From mhw at wittsend.com Mon May 1 01:10:58 2000 From: mhw at wittsend.com (Michael H. Warfield) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: <3.0.6.32.20000430074019.00955580@203.16.214.248>; from sharpe@ns.aus.com on Sun, Apr 30, 2000 at 10:44:01PM +1000 References: <14604.8914.760923.994025@wire.cadcamlab.org> <3.0.6.32.20000430074019.00955580@203.16.214.248> Message-ID: <20000430211058.A1874@alcove.wittsend.com> On Sun, Apr 30, 2000 at 10:44:01PM +1000, Richard Sharpe wrote: > At 10:30 PM 4/30/00 +1000, Luke Kenneth Casson Leighton wrote: > >ummm... it's generally a really, really, bad idea to put exchange on more > >than one machine. > Hmmm, I kinda had the impression that it was a "really, really bad idea to > put exchange on more that zero machines" :-) Actually.... Things do seem to go steadily down hill after the first one. One of those slippery slope thingies. Trouble is that after you lay in a thousand users or so and add a decent amount of E-Mail traffic on top of that, one server ain't gonna cut it. Of course, with multiple servers you get a law of diminishing returns. At what point does the demand on the network from synchronization of multiple exchange servers exceed the random acts of terrorism resulting from overloading one. I think the answer is "two". :-) > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com, Master Linux Administrator :-), > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Co-author, SAMS Teach Yourself Samba in 24 Hours > Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course > Author: First Australian 2-day, intensive, hands-on Samba course Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From lkcl at samba.org Mon May 1 02:58:07 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: <20000430211058.A1874@alcove.wittsend.com> Message-ID: On Mon, 1 May 2000, Michael H. Warfield wrote: > On Sun, Apr 30, 2000 at 10:44:01PM +1000, Richard Sharpe wrote: > > At 10:30 PM 4/30/00 +1000, Luke Kenneth Casson Leighton wrote: > > >ummm... it's generally a really, really, bad idea to put exchange on more > > >than one machine. > > > Hmmm, I kinda had the impression that it was a "really, really bad idea to > > put exchange on more that zero machines" :-) > > Actually.... Things do seem to go steadily down hill after the > first one. One of those slippery slope thingies. Trouble is that after > you lay in a thousand users or so and add a decent amount of E-Mail > traffic on top of that, one server ain't gonna cut it. Of course, with mike, two will make it *far* worse