75 smb_rcls=2 smb_reh=0 smb_err=91 smb_flg=136 smb_flg2=2049 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=0 smb_bcc=0 size=35 smb_com=0x75 smb_rcls=2 smb_reh=0 smb_err=91 smb_flg=136 smb_flg2=2049 smb_tid=0 smb_pid=31713 smb_uid=2048 smb_mid=1 smt_wct=0 smb_bcc=0 failed tcon_X cli_establish_connection: MPOOL<00> connecting to *SMBSERVER<20> (192.168.1.132) - alex [GSN] with NTLMv1, nopw: No write_socket(3,76) write_socket(3,76) wrote 76 Sent session request size=0 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 failed session request alex@mpool# Thanks, Alex mailto:alex@gs.nsc.ru From lkcl at samba.org Thu Apr 13 05:15:35 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:24 2003 Subject: WIN2K shares In-Reply-To: <0496.000413@gs.nsc.ru> Message-ID: On Thu, 13 Apr 2000, Alex A. Emanov wrote: > Hello, > > > Thursday, April 13, 2000, 9:49:32 AM, you wrote: > > LKCL> On Wed, 12 Apr 2000, Alex A. Emanov wrote: > > > >> There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) > >> When connecting from PDC to Win200-Professional(controlled by this PDC) > >> using smbclient: > >> > >> #smbclient -L WIN2K -W DOMAIN -U user > >> Password: > >> 1st session setup ok > >> 2nd session setup ok > >> failed tcon_X > >> failed session request > > LKCL> urr...... > > LKCL> urr... no, it's not because of RestrictAnonymous=0x2, you specified > LKCL> user/dom/pass. > Can the same local username affect it? > > LKCL> urr... don't know! > I can't to conect to win2k shares from win98 in samba controlled > domain. It would be similar problem......? > May be log level 9 can show somthing? ah, ok, i get it: the pass-thru authentication, from the nt5 wks to the samba-tng PDC is failing. well, no surprise there, try 2.4 and let me know if it works, and if it doesn't i'll try and remember to test it here :) From pmal at space.gr Thu Apr 13 06:09:25 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:24 2003 Subject: "Could not find domain controller for this domain" Message-ID: <00cb01bfa50e$d1e90de0$0602000a@space.gr> I get this error message when I try to create the trust relationship between winnt pdc and samba pdc. Any clues? From Markus.Holzheimer at fthw.siemens.de Thu Apr 13 06:10:58 2000 From: Markus.Holzheimer at fthw.siemens.de (Holzheimer Markus) Date: Tue Dec 2 02:29:24 2003 Subject: problem: automaticaly create and delete users (samba/nt) Message-ID: Hello Folks, i'm sure this question isn't new. in this case maybe you can point me to a faq or something other to get my answer. here is the situation: we switched from a 70-server-nt-world to a sun e10k-solaris-environment. it's running pretty well and there are almost no problems. but one thing is a little bit tricky. we run one e10k-domain with a samba filesystem which authorizes on a real nt-domain. so far so good. the next thing is that we have many trusts to other plant-locations. so we have to grant file-access on our server to peoble at the other location. the thing is that the users at the other locations are in "clean" nt-domains and global groups (the right should be granted to the groups). the problem is: we need a unix-account for every user who wants access to the samba-filesystem. with users in our domain this isn't a problem. but: we are looking for the possibility to grant rights for nt-groups from other locations to our filesystem. so we have to do the following manually: 1. check who want's to get access 2. check the users nt-group-membership on the other locations nt-domain 3. create a unix-account 4. grant permissions to the file-system this should be done automatically from the system. does anyone have an idea how we can do this ? if the problem is not clear i will answer any further question per e-mail. thank you very much ! Markus ________________________________________________________________ SIEMENS AG Automation & Drives, Systems Engineering (A&D SE) Organization and Information / Technology (OI T) Local Registration Authority (PKI) Phone: +49-911-750-4869 Fax: +49-911-750-9979 From fabian at guternet.de Thu Apr 13 10:10:38 2000 From: fabian at guternet.de (Fabian Guter) Date: Tue Dec 2 02:29:24 2003 Subject: Help a rookie: Samba 2.0.5+RH 6.1+Existing NT domain working In-Reply-To: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Greg! > Yet, I am still unable to view this machine in the network > neighborhood. Although if I go to a second Linux box and install > samba, I am able to connect to it via the smbclient program. > > I added the machine to the existing NT domain as directed and > recieved no errors. I am able to do to the NT 4.0 Server Manager > and see the > properties > of the server. > > Yet, when logged into the domain on my Win 98 machine, I do NOT see > the Linux Samba server listed in my NN. By default, Samba pretends to be a NT Server. In the Server Manager you can see that the Samba machine appears as 'NT 4.2 Server' or sth. similar. In many domains, the servers aren't visible to the clients in the network neighborhood. I had the same problem once. After I told Samba to identify as a NT Workstation, everything was fine... I just can't tell you which option in smb.conf contains the parameter of the OS, but you can easily change it with SWAT. Hope to helped you, Fabian - -- Fabian Guter - -PGP-Key a. Anfrage od. bei den Key-Servern- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.3 for non-commercial use iQA/AwUBOPWPD5MhDe7uCwcIEQKc+gCggBhxe1Emiqg7Aea8Uyfzd+/zOzwAoJ/h VX1WPE53jnpkQLHp1iIoLcYf =nzKK -----END PGP SIGNATURE----- From ggeorge at digisolv.com Wed Apr 12 19:45:14 2000 From: ggeorge at digisolv.com (Gerry George) Date: Tue Dec 2 02:29:24 2003 Subject: SUMMARY - Re: Issues with SAMBA install In-Reply-To: <20000412094259.B99602AE82@i3.golden.dom> References: <4.3.2.20000411134914.051f5c50@mail.digisolv.com> <4.3.2.20000411134914.051f5c50@mail.digisolv.com> Message-ID: <4.3.2.20000412152922.04bfc830@mail.digisolv.com> Thanks for all of the responses to my Samba install. I received a number of suggestions, but by far, the best for my "private" share is not the hidden share, which would require extra effort on the part of the admin after login, but the following by giulioo@pobox.com - the use of a custom share via an "include" file. > >Can one create a share for a specific user or group **which is only visible > >to that group**? I would like to create a share of the entire file system >include = /path/file.conf.%U >then in /path/file.conf. put the share definitions for the >specific user. I'll investigate the "wins hook" option as per Luke Kenneth Casson Leighton and others. - Yes, my Samba server is also a wins server. swaters@amicus.com also suggested in answer to another question: > > Is there an X-client for SMB to allow one to browse and use > > SMB shares from within X? http://freshmeat.net/search.php3?query=gnomba Thanks all. As always, I am impressed with the speed and the quality of responses. Keep up the good work. Gerry George Gerry E. George Information Technology Specialist, DigiSolv, Inc. http://www.digisolv.com .. From tom at ee.ucl.ac.uk Thu Apr 13 13:11:05 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:24 2003 Subject: Missing } in locking/locking.c Message-ID: <200004131311.OAA00565@picard.ee.ucl.ac.uk> Hello samba cvs update 1200BST 13/04/00 There is a } missing on line 192 of locking.c Also: Linking bin/smbd Undefined first referenced symbol in file inet_aton bin/.libs/libsamba.so ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd *** Error code 1 make: Fatal error: Command failed for target `bin/smbd' Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lisa at hermes.ewlab.usna.edu Thu Apr 13 13:19:11 2000 From: lisa at hermes.ewlab.usna.edu (Lisa Becktold {CADIG STAFF}) Date: Tue Dec 2 02:29:24 2003 Subject: make install/codepage segmentation Message-ID: <200004131319.JAA23708@leto15.usna.navy.mil> Hi - we've been having some problems with our e-mail system. I'm reposting this in case it didn't make it the first time... ------------- Begin Forwarded Message ------------- Date: Tue, 11 Apr 2000 14:34:37 -0400 (EDT) From: Lisa Becktold {CADIG STAFF} Subject: Re: make install/codepage segmentation To: tom@ee.ucl.ac.uk, mg@plum.de, lkcl@samba.org, samba-technical@samba.org, samba-ntdom@samba.org Thanks to Michael Glauche, Tom Crummey, and Luke Kenneth Casson Leighton for their responses. I did download both samba-tng-alpha-2.2 and samba-tng-alpha-2.3. Configure and make ran fine (although I saw a few warnings when I ran make). But again, when I ran "make install", the library and binary installation ran o.k., but the codepage installation bombed out! I tacked the "make install" output onto the end of this message.... Tom, you asked what version of gcc I was using, and whether I'm running a 32-bit or a 64-bit kernel. I'm using gcc 2.8.1, and I'm running a 64-bit kernel (On a Sun Enterprise 2, Solaris 2.7). These are the steps I'm using: Download latest samba-tng-alpha code ftp://samba.org/pub/samba/alpha/samba-tng-alpha.2.2.tar.gz Gunzip, untar samba-tng-alpha.2.2.tar.gz - it creates the directory samba-tng-alpha.2.2 Make a directory for the compiled code, libraries, etc. mkdir /usr/samba-tng-2.2 Run "configure" cd samba-tng-alpha.2.2/source ./configure --prefix=/usr/samba-tng-2.2 Run "make" Run "make install" Do you see any problems with the above? I'm trying to compile samba-tng-alpha-2.2 on a Sparc 20 (32-bit kernel) using the SUNWspro C compiler, but I don't think the compiled code will be too reliable (if it actually finishes compiling). I see lots of these messages: "warning: argument #x is incompatible with prototype" "rpc_parse/parse_lsa.c", line 470: warning: statement not reached" If you have any ideas, please let me know - I'd really like to get this version of Samba up and running. Here's "make install" output for samba-tng-alpha-2.2: ========================================================================= # make install Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -DLOGFILEBASE="/usr/usna/samba-tng-2.2/var" -DSMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.smb" -DNMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.nmb" -DCONFIGFILE="/usr/usna/samba-tng-2.2/lib/smb.conf" -DLMHOSTSFILE="/usr/usna/samba-tng-2.2/lib/lmhosts" -DSWATDIR="/usr/usna/samba-tng-2.2/swat" -DSBINDIR="/usr/usna/samba-tng-2.2/sbin" -DLOCKDIR="/usr/usna/samba-tng-2.2/var/locks" -DSMBRUN="/usr/usna/samba-tng-2.2/bin/smbrun" -DCODEPAGEDIR="/usr/usna/samba-tng-2.2/lib/codepages" -DDRIVERFILE="/usr/usna/samba-tng-2.2/lib/printers.def" -DBINDIR="/usr/usna/samba-tng-2.2/bin" -DFORMSFILE="/usr/usna/samba-tng-2.2/lib/ntforms.def" -DNTDRIVERSDIR="/usr/usna/samba-tng-2.2/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/usr/usna/samba-tng-2.2/bin/smbpasswd" -DSMB_PASSWD_FILE="/usr/usna/samba-tng-2.2/private/smbpasswd" -DSAM_DIR="/usr/usna/samba-tng-2.2/sam" -DSMB_PASSGRP_FILE="/usr/usna/samba-tng-2.2/private/smbpassgrp" -DSMB_GROUP_FILE="/usr/usna/samba-tng-2.2/private/smbgroup" -DSMB_ALIAS_FILE="/usr/usna/samba-tng-2.2/private/smbalias" Using LIBS = -lsec -lgen -lsocket -lnsl -ldl Installing bin/libmsrpc.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmb.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libnmb.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsamba.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libubiqx.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsamrpass.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/libsurs.la in /usr/usna/samba-tng-2.2/lib using libtool ---------------------------------------------------------------------- Libraries have been installed in: /usr/usna/samba-tng-2.2/lib If you ever happen to want to link against installed libraries in a given directory, LIBDIR, you must either use libtool, and specify the full pathname of the library, or use `-LLIBDIR' flag during linking and do at least one of the following: - add LIBDIR to the `LD_LIBRARY_PATH' environment variable during execution - use the `-RLIBDIR' linker flag See any operating system documentation about shared libraries for more information, such as the ld(1) and ld.so(8) manual pages. ---------------------------------------------------------------------- Installing bin/smbclient in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/testparm in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/testprns in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbrun in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbstatus in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/rpcclient in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbpasswd in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_smbcodepage in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_unicodemap in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/regedit in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/samedit in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/net in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/svccontrol in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/cmdat in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/ntspool in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/nmblookup in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/make_printerdef in /usr/usna/samba-tng-2.2/bin using libtool Installing bin/smbd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/lsarpcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/svcctld in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/spoolssd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/samrd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/srvsvcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/wkssvcd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/browserd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/netlogond in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/winregd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/nmbd in /usr/usna/samba-tng-2.2/sbin using libtool Installing bin/swat in /usr/usna/samba-tng-2.2/sbin using libtool Installing man pages in /usr/usna/samba-tng-2.2/man ====================================================================== The man pages have been installed. You may uninstall them using the command the command "make uninstallman" or make "uninstall" to uninstall binaries, man pages and shell scripts. ====================================================================== Installing scripts in /usr/usna/samba-tng-2.2/bin ====================================================================== The scripts have been installed. You may uninstall them using the command "make uninstallscripts" or "make install" to install binaries, man pages and shell scripts. You may recover the previous version (if any by "make revert". ====================================================================== Installing codepage files in /usr/usna/samba-tng-2.2/lib/codepages Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.437 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.437 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.737 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.737 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.775 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.775 /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CP775.TXT. Error was No such file or directory Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.850 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.850 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.852 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.852 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.861 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.861 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.932 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.932 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.866 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.866 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.949 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.949 Illegal Instruction - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.950 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.950 Illegal Instruction - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.936 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.936 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.1251 Segmentation Fault - core dumped Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.1251 /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CP1251.TXT. Error was No such file or directory Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-1 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-1 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-1 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-2 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-2 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-2 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-5 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-5 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-5 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-7 /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-7 is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-7 Segmentation Fault - core dumped Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.KOI-R /usr/usna/samba-tng-2.2/bin/make_smbcodepage: KOI-R is not a valid codepage. Creating unicode codepage file /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.KOI-R /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for file ./codepages/CPKOI-R.TXT. Error was No such file or directory ====================================================================== The code pages have been installed. You may uninstall them using the command "make uninstallcp" or make "uninstall" to uninstall binaries, man pages, shell scripts and code pages. ====================================================================== Installing SWAT in /usr/usna/samba-tng-2.2/swat Installing the Samba Web Admisistration Tool /usr/usna/samba-tng-2.2/swat/images/globals.gif /usr/usna/samba-tng-2.2/swat/images/home.gif /usr/usna/samba-tng-2.2/swat/images/passwd.gif /usr/usna/samba-tng-2.2/swat/images/printers.gif /usr/usna/samba-tng-2.2/swat/images/samba.gif /usr/usna/samba-tng-2.2/swat/images/shares.gif /usr/usna/samba-tng-2.2/swat/images/status.gif /usr/usna/samba-tng-2.2/swat/images/viewconfig.gif /usr/usna/samba-tng-2.2/swat/help/welcome.html /usr/usna/samba-tng-2.2/swat/help/DOMAIN_MEMBER.html /usr/usna/samba-tng-2.2/swat/help/LDAP.html /usr/usna/samba-tng-2.2/swat/help/debug2html.1.html /usr/usna/samba-tng-2.2/swat/help/lmhosts.5.html /usr/usna/samba-tng-2.2/swat/help/make_smbcodepage.1.html /usr/usna/samba-tng-2.2/swat/help/nmbd.8.html /usr/usna/samba-tng-2.2/swat/help/nmblookup.1.html /usr/usna/samba-tng-2.2/swat/help/rpcclient.1.html /usr/usna/samba-tng-2.2/swat/help/samba.7.html /usr/usna/samba-tng-2.2/swat/help/smb.conf.5.html /usr/usna/samba-tng-2.2/swat/help/smbclient.1.html /usr/usna/samba-tng-2.2/swat/help/smbd.8.html /usr/usna/samba-tng-2.2/swat/help/smbpasswd.5.html /usr/usna/samba-tng-2.2/swat/help/smbpasswd.8.html /usr/usna/samba-tng-2.2/swat/help/smbrun.1.html /usr/usna/samba-tng-2.2/swat/help/smbstatus.1.html /usr/usna/samba-tng-2.2/swat/help/smbtar.1.html /usr/usna/samba-tng-2.2/swat/help/swat.8.html /usr/usna/samba-tng-2.2/swat/help/testparm.1.html /usr/usna/samba-tng-2.2/swat/help/testprns.1.html /usr/usna/samba-tng-2.2/swat/include/footer.html /usr/usna/samba-tng-2.2/swat/include/header.html ====================================================================== The SWAT files have been installed. Remember to read the swat/README for information on enabling and using SWAT ====================================================================== ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 ------------- End Forwarded Message ------------- ---------------------------------------------------------- Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 United States Naval Academy - CADIG 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 From krautstrunk at pfh-goettingen.de Thu Apr 13 13:35:04 2000 From: krautstrunk at pfh-goettingen.de (Olaf Krautstrunk) Date: Tue Dec 2 02:29:24 2003 Subject: Remaining locked Shares after Logout WinNT Message-ID: <38F5CD08.D6B501B5@pfh-goettingen.de> I `ve set up a Samba PDC 2.0.6 for a NT Domain. It all works fine but after a user logs out there is still a share [profile] with the wkst-account and the user. So this wkst can not be used by another user to log in. smbstatus: Samba version 2.0.6 Service uid gid pid machine ---------------------------------------------- profile test2 studies 6533 siltest (192.168.1.169) Thu Apr 13 15:12:30 2000 I puffered it with `deadtime = 1`, but during this time nobody can access the Domain with this wkst. Who knows something about?? Olaf Krautstunk From nord at cdt.luth.se Thu Apr 13 15:09:22 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:25 2003 Subject: make install/codepage segmentation References: Message-ID: <38F5E322.3EE98A08@cdt.luth.se> Hi all, I had a problem similar to this earlier (very early on in TNG) on Solaris. Problem was it was creting a file called lib instead of a directory - so after that everything crashed with the same reults as below. If i creted the drictories by had *before* running the install it worked fine. May be completly unrelated... /James Luke Kenneth Casson Leighton wrote: > > can someone take a look at this, i cut make_codepage over from cvs main, > thx. > > On Wed, 12 Apr 2000, Lisa Becktold {CADIG STAFF} wrote: > > > Thanks to Michael Glauche, Tom Crummey, and Luke Kenneth Casson Leighton > > for their responses. > > > > I did download both samba-tng-alpha-2.2 and samba-tng-alpha-2.3. Configure > > and make ran fine (although I saw a few warnings when I ran make). > > But again, when I ran "make install", the library and binary installation > > ran o.k., but the codepage installation bombed out! > > > > I tacked the "make install" output onto the end of this message.... > > > > Tom, you asked what version of gcc I was using, and whether I'm running > > a 32-bit or a 64-bit kernel. I'm using gcc 2.8.1, and I'm running > > a 64-bit kernel (On a Sun Enterprise 2, Solaris 2.7). > > > > These are the steps I'm using: > > > > Download latest samba-tng-alpha code > > ftp://samba.org/pub/samba/alpha/samba-tng-alpha.2.2.tar.gz > > > > Gunzip, untar samba-tng-alpha.2.2.tar.gz - it creates the directory > > samba-tng-alpha.2.2 > > > > Make a directory for the compiled code, libraries, etc. > > mkdir /usr/samba-tng-2.2 > > > > Run "configure" > > cd samba-tng-alpha.2.2/source > > ./configure --prefix=/usr/samba-tng-2.2 > > > > Run "make" > > > > Run "make install" > > > > > > Do you see any problems with the above? > > > > I'm trying to compile samba-tng-alpha-2.2 on a Sparc 20 (32-bit kernel) > > using the SUNWspro C compiler, but I don't think the compiled code will > > be too reliable (if it actually finishes compiling). I see lots of > > these messages: > > > > "warning: argument #x is incompatible with prototype" > > "rpc_parse/parse_lsa.c", line 470: warning: statement not reached" > > > > If you have any ideas, please let me know - I'd really like to get this > > version of Samba up and running. > > > > Here's "make install" output for samba-tng-alpha-2.2: > > > > ========================================================================= > > # make install > > > > Using FLAGS = -O -Iinclude -I./include -I./ubiqx > > -I./smbwrapper > > -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 > > -DLOGFILEBASE="/usr/usna/samba-tng-2.2/var" > > -DSMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.smb" > > -DNMBLOGFILE="/usr/usna/samba-tng-2.2/var/log.nmb" > > -DCONFIGFILE="/usr/usna/samba-tng-2.2/lib/smb.conf" > > -DLMHOSTSFILE="/usr/usna/samba-tng-2.2/lib/lmhosts" > > -DSWATDIR="/usr/usna/samba-tng-2.2/swat" > > -DSBINDIR="/usr/usna/samba-tng-2.2/sbin" > > -DLOCKDIR="/usr/usna/samba-tng-2.2/var/locks" > > -DSMBRUN="/usr/usna/samba-tng-2.2/bin/smbrun" > > -DCODEPAGEDIR="/usr/usna/samba-tng-2.2/lib/codepages" > > -DDRIVERFILE="/usr/usna/samba-tng-2.2/lib/printers.def" > > -DBINDIR="/usr/usna/samba-tng-2.2/bin" > > -DFORMSFILE="/usr/usna/samba-tng-2.2/lib/ntforms.def" > > -DNTDRIVERSDIR="/usr/usna/samba-tng-2.2/lib" -DHAVE_INCLUDES_H > > -DPASSWD_PROGRAM="/bin/passwd" > > -DSMB_PASSWD_PROGRAM="/usr/usna/samba-tng-2.2/bin/smbpasswd" > > -DSMB_PASSWD_FILE="/usr/usna/samba-tng-2.2/private/smbpasswd" > > -DSAM_DIR="/usr/usna/samba-tng-2.2/sam" > > -DSMB_PASSGRP_FILE="/usr/usna/samba-tng-2.2/private/smbpassgrp" > > -DSMB_GROUP_FILE="/usr/usna/samba-tng-2.2/private/smbgroup" > > -DSMB_ALIAS_FILE="/usr/usna/samba-tng-2.2/private/smbalias" > > Using LIBS = -lsec -lgen -lsocket -lnsl -ldl > > Installing bin/libmsrpc.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsmb.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libnmb.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsamba.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libubiqx.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsamrpass.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsmbpw.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/libsurs.la in /usr/usna/samba-tng-2.2/lib using libtool > > ---------------------------------------------------------------------- > > Libraries have been installed in: > > /usr/usna/samba-tng-2.2/lib > > > > If you ever happen to want to link against installed libraries > > in a given directory, LIBDIR, you must either use libtool, and > > specify the full pathname of the library, or use `-LLIBDIR' > > flag during linking and do at least one of the following: > > - add LIBDIR to the `LD_LIBRARY_PATH' environment variable > > during execution > > - use the `-RLIBDIR' linker flag > > > > See any operating system documentation about shared libraries for > > more information, such as the ld(1) and ld.so(8) manual pages. > > ---------------------------------------------------------------------- > > Installing bin/smbclient in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/testparm in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/testprns in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/smbrun in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/smbstatus in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/rpcclient in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/smbpasswd in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/make_smbcodepage in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/make_unicodemap in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/regedit in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/samedit in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/net in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/svccontrol in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/cmdat in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/ntspool in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/nmblookup in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/make_printerdef in /usr/usna/samba-tng-2.2/bin using libtool > > Installing bin/smbd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/lsarpcd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/svcctld in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/spoolssd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/samrd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/srvsvcd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/wkssvcd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/browserd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/netlogond in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/winregd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/nmbd in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing bin/swat in /usr/usna/samba-tng-2.2/sbin using libtool > > Installing man pages in /usr/usna/samba-tng-2.2/man > > ====================================================================== > > The man pages have been installed. You may uninstall them using the command > > the command "make uninstallman" or make "uninstall" to uninstall binaries, > > man pages and shell scripts. > > ====================================================================== > > Installing scripts in /usr/usna/samba-tng-2.2/bin > > ====================================================================== > > The scripts have been installed. You may uninstall them using > > the command "make uninstallscripts" or "make install" to install binaries, > > man pages and shell scripts. You may recover the previous version (if any > > by "make revert". > > ====================================================================== > > Installing codepage files in /usr/usna/samba-tng-2.2/lib/codepages > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.437 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.437 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.737 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.737 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.775 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.775 > > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > > file ./codepages/CP775.TXT. Error was No such file or directory > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.850 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.850 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.852 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.852 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.861 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.861 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.932 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.932 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.866 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.866 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.949 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.949 > > Illegal Instruction - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.950 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.950 > > Illegal Instruction - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.936 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.936 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.1251 > > Segmentation Fault - core dumped > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.1251 > > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > > file ./codepages/CP1251.TXT. Error was No such file or directory > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-1 > > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-1 is not a valid codepage. > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-1 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-2 > > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-2 is not a valid codepage. > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-2 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-5 > > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-5 is not a valid codepage. > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-5 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.ISO8859-7 > > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: ISO8859-7 is not a valid codepage. > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.ISO8859-7 > > Segmentation Fault - core dumped > > Creating codepage file /usr/usna/samba-tng-2.2/lib/codepages/codepage.KOI-R > > /usr/usna/samba-tng-2.2/bin/make_smbcodepage: KOI-R is not a valid codepage. > > Creating unicode codepage file > > /usr/usna/samba-tng-2.2/lib/codepages/unicode_map.KOI-R > > /usr/usna/samba-tng-2.2/bin/make_unicodemap: failed to get the file size for > > file ./codepages/CPKOI-R.TXT. Error was No such file or directory > > ====================================================================== > > The code pages have been installed. You may uninstall them using the > > command "make uninstallcp" or make "uninstall" to uninstall binaries, > > man pages, shell scripts and code pages. > > ====================================================================== > > Installing SWAT in /usr/usna/samba-tng-2.2/swat > > Installing the Samba Web Admisistration Tool > > /usr/usna/samba-tng-2.2/swat/images/globals.gif > > /usr/usna/samba-tng-2.2/swat/images/home.gif > > /usr/usna/samba-tng-2.2/swat/images/passwd.gif > > /usr/usna/samba-tng-2.2/swat/images/printers.gif > > /usr/usna/samba-tng-2.2/swat/images/samba.gif > > /usr/usna/samba-tng-2.2/swat/images/shares.gif > > /usr/usna/samba-tng-2.2/swat/images/status.gif > > /usr/usna/samba-tng-2.2/swat/images/viewconfig.gif > > /usr/usna/samba-tng-2.2/swat/help/welcome.html > > /usr/usna/samba-tng-2.2/swat/help/DOMAIN_MEMBER.html > > /usr/usna/samba-tng-2.2/swat/help/LDAP.html > > /usr/usna/samba-tng-2.2/swat/help/debug2html.1.html > > /usr/usna/samba-tng-2.2/swat/help/lmhosts.5.html > > /usr/usna/samba-tng-2.2/swat/help/make_smbcodepage.1.html > > /usr/usna/samba-tng-2.2/swat/help/nmbd.8.html > > /usr/usna/samba-tng-2.2/swat/help/nmblookup.1.html > > /usr/usna/samba-tng-2.2/swat/help/rpcclient.1.html > > /usr/usna/samba-tng-2.2/swat/help/samba.7.html > > /usr/usna/samba-tng-2.2/swat/help/smb.conf.5.html > > /usr/usna/samba-tng-2.2/swat/help/smbclient.1.html > > /usr/usna/samba-tng-2.2/swat/help/smbd.8.html > > /usr/usna/samba-tng-2.2/swat/help/smbpasswd.5.html > > /usr/usna/samba-tng-2.2/swat/help/smbpasswd.8.html > > /usr/usna/samba-tng-2.2/swat/help/smbrun.1.html > > /usr/usna/samba-tng-2.2/swat/help/smbstatus.1.html > > /usr/usna/samba-tng-2.2/swat/help/smbtar.1.html > > /usr/usna/samba-tng-2.2/swat/help/swat.8.html > > /usr/usna/samba-tng-2.2/swat/help/testparm.1.html > > /usr/usna/samba-tng-2.2/swat/help/testprns.1.html > > /usr/usna/samba-tng-2.2/swat/include/footer.html > > /usr/usna/samba-tng-2.2/swat/include/header.html > > ====================================================================== > > The SWAT files have been installed. Remember to read the swat/README > > for information on enabling and using SWAT > > ====================================================================== > > > > > > > > > > > > ---------------------------------------------------------- > > Lisa M. Becktold - lisa@usna.navy.mil, (410) 293-6480 > > United States Naval Academy - CADIG > > 590 Holloway Road, Rickover Hall, Annapolis, MD 21402-5000 > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -- Technology is a word that describes something that doesn't work yet. Douglas Adams From oliver at hydraweb.com Thu Apr 13 15:14:51 2000 From: oliver at hydraweb.com (Oliver Stockhammer) Date: Tue Dec 2 02:29:25 2003 Subject: Win 2000 and domains... Message-ID: Hello, I was just wondering if you guys had plans to be able to control win 2000 domains as well. As I understand it, M$ has designed the 2000 server platform to be either a peer to peer controller (no more BDCs) or a standalone server. The implication of this is that the if you have a 2000 server as a controller, it will act as a PDC on the same level as the Samba PDC. How does samba fit into all of this, if at all? I'd be really sad if we can no longer control Windows domains from a Unix box. Take Care, Oliver -- ,,,,,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, ' Oliver Stockhammer / Hydraweb Technologies ' Unix Sys Admin / 40 Broad St., ste2175 NY,NY,10004 , oliver@hydraweb.com / ph.212.809.5900 fx.212.809.5932 , ''''''''''''''''''''''''' ''''''''' From cristianv at zeropiu.it Thu Apr 13 15:53:23 2000 From: cristianv at zeropiu.it (Christian Verdelli) Date: Tue Dec 2 02:29:25 2003 Subject: Ldap Problem Message-ID: I have compiled Samba with Ldap, but when I add users with smbpasswd it gives all users the same RID. So when I try to log with some user the ldap search, always give back the same user (the first I add). Why ? From rpaz at uevora.pt Thu Apr 13 16:14:37 2000 From: rpaz at uevora.pt (Rui Paz) Date: Tue Dec 2 02:29:25 2003 Subject: Security problem on shared folders Message-ID: <01b501bfa563$5d6b4640$12d888c1@kremlin> Hello to all, I'm new to this list and I have a question about setting up a Linux server to authenticate windows machines, I've success on this but I found one security problem that I don't know if is possible to solve. The problem is this: When a user login on the server from a windows machine he can write on is home on the linux server but is also possible to gain access for read on the other users area making run \\server\otheruser Tanks, Rui Paz From skvidal at phy.duke.edu Thu Apr 13 16:07:55 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:25 2003 Subject: Security problem on shared folders In-Reply-To: <01b501bfa563$5d6b4640$12d888c1@kremlin> Message-ID: > I'm new to this list and I have a question about setting up a Linux server > to authenticate windows machines, I've success on this but I found one > security problem that I don't know if is possible to solve. The problem is > this: > > When a user login on the server from a windows machine he can write on is > home on the linux server but is also possible to gain access for read on the > other users area making run \\server\otheruser change the read and execute access on the files and dirs of the home dirs. they are probably set 2775 or 0755 - which gives other and group read and execute access - hence why the dirs can be accessed. -sv From giulioo at pobox.com Thu Apr 13 16:18:37 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:25 2003 Subject: Security problem on shared folders In-Reply-To: <01b501bfa563$5d6b4640$12d888c1@kremlin> References: <01b501bfa563$5d6b4640$12d888c1@kremlin> Message-ID: <20000413161947.691462AF2F@i3.golden.dom> On Fri, 14 Apr 2000 02:03:45 +1000, hai scritto: >When a user login on the server from a windows machine he can write on is >home on the linux server but is also possible to gain access for read on the >other users area making run \\server\otheruser Add valid users = %S to the [homes] section -- giulioo@pobox.com From tom at ee.ucl.ac.uk Thu Apr 13 16:38:21 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:25 2003 Subject: Missing } in locking/locking.c Message-ID: <200004131638.RAA08742@picard.ee.ucl.ac.uk> Hello Lonnie, Sorry, you're right. My brain turned the 6 upside down between reading it and typing it... Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From jeremy at valinux.com Thu Apr 13 17:44:20 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:25 2003 Subject: Missing } in locking/locking.c References: <200004131638.RAA08742@picard.ee.ucl.ac.uk> Message-ID: <38F60774.C6BCA692@valinux.com> Tom Crummey wrote: > > Hello Lonnie, > > Sorry, you're right. My brain turned the 6 upside down between reading > it and typing it... My fault, sorry, I'm fixing it now.... Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From rpaz at uevora.pt Thu Apr 13 17:17:44 2000 From: rpaz at uevora.pt (Rui Paz) Date: Tue Dec 2 02:29:25 2003 Subject: Security problem on shared folders References: <01b501bfa563$5d6b4640$12d888c1@kremlin> <20000413161947.691462AF2F@i3.golden.dom> Message-ID: <01db01bfa56c$2eb5ca60$12d888c1@kremlin> ----- Original Message ----- From: "Giulio Orsero" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Thursday, April 13, 2000 5:23 PM Subject: Re: Security problem on shared folders > On Fri, 14 Apr 2000 02:03:45 +1000, hai scritto: > > >When a user login on the server from a windows machine he can write on is > >home on the linux server but is also possible to gain access for read on the > >other users area making run \\server\otheruser > Add > valid users = %S > to the [homes] section Tanks, It solves the problem. ___ Rui Paz From lonnie at borntreger.com Thu Apr 13 17:07:54 2000 From: lonnie at borntreger.com (Lonnie J. Borntreger) Date: Tue Dec 2 02:29:25 2003 Subject: Missing } in locking/locking.c In-Reply-To: <200004131638.RAA08742@picard.ee.ucl.ac.uk> Message-ID: <001101bfa56a$cfb930c0$0500000a@borntreger.com> The inet_aton problem appeared before. You should be able to solve it (until fixed by the overworked samba team) by adding -lresolv on the LIBS = line of the Makefile.in and re-configuring, or directly into the Makefile. I seem to remember back when this happened before, there eventually was a change that removed the need for -lresolv, I just don't remember what that change was. Lonnie Borntreger > -----Original Message----- > From: Tom Crummey [mailto:tom@ee.ucl.ac.uk] > Sent: Thursday, April 13, 2000 11:38 AM > To: lonnie@borntreger.com > Cc: samba-ntdom@samba.org > Subject: RE: Missing } in locking/locking.c > > > Hello Lonnie, > > Sorry, you're right. My brain turned the 6 upside down between reading > it and typing it... > > Tom. > > -------------------------------------------------------------- > -------------- > Tom Crummey, Systems and Network Manager, EMAIL: > tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > > University College London, TEL: +44 > (0)20 7679 3898 > Torrington Place, FAX: +44 > (0)20 7388 9325 > London, UK, WC1E 7JE. > -------------------------------------------------------------- > -------------- > From sembera at centrum.cz Thu Apr 13 15:57:22 2000 From: sembera at centrum.cz (=?iso-8859-2?Q?Jan_=A9embera?=) Date: Tue Dec 2 02:29:25 2003 Subject: Stable versions Message-ID: <010801bfa56b$d0047520$0aafa8c4@antigo.cz> Hi, what's happening with stable branch? Will developers release any stable version soon? Should we expect some features like userlist reading from workstation (individual access control etc.) in stable branch? Thanx =============================== Jan Sembera E-mail: sembera@centrum.cz =============================== From jeremy at valinux.com Thu Apr 13 17:24:58 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:25 2003 Subject: Stable versions References: <010801bfa56b$d0047520$0aafa8c4@antigo.cz> Message-ID: <38F602EA.A5166FA9@valinux.com> Jan ?embera wrote: > > Hi, > what's happening with stable branch? Will developers release any stable > version soon? Should we expect some features like userlist reading from > workstation (individual access control etc.) in stable branch? 2.0.7 due "soon" (as soon as I've nailed all outstanding bugs). It was going to be this week but another bug came up I have to get fixed. Expect it within weeks or less. 2.0.8 will have the userlist reading and ACLs and NT printer driver support. Due... "whenever" :-). Regards, Jeremy Allison, Samba Team -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From rpaz at sc.uevora.pt Thu Apr 13 17:52:11 2000 From: rpaz at sc.uevora.pt (Rui Paz) Date: Tue Dec 2 02:29:25 2003 Subject: Samba erros msg 'NT Password did not match' Message-ID: <01f001bfa571$0042f9a0$12d888c1@kremlin> Another stage... Now I have a server that is configured as NT domain controller and other where I have all the users, homes and passwords, then I'm using the option 'password server = server2' On the second server I got a message from samba saying 'NT Password did not match! Defaulting to Lanman' what I'm missing? By the way where can I found a description for samba error messages? Tanks, ___ Rui Paz From croberts at advanceddelivery.com Thu Apr 13 17:54:52 2000 From: croberts at advanceddelivery.com (Clair Roberts) Date: Tue Dec 2 02:29:25 2003 Subject: Win98 troubles Message-ID: <001e01bfa571$5ea25e50$1701a8c0@gvcl1.bc.wave.home.com> -- win98 (I know, I know, yuk) -- Solaris 2.7 Samba TNG (checked out 2000/04/11, I believe it's alpha 2.3) My NT4(SP6a) workstation is connecting and doesn't seem to be having any troubles. But, that pesky Win98 laptop seems to be another story. It connect's to the Domain no problem. but it can't browse the samba server. Using Explorer the samba server shows up in the list along with the other machines, but when it is explicitly selected this error occurs: \SAMBA-TNG is unavailiable This device does not exist on the network. Now I know it is there and working because the NT machine is happy. Sooo I tried the old map network drive trick and presto no problem. At least on the surface. Now that darn machine seems to be crashing like made (I mean more than usual) when I check smbstatus it shows that files are locked for that machine even after the machine is off. Anybody else having these types of problems? I have the logs from level 100, they are pretty big, I am not sure which are relevant. Let me know if there is something specific I can pick out of them. here is my smb.conf. -- [global] #NetBIOS name isn't needed if it's the same as the hostname # netbios name = ELK workgroup = ADSL #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map domain user map= /opt/samba-tng/private/domainuser.map username map = /opt/samba-tng/private/usermap #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = U: logon home = \\ELK\%U logon path = \\ELK\profile\%U hosts allow = 192.168.1. log level = 100 log file = /opt/samba-tng/var/log.%m # max log size = 500 socket options = TCP_NODELAY browseable = yes guest account = pcuser # invalid users = daemon, bin, sys, adm, lp, uucp, lp, nuucp, listen, nobody, noaccess, nobody4, pcuser #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /opt/samba-tng/profile writable = yes browsable = no [public] path = /d2/sambaShares/pub comment = Public File sharing area writable = yes guest ok = yes create mask = 777 directory mask = 777 [install] path = /d2/sambaShares/install comment = Installation programs writable = yes create mask = 770 directory mask = 775 force user = install force group = install [projects] path =/d2/sambaShares/projects comment = Projects Files # valid users = @adsl_dev, @adsl_adm, @adsl_market, @viperJ_dev, @viperJ_adm writable = yes create mask = 770 directory mask =775 From kfitzner at nexus.v-wave.com Thu Apr 13 18:20:44 2000 From: kfitzner at nexus.v-wave.com (Kurt Fitzner) Date: Tue Dec 2 02:29:25 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty In-Reply-To: Message-ID: On 11-Apr-00 Luke Kenneth Casson Leighton wrote: >> Don't tie it to the user name. In some cases (i.e. LDAP) it would be >> much better to add another multi-valued attribute like "NTDOMAIN". That >> way we could use that account for multiple domains, or move domains >> easily. > > good idea. You don't even need to go with LDAP. Just use some of the extra fields in a passwd file entry. The full-name field comes to mind. I'd strenuously object to forcing 2 charater domain names on people. That means 2 character machine names too. There has to be something better than this without forcing LDAP on people too. Kurt. From fridacw at auburn.edu Thu Apr 13 20:09:53 2000 From: fridacw at auburn.edu (Christopher Friday) Date: Tue Dec 2 02:29:25 2003 Subject: TNG as BDC to a TNG PDC Message-ID: <20000413.20095300@linus.che.auburn.edu> Ok folks, Here's what I've got. My PDC is a RedHat 6.1 box with TNG 2.3 and seems to be working fine (except for the occasional quirky behavior). Now, I have added a second RH6.1 machine which I wish to use as my BDC. However, when I try to do a samsync per the instructions on the TNG website( http://www.kneschke.de/projekte/samba_tng/faq/samba_bdc.php3 ), it fails when I run the command 'createuser YOURSAMBASERVERNAME$ -s \j'; at first it failed because it said the the \j option required an option, so I tried adding the name of the domain after the switch and this seemed to get things further, but it failed after creating the account (I assume as it was trying to join the new machine to the domain). I assumed, of course, that YOURSAMBASERVERNAME refers to the name of the BDC. I am including the smb.conf and the log.smb from both machines. Does anyone see any obviously stupid mistakes? Any insights? Thanks, Chris -------------- next part -------------- [2000/04/13 14:03:54, 1] smbd/server.c:main(693) smbd version TNG-alpha started. Copyright Andrew Tridgell 1992-1998 Failed to set socket option SO_KEEPALIVE (Error Socket operation on non-socket) Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) file_init: Information only: requested 10000 open files, 1014 are available. error connecting to 131.204.144.20:445 (Connection refused) error connecting to 131.204.144.20:445 (Connection refused) cli_nt_setup_creds: auth2 challenge failed. status: c0000022 domain_client_validate: credentials failed (\\LINUS) SMB LM/NT Password did not match! -------------- next part -------------- [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = GUTENBURG workgroup = WILMORE #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map #Domain controllers use user security and we need #encrypted passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #we need to specify the PDC on the BDC password server = LINUS #we don't need to win browser elections if there is a PDC os level = 20 domain master = no preferred master = no local master = no #WINS is the equivalent of DNS for NetBIOS. #There can only be one WINS server i a samba controlled domain wins support = no time server = no #the next lines are equivalent to the various profile details #found in NT's User Manager #logon script = login.bat logon drive = H: logon home = \\LINUS\%U logon path = \\LINUS\profile\%U #share all home directories #[homes] #browseable = no #writable = yes #comment = Users' home directories #set up netlogon share for system policies and login scripts #[netlogon] #path = /opt/samba-tng/netlogon #writable = no #guest ok = no #comment = BDC netlogon share #a public share [public] path = /opt/samba-tng/public browseable = yes public = yes comment = Public Share -------------- next part -------------- [2000/04/13 13:49:30, 1] smbd/server.c:main(679) smbd version TNG-alpha started. Copyright Andrew Tridgell 1992-1998 file_init: Information only: requested 10000 open files, 1014 are available. authorise_login: TODO. split function, it's 6 levels! authorise_login: TODO. split function, it's 6 levels! authorise_login: TODO. split function, it's 6 levels! -------------- next part -------------- [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = LINUS workgroup = WILMORE #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #All password changing from windows to update Linux password #unix password sync = Yes #passwd program = /usr/bin/passwd %u #passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager #logon script = login.bat logon drive = H: logon home = \\LINUS\%U logon path = \\LINUS\profiles\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profiles] path = /opt/samba-tng/profiles writeable = yes #a public share [public] path = /opt/samba-tng/public browseable = yes public = yes comment = Public share #[printers] # comment = All Printers # path = /var/spool/samba # print ok = Yes # browseable = No # #[bubba] # comment = # path = /var/spool/samba # read only = No # guest ok = Yes # print ok = Yes # printer name = bubba # oplocks = No # share modes = No From fridacw at auburn.edu Thu Apr 13 20:23:32 2000 From: fridacw at auburn.edu (Christopher Friday) Date: Tue Dec 2 02:29:25 2003 Subject: TNG as BDC to a TNG PDC In-Reply-To: <20000413.20095300@linus.che.auburn.edu> References: <20000413.20095300@linus.che.auburn.edu> Message-ID: <20000413.20233200@linus.che.auburn.edu> Ooops. By the way, the '/j' was actually supposed to be '-j', so no, the mistake was quite that stupid... :) Chris >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 4/13/00, 1:15:04 PM, Christopher Friday wrote regarding TNG as BDC to a TNG PDC: > Ok folks, > Here's what I've got. My PDC is a RedHat 6.1 box with TNG 2.3 and > seems to be working fine (except for the occasional quirky behavior). > Now, I have added a second RH6.1 machine which I wish to use as my > BDC. However, when I try to do a samsync per the instructions on the > TNG website( > http://www.kneschke.de/projekte/samba_tng/faq/samba_bdc.php3 ), it > fails when I run the command 'createuser YOURSAMBASERVERNAME$ -s \j'; > at first it failed because it said the the \j option required an > option, so I tried adding the name of the domain after the switch and > this seemed to get things further, but it failed after creating the > account (I assume as it was trying to join the new machine to the > domain). I assumed, of course, that YOURSAMBASERVERNAME refers to the > name of the BDC. > I am including the smb.conf and the log.smb from both machines. Does > anyone see any obviously stupid mistakes? Any insights? > Thanks, > Chris From ksmelser at uindy.edu Thu Apr 13 20:18:59 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues Message-ID: <38F62BB2.AE3A2D58@uindy.edu> Kind of a dumb question but can anyone offer up the proper init scripts to start the samr daemon? Here's the excerpt I have from init.d/smb that I created: case "$1" in start) echo -n "Starging SMB blah blah" daemon /yadayada/smbd -D RETVAL=$? echo echo -n "Starting NMB blah blah" daemon /yadayada/nmbd -D RETVAL2=$? echo echo -n "Starting samrd" daemon /opt/samba-tng/sbin/sarmd -D RETVAL3=$? echo [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 -a $RETVAL3 -eq 0 ] && touch /var/lock/subsys/smb || \ RETVAL=1 ;; This was kind of a from nothing add on that I did, and the service is starting. However, when doing a smbpasswd -a root I still get a "connection refused" and when doing a createuser in samedit I get a little further than before but get a "socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? K. From fridacw at auburn.edu Thu Apr 13 21:16:17 2000 From: fridacw at auburn.edu (Christopher Friday) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues In-Reply-To: <38F62BB2.AE3A2D58@uindy.edu> References: <38F62BB2.AE3A2D58@uindy.edu> Message-ID: <20000413.21161700@linus.che.auburn.edu> This a very straightforward adaptation of the standard RedhHat init script, but it works great for me. Chris >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 4/13/00, 2:10:44 PM, Kelly Smelser wrote regarding Samba-tng 2.3 .samedit/connectivity issues: > Kind of a dumb question but can anyone offer up the proper init scripts > to start the samr daemon? Here's the excerpt I have from init.d/smb > that I created: > case "$1" in > start) > echo -n "Starging SMB blah blah" > daemon /yadayada/smbd -D > RETVAL=$? > echo > echo -n "Starting NMB blah blah" > daemon /yadayada/nmbd -D > RETVAL2=$? > echo > echo -n "Starting samrd" > daemon /opt/samba-tng/sbin/sarmd -D > RETVAL3=$? > echo > [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 -a $RETVAL3 -eq 0 ] && touch > /var/lock/subsys/smb || \ RETVAL=1 > ;; > This was kind of a from nothing add on that I did, and the service is > starting. However, when doing a smbpasswd -a root I still get a > "connection refused" and when doing a createuser in samedit I get a > little further than before but get a "socket connect to > /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? > K. -------------- next part -------------- #!/bin/sh # # NOTICE: This is for use with Samba TNG and assumes # that TNG is installed in /opt/samba-tng/! # description: Starts and stops the Samba TNG daemons # used to provide SMB network services while # coexisting with an existing version of Samba # (Main Branch) such as installed from a Redhat # RPM. # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Check that smb.conf exists. [ -f /opt/samba-tng/lib/smb.conf ] || exit 0 RETVAL=0 # See how we were called. case "$1" in start) echo -n "Starting SMB services: " daemon /opt/samba-tng/sbin/smbd -D RETVAL=$? echo echo -n "Starting NMB Services: " daemon /opt/samba-tng/sbin/nmbd -D RETVAL2=$? echo echo -n "Starting Browser Services: " daemon /opt/samba-tng/sbin/browserd -D RETVAL3=$? echo echo -n "Starting lsarpcd: " daemon /opt/samba-tng/sbin/lsarpcd -D RETVAL4=$? echo echo -n "Starting netlogond: " daemon /opt/samba-tng/sbin/netlogond -D RETVAL5=$? echo echo -n "Starting SAM Services: " daemon /opt/samba-tng/sbin/samrd -D RETVAL6=$? echo echo -n "Starting Spool Services: " daemon /opt/samba-tng/sbin/spoolssd -D RETVAL7=$? echo echo -n "Starting srvsvcd: " daemon /opt/samba-tng/sbin/srvsvcd -D RETVAL8=$? echo echo -n "Starting svcctld: " daemon /opt/samba-tng/sbin/svcctld -D RETVAL9=$? echo echo -n "Starting winregd: " daemon /opt/samba-tng/sbin/winregd -D RETVAL10=$? echo echo -n "Starting wkssvcd: " daemon /opt/samba-tng/sbin/wkssvcd -D RETVAL11=$? [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 -a $RETVAL3 -eq 0 -a $RETVAL4 -eq 0 -a $RETVAL5 -eq 0 -a $RETVAL6 -eq 0 -a $RETVAL7 -eq 0 -a $RETVAL8 -eq 0 -a $RETVAL9 -eq 0 -a $RETVAL10 -eq 0 -a $RETVAL11 -eq 0 ] && touch /var/lock/subsys/smb-tng || \ RETVAL=1 echo "" ;; stop) echo -n "Shutting down SMB Services: " killproc smbd RETVAL=$? echo echo -n "Shutting down NMB Services: " killproc nmbd RETVAL2=$? echo echo -n "Shutting down Browser Services: " killproc browserd RETVAL3=$? echo echo -n "Shutting down lsarpcd: " killproc lsarpcd RETVAL4=$? echo echo -n "Shutting down Netlogon Services: " killproc netlogond RETVAL5=$? echo echo -n "Shutting down SAM Services: " killproc samrd RETVAL6=$? echo echo -n "Shutting down Spool Services: " killproc spoolssd RETVAL7=$? echo echo -n "Shutting down srvsvcd: " killproc srvsvcd RETVAL8=$? echo echo -n "Shutting down svcctld: " killproc svcctld RETVAL9=$? echo echo -n "Shutting down winregd: " killproc winregd RETVAL10=$? echo echo -n "Shutting down wkssvcd: " killproc wkssvcd RETVAL11=$? [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 -a $RETVAL3 -eq 0 -a $RETVAL4 -eq 0 -a $RETVAL5 -eq 0 -a $RETVAL6 -eq 0 -a $RETVAL7 -eq 0 -a $RETVAL8 -eq 0 -a $RETVAL9 -eq 0 -a $RETVAL10 -eq 0 -a $RETVAL11 -eq 0 ] && rm -f /var/lock/subsys/smb-tng echo "" ;; restart) $0 stop $0 start RETVAL=$? ;; reload) echo -n "Reloading smb.conf file: " killproc smbd -HUP RETVAL=$? echo ;; status) status smbd status nmbd status browserd status lsarpcd status netlogond status samrd status spoolssd status srvsvcd status svcctld status winregd status wkssvcd RETVAL=$? ;; *) echo "Usage: $0 {start|stop|restart|reload|status}" exit 1 esac exit $RETVAL From mg at plum.de Thu Apr 13 20:21:22 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues References: <38F62BB2.AE3A2D58@uindy.edu> Message-ID: <38F62C42.BAE027B5@plum.de> Kelly Smelser wrote: > > Kind of a dumb question but can anyone offer up the proper init scripts > to start the samr daemon? Here's the excerpt I have from init.d/smb > that I created: > > case "$1" in > start) > echo -n "Starging SMB blah blah" > daemon /yadayada/smbd -D > RETVAL=$? > echo > echo -n "Starting NMB blah blah" > daemon /yadayada/nmbd -D > RETVAL2=$? > echo > echo -n "Starting samrd" > daemon /opt/samba-tng/sbin/sarmd -D > RETVAL3=$? > echo > [ $RETVAL -eq 0 -a $RETVAL2 -eq 0 -a $RETVAL3 -eq 0 ] && touch > /var/lock/subsys/smb || \ RETVAL=1 > ;; > > This was kind of a from nothing add on that I did, and the service is > starting. However, when doing a smbpasswd -a root I still get a > "connection refused" and when doing a createuser in samedit I get a > little further than before but get a > "socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? This one is some broken code on the "todo" list, but you can ignore this error. (Luke: just to be curious .. what is it for ? ;) But you should start the other daemons as well, TNG needs some more than just smbd,nmbd, samrd: echo "SMB Service starting." PATH="/usr/bin:/sbin:/usr/sbin" export PATH ${SAMBA}/sbin/smbd -D ${SAMBA}/sbin/nmbd -D ${SAMBA}/sbin/browserd -D ${SAMBA}/sbin/lsarpcd -D ${SAMBA}/sbin/netlogond -D ${SAMBA}/sbin/samrd -D ${SAMBA}/sbin/spoolssd -D ${SAMBA}/sbin/srvsvcd -D ${SAMBA}/sbin/svcctld -D ${SAMBA}/sbin/winregd -D ${SAMBA}/sbin/wkssvcd -D regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From mg at plum.de Thu Apr 13 20:23:24 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues References: <38F62BB2.AE3A2D58@uindy.edu> Message-ID: <38F62CBC.33498DF2@plum.de> Kelly Smelser wrote: > > Kind of a dumb question but can anyone offer up the proper init scripts > to start the samr daemon? Here's the excerpt I have from init.d/smb > that I created: for the script .. look in source/scripts/samba you might need to change the daemon location to ${SAMBA}/sbin/ and set the SAMBA variable acordingly. Luke: how is this script generated ???? did not find any template or so for it... regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From p.grimmerink at home.nl Thu Apr 13 20:28:34 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:25 2003 Subject: join samba client to samba domain Message-ID: I've recently updated my samba PDC to 2.2, and now I tried to recreate a machine account for a samba client. I started with a new smbpasswd file, followed all the instructions, etc. When I try to create a machine account on the Samba server with samedit -U root createuser client$ it tells me to use lsaquery first, to get my SID This seems to be a function in rpcclient. This one fails. When I try to join the domain with rpcclient -U root createuser client$ -j from the client machine, this also fails, telling me to use lsaquery first. Does anyone know what causes this problem? How should I proceed? Best regards, Pieter Grimmerink From karl at marvin.ERTW.ca Thu Apr 13 20:39:38 2000 From: karl at marvin.ERTW.ca (Karl Rossing) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues In-Reply-To: <38F62BB2.AE3A2D58@uindy.edu> Message-ID: On Fri, 14 Apr 2000, Kelly Smelser wrote: > echo -n "Starting samrd" > daemon /opt/samba-tng/sbin/sarmd -D daemon /opt/samba-tng/sbin/samrd -D > /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? I'm getting the same error. For myself, i think that i did not set up the trust accounts properly. I'm trying to configure a samba BDC with an NT PDC. http://www.kneschke.de/projekte/samba_tng/faq/configuration.php3 explains how to create the trust's. I';'m gonna give it a try and let you know. Karl From mg at plum.de Thu Apr 13 20:41:33 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: join samba client to samba domain References: Message-ID: <38F630FD.4137B238@plum.de> Pieter Grimmerink wrote: > > I've recently updated my samba PDC to 2.2, and now I tried to recreate a > machine account for a samba client. I started with a new smbpasswd file, > followed all the instructions, etc. > > When I try to create a machine account on the Samba server with > > samedit -U root > createuser client$ > > it tells me to use lsaquery first, to get my SID > This seems to be a function in rpcclient. > This one fails. > > When I try to join the domain with > > rpcclient -U root > createuser client$ -j Join what domain ?? I don't think you need this step ? (not sure) > > from the client machine, this also fails, telling me to use lsaquery first. > > Does anyone know what causes this problem? > How should I proceed? > Try to use "samedit -S . -U root" (some ppl reported problems otherwise ? ) regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From ksmelser at uindy.edu Thu Apr 13 20:54:38 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues References: <38F62BB2.AE3A2D58@uindy.edu> <20000413.21161700@linus.che.auburn.edu> Message-ID: <38F6340E.C7A07526@uindy.edu> I have all of the startup scripts working properly now, but I'm still getting a "socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused" error in samedit and also get "Connection refused" when doing a smbpasswd -a. Any further suggestions? Does this have to do with improper trust account setup? K. From mg at plum.de Thu Apr 13 20:52:33 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues References: Message-ID: <38F63391.C883EC01@plum.de> Karl Rossing wrote: > > On Fri, 14 Apr 2000, Kelly Smelser wrote: > > > > echo -n "Starting samrd" > > daemon /opt/samba-tng/sbin/sarmd -D > daemon /opt/samba-tng/sbin/samrd -D > > > /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? > I'm getting the same error. For myself, i think that i did not set up the > trust accounts properly. I'm trying to configure a samba BDC with an NT > PDC. http://www.kneschke.de/projekte/samba_tng/faq/configuration.php3 > explains how to create the trust's. I';'m gonna give it a try and let you > know. I one did try to track that error in the source, but luke told me not to do so, as the code for it is totally broken ... ;) (and its no serious bug ) (there is strange usage of /tmp/.msrpc and $PREFIX/.msrpc/agent in the source ... ;) regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From mg at plum.de Thu Apr 13 21:10:13 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues References: <38F62BB2.AE3A2D58@uindy.edu> <20000413.21161700@linus.che.auburn.edu> <38F6340E.C7A07526@uindy.edu> <38F633D5.A50E8096@plum.de> <38F636C5.70AA6356@uindy.edu> Message-ID: <38F637B5.CD6F74D4@plum.de> Kelly Smelser wrote: > > Ah, missed that line in your message. Thanks a lot. Regardless, I'm > still getting the "Connection refused" when I do a smbpasswd -a root and > aside from the "Connection refused" when doing a createuser in samedit I > still get a "Create Domain User: FAILED". dont use smbpasswd. Luke wants to ditch it ;) (and replace it with some script that calls samedit ;) On my 2.3 tng: /opt/samba-tng/bin/samedit -S . -U root added interface ip=10.1.1.1 bcast=10.1.1.63 nmask=255.255.255.192 added interface ip=10.1.1.65 bcast=10.1.1.127 nmask=255.255.255.192 Enter Password: [root@.]$ createuser kd createuser kd socket connect to /tmp/.msrpc/.samr/agent failed: Verbindungsaufbau abgelehnt SAM Create Domain User Domain: TESTWG Name: kd ACB: [U ] socket connect to /tmp/.msrpc/.samr/agent failed: Verbindungsaufbau abgelehnt Create Domain User: OK Ok .. the user is there, but the account is disabled ("D" in the smbpasswd file) How to change this with samedit ??? (editing smb.conf is not the best sollution, is it ?;) Also, if I do a [root@.]$ ntpass kd ntpass kd SAM NT Password Change socket connect to /tmp/.msrpc/.samr/agent failed: Verbindungsaufbau abgelehnt Old Password: it aks me for the old password, but I am root, it should not ask me ? Ok .. but changing the passwd with smbpasswd works, and if I set the account to "[U ]" I can logon to the samba server: [root@.]$ ntlogin testwg\kd test ntlogin testwg\kd test socket connect to /tmp/.msrpc/.lsarpc/agent failed: Verbindungsaufbau abgelehnt socket connect to /tmp/.msrpc/.NETLOGON/agent failed: Verbindungsaufbau abgelehnt cmd_nt_login: login (kd) test succeeded: Yes regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From mg at plum.de Thu Apr 13 22:08:07 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:25 2003 Subject: samedit Message-ID: <38F64547.4AB68AA8@plum.de> Ok .. I did try to compile some examples for samedit, you can find them at http://www.sambahq.de/programme.php3/samedit_en.html lars: are you still alive ? ;) if yes, can you copy it into your faq ? regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From p.grimmerink at home.nl Thu Apr 13 22:20:40 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:25 2003 Subject: join samba client to samba domain In-Reply-To: <38F630FD.4137B238@plum.de> Message-ID: > Pieter Grimmerink wrote: > > > > I've recently updated my samba PDC to 2.2, and now I tried to recreate a > > machine account for a samba client. I started with a new smbpasswd file, > > followed all the instructions, etc. > > > > When I try to create a machine account on the Samba server with > > > > samedit -U root > > createuser client$ > > > > it tells me to use lsaquery first, to get my SID > > This seems to be a function in rpcclient. > > This one fails. > > > > When I try to join the domain with > > > > rpcclient -U root > > createuser client$ -j > > Join what domain ?? I don't think you need this step ? (not sure) No, this is the client. Not the PDC. So it should join the domain > Try to use "samedit -S . -U root" (some ppl reported problems otherwise > ? ) Now I get a 'broken pipe' first, samedit stops. After that, the same 'usr lsaquery first' error. Best regards, Pieter Grimmerink From mgeddes at mail.xavier.sa.edu.au Thu Apr 13 22:52:15 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:25 2003 Subject: samedit In-Reply-To: <38F64547.4AB68AA8@plum.de> References: <38F64547.4AB68AA8@plum.de> Message-ID: <200004132252.IAA11978@mail.xavier.sa.edu.au> Quoting Michael Glauche : > Ok .. I did try to compile some examples for samedit, you can find > them at > > http://www.sambahq.de/programme.php3/samedit_en.html Have you looked at the samedit man page? It\'s been in the last couple of tarballs (and CVS, of course). They are in yodl. If you don\'t have yodl / don\'t want yodl, let me know and I will stick html versions (and maybe groff versions) somewhere or something. Also, if anyone notices any problems with the man pages for any of the new daemons, let me know and I\'ll fix them. Thanks, Matt From karl at marvin.ERTW.ca Fri Apr 14 01:50:32 2000 From: karl at marvin.ERTW.ca (Karl Rossing) Date: Tue Dec 2 02:29:25 2003 Subject: cmd_sam_sync: no trust account password Message-ID: I'm trying to add a samba BDC to an NT PDC I follow the instructions from http://www.kneschke.de/projekte/samba_tng/faq/samba_bdc.php3 IE: [root@REMOTESITE2 bin]# ./rpcclient -S PDC -U user%passs -W NTDOMAINNAME added interface ip=10.0.0.1 bcast=10.0.0.0 nmask=255.0.0.0 Server: \\PDC: User: user Domain: NTDOMAINNAME Connection: socket connect to /tmp/.smb.0/agent failed: Connection refused error connecting to 10.0.0.1:445 (Connection refused) session setup ok Domain=[NTDOMAINNAME] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] OK [NTDOMAINNAME\user@PDC]$ lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: NTDOMAINNAME SID: S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXX 154 Domain Controller - Domain: NTDOMAINNAME SID: S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXX 154 [NTDOMAINNAME\user@PDC]$ createuser REMOTESITE$ -s -j createuser REMOTESITE$ -s -j REMOTESITE$: option requires an argument -- j SAM Create Domain User Domain: NTDOMAINNAME Name: REMOTESITE$ ACB: [S ] Resetting Trust Account to insecure, initial, well-known value: "REMOTESITE" REMOTESITE2 can now be joined to the domain, which should be done on a private, secure network as soon as possible Create Domain User: OK [NTDOMAINNAME\user@PDC]$ samsync samsync LSA_QUERYSECRET: cmd_sam_sync: no trust account password How would i create the trust so that i can get the sam? From lkcl at samba.org Fri Apr 14 02:22:37 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: ntpass problems (was: tng1.8 problems) In-Reply-To: Message-ID: > To create user root I did: > > rpcclient -S . -W NEWHOME -U root% > createuser root this creates an account, disabled, with no password. you can verify this by doing "dispinfo", "enumusers -u" or "samuser root -u". > ntpass root this is an attempt by the user "root" to change "root"'s password. the old "root" password is required. the user "root" is disabled and does not _have_ a password, therefore of ourse it is going to fail. use "samuserset root -p password" or "createuser root -p password" From lkcl at samba.org Fri Apr 14 02:25:54 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Remaining locked Shares after Logout WinNT In-Reply-To: <38F5CD08.D6B501B5@pfh-goettingen.de> Message-ID: On Fri, 14 Apr 2000, Olaf Krautstrunk wrote: > I `ve set up a Samba PDC 2.0.6 for a NT Domain. > It all works fine but after a user logs out there is still a share > [profile] with the wkst-account and the user. So this wkst can not be > used by another user to log in. that's perfectly normal for NT. there's nothing you can do about it. try \\%L\%U\profiles instead of \\%L\fixedsharename\%U. > smbstatus: > > Samba version 2.0.6 > Service uid gid pid machine > ---------------------------------------------- > profile test2 studies 6533 siltest (192.168.1.169) Thu Apr > 13 15:12:30 2000 > > I puffered it with `deadtime = 1`, but during this time nobody can > access the Domain with this wkst. > > Who knows something about?? > > Olaf Krautstunk > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 02:27:46 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Win 2000 and domains... In-Reply-To: Message-ID: On Fri, 14 Apr 2000, Oliver Stockhammer wrote: > > Hello, > I was just wondering if you guys had plans to be able to control > win 2000 domains as well. As I understand it, M$ has designed the 2000 only if we get above one request per day for it. From lkcl at samba.org Fri Apr 14 02:30:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Missing } in locking/locking.c In-Reply-To: <001101bfa56a$cfb930c0$0500000a@borntreger.com> Message-ID: cut some code across from cvs main. we removed all occurrences of inet_aton from TNG, this one made it over. On Fri, 14 Apr 2000, Lonnie J. Borntreger wrote: > The inet_aton problem appeared before. You should be able to solve it > (until fixed by the overworked samba team) by adding -lresolv on the LIBS = > line of the Makefile.in and re-configuring, or directly into the Makefile. > > I seem to remember back when this happened before, there eventually was a > change that removed the need for -lresolv, I just don't remember what that > change was. > > Lonnie Borntreger > > > -----Original Message----- > > From: Tom Crummey [mailto:tom@ee.ucl.ac.uk] > > Sent: Thursday, April 13, 2000 11:38 AM > > To: lonnie@borntreger.com > > Cc: samba-ntdom@samba.org > > Subject: RE: Missing } in locking/locking.c > > > > > > Hello Lonnie, > > > > Sorry, you're right. My brain turned the 6 upside down between reading > > it and typing it... > > > > Tom. > > > > -------------------------------------------------------------- > > -------------- > > Tom Crummey, Systems and Network Manager, EMAIL: > > tom@ee.ucl.ac.uk > > Department of Electronic and Electrical Engineering, > > > > University College London, TEL: +44 > > (0)20 7679 3898 > > Torrington Place, FAX: +44 > > (0)20 7388 9325 > > London, UK, WC1E 7JE. > > -------------------------------------------------------------- > > -------------- > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 02:38:46 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues In-Reply-To: <38F62C42.BAE027B5@plum.de> Message-ID: > > "socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused" Any suggestions? > This one is some broken code on the "todo" list, but you can ignore > this error. > (Luke: just to be curious .. what is it for ? ;) authenticated-connection "sharing", or "reuse". From lkcl at samba.org Fri Apr 14 02:39:17 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues In-Reply-To: <38F62CBC.33498DF2@plum.de> Message-ID: ask elrond, it's generated by configure from script.init.d.in. On Fri, 14 Apr 2000, Michael Glauche wrote: > Kelly Smelser wrote: > > > > Kind of a dumb question but can anyone offer up the proper init scripts > > to start the samr daemon? Here's the excerpt I have from init.d/smb > > that I created: > > for the script .. look in source/scripts/samba > > you might need to change the daemon location to ${SAMBA}/sbin/ > and set the SAMBA variable acordingly. > > Luke: how is this script generated ???? did not find any template or so > for it... > > regards, > Michael > > -- > Samba Information HQ (in german) > http://www.sambahq.de/ > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 02:40:13 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: if you don't have a private/smbpasswd, touch private/smbpasswd. On Fri, 14 Apr 2000, Pieter Grimmerink wrote: > I've recently updated my samba PDC to 2.2, and now I tried to recreate a > machine account for a samba client. I started with a new smbpasswd file, > followed all the instructions, etc. > > When I try to create a machine account on the Samba server with > > samedit -U root > createuser client$ > > it tells me to use lsaquery first, to get my SID > This seems to be a function in rpcclient. > This one fails. > > When I try to join the domain with > > rpcclient -U root > createuser client$ -j > > from the client machine, this also fails, telling me to use lsaquery first. > > Does anyone know what causes this problem? > How should I proceed? > > Best regards, > > Pieter Grimmerink > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 02:57:47 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:25 2003 Subject: Samba-tng 2.3 .samedit/connectivity issues In-Reply-To: <38F637B5.CD6F74D4@plum.de> Message-ID: > Ok .. the user is there, but the account is disabled ("D" in the > smbpasswd file) > How to change this with samedit ??? (editing smb.conf is not the best > sollution, is it ?;) *thinks*... samuserset2 kd -c 0x5 will clear ACB_DISABLED (0x1) and ACB_PWNOTREQ (0x4). do this *after* doing samuserset kd -p password. > Also, if I do a > [root@.]$ ntpass kd > ntpass kd > SAM NT Password Change > socket connect to /tmp/.msrpc/.samr/agent failed: Verbindungsaufbau > abgelehnt > Old Password: > > it aks me for the old password, but I am root, it should not ask me ? it's asking for *kd*'s old password. > Ok .. but changing the passwd with smbpasswd works, and if I set the > account to "[U ]" > I can logon to the samba server: > [root@.]$ ntlogin testwg\kd test > ntlogin testwg\kd test > socket connect to /tmp/.msrpc/.lsarpc/agent failed: Verbindungsaufbau > abgelehnt > socket connect to /tmp/.msrpc/.NETLOGON/agent failed: Verbindungsaufbau > abgelehnt > cmd_nt_login: login (kd) test succeeded: Yes > > regards, > Michael > -- > Samba Information HQ (in german) > http://www.sambahq.de/ > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From kfitzner at nexus.v-wave.com Fri Apr 14 04:08:38 2000 From: kfitzner at nexus.v-wave.com (Kurt Fitzner) Date: Tue Dec 2 02:29:26 2003 Subject: TNG definitely not working on my libc5 system Message-ID: I am still having problems getting TNG running at all on my libc5 system. I was told that I was running old binaries somewhere, but that is definitely not the case. I am explicitely starting up all the TNG binaries by full path. What I am noticing is a little disturbing. That is, when I use the command: ./rpcclient . -U root% and subsequent createuser foo -p foo The lights on my cable modem go crazy for a couple seconds before I get the messages back: socket connect to /tmp/.smb.0/agent failed: No such file or directory cli_establish_connection: failed to connect to GUARDIAN<00> (0.0.0.0) cli_net_use_add: connection failed ncacn_np_use_add: connection failed please use 'lsaquery' first, to ascertain the SID This is a little disturbing, since I am not using the interface my cable modem is attached to in my smb.conf. I tried adding 'bind interfaces only' and giving 127.0.0.1 as an interface as well (as per the man page), but the behavior continues. Sending out packets on interfaces other than what is explicitely specified is an official "bad thing" . I really don't want broadcasts, or any other type of packet, going out on anything except my local lan. Is there any way to keep TNG from using my other interfaces? Kurt. p.s. ifconfig output and my smb.conf are as follows: $ ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0 UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1 RX packets:56461 errors:0 dropped:0 overruns:0 frame:0 TX packets:56461 errors:0 dropped:0 overruns:0 carrier:0 coll:0 eth0 Link encap:Ethernet HWaddr 00:C0:A8:4E:42:EF inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:342862 errors:0 dropped:0 overruns:0 frame:0 TX packets:408954 errors:0 dropped:0 overruns:0 carrier:0 coll:1471 Interrupt:11 Base address:0x320 eth1 Link encap:Ethernet HWaddr 00:00:6E:21:35:E6 inet addr:24.108.28.188 Bcast:24.108.28.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:469954 errors:0 dropped:0 overruns:0 frame:10 TX packets:304931 errors:19 dropped:0 overruns:2 carrier:37 coll:10130 Interrupt:10 Base address:0x340 $ cat smb.conf [global] interfaces = 192.168.1.1/24 127.0.0.1/24 bind interfaces only = true #debug level = 100 #NetBIOS name isn't needed if it's the same as the hostname netbios name = GUARDIAN workgroup = MAINFRAME #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager #logon script = login.bat #logon drive = U: #logon home = \\GUARDIAN\%U #logon path = \\GUARDIAN\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /opt/samba-tng/profile writeable = yes #a public share [public] path = /opt/samba-tng/public browseable = yes public = yes comment = Public share From lkcl at samba.org Fri Apr 14 04:22:34 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: TNG definitely not working on my libc5 system In-Reply-To: Message-ID: wow! i'm impressed. it's probably sending out requests on 255.255.255.255. can you confirm that? > The lights on my cable modem go crazy for a couple seconds before I get the > messages back: > > socket connect to /tmp/.smb.0/agent failed: No such file or directory > cli_establish_connection: failed to connect to GUARDIAN<00> (0.0.0.0) > cli_net_use_add: connection failed > ncacn_np_use_add: connection failed From kirk at n0tia.ampr.org Fri Apr 14 04:45:25 2000 From: kirk at n0tia.ampr.org (Kirk Wolff) Date: Tue Dec 2 02:29:26 2003 Subject: Problem with joining domain: not proper credentials? Message-ID: <005701bfa5cc$40d14070$69115e2c@n0tia.ampr.org> I have yesterday's build rom the cvs. I have followed the FAQ, and I get the following error when I try to add my workstation to the samba-tng pdc controlled domain (in an AfxMessageBox) The following error occurred attempting to join the domain "N0TIA": The credentials supplied conflict with an existing set of credentials. Is this because I have the admin on the workstation with the same password as the domain admin? Which user/passwd should I enter when I get the window? "Domain Username And Password" Enter the name and password of an account with permission to join the domain. Name: Password: Like I said: I followed the FAQ explecitly, I also tried the following from within rpcclient (of which worked fine once I added the '.' after the '-S' on the rpcclient command line... (took me an extra look at the w-page) Have any ideas? or am I too vague? Thanks in advance: Kirk -------------- next part -------------- HTML attachment scrubbed and removed From kirk at n0tia.ampr.org Fri Apr 14 05:14:56 2000 From: kirk at n0tia.ampr.org (Kirk Wolff) Date: Tue Dec 2 02:29:26 2003 Subject: appendage: Problem with joining domain: not proper credentials? Message-ID: <00a501bfa5d0$5f90d0d0$69115e2c@n0tia.ampr.org> Forgot to say what I 'also tried' (scroll down) ----- Original Message ----- From: Kirk Wolff To: Multiple recipients of list SAMBA-NTDOM Sent: Thursday, April 13, 2000 11:50 PM Subject: Problem with joining domain: not proper credentials? I have yesterday's build rom the cvs. I have followed the FAQ, and I get the following error when I try to add my workstation to the samba-tng pdc controlled domain (in an AfxMessageBox) The following error occurred attempting to join the domain "N0TIA": The credentials supplied conflict with an existing set of credentials. Is this because I have the admin on the workstation with the same password as the domain admin? Which user/passwd should I enter when I get the window? "Domain Username And Password" Enter the name and password of an account with permission to join the domain. Name: Password: Like I said: I followed the FAQ explecitly, I also tried the following from within rpcclient (of which worked fine once I added the '.' after the '-S' on the rpcclient command line... (took me an extra look at the w-page) samuserset root -p password Have any ideas? or am I too vague? Thanks in advance: Kirk -------------- next part -------------- HTML attachment scrubbed and removed From alex at gs.nsc.ru Fri Apr 14 06:27:41 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:26 2003 Subject: WIN2K shares In-Reply-To: References: Message-ID: <13560.000414@gs.nsc.ru> Hello, I cant compile 2.4 on FreeBSD 4.0 box: locking/locking.c: In function `posix_lock_in_range': locking/locking.c:315: parse error before `static' locking/locking.c:321: `fsp' undeclared (first use in this function) locking/locking.c:321: (Each undeclared identifier is reported only once locking/locking.c:321: for each function it appears in.) locking/locking.c:321: `lock_type' undeclared (first use in this function) *** Error code 1 Thursday, April 13, 2000, 12:17:45 PM, you wrote: LKCL> On Thu, 13 Apr 2000, Alex A. Emanov wrote: >> Hello, >> >> >> Thursday, April 13, 2000, 9:49:32 AM, you wrote: >> >> LKCL> On Wed, 12 Apr 2000, Alex A. Emanov wrote: >> >> >> >> There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) >> >> When connecting from PDC to Win200-Professional(controlled by this PDC) >> >> using smbclient: >> >> >> >> #smbclient -L WIN2K -W DOMAIN -U user >> >> Password: >> >> 1st session setup ok >> >> 2nd session setup ok >> >> failed tcon_X >> >> failed session request >> >> LKCL> urr...... >> >> LKCL> urr... no, it's not because of RestrictAnonymous=0x2, you specified >> LKCL> user/dom/pass. >> Can the same local username affect it? >> >> LKCL> urr... don't know! >> I can't to conect to win2k shares from win98 in samba controlled >> domain. It would be similar problem......? >> May be log level 9 can show somthing? LKCL> ah, ok, i get it: the pass-thru authentication, from the nt5 wks to the LKCL> samba-tng PDC is failing. LKCL> well, no surprise there, try 2.4 and let me know if it works, and if it LKCL> doesn't i'll try and remember to test it here Best regards, Alex mailto:alex@gs.nsc.ru From lkcl at samba.org Fri Apr 14 06:38:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: WIN2K shares In-Reply-To: <13560.000414@gs.nsc.ru> Message-ID: hi, can u fix it i want to do a 2.5? thx. On Fri, 14 Apr 2000, Alex A. Emanov wrote: > Hello, > > I cant compile 2.4 on FreeBSD 4.0 box: > > locking/locking.c: In function `posix_lock_in_range': > locking/locking.c:315: parse error before `static' > locking/locking.c:321: `fsp' undeclared (first use in this function) > locking/locking.c:321: (Each undeclared identifier is reported only once > locking/locking.c:321: for each function it appears in.) > locking/locking.c:321: `lock_type' undeclared (first use in this function) > *** Error code 1 > > > Thursday, April 13, 2000, 12:17:45 PM, you wrote: > > LKCL> On Thu, 13 Apr 2000, Alex A. Emanov wrote: > > >> Hello, > >> > >> > >> Thursday, April 13, 2000, 9:49:32 AM, you wrote: > >> > >> LKCL> On Wed, 12 Apr 2000, Alex A. Emanov wrote: > >> > >> > >> >> There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) > >> >> When connecting from PDC to Win200-Professional(controlled by this PDC) > >> >> using smbclient: > >> >> > >> >> #smbclient -L WIN2K -W DOMAIN -U user > >> >> Password: > >> >> 1st session setup ok > >> >> 2nd session setup ok > >> >> failed tcon_X > >> >> failed session request > >> > >> LKCL> urr...... > >> > >> LKCL> urr... no, it's not because of RestrictAnonymous=0x2, you specified > >> LKCL> user/dom/pass. > >> Can the same local username affect it? > >> > >> LKCL> urr... don't know! > >> I can't to conect to win2k shares from win98 in samba controlled > >> domain. It would be similar problem......? > >> May be log level 9 can show somthing? > > LKCL> ah, ok, i get it: the pass-thru authentication, from the nt5 wks to the > LKCL> samba-tng PDC is failing. > > LKCL> well, no surprise there, try 2.4 and let me know if it works, and if it > LKCL> doesn't i'll try and remember to test it here > > > > > Best regards, > Alex mailto:alex@gs.nsc.ru > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From alex at gs.nsc.ru Fri Apr 14 06:41:34 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:26 2003 Subject: WIN2K shares In-Reply-To: <13560.000414@gs.nsc.ru> References: <13560.000414@gs.nsc.ru> Message-ID: <4570.000414@gs.nsc.ru> Hello Alex, Friday, April 14, 2000, 1:30:38 PM, you wrote: AAE> Hello, AAE> I cant compile 2.4 on FreeBSD 4.0 box: AAE> locking/locking.c: In function `posix_lock_in_range': AAE> locking/locking.c:315: parse error before `static' AAE> locking/locking.c:321: `fsp' undeclared (first use in this function) AAE> locking/locking.c:321: (Each undeclared identifier is reported only once AAE> locking/locking.c:321: for each function it appears in.) AAE> locking/locking.c:321: `lock_type' undeclared (first use in this function) AAE> *** Error code 1 Because of missing } in locking.c line 162 AAE> Thursday, April 13, 2000, 12:17:45 PM, you wrote: LKCL>> On Thu, 13 Apr 2000, Alex A. Emanov wrote: >>> Hello, >>> >>> >>> Thursday, April 13, 2000, 9:49:32 AM, you wrote: >>> >>> LKCL> On Wed, 12 Apr 2000, Alex A. Emanov wrote: >>> >>> >>> >> There is PDC - samba-tng 2.2 ( i386, FreeBSD 4.0) >>> >> When connecting from PDC to Win200-Professional(controlled by this PDC) >>> >> using smbclient: >>> >> >>> >> #smbclient -L WIN2K -W DOMAIN -U user >>> >> Password: >>> >> 1st session setup ok >>> >> 2nd session setup ok >>> >> failed tcon_X >>> >> failed session request >>> >>> LKCL> urr...... >>> >>> LKCL> urr... no, it's not because of RestrictAnonymous=0x2, you specified >>> LKCL> user/dom/pass. >>> Can the same local username affect it? >>> >>> LKCL> urr... don't know! >>> I can't to conect to win2k shares from win98 in samba controlled >>> domain. It would be similar problem......? >>> May be log level 9 can show somthing? LKCL>> ah, ok, i get it: the pass-thru authentication, from the nt5 wks to the LKCL>> samba-tng PDC is failing. LKCL>> well, no surprise there, try 2.4 and let me know if it works, and if it LKCL>> doesn't i'll try and remember to test it here AAE> Best regards, AAE> Alex mailto:alex@gs.nsc.ru Best regards, Alex mailto:alex@gs.nsc.ru From lkcl at samba.org Fri Apr 14 06:55:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: samba-tng-alpha-2.4.1.tar.bz2 Message-ID: ran with electric fence, found two bugs immediately, i love electric fence. still win9x memory-trashing problems in there, this needs someone with win9x and experience at tracking down memory-overwrite problems to take a look-see (electric fence will help: search using http://freshmeat.net for it). luke From hanak at osu.cz Sat Apr 15 07:08:43 2000 From: hanak at osu.cz (Ondrej Hanak) Date: Tue Dec 2 02:29:26 2003 Subject: WINS Client Message-ID: Hi all samba fans! I have one small question. Why all M$ Win (NT, 9x) clients can't ask WINS server, when they can't resolve NetBIOS name over broadcas in LAN. Situation: - we have correctly set WINS server via DHCP. - when i use for this same problem smbclient (with WINS server in smb.conf) smbclient -L NetBIOS_name, then this one do this correctly via WINS (where every comp. is registered) - when i use "find computer" in M$ env. searching fails. NOT FOUND! - now we solve this problem with LMHosts. Can anybody clear this strange behaviour. Is this bug in M$ clients? Thx O.H. From sam at topic.com.au Fri Apr 14 07:15:06 2000 From: sam at topic.com.au (Sam Couter) Date: Tue Dec 2 02:29:26 2003 Subject: samba-tng-alpha-2.4.1.tar.bz2 In-Reply-To: ; from lkcl@samba.org on Fri, Apr 14, 2000 at 04:59:59PM +1000 References: Message-ID: <20000414171506.L8170@mail.topic.com.au> Luke Kenneth Casson Leighton wrote: > ran with electric fence, found two bugs immediately, i love electric > fence. > > still win9x memory-trashing problems in there, this needs someone with > win9x and experience at tracking down memory-overwrite problems to take a > look-see (electric fence will help: search using http://freshmeat.net for > it). Try out dmalloc as well. It will turn up most of what electricfence can do (but not all), plus way more including leaking and corrupted memory. http://www.dmalloc.com/ -- Sam Couter sam@topic.com.au Internet Engineer http://www.topic.com.au/ tSA Consulting -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000414/ae1bb433/attachment.bin From lkcl at samba.org Fri Apr 14 07:17:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: samba-tng-alpha-2.4.1.tar.bz2 In-Reply-To: <20000414171506.L8170@mail.topic.com.au> Message-ID: got yamd for that. On Fri, 14 Apr 2000, Sam Couter wrote: > Luke Kenneth Casson Leighton wrote: > > ran with electric fence, found two bugs immediately, i love electric > > fence. > > > > still win9x memory-trashing problems in there, this needs someone with > > win9x and experience at tracking down memory-overwrite problems to take a > > look-see (electric fence will help: search using http://freshmeat.net for > > it). > > Try out dmalloc as well. It will turn up most of what electricfence can do > (but not all), plus way more including leaking and corrupted memory. > > http://www.dmalloc.com/ > -- > Sam Couter sam@topic.com.au > Internet Engineer http://www.topic.com.au/ > tSA Consulting > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000414/7b411684/attachment.bin From tobias at rischer.com Fri Apr 14 07:34:41 2000 From: tobias at rischer.com (Tobias Rischer) Date: Tue Dec 2 02:29:26 2003 Subject: Q: NTUSER.DAT / Registry behaves read-only? Message-ID: <200004140734.JAA00525@qbrick.local.net> Dear List, I am having trouble with a Samba installation that I can't fix with FAQs and documentation. The problem in short is this: Samba (HEAD, from March 20) is file server and PDC with roaming profiles, WinNT (NT4 SP4, freshly installed) user can log on and off, NTUSER.DAT is read at logon time, written back at logoff time (I can see that from the timestamps), *BUT* the user cannot change any of his registry values (e.g., change desktop pattern, set environment variable, etc.) The first NTUSER.DAT file was manually put into the profile directory and comes from the Default User profile on the NT machine. To be clear: it's not that the registry is not written back, it refuses to change at all. (e.g., desktop background does not change at all) On the contrary, it looks like the unchanged registry *is* written back. Weirdest of all: I remember it working at least once three weeks ago, when this Samba version was freshly installed (installed, logged in, changed desktop pattern, then went on holidays with the hope everything was fine). It also worked yesterday sometimes for freshly created users, but I don't remember if this was with the HEAD-March-20 version or the HEAD-April-12 version. Anyway, I cannot tell what I did to make it work or not-work. I did some leaving and rejoing of the domain as well, it was a rather desperate playing-around session. The almost current April-12 version (don't nail me on the exact checkout-time) is not useable for me, it refuses connections with some socket error after a while. I did not want to use TNG because I need a stable file server and TNG is said to be far more alpha in this respect. If anybody is willing to advise -- the config file, tcpdump, and smb.log are available with one click at http://rischer.com/samba-trouble/ because I did not want to waste bandwidth with them here. Thanks in advance -- Tobias -- ............................................. (_) Tobias Rischer "===' tobias@rischer.com " " ...still.loving.gnu.......................... From kfitzner at nexus.v-wave.com Fri Apr 14 08:35:48 2000 From: kfitzner at nexus.v-wave.com (Kurt Fitzner) Date: Tue Dec 2 02:29:26 2003 Subject: TNG definitely not working on my libc5 system In-Reply-To: Message-ID: The packets on my cable modem aren't a broadcast to 255.255.255.255, they are a DNS lookup. Thing is, they're a DNS lookup for the name 'SMBSERVER'. It tries 6 lookups with various attempts at upper and lowercase versions of SMBSERVER and SMBSERVER.v-wave.com (my domain). >From a cursory glance at the source, it looks to me like SMBSERVER is supposed to be a string that is replaced by the actual host name. Problems with string functions in libc5? If you want a tcpdump file of what's going on, let me know. Kurt. From p.grimmerink at home.nl Fri Apr 14 08:50:24 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: > if you don't have a private/smbpasswd, > > touch private/smbpasswd. I do have an empty smbpasswd file. But this is the client. The problem seems to be at the server. When I try to do samedit -U root createuser client$ this fails, telling me to use lsaquery first, to ascertain the SID I just deleted the entire sambadir/var/lock contents, and emptied the smbpasswd file, removed the .SID file, and restarted all the daemons. (I had to do this, because for some reason Samba no longer accepted logons from win98 clients) Still, I can't create machineaccounts on the Samba server. Best regards, Pieter Grimmerink From pmal at space.gr Fri Apr 14 09:41:41 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:26 2003 Subject: Administrator: Loggin localy References: <38CD20E3.FE85D9B3@siac.com> Message-ID: <004f01bfa5f5$a38c1360$0602000a@space.gr> I have setup a samba PDC but I don't want the root account to be able to log in the domain. Is it necessary to add to the smbpasswd file the root account? If so how can one prevent this account from loggins. From tom at ee.ucl.ac.uk Fri Apr 14 10:08:55 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:26 2003 Subject: cvs update 1100 BST 14/4/00 Message-ID: <200004141008.LAA04193@picard.ee.ucl.ac.uk> Hello, Linking bin/smbd Undefined first referenced symbol in file inet_aton bin/.libs/libsamba.so ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd *** Error code 1 make: Fatal error: Command failed for target `bin/smbd' Building still fails on Solaris 2.7 Sparc 64. The offending symbol is in line 1251 of lib/util_sock.c I'll stick a -lresolv in LIBS in the Makefile. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From ertl at emp.paed.uni-muenchen.de Fri Apr 14 11:13:36 2000 From: ertl at emp.paed.uni-muenchen.de (Bernhard Ertl) Date: Tue Dec 2 02:29:26 2003 Subject: hdd timeout? was share disappeares smbd/server.c:exit_server(408) References: Message-ID: <38F6FD60.26B7F310@emp.paed.uni-muenchen.de> Hi, I got a new idea. I have heared sth. about segate scsi hdds having problems with the write cache which may lead to delays about 3 minutes (I only heared it from sinix-z). Theory: with increasing netload the possibility of a writing operation to run into cache troubles increases. Three minutes pause, then it works again.... (also might be totally bullshit) Could anyone tell me what error 408 exactly means? Does anyon know anything how to disable this write cache? has anyone similar ( or other timeout) problems who is using segate / Ibm drives Be > ok, please investigate more, using nmblookup, smbclient etc, increasing > log files etc. > > we have someone else who is using RAID and they also have problems. > > On Thu, 13 Apr 2000, Bernhard Ertl wrote: > > > Hi, I just recompiled it, but without any improvement, it was the gcc 2.95.2-19. > > I also recompiled the Kernel, it is version 2.2.14. (but the suse kernel sources). > > I also made some statistics about the occurrance of the problem and found out > > till end of february there were agerage 25 occurrances a day (between 0 and 50) > > but then there was a big jump to 150 to 400 /day (without haveing done anything, of course.... > > > > Be > > > > > > > On Wed, 12 Apr 2000, Bernhard Ertl wrote: > > > > > > > > AH! someone else reported this happening. GIVE INFO! details. > > > > > > > > > operating system arch compiler etc. > > > > > > > > The operating system is linux, SuSE 6.4 distribution, kernel 2.2.14 (but it also appeared with the old > > > > version 6.2 and Kernel 2.2.?) I used the sources from the samba site, dated on November ~11th (directly > > > > after the information about the new release came across this list.) As I think it was not available as > > > > bindist, i suppose I have compiled it myself with gcc and glibc2. (I have to do some research about the > > > > version, because we just have run a server update). > > > > > > > > The system runs on a dual PIII system with a mylex raid controller and two ethernet interfaces, serving > > > > around 50 clients as login- wins- and fileserver. > > > > > > > > The problem occurrs if > > > > * there are find processes on the hdd (understandeable) > > > > * someone publishes a big Frontpage web located on the server (also understandeable) > > > > > > bernhard, thank you very much, because someone else reported a similar > > > problem, you see. > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From JGreer at csicorp-us.com Fri Apr 14 11:34:18 2000 From: JGreer at csicorp-us.com (Greer, Joe) Date: Tue Dec 2 02:29:26 2003 Subject: Categorize email messages from this server??? Message-ID: <08E29497F5FFD311B9450050041E02BA0923EC@ISERVER07> Hi, Who do I make the recommendations for the way messages are delivered from this list server? I would like to request that all messages from this list server contain a string so that they cam be sorted into a different folder than the rest of my email. Thanks, Joe Greer Network Administrator CSI Industrial Systems Corp. -- It was once said that if you put 1000 programmers in a room with 1000 computers for 1000 days with a $100 million dollar budget, they would produce an operating system as stable and robust as UNIX. Thanks to Windows 2000, we know this is not true. As of 12/28/98: (Pursuant to US Code, Title 47, Chapter 5, Subchapter II, 227, any and all non-solicited commercial E-mail sent to this address is subject to a downloading archival fee in the amount of $1000 US. E-mailing denotes acceptance of these terms.) From andy at azura.co.uk Fri Apr 14 11:22:46 2000 From: andy at azura.co.uk (Andy Wilson) Date: Tue Dec 2 02:29:26 2003 Subject: Categorize email messages from this server??? References: <08E29497F5FFD311B9450050041E02BA0923EC@ISERVER07> Message-ID: <001801bfa603$c2d64c00$879cf0d4@abduction.org> > Hi, Hello there! > Who do I make the recommendations for the way messages are delivered from > this list server? I would like to request that all messages from this list > server contain a string so that they cam be sorted into a different folder > than the rest of my email. They do. Look at the mail headers. To: Multiple recipients of list SAMBA-NTDOM > Thanks, You're welcome. Andy. ----------------------------------------------------- andy@azura.co.uk : http://www.azura.co.uk tel:+44(0)797-031-3337 fax:+44(0)870-121-8537 From p.grimmerink at home.nl Fri Apr 14 11:36:41 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Pieter Grimmerink > Sent: vrijdag 14 april 2000 10:52 > To: Multiple recipients of list SAMBA-NTDOM > Subject: RE: join samba client to samba domain > > > > if you don't have a private/smbpasswd, > > > > touch private/smbpasswd. > > I do have an empty smbpasswd file. > But this is the client. > The problem seems to be at the server. > When I try to do > > samedit -U root > createuser client$ > > this fails, telling me to use lsaquery first, to ascertain the SID I got a bit further now, after I used the -W option; rpcclient -S PDCNAME -U root -W DOMAINNAME lsaquery createuser client$ -s -j this creates a valid machine account, but does not join the client to the domain. deluser client$ createuser client$ -s -j DOMAINNAME tries to create a machine account, and tries to join the client to the domain. This somehow fails. (the server tries to connect to port 445 of both the PDC and the client, connections are refused, it also tries to connect to /tmp/.smb.0/agent, this also fails.) final message 'Create Domain User: FAILED' I've tried this also with an NT server, I used rpcclient from the samba client, and tried to create a machine account and join the samba client to the domain. This also failed. How can I join my samba client to either a samba PDC or a NT PDC? (the samba pdc is running samba-tng alpha version 2.2, the client 2.4, the client I tried to join to an NT domain is running 2.3) Best regards, Pieter Grimmerink From lkcl at samba.org Fri Apr 14 12:48:27 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: TNG definitely not working on my libc5 system In-Reply-To: Message-ID: *SMBSERVER, not SMBSERVER, that's not good. On Fri, 14 Apr 2000, Kurt Fitzner wrote: > The packets on my cable modem aren't a broadcast to 255.255.255.255, they are > a DNS lookup. Thing is, they're a DNS lookup for the name 'SMBSERVER'. It > tries 6 lookups with various attempts at upper and lowercase versions of > SMBSERVER and SMBSERVER.v-wave.com (my domain). > > >From a cursory glance at the source, it looks to me like SMBSERVER is supposed > to be a string that is replaced by the actual host name. Problems with > string functions in libc5? > > If you want a tcpdump file of what's going on, let me know. > > Kurt. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 12:55:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: you need to make *two* connections inside samedit. you need to do one of them on the command-line to the domain controller the second must be with use \\wksta -Uuser%pass -W wksta On Fri, 14 Apr 2000, Pieter Grimmerink wrote: > > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Pieter Grimmerink > > Sent: vrijdag 14 april 2000 10:52 > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: RE: join samba client to samba domain > > > > > > > if you don't have a private/smbpasswd, > > > > > > touch private/smbpasswd. > > > > I do have an empty smbpasswd file. > > But this is the client. > > The problem seems to be at the server. > > When I try to do > > > > samedit -U root > > createuser client$ > > > > this fails, telling me to use lsaquery first, to ascertain the SID > > I got a bit further now, after I used the -W option; > > rpcclient -S PDCNAME -U root -W DOMAINNAME > lsaquery > createuser client$ -s -j > > this creates a valid machine account, but does not join the client to the > domain. > > deluser client$ > createuser client$ -s -j DOMAINNAME > > tries to create a machine account, and tries to join the client to the > domain. > This somehow fails. > (the server tries to connect to port 445 of both the PDC and the client, > connections are refused, it also tries to connect to /tmp/.smb.0/agent, this > also fails.) > final message 'Create Domain User: FAILED' > > I've tried this also with an NT server, I used rpcclient from the samba > client, and tried to create a machine account and join the samba client to > the domain. > This also failed. > > How can I join my samba client to either a samba PDC or a NT PDC? > (the samba pdc is running samba-tng alpha version 2.2, the client 2.4, the > client I tried to join to an NT domain is running 2.3) > > Best regards, > > Pieter Grimmerink > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From kirk at knightronix.com Fri Apr 14 14:26:45 2000 From: kirk at knightronix.com (Kirk A Wolff) Date: Tue Dec 2 02:29:26 2003 Subject: Categorize email messages from this server??? In-Reply-To: <08E29497F5FFD311B9450050041E02BA0923EC@ISERVER07> Message-ID: filter according to "To: SAMBA-NTDOM" Kirk Wolff gofuchelo@bigfoot.com http://www.bigfoot.com/~gofuchelo pager: 651 8478624 On Fri, 14 Apr 2000, Greer, Joe wrote: > Hi, > > Who do I make the recommendations for the way messages are delivered from > this list server? I would like to request that all messages from this list > server contain a string so that they cam be sorted into a different folder > than the rest of my email. > > Thanks, > Joe Greer > Network Administrator > CSI Industrial Systems Corp. > > -- It was once said that if you put 1000 programmers in a room with 1000 > computers for 1000 days with a $100 million dollar budget, they would > produce an operating system as stable and robust as UNIX. Thanks to Windows > 2000, we know this is not true. > > > > As of 12/28/98: > (Pursuant to US Code, Title 47, Chapter 5, Subchapter II, 227, any and all > non-solicited commercial E-mail sent to this address is subject to a > downloading archival fee in the amount of $1000 US. E-mailing denotes > acceptance of these terms.) > From p.grimmerink at home.nl Fri Apr 14 13:32:29 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: Thanks for your reply. > you need to make *two* connections inside samedit. > > you need to do one of them on the command-line to the domain controller > the second must be with use \\wksta -Uuser%pass -W wksta I tried this, after a while I realised that I should have a local root account in the workstations smbpasswd file. When I then tried use \\wksta -Uuser%pass -W wksta with user=local root account, and then again a createuser -jdomainname, it finally worked! Thanks a lot. (by the way, I should have got it working by myself, since the hint you gave was also given by rpcclient, when it failed. Sorry :-) Best regards, Pieter From ksmelser at uindy.edu Fri Apr 14 13:44:18 2000 From: ksmelser at uindy.edu (Kelly Smelser) Date: Tue Dec 2 02:29:26 2003 Subject: Continued samedit problems Message-ID: <38F720B2.3F7EE7B6@uindy.edu> The following is what I currently get under tng 2.4.1. I checked the logs and the only thing of consequence is in log.samedit where it gives a client codepage error (unable to open codepage.000, yet in smb.conf client code page = 850). Suggestions? [root@lazarus] samedit -S . -U root added interface ip=192.146.191.75 bcast=192.146.191.255 nmask=255.255.255.0 [root@.]$ createuser ksmelser createuser ksmelser socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: UINDYTEST Name: ksmelser ACB: [U ] socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: FAILED [root@.]$ createuser smaug$ createuser smaug$ socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: UINDYTEST Name: smaug$ ACB: [W ] Resetting Trust Account to insecure, initial, well-known value: "smaug" smaug can now be joined to the domain, which should be done on a private, secure network as soon as possible socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: FAILED K. From lkcl at samba.org Fri Apr 14 13:46:20 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: hooray :) now, i have to tell you that if you had tried this in a pure NT environment, it _should_ also work, but i have a bug in the Create $MACHINE.ACC which makes it "appear" to work against NT wkstas... but ... um... :) On Fri, 14 Apr 2000, Pieter Grimmerink wrote: > Thanks for your reply. > > > you need to make *two* connections inside samedit. > > > > you need to do one of them on the command-line to the domain controller > > the second must be with use \\wksta -Uuser%pass -W wksta > > I tried this, after a while I realised that I should have a local root > account in the workstations smbpasswd file. > > When I then tried > use \\wksta -Uuser%pass -W wksta > with user=local root account, > and then again a createuser -jdomainname, it finally worked! > > Thanks a lot. > (by the way, I should have got it working by myself, since the hint you gave > was also given by rpcclient, when it failed. Sorry :-) > > Best regards, > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri Apr 14 13:47:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:26 2003 Subject: Continued samedit problems In-Reply-To: <38F720B2.3F7EE7B6@uindy.edu> Message-ID: On Fri, 14 Apr 2000, Kelly Smelser wrote: > The following is what I currently get under tng 2.4.1. I checked the > logs and the only thing of consequence is in log.samedit where it gives > a client codepage error (unable to open codepage.000, yet in smb.conf > client code page = 850). Suggestions? > > [root@lazarus] samedit -S . -U root > added interface ip=192.146.191.75 bcast=192.146.191.255 > nmask=255.255.255.0 > [root@.]$ createuser ksmelser > createuser ksmelser > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > SAM Create Domain User > Domain: UINDYTEST Name: ksmelser ACB: [U ] > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > Create Domain User: FAILED this means that you are either not running samrd or you need to do touch private/smbpasswd because it doesn't exist. > [root@.]$ createuser smaug$ > createuser smaug$ > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > SAM Create Domain User > Domain: UINDYTEST Name: smaug$ ACB: [W ] > Resetting Trust Account to insecure, initial, well-known value: "smaug" > smaug can now be joined to the domain, which should > be done on a private, secure network as soon as possible > socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused > Create Domain User: FAILED > > > K. > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From p.grimmerink at home.nl Fri Apr 14 14:17:47 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:26 2003 Subject: join samba client to samba domain In-Reply-To: Message-ID: > -----Original Message----- > From: Luke Leighton [mailto:lkcl@samba.org] > Sent: vrijdag 14 april 2000 15:46 > To: Pieter Grimmerink > Cc: Multiple recipients of list SAMBA-NTDOM > Subject: RE: join samba client to samba domain > > now, i have to tell you that if you had tried this in a pure NT > environment, it _should_ also work, but i have a bug in the Create > $MACHINE.ACC which makes it "appear" to work against NT wkstas... but ... > um... :) Yeah, I noticed. My NT server /samba client situation still fails. But the samba PDC /samba client setup is more important to me now. Best regards, Pieter From gkopp at gregkopp.com Fri Apr 14 14:53:05 2000 From: gkopp at gregkopp.com (Greg Kopp) Date: Tue Dec 2 02:29:26 2003 Subject: More NT PDC and Samba troubles - can you help? Message-ID: I have the Samba 2.0.5 RPM's installed on my RedHat 6.1 linux box. Here is my smb.conf file: [global] netbios name = 7OF9 workgroup = IDEASTAR guest account = nobody security = domain password server = ISTAR-FS1 encrypt passwords = Yes domain master = no interfaces = XXX.XXX.XXX.XXX/25 localhost bind interfaces only = yes dns proxy = no username map = /etc/smbusers [www] comment = Voyager Web Files path = /usr/local/www writable = yes My smbusers file looks like this: webuser = user1, user2, user3 The share above is owned by the unix user account webuser. BUT, in order for the users on the network to actually use this volume, I had to manually add thier NT usernames to the smbusers file. If I remove that file and it's corresponding username map entry, you can't browse the volume. It asks you for a password. Is there a way to have true NT domain authentication? What steps do I need to take so I can add persons to a "Web" group on the NT domain and automatically give that group access to the listed share? Any help would be appreciated. Thanks. Greg From dominik.kubla at uni-mainz.de Fri Apr 14 16:03:59 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:26 2003 Subject: Categorize email messages from this server??? In-Reply-To: <08E29497F5FFD311B9450050041E02BA0923EC@ISERVER07>; from JGreer@csicorp-us.com on Fri, Apr 14, 2000 at 09:32:51PM +1000 References: <08E29497F5FFD311B9450050041E02BA0923EC@ISERVER07> Message-ID: <20000414180359.B844@uni-mainz.de> On Fri, Apr 14, 2000 at 09:32:51PM +1000, Greer, Joe wrote: > Hi, > > Who do I make the recommendations for the way messages are delivered from > this list server? I would like to request that all messages from this list > server contain a string so that they cam be sorted into a different folder > than the rest of my email. They already contain a unique id in the header: the Sender field. To filter using procmail use something like this: # SAMBA NT-Domain list :0: * ^Sender:.*samba-ntdom@samba\.org Lists/samba-ntdom Yours, Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From mam1281 at osfmail.isc.rit.edu Fri Apr 14 17:17:42 2000 From: mam1281 at osfmail.isc.rit.edu (Matt Monacelli) Date: Tue Dec 2 02:29:27 2003 Subject: Roaming Profiles Message-ID: I'm having trouble getting roaming profiles to work for my Win9x clients. I dont yet have NT WS's, but I will soon. Anyways, I created the CONFIG.POL and LOGIN.BAT files in the netlogon share. I added NET USE U: /HOME and the time server line (don't remember the exact syntax) and in my smb.conf I set U: as the logon drive and \\UDB\profile\%U as the logon path and \\UDB\%U as the logon home. I tried loggin in as a user that is in the smbpasswd file but has ot yet used the machine I was on. I do not yet have a profile for the user on the server (Linux running Samba TNG as PDC). I ran poledit and set up the default policies and saved them to config.pol on the server in the netlogon share. I also updated the local settings (open registry option) and set the same settings. I'm not sure if the policies are being loaded or not from the server since I made the changes to the registry manually also (I prob shouldn't have so I would know). I am suspecting that the problem is in the code since I used to be able to open the PDC in nethood, but now I cannot (but it is still visible). I can however, access shares via the Start-Run \\udb\public or whatever the sharename is I want, but when I try opening the server itself in Nethood or Find-Computer, it says it can't be opened because it doesn't exist on the network. I believe this could be the problem since I enabled the login confirmation policy and after I am authenticated by the PDC, it says I was logged on as (blank) by (blank). This sounds like %U is not going to be resolved as a result of whatever the problem is, so it would not be able to get to the \\udb\profile\%u folder since it doesn't know what %u is. I am not sure where the Win9x status is, so it may just be something I have to wait for. I am also attaching a few logs along with the smb.conf. BTW, I know I don't need TNG for Win9x but I will soon be adding NT machines that will be in addition to the 9x machines, so I WILL need TNG :) Thanks for any help! -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Cell: (716)734-1379 ITS Technical Support Services Helpdesk: 475-HELP(4357) Rochester Institute of Technology "...Linux is free only if your time has no value!" From tobias at rischer.com Fri Apr 14 18:44:18 2000 From: tobias at rischer.com (Tobias Rischer) Date: Tue Dec 2 02:29:27 2003 Subject: Q: NTUSER.DAT / Registry behaves read-only? In-Reply-To: <200004140734.JAA00525@qbrick.local.net> (message from Tobias Rischer on Fri, 14 Apr 2000 09:34:41 +0200) Message-ID: <200004141844.UAA01230@qbrick.local.net> > To be clear: it's not that the registry is not written back, it refuses > to change at all. (e.g., desktop background does not change at all) On > the contrary, it looks like the unchanged registry *is* written back. Thanks, especially to Juergen Bock. It was the contents of my NTUser.Dat, which did by registry entry not allow to be modified by the new user. Uneducated me. Using the GUI properly for copying the profile helped. Tobias -- ............................................. (_) Tobias Rischer "===' tobias@rischer.com " " ...still.loving.gnu.......................... From trevor at steinmetznet.com Fri Apr 14 18:50:35 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:27 2003 Subject: Cannot login Message-ID: <38F7687B.C5C60515@steinmetznet.com> Hello again, We are making progress. I am starting the right Daemons, and I have samedit working. Right now there are three entries in private/smbpasswd: root, trevor, and polonius$. Eveything is working on the unix side, in samedit using ntlogin trevor can login. Polonius will join the domain (I get a little message saying welcome to DomainName) and wants to restart. I restart polonius and get the login screen. Try to login to the domain as trevor and get a message that "The system cannot log you in (c000019b) Please try again or consult your system adminstrator". Another oddity is that when I try to add domain users and groups to local groups, the User Manger lists the contents of /etc/passwd and /etc/group rather the contents of private/smbpasswd. How is User Manager getting ahold of my Unix user info? I have searched in vain for another smbpasswd file it might be reading. It is as if polonius believes /etc/passwd is smbpasswd (I use NIS-Plus, so trevor is not in /etc/passwd on this system). Maybe I have a config option wrong? -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From Rob.Ramsey at ccsrome.com Fri Apr 14 20:17:59 2000 From: Rob.Ramsey at ccsrome.com (Rob Ramsey) Date: Tue Dec 2 02:29:27 2003 Subject: Samba as PDC denying access to W95 workstations Message-ID: We have a client where we setup a Redhat 6.1 box with Samba 2.0.5a (I believe) acting as a NT PDC. It has been working fine for the past 2 weeks until today. Now whenever users attempt to log on they get a "The domain password you supplied is not correct or access to your logon server has been denied." Users can ping the samba server and telnet to it and logon to a shell account. Running a smbclient command from the server connects a user without any problem. They just cant logon via a windows networking logon anymore. I installed a newer version of samba (2.0.6) and it is still exhibiting the same problem. Anyone have any ideas? Copies of the log.smb and log.nmb follow. The broken pipe errors appear to start at the time they first noticed the problem. Thank you, Rob Ramsey Computer Consulting Services www.ccsrome.com rob.ramsey@ccsrome.com ******logs******** log.smb [2000/04/14 14:52:01, 1] smbd/server.c:main(643) smbd version 2.0.6 started. Copyright Andrew Tridgell 1992-1998 [2000/04/14 14:53:52, 0] lib/util_sock.c:write_socket_data(537) write_socket_data: write failure. Error = Broken pipe [2000/04/14 14:53:52, 0] lib/util_sock.c:write_socket(563) write_socket: Error writing 4 bytes to socket 5: ERRNO = Broken pipe [2000/04/14 14:53:52, 0] lib/util_sock.c:send_smb(751) Error writing 4 bytes to client. -1. Exiting [2000/04/14 14:54:19, 0] lib/util_sock.c:write_socket_data(537) write_socket_data: write failure. Error = Broken pipe [2000/04/14 14:54:19, 0] lib/util_sock.c:write_socket(563) write_socket: Error writing 4 bytes to socket 5: ERRNO = Broken pipe [2000/04/14 14:54:19, 0] lib/util_sock.c:send_smb(751) Error writing 4 bytes to client. -1. Exiting log.nmb [2000/04/14 14:52:01, 1] nmbd/nmbd.c:main(747) Netbios nameserver version 2.0.6 started. Copyright Andrew Tridgell 1994-1998 [2000/04/14 14:52:01, 0] nmbd/nmbd_logonnames.c:add_logon_names(159) add_domain_logon_names: Attempting to become logon server for workgroup TRACER on subnet 192.168.20.3 [2000/04/14 14:52:05, 0] nmbd/nmbd_logonnames.c:become_logon_server_success(118) become_logon_server_success: Samba is now a logon server for workgroup TRACER on subnet 192.168.20.3 From jeremy at valinux.com Fri Apr 14 20:42:34 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:27 2003 Subject: Joining domain References: Message-ID: <38F782BA.EEDB2A75@valinux.com> "Kelly S. Smelser" wrote: > > I have been having a similar problem using 2.0.7pre3 as far as > joining the domain as Mr. Muffett. I consistently get an "Unable to up > date local security in order to join domain" error under WinNT 4.0, and I > get a "Domain is not available or does not exist" error in Win2K, but all > works fine with Win98. Downgrading to 2.0.6 works fine as far as the > Win98 and WinNT 4.0 machines go. Has anyone else encountered this > problem or have found a solution? It was a bug in the NTLMSSP sign/seal code in 2.0.7pre3. I have fixed this and will be releasing a pre4 shortly to let this get tested before ship. Regards, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From schmid at atmos.albany.edu Sat Apr 15 01:20:54 2000 From: schmid at atmos.albany.edu (Peter Schmid) Date: Tue Dec 2 02:29:27 2003 Subject: sambaTNG 2.3 printing from NT4SP3 machine Message-ID: <200004150120.BAA11825@beech.atmos.albany.edu> Hello, I'm working with samba-TNG-2.3. I've got it running as PDC and fileserver on a Sparc Solaris 7 machine. I'm trying to configure a printer that is connected to the epp0 port of the samba machine. The problem occurs when I try to setup the printer on my NT 4 machine. I click Add Printer, Network Printer Server, Then browse and select the printer (a DJ870C that has a ghostscript front end on the Unix box). Once I select the printer I get the following output in log.spoolss: INTERNAL ERROR: Signal 11 in pid 11782 (TNG-alpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error Memory allocation error: failed to expand to -136 bytes =============================================================== INTERNAL ERROR: Signal 11 in pid 11787 (TNG-alpha) Please read the file BUGS.txt in the distribution =============================================================== Below is my smb.conf file: Thanks, Pete. Peter Schmid Sr. Programmer/Analyst SUNY at Albany Department of Earth and Atmospheric Sciences Phone:(518)-442-4571 E-Mail:schmid@atmos.albany.edu # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not many any basic syntactic errors. # #======================= Global Settings ===================================== [global] # workgroup = NT-Domain-Name or Workgroup-Name workgroup = DEAS # netbios name = beech domain logons = yes # logon script = %U.bat # server string is the equivalent of the NT Description field server string = DEAS NT/UNIX Server # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the "loopback" interface. For more examples of the syntax see # the smb.conf man page # hosts allow = 169.226. # If you want to automatically load your printer list rather # than setting them up individually then you'll need this # load printers = yes # you may wish to override the location of the printcap file printcap name = /etc/printers.conf print command = lp -d%p lpq command = lpstat -t lprm command = cancel %j # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used guest account = nobody # this tells Samba to use a separate log file for each machine # that connects # log file = /usr/local/samba/var/smblog.%m log file = /free/samba2.3/var/smblog.%m # Put a capping on the size of the log files (in Kb). # max log size = 50 # Security mode. Most people will want user level security. See # security_level.txt for details. security = user # Use password server option only with security = server # password server = # Password Level allows matching of _n_ characters of the password for # all combinations of upper and lower case. ; password level = 8 # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents # update encrypted = yes encrypt passwords = yes # Unix users can map to different SMB User names ; username map = /etc/smbusers # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /usr/local/samba/lib/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details socket options = TCP_NODELAY # Configure Samba to use multiple interfaces # If you have multiple network interfaces then you must list them # here. See the man page for details. # interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) remote browse sync = 169.226.4.68 169.226.50.184 # Cause this host to announce itself to local subnets here # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = yes # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable os level = 128 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election preferred master = yes # Use only if you have an NT server on your network that has been # configured at install time to be a primary domain controller. ; domain controller = # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below logon path = \\beech\profiles\%U logon script = \\beech\startup\%U.bat # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server # wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both wins server = 169.226.38.62 # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. dns proxy = yes # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no # # # Sync the password database with Unix passwd # Database unix password sync = True # # #Unix Password Program passwd program = /bin/nispasswd %u # Domain admin Group domain group map = /free/samba/private/domaingroup.map #nt forms file = /free/samba/printers/ntforms.def nt printer driver = /free/samba1.9/printers # # #============================ Share Definitions ============================== [print$] path = /free/samba1.9/printers guest ok = yes writable = yes case sensitive = no browseable = yes [printers] comment = All Printers browseable = yes printable = yes public = yes path = /free/samba2.3/spool [www2] comment = Home Directories browseable = no writable = yes path = /data2/www/htdocs2 valid users = schmid knight [pc_soft] comment = PC Software Packages for installation browseable = yes writable = no public=yes guest ok = yes path = /class-serv1/pc_apps [232disk] comment = ES232 Disk browseable = yes writable = yes path = /classroom [Geo_disk] comment = ES232 Disk browseable = yes public=yes writable = yes path = /geo_apps [Geo_write] comment = ES232 Disk browseable = no public=yes writable = yes valid users = schmid knight path = /geo_apps [pc_ware] comment = PC Software Packages for installation browseable = no writable = yes valid users = schmid knight path = /class-serv1/pc_apps [htmlfaq] comment = PC Software Packages for installation browseable = no writable = yes valid users = schmid knight path = /class-serv1/apps2/samba-2.0.3/docs [piper] comment = Home Directories browseable = no writable = yes path = /net/piper/piper1 valid users = vpi davis schmid knight [marx6] comment = Home Directories browseable = yes writable = yes path = /marx6 valid users = vpi davis schmid knight heller kristen [spare7] comment = Home Directories browseable = no writable = yes path = /spare7 valid users = schmid knight molinari [home] comment = Home Directories browseable = yes writable = yes path = /home/%U [ljet4000] comment = All Printers browseable = no path=/tmp printable = yes public = yes [ljet4si] comment = All Printers browseable = yes path=/tmp printable = yes public = yes [ljet8000n] comment = All Printers browseable = yes path=/tmp printable = yes public = yes [dj890] comment = All Printers browseable = yes path = /free/samba2.3/spool printable = yes public = yes [hplj2p] comment = All Printers browseable = no path=/tmp printable = yes public = yes [srvcd] comment = Servers CDROM browseable = no path = /cdrom/cdrom0 public = yes # Un-comment the following and create the netlogon directory for Domain Logons # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [profiles] path = /free/samba/profiles browseable = no writeable =yes guest ok = yes [startup] path = /free/samba/starup browseable = no writeable =yes guest ok = yes [netlogon] path = /free/samba/netlogon writeable = no guest ok = no # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer #[printers] # comment = All Printers # path = /usr/spool/samba # browseable = no # Set public = yes to allow user 'guest account' to print # guest ok = no # writable = no # printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; writable = yes ; printable = no ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %U option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 From jeremy at valinux.com Sat Apr 15 01:30:28 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:27 2003 Subject: Samba 2.0.7pre4 snapshot released. Message-ID: <38F7C634.FD0553F9@valinux.com> Hi all, I just released Samba 2.0.7pre4, available from : ftp://samba.org/pub/samba/alpha/samba-2.0.7pre4.tar.gz This is the fourth snapshot of the code that should become the official Samba 2.0.7 and is feature complete (ie. I'm only going to accept bug fixes, not more features). This is *not* production code, but should work well as a file and print server, and contains fixes for all known Windows 2000 bugs - two more discovered since 2.0.7pre2. Please download and test this code and report back any problems to samba@samba.org. Your help in this will make the official Samba 2.0.7 release better for everyone. The changes between pre3 and pre4 are listed below and are also in the release notes. pre3 -> pre4 changes. --------------------- 60). Fixed bug where smbd didn't return '.' or '..' on top level share directory listing. 61). Fix for soft quotas not being set (make them equal to hardquota) from Norbert P?schel (Pueschel.Norbert@Walzbarren-VAW.ne.uunet.de). 62). SWAT fixes for SCO UnixWare (SIGPIPE handling). 63). Fix for nmbd DOS with redirect recursion. 64). Fix for log files growing without bound from Mattias Gronlund. An additional fix for NTLMSSP sign and seal authentication which was broken in earlier 2.0.7 pre-releases was added. This fix allows NT password changing to work again to a Samba server. Official release is "close" - please download and test this code. This code is probably what will be shipped as the official 2.0.7 barring any disasters. To everyone who contributed patches, many thinks, and please download and test this code to ensure that the functionality you wanted has been correctly implemented in the code. The updated part of the WHATSNEW.txt file follows. Regards, Jeremy Allison, Samba Team. ---------------------------------------------------------------------- WHATS NEW IN Samba 2.0.7-pre4 ============================= This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bug-fixes. New Documentation in 2.0.7 -------------------------- O'Reilly and Associates have donated their book "Using Samba" to the Samba community to be updated in a collaberative way along with the Samba software. Starting with this release the html of "Using Samba" will be distributed with the Samba software as the online documentation for Samba. Bug fixes for the book are encouraged as is new material. Please help us make this documentation the best it can be for Samba ! SWAT (Samba Web Administration Tool) has been updated to add a link to the full text of "Using Samba" from the start screen. Note that this does not mean that the other documentation (man pages especially) are being abandoned. The Samba Team is still committed to updating and improving *all* the documentation shipped with Samba. Also, as the source code for the book is moved into a more manageable format (not raw HTML) we are committed to making it available for editing by all interested parties. The current situation of only shipping HTML with the Samba software is a first attempt at getting this documentation integrated with the Samba software and should not be regarded as the only way in which this material will be made available (it was just the quickest way to get the book integrated into 2.0.7 :-). Windows 2000 Issues ------------------- This version of Samba has been tested with Windows 2000 and the five known incompatibilities with Windows 2000 have been fixed. See the "Changes in 2.0.7" list below for details. New/Changed parameters in 2.0.7 ------------------------------- There is a new option to the autoconf "./configure" script. This is the "--with-utmp" (and attendant "--without-utmp") option. Running configure with this option will cause smbd to attempt to use utmp accounting for users who log on and log off to the Samba server. There are 5 new parameters in the smb.conf file. utmp utmp dir utmp hostname utmp consolidate wtmp directory These parameters are only available if the "--with-utmp" option was selected at configure time. The yes/no option "utmp" specifies whether utmp records should be recorded on user logon/logoff. It defaults to "no". The "utmp dir" and "wtmp dir" are string parameters specifying pathnames to the directories containing the utmp/wtmp file databases. See the smb.conf man page for more details. inherit permissions This boolean parameter causes newly created files and directories to inherit their initial permissions from their parent directory. This can be very useful in propagating such things as the set-group bit in directory heirarchies. See the smb.conf man page for more details. write cache size This integer parameter specifies (in bytes) the size of a user level per-file write cache that smbd will create for an oplocked file. This can improve performance significantly for writing files by causing writes to be done in large chunk sizes. If this parameter is set (it defaults to zero which means no write cache) to the stripe size of a raid volume then it will cause writes to be much more efficient. Up to 10 write caches can be active simultaneously per smbd (allocated for the first 10 oplocked file opens). All normal warnings about the dangers of user level caching of data apply. See the smb.conf man page for more details. source environment This pathname parameter causes Samba to read a list of environment variables from a named file on startup. This can be useful in setting up Samba in a clustered environment. See the smb.conf man page for more details. The default setting of the "level2 oplocks" parameter has changed from False to True in this release. Ability to delete users added ----------------------------- SWAT and smbpasswd can now delete users from the Samba smbpasswd file. See the man page for smbpasswd for details. Roving profile behavior finalized --------------------------------- The change in behavior with roving profiles (using the "logon home" parameter instead of the "logon path" parameter) introduced in 2.0.6 has been discovered to be consistant with the way Windows NT behaves, and has been left as the default action. Please see the additional notes in the "logon home" parameter description in the smb.conf man page for more details. Changes in 2.0.7 ----------------- 1). Fix for the semaphore promblems when compiling Samba with gcc on SGI IRIX 6.5.x. 2). Quota support for Veritas filesystem added by David Lee. 3). Incoming RPC code re-written to support multiple PDU input from the client. This should make the RPC subsystem more robust. 4). Fix from Ying Chen @ IBM to inline many frequently called functions. This decreased CPU usage by 10%. 5). Fix from Ying Chen @ IBM to use a hash table to lookup entries in the file cache. This is a significant improvement over the old linked-list lookup code. 6). smbclient issues with native language support fixed. smbclient now uses UNIX filename character sets exclusively when communicating with libsmb library. 7). smbclient fix to not print error messages when "putting" an empty file. 8). smbclient fix to cope with spaces in filenames when recursing. 9). Improved error reporting in smbclient when getting browse lists. 10). NetBIOS "scope" now supported in all Samba code/tools. 11). New mapping from code page 850 to UNIX "roman8" character set. 12). Fix for crash bug if debug file handle couldn't be opened. 13). Fix to allow mkdir to correctly set the high order permissions bits for UNIX's that don't allow this by default. 14). Fix to dynamically allocate group array for setgroups. Don't depend on NGROUPS_MAX being correctly defined in header files. 15). Fix for crash bug in floating point in snprintf. 16). "Safe" version of popen() included to allow use in code such as "source environment" patch. 17). Fix for SWAT for trailing '\n' in asctime(). 18). Wildcard match fix from weidel@multichart.de for NT wildcard processing. 19). unix_mask_match fixes for "veto files" parameter. 20). Fix for system call bug when configuring on Linux kernel 2.0.x with glibc2.1.x. 21). SO_REUSEPORT socket option added for HPUX. 22). All recv() calls changed back to read() to fix Solaris 2.5.x bug. 23). Some UNICODE conversion fixes. Not complete yet. 24). NetShareEnum fix for Windows 2000. Don't ask for 64K as Win2k can't cope with this (returns "Out of memory" error). 25). Fixes for cli_error() crashes. 26). Fix for crash when connecting to password server by DNS name not NetBIOS name. 27). Fix bug in demangling of compacted NetBIOS names. 28). Fixes for slow locking code for VMS. 29). Reply to short NetLogon packet in nmbd with short reply. 30). Correctly allign userdata to prevent crashes in nmbd. 31). Use talloc() in string buffer rotation code to prevent overwrites. 32). Added multi-byte awareness to parameter loading code. 33). Re-wrote password file modification code. We can now delete users atomically. Original patch from Bruce Tenison. 34). Fixed bug in parsing smbpasswd type entries. 35). Fixes from HP to the windows registry RPC emulation. 36). Added ability to return RPC fault PDU to unknown calls. Needed to allow Windows 2000 to return UNIX permissions as NT ACLs. 37). utmp code patch from T.D.Lee@durham.ac.uk. Not available on all platforms - test with ./configure. 38). Inherit permissions fix from David Lee. 39). Added write caching code for oplocked files. 40). Workaround for new bug in Windows 2000 where NT file create using NTtransact call sends UNICODE without bothering to set the UNICODE flag bit. 41). Workaround for new bug in Windows 2000 where it attempts to re-write existing ACLs to make them inherit only. 42). Removed unused mmap code. 43). Added correct implementation of share mode deny table. We now match Windows NT. 44). Fix recursion bug with group enumeration. 45). Fix from Bjart Kvarme to take into account changed machine passwords that haven't yet propagated from PDC to BDC. 46). Correctly skip two byte length field when accepting RPC "start of message" packets in SMBwriteX on pipes. 47). Added auto-detection of Windows 2000 clients. 48). Fix bug with rollback of POSIX locks if a lock in a range fails to apply. 49). Fix bug with registering startup smbd's in flat file. 50). Ensure usernames are converted correctly between DOS codepages and UNIX character sets. 51). Fix for timestamps being set incorrectly on copied files from Paul Eggert. 52). Fix for parsing HP specific printer definitions in make_printerdef. 53). Fix for smbclient doing an 'ls' on large directories from OS/2 servers from Christoph Pfisterer. 54). Fix for WINS server code where "do you still want name?" request was being sent to the wrong IP address. 55). Fixed "recursion desired" bits set in nmbd so we are identical to Windows NT. 56). nmbd now should process logon packets from Win95, Win98 and both versions of the NT logon packet. 57). Correctly set parameter offset value for first trans2 reply. 58). Win2K will only accept volume labels in UNICODE. 59). Ensure nmbd doesn't attempt to use the loopback interface when registering names. 60). Fixed bug where smbd didn't return '.' or '..' on top level share directory listing. 61). Fix for soft quotas not being set (make them equal to hardquota) from Norbert P?schel (Pueschel.Norbert@Walzbarren-VAW.ne.uunet.de). 62). SWAT fixes for SCO UnixWare (SIGPIPE handling). 63). Fix for nmbd DOS with redirect recursion. 64). Fix for log files growing without bound from Mattias Gronlund. ---------------------------------------------------------------------- -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From lkcl at samba.org Sat Apr 15 03:56:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:27 2003 Subject: Cannot login In-Reply-To: <38F7687B.C5C60515@steinmetznet.com> Message-ID: trevor, what version of samba? please present all background-info in communications all-at-once to save me and others time. On Sat, 15 Apr 2000, Trevor Antczak wrote: > Hello again, > > We are making progress. I am starting the right Daemons, and I have > samedit working. Right now there are three entries in > private/smbpasswd: root, trevor, and polonius$. Eveything is working > on the unix side, in samedit using ntlogin trevor can login. Polonius > will join the domain (I get a little message saying welcome to > DomainName) and wants to restart. I restart polonius and get the login > screen. Try to login to the domain as trevor and get a message that > "The system cannot log you in (c000019b) that's "NT_STATUS_DOMAIN_TRUST_INCONSISTENT". ohhhh -- can anyone remember what this means? this is a *client*-side problem, isn't it? this one last came up about... three months ago, didn't it. > Please try again or consult > your system adminstrator". Another oddity is that when I try to add > domain users and groups to local groups, you can't do that (adding) with samrd. > the User Manger lists the > contents of /etc/passwd and /etc/group rather the contents of > private/smbpasswd. lucky you :) > How is User Manager getting ahold of my Unix user > info? depends on which version you are using, which you don't state. but the basic answer is, because i coded it that way. > I have searched in vain for another smbpasswd file it might be > reading. It is as if polonius believes /etc/passwd is smbpasswd (I use > NIS-Plus, so trevor is not in /etc/passwd on this system). Maybe I have > a config option wrong? it actually enumerates private/smbpasswd then calls getpwnam() on each to make sure they have a unix account. From alex at gs.nsc.ru Sat Apr 15 08:00:29 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:27 2003 Subject: WIN2K shares Message-ID: <200004150800.PAA01662@gs.nsc.ru> Hi! When connecting to WIN2k, using smbclient (TNG 2.4.1 or samba-2.0.6) to local WIN2k account: NetShareEnum failed. #smbclient -L alex -U alex -W alex Password: Password: cli_establish_connection: MPOOL<00> connecting to ALEX<20> (0.0.0.0) - alex [ale x] with NTLMv1, nopw: No resolve_wins: Attempting wins lookup for name alex<0x20> bind succeeded on port 0 Sending a packet of len 50 to (192.168.1.1) on port 137 Received a packet of len 62 from (192.168.1.1) port 137 nmb packet from 192.168.1.1(137) header: id=19468 opcode=Query(0) response=Yes header: flags: bcast=No rec_avail=Yes rec_des=Yes trunc=No auth=Yes header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0 answers: nmb_name=ALEX<20> rr_type=32 rr_class=1 ttl=6554 answers 0 char ...... hex 0000C0A80184 Got a positive name query response from 192.168.1.1 ( 192.168.1.132 ) Connecting to 192.168.1.132 at port 139 write_socket(3,76) write_socket(3,76) wrote 76 Sent session request size=0 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 size=164 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=45602 smb_uid=0 smb_mid=1 smt_wct=0 smb_bcc=129 write_socket(3,168) write_socket(3,168) wrote 168 size=85 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=18433 smb_tid=0 smb_pid=45602 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[0]=7 (0x7) smb_vwv[1]=2563 (0xA03) smb_vwv[2]=256 (0x100) smb_vwv[3]=1024 (0x400) smb_vwv[4]=17 (0x11) smb_vwv[5]=0 (0x0) smb_vwv[6]=256 (0x100) smb_vwv[7]=0 (0x0) smb_vwv[8]=0 (0x0) smb_vwv[9]=64768 (0xFD00) smb_vwv[10]=227 (0xE3) smb_vwv[11]=57472 (0xE080) smb_vwv[12]=46070 (0xB3F6) smb_vwv[13]=44780 (0xAEEC) smb_vwv[14]=49062 (0xBFA6) smb_vwv[15]=23553 (0x5C01) smb_vwv[16]=254 (0xFE) smb_bcc=16 size=139 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=0 smb_pid=45602 smb_uid=0 smb_mid=1 smt_wct=12 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=17408 (0x4400) smb_vwv[3]=2 (0x2) smb_vwv[4]=45602 (0xB222) smb_vwv[5]=0 (0x0) smb_vwv[6]=0 (0x0) smb_vwv[7]=67 (0x43) smb_vwv[8]=0 (0x0) smb_vwv[9]=0 (0x0) smb_vwv[10]=68 (0x44) smb_vwv[11]=32768 (0x8000) smb_bcc=80 write_socket(3,143) write_socket(3,143) wrote 143 size=207 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_pid=45602 smb_uid=2048 smb_mid=1 smt_wct=0 smb_bcc=0 NetShareEnum failed From lnb at cybertouch.org Sat Apr 15 10:52:38 2000 From: lnb at cybertouch.org (Lanny Baron) Date: Tue Dec 2 02:29:27 2003 Subject: strange problem with TNG Message-ID: <38F849F5.445F2C06@cybertouch.org> Hello, I just installed TNG and when I had setup NT, I did it as a standalone (NT4-Server). Here is the strangeness. When booting up NT, I have two choices for domain. The machine name of the NT server and the DOMAIN name. If I select the DOMAIN name, it says "cannot log you in as the domain is unavailable". If I choose the local name of the NT box, it logs me in and I can see the network and use the shares on the network. What is going on that it would say the domain (name of domain) is currently unavailable? Thanks for your help, Lanny Baron From peter at cadcamlab.org Sat Apr 15 11:22:41 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:27 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty.. References: Message-ID: <14584.20651.702185.633862@wire.cadcamlab.org> [Frederik Meerwaldt] > I have security = domain. And the passwords of my users must be > verificated. If all you want is file sharing with security=domain, you don't really need to use SAMBA_TNG. Unless you want to, of course. Peter From lkcl at samba.org Mon Apr 17 03:36:37 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:27 2003 Subject: strange problem with TNG In-Reply-To: <38F849F5.445F2C06@cybertouch.org> Message-ID: hi lanny, ok, which version (cvs, and what date) etc etc of TNG? looks like nmbd GETDC responses *still* aren't right. i spend more time on nmbd GETDC responses than anything else, this is so daft :) On Sat, 15 Apr 2000, Lanny Baron wrote: > Hello, > I just installed TNG and when I had setup NT, I did it as a standalone > (NT4-Server). Here is the strangeness. When booting up NT, I have two > choices for domain. The machine name of the NT server and the DOMAIN > name. If I select the DOMAIN name, it says "cannot log you in as the > domain is unavailable". If I choose the local name of the NT box, it > logs me in and I can see the network and use the shares on the network. > > What is going on that it would say the domain (name of domain) is > currently unavailable? > > Thanks for your help, > > Lanny Baron > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pmal at space.gr Mon Apr 17 07:54:15 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:27 2003 Subject: Samsync issue References: Message-ID: <015301bfa842$2088b000$0602000a@space.gr> How exactly does samsync operate? I succesfully added my bdc to the domain using createuser scienide$ -s -j ATLAS but when I try the samsync command I either get SAM Database Sync ---------------------- and nothing more OR SAM Database Sync ---------------------- Domain: [nothing here] Account: [nothing here also] { 0x8C, 0xA6, ....... ........ }; { ..... .... }; Domain: [nothing] Domain: [nothing] Domain: [nothing] Domain: [nothing] [root@.]$ From fricke at Team.OWL-Online.DE Mon Apr 17 09:46:44 2000 From: fricke at Team.OWL-Online.DE (fricke@Team.OWL-Online.DE) Date: Tue Dec 2 02:29:27 2003 Subject: Samba & LDAP Message-ID: Are ther any documentations to work with Samba and LDAP? I can?t find the docus under "documentation" on the web. -------------------------------------------------------------------------------------------------- Mit freundlichen Gr??en Cord-H. Fricke Fon: 0 52 1 / 52 51-133 Fax: 0 52 1 / 52 51-115 ...keep on headbangin? , that rocks!!! From mg at plum.de Mon Apr 17 10:26:41 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:27 2003 Subject: Samba & LDAP References: Message-ID: <38FAE6E1.BCF2396B@plum.de> fricke@Team.OWL-Online.DE wrote: > > Are ther any documentations to work with Samba and LDAP? > I can?t find the docus under "documentation" on the web. > -------------------------------------------------------------------------------------------------- > Mit freundlichen Gr??en > > Cord-H. Fricke > Fon: 0 52 1 / 52 51-133 > Fax: 0 52 1 / 52 51-115 > > ..keep on headbangin? , that rocks!!! Hi, there is one (I don't know if its up to date) at: http://www.unav.es/cti/ldap-smb-howto.html regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From bobtag at cftnet.com Mon Apr 17 12:12:25 2000 From: bobtag at cftnet.com (Robert Tagliarini) Date: Tue Dec 2 02:29:27 2003 Subject: how do I get linux client working in an NT 4 served domain? Message-ID: <00041708253500.00661@tmrst> I need to be able to print and access file shares on an NT 4 served domain. The shares I need show up in network neighborhood on my NT workstation on a host called elutions_fp. When I try to list these shares with smbclient smbclient -L elutions_fp -U user%password -d 20 I get the following added interface ip=192.168.0.226 bcast=192.168.0.255 nmask=255.255.255.0 Client started (version 2.0.6). resolve_lmhosts: Attempting lmhosts lookup for name Elutions_fp<0x20> getlmhostsent: lmhost entry: 127.0.0.1 localhost resolve_hosts: Attempting host lookup for name Elutions_fp<0x20> resolve_wins: Attempting wins lookup for name Elutions_fp<0x20> resolve_wins: WINS server resolution selected and no WINS server present. resolve_bcast: Attempting broadcast lookup for name Elutions_fp<0x20> Get_Hostbyname: Unknown host tmrst Connection to Elutions_fp failed I've been looking at mail list archives and various samba web sites but haven't found anything that tells me how to let my linux box (we're a minority on the lan right now) have access to the nt domain. Could/Would someone please help? Thanks in advance, Bob Tagliarini Elutions 5905 Breckenridge Parkway Suite F Tampa, Florida 33610 813.371.5569 From simo.sorce at polimi.it Mon Apr 17 12:46:04 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:27 2003 Subject: how do I get linux client working in an NT 4 served domain? References: <00041708253500.00661@tmrst> Message-ID: <38FB078C.1AFA316@polimi.it> Robert Tagliarini wrote: > > I need to be able to print and access file shares on an NT 4 served domain. > The shares I need show up in network neighborhood on my NT workstation on a > host called elutions_fp. When I try to list these shares with smbclient > > I get the following > added interface ip=192.168.0.226 bcast=192.168.0.255 nmask=255.255.255.0 > Client started (version 2.0.6). > resolve_lmhosts: Attempting lmhosts lookup for name Elutions_fp<0x20> > getlmhostsent: lmhost entry: 127.0.0.1 localhost > resolve_hosts: Attempting host lookup for name Elutions_fp<0x20> > resolve_wins: Attempting wins lookup for name Elutions_fp<0x20> > resolve_wins: WINS server resolution selected and no WINS server present. > resolve_bcast: Attempting broadcast lookup for name Elutions_fp<0x20> > Get_Hostbyname: Unknown host tmrst > Connection to Elutions_fp failed > > Could/Would someone please help? > try to specify the destination internet address with smbclient option -I > Thanks in advance, > Bob Tagliarini > Elutions > 5905 Breckenridge Parkway > Suite F > Tampa, Florida 33610 > > 813.371.5569 -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From giulioo at pobox.com Mon Apr 17 13:12:01 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:27 2003 Subject: how do I get linux client working in an NT 4 served domain? In-Reply-To: <00041708253500.00661@tmrst> References: <00041708253500.00661@tmrst> Message-ID: <20000417131202.766DB2AE6F@i3.golden.dom> On Mon, 17 Apr 2000 22:28:41 +1000, hai scritto: >smbclient -L elutions_fp -U user%password -d 20 >I get the following >added interface ip=192.168.0.226 bcast=192.168.0.255 nmask=255.255.255.0 >Client started (version 2.0.6). >resolve_lmhosts: Attempting lmhosts lookup for name Elutions_fp<0x20> >... It seems you have name resolution problems. So, try with smbclient -L elutions_fp -I ip.addr.of.elutions_fp -U user%password If you have a wins server (very likely), use wins server = ip.address.of.wins.server and name resolve order = wins bcast host lmhosts then retry without -I -- giulioo@pobox.com From bobtag at cftnet.com Mon Apr 17 14:05:24 2000 From: bobtag at cftnet.com (Robert Tagliarini) Date: Tue Dec 2 02:29:27 2003 Subject: how do I get linux client working in an NT 4 served domain? In-Reply-To: <20000417131202.766DB2AE6F@i3.golden.dom> References: <00041708253500.00661@tmrst> <20000417131202.766DB2AE6F@i3.golden.dom> Message-ID: <00041710094301.00661@tmrst> WOW! what a quick response. Thanks very very much. The -I option was the key. I had tried it before but with the wrong ip address. I was using the ip of the printer as displayed by my NT workstation's printer property page when I needed to be using the ip of the server which I was able to get from ipconfig. Thanks again, Bob On Mon, 17 Apr 2000, Giulio Orsero wrote: > On Mon, 17 Apr 2000 22:28:41 +1000, hai scritto: > > >smbclient -L elutions_fp -U user%password -d 20 > >I get the following > >added interface ip=192.168.0.226 bcast=192.168.0.255 nmask=255.255.255.0 > >Client started (version 2.0.6). > >resolve_lmhosts: Attempting lmhosts lookup for name Elutions_fp<0x20> > >... > > It seems you have name resolution problems. > So, try with > smbclient -L elutions_fp -I ip.addr.of.elutions_fp -U user%password > > If you have a wins server (very likely), use > wins server = ip.address.of.wins.server > and > name resolve order = wins bcast host lmhosts > > then retry without -I > > -- > giulioo@pobox.com From icoupeau at unav.es Mon Apr 17 17:11:49 2000 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:29:27 2003 Subject: Samba & LDAP References: <38FAE6E1.BCF2396B@plum.de> Message-ID: <38FB45D5.65004D6A@unav.es> Michael Glauche wrote: > > fricke@Team.OWL-Online.DE wrote: > > > > Are ther any documentations to work with Samba and LDAP? > > I can?t find the docus under "documentation" on the web. > > ..keep on headbangin? , that rocks!!! > > Hi, > there is one (I don't know if its up to date) at: > > http://www.unav.es/cti/ldap-smb-howto.html > > regards, > Michael > -- The ldap-TNG stuff is outdated for the NT5 stuff (--with-nt5ldap). I going to test some options this week... and fix the documentation for NT4 (old schema). The --with-ldap option may runs. Please, read the source/README.. several things are changed. -- ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: 948 425619 University of Navarra voice: 948 425600 Pamplona, SPAIN http://www.unav.es/cti/ From hsingh at pilot.net Mon Apr 17 17:48:37 2000 From: hsingh at pilot.net (Harpreet Singh) Date: Tue Dec 2 02:29:27 2003 Subject: Setting Permissions Message-ID: Hello All, I have a question about setting group permissions on the Samba Server running on top of Solaris 2.6. The question is: how do I assign permission so that one group called STAFF has full permission on a folder called DOCS and another group called SALES has Read Only access. The Samba Server is part of the NT Domain. The way I set it up is that I made two groups called Staff and Sales on the Solaris Machine running Samba and added people to the group they belong. Then using SWAT I gave read list = @sales and write list = @staff. This works just fine when someone tries to access this docs share from the NT side but lets anyone right through when they mount this share from a Unix/Solaris side. What do you suggest I do? Any input will be appreciated. Thanks, Harpreet -------------- next part -------------- HTML attachment scrubbed and removed From kirk at braemarinc.com Mon Apr 17 18:00:31 2000 From: kirk at braemarinc.com (Kirk A Wolff) Date: Tue Dec 2 02:29:28 2003 Subject: Works! Message-ID: <00bb01bfa896$d5c3c140$8001a8c0@Braemarinc.com> It seems that I have found a bug in Samba-TNG. After updating my source tree from CVS on Sunday evening, Following the FAQ, reading the README in the source directory, and reading the ENCRYPTION.txt file, the most perculear things happens: I am able to log into my Samba PDC with a properly added Samba user. I do not know what kind of work that needs to be done to correct this problem, but I hope you all get to work on it right away! I cannot permit my server to operate properly any longer. Thank You Kirk Wolff -------------- next part -------------- HTML attachment scrubbed and removed From jnorth at bizblast.com Mon Apr 17 18:54:37 2000 From: jnorth at bizblast.com (Jason C. North) Date: Tue Dec 2 02:29:28 2003 Subject: Workstation Trust Account in Samba Message-ID: Hello, I pulled the source off of CVS last thursday (pre 3.0?), and have successfully configured my server as a PDC in an NT domain, temporarily called BBSAMBA. Windows 98 clients can access the domain at a normal login, but my NT workstation cannot. I have added it successfully to the domain, rebooted, and I am unable to logon to the domain. The error I receive at logon is 'Cannot log you in because the domain BBSAMBA is not available'. As I recall (I was an MCSE in a past life), and as M$ has verified, this indicates a problem with the machine account. As far as I can tell, the machine account is ok, but perhaps I have overlooked a detail somewhere? The line for the workstation (sherlock) from my smbpasswd file is as follows: sherlock$:1000:AC94C7C703C85CF4C482C03F54CDB5D9:68EA820C11610A8CB70D1425900B 362B:[W ]:LCT-38FB0BF7: and in /etc/passwd : sherlock$:*:1000:900:SHERLOCK. JCN's WINNT :/dev/null:/dev/null After a couple of attempts, I have manually set the passwd to 'sherlock' (according to the O'Reilly book that is what the passwd is set to initially. Any ideas? JCN Jason C. North BizBlast.com Network and Security Engineer _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Things that appear unlikely, impossible, or paradoxical from one point of view often make perfectly good sense from another... --Hugh Nibley From Hans-Peter.Raschke at gmx.de Mon Apr 17 18:17:34 2000 From: Hans-Peter.Raschke at gmx.de (Hans-Peter Raschke) Date: Tue Dec 2 02:29:28 2003 Subject: creating trust account using rpcclient Message-ID: <00041720362901.00506@qmpc2> Hello, i'm just trying to setup a tng-BDC with a NT4-PDC (SP4). With rpcclient I joined the domain (DS): rpcclient -S PDC_DS -U root%xxx [root@PDC_DS]$ use \\qmpc2 -U root%xxx -W qmpc2 [qmpc2\root@PDC_DS]$ createuser qmpc2$ -s -j DS SAM Create Domain User error connecting to 192.168.8.58:445 (Verbindungsaufbau abgelehnt) Domain: DS Name: qmpc2$ ACB: [S ] Create Domain User: OK Join QMPC2 to Domain DS LSA_OPENSECRET: Set $MACHINE.ACC: OK Now I try to use the samsync command: [qmpc2\root@PDC_DS]$ samsync samsync LSA_QUERYSECRET: cmd_sam_sync: no trust account password The Account on the PDC was created, showing a BDC in the Servermgr. On the BDC there is no entry in the smbpasswd file. A enumuser command on the BDC doesn't show an entry for qmpc2. What do I'm wrong? ----------------------------------------------------------- Hans-Peter Raschke E-Mail: Hans-Peter.Raschke@gmx.de Wintermann DatenService Tel.: ++49 441 9304064 Langenweg 16 Fax: ++49 441 9304069 D-26125 Oldenburg From hsingh at pilot.net Mon Apr 17 19:54:50 2000 From: hsingh at pilot.net (Harpreet Singh) Date: Tue Dec 2 02:29:28 2003 Subject: appendage: Problem with joining domain: not proper credential s? Message-ID: I had this problem and what I did was: I went on the PDC(NT Box)'s WINS MANGER, removed the account that I had created earlier for the Samba Server and then readded it back. Then when I tried to add the Samba Server to the Domain it worked. Thanks, Harpreet -----Original Message----- From: Kirk Wolff [mailto:kirk@n0tia.ampr.org] Sent: Thursday, April 13, 2000 10:21 PM To: Multiple recipients of list SAMBA-NTDOM Subject: appendage: Problem with joining domain: not proper credentials? Forgot to say what I 'also tried' (scroll down) ----- Original Message ----- From: Kirk Wolff To: Multiple recipients of list SAMBA-NTDOM Sent: Thursday, April 13, 2000 11:50 PM Subject: Problem with joining domain: not proper credentials? I have yesterday's build rom the cvs. I have followed the FAQ, and I get the following error when I try to add my workstation to the samba-tng pdc controlled domain (in an AfxMessageBox) The following error occurred attempting to join the domain "N0TIA": The credentials supplied conflict with an existing set of credentials. Is this because I have the admin on the workstation with the same password as the domain admin? Which user/passwd should I enter when I get the window? "Domain Username And Password" Enter the name and password of an account with permission to join the domain. Name: Password: Like I said: I followed the FAQ explecitly, I also tried the following from within rpcclient (of which worked fine once I added the '.' after the '-S' on the rpcclient command line... (took me an extra look at the w-page) samuserset root -p password Have any ideas? or am I too vague? Thanks in advance: Kirk -------------- next part -------------- HTML attachment scrubbed and removed From sneakums at eircom.net Mon Apr 17 23:53:29 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that Message-ID: Hello everyone. I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I have been able to add a workstation to the domain by creating the machine account using samedit::createuser and then doing the usual from Network properties on the NT box. The NT machine is NT4 WS SP5 running in a VMWare session. Domain: ONDIOLINE PDC: STO-KERRIG Workstation: PSEUDOPOLIS Domain login succeeds the first time I try it after the NT box boots. The profile is created on the server's profile share, and I have access to the PDC's shares. I can access other user's home shares by providing the relevant username and password. However, if I log out and then try to log in again as the same or a different user, I get message about the roaming profile not being available. I OK this message and then I get the "domain not available" error. If my cached credentials were used, I can still access my own home share, but trying to access another user's home share gives a "network name not found" error. When I look in the Event Log, there are four messages from Rdr complaining about short SMBs and then a message from NETLOGON saying that the domain is not available. If I log out of the workstation and shut down and restart Samba, I can log in once again, but once only. After that I get the same errors about not being able to contact the domain. Below are my smb.conf and the relevant events saved from Event Viewer as CSV. I just realised that the data from the events was not saved in the CSV. Damn. Also note that the NT box's time is about 5 minutes behind the Linux box's time. I deleted all my samba logs before I tried this fresh. The logs resulting from the actions detailed above have been uploaded to http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about 870KB; log level is 100. I am not on the list; I will try to keep up via the Web archive, but if you need any further info, please feel free to mail me. Hope this is of use, Paul. ---BEGIN "smb.conf"--- [global] debug level = 100 guest account = ftp netbios name = STO-KERRIG server string = Samba (Primary DC) workgroup = ONDIOLINE interfaces = 172.16.252.1/16 127.0.0.1/8 domain group map = /usr/local/samba-TNG/private/domaingroup.map domain alias map = /usr/local/samba-TNG/private/domainalias.map security = user domain logons = yes encrypt passwords = yes os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = H: logon home = \\STO-KERRIG\%U logon path = \\STO-KERRIG\profile$\%U print command = /usr/bin/lpr -r -P%p %s lpq command = /usr/bin/lpq -P%p lprm command = /usr/bin/lprm -P%p %j printcap name = /etc/printcap load printers = yes [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba-TNG/netlogon writable = no guest ok = no comment = PDC netlogon share [profile$] path = /usr/local/samba-TNG/profile writeable = yes [printers] printing = bsd comment = All Printers path = /tmp browseable = no guest ok = yes writable = no printable = yes [print$] path = /usr/local/samba-TNG/print writable = yes guest ok = yes ---END "smb.conf"--- ---BEGIN "events"--- 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No Windows NT Domain Controller is available for domain ONDIOLINE. (This event is expected and can be ignored when booting with the 'No Net' Hardware Profile.) The following error occurred: The remote procedure call failed and did not execute. 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. 4/17/00,10:48:07 PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The Event log service was started. 4/17/00,10:48:07 PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R) Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free. ---END "events"--- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From fridacw at auburn.edu Tue Apr 18 01:39:44 2000 From: fridacw at auburn.edu (Christopher W. Friday) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that Message-ID: <01BFA8AD.10AAC9A0.fridacw@auburn.edu> I noticed the same problem, but it started with 2.4. I had made some other changes and ended up fighting with this problem most of the afternoon today thinking it was something I did. I ended up reseting the workstation accounts and adding them to the domain again to get things going again. However, after experimenting some, I came to the conclusion that the problem was somehow related to how quickly you tried to log back in from a particular workstation. If you did it too quickly, it would result in the problems Paul describes, but if you waited or moved to another machine, everything was fine. After some more investigation, I noticed that, upon logging out, smbstatus showed that the connection to the users home share was closed, but the profile and netlogon shares were still in use and that they showed the same PID. However, if you then check the running processes ('ps x'), that PID is not listed. Then, I noticed that when you log out, an extra netlogond process spawns, then after a minute or so, that process disappears, and an instance of smbd (which bears the PID the smbstatus returns) had appeared. It seems that once this process appears, you can login to the machine again without a problem. I don't know if any of this is useful to anyone, but it should be taken with a grain of salt (I was more concerned about getting the network going than experimenting). Chris On Monday, April 17, 2000 6:51 PM, Paul J Collins [SMTP:sneakums@eircom.net] wrote: > > Hello everyone. > > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I > have been able to add a workstation to the domain by creating the > machine account using samedit::createuser and then doing the usual > from Network properties on the NT box. The NT machine is NT4 WS SP5 > running in a VMWare session. > > Domain: ONDIOLINE > PDC: STO-KERRIG > Workstation: PSEUDOPOLIS > > Domain login succeeds the first time I try it after the NT box boots. > The profile is created on the server's profile share, and I have > access to the PDC's shares. I can access other user's home shares by > providing the relevant username and password. However, if I log out > and then try to log in again as the same or a different user, I get > message about the roaming profile not being available. I OK this > message and then I get the "domain not available" error. If my > cached > credentials were used, I can still access my own home share, but > trying to access another user's home share gives a "network name not > found" error. When I look in the Event Log, there are four messages > from Rdr complaining about short SMBs and then a message from > NETLOGON > saying that the domain is not available. > > If I log out of the workstation and shut down and restart Samba, I > can > log in once again, but once only. After that I get the same errors > about not being able to contact the domain. > > Below are my smb.conf and the relevant events saved from Event Viewer > as CSV. I just realised that the data from the events was not saved > in the CSV. Damn. Also note that the NT box's time is about 5 > minutes behind the Linux box's time. > > I deleted all my samba logs before I tried this fresh. The logs > resulting from the actions detailed above have been uploaded to > http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about > 870KB; log level is 100. > > I am not on the list; I will try to keep up via the Web archive, but > if you need any further info, please feel free to mail me. > > Hope this is of use, > > Paul. > > ---BEGIN "smb.conf"--- > > [global] > debug level = 100 > guest account = ftp > > netbios name = STO-KERRIG > server string = Samba (Primary DC) > workgroup = ONDIOLINE > interfaces = 172.16.252.1/16 127.0.0.1/8 > > domain group map = /usr/local/samba-TNG/private/domaingroup.map > domain alias map = /usr/local/samba-TNG/private/domainalias.map > > security = user > domain logons = yes > encrypt passwords = yes > > os level = 65 > domain master = yes > preferred master = yes > local master = yes > > wins support = yes > time server = yes > > logon script = login.bat > logon drive = H: > logon home = \\STO-KERRIG\%U > logon path = \\STO-KERRIG\profile$\%U > > print command = /usr/bin/lpr -r -P%p %s > lpq command = /usr/bin/lpq -P%p > lprm command = /usr/bin/lprm -P%p %j > printcap name = /etc/printcap > load printers = yes > > [homes] > browseable = no > writable = yes > comment = Users' home directories > > [netlogon] > path = /usr/local/samba-TNG/netlogon > writable = no > guest ok = no > comment = PDC netlogon share > > [profile$] > path = /usr/local/samba-TNG/profile > writeable = yes > > [printers] > printing = bsd > comment = All Printers > path = /tmp > browseable = no > guest ok = yes > writable = no > printable = yes > > [print$] > path = /usr/local/samba-TNG/print > writable = yes > guest ok = yes > > ---END "smb.conf"--- > > ---BEGIN "events"--- > > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No > Windows NT Domain Controller is available for domain ONDIOLINE. (This > event is expected and can be ignored when booting with the 'No Net' > Hardware Profile.) The following error occurred: > The remote procedure call failed and did not execute. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > redirector received an SMB that was too short. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > redirector received an SMB that was too short. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > redirector received an SMB that was too short. > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > redirector received an SMB that was too short. > 4/17/00,10:48:07 PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The > Event log service was started. > 4/17/00,10:48:07 > PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R) > Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free. > > ---END "events"--- > > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From lkcl at samba.org Tue Apr 18 01:36:49 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: Works! In-Reply-To: <00bb01bfa896$d5c3c140$8001a8c0@Braemarinc.com> Message-ID: > to work on it right away! I cannot permit my server to operate > properly any longer. *laugh* :) From lkcl at samba.org Tue Apr 18 01:43:59 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: <01BFA8AD.10AAC9A0.fridacw@auburn.edu> Message-ID: hm. try this: "client schannel = no" "server schannel = no" On Tue, 18 Apr 2000, Christopher W. Friday wrote: > I noticed the same problem, but it started with 2.4. I had made some > other changes and ended up fighting with this problem most of the > afternoon today thinking it was something I did. I ended up reseting > the workstation accounts and adding them to the domain again to get > things going again. However, after experimenting some, I came to the > conclusion that the problem was somehow related to how quickly you > tried to log back in from a particular workstation. If you did it too > quickly, it would result in the problems Paul describes, but if you > waited or moved to another machine, everything was fine. > > After some more investigation, I noticed that, upon logging out, > smbstatus showed that the connection to the users home share was > closed, but the profile and netlogon shares were still in use and that > they showed the same PID. However, if you then check the running > processes ('ps x'), that PID is not listed. Then, I noticed that when > you log out, an extra netlogond process spawns, then after a minute or > so, that process disappears, and an instance of smbd (which bears the > PID the smbstatus returns) had appeared. It seems that once this > process appears, you can login to the machine again without a problem. > > I don't know if any of this is useful to anyone, but it should be taken > with a grain of salt (I was more concerned about getting the network > going than experimenting). > > Chris > > On Monday, April 17, 2000 6:51 PM, Paul J Collins > [SMTP:sneakums@eircom.net] wrote: > > > > Hello everyone. > > > > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I > > have been able to add a workstation to the domain by creating the > > machine account using samedit::createuser and then doing the usual > > from Network properties on the NT box. The NT machine is NT4 WS SP5 > > running in a VMWare session. > > > > Domain: ONDIOLINE > > PDC: STO-KERRIG > > Workstation: PSEUDOPOLIS > > > > Domain login succeeds the first time I try it after the NT box boots. > > The profile is created on the server's profile share, and I have > > access to the PDC's shares. I can access other user's home shares by > > providing the relevant username and password. However, if I log out > > and then try to log in again as the same or a different user, I get > > message about the roaming profile not being available. I OK this > > message and then I get the "domain not available" error. If my > > cached > > credentials were used, I can still access my own home share, but > > trying to access another user's home share gives a "network name not > > found" error. When I look in the Event Log, there are four messages > > from Rdr complaining about short SMBs and then a message from > > NETLOGON > > saying that the domain is not available. > > > > If I log out of the workstation and shut down and restart Samba, I > > can > > log in once again, but once only. After that I get the same errors > > about not being able to contact the domain. > > > > Below are my smb.conf and the relevant events saved from Event Viewer > > as CSV. I just realised that the data from the events was not saved > > in the CSV. Damn. Also note that the NT box's time is about 5 > > minutes behind the Linux box's time. > > > > I deleted all my samba logs before I tried this fresh. The logs > > resulting from the actions detailed above have been uploaded to > > http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about > > 870KB; log level is 100. > > > > I am not on the list; I will try to keep up via the Web archive, but > > if you need any further info, please feel free to mail me. > > > > Hope this is of use, > > > > Paul. > > > > ---BEGIN "smb.conf"--- > > > > [global] > > debug level = 100 > > guest account = ftp > > > > netbios name = STO-KERRIG > > server string = Samba (Primary DC) > > workgroup = ONDIOLINE > > interfaces = 172.16.252.1/16 127.0.0.1/8 > > > > domain group map = /usr/local/samba-TNG/private/domaingroup.map > > domain alias map = /usr/local/samba-TNG/private/domainalias.map > > > > security = user > > domain logons = yes > > encrypt passwords = yes > > > > os level = 65 > > domain master = yes > > preferred master = yes > > local master = yes > > > > wins support = yes > > time server = yes > > > > logon script = login.bat > > logon drive = H: > > logon home = \\STO-KERRIG\%U > > logon path = \\STO-KERRIG\profile$\%U > > > > print command = /usr/bin/lpr -r -P%p %s > > lpq command = /usr/bin/lpq -P%p > > lprm command = /usr/bin/lprm -P%p %j > > printcap name = /etc/printcap > > load printers = yes > > > > [homes] > > browseable = no > > writable = yes > > comment = Users' home directories > > > > [netlogon] > > path = /usr/local/samba-TNG/netlogon > > writable = no > > guest ok = no > > comment = PDC netlogon share > > > > [profile$] > > path = /usr/local/samba-TNG/profile > > writeable = yes > > > > [printers] > > printing = bsd > > comment = All Printers > > path = /tmp > > browseable = no > > guest ok = yes > > writable = no > > printable = yes > > > > [print$] > > path = /usr/local/samba-TNG/print > > writable = yes > > guest ok = yes > > > > ---END "smb.conf"--- > > > > ---BEGIN "events"--- > > > > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No > > Windows NT Domain Controller is available for domain ONDIOLINE. (This > > event is expected and can be ignored when booting with the 'No Net' > > Hardware Profile.) The following error occurred: > > The remote procedure call failed and did not execute. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,10:48:07 > PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The > > Event log service was started. > > 4/17/00,10:48:07 > > PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R) > > Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free. > > > > ---END "events"--- > > > > > > -- > > Paul Collins - - - - - [ A&P,a&f ] > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue Apr 18 01:44:58 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: <01BFA8AD.10AAC9A0.fridacw@auburn.edu> Message-ID: ok, what happens if you log in, immediately log out, and immediately log in again? On Tue, 18 Apr 2000, Christopher W. Friday wrote: > I noticed the same problem, but it started with 2.4. I had made some > other changes and ended up fighting with this problem most of the > afternoon today thinking it was something I did. I ended up reseting > the workstation accounts and adding them to the domain again to get > things going again. However, after experimenting some, I came to the > conclusion that the problem was somehow related to how quickly you > tried to log back in from a particular workstation. If you did it too > quickly, it would result in the problems Paul describes, but if you > waited or moved to another machine, everything was fine. > > After some more investigation, I noticed that, upon logging out, > smbstatus showed that the connection to the users home share was > closed, but the profile and netlogon shares were still in use and that > they showed the same PID. However, if you then check the running > processes ('ps x'), that PID is not listed. Then, I noticed that when > you log out, an extra netlogond process spawns, then after a minute or > so, that process disappears, and an instance of smbd (which bears the > PID the smbstatus returns) had appeared. It seems that once this > process appears, you can login to the machine again without a problem. > > I don't know if any of this is useful to anyone, but it should be taken > with a grain of salt (I was more concerned about getting the network > going than experimenting). > > Chris > > On Monday, April 17, 2000 6:51 PM, Paul J Collins > [SMTP:sneakums@eircom.net] wrote: > > > > Hello everyone. > > > > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I > > have been able to add a workstation to the domain by creating the > > machine account using samedit::createuser and then doing the usual > > from Network properties on the NT box. The NT machine is NT4 WS SP5 > > running in a VMWare session. > > > > Domain: ONDIOLINE > > PDC: STO-KERRIG > > Workstation: PSEUDOPOLIS > > > > Domain login succeeds the first time I try it after the NT box boots. > > The profile is created on the server's profile share, and I have > > access to the PDC's shares. I can access other user's home shares by > > providing the relevant username and password. However, if I log out > > and then try to log in again as the same or a different user, I get > > message about the roaming profile not being available. I OK this > > message and then I get the "domain not available" error. If my > > cached > > credentials were used, I can still access my own home share, but > > trying to access another user's home share gives a "network name not > > found" error. When I look in the Event Log, there are four messages > > from Rdr complaining about short SMBs and then a message from > > NETLOGON > > saying that the domain is not available. > > > > If I log out of the workstation and shut down and restart Samba, I > > can > > log in once again, but once only. After that I get the same errors > > about not being able to contact the domain. > > > > Below are my smb.conf and the relevant events saved from Event Viewer > > as CSV. I just realised that the data from the events was not saved > > in the CSV. Damn. Also note that the NT box's time is about 5 > > minutes behind the Linux box's time. > > > > I deleted all my samba logs before I tried this fresh. The logs > > resulting from the actions detailed above have been uploaded to > > http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about > > 870KB; log level is 100. > > > > I am not on the list; I will try to keep up via the Web archive, but > > if you need any further info, please feel free to mail me. > > > > Hope this is of use, > > > > Paul. > > > > ---BEGIN "smb.conf"--- > > > > [global] > > debug level = 100 > > guest account = ftp > > > > netbios name = STO-KERRIG > > server string = Samba (Primary DC) > > workgroup = ONDIOLINE > > interfaces = 172.16.252.1/16 127.0.0.1/8 > > > > domain group map = /usr/local/samba-TNG/private/domaingroup.map > > domain alias map = /usr/local/samba-TNG/private/domainalias.map > > > > security = user > > domain logons = yes > > encrypt passwords = yes > > > > os level = 65 > > domain master = yes > > preferred master = yes > > local master = yes > > > > wins support = yes > > time server = yes > > > > logon script = login.bat > > logon drive = H: > > logon home = \\STO-KERRIG\%U > > logon path = \\STO-KERRIG\profile$\%U > > > > print command = /usr/bin/lpr -r -P%p %s > > lpq command = /usr/bin/lpq -P%p > > lprm command = /usr/bin/lprm -P%p %j > > printcap name = /etc/printcap > > load printers = yes > > > > [homes] > > browseable = no > > writable = yes > > comment = Users' home directories > > > > [netlogon] > > path = /usr/local/samba-TNG/netlogon > > writable = no > > guest ok = no > > comment = PDC netlogon share > > > > [profile$] > > path = /usr/local/samba-TNG/profile > > writeable = yes > > > > [printers] > > printing = bsd > > comment = All Printers > > path = /tmp > > browseable = no > > guest ok = yes > > writable = no > > printable = yes > > > > [print$] > > path = /usr/local/samba-TNG/print > > writable = yes > > guest ok = yes > > > > ---END "smb.conf"--- > > > > ---BEGIN "events"--- > > > > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No > > Windows NT Domain Controller is available for domain ONDIOLINE. (This > > event is expected and can be ignored when booting with the 'No Net' > > Hardware Profile.) The following error occurred: > > The remote procedure call failed and did not execute. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The > > redirector received an SMB that was too short. > > 4/17/00,10:48:07 > PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The > > Event log service was started. > > 4/17/00,10:48:07 > > PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R) > > Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free. > > > > ---END "events"--- > > > > > > -- > > Paul Collins - - - - - [ A&P,a&f ] > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From JohnnyXia at acersoftech.com.cn Tue Apr 18 02:23:38 2000 From: JohnnyXia at acersoftech.com.cn (JohnnyXia@acersoftech.com.cn) Date: Tue Dec 2 02:29:28 2003 Subject: How the specify the domain name of the username when using smbclient? Message-ID: <482568C5.000CBFBC.00@cnshans1.acersoftech.com.cn> Hi all, In my company there are several NT Domains, but our user accounts are all belong to one MainDomain. However, our department have our own domain and I am the administrator of our department. When I use the smbclient in Linux to connect our department PDC, I found that it will always authenticate the username I input in my department PDC. This is NOT what I want. The username I provide to smbclient is belong to the MainDomain. I tried several forms to specify the domain name in username but failed. eg. smbclient "\\\\MyDomSvr\MyShare" -U MainDomain\MyName Domain\User is the form we used in NT, but it seems Samba doesn't support it. BTW, my linux box doesn't participate in any domain, I hope it can work like Win95, and can only access other computer's share. Any help will be appreciated. Thanks in advance. Johnny Xia. From jasonjensen at home.com Tue Apr 18 02:42:20 2000 From: jasonjensen at home.com (Jason Jensen) Date: Tue Dec 2 02:29:28 2003 Subject: Works! References: <00bb01bfa896$d5c3c140$8001a8c0@Braemarinc.com> Message-ID: <002601bfa8df$b7c46ca0$0201a8c0@jason> Let me log into your server.. i can fix is ASAP! ----- Original Message ----- From: Kirk A Wolff To: Multiple recipients of list SAMBA-NTDOM Sent: Monday, April 17, 2000 1:09 PM Subject: Works! It seems that I have found a bug in Samba-TNG. After updating my source tree from CVS on Sunday evening, Following the FAQ, reading the README in the source directory, and reading the ENCRYPTION.txt file, the most perculear things happens: I am able to log into my Samba PDC with a properly added Samba user. I do not know what kind of work that needs to be done to correct this problem, but I hope you all get to work on it right away! I cannot permit my server to operate properly any longer. Thank You Kirk Wolff -------------- next part -------------- HTML attachment scrubbed and removed From kirk at n0tia.ampr.org Tue Apr 18 02:40:04 2000 From: kirk at n0tia.ampr.org (Kirk A Wolff) Date: Tue Dec 2 02:29:28 2003 Subject: Works! References: <200004172309.SAA26334@pug.aae.wisc.edu> Message-ID: <004601bfa8df$672bf290$69115e2c@n0tia.ampr.org> Thanks for all of the hard work! I will reap all of the benefits with much joy!) j/k Like I said earlier, I am using this for my home network with connectivity via Amateur Radio (http://n0tia-uhf.ampr.org). Now I can serve file space and internet access to the windows workstations roommates and neighbors! I have one suggestion though: In your FAQ at http://www.kneschke.de/projekte/samba_tng/faq/configuration.php3, tell people to give the server a trust account also! That way they won't miss that little statement in the samba/source/README! I think that was why I couldn't get it to work all along (for the past week). I have a real bug to report though: When ever I run any of the Samba utilities that access the smb.conf (most all of them (but not the daemon programs)) I get the following type of listing: ------------------------- [kirk@ip-fwd kirk]$ smbpasswd params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: params.c:Parameter() - Ignoring badly formed line in configuration file: Old SMB password: ------------------------- My smb.conf is attached in case there is something wrong with it (I don't think there could be much since I only modified 3 or 4 lines from the file I downloaded from the FAQ page) I guess I could look at params.c and find where that error is coming from, but I know you would enjoy fixing it much more than I (hehe). TTYL (TTFN is for ferries!) Kirk Wolff ----- Original Message ----- From: "Anders C. Thorsen" To: Sent: Monday, April 17, 2000 6:09 PM Subject: Re: Works! > I'm pretty sure I can come up with some sort of a patch to fix your > problem. > > Luke: Do you want me to send one? > > --Anders > > [Charset iso-8859-1 unsupported, filtering to ASCII...] > > It seems that I have found a bug in Samba-TNG. After updating my source tree from CVS on Sunday evening, Following the FAQ, reading the README in the source directory, and reading the ENCRYPTION.txt file, the most perculear things happens: I am able to log into my Samba PDC with a properly added Samba user. I do not know what kind of work that needs to be done to correct this problem, but I hope you all get to work on it right away! I cannot permit my server to operate properly any longer. > > > > Thank You > > Kirk Wolff > From lkcl at samba.org Tue Apr 18 03:37:33 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: Works! In-Reply-To: <004601bfa8df$672bf290$69115e2c@n0tia.ampr.org> Message-ID: On Mon, 17 Apr 2000, Kirk A Wolff wrote: > Thanks for all of the hard work! I will reap all of the benefits with much > joy!) j/k > > Like I said earlier, I am using this for my home network with connectivity > via Amateur Radio (http://n0tia-uhf.ampr.org). Now I can serve file space > and internet access to the windows workstations roommates and neighbors! > > I have one suggestion though: In your FAQ at > http://www.kneschke.de/projekte/samba_tng/faq/configuration.php3, tell > people to give the server a trust account also! That way they won't miss > that little statement in the samba/source/README! I think that was why I > couldn't get it to work all along (for the past week). shouldn't be necessary. From jloo at acm.org Tue Apr 18 04:15:03 2000 From: jloo at acm.org (Joseph Loo) Date: Tue Dec 2 02:29:28 2003 Subject: Setting Permissions References: Message-ID: <38FBE146.D1DA4FD5@acm.org> Since you have solaris 6 you can use the acl commnad to allow it. Try the following commands from the owner of the directory setfacl -m g:staff:rwx directory setfacl -m g:sales:r-x directory setfacl -m m:rwxrwx directory I could be wrong on the third command. You need to set the mask for the group to permit write permission. I do not have a book in front that contains the information in front of me. Harpreet Singh wrote: > > > Hello All, > > I have a question about setting group permissions on the Samba Server > running > on top of Solaris 2.6. > > The question is: how do I assign permission so that one group called > STAFF has full permission on a folder called DOCS and another group > called SALES has Read Only access. > > The Samba Server is part of the NT Domain. The way I set it up is > that I made two groups called Staff and Sales on the Solaris Machine > running > Samba and added people to the group they belong. > Then using SWAT I gave read list = @sales and write list = @staff. > > This works just fine when someone tries to access this docs share from > the NT side > but lets anyone right through when they mount this share from a > Unix/Solaris side. > > What do you suggest I do? > > Any input will be appreciated. > > Thanks, > Harpreet -- Joseph Loo jloo@acm.org From lkcl at samba.org Tue Apr 18 08:27:53 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: merge going on Message-ID: cvs broken right now. so, i hear, are the lists. oh well. can't have anything... From p.grimmerink at home.nl Tue Apr 18 08:29:06 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:28 2003 Subject: how to get pam_ntdom to work Message-ID: Do I need to install some extra packages, before I can use pam_ntdom? I'm using samba-tng 2.4; I've tried to run make bin/pam_ntdom_auth.so, but this fails because a lot of variables are not declared. (in the file pam_ntdom_auth.c) I think this is because it misses the file security/pam_appl.h and other headers in security. Where do those files come from, normally? are they included in a package? Best regards, Pieter From rpaz at sc.uevora.pt Tue Apr 18 10:01:09 2000 From: rpaz at sc.uevora.pt (Rui Paz) Date: Tue Dec 2 02:29:28 2003 Subject: Help with PDM and Server password Message-ID: <00a401bfa91d$07258b70$12d888c1@kremlin> Hi, I have two Linux machines both running samba one (SERVER) is a firewall and gateway for windows clients on a 10.x.x.x network, the other (ALUNOS) have the accounts for all my users, the two servers are on group LAB. I have SERVER configured as PDM and ALUNOS as server password for SERVER, but I'm having problems on putting the two machines talking each other, they complain about "unable to open the machine account password file for machine SERVER in domain LAB" It seems that I don't have *.MAC files, how do I create them??? Another question, having SERVER receiving the authentication for the domain and passing it to ALUNOS, can a user change is password on machine ALUNOS, from a windows client? Tanks, ___ Rui Paz From lkcl at samba.org Tue Apr 18 10:28:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:28 2003 Subject: how to get pam_ntdom to work In-Reply-To: Message-ID: hi pieter, yes, you'll need those headers on your [assumed] linux system. they should have been installed, or you can get them from kernel.org. On Tue, 18 Apr 2000, Pieter Grimmerink wrote: > Do I need to install some extra packages, before I can use pam_ntdom? > > I'm using samba-tng 2.4; > I've tried to run make bin/pam_ntdom_auth.so, but this fails because a lot > of variables are not declared. (in the file pam_ntdom_auth.c) > I think this is because it misses the file security/pam_appl.h and other > headers in security. > Where do those files come from, normally? are they included in a package? > > Best regards, > > Pieter > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From p.grimmerink at home.nl Tue Apr 18 12:02:29 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:28 2003 Subject: how to get pam_ntdom to work In-Reply-To: Message-ID: > yes, you'll need those headers on your [assumed] linux system. they > should have been installed, or you can get them from kernel.org. You mean they should be included in the kernel sources/headers? Not in my 2.2.14 kernel! Best regards, Pieter From p.grimmerink at home.nl Tue Apr 18 12:23:13 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:28 2003 Subject: how to get pam_ntdom to work In-Reply-To: Message-ID: > > yes, you'll need those headers on your [assumed] linux system. they > > should have been installed, or you can get them from kernel.org. > > You mean they should be included in the kernel sources/headers? > Not in my 2.2.14 kernel! OK, I found them. I am currently downloading the linux-PAM libraries. Best regards, Pieter From mbreuer at siac.com Tue Apr 18 13:32:13 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that References: Message-ID: <38FC63DD.CECA6547@siac.com> Silly question... when you built samba, did you specify "with-profiles?" I had the same symptoms at one time... that was my problem. Also, in mh configuration (working with profiles) I have a [profile] share, but not a [profile$] share. I'm not sure that this matters. Paul J Collins wrote: > Hello everyone. > > I've built and installed TNG alpha 2.4.1 on my Mandrake 6.1 box. I > have been able to add a workstation to the domain by creating the > machine account using samedit::createuser and then doing the usual > from Network properties on the NT box. The NT machine is NT4 WS SP5 > running in a VMWare session. > > Domain: ONDIOLINE > PDC: STO-KERRIG > Workstation: PSEUDOPOLIS > > Domain login succeeds the first time I try it after the NT box boots. > The profile is created on the server's profile share, and I have > access to the PDC's shares. I can access other user's home shares by > providing the relevant username and password. However, if I log out > and then try to log in again as the same or a different user, I get > message about the roaming profile not being available. I OK this > message and then I get the "domain not available" error. If my cached > credentials were used, I can still access my own home share, but > trying to access another user's home share gives a "network name not > found" error. When I look in the Event Log, there are four messages > from Rdr complaining about short SMBs and then a message from NETLOGON > saying that the domain is not available. > > If I log out of the workstation and shut down and restart Samba, I can > log in once again, but once only. After that I get the same errors > about not being able to contact the domain. > > Below are my smb.conf and the relevant events saved from Event Viewer > as CSV. I just realised that the data from the events was not saved > in the CSV. Damn. Also note that the NT box's time is about 5 > minutes behind the Linux box's time. > > I deleted all my samba logs before I tried this fresh. The logs > resulting from the actions detailed above have been uploaded to > http://homepage.eircom.net/~sneakums/tng.tar.gz The file is about > 870KB; log level is 100. > > I am not on the list; I will try to keep up via the Web archive, but > if you need any further info, please feel free to mail me. > > Hope this is of use, > > Paul. > > ---BEGIN "smb.conf"--- > > [global] > debug level = 100 > guest account = ftp > > netbios name = STO-KERRIG > server string = Samba (Primary DC) > workgroup = ONDIOLINE > interfaces = 172.16.252.1/16 127.0.0.1/8 > > domain group map = /usr/local/samba-TNG/private/domaingroup.map > domain alias map = /usr/local/samba-TNG/private/domainalias.map > > security = user > domain logons = yes > encrypt passwords = yes > > os level = 65 > domain master = yes > preferred master = yes > local master = yes > > wins support = yes > time server = yes > > logon script = login.bat > logon drive = H: > logon home = \\STO-KERRIG\%U > logon path = \\STO-KERRIG\profile$\%U > > print command = /usr/bin/lpr -r -P%p %s > lpq command = /usr/bin/lpq -P%p > lprm command = /usr/bin/lprm -P%p %j > printcap name = /etc/printcap > load printers = yes > > [homes] > browseable = no > writable = yes > comment = Users' home directories > > [netlogon] > path = /usr/local/samba-TNG/netlogon > writable = no > guest ok = no > comment = PDC netlogon share > > [profile$] > path = /usr/local/samba-TNG/profile > writeable = yes > > [printers] > printing = bsd > comment = All Printers > path = /tmp > browseable = no > guest ok = yes > writable = no > printable = yes > > [print$] > path = /usr/local/samba-TNG/print > writable = yes > guest ok = yes > > ---END "smb.conf"--- > > ---BEGIN "events"--- > > 4/17/00,11:45:40 PM,NETLOGON,Error,None,5719,N/A,PSEUDOPOLIS,No Windows NT Domain Controller is available for domain ONDIOLINE. (This event is expected and can be ignored when booting with the 'No Net' Hardware Profile.) The following error occurred: > The remote procedure call failed and did not execute. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. > 4/17/00,11:45:40 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. > 4/17/00,11:45:39 PM,Rdr,Warning,None,3006,N/A,PSEUDOPOLIS,The redirector received an SMB that was too short. > 4/17/00,10:48:07 PM,EventLog,Information,None,6005,N/A,PSEUDOPOLIS,The Event log service was started. > 4/17/00,10:48:07 PM,EventLog,Information,None,6009,N/A,PSEUDOPOLIS,Microsoft (R) Windows NT (R) 4.0 1381 Service Pack 5 Uniprocessor Free. > > ---END "events"--- > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From s_colombo at iol.it Tue Apr 18 14:24:08 2000 From: s_colombo at iol.it (Stefano Colombo) Date: Tue Dec 2 02:29:28 2003 Subject: Slow write on HPUX Message-ID: We've got Samba 2.06 installed on two HP-UX 11.x Systems . During some tests a very slow write rate has been reported . A single 60MB file is written , from an NT Workstation , in about 2 minutes . Reading it from the Hp-UX box takes 15 sec. Copying the same file with FTP , from NT-2-HPUX, takes 10sec Is there any kernel parameters or compilation options I should try to improve it thanks a lot Stefano Colombo ( scolombo@cdmtc.it ) System / Network Engineer CDM Tecnoconsulting SPA v. M.L.King 38/2 40132, Bologna Italy tel : +39 051 4132611 fax : +39 051 4132627 WEB : http://www.cdmtc.it -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1940 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000418/7e4dc102/winmail.bin From rpaz at sc.uevora.pt Tue Apr 18 14:47:04 2000 From: rpaz at sc.uevora.pt (Rui Paz) Date: Tue Dec 2 02:29:28 2003 Subject: Problem adding WinNT 4 to Samba PDC Message-ID: <00ea01bfa944$f6b2da90$12d888c1@kremlin> I have a samba PDC with security = server because I'm using other Linux machine for authetication. After creating the trusted account on the PDC when I try to add the NT on the domain I get this message on the log "Trust account SKHUE3$ only supported with security = user" I can't change security for user because off the authentication. What can I do??? ___ Rui Paz From p.mayers at ic.ac.uk Tue Apr 18 14:40:09 2000 From: p.mayers at ic.ac.uk (Mayers, P J) Date: Tue Dec 2 02:29:28 2003 Subject: pam_ntdom won't compile. Message-ID: <0846B011B9A4D111A1EE006097DA4FCE02F813D3@icex1.cc.ic.ac.uk> [phil@mail pam_ntdom]$ make mkdir -p ./dynamic *** Building pam-ntdom(alpha) module of the framework... Contact: lkcl@samba.anu.edu.au gcc -O2 -DHAVE_CONFIG_H -fPIC -I./lib/include -I./lib/rpc/include -I./rpc_validate -c rpc_validate.c -o dynamic/rpc_validate.o rpc_validate.c:35: initializer element is not constant make: *** [dynamic/rpc_validate.o] Error 1 Version was: ftp://us1.samba.org/pub/samba/pam_ntdom/pam_ntdom-0.23.tgz From timothy_d_cole at md.northgrum.com Tue Apr 18 14:47:12 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:28 2003 Subject: [ADVANCE NOTICE] usernames limited to 8 chars gonna be nasty Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F47055@xcgmd008.md.essd.northgrum.com> > -----Original Message----- > From: Kurt Fitzner [SMTP:kfitzner@nexus.v-wave.com] > Sent: Thursday, April 13, 2000 14:22 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: [ADVANCE NOTICE] usernames limited to 8 chars gonna be > nasty > > On 11-Apr-00 Luke Kenneth Casson Leighton wrote: > >> Don't tie it to the user name. In some cases (i.e. LDAP) it would be > >> much better to add another multi-valued attribute like "NTDOMAIN". That > >> way we could use that account for multiple domains, or move domains > >> easily. > > > > good idea. > > You don't even need to go with LDAP. Just use some of the extra fields in > a > passwd file entry. The full-name field comes to mind. > Users can modify the GECOS fields, though... plus in some organization, the GECOS fields are used for other purposes anyway... From timothy_d_cole at md.northgrum.com Tue Apr 18 15:28:13 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:28 2003 Subject: Setting Permissions Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F47057@xcgmd008.md.essd.northgrum.com> You should be able to use Solaris (POSIX, really) ACLs. Read the setfacl(1) manpage. You'll probably find constructs like: find DOCS -type f | xargs -n 1 setfacl ... and find DOCS -type d | xargs -n 1 setfacl ... helpful for setting ACLs on files and directories in DOCS, respectively. !!! Note that if you use chmod(1) on a file after setting the ACLs, it'll nuke the file's ACL entries. > -----Original Message----- > From: Harpreet Singh [SMTP:hsingh@pilot.net] > Sent: Monday, April 17, 2000 13:53 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Setting Permissions > > Hello All, > > I have a question about setting group permissions on the Samba Server > running > on top of Solaris 2.6. > > The question is: how do I assign permission so that one group called > STAFF has full permission on a folder called DOCS and another group > called SALES has Read Only access. > > The Samba Server is part of the NT Domain. The way I set it up is > that I made two groups called Staff and Sales on the Solaris Machine > running > Samba and added people to the group they belong. > Then using SWAT I gave read list = @sales and write list = @staff. > > This works just fine when someone tries to access this docs share from the > NT side > but lets anyone right through when they mount this share from a > Unix/Solaris side. > > What do you suggest I do? > > Any input will be appreciated. > > Thanks, > Harpreet > From Jim.Levie at dynetics.com Tue Apr 18 15:30:34 2000 From: Jim.Levie at dynetics.com (Jim Levie) Date: Tue Dec 2 02:29:28 2003 Subject: Problems setting up a tng-BDC Message-ID: <38FC7F9A.AF2F9C6@dynetics.com> I have a Samba-TNG PDC set up, whcih seems to work normally. I can succesfully join the domain with NT workstations, but I can't seem to get a second Samba-TNG system to join the domain. I suspect that I'm missing some crucial step, but I can't seem to figure out what. What I've done: 1) Create a workstation account on the PDC with rpcclient. 2) Created "root" user on the PDC with an SMB encrypted passwd 3) Used the procedure on http://www.kneschke.de/projekte/samba_tng/faq/samba_bdc.php3 to set up the BDC and attempt to join the domain (well close to it, as it's not quite up to date). The transaction on the BDC looks like: root> bin/rpcclient -S chimera -U root%xxxxx -W COMPCNTR added interface ip=192.168.64.2 bcast=192.168.64.255 nmask=255.255.255.0 added interface ip=192.168.128.22 bcast=192.168.128.255 nmask=255.255.255.0 added interface ip=192.168.129.22 bcast=192.168.129.255 nmask=255.255.255.0 Server: \\CHIMERA: User: root Domain: COMPCNTR Connection: socket connect to /tmp/.smb.0/agent failed: No such file or directory session setup ok Domain=[COMPCNTR] OS=[Unix] Server=[Samba TNG-alpha] OK [COMPCNTR\root@CHIMERA]$ createuser asgard$ -s -j compcntr createuser asgard$ -s -j compcntr SAM Create Domain User Domain: COMPCNTR Name: asgard$ ACB: [S ] socket connect to /tmp/.smb.0/agent failed: No such file or directory Create Domain User: OK Join ASGARD to Domain COMPCNTR LSA_OPENSECRET: unknown error LSA_OPENSECRET: unknown error Set $MACHINE.ACC: FAILED [COMPCNTR\root@CHIMERA]$ In the BDC's log.lsarpc I see: _lsa_open_secret: couldn't open secret_db. Possible attack? uid=0, gid=0, euid=60001, egid=60001 Why? And more importantly, how do I fix it? -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Jim Levie email: Jim.Levie@dynetics.com Dynetics Inc, Huntsville, Al Ph. 256.964.4337 The opinions expressed above are just that... From jens.skripczynski at igd.fhg.de Tue Apr 18 15:52:12 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:28 2003 Subject: Bugreport template and description file Message-ID: <20000418175147.A14318@pclinux.igd.fhg.de> Hi, at the moments there are a lot of bugs in the developement version of samba. People notice them and report them. But sometimes they forget some necassary information, that makes it harder to find the actual bug, or in some small cases appear a user error. To improve this i made a first scatch of a bugreport template text file and a file describing all the fields. I hope by having categories in those files, and knowing what information is necassary and how to find it, that this improves the speed of the development of the new samba versions. P.S.: If you find any seplling mistakes, some better way of saying things or even want to add something, feel free to mail me. P.P.S.: Lars can you add these files to the FAQ ? thx. Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. -------------- next part -------------- G E N E R A L | --------------------------------+ Before you send a bugreport to the list, please make sure that you have the latest samba code. If you are using cvs, it is sometimes possible, that your local sourcetree isn't in sync with the cvstree anymore. You will have to remove all source files and do a fresh checkout. For a fast responce and efficient bug tracking it is mandatory, that you responce the following questions as soon as possible, as the guys of the samba team have a lot to do, and each minute you invest may save them hours of work ( and giving the error a higher priority). __ have patience! remote debugging is often slow, and may take place over several days. Always communicate *full* context information. The developer may be expecting to deal with between fifty and a few hundred email messages: Present them with as much information as they will need to make instant context-decisions, instead of wading through piles of previous messages they may waste precious time searching for. Even an hour is often enough to forget what was said and sent. __ Typing: Things separated by a "|" symbol are an or combination. So (A|B) means you can choose "A" or "B". A "$WORD" Means substitute $WORD by your local conditions `command -option` means execute the command with the options general Information | --------------------------------+ OS: Please submit the Operating System you are using with Version number. ex: - Linux (Suse|Redhat|Mandrake) $VERSION $KERNELVERSION - SPARC $VERSION - .... `uname -a` typed in your shell should reveal most information. If not "ask your local system administrator... ;)" Compiler: The compiler you are using. Even if samba is written Posix complient it may happen, that some compilers do make a difference on interpreting code. For the gcc compiler `gcc -v` reveals the version number. For others consult the man page. `man $COMPILER` CVS-Branch: Contains the CVS-Branch you are Using. Valid itmes are: SAMBA_TNG|SAMBA_2_0_RELEASE|SAMBA_2_0|HEAD Version/Date: Contains either the Version number of the tar-ball you got from the official samba ftp or http server, or if you are using cvs, the date _and_ time of your last update (don't forget to mention the timezone). error Type : reproduceable | random Is the error type. Reproduceable errors have the highest priority, as they can be tracked down easier. Random errors are more a call for someone to go fishing in the mist. Short Desc. : A short description when the error occurs. Logon, accessing a share / printer, joining the Domain etc. Trigger : How to trigger the error. "If i click on the Internet Explorer my Harddisk catches fire...." special Information | --------------------------------+ If you catch in your log-files something like: "INTERNAL ERROR... see Bugs.txt". Then you have to compile samba in a special debug mode: If not continue with 4). 1) recompile with debug information : + cvs update + make distclean + ./configure.developer + make + make install + edit smb.conf: Change "debug level = 100" + restart all samba daemons 2) If it core dumps again with : "INTERNAL ERROR... see Bugs.txt". Else continue with 3). `gdb $PROCESSNAME core` + type where + again send E-Mail as noted above with the information of gdb 3) attach the full log-files of the corresponding daemon But keep them _short_, and _relevant_! 3mb Log files containig just 100 (!) relevant lines are no use. Sending log files from start-up, when access to one file is the only trigger is also unhelpful, although in some cases this _may_ be desirable, it depends on the problem. 4) Supply if possible relevant traffic going over the wire. Useable tools for this are `tcpdump` on the Unix/Linux side and netmon trace (version 1) on the Windows side. 5) attach you configuration files. Usually the smb.conf should suffice. -------------- next part -------------- G E N E R A L * * * * * * * * ------------- OS : ------------- Compiler : ------------- CVS-Branch : ------------- Version/Date: ------------- Error Type : ------------- Short Desc. : ------------- Trigger : ------------- S P E C I A L * * * * * * * * ------------- GDB : ------------- ------------- Log-Files : ------------- ------------- smb.conf : ------------- --------------- tcpdump/netmon: --------------- From p.grimmerink at home.nl Tue Apr 18 15:52:51 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:28 2003 Subject: Problems setting up a tng-BDC Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Jim Levie > Sent: dinsdag 18 april 2000 17:33 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Problems setting up a tng-BDC > > root> bin/rpcclient -S chimera -U root%xxxxx -W COMPCNTR OK, now you should make a connection to your workstation, with a local root account; (note that you should have this local root account in the smbpasswd file of the workstation) use \\workstation -Ulocalroot%passwd -Wworkstation Now the PDC has a connection to the workstation, to set the machineaccount password. Then you do createuser asgard$ -s -j compcntr which worked for me. Best regards, Pieter From jnorth at bizblast.com Tue Apr 18 15:53:30 2000 From: jnorth at bizblast.com (Jason C. North) Date: Tue Dec 2 02:29:28 2003 Subject: nt workstation cannot log into samba domain, comtinued. Message-ID: OK, I have traced the problem. When the workstation is added to the domain, it is trying to change its password. This fails, leaving the smb passwd for the workstation trust account in its initial value. So the question is, what directive do I need to set in smb.conf to allow the workstation to update its password when it is added to the domain? Jason C. North BizBlast.com Security Administration 303-893-4053 xt 214 _-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_- Things that appear unlikely, impossible, or paradoxical from one point of view often make perfectly good sense from another... --Hugh Nibley From striker at samba.org Tue Apr 18 16:15:38 2000 From: striker at samba.org (Sander Striker) Date: Tue Dec 2 02:29:28 2003 Subject: Bugreport template and description file References: <20000418175147.A14318@pclinux.igd.fhg.de> Message-ID: <009a01bfa951$55a53a00$1e00a8c0@office.striker.nl> > Hi, > > at the moments there are a lot of bugs in the developement version > of samba. > People notice them and report them. But sometimes they forget some necassary > information, that makes it harder to find the actual bug, or in some small > cases appear a user error. > > To improve this i made a first scatch of a bugreport template text file and > a file describing all the fields. I hope by having categories in those files, > and knowing what information is necassary and how to find it, that this > improves the speed of the development of the new samba versions. Maybe this is something for the homepage of samba? A good form would do the trick. However, attachments are somewhat hard to arrange... Sander From sneakums at eircom.net Tue Apr 18 17:53:03 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Michael Breuer's message of "Tue, 18 Apr 2000 09:32:13 -0400" References: <38FC63DD.CECA6547@siac.com> Message-ID: >>>>> "Michael" == Michael Breuer writes: Michael> Silly question... when you built samba, did you specify Michael> "with-profiles?" I had the same symptoms at one Michael> time... that was my problem. Also, in mh configuration Michael> (working with profiles) I have a [profile] share, but not Michael> a [profile$] share. I'm not sure that this matters. In fact, I didn't enable that option when I ran configure. The profiles seem to work anyway, or is only partially working and I can't see that? Does it affect PDC functionality in the way I described? I called the share "profile$" so that it wouldn't show up when I browsed into the server. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mbreuer at siac.com Tue Apr 18 18:01:02 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:28 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that References: <38FC63DD.CECA6547@siac.com> Message-ID: <38FCA2DE.E45AE724@siac.com> Yes... you must run with enable-profiles. If you still have an issue, try removing the "$". Paul J Collins wrote: > >>>>> "Michael" == Michael Breuer writes: > > Michael> Silly question... when you built samba, did you specify > Michael> "with-profiles?" I had the same symptoms at one > Michael> time... that was my problem. Also, in mh configuration > Michael> (working with profiles) I have a [profile] share, but not > Michael> a [profile$] share. I'm not sure that this matters. > > In fact, I didn't enable that option when I ran configure. The > profiles seem to work anyway, or is only partially working and I can't > see that? Does it affect PDC functionality in the way I described? > > I called the share "profile$" so that it wouldn't show up when I > browsed into the server. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From Skripi at hrzpub.tu-darmstadt.de Tue Apr 18 18:12:34 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:28 2003 Subject: Bugreport template and description file In-Reply-To: <009a01bfa951$55a53a00$1e00a8c0@office.striker.nl>; from striker@samba.org on Wed, Apr 19, 2000 at 02:07:53AM +1000 References: <20000418175147.A14318@pclinux.igd.fhg.de> <009a01bfa951$55a53a00$1e00a8c0@office.striker.nl> Message-ID: <20000418201234.A8465@shadowland.sc> Sander Striker: > Maybe this is something for the homepage of samba? > A good form would do the trick. However, attachments are somewhat > hard to arrange... Actually i first did suggest making a form. Some php3 form, that would automatically check, whether mandatory fields are checked and make an EMail to samba-nt. But Luke said a textform would be better. Writing a form would be a oneday job (with php3). At the moment i don't see the problems with attachments. All new EMail Programs that i know do understand attachments (on Windows as well as on Unix side). Tell me whether you want a form. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Jim.Levie at dynetics.com Tue Apr 18 18:31:45 2000 From: Jim.Levie at dynetics.com (Jim Levie) Date: Tue Dec 2 02:29:29 2003 Subject: Problems setting up a tng-BDC References: Message-ID: <38FCAA11.F291A297@dynetics.com> Pieter Grimmerink wrote: > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Jim Levie > > Sent: dinsdag 18 april 2000 17:33 > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Problems setting up a tng-BDC > > > > > root> bin/rpcclient -S chimera -U root%xxxxx -W COMPCNTR > OK, now you should make a connection to your workstation, with a local root > account; > (note that you should have this local root account in the smbpasswd file of > the workstation) > use \\workstation -Ulocalroot%passwd -Wworkstation > > Now the PDC has a connection to the workstation, to set the machineaccount > password. > Then you do > > createuser asgard$ -s -j compcntr > Right, I created the root account on the BDC w/rpcclient, set the password with smbpasswd (and removed the "D" flag). But then when I try to join the domain I see: root> bin/rpcclient -S chimera -U root%***** -W compcntr added interface ip=192.168.64.2 bcast=192.168.64.255 nmask=255.255.255.0 added interface ip=192.168.128.22 bcast=192.168.128.255 nmask=255.255.255.0 added interface ip=192.168.129.22 bcast=192.168.129.255 nmask=255.255.255.0 Server: \\CHIMERA: User: root Domain: compcntr Connection: socket connect to /tmp/.smb.0/agent failed: No such file or directory session setup ok Domain=[COMPCNTR] OS=[Unix] Server=[Samba TNG-alpha] OK [compcntr\root@CHIMERA]$ lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: COMPCNTR SID: S-1-5-21-2734207125-72619570-2350025354 Domain Controller - Domain: COMPCNTR SID: S-1-5-21-2734207125-72619570-2350025354 [compcntr\root@CHIMERA]$ use \\asgard -U root%sfianp2v -W asgard use \\asgard -U root%****** -W asgard Server: \\ASGARD: User: root Domain: asgard Connection: socket connect to /tmp/.smb.0/agent failed: No such file or directory failed session setup cli_net_use_add: connection failed FAILED [asgard\root@CHIMERA]$ And now in log.smb I get: domain_client_validate: unable to validate password for user ?/ek??? 3g8@?+??g,5root in domain ASGARD to Domain controller \\.. SMB LM/NT Password did not match! That looks somewhat like "somebody's buffer pointer is wandering". -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Jim Levie email: Jim.Levie@dynetics.com Dynetics Inc, Huntsville, Al Ph. 256.964.4337 The opinions expressed above are just that... From striker at samba.org Tue Apr 18 18:41:56 2000 From: striker at samba.org (Sander Striker) Date: Tue Dec 2 02:29:29 2003 Subject: Bugreport template and description file References: <20000418175147.A14318@pclinux.igd.fhg.de> <009a01bfa951$55a53a00$1e00a8c0@office.striker.nl> <20000418201234.A8465@shadowland.sc> Message-ID: <00c301bfa965$c614b4a0$1e00a8c0@office.striker.nl> > Writing a form would be a oneday job (with php3). Hmmm, I see why Luke said: do a text form. > At the moment i don't see the problems with attachments. All new EMail > Programs that i know do understand attachments (on Windows as well as on > Unix side). I meant that you can't attach to a form :-) > Tell me whether you want a form. Nah. This is fine. Maybe later, when you got days to spare :-) Sander From sneakums at eircom.net Tue Apr 18 18:52:44 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Message-ID: Tried the two schannel options. Logged in quickly four different times using four different domain accounts, then three times using the first account. I continued round-robining my four accounts, and I got two domain-unreachables in the next 5 attempts. My last login was using root, which I have added to the Unix group domadmin and mapped to "Domain Admins" in the group map file. When I attempted to run Event Viewer while seemingly successfully logged in as ONDIOLINE\root, I got a message saying "the handle is invalid". For each "domain-unreachable", seven of the following event (SMB too short) appeared in the System log before the NETLOGON message re the domain: ID: 3006 Source: Rdr Data: 0000: 00 00 3c 00 02 00 86 00 ..<...?. 0008: 00 00 00 00 be 0b 00 80 ....?..? 0010: 00 00 00 00 00 00 00 00 ........ 0018: 88 77 52 80 00 00 00 00 ?wR?.... 0020: 00 00 00 00 00 00 00 00 ........ 0028: ff 53 4d 42 25 00 00 00 ?SMB%... 0030: 00 88 01 00 00 00 00 00 .?...... 0038: 00 00 00 00 00 00 00 00 ........ 0040: 01 00 20 f0 64 00 00 07 ...?d... 0048: 0a 04 00 00 00 00 00 04 ........ 0050: 00 38 00 00 00 00 00 3c .8.....< 0058: 00 00 00 00 00 05 00 00 ........ 0060: 32 00 00 00 2... Note that I did not pass "--enable-profile" to configure when I built samba TNG, but the profiles seem to work regardless. I have built a samba TNG with this option and I will try it out later. If you want me to pull stuff from my logs, just shout. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sneakums at eircom.net Tue Apr 18 18:54:08 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Michael Breuer's message of "Tue, 18 Apr 2000 14:01:02 -0400" References: <38FC63DD.CECA6547@siac.com> <38FCA2DE.E45AE724@siac.com> Message-ID: >>>>> "Michael" == Michael Breuer writes: Michael> Yes... you must run with enable-profiles. If you still Michael> have an issue, try removing the "$". Paul J Collins Michael> wrote: I just finished builing 2.4.1 with enable-profile. I'll be trying it this evening. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From timothy_d_cole at md.northgrum.com Tue Apr 18 19:52:12 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:29 2003 Subject: Bugreport template and description file Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705B@xcgmd008.md.essd.northgrum.com> > -----Original Message----- > From: Jens Skripczynski [SMTP:Skripi@hrzpub.tu-darmstadt.de] > Sent: Tuesday, April 18, 2000 14:06 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Bugreport template and description file > > At the moment i don't see the problems with attachments. All new EMail > Programs that i know do understand attachments (on Windows as well as on > Unix side). > A lot of people on this list aren't using new EMail programs. Chances are, anyone on a proprietary Unix who isn't using Netscape mail or the horrid CDE mailer is using incredibly ancient version of mailx, mail or pine. (it's not just mail programs, either... for example, HP-UX 10's sed(1) doesn't seem to have been updated since the early 1980's) Most of these programs don't even grok MIME at all, let alone file attachments (if they did, people wouldn't be complaining about HTML emails, since all MUAs I've seen send them as multipart/alternate, providing a text/plain version as well as the text/html one). From timothy_d_cole at md.northgrum.com Tue Apr 18 19:55:22 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:29 2003 Subject: Bugreport template and description file Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705C@xcgmd008.md.essd.northgrum.com> > -----Original Message----- > From: Sander Striker [SMTP:striker@samba.org] > Sent: Tuesday, April 18, 2000 14:37 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Bugreport template and description file > > I meant that you can't attach to a form :-) > Well, you can, actually. There's a file upload form element, IIRC. I don't think IE supports it, but it is pretty heavily used by a number of sites even so (I think even Hotmail did it, at least back when I used to use it). Bugzilla uses it for attachments to bug reports, I think. Actually, come to think of it, has Bugzilla been considered for Samba yet? > From sneakums at eircom.net Tue Apr 18 20:16:46 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: Bugreport template and description file In-Reply-To: "Cole, Timothy D."'s message of "Wed, 19 Apr 2000 05:57:28 +1000" References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705C@xcgmd008.md.essd.northgrum.com> Message-ID: >>>>> "Cole," == Cole, Timothy D writes: Cole,> element, IIRC. I don't think IE supports it, but it is Cole,> pretty heavily used by a number of sites even so (I think Cole,> even Hotmail did it, at least back when I used to use it). Cole,> Bugzilla uses it for attachments to bug reports, I think. IE supports the file upload. I dont know which version support was added to. I've used it in IE 4 and 5. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kirk at braemarinc.com Tue Apr 18 21:00:49 2000 From: kirk at braemarinc.com (Kirk A Wolff) Date: Tue Dec 2 02:29:29 2003 Subject: "shouldn't be necessary" ? Message-ID: <009c01bfa979$307b7f00$8001a8c0@Braemarinc.com> See Line number 42 through 45. This is from samba/source/README ----- Original Message ----- From: "Luke Kenneth Casson Leighton" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Monday, April 17, 2000 10:38 PM Subject: Re: Works! > On Mon, 17 Apr 2000, Kirk A Wolff wrote: > > > Thanks for all of the hard work! I will reap all of the benefits with much > > joy!) j/k > > > > Like I said earlier, I am using this for my home network with connectivity > > via Amateur Radio (http://n0tia-uhf.ampr.org). Now I can serve file space > > and internet access to the windows workstations roommates and neighbors! > > > > I have one suggestion though: In your FAQ at > > http://www.kneschke.de/projekte/samba_tng/faq/configuration.php3, tell > > people to give the server a trust account also! That way they won't miss > > that little statement in the samba/source/README! I think that was why I > > couldn't get it to work all along (for the past week). > > shouldn't be necessary. > 1: Samba, The Next Generation. 2: Sun Jan 2nd 2000. 3: lkcl, samba team. 4: 5: if you got this far, you probably obtained samba using cvs. well done. 6: in order to maintain it, you will need to use cvs update, but occasionally 7: this will fail, and you will need to delete your cvs tree and start again. 8: instructions, in case it was a while since you last did that, are at 9: http://samba.org/cvs.html. remember to use SAMBA_TNG as the tag name. 10: 11: there is also a FAQ, maintained by Lars Kneschke , at 12: http://www.kneschke.de/projekte/samba_tng. 13: 14: basic compilation and usage instructions. the following are executed at 15: the unix prompt, if you hadn't already guessed. 16: 17: ./configure 18: make 19: [make install] 20: 21: to run samba, you will need: 22: 23: bin/smbd 24: bin/nmbd 25: 26: if you are using any nt clients, running the following will change the 27: behaviour of the nt clients towards samba, which will improve the nt 28: clients' reliability and performance: 29: 30: bin/srvsvcd 31: bin/wkssvcd 32: 33: if you intend to operate samba with "encrypt passwords = yes", 34: "update encrypted = yes" or "migrate passwords = yes", you will 35: also need: 36: 37: bin/lsarpcd 38: bin/samrd 39: bin/netlogond 40: bin/winregd 41: 42: you will also need to add your own samba server as a trust account. 43: one way to do this, in the usual manner, is: 44: 45: bin/smbpasswd -a -m your_samba_server_name 46: 47: if you need NT-style printing: 48: 49: bin/spoolssd 50: 51: if you want to be able to start/stop services remotely (yes, dammit, 52: you can only do this as root, you think i'm stupid????), you will need, 53: as well as your own rc.services script in /usr/local/samba/bin: 54: 55: bin/svcctld 56: 57: 58: i _really_ like this daemon architecture stuff. if ever there's a problem, 59: or you want to upgrade one component, just kill the relevant daemon, 60: NOT smbd and NOT any of the other services, and restart it. i think 61: that's just great :) 62: 63: 64: Sun Jan 2nd 2000 (later on) 65: 66: i liked the daemon architecture so much i decided to add it to cvs main, 67: or what is affectionately known as the SAMBA-3 tree. what i added was 68: code that, instead of _always_ redirecting to the daemon architecture 69: like in SAMBA_TNG, samba cvs main _attempts_ to redirect to the daemon 70: architecture. if this fails, it will fall back to using the internal 71: msrpc code. 72: 73: so, if you want to use smbd file-services in cvs main, which are much better, 74: then simply run cvs main's smbd daemon instead of SAMBA_TNG's. -------------- next part -------------- HTML attachment scrubbed and removed From pjdc at eircom.net Tue Apr 18 21:22:43 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: "shouldn't be necessary" ? In-Reply-To: "Kirk A Wolff"'s message of "Wed, 19 Apr 2000 07:09:41 +1000" References: <009c01bfa979$307b7f00$8001a8c0@Braemarinc.com> Message-ID: >>>>> "Kirk" == Kirk A Wolff writes: Kirk> See Line number 42 through 45.? This is from Kirk> samba/source/README I was under the impression that the a samba domain no longer required the trust account for the PDC. Mine doesn't seem to, and I seem to remember seeing something somewhere where Luke said it wasn't. That README is slightly out of date, AFAIK. Check the date on it... :) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Tue Apr 18 21:37:03 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Paul J Collins's message of "Wed, 19 Apr 2000 04:53:11 +1000" References: <38FC63DD.CECA6547@siac.com> <38FCA2DE.E45AE724@siac.com> Message-ID: >>>>> "Paul" == Paul J Collins writes: Paul> I just finished builing 2.4.1 with enable-profile. I'll be Paul> trying it this evening. Okay. I rebuilt Samba with enable-profile. I installed it into a fresh directory. I created a new domain SNOWBUG, in the same fashion that I created ONDIOLINE. I log in as SNOWBUG\root; no problems. I log out and log back in as root: the domain is not available and my cached account information is used. I log out again. I attempt to log in as one of my normal domain users, and I am told that the domain is not available. The text of the message in the Event Log refers to an RPC not executing; is this significant? Weirdness: When I log in successfully as SNOWBUG\root, and scroll down the event log, I get to about three screens down and I get a message saying "The handle is invalid". I then try with the schannel options. Same result. I log in as another user, the profile is created. Log out and try to log in as SNOWBUG\root and I get the domain controller not found error. Nothing about a slow network connection, though. Below is my smb.conf and my smbpasswd with the hashes removed. I have preserved logs from these two sessions; there's a lot there, so if you want me to look for something specific, or to send you a certain file, please do holler. Another weird thing: I have been occassionally seeing a strange dialog flashing up on the screen when I log off the domain, but it disappears before I can read it. It looks vaguely like an Abort/Retry/Cancel dialog. Paul. ---BEGIN "smb.conf"--- [global] debug level = 100 guest account = ftp #client schannel = no #server schannel = no netbios name = STO-KERRIG server string = Samba (Primary DC) workgroup = SNOWBUG interfaces = 172.16.252.1/16 127.0.0.1/8 domain group map = /usr/local/samba-TNG/private/domaingroup.map domain alias map = /usr/local/samba-TNG/private/domainalias.map security = user domain logons = yes encrypt passwords = yes os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = H: logon home = \\STO-KERRIG\%U logon path = \\STO-KERRIG\profile\%U print command = /usr/bin/lpr -r -P%p %s lpq command = /usr/bin/lpq -P%p lprm command = /usr/bin/lprm -P%p %j printcap name = /etc/printcap load printers = yes [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba-TNG/netlogon writable = no guest ok = no comment = PDC netlogon share [profile] path = /usr/local/samba-TNG/profile writeable = yes [printers] printing = bsd comment = All Printers path = /tmp browseable = no guest ok = yes writable = no printable = yes [print$] path = /usr/local/samba-TNG/print writable = yes guest ok = yes ---END "smb.conf"--- ---BEGIN "smbpasswd"--- root:0:::[ ]:LCT-FFFFFFFF: PSEUDOPOLIS$:507:::[W ]:LCT-38FCCD7D: sneakums:501:::[ ]:LCT-FFFFFFFF: henry:503:::[ ]:LCT-FFFFFFFF: cathy:506:::[ ]:LCT-FFFFFFFF: ---END "smbpasswd"--- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mike at hudgell.co.uk Tue Apr 18 21:32:31 2000 From: mike at hudgell.co.uk (Michael G. Hudgell) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request Message-ID: Completely off-topic I know, but does anyone know if there is a product for UNIX which would act as a cheap drop-in replacement for an Exchange Server? Thanks, and apologies for posting on a non-samba topic. Mike -- Michael G. Hudgell Undergraduate Student, SEP, Brunel University Course Homepage: http:\\www.brunel.ac.uk\depts\mes My Homepage: http:\\www.mhudgell.co.uk\ From jeremy at valinux.com Tue Apr 18 21:43:14 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request References: Message-ID: <38FCD6F2.6AAAAA12@valinux.com> "Michael G. Hudgell" wrote: > > Completely off-topic I know, but does anyone know if there is a product for > UNIX which would act as a cheap drop-in replacement for an Exchange Server? > > Thanks, and apologies for posting on a non-samba topic. HP OpenMail - allows Linux server to server MS-Outlook clients (*yes* - it does do calendaring and scheduling :-). Lookup at : http://www.ice.hp.com/cyc/om/00/index.html No connection to HP other than this looks like a cool product. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From ctooley at joslyn.org Tue Apr 18 21:47:56 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:29 2003 Subject: SMBClient/SMBMount In-Reply-To: <20000417131202.766DB2AE6F@i3.golden.dom> Message-ID: <000201bfa97f$c29d6960$1900a8c0@joslyn.org> Hello All: I have tried to follow this mailing list as closely as possible. However, as I have many different hats besides Server Administration, it is not always possible to read the high volume this list creates. I appreciate all the work being done on Samba and, after many failed attempts to correctly set up a TNG installation, I'm going to revert to the much anticipated 2.0.7 version. However, I am wondering about the smbmount command. Am I correct in remembering that this must be turned on at the time of compiling? Also, I tried to find some documentation in the source code but couldn't find any (I may have overlooked it). I would really like to mount some shares and have my home directory on our SAMBA server get mounted to my home directory on my local machine. So that I may "attempt" to run Outlook 98 as my mail client with WINE. Any help would be much appreciated. Also I'd like to test my samba configs. I remember there being some discussion on here on running the "startx -- :1,2,3,..." commands to start different X configurations (this by the way is how you would run a remote X terminal on a worstation). However, does anyone know and could e-mail the filename to put xinit commands into for each session? ie could I have a .xinitrc for each terminal so that when I startx on that screen it will start different applications? I'm trying to automate starting up my different OS's with the use of VMWare. Thank you and I apologize for the off topic questions, Chris Tooley From kirk at braemarinc.com Tue Apr 18 21:40:39 2000 From: kirk at braemarinc.com (Kirk A Wolff) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request References: Message-ID: <00c101bfa980$ecc31860$8001a8c0@Braemarinc.com> Excellent question! ----- Original Message ----- From: "Michael G. Hudgell" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Tuesday, April 18, 2000 4:36 PM Subject: o/t info request > Completely off-topic I know, but does anyone know if there is a product for > UNIX which would act as a cheap drop-in replacement for an Exchange Server? > > Thanks, and apologies for posting on a non-samba topic. > > Mike > > -- > Michael G. Hudgell > Undergraduate Student, SEP, Brunel University > Course Homepage: http:\\www.brunel.ac.uk\depts\mes > My Homepage: http:\\www.mhudgell.co.uk\ From p.grimmerink at home.nl Tue Apr 18 22:21:55 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Message-ID: > I log in as SNOWBUG\root; no problems. I log out and log back in as > root: the domain is not available and my cached account information is > used. I log out again. I attempt to log in as one of my normal > domain users, and I am told that the domain is not available. Same for me, still. This happens when I try to log into the domain from an NT 4.0 server, which has been successfully added to the samba domain. An NT 5 workstation, which has also been added to the domain seems to work just fine, as well as a samba workstation, added to the same domain. A similar problem occurs when I, in an other setup, try to add a samba workstation to an NT 4.0 domain; it seems to join without errors, but when I try to connect to the samba workstation, the user or machine account seems to be invalid, according to the logs. (I'm using samba-tng 2.4.tgz in these setups) best regards, Pieter Grimmerink From chucks at arizona.edu Tue Apr 18 22:38:57 2000 From: chucks at arizona.edu (Chuck Spurling) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request In-Reply-To: <38FCD6F2.6AAAAA12@valinux.com> Message-ID: <38FC8191.26867.11AEE8C@localhost> I'm been reading what I can on this product for the last month or so considering an eval. If anyone has some feedback on this, or a live setup, I would love to see a response. -Chuck On 19 Apr 2000, at 7:48, Jeremy Allison wrote: > "Michael G. Hudgell" wrote: > > > > Completely off-topic I know, but does anyone know if there is a product for > > UNIX which would act as a cheap drop-in replacement for an Exchange Server? > > > > Thanks, and apologies for posting on a non-samba topic. > > HP OpenMail - allows Linux server to server MS-Outlook > clients (*yes* - it does do calendaring and scheduling :-). > > Lookup at : > > http://www.ice.hp.com/cyc/om/00/index.html > > No connection to HP other than this looks like a cool > product. > > Jeremy. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > From pjdc at eircom.net Tue Apr 18 22:49:28 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: "Pieter Grimmerink"'s message of "Wed, 19 Apr 2000 08:24:26 +1000" References: Message-ID: >>>>> "Pieter" == Pieter Grimmerink writes: Pieter> A similar problem occurs when I, in an other setup, try to Pieter> add a samba workstation to an NT 4.0 domain; it seems to Pieter> join without errors, but when I try to connect to the Pieter> samba workstation, the user or machine account seems to be Pieter> invalid, according to the logs. One thing I've notived is that I have been creating my entries in smbpasswd incorrectly. I used to just use smbpasswd -a USER, and it would add the entry, but with no flags. I have used createuser and then smbpasswd -e USER and I am now getting a U flag for my users. The root account still has no U flag as I used smbpasswd to bootstrap the smbpasswd file; should I add the U flag manually? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From David.Bear at asu.edu Tue Apr 18 23:36:39 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request In-Reply-To: Message-ID: On Wed, 19 Apr 2000, Michael G. Hudgell wrote: > Completely off-topic I know, but does anyone know if there is a product for > UNIX which would act as a cheap drop-in replacement for an Exchange Server? > nothing... if what you want is an exchange server. My guess is microsoft has closely guarded the rpc's they use for communication between outlook and exchange. But, if what you want is a product equivalent: mail, share folders, calendars, server side agents, global address (ldap), etc., then Lotus Notes is a solid competitor. It runs on various *ix's (Aix, Linux??, HPUX, Solaris) and NT. Whereas exchange only runs on NT. With win2000 you see a complete marraige of exchange and the active directory. So, as far as commercial products go, Notes about the only thing I can think of that is a real competitor. (Novell groupwise also has many of these features but its death is that is runs on netware... not Unix -- at least last time I checked) Now, in the free/open source domain, you would have to run and Imap daemon, a POP daemon, an Ldap server, possible samba (for shared folders), and some other calendar daemon (don't know of any off hand) to get close to the functionality of exchange. David Bear College of Public Programs/ASU From GLeblanc at cu-portland.edu Tue Apr 18 23:45:43 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request Message-ID: > -----Original Message----- > From: iddwb [mailto:David.Bear@asu.edu] > Sent: Tuesday, April 18, 2000 4:39 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: o/t info request > > > On Wed, 19 Apr 2000, Michael G. Hudgell wrote: > > > Completely off-topic I know, but does anyone know if there > is a product for > > UNIX which would act as a cheap drop-in replacement for an > Exchange Server? > > > nothing... if what you want is an exchange server. My guess > is microsoft > has closely guarded the rpc's they use for communication > between outlook > and exchange. > > But, if what you want is a product equivalent: mail, share folders, > calendars, server side agents, global address (ldap), etc., then Lotus > Notes is a solid competitor. It runs on various *ix's (Aix, Linux??, > HPUX, Solaris) and NT. Whereas exchange only runs on NT. > With win2000 > you see a complete marraige of exchange and the active > directory. So, as > far as commercial products go, Notes about the only thing I > can think of > that is a real competitor. (Novell groupwise also has many of these > features but its death is that is runs on netware... not Unix > -- at least > last time I checked) I hate to do this on the Samba list, but Groupwise runs at least on NT as well as Netware, and I seem to remember Unix counterparts. I'll have to check....Yep, Novell's page says something about it running on Unix, probably not Linux. If you put things together, I think that Netscape/iPlanet has all of the features, just not as tightly integrated. You should also check out HP's "OpenMail" which is a drop in replacement for Exchange, and runs at least on Linux, probably HP-UX as well. > Now, in the free/open source domain, you would have to run and Imap > daemon, a POP daemon, an Ldap server, possible samba (for > shared folders), > and some other calendar daemon (don't know of any off hand) > to get close > to the functionality of exchange. Perhaps a year from now there will be a good solution for this, but it's very alpha code right now. You can get most of the pieces separately, but nothing bound together. Greg From sam at topic.com.au Wed Apr 19 01:16:41 2000 From: sam at topic.com.au (Sam Couter) Date: Tue Dec 2 02:29:29 2003 Subject: o/t info request In-Reply-To: ; from GLeblanc@cu-portland.edu on Wed, Apr 19, 2000 at 09:47:48AM +1000 References: Message-ID: <20000419111641.A24797@mail.topic.com.au> > > -----Original Message----- > > From: iddwb [mailto:David.Bear@asu.edu] > > Sent: Tuesday, April 18, 2000 4:39 PM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: o/t info request > > > > Now, in the free/open source domain, you would have to run and Imap > > daemon, a POP daemon, an Ldap server, possible samba (for > > shared folders), > > and some other calendar daemon (don't know of any off hand) > > to get close > > to the functionality of exchange. For a calendaring system, you can try Netscape Calendar (is it iPlanet now?), which is a rebadged version of Corporate Software & Technologies' CorporateTime. It runs on at least Linux, Windows and several unices. We use CorporateTime rather than Netscape Calendar. Netscape are dropping/have dropped calendar support anyway, I believe. Gregory Leblanc wrote: > > Perhaps a year from now there will be a good solution for this, but it's > very alpha code right now. You can get most of the pieces separately, but > nothing bound together. That's the UNIX way. Small pieces that do the job that can be used together. The Microsoft way is bloated, monolithic beasts that try to do everything, and succeed in doing very little, and poorly. :) -- Sam Couter sam@topic.com.au Internet Engineer http://www.topic.com.au/ tSA Consulting -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000419/2227f7c8/attachment.bin From david at wasylciw.com Wed Apr 19 03:46:42 2000 From: david at wasylciw.com (David Wasylciw) Date: Tue Dec 2 02:29:29 2003 Subject: Alive? In-Reply-To: Message-ID: Is this list still alive? I haven't gotten any messages since the 14th of April. - Dave From lkcl at samba.org Wed Apr 19 04:03:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:29 2003 Subject: how to get pam_ntdom to work In-Reply-To: Message-ID: no. ftp.kernel.org. obtain linux-pam On Tue, 18 Apr 2000, Pieter Grimmerink wrote: > > yes, you'll need those headers on your [assumed] linux system. they > > should have been installed, or you can get them from kernel.org. > > You mean they should be included in the kernel sources/headers? > Not in my 2.2.14 kernel! > > Best regards, > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 19 04:04:08 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:29 2003 Subject: how to get pam_ntdom to work In-Reply-To: Message-ID: On Tue, 18 Apr 2000, Pieter Grimmerink wrote: > > > yes, you'll need those headers on your [assumed] linux system. they > > > should have been installed, or you can get them from kernel.org. > > > > You mean they should be included in the kernel sources/headers? > > Not in my 2.2.14 kernel! > > OK, I found them. I am currently downloading the linux-PAM libraries. great. From lkcl at samba.org Wed Apr 19 04:21:17 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:29 2003 Subject: pam_ntdom won't compile. In-Reply-To: <0846B011B9A4D111A1EE006097DA4FCE02F813D3@icex1.cc.ic.ac.uk> Message-ID: compile it in tng-apha-2.4.1. On Wed, 19 Apr 2000, Mayers, P J wrote: > [phil@mail pam_ntdom]$ make > mkdir -p ./dynamic > > *** Building pam-ntdom(alpha) module of the framework... > Contact: lkcl@samba.anu.edu.au > > gcc -O2 -DHAVE_CONFIG_H -fPIC -I./lib/include -I./lib/rpc/include > -I./rpc_validate -c rpc_validate.c -o dynamic/rpc_validate.o > rpc_validate.c:35: initializer element is not constant > make: *** [dynamic/rpc_validate.o] Error 1 > > > Version was: > > ftp://us1.samba.org/pub/samba/pam_ntdom/pam_ntdom-0.23.tgz > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 19 04:29:43 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:29 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Message-ID: hmmm... *curious*... what difference does it make if the usernames are odd or even-length number of characters? On Wed, 19 Apr 2000, Paul J Collins wrote: > > Tried the two schannel options. Logged in quickly four different > times using four different domain accounts, then three times using the > first account. I continued round-robining my four accounts, and I got > two domain-unreachables in the next 5 attempts. My last login was > using root, which I have added to the Unix group domadmin and mapped > to "Domain Admins" in the group map file. When I attempted to run > Event Viewer while seemingly successfully logged in as ONDIOLINE\root, > I got a message saying "the handle is invalid". > > For each "domain-unreachable", seven of the following event (SMB too > short) appeared in the System log before the NETLOGON message re the > domain: > > ID: 3006 > Source: Rdr > > Data: > > 0000: 00 00 3c 00 02 00 86 00 ..<...?. > 0008: 00 00 00 00 be 0b 00 80 ....?..? > 0010: 00 00 00 00 00 00 00 00 ........ > 0018: 88 77 52 80 00 00 00 00 ?wR?.... > 0020: 00 00 00 00 00 00 00 00 ........ > 0028: ff 53 4d 42 25 00 00 00 ?SMB%... > 0030: 00 88 01 00 00 00 00 00 .?...... > 0038: 00 00 00 00 00 00 00 00 ........ > 0040: 01 00 20 f0 64 00 00 07 ...?d... > 0048: 0a 04 00 00 00 00 00 04 ........ > 0050: 00 38 00 00 00 00 00 3c .8.....< > 0058: 00 00 00 00 00 05 00 00 ........ > 0060: 32 00 00 00 2... > > > Note that I did not pass "--enable-profile" to configure when I built > samba TNG, but the profiles seem to work regardless. I have built a samba > TNG with this option and I will try it out later. > > If you want me to pull stuff from my logs, just shout. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 19 04:33:49 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:29 2003 Subject: Bugreport template and description file In-Reply-To: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705B@xcgmd008.md.essd.northgrum.com> Message-ID: > pine. (it's not just mail programs, either... for example, HP-UX 10's pine is my friend. > since all MUAs I've seen send them as multipart/alternate, providing a > text/plain version as well as the text/html one). yep, it's irritating as hell. i am not interested in seeing bandwidth wasted when straight text will communicate just as well. From jffolliott at home.com Wed Apr 19 05:20:31 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:30 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: <38FCA2DE.E45AE724@siac.com> Message-ID: Michael, Why do you say you have to enable "with-profile" to get profiling, if all you want is login profiles? The two features aren't related, as I understand it. Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Michael Breuer > Sent: April 18, 2000 2:04 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: TNG-2.4.1; 1st domain logon succeeds, none after that > > > Yes... you must run with enable-profiles. If you still have an > issue, try removing the "$". > > Paul J Collins wrote: > > > >>>>> "Michael" == Michael Breuer writes: > > > > Michael> Silly question... when you built samba, did you specify > > Michael> "with-profiles?" I had the same symptoms at one > > Michael> time... that was my problem. Also, in mh configuration > > Michael> (working with profiles) I have a [profile] share, but not > > Michael> a [profile$] share. I'm not sure that this matters. > > > > In fact, I didn't enable that option when I ran configure. The > > profiles seem to work anyway, or is only partially working and I can't > > see that? Does it affect PDC functionality in the way I described? > > > > I called the share "profile$" so that it wouldn't show up when I > > browsed into the server. > > > > Paul. > > > > -- > > Paul Collins - - - - - [ A&P,a&f ] > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > "Linux: it's just this operating system, you know?" > From lkcl at samba.org Wed Apr 19 05:28:10 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:30 2003 Subject: "shouldn't be necessary" ? In-Reply-To: Message-ID: On Wed, 19 Apr 2000, Paul J Collins wrote: > >>>>> "Kirk" == Kirk A Wolff writes: > > Kirk> See Line number 42 through 45.? This is from > Kirk> samba/source/README > > I was under the impression that the a samba domain no longer required > the trust account for the PDC. correct. From peter at cadcamlab.org Wed Apr 19 06:25:56 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:30 2003 Subject: Howto quickly migrate from NT PDC to a samba PDC? References: <200004182005.VAA27953@ccmp.ccmp.inesc.pt> Message-ID: <14589.20627.673339.929853@wire.cadcamlab.org> [Nelson N. Escravana] > I have a win NT4.0/SP4 PDC and want to migrate to a samba2.0 Linux > Redhat6.1 PDC. How do i do this as less painfull as possible to the > WinNT workstations, Win2000 workstations,win95 and win98's clients??? Forget it. Unless you are willing to experiment with the Samba-TNG branch of code (i.e. NOT 2.0.x), you will not be able to do this. Samba 2.0.x has very limited domain controller support for NT (reported to work for many people, but missing a lot of features), and NONE for Win2000 (even in NT4 compatibility mode). This isn't at all likely to change, either (in 2.0.x). Peter From giulioo at pobox.com Wed Apr 19 08:28:16 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:30 2003 Subject: SMBClient/SMBMount In-Reply-To: <000201bfa97f$c29d6960$1900a8c0@joslyn.org> References: <20000417131202.766DB2AE6F@i3.golden.dom> <000201bfa97f$c29d6960$1900a8c0@joslyn.org> Message-ID: <20000419082831.B881D2AEC6@i3.golden.dom> On Wed, 19 Apr 2000 07:51:05 +1000, hai scritto: >version. However, I am wondering about the smbmount command. Am I correct >in remembering that this must be turned on at the time of compiling? Also, ./configure .... --with-smbmount >I tried to find some documentation in the source code but couldn't find any >(I may have overlooked it). I would really like to mount some shares and man smbmount mount -t smbfs -o username=userid,password=pass //srv/shr /mount_point -- giulioo@pobox.com From James.Nord at cdt.luth.se Wed Apr 19 09:25:57 2000 From: James.Nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:30 2003 Subject: Bugreport template and description file References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705B@xcgmd008.md.essd.northgrum.com> Message-ID: <38FD7BA5.B19C1DB7@cdt.luth.se> "Cole, Timothy D." wrote: > Most of these programs don't even grok MIME at all, let alone file > attachments (if they did, people wouldn't be complaining about HTML emails, > since all MUAs I've seen send them as multipart/alternate, providing a > text/plain version as well as the text/html one). Ahh but if you are using a client that understands HTML then you have no choice of HTML or text - you always get HTML. And some cleints send really small text which I can't reed. Besides I have yet to see why HTML emails are any good - oh we can have blue text and a background gif. Just my 2cents /James From pmal at space.gr Wed Apr 19 09:57:51 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:30 2003 Subject: Webmin References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705B@xcgmd008.md.essd.northgrum.com> <38FD7BA5.B19C1DB7@cdt.luth.se> Message-ID: <005601bfa9e5$b96879a0$0602000a@space.gr> I'm sure that many guys (and gals) here are using webmin for the administration of their machines. I noticed that webmin does not work with the TNG branch. I gives an error that it cannot obtain the version number of smbd. I believe that the problem is in the way that webmin searches for the version number of the smbd executable that only gives "Version TNG-alpha" Has anyone tried to hack into the webmin code and correct this? From pmal at space.gr Wed Apr 19 10:05:09 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:30 2003 Subject: Webmin :: solved References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4705B@xcgmd008.md.essd.northgrum.com> <38FD7BA5.B19C1DB7@cdt.luth.se> <005601bfa9e5$b96879a0$0602000a@space.gr> Message-ID: <005e01bfa9e6$bf573940$0602000a@space.gr> Problem solved (or better striped). I edited the index.cgi and hashed the if section that searches for the version number. Workes fine. I will now try to get the output of TNG-alpha inside webmin. shouldn't be too hard. ----- Original Message ----- From: Panagiotis Malakoudis To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 19, 2000 12:59 PM Subject: Webmin > I'm sure that many guys (and gals) here are using webmin for the > administration of their machines. > I noticed that webmin does not work with the TNG branch. I gives an error > that it cannot obtain the version number of smbd. > I believe that the problem is in the way that webmin searches for the > version number of the smbd executable that only gives "Version TNG-alpha" > Has anyone tried to hack into the webmin code and correct this? > From p.mayers at ic.ac.uk Wed Apr 19 10:59:22 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:30 2003 Subject: pam_ntdom won't compile. References: Message-ID: <38FD918A.4C826FEA@ic.ac.uk> Ugh! You mean I *have* to have TNG to use pam_ntdom? Or do I just have to compile it from there? I'm not installing samba (any version) on our mail servers. I might have to stick with pam_smb if samba is required at runtime. Cheers, Phil Luke Kenneth Casson Leighton wrote: > > compile it in tng-apha-2.4.1. > > On Wed, 19 Apr 2000, Mayers, P J wrote: > > > [phil@mail pam_ntdom]$ make > > mkdir -p ./dynamic > > > > *** Building pam-ntdom(alpha) module of the framework... > > Contact: lkcl@samba.anu.edu.au > > > > gcc -O2 -DHAVE_CONFIG_H -fPIC -I./lib/include -I./lib/rpc/include > > -I./rpc_validate -c rpc_validate.c -o dynamic/rpc_validate.o > > rpc_validate.c:35: initializer element is not constant > > make: *** [dynamic/rpc_validate.o] Error 1 > > > > > > Version was: > > > > ftp://us1.samba.org/pub/samba/pam_ntdom/pam_ntdom-0.23.tgz > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 19 11:23:00 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:30 2003 Subject: pam_ntdom won't compile. In-Reply-To: <38FD918A.4C826FEA@ic.ac.uk> Message-ID: On Wed, 19 Apr 2000, Phil Mayers wrote: > Ugh! You mean I *have* to have TNG to use pam_ntdom? Or do I just have > to compile it from there? compile it with --enable-static etc blah to get libtool to *not* generate or use shared libraries. ... however, yes, thinking about it, pam_ntdom in TNG communicates with lsarpcd in order to get the trust account / shared secret. > I'm not installing samba (any version) on our mail servers. I might have > to stick with pam_smb if samba is required at runtime. you *might* be able to get away with just installing netlogond, samrd and lsarpcd (smbd *not* required!) try it, i'd be interested to know if it works as expected. From kmmehta74 at hotmail.com Wed Apr 19 12:01:43 2000 From: kmmehta74 at hotmail.com (kalpesh) Date: Tue Dec 2 02:29:30 2003 Subject: How the specify the domain name of the username when using smbclient? Message-ID: <38FDA026.CEC9FE2D@hotmail.com> Dear Sir, When i am trying to login the Windows 98 computer to linux server it give me error that no server found. Please let me know that how can i logging to linux server from my windows98 computer. Kalpesh From Hans-Peter.Raschke at gmx.de Wed Apr 19 12:29:58 2000 From: Hans-Peter.Raschke at gmx.de (Hans-Peter Raschke) Date: Tue Dec 2 02:29:30 2003 Subject: NEED HELP: cmd_sam_sync: no trust account password Message-ID: <00041914345605.19067@qmpc2> Hello, my problem using the samsync command posted earlier still persists: [qmpc2\root@PDC_DS]$ samsync samsync LSA_QUERYSECRET: cmd_sam_sync: no trust account password Is this only a RTFM-problem!? Is there anybody out there who can give me a hint? THX hp ----------------------------------------------------------- Hans-Peter Raschke E-Mail: Hans-Peter.Raschke@gmx.de Wintermann DatenService Tel.: ++49 441 9304064 Langenweg 16 Fax: ++49 441 9304069 D-26125 Oldenburg From ctooley at joslyn.org Wed Apr 19 13:44:20 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:30 2003 Subject: SMBClient/SMBMount References: <20000417131202.766DB2AE6F@i3.golden.dom> <000201bfa97f$c29d6960$1900a8c0@joslyn.org> <20000419082831.B881D2AEC6@i3.golden.dom> Message-ID: <38FDB834.E57C1D58@joslyn.org> Giulio Orsero wrote: > On Wed, 19 Apr 2000 07:51:05 +1000, hai scritto: > > >version. However, I am wondering about the smbmount command. Am I correct > >in remembering that this must be turned on at the time of compiling? Also, > /configure .... --with-smbmount > > >I tried to find some documentation in the source code but couldn't find any > >(I may have overlooked it). I would really like to mount some shares and > man smbmount > > mount -t smbfs -o username=userid,password=pass //srv/shr /mount_point > > -- > giulioo@pobox.com I apologize for my extreme stupidity in this matter. It was not even something that I had thought was built into the kernel. Chris Tooley From pmal at space.gr Wed Apr 19 14:46:46 2000 From: pmal at space.gr (Panagiotis Malakoudis) Date: Tue Dec 2 02:29:30 2003 Subject: samsync debug 100 References: <013201bfaa0c$f96d90e0$0602000a@space.gr> Message-ID: <013a01bfaa0e$15e42300$0602000a@space.gr> I did a debug 100 attempt to see what going wrong with the samsync at my bdc. I just keeps returning 0 entries from my samba pdc. Here is the log file after the samsync command with the rpcclient. Look at the bottom. 000000 net_io_r_sam_sync 000000 smb_io_cred 000000 smb_io_chal 0000 data: a6 05 c1 b6 a4 13 63 bf 000008 smb_io_utime 0008 time: 00000000 000c sync_context: 00000001 0010 ptr_deltas: 401f66cd 0014 num_deltas : 00000000 0018 ptr_deltas2: bffff1c4 001c num_deltas2: 00000000 0020 status: 00000000 clnt_deal_with_creds: 153 cred_create sess_key : 04C32FF9ED418CF3 stor_cred: 6D2BBD9C9DCF3D2D timestamp: 38fdc376 timecred : E3EEBAD59DCF3D2D calc_cred: A605C1B6A41363BF cred_assert challenge : A605C1B6A41363BF calculated: A605C1B6A41363BF credentials check ok new clnt cred: E3EEBAD59DCF3D2D SAM synchronisation returned 0 entries SAM Database Sync ----------------- 2000/04/19 17:32:21 client started (version TNG-alpha) [root@.]$ From alex at gis.org Wed Apr 19 14:59:42 2000 From: alex at gis.org (Alexander Davydenko) Date: Tue Dec 2 02:29:30 2003 Subject: SMBClient/SMBMount In-Reply-To: <000201bfa97f$c29d6960$1900a8c0@joslyn.org>; from ctooley@joslyn.org on Wed, Apr 19, 2000 at 07:51:19AM +1000 References: <20000417131202.766DB2AE6F@i3.golden.dom> <000201bfa97f$c29d6960$1900a8c0@joslyn.org> Message-ID: <20000419185942.A13904@Javad.Ru> On Wed, Apr 19, 2000 at 07:51:19AM +1000, Chris Tooley wrote: > Hello All: > > version. However, I am wondering about the smbmount command. Am I correct > in remembering that this must be turned on at the time of compiling? Also, look at configure script, smbmount commented out, --with-smbmount don't work > I tried to find some documentation in the source code but couldn't find any > (I may have overlooked it). I would really like to mount some shares and > have my home directory on our SAMBA server get mounted to my home directory > on my local machine. So that I may "attempt" to run Outlook 98 as my mail > client with WINE. > > Any help would be much appreciated. Also I'd like to test my samba configs. > I remember there being some discussion on here on running the "startx -- > :1,2,3,..." commands to start different X configurations (this by the way is > how you would run a remote X terminal on a worstation). However, does > anyone know and could e-mail the filename to put xinit commands into for > each session? ie could I have a .xinitrc for each terminal so that when I > startx on that screen it will start different applications? I'm trying to > automate starting up my different OS's with the use of VMWare. > > > Thank you and I apologize for the off topic questions, > > Chris Tooley > -- Alexander Davydenko | alex@javad.ru, mba_69@chat.ru | Moscow, USSR ------------------------------------------------------------------------- <<<<< Powered by Linux & 220V >>>>> From abrock at georgefox.edu Wed Apr 19 13:00:25 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... Message-ID: <4.2.2.20000419075614.00a2b590@localhost> I just updated against the SAMBA_TNG branch this morning (7:30am PST, 4/19/2000). However, I am currently unable to compile this on my Sun Sparc 250 running Solaris 2.7 using GCC 2.95.2. I am seeing the following: make: *** No rule to make target `printing/load.o', needed by `bin/smbd'. Stop. Did something get left out of the latest CVS update? It appears that this is simply a missing directive in the Makefile, though I'm uncertain what exactly it would be. Tony ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From lkcl at samba.org Wed Apr 19 15:13:59 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... In-Reply-To: <4.2.2.20000419075614.00a2b590@localhost> Message-ID: oops, thanks - got it. On Thu, 20 Apr 2000, Anthony Brock wrote: > I just updated against the SAMBA_TNG branch this morning (7:30am PST, > 4/19/2000). However, I am currently unable to compile this on my Sun Sparc > 250 running Solaris 2.7 using GCC 2.95.2. > > I am seeing the following: > > make: *** No rule to make target `printing/load.o', needed by > `bin/smbd'. Stop. > > Did something get left out of the latest CVS update? It appears that this > is simply a missing directive in the Makefile, though I'm uncertain what > exactly it would be. > > Tony > ****************************************************************************** > * Anthony Brock abrock@georgefox.edu * > * Director of Network Services George Fox University * > ****************************************************************************** > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 19 15:14:13 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... In-Reply-To: <4.2.2.20000419075614.00a2b590@localhost> Message-ID: On Thu, 20 Apr 2000, Anthony Brock wrote: > I just updated against the SAMBA_TNG branch this morning (7:30am PST, > 4/19/2000). However, I am currently unable to compile this on my Sun Sparc > 250 running Solaris 2.7 using GCC 2.95.2. oh, is it morning over there? :) From kmmehta74 at hotmail.com Wed Apr 19 11:58:58 2000 From: kmmehta74 at hotmail.com (kalpesh) Date: Tue Dec 2 02:29:30 2003 Subject: Problem with NT Domain Message-ID: <38FD9F82.8413CD62@hotmail.com> Dear Sir, When i trying to start the samba service it show me an error that "Could't open \var\lock\samba\status..lck file. please send me a solution. Kalpesh From striker at samba.org Wed Apr 19 15:32:43 2000 From: striker at samba.org (Sander Striker) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... References: <4.2.2.20000419075614.00a2b590@localhost> Message-ID: <009701bfaa14$818e07a0$1e00a8c0@office.striker.nl> Currently CVS version is broken. Luke and Andrew are merging a lot between HEAD and TNG. Be patient and try again when Luke anounces that it compiles again. Sander > I just updated against the SAMBA_TNG branch this morning (7:30am PST, > 4/19/2000). However, I am currently unable to compile this on my Sun Sparc > 250 running Solaris 2.7 using GCC 2.95.2. > > I am seeing the following: > > make: *** No rule to make target `printing/load.o', needed by > `bin/smbd'. Stop. > > Did something get left out of the latest CVS update? It appears that this > is simply a missing directive in the Makefile, though I'm uncertain what > exactly it would be. > > Tony > **************************************************************************** ** > * Anthony Brock abrock@georgefox.edu * > * Director of Network Services George Fox University * > **************************************************************************** ** > > > From striker at samba.org Wed Apr 19 15:37:13 2000 From: striker at samba.org (Sander Striker) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... References: <4.2.2.20000419075614.00a2b590@localhost> Message-ID: <00ab01bfaa15$22444d80$1e00a8c0@office.striker.nl> Hmm, seems that Luke is fixing things already... Sander ----- Original Message ----- From: Anthony Brock To: Multiple recipients of list SAMBA-NTDOM Sent: Wednesday, April 19, 2000 5:04 PM Subject: Unable to compile latest CVS ... > I just updated against the SAMBA_TNG branch this morning (7:30am PST, > 4/19/2000). However, I am currently unable to compile this on my Sun Sparc > 250 running Solaris 2.7 using GCC 2.95.2. > > I am seeing the following: > > make: *** No rule to make target `printing/load.o', needed by > `bin/smbd'. Stop. > > Did something get left out of the latest CVS update? It appears that this > is simply a missing directive in the Makefile, though I'm uncertain what > exactly it would be. > > Tony > **************************************************************************** ** > * Anthony Brock abrock@georgefox.edu * > * Director of Network Services George Fox University * > **************************************************************************** ** > > > From lkcl at samba.org Wed Apr 19 15:30:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:30 2003 Subject: Unable to compile latest CVS ... In-Reply-To: <009701bfaa14$818e07a0$1e00a8c0@office.striker.nl> Message-ID: On Thu, 20 Apr 2000, Sander Striker wrote: > Currently CVS version is broken. Luke and Andrew are merging a lot between > HEAD and TNG. > > Be patient and try again when Luke anounces that it compiles again. oh, did i forget to say that? ah - it compiles again :) From p.mayers at ic.ac.uk Wed Apr 19 16:36:55 2000 From: p.mayers at ic.ac.uk (Mayers, P J) Date: Tue Dec 2 02:29:30 2003 Subject: pam_ntdom won't compile. Message-ID: <0846B011B9A4D111A1EE006097DA4FCE02F813D8@icex1.cc.ic.ac.uk> I'm afraid I'm not going near it with a barge pole. :o) Are there any problems with pam_smb, bearing in mind there's a secure network between the mail server and the PDC? Cheers, Phil ===================== The world is divided into two kinds of people, those who divide the world into two kinds of people, and those who don't... -----Original Message----- From: Luke Kenneth Casson Leighton [mailto:lkcl@samba.org] Sent: Wednesday, April 19, 2000 12:23 PM To: Phil Mayers Cc: Multiple recipients of list SAMBA-NTDOM Subject: Re: pam_ntdom won't compile. On Wed, 19 Apr 2000, Phil Mayers wrote: > Ugh! You mean I *have* to have TNG to use pam_ntdom? Or do I just have > to compile it from there? compile it with --enable-static etc blah to get libtool to *not* generate or use shared libraries. ... however, yes, thinking about it, pam_ntdom in TNG communicates with lsarpcd in order to get the trust account / shared secret. > I'm not installing samba (any version) on our mail servers. I might have > to stick with pam_smb if samba is required at runtime. you *might* be able to get away with just installing netlogond, samrd and lsarpcd (smbd *not* required!) try it, i'd be interested to know if it works as expected. From sneakums at eircom.net Wed Apr 19 17:48:39 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Luke Kenneth Casson Leighton's message of "Wed, 19 Apr 2000 14:29:43 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> hmmm... *curious*... what difference does it make if the Luke> usernames are odd or even-length number of characters? You know, that is striking a teeny little bell... I'll try it as soon as I can. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From alex at gis.org Wed Apr 19 18:59:44 2000 From: alex at gis.org (Alexander Davydenko) Date: Tue Dec 2 02:29:31 2003 Subject: Error Socket operation on non-socket Message-ID: <20000419225944.A8431@Javad.Ru> the last cvs code locking all staff. smb.log: [2000/04/19 22:31:29, 2] lib/interface.c:add_interface(83) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2000/04/19 22:31:29, 2] lib/interface.c:add_interface(83) added interface ip=192.168.2.1 bcast=192.168.2.255 nmask=255.255.255.0 [2000/04/19 22:31:29, 0] lib/util_sock.c:set_socket_options(199) Failed to set socket option SO_KEEPALIVE (Error Socket operation on non-socket) [2000/04/19 22:31:29, 0] lib/util_sock.c:set_socket_options(199) Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) rpcclient: added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 added interface ip=192.168.2.1 bcast=192.168.2.255 nmask=255.255.255.0 [ORG\root@.]$ ntlogin Enter NT Login password: do_nt_login_test: username root from: GISGATE cli_connection_init_auth: \\. \PIPE\lsarpc copy_nt_creds: null creds ncalrpc_l_use_add ncalrpc_l_find: lsarpc [14060,0] root is in 1 groups: 0 uid 0 registered to name root Clearing default real name uid 0 vuid 100 registered to unix name root vuid_init_db: opened storing user 36ec,64 000000 vuid_io_key key 0000 pid : 000036ec 0004 vuid: 0064 ncalrpc_l_establish_connection: connecting to lsarpc socket open succeeded. file name: /usr/local/samba/var/locks/.msrpc/lsarpc create_user_creds: lsarpc 0 0 000004 creds_io_cmd creds 0004 version: 0000 0006 command: 0000 000008 vuid_io_key key 0008 pid : 000036ec 000c vuid: 0064 000e name : lsarpc 0018 ptr_creds: 00000000 write_socket(5,28) write_socket(5,28) wrote 28 ncalrpc_l_use_add: num_users: 1 Bind RPC Pipe: \PIPE\lsarpc Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4.?? ?..#Eg?? [010] 00 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]???.?. ??..+.H` [010] 02 00 00 00 .... create_rpc_noauth_bind_req 000000 smb_io_rpc_hdr_rb 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 1630 0002 max_rsize: 1630 0004 assoc_gid: 000036ec 0008 num_elements: 01 000c context_id : 0064 000e num_syntaxes: 01 00000f smb_io_rpc_iface 000010 smb_io_rpc_uuid uuid 0010 time_low: 12345778 0014 time_mid: 1234 0016 time_hiv: abcd 0018 rem: ef 00 01 23 45 67 89 ab 0020 version: 00000000 000024 smb_io_rpc_iface 000024 smb_io_rpc_uuid uuid 0024 time_low: 8a885d04 0028 time_mid: 1ceb 002a time_hiv: 11c9 002c rem: 9f e8 08 00 2b 10 48 60 0034 version: 00000002 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 00 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 ncalrpc_l_send_prs: data: 0xbfffe86c len -1073747492 [000] 05 00 0B 00 10 00 00 00 48 00 00 00 01 00 00 00 ........ H....... [010] 30 16 30 16 EC 36 00 00 01 00 00 00 64 00 01 00 0.0.?6.. ....d... [020] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4.?? ?..#Eg?? [030] 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....]?? ?.?.??.. [040] 2B 10 48 60 02 00 00 00 +.H`.... write_socket(5,72) write_socket(5,72) wrote 72 ncalrpc_l_receive: 118 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [000] 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 00 ........ D....... [010] 30 16 30 16 EC 36 00 00 0E 00 5C 50 49 50 45 5C 0.0.?6.. ..\PIPE\ [020] 6C 73 61 72 70 63 64 00 01 00 00 00 00 00 00 00 lsarpcd. ........ [030] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]???.?. ??..+.H` [040] 02 00 00 00 ncalrpc_l_receive: len 68 rpc_check_hdr: rdata->data_size: 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 rpc_check_hdr: (after smb_io_rpc_hdr call) rdata->data_size: 68 prs_set_packtype: bigendian: No cli_pipe: fragment first and last both set rpc_api_pipe: return OK 000000 smb_io_rpc_hdr_ba 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 1630 0002 max_rsize: 1630 0004 assoc_gid: 000036ec 000008 smb_io_rpc_addr_str 0008 len: 000e 000a str: \PIPE\lsarpcd. 000018 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 000020 smb_io_rpc_iface 000020 smb_io_rpc_uuid uuid 0020 time_low: 8a885d04 0024 time_mid: 1ceb 0026 time_hiv: 11c9 0028 rem: 9f e8 08 00 2b 10 48 60 0030 version: 00000002 bind_rpc_pipe: searching pipe name: client:\PIPE\lsarpc server:\PIPE\lsass bind_rpc_pipe: pipe_name \PIPE\lsass != expected pipe \PIPE\lsarpcd. oh well! bind_rpc_pipe: accepted! LSA Open Policy2 make_open_pol2: attr:0 da:33554432 make_lsa_obj_attr 000000 lsa_io_q_open_pol2 0000 ptr : 00000001 000004 smb_io_unistr2 0004 uni_max_len: 00000003 0008 undoc : 00000000 000c uni_str_len: 00000003 0010 buffer : \.\... 000018 lsa_io_obj_attr 0018 len : 00000018 001c ptr_root_dir: 00000000 0020 ptr_obj_name: 00000000 0024 attributes : 00000000 0028 ptr_sec_desc: 00000000 002c ptr_sec_qos : 00000000 0030 des_access: 02000000 rpc_con_pipe_req: op_num 44 offset 52 used: 52 rpc_api_pipe_req: start: 0 off: 52 create_rpc_request: opnum: 0x2c data_len: 0x4c create_rpc_request: data_len: 4c auth_len: 0 alloc_hint: 34 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 004c 000a auth_len : 0000 000c call_id : 00000002 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000034 0014 context_id: 0064 0016 opnum : 002c rpc_api_pipe_req: end: 52 ncalrpc_l_send_prs: data: 0xbfffea38 len -1073747448 [000] 05 00 00 03 10 00 00 00 4C 00 00 00 02 00 00 00 ........ L....... [010] 34 00 00 00 64 00 2C 00 01 00 00 00 03 00 00 00 4...d.,. ........ [020] 00 00 00 00 03 00 00 00 5C 00 5C 00 2E 00 00 00 ........ \.\..... [030] 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [040] 00 00 00 00 00 00 00 00 00 00 00 02 ........ .... write_socket(5,76) write_socket(5,76) wrote 76 ncalrpc_l_receive: 118 ------------------------------------------- after that all things hangs up. -- Alexander Davydenko | alex@javad.ru, mba_69@chat.ru | Moscow, USSR ------------------------------------------------------------------------- <<<<< Powered by Linux & 220V >>>>> -------------- next part -------------- [global] netbios name = GISGATE netbios aliases = GG workgroup = ORG server string = (%h) #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' # domain admin group = @domadmin domain group map = /usr/local/samba/private/smbgroup domain alias map = /usr/local/samba/private/smbalias local group map = /usr/local/samba/private/smbuiltin username map = /usr/local/samba/private/smbuser #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = USER domain logons = Yes encrypt passwords = Yes password level = 8 username level = 6 #Dfs host msdfs = yes # Listen on all interfaces. bind interfaces only = True interfaces = 127.0.0.1 192.168.2.1 hosts allow = 192.168.2.0/255.255.255.0 127.0.0.1 #And in order for us to be *sure* to win browser elections os level = 65 domain master = Yes preferred master = Yes local master = Yes #WINS is the equivalent of DNS for NetBIOS. wins support = Yes dns proxy = Yes name resolve order = lmhosts wins host bcast #Be time server time server = No #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = STARTUP.BAT logon drive = U: logon home = \\%L\%U #Other staff admin users = root alex guest account = ftp character set = KOI8-R client code page = 866 log file = /usr/local/samba/log/%m.log max log size = 500 socket options = TCP_NODELAY wide links = Yes # locking = No # strict locking = No # level2 oplocks = No # oplocks = No timestamp logs = Yes printing = lprng print command=/usr/bin/lpr -r -P%p -J"%j" %s client ntlmv2 = Yes #[PRINTER$] # path=/usr/local/samba/lib/ntprinters # public = Yes # browseable = No # writable = No #[lp] # comment = Printer HP LaserJet 1100A # path = /var/spool/samba # print ok = Yes # browseable = Yes # writable = No # printer = lp # printer driver= HP LaserJet 1100 # printer driver location = \\%L\PRINTER$ [printers] comment = Printers path = /var/spool/samba print ok = Yes browseable = No guest ok =No [homes] comment = User's home path = /var/users/%S valid users = %S write list = %S create mask = 0600 directory mask = 0700 force group = users guest ok = No browseable = No [tmp] comment = Trash path = /tmp guest ok = Yes browseable = Yes writeable = Yes From mbreuer at siac.com Wed Apr 19 19:15:55 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that References: Message-ID: <38FE05EA.3AF3E9EC@siac.com> I stand corrected. When I was having the same problem once upon a time, someone from this list suggested that I needed "with-profile" support, and I didn't check further. Coincidentally, that version of the alpha must have fixed my problem, so I assumed that "with-profile" worked. Oh well... time to turn it off again. Jamie ffolliott wrote: > Michael, > > Why do you say you have to enable "with-profile" to get profiling, if all > you want is login profiles? The two features aren't related, as I > understand it. > > Jamie > > > -----Original Message----- > > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > > Michael Breuer > > Sent: April 18, 2000 2:04 PM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: TNG-2.4.1; 1st domain logon succeeds, none after that > > > > > > Yes... you must run with enable-profiles. If you still have an > > issue, try removing the "$". > > > > Paul J Collins wrote: > > > > > >>>>> "Michael" == Michael Breuer writes: > > > > > > Michael> Silly question... when you built samba, did you specify > > > Michael> "with-profiles?" I had the same symptoms at one > > > Michael> time... that was my problem. Also, in mh configuration > > > Michael> (working with profiles) I have a [profile] share, but not > > > Michael> a [profile$] share. I'm not sure that this matters. > > > > > > In fact, I didn't enable that option when I ran configure. The > > > profiles seem to work anyway, or is only partially working and I can't > > > see that? Does it affect PDC functionality in the way I described? > > > > > > I called the share "profile$" so that it wouldn't show up when I > > > browsed into the server. > > > > > > Paul. > > > > > > -- > > > Paul Collins - - - - - [ A&P,a&f ] > > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > > "Linux: it's just this operating system, you know?" > > From mkalus at osft.com Wed Apr 19 19:39:46 2000 From: mkalus at osft.com (Michael Kalus) Date: Tue Dec 2 02:29:31 2003 Subject: Using a "real" PDC for verification? Message-ID: <91C59D4E31EAD311816A0050BAC953F4075F26@GOLD> Hi, I am pretty sure I overlooked this, but where exactly can I define that Samba should verify PW via the Domain PDC? Security is set to domain... Sorry I am totally new to samba :) Michael -------------- next part -------------- HTML attachment scrubbed and removed From SRuth at LANDAM.com Wed Apr 19 19:42:07 2000 From: SRuth at LANDAM.com (Ruth, Sven) Date: Tue Dec 2 02:29:31 2003 Subject: Using a "real" PDC for verification? Message-ID: <6768A16CA846D3119104009027998CC304A44490@LANDE04> password server = If you're using SWAT it's a couple entries below the security entry. You might have to click the Advanced button before you'll see it. Sven -----Original Message----- From: Michael Kalus [mailto:mkalus@osft.com] Sent: Wednesday, April 19, 2000 2:38 PM To: Multiple recipients of list SAMBA-NTDOM Subject: Using a "real" PDC for verification? Hi, I am pretty sure I overlooked this, but where exactly can I define that Samba should verify PW via the Domain PDC? Security is set to domain... Sorry I am totally new to samba :) Michael From pjdc at eircom.net Wed Apr 19 21:12:25 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Luke Kenneth Casson Leighton's message of "Wed, 19 Apr 2000 14:32:18 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> hmmm... *curious*... what difference does it make if the usernames are Luke> odd or even-length number of characters? Domain: SNOWBUG Server: STO-KERRIG Wks: QUIRM Pseudopolis, my original NT VMWare session has gone totally gaga on me, so I have done a fresh one, containing NT 4, VMWare Toolbox and SP4. I logged in as SNOWBUG\root, no problem. Logged out and tried to log in a SNOWBUG\cathy. "Domain not available". Shut down NT. Shut down Samba. Start Samba. Start NT. Logged in as SNOWBUG\cathy. No problem. Log out and log in right away as SNOWBUG\henry, no problem. Repeat this about five times or so. Log in as QUIRM\Administrator to have a look at the logs. The last log I had open was the Security log, and when Event Viewer tries to show it to me, I get a message saying "The handle is invalid" and asks me do I want to select another server to administer. All I can do is quit Event Viewer. I log out and try to log in as SNOWBUG\sneakums and I get the "domain not available" error. [ DIVERSION: I believe some of the weirdness I experienced using Pseudopolis can be explained by the fact that my original Samba set up was a work-group set up and that for each account PSEUDOPOLIS\sneakums, PSEUDOPOLIS\henry and PSEUDOPOLIS\cathy, there was a corresponding account on STO-KERRIG, with identical passwords. ] I reboot the machine and log in as SNOWBUG\henry, having added him to the Unix domadmin group, which is mapped to "Domain Admins", so that I can look at the logs. I notice one 3006 (SMB too short) in the System log. I select Security. "Handle is invalid". I go back to System, and now there is *another* 3006! I can keep doing this and every time, I get a new 3006. Here is the event detail again: 0000: 00 00 3c 00 02 00 86 00 ..<...?. 0008: 00 00 00 00 be 0b 00 80 ....?..? 0010: 00 00 00 00 00 00 00 00 ........ 0018: 48 64 4a 80 00 00 00 00 HdJ?.... 0020: 00 00 00 00 00 00 00 00 ........ 0028: ff 53 4d 42 25 00 00 00 ?SMB%... 0030: 00 88 01 00 00 00 00 00 .?...... 0038: 00 00 00 00 00 00 00 00 ........ 0040: 01 00 e0 19 64 00 c0 02 ..?.d.?. 0048: 0a 04 00 00 00 00 00 04 ........ 0050: 00 38 00 00 00 00 00 3c .8.....< 0058: 00 00 00 00 00 05 00 00 ........ 0060: 32 00 00 00 2... After all this, I log out and try to log in as SNOWBUG\cathy and I get a "domain controller not found" error. I hope you can make use of all this, cos I am just confused. As ever, I have logs @ 100. Holler if you want me to look for something in 'em. Paul. ---BEGIN "smb.conf"--- [global] debug level = 100 guest account = ftp #client schannel = no #server schannel = no netbios name = STO-KERRIG server string = Samba (Primary DC) workgroup = SNOWBUG interfaces = 172.16.252.1/16 127.0.0.1/8 domain group map = /usr/local/samba-TNG/private/domaingroup.map #domain alias map = /usr/local/samba-TNG/private/domainalias.map security = user domain logons = yes encrypt passwords = yes os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = H: logon home = \\STO-KERRIG\%U logon path = \\STO-KERRIG\profile\%U #print related junk print command = /usr/bin/lpr -r -P%p %s lpq command = /usr/bin/lpq -P%p lprm command = /usr/bin/lprm -P%p %j printcap name = /etc/printcap load printers = yes [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba-TNG/netlogon writable = no guest ok = no comment = PDC netlogon share [profile] path = /usr/local/samba-TNG/profile writeable = yes [printers] printing = bsd comment = All Printers path = /tmp browseable = no guest ok = yes writable = no printable = yes [print$] path = /usr/local/samba-TNG/print writable = yes guest ok = yes ---END "smb.conf"--- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From ken at hudat.com Wed Apr 19 21:11:29 2000 From: ken at hudat.com (Kendrick Vargas) Date: Tue Dec 2 02:29:31 2003 Subject: o/t info request In-Reply-To: <00c101bfa980$ecc31860$8001a8c0@Braemarinc.com> Message-ID: On Wed, 19 Apr 2000, Kirk A Wolff wrote: > > Completely off-topic I know, but does anyone know if there is a product > for > > UNIX which would act as a cheap drop-in replacement for an Exchange > Server? I don't know if this was answered yet, but check out HP's OpenMail. It's available for at least linux and I imagine their own HPUX. It's pretty cool. It's not quite "drop-in" : you have to install a seperate set of MAPI DLL's that can talk to the OpenMail server to allow outlook to see it as an Exchange Server. I played with it a little, but not enough to actively be enthusiastic about it, so YMMV :-) And btw... It's free for linux, unless you want support, and that'll cost you. -peace --- BEGIN GEEK CODE BLOCK ------------+----------- GAT d- s:+ !a C+(+++) UI/L/S/B++(+++) | "In the morning glad I see P>+ L+(++) E---- W+++ N+ o? K? w++++ | My foe outstrech'd beneath the tree." O--- M-- V PS+++@ PE Y-- PGP+ t++ 5 | -The Poison Tree X++ R- tv+ b DI++ D+ G e>* h*(!) r- | William Blake y*(+) ------ END GEEK CODE BLOCK -----+ From giovanni.affuso at almaitalia.it Wed Apr 19 22:50:38 2000 From: giovanni.affuso at almaitalia.it (Affuso Giovanni) Date: Tue Dec 2 02:29:31 2003 Subject: Problem in compiling samba CVS-BRANC Message-ID: <4.3.2.20000420004206.00d16be0@10.0.0.1> Hi, I have the seguent problem in the compiling the last version of samba CVS-BRANC: lib/interface.o: In function `add_interface': lib/interface.o(.text+0xb0): undefined reference to `ip_equal' lib/interface.o: In function `interpret_interface': lib/interface.o(.text+0x2d4): undefined reference to `ip_equal' lib/interface.o: In function `ismyip': lib/interface.o(.text+0x695): undefined reference to `ip_equal' make: *** [bin/smbd] Error 1 another questions: a) I have a little problem with the export of resourse with samba. I export a directory pubblic but all files o directory made have the with autorizzation 755, why? smb.conf [scambio] path = /intranet/almaitalia/server/scambio create mode = 777 comment = Scambio browseable = yes public = yes writable = yes b) Please, can you give me the istructions for the download the TGN version of samba? Thanks for help. Giovanni Affuso Responsabile E.D.P. Alma Italia S.r.l. c.so Vercelli 387, Torino tel. 0112620388 fax. 0112624308 mailto:giovanni.affuso@almaitalia.it From jmottishaw at wantech.org Wed Apr 19 23:01:37 2000 From: jmottishaw at wantech.org (Jeff Mottishaw) Date: Tue Dec 2 02:29:31 2003 Subject: subscribe Message-ID: <01AEF8F91EEAD311891F00010223D15009F2FC@hermes.globalmediacorp.com> subscribe test From pjdc at eircom.net Wed Apr 19 23:24:05 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Paul J Collins's message of "Thu, 20 Apr 2000 07:09:52 +1000" References: Message-ID: Below is the end of log.lsarpc just at the point where the "domain controller not found" message appears. I've been trying to see which logs show most activity during a login, and I think this is pretty much the most active. I have no idea how to interpret this stuff, but I hope it provides some clues. One thing I noticed is that the line below, "secret time" has a date that is EARLIER than the date I created the QUIRM$ trust account, or even the date when I installed QUIRM itself. I have also noticed stuff in log.nmb to do with process_logon_packet; is this related to the trust account? This sort of random log-posting is sure to annoy, but I'm lost as to which type of information will help. Paul. -------log.lsarpc------- api_pipe_request: validated auth pipe name: lsarpc search name: lsarpc Doing \PIPE\lsarpc api_rpc_command: api_ntlsa_rpc op 0x0 - api_rpc_command: LSA_CLOSE 000008 lsa_io_q_close 000008 smb_io_pol_hnd 0008 ptr: 00000000 00000c smb_io_rpc_uuid uuid 000c time_low: fbe82b00 0010 time_mid: aa52 0012 time_hiv: 01bf 0014 rem: 3a 11 00 00 01 00 00 00 Compare policy hnd[1] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 01 00 00 00 .... Found policy hnd[1] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 01 00 00 00 .... policy(pnum=1 open_policy): Closing policy closed 000000 lsa_io_r_close 000000 smb_io_pol_hnd 0000 ptr: 00000000 000004 smb_io_rpc_uuid uuid 0004 time_low: 00000000 0008 time_mid: 0000 000a time_hiv: 0000 000c rem: 00 00 00 00 00 00 00 00 0014 status: 00000000 called api_ntlsa_rpc create_noauth_reply: data_start: 0 data_end: 24 max_tsize: 5680 alloc_hint: 24 hdr flags: 3 000000 smb_io_rpc_hdr rhdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000002a 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 006d 0016 cancel_ct : 00 0017 reserved : 00 create_rpc_reply: finished sending ncalrpc_l_send_prs: data: 0x80e0198 len 48 [000] 05 00 02 03 10 00 00 00 30 00 00 00 2A 00 00 00 ........ 0...*... [010] 18 00 00 00 6D 00 00 00 00 00 00 00 00 00 00 00 ....m... ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ write_socket(7,48) write_socket(7,48) wrote 48 rpc_local: len 0 rpc_local: no data to send ncalrpc_l_send_prs: data: (nil) len 48 receive_message_or_msrpc: timeout 60000 fd 7 read_data: read of 16 returned 0. Error = Success end of file from client unbecome_to_initial_uid: 127 Opened policy hnd[5] register_policy_hnd: vuser [4384, 6d] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... Compare policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... Found policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... policy pnum=5 setting name to open_policy2 copy_unistr2: string len 12 lookup secret $MACHINE.ACC 000000 smb_io_unistr2 key 0000 uni_max_len: 0000000c 0004 undoc : 00000000 0008 uni_str_len: 0000000c 000c buffer : $.M.A.C.H.I.N.E...A.C.C. Compare policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... Found policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... Getting policy vuser_key pnum=5 pid=4384 vuid=6d Opened policy hnd[6] register_policy_hnd: vuser [4384, 6d] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... policy pnum=6 setting name to secret (open) copy_unistr2: string len 12 Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... policy(pnum=6 secret (open)): Setting policy state setting tdb secret name=$MACHINE.ACC Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Getting policy vuser_key pnum=6 pid=4384 vuid=6d lookup user 1120,6d 000000 vuid_io_key key 0000 pid : 00001120 0004 vuid: 006d Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Getting policy vuser_key pnum=6 pid=4384 vuid=6d lookup user 1120,6d 000000 vuid_io_key key 0000 pid : 00001120 0004 vuid: 006d Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... policy(pnum=6 secret (open)): Getting policy state copy_unistr2: string len 12 copy_unistr2: string len 12 lookup secret $MACHINE.ACC 000000 smb_io_unistr2 key 0000 uni_max_len: 0000000c 0004 undoc : 00000000 0008 uni_str_len: 0000000c 000c buffer : $.M.A.C.H.I.N.E...A.C.C. 000000 lsa_io_secret usr 000000 lsa_io_secret_info 0000 ptr_value : 00000001 000004 lsa_io_secret_value 0004 ptr_secret: 00000001 000008 smb_io_strhdr hdr_secret 0008 str_str_len: 00000018 000c str_max_len: 00000018 0010 buffer : 00000001 000014 smb_io_string2 secret 0014 str_max_len: 00000018 0018 undoc : 00000000 001c str_str_len: 00000018 0020 buffer : ..........l'....0....e.. 0038 ptr_update: 00000001 000040 smb_io_time last_update 0040 low : cf5be280 0044 high: 01bfa970 000048 lsa_io_secret_info 0048 ptr_value : 00000000 004c ptr_update: 00000001 000050 smb_io_time last_update 0050 low : cf5be280 0054 high: 01bfa970 secret time: Tue, 18 Apr 2000 21:00:57 GMT current time: Wed, 19 Apr 2000 23:59:59 GMT Compare policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... Found policy hnd[6] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 03 00 00 00 .... policy(pnum=6 secret (open)): Closing policy closed Compare policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... Found policy hnd[5] [000] 00 00 00 00 00 2B E8 FB 52 AA BF 01 3A 11 00 00 .....+.. R...:... [010] 02 00 00 00 .... policy(pnum=5 open_policy2): Closing policy closed update_trust_account: 194 msrpc close: 551 unbecome_to_initial_uid: 127 Closing connections Server exit (normal exit) -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pkennedy at loudcloud.com Thu Apr 20 00:58:11 2000 From: pkennedy at loudcloud.com (Paul Kennedy) Date: Tue Dec 2 02:29:31 2003 Subject: lsarpc problems ? Message-ID: <38FE5623.A49B4BD3@loudcloud.com> I haven't built Samba-TNG in a week or two, so today I rebuilt and reinstalled and I'm having some problems. When I run samedit to create a new user account or workstation trust account, the createuser command seems to hang/stall until I force it to exit. Also, when using rpcclient as follows: [root@millstreet bin]# rpcclient -S MILLSTREET -U root%pa@is8 -W AIRIUS added interface ip=192.168.100.62 bcast=192.168.100.255 nmask=255.255.255.0 Server: \\MILLSTREET: User: root Domain: AIRIUS Connection: error connecting to 192.168.100.62:445 (Connection refused) failed session setup cli_net_use_add: connection failed This causes thousands of lines like below to be written to log.lsarpc and log.lsarpc.old rpc_local: len 0 rpc_local: no data to send rpc_local: len 0 rpc_local: no data to send rpc_local: len 0 rpc_local: no data to send rpc_local: len 0 rpc_local: no data to send rpc_local: len 0 rpc_local: no data to send I believe I'm running all the right processes for PDC functionality [root@millstreet sbin]# ps ax | grep d10 16697 ? S 0:00 smbd -D -d10 16699 ? S 0:00 nmbd -D -d10 16701 ? S 0:00 srvsvcd -D -d10 16703 ? S 0:00 wkssvcd -D -d10 16705 ? S 0:00 nmbd -D -d10 16706 ? S 0:00 lsarpcd -D -d10 16708 ? S 0:00 samrd -D -d10 16710 ? S 0:00 netlogond -D -d10 16712 ? S 0:00 winregd -D -d10 16732 ? S 0:00 smbd -D -d10 16733 ? R 10:26 lsarpcd -D -d10 16771 ? S 0:00 nmbd -D -d10 16782 pts/1 R 0:00 grep d10 [root@millstreet sbin]# Attached is my lib/smb.conf. Is anyone else experiencing this problem ? Pk. -------------- next part -------------- # # %%%LDAP-SERVER-TCP-HOSTNAME%%% e.g. "millstreet.loudcloud.com" # %%%NT-DOMAIN-NAME%%% e.g. AIRIUS # %%%NT-PDC-NETBIOS-HOSTNAME%%% e.g. MILLSTREET # [global] ldap suffix= "o=airius.com,o=loudcloud.com" ldap bind as= "uid=admin, ou=Administrators, ou=TopologyManagement, o=NetscapeRoot" ldap passwd file= /cust/usr/samba/private/ldappasswd ldap server= churchfield.loudcloud.com ldap port= 389 workgroup = AIRIUS netbios name = MILLSTREET comment = Linux RedHat PDC Samba Server with LDAP backend security = user null passwords = yes encrypt passwords = yes logon path = \\MILLSTREET\profiles\%G logon script = %U.bat logon drive = U: socket options = TCP_NODELAY keep alive = 60 dead time = 30 domain master = yes domain logons = yes wins support = yes name resolve order = wins lmhosts hosts bcast wins proxy = yes time server = yes name resolve order = wins lmhosts hosts bcast [netlogon] path = /cust/usr/samba/netlogon locking = no writeable = yes comment = Net Logon share guest ok = no browseable = yes [homes] path = /cust/usr/samba/homes guest ok = no read only = no comment = Homes share writeable = yes browseable = no create mask = 0700 From lkcl at samba.org Thu Apr 20 01:16:45 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:31 2003 Subject: pam_ntdom won't compile. In-Reply-To: <0846B011B9A4D111A1EE006097DA4FCE02F813D8@icex1.cc.ic.ac.uk> Message-ID: On Thu, 20 Apr 2000, Mayers, P J wrote: > I'm afraid I'm not going near it with a barge pole. :o) tee hee :) > Are there any problems with pam_smb, bearing in mind there's a secure > network between the mail server and the PDC? not really. From lkcl at samba.org Thu Apr 20 01:25:17 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:31 2003 Subject: Error Socket operation on non-socket In-Reply-To: <20000419225944.A8431@Javad.Ru> Message-ID: > [2000/04/19 22:31:29, 0] lib/util_sock.c:set_socket_options(199) > Failed to set socket option SO_KEEPALIVE (Error Socket operation on non-socket) > [2000/04/19 22:31:29, 0] lib/util_sock.c:set_socket_options(199) > Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) can u track this, pls? > ncalrpc_l_send_prs: data: 0xbfffea38 len -1073747448 ^^^^^^^^^^^ dis probly the prob. -------------- next part -------------- [global] netbios name = GISGATE netbios aliases = GG workgroup = ORG server string = (%h) #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' # domain admin group = @domadmin domain group map = /usr/local/samba/private/smbgroup domain alias map = /usr/local/samba/private/smbalias local group map = /usr/local/samba/private/smbuiltin username map = /usr/local/samba/private/smbuser #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = USER domain logons = Yes encrypt passwords = Yes password level = 8 username level = 6 #Dfs host msdfs = yes # Listen on all interfaces. bind interfaces only = True interfaces = 127.0.0.1 192.168.2.1 hosts allow = 192.168.2.0/255.255.255.0 127.0.0.1 #And in order for us to be *sure* to win browser elections os level = 65 domain master = Yes preferred master = Yes local master = Yes #WINS is the equivalent of DNS for NetBIOS. wins support = Yes dns proxy = Yes name resolve order = lmhosts wins host bcast #Be time server time server = No #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = STARTUP.BAT logon drive = U: logon home = \\%L\%U #Other staff admin users = root alex guest account = ftp character set = KOI8-R client code page = 866 log file = /usr/local/samba/log/%m.log max log size = 500 socket options = TCP_NODELAY wide links = Yes # locking = No # strict locking = No # level2 oplocks = No # oplocks = No timestamp logs = Yes printing = lprng print command=/usr/bin/lpr -r -P%p -J"%j" %s client ntlmv2 = Yes #[PRINTER$] # path=/usr/local/samba/lib/ntprinters # public = Yes # browseable = No # writable = No #[lp] # comment = Printer HP LaserJet 1100A # path = /var/spool/samba # print ok = Yes # browseable = Yes # writable = No # printer = lp # printer driver= HP LaserJet 1100 # printer driver location = \\%L\PRINTER$ [printers] comment = Printers path = /var/spool/samba print ok = Yes browseable = No guest ok =No [homes] comment = User's home path = /var/users/%S valid users = %S write list = %S create mask = 0600 directory mask = 0700 force group = users guest ok = No browseable = No [tmp] comment = Trash path = /tmp guest ok = Yes browseable = Yes writeable = Yes From lkcl at samba.org Thu Apr 20 01:38:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Message-ID: hi paul, i think i know what it is: NetEnumTrustedDomains which i tried to modify to be compatible with NT5, a couple of days ago. From hilarycheng at usa.net Thu Apr 20 03:07:27 2000 From: hilarycheng at usa.net (Hilary Cheng) Date: Tue Dec 2 02:29:31 2003 Subject: About Samba-NT DOM on FreeBSD Message-ID: <38FE746F.19776B16@usa.net> Hi All, I have downloaded the 2.4.1 alpha version of DOM. I followed the instruction of a FAQ to setup the DOM. But it needs to create ABC$ account on unix. But FreeBSD doesn't allow to create user with "$". Is it got any other alternative to do this ? Regards, Hilary From alex at gs.nsc.ru Thu Apr 20 03:18:59 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:31 2003 Subject: About Samba-NT DOM on FreeBSD In-Reply-To: <38FE746F.19776B16@usa.net> References: <38FE746F.19776B16@usa.net> Message-ID: <15429.000420@gs.nsc.ru> Hello , Thursday, April 20, 2000, 10:06:40 AM, you wrote: HC> Hi All, HC> I have downloaded the 2.4.1 alpha version of DOM. I followed the HC> instruction HC> of a FAQ to setup the DOM. But it needs to create ABC$ account on unix. HC> But HC> FreeBSD doesn't allow to create user with "$". Is it got any other HC> alternative to do HC> this ? use vipw to edit passwd files. HC> Regards, HC> Hilary Best regards, Alex mailto:alex@gs.nsc.ru From hilarycheng at usa.net Thu Apr 20 04:33:37 2000 From: hilarycheng at usa.net (Hilary Cheng) Date: Tue Dec 2 02:29:31 2003 Subject: About Samba-NT DOM on FreeBSD References: <38FE746F.19776B16@usa.net> <15429.000420@gs.nsc.ru> Message-ID: <38FE88A1.669FE0DF@usa.net> thanks all :D anyone can use 2.4.1 and use NT to logon Domain sucesfully ? I have create an account on Both UNIX and Samba. But when I want logon to Samba at NT/Win9X, it give me a message at the samba.log "SMB LM/NT Password did not match!" Is there anytrhings wrong ? Regards, Hilary "Alex A. Emanov" wrote: > Hello , > > Thursday, April 20, 2000, 10:06:40 AM, you wrote: > > HC> Hi All, > > HC> I have downloaded the 2.4.1 alpha version of DOM. I followed the > HC> instruction > HC> of a FAQ to setup the DOM. But it needs to create ABC$ account on unix. > HC> But > HC> FreeBSD doesn't allow to create user with "$". Is it got any other > HC> alternative to do > HC> this ? > use vipw to edit passwd files. > HC> Regards, > > HC> Hilary > > Best regards, > Alex mailto:alex@gs.nsc.ru From AVShutko at mail.khstu.ru Thu Apr 20 07:17:10 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:31 2003 Subject: No subject Message-ID: <14761.000420@mail.khstu.ru> Hello, i got a some problem with TNG... Can anybody point me to my mistake? I can't run lsarpcd... This is cut from its logfile: [2000/04/20 17:54:32, 2] lib/util_sock.c:open_pipe_sock(1092) socket connect to /tmp/.msrpc/.lsarpc/agent failed: No such file or directory [2000/04/20 17:54:32, 2] lib/util_sock.c:open_pipe_sock(1092) socket connect to /usr/local/samba/var/locks/.msrpc/lsarpc failed: No such file or directory [2000/04/20 17:54:32, 1] lib/msrpc-client.c:ncalrpc_l_establish_connection(418) ncalrpc_l_establish_connection: failed lsarpc) [2000/04/20 17:54:32, 0] rpc_client/ncalrpc_l_use.c:ncalrpc_l_use_add(230) ncalrpc_l_use_add: connection failed Other daemons (like browserd) are create a socket_pipe in lock/.msprcfile and work without errors (only "lsa query info failed") I'm using samba-tng-alpha.2.3.tar.bz2 size=2965570 time=Apr 18 07:58 on FreeBSD 4.0-RELEASE (Cel-400 RAM128Mb HDD15Gb) And this is conf file: client code page = 866 workgroup = UI netbios name = UISERV server string = UI PDC (Samba) interfaces = xxx.xxx.xxx.xxx security = DOMAIN encrypt passwords = Yes map to guest = Bad User smb passwd file = /usr/local/samba/etc/samba.passwd log level = 4 syslog = 0 log file = /usr/local/samba/var/log.%m max log size = 50 timestamp logs = Yes announce version = 4.2 time server = Yes domain logons = Yes os level = 33 preferred master = True domain master = True wins proxy = Yes wins server = xxx.xxx.xxx.xxx config file = /usr/local/samba/lib/smb.conf admin users = regressor, voland guest ok = Yes hosts allow = 127.0.0.1 xxx.xxx. max connections = 10 strict sync = Yes sync always = Yes P.S. netlogond and samrd don't work too... and when i try to coonect to smb shares, smbd write to his log this: [2000/04/20 17:41:48, 1] rpc_client/cli_lsarpc.c:get_domain_sids(110) lsa query info failed A.V.Shutko mailto:AVShutko@mail.khstu.ru From m.g.ross at herts.ac.uk Thu Apr 20 10:44:06 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:31 2003 Subject: Smbd gives 'Abort' error on start Message-ID: I have compiled the TNG branch from about 5pm GMT 19th April and everything compiles and installs correctly. However, when I run '/usr/local/samba/sbin/smbd -D' I get 'Abort' on the standard output and smbd terminates. The log.smb file: [2000/04/20 11:21:28, 1] smbd/server.c:main(685) smbd version TNG-alpha started. Copyright Andrew Tridgell 1992-1998 =============================================================== INTERNAL ERROR: Signal 11 in pid 26912 (TNG-alpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error I know signal 11 is a segmentation fault so I don't think there's anything wrong with my setup. Here is my smb.conf: -----------------start----------------------- [global] workgroup = FEISPCLABS netbios name = LAWN server string = FEIS Samba Server encrypt passwords = Yes null passwords = Yes smb passwd file = /usr/local/samba/private/smbpasswd passwd program = /usr/bin/yppasswd log file = /usr/local/samba/var/_%m.log max log size = 200 name resolve order = wins host lmhosts bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local group map = /usr/local/samba/lib/localgroups.map #domain groups = Users #domain guest group = Guests domain group map = /usr/local/samba/lib/domaingroups.map domain user map = /usr/local/samba/lib/usermap.map logon path = \\bantam\user1\profiles\admin logon drive = q: logon home = e:\auser domain logons = Yes lm announce = False preferred master = Yes domain master = Yes dns proxy = No wins server = xxx.xxx.xxx.xxx admin users = comtmgr comtpm hosts allow = xxx.xxx. 127. [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon share modes = No [printers] comment = All Printers path = /var/spool/lp/tmp guest account = ftp printable = Yes printer name = lp browseable = No [tmp] comment = Temporary file space path = /tmp admin users = comtpm write list = @technical @staff @research force security mode = 00 force directory security mode = 00 write cache size = 16384 hide dot files = No [public] comment = Public Area path = /usr/local/samba/lib/netlogon share modes = No [cm1600] comment = HP 1600CM Colour InkJet (E300) path = /tmp guest account = ftp read only = No printable = Yes print command = cm -1 %s; rm %s printer name = cm1600 oplocks = No share modes = No [eisis01] comment = EISIS01 path = /tmp guest account = ftp read only = No printable = Yes printer name = lp oplocks = No share modes = No [eisis02] comment = EISIS02 path = /tmp guest account = ftp read only = No printable = Yes printer name = lp oplocks = No share modes = No [eisis03] comment = EISIS03 path = /tmp guest account = ftp read only = No printable = Yes printer name = eisis03 oplocks = No share modes = No [eisis04] comment = EISIS04 path = /tmp guest account = ftp read only = No printable = Yes printer name = eisis04 oplocks = No share modes = No --------------------end------------------------- I will try CVS again later. Regards, Matt Ross -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From snail_talk at yahoo.com Thu Apr 20 15:45:12 2000 From: snail_talk at yahoo.com (Geoffrey Lee) Date: Tue Dec 2 02:29:31 2003 Subject: samba compilation errors Message-ID: <000001bfaadf$6a79cf60$0200000a@workstation1> Hi all, i've just downloaded 2.4.2, and i'm getting a compilation error. i'm using gcc 2.95, and a very impure mandrake 6.0 intel box. attached is the build output, please take a look at it. thx cu Geoff -------------- next part -------------- A non-text attachment was scrubbed... Name: blah.out Type: application/octet-stream Size: 26354 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000420/3fa22e36/blah.obj From pjdc at eircom.net Thu Apr 20 17:49:03 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:31 2003 Subject: TNG-2.4.1; 1st domain logon succeeds, none after that In-Reply-To: Luke Kenneth Casson Leighton's message of "Thu, 20 Apr 2000 11:40:56 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> hi paul, i think i know what it is: NetEnumTrustedDomains Luke> which i tried to modify to be compatible with NT5, a couple Luke> of days ago. Those changes are present in 2.4.1? That is the version i am using. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From aburleigh at eaglept.com Thu Apr 20 18:02:01 2000 From: aburleigh at eaglept.com (Andy Burleigh) Date: Tue Dec 2 02:29:31 2003 Subject: security = server error: NT_STATUS_NO_TRUST_SAM_ACCOUNT Message-ID: <01BFAAD1.00B54630.aburleigh@eaglept.com> Hi, I'm attempting to free up some addresses here at work so I've got a red hat 6.2 machine setup which can properly forward the machines (windows nt workstations and soon a few amigas) behind it out for network access, (mail and web browsing), but I also need to set up some shares off of the internal machines to our windows network and have access to some shares, so I've installed samba. Currently when my internal machine boots up I receive an error that the PDC for the network cannot be reached so I am logging in by my cached settings. This was happening before setting up samba, and still happening with samba running. I was hoping that by correctly setting up samba I could do the following: 1) have my internal machines login validated through the linux/samba server against the current WNTSrv PDC. [this is not working] 2) let my internal machines browse the rest of the network [this works sometimes] 3) share internal resources out to the external network by setting up sh ared mounts on the linux/samba server.[this is not working] Right now I am working on getting the validation done through the PDC, i've set security = server (and tried security = domain) i've set the password server = and and <*>. None of these work. This is the error I get with the bios name set: [2000/04/20 11:31:41, 0] rpc_client/cli_netlogon.c:cli_net_auth2(160) cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT [2000/04/20 11:31:41, 0] rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2000/04/20 11:31:41, 0] smbd/password.c:domain_client_validate(1413) domain_client_validate: unable to setup the PDC credentials to machine *. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. This is the error I get uisng *: [2000/04/20 12:06:30, 1] lib/util_sock.c:open_socket_out(926) error connecting to 192.###.#.18:139 (No route to host) [2000/04/20 12:06:30, 0] smbd/password.c:connect_to_domain_password_server(1153) connect_to_domain_password_server: unable to connect to SMB server on machine EPT71. Error was : code 0. [2000/04/20 12:06:33, 1] lib/util_sock.c:open_socket_out(926) error connecting to 92.#.###.71:139 (No route to host) [2000/04/20 12:06:33, 0] smbd/password.c:connect_to_domain_password_server(1153) connect_to_domain_password_server: unable to connect to SMB server on machine 92.#.###.71. Error was : code 0. [2000/04/20 12:06:33, 0] smbd/password.c:domain_client_validate(1392) domain_client_validate: Domain password server not available. Interesting thing here is that the first ip is not the PDC, the second is the correct netbios name, the following ips are incomplete, should start out 192..... Any suggestions would be great, I've read a considerable amount of the docs and tried many configs to try and get this to work, I can set up samba for the internal machines using user level security and the smbpasswd file, but I'm getting nowhere fast.... Thanks, Andy From David.Bear at asu.edu Thu Apr 20 22:09:33 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:31 2003 Subject: uses for ldap Message-ID: I am wondering what samba users are using ldap for... I realize ldap can be used to (i think) authenticate users, but are you also storing servers and shares in ldap? David Bear College of Public Programs/ASU From rfs at aw.com.pl Thu Apr 20 23:53:32 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:31 2003 Subject: uses for ldap References: Message-ID: <38FF987C.507A2079@aw.com.pl> iddwb wrote: > > I am wondering what samba users are using ldap for... I realize ldap can > be used to (i think) authenticate users, but are you also storing servers > and shares in ldap? > > David Bear > College of Public Programs/ASU LDAP is great tool for storing user accounts. User account information includes many differend fields: unix uid, rid, logon path/drive, some dates, flags, etc. It's a kind structure (if you are familiar with C-like programming languages). LDAP server stores account exactly as this structure (groups are also stored in this way, shares - not). It lets you get free of many mapping files, and takes care of password checking. After all ldap works on tree scheme. It helps to organize, to split all people's accounts to as many as you need organizational units in way you need. greets :) Rafa? PS. forgive me any grammar/style mistakes. From vadjan at mail.ru Fri Apr 21 13:06:19 2000 From: vadjan at mail.ru (Vadim Kimlaychuk) Date: Tue Dec 2 02:29:31 2003 Subject: Cannot log in DOMAIN from NT workstation Message-ID: I have samba-tng-2.1. After I've configured smb.conf (it exactly the same as example on www.kneshke.de/../pdc.tar.gz except workgroup) than created trusted account computer_name1$ and user accounts administrator and K2, then added to smbpasswd administrator and K2 , and enabled them and launch smbd -D nmbd -D NT workstation (computer_name1) cannot log in! In log.smb I've found: - administrator password doesn't match LANManager - connection failed. - no trust account for computer_name1$ ????? /KLUG/ From malang at netengine.at Fri Apr 21 14:24:19 2000 From: malang at netengine.at (Oliver Malang) Date: Tue Dec 2 02:29:31 2003 Subject: w2k an 2.0.7pre4 Message-ID: hi all! I recently upgraded my samba server form 2.0.6 to 2.0.7pre4 and my workstation from NT4 to W2K. With my previous configuration i could do domain logons form my NT4 client. I didn't get that working with the new configuration(2.0.7pre4 and w2k). So my question is: should domain logons from W2k to 2.0.7pre4 already work or did I just make a mistake??? thanks. Oliver From rfs at aw.com.pl Fri Apr 21 14:34:55 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:31 2003 Subject: Cannot log in DOMAIN from NT workstation References: Message-ID: <3900670F.BC05D4BF@aw.com.pl> Vadim Kimlaychuk wrote: > > I have samba-tng-2.1. After I've configured smb.conf (it exactly the same as example on www.kneshke.de/../pdc.tar.gz except workgroup) > than created trusted account computer_name1$ and user accounts administrator and K2, then added to smbpasswd administrator and K2 , and enabled them > and launch > smbd -D > nmbd -D > NT workstation (computer_name1) cannot log in! > In log.smb I've found: > - administrator password doesn't match LANManager - connection failed. > - no trust account for computer_name1$ This means that, in some way, computer_name1$ account doesn't exist in private/smbpasswd file. Check whether it exists there exactly in this form (of course without '$' suffix). > ????? > /KLUG/ Rafa? From fridacw at auburn.edu Fri Apr 21 15:06:07 2000 From: fridacw at auburn.edu (Christopher Friday) Date: Tue Dec 2 02:29:31 2003 Subject: Cannot log in DOMAIN from NT workstation Message-ID: Acctually, I think it means that he probably needs to start all the daemons. Chris *************************************************************************** "If I'm right then at least 3 people smarter than I am are wrong." -Dr. Phillips >>> Rafa (B? Szcze*niak 04/21/00 09:44AM >>> Vadim Kimlaychuk wrote: > > I have samba-tng-2.1. After I've configured smb.conf (it exactly the same as example on www.kneshke.de/../pdc.tar.gz except workgroup) > than created trusted account computer_name1$ and user accounts administrator and K2, then added to smbpasswd administrator and K2 , and enabled them > NT workstation (computer_name1) cannot log in! > In log.smb I've found: > - administrator password doesn't match LANManager - connection failed. > - no trust account for computer_name1$ This means that, in some way, computer_name1$ account doesn't exist in private/smbpasswd file. Check whether it exists there exactly in this form (of course without '$' suffix). > ????? > /KLUG/ Rafal From giulioo at pobox.com Fri Apr 21 15:10:39 2000 From: giulioo at pobox.com (Giulio Orsero) Date: Tue Dec 2 02:29:31 2003 Subject: w2k an 2.0.7pre4 In-Reply-To: References: Message-ID: <20000421151101.95A282AF13@i3.golden.dom> On Sat, 22 Apr 2000 00:26:11 +1000, hai scritto: >configuration(2.0.7pre4 and w2k). So my question is: should domain logons >from W2k to 2.0.7pre4 already work or did I just make a mistake??? It should not work, and it won't work in 2.0.7 final. Maybe 2.0.8. -- giulioo@pobox.com From sharpe at ns.aus.com Wed Apr 19 11:07:19 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:31 2003 Subject: w2k an 2.0.7pre4 In-Reply-To: <20000421151101.95A282AF13@i3.golden.dom> References: Message-ID: <3.0.6.32.20000419200719.009d0740@203.16.214.248> At 01:12 AM 4/22/00 +1000, Giulio Orsero wrote: >On Sat, 22 Apr 2000 00:26:11 +1000, hai scritto: > >>configuration(2.0.7pre4 and w2k). So my question is: should domain logons >>from W2k to 2.0.7pre4 already work or did I just make a mistake??? >It should not work, and it won't work in 2.0.7 final. >Maybe 2.0.8. I doubt that it will go into 2.0.8 either. I would watch for 3.0.0. If you really need this functionality, go for Samba TNG >-- >giulioo@pobox.com > Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From p.mayers at ic.ac.uk Fri Apr 21 15:36:41 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:32 2003 Subject: [Fwd: Problems with 2.4.2 - msrpc redirect failed] Message-ID: <39007589.B5528EF@ic.ac.uk> I'm having problems with the 2.4.2 release on RedHat 6.2 [root@gw samba]# ./configure [root@gw samba]# make [root@gw samba]# make install [root@gw samba]# cp scripts/samba-init.d /usr/local/samba [root@gw samba]# cd /usr/local/samba [root@gw samba]# mkdir var [root@gw samba]# mkdir var/private [root@gw samba]# touch var/private/smbpasswd [root@gw samba]# ./samba-init.d start Starting SMB services: smbd nmbd netlogond samrd browserd lsarpcd srvsvcd winregd wkssvcd spoolssd svcctld. [root@gw samba]# bin/rpcclient -S . -U root%password added interface ip=192.168.3.1 bcast=192.168.3.255 nmask=255.255.255.0 [root@.]$ createuser root -p password createuser root -p password SAM Create Domain User Domain: MODEMS Name: root ACB: [U ] Create Domain User: OK [root@.]$ enumusers enumusers SAM Enumerate Users User RID: 3e8 User Name: root [root@.]$ quit quit ================================= = Everything works fine to here = ================================= [root@gw samba]# bin/rpcclient -S gw -U root%password added interface ip=192.168.3.1 bcast=192.168.3.255 nmask=255.255.255.0 Server: \\GW: User: root Domain: Connection: error connecting to 127.0.0.1:445 (Connection refused) session setup ok Domain=[MODEMS] OS=[Unix] Server=[Samba TNG-alpha] OK [root@GW]$ enumusers enumusers cli_nt_session_open: cli_nt_create failed on pipe \samr to machine GW. Error was ERRSRV - ERRacces s (The requester does not have the necessary access rights within the specified context for the reque ncacn_np_use_add: connection failed please use 'lsaquery' first, to ascertain the SID Needless to say, using lsaquery doesn't work. The relevant portion of the log is: got smb length of 89 got message type 0x0 of len 0x59 Transaction 4 of length 93 size=89 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=18433 smb_tid=1 smb_pid=16966 smb_uid=102 smb_mid=1 smt_wct=24 smb_vwv[0]=255 (0xFF) smb_vwv[1]=0 (0x0) smb_vwv[2]=1280 (0x500) smb_vwv[3]=1536 (0x600) smb_vwv[4]=0 (0x0) smb_vwv[5]=0 (0x0) smb_vwv[6]=0 (0x0) smb_vwv[7]=40704 (0x9F00) smb_vwv[8]=513 (0x201) smb_vwv[9]=0 (0x0) smb_vwv[10]=0 (0x0) smb_vwv[11]=0 (0x0) smb_vwv[12]=0 (0x0) smb_vwv[13]=0 (0x0) smb_vwv[14]=0 (0x0) smb_vwv[15]=768 (0x300) smb_vwv[16]=0 (0x0) smb_vwv[17]=256 (0x100) smb_vwv[18]=0 (0x0) smb_vwv[19]=0 (0x0) smb_vwv[20]=0 (0x0) smb_vwv[21]=512 (0x200) smb_vwv[22]=0 (0x0) smb_vwv[23]=0 (0x0) smb_bcc=6 [000] 5C 73 61 6D 72 00 \samr. switch message SMBntcreateX (pid 16967) smb_vwv[18]=0 (0x0) smb_vwv[19]=0 (0x0) smb_vwv[20]=0 (0x0) smb_vwv[21]=512 (0x200) smb_vwv[22]=0 (0x0) smb_vwv[23]=0 (0x0) smb_bcc=6 [000] 5C 73 61 6D 72 00 \samr. switch message SMBntcreateX (pid 16967) lookup user 4247,66 000000 vuid_io_key key 0000 pid : 00004247 0004 vuid: 0066 unbecome_to_initial_uid: 127 become_unix_sec_ctx: 0 0 7 0x80b1258 Setting 0 in 7 groups: 0, 1, 2, 3, 4, 6, 10 become_unix_sec_ctx uid=(0,0) gid=(0,0) vuser=(16967,66) dos_ChDir to /tmp map_create_disposition: Mapped create_disposition 1 to 1 get_filename: data_offset = 87, data_len = 6, fname_len = 5 nt_open_pipe: Opening pipe \samr. nt_open_pipe: Known pipe samr opening. Open pipe requested samr by [16967,66] (pipes_open=0) lookup user 4247,66 000000 vuid_io_key key 0000 pid : 00004247 0004 vuid: 0066 become_root_depth zero: saving 0 0 7 0x80b1258 become_root: 0 0 ncalrpc_l_use_add ncalrpc_l_find: samr [16967,66] ncalrpc_l_find[0]: NETLOGON [16967,65] unbecome_root: 0 0 7 0x80b1258 0, 1, 2, 3, 4, 6, 10 open pipes: msrpc redirect failed error packet at line 519 cmd=162 (SMBntcreateX) eclass=2 ecode=4 size=35 smb_com=0xa2 smb_rcls=2 smb_reh=0 smb_err=4 smb_flg=136 smb_flg2=1 smb_tid=1 smb_pid=16966 smb_uid=102 smb_mid=1 smt_wct=0 smb_bcc=0 To be clear: doing a "net use z: \\gw\root /user:modems\root" works fine - it's the msrpc redirect that's failing (as far as I can tell, for all RPC services). It's failing on a comparison of the string "NETLOGON" to "samr" when trying to identigy the pipe (in ncalrcp_l_find). *But* doing "rpcclient -S . " works OK, which indicates the RPC services are actually sort-of working. Things I have tried: I have all daemons started I have tried deleting the ./var/locks directory and restarting I even tried ./configure.developer, putting a sleep() in after the fork(), attaching xxgdb to the child process and stepping through - it's definitely failing at that point. ncalrpc_l_use_add is returning false because it isn't finding the pipe, and the reuse bool parameter is set to true. Which raises another point - what's the best way of debugging Samba - the read-with-timeout means that my method doesn't work too well, and I don't fancy decoding debug logs, really. Attached is my smb.conf, and I have a full level debug log available if anyone wants it. Cheers, Phil -------------- next part -------------- [global] workgroup = MODEMS server string = Samba Server TNT-2.4.2-Alpha # debug level = 100 printcap name = /etc/printcap load printers = yes log file = /usr/local/samba/var/log.%m max log size = 5000 security = user encrypt passwords = yes smb passwd file = /usr/local/samba/var/private/smbpasswd socket options = TCP_NODELAY interfaces = 192.168.3.1/24 local master = yes os level = 128 domain master = yes preferred master = yes domain logons = yes logon script = scr.bat logon path = \\%L\profiles\%U wins support = yes # Case Preservation can be handy - system default is _no_ # NOTE: These can be set on a per share basis ; preserve case = no ; short preserve case = no # Default case is normally upper case for all DOS files ; default case = lower # Be very careful with case sensitivity - it can break things! ; case sensitive = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no writable = yes # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /samba/netlogon guest ok = yes writable = no share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory [profiles] path = /samba/profiles browseable = no guest ok = yes # This one is useful for people to share files [tmp] comment = Temporary file space path = /tmp read only = no public = yes browseable = yes From moser at egu.schule.ulm.de Fri Apr 21 16:41:10 2000 From: moser at egu.schule.ulm.de (Steffen Moser) Date: Tue Dec 2 02:29:32 2003 Subject: w2k an 2.0.7pre4 References: Message-ID: <390084A6.67A2B9BE@egu.schule.ulm.de> Hello, Oliver Malang wrote: > I didn't get that working with the new > configuration(2.0.7pre4 and w2k). So my question is: should domain logons > from W2k to 2.0.7pre4 already work or did I just make a mistake??? No, you don't have a mistake in your configuration. If you want win2k machines to do domain logons to a samba machine you have to use "samba TNG". Bye, Steffen From pjdc at eircom.net Fri Apr 21 17:52:43 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: Cannot log in DOMAIN from NT workstation In-Reply-To: =?iso-8859-1?q?Rafa=B3_Szcze=B6niak's?= message of "Sat, 22 Apr 2000 00:44:24 +1000" References: <3900670F.BC05D4BF@aw.com.pl> Message-ID: >>>>> "Rafa?" == Rafa? Szcze?niak writes: Rafa?> This means that, in some way, computer_name1$ account Rafa?> doesn't exist in private/smbpasswd file. Check whether it Rafa?> exists there exactly in this form (of course without '$' Rafa?> suffix). Actually, machine trust accounts *do* have the $ when listed in smbpasswd. NT seems to follow a policy of not showing items that terminate in $ (viz, user accounts and shares). The liberal use of $s seems to have been inherited from VMS. Also, note Christopher Friday's comments re starting the daemons. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From rfs at aw.com.pl Fri Apr 21 17:57:02 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:32 2003 Subject: Cannot log in DOMAIN from NT workstation References: <3900670F.BC05D4BF@aw.com.pl> Message-ID: <3900966E.249BD367@aw.com.pl> Paul J Collins wrote: > > >>>>> "Rafa?" == Rafa? Szcze?niak writes: > > Rafa?> This means that, in some way, computer_name1$ account > Rafa?> doesn't exist in private/smbpasswd file. Check whether it > Rafa?> exists there exactly in this form (of course without '$' > Rafa?> suffix). > > Actually, machine trust accounts *do* have the $ when listed in > smbpasswd. That's right. Sorry, my mistake. I thought about [W] flag and forgot about the rest ($). Anyway, thank you for correction :) >NT seems to follow a policy of not showing items that > terminate in $ (viz, user accounts and shares). The liberal use of $s > seems to have been inherited from VMS. > > Also, note Christopher Friday's comments re starting the daemons. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" Rafa? From mjwestkamper at weiinc.com Fri Apr 21 18:38:31 2000 From: mjwestkamper at weiinc.com (Mike Westkamper) Date: Tue Dec 2 02:29:32 2003 Subject: CVS Message-ID: <007401bfabc0$d6e585e0$b0e16420@local> What is a suggested CVS client for Linux and/or NT? Thanks in advance... Mike -------------- next part -------------- HTML attachment scrubbed and removed From timothy_d_cole at md.northgrum.com Fri Apr 21 19:04:04 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:32 2003 Subject: CVS Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F47064@xcgmd008.md.essd.northgrum.com> In the case of Linux, all the distributions I know include a 'cvs' package, which includes a commandline client. It may not be part of the standard install, so you might need to apt-get or install it from the CD manually. see also: http://www.cyclic.com/ > -----Original Message----- > From: Mike Westkamper [SMTP:mjwestkamper@weiinc.com] > Sent: Friday, April 21, 2000 14:40 > To: Multiple recipients of list SAMBA-NTDOM > Subject: CVS > > What is a suggested CVS client for Linux and/or NT? > > Thanks in advance... Mike From kellermg at potsdam.edu Fri Apr 21 19:57:27 2000 From: kellermg at potsdam.edu (Matthew Keller) Date: Tue Dec 2 02:29:32 2003 Subject: CVS References: <007401bfabc0$d6e585e0$b0e16420@local> Message-ID: <3900B2A7.1DCD862@potsdam.edu> > Mike Westkamper wrote: > > What is a suggested CVS client for Linux and/or NT? For NT I use WinCVS (wincvs.org I think) -- It's "cute" and "fluffy" but it works. -- - Matthew Keller - Lead Programmer/Analyst Distributed Computing and Telemedia Information Services Division State University of New York at Potsdam Web: http://mattwork.potsdam.edu/ PGP: http://mattwork.potsdam.edu/crypto/ From giovanni.affuso at almaitalia.it Fri Apr 21 20:40:40 2000 From: giovanni.affuso at almaitalia.it (Affuso Giovanni) Date: Tue Dec 2 02:29:32 2003 Subject: Problem in compiling Samba-CVS Message-ID: <4.3.2.20000421223951.00d24d70@10.0.0.1> Hi, I have the seguent problem in the compiling the last version of samba CVS lib/interface.o: In function `add_interface': lib/interface.o(.text+0xb0): undefined reference to `ip_equal' lib/interface.o: In function `interpret_interface': lib/interface.o(.text+0x2d4): undefined reference to `ip_equal' lib/interface.o: In function `ismyip': lib/interface.o(.text+0x695): undefined reference to `ip_equal' make: *** [bin/smbd] Error 1 Please, can you give me the istructions for download the TGN version of samba? Thanks for help. Giovanni Affuso Responsabile E.D.P. Alma Italia S.r.l. c.so Vercelli 387, Torino tel. 0112620388 fax. 0112624308 mailto:giovanni.affuso@almaitalia.it From mailing at lastminutetour.com Fri Apr 21 20:57:24 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:32 2003 Subject: somethig wrong on the faq Message-ID: <20000421225724.A32045@giove.lastminutetour.com> Hi all, i've readed the faq for domain http://us1.samba.org/samba/docs/ntdom_faq/page4.html#4-3-1, and i'm very interested in this opportunities, local group map, and the other administratio feature for domain logons.But, with my 2.0.6 version, these parmatere are not recognized....it si possible to use them??? thanks From pjdc at eircom.net Fri Apr 21 21:08:29 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: Problem in compiling Samba-CVS In-Reply-To: Affuso Giovanni's message of "Sat, 22 Apr 2000 06:39:55 +1000" References: <4.3.2.20000421223951.00d24d70@10.0.0.1> Message-ID: >>>>> "Affuso" == Affuso Giovanni writes: Affuso> Please, can you give me the istructions for download the Affuso> TGN version of samba? Alpha releases of Samba TNG can be found on the Samba FTP site and its mirrors. The releases will usually compile (mainly because Luke does a release after a batch of changes), unlike CVS, which could be undergoing changes at the time that you check out a tree. Try ftp://ftp.samba.org/pub/samba/alpha , although using a mirror would be preferable. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mg at plum.de Fri Apr 21 23:01:08 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:32 2003 Subject: TNG > 2.2 Problems Message-ID: <3900DDB4.DAE1A2A@plum.de> Hi, I did a "field test" with TNG today, and I ran into a couple of problems. Setup: linux intel/rh 6.2/glibc2.1, 10x NT4.0 SP 5 TNG set up similar to that in the FAQ, is WINS-server, nmbd logs domain master ok. When I do a "smbclient -L server" I get a segfault in smbd. I did test it with 2.2, 2.3, 2.4, 2.4.1, 2.4.2 (yes, the machine compiles fast ;) Only 2.2 does it right, starting with 2.3 i get the segfault: Program received signal SIGSEGV, Segmentation fault. 0x805eafe in api_RNetShareEnum (conn=0x80ad398, vuid=100, param=0x80ad370 "", data=0x0, mdrcnt=65535, mprcnt=1024, rdata=0xbffffa8c, rparam=0xbffffa88, rdata_len=0xbffffa84, rparam_len=0xbffffa80) at smbd/lanman.c:1696 1696 sh2.info2_hdr = *ctr.share.info2.info_2[i]; #0 0x805eafe in api_RNetShareEnum (conn=0x80ad398, vuid=100, param=0x80ad370 "", data=0x0, mdrcnt=65535, mprcnt=1024, rdata=0xbffffa8c, rparam=0xbffffa88, rdata_len=0xbffffa84, rparam_len=0xbffffa80) at smbd/lanman.c:1696 #1 0x8062d12 in api_reply (conn=0x80ad398, vuid=100, outbuf=0x80c6999 "", data=0x0, params=0x80ad370 "", tdscnt=0, tpscnt=19, mdrcnt=65535, mprcnt=1024) at smbd/lanman.c:3725 #2 0x805a2d9 in named_pipe (conn=0x80ad398, vuid=100, outbuf=0x80c6999 "", name=0xbffffbda "LANMAN", setup=0x0, data=0x0, params=0x80ad370 "", suwcnt=0, tdscnt=0, tpscnt=19, msrcnt=0, mdrcnt=65535, mprcnt=1024) at smbd/ipc.c:366 #3 0x805acec in reply_trans (conn=0x80ad398, inbuf=0x80b6591 "", outbuf=0x80c6999 "", size=99, bufsize=17408) at smbd/ipc.c:555 #4 0x8084d05 in switch_message (type=37, inbuf=0x80b6591 "", outbuf=0x80c6999 "", size=99, bufsize=17408) at smbd/process.c:550 #5 0x8084dc0 in construct_reply (inbuf=0x80b6591 "", outbuf=0x80c6999 "", size=99, bufsize=17408) at smbd/process.c:582 #6 0x8084fa7 in process_smb (inbuf=0x80b6591 "", outbuf=0x80c6999 "") at smbd/process.c:656 #7 0x80859a8 in smbd_process () at smbd/process.c:1004 #8 0x8051889 in main (argc=2, argv=0xbffffd84) at smbd/server.c:784 So, the problem lies somewhere in lanman.c the section at 1690 has changed quite a bit from 2.2 to 2.3. So, I did continue testing 2.2, and run into a couple of more problems: a) During logon screen, when I enter a wrong password, it takes VERY long time to verify, then I get something like "cannot log in to domain ... error code C0000253". The strange thing is, that ALL following logins fail with a simmilar message, but with error nr# C0000037 b) sometimes the profiles are written as root, sometimes as user. That leads to many problems using profiles ;) but outsourcing them to a 2.0.7pre4 server works fine ;) c) When I try to change the password I sometimes get the error "cant change password, error c00000BE" d) sometimes NT tells me it can't find domain controller, usually after logging of one user. TNG is wins-server, client is registered, etc. did not look any further into this one yet. too tired ;) This can only be cured with a reboot of NT, then everything works fine again. TIA, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From mg at plum.de Fri Apr 21 23:04:41 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:32 2003 Subject: w2k an 2.0.7pre4 References: <20000421151101.95A282AF13@i3.golden.dom> Message-ID: <3900DE89.DA88CB52@plum.de> Giulio Orsero wrote: > > On Sat, 22 Apr 2000 00:26:11 +1000, hai scritto: > > >configuration(2.0.7pre4 and w2k). So my question is: should domain logons > >from W2k to 2.0.7pre4 already work or did I just make a mistake??? > It should not work, and it won't work in 2.0.7 final. > Maybe 2.0.8. no, I think TNG is the only version that can act as a login server for 2k IIRC. regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From pjdc at eircom.net Fri Apr 21 23:11:19 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: somethig wrong on the faq In-Reply-To: Mailing Manager's message of "Sat, 22 Apr 2000 06:59:33 +1000" References: <20000421225724.A32045@giove.lastminutetour.com> Message-ID: >>>>> "Mailing" == Mailing Manager writes: Mailing> Hi all, i've readed the faq for domain Mailing> http://us1.samba.org/samba/docs/ntdom_faq/page4.html#4-3-1, Mailing> and i'm very interested in this opportunities, local Mailing> group map, and the other administratio feature for domain Mailing> logons.But, with my 2.0.6 version, these parmatere are Mailing> not recognized....it si possible to use them??? That FAQ refers to a development version of Samba, called Samba-TNG. Those features are not present in version 2.0 of Samba. If you wish to try out Samba TNG, you can download it from the alpha directory of any Samba FTP mirror, but please note that it is not yet ready for production use and is under heavy development. When it is finished, it will allow you to run a Unix-based NT network consisting of multiple domains, each domain having a PDC and BDCs. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri Apr 21 23:30:12 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain Message-ID: Luke: is NetEnumTrustedDomains still being worked on? The mirror I was using picked up 2.4.2 a day or two after release. Anyway. Created yet another domain, this one called TOMATO. Less to report this time, as I cannot even join my workstation, GENUA to the domain. I don't see any obvious errors in the Samba logs, but the NT box reports that it is "Unable to update local security in order to join domain". I find this weird; adding NT workstations to domains is part of my daily work, and generally the only time it fails is if the trust account already exists. I have enabled all failure auditing on the workstation, but nothing shows up in the event log. I have saved the log.lsarpc that is generated after hitting enter having entered the domain name in the Network dialog, but I have skimmed it looking for errors (*obvious* errors :) but, nothing. I see plenty of messages referring to the wks trust account (GENUA$) being valid, so could my workstation be hosed? Since I can't sleep, I'll reinstall, just for kicks. :-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri Apr 21 23:50:34 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Paul J Collins's message of "Sat, 22 Apr 2000 09:26:51 +1000" References: Message-ID: >>>>> "Paul" == Paul J Collins writes: Paul> workstation, GENUA to the domain. I don't see any obvious Paul> errors in the Samba logs, but the NT box reports that it is Paul> "Unable to update local security in order to join domain". I just looked up this message in the KB, and I found article Q178635, which specifially refers to trusted domain-related problems with a tool called NETDOM. This is what it says: Windows NT maintains a list of trusted domains. For a workstation, this list contains only one element, the domain of which the workstation is a member. I understand this part. Prior to version 1.7, NETDOM was not aware of the trusted domain under a domain member. Thereby the GUI checks this information before changing domain. The first sentence of this paragraph doesn't make much sense to me. Is it garbage, or is it correct but written very badly? The only possible meaning I can glean from it is that the problem is related to the fact that my workstation was previously in another domain. If this "thinking out loud" is annoying you all, please do say. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jweber at math.cudenver.edu Sat Apr 22 01:01:20 2000 From: jweber at math.cudenver.edu (John Weber) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Message-ID: Hi, I've run into this problem in my alternate test setup and I can't figure out the difference between this and my main test setup. I'm using tng 2.4 and 2.4.2 on may main and just today installed 2.4 on the alternate. I've had to unjoin the domain and then reboot to get NT4 workstations to join a new domain, but it doesn't work with my latest (alternate) install. My main install is working OK as far as joining, but suffers some of the problems noted just a few hours ago by Michael Glauche. (included with comments after Paul J Collins message). Now you got me thinking out loud, but I like to know others are having the same problems. I'm using vmware RH6.1 server and vmware NT4SP6 clients in my main setup and RH6.1 host machine and vmware NT4SP6 clients in my alternate setup. John S. Weber System Administrator Center for Computational Mathematics University of Colorado at Denver Phone: (303)556-5394 Fax: (303)556-8550 jweber@math.cudenver.edu http://www-math.cudenver.edu/~jweber On Sat, 22 Apr 2000, Paul J Collins wrote: > >>>>> "Paul" == Paul J Collins writes: > > Paul> workstation, GENUA to the domain. I don't see any obvious > Paul> errors in the Samba logs, but the NT box reports that it is > Paul> "Unable to update local security in order to join domain". > > I just looked up this message in the KB, and I found article Q178635, > which specifially refers to trusted domain-related problems with a > tool called NETDOM. > > This is what it says: > > Windows NT maintains a list of trusted domains. For a workstation, > this list contains only one element, the domain of which the > workstation is a member. > > I understand this part. > > Prior to version 1.7, NETDOM was not aware of the trusted domain > under a domain member. Thereby the GUI checks this information > before changing domain. > > The first sentence of this paragraph doesn't make much sense to me. > Is it garbage, or is it correct but written very badly? The only > possible meaning I can glean from it is that the problem is related to > the fact that my workstation was previously in another domain. > > If this "thinking out loud" is annoying you all, please do say. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > On Sat, 22 Apr 2000, Michael Glauche wrote: > So, I did continue testing 2.2, and run into a couple of more problems: > a) During logon screen, when I enter a wrong password, it takes VERY > long > time to verify, then I get something like "cannot log in to domain ... > error code > C0000253". > The strange thing is, that ALL following logins fail with a simmilar > message, but > with error nr# C0000037 This I noticed with tng 2.4 > > b) sometimes the profiles are written as root, sometimes as user. That > leads to many > problems using profiles ;) but outsourcing them to a 2.0.7pre4 server > works fine ;) I noticed profile problems when copying the profiles from 2.4 install to 2.4.2 > > c) When I try to change the password I sometimes get the error "cant > change password, > error c00000BE" Didn't try this. > > d) sometimes NT tells me it can't find domain controller, usually after > logging > of one user. TNG is wins-server, client is registered, etc. did not look > any further > into this one yet. too tired ;) Noticed with tng 2.4.2. It does let users to log in, but then claims it can't find domain controller. > This can only be cured with a reboot of NT, then everything works fine > again. True. > > TIA, > Michael > -- > Samba Information HQ (in german) > http://www.sambahq.de/ > From mailing at lastminutetour.com Sat Apr 22 04:49:28 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:32 2003 Subject: somethig wrong on the faq In-Reply-To: ; from pjdc@eircom.net on Sat, Apr 22, 2000 at 09:08:27AM +1000 References: <20000421225724.A32045@giove.lastminutetour.com> Message-ID: <20000422064928.A14806@giove.lastminutetour.com> i all, well to know.In fact i'm interested in having multiple domain, actually i have a single domain and logons and prfoiles are ok, but the number of system and offices is growign, so to have a big list of hosts in the wins lists is not so good, divide the domain in subdomain will be a solution. With the actual 2.0.6 version, what i can do for this??? thanks From mailing at lastminutetour.com Sat Apr 22 04:53:50 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:32 2003 Subject: a pdc and something far from it Message-ID: <20000422065350.B14806@giove.lastminutetour.com> Hi all, i'm going to find a solution to this problem: Central headquarter with a samba server configured as a PDC, with netlogon etc etc. External office connected via leased line with a bdc (or something else) taha will cache only the files (homes, profiles) and authorized the clients (smbpasswd centrlly on the pdc). Waht kind of configuration i will have on the external office?? I have the pdc working well, but i'm afraid that when a user with a big profiles will logogn form the external offices , everytime the nt clients will copy the profiles and other files form th ecentral samba...this will be very bad!! Someone have encountered a similar operating situation?? what can yi do for minimze the necessity to copy files from one server to th eother and let the sambas works well with the profiles and homes files?? thanks From arielez at cs.huji.ac.il Sat Apr 22 08:37:56 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Message-ID: If anyone is interested, I am also getting this error ("unable to update local security ...) with 2.4.2. I can send the logs if someone is interested. On Sat, 22 Apr 2000, Paul J Collins wrote: | | Luke: is NetEnumTrustedDomains still being worked on? | | The mirror I was using picked up 2.4.2 a day or two after release. | | Anyway. Created yet another domain, this one called TOMATO. Less to | report this time, as I cannot even join my workstation, GENUA to the | domain. I don't see any obvious errors in the Samba logs, but the NT | box reports that it is "Unable to update local security in order to | join domain". I find this weird; adding NT workstations to domains is | part of my daily work, and generally the only time it fails is if the | trust account already exists. | | I have enabled all failure auditing on the workstation, but nothing | shows up in the event log. | | I have saved the log.lsarpc that is generated after hitting enter | having entered the domain name in the Network dialog, but I have | skimmed it looking for errors (*obvious* errors :) but, nothing. | | I see plenty of messages referring to the wks trust account (GENUA$) | being valid, so could my workstation be hosed? Since I can't sleep, | I'll reinstall, just for kicks. :-) | | Paul. | | -- | Paul Collins - - - - - [ A&P,a&f ] | GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD | PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C | "Linux: it's just this operating system, you know?" | | | From icoupeau at unav.es Sat Apr 22 11:14:32 2000 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-2.x --with-ldap && PDC broken? Message-ID: <39018998.D9961AE4@unav.es> For several hours I have tested the TNG with-ldap stuff. I found that the account maintenance via samedit runs with the ldap: 1. can add an ws account 2. can add an user account 3. can change an user passwd with smbpasswd the ldap logs a lot and fine. the bad things are these: 1. can't join a ws to the domain 2. can't use the samedit/use nor smbclient... the ldap says nothing... I think the private/smbpasswd is used instead the ldap database... The error I found is that the logon process don't ask __nothing__ to the ldap, instead, the error messages: > LSA_OPENSECRET..:/_lsa_open_secret failed with 0xc0000034; > SMB LM/NT Password did not match! > error packet at line 749 cmd=115 (SMBsesssetupX) eclass=2 ecode=2 become ubiquitous. Any help/suggestion ? Thanks. PS: below, I append a test (long): ---------------------------------------------------------------------------- The samrd is running... and all the *d and the private/smbpasswd exists... but if I use ldap... Tested with TNG 2.2 and 2.4.2 Linux kernel 2.2.10 the smb.conf is OK: > ldap suffix = "o=SMB-Universidad de Navarra, c=ES" > ldap bind as = "uid=root, o=SMB-Universidad de Navarra, c=ES" > ldap passwd file = /usr/local/etc/samba/private/ldappasswd > #ldap server = localhost > ldap server = bilbo > ldap port = 389 ... [root@bilbo bin]# samedit -S . -U root added interface ip=159.237.12.42 bcast=159.237.12.255 nmask=255.255.255.0 Enter Password: ... [root@.]$ createuser CTI-PORTATIL$ createuser CTI-PORTATIL$ socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused SAM Create Domain User Domain: CTI-SMB-DEV Name: cti-portatil$ ACB: [W ] Resetting Trust Account to insecure, initial, well-known value: "cti-portatil" CTI-PORTATIL can now be joined to the domain, which should be done on a private, secure network as soon as possible socket connect to /tmp/.msrpc/.samr/agent failed: Connection refused Create Domain User: OK ----- the log yields: remove on /usr/local/etc/samba/var/locks/.msrpc/svcctl failed TODO: verify that the rid exists TODO: verify that the rid exists Changed root to / --- Of course, the ldap account is created: [root@bilbo openldap]# sh samba-search "uid=CTI-PORT*" dn: uid=CTI-PORTATIL$, o=SMB-Universidad de Navarra, c=ES objectclass: sambaAccount uid: CTI-PORTATIL$ uidnumber: 515 ntuid: cti-portatil$ rid: 55e7 lmpassword: 15E26A2E30265B2E1113404FD56A01A4 ntpassword: BD07481A531FD209CF0EE276C5E41201 pwdlastset: 3901715D acctflags: [W ] gidnumber: 100 grouprid: 579 cn: desarrollo-WS pwdcanchange: 3901715B pwdmustchange: 00000000 logontime: 00000000 logofftime: 00000000 kickofftime: 00000000 ------------------------------------------------------- When I try to add the machine to the domain.... yields: ------------------------------------------------------- Changed root to / netbios connect: name1=BILBO name2=CTI-PORTATIL authorise_login: TODO. split function, it's 6 levels! socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: _lsa_open_secret failed with 0xc0000034 socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: _lsa_open_secret failed with 0xc0000034 Changed root to / netbios connect: name1=BILBO name2=CTI-PORTATIL socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: SMB LM/NT Password did not match! Closing connections _lsa_open_secret failed with 0xc0000034 Changed root to / netbios connect: name1=BILBO name2=CTI-PORTATIL authorise_login: TODO. split function, it's 6 levels! socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: _lsa_open_secret failed with 0xc0000034 socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: _lsa_open_secret failed with 0xc0000034 socket connect to /tmp/.msrpc/.wkssvc/agent failed: Connection refused socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused _lsa_open_secret: couldn't open secret_db. Possible attack? uid=0, gid=0, euid=99, egid=99 _lsa_open_secret failed with 0xc0000022 Closing connections Changed root to / netbios connect: name1=BILBO name2=CTI-PORTATIL socket connect to /tmp/.msrpc/.lsarpc/agent failed: Connection refused LSA_OPENSECRET: Closing connections _lsa_open_secret failed with 0xc0000034 ----- but the NT says "can't connect to the controler for this domain..." and the LDAP with -d 255 says nothing: none bind is received. -- ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: 948 425619 University of Navarra voice: 948 425600 Pamplona, SPAIN http://www.unav.es/cti/ From verzachris at hotmail.com Sat Apr 22 15:14:30 2000 From: verzachris at hotmail.com (verdelli christian) Date: Tue Dec 2 02:29:32 2003 Subject: Log Problem with Ldap Message-ID: <20000422151430.124.qmail@hotmail.com> I have posted this questions more than one time on samba-ntdom but I never had an answer so I mailed directly to you. I run samba with Ldap, and I have only two users inside the Ldap-Samba directory tree, chris & usernt1. When I try to connect with "smbclient \\\\mycomp\\tmp -U chris" it works fine, but using "smbclient \\\\mycomp\\tmp -U usernt1", the Ldap search filter gives back root yet. This is the log file: ############ Using smbclient \\\\mycomp\\tmp -U chris ############ Doing \PIPE\netlogon api_rpc_command: NET_AUTH2 Doing \PIPE\netlogon api_rpc_command: NET_SAMLOGON SAM Logon (Network). Domain:[CHRIS]. User:[chris] Getting policy vuser_key pnum=3 pid=680 vuid=65 Setting policy sid=S-1-5-21-1852284026-3327323809-4032907042 policy(pnum=4 ): Setting policy state Service setting policy sid=S-1-5-21-1852284026-3327323809-4032907042 policy(pnum=4 ): Getting policy state Getting policy sid=S-1-5-21-1852284026-3327323809-4032907042 Connected to LDAP server Searching in [ou=People, o=zeropiu.it] for [(&(ntuid=chris)(objectclass=sambaAccount))] 2 matching entries found get: [uid] = [chris] Retrieving account [chris] get: [uidNumber] = [16] get: [ntuid] = [chris] get: [rid] = [3e8] get: [acctFlags] = [[ ]] get: [lmPassword] = [C0A67821CC8A224EAAD3B435B51404EE] get: [ntPassword] = [865C340931C1F8BEB094CD1DBA590013] get: [pwdLastSet] = [38FF1930] Connection closed unix_name_to_nt_name_info: Get_Pwnam for user Administratorfailed. Error was No such file or directory. policy(pnum=4 ): Getting policy state Getting policy sid=S-1-5-21-1852284026-3327323809-4032907042 Connected to LDAP server Searching in [ou=People, o=zeropiu.it] for [(&(rid=3e8)(objectclass=sambaAccount))] 2 matching entries found get: [uid] = [chris] Retrieving account [chris] get: [uidNumber] = [16] get: [ntuid] = [chris] get: [rid] = [3e8] get: [acctFlags] = [[ ]] get: [lmPassword] = [C0A67821CC8A224EAAD3B435B51404EE] get: [ntPassword] = [865C340931C1F8BEB094CD1DBA590013] get: [pwdLastSet] = [38FF1930] Connection closed Getting policy vuser_key pnum=4 pid=680 vuid=65 TODO: verify that the rid exists Setting policy sid=S-1-5-21-1852284026-3327323809-4032907042-1000 policy(pnum=5 ): Setting policy state ############ until here it's al OK ############# ########### With smbclient \\\\mycomp\\tmp -U usernt1 ######## Doing \PIPE\netlogon api_rpc_command: NET_AUTH2 Doing \PIPE\netlogon api_rpc_command: NET_SAMLOGON SAM Logon (Network). Domain:[CHRIS]. User:[usernt1] Getting policy vuser_key pnum=3 pid=696 vuid=67 Setting policy sid=S-1-5-21-1852284026-3327323809-4032907042 policy(pnum=4 ): Setting policy state Service setting policy sid=S-1-5-21-1852284026-3327323809-4032907042 policy(pnum=4 ): Getting policy state Getting policy sid=S-1-5-21-1852284026-3327323809-4032907042 Connected to LDAP server Searching in [ou=People, o=zeropiu.it] for [(&(ntuid=usernt1)(objectclass=sambaAccount))] 2 matching entries found get: [uid] = [chris] Retrieving account [chris] get: [uidNumber] = [16] get: [ntuid] = [chris] get: [rid] = [3e8] get: [acctFlags] = [[ ]] get: [lmPassword] = [C0A67821CC8A224EAAD3B435B51404EE] get: [ntPassword] = [865C340931C1F8BEB094CD1DBA590013] get: [pwdLastSet] = [38FF1930] Connection closed unix_name_to_nt_name_info: Get_Pwnam for user Administratorfailed. Error was No such file or directory. policy(pnum=4 ): Getting policy state Getting policy sid=S-1-5-21-1852284026-3327323809-4032907042 Connected to LDAP server Searching in [ou=People, o=zeropiu.it] for [(&(rid=3e8)(objectclass=sambaAccount))] 2 matching entries found get: [uid] = [chris] Retrieving account [chris] get: [uidNumber] = [16] get: [ntuid] = [chris] get: [rid] = [3e8] get: [acctFlags] = [[ ]] get: [lmPassword] = [C0A67821CC8A224EAAD3B435B51404EE] get: [ntPassword] = [865C340931C1F8BEB094CD1DBA590013] get: [pwdLastSet] = [38FF1930] Connection closed Getting policy vuser_key pnum=4 pid=696 vuid=67 TODO: verify that the rid exists Setting policy sid=S-1-5-21-1852284026-3327323809-4032907042-1000 policy(pnum=5 ): Setting policy state Service setting policy sid=S-1-5-21-1852284026-3327323809-4032907042-1000 ######################################################################## The problem is that the search filter : [(&(ntuid= -user_name- )(objectclass=sambaAccount))] gives always back the same user (the first I add). ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From rfs at poczta.fm Sat Apr 22 20:02:27 2000 From: rfs at poczta.fm (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:32 2003 Subject: LDAP status Message-ID: <39020553.E6017089@poczta.fm> hi Does anybody know, what's the current status of LDAP in samba-tng and samba-main ? Last time i read sth about it in email from Ignacio Coupeau (very sorry, if i didn't write your name correctly). Any changes ? Fixes ? Something new ? Need help ? I like the idea of using ldap with samba, so if i can be useful ... thx in advance :) Rafa? From lars at kneschke.de Sat Apr 22 20:49:19 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:32 2003 Subject: samba tng is not compileable(latest cvs version) Message-ID: <3902104F.CEC0192C@kneschke.de> [root@knecke source]# make Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba_tng/var" -DSMBLOGFILE="/opt/samba_tng/var/log.smb" -DNMBLOGFILE="/opt/samba_tng/var/log.nmb" -DCONFIGFILE="/opt/samba_tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba_tng/lib/lmhosts" -DSWATDIR="/opt/samba_tng/swat" -DSBINDIR="/opt/samba_tng/sbin" -DLOCKDIR="/opt/samba_tng/var/locks" -DSMBRUN="/opt/samba_tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba_tng/lib/codepages" -DDRIVERFILE="/opt/samba_tng/lib/printers.def" -DBINDIR="/opt/samba_tng/bin" -DFORMSFILE="/opt/samba_tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba_tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba_tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba_tng/private/smbpasswd" -DSAM_DIR="/opt/samba_tng/sam" -DSMB_PASSGRP_FILE="/opt/samba_tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba_tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba_tng/private/smbalias" Using LIBS = -lreadline -ldl -lcrypt Compiling smbd/ipc.c smbd/ipc.c: In function `api_WNPHS': smbd/ipc.c:205: `param_len' undeclared (first use in this function) smbd/ipc.c:205: (Each undeclared identifier is reported only once smbd/ipc.c:205: for each function it appears in.) smbd/ipc.c: In function `api_SNPHS': smbd/ipc.c:229: `param_len' undeclared (first use in this function) make: *** [smbd/ipc.o] Error 1 OS: Linux Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From striker at samba.org Sat Apr 22 22:26:19 2000 From: striker at samba.org (Sander Striker) Date: Tue Dec 2 02:29:32 2003 Subject: samba tng is not compileable(latest cvs version) References: <3902104F.CEC0192C@kneschke.de> Message-ID: <000d01bfaca9$c85000c0$1e00a8c0@office.striker.nl> Right. Luke broke it yesterday. Expect it to be fixed soon. I'm running a compile test every four hours, with the results being mailed off to Luke, so if it doesn't compile on a linux system he should know by now :-) Check out thursdays version to play with, because I suspect you need it to test some things for the update of the FAQ. Sander From p.mayers at ic.ac.uk Sat Apr 22 23:49:31 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:32 2003 Subject: [Fwd: Problems with 2.4.2 - msrpc redirect failed] References: <39007589.B5528EF@ic.ac.uk> <20000422141814.A14842@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <39023A8B.2D7F7E49@ic.ac.uk> I didn't truncate the log - it must have been samba. I think it would be incorrect to say *any* RPC stuff worked. The offending bit of code is in smbd, and all RPC-related functions fail. For example: double clicking on the server in Network Neighbourhood returns a "the server service is not started" error, but mapping drives directly works. However - the suggested fix worked. Thanks a lot! Cheers, Phil Elrond wrote: > > > I checked a little around for all this reuse-stuff, it's > more Lukes stuff, but it looks like reuse should be False, > so, please try this: > In rpc_server/srv_pipe_hnd.c, round line 126: > Replace: > m = ncalrpc_l_use_add(pipe_name, key, True, &is_new); > with: > m = ncalrpc_l_use_add(pipe_name, key, False, &is_new); > > I'm not going to change this in CVS, cause I don't know > enough about the reuse-stuff. So if this helps, it would be > nice, if you could inform Luke and me, so we/I can fix > this. > From lars at kneschke.de Sun Apr 23 06:59:03 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:32 2003 Subject: AW: samba tng is not compileable(latest cvs version) In-Reply-To: <000d01bfaca9$c85000c0$1e00a8c0@office.striker.nl> Message-ID: > -----Urspr?ngliche Nachricht----- > Von: Sander Striker [mailto:striker@samba.org] > Gesendet: Sonntag, 23. April 2000 00:26 > An: lars@kneschke.de > Cc: samba-ntdom@samba.org > Betreff: Re: samba tng is not compileable(latest cvs version) > > > Right. Luke broke it yesterday. Expect it to be fixed soon. > I'm running a compile test every four hours, with the results being > mailed off to Luke, so if it doesn't compile on a linux system he should > know by now :-) > Check out thursdays version to play with, because I suspect you need it > to test some things for the update of the FAQ. Yes. I want to update the FAQ. And it would make things easier for me, if i have a working Samba TNG! :-) I'll watch the cvs log's. I wish all people much fun with the easter hare! :-) Cu From lkcl at samba.org Sun Apr 23 08:28:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: TNG > 2.2 Problems In-Reply-To: <3900DDB4.DAE1A2A@plum.de> Message-ID: thanks! On Sat, 22 Apr 2000, Michael Glauche wrote: > Hi, > I did a "field test" with TNG today, and I ran into a couple of > problems. > Setup: linux intel/rh 6.2/glibc2.1, 10x NT4.0 SP 5 > TNG set up similar to that in the FAQ, is WINS-server, nmbd > logs domain master ok. > > When I do a "smbclient -L server" I get a segfault in smbd. > > I did test it with 2.2, 2.3, 2.4, 2.4.1, 2.4.2 (yes, the machine > compiles fast ;) > Only 2.2 does it right, starting with 2.3 i get the segfault: > Program received signal SIGSEGV, Segmentation fault. > 0x805eafe in api_RNetShareEnum (conn=0x80ad398, vuid=100, > param=0x80ad370 > "", > data=0x0, mdrcnt=65535, mprcnt=1024, rdata=0xbffffa8c, > rparam=0xbffffa88, > rdata_len=0xbffffa84, rparam_len=0xbffffa80) at smbd/lanman.c:1696 > 1696 sh2.info2_hdr = *ctr.share.info2.info_2[i]; > > #0 0x805eafe in api_RNetShareEnum (conn=0x80ad398, vuid=100, > param=0x80ad370 "", data=0x0, mdrcnt=65535, mprcnt=1024, > rdata=0xbffffa8c, > rparam=0xbffffa88, rdata_len=0xbffffa84, rparam_len=0xbffffa80) > at smbd/lanman.c:1696 > #1 0x8062d12 in api_reply (conn=0x80ad398, vuid=100, outbuf=0x80c6999 > "", > data=0x0, params=0x80ad370 "", tdscnt=0, tpscnt=19, mdrcnt=65535, > mprcnt=1024) at smbd/lanman.c:3725 > #2 0x805a2d9 in named_pipe (conn=0x80ad398, vuid=100, outbuf=0x80c6999 > "", > name=0xbffffbda "LANMAN", setup=0x0, data=0x0, params=0x80ad370 "", > suwcnt=0, tdscnt=0, tpscnt=19, msrcnt=0, mdrcnt=65535, mprcnt=1024) > at smbd/ipc.c:366 > #3 0x805acec in reply_trans (conn=0x80ad398, inbuf=0x80b6591 "", > outbuf=0x80c6999 "", size=99, bufsize=17408) at smbd/ipc.c:555 > #4 0x8084d05 in switch_message (type=37, inbuf=0x80b6591 "", > outbuf=0x80c6999 "", size=99, bufsize=17408) at smbd/process.c:550 > #5 0x8084dc0 in construct_reply (inbuf=0x80b6591 "", outbuf=0x80c6999 > "", > size=99, bufsize=17408) at smbd/process.c:582 > #6 0x8084fa7 in process_smb (inbuf=0x80b6591 "", outbuf=0x80c6999 "") > at smbd/process.c:656 > #7 0x80859a8 in smbd_process () at smbd/process.c:1004 > #8 0x8051889 in main (argc=2, argv=0xbffffd84) at smbd/server.c:784 > > So, the problem lies somewhere in lanman.c the section at 1690 has > changed > quite a bit from 2.2 to 2.3. > > So, I did continue testing 2.2, and run into a couple of more problems: > a) During logon screen, when I enter a wrong password, it takes VERY > long > time to verify, then I get something like "cannot log in to domain ... > error code > C0000253". > The strange thing is, that ALL following logins fail with a simmilar > message, but > with error nr# C0000037 > > b) sometimes the profiles are written as root, sometimes as user. That > leads to many > problems using profiles ;) but outsourcing them to a 2.0.7pre4 server > works fine ;) > > c) When I try to change the password I sometimes get the error "cant > change password, > error c00000BE" > > d) sometimes NT tells me it can't find domain controller, usually after > logging > of one user. TNG is wins-server, client is registered, etc. did not look > any further > into this one yet. too tired ;) > This can only be cured with a reboot of NT, then everything works fine > again. > > TIA, > Michael > -- > Samba Information HQ (in german) > http://www.sambahq.de/ > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sun Apr 23 08:29:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Message-ID: On Sat, 22 Apr 2000, Paul J Collins wrote: > > Luke: is NetEnumTrustedDomains still being worked on? it looked fine to me. From lkcl at samba.org Sun Apr 23 09:26:06 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: [Fwd: Problems with 2.4.2 - msrpc redirect failed] In-Reply-To: <39023A8B.2D7F7E49@ic.ac.uk> Message-ID: On Sun, 23 Apr 2000, Phil Mayers wrote: > I didn't truncate the log - it must have been samba. > > I think it would be incorrect to say *any* RPC stuff worked. The > offending bit of code is in smbd, and all RPC-related functions fail. fixed. From pjdc at eircom.net Sun Apr 23 14:16:26 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Paul J Collins's message of "Sat, 22 Apr 2000 09:26:51 +1000" References: Message-ID: >>>>> "Paul" == Paul J Collins writes: Paul> I see plenty of messages referring to the wks trust account Paul> (GENUA$) being valid, so could my workstation be hosed? I believe I was wrong here. I get the following in log.smb after the "wks trust valid" line: domain_client_validate: wks trust valid:GENUA$ 32 bit error packet at line 481 cmd=115 (SMBsesssetupX) eclass=c0000199 [Error: Unknown error (153,49152)] error string = No such file or directory size=35 smb_com=0x73 smb_rcls=153 smb_reh=1 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 I deserve a clout with the clue-stick for missing that. Paul> Since I can't sleep, I'll reinstall, just for kicks. :-) I did the reinstall of NT4.0 with SP4, and I still get the same result upon trying to join the domain. I tried it with client and server schannel set to both no and yes, still the same result: "Unable to update local security in order to join the domain". Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Sun Apr 23 15:04:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: TNG-alpha 2.4.2: can't join domain In-Reply-To: Message-ID: it still broken i workin on it. On Mon, 24 Apr 2000, Paul J Collins wrote: > >>>>> "Paul" == Paul J Collins writes: > > Paul> I see plenty of messages referring to the wks trust account > Paul> (GENUA$) being valid, so could my workstation be hosed? > > I believe I was wrong here. I get the following in log.smb after the > "wks trust valid" line: > > domain_client_validate: wks trust valid:GENUA$ > 32 bit error packet at line 481 cmd=115 (SMBsesssetupX) eclass=c0000199 [Error: Unknown error (153,49152)] > error string = No such file or directory > size=35 > smb_com=0x73 > smb_rcls=153 > smb_reh=1 > smb_err=49152 > smb_flg=136 > smb_flg2=16384 > smb_tid=0 > smb_pid=51966 > smb_uid=0 > smb_mid=0 > smt_wct=0 > smb_bcc=0 > > I deserve a clout with the clue-stick for missing that. > > Paul> Since I can't sleep, I'll reinstall, just for kicks. :-) > > I did the reinstall of NT4.0 with SP4, and I still get the same result > upon trying to join the domain. I tried it with client and server > schannel set to both no and yes, still the same result: "Unable to > update local security in order to join the domain". > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lars at kneschke.de Sun Apr 23 16:03:37 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:32 2003 Subject: samba tng ignores %U Message-ID: Hello! The current samba tng ignores the %U parameter in smb.conf. This is from my smb.conf. [global] logon path = \\KNECKE\profile\%U The profile goes to \\KNECKE\profile\... and not to \\KNECKE\profile\\... . This is not so optimal, because every user has the same profile! :-) But is was able to create workstation trust accounts with samedit and to login in to the samba controlled doamain from my laptop. So far so good. Cu From lkcl at samba.org Sun Apr 23 16:25:12 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: samba tng ignores %U In-Reply-To: Message-ID: yep! :) andrew rewrote the standard_sub_xxx() functions, i haven't checked this since. On Mon, 24 Apr 2000, Lars Kneschke wrote: > Hello! > > The current samba tng ignores the %U parameter in smb.conf. > > This is from my smb.conf. > [global] > logon path = \\KNECKE\profile\%U > > The profile goes to \\KNECKE\profile\... and not to > \\KNECKE\profile\\... . This is not so optimal, because every user > has the same profile! :-) > > But is was able to create workstation trust accounts with samedit and to > login in to the samba controlled doamain from my laptop. So far so good. hooray, good. because i am using insure, and it's so slow that the pipe-connections time out! From lkcl at samba.org Sun Apr 23 16:25:53 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: samba tng ignores %U In-Reply-To: Message-ID: what happens when you type in an incorrect password but a correct user? only do this if you don't mind possibly having to power-cycle your m/c. On Mon, 24 Apr 2000, Lars Kneschke wrote: > Hello! > > The current samba tng ignores the %U parameter in smb.conf. > > This is from my smb.conf. > [global] > logon path = \\KNECKE\profile\%U > > The profile goes to \\KNECKE\profile\... and not to > \\KNECKE\profile\\... . This is not so optimal, because every user > has the same profile! :-) > > But is was able to create workstation trust accounts with samedit and to > login in to the samba controlled doamain from my laptop. So far so good. > > > Cu > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pjdc at eircom.net Sun Apr 23 16:49:56 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:32 2003 Subject: Problem with sid_to_string in CVS Samba-TNG Message-ID: Just decided to play with CVS and Samba (checked it out at around 15:30 GMT), and my new installation is creating stringified SIDs like this: (from log.samr) get_sam_domain_name: PDC/BDC MELOCHORD read_sid: Domain: MELOCHORD sid_to_string returning S--1989380350-3784617370-2315756573 read_sid_from_file /usr/local/samba-tng/private/MELOCHORD.SID: sid S--1989380350-3784617370-2315756573 get_member_domain_sid: sid_to_string returning S--1989380350-3784617370-2315756573 S--1989380350-3784617370-2315756573 sid_to_string returning S--32 Map: Domain: BUILTIN SID: S--32 sid_to_string returning S- Map: Domain: Global Domain SID: S- sid_to_string returning S--0 Map: Domain: Everyone SID: S--0 sid_to_string returning S--0 Map: Domain: LOCAL SID: S--0 sid_to_string returning S--0 Map: Domain: Creator Owner SID: S--0 sid_to_string returning S--1 Map: Domain: Creator Group SID: S--1 sid_to_string returning S--2 Map: Domain: Creator Server Owner SID: S--2 sid_to_string returning S--3 Map: Domain: Creator Server Group SID: S--3 sid_to_string returning S- Map: Domain: NT Authority SID: S- sid_to_string returning S--1 And so on. I checked the code for sid_to_string (CVS versus 2.4.2), and bar the change from fstring to pstring, it looks the same. The revision number is missing from *somewhere*... Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Sun Apr 23 16:49:56 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:32 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Message-ID: try putting it back, let me know what happens. On Mon, 24 Apr 2000, Paul J Collins wrote: > > Just decided to play with CVS and Samba (checked it out at around > 15:30 GMT), and my new installation is creating stringified SIDs like > this: (from log.samr) > > get_sam_domain_name: PDC/BDC MELOCHORD > read_sid: Domain: MELOCHORD > sid_to_string returning S--1989380350-3784617370-2315756573 > read_sid_from_file /usr/local/samba-tng/private/MELOCHORD.SID: sid S--1989380350-3784617370-2315756573 > get_member_domain_sid: sid_to_string returning S--1989380350-3784617370-2315756573 > S--1989380350-3784617370-2315756573 > sid_to_string returning S--32 > Map: Domain: BUILTIN SID: S--32 > sid_to_string returning S- > Map: Domain: Global Domain SID: S- > sid_to_string returning S--0 > Map: Domain: Everyone SID: S--0 > sid_to_string returning S--0 > Map: Domain: LOCAL SID: S--0 > sid_to_string returning S--0 > Map: Domain: Creator Owner SID: S--0 > sid_to_string returning S--1 > Map: Domain: Creator Group SID: S--1 > sid_to_string returning S--2 > Map: Domain: Creator Server Owner SID: S--2 > sid_to_string returning S--3 > Map: Domain: Creator Server Group SID: S--3 > sid_to_string returning S- > Map: Domain: NT Authority SID: S- > sid_to_string returning S--1 > > And so on. > > I checked the code for sid_to_string (CVS versus 2.4.2), and bar the > change from fstring to pstring, it looks the same. The revision > number is missing from *somewhere*... > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lars at kneschke.de Sun Apr 23 16:44:59 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: AW: samba tng ignores %U In-Reply-To: Message-ID: > what happens when you type in an incorrect password but a correct user? Windows NT tells me, that i can't login because there is no workstation account or the password for the workstation account is wrong. If i enter the right password i can login normaly. > only do this if you don't mind possibly having to power-cycle your m/c. What is a m/c? Anyway, i didn't need to reboot something. :-) > On Mon, 24 Apr 2000, Lars Kneschke wrote: > > > Hello! > > > > The current samba tng ignores the %U parameter in smb.conf. > > > > This is from my smb.conf. > > [global] > > logon path = \\KNECKE\profile\%U > > > > The profile goes to \\KNECKE\profile\... and not to > > \\KNECKE\profile\\... . This is not so optimal, > because every user > > has the same profile! :-) > > > > But is was able to create workstation trust accounts with samedit and to > > login in to the samba controlled doamain from my laptop. So far so good. > > > > > > Cu > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > From lars at kneschke.de Sun Apr 23 16:45:00 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: AW: samba tng ignores %U In-Reply-To: Message-ID: > yep! :) andrew rewrote the standard_sub_xxx() functions, i haven't > checked this since. Please fix it! ;-) > > > On Mon, 24 Apr 2000, Lars Kneschke wrote: > > > Hello! > > > > The current samba tng ignores the %U parameter in smb.conf. > > > > This is from my smb.conf. > > [global] > > logon path = \\KNECKE\profile\%U > > > > The profile goes to \\KNECKE\profile\... and not to > > \\KNECKE\profile\\... . This is not so optimal, > because every user > > has the same profile! :-) > > > > But is was able to create workstation trust accounts with samedit and to > > login in to the samba controlled doamain from my laptop. So far so good. > > hooray, good. because i am using insure, and it's so slow that the > pipe-connections time out! Ahh, you need a faster computer! :-) Cu From mg at plum.de Sun Apr 23 17:59:33 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: samba tng ignores %U References: Message-ID: <001501bfad4d$af05e770$0201010a@defiant> > The current samba tng ignores the %U parameter in smb.conf. > > This is from my smb.conf. > [global] > logon path = \\KNECKE\profile\%U > > The profile goes to \\KNECKE\profile\... and not to > \\KNECKE\profile\\... . This is not so optimal, because every user > has the same profile! :-) > Hmm .. tested 2.2 on saturday (there are some problems with > 2.2, see messages) Profiles were fine there, although tng occasionly wrote them as user root, so I moved them to a 2.0.7pre4 server. Then profiles worked like a charm ... regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From lkcl at samba.org Sun Apr 23 17:22:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: AW: samba tng ignores %U In-Reply-To: Message-ID: On Sun, 23 Apr 2000, Lars Kneschke wrote: > > what happens when you type in an incorrect password but a correct user? > Windows NT tells me, that i can't login because there is no workstation > account or the password for the workstation account is wrong. If i enter the > right password i can login normaly. excellent. it didn't crash; after entering the wrong password, you _could_ then type in the correct one, etc etc? ok, try now logging in, leave it for 10/15 mins, log out. try also login, logout, login, logout, repeat until you get bored. > > only do this if you don't mind possibly having to power-cycle your m/c. > What is a m/c? Anyway, i didn't need to reboot something. :-) machine. gooood :) > > On Mon, 24 Apr 2000, Lars Kneschke wrote: > > > > > Hello! > > > > > > The current samba tng ignores the %U parameter in smb.conf. > > > > > > This is from my smb.conf. > > > [global] > > > logon path = \\KNECKE\profile\%U > > > > > > The profile goes to \\KNECKE\profile\... and not to > > > \\KNECKE\profile\\... . This is not so optimal, > > because every user > > > has the same profile! :-) > > > > > > But is was able to create workstation trust accounts with samedit and to > > > login in to the samba controlled doamain from my laptop. So far so good. > > > > > > > > > Cu > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > Macmillan Technical Publishing > > > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sun Apr 23 17:24:27 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: AW: samba tng ignores %U In-Reply-To: Message-ID: On Sun, 23 Apr 2000, Lars Kneschke wrote: > > yep! :) andrew rewrote the standard_sub_xxx() functions, i haven't > > checked this since. > Please fix it! ;-) *grump* oh ok, then, just not tonight (2am). another side-interest: http://advogato/person/lkcl. > > hooray, good. because i am using insure, and it's so slow that the > > pipe-connections time out! > Ahh, you need a faster computer! :-) as if 192mb ram, 400-p2 isn't enough, what you think i have to have a dual 500-p3 compaq job to do this stuff???? From lkcl at samba.org Sun Apr 23 17:25:08 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: samba tng ignores %U In-Reply-To: <001501bfad4d$af05e770$0201010a@defiant> Message-ID: On Mon, 24 Apr 2000, Michael Glauche wrote: > > The current samba tng ignores the %U parameter in smb.conf. > > > > This is from my smb.conf. > > [global] > > logon path = \\KNECKE\profile\%U > > > > The profile goes to \\KNECKE\profile\... and not to > > \\KNECKE\profile\\... . This is not so optimal, because every > user > > has the same profile! :-) > > > > Hmm .. tested 2.2 on saturday (there are some problems with > 2.2, see > messages) > Profiles were fine there, although tng occasionly wrote them as user root, EEK! tell me more, that's not good. > so I moved > them to a 2.0.7pre4 server. Then profiles worked like a charm ... *whew*. From pjdc at eircom.net Sun Apr 23 19:29:49 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Luke Kenneth Casson Leighton's message of "Mon, 24 Apr 2000 02:52:22 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> try putting it back, let me know what happens. Done. Put in the sid_to_string from 2.4.2, and it now works. This also means that a valid SID is now being written to private/DOMAIN.SID. I am now able to join my domain, MELOCHORD. Logged in successfully as MELOCHORD\cathy. Logged out and tried giving an incorrect password. Aargh. The "Logon in progress" appeared, and when it disappeared, I got the C0000253 error code, and further attempt to log in with valid domain accounts resulted in C0000037s. Hit ESC and then C-M-DEL; the domain list box had vanished, and I got a C0000037 upon trying to log in with the local Administrator account. This is because LSASS.EXE crashed. Dr Watson report is appended. Rebooted, and I can log in and out many times as various different domain users. No "controller unreachable" errors at all. Profiles load correctly and they seem to have been created with the correct permissions. Nice one. :-) Paul. ---BEGIN "drwtsn32.log"--- Application exception occurred: App: exe\lsass.dbg (pid=43) When: 4/23/2000 @ 20:13:0.158 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: SLICE User Name: Number of Processors: 1 Processor Type: x86 Family 6 Model 5 Stepping 2 Windows Version: 4.0 Current Build: 1381 Service Pack: 4 Current Type: Uniprocessor Free Registered Organization: BigFoot, Inc. Registered Owner: Harry Henderson *----> Task List <----* 0 Idle.exe 2 System.exe 20 smss.exe 30 CSRSS.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 68 SPOOLSS.exe 84 RPCSS.exe 92 PSTORES.exe 112 DRWTSN32.exe 0 _Total.exe (018e0000 - 018e6000) exe\lsass.dbg (77f60000 - 77fbc000) dll\ntdll.dbg (77f00000 - 77f5e000) dll\kernel32.dbg (76520000 - 76549000) dll\lsasrv.dbg (779f0000 - 77a36000) dll\msvcrt.dbg (77e10000 - 77e67000) dll\rpcrt4.dbg (77dc0000 - 77dff000) dll\advapi32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (74f50000 - 74f7e000) dll\samsrv.dbg (75c20000 - 75c2c000) dll\msprivs.dbg (50180000 - 501b1000) dll\netlogon.dbg (77800000 - 7783a000) dll\netapi32.dbg (77840000 - 77849000) dll\NetRap.dbg (777e0000 - 777ed000) dll\samlib.dbg (75b80000 - 75b8f000) dll\msv1_0.dbg (77e00000 - 77e06000) dll\rpclts1.dbg (77bf0000 - 77bf7000) dll\rpcltc1.dbg (76e70000 - 76e82000) dll\security.dbg (77400000 - 77428000) dll\schnlc.dbg (5e380000 - 5e3a5000) dll\msoss.dbg (776d0000 - 776d8000) dll\wsock32.dbg (776b0000 - 776c4000) dll\ws2_32.dbg (776a0000 - 776a7000) dll\ws2help.dbg (5cf00000 - 5cf5e000) dll\crypt32.dbg State Dump for Thread Id 0x2e eax=00000000 ebx=00000000 ecx=00000030 edx=00000000 esi=00c9feb8 edi=ffffffff eip=77f67f27 esp=00c9fda0 ebp=00c9ffb8 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:01bae7a7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 00c9ffb8 77f04f3e 00000000 ffffffff 0012fd68 00000000 ntdll!ZwReplyWaitReceivePort 00c9ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x30 eax=76526b25 ebx=00000000 ecx=00140000 edx=00000000 esi=0012fcf8 edi=00000000 eip=77f6825b esp=00e9ff98 ebp=00e9ffb8 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010246 function: NtWaitForSingleObject 77f68250 b8c5000000 mov eax,0xc5 77f68255 8d542404 lea edx,[esp+0x4] ss:01dae99f=???????? 77f68259 cd2e int 2e 77f6825b c20c00 ret 0xc 77f6825e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 00e9ffb8 77f04f3e 00000000 77f90184 0012fcf8 00000000 ntdll!NtWaitForSingleObject 00e9ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x31 eax=001543d8 ebx=00154300 ecx=00f9f9bc edx=77df9da0 esi=00000001 edi=00000000 eip=77f7ebaa esp=00f9f98c ebp=00000090 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246 function: RtlUpcaseUnicodeStringToOemString 77f7eb91 803d4c38fa7700 ds:77fa384c=00 cmp byte ptr [NlsMbOemCodePageTag (77fa384c)],0x0 77f7eb98 53 push ebx 77f7eb99 56 push esi 77f7eb9a 57 push edi 77f7eb9b 55 push ebp 77f7eb9c 8b6c241c mov ebp,[esp+0x1c] ss:01eae393=???????? 77f7eba0 7408 jz RtlUpcaseUnicodeStringToOemString+0x1c (77f7ebaa) 77f7eba2 55 push ebp 77f7eba3 e860040000 call RtlxUnicodeStringToOemSize (77f7f008) 77f7eba8 eb09 jmp RtlUpcaseUnicodeStringToOemString+0x25 (77f7ebb3) FAULT ->77f7ebaa 0fb74500 movzx eax,word ptr [ebp] ss:00f0ea97=???? 77f7ebae 83c002 add eax,0x2 77f7ebb1 d1e8 shr eax,1 77f7ebb3 3dffff0000 cmp eax,0xffff 77f7ebb8 7607 jbe RtlUpcaseUnicodeStringToOemString+0x33 (77f7ebc1) 77f7ebba b8f00000c0 mov eax,0xc00000f0 77f7ebbf eb75 jmp RtlUpcaseUnicodeStringToOemString+0xa8 (77f7ec36) 77f7ebc1 8d48ff lea ecx,[eax-0x1] ds:01062dde=???????? 77f7ebc4 8b7c2418 mov edi,[esp+0x18] ss:01eae393=???????? 77f7ebc8 66890f mov [edi],cx ds:00000000=???? 77f7ebcb 8a5c2420 mov bl,[esp+0x20] ss:01eae393=?? 77f7ebcf 84db test bl,bl *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 00000090 00000000 00000000 00000000 00000000 00000000 ntdll!RtlUpcaseUnicodeStringToOemString *----> Raw Stack Dump <----* 00f9f98c c4 f9 f9 00 00 00 00 00 - 01 00 00 00 00 43 15 00 .............C.. 00f9f99c ce 00 00 00 d5 f5 f7 77 - bc f9 f9 00 90 00 00 00 .......w........ 00f9f9ac 01 00 00 00 b0 43 15 00 - 08 00 00 00 3c f6 ec 9a .....C......<... 00f9f9bc 10 fa f9 00 a3 15 18 50 - 10 fa f9 00 32 16 18 50 .......P....2..P 00f9f9cc 90 00 00 00 d8 43 15 00 - 64 00 00 c0 03 fe f9 00 .....C..d....... 00f9f9dc 03 fe f9 00 22 45 28 ea - dc a6 46 6a 36 4b 03 39 ...."E(...Fj6K.9 00f9f9ec 3c f6 ec 9a 0b 97 d5 ed - 00 00 00 00 54 48 73 a5 <...........THs. 00f9f9fc a4 ad 35 ce 00 00 00 00 - 00 00 00 00 ff 01 00 00 ..5............. 00f9fa0c 03 fe f9 01 48 fa f9 00 - cf 17 18 50 b0 43 15 00 ....H......P.C.. 00f9fa1c 01 00 00 00 cc fc f9 00 - 03 00 00 00 f8 fd f9 00 ................ 00f9fa2c 03 fe f9 00 10 fd f9 00 - d0 ba 1a 50 03 fe f9 00 ...........P.... 00f9fa3c 03 00 00 00 10 fe f9 00 - 84 01 f9 77 94 fa f9 00 ...........w.... 00f9fa4c f8 1b 18 50 01 00 00 00 - 01 00 00 00 cc fc f9 00 ...P............ 00f9fa5c 03 00 00 00 f8 fd f9 00 - 03 fe f9 00 10 fd f9 00 ................ 00f9fa6c f0 fd f9 00 00 00 00 00 - 02 00 00 00 b0 fa f9 00 ................ 00f9fa7c 6d 6f f6 77 00 00 14 00 - ff 01 00 00 cc fc f9 00 mo.w............ 00f9fa8c 98 6f f6 77 01 00 00 00 - 20 fe f9 00 05 70 b8 75 .o.w.... ....p.u 00f9fa9c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 00f9faac 01 00 00 00 f0 fd f9 00 - 03 00 00 00 f8 fd f9 00 ................ 00f9fabc 03 fe f9 00 60 ff f9 00 - c8 87 15 00 20 ff f9 00 ....`....... ... State Dump for Thread Id 0x32 eax=00000000 ebx=00000000 ecx=00000501 edx=00000000 esi=00000014 edi=0109ff00 eip=77f67f27 esp=0109fee0 ebp=0109ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:01fae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0109ffb8 77f04f3e 00000001 00000000 00000000 00000001 ntdll!ZwReplyWaitReceivePort 0109ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x33 eax=0119fe40 ebx=00000000 ecx=0119ee60 edx=00000000 esi=00000014 edi=0119ff00 eip=77f67f27 esp=0119fee0 ebp=0119ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:020ae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0119ffb8 77f04f3e 00000002 00000000 00000000 00000002 ntdll!ZwReplyWaitReceivePort 0119ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x34 eax=00000000 ebx=00000000 ecx=00000001 edx=00000000 esi=00000014 edi=0129ff00 eip=77f67f27 esp=0129fee0 ebp=0129ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:021ae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0129ffb8 77f04f3e 00000003 00000000 00000000 00000003 ntdll!ZwReplyWaitReceivePort 0129ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x35 eax=00000000 ebx=00000000 ecx=0139f5f0 edx=00000000 esi=00000014 edi=0139ff00 eip=77f67f27 esp=0139fee0 ebp=0139ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:022ae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0139ffb8 77f04f3e 00000004 00000000 00000000 00000004 ntdll!ZwReplyWaitReceivePort 0139ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x36 eax=0149fcac ebx=00000000 ecx=0149fcac edx=00000000 esi=00000014 edi=0149ff00 eip=77f67f27 esp=0149fee0 ebp=0149ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:023ae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0149ffb8 77f04f3e 00000005 00000000 00000000 00000005 ntdll!ZwReplyWaitReceivePort 0149ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x37 eax=0159fe40 ebx=00000000 ecx=0159ee60 edx=00000000 esi=00000014 edi=0159ff00 eip=77f67f27 esp=0159fee0 ebp=0159ffb8 iopl=0 nv up ei ng nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010296 function: ZwReplyWaitReceivePort 77f67f1c b890000000 mov eax,0x90 77f67f21 8d542404 lea edx,[esp+0x4] ss:024ae8e7=???????? 77f67f25 cd2e int 2e 77f67f27 c21000 ret 0x10 77f67f2a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0159ffb8 77f04f3e 00000006 00000000 00000000 00000006 ntdll!ZwReplyWaitReceivePort 0159ffec 00000000 00000000 00000000 00000000 00000000 kernel32!lstrcmpiW 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x38 eax=00148480 ebx=0169ff64 ecx=00000000 edx=00000000 esi=000000d8 edi=00000000 eip=77f67e87 esp=0169fe84 ebp=0169feec iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010246 function: ZwReadFile 77f67e7c b886000000 mov eax,0x86 77f67e81 8d542404 lea edx,[esp+0x4] ss:025ae88b=???????? 77f67e85 cd2e int 2e 77f67e87 c22400 ret 0x24 77f67e8a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0169feec 77dd8b0e 000000d8 00145bf0 0000021a 0169ff1c ntdll!ZwReadFile 0169ff20 77dd855a 000000d8 00145bf0 0000021a 0169ff64 advapi32!RegisterServiceCtrlHandlerA 0169ff84 77dd8377 000000d8 00145bf0 0000021a 0012ffb0 advapi32!StartServiceCtrlDispatcherW 0169ffa8 76528e7f 76544268 77f3b874 00000000 77f04f3e advapi32!StartServiceCtrlDispatcherA 0169ffec 00000000 00000000 00000000 00000000 00000000 lsasrv!LsapInitLsa 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x45 eax=00000001 ebx=01aefc94 ecx=01aeff38 edx=00000000 esi=7ffdf000 edi=01aefcb4 eip=77f6824b esp=01aefc70 ebp=01aefcc4 iopl=0 nv up ei pl nz ac pe cy cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010213 function: NtWaitForMultipleObjects 77f68240 b8c4000000 mov eax,0xc4 77f68245 8d542404 lea edx,[esp+0x4] ss:029fe677=???????? 77f68249 cd2e int 2e 77f6824b c21400 ret 0x14 77f6824e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 01aefcc4 77f1cdc8 00000002 01aefec8 00000000 0000afc8 ntdll!NtWaitForMultipleObjects 01aefce0 50189544 00000002 01aefec8 00000000 0000afc8 kernel32!WaitForMultipleObjects 01aeff58 50189f7a 77e5815c 50180000 00142c70 76541830 netlogon!I_NetNotifyRole 01aeff74 7652cabc 00000001 00142c78 77e5815c 00142c70 netlogon!NlNetlogonMain 01aeffa8 77dd8cee 00000001 00142c78 00148a30 77f04f3e lsasrv!LsaIOpenPolicyTrusted 01aeffec 00000000 00000000 00000000 00000000 00000000 advapi32!RegisterServiceCtrlHandlerA 00000000 00000000 00000000 00000000 00000000 00000000 lsass! State Dump for Thread Id 0x5f eax=00000002 ebx=001450c4 ecx=00000002 edx=00000000 esi=00156254 edi=020eff84 eip=77f6825b esp=020eff6c ebp=020eff94 iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010216 function: NtWaitForSingleObject 77f68250 b8c5000000 mov eax,0xc5 77f68255 8d542404 lea edx,[esp+0x4] ss:02ffe973=???????? 77f68259 cd2e int 2e 77f6825b c20c00 ret 0xc 77f6825e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 020eff94 77e15ea5 00003a98 020effec 000a0008 00148530 ntdll!NtWaitForSingleObject 00003a98 00000000 00000000 00000000 00000000 00000000 rpcrt4!I_RpcAsyncSendReceive State Dump for Thread Id 0x75 eax=00000000 ebx=001450c4 ecx=00000301 edx=00000000 esi=00158a14 edi=021eff84 eip=77f6825b esp=021eff6c ebp=021eff94 iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010216 function: NtWaitForSingleObject 77f68250 b8c5000000 mov eax,0xc5 77f68255 8d542404 lea edx,[esp+0x4] ss:030fe973=???????? 77f68259 cd2e int 2e 77f6825b c20c00 ret 0xc 77f6825e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 021eff94 77e15ea5 00003a98 021effec 000a0008 00154708 ntdll!NtWaitForSingleObject 00003a98 00000000 00000000 00000000 00000000 00000000 rpcrt4!I_RpcAsyncSendReceive State Dump for Thread Id 0x2f eax=0014f048 ebx=001452d0 ecx=00500000 edx=00000000 esi=001452c0 edi=000003e8 eip=77f6824b esp=022efeec ebp=022eff2c iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010202 function: NtWaitForMultipleObjects 77f68240 b8c4000000 mov eax,0xc4 77f68245 8d542404 lea edx,[esp+0x4] ss:031fe8f3=???????? 77f68249 cd2e int 2e 77f6824b c21400 ret 0x14 77f6824e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 022eff2c 77e18c00 001452c0 022eff58 022eff88 022eff84 ntdll!NtWaitForMultipleObjects 022eff60 77e1a587 022eff8c 022eff88 022eff84 00158150 rpcrt4!I_RpcTransServerUnprotectThread 022eff90 77e1ac1c 77e15eaf 001451e0 022effec 00158300 rpcrt4!I_RpcTransServerProtectThread 00003a98 00000000 00000000 00000000 00000000 00000000 rpcrt4!RpcTestCancel State Dump for Thread Id 0x72 eax=77e15f2a ebx=001450c4 ecx=00140000 edx=00000000 esi=0015036c edi=023eff84 eip=77f6825b esp=023eff6c ebp=023eff94 iopl=0 nv up ei pl nz ac po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00010216 function: NtWaitForSingleObject 77f68250 b8c5000000 mov eax,0xc5 77f68255 8d542404 lea edx,[esp+0x4] ss:032fe973=???????? 77f68259 cd2e int 2e 77f6825b c20c00 ret 0xc 77f6825e 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 023eff94 77e15ea5 00003a98 023effec 000a0008 00148480 ntdll!NtWaitForSingleObject 00003a98 00000000 00000000 00000000 00000000 00000000 rpcrt4!I_RpcAsyncSendReceive --END "drwtsn32.log"--- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kyle_peterson1 at hotmail.com Sun Apr 23 22:24:59 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:33 2003 Subject: Questions Message-ID: <20000423222425.77779.qmail@hotmail.com> Hi, I have a couple of questions regarding samba. Does Samba 2.0.7pre4 work as a PDC? Also, I am trying to get samba-tng2.4.2 working on my FreeBSD 3.4 machine. Everything compiles ok, but when I try to access a share it says that the password is not right (it actually says this in the machine specifiic log files). From pjdc at eircom.net Sun Apr 23 22:44:06 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: Questions In-Reply-To: "Kyle Peterson"'s message of "Mon, 24 Apr 2000 08:26:00 +1000" References: <20000423222425.77779.qmail@hotmail.com> Message-ID: >>>>> "Kyle" == Kyle Peterson writes: Kyle> Hi, I have a couple of questions regarding samba. Does Kyle> Samba 2.0.7pre4 work as a PDC? Also, I am trying to get I believe the Official(TM) answer to this is that you can do it, but it Not Recommended(R). The PDC code in 2.0.x is quite old, and all of the development and bugfixing for PDC functionality is being done on the SAMBA_TNG branch. Kyle> samba-tng2.4.2 working on my FreeBSD 3.4 machine. Kyle> Everything compiles ok, but when I try to access a share it Kyle> says that the password is not right (it actually says this Kyle> in the machine specifiic log files). At a minimum, you would need to supply the contents of the smb.conf file, the exact version and service pack of the client, and the details of how you configured your samba and joined the client to the domain, along with the exact text and error number of the error(s) you are seeing in the event log. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kyle_peterson1 at hotmail.com Sun Apr 23 22:45:33 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG2.4.2 and FreeBSD Message-ID: <20000423224459.23355.qmail@hotmail.com> Hi, I am having this really strange problem where samba won't accept ANY username & password. The machine specific logs say something about SMB LM/NT Password did not match. I've tried compiling using the --with-pam option and it didn't make a difference. I can use the latest samba 2.1 code, and also samba 2.0.7pre4 works. Anybody have any ideas on this? Thank you. From helas at rbg.informatik.tu-darmstadt.de Sun Apr 23 22:52:09 2000 From: helas at rbg.informatik.tu-darmstadt.de (Martin Helas) Date: Tue Dec 2 02:29:33 2003 Subject: newbie, problems with domain-logon Message-ID: Hi im a newbie to the samba-tng. i watched the list for several weeks now. after some starting problems i've got tng working well. Lars homepage helped a lot. I took all config-files from there. lars: two things: in the newest cvs, smbd and the other deamons are in /opt/samba-tng/sbin second, the stuff about the domain-admins is a little bit hard to understand for newbies. Now my problems. I am able to login from the NT-m/c, but after login, NT tells me there is no Domain-Controller available. It is also not possible to "change the time" !! (<- i dont get admis rights) in advance, thanks a lot Martin From kyle_peterson1 at hotmail.com Sun Apr 23 23:45:35 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:33 2003 Subject: Questions References: <20000423222425.77779.qmail@hotmail.com> Message-ID: <20000423234654.16606.qmail@hotmail.com> I configured samba using the --without-pam option. It doesn't matter which client I'm using to replicate the problem. I mainly use win98se, but I use smbclient for testing a new install of samba. When I use smbclient to test I use the following: smbclient \\\\SERVER\\root -U root then it asks for the password I enter it and it displays "failed session setup" 2 times. I've added root and all my other usernames with 'smbpasswd -a username'. Here is my smb.conf file [global] workgroup = PHOENIX encrypt passwords = Yes update encrypted = Yes passwd program = /usr/bin/passwd username map = /usr/local/samba/private/smbusers unix password sync = Yes log file = /usr/local/samba/var/log.%m time server = Yes deadtime = 15 lpq cache time = 3 socket options = TCP_NODELAY IPTOS_LOWDELAY load printers = No logon script = login.bat logon path = \\SERVER\profile\%U logon drive = U: logon home = \\SERVER\%U domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes admin users = petersonk Here is the log file: ncalrpc_l_establish_connection: failed lsarpc) ncalrpc_l_use_add: connection failed SMB LM/NT Password did not match! Rejecting user 'root': authentication failed ncalrpc_l_establish_connection: failed lsarpc) ncalrpc_l_use_add: connection failed SMB LM/NT Password did not match! Rejecting user 'root': authentication failed ----- Original Message ----- From: Paul J Collins To: Multiple recipients of list SAMBA-NTDOM Sent: Sunday, April 23, 2000 4:40 PM Subject: Re: Questions > >>>>> "Kyle" == Kyle Peterson writes: > > Kyle> Hi, I have a couple of questions regarding samba. Does > Kyle> Samba 2.0.7pre4 work as a PDC? Also, I am trying to get > > I believe the Official(TM) answer to this is that you can do it, but > it Not Recommended(R). The PDC code in 2.0.x is quite old, and all of > the development and bugfixing for PDC functionality is being done on > the SAMBA_TNG branch. > > Kyle> samba-tng2.4.2 working on my FreeBSD 3.4 machine. > Kyle> Everything compiles ok, but when I try to access a share it > Kyle> says that the password is not right (it actually says this > Kyle> in the machine specifiic log files). > > At a minimum, you would need to supply the contents of the smb.conf > file, the exact version and service pack of the client, and the > details of how you configured your samba and joined the client to the > domain, along with the exact text and error number of the error(s) you > are seeing in the event log. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > > From mg at plum.de Mon Apr 24 00:55:32 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG2.4.2 and FreeBSD References: <20000423224459.23355.qmail@hotmail.com> Message-ID: <000901bfad87$cad7e540$0201010a@defiant> > Hi, I am having this really strange problem where samba won't accept ANY > username & password. The machine specific logs say something about SMB > LM/NT Password did not match. I've tried compiling using the --with-pam > option and it didn't make a difference. I can use the latest samba 2.1 > code, and also samba 2.0.7pre4 works. Anybody have any ideas on this? Thank > you. You can test logins within samedit : samedit -S . ntlogin if that fails, you have some problem with the backend, when this succeeds, and NT can't login (as someone posted earlier) the problem lies in TNG. (2.4.2 does not really work well as pdc, the most recent "stable" seems to be 2.2) regards, Michael From mg at plum.de Mon Apr 24 01:00:58 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: Questions References: <20000423222425.77779.qmail@hotmail.com> <20000423234654.16606.qmail@hotmail.com> Message-ID: <001c01bfad88$8d193460$0201010a@defiant> > I configured samba using the --without-pam option. It doesn't matter which > client I'm using to replicate the problem. I mainly use win98se, but I use > smbclient for testing a new install of samba. When I use smbclient to test > I use the following: > smbclient \\\\SERVER\\root -U root > then it asks for the password I enter it and it displays "failed session > setup" 2 times. I've added root and all my other usernames with > 'smbpasswd -a username'. Which version of Samba ? With TNG you should add users with samedit, instead of smbpasswd -a. If you are using TNG, test the logins with: samedit -S . ntlogin root (p.s. you can use smbclient with "//" instead of "\\\\" ;) regards, Michael From mg at plum.de Mon Apr 24 00:57:53 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: newbie, problems with domain-logon References: Message-ID: <001301bfad88$1f2f1500$0201010a@defiant> > Hi > im a newbie to the samba-tng. i watched the list for several weeks now. > after some starting problems i've got tng working well. Lars homepage helped > a lot. I took all config-files from there. lars: two things: in the newest > cvs, smbd and the other deamons are in /opt/samba-tng/sbin > second, the stuff about the domain-admins is a little bit hard to understand > for newbies. > Now my problems. I am able to login from the NT-m/c, but after login, NT > tells me there is no Domain-Controller available. This seems to be a problem with the recent TNG variants. > It is also not possible to > "change the time" !! (<- i dont get admis rights) Did u set up domain group map correctly ? If yes, try to make some more debug information (set debug level to 3,10, 100 :) and look for information in the logfiles ;) regards, Michael From kyle_peterson1 at hotmail.com Mon Apr 24 00:11:24 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:33 2003 Subject: Questions References: <20000423222425.77779.qmail@hotmail.com> <20000423234654.16606.qmail@hotmail.com> <001c01bfad88$8d193460$0201010a@defiant> Message-ID: <20000424001109.93634.qmail@hotmail.com> i'm trying to use 2.4.2. ps. the messages "Questions" & "Samba-TNG2.4.2 and FreeBSD" are the same thing. I sent them twice because the first one I sent I wasn't subscribed to the mailinglist and I thought it wouldn't get sent. ----- Original Message ----- From: Michael Glauche To: Multiple recipients of list SAMBA-NTDOM Sent: Sunday, April 23, 2000 6:00 PM Subject: Re: Questions > > I configured samba using the --without-pam option. It doesn't matter > which > > client I'm using to replicate the problem. I mainly use win98se, but I > use > > smbclient for testing a new install of samba. When I use smbclient to > test > > I use the following: > > smbclient \\\\SERVER\\root -U root > > then it asks for the password I enter it and it displays "failed session > > setup" 2 times. I've added root and all my other usernames with > > 'smbpasswd -a username'. > > Which version of Samba ? With TNG you should add users with samedit, instead > of > smbpasswd -a. > > If you are using TNG, test the logins with: > samedit -S . > ntlogin root > > (p.s. you can use smbclient with "//" instead of "\\\\" ;) > > regards, > Michael > > > From kyle_peterson1 at hotmail.com Mon Apr 24 00:49:14 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG2.4.2 and FreeBSD References: <20000423224459.23355.qmail@hotmail.com> <000901bfad87$cad7e540$0201010a@defiant> Message-ID: <20000424004844.86878.qmail@hotmail.com> I can login through samedit ok. If I should add users using samedit, what is smbpasswd used for? Also, I have several win95/98se workstations will they be able to access shares? ----- Original Message ----- From: Michael Glauche To: Multiple recipients of list SAMBA-NTDOM Sent: Sunday, April 23, 2000 5:54 PM Subject: Re: Samba-TNG2.4.2 and FreeBSD > > Hi, I am having this really strange problem where samba won't accept ANY > > username & password. The machine specific logs say something about SMB > > LM/NT Password did not match. I've tried compiling using the --with-pam > > option and it didn't make a difference. I can use the latest samba 2.1 > > code, and also samba 2.0.7pre4 works. Anybody have any ideas on this? > Thank > > you. > > You can test logins within samedit : > samedit -S . > ntlogin > > if that fails, you have some problem with the backend, when this succeeds, > and NT can't login (as someone posted earlier) the problem lies in TNG. > (2.4.2 does not really work well as pdc, the most recent "stable" seems to > be 2.2) > > regards, > Michael > > From mg at plum.de Mon Apr 24 02:20:45 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG2.4.2 and FreeBSD References: <20000423224459.23355.qmail@hotmail.com> <000901bfad87$cad7e540$0201010a@defiant> <20000424004844.86878.qmail@hotmail.com> Message-ID: <001201bfad93$b28cc170$0201010a@defiant> > I can login through samedit ok. If I should add users using samedit, what > is smbpasswd used for? Also, I have several win95/98se workstations will > they be able to access shares? Then it's a problem with 2.4.2, IIRC there was someone with a fix around here, so I guess it will make it into 2.5 (or 2.4.3 ? ;) If you want a pdc right now, get the 2.2 TNG release. Its not perfect, but you can login to the samba-domain (sometimes ;) smbpasswd will/should be replaced with a simple wrapper script that calls samedit ... regards, Michael From kfitzner at nexus.v-wave.com Mon Apr 24 05:03:47 2000 From: kfitzner at nexus.v-wave.com (Kurt Fitzner) Date: Tue Dec 2 02:29:33 2003 Subject: Latest problems with libc5 TNG Message-ID: I've just tried the latest (2.4.2) TNg on my libc5 box again. The earlier problems with the dns lookups on *smbserver are gone. From what I can tell using the local commands (smbpasswd & rpcclient) it works perfectly. However, when I try and join a W2K machine to the domain, after I specify the somain user to join I get a "Cannot connect to RPC server" error. All the processes were started and running. I have no idea what to look for in the logs to provide information, but I have saved logs of a single join attempt a default log level and log level 100. Let me know what (if any) information would be helpful. Kurt. From lkcl at samba.org Mon Apr 24 07:07:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Message-ID: On Mon, 24 Apr 2000, Paul J Collins wrote: > >>>>> "Luke" == Luke Kenneth Casson Leighton writes: > > Luke> try putting it back, let me know what happens. > > Done. Put in the sid_to_string from 2.4.2, and it now works. This > also means that a valid SID is now being written to > private/DOMAIN.SID. great. > I am now able to join my domain, MELOCHORD. Logged in successfully as > MELOCHORD\cathy. Logged out and tried giving an incorrect password. > Aargh. The "Logon in progress" appeared, and when it disappeared, I > got the C0000253 error code, and further attempt to log in with valid > domain accounts resulted in C0000037s. Hit ESC and then C-M-DEL; the > domain list box had vanished, and I got a C0000037 upon trying to log > in with the local Administrator account. This is because LSASS.EXE > crashed. Dr Watson report is appended. argh. no, it's ok, i've seen those so many times it's not true :) more use to someone at microsoft, except they're already aware of how badly broken nt4's dce/rpc is, and why, so it's ok. > Rebooted, and I can log in and out many times as various different > domain users. hmm, so i _still_ haven't got the damn "invalid user" response correct, yet. > No "controller unreachable" errors at all. Profiles > load correctly and they seem to have been created with the correct > permissions. > > Nice one. :-) From lkcl at samba.org Mon Apr 24 07:44:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG2.4.2 and FreeBSD In-Reply-To: <000901bfad87$cad7e540$0201010a@defiant> Message-ID: > if that fails, you have some problem with the backend, when this succeeds, > and NT can't login (as someone posted earlier) the problem lies in TNG. > (2.4.2 does not really work well as pdc, the most recent "stable" seems to > be 2.2) yep. that's why i went to minor release numbers. when people say 2.4.x is good, i'll go to 2.5. From lars at kneschke.de Mon Apr 24 08:09:12 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: newbie, problems with domain-logon In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Martin Helas > Sent: Monday, April 24, 2000 12:53 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: newbie, problems with domain-logon > lars: two things: in the newest > cvs, smbd and the other deamons are in /opt/samba-tng/sbin Didn't notice this yet. > second, the stuff about the domain-admins is a little bit hard to > understand > for newbies. I'll rework the documentation today. I'll see what i can do, to make it easier to understand. Cu From lars at kneschke.de Mon Apr 24 08:02:10 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: samba tng ignores %U In-Reply-To: Message-ID: > -----Ursprungliche Nachricht----- > Von: Luke Leighton [mailto:lkcl@samba.org] > Gesendet: Sonntag, 23. April 2000 19:24 > An: Lars Kneschke > Cc: Multiple recipients of list SAMBA-NTDOM > Betreff: Re: AW: samba tng ignores %U > > > On Sun, 23 Apr 2000, Lars Kneschke wrote: > > > > yep! :) andrew rewrote the standard_sub_xxx() functions, i haven't > > > checked this since. > > Please fix it! ;-) > > *grump* oh ok, then, just not tonight (2am). :-) > another side-interest: > http://advogato.org/person/lkcl. Interesting project! Thanks for the hint. I read freshmeat as often i can, but slashdot is not so interesting for me. This side looks very promissing. > > > > hooray, good. because i am using insure, and it's so slow that the > > > pipe-connections time out! > > Ahh, you need a faster computer! :-) > > as if 192mb ram, 400-p2 isn't enough, what you think i have to have a > dual 500-p3 compaq job to do this stuff???? Would'nt it be nice to have such a machine? :-) I have a Pentium 133 here at home for testing samba and developing ksamba, but at work i have a PIII/500 laptop. The last time a work more and more with the laptop! :-) Cu From lkcl at samba.org Mon Apr 24 08:16:43 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: Advogato.org In-Reply-To: Message-ID: hey, lars, make yerself an account, ok? that goes for any other samba contributers, too, then put yourselves down as documenter, contributer, helper, whatever. i'd really like to see all the people who have been doing cvs and alpha downloads on a regular basis and sending reports in as helpers, too, ok? create a few projects, ksamba etc. sander, can you do likewise, and create sidlc on there, too? On Mon, 24 Apr 2000, Lars Kneschke wrote: > > another side-interest: > > http://advogato.org/person/lkcl. > Interesting project! Thanks for the hint. I read freshmeat as often i can, > but slashdot is not so interesting for me. This side looks very promissing. http://samba.org/~lkcl/mod_virgule.tgz. raph is currently away, so hasn't had a chance to look at the horrendous mess i've made of the coe. > > as if 192mb ram, 400-p2 isn't enough, what you think i have to have a > > dual 500-p3 compaq job to do this stuff???? > Would'nt it be nice to have such a machine? :-) *giggle*. we have two, here. From mg at plum.de Mon Apr 24 10:31:07 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:33 2003 Subject: samba tng ignores %U References: Message-ID: <001701bfadd8$33ab9fd0$0b04010a@plum.int> > > as if 192mb ram, 400-p2 isn't enough, what you think i have to have a > > dual 500-p3 compaq job to do this stuff???? > Would'nt it be nice to have such a machine? :-) > I have a Pentium 133 here at home for testing samba and developing ksamba, > but at work i have a PIII/500 laptop. The last time a work more and more > with the laptop! :-) hehe same here. TNG as of 2.2 takes about 1 hour to compile ;) (glad I have some nice dual celeron 433 at work ;) regards, Michael From pjdc at eircom.net Mon Apr 24 12:00:09 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Luke Kenneth Casson Leighton's message of "Mon, 24 Apr 2000 17:10:25 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: >> in with the local Administrator account. This is because >> LSASS.EXE crashed. Dr Watson report is appended. Luke> argh. no, it's ok, i've seen those so many times it's not Luke> true :) Is this a variant of that LSA DoS attack they "fixed" in SP4? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Mon Apr 24 12:05:13 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: samba tng ignores %U In-Reply-To: <001701bfadd8$33ab9fd0$0b04010a@plum.int> Message-ID: On Mon, 24 Apr 2000, Michael Glauche wrote: > > > as if 192mb ram, 400-p2 isn't enough, what you think i have to have a > > > dual 500-p3 compaq job to do this stuff???? > > Would'nt it be nice to have such a machine? :-) > > I have a Pentium 133 here at home for testing samba and developing ksamba, > > but at work i have a PIII/500 laptop. The last time a work more and more > > with the laptop! :-) > > hehe same here. TNG as of 2.2 takes about 1 hour to compile ;) whoa, holy cow. that's insane. From lkcl at samba.org Mon Apr 24 12:06:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Message-ID: On Mon, 24 Apr 2000, Paul J Collins wrote: > >>>>> "Luke" == Luke Kenneth Casson Leighton writes: > > >> in with the local Administrator account. This is because > >> LSASS.EXE crashed. Dr Watson report is appended. > > Luke> argh. no, it's ok, i've seen those so many times it's not > Luke> true :) > > Is this a variant of that LSA DoS attack they "fixed" in SP4? *sigh*. no, it's a client-side bug. no client-side bugs have been fixed in nt4. it's not considered worthwhile, by microsoft. after all, what would you be doing putting third party servers on your network? From lalvp at cyberscapes.com.au Mon Apr 24 13:42:26 2000 From: lalvp at cyberscapes.com.au (Vivian P. Lal) Date: Tue Dec 2 02:29:33 2003 Subject: Late Domain Logon Message-ID: <000301bfadf2$eded3560$6501a8c0@cyberscapes.com.au> Hi I have just upgraded to RedHat 6.2 and am now running Samba 2.0.6-9. Ever since the upgrade my domain logons have been mucked up. When I switch on any of my Win98 clients they come up with Windows logon before the Domain logon. In fact the Domain logon box comes up at least 15 minutes after I have logged on to Windows locally. During that time I can see the client/server trying to make some sort of connection on the hub. When I look at the smb.log it says that it is waiting for a connection. It's just that it does not become aware of the client trying to log in until about 15 minutes after the client is logged in locally. After the domain logon box pops up, I can log in fine and there's no other problem. I see no errors in the log file, it seems as if everything else is operation perfectly. Should I build my server from scratch with Redhat 6.2, perhaps 6.1 didn't like the upgrade? Thanks in advance for any help someone may offer. Vivian Lal From lkcl at samba.org Mon Apr 24 14:40:20 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:33 2003 Subject: samba-tng-alpha.2.5.tar.bz2 Message-ID: ftp://samba.org/pub/samba/alpha and mirrors went to minor release numbers on 2.4 because of instability. also, if you are running into problems at high debug log levels, try reducing them to more reasonable levels (between 5 and 10 or even just 1) and see if it works. i ran into timeouts because of too much debug output! andrew and i have been using insure (a proprietary, *excellent* memory-checking tool that doesn't have a price tag on their web site) and it's found loads and loads of bugs, it's really good. gotta run, have fun, luke. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pjdc at eircom.net Mon Apr 24 15:17:23 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: Problem with sid_to_string in CVS Samba-TNG In-Reply-To: Luke Kenneth Casson Leighton's message of "Mon, 24 Apr 2000 22:10:34 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> after all, what would you be doing putting third party Luke> servers on your network? Er, getting the job done quickly and efficiently? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon Apr 24 15:37:12 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: OT: i'm stupid Message-ID: Hello! Since 27.february 2000 i install the samba binaries in /opt/samba_tng but start the deaemons from /opt/samba-tng. That's why every time i compile and install samba tng, always the same are working or not! Stupid!! :-) Now i compile new binaries, which go to /opt/samba-tng! Cu -- Lars Kneschke http://www.kneschke.de From tadams at pbl.ca Mon Apr 24 15:36:57 2000 From: tadams at pbl.ca (Tim Adams) Date: Tue Dec 2 02:29:33 2003 Subject: Log in Message-ID: <000001bfae02$ed92ed20$3cc809c0@wis.pbl.ca> This started a couple of months ago, but I have not had time to really look at it until now. When running samba-tng, my user password is not authenticated against the samba server. This happens when my machine is running as a part of the samba domain (the machine logs on to the domain with no problems), or stand alone/part of another domain. Authentication works fine with samba-2.0.6, and I have even tried copying the smbpasswd file from the 2.0.6 installation to the tng installation. I have downloaded the cvs several times, and downloaded the tar.gz file a few times. I get the same result each time. Here are the last few lines of the log.smb file, and attached is my smb.conf. root is in 7 groups: 0, 1, 2, 3, 4, 6, 10 uid 0 registered to name root Clearing default real name uid 0 vuid 104 registered to unix name root policy(pnum=4 ): Setting policy state setting policy con policy(pnum=4 ): Getting policy state Getting policy con state LSA_OPENSECRET: unknown error policy(pnum=4 ): Getting policy state Getting policy con state policy(pnum=4 ): Closing SMB LM/NT Password did not match! Rejecting user 'tadams': authentication failed 32 bit error packet at line 494 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory Tim Adams Programmer/Analyst Information Technology Pollard Banknote Ltd. -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 1186 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000424/62985c08/smb.obj From pjdc at eircom.net Mon Apr 24 15:59:16 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: "Invalid user" response / lsass.exe (was Re: Problem with sid_to_string in CVS Samba-TNG) In-Reply-To: Luke Kenneth Casson Leighton's message of "Mon, 24 Apr 2000 17:10:25 +1000" Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> hmm, so i _still_ haven't got the damn "invalid user" Luke> response correct, yet. Looks like you fixed this one. After I saw your accounce for 2.5, I did a cvs update and rebuilt. I reinstalled into the same tree that my existing installation is in, and not only does everything still work, but when I give an incorrect password, I get the standard error and lsass.exe does not crash. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon Apr 24 16:21:05 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: Advogato.org In-Reply-To: Message-ID: > hey, lars, make yerself an account, ok? that goes for any other samba > contributers, too, then put yourselves down as documenter, contributer, > helper, whatever. i'd really like to see all the people who have been > doing cvs and alpha downloads on a regular basis and sending reports in as > helpers, too, ok? > > create a few projects, ksamba etc. I have ksamba online, and also created a account for me, but i can't join the samba project. Maybe because i'm "unimportant". :-) Cu -- Lars Kneschke http://www.kneschke.de From nwaltham at wwf.org.co Mon Apr 24 18:16:44 2000 From: nwaltham at wwf.org.co (Nicholas Waltham) Date: Tue Dec 2 02:29:33 2003 Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client In-Reply-To: Message-ID: Hi All, I have Samba 2.06 running happily, with encrypted passwords controling a primary domain with Windows 95/98 and NT4 clients. Today I upgraded one of the laptops to Windows 2000, and I cannot log on to the domain. If I log on to its local domain, and navigate the network neighbourhood to the server, I can log on and see the files, so there is no problem with communication with the server. So how can I make Windows 2000 join the domain and work like all the other computers. Thanks in advance, Nicholas Waltham From lars at kneschke.de Mon Apr 24 19:37:33 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:33 2003 Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client In-Reply-To: Message-ID: I don't know exactly, but i think W2k and Samba 2.06 don't work. Cu > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Nicholas Waltham > Sent: Monday, April 24, 2000 8:21 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client > > > Hi All, > I have Samba 2.06 running happily, with encrypted passwords controling > a primary domain with Windows 95/98 and NT4 clients. Today I upgraded one > of the laptops to Windows 2000, and I cannot log on to the domain. If I > log on to its local domain, and navigate the network neighbourhood to > the server, I can log on and see the files, so there is no problem with > communication with the server. So how can I make Windows 2000 > join the domain > and work like all the other computers. > > Thanks in advance, > Nicholas Waltham > > > -- Lars Kneschke http://www.kneschke.de From arielez at cs.huji.ac.il Mon Apr 24 19:49:02 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:33 2003 Subject: Samba-TNG 2.5 Message-ID: I got tng2.5 up and running, and it fixed the two problems I had before ( <1> NT refuesed to join the domain claiming an error about setting local security, <2> After joining the domain it refused to allow logons because of an invalid machine password account or something like this ...) But 2.5 produced a new problem: Sometimes when a users tries to login he gets "The system can not log you on (C0000078). Please try again or consult your system administrator". If he retries (and sometimes he needs to retry two or three times) he gets to login. I didn't have time to run it with a high debuglevel setting, but when running it without any debuglevel parameter, now message at all is logged in the logs concerning the failures, and the NT log specifies that the logon failed because of an unknown reason. Any one have any ideas? From jffolliott at home.com Mon Apr 24 20:17:54 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:33 2003 Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client In-Reply-To: Message-ID: Hi Nicholas, You'll need to experiment with SAMBA_TNG to get the domain logon functionality for Windows 2000 clients. Samba 2.0.7 is mainly a file/print server for W2K clients, and contains outdated Domain Logon support for NT4 clients. TNG alpha releases are at ftp://samba.org/pub/samba/alpha/ See FAQ at http://www.kneschke.de/projekte/samba_tng/ Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Nicholas Waltham > Sent: April 24, 2000 2:23 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client > > > Hi All, > I have Samba 2.06 running happily, with encrypted passwords controling > a primary domain with Windows 95/98 and NT4 clients. Today I upgraded one > of the laptops to Windows 2000, and I cannot log on to the domain. If I > log on to its local domain, and navigate the network neighbourhood to > the server, I can log on and see the files, so there is no problem with > communication with the server. So how can I make Windows 2000 > join the domain > and work like all the other computers. > > Thanks in advance, > Nicholas Waltham > > From pjdc at eircom.net Mon Apr 24 21:19:19 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:33 2003 Subject: Samba 2.06 as PDC with Windows 2000/Win2k as client In-Reply-To: "Jamie ffolliott"'s message of "Tue, 25 Apr 2000 06:20:27 +1000" References: Message-ID: >>>>> "Jamie" == Jamie ffolliott writes: Jamie> Hi Nicholas, You'll need to experiment with SAMBA_TNG to Jamie> get the domain logon functionality for Windows 2000 Jamie> clients. Samba 2.0.7 is mainly a file/print server for W2K Jamie> clients, and contains outdated Domain Logon support for NT4 Jamie> clients. If you prefer not to trust development code with your files, you can set up a domain with a Samba-TNG domain controller, and have a Samba-2.0.7 file and print server as a member of that domain, along with all your workstations. The smbpasswd file has a different format in TNG, but I believe there is a tool that will convert it for you. Samba TNG is fairly straightforward to set up and get going; the URLs Jamie provided are where I got all my information initially, and I had a TNG domain up and running nicely in about an hour and a half, including the time spent compiling it. Most importantly, have fun! Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon Apr 24 21:15:31 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment Message-ID: Hello! What's working: - join a domain via rpcclient or "domain joining dialog under Windows NT" - authenticate against samba pdc - login scripts - profiles (also with %U) - usermanger/servermanager runs - "Domain Admin" What works not: - sometimes Usermanager stops working Now i need to update the "samba tng faq"-webpages. I hope i can do it, before i falling a sleep. Cu -- Lars Kneschke http://www.kneschke.de From mg at plum.de Mon Apr 24 22:38:47 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:34 2003 Subject: samba-tng-alpha.2.5.tar.bz2 References: Message-ID: <002401bfae3d$da823e30$0201010a@defiant> > ftp://samba.org/pub/samba/alpha and mirrors > > went to minor release numbers on 2.4 because of instability. > A quick Test with 2.5: - logins from NT4 work fine - wrong password also - password changing doesn't (want some debug info on that ?) - '98 logins work fine ... all in all .. a good PDC ;) Thanks Luke ! regards, Michael From pjdc at eircom.net Mon Apr 24 21:56:01 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: "Lars Kneschke"'s message of "Tue, 25 Apr 2000 07:18:57 +1000" References: Message-ID: >>>>> "Lars" == Lars Kneschke writes: Lars> Hello! Lars> What's working: Lars> - join a domain via rpcclient or "domain joining dialog under Windows NT" Lars> - authenticate against samba pdc Lars> - login scripts Lars> - profiles (also with %U) Lars> - usermanger/servermanager runs Lars> - "Domain Admin" Something I have been meaning to mention but that you all probably know about: Hyena is a great NT administration tool. It too interacts well with Samba-TNG; you can view everything that the Microsoft tools can, with the added bonus of being able to browse right into the shares, right across all your domains. In addition, it was able to view my local event log with no difficulty, even though Event Viewer was giving me those idiotic "Invalid Handle" errors. http://www.adkins-resource.com/ It's shareware, with a 30-day trial period. (No, I don't work for them... ;-) ) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pll at mclinux.com Mon Apr 24 21:47:44 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: Your message of "Tue, 25 Apr 2000 07:18:48 +1000." References: Message-ID: <200004242147.RAA16875@lussier.mclinux.com> In a message dated: Tue, 25 Apr 2000 07:18:48 +1000 "Lars Kneschke" said: >Hello! > >What's working: >- join a domain via rpcclient or "domain joining dialog under Windows NT" >- authenticate against samba pdc >- login scripts >- profiles (also with %U) >- usermanger/servermanager runs >- "Domain Admin" > >What works not: >- sometimes Usermanager stops working How about password sync'ing with /etc/passwd? ( Or equivalent?) -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From roumengishe at crosswinds.net Tue Apr 25 02:40:59 2000 From: roumengishe at crosswinds.net (roumengishe) Date: Tue Dec 2 02:29:34 2003 Subject: http://www.crosswinds.net/~roumengishe/ Message-ID: <200004250140.VAA04990@glitch.crosswinds.net> http://www.crosswinds.net/~roumengishe/ From alex at gs.nsc.ru Tue Apr 25 03:02:31 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:34 2003 Subject: WIN2K shares Message-ID: <14418.000425@gs.nsc.ru> Hello, Connecting from Win2k to another win2k in samba controlled domain (tng-2.5) failed with message: \\Srv is not accessible. The trust relationship between this workstation and the primary domain failed. Best regards, Alex From lkcl at samba.org Tue Apr 25 07:22:09 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:34 2003 Subject: "Invalid user" response / lsass.exe (was Re: Problem with sid_to_string in CVS Samba-TNG) In-Reply-To: Message-ID: On Tue, 25 Apr 2000, Paul J Collins wrote: > >>>>> "Luke" == Luke Kenneth Casson Leighton writes: > > Luke> hmm, so i _still_ haven't got the damn "invalid user" > Luke> response correct, yet. > > Looks like you fixed this one. After I saw your accounce for 2.5, I yep. > did a cvs update and rebuilt. I reinstalled into the same tree that > my existing installation is in, and not only does everything still > work, but when I give an incorrect password, I get the standard error > and lsass.exe does not crash. hooray. From lkcl at samba.org Tue Apr 25 09:19:05 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:34 2003 Subject: Samba-TNG 2.5 In-Reply-To: Message-ID: On Tue, 25 Apr 2000, Eizenberg Ariel wrote: > I got tng2.5 up and running, and it fixed the two problems I had before > ( <1> NT refuesed to join the domain claiming an error about setting local > security, <2> After joining the domain it refused to allow logons > because of an invalid machine password account or something like this > ..) > > But 2.5 produced a new problem: > Sometimes when a users tries to login he gets "The system can not log you > on (C0000078). Please try again or consult your system administrator". uhhh... c0000078 - NT_STATUS_INVALID_SID. !!!! From lkcl at samba.org Tue Apr 25 09:29:23 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:34 2003 Subject: samba-tng-alpha.2.5.tar.bz2 In-Reply-To: <002401bfae3d$da823e30$0201010a@defiant> Message-ID: On Mon, 24 Apr 2000, Michael Glauche wrote: > > > ftp://samba.org/pub/samba/alpha and mirrors > > > > went to minor release numbers on 2.4 because of instability. > > > > A quick Test with 2.5: > - logins from NT4 work fine > - wrong password also > - password changing doesn't (want some debug info on that ?) naah, i'll do it, i may need your help on 98 password changes, though. > - '98 logins work fine ... good. about time. From lkcl at samba.org Tue Apr 25 09:30:45 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: <200004242147.RAA16875@lussier.mclinux.com> Message-ID: > How about password sync'ing with /etc/passwd? ( Or equivalent?) use a "chat script = " From m.g.ross at herts.ac.uk Tue Apr 25 10:14:33 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:34 2003 Subject: Latest CVS TNG smbd does not run on Solaris 2.7 Message-ID: Has anyone managed to get 'smbd -D' to work under Solaris 2.7? It compiles fine but exits with a signal 11 (segmentation fault) whenever I try and start it. All the other daemons work. I'm concerned that I appear to be the only one who can't get it running :-( I am using a CVS version from 9:00AM 25 April (GMT). Is there a way I can tell the exact version number of my build so I can be more specific? Thanks, Matt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From alex at gis.org Tue Apr 25 10:52:27 2000 From: alex at gis.org (Alexander Davydenko) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: ; from lars@kneschke.de on Tue, Apr 25, 2000 at 07:19:17AM +1000 References: Message-ID: <20000425145227.A24999@Javad.Ru> > > What's working: > - join a domain via rpcclient or "domain joining dialog under Windows NT" > - authenticate against samba pdc > - login scripts > - profiles (also with %U) > - usermanger/servermanager runs > - "Domain Admin" > > What works not: > - sometimes Usermanager stops working > > Now i need to update the "samba tng faq"-webpages. I hope i can do it, > before i falling a sleep. > it seems 2.5.tar.bz2 must be tagged on CVS as working well :) -- Alexander Davydenko | alex@javad.ru, mba_69@chat.ru | Moscow, USSR ------------------------------------------------------------------------- <<<<< Powered by Linux & 220V >>>>> From m.g.ross at herts.ac.uk Tue Apr 25 12:47:25 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:34 2003 Subject: More on the smbd -D segmentation violation under Solaris7 Message-ID: I have run truss on smbd and the interesting snippet follows: $ truss smbd -D -o truss.log $ more truss.log [snip] open64("/usr/local/samba/var/log.smb", O_WRONLY|O_APPEND|O_CREAT, 0666) = 4 llseek(4, 0, SEEK_END) = 36434 umask(0) = 022 time() = 956665625 time() = 956665625 write(4, " [", 1) = 1 write(4, " 2 0 0 0 / 0 4 / 2 5 1".., 19) = 19 write(4, " , 1", 3) = 3 write(4, " ] ", 2) = 2 write(4, " s m b d / s e r v e r .".., 13) = 13 write(4, " :", 1) = 1 write(4, " m a i n", 4) = 4 write(4, " ( 6 8 9", 4) = 4 write(4, " )\n", 2) = 2 getuid() = 0 [0] write(4, " s m b d v e r s i".., 34) = 34 getuid() = 0 [0] write(4, " C o p y r i g h t ".., 38) = 38 getuid() = 0 [0] stat64("/usr/local/samba/var/log.smb", 0xFFBEED90) = 0 stat64("/usr/local/samba/lib/smb.conf", 0xFFBEE920) = 0 open64("/usr/local/samba/lib/smb.conf", O_RDONLY) = 5 fstat64(5, 0xFFBEECB0) = 0 read(5, " # S a m b a c o n f".., 2464) = 2464 close(5) = 0 brk(0x00085358) = 0 brk(0x00087358) = 0 brk(0x00087358) = 0 brk(0x00089358) = 0 pipe() = 5 [6] fork() = 27656 close(6) = 0 read(547616, 0xFFBEE418, 1024) Err#9 EBADF Incurred fault #6, FLTBOUNDS %pc = 0xFF1B6364 siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 Received signal #11, SIGSEGV [caught] siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 write(4, " = = = = = = = = = = = =".., 64) = 64 getuid() = 0 [0] getpid() = 27647 [27646] write(4, " I N T E R N A L E R R".., 51) = 51 getuid() = 0 [0] write(4, " P l e a s e r e a d ".., 50) = 50 getuid() = 0 [0] write(4, " = = = = = = = = = = = =".., 64) = 64 getuid() = 0 [0] write(4, " P A N I C : i n t e r".., 22) = 22 [snip] There is an attempted read on a non-existent file descriptor, 547616, fifteen lines from the end. Can anybody suggest what the problem might be? Thanks, Matt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From sharpe at ns.aus.com Tue Apr 25 13:34:09 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:34 2003 Subject: Any troubleshooting hints for the LDAP version of Samba Message-ID: <3.0.6.32.20000425223409.00938cc0@203.16.214.248> Hi, does anyone have any experience troubleshooting the LDAP version of Samba from 15-Oct-1999? Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From p.grimmerink at home.nl Tue Apr 25 12:59:03 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:34 2003 Subject: joining samba-tng2.5 to NT4 domain Message-ID: With samba-tng-alpha.2.5, I still can't join a (linux) samba workstation to an NT 4.0 server controlled domain. This is what I've tried, and what was reported; rpcclient -S ntserver -Uadministrator%passwd -Wdomain lsaquery use \\samba -Uroot%passwd -Wsamba createuser samba$ -s -jdomain SAM Create Domain User Got a positive name query response from 90.0.1.1 ( 90.0.1.1 ) error connecting to 90.0.1.1:445 (Connection refused) Domain: IPC Name: samba$ ACB: [S ] Create Domain User: OK Join SAMBA to Domain DOMAIN LSA_OPENSECRET: unknown error Set $MACHINE.ACC: OK Note; with samba-tng 2.4 I did not get this LSA_OPENSECRET error, but the resulting machine account did not work. with samba-tng 2.5, the machine account seems to be created, but might be corrupt (?) When I then try to connect to the samba workstation, (using smbclient, or ntlogin from rpcclient) this fails, and I get the following entries in the smb logfile; log.smb: cli_nt_setup_creds: auth2 challenge failed. status: c000018b domain_client_validate: credentials failed (\\NTSERVER) SMB LM/NT Password did not match! Rejecting user 'username': authentication failed Am I doing something wrong? (It seemed to me that everyone was very enthousiastic about 2.5, so why doesn't it work for me?) Best regards, Pieter From rwierzbicki at stryker.ca Tue Apr 25 13:35:42 2000 From: rwierzbicki at stryker.ca (Wierzbicki, Ralf) Date: Tue Dec 2 02:29:34 2003 Subject: joining samba-tng2.5 to NT4 domain Message-ID: <8142BE56BFF7D311BC4E00B0D0219AF577EF@mail.stryker.ca.1.67.10.in-addr.arpa> It didn't work here either. Samba is complaining about a missing client account for the PDC. Ralf > -----Original Message----- > From: Pieter Grimmerink [mailto:p.grimmerink@home.nl] > Sent: Tuesday, April 25, 2000 9:02 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: joining samba-tng2.5 to NT4 domain > > > With samba-tng-alpha.2.5, I still can't join a (linux) samba > workstation to > an NT 4.0 server controlled domain. > This is what I've tried, and what was reported; > > rpcclient -S ntserver -Uadministrator%passwd -Wdomain > > lsaquery > > use \\samba -Uroot%passwd -Wsamba > > createuser samba$ -s -jdomain > > SAM Create Domain User > Got a positive name query response from 90.0.1.1 ( 90.0.1.1 ) > error connecting to 90.0.1.1:445 (Connection refused) > Domain: IPC Name: samba$ ACB: [S ] > Create Domain User: OK > Join SAMBA to Domain DOMAIN > LSA_OPENSECRET: unknown error > Set $MACHINE.ACC: OK > > Note; with samba-tng 2.4 I did not get this LSA_OPENSECRET > error, but the > resulting machine account did not work. with samba-tng 2.5, > the machine > account seems to be created, but might be corrupt (?) > When I then try to connect to the samba workstation, (using > smbclient, or > ntlogin from rpcclient) this fails, and I get the following > entries in the > smb logfile; > > log.smb: > > cli_nt_setup_creds: auth2 challenge failed. status: c000018b > domain_client_validate: credentials failed (\\NTSERVER) > SMB LM/NT Password did not match! > Rejecting user 'username': authentication failed > > Am I doing something wrong? > (It seemed to me that everyone was very enthousiastic about > 2.5, so why > doesn't it work for me?) > > Best regards, > > Pieter > From gcarter at valinux.com Tue Apr 25 14:25:50 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:34 2003 Subject: Any troubleshooting hints for the LDAP version of Samba References: <3.0.6.32.20000425223409.00938cc0@203.16.214.248> Message-ID: <3905AAEE.737B3C8@valinux.com> Richard Sharpe wrote: > > Hi, > > does anyone have any experience troubleshooting the LDAP > version of Samba from 15-Oct-1999? Yeah. What's going wrong. jerry ---------------------------------------------------------------------- / \ Gerald (Jerry) Carter gcarter@valinux.com / . \ VA Linux Systems / SAMBA Team jerry@samba.org \ . / \ / "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) ---------------------------------------------------------------------- From mg at plum.de Tue Apr 25 16:04:55 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:34 2003 Subject: joining samba-tng2.5 to NT4 domain References: Message-ID: <003b01bfaecf$ff3c7a00$0201010a@defiant> > With samba-tng-alpha.2.5, I still can't join a (linux) samba workstation to > an NT 4.0 server controlled domain. > This is what I've tried, and what was reported; Had a simmilar problem after I did try 2.4.2 and CVS at that time, it seems, that samba hosed the M$ network stack ...;) (I allways got error messages like "cant update local security" or similar, german NT ;) I did completely remove networking, then reinstalled it, and everything works like a charm ... ;) regards, Michael From inge at cc.uit.no Tue Apr 25 19:49:52 2000 From: inge at cc.uit.no (Inge-Haavard Hunstad) Date: Tue Dec 2 02:29:34 2003 Subject: Rids Message-ID: <3905F6E0.C3705594@cc.uit.no> Hi all, I have some questions regarding the rid. I need to know how important the rid is in a Samba controlled domain. Can I assign a new rid to a user without getting any trouble. As I see it it is only the profile that contains the rid and will be corrupted if the rid of a user changes. Is this right? If so will I eliminate this problem if I use mandatory profiles and deletes the local copy when the user log out? Another problem would be the machine accounts if I change the rid of a machine account will I have to rejoin the domain? inge From rfs at poczta.fm Mon Apr 24 22:38:12 2000 From: rfs at poczta.fm (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:34 2003 Subject: Late Domain Logon References: <000301bfadf2$eded3560$6501a8c0@cyberscapes.com.au> Message-ID: <3904CCD4.68C266A9@poczta.fm> "Vivian P. Lal" wrote: > > Hi > > I have just upgraded to RedHat 6.2 and am now running Samba 2.0.6-9. Ever > since the upgrade my domain logons have been mucked up. When I switch on > any of my Win98 clients they come up with Windows logon before the Domain > logon. In fact the Domain logon box comes up at least 15 minutes after I > have logged on to Windows locally. > > During that time I can see the client/server trying to make some sort of > connection on the hub. When I look at the smb.log it says that it is > waiting for a connection. Try to watch what is happening in log. . That's because, when samba gets connection request, all other activity between client and server is logged in other file. Of course, you need to have properly set "log file" parameter in your smb.conf. >It's just that it does not become aware of the > client trying to log in until about 15 minutes after the client is logged in > locally. After the domain logon box pops up, I can log in fine and there's > no other problem. I see no errors in the log file, it seems as if > everything else is operation perfectly. Should I build my server from > scratch with Redhat 6.2, perhaps 6.1 didn't like the upgrade? > > Thanks in advance for any help someone may offer. > > Vivian Lal Rafa? From ray_frush at agilent.com Tue Apr 25 19:59:38 2000 From: ray_frush at agilent.com (Ray Frush) Date: Tue Dec 2 02:29:34 2003 Subject: [Fwd: Authentication problem with Windows 2000 User Domain] Message-ID: <3905F92A.F7FCC70F@agilent.com> -------- Original Message -------- Subject: Authentication problem with Windows 2000 User Domain Date: Tue, 25 Apr 2000 13:43:14 -0600 From: Ray Frush Reply-To: ray_frush@agilent.com Organization: GIO Consumer and Site Servcies; Agilent Technologies To: samba-bugs@samba.org I have a couple of Samba (2.0.6/2.0.3) servers running on Linux and HP-UX which are having a problem with a new account domain. The servers are running in "security = domain" mode. Our environment has multiple Account Domains, and hundreds of Resource Domains. The new Account Domain is being implemented with Windows 2000 servers in "NT Domain Emulation Mode" so that the remaining resource domains (running NT 4.0) think they're looking at an NT 4.0 Account domain. The new (W2K) Account Domain accounts are clones of accounts in the old domain, and the new accounts have "SID History" enabled which means the new accounts have both the new and old SID from each domain. The authentication to the old (NT 4.0) Account domains is still working fine. Here's a section of the samba log file generated for the client connection... [2000/04/24 18:30:51, 0] rpc_client/cli_pipe.c:rpc_read(89) rpc_read: Error 234 in cli_read [2000/04/24 18:30:51, 0] smbd/password.c:domain_client_validate(1431) domain_client_validate: unable to validate password for user frush in domain USERDOM2 to Domain controller *. Error was ERRDOS - ERRmoredata (There is more data to be returned.). [2000/04/24 18:30:51, 0] passdb/smbpass.c:startsmbfilepwent(50) So, this tells me that Windows 2000 is trying to say more than Samba is willing to listen to. I also just tried 2.0.7pre4, with very similar results: [2000/04/25 13:34:30, 0] rpc_client/cli_pipe.c:rpc_read(89) rpc_read: Error 234 in cli_read [2000/04/25 13:34:30, 0] smbd/password.c:domain_client_validate(1470) domain_client_validate: unable to validate password for user frush in domain USERDOM2 to Domain controller *. Error was ERRDOS - ERRmoredata (There is more data to be returned.). Thoughts from the developers on this one will be greatly appreciated. From pjdc at eircom.net Tue Apr 25 20:17:40 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:34 2003 Subject: Rids In-Reply-To: Inge-Haavard Hunstad's message of "Wed, 26 Apr 2000 05:50:38 +1000" References: <3905F6E0.C3705594@cc.uit.no> Message-ID: >>>>> "Inge-Haavard" == Inge-Haavard Hunstad writes: Inge-Haavard> Hi all, I have some questions regarding the rid. I Inge-Haavard> need to know how important the rid is in a Samba Inge-Haavard> controlled domain. Can I assign a new rid to a user Inge-Haavard> without getting any trouble. As I see it it is only Inge-Haavard> the profile that contains the rid and will be Inge-Haavard> corrupted if the rid of a user changes. Is this Inge-Haavard> right? If so will I eliminate this problem if I use Inge-Haavard> mandatory profiles and deletes the local copy when Inge-Haavard> the user log out? Another problem would be the Inge-Haavard> machine accounts if I change the rid of a machine Inge-Haavard> account will I have to rejoin the domain? The RID is the part of the SID that identifies the user's entry in the domain's SAM. If you change a user's RID, then the permissions on any NTFS volumes that refer to that user will no longer apply; you will likely see "Account Unknown" in such permissions lists. It is called a Relative Identifier because it only has meaning when coupled with the SID of a domain. In other words, it's very like a Unix user or group ID, and changing it has similar effects that changing a Unix user's user ID would have, but with more knock-on effects, I would think. I believe that an NT Workstation remembers the SID of its machine account, so you would probably have to rejoin the domain. I can't figure out how to view the LSA secret objects with regedt32, so I can't be sure. If you detail *why* you need to change the RIDs, better solutions may be possible. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Tue Apr 25 21:30:41 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:34 2003 Subject: Samba TNG FAQ updated Message-ID: Hello! I have updated the samba tng faq, to reflect the current development changes. Any native english speaker should have a look at this pages please, because my english is not the best. My writen german is also not the best! :-) Technical everything should be ok. Feel free to send comments, i have more time again. http://www.kneschke.de/projekte/samba_tng/faq The only problem i'm aware of, is that password changing dont work. Luke, do you know how to become a local administrator? i have used "local group map", whit this content: test1 = "Adminstrators" "Administrators" gets also shown as local group in the Usermanager, but i can't change the clock. So i think, that i'm not a admin user. What do you think? Cu -- Lars Kneschke http://www.kneschke.de From inge at cc.uit.no Tue Apr 25 21:45:29 2000 From: inge at cc.uit.no (Inge-Haavard Hunstad) Date: Tue Dec 2 02:29:34 2003 Subject: Rids References: <3905F6E0.C3705594@cc.uit.no> Message-ID: <390611F9.92B29D73@cc.uit.no> Paul J Collins wrote: > > >>>>> "Inge-Haavard" == Inge-Haavard Hunstad writes: > > Inge-Haavard> Hi all, I have some questions regarding the rid. I > Inge-Haavard> need to know how important the rid is in a Samba > Inge-Haavard> controlled domain. Can I assign a new rid to a user > Inge-Haavard> without getting any trouble. As I see it it is only > Inge-Haavard> the profile that contains the rid and will be > Inge-Haavard> corrupted if the rid of a user changes. Is this > Inge-Haavard> right? If so will I eliminate this problem if I use > Inge-Haavard> mandatory profiles and deletes the local copy when > Inge-Haavard> the user log out? Another problem would be the > Inge-Haavard> machine accounts if I change the rid of a machine > Inge-Haavard> account will I have to rejoin the domain? > > The RID is the part of the SID that identifies the user's entry in the > domain's SAM. If you change a user's RID, then the permissions on any > NTFS volumes that refer to that user will no longer apply; you will > likely see "Account Unknown" in such permissions lists. It is called > a Relative Identifier because it only has meaning when coupled with > the SID of a domain. > > In other words, it's very like a Unix user or group ID, and changing > it has similar effects that changing a Unix user's user ID would have, > but with more knock-on effects, I would think. > > I believe that an NT Workstation remembers the SID of its machine > account, so you would probably have to rejoin the domain. I can't > figure out how to view the LSA secret objects with regedt32, so I > can't be sure. > > If you detail *why* you need to change the RIDs, better solutions may > be possible. > Thanks for your help. The reason I ask these questions is a little bit out of curiosity. I also have some users that already exist in the my smbpasswd but since my smbd now uses LDAP to store the passwords I needed to know what the consequences of just giving these users a new rid(sid) where. I think I would have to stop the samba server and start the old one to extract the rid. But since this server is in a production environment I hoped that it would be possible just to give the users a new rid instead. inge > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From tom at ee.ucl.ac.uk Tue Apr 25 21:58:51 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:34 2003 Subject: Latest CVS TNG smbd does not run on Solaris 2.7 In-Reply-To: Message-ID: Hello Matt, Both yesterday's cvs and todays (23:00 BST) both run on Solaris 2.7 for me. What patches have you installed? Can you get a core dump? You may need to install MU4 to get the core dump though. Email me if you want details. You should also give the list your platform (i.e. Sparc 32 or 64) and the compiler you used. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From pjdc at eircom.net Tue Apr 25 22:14:52 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:34 2003 Subject: Samba TNG FAQ updated In-Reply-To: "Lars Kneschke"'s message of "Wed, 26 Apr 2000 07:38:17 +1000" References: Message-ID: >>>>> "Lars" == Lars Kneschke writes: Lars> Luke, do you know how to become a local administrator? i Lars> have used "local group map", whit this content: Domain Admins are always local admins, since the Domain Admins global groups is inserted into the Administrators local group when you join the domain. To make a normal domain user a local administrator, simply use User Manager (not User Manager for Domains) to add the account into the Administrators group. Also have a look at the user rights; if you set it up right, you can decide exactly who can log on to your workstation. If you are really evil, remove Domain Admins from Administrators. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From vgill at technologist.com Tue Apr 25 23:12:51 2000 From: vgill at technologist.com (Vern H. Gill) Date: Tue Dec 2 02:29:34 2003 Subject: Join NT4 BDC to Samba/TNG PDC Message-ID: <000201bfaf0b$c805fd40$3405a8c0@gillnet.org> Has anyone successfully done this? I need to add an NT4 BDC to my Samba PDC. I am currently running smb 2.0.6-7. I need to add a BDC running NT so I can use Exchange. I know, I know, but there is no equivalent for Linux. Even HP OpenMail sucks. I need Exchange, but I don't want to lose my SMB PDC. Has anyone done anything like this? Any feedback/help would be appreciated. Thanks. Vern H. Gill From AVShutko at mail.khstu.ru Tue Apr 25 23:36:47 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:34 2003 Subject: No subject Message-ID: <9442.000426@mail.khstu.ru> Hello... Samba-tng 2.5 work fine. I can add NT boxes to Samba domain and login in it, but i can't figure out (i can't find this in doc) how to make an inter-domain trusting. In WHATSNEW.txt i found this: ... and Inter-Domain Trust Relationships are at an early, but **functional** and very hands-on, stage. I need about 10-15 trust links on my samba PDC. P.S. Could anyone say how to do separate group-file for samba? A.V.Shutko mailto:AVShutko@mail.khstu.ru System administrator. From willie at texascollege.edu Wed Apr 26 04:44:10 2000 From: willie at texascollege.edu (Willie Green) Date: Tue Dec 2 02:29:34 2003 Subject: Profiles in the wrong place References: Message-ID: <01cb01bfaf3a$109000a0$d8ae2ca8@techhuggy> I'm runnning Samba TNG cvs version as of 04/25/2000. In Win98se and NT 4 SP4 Profiles are created, but they are created in the users unix /home directories also in Win9x, the time that comes back from the time server is about 5 hours off from what the samba server has. I have the time zone set correctly and it sets the time correctly in NT anyone have any suggestions? logon path = \\%L\profile\%U logon drive = X: logon home = \\%L\%U domain logons = Yes lm announce = True preferred master = True domain master = True wins support = Yes dfree command = /usr/bin/df host msdfs = Yes delete readonly = Yes [profile] comment = Profiles Share path = /usr/local/samba/profile read only = No writable = yes From pjdc at eircom.net Wed Apr 26 00:00:15 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:34 2003 Subject: Profiles in the wrong place In-Reply-To: "Willie Green"'s message of "Wed, 26 Apr 2000 09:45:40 +1000" References: <01cb01bfaf3a$109000a0$d8ae2ca8@techhuggy> Message-ID: >>>>> "Willie" == Willie Green writes: Willie> I'm runnning Samba TNG cvs version as of 04/25/2000. In Willie> Win98se and NT 4 SP4 Profiles are created, but they are Willie> created in the users unix /home directories also in Win9x, Willie> the time that comes back from the time server is about 5 Willie> hours off from what the samba server has. I have the time Willie> zone set correctly and it sets the time correctly in NT Willie> anyone have any suggestions? I believe that 9x machines store the time in the BIOS in local time (DOS compatibility), while NT stores it in GMT. Hence, when you pull the time from the server, you get the GMT time, which 9x thinks is local time. Boom, five hours, right there. Is there a switch for NET TIME that can overcome this? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jeremy at valinux.com Wed Apr 26 02:25:12 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:34 2003 Subject: Samba 2.0.7 released Message-ID: <39065388.CBF9EFB4@valinux.com> The Samba Team is pleased to announce Samba 2.0.7. This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bug-fixes. This version has been tested against Windows 2000 and has no *known* issues with that release of Windows. It may be fetched via ftp from : ftp://ftp.samba.org/pub/samba/samba-2.0.7.tar.gz Or just follow the link on the main page of your nearest http://samba.org mirror. Binary packages for supported systems will be made available within a short time. A separate announcement will be made for the release of these packages. Offers of binary Samba packages for various systems are welcome and should be sent to samba@samba.org. If you have problems, or think you have found a bug please email a report to : samba@samba.org As always, all bugs are our responsibility. Without further ado, here are the release notes. Regards, The Samba Team. -------------------------------------------------------- WHATS NEW IN Samba 2.0.7 ======================== This is the latest stable release of Samba. This is the version that all production Samba servers should be running for all current bug-fixes. New Documentation in 2.0.7 -------------------------- O'Reilly and Associates have donated their book "Using Samba" to the Samba community to be updated in a collaberative way along with the Samba software. Starting with this release the html of "Using Samba" will be distributed with the Samba software as the online documentation for Samba. Bug fixes for the book are encouraged as is new material. Please help us make this documentation the best it can be for Samba ! SWAT (Samba Web Administration Tool) has been updated to add a link to the full text of "Using Samba" from the start screen. Note that this does not mean that the other documentation (man pages especially) are being abandoned. The Samba Team is still committed to updating and improving *all* the documentation shipped with Samba. Also, as the source code for the book is moved into a more manageable format (not raw HTML) we are committed to making it available for editing by all interested parties. The current situation of only shipping HTML with the Samba software is a first attempt at getting this documentation integrated with the Samba software and should not be regarded as the only way in which this material will be made available (it was just the quickest way to get the book integrated into 2.0.7 :-). Windows 2000 Issues ------------------- This version of Samba has been tested with Windows 2000 and the five known incompatibilities with Windows 2000 have been fixed. See the "Changes in 2.0.7" list below for details. New/Changed parameters in 2.0.7 ------------------------------- There is a new option to the autoconf "./configure" script. This is the "--with-utmp" (and attendant "--without-utmp") option. Running configure with this option will cause smbd to attempt to use utmp accounting for users who log on and log off to the Samba server. There are 5 new parameters in the smb.conf file. utmp utmp dir utmp hostname utmp consolidate wtmp directory These parameters are only available if the "--with-utmp" option was selected at configure time. The yes/no option "utmp" specifies whether utmp records should be recorded on user logon/logoff. It defaults to "no". The "utmp dir" and "wtmp dir" are string parameters specifying pathnames to the directories containing the utmp/wtmp file databases. See the smb.conf man page for more details. inherit permissions This boolean parameter causes newly created files and directories to inherit their initial permissions from their parent directory. This can be very useful in propagating such things as the set-group bit in directory heirarchies. See the smb.conf man page for more details. write cache size This integer parameter specifies (in bytes) the size of a user level per-file write cache that smbd will create for an oplocked file. This can improve performance significantly for writing files by causing writes to be done in large chunk sizes. If this parameter is set (it defaults to zero which means no write cache) to the stripe size of a raid volume then it will cause writes to be much more efficient. Up to 10 write caches can be active simultaneously per smbd (allocated for the first 10 oplocked file opens). All normal warnings about the dangers of user level caching of data apply. See the smb.conf man page for more details. source environment This pathname parameter causes Samba to read a list of environment variables from a named file on startup. This can be useful in setting up Samba in a clustered environment. See the smb.conf man page for more details. Ability to delete users added ----------------------------- SWAT and smbpasswd can now delete users from the Samba smbpasswd file. See the man page for smbpasswd for details. Roving profile behavior finalized --------------------------------- The change in behavior with roving profiles (using the "logon home" parameter instead of the "logon path" parameter) introduced in 2.0.6 has been discovered to be consistant with the way Windows NT behaves, and has been left as the default action. Please see the additional notes in the "logon home" parameter description in the smb.conf man page for more details. Changes in 2.0.7 ----------------- 1). Fix for the semaphore promblems when compiling Samba with gcc on SGI IRIX 6.5.x. 2). Quota support for Veritas filesystem added by David Lee. 3). Incoming RPC code re-written to support multiple PDU input from the client. This should make the RPC subsystem more robust. 4). Fix from Ying Chen @ IBM to inline many frequently called functions. This decreased CPU usage by 10%. 5). Fix from Ying Chen @ IBM to use a hash table to lookup entries in the file cache. This is a significant improvement over the old linked-list lookup code. 6). smbclient issues with native language support fixed. smbclient now uses UNIX filename character sets exclusively when communicating with libsmb library. 7). smbclient fix to not print error messages when "putting" an empty file. 8). smbclient fix to cope with spaces in filenames when recursing. 9). Improved error reporting in smbclient when getting browse lists. 10). NetBIOS "scope" now supported in all Samba code/tools. 11). New mapping from code page 850 to UNIX "roman8" character set. 12). Fix for crash bug if debug file handle couldn't be opened. 13). Fix to allow mkdir to correctly set the high order permissions bits for UNIX's that don't allow this by default. 14). Fix to dynamically allocate group array for setgroups. Don't depend on NGROUPS_MAX being correctly defined in header files. 15). Fix for crash bug in floating point in snprintf. 16). "Safe" version of popen() included to allow use in code such as "source environment" patch. 17). Fix for SWAT for trailing '\n' in asctime(). 18). Wildcard match fix from weidel@multichart.de for NT wildcard processing. 19). unix_mask_match fixes for "veto files" parameter. 20). Fix for system call bug when configuring on Linux kernel 2.0.x with glibc2.1.x. 21). SO_REUSEPORT socket option added for HPUX. 22). All recv() calls changed back to read() to fix Solaris 2.5.x bug. 23). Some UNICODE conversion fixes. Not complete yet. 24). NetShareEnum fix for Windows 2000. Don't ask for 64K as Win2k can't cope with this (returns "Out of memory" error). 25). Fixes for cli_error() crashes. 26). Fix for crash when connecting to password server by DNS name not NetBIOS name. 27). Fix bug in demangling of compacted NetBIOS names. 28). Fixes for slow locking code for VMS. 29). Reply to short NetLogon packet in nmbd with short reply. 30). Correctly allign userdata to prevent crashes in nmbd. 31). Use talloc() in string buffer rotation code to prevent overwrites. 32). Added multi-byte awareness to parameter loading code. 33). Re-wrote password file modification code. We can now delete users atomically. Original patch from Bruce Tenison. 34). Fixed bug in parsing smbpasswd type entries. 35). Fixes from HP to the windows registry RPC emulation. 36). Added ability to return RPC fault PDU to unknown calls. Needed to allow Windows 2000 to return UNIX permissions as NT ACLs. 37). utmp code patch from T.D.Lee@durham.ac.uk. Not available on all platforms - test with ./configure. 38). Inherit permissions fix from David Lee. 39). Added write caching code for oplocked files. 40). Workaround for new bug in Windows 2000 where NT file create using NTtransact call sends UNICODE without bothering to set the UNICODE flag bit. 41). Workaround for new bug in Windows 2000 where it attempts to re-write existing ACLs to make them inherit only. 42). Removed unused mmap code. 43). Added correct implementation of share mode deny table. We now match Windows NT. 44). Fix recursion bug with group enumeration. 45). Fix from Bjart Kvarme to take into account changed machine passwords that haven't yet propagated from PDC to BDC. 46). Correctly skip two byte length field when accepting RPC "start of message" packets in SMBwriteX on pipes. 47). Added auto-detection of Windows 2000 clients. 48). Fix bug with rollback of POSIX locks if a lock in a range fails to apply. 49). Fix bug with registering startup smbd's in flat file. 50). Ensure usernames are converted correctly between DOS codepages and UNIX character sets. 51). Fix for timestamps being set incorrectly on copied files from Paul Eggert. 52). Fix for parsing HP specific printer definitions in make_printerdef. 53). Fix for smbclient doing an 'ls' on large directories from OS/2 servers from Christoph Pfisterer. 54). Fix for WINS server code where "do you still want name?" request was being sent to the wrong IP address. 55). Fixed "recursion desired" bits set in nmbd so we are identical to Windows NT. 56). nmbd now should process logon packets from Win95, Win98 and both versions of the NT logon packet. 57). Correctly set parameter offset value for first trans2 reply. 58). Win2K will only accept volume labels in UNICODE. 59). Ensure nmbd doesn't attempt to use the loopback interface when registering names. 60). Fixed bug where smbd didn't return '.' or '..' on top level share directory listing. 61). Fix for soft quotas not being set (make them equal to hardquota) from Norbert P?schel (Pueschel.Norbert@Walzbarren-VAW.ne.uunet.de). 62). SWAT fixes for SCO UnixWare (SIGPIPE handling). 63). Fix for nmbd DOS with redirect recursion. 64). Fix for log files growing without bound from Mattias Gronlund. 65). Fix for smbd crash bug in truncate is locked. 66). Memory leak fix in mangle name code. Older release notes for Samba 2.0.x follow. Previous Release notes for 2.0.6 --------------------------------- New/Changed parameters in 2.0.6 ------------------------------- There are 6 new parameters in the smb.conf file. wins hook This parameter allows an external program to be called on all changes to a Samba WINS database, allowing dynamic DNS updates. debug hires timestamp debug pid debug uid The above 3 parameters provide greater debug information. preexec close rootpreexec close The above 2 parameters control the action taken on the success or failure of a 'preexec' script. There is also one removed parameter. mangle locks The addition of these new parameters and the removal of the old is described in more detail in the smb.conf man page, When using "security=domain" the "password server" parameter can now be set to the string "*', which will cause Samba to search for Domain controllers in the same way that Windows NT does. See the smb.conf man page for more details. The "interfaces" parameter in smb.conf can now be dynamically detected on startup and can also now take an interface name such as eth0. See the smb.conf man page for the details on the new features of the "interfaces" parameter. nmbd has been enhanced to use this feature. The syntax for the Linux-specific smbmount command has been changed and is now compatible with the standard mount command. See the modified smbmount man page for details. Support for the UNIX CUPS printer standard has been added. See www.cups.org for details. Thanks to the folks at Easy Software Products for this code. Set the printcap name to "cups" to enable this. See the smb.conf man page for details. Changes in 2.0.6 ----------------- 1). 64-bit locking removed from Linux autoconf build. This fixes several Linux specific locking issues. 2). Crash bug fix in smbclient recursive processing. Fix from E. Jay Berkenbilt (ejb@ql.org). 3). "history" command added to smbclient if readline available. 4). smbtar - updates files and directory message on restore. 5). smbmnt - 'u', 'g', 'r', 'f', 'd' options added by Andrew. See man page for details. 6). smbmount updated to be useable by autofs on Linux. See the samba/examples/autofs/README file for details. 7). Bug fixed where TCP_NODELAY was not being used by default in smbd. 8). Many oplock fixes. Samba now waits 30 seconds, not 45. Also smbd no longer aborts on client break failure, but logs a message and continues. This is what NT does. This should fix many "oplock break" message problems people have been having. 9). New code from Andrew to dynamically detect interfaces. nmbd will now attempt to dynamically detect interface changes and register names as an interface goes "up". 10). Win95 ioctl for print jobs added by Matt. 11). Mapping for ISO8859-1 extended for codepage 437 and 850. 12). Code Page 737 -> ISO-8859-7 (Greek-Hellenic) mapping added. 13). Character strings now correctly converted from UNIX character set format to DOS codepage when read from smb.conf or external passwd or group files. Samba is now much more careful about what format external strings should be converted to/from. 14). snprintf crash fix for IRIX 6.2 and below. 15). Increased timestamp debug fixes (adds milliseconds and uid/pid if requested). 16). Optimisation for wildcard exact match requests. 17). Win95 wildcard semantics fix - unused code removed. 18). 'mangle locks' parameter removed. This now done automatically. 19). setXid() routines re-written to provide asserts and also to fix AIX versions prior to 4.1.x. 20). MSG_WAITALL optimisation removed due to bugs in FreeBSD. 21). Length fix when writing UNICODE string. 22). oplock processing added to libsmb client code. 23). Added more client error message strings. 24). Fix bug with connecting to encrypted server when non-encrypted password given. 25). In security=domain, password server extended to search for DC's if parameter = '*'. 26). "root did not create samaphore" bug fixed. 27). random generator initialized early to prevent icons not showing up in Win9x. 28). Logging fix after SIGHUP. 29). WINS hook external call added when nmbd is a WINS server. 30). Support for CUPS printer protocol added by Michael Sweet. 31). Support for NIS+ backend password database updates. 32). Handle dashes in print job id's. Fix from Dom.Mitchell@palmerharvey.co.uk 33). Race condition in UNIX password sync on some platforms fixed by Matt. 34). Dirptr leak from Win98 fixed. 35). Logic bug in handling of level II oplocks fixed. 36). smbd crash bug fix when opening directories. 37). Paranoia oplock fix from Charles Hoch (hoch@exemplary.com) 38). Fix Win2k problem where DCE/RPC is done on SMBwrite as well as SMBwriteX. 39). Fix Win95 redirector alignment bug that caused oplock break failures. 40). Preexec close code added. 41). Extra sanity checks in testparm code. 42). oplock tests added to smbtorture. 43). Tell SWAT user if logged in as root or not. 44). Solaris packaging fixes donated by VERITAS. Older release notes for Samba 2.0.x follow. Previous Release notes for 2.0.5a --------------------------------- IMPORTANT NOTE ! ---------------- Version 2.0.5a of Samba contains three security bugfixes for problems in previous versions of Samba found by Olaf Kirch of Caldera Systems (www.caldera.com). The Samba Team would like to publicly thank Olaf for his help in doing a security review of our code and finding these bugs. The three bugs are one potentially exploitable buffer overrun bug (although no current exploits are known) in smbd and two denial of service bugs in nmbd. By default the smbd bug was not exploitable as shipped (the problem parameter was disabled by default) but instructions on protecting any version of Samba prior to 2.0.5 are included below. All these bugs have been fixed in Samba 2.0.5 and 2.0.5a. If using any version of Samba prior to 2.0.5 the administrator *MUST NOT* enable the "message command" parameter in smb.conf, and *MUST* remove any "message command" that is listed in any existing smb.conf file. No known instances of this attack being exploited have been reported. All Samba versions of nmbd prior to 2.0.5 are vulnerable to a denial of service attack causing nmbd to either crash or to go into an infinite loop. No known instances of this attack being exploited have been reported. New/Changed parameters in 2.0.5 and 2.0.5a. ------------------------------------------- There are 5 new parameters in the smb.conf file. security mask force security mode directory security mask force directory secruty mode level2 oplocks The first 4 parameters are used to control the UNIX permissions bits that an NT client is allowed to modify. These parameters are now used instead of the older "create" parameters that were used in 2.0.4 to allow an administrator to separate the two functions. Use of these new parameters is described in the smb.conf man page, and also in the documents : docs/textdocs/NT_Security.txt docs/htmldocs/NT_Security.html The fifth new parameter is described in the following section. Level II oplocks ---------------- Samba 2.0.5 now implements level2 oplocks. As this is new code this parameter is set to "off" by default. The benefit of level2 oplocks is to allow read-only file caching from multiple clients. This is of great speed benefit to shares that are serving application executable programs (.EXE's) that are usually not written to. To learn more about using level 2 oplocks read the parameter description in the smb.conf documentation or read the file : docs/textdocs/Speed.txt. Changes in 2.0.5a ----------------- 1). Fix for smbd crash bug in string_sub(). smbd was miscalculating memmove lengths on multiple '%' substitutions. 2). Fix for wildcard matching bug for old DOS programs running on Win9x. 3). Fix for Windows NT client changing passwords against a Samba server, intermittently failing. 4). Fix for PPP link being detected as primary interface if using the same IP address as the primary. 5). Ensure smbmount is built with RPM build. Changes in 2.0.5 ---------------- 1). smbmount for Linux systems has been re-written to use the libsmb code and clientutil.c is no longer used with it. 2). A bug preventing directory opens using the NT SMB calls has been fixed. 3). A related bug causing a file structure leak when directory opens were denied has been fixed. 4). Fix for glibc2.1 bug on 32-bit systems being reported as 64 bit. 5). Prevent timestamps of 0 or -1 corrupting file timestamps. 6). Fix for unusual delays when browsing shares using Windows 2000 - fix added by Matt. 7). Fix for smbpassword reading problems on Sparc Linux was fixed. 8). Fix for compiling with SSL library. 9). smbclient fix for crash when doing CR/LF conversion. 10). smbclient now reports short read errors. 11). smbclient now uses remote server workgroup to list servers by default. 12). smbclient now has -b option to change transmit/send buffer size. 13). smbclient fix for corrupting files when issuing multiple outstanding read requests. 14). Printing bug where Linux was using SYSV printing by default fixed. Linux now set to be BSD printing by default. 15). Change for Linux to use SYSV shared memory by default. 16). Fix for using IP_TOS options on some systems. 17). Fix for some systems that complained about static struct passwd buffers being modified. 18). Range checking applied to all string substitutions. Theoretically not a bug, but much more rebust now. 19). Level II oplocks implemented. 20). Fix for Win2K client printing added. 21). Always allow loopback (127.0.0.1) connects unless specifically denied. 22). Patch for FreeBSD interface detection code from Archie Cobbs (archie@whistle.com). 23). Return correct status from smbrun. 24). snprintf fixes for floating point numbers. 25). Force directories to always have zero size. 26). Fix for "force group" and "force user" options. "force user" now always uses primary group of user as well. Force group now enhanced with '+' semantics (see smb.conf man page for details). 27). Wildcard matching fix to get closer to WinNT semantics for Win9x clients. 28). Potential crash bug fixed in wildcard matching code. This bug could also cause smbd to sometimes not see exact file matches. 29). Read/write for sockets changed to use revc/send to allow optimisations later. 30). Oplocks added to client library. 31). Several purify fixes in IPC code. 32). nmbd crash bug in processing strange NetBIOS names fixed. 33). nmbd loop bug in processing strange NetBIOS names fixed. 34). Paranoia fixes to processing of incoming WinPopup messages in smbd. 35). Share mode code now auto initialised. 36). Detect dead processes in IPC lock code. 37). Explicit -V version switch added to command line processing. 38). WORKGROUP(1b) name processing with no WINS server fixed. 39). Win2k client detection code added by Matt. 40). Fix to allow really short changenotify times to be honoured. 41). Fix for NT delete finding the wrong file from Tine Smukavec (valentin.smukavec@hermes.si) 42). SWAT fix to prevent stderr messages from breaking the Web client. 43). testparm fixes to check more parameter conflicts. 44). Relative paths not fetched via SWAT in CGI scripts. 45). SWAT remote password change - remote host name not treated as a password field any more. Changes in 2.0.4b ----------------- A bug with MS-Word 97 saving files with zero UNIX permissions was fixed. Even though a workaround is available (set force create mode = 644 on the share) Word is such an important application that a point fix was neccessary. Changes in 2.0.4a ----------------- The text and html versions of NT_Security were missing from the shipping tarball. Also a compile bug for platforms that don't have usleep was fixed. Changes in 2.0.4 ---------------- There are 5 new parameters and one modified parameter in the smb.conf file. allow trusted domains restrict anonymous mangle locks oplock break wait time oplock contention limit The modified parameter is : nt acl support Bugfixes added since 2.0.3 -------------------------- 1). Fix for 8 character password problem when using HPUX and plaintext passwords. 2). --with-pam option added to ./configure. 3). Client fixes for memory leak and display of 64 bit values. 4). Fixes for -E and -s option with smbclient. 5). smbclient now allows -L //server or -L \\server 6). smbtar fix for display of 64 bit values. 7). Endian independence added to DCE/RPC code. 8). DCE/RPC marshalling/unmarshalling code re-written to provide overflow reporting and sign and seal support. 9). Bind NAK reply packet added to DCE/RPC code, used to correctly refuse bind requests (prevents NT system event log messages). 10). Mapping of UNIX permissions into NT ACL's for get and set added. 11). DCE/RPC enumeration of numbers of shares made dynamic. Samba now has no limit on the number of exported shares seen. 12). Fix to speed up random number seed generation on /dev/urandom being unavailable. 13). Several memory fixes added by running Purify on the code. 14). Read from client error messages improved. 15). Fixed endianness used in UNICODE strings. 16). Cope with ERRORmoredata in an RPC pipe client call. 17). Check for malformed responses in nmbd register name. 18). NT Encrypted password changing from the NT password dialog box now fully implmented. 19). Mangle 64-bit lock ranges into 32-bits (NT bug!) on a 32-bit Samba platform. 20). Allow file to be pseudo-openend in order to read security only. 21). Improve filename mangling to reduce chance of collisions. 22). Added code to prevent granting of oplocks when a file is under contention. 23). Added tunable wait time before sending an oplock break request to a client if the client caused the break request. Helps with clients not responding to oplock breaks. 24). Always respond negatively to queued local oplock break messages before shutdown. This can prevent "freezes" on an oplock error. 25). Allow admin to restrict logons to correct domain when in domain level security. 26). Added "restrict anonymous" patch from Andy (thwartedefforts@wonky.org) to prevent parameter substitution problems with anonymous connections. 27). Fix SMBseek where seeking to a negative number sets the offset to zero. 28). Fixed problem with mode getting corrupted in trans2 request (setting to zero means please ignore it). 29). Correctly become the authenticated user on an authenticated DCE/RPC pipe request. 30). Correctly reset debug level in nmbd if someone set it on the command line. 31). Added more checking into testparm 32). NetBench simulator added to smbtorture by Andrew. 33). Fixed NIS+ option compile (was broken in 2.0.3). 34). Recursive smbclient directory listing fix. Patch from E. Jay Berkenbilt (ejb@ql.org) Bugfixes added since 2.0.2 -------------------------- 1). --with-ssl configure now include ssl include directory. Fix from Richard Sharpe. 2). Patch for configure for glibc2.1 support (large files etc.). 3). Several bugfixes for smbclient tar mode from Bob Boehmer (boehmer@worldnet.att.net) to fix smbclient aborting problems when restoring tar files. 4). Some automount fixes for smbmount. 5). Attempt to fix the AIX 4.1.x/3.x problems where smbd runs as root. As no-one has given us root access to such a server this cannot be tested fully, but should work. 6). Crash bug fix in debug code where *real* uid rather than *effective* uid was being checked before attempting to rotate log files. This fix should help a *lot* of people who were reporting smbd aborting in the middle of a copy operation. 7). SIGALRM bugfix to ensure infinate file locks time out. 8). New code to implement NT ACL reporting for cacls.exe program. 9). UDP loopback socket rebind fix for Solaris. 10). Ensure all UNICODE strings are correctly in little-endian format. 11). smbpasswd file locking fix. 12). Fixes for strncpy problems with glibc2.1. 13). Ensure smbd correctly reports major and minor version number and server type when queried via NT rpc calls. 14). Bugfix for short mangled names not being pulled off the mangled stack correctly. 15). Fix for mapping of rwx bits being incorrectly overwritten when doing ATTRIB.EXE 16). Fix for returning multiple PDU packets in NT rpc code. Should allow multiple shares to be returned correctly). 17). Improved mapping of NT open access requests into UNIX open modes. 18). Fix for copying files from an NTFS volume that contain multiple data forks. Added 'magic' error code NT needs. 19). Fixed crash bug when primary NT authentication server is down, rolls over to secondaries correctly now. 20). Fixed timeout processing to be timer based. Now will always occur even if smbd is under load. 21). Fixed signed/unsigned problem in quotas code. 22). Fixed bug where setting the password of a completely fresh user would end up setting the account disabled flag. 23). Improved user logon messages to help admins having trouble with user authentication. Bugfixes added since 2.0.1 -------------------------- Note that due to a critical signal handling bug in 2.0.1, this release has been removed and replaced immediately with 2.0.2. The Samba Team would like to apologise for any problem this may have caused. 1). Fixed smbd looping on SIGCLD problem. This was caused by a missing break statement in a critical piece of code. Bugfixes added since 2.0.0 -------------------------- 1). Autoconf changes for gcc2.7.x and Solaris 2.5/2.6 2). Autoconf changes to help HPUX configure correctly. 3). Autoconf changes to allow lock directory to be set. 4). Client fix to allow port to be set. 5). clitar fix to send debug messages to stderr. 6). smbmount race condition fix. 7). Fix for bug where trying to browse large numbers of shares generated an error from an NT client. 8). Wrapper for setgroups for SunOS 4.x 9). Fix for directory deleting failing from multiuser NT. 10). Fix for crash bug if bitmap was full. 11). Fix for Linux genrand where /dev/random could cause clients to timeout on connect if the entropy pool was empty. 12). The default PASSWD_CHAT may now be overridden in local.h 13). HPUX printing fixes for default programs. 14). Reverted (erroneous) code in MACHINE.SID generation that was setting the sid to 0x21 - should be *decimal* 21. 15). Fix for printing to remote machine under SVR4. 16). Fix for chgpasswd wait being interrupted with EINTR. 17). Fix for disk free routine. NT and Win98 now correctly show greater than 2GB disks. 18). Fix for crash bug in stat cache statistics printing. 19). Fix for filenames ending in .~xx. 20). Fix for access check code wait being interrupted with EINTR. 21). Fix for password changes from "invalid password" to a valid one setting the account disabled bit. 22). Fix for smbd crash bug in SMBreadraw cache prime code. 23). Fix for overly zealous lock range overflow reporting. 24). Fix for large disk disk free reporting (NT SMB code). 25). Fix for NT failing to truncate files correctly. 26). Fix for smbd crash bug with SMBcancel calls. 27). Additional -T flag to nmblookup to do reverse DNS on addresses. 28). SWAT fix to start/stop smbd/nmbd correctly. Major changes in Samba 2.0 -------------------------- This is a MAJOR new release of Samba, the UNIX based SMB/CIFS file and print server for Windows systems. There have been many changes in Samba since the last major release, 1.9.18. These have mainly been in the areas of performance and SMB protocol correctness. In addition, a Web based GUI interface for configuring Samba has been added. In addition, Samba has been re-written to help portability to other POSIX-based systems, based on the GNU autoconf tool. There are many major changes in Samba for version 2.0. Here are some of them: ===================================================================== 1). Speed --------- Samba has been benchmarked on high-end UNIX hardware as out-performing all other SMB/CIFS servers using the Ziff-Davis NetBench benchmark. Many changes to the code to optimise high-end performance have been made. 2). Correctness --------------- Samba now supports the Windows NT specific SMB requests. This means that on platforms that are capable Samba now presents a 64 bit view of the filesystem to Windows NT clients and is capable of handling very large files. 3). Portability --------------- Samba is now self-configuring using GNU autoconf, removing the need for people installing Samba to have to hand configure Makefiles, as was needed in previous versions. You now configure Samba by running "./configure" then "make". See docs/textdocs/UNIX_INSTALL.txt for details. 4). Web based GUI configuration ------------------------------- Samba now comes with SWAT, a web based GUI config system. See the swat man page for details on how to set it up. 5). Cross protocol data integrity --------------------------------- An open function interface has been defined to allow "opportunistic locks" (oplocks for short) granted by Samba to be seen by other UNIX processes. This allows complete cross protocol (NFS and SMB) data integrety using Samba with platforms that support this feature. 6). Domain client capability ---------------------------- Samba is now capable of using a Windows NT PDC for user authentication in exactly the same way that a Windows NT workstation does, i.e. it can be a member of a Domain. See docs/textdocs/DOMAIN_MEMBER.txt for details. 7). Documentation Updates ------------------------- All the reference parts of the Samba documentation (the manual pages) have been updated and converted to a document format that allows automatic generation of HTML, SGML, and text formats. These documents now ship as standard in HTML and manpage format. ===================================================================== NOTE - Some important option defaults changed --------------------------------------------- Several parameters have changed their default values. The most important of these is that the default security mode is now user level security rather than share level security. This (incompatible) change was made to ease new Samba installs as user level security is easier to use for Windows 95/98 and Windows NT clients. ********IMPORTANT NOTE**************** If you have no "security=" line in the [global] section of your current smb.conf and you update to Samba 2.0 you will need to add the line : security=share to get exactly the same behaviour with Samba 2.0 as you did with previous versions of Samba. ********END IMPORTANT NOTE************* In addition, Samba now defaults to case sensitivity options that match a Windows NT server precisely, that is, case insensitive but case preserving. The default format of the smbpasswd file has also been changed for this release, although the new tools will read and write the old format, for backwards compatibility. ===================================================================== NOTE - Primary Domain Controller Functionality ---------------------------------------------- This version of Samba contains code that correctly implements the undocumented Primary Domain Controller authentication protocols. However, there is much more to being a Primary Domain Controller than serving Windows NT logon requests. A useful version of a Primary Domain Controller contains many remote procedure calls to do things like enumerate users, groups, and security information, only some of which Samba currently implements. In addition, there are outstanding (known) bugs with using Samba as a PDC in this release that the Samba Team are actively working on. For this reason we have chosen not to advertise and actively support Primary Domain Controller functionality with this release. This work is being done in the CVS (developer) versions of Samba, development of which continues at a fast pace. If you are interested in participating in or helping with this development please join the Samba-NTDOM mailing list. Details on joining are available at : http://samba.org/listproc/ Details on obtaining CVS (developer) versions of Samba are available at: http://samba.org/cvs.html ===================================================================== If you think you have found a bug please email a report to : samba@samba.org As always, all bugs are our responsibility. Regards, The Samba Team. -------------------------------------------------------- From jffolliott at home.com Wed Apr 26 03:47:08 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:34 2003 Subject: tng 2.5 share-access Message-ID: Hi All, I think I ran into this bug again trying to access a share on my TNG server from a W2K workstation that's not a member of the domain (I assume this would apply to NT4 workstations as well). The samba server is a PDC for the "House" domain, and the client is just a member of the "House" workgroup. The same user in W2K exists on the samba server with the same password, so share-level access should work I expect and has before with earlier TNG releases. What I get is a username/password prompt to connect to the share because my username is being rejected. In the log.workstation I see: SMB LM/NT Password did not match! Rejecting user 'jmeff': authentication failed 32 bit error packet at line 494 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory (passwords have to match, I just re-created the account with rpcclient -S . -U root, createuser user -p password) BUT.. entering "DOMAIN\username" and a password *does* let me access shares, so it's just not validating users that aren't logged into the domain. When I get access this way however, file sharing is incredibly slow (playing an mp3 over the share is jumpy, so this is < 15Kbps). I've attached the log.degobah file (degobah is my w2k client) and my smb.conf. I've been able to successfully add the W2K client to the domain, login, and get normal access to the shares, so I think my setup is fine. I've created a new smbpasswd from scratch, removed all the samba locks files, and started the daemons fresh. Note: the client is "degobah", the TNG PDC server is "firewall", domain is "house", and my username is "jmeff". Hope this helps. cheers, Jamie smb.conf>> [global] netbios name = FIREWALL workgroup = HOUSE hosts allow = 127.0.0.1 192.168.69. printcap name = /etc/printcap load printers = yes print command = lpr -P%p %s; rm %s guest account = nobody log file = /var/log/samba/log.%m max log size = 500 security = user password level = 8 username level = 8 encrypt passwords = yes smb passwd file = /etc/smbpasswd unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *password* %n\n *password* %n\n *successfull* domain group map = /etc/smbdomaingroup.map local group map = /etc/smblocalgroup.map domain user map = /etc/smbdomainuser.map socket options = TCP_NODELAY getwd cache = yes read prediction = True wide links = True interfaces = 192.168.69.1/24 bind interfaces only = False local master = yes os level = 63 domain master = yes preferred master = yes domain logons = yes logon script = logon.bat logon drive = u: logon path = \\%L\profiles\%U logon home = \\%L\home\%U wins support = yes dns proxy = no lock directory = /var/lock/samba time server = True debug level = 100 timestamp logs = no [home] comment = Home Directories path = /home browseable = yes writeable = yes preserve case = yes short preserve case = yes create mode = 0755 hide dot files = yes public = no [netlogon] comment = Network Logon Service path = /home/netlogon public = no locking = no writeable = yes write list = root, jmeff, @jamie share modes = no [profiles] path = /home/profiles browseable = yes guest ok = yes writeable = yes comment = Roaming Profiles directory mask = 0700 create mode = 0700 [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writeable = no printable = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes -------------- next part -------------- A non-text attachment was scrubbed... Name: log.tar.gz Type: application/x-gzip Size: 6055 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000425/933bc923/log.tar.bin From vgill at technologist.com Wed Apr 26 04:46:24 2000 From: vgill at technologist.com (Vern H. Gill) Date: Tue Dec 2 02:29:34 2003 Subject: Profiles in the wrong place In-Reply-To: Message-ID: <000c01bfaf3a$609f9ba0$3405a8c0@gillnet.org> Actually, this is not correct. I have both Win9x and NT boxes pull time from Samba, as well as Mac's (Uughh!!) They all get the correct time with no switches to NET TIME other than /set /y, or the appropriate options for the SMB/NTP client on the Macintrash. -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Paul J Collins Sent: Tuesday, April 25, 2000 4:57 PM To: Multiple recipients of list SAMBA-NTDOM Subject: Re: Profiles in the wrong place >>>>> "Willie" == Willie Green writes: Willie> I'm runnning Samba TNG cvs version as of 04/25/2000. In Willie> Win98se and NT 4 SP4 Profiles are created, but they are Willie> created in the users unix /home directories also in Win9x, Willie> the time that comes back from the time server is about 5 Willie> hours off from what the samba server has. I have the time Willie> zone set correctly and it sets the time correctly in NT Willie> anyone have any suggestions? I believe that 9x machines store the time in the BIOS in local time (DOS compatibility), while NT stores it in GMT. Hence, when you pull the time from the server, you get the GMT time, which 9x thinks is local time. Boom, five hours, right there. Is there a switch for NET TIME that can overcome this? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From chris at aims.com.au Wed Apr 26 05:14:37 2000 From: chris at aims.com.au (Chris Knight) Date: Tue Dec 2 02:29:34 2003 Subject: Profiles in the wrong place In-Reply-To: <000c01bfaf3a$609f9ba0$3405a8c0@gillnet.org> Message-ID: <000c01bfaf3e$51f50af0$020aa8c0@aims.private> Howdy, All versions of Windows store the time in the BIOS as local time. However, NET TIME doesn't recognise time zones. So the NET TIME clients need to have the same timezone settings as the NET TIME server. You may be best using one of the freeware ntp clients for Windows and use xntp on your Samba server. Regards, Chris Knight Systems Administrator AIMS Independent Computer Professionals Tel: +61 3 6334 6664 Fax: +61 3 6331 7032 Mob: +61 419 528 795 Web: http://www.aims.com.au > [snip] > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Paul J Collins > Sent: Tuesday, April 25, 2000 4:57 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Profiles in the wrong place > > [snip] > > I believe that 9x machines store the time in the BIOS in local time > (DOS compatibility), while NT stores it in GMT. Hence, when you pull > the time from the server, you get the GMT time, which 9x thinks is > local time. Boom, five hours, right there. Is there a switch for NET > TIME that can overcome this? > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > > From lkcl at samba.org Wed Apr 26 05:23:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: <20000425145227.A24999@Javad.Ru> Message-ID: > it seems 2.5.tar.bz2 must be tagged on CVS as working well :) done. SAMBA_TNG_2_5_GOOD. From lars at kneschke.de Wed Apr 26 05:52:29 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:34 2003 Subject: i'm very statisfied with samba tng at the moment In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > Sent: Wednesday, April 26, 2000 7:25 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: i'm very statisfied with samba tng at the moment > > > > it seems 2.5.tar.bz2 must be tagged on CVS as working well :) > > done. SAMBA_TNG_2_5_GOOD. :-))) CU -- Lars Kneschke http://www.kneschke.de From lkcl at samba.org Wed Apr 26 06:59:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: More on the smbd -D segmentation violation under Solaris7 In-Reply-To: Message-ID: hi matt, can you please send version and smb.conf, thx. On Tue, 25 Apr 2000, Matt Ross wrote: > I have run truss on smbd and the interesting snippet follows: > > $ truss smbd -D -o truss.log > $ more truss.log > [snip] > open64("/usr/local/samba/var/log.smb", O_WRONLY|O_APPEND|O_CREAT, 0666) = 4 > llseek(4, 0, SEEK_END) = 36434 > umask(0) = 022 > time() = 956665625 > time() = 956665625 > write(4, " [", 1) = 1 > write(4, " 2 0 0 0 / 0 4 / 2 5 1".., 19) = 19 > write(4, " , 1", 3) = 3 > write(4, " ] ", 2) = 2 > write(4, " s m b d / s e r v e r .".., 13) = 13 > write(4, " :", 1) = 1 > write(4, " m a i n", 4) = 4 > write(4, " ( 6 8 9", 4) = 4 > write(4, " )\n", 2) = 2 > getuid() = 0 [0] > write(4, " s m b d v e r s i".., 34) = 34 > getuid() = 0 [0] > write(4, " C o p y r i g h t ".., 38) = 38 > getuid() = 0 [0] > stat64("/usr/local/samba/var/log.smb", 0xFFBEED90) = 0 > stat64("/usr/local/samba/lib/smb.conf", 0xFFBEE920) = 0 > open64("/usr/local/samba/lib/smb.conf", O_RDONLY) = 5 > fstat64(5, 0xFFBEECB0) = 0 > read(5, " # S a m b a c o n f".., 2464) = 2464 > close(5) = 0 > brk(0x00085358) = 0 > brk(0x00087358) = 0 > brk(0x00087358) = 0 > brk(0x00089358) = 0 > pipe() = 5 [6] > fork() = 27656 > close(6) = 0 > read(547616, 0xFFBEE418, 1024) Err#9 EBADF > Incurred fault #6, FLTBOUNDS %pc = 0xFF1B6364 > siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 > Received signal #11, SIGSEGV [caught] > siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 > write(4, " = = = = = = = = = = = =".., 64) = 64 > getuid() = 0 [0] > getpid() = 27647 [27646] > write(4, " I N T E R N A L E R R".., 51) = 51 > getuid() = 0 [0] > write(4, " P l e a s e r e a d ".., 50) = 50 > getuid() = 0 [0] > write(4, " = = = = = = = = = = = =".., 64) = 64 > getuid() = 0 [0] > write(4, " P A N I C : i n t e r".., 22) = 22 > [snip] > > There is an attempted read on a non-existent file descriptor, 547616, > fifteen lines from the end. Can anybody suggest what the problem might be? > > Thanks, > > Matt > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Principal Technical Officer > Faculty of Engineering and Information Sciences > University of Hertfordshire > Phone: +44 (0)1707 286297 (3297 Internal) > E-Mail: m.g.ross@herts.ac.uk > WWW: http://fly.to/mgr > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Wed Apr 26 07:09:44 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: On Tue, 25 Apr 2000, Pieter Grimmerink wrote: > With samba-tng-alpha.2.5, I still can't join a (linux) samba workstation to > an NT 4.0 server controlled domain. > This is what I've tried, and what was reported; > > rpcclient -S ntserver -Uadministrator%passwd -Wdomain > > lsaquery > > use \\samba -Uroot%passwd -Wsamba > > createuser samba$ -s -jdomain hm, try capital letters for domain names. From lkcl at samba.org Wed Apr 26 07:10:52 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: send smb.conf. On Tue, 25 Apr 2000, Pieter Grimmerink wrote: > With samba-tng-alpha.2.5, I still can't join a (linux) samba workstation to > an NT 4.0 server controlled domain. > This is what I've tried, and what was reported; > > rpcclient -S ntserver -Uadministrator%passwd -Wdomain > > lsaquery > > use \\samba -Uroot%passwd -Wsamba > > createuser samba$ -s -jdomain > > SAM Create Domain User > Got a positive name query response from 90.0.1.1 ( 90.0.1.1 ) > error connecting to 90.0.1.1:445 (Connection refused) > Domain: IPC Name: samba$ ACB: [S ] > Create Domain User: OK > Join SAMBA to Domain DOMAIN > LSA_OPENSECRET: unknown error > Set $MACHINE.ACC: OK > > Note; with samba-tng 2.4 I did not get this LSA_OPENSECRET error, but the > resulting machine account did not work. with samba-tng 2.5, the machine > account seems to be created, but might be corrupt (?) > When I then try to connect to the samba workstation, (using smbclient, or > ntlogin from rpcclient) this fails, and I get the following entries in the > smb logfile; > > log.smb: > > cli_nt_setup_creds: auth2 challenge failed. status: c000018b > domain_client_validate: credentials failed (\\NTSERVER) > SMB LM/NT Password did not match! > Rejecting user 'username': authentication failed > > Am I doing something wrong? > (It seemed to me that everyone was very enthousiastic about 2.5, so why > doesn't it work for me?) > > Best regards, > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From hilarycheng at usa.net Wed Apr 26 07:27:48 2000 From: hilarycheng at usa.net (Hilary Cheng) Date: Tue Dec 2 02:29:35 2003 Subject: About User Domain Login From NT Message-ID: <39069A74.C5862C4C@usa.net> Hi All, I have compiled the TNG 2.5 on FreeBSD. I have been created all Workstation account and user account on both unix and samba. When I wanna to preform domain login from NT, it told me that "The user is not authoirzed to login." What should I set in the Samba ? Regards, Hilary From m.g.ross at herts.ac.uk Wed Apr 26 07:53:24 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:35 2003 Subject: More on the smbd -D segmentation violation under Solaris7 In-Reply-To: Message-ID: > hi matt, > > can you please send version and smb.conf, thx. The version is the CVS one from 25 April 9:00AM British summer time. My complete smb.conf is at the end of this document. Running testparm gives: Load smb config files from /usr/local/samba/lib/smb.conf Processing section "[homes]" Processing section "[netlogon]" Processing section "[printers]" Processing section "[tmp]" Processing section "[public]" Processing section "[cm1600]" Processing section "[eisis01]" Processing section "[eisis02]" Processing section "[eisis03]" Processing section "[eisis04]" Loaded services file OK. Thanks for your help. > On Tue, 25 Apr 2000, Matt Ross wrote: > > > I have run truss on smbd and the interesting snippet follows: > > > > $ truss smbd -D -o truss.log > > $ more truss.log > > [snip] > > open64("/usr/local/samba/var/log.smb", > O_WRONLY|O_APPEND|O_CREAT, 0666) = 4 > > llseek(4, 0, SEEK_END) = 36434 > > umask(0) = 022 > > time() = 956665625 > > time() = 956665625 > > write(4, " [", 1) = 1 > > write(4, " 2 0 0 0 / 0 4 / 2 5 1".., 19) = 19 > > write(4, " , 1", 3) = 3 > > write(4, " ] ", 2) = 2 > > write(4, " s m b d / s e r v e r .".., 13) = 13 > > write(4, " :", 1) = 1 > > write(4, " m a i n", 4) = 4 > > write(4, " ( 6 8 9", 4) = 4 > > write(4, " )\n", 2) = 2 > > getuid() = 0 [0] > > write(4, " s m b d v e r s i".., 34) = 34 > > getuid() = 0 [0] > > write(4, " C o p y r i g h t ".., 38) = 38 > > getuid() = 0 [0] > > stat64("/usr/local/samba/var/log.smb", 0xFFBEED90) = 0 > > stat64("/usr/local/samba/lib/smb.conf", 0xFFBEE920) = 0 > > open64("/usr/local/samba/lib/smb.conf", O_RDONLY) = 5 > > fstat64(5, 0xFFBEECB0) = 0 > > read(5, " # S a m b a c o n f".., 2464) = 2464 > > close(5) = 0 > > brk(0x00085358) = 0 > > brk(0x00087358) = 0 > > brk(0x00087358) = 0 > > brk(0x00089358) = 0 > > pipe() = 5 [6] > > fork() = 27656 > > close(6) = 0 > > read(547616, 0xFFBEE418, 1024) Err#9 EBADF > > Incurred fault #6, FLTBOUNDS %pc = 0xFF1B6364 > > siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 > > Received signal #11, SIGSEGV [caught] > > siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 > > write(4, " = = = = = = = = = = = =".., 64) = 64 > > getuid() = 0 [0] > > getpid() = 27647 [27646] > > write(4, " I N T E R N A L E R R".., 51) = 51 > > getuid() = 0 [0] > > write(4, " P l e a s e r e a d ".., 50) = 50 > > getuid() = 0 [0] > > write(4, " = = = = = = = = = = = =".., 64) = 64 > > getuid() = 0 [0] > > write(4, " P A N I C : i n t e r".., 22) = 22 > > [snip] > > > > There is an attempted read on a non-existent file descriptor, 547616, > > fifteen lines from the end. Can anybody suggest what the > problem might be? ----------------smb.conf------------------- # Global parameters [global] workgroup = FEISPCLABS netbios name = LAWN server string = FEIS Samba Server encrypt passwords = Yes null passwords = Yes smb passwd file = /usr/local/samba/private/smbpasswd passwd program = /usr/bin/yppasswd log file = /usr/local/samba/var/_%m.log max log size = 200 name resolve order = wins host lmhosts bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local group map = /usr/local/samba/lib/localgroups.map #domain groups = Users #domain guest group = Guests domain group map = /usr/local/samba/lib/domaingroups.map domain user map = /usr/local/samba/lib/usermap.map logon path = \\bantam\user1\profiles\admin logon drive = q: logon home = e:\auser domain logons = Yes lm announce = False preferred master = Yes domain master = Yes dns proxy = No wins server = xxx.xxx.xxx.52 admin users = comtmgr comtpm hosts allow = xxx.xxx. 127. [homes] comment = Home Directories read only = No browseable = No [netlogon] comment = Network Logon Service path = /usr/local/samba/lib/netlogon share modes = No [printers] comment = All Printers path = /var/spool/lp/tmp guest account = ftp printable = Yes printer name = lp browseable = No [tmp] comment = Temporary file space path = /tmp admin users = comtpm write list = @technical @staff @research force security mode = 00 force directory security mode = 00 write cache size = 16384 hide dot files = No [public] comment = Public Area path = /usr/local/samba/lib/netlogon share modes = No [cm1600] comment = HP 1600CM Colour InkJet (E300) path = /tmp guest account = ftp read only = No printable = Yes print command = cm -1 %s; rm %s printer name = cm1600 #oplocks = No share modes = No [eisis01] comment = EISIS01 path = /tmp guest account = ftp read only = No printable = Yes printer name = lp #oplocks = No share modes = No [eisis02] comment = EISIS02 path = /tmp guest account = ftp read only = No printable = Yes printer name = lp #oplocks = No share modes = No [eisis03] comment = EISIS03 path = /tmp guest account = ftp read only = No printable = Yes printer name = eisis03 #oplocks = No share modes = No [eisis04] comment = EISIS04 path = /tmp guest account = ftp read only = No printable = Yes printer name = eisis04 #oplocks = No share modes = No ----------------end---------------------- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From p.grimmerink at home.nl Wed Apr 26 08:10:30 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: > > With samba-tng-alpha.2.5, I still can't join a (linux) samba > workstation to > > an NT 4.0 server controlled domain. > > send smb.conf. > Here it is. Note, I use the same smb.conf for a samba-tng 2.4 member of a samba-tng 2.2 controlled domain. Works fine. One small difference; There I use "password server = *", while in the setup we're discussing here, with the NT4 controller, the smb daemon forks rapidly when I use "*", so I had to fill in the name of the NT4 server. [global] workgroup = IPC netbios name = LINUX server string = IPC linux server security = DOMAIN encrypt passwords = Yes password server = ipc01 keepalive = 30 os level = 2 local master = No wins support = Yes delete readonly = Yes [cdrom] comment = Linux CD-ROM path = /cdrom locking = No Luke, I also tried to join the domain with capitals. Did not make a difference. Best regards, Pieter From lkcl at samba.org Wed Apr 26 08:14:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Message-ID: On Tue, 25 Apr 2000, Lars Kneschke wrote: > Hello! > > I have updated the samba tng faq, to reflect the current development > changes. Any native english speaker should have a look at this pages please, > because my english is not the best. My writen german is also not the best! > :-) > > Technical everything should be ok. > > Feel free to send comments, i have more time again. > > http://www.kneschke.de/projekte/samba_tng/faq > > > The only problem i'm aware of, is that password changing dont work. > > Luke, do you know how to become a local administrator? > i have used "local group map", whit this content: > > test1 = "Adminstrators" > > > "Administrators" gets also shown as local group in the Usermanager, but i > can't change the clock. So i think, that i'm not a admin user. What do you > think? uh... now you're in trouble :) on NT, the *local group*, Administrators, is made a member of the "Domain Admins" domain group. this is not possible in unix [to make a group a member of a group]. From lkcl at samba.org Wed Apr 26 08:33:52 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: tng 2.5 share-access In-Reply-To: Message-ID: > BUT.. entering "DOMAIN\username" and a password *does* let me access shares, > so it's just not validating users that aren't logged into the domain. When > I get access this way however, file sharing is incredibly slow (playing an > mp3 over the share is jumpy, so this is < 15Kbps). I've attached the > log.degobah file (degobah is my w2k client) and my smb.conf. > debug level = 100 ^^^^^^^^^^^^^^^^^ reduce this a bit, to say, oh... 5, and you might find things start working again. good report. thanks. From lkcl at samba.org Wed Apr 26 09:05:56 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: On Wed, 26 Apr 2000, Pieter Grimmerink wrote: > > > With samba-tng-alpha.2.5, I still can't join a (linux) samba > > workstation to > > > an NT 4.0 server controlled domain. > > > > send smb.conf. > > > > Here it is. Note, I use the same smb.conf for a samba-tng 2.4 member of a > samba-tng 2.2 controlled domain. Works fine. > One small difference; > There I use "password server = *", while in the setup we're discussing here, > with the NT4 controller, the smb daemon forks rapidly when I use "*", so I > had to fill in the name of the NT4 server. > > [global] > workgroup = IPC > netbios name = LINUX > server string = IPC linux server > security = DOMAIN > encrypt passwords = Yes > password server = ipc01 > keepalive = 30 > os level = 2 > local master = No > wins support = Yes ^^^^^^^^^^^^^^^^^^ if your only change is as you say, you have two wins servers, now. From p.grimmerink at home.nl Wed Apr 26 09:23:08 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > Sent: woensdag 26 april 2000 11:07 > To: Multiple recipients of list SAMBA-NTDOM > Subject: RE: joining samba-tng2.5 to NT4 domain > > > On Wed, 26 Apr 2000, Pieter Grimmerink wrote: > > > > > With samba-tng-alpha.2.5, I still can't join a (linux) samba > > > workstation to > > > > an NT 4.0 server controlled domain. > > > > > > send smb.conf. > > > > > > > Here it is. Note, I use the same smb.conf for a samba-tng 2.4 > member of a > > samba-tng 2.2 controlled domain. Works fine. > > One small difference; > > There I use "password server = *", while in the setup we're > discussing here, > > with the NT4 controller, the smb daemon forks rapidly when I > use "*", so I > > had to fill in the name of the NT4 server. > > > > [global] > > workgroup = IPC > > netbios name = LINUX > > server string = IPC linux server > > security = DOMAIN > > encrypt passwords = Yes > > password server = ipc01 > > keepalive = 30 > > os level = 2 > > local master = No > > wins support = Yes > ^^^^^^^^^^^^^^^^^^ > > if your only change is as you say, you have two wins servers, now. No, these are two diffent domains, in different networks. Actualy, I lied, since I only use this wins support=yes option in the situation where NT4 is PDC, and samba-tng 2.5 domain member. There is no other wins server in this network. In the other network, where another samba-tng server is PDC, this PDC is also wins server. So in the smb.conf of the member in that network, I use the option wins support=pdcname. Apart from that (and the password server=* / pdcname), the smb.conf's of the domain members are identical (and of course the domain/netbios names are different, since we're talking about different domains). I already tried to disable wins support, since that was one of the differences. No (positive) effects. Best regards, Pieter From lkcl at samba.org Wed Apr 26 09:27:41 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: > the option wins support=pdcname. you want that to be wins server = x.x.x.x , wins support = yes/no whatever. always use an ip address as otherwise you will force samba to do a DNS lookup on each and every WINS server request. if you have the wins hook installed, or the resolv.conf wins module installed, things can go really, really haywire, otherwise :) From p.grimmerink at home.nl Wed Apr 26 09:41:05 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:35 2003 Subject: joining samba-tng2.5 to NT4 domain In-Reply-To: Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > Sent: woensdag 26 april 2000 11:29 > To: Multiple recipients of list SAMBA-NTDOM > Subject: RE: joining samba-tng2.5 to NT4 domain > > > > the option wins support=pdcname. > > you want that to be wins server = x.x.x.x , wins support = yes/no > whatever. > > always use an ip address as otherwise you will force samba to do a DNS > lookup on each and every WINS server request. Thanks for the hint. Might increase the performance of my working setup. But this was not the problem in the failing setup :-) To refresh everyone's memory; joining a samba-tng 2.5 workstation to an NT4 controlled domain fails, error during joining. (joining a samba-tng 2.4 workstation to an NT4 controlled domain produced no errors while joining, but did not result in a working machine account) Best regards, Pieter From James.Nord at cdt.luth.se Wed Apr 26 10:22:40 2000 From: James.Nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:35 2003 Subject: TNG & 3.0.0 2.1?? Message-ID: <3906C370.123361CC@cdt.luth.se> Hi, I couldn't fiund this in the FAQ so could someone please enlighten me, What will be the next major release of Samba 2.1 or 3.0? Will this have PDC support (for 2000)? Will TNG become 3.0 or 2.1 when the time is right? What is to be done before this happens (if it happens) ie whats missing? Are there still features being added or is it just bugfixes? WHich leads to are we (very roughly) talking a couple of months or several months to the mext major release? BTW, To the dev team: Great job! /James From vadjan at mail.ru Wed Apr 26 12:55:08 2000 From: vadjan at mail.ru (Vadim Kimlaychuk) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords Message-ID: I have samba-tng-alfa-2.4.1. It installs correctly, but when I try to log in from NT Workstation it says that computer name account doesn'n exists in database. (I add name$ and username in smbpasswd). The first question is -- what password shoul I use for the trust computer? (what should I see in smbpasswd) Does samba check passwords from passwd and shadow files? From anders at aae.wisc.edu Wed Apr 26 13:58:45 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: from Vadim Kimlaychuk at "Apr 26, 2000 10:57:09 pm" Message-ID: <200004261358.IAA19604@pug.aae.wisc.edu> > > I have samba-tng-alfa-2.4.1. > It installs correctly, but when I try to log in from NT Workstation it says that computer name account doesn'n exists in database. (I add name$ and username in smbpasswd). > The first question is -- what password shoul I use for the trust computer? > (what should I see in smbpasswd) > Does samba check passwords from passwd and shadow files? yes and no.... [only in share mode tough] initial password for a trust account should be 'machine' i believe. This is an assumption NT makes :) The best way to add the account is using these nifty tools that Luke's made. [Soon we can make shell scripts that remotely can crash an entire network :)] otherwise use smbpasswd -a -m machine [if this one still works in TNG-2.4] --Anders From anders at aae.wisc.edu Wed Apr 26 13:54:56 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:35 2003 Subject: TNG & 3.0.0 2.1?? In-Reply-To: <3906C370.123361CC@cdt.luth.se> from James Nord at "Apr 26, 2000 08:22:40 pm" Message-ID: <200004261354.IAA19444@pug.aae.wisc.edu> > Hi, > > I couldn't fiund this in the FAQ so could someone please enlighten me, > > What will be the next major release of Samba 2.1 or 3.0? probably 3.0 in the fall of 2000 (we can only hope....) > Will this have PDC support (for 2000)? If you run Win2000 in legacy mode (i.e. NT 4 domains) In other words: no, TNG is aimed at supporting the NT4 domain structure, and not the Win2000 one. [Wether or not using / implementing the Win2000 structure was discussed a while back.] > Will TNG become 3.0 or 2.1 when the time is right? 3.0 i believe, but this might be a questin for Luke > > What is to be done before this happens (if it happens) ie whats > missing? Are there still features being added or is it just bugfixes? I believe the main functionality is reached, however samba is still in heavily developement. Several of the current implementations work, but they have issues,among them security. I WOULD NOT recomend anyone to run TNG in production environment, as this might break your server on a daily basis. > WHich leads to are we (very roughly) talking a couple of months or > several months to the mext major release? see above Maybe someone could confirm some of this stuff (Luke?? Richard??...) and then Lars could add it to this FAQ's and stuff --Anders anders@aae.wisc.edu thorsen@cs.wisc.edu > BTW, > > To the dev team: Great job! > > /James > From lkcl at samba.org Wed Apr 26 15:28:29 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: <200004261358.IAA19604@pug.aae.wisc.edu> Message-ID: On Thu, 27 Apr 2000, Anders C. Thorsen wrote: > > > > I have samba-tng-alfa-2.4.1. > > It installs correctly, but when I try to log in from NT Workstation it says that computer name account doesn'n exists in database. (I add name$ and username in smbpasswd). > > The first question is -- what password shoul I use for the trust computer? > > (what should I see in smbpasswd) > > Does samba check passwords from passwd and shadow files? > yes and no.... [only in share mode tough] > > initial password for a trust account should be 'machine' i believe. This > is an assumption NT makes :) workstation_name_in_unicode_lower_case. samedit sets it to total random garbage, locally and remotely. > The best way to add the account is using these nifty tools that Luke's made. > [Soon we can make shell scripts that remotely can crash an entire network :)] pffh, you can do that anyway, starting two years ago, dude! From jffolliott at home.com Wed Apr 26 15:29:35 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:35 2003 Subject: tng 2.5 share-access In-Reply-To: Message-ID: I started out testing with "debug level = 1" and had the problem, so I upped it to 100 to get you the log ;) Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Luke Kenneth Casson Leighton > Sent: April 26, 2000 4:38 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: tng 2.5 share-access > > > > BUT.. entering "DOMAIN\username" and a password *does* let me > access shares, > > so it's just not validating users that aren't logged into the > domain. When > > I get access this way however, file sharing is incredibly slow > (playing an > > mp3 over the share is jumpy, so this is < 15Kbps). I've attached the > > log.degobah file (degobah is my w2k client) and my smb.conf. > > > debug level = 100 > ^^^^^^^^^^^^^^^^^ > > reduce this a bit, to say, oh... 5, and you might find things start > working again. > > good report. thanks. > From mg at plum.de Wed Apr 26 15:38:22 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords References: Message-ID: <014001bfaf95$74365950$0201010a@defiant> > > I have samba-tng-alfa-2.4.1. > It installs correctly, but when I try to log in from NT Workstation it says that computer name account doesn'n exists in database. (I add name$ and username in smbpasswd). > The first question is -- what password shoul I use for the trust computer? > (what should I see in smbpasswd) > Does samba check passwords from passwd and shadow files? > Please update to TNG-2.5. 2.4.x had some serious problems with domain logons. regards, Michael From jffolliott at home.com Wed Apr 26 15:36:37 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: Message-ID: The 2.4.x alpha's had problems like you mentioned, try alpha 2.5. You'll need to create accounts for your workstations in the passwd file, named COMPUTER$, but these accounts can be disabled and don't need a password. Then you can use NT's method of adding the workstation to the domain, via the network control panel, provided you've created an administrator first. See the TNG faq, http://www.kneschke.de/projekte/samba_tng/ Jamie > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Vadim Kimlaychuk > Sent: April 26, 2000 8:57 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: smb- and UNIX passwords > > > > I have samba-tng-alfa-2.4.1. > It installs correctly, but when I try to log in from NT > Workstation it says that computer name account doesn'n exists in > database. (I add name$ and username in smbpasswd). > The first question is -- what password shoul I use for the > trust computer? > (what should I see in smbpasswd) > Does samba check passwords from passwd and shadow files? > From lkcl at samba.org Wed Apr 26 15:40:34 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: tng 2.5 share-access In-Reply-To: Message-ID: On Wed, 26 Apr 2000, Jamie ffolliott wrote: > I started out testing with "debug level = 1" and had the problem, so I upped > it to 100 to get you the log ;) ohh, *muww* :) From rfs at aw.com.pl Wed Apr 26 16:56:12 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:35 2003 Subject: user accounts problem Message-ID: <39071FAC.289CAD17@aw.com.pl> Hi everybody I don't know whether i'm doing something wrong but: 1. i "log into" sam database: samedit -S . -U root 2. after entering password (actually no password) i create user account: createuser ntuser -p ntuser so far, so good. now, the problems: a) changing password with ntpass ntuser doesn't work. i got nice "NT Password change FAILED" msg. b) when i try to connect to samba server (let's name it EUROPA) i got user/password entry dialog. After typing proper values i still cannot see EUROPA's shares. thank you Rafa? PS. Two more questions: How can i *properly* change passwords ? and is it essential to have root account in samba-tng sam ? because without it i can successfully (regarding to samedit messages) use create/delete user accounts. thank you again :) From rfs at aw.com.pl Wed Apr 26 17:17:11 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:35 2003 Subject: Late Domain Logon References: Message-ID: <39072497.1BF2BF23@aw.com.pl> Vivian Lal wrote: > > I have looked in the per machine logs and there is no errors there > either. Samba thinks that everything is working fine. > And what says log.nmb file ? Do any workstations connect with bin/nmbd and register in browse list ? Check also, kind of activity between server and workstation during these first 15 minutes, using netstat [--inet] . Rafa? From pjdc at eircom.net Wed Apr 26 18:05:47 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Luke Kenneth Casson Leighton's message of "Wed, 26 Apr 2000 18:17:03 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> uh... now you're in trouble :) on NT, the *local group*, Luke> Administrators, is made a member of the "Domain Admins" Luke> domain group. Actually no. See my message for details on the local administrator thing. Global groups exist in domains only, and can contain users only. Local groups exist in domains and local SAMs and can contain users and/or global groups. Domain local groups are only visible to the domain controllers. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From GLeblanc at cu-portland.edu Wed Apr 26 18:13:03 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated Message-ID: > -----Original Message----- > From: Paul J Collins [mailto:pjdc@eircom.net] > Sent: Wednesday, April 26, 2000 11:03 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Samba TNG FAQ updated > > > >>>>> "Luke" == Luke Kenneth Casson Leighton writes: > > Luke> uh... now you're in trouble :) on NT, the *local group*, > Luke> Administrators, is made a member of the "Domain Admins" > Luke> domain group. > > Actually no. See my message for details on the local administrator > thing. > > Global groups exist in domains only, and can contain users only. > Local groups exist in domains and local SAMs and can contain users > and/or global groups. Correct. > Domain local groups are only visible to the > domain controllers. Incorrect. Domain Local Groups are visible via any computer running the User Manager for Domains (usrmgr.exe). The will not be visible on workstations by default, as they install the User Manager (musrmgr.exe). Luke just had it backwards, the Domain Admins Group is made a member of the Local Admins Group. I just looked at it in my copy of user manager on my workstation here (using both user manager tools). Greg From abrock at georgefox.edu Wed Apr 26 16:38:52 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:35 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... Message-ID: <4.2.2.20000426085851.00a6b3a0@localhost> I downloaded the latest CVS today (April 26, 9:00 am PST) and recompiled (gcc 2.95.2) on my Sparc Solaris 2.7 (64 Bit). As usual, I then transferred the compiled binaries to our domain controller (Sparc Solaris 2.7 32 Bit) and installed them. Other than periodic slowdowns, the product seems to be working normally. However, I am still unable to change passwords remotely, and a core dump appears every couple minutes (one every 20-30 minutes) with an associated panic in the log.nmb file. I this something I should be worrying about, or is it expected at this time? I configured the source with: ./configure --prefix=/opt/samba-tng --with-syslog --with-netatalk If needed, I can include logs or reconfigure and rebuild. Tony ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From ml.ventu at flashnet.it Thu Apr 27 01:45:36 2000 From: ml.ventu at flashnet.it (Andrea Venturoli) Date: Tue Dec 2 02:29:35 2003 Subject: Samba+NT+OS/2 Message-ID: <200004261845.e3QIjdX04679@relay.flashnet.it> Hello. I'm not sure this is the correct place to write, if it's not I apologize and ask where should I send this question. My network has (amongst others) the following machines: _ UGO: running Samba 2.0.6 on FreeBSD 4.0, providing WINS server, some shares and acting as my PDC; _ XANATAR: an OS/2 4.0 machine which provides some shares; _ RADIO: an NT 4.0SP3 machine which only act as a client. Both RADIO and XANATAR can autenticate either locally or on the PDC correctly, problem arises if from RADIO I logon using domain authentication and try to access XANATAR, particularly: I can see XANATAR in the browse list, but if I click on it I get an "Access Denied" message (it might not be the exact string you might see, my NT is in Italian and I'm translating back to English so you all can understand); if I manually connect to a specific service on xanatar (e.g. by assigning a drive letter to it and typing the full service name, or issuing a DIR \\XANATAR\service at the prompt) it works almost fine: in the past I had some problem running Access or any ODBC application on an MDB file on XANATAR, but lately it looks like it works (possibly since I upgraded from 2.0.5 to 2.0.6). If I logon locally on RADIO, then I have no problem at all. Bye & Thanks av. From abrock at georgefox.edu Wed Apr 26 17:12:11 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:35 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... In-Reply-To: Message-ID: <4.2.2.20000426121118.00a79450@localhost> One other item of note. When I login from a stand-alone server (which is a member of the domain), I now get messages that windows has detected a slow network connection between it and the PDC (Samba). Since these machines are connected via a switched 10/100Base-T network (they are on the same switch), this seems highly unlikely. Tony At 11:44 AM 4/26/00 -0700, you wrote: I downloaded the latest CVS today (April 26, 9:00 am PST) and recompiled (gcc 2.95.2) on my Sparc Solaris 2.7 (64 Bit). As usual, I then transferred the compiled binaries to our domain controller (Sparc Solaris 2.7 32 Bit) and installed them. Other than periodic slowdowns, the product seems to be working normally. However, I am still unable to change passwords remotely, and a core dump appears every couple minutes (one every 20-30 minutes) with an associated panic in the log.nmb file. ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From anders at aae.wisc.edu Wed Apr 26 19:19:49 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: from Luke Kenneth Casson Leighton at "Apr 27, 2000 01:28:29 am" Message-ID: <200004261919.OAA32253@pug.aae.wisc.edu> [snip] > > > The best way to add the account is using these nifty tools that Luke's made. > > [Soon we can make shell scripts that remotely can crash an entire network :)] > > pffh, you can do that anyway, starting two years ago, dude! > By simply installing latest CVS..? :) Sorry, couldn't help it --Anders From lkcl at samba.org Wed Apr 26 19:31:44 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Message-ID: On Thu, 27 Apr 2000, Paul J Collins wrote: > Global groups exist in domains only, and can contain users only. > Local groups exist in domains and local SAMs and can contain users > and/or global groups. Domain local groups are only visible to the > domain controllers. yes. in the local administrator group, the domain admins global group is added? if this is a requirement, it cannot be done on unix. From lkcl at samba.org Wed Apr 26 19:32:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Message-ID: > Luke just had it backwards, i did?? > the Domain Admins Group is made a member of the > Local Admins Group. yes. From lkcl at samba.org Wed Apr 26 19:33:54 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... In-Reply-To: <4.2.2.20000426085851.00a6b3a0@localhost> Message-ID: On Thu, 27 Apr 2000, Anthony Brock wrote: > I downloaded the latest CVS today (April 26, 9:00 am PST) and recompiled > (gcc 2.95.2) on my Sparc Solaris 2.7 (64 Bit). As usual, I then > transferred the compiled binaries to our domain controller (Sparc Solaris > 2.7 32 Bit) and installed them. > > Other than periodic slowdowns, the product seems to be working > normally. However, I am still unable to change passwords remotely, and a > core dump appears every couple minutes (one every 20-30 minutes) with an > associated panic in the log.nmb file. this does not make me very happy. compile with debug, do a gdb attach nmbd, continue. do a stack trace, print some local variables, on the coredump. > I this something I should be worrying about, or is it expected at this time? not really. nmbd is stable code. From abrock at georgefox.edu Wed Apr 26 17:32:21 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:35 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... In-Reply-To: Message-ID: <4.2.2.20000426122412.00a21100@localhost> Lastly (I will shut up after this one), When connecting to other servers (which are domain members, running Samba 2.0.6a), I am only able to connect if my username and password are identical in the LOCAL smbpasswd file of THAT machine. If I already have an account on the machine, but no smbpasswd entry, or if I have an entry but a different password, I cannot connect. Also, and of more immediate importance, is when I connect to the PDC and view the shares. Regardless of what user I login as, I see the standard list of shares, and the 'root' share (home directory for root). Due to the default directory for the user root on Sun Solaris, this is of some concern (You can see the entire directory tree of the server). I do not see what should be my home directory. For example, if I am logged in as 'jfk', there is a listed directory of 'root' and there no directory 'jfk' listed. However, if I try to connect by mapping a drive (and manually type in the entry \\PDC\jfk), I can connect. Also, the 'net use r: /home' still works. Tony At 12:16 PM 4/26/00 -0700, abrock@georgefox.edu wrote: >One other item of note. When I login from a stand-alone server (which is >a >member of the domain), I now get messages that windows has detected a slow >network connection between it and the PDC (Samba). Since these machines >are connected via a switched 10/100Base-T network (they are on the same >switch), this seems highly unlikely. > >Tony > >At 11:44 AM 4/26/00 -0700, you wrote: >I downloaded the latest CVS today (April 26, 9:00 am PST) and recompiled >(gcc 2.95.2) on my Sparc Solaris 2.7 (64 Bit). As usual, I then >transferred the compiled binaries to our domain controller (Sparc Solaris >2.7 32 Bit) and installed them. > >Other than periodic slowdowns, the product seems to be working >normally. However, I am still unable to change passwords remotely, and a >core dump appears every couple minutes (one every 20-30 minutes) with an >associated panic in the log.nmb file. > >****************************************************************************** >* Anthony Brock >abrock@georgefox.edu * >* Director of Network Services George Fox >University * >****************************************************************************** ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From lkcl at samba.org Wed Apr 26 19:35:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: <200004261919.OAA32253@pug.aae.wisc.edu> Message-ID: thanks anders. > > pffh, you can do that anyway, starting two years ago, dude! > By simply installing latest CVS..? :) hmm, let me think... unmodified?? naah, you're better off with 2.4.2, that'd do the trick. From GLeblanc at cu-portland.edu Wed Apr 26 19:39:50 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated Message-ID: > -----Original Message----- > From: Luke Kenneth Casson Leighton [mailto:lkcl@samba.org] > Sent: Wednesday, April 26, 2000 12:34 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Samba TNG FAQ updated > > > On Thu, 27 Apr 2000, Paul J Collins wrote: > > > Global groups exist in domains only, and can contain users only. > > Local groups exist in domains and local SAMs and can contain users > > and/or global groups. Domain local groups are only visible to the > > domain controllers. > > yes. > > in the local administrator group, the domain admins global > group is added? Yes, this happens when you add the machine to a domain (usually, unless something is broken). This is the group that is local to that NT computer (whether it be a NT Workstation, or an NT Server config'd as Stand Alone), not to the local domain group. > > if this is a requirement, it cannot be done on unix. Oops. :) Greg From sneakums at eircom.net Wed Apr 26 20:07:05 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Luke Kenneth Casson Leighton's message of "Thu, 27 Apr 2000 05:31:44 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> in the local administrator group, the domain admins global Luke> group is added? Luke> if this is a requirement, it cannot be done on unix. The local Administrators group on workstations and standalone servers, yes; it does not concern the domain controllers at all, since their SAM (the domain SAM) contains the users directly. The effect of adding a user to the DOMAIN\Administrators group is that they would be local admins of the domain controllers only. It's not necessary for normal operation, and I don't think it's done much, unless you trust people with your DCs but not your SQL servers. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kevinc at grainsystems.com Wed Apr 26 21:41:40 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated References: Message-ID: <39076294.DBDB12EF@grainsystems.com> Luke Kenneth Casson Leighton wrote: > > in the local administrator group, the domain admins global group is added? Yes. > if this is a requirement, it cannot be done on unix. I believe this is the default, although I must admit removing them from my personal machine. - Kevin Colby kevinc@grainsystems.com From pjdc at eircom.net Wed Apr 26 22:06:52 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Kevin Colby's message of "Thu, 27 Apr 2000 07:45:23 +1000" References: <39076294.DBDB12EF@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: >> if this is a requirement, it cannot be done on unix. Kevin> I believe this is the default, although I must admit Kevin> removing them from my personal machine. When you join the domain, DOMAIN\Domain Admins is added to MACHINE\Administrators, DOMAIN\Domain Guests is added to MACHINE\Guests and DOMAIN\Domain Users is added to MACHINE\Users. By default, the user right "Log on locally" is granted to all local users via the groups, and members of the domain groups that were added get those rights too. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From anders at aae.wisc.edu Wed Apr 26 20:11:01 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:35 2003 Subject: smb- and UNIX passwords In-Reply-To: from Luke Kenneth Casson Leighton at "Apr 27, 2000 05:35:04 am" Message-ID: <200004262011.PAA02142@pug.aae.wisc.edu> > thanks anders. > > > > pffh, you can do that anyway, starting two years ago, dude! > > > By simply installing latest CVS..? :) > > hmm, let me think... unmodified?? naah, you're better off with 2.4.2, > that'd do the trick. > Great idea! I voluneer to make sure a patch from latest CVS back to 2.4.2 is always available :) I'l set up a cluster to every second do a cvs checkout of newest and 2.4.2 and then generate a patch! 2.4.2 should be made avialable from CVS to cvs illiterate people who wants to benefit from 2.4.2 --Anders From jffolliott at home.com Thu Apr 27 00:04:25 2000 From: jffolliott at home.com (Jamie ffolliott) Date: Tue Dec 2 02:29:35 2003 Subject: Samba TNG FAQ updated In-Reply-To: Message-ID: > The effect of adding a user to the DOMAIN\Administrators group is that > they would be local admins of the domain controllers only. It's not > necessary for normal operation, and I don't think it's done much, > unless you trust people with your DCs but not your SQL servers. Hmm? Adding a user to DOMAIN\Administrators group means that user will be a local admin of all the PDC and it's BDC's, *as well* as a local admin on the workstations joined to this domain (by default). It's done very often because it's Microsoft's default when the workstation joins the domain. If you trust people with your DC's then you inherently trust them with your SQL servers if you don't remove the Domain\Administrators group from the Workstation\Administrators group on the server SQLServ runs on, but why would you bother since the domain admins are already trusted to administer your domain? Sorry.. you didn't make sense there ;) Jamie From Skripi at hrzpub.tu-darmstadt.de Wed Apr 26 20:06:49 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:35 2003 Subject: smbpasswd segmentation fault Message-ID: <20000426220649.A29297@shadowland.sc> Hi, I'm using the latest cvs and try to update my user password: G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date:today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : segmentation fault with smbpasswd ------------- Trigger : smbpasswd -D 100 jens ------------- Solution : smbpasswd -r $SERVER -D 100 jens ------------- S P E C I A L * * * * * * * * ------------- smbpasswd : old ------------- shadowland:[~/Mail/old] #smbpasswd -D 100 jens New SMB password: Retype new SMB password: search by name: jens startfileent: opening file /usr/local/etc/samba/private/smbpasswd get_number: 1007:709268F7E90C9933B343EE1EAD7651B1:FED80CF9F6BE1E02C2DC6A29DACE36B4:[W ]:LCT-38F87EEF: -> 1007 getsmbfilepwent: returning passwd entry for unix user shadowland$, unix uid 1007 unixuser:shadowland$ uid:1007 acb:80 pwdb_smb_map_names: unix shadowland$ nt NULL unix 1007 nt-1 lookupsmbpwnam: unix user name shadowland$ lookupsmbpwuid: unix uid 1007 initialising map /usr/local/etc/samba/domainuser.map file_modified: /usr/local/etc/samba/domainuser.map modified load_name_map: Scanning name map /usr/local/etc/samba/domainuser.map Read line |root=administrator| make_name_entry:,administrator,root unix_name_to_nt_name_info: unix_name:root unix_name_to_nt_name_info: unix gid:0 map_domain_name_to_sid: overriding blank name to Segmentation fault --------------------------------------------------- So it is possible to change the password if I submit a Password Server. But just using the prompt smbpasswd fails. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From peter at cadcamlab.org Thu Apr 27 00:45:59 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:35 2003 Subject: a pdc and something far from it References: <20000422065350.B14806@giove.lastminutetour.com> Message-ID: <14599.36063.110680.33873@wire.cadcamlab.org> > Central headquarter with a samba server configured as a PDC, with > netlogon etc etc. External office connected via leased line with a > bdc (or something else) taha will cache only the files (homes, > profiles) and authorized the clients (smbpasswd centrlly on the pdc). > Waht kind of configuration i will have on the external office?? I > have the pdc working well, but i'm afraid that when a user with a big > profiles will logogn form the external offices , everytime the nt > clients will copy the profiles and other files form th ecentral > samba...this will be very bad!! Set your profiles directory to something like %LOGONSERVER%\profiles\%USERNAME% (only works on NT clients, not Win9x) so that the clients always look to the [profiles] share for their profiles. Sync the two shares externally at regular intervals using things like cron and rsync. If your users do not often migrate between the two networks, this need not be very frequent. Peter From krowland at nd.edu Thu Apr 27 02:02:20 2000 From: krowland at nd.edu (Kevin Rowland) Date: Tue Dec 2 02:29:35 2003 Subject: WINS - NetBIOS question Message-ID: <39079FAC.65EFB5EA@nd.edu> I am calling on the WINS/NetBIOS expertise out there to answer a question for me. I have 5 samba servers set up around the network acting as translators for the WinNT/9x machines to access our institutional file space hosted in AFS (the translators are all Sun Sparc stations). If I want to give the Wintel machines a drive mapping, I currently have to decide which translator best suits them and make a persistent mapping using one of the five machines (e.g. "net use \\transX\user" where X is 1 thru 5). Currently am running a single WINS server on NT for NetBIOS name resolution. I would like to be able to have all the clients specify a single name (e.g. "\\trans\user") and let the *WINS* server decide which of the 5 is best suited (based on proximity, load, etc...). I am pretty sure that my NT WINS server will not allow for this kind of "load balancing" technique. So is this scenario possible? Does Samba WINS allow me to do this? or Has anyone modified their nmbd code to try and implement this type of "round-robin" WINS service? I look forward to any advice/thoughts on this subject... I appologize if this has been covered in earlier posts, though I looked and could not find any (certainly not anything recent). -- kevin Kevin Rowland Lead Developer/Analyst Arts & Letters Computing Office University of Notre Dame krowland@nd.edu From lkcl at samba.org Thu Apr 27 05:55:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... In-Reply-To: <4.2.2.20000426122412.00a21100@localhost> Message-ID: On Thu, 27 Apr 2000, Anthony Brock wrote: > Lastly (I will shut up after this one), > > When connecting to other servers (which are domain members, running Samba > 2.0.6a), I am only able to connect if my username and password are > identical in the LOCAL smbpasswd file of THAT machine. If I already have > an account on the machine, but no smbpasswd entry, or if I have an entry > but a different password, I cannot connect. this is the correct behaviour if you just connect as user. yes. what happens if you connect as DOMAIN\user not just user? if *that* is doing the same thing _that's_ a bug. > Also, and of more immediate importance, is when I connect to the PDC and > view the shares. Regardless of what user I login as, I see the standard > list of shares, and the 'root' share (home directory for root). oh dear, that is wrong. what clients? From lkcl at samba.org Thu Apr 27 06:25:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: smbpasswd segmentation fault In-Reply-To: <20000426220649.A29297@shadowland.sc> Message-ID: > G E N E R A L > * * * * * * * * > ------------- > OS : linux (redhat 6.2b) > ------------- > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > ------------- > CVS-Branch : SAMBA_TNG > ------------- > Version/Date:today (how can I retrive the time of the last update ?) > ------------- > Error Type : reproduceable > ------------- > Short Desc. : segmentation fault with smbpasswd > ------------- > Trigger : smbpasswd -D 100 jens > ------------- > Solution : smbpasswd -r $SERVER -D 100 jens > ------------- > S P E C I A L > * * * * * * * * > > ------------- > smbpasswd : old > ------------- > shadowland:[~/Mail/old] #smbpasswd -D 100 jens > New SMB password: > Retype new SMB password: > search by name: jens > startfileent: opening file /usr/local/etc/samba/private/smbpasswd > get_number: > 1007:709268F7E90C9933B343EE1EAD7651B1:FED80CF9F6BE1E02C2DC6A29DACE36B4:[W > ]:LCT-38F87EEF: -> 1007 > getsmbfilepwent: returning passwd entry for unix user shadowland$, unix uid > 1007 > unixuser:shadowland$ uid:1007 acb:80 > pwdb_smb_map_names: unix shadowland$ nt NULL unix 1007 nt-1 > lookupsmbpwnam: unix user name shadowland$ > lookupsmbpwuid: unix uid 1007 > initialising map /usr/local/etc/samba/domainuser.map > file_modified: /usr/local/etc/samba/domainuser.map modified > load_name_map: Scanning name map /usr/local/etc/samba/domainuser.map > Read line |root=administrator| > make_name_entry:,administrator,root > unix_name_to_nt_name_info: unix_name:root > unix_name_to_nt_name_info: unix gid:0 > map_domain_name_to_sid: overriding blank name to > Segmentation fault > jens, thanks, i tried to avoid calling all this code inside smbpasswd, in the end decided to suggest people use samedit instead From lkcl at samba.org Thu Apr 27 06:25:45 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: smbpasswd segmentation fault In-Reply-To: <20000426220649.A29297@shadowland.sc> Message-ID: great report format! On Thu, 27 Apr 2000, Jens Skripczynski wrote: > Hi, > > I'm using the latest cvs and try to update my user password: > > G E N E R A L > * * * * * * * * > ------------- > OS : linux (redhat 6.2b) > ------------- > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > ------------- > CVS-Branch : SAMBA_TNG > ------------- > Version/Date:today (how can I retrive the time of the last update ?) > ------------- > Error Type : reproduceable > ------------- > Short Desc. : segmentation fault with smbpasswd > ------------- > Trigger : smbpasswd -D 100 jens > ------------- > Solution : smbpasswd -r $SERVER -D 100 jens > ------------- > > S P E C I A L > * * * * * * * * > > ------------- > smbpasswd : old > ------------- > shadowland:[~/Mail/old] #smbpasswd -D 100 jens > New SMB password: > Retype new SMB password: > search by name: jens > startfileent: opening file /usr/local/etc/samba/private/smbpasswd > get_number: > 1007:709268F7E90C9933B343EE1EAD7651B1:FED80CF9F6BE1E02C2DC6A29DACE36B4:[W > ]:LCT-38F87EEF: -> 1007 > getsmbfilepwent: returning passwd entry for unix user shadowland$, unix uid > 1007 > unixuser:shadowland$ uid:1007 acb:80 > pwdb_smb_map_names: unix shadowland$ nt NULL unix 1007 nt-1 > lookupsmbpwnam: unix user name shadowland$ > lookupsmbpwuid: unix uid 1007 > initialising map /usr/local/etc/samba/domainuser.map > file_modified: /usr/local/etc/samba/domainuser.map modified > load_name_map: Scanning name map /usr/local/etc/samba/domainuser.map > Read line |root=administrator| > make_name_entry:,administrator,root > unix_name_to_nt_name_info: unix_name:root > unix_name_to_nt_name_info: unix gid:0 > map_domain_name_to_sid: overriding blank name to > Segmentation fault > > --------------------------------------------------- > > So it is possible to change the password if I submit a Password Server. > But just using the prompt smbpasswd fails. > > > Ciao > > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > > Computers are like airconditioners: They stop working > properly if you open windows. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From dominik.kubla at uni-mainz.de Thu Apr 27 06:10:14 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated In-Reply-To: ; from lkcl@samba.org on Wed, Apr 26, 2000 at 06:16:07PM +1000 References: Message-ID: <20000427081014.B22882@uni-mainz.de> On Wed, Apr 26, 2000 at 06:16:07PM +1000, Luke Kenneth Casson Leighton wrote: ... > uh... now you're in trouble :) on NT, the *local group*, Administrators, > is made a member of the "Domain Admins" domain group. > > this is not possible in unix [to make a group a member of a group]. Not entirely true: this is how NIS netgroups have been used for ages. Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From lkcl at samba.org Thu Apr 27 06:42:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated In-Reply-To: <20000427081014.B22882@uni-mainz.de> Message-ID: On Thu, 27 Apr 2000, Dominik Kubla wrote: > On Wed, Apr 26, 2000 at 06:16:07PM +1000, Luke Kenneth Casson Leighton wrote: > ... > > uh... now you're in trouble :) on NT, the *local group*, Administrators, > > is made a member of the "Domain Admins" domain group. > > > > this is not possible in unix [to make a group a member of a group]. > > Not entirely true: this is how NIS netgroups have been used for ages. *whew*, excellent. From simo.sorce at polimi.it Thu Apr 27 07:51:17 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:36 2003 Subject: Samba+NT+OS/2 References: <200004261845.e3QIjdX04679@relay.flashnet.it> Message-ID: <3907F175.ADB65E1E@polimi.it> Andrea Venturoli wrote: > > Hello. > > I'm not sure this is the correct place to write, if it's not I apologize and ask where > should I send this question. > > My network has (amongst others) the following machines: > _ UGO: running Samba 2.0.6 on FreeBSD 4.0, providing WINS server, some shares and acting as > my PDC; > _ XANATAR: an OS/2 4.0 machine which provides some shares; > _ RADIO: an NT 4.0SP3 machine which only act as a client. > > Both RADIO and XANATAR can autenticate either locally or on the PDC correctly, problem > arises if from RADIO I logon using domain authentication and try to access XANATAR, > particularly: > > I can see XANATAR in the browse list, but if I click on it I get an "Access Denied" message > (it might not be the exact string you might see, my NT is in Italian and I'm translating > back to English so you all can understand); if I manually connect to a specific service on > xanatar (e.g. by assigning a drive letter to it and typing the full service name, or issuing > a DIR \\XANATAR\service at the prompt) it works almost fine: in the past I had some problem > running Access or any ODBC application on an MDB file on XANATAR, but lately it looks like > it works (possibly since I upgraded from 2.0.5 to 2.0.6). > > If I logon locally on RADIO, then I have no problem at all. > > Bye & Thanks > av. I had the same problem some months ago while setting up samba 2.0.x as PDC. (Remember PDC functionality is here but not supported). I think that NT clients in a domain ask a PDC to authenticate network request. And I suppose samba 2.0.x is not able to authenticate a machine on another's request. In fact not only I was not able to get shares between clients, but I was not able to launch AT commands between clients, nor using the admin's domain\username + password neither using the local admin's password. As I had the need to use more than one server I had to switch to an NT PDC (little P200) + samba server for share. I hope I will be able to switch to 3.0 + TNG as soon they are stable enough. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From dgc at uchicago.edu Thu Apr 27 08:10:35 2000 From: dgc at uchicago.edu (David Champion) Date: Tue Dec 2 02:29:36 2003 Subject: Cannot log on: C000019B Message-ID: <20000427031035.N14031@smack.uchicago.edu> Trying to log into a workstation controlled by a Samba "PDC", NT gives me an error: The system can not log you on (C000019B). Please try again or consult your system administrator. I'm running 2.0.7 on Solaris 8. This didn't happen with my previous Samba build, taken from the CVS on March 23. I'm assuming that 0xC000019B is an error code handed to NT by Samba. I recognize 0xC0000000 as the base number for many conditions, but 0x19B (411) does not compute. It's identified in include/nterr.h as NT_STATUS_DOMAIN_TRUST_INCONSISTENT. I'm willing to buy that this might be my trouble, but I can't find any spot in Samba that issues (0xC0000000 | NT_STATUS_DOMAIN_TRUST_INCONSISTENT). There are some odd issues in my build (I'm authenticating from our campus qi server), so I don't expect any definite solutions from the list. But can someone please help me to identify the meaning of this error message, so I can find what I need to fix? Thanks. -- -D. dgc@uchicago.edu "The beaver's powerful jaws are capable of felling ENSA FORCE/ blue spruce in less than ten minutes and proved, TEAM NETSEC needless to say, more than a match for the tender U of Ill, Hyde Park limbs of America's favorite homemaker." From Olivier.Brousselle at univ-lehavre.fr Thu Apr 27 06:24:10 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:36 2003 Subject: [TNG] tool for integrity of smbpasswd file ? Message-ID: <3907DD0A.DDA59979@univ-lehavre.fr> Hi all, Description of my domain : 50 workstations 1 PDC with Slackware Linux 7.0 (kernel 2.2.13), Samba TNG 0.1, egcs 2.91.66. At least 1200 users I had a strange problem. Last tuesday, my domain was available at 2h00 PM, and not at 3h00 PM. I've tried to migrate accounts to a new server with TNG 2.4.1. Config files was the same, /etc/passwd and /etc/shadow form the first server. And smbpasswd file too. On the new server, (slackware 7.0, kernel 2.3.48), smbclient //NEW_SERVER/user -U user work, but no connection from a workstation to the domain. The message was : The domain is unavailable. Yesterday, i've tried to recreate entierly the smbpasswd file. And it work !!! My question is : Is there a program to test the integrety of the smbpasswd file, like pwck to test /etc/passwd and /etc/shadow on linux ? Olivier. From dgc at uchicago.edu Thu Apr 27 08:29:05 2000 From: dgc at uchicago.edu (David Champion) Date: Tue Dec 2 02:29:36 2003 Subject: Cannot log on: C000019B In-Reply-To: <20000427031035.N14031@smack.uchicago.edu>; from dgc@uchicago.edu on Thu, Apr 27, 2000 at 06:12:13PM +1000 References: <20000427031035.N14031@smack.uchicago.edu> Message-ID: <20000427032905.O14031@smack.uchicago.edu> On 2000.04.27, in <20000427031035.N14031@smack.uchicago.edu>, "David Champion" wrote: > Trying to log into a workstation controlled by a Samba "PDC", NT gives > me an error: > The system can not log you on (C000019B). Please try again or > consult your system administrator. > > I'm running 2.0.7 on Solaris 8. This didn't happen with my previous > Samba build, taken from the CVS on March 23. Actually, I see the solution in the FAQ, but I wonder why this occurred. Does it happen any time I change versions, or only when jumping from development code to release? (And why, if you don't mind?) Thanks, and sorry for the trouble. -- -D. dgc@uchicago.edu "The beaver's powerful jaws are capable of felling ENSA FORCE/ blue spruce in less than ten minutes and proved, TEAM NETSEC needless to say, more than a match for the tender U of Ill, Hyde Park limbs of America's favorite homemaker." From lkcl at samba.org Thu Apr 27 08:43:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: [TNG] tool for integrity of smbpasswd file ? In-Reply-To: <3907DD0A.DDA59979@univ-lehavre.fr> Message-ID: do you have the original? On Thu, 27 Apr 2000, Olivier Brousselle wrote: > Hi all, > > Description of my domain : > > 50 workstations > 1 PDC with Slackware Linux 7.0 (kernel 2.2.13), Samba TNG 0.1, > egcs 2.91.66. > At least 1200 users > > I had a strange problem. Last tuesday, my domain was available at 2h00 > PM, > and not at 3h00 PM. I've tried to migrate accounts to a new server with > TNG 2.4.1. Config files was the same, /etc/passwd and /etc/shadow form > the > first server. And smbpasswd file too. > > On the new server, (slackware 7.0, kernel 2.3.48), smbclient > //NEW_SERVER/user -U user > work, but no connection from a workstation to the domain. The message > was : > The domain is unavailable. > > Yesterday, i've tried to recreate entierly the smbpasswd file. And it > work !!! > > My question is : > > Is there a program to test the integrety of the smbpasswd file, like > pwck to > test /etc/passwd and /etc/shadow on linux ? > > > Olivier. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu Apr 27 08:44:05 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: Cannot log on: C000019B In-Reply-To: <20000427032905.O14031@smack.uchicago.edu> Message-ID: SID probably changed. On Thu, 27 Apr 2000, David Champion wrote: > On 2000.04.27, in <20000427031035.N14031@smack.uchicago.edu>, > "David Champion" wrote: > > Trying to log into a workstation controlled by a Samba "PDC", NT gives > > me an error: > > The system can not log you on (C000019B). Please try again or > > consult your system administrator. > > > > I'm running 2.0.7 on Solaris 8. This didn't happen with my previous > > Samba build, taken from the CVS on March 23. > > Actually, I see the solution in the FAQ, but I wonder why this > occurred. Does it happen any time I change versions, or only when > jumping from development code to release? (And why, if you don't > mind?) > > Thanks, and sorry for the trouble. > > -- > -D. dgc@uchicago.edu "The beaver's powerful jaws are capable of felling > ENSA FORCE/ blue spruce in less than ten minutes and proved, > TEAM NETSEC needless to say, more than a match for the tender > U of Ill, Hyde Park limbs of America's favorite homemaker." > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From sharpe at ns.aus.com Thu Apr 27 11:24:29 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:36 2003 Subject: What is this? TNG now 23MB of source and takes at least 10mins to compile on my LapTop :-( Message-ID: <3.0.6.32.20000427202429.00930db0@203.16.214.248> Hi, how big is TNG going to get? It is now 23MB of source, and takes at least 10 minutes to compile on my LapTop! Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lkcl at samba.org Thu Apr 27 09:22:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: What is this? TNG now 23MB of source and takes at least 10mins to compile on my LapTop :-( In-Reply-To: <3.0.6.32.20000427202429.00930db0@203.16.214.248> Message-ID: 10 mins? you're really lucky. > how big is TNG going to get? > > It is now 23MB of source, and takes at least 10 minutes to compile on my > LapTop! > take off 3mb for unicode_map_table.h. From lkcl at samba.org Thu Apr 27 10:52:56 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:36 2003 Subject: netlogond 95%cpu Message-ID: olivier reports netlogond going into a tizzy, if you do not successfully get a login prompt in under 10 seconds once joined to the domain, this is likely to be happening. description: when first joining, nt client likes to set password to random value (from well-known one, using well-known one as key to random one. pointless, really). consequences: if this fails, ALL subsequent logins fail. end of story. i asked olivier to check that he has unique usernames / group names across his entire unix pwdb, this could be causing netlogond to go into an infinite loop somewhere. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Olivier.Brousselle at univ-lehavre.fr Thu Apr 27 11:13:09 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:36 2003 Subject: netlogond 95%cpu References: Message-ID: <390820C5.AD98D664@univ-lehavre.fr> Luke Kenneth Casson Leighton a ?crit : > > olivier reports netlogond going into a tizzy, if you do not successfully > get a login prompt in under 10 seconds once joined to the domain, this is > likely to be happening. > > description: when first joining, nt client likes to set password to random > value (from well-known one, using well-known one as key to random one. > pointless, really). > > consequences: if this fails, ALL subsequent logins fail. end of story. > > i asked olivier to check that he has unique usernames / group names across > his entire unix pwdb, this could be causing netlogond to go into an > infinite loop somewhere. I've checked my password files and group file. Result is unique usernames, unique group names. And logins are different of group name. A question, is there a forked function in netlogond program. I think it's possible that my compiler may not compile as well this part of Samba. My compiler is egcs 2.91.66. From ml.ventu at flashnet.it Thu Apr 27 18:47:38 2000 From: ml.ventu at flashnet.it (Andrea Venturoli) Date: Tue Dec 2 02:29:36 2003 Subject: Samba+NT+OS/2 Message-ID: <200004271148.e3RBm9H07909@relay.flashnet.it> ** Reply to note from simo.sorce@polimi.it Thu, 27 Apr 2000 17:53:48 +1000 > I think that NT clients in a domain ask a PDC to authenticate network > request. > And I suppose samba 2.0.x is not able to authenticate a machine on > another's request. Well, OS/2 clients should do the same, but they can access each other's share even if they logon to the domain. Bye & Thanks av. From sharpe at ns.aus.com Thu Apr 27 04:58:40 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:36 2003 Subject: Samba-TNG 2.5 works for me Message-ID: <3.0.6.32.20000427135840.0092e510@203.16.214.248> Hi, While on my way back from Sydney to Adelaide, I downloaded Samba TNG 2.5 while in the Qantas Club lounge and built it. Now, sitting at 33,000 feet, I have given it a try, and it works for me. My first test was loging on from my VMware VM running Win95. Since it now works that far, I will give printing a try, and if that works, I can use TNG for everything. Hmmmm, printing does not work. I am having problems with lp_printcommand returning a string the does not have %p in it, so the print command does not get assembled properly. Will keep working on it. Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From sharpe at ns.aus.com Thu Apr 27 05:24:20 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:36 2003 Subject: Samba-TNG 2.5 and printing Message-ID: <3.0.6.32.20000427142420.009395e0@203.16.214.248> Hi, I have looked further at the printing problem I am seeing with TNG 2.5. It occurs with at least Win95 clients. Is anyone else seeing it? What I am seeing is that the "print command = lpr -r -P%p %s", but when this is retrieved by lp_printcommand(snum) it comes back as "lpr -r -P %s". A quick hack to code print command to the above string in printing/printing.c makes it work, so now I have to look further and figure out what is going wrong. Will look at it tomorrow. Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From ralf at is.rice.edu Thu Apr 27 15:53:52 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:36 2003 Subject: undefined symbol Message-ID: Hello samba team! Please help me with this problem. I'm getting the following error when compiling SAMBA_TNG_2_5_GOOD. Actually, I got the same error when compiling the latest TNG from the cvs archive from yesterday morning: Linking bin/smbd Undefined first referenced symbol in file automount_lookup bin/.libs/libsamba.so ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd *** Error code 1 make: Fatal error: Command failed for target `bin/smbd' This is, naturally, configured with automount. If I ommit the --with-automount parameter, it compiles cleanly but, (probably unrelated but more important), I can't get the NT workstations to join the domain, and I get segmentation faults when I use smbpasswd to change user passwords. If I use smbclient to connect to the server with "\\sambaserver\share -U" it prompts for a password, but then I get a "failed session setup" message. I can login with samedit as root and as myself, but not much else. I've had samba-2.0.6 running for a good while as a PDC for file and print sharing and domain logons, so I'm not quite "new to samba". I know that the password file format for the TNG release has changed, and I followed the indications in Lars' page to set the accounts, but once the accounts are created, how do you reset the passwords? With release 2.0.6 you use the smbpasswd -a -m machinname command to do it. With TNG, what is the procedure? I'm running on a Solaris 2.6 and compiling with gcc. Part of the smb.conf file follows: [global] workgroup = BOSANOVA_TNG server string = Samba Server TNG %v netbios name = sulphur encrypt passwords = yes security = user log level = 1 log file = /usr/site/samba-cvs/var/logs/log.%m_%U max log size = 100 socket options = TCP_NODELAY printcap name = /etc/printcap logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes local master = yes time server = yes dns proxy = No wins support = Yes hosts allow = 128.42. 127.0.0.1 domain group map = /opt2/samba-cvs/sunos5/lib/domaingroup.map user name map = /opt2/samba-cvs/sunos5/lib/username.map local group map = /opt2/samba-cvs/sunos5/lib/localgroup.map domain user map = /opt2/samba-cvs/sunos5/lib/domainuser.map Please help! Thanks; Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- From abrock at georgefox.edu Thu Apr 27 13:59:19 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:36 2003 Subject: Core dump on Solaris 2.7 with latest CVS ... In-Reply-To: Message-ID: <4.2.2.20000427080353.00a273c0@localhost> At 10:55 PM 4/26/00 -0700, lkcl@samba.org wrote: >On Thu, 27 Apr 2000, Anthony Brock wrote: > >> When connecting to other servers (which are domain members, running > >Samba > >> 2.0.6a), I am only able to connect if my username and password are > >> identical in the LOCAL smbpasswd file of THAT machine. If I already > >have > >> an account on the machine, but no smbpasswd entry, or if I have an > >entry > >> but a different password, I cannot connect. > >this is the correct behaviour if you just connect as user. > >yes. what happens if you connect as DOMAIN\user not just user? if *that* >is doing the same thing _that's_ a bug. Hmmm, not certain how to check this from a Win98 or Win95 machine (the campus I am currently at does not have WinNT Workstations). What strikes me as wrong is that we are logged into the domain (at least, as far as Windows 95/98 is capable), and it seems like Samba (2.0.6/2.0.7) should be checking the passwords against the domain controller (since we have 'security = DOMAIN' directive). > > >> Also, and of more immediate importance, is when I connect to the PDC > >and > >> view the shares. Regardless of what user I login as, I see the > >standard > >> list of shares, and the 'root' share (home directory for root). > >oh dear, that is wrong. what clients? These are Windows 95 and Windows 98. Again, this week I do not have any Windows NT clients available. Tony ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From anders at aae.wisc.edu Thu Apr 27 17:03:35 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:36 2003 Subject: Samba Coredumping (fwd) Message-ID: <200004271703.MAA25130@pug.aae.wisc.edu> I originally sent this one to technical, however it seems that noone responded to it / read it so I'm posting it here. --Anders ----- Forwarded message from Anders C. Thorsen ----- Message-Id: <200004270615.BAA12608@pug.aae.wisc.edu> Errors-To: listproc-errors@samba.org Reply-To: anders@aae.wisc.edu Originator: samba-technical@samba.org Sender: samba-technical@samba.org Samba TNG CVS from Apr 27 01:00:00 CST does not work when you do not have a smb.conf file present. [I.E behaves badly :) ] traced this down to params/params.c. Please see attached fix_params.c.diff apply _simple_ patch to params/params.c --Anders Content-Description: /home/anders/fix_params.c.diff [Attachment, skipping...] ----- End of forwarded message from Anders C. Thorsen ----- From trevor at steinmetznet.com Thu Apr 27 17:17:24 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: What is this? TNG now 23MB of source and takes at least 10minsto compile on my LapTop :-( References: <3.0.6.32.20000427202429.00930db0@203.16.214.248> Message-ID: <39087624.CE6175CE@steinmetznet.com> Ten minutes? It takes almost two hours on my 486/33 that I am using as a test server. But when you consider that NT Server would not even run on said box... I'll live with compile times. Richard Sharpe wrote: > Hi, > > how big is TNG going to get? > > It is now 23MB of source, and takes at least 10 minutes to compile on my > LapTop! > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Co-author, SAMS Teach Yourself Samba in 24 Hours > Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course > Author: First Australian 2-day, intensive, hands-on Samba course From pjdc at eircom.net Thu Apr 27 18:22:55 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated In-Reply-To: "Jamie ffolliott"'s message of "Thu, 27 Apr 2000 10:05:40 +1000" References: Message-ID: >>>>> "Jamie" == Jamie ffolliott writes: >> The effect of adding a user to the DOMAIN\Administrators group >> is that they would be local admins of the domain controllers >> only. It's not necessary for normal operation, and I don't >> think it's done much, unless you trust people with your DCs but >> not your SQL servers. Jamie> Hmm? Adding a user to DOMAIN\Administrators group means Jamie> that user will be a local admin of all the PDC and it's Jamie> BDC's, *as well* as a local admin on the workstations Jamie> joined to this domain (by default). It's done very often Jamie> because it's Microsoft's default when the workstation joins Jamie> the domain. No. If you add a user to the DOMAIN\Administrators local group, they will only have admin rights to the domain controllers. A user must be added to DOMAIN\Domain Admins to have admin rights to all the machines in the domain. The local groups in the domain have *nothing* to do with the local groups on the workstations. Jamie> If you trust people with your DC's then you inherently Jamie> trust them with your SQL servers if you don't remove the Jamie> Domain\Administrators group from the Jamie> Workstation\Administrators group on the server SQLServ runs Jamie> on, but why would you bother since the domain admins are Jamie> already trusted to administer your domain? This was a facetious example designed to illustrate the effects of adding a user to DOMAIN\Administrators. It wasn't meant as anything else, and I acknowledged that it was an unlikely scenario. Note also that you *can't* put DOMAIN\Administrators into another group; it's a *local* group. The group that goes into WORKSTATION\Administrators is DOMAIN\Domain Admins. Jamie> Sorry.. you didn't make sense there ;) The point I used the example to illustrate is correct. I also made a statement that DOMAIN\Domain Admins (as well as Domain Users and Domain Guests) are not added to the equivalent local groups on the domain controllers (i.e. in the domain SAM). In fact, they are. I checked today on a few NT domains. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Thu Apr 27 18:47:21 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated References: Message-ID: <39088B39.F6157765@kneschke.de> Paul J Collins wrote: > I also made a statement that DOMAIN\Domain Admins (as well as Domain > Users and Domain Guests) are not added to the equivalent local groups > on the domain controllers (i.e. in the domain SAM). In fact, they > are. I checked today on a few NT domains. Yes, i was checking this today too. I hope we mean the same! :-) It's a windows NT network only. If a add a user to \Administrators(which is shown as local group), and there after switch to the local domain(= workstation name) in usermanager for domains, the user isn't anymore in the local Administartors group. So it must be possible to do teh same with Samba TNG. At least it should be able to add a user to the Administrators group, without the need to modify the groups at the workstation. Am i right? Correct me if i'm wrong. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From trevor at steinmetznet.com Thu Apr 27 19:14:46 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: IT WORKS!!!! Message-ID: <390891A6.E7F4A9E5@steinmetznet.com> Hello, IT WORKS!!! Now that I have that out my system. Samba TNG 2.5 on a SuSE Linux 6.1 box. Everything appears to be completely funtional. I haven't run it through all it's paces yet, but I am logged into the domain, my profile is valid, my login script works, and I am local adminstrator on the box (I haven't installed User Manager for Domains yet so I don't know about Domain admin status). My startup script said something failed (it is not specific enough, I need to rewrite it), but everything appears to be working. I am going to have to search the logs to find out if one of the Daemons did not start. If so, I can't see what it could be affecting. The various domain related pocesses seem stable on the client box (I was having problems with earlier versions crashing lsass.exe (I think that was the name), and most of my services along with it when I was a member of the domain. Even if I wasn't logged into the domain). I still ahve testing to do, but at the most basic and important level... IT WORKS!!!! As a side note, it is a lot easier to debug this stuff when you are reading the right log files... I somehow missed it when TNG moved them into /usr/local/samba/var from /var/log. Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From trevor at steinmetznet.com Thu Apr 27 19:17:32 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: Almost forgot Message-ID: <3908924C.DF0581E6@steinmetznet.com> Hi again, Almost forgot. Thanks for linking to Lars' FAQ on the Samba.org site. It is much more helpful than the old Domain FAQ. Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From pjdc at eircom.net Thu Apr 27 19:29:28 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated In-Reply-To: Lars Kneschke's message of "Fri, 28 Apr 2000 05:02:32 +1000" References: <39088B39.F6157765@kneschke.de> Message-ID: >>>>> "Lars" == Lars Kneschke writes: Lars> Paul J Collins wrote: >> I also made a statement that DOMAIN\Domain Admins (as well as >> Domain Users and Domain Guests) are not added to the equivalent >> local groups on the domain controllers (i.e. in the domain >> SAM). In fact, they are. I checked today on a few NT domains. Lars> Yes, i was checking this today too. I hope we mean the same! Lars> :-) Lars> It's a windows NT network only. If a add a user to NT Domain>\Administrators(which is shown as local group), Lars> and there after switch to the local domain(= workstation Lars> name) in usermanager for domains, the user isn't anymore in Lars> the local Administartors group. So it must be possible to That is because the local groups on workstations and servers are distinct from the local groups in the domain. Local groups in the domain are of no relevance to domain members. Lars> do teh same with Samba TNG. At least it should be able to Lars> add a user to the Administrators group, without the need to Lars> modify the groups at the workstation. Am i right? Correct Lars> me if i'm wrong. I don't think Samba needs to support nesting of global groups in local groups in its own SAM. The nesting support on the workstations and servers is all you need for the domain to operate correctly. Whenever you join a machine to a domain, the global groups "Domain Admins", "Domain Guests" and "Domain Users" get added to the workstations corresponding local groups (in fact, WSes can *only* have local groups). That is: Global group inserted into local group DOMAIN\Domain Admins WS\Administrators DOMAIN\Domain Guests WS\Guests DOMAIN\Domain Users WS\Users Since a workstation grants the right "Log on locally" to WS\Users by default, the insertion of DOMAIN\Domain Admins into WS\Users enables all domain users to log into that workstation. Global groups: * are only in the domain SAM * can only contain users Local groups: * are in both the domain SAM and domain members' SAMs * can contain users and/or global groups Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kevinc at grainsystems.com Thu Apr 27 19:40:11 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated References: <39088B39.F6157765@kneschke.de> Message-ID: <3908979B.87FBA2D5@grainsystems.com> Maybe it's just me, but you lost me here. Your statements seem to contradict each other. Why do you think this is not needed? Paragraphs 2 and down seem to indicate it _is_ needed. - Kevin Colby kevinc@grainsystems.com Paul J Collins wrote: > > I don't think Samba needs to support nesting of global groups in local > groups in its own SAM. The nesting support on the workstations and > servers is all you need for the domain to operate correctly. > > Whenever you join a machine to a domain, the global groups "Domain > Admins", "Domain Guests" and "Domain Users" get added to the > workstations corresponding local groups (in fact, WSes can *only* have > local groups). That is: > > Global group inserted into local group > > DOMAIN\Domain Admins WS\Administrators > DOMAIN\Domain Guests WS\Guests > DOMAIN\Domain Users WS\Users > > Since a workstation grants the right "Log on locally" to WS\Users by > default, the insertion of DOMAIN\Domain Admins into WS\Users enables > all domain users to log into that workstation. > > [...] From pjdc at eircom.net Thu Apr 27 20:28:16 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:36 2003 Subject: Samba TNG FAQ updated In-Reply-To: Kevin Colby's message of "Fri, 28 Apr 2000 05:42:04 +1000" References: <39088B39.F6157765@kneschke.de> <3908979B.87FBA2D5@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> Maybe it's just me, but you lost me here. Your statements Kevin> seem to contradict each other. Why do you think this is Kevin> not needed? Paragraphs 2 and down seem to indicate it _is_ Kevin> needed. It's not needed on Samba domain controllers. Since Unix can't nest groups, it would be tricky anyway. It *is* needed on domain members, but only NT ones, because it is how the user rights get granted to the domain users, etc. Samba does not have to do *anything* for it to work. All it has to do is provide the global groups, which it does. To see what I mean, log onto an NT workstation and open User Manager. Examine the local groups that are granted the right "Log on locally". Examine the global groups that are members of those local groups. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jahall at nea.org Thu Apr 27 21:44:15 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:36 2003 Subject: Compiling Latest NT Domain Controller Code Message-ID: I have downloaded the latest NT Domain controller code from the samba.org using the following command cvs -d :pserver:cvs@samba.org:/cvsroot co -r BRANCH_NTDOM samba When I completed the download I went to the directory I downloaded the files to /usr/src/samba and there is not a file named configure. I am running RedHat 6.1 and according to the instructions that I have, in order to compile the source, I must use ./configure followed by make and then make install. Have I just missed something here, am I downloading the source code incorrectly, etc? Thanks in advance for your assistance. Jay Hall From trevor at steinmetznet.com Thu Apr 27 21:52:09 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: Slow network connection Message-ID: <3908B689.E74CCD86@steinmetznet.com> Hello one more time today, Furthr testing has revealed only two issue so far, both of them minor. I cannot change passwords using the local machine (I believe this is a known issue, but I thought I'd bring it up), and whenever I sign on I get an "NT has detected a slow network connection, do you want to use your local profile or download it from the server?" message. When I click on download everything works fine and there is no real delay, but i always get the message. Maybe my poor little 486/33 test server just isn't providing the data as quickly as NT wants? Or is it an issue? I am not sure. Log. has a message "authorise_login: TODO. split function, it's 6 levels!", but I am thinking this is someone's reminder to themselves to smooth out code. Overall though, this a great product, thanks guys! Thank you, Trevor Antczak Technology Manager Steinmetz and Associates From trevor at steinmetznet.com Thu Apr 27 21:55:58 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: Compiling Latest NT Domain Controller Code References: Message-ID: <3908B76E.7E9DC9AD@steinmetznet.com> Umm.. try untarring and angzipping the source... tar -xzvf filename.tar.gz jahall@nea.org wrote: > I have downloaded the latest NT Domain controller code from the samba.org > using the following command > > cvs -d :pserver:cvs@samba.org:/cvsroot co -r BRANCH_NTDOM samba > > When I completed the download I went to the directory I downloaded the files > to /usr/src/samba and there is not a file named configure. > > I am running RedHat 6.1 and according to the instructions that I have, in > order to compile the source, I must use ./configure followed by make and then > make install. > > Have I just missed something here, am I downloading the source code > incorrectly, etc? > > Thanks in advance for your assistance. > > Jay Hall Thank you, Trevor Antczak Technology Manager Steinmetz and Associates From tom at ee.ucl.ac.uk Thu Apr 27 22:05:07 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:36 2003 Subject: Compiling Latest NT Domain Controller Code In-Reply-To: Message-ID: Hello, Use SAMBA-TNG instead of BRANCH-NTDOM. Alternatively you can download the alpha package from any of the samba mirror sites. I believe the latest TNG version is 2.5. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From trevor at steinmetznet.com Thu Apr 27 22:15:05 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:36 2003 Subject: Compiling Latest NT Domain Controller Code References: <3908B76E.7E9DC9AD@steinmetznet.com> Message-ID: <3908BBE9.42BE9FDC@steinmetznet.com> Ooops, cvs doesn't come as a tarball... sorry, I'll shut up now. Trevor Antczak wrote: > Umm.. try untarring and angzipping the source... > tar -xzvf filename.tar.gz > > jahall@nea.org wrote: > > > I have downloaded the latest NT Domain controller code from the samba.org > > using the following command > > > > cvs -d :pserver:cvs@samba.org:/cvsroot co -r BRANCH_NTDOM samba > > > > When I completed the download I went to the directory I downloaded the files > > to /usr/src/samba and there is not a file named configure. > > > > I am running RedHat 6.1 and according to the instructions that I have, in > > order to compile the source, I must use ./configure followed by make and then > > make install. > > > > Have I just missed something here, am I downloading the source code > > incorrectly, etc? > > > > Thanks in advance for your assistance. > > > > Jay Hall > > Thank you, > Trevor Antczak > Technology Manager > Steinmetz and Associates From jweber at math.cudenver.edu Thu Apr 27 22:20:30 2000 From: jweber at math.cudenver.edu (John Weber) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling Latest NT Domain Controller Code In-Reply-To: <3908B76E.7E9DC9AD@steinmetznet.com> Message-ID: It's in a sub directory named "source". cd there and build. John S. Weber System Administrator Center for Computational Mathematics University of Colorado at Denver Phone: (303)556-5394 Fax: (303)556-8550 jweber@math.cudenver.edu http://www-math.cudenver.edu/~jweber On Fri, 28 Apr 2000, Trevor Antczak wrote: > Umm.. try untarring and angzipping the source... > tar -xzvf filename.tar.gz > > jahall@nea.org wrote: > > > I have downloaded the latest NT Domain controller code from the samba.org > > using the following command > > > > cvs -d :pserver:cvs@samba.org:/cvsroot co -r BRANCH_NTDOM samba > > > > When I completed the download I went to the directory I downloaded the files > > to /usr/src/samba and there is not a file named configure. > > > > I am running RedHat 6.1 and according to the instructions that I have, in > > order to compile the source, I must use ./configure followed by make and then > > make install. > > > > Have I just missed something here, am I downloading the source code > > incorrectly, etc? > > > > Thanks in advance for your assistance. > > > > Jay Hall > > Thank you, > Trevor Antczak > Technology Manager > Steinmetz and Associates > From osabmt00 at fht-esslingen.de Thu Apr 27 23:27:38 2000 From: osabmt00 at fht-esslingen.de (Osama Abu-Aish) Date: Tue Dec 2 02:29:37 2003 Subject: password with special chars Message-ID: <200004272226.AAA19834@rslx01.fht-esslingen.de> hi out there, I tried to join a TNG-WKS to an NT4SP5 controlled Domain. Thereby I found some strange behaivor of smbpasswd: first: smbpasswd -a root -> entered passwd containing a number, let's say abcde1fg -> User root added blablablabla, everything looks fine. When trying to join the domain with rpcclient or samedit: use \\samba-wks -Uroot%abcde1fg -Wsamba-wks Connection: error connecting to 192.168.1.6:445 (Connection refused) failed session setup cli_net_use_add: connection failed FAILED then I - just for fun - tried without the "1": use \\samba-wks -Uroot%abcdefg -Wsamba-wks Connection: error connecting to 192.168.1.6:445 (Connection refused) session setup ok Domain=[NT-DOMAIN] OS=[Unix] Server=[Samba TNG-alpha] OK Then I su'ed to another user and tried smbpasswd -U root -r 192.168.1.6 old: abcde1fg new: something new: something error connecting to 192.168.1.6:445 (Connection refused) machine 192.168.1.6 rejected the password change: Error was : The specified password is invalid. Failed to change password for root again without "1" Password changed for user root then I did the following: smbpasswd -U root -r 192.168.1.6 (note that the account exists in smbpasswd now) old: valid passwd new: abcde1fg new: abcde1fg Password changed for user root and from now on abcde1fg is correctly accepted as password. What does this mean? Greetings, Osama --- Fachhochschule f?r Technik Esslingen Au?enstelle Goeppingen From mgeddes at xavier.sa.edu.au Thu Apr 27 23:09:27 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling Latest NT Domain Controller Code References: Message-ID: <3908C8A7.9DE7B5B@xavier.sa.edu.au> jahall@nea.org wrote: > > I have downloaded the latest NT Domain controller code from the samba.org > using the following command > > cvs -d :pserver:cvs@samba.org:/cvsroot co -r BRANCH_NTDOM samba > ftp://ftp.samba.org/pub/samba/alpha/ and grab the latest version. Picking a mirror local to yourself is good manners ;-). Matt -- Matthew Geddes Network Manager Xavier College Gawler, SA mgeddes@xavier.sa.edu.au "Our goal for the next release of Windows 2000 is to have zero bugs." - Lucovsky, Microsoft From sneakums at eircom.net Thu Apr 27 23:18:29 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:37 2003 Subject: Samba TNG FAQ updated In-Reply-To: Kevin Colby's message of "Thu, 27 Apr 2000 17:56:19 -0500" References: <39088B39.F6157765@kneschke.de> <3908979B.87FBA2D5@grainsystems.com> <3908C593.3C846159@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> Ah, this explains it. So essentially, NT is kludging Kevin> around the concept of importing the global groups by adding Kevin> them to local groups? Then I would agree. Thanks for the Kevin> clarification. The real problem occurs with the names they chose for the two types of group; they don't really describe their behaviour in any sensible fashion. All you can do, like learning irregular verbs, is bash it into your head repeatedly. Windows 2000, by the way, adds a new kind of group: the Universal group, which can contain users from any domain (as long as it is trusted by the domain the group is in) and can be nested arbitrarily. Universal groups are only applicable in "native mode", though. As usual, there are different restrictions on the names allowed for the three types of group. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sharpe at ns.aus.com Thu Apr 27 13:57:31 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain Message-ID: <3.0.6.32.20000427225731.0096a800@203.16.214.248> OK, I now have Win2K build 2128 joining a Samba TNG 2.5 domain ... When it does, it comes up with a dialog box prompting for a username and password on the domain that has privileges to join the domain or whatever. Is there any way to avoid this? Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From pjdc at eircom.net Fri Apr 28 00:44:35 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain In-Reply-To: Richard Sharpe's message of "Fri, 28 Apr 2000 10:07:58 +1000" References: <3.0.6.32.20000427225731.0096a800@203.16.214.248> Message-ID: >>>>> "Richard" == Richard Sharpe writes: Richard> OK, I now have Win2K build 2128 joining a Samba TNG 2.5 Richard> domain ... Richard> When it does, it comes up with a dialog box prompting for Richard> a username and password on the domain that has privileges Richard> to join the domain or whatever. Basically, create a user the same way as any other. The username should be the name of the machine with a $ appended. Samedit will create the special initial password (the machine name in lower case Unicode), which is changed by the machine as soon as it joins the domain. What may also work is creating the Unix account and entering root and root's password in the dialog; I haven't tried this with TNG myself yet. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From richard at ralimi.hypermart.net Fri Apr 28 02:26:55 2000 From: richard at ralimi.hypermart.net (Rich Alimi) Date: Tue Dec 2 02:29:37 2003 Subject: Samba PDC with a Windows 2000 client Message-ID: I have set up a Samba PDC using the pre-3.0 version of samba. (I last updated my source via cvs and recompiled samba this afternoon - Apr 27, 2000.) I have been having problems getting a Windows 2000 Professional client to join the domain. When I change the settings to join the domain, Windows asks me for a username and password with permission to join the domain. I have not seen any mention of this username/password prompt in documentation that I have found on the internet on both linuxworld.com and samba.org. When I create a user on the PDC and add the user to the smbpasswd file and try to enter that username/password combination in the dialog above, Windows returns a "procedure number out of range" error message. I have created the machine trust accounts using the following procedure ('ralimi', 'palimi', and 'laptop' are the computernames of the 3 windows 2000 clients): groupadd -g 800 nttrust useradd -u 801 -g nttrust -d /dev/null -s /bin/false ralimi$ useradd -u 802 -g nttrust -d /dev/null -s /bin/false palimi$ useradd -u 803 -g nttrust -d /dev/null -s /bin/false laptop$ smbpasswd -a -m ralimi smbpasswd -a -m palimi smbpasswd -a -m laptop I then rebooted the Linux machine, and once booted, I made sure that both smbd and nmbd were running. Then, on one of the Windows 2000 machines, I opened the System properties, then on the Network Identification page, I pressed Properties. I selected the Domain option, typed 'DOMAIN' in the edit box, then pressed OK. Then, I received the prompt for a username and password with permission to join the domain. I have also included the contents of my smb.conf file at the end of this message. Does anyone have any ideas as to what I am doing wrong? Thank you for your help, Rich Alimi richard@ralimi.hypermart.net AOL IM: RichAA31 ICQ#: 17843183 ------------------------------------- smb.conf ------------------------------------- [global] workgroup = DOMAIN server string = Domain Controller hosts allow = 192.168.1. 127. log file = /var/log/sambalog.%m max log size = 50 security = user encrypt passwords = yes smb passwd file = /etc/smbpasswd unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *Retype*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local master = yes os level = 65 domain master = yes preferred master = yes domain logons = yes logon path = \\%L\Profiles\%U logon drive = z: logon home = \\%L\Profiles\%U load printers = no [Profiles] path = /home/profiles browseable = yes writeable = yes public = no available = yes guest ok = no [netlogon] comment = NETLOGON service path = /home/netlogon public = no writeable = no browseable = yes locking = no force create mode = 0644 force directory mode = 0755 writelist = rich paul available = yes [homes] writeable = yes ------------------------------------------- From db at med-in.uni-sb.de Fri Apr 28 05:11:58 2000 From: db at med-in.uni-sb.de (Dr. Dieter Becker) Date: Tue Dec 2 02:29:37 2003 Subject: How to allow / disallow guest Message-ID: Sirs, I use Samba 2.0.7 as PDC and want to allow guest access (without passwords) to special regions of our server. If I use in smb.conf: map to guest = bad user then everone can look to the public regions of our server, but als everyone can logon on every workstation without any password. When I remove this line in smb.conf the behavior in our domain is ok, but nobody from outside can look to the server. How to setup samba for these two conditions: - Win_NT-Logons in our domain are only allowed for users with right passwords - Everyone else can look (write) to the pub regions of our samba server Thank you for your help Dieter Dr. med. Dipl.-Math. Dieter Becker Medizinische Universit?ts- und Poliklinik Innere Medizin III D66421 Homburg ----------------------------------------- Tel: 06841 16 3046 / -3077 Fax: 06841 16 3043 / -3385 Email: db@med-in.uni-sb.de From sharpe at ns.aus.com Thu Apr 27 14:15:40 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain In-Reply-To: References: <3.0.6.32.20000427225731.0096a800@203.16.214.248> Message-ID: <3.0.6.32.20000427231540.0096fa60@203.16.214.248> At 10:41 AM 4/28/00 +1000, Paul J Collins wrote: >>>>>> "Richard" == Richard Sharpe writes: > > Richard> OK, I now have Win2K build 2128 joining a Samba TNG 2.5 > Richard> domain ... > > Richard> When it does, it comes up with a dialog box prompting for > Richard> a username and password on the domain that has privileges > Richard> to join the domain or whatever. > >Basically, create a user the same way as any other. The username >should be the name of the machine with a $ appended. Samedit will >create the special initial password (the machine name in lower case >Unicode), which is changed by the machine as soon as it joins the >domain. Well, I did that. I used samedit to create the account win2000$. Then I went to the machine win2000 and joined the domain, but I still got the dialog box above, so I entered root and the root password, and eventually got the Welcome to the domain message. So, can I get rid of it? >What may also work is creating the Unix account and entering root and >root's password in the dialog; I haven't tried this with TNG myself >yet. > >Paul. > >-- >Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C >"Linux: it's just this operating system, you know?" Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lkcl at samba.org Fri Apr 28 06:31:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:37 2003 Subject: netlogond 95%cpu In-Reply-To: <390820C5.AD98D664@univ-lehavre.fr> Message-ID: > A question, is there a forked function in netlogond program. I think yes, just as there is in smbd. From lkcl at samba.org Fri Apr 28 06:36:05 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:37 2003 Subject: Samba-TNG 2.5 and printing In-Reply-To: <3.0.6.32.20000427142420.009395e0@203.16.214.248> Message-ID: thx richard, keep going. andrew rewrote the printing back-end. On Fri, 28 Apr 2000, Richard Sharpe wrote: > Hi, > > I have looked further at the printing problem I am seeing with TNG 2.5. It > occurs with at least Win95 clients. Is anyone else seeing it? > > What I am seeing is that the "print command = lpr -r -P%p %s", but when > this is retrieved by lp_printcommand(snum) it comes back as "lpr -r -P %s". > > A quick hack to code print command to the above string in > printing/printing.c makes it work, so now I have to look further and figure > out what is going wrong. > > Will look at it tomorrow. > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Co-author, SAMS Teach Yourself Samba in 24 Hours > Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course > Author: First Australian 2-day, intensive, hands-on Samba course > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Olivier.Brousselle at univ-lehavre.fr Fri Apr 28 07:01:02 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:37 2003 Subject: netlogond 95%cpu References: Message-ID: <3909372E.CDD5552A@univ-lehavre.fr> Luke Kenneth Casson Leighton a ?crit : > > > A question, is there a forked function in netlogond program. I think > > yes, just as there is in smbd. OK. I have another question for the list. How many users and stations have you ? My complete smbpasswd have at least 1300 lines (50 workstations and 1250 users). When a user log in, netlogon read smbpasswd file, and because it is very big, the 10 seconds limit is reached. If I reduce my smbpasswd to some users and workstations, no problem, domain is OK. Is anyone have more users and stations and haven't any problem ? Thanks Olivier. From sharpe at ns.aus.com Thu Apr 27 15:34:29 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:37 2003 Subject: Domain users under Win2K and Samba TNG Message-ID: <3.0.6.32.20000428003429.00971890@203.16.214.248> OK, How do I create a group, like Domain Users? I want to allow anyone who is logging onto the domain from Win2K to run net time \\server /s /y But they need the right to change the time on the Win2000 System. I would like to allow the group DOMAIN\Domain Users to do this. How do I create the group and add all users to it? Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lkcl at samba.org Fri Apr 28 07:53:08 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain In-Reply-To: <3.0.6.32.20000427225731.0096a800@203.16.214.248> Message-ID: On Fri, 28 Apr 2000, Richard Sharpe wrote: > OK, > > I now have Win2K build 2128 joining a Samba TNG 2.5 domain ... > > When it does, it comes up with a dialog box prompting for a username and > password on the domain that has privileges to join the domain or whatever. > > Is there any way to avoid this? NOPE!!!! never will be. using SRVMGR.EXE to join d toomains is potentially a serious security risk, and microsoft FINALLY realised this. especiallyy joining BDCs to a domain with SRVMGR.EXE, either there is a small window of opportunity or thre is a fake-up-a-netbios-name-way, it can be used to anonymously grab the entire SAM database. they removed the BDC problem from nt5 by removing the concept of BDCs [you can't *make* nt5 a BDC for an nt4 domain]. luke From lkcl at samba.org Fri Apr 28 07:57:44 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain In-Reply-To: <3.0.6.32.20000427231540.0096fa60@203.16.214.248> Message-ID: On Fri, 28 Apr 2000, Richard Sharpe wrote: > Well, I did that. I used samedit to create the account win2000$. Then I > went to the machine win2000 and joined the domain, but I still got the > dialog box above, so I entered root and the root password, and eventually > got the Welcome to the domain message. > > So, can I get rid of it? nope, and you don't want to. From lkcl at samba.org Fri Apr 28 07:58:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:37 2003 Subject: Win2K joining a Samba TNG 2.5 domain In-Reply-To: <3.0.6.32.20000427231540.0096fa60@203.16.214.248> Message-ID: > Well, I did that. I used samedit to create the account win2000$. Then I > went to the machine win2000 and joined the domain, but I still got the > dialog box above, so I entered root and the root password, and eventually > got the Welcome to the domain message. > > So, can I get rid of it? > you also don't _need_ to use samedit to create the account, NT5 automatically does that for you. From Jerome.Lefeuvre at iu-vannes.fr Fri Apr 28 08:14:49 2000 From: Jerome.Lefeuvre at iu-vannes.fr (Lefeuvre =?iso-8859-1?Q?J=E9r=F4me?=) Date: Tue Dec 2 02:29:37 2003 Subject: non-English NT help Message-ID: <39094879.D937627@iu-vannes.fr> Hi, I'm using samba as a PDC (cvs head branch) mid- july 99 with NT 4.0 workstations (SP6) Everything works fine so far except printing and oplock, Now i want to upgrade my CVS in Samba 2.0.7 but i don't kown where in se source i can modified the "BUILTIN names" for a "Non-English" version of Ms windows. Before it was in lib/util_pwdb.c. (I look in all the version of CVS now and i don't find this file except in SAMBA-TNG) Can anyone help me. Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: lefeuvre.vcf Type: text/x-vcard Size: 295 bytes Desc: Carte pour Lefeuvre Jérôme Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000428/62026095/lefeuvre.vcf From icoupeau at unav.es Fri Apr 28 10:58:20 2000 From: icoupeau at unav.es (Ignacio Coupeau) Date: Tue Dec 2 02:29:37 2003 Subject: ldap/tdb question Message-ID: <39096ECC.792C09E2@unav.es> After compiling the TNG (2.5) (linux 2.2.10) with "./configure --with-sam-pwdb=passdb --with-ldap", the logs shows that tdb stuff (tdb_read, tdb_fetch,...) is used. Is this correct? I think the passdb/ldap is skipped by tdb calls... true? Thanks, Ignacio -- ____________________________________________________ Ignacio Coupeau, Ph.D. e-mail: icoupeau@unav.es CTI, Director fax: 948 425619 University of Navarra voice: 948 425600 Pamplona, SPAIN http://www.unav.es/cti/ From Torsten.Werner at assyst-intl.com Fri Apr 28 16:29:43 2000 From: Torsten.Werner at assyst-intl.com (Torsten.Werner@assyst-intl.com) Date: Tue Dec 2 02:29:37 2003 Subject: Printing Problems Message-ID: <412568CF.005A9D12.00@caesar.assyst-intl.com> Dear all, I've 2 different problems in printing. My configuration: Samba 2.0.6 and 2.0.7 runs at HPUX 10.20, all clients are Windows NT Workstation, Service Pack 5 in German language. At the UNIX side are 2 different spoolers installed: the default HPUX printing system (similar System V) and a special spooler to control plotters. The first problem is: In Windows is a point to pause a printer (open the printer, menu Printer,pause printing). This point works, I'm able to disable a printer. Normally is a windows based printer marked as pausing after them and it is possible to restart it with the same menu point. A samba based printer will never marked as pausing and it is not possible to continue printing after stopping. To continue printing it is necessary to enable the printer at the UNIX command line. What is wrong? The second problem: I'm able to print over the second special printer spooler. but I can't see entries in the printer queue. I've written a small script to ask for the current spooler status with exactly the same output and result code like lpstat -o%p. I can see in log files that the script is called correctly. At UNIX the jobs are queued and printed correctly. I'm sure, I do a mistake. I'm not so experienced in samba. What is false? Thank you for help. Torsten Werner Torsten.Werner@assyst-intl.com My entries in smb.conf depends on printing: [global] guest account = pcguest encrypt passwords = Yes null passwords = Yes max log size = 50 domain logons = Yes preferred master = Yes domain master = Yes wins support = Yes socket options = TCP_NODELAY printing = HPUX print command = /usr/bin/lp -d%p -onb -oraw %s; rm %s min print space = 2000 printcap name = lpstat [printers] path = /var/tmp printable = yes guest ok = yes guest account = pcguest browseable = no # the following entry is a sample for the special plotter spooler: [SUMMIT] comment = Plotter printer = SUMMIT printable = yes browseable = yes guest ok = yes guest account = pcguest print command = /opt/sched/bin/LP %s PL=%p;rm %s lpq command = /opt/sched/bin/plotrep %p lprm command = /opt/sched/bin//DELJ %j lppause command = lpresume command = queuepause command = /opt/sched/bin/ACTQ SUMMIT N queueresume command = /opt/sched/bin/ACTQ SUMMIT Y path = /var/tmp read only = yes From rfs at aw.com.pl Fri Apr 28 17:20:21 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host Message-ID: <3909C855.3071BD96@aw.com.pl> What parameter should i set in "configure" cmd line to do the following: 1. compile samba-tng on one host (with faster CPU, bigger RAM, etc.). 2. move compiled source tree to another host in network. 3. perform "make install" on that host and start samba. regards, Rafa? From nord at cdt.luth.se Fri Apr 28 17:57:23 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:37 2003 Subject: config errors TNG 2.5 :-( Message-ID: <3909D103.F47F90D5@cdt.luth.se> Configured with, ./configure --prefix=/usr/local/samba_tng --with-ssl --with-sslinc=/usr/local/ssl --with-syslog --with-utmp as user root. on a disk with over 1GB free. uname -a Linux phoenix 2.2.14 #2 Mon Feb 7 00:58:17 CET 2000 i586 unknown actually AMD K6 - without the >32 MB SIG fault (even though the kernel says it has ;-) ) gcc --version egcs-2.91.66 Fails with [SNIP] checking for two-argument statfs with statfs.fsize member (4.4BSD and NetBSD)... no checking for two-argument statfs with struct fs_data (Ultrix)... no checking if large file support can be enabled no checking configure summary configure: error: summary failure. Aborting config tail -20 config.log configure: failed program was: #line 11264 "configure" #include "confdefs.h" #if defined(HAVE_LONGLONG) && (defined(HAVE_OFF64_T) || (defined(SIZEOF_OFF_T) && (SIZEOF_OFF_T == 8))) #include #else __COMPILE_ERROR_ #endif int main() { int i ; return 0; } configure:11306: gcc -o conftest -DHAVE_CRYPT_DECL -I/usr/local/ssl -O conftest.c -lssl -lcrypto -lreadline -ldl -lcrypt 1>&5 /usr/bin/ld: cannot open -lssl: No such file or directory collect2: ld returned 1 exit status configure: failed program was: #line 11302 "configure" #include "confdefs.h" #include "./tests/summary.c" -- Technology is a word that describes something that doesn't work yet. Douglas Adams From rfs at aw.com.pl Fri Apr 28 17:58:36 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: I don't know what's wrong :( Message-ID: <3909D14C.FA1335E1@aw.com.pl> I start each daemon using shell script, but netlogond, lsarpcd and samrd don't work. They do not create sockets in var/locks/.msrpc. Interesting is, that there's no error or warning msg in log files. They seem to just start and exit immediately. Below are output of my testparm and log.samrd. Am I so stupid to miss something obvious ? Help ! I read many good things about samba-tng after recent bug-fixes. It's hard to believe, that for most of you samba-tng works fine, and for me - not. thx for ANY help BTW: What the var/locks/unexpected.tdb file is for ? From mg at plum.de Fri Apr 28 18:07:13 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:37 2003 Subject: I don't know what's wrong :( References: <3909D14C.FA1335E1@aw.com.pl> Message-ID: <3909D351.91780D94@plum.de> Rafa? Szcze?niak schrieb: > > I start each daemon using shell script, but netlogond, lsarpcd > and samrd don't work. They do not create sockets in > var/locks/.msrpc. Interesting is, that there's no error or warning I think thats an error that can be ignored (guess its the same ones that want to write in /tmp/foo/bar) Can you use samedit ? (do a "samedit -S ." at the machine, then something like "createuser" or "ntlogin") regards, Michael From rfs at aw.com.pl Fri Apr 28 18:12:20 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: I don't know what's wrong :( Message-ID: <3909D484.B357C854@aw.com.pl> I start each daemon using shell script, but netlogond, lsarpcd and samrd don't work. They do not create sockets in var/locks/.msrpc. Interesting is, that there's no error or warning msg in log files. They seem to just start and exit immediately. Below are output of my testparm and log.samrd. Am I so stupid to miss something obvious ? Help ! I read many good things about samba-tng after recent bug-fixes. It's hard to believe, that for most of you samba-tng works fine, and for me - not. thx for ANY help BTW: What the var/locks/unexpected.tdb file is for ? -------------- next part -------------- Load smb config files from /usr/local/samba-tng/lib/smb.conf doing parameter log file = /usr/local/samba/var/log.%m doing parameter domain logons = yes doing parameter logon path = \\%N\profiles\%U doing parameter logon home = \\%N\%U doing parameter logon drive = z: doing parameter logon script = %U\startup.bat doing parameter nt acl support = yes doing parameter domain group map = /usr/local/samba/private/domaingroup.map doing parameter domain user map = /usr/local/samba/private/domainuser.map doing parameter local group map = /usr/local/samba/private/localgroup.map doing parameter wins support = no doing parameter wins server = 192.168.1.1 doing parameter name resolve order = wins bcast doing parameter domain master = yes doing parameter local master = no doing parameter preferred master = no doing parameter os level = 65 doing parameter time server = yes Processing section "[netlogon]" doing parameter path = /usr/local/samba/netlogon doing parameter fstype = ntfs doing parameter writable = no doing parameter locking = no doing parameter public = yes doing parameter browseable = yes doing parameter available = yes Processing section "[homes]" doing parameter writable = yes doing parameter fstype = ntfs doing parameter printable = no doing parameter public = no doing parameter create mode = 0640 doing parameter directory mode = 0750 doing parameter comment = Home directory doing parameter available = yes Processing section "[profiles]" doing parameter path = /usr/local/samba/profiles doing parameter fstype = ntfs doing parameter writable = yes doing parameter printable = no doing parameter public = yes doing parameter browsable = yes doing parameter comment = WinNT roaming profiles directory doing parameter available = yes pm_process() returned Yes Loaded services file OK. Press enter to see a dump of your service definitions # Global parameters [global] coding system = client code page = 852 workgroup = TEST netbios name = EUROPA netbios aliases = netbios scope = server string = Samba-TNG PDC interfaces = 192.168.1.20/255.255.255.0 bind interfaces only = Yes security = USER encrypt passwords = Yes update encrypted = No server schannel = False client schannel = False server ntlmv2 = Auto client ntlmv2 = False use rhosts = No hosts equiv = min passwd length = 5 map to guest = Never null passwords = Yes password server = smb passwd file = /usr/local/samba/private/smbpasswd sam directory = /usr/local/samba-tng/sam root directory = / passwd program = /bin/passwd passwd chat = "Enter OLD password" %o\n "Enter NEW password (max. 8 chars)" %n\n "Confirm NEW password" %n\n "Password has been changed" passwd chat debug = No username map = password level = 0 username level = 0 unix password sync = No restrict anonymous = No use rhosts = No log level = 10 syslog = 1 syslog only = No log file = /usr/local/samba/var/log.%m max log size = 5000 timestamp logs = No debug hires timestamp = No debug pid = No debug uid = No protocol = NT1 read bmpx = No read raw = Yes write raw = Yes nt smb support = Yes nt pipe support = Yes nt acl support = Yes announce version = 4.0 announce as = NT max mux = 50 max xmit = 65535 name resolve order = wins bcast max packet = 65535 max ttl = 259200 max wins ttl = 518400 min wins ttl = 21600 time server = Yes change notify timeout = 60 deadtime = 0 getwd cache = Yes keepalive = 300 lpq cache time = 5 max disk size = 0 max open files = 10000 read prediction = No read size = 16384 shared mem size = 1048576 socket options = TCP_NODELAY stat cache size = 50 load printers = Yes printcap name = /etc/printcap printer driver file = /usr/local/samba-tng/lib/printers.def nt forms file = /usr/local/samba-tng/lib/ntforms.def nt printer driver = /usr/local/samba-tng/lib strip dot = No character set = ISO8859-2 mangled stack = 50 stat cache = Yes trusted domains = trusting domains = local group map = /usr/local/samba/private/localgroup.map domain group map = /usr/local/samba/private/domaingroup.map builtin group map = builtin rid file = domain user map = /usr/local/samba/private/domainuser.map machine password timeout = 604800 add user script = delete user script = logon script = %U\startup.bat logon path = \\%N\profiles\%U logon drive = z: logon home = \\%N\%U domain logons = Yes os level = 65 lm announce = Auto lm interval = 60 preferred master = False local master = No domain master = True browse list = Yes dns proxy = Yes wins proxy = No wins server = 192.168.1.1 wins support = No wins hook = kernel oplocks = Yes oplock break wait time = 10 smbrun = /usr/local/samba-tng/bin/smbrun config file = preload = lock dir = /usr/local/samba-tng/var/locks default service = message command = dfree command = valid chars = remote announce = remote browse sync = socket address = 0.0.0.0 homedir map = time offset = 0 unix realname = No NIS homedir = No source environment = panic action = winbind uid = winbind gid = comment = path = alternate permissions = No revalidate = No username = guest account = user invalid users = valid users = admin users = read list = write list = force user = force group = read only = Yes create mask = 0744 force create mode = 00 security mask = -1 force security mode = -1 directory mask = 0755 force directory mode = 00 directory security mask = -1 force directory security mode = -1 inherit permissions = No guest only = No guest ok = No only user = No hosts allow = 192.168.1.0/255.255.255.0 hosts deny = status = Yes max connections = 0 min print space = 0 strict sync = No sync always = No write cache size = 0 printable = No postscript = No printing = bsd print command = lpr -r -P%p %s lpq command = lpq -P%p lprm command = lprm -P%p %j lppause command = lpresume command = queuepause command = queueresume command = printer name = printer driver = NULL printer driver location = default case = lower case sensitive = No preserve case = Yes short preserve case = Yes mangle case = No mangling char = ~ hide dot files = Yes delete veto files = No veto files = hide files = veto oplock files = map system = No map hidden = No map archive = Yes mangled names = Yes mangled map = browseable = Yes blocking locks = Yes fake oplocks = No locking = Yes oplocks = Yes level2 oplocks = Yes oplock contention limit = 2 posix locking = Yes strict locking = No share modes = Yes copy = include = exec = preexec close = No postexec = root preexec = root preexec close = No root postexec = available = Yes volume = fstype = NTFS set directory = No wide links = Yes follow symlinks = Yes dont descend = magic script = magic output = delete readonly = No dos filetimes = No dos filetime resolution = No fake directory create times = No vfs object = vfs options = [netlogon] path = /usr/local/samba/netlogon guest ok = Yes locking = No [homes] comment = Home directory read only = No create mask = 0640 directory mask = 0750 [profiles] comment = WinNT roaming profiles directory path = /usr/local/samba/profiles read only = No guest ok = Yes -------------- next part -------------- [2000/04/28 19:14:35, 1] msrpc/msrpcd.c:main(444) samrd version TNG-alpha started. Copyright Andrew Tridgell 1992-1999 doing parameter log file = /usr/local/samba/var/log.%m doing parameter domain logons = yes doing parameter logon path = \\%N\profiles\%U doing parameter logon home = \\%N\%U doing parameter logon drive = z: doing parameter logon script = %U\startup.bat doing parameter nt acl support = yes doing parameter domain group map = /usr/local/samba/private/domaingroup.map doing parameter domain user map = /usr/local/samba/private/domainuser.map doing parameter local group map = /usr/local/samba/private/localgroup.map doing parameter wins support = no doing parameter wins server = 192.168.1.1 doing parameter name resolve order = wins bcast doing parameter domain master = yes doing parameter local master = no doing parameter preferred master = no doing parameter os level = 65 doing parameter time server = yes [2000/04/28 19:14:35, 2] param/loadparm.c:do_section(2706) Processing section "[netlogon]" doing parameter path = /usr/local/samba/netlogon doing parameter fstype = ntfs doing parameter writable = no doing parameter locking = no doing parameter public = yes doing parameter browseable = yes doing parameter available = yes [2000/04/28 19:14:35, 2] param/loadparm.c:do_section(2706) Processing section "[homes]" doing parameter writable = yes doing parameter fstype = ntfs doing parameter printable = no doing parameter public = no doing parameter create mode = 0640 doing parameter directory mode = 0750 doing parameter comment = Home directory doing parameter available = yes [2000/04/28 19:14:35, 2] param/loadparm.c:do_section(2706) Processing section "[profiles]" doing parameter path = /usr/local/samba/profiles doing parameter fstype = ntfs doing parameter writable = yes doing parameter printable = no doing parameter public = yes doing parameter browsable = yes doing parameter comment = WinNT roaming profiles directory doing parameter available = yes [2000/04/28 19:14:35, 3] param/loadparm.c:lp_load(3072) pm_process() returned Yes [2000/04/28 19:14:35, 3] param/loadparm.c:lp_add_ipc(1792) adding IPC service From jahall at nea.org Fri Apr 28 18:18:42 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:37 2003 Subject: Problems Starting SAMBA Message-ID: I have downloaded and compiled the source code. I am starting the daemons manually since I do not have a script written yet. When I check the log.smb file, I am finding the following messages: [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) Failed to set socket option SO_KEEPALIVE (Error Socket operation on non-socke$ [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) Failed to set socket option SO_RCVBUF (Error Socket operation on non-socket) [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) Failed to set socket option SO_SNDBUF (Error Socket operation on non-socket) [2001/03/03 16:50:22, 1] smbd/files.c:file_init(151) file_init: Information only: requested 10000 open files, 1014 are available. [2001/03/03 16:50:22, 0] smbd/server.c:main(721) standard input is not a socket, assuming -D option Any ideas what I am doing wrong? Thanks in advance for your assistance. Jay Hall From anders at aae.wisc.edu Fri Apr 28 18:37:16 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:37 2003 Subject: Problems Starting SAMBA In-Reply-To: from "jahall@nea.org" at "Apr 29, 2000 04:21:18 am" Message-ID: <200004281837.NAA08286@pug.aae.wisc.edu> > I have downloaded and compiled the source code. I am starting the daemons > manually since I do not have a script written yet. > > When I check the log.smb file, I am finding the following messages: > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_KEEPALIVE (Error Socket operation on > non-socke$ > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option TCP_NODELAY (Error Socket operation on > non-socket) > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_RCVBUF (Error Socket operation on non-socket) > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_SNDBUF (Error Socket operation on non-socket) > [2001/03/03 16:50:22, 1] smbd/files.c:file_init(151) > file_init: Information only: requested 10000 open files, 1014 are available. > [2001/03/03 16:50:22, 0] smbd/server.c:main(721) > standard input is not a socket, assuming -D option > > Any ideas what I am doing wrong? Thanks in advance for your assistance. > Obviously you're a year ahead of the rest of us! (well.. almost :) The samba daemons should be started with the -D option which tells them that they are in 'daemon mode'. Without this option it assumes that the socket it stdin passed on from inetd. Are you running TNG or 2.0.7? --Anders From jboschee at flashcom.net Fri Apr 28 18:16:04 2000 From: jboschee at flashcom.net (Jeff Boschee) Date: Tue Dec 2 02:29:37 2003 Subject: Problem which may or may not be Samba related Message-ID: <20000428184840Z13093635-27273+17440@samba.org> Hello, I am running Redhat 6.1 on a Compaq Presario. with Samba 2.0.5a. I am using it as a PDC, which seems to work ok. The win98 clients can see the server, can log on to the server with the proper drives/shares being mapped, but can not open files from the server or run exe files located on the server. Navigating the server using network neighborhood is fine. When trying to run an exe it usually gives a "This device does not exist on the network reading drive L:" or some kind of time out issue. I've tried messing with the duplex on the netgear switch. Pinging the server is fine. My next step unless someone here can give me some more helpful advice is to try and isolate it to maybe a network card, cable, or the switch. I've also tried disabling the WINS and using strictly hosts and lmhosts, but get the same result. The setup includes the server and 2 win98 workstations and a dos station. I had this equipment setup at another location and it worked fine, I did run into this problem however, but changing network cables seemed to fix the problem, but not even that helps now. Thanks Jeff From pjdc at eircom.net Fri Apr 28 19:00:13 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host In-Reply-To: =?iso-8859-1?q?Rafa=B3_Szcze=B6niak's?= message of "Sat, 29 Apr 2000 03:21:39 +1000" References: <3909C855.3071BD96@aw.com.pl> Message-ID: >>>>> "Rafa?" == Rafa? Szcze?niak writes: Rafa?> What parameter should i set in "configure" cmd line to do Rafa?> the following: 1. compile samba-tng on one host (with Rafa?> faster CPU, bigger RAM, etc.). Rafa?> 2. move compiled source tree to another host in network. Rafa?> 3. perform "make install" on that host and start samba. If the hosts have the same OS and CPU, no special steps should be needed. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From rfs at aw.com.pl Fri Apr 28 19:36:06 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: I don't know what's wrong :( References: <3909D14C.FA1335E1@aw.com.pl> <001b01bfb145$65fc8150$2000a8c0@student.utwente.nl> Message-ID: <3909E826.2D1AAD7C@aw.com.pl> "F.W.J.Wiegerinck" wrote: > > The first time I run TNG, I had the same error. > I'm not sure but I think I fixed it by creating the lock > directory. Can you specify exact path of that directory ? Because i already have $SAMBA_PATH/var/locks. >The install doesn't made it automatic on my server. > > Sorry for my poor english. > > Frank Wiegerinck Rafa? From rfs at aw.com.pl Fri Apr 28 19:50:30 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: Problem which may or may not be Samba related References: <20000428184840Z13093635-27273+17440@samba.org> Message-ID: <3909EB86.3E0316C0@aw.com.pl> Jeff Boschee wrote: > > Hello, > I am running Redhat 6.1 on a Compaq Presario. with Samba 2.0.5a. I am using it as a PDC, which seems to work ok. The win98 clients can see the server, can log on to the server with the proper drives/shares being mapped, but can not open files from the server or run exe files located on the server. Navigating the server using network neighborhood is fine. When trying to run an exe it usually gives a "This device does not exist on the network reading drive L:" or some kind of time out issue. I've tried messing with the duplex on the netgear switch. Pinging the server is fine. My next step unless someone here can give me some more helpful advice is to try and isolate it to maybe a network card, cable, or the switch. I've also tried disabling the WINS and using strictly hosts and lmhosts, but get the same result. The setup includes the server and 2 win98 workstations and a dos station. I had this equipment setup at another location and it worked fine, I did run! into this problem however, but changing network cables seemed to fix the problem, but not even that helps now. > > Thanks > Jeff Please, send this mail with correctly wrapped lines. Reading line by line a little more comfortable, than reading the single loooooooong line of characters. thank you. rafa? From kf_bulk at nexus.v-wave.com Fri Apr 28 19:57:53 2000 From: kf_bulk at nexus.v-wave.com (Kurt Fitzner) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host In-Reply-To: <3909C855.3071BD96@aw.com.pl> Message-ID: What I have done with some success, is to use chroot in conjunction with nfs. I have a small Linux gateway (guardian), and my main Linux server (hack). I have guardian's root directory exported to hack via nfs. What I do when i want to compile samba on guardian is: 1) Run configure while actually logged into guardian. Theconfigure script has real problems with nfs. 2) While logged into hack, I switch directories into guardian's NFS mount point and do a 'chroot .' (have to be root). 3) Once I am 'chrooted', I am essentially using hack's CPU in guardian's installation. Every binary I run is from guardian, all the libraries that are loaded are from guardian. I can even 'su' into users on guardian that don't exist on hack. NFS and chroot can really be your friend. At this point, I do a make, and make install. Works likea charm. I sometimes have to remember not to try and run samba this way, since a chroot doesn't magically remap ethernet cards. :) Hope this helps. Kurt. On 28-Apr-00 Rafa³ Szcze¶niak wrote: > What parameter should i set in "configure" cmd line to do > the following: > 1. compile samba-tng on one host (with faster CPU, > bigger RAM, etc.). > > 2. move compiled source tree to another host in network. > > 3. perform "make install" on that host and start samba. > > regards, > Rafa³ From ralf at is.rice.edu Fri Apr 28 20:03:16 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:37 2003 Subject: I don't know what's wrong :( In-Reply-To: <3909D14C.FA1335E1@aw.com.pl> Message-ID: Well you're not alone. I too have a lot of problems getting TNG to work. I posted a couple of questions already and nobody has had the time to reply to them. Will have to use trial and error! Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- On Sat, 29 Apr 2000, [iso-8859-2] Rafa³ Szcze¶niak wrote: > I start each daemon using shell script, but netlogond, lsarpcd > and samrd don't work. They do not create sockets in > var/locks/.msrpc. Interesting is, that there's no error or warning > msg in log files. They seem to just start and exit immediately. > Below are output of my testparm and log.samrd. > Am I so stupid to miss something obvious ? Help ! > I read many good things about samba-tng after recent bug-fixes. > It's hard to believe, that for most of you samba-tng works > fine, and for me - not. > > thx for ANY help > > BTW: What the var/locks/unexpected.tdb file is for ? > From ralf at is.rice.edu Fri Apr 28 20:05:54 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:37 2003 Subject: Problems Starting SAMBA In-Reply-To: Message-ID: I'm having the same problem. Please Heelp!!!! Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- On Sat, 29 Apr 2000 jahall@nea.org wrote: > I have downloaded and compiled the source code. I am starting the daemons > manually since I do not have a script written yet. > > When I check the log.smb file, I am finding the following messages: > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_KEEPALIVE (Error Socket operation on > non-socke$ > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option TCP_NODELAY (Error Socket operation on > non-socket) > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_RCVBUF (Error Socket operation on non-socket) > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > Failed to set socket option SO_SNDBUF (Error Socket operation on non-socket) > [2001/03/03 16:50:22, 1] smbd/files.c:file_init(151) > file_init: Information only: requested 10000 open files, 1014 are available. > [2001/03/03 16:50:22, 0] smbd/server.c:main(721) > standard input is not a socket, assuming -D option > > Any ideas what I am doing wrong? Thanks in advance for your assistance. > > > > Jay Hall > From rfs at aw.com.pl Fri Apr 28 20:07:47 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host References: Message-ID: <3909EF93.5F1C9F97@aw.com.pl> Kurt Fitzner wrote: > > What I have done with some success, is to use chroot in conjunction with nfs. > > I have a small Linux gateway (guardian), and my main Linux server (hack). I > have guardian's root directory exported to hack via nfs. What I do when i > want to compile samba on guardian is: > > 1) Run configure while actually logged into guardian. Theconfigure script > has real problems with nfs. > > 2) While logged into hack, I switch directories into guardian's NFS mount > point and do a 'chroot .' (have to be root). > > 3) Once I am 'chrooted', I am essentially using hack's CPU in guardian's > installation. Every binary I run is from guardian, all the libraries that > are loaded are from guardian. I can even 'su' into users on guardian that > don't exist on hack. NFS and chroot can really be your friend. > > At this point, I do a make, and make install. Works likea charm. I > sometimes have to remember not to try and run samba this way, since a chroot > doesn't magically remap ethernet cards. :) > > Hope this helps. > > Kurt. Interesting solution. I have to try it. thank you. rafa? From ralf at is.rice.edu Fri Apr 28 20:08:40 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:37 2003 Subject: Problems Starting SAMBA In-Reply-To: <200004281837.NAA08286@pug.aae.wisc.edu> Message-ID: I start the daemons with the -D option and still do the same thing and I'm using TNG 2.5. Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- On Sat, 29 Apr 2000, Anders C. Thorsen wrote: > > I have downloaded and compiled the source code. I am starting the daemons > > manually since I do not have a script written yet. > > > > When I check the log.smb file, I am finding the following messages: > > > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > Failed to set socket option SO_KEEPALIVE (Error Socket operation on > > non-socke$ > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > Failed to set socket option TCP_NODELAY (Error Socket operation on > > non-socket) > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > Failed to set socket option SO_RCVBUF (Error Socket operation on non-socket) > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > Failed to set socket option SO_SNDBUF (Error Socket operation on non-socket) > > [2001/03/03 16:50:22, 1] smbd/files.c:file_init(151) > > file_init: Information only: requested 10000 open files, 1014 are available. > > [2001/03/03 16:50:22, 0] smbd/server.c:main(721) > > standard input is not a socket, assuming -D option > > > > Any ideas what I am doing wrong? Thanks in advance for your assistance. > > > > Obviously you're a year ahead of the rest of us! (well.. almost :) > The samba daemons should be started with the -D option which tells them > that they are in 'daemon mode'. Without this option it assumes that the > socket it stdin passed on from inetd. > > Are you running TNG or 2.0.7? > > --Anders > From sneakums at eircom.net Fri Apr 28 20:21:54 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host In-Reply-To: =?iso-8859-1?q?Rafa=B3_Szcze=B6niak's?= message of "Fri, 28 Apr 2000 21:43:25 +0200" References: <3909C855.3071BD96@aw.com.pl> <3909E9DD.DB68547F@aw.com.pl> Message-ID: >>>>> "Rafa?" == Rafa? Szcze?niak writes: Rafa?> And what if one is an old Pentium 166 MMX, and another's Rafa?> PII 333 ? These are a bit different platforms. But code you compile for a Pentium will run just fine on a PII. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jboschee at flashcom.net Fri Apr 28 20:25:18 2000 From: jboschee at flashcom.net (Jeff Boschee) Date: Tue Dec 2 02:29:37 2003 Subject: Problem which may or may not be samba related (repost) Message-ID: <20000428202532Z12621649-3940+17625@samba.org> Sorry, for that before, was using Opera. Hello, I am running Redhat 6.1 on a Compaq Presario. with Samba 2.0.5a. I am using it as a PDC, which seems to work ok. The win98 clients can see the server, can log on to the server with the proper drives/shares being mapped, but can not open files from the server or run exe files located on the server. Navigating the server using network neighborhood is fine. When trying to run an exe it usually gives a "This device does not exist on the network reading drive L:" or some kind of time out issue. I've tried messing with the duplex on the netgear switch. Pinging the server is fine. My next step unless someone here can give me some more helpful advice is to try and isolate it to maybe a network card, cable, or the switch. I've also tried disabling the WINS and using strictly hosts and lmhosts, but get the same result. The setup includes the server and 2 win98 workstations and a dos station. I had this equipment setup at another location and it worked fine, I did run into this problem however, but changing network cables seemed to fix the problem, but not even that helps now. Thanks Jeff From pjdc at eircom.net Fri Apr 28 20:33:31 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:37 2003 Subject: Compiling for use on another host In-Reply-To: Paul J Collins's message of "Sat, 29 Apr 2000 06:18:57 +1000" References: <3909C855.3071BD96@aw.com.pl> <3909E9DD.DB68547F@aw.com.pl> Message-ID: >>>>> "Paul" == Paul J Collins writes: Paul> But code you compile for a Pentium will run just fine on a Paul> PII. Doh! I got this the wrong way 'round. What I should have said is that a gcc on a PII is perfectly capable of generating code that will run perfectly well on a Pentium. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From rfs at aw.com.pl Fri Apr 28 20:30:46 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:37 2003 Subject: Problems Starting SAMBA References: Message-ID: <3909F4F6.3AAF3A1F@aw.com.pl> Alfredo Ramos wrote: > > I start the daemons with the -D option and still do the same thing and I'm > using TNG 2.5. I update samba-tng (and samba-main) every day, recently. Whether i use "-D" or not, results are the same: i can't get it to work. I'd try, use it and help sending possible bug reports with pleasure, but i can't do it with samba "out of order". The problem is also, that i did't see ANY error messages is logs. Not even in syslog ! I'm afraid i don't know sources so good, to just use gdb to check what's going on. I'm starting to think, i'm too stupid to play with cvs release (no problems with 2.0.5a as "PDC"). > > Al. > > --------------------------------------------------------------------------------- > | Alfredo Ramos > This space available for rent. | New Media & Student Computing > Get your product moving. Advertise here! | Rice University. > | Email: ralf@is.rice.edu > --------------------------------------------------------------------------------- > > On Sat, 29 Apr 2000, Anders C. Thorsen wrote: > > > > I have downloaded and compiled the source code. I am starting the daemons > > > manually since I do not have a script written yet. > > > > > > When I check the log.smb file, I am finding the following messages: > > > > > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > > Failed to set socket option SO_KEEPALIVE (Error Socket operation on > > > non-socke$ > > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > > Failed to set socket option TCP_NODELAY (Error Socket operation on > > > non-socket) > > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > > Failed to set socket option SO_RCVBUF (Error Socket operation on non-socket) > > > [2001/03/03 16:50:22, 0] lib/util_sock.c:set_socket_options(146) > > > Failed to set socket option SO_SNDBUF (Error Socket operation on non-socket) > > > [2001/03/03 16:50:22, 1] smbd/files.c:file_init(151) > > > file_init: Information only: requested 10000 open files, 1014 are available. > > > [2001/03/03 16:50:22, 0] smbd/server.c:main(721) > > > standard input is not a socket, assuming -D option > > > > > > Any ideas what I am doing wrong? Thanks in advance for your assistance. > > > > > > > Obviously you're a year ahead of the rest of us! (well.. almost :) > > The samba daemons should be started with the -D option which tells them > > that they are in 'daemon mode'. Without this option it assumes that the > > socket it stdin passed on from inetd. > > > > Are you running TNG or 2.0.7? > > > > --Anders > > From diegmuej at stifel.com Fri Apr 28 20:36:51 2000 From: diegmuej at stifel.com (Diegmueller, Jason (I.T. Dept)) Date: Tue Dec 2 02:29:38 2003 Subject: smb.conf differences between 2.0.6 and TNG? Message-ID: Team-- I attempted a dropin replacement of TNG from 2.0.6. Same smb.conf, which is basically a vanilla "domain member" smb.conf which redirects all username/password combos to one of our NT Domain Controllers. I start up all the daemons with -D, and now all I get is log.smb complaining: error connecting to 172.22.1.10:445 (Connection refused) twice, then a prs_grow_data: 4 > 0 Is there something serious in "security = " that changes from 2.0.6 to SAMBA_TNG? I'm on an NT Workstation with SP5 .. From f.w.j.wiegerinck at student.utwente.nl Fri Apr 28 21:30:38 2000 From: f.w.j.wiegerinck at student.utwente.nl (F.W.J.Wiegerinck) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( References: <3909D14C.FA1335E1@aw.com.pl> <001b01bfb145$65fc8150$2000a8c0@student.utwente.nl> <3909E826.2D1AAD7C@aw.com.pl> Message-ID: <000701bfb158$ff6068d0$2000a8c0@student.utwente.nl> The last time I have run Samba TNG is about 1 month ago. I switched back to Samba 2.0.6 because Samba TNG is too havy for my server. Frank Wiegerinck ----- Original Message ----- From: Rafa? Szcze?niak To: Multiple recipients of list SAMBA-NTDOM Sent: Friday, April 28, 2000 9:36 PM Subject: Re: I don't know what's wrong :( > > > "F.W.J.Wiegerinck" wrote: > > > > The first time I run TNG, I had the same error. > > I'm not sure but I think I fixed it by creating the lock > > directory. > > Can you specify exact path of that directory ? > Because i already have $SAMBA_PATH/var/locks. > > >The install doesn't made it automatic on my server. > > > > Sorry for my poor english. > > > > Frank Wiegerinck > > Rafa? > From kyle_peterson1 at hotmail.com Wed Apr 26 23:34:42 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:38 2003 Subject: Samba TNG-2.5 and NT Server tools Message-ID: <20000429012928.69394.qmail@hotmail.com> Hi, I am having a problem where I can't use server manager or user manager for domains under Win NT 4.0 Svc pack 6. I can add machines under service manager ONLY when I am root, it won't work as any other user even though i've added them to the domainadmin group (this is mapped to Domain Admins). User manager sometimes works as root, but it never works as another user. When I'm root I keep getting errors about the user already existing in a group. When I try adding a user or machine as another domain admin, I get "Access Denied". Is it supposed to let root only add machines and users? Also, is there anyway around the "user already in a group" error? *Note - I can delete a machine within server manager with any user in the "Domain Admins" group, but can add only with root. Thank you; Kyle Peterson From pjdc at eircom.net Sat Apr 29 02:43:36 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Samba TNG-2.5 and NT Server tools In-Reply-To: "Kyle Peterson"'s message of "Sat, 29 Apr 2000 11:31:30 +1000" References: <20000429012928.69394.qmail@hotmail.com> Message-ID: >>>>> "Kyle" == Kyle Peterson writes: Kyle> Hi, I am having a problem where I can't use server manager Kyle> or user manager for domains under Win NT 4.0 Svc pack 6. I Kyle> can add machines under service manager ONLY when I am root, Kyle> it won't work as any other user even though i've added them Kyle> to the domainadmin group (this is mapped to Domain Admins). Kyle> User manager sometimes works as root, but it never works as Kyle> another user. When I'm root I keep getting errors about the Kyle> user already existing in a group. When I try adding a user Kyle> or machine as another domain admin, I get "Access Denied". Kyle> Is it supposed to let root only add machines and users? Before you add a user using User Manager, the corresponding Unix user must already exist on the server. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From Jim.Levie at dynetics.com Sat Apr 29 04:06:16 2000 From: Jim.Levie at dynetics.com (Jim Levie) Date: Tue Dec 2 02:29:38 2003 Subject: Problems Starting SAMBA References: <3909F4F6.3AAF3A1F@aw.com.pl> Message-ID: <390A5FB8.2D2F204E@dynetics.com> Rafa? Szcze?niak wrote: > > Alfredo Ramos wrote: > > > > I start the daemons with the -D option and still do the same thing and I'm > > using TNG 2.5. > I update samba-tng (and samba-main) every day, recently. Whether i use > "-D" or not, results are the same: i can't get it to work. > I'd try, use it and help sending possible bug reports with pleasure, > but i can't do it with samba "out of order". > The problem is also, that i did't see ANY error messages is logs. > Not even in syslog ! I'm afraid i don't know sources so good, to just > use gdb to check what's going on. > I'm starting to think, i'm too stupid to play with cvs release > (no problems with 2.0.5a as "PDC"). > We've spent a lot of time trying to get TNG to work on Solaris 2.7 and/or RedHat 6.2 with essentially no success. I can get TNG to sort of work as a PDC with NT4.0 clients some of the time (and only NT4.0 clients, win95/98 clients are right out), but have never managed to get a TNG BDC to work nor have I ever managed to get a TNG domain member to work. Yesterday I decided to go back to using the Head branch, which had worked before. Except for a problem with gcc having an internal error w/optimzation on in rpcclient.c (fix by using Sun's cc or turn off optimization), it's worked perfectly. While I understand the attraction of splitting smbd & nmbd into lots of small daemons, I'm not convinced that it's been a good idea. I've found it exceedingly difficult to try to figure out what's not working and why when having to look at all those log files and try to correlate what I see in one with what's in the others. I have some suspicions that at least some of the Solaris problems may be directly attributed to the daemons being split out. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Jim Levie email: Jim.Levie@dynetics.com Dynetics Inc, Huntsville, Al Ph. 256.964.4337 The opinions expressed above are just that... From lars at kneschke.de Fri Apr 28 20:05:55 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:38 2003 Subject: Problems Starting SAMBA References: Message-ID: <3909EF23.95C0BD11@kneschke.de> jahall@nea.org wrote: > > I have downloaded and compiled the source code. I am starting the daemons > manually since I do not have a script written yet. You will find a startscript (samba-init.d) in /sourcetree/source/script. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lars at kneschke.de Fri Apr 28 20:04:27 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( References: <3909D14C.FA1335E1@aw.com.pl> Message-ID: <3909EECB.6C6FE5F8@kneschke.de> Rafa? Szcze?niak wrote: > > I start each daemon using shell script, but netlogond, lsarpcd > and samrd don't work. Don't know about your problem, but in /sambasourcetree/source/sript you will find samba-init.d, which will start all your necessary daemons. No need to write your own shellscript. > They do not create sockets in > var/locks/.msrpc. Interesting is, that there's no error or warning > msg in log files. They seem to just start and exit immediately. > Below are output of my testparm and log.samrd. > Am I so stupid to miss something obvious ? Help ! > I read many good things about samba-tng after recent bug-fixes. > It's hard to believe, that for most of you samba-tng works > fine, and for me - not. Get's the log files created? Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lars at kneschke.de Fri Apr 28 20:00:15 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:38 2003 Subject: Compiling for use on another host References: <3909C855.3071BD96@aw.com.pl> Message-ID: <3909EDCF.49F808EF@kneschke.de> Rafa? Szcze?niak wrote: > > What parameter should i set in "configure" cmd line to do > the following: > 1. compile samba-tng on one host (with faster CPU, > bigger RAM, etc.). > > 2. move compiled source tree to another host in network. > > 3. perform "make install" on that host and start samba. Make shure you use the same libraries on both systems(glibc, ...). The best way is to use the same distributions on both systems. Moving the compiled source tree is problematic. Because when you call make install on the other system, it will check if some include-files have another timestamp and will compile most of the source new. I would do this: On the compile machine: ./configure --prefix=/your/favorite/path make make install This will install all necessary files under /your/favorite/path. Now you create a tar archive from this directory and untar it on the other machine and all is fine! Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lars at kneschke.de Fri Apr 28 19:54:25 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:38 2003 Subject: Samba PDC with a Windows 2000 client References: Message-ID: <3909EC71.CAEA9693@kneschke.de> Rich Alimi wrote: > > I have set up a Samba PDC using the pre-3.0 version of samba. (I last > updated my source via cvs and recompiled samba this afternoon - Apr 27, > 2000.) I have been having problems getting a Windows 2000 Professional > client to join the domain. When I change the settings to join the domain, > Windows asks me for a username and password with permission to join the > domain. I have not seen any mention of this username/password prompt in > documentation that I have found on the internet on both linuxworld.com and > samba.org. When I create a user on the PDC and add the user to the > smbpasswd file and try to enter that username/password combination in the > dialog above, Windows returns a "procedure number out of range" error > message. I have created the machine trust accounts using the following > procedure ('ralimi', 'palimi', and 'laptop' are the computernames of the 3 > windows 2000 clients): > > groupadd -g 800 nttrust > useradd -u 801 -g nttrust -d /dev/null -s /bin/false ralimi$ > useradd -u 802 -g nttrust -d /dev/null -s /bin/false palimi$ > useradd -u 803 -g nttrust -d /dev/null -s /bin/false laptop$ > smbpasswd -a -m ralimi > smbpasswd -a -m palimi > smbpasswd -a -m laptop > > I then rebooted the Linux machine, and once booted, I made sure that both > smbd and nmbd were running. Then, on one of the Windows 2000 machines, I > opened the System properties, then on the Network Identification page, I > pressed Properties. I selected the Domain option, typed 'DOMAIN' in the > edit box, then pressed OK. Then, I received the prompt for a username and > password with permission to join the domain. Which Samba version do you use? You need Samba TNG which have more daemons then smbd and nmbd. You can find out more about samba tng at my homepage. http://www.kneschke.de/projekte/samba_tng . Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From snail_talk at yahoo.com Sat Apr 29 06:33:13 2000 From: snail_talk at yahoo.com (Geoffrey Lee) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( In-Reply-To: <3909EECB.6C6FE5F8@kneschke.de> Message-ID: <000601bfb1a4$cb2ba010$0200000a@workstation1> > > > Rafa? Szcze?niak wrote: > > > > I start each daemon using shell script, but netlogond, lsarpcd > > and samrd don't work. > Don't know about your problem, but in remove MACHINE.SID from samba's private dir. /sambasourcetree/source/sript you > will find samba-init.d, which will start all your necessary daemons. No > need to write your own shellscript. > i've written my own RH init scripts.. > > > They do not create sockets in > > var/locks/.msrpc. Interesting is, that there's no error or warning > > msg in log files. They seem to just start and exit immediately. > > Below are output of my testparm and log.samrd. > > Am I so stupid to miss something obvious ? Help ! > > I read many good things about samba-tng after recent you're getting starting IPC service and then exiting aren't you? :) remove MACHINE.SID and all will be fine.\ bug-fixes. > > It's hard to believe, that for most of you samba-tng works > > fine, and for me - not. > Get's the log files created? > > Cu > > -- > Watch our projects at http://www.kneschke.de/projekte! > GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer > From geniusbhatti at hotmail.com Sat Apr 29 14:15:25 2000 From: geniusbhatti at hotmail.com (Naseer Bhatti) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile Message-ID: <20000429091525.65815.qmail@hotmail.com> Hello. I am trying to compile samba-tng-2.5 --with-profile option and getting this error. Compiling printing/lpq_parse.c Compiling profile/profile.c profile/profile.c: In function `profile_setup': profile/profile.c:45: storage size of `shm_ds' isn't known profile/profile.c:58: `IPC_CREAT' undeclared (first use in this function) profile/profile.c:58: (Each undeclared identifier is reported only once profile/profile.c:58: for each function it appears in.) profile/profile.c:58: `IPC_EXCL' undeclared (first use in this function) profile/profile.c:58: `SHM_R' undeclared (first use in this function) profile/profile.c:58: `SHM_W' undeclared (first use in this function) profile/profile.c:69: `SHM_RDONLY' undeclared (first use in this function) profile/profile.c:77: `IPC_STAT' undeclared (first use in this function) profile/profile.c:91: `IPC_RMID' undeclared (first use in this function) make: *** [profile/profile.o] Error 1 I am compiling as root on a i686 RedHat 6.0 Thanks in Advance!! Naseer Bhatti ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From arielez at cs.huji.ac.il Sat Apr 29 14:21:54 2000 From: arielez at cs.huji.ac.il (Eizenberg Ariel) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile In-Reply-To: <20000429091525.65815.qmail@hotmail.com> Message-ID: I don't know waht the official solution is, but in my case I simply added #include #include to the file, just after #ifdef WITH_PROFILE On Sat, 29 Apr 2000, Naseer Bhatti wrote: | Hello. I am trying to compile samba-tng-2.5 --with-profile option and | getting this error. | | Compiling printing/lpq_parse.c | Compiling profile/profile.c | profile/profile.c: In function `profile_setup': | profile/profile.c:45: storage size of `shm_ds' isn't known | profile/profile.c:58: `IPC_CREAT' undeclared (first use in this function) | profile/profile.c:58: (Each undeclared identifier is reported only once | profile/profile.c:58: for each function it appears in.) | profile/profile.c:58: `IPC_EXCL' undeclared (first use in this function) | profile/profile.c:58: `SHM_R' undeclared (first use in this function) | profile/profile.c:58: `SHM_W' undeclared (first use in this function) | profile/profile.c:69: `SHM_RDONLY' undeclared (first use in this function) | profile/profile.c:77: `IPC_STAT' undeclared (first use in this function) | profile/profile.c:91: `IPC_RMID' undeclared (first use in this function) | make: *** [profile/profile.o] Error 1 | | I am compiling as root on a i686 RedHat 6.0 | | Thanks in Advance!! | | Naseer Bhatti | ________________________________________________________________________ | Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com | | | From pjdc at eircom.net Sat Apr 29 14:43:00 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Compiling for use on another host In-Reply-To: Lars Kneschke's message of "Sat, 29 Apr 2000 16:12:11 +1000" References: <3909C855.3071BD96@aw.com.pl> <3909EDCF.49F808EF@kneschke.de> Message-ID: >>>>> "Lars" == Lars Kneschke writes: Lars> On the compile machine: Lars> /configure --prefix=/your/favorite/path Lars> make Lars> make install Lars> This will install all necessary files under Lars> /your/favorite/path. Now you create a tar archive from this Lars> directory and untar it on the other machine and all is fine! If you want to install under /usr, /usr/local, or some other tree that is already populated on the compile machine, you can simply configure and build as normal and then install like so: # make install prefix=/a/tempoarary/path # cd /a/temporary/path # tar cfz ~/samba-bin.tar.gz * The simply transfer the archive to the server machine: # cd /path/it/was/built/for # tar xfz /path/to/samba-bin.tar.gz Boom. The prefix trick will work with almost any package that uses autoconf and automake. Note that the installation stage will generate spurious message from libtool about how to link to the libraries etc. I use this hack^Wtrick^Wtechnique to manage packages using GNU Stow. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Sat Apr 29 14:52:17 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile In-Reply-To: "Naseer Bhatti"'s message of "Sat, 29 Apr 2000 19:17:37 +1000" References: <20000429091525.65815.qmail@hotmail.com> Message-ID: >>>>> "Naseer" == Naseer Bhatti writes: Naseer> Hello. I am trying to compile samba-tng-2.5 --with-profile option and Naseer> getting this error. Naseer> Compiling printing/lpq_parse.c Naseer> Compiling profile/profile.c Naseer> profile/profile.c: In function `profile_setup': Naseer> profile/profile.c:45: storage size of `shm_ds' isn't known Naseer> profile/profile.c:58: `IPC_CREAT' undeclared (first use in this function) Naseer> profile/profile.c:58: (Each undeclared identifier is reported only once Naseer> profile/profile.c:58: for each function it appears in.) Naseer> profile/profile.c:58: `IPC_EXCL' undeclared (first use in this function) Naseer> profile/profile.c:58: `SHM_R' undeclared (first use in this function) Naseer> profile/profile.c:58: `SHM_W' undeclared (first use in this function) Naseer> profile/profile.c:69: `SHM_RDONLY' undeclared (first use in this function) Naseer> profile/profile.c:77: `IPC_STAT' undeclared (first use in this function) Naseer> profile/profile.c:91: `IPC_RMID' undeclared (first use in this function) Naseer> make: *** [profile/profile.o] Error 1 Naseer> I am compiling as root on a i686 RedHat 6.0 Those constants are all defined in /usr/include/bits/shm.h, which is normally included by /usr/include/sys/shm.h (I think). You may want to check those files; or perhaps your Samba was configured in such a way that it didnt include shm.h at all? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sharpe at ns.aus.com Sat Apr 29 07:33:56 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:38 2003 Subject: Anyone else having printing problems with Samba TNG 2.5 Alpha? Message-ID: <3.0.6.32.20000429163356.00936a50@203.16.214.248> Hi, While I have kludged around my problem, I am wondering if I should spend any effort to investigate this? Is anyone else having problems with Samba TNG and printing? Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From pjdc at eircom.net Sat Apr 29 15:39:27 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Anyone else having printing problems with Samba TNG 2.5 Alpha? In-Reply-To: Richard Sharpe's message of "Sun, 30 Apr 2000 01:03:41 +1000" References: <3.0.6.32.20000429163356.00936a50@203.16.214.248> Message-ID: >>>>> "Richard" == Richard Sharpe writes: Richard> Hi, Richard> While I have kludged around my problem, I am wondering if Richard> I should spend any effort to investigate this? Richard> Is anyone else having problems with Samba TNG and printing? I've been able to add the printer to the server from a workstation and upload the drivers. The printer appears in the Printers folder on the server, and it seems to be shared, but the share does not appear in the server when I browse into it. I'm using lpd printing at the moment. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sneakums at eircom.net Sat Apr 29 17:47:08 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile In-Reply-To: Matthew Monacelli's message of "Sat, 29 Apr 2000 13:13:03 -0400" References: <20000429091525.65815.qmail@hotmail.com> <005901bfb1fe$2dd979e0$0300a8c0@home.net> Message-ID: >>>>> "Matthew" == Matthew Monacelli writes: Matthew> When using Win9x machines on the network, how, after Matthew> compiling with the --with-profile option, get the Win9x Matthew> machines to start using the server to store profile info Matthew> for already existing users (in Win)? I've setup the You don't need to use the --with-profile option to get support for user profiles. That option is used for profiling samba's code, to record which functions are called by which, how often, and how long they take to execute. You do not need this option. I believe that there issues in the Windows 9x client relating to profiles; I'm not too sure quite what as I only have NT here. Matthew> smb.conf like in the examples, but nothing is being Matthew> created in the netlogon share (yes it is writable - I Matthew> chmoded it like in the FAQ). Thanks for any The netlogon share should *not* be writable. Netlogon is used to store logon scripts, and users should not be able to alter them. Profiles are normally stored in a separate profile share, which *is* writable. Matthew> help. By the way, as an aside question, I've been having Matthew> some profile troubles in windows itself. I was trying to Matthew> clean up the "non-profile" directories, such as Matthew> C:\WINDOWS\DESKTOP" from when I didn't use individual Matthew> profiles so that new users don't have all the crap I used Matthew> to have on the desktop and other stuff added (especially Matthew> my Outlook Express profile which isn't password protected Matthew> upon creating the new profile). Thanks again... I'm pretty sure that Windows 9x runs special programs when a new profile is created to add all that junk (you recall that "Adding Personalized Settings" dialog?); I'm not sure quite what you can do about it. Unlike Windows NT, Windows 9x doesn't have an "All Users" virtual profile that affects all profiles. If you look at the Passwords control panel, you can see that you decide if desktops and start menus are shared or not. That is a global option, I believe. To be honest, whenever I come across a 9x machine with profiles enabled, I turn it off. It's more trouble that it's worth. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mam1281 at osfmail.isc.rit.edu Sat Apr 29 18:43:51 2000 From: mam1281 at osfmail.isc.rit.edu (Matt Monacelli) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile In-Reply-To: Message-ID: I mistyped - my netlogon is not writable, and my profile share is. Win9x is a pain, but not much I can do at the moment. Grr. Also, I know my machine is slow (DEC Multia) but it takes an enormous amount of time to perform SAMBA operations - accessing shares, logging in, etc. I remember with Samba 2.0 it was always quick (no noticeable lagging). Just a note... On Sun, 30 Apr 2000, Paul J Collins wrote: >>>>>> "Matthew" == Matthew Monacelli writes: > > Matthew> When using Win9x machines on the network, how, after > Matthew> compiling with the --with-profile option, get the Win9x > Matthew> machines to start using the server to store profile info > Matthew> for already existing users (in Win)? I've setup the > >You don't need to use the --with-profile option to get support for >user profiles. That option is used for profiling samba's code, to >record which functions are called by which, how often, and how long >they take to execute. You do not need this option. > >I believe that there issues in the Windows 9x client relating to >profiles; I'm not too sure quite what as I only have NT here. > > Matthew> smb.conf like in the examples, but nothing is being > Matthew> created in the netlogon share (yes it is writable - I > Matthew> chmoded it like in the FAQ). Thanks for any > >The netlogon share should *not* be writable. Netlogon is used to >store logon scripts, and users should not be able to alter them. >Profiles are normally stored in a separate profile share, which *is* >writable. > > Matthew> help. By the way, as an aside question, I've been having > Matthew> some profile troubles in windows itself. I was trying to > Matthew> clean up the "non-profile" directories, such as > Matthew> C:\WINDOWS\DESKTOP" from when I didn't use individual > Matthew> profiles so that new users don't have all the crap I used > Matthew> to have on the desktop and other stuff added (especially > Matthew> my Outlook Express profile which isn't password protected > Matthew> upon creating the new profile). Thanks again... > >I'm pretty sure that Windows 9x runs special programs when a new >profile is created to add all that junk (you recall that "Adding >Personalized Settings" dialog?); I'm not sure quite what you can do >about it. Unlike Windows NT, Windows 9x doesn't have an "All Users" >virtual profile that affects all profiles. If you look at the >Passwords control panel, you can see that you decide if desktops and >start menus are shared or not. That is a global option, I believe. > >To be honest, whenever I come across a 9x machine with profiles >enabled, I turn it off. It's more trouble that it's worth. > >Paul. > > -- Matthew A. Monacelli mam1281@rit.edu Software Support Rep (Mac Team) Cell: (716)734-1379 ITS Technical Support Services Helpdesk: 475-HELP(4357) Rochester Institute of Technology "...Linux is free only if your time has no value!" From rfs at aw.com.pl Sat Apr 29 19:05:00 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( References: <3909D14C.FA1335E1@aw.com.pl> <3909EECB.6C6FE5F8@kneschke.de> Message-ID: <390B325C.104BCD4C@aw.com.pl> Lars Kneschke wrote: > > Rafa? Szcze?niak wrote: > > > > I start each daemon using shell script, but netlogond, lsarpcd > > and samrd don't work. > Don't know about your problem, but in /sambasourcetree/source/sript you > will find samba-init.d, which will start all your necessary daemons. No > need to write your own shellscript. Yes, i know that. I found it right after writing my script :) Both of them looks similiar, so i use my script. After all, this one placed in source tree looks like written for RedHat (i use Debian), though it absolutely doesn't matter in this case. > > > They do not create sockets in > > var/locks/.msrpc. Interesting is, that there's no error or warning > > msg in log files. They seem to just start and exit immediately. > > Below are output of my testparm and log.samrd. > > Am I so stupid to miss something obvious ? Help ! > > I read many good things about samba-tng after recent bug-fixes. > > It's hard to believe, that for most of you samba-tng works > > fine, and for me - not. > Get's the log files created? Sorry, i didn't understand what do you mean. greets, rafa? From rfs at aw.com.pl Sat Apr 29 19:12:02 2000 From: rfs at aw.com.pl (=?iso-8859-2?Q?Rafa=B3=20Szcze=B6niak?=) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( References: <000601bfb1a4$cb2ba010$0200000a@workstation1> Message-ID: <390B3402.84876FD8@aw.com.pl> Geoffrey Lee wrote: > > > > > > > Rafa? Szcze?niak wrote: > > > > > > I start each daemon using shell script, but netlogond, lsarpcd > > > and samrd don't work. > > Don't know about your problem, but in > > remove MACHINE.SID from samba's private dir. > > /sambasourcetree/source/sript you > > will find samba-init.d, which will start all your necessary daemons. No > > need to write your own shellscript. > > > > i've written my own RH init scripts.. > > > > > > They do not create sockets in > > > var/locks/.msrpc. Interesting is, that there's no error or warning > > > msg in log files. They seem to just start and exit immediately. > > > Below are output of my testparm and log.samrd. > > > Am I so stupid to miss something obvious ? Help ! > > > I read many good things about samba-tng after recent > > you're getting starting IPC service and then exiting aren't you? :) remove > MACHINE.SID and all will be fine.\ That's another mystery. There is no MACHINE.SID (or any SID) file ! I checked every subdir in binary tree. rafa? From geniusbhatti at hotmail.com Sun Apr 30 00:28:10 2000 From: geniusbhatti at hotmail.com (Naseer Bhatti) Date: Tue Dec 2 02:29:38 2003 Subject: Getting MACHINE.SID on a different Network Message-ID: <20000429192810.54686.qmail@hotmail.com> Hello, Would someone tell me how would it be posssible to get the MACHINE.SID for other domains on the network ? Thanks. Naseer Bhatti ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From pjdc at eircom.net Sat Apr 29 19:53:52 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:38 2003 Subject: Getting MACHINE.SID on a different Network In-Reply-To: "Naseer Bhatti"'s message of "Sun, 30 Apr 2000 05:29:49 +1000" References: <20000429192810.54686.qmail@hotmail.com> Message-ID: >>>>> "Naseer" == Naseer Bhatti writes: Naseer> Hello, Would someone tell me how would it be posssible to Naseer> get the MACHINE.SID for other domains on the network ? Try using rpcclient to connect to the domain's PDC and use the lsaquery command. Alternatively, go to a workstation on that domain and search the registry for a key called ProfileList. Find a key under it corresponding to a user in the domain and remove the RID (the last component of the SID) to obtain the domain's SID. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From kyle_peterson1 at hotmail.com Sat Apr 29 19:49:35 2000 From: kyle_peterson1 at hotmail.com (Kyle Peterson) Date: Tue Dec 2 02:29:38 2003 Subject: Samba TNG-2.5 and NT Server tools Message-ID: <20000429194935.6673.qmail@hotmail.com> The corresponding unix user exists in my /etc/passwd, and I've put him in the domainusers UNIX group and mapped it do "Domain Users". Then I try to add the user to the sam database with user manager for domains and I get a "access denied" error when I am another domain admin other than root. If I try it when I am root I get a error about the user already existing in a group. I've mapped root to "Administrator" and put him in the "Domain Admins" group. thank you. >From: Paul J Collins Reply-To: pjdc@eircom.net To: Multiple recipients of >list SAMBA-NTDOM Subject: Re: Samba TNG-2.5 and NT Server tools Date: Sat, >29 Apr 2000 12:39:24 +1000 > > >>>>> "Kyle" == Kyle Peterson writes: > >Kyle> Hi, I am having a problem where I can't use server manager Kyle> or >user manager for domains under Win NT 4.0 Svc pack 6. I Kyle> can add >machines under service manager ONLY when I am root, Kyle> it won't work as >any other user even though i've added them Kyle> to the domainadmin group >(this is mapped to Domain Admins). Kyle> User manager sometimes works as >root, but it never works as Kyle> another user. When I'm root I keep >getting errors about the Kyle> user already existing in a group. When I try >adding a user Kyle> or machine as another domain admin, I get "Access >Denied". Kyle> Is it supposed to let root only add machines and users? > >Before you add a user using User Manager, the corresponding Unix user must >already exist on the server. > >Paul. > >-- >Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 >7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C >"Linux: it's just this operating system, you know?" > ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From Skripi at hrzpub.tu-darmstadt.de Sat Apr 29 23:58:55 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:38 2003 Subject: cvs samba-tng compile error with smbd Message-ID: <20000430015855.A4142@shadowland.sc> Hi, trying to compile samba-tng cvs of today fails: G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : compile error with smbd ------------- Trigger : make distclean CFLAGS="-m486 -O2" ./configure \ --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ --with-gnu-ld \ --with-automount \ --with-pam \ --with-sam-pwdb=passdb \ --with-syslog \ --with-privatedir=/usr/local/etc/samba/private/ \ --with-lockdir=/var/lock/samba/ \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba/ make ------------- Solution : NONE ------------- LOG : .... Compiling profile/profile.c Linking bin/smbd bin/.libs/libmsrpc.so: undefined reference to `display_printer_enumdata' bin/.libs/libmsrpc.so: undefined reference to `display_printer_info_ctr' bin/.libs/libmsrpc.so: undefined reference to `out_hnd' collect2: ld returned 1 exit status make: *** [bin/smbd] Error 1 P.S.: how can i get cvs to tell me the date and time of my last update ? P.P.S.: 1) Using Windows 95 to browse a Network and "log onto the Domain" is really slow. I takes aproximate 20 sec for Shares to be bound to a drive letter. 2) Using Share or any other stuff from Windows 95 results in many empty (!) syslog messages. Like : Apr 30 01:57:57 shadowland netlogond[4172]: Apr 30 01:57:57 shadowland last message repeated 4 times Apr 30 01:57:57 shadowland netlogond[4172]: TODO: verify that the rid exists Apr 30 01:57:57 shadowland netlogond[4172]: Apr 30 01:57:57 shadowland netlogond[4172]: Apr 30 01:57:58 shadowland lsarpcd[4174]: Apr 30 01:57:58 shadowland last message repeated 7 times Apr 30 01:57:58 shadowland netlogond[4172]: Apr 30 01:57:58 shadowland last message repeated 2 times Apr 30 01:57:58 shadowland lsarpcd[4177]: Apr 30 01:57:58 shadowland last message repeated 7 times Apr 30 01:57:58 shadowland netlogond[4172]: Apr 30 01:57:58 shadowland last message repeated 2 times Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From sharpe at ns.aus.com Sat Apr 29 10:20:11 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:38 2003 Subject: Compilation Problems Samba TNG-2.5 --with-profile In-Reply-To: References: <20000429091525.65815.qmail@hotmail.com> <005901bfb1fe$2dd979e0$0300a8c0@home.net> Message-ID: <3.0.6.32.20000429192011.00935800@203.16.214.248> At 03:43 AM 4/30/00 +1000, Paul J Collins wrote: >>>>>> "Matthew" == Matthew Monacelli writes: > > Matthew> When using Win9x machines on the network, how, after > Matthew> compiling with the --with-profile option, get the Win9x > Matthew> machines to start using the server to store profile info > Matthew> for already existing users (in Win)? I've setup the > >You don't need to use the --with-profile option to get support for >user profiles. That option is used for profiling samba's code, to >record which functions are called by which, how often, and how long >they take to execute. You do not need this option. > >I believe that there issues in the Windows 9x client relating to >profiles; I'm not too sure quite what as I only have NT here. Check out the latest DOMAIN.txt document. WinNT and Win9X have different profiles implementations. Win9X profiles can only go in the home directory area. The following allows Win9X profiles to go in a directory in the home dir as well as allowing net use /home to work: logon home = \\%L\%U\.profiles You would use logon path for WinNT profiles locations. > Matthew> smb.conf like in the examples, but nothing is being > Matthew> created in the netlogon share (yes it is writable - I > Matthew> chmoded it like in the FAQ). Thanks for any > >The netlogon share should *not* be writable. Netlogon is used to >store logon scripts, and users should not be able to alter them. >Profiles are normally stored in a separate profile share, which *is* >writable. > > Matthew> help. By the way, as an aside question, I've been having > Matthew> some profile troubles in windows itself. I was trying to > Matthew> clean up the "non-profile" directories, such as > Matthew> C:\WINDOWS\DESKTOP" from when I didn't use individual > Matthew> profiles so that new users don't have all the crap I used > Matthew> to have on the desktop and other stuff added (especially > Matthew> my Outlook Express profile which isn't password protected > Matthew> upon creating the new profile). Thanks again... > >I'm pretty sure that Windows 9x runs special programs when a new >profile is created to add all that junk (you recall that "Adding >Personalized Settings" dialog?); I'm not sure quite what you can do >about it. Unlike Windows NT, Windows 9x doesn't have an "All Users" >virtual profile that affects all profiles. If you look at the >Passwords control panel, you can see that you decide if desktops and >start menus are shared or not. That is a global option, I believe. > >To be honest, whenever I come across a 9x machine with profiles >enabled, I turn it off. It's more trouble that it's worth. > >Paul. > >-- >Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C >"Linux: it's just this operating system, you know?" > > Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lars at kneschke.de Sun Apr 30 06:55:50 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:38 2003 Subject: cvs samba-tng compile error with smbd References: <20000430015855.A4142@shadowland.sc> Message-ID: <390BD8F6.8239F49A@kneschke.de> Jens Skripczynski wrote: > > Hi, Wow, what a perfect bugreport! :-) > trying to compile samba-tng cvs of today fails: > > G E N E R A L > * * * * * * * * > ------------- > OS : linux (redhat 6.2b) > ------------- > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > ------------- > CVS-Branch : SAMBA_TNG > ------------- > Version/Date: today (how can I retrive the time of the last update ?) > ------------- > Error Type : reproduceable > ------------- > Short Desc. : compile error with smbd > ------------- > Trigger : make distclean > CFLAGS="-m486 -O2" ./configure \ > --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ > --with-gnu-ld \ > --with-automount \ > --with-pam \ > --with-sam-pwdb=passdb \ > --with-syslog \ > --with-privatedir=/usr/local/etc/samba/private/ \ > --with-lockdir=/var/lock/samba/ \ > --sysconfdir=/usr/local/etc/samba \ > --localstatedir=/var/log/samba/ > make > > ------------- > Solution : NONE > ------------- > > LOG : > > ... > Compiling profile/profile.c > Linking bin/smbd > bin/.libs/libmsrpc.so: undefined reference to `display_printer_enumdata' > bin/.libs/libmsrpc.so: undefined reference to `display_printer_info_ctr' > bin/.libs/libmsrpc.so: undefined reference to `out_hnd' > collect2: ld returned 1 exit status > make: *** [bin/smbd] Error 1 I got the same problem! Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From Skripi at hrzpub.tu-darmstadt.de Sun Apr 30 09:47:36 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:38 2003 Subject: make distclean (make realclean) Message-ID: <20000430114736.A1303@shadowland.sc> Hi, i noticed that that by executing 'make distclean' the source/bin directory is erased. But in this directory even lives a file '.cvsignore'. Looking closer I found: realclean: clean -rm -f config.log $(PROGS) $(SPROGS) bin/.dummy -rm -rf bin which erases the bin direcotory. wouldn't it be better to write: realclean: clean -rm -f config.log -rm -rf bin/.libs -rm -f bin/* Which will erase the .dummy file, and all compiled libraries and executeales. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pilsl at goldfisch.atat.at Sun Apr 30 11:23:56 2000 From: pilsl at goldfisch.atat.at (peter pilsl) Date: Tue Dec 2 02:29:38 2003 Subject: strange behavior with roaming-profiles on NT4 and samba2.06 Message-ID: <20000430132356.A26776@goldfisch.atat.at> nt4/sp6a-clients with domainserver (samba2.06a) There is some strange things when creating a desktopfile on machineA. Then I delete it on machineB (after loggedoff on A) and when logging on A again its here again. Here is a detailed description of what I mean: I logon machine A and create two files on the desktop I logoff machine A (looking on the server in my profile shows that the files are there now) I logon machine B and have the two files. I delete them I logoff machine B (looking on the server shows that the files are not there any more) I logon machine B, find no files and logoff. I logon machine A again and suddenly have the two files again !!!! I logoff machine A and now the files are stored on the server again!! The files where stored in the local copy of the profile on machineA but shouldnt they be deleted when loggin on again ? Or is this some microsoft-feature again !! it is a very nasty things, cause of my users dont always sit on the same machine and I dont want to disable local profilecaching, cause the profiles get really big (>100MB) cause of local outlookcaches of big imap-folders. peter -- mag. peter pilsl phone: +43/(0)/6763574035 fax : +43/(0)/6763546512 email: pilsl@goldfisch.atat.at sms: pilsl_mobil@goldfisch.atat.at pgp-key available From lkcl at samba.org Sun Apr 30 11:43:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( In-Reply-To: <3909D14C.FA1335E1@aw.com.pl> Message-ID: On Sat, 29 Apr 2000, [iso-8859-2] Rafa? Szcze?niak wrote: insufficient info. follow jens' very good bug-report template. otherwise, do not expect a response, that's just the way it is with insufficient problem description. thx, luke > I start each daemon using shell script, but netlogond, lsarpcd > and samrd don't work. They do not create sockets in > var/locks/.msrpc. Interesting is, that there's no error or warning > msg in log files. They seem to just start and exit immediately. > Below are output of my testparm and log.samrd. > Am I so stupid to miss something obvious ? Help ! > I read many good things about samba-tng after recent bug-fixes. > It's hard to believe, that for most of you samba-tng works > fine, and for me - not. > > thx for ANY help > > BTW: What the var/locks/unexpected.tdb file is for ? > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sun Apr 30 11:47:39 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:38 2003 Subject: I don't know what's wrong :( In-Reply-To: <3909D484.B357C854@aw.com.pl> Message-ID: hi, nothing obvious - do ldd on the binaries, check they are loading the right libraries. From lkcl at samba.org Sun Apr 30 12:17:02 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:38 2003 Subject: Anyone else having printing problems with Samba TNG 2.5 Alpha? In-Reply-To: <3.0.6.32.20000429163356.00936a50@203.16.214.248> Message-ID: fixed in cvs main. On Sun, 30 Apr 2000, Richard Sharpe wrote: > Hi, > > While I have kludged around my problem, I am wondering if I should spend > any effort to investigate this? > > Is anyone else having problems with Samba TNG and printing? > > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Co-author, SAMS Teach Yourself Samba in 24 Hours > Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course > Author: First Australian 2-day, intensive, hands-on Samba course > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From peter at cadcamlab.org Sun Apr 30 12:17:54 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:38 2003 Subject: Join NT4 BDC to Samba/TNG PDC References: <000201bfaf0b$c805fd40$3405a8c0@gillnet.org> Message-ID: <14604.8914.760923.994025@wire.cadcamlab.org> [Vern H. Gill] > Has anyone successfully done this? There are definite problems with Samba PDC, NT BDC. I understand that this is one area where PDC support isn't finished yet. > I need to add a BDC running NT so I can use Exchange. Last I checked, and this was nearly a year ago, Exchange does not need to be on a domain controller. For financial reasons, Microsoft has probably made sure it won't run on NT Workstation, but I believe it runs fine on NT Server as a mere domain member. Peter From lkcl at samba.org Sun Apr 30 12:28:22 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:38 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: <14604.8914.760923.994025@wire.cadcamlab.org> Message-ID: On Sun, 30 Apr 2000, Peter Samuelson wrote: > > [Vern H. Gill] > > Has anyone successfully done this? > > There are definite problems with Samba PDC, NT BDC. I understand that > this is one area where PDC support isn't finished yet. > > > I need to add a BDC running NT so I can use Exchange. > > Last I checked, and this was nearly a year ago, Exchange does not need > to be on a domain controller. For financial reasons, Microsoft has > probably made sure it won't run on NT Workstation, but I believe it > runs fine on NT Server as a mere domain member. ummm... it's generally a really, really, bad idea to put exchange on more than one machine. if your network is of any size, you will need a separate gigabit-ethernet, ATM or fibre-optic network link between the PDC and BDC... _just_ to carry the authentication and synchronisation traffic. From sharpe at ns.aus.com Sat Apr 29 22:40:19 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: References: <14604.8914.760923.994025@wire.cadcamlab.org> Message-ID: <3.0.6.32.20000430074019.00955580@203.16.214.248> At 10:30 PM 4/30/00 +1000, Luke Kenneth Casson Leighton wrote: >ummm... it's generally a really, really, bad idea to put exchange on more >than one machine. Hmmm, I kinda had the impression that it was a "really, really bad idea to put exchange on more that zero machines" :-) Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From sharpe at ns.aus.com Sat Apr 29 22:43:09 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:39 2003 Subject: Win2K and Samba TNG Message-ID: <3.0.6.32.20000430074309.0095a100@203.16.214.248> Well, TNG is wonderful ... I implemented domain group map = some-file and in some-file I had: domainusers="Domain Users" and in the group domainusers I listed all the users who should have access to the domain, and then I modified rights from the policy manager thingy from Win2K Prof and it all works ... Regards ------- Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lkcl at samba.org Sun Apr 30 13:36:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:39 2003 Subject: Win2K and Samba TNG In-Reply-To: <3.0.6.32.20000430074309.0095a100@203.16.214.248> Message-ID: whou-hou! > and in the group domainusers I listed all the users who should have access > to the domain, and then I modified rights from the policy manager thingy > from Win2K Prof and it all works ... From JTait at wyrddreams.demon.co.uk Sun Apr 30 21:28:32 2000 From: JTait at wyrddreams.demon.co.uk (James Tait) Date: Tue Dec 2 02:29:39 2003 Subject: strange behavior with roaming-profiles on NT4 and samba2.06 Message-ID: On Sun, 30 Apr 2000, peter pilsl wrote: > I logon machine A and create two files on the desktop > I logoff machine A > (looking on the server in my profile shows that the files are there now) > I logon machine B and have the two files. > I delete them > I logoff machine B > (looking on the server shows that the files are not there any more) > I logon machine B, find no files and logoff. > I logon machine A again and suddenly have the two files again !!!! > I logoff machine A and now the files are stored on the server again!! > > The files where stored in the local copy of the profile on machineA but > shouldnt they be deleted when loggin on again ? I get exactly this behaviour at work with NT4 SP4 clients and and NT4 Server PDC. I'm a sysadmin, so my old profile is splattered on desktops all over the site! Delete the locally-stored profile (I just get rid of C:\WINNT\Profiles\JTait*.*) and next time you login on that workstation it'll download your current romaing profile from the server. I believe there is a reg hack to stop it storing the profile locally - search the archives. Cheers, JT -------------------------------------+------------------------------------ James Tait, BSc | ICQ# 17834893 MUD Programmer and Linux advocate | Mobile: +44 956 652763 -------------------------------------+------------------------------------ From jens.skripczynski at igd.fhg.de Fri Apr 7 15:26:10 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:46 2003 Subject: Bug reports... Message-ID: <20000407172610.B30170@pclinux.igd.fhg.de> Hi Luke, people always seem to forget, what they should supply for an complete bug report. I could make some php Skript checking whether the User supplied everything and then send it to the List. Something like: OS: Linux | HP | SPARC,... Compiler: OS | GNU Branch: 2_0_0 | TNG | Main Version: Date and Time | Versionnumber Errortype: reproduceale | not reproduceable Shortdesc: When does this error occur: Further information: attached smb.conf | log files | debugger information on core Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows.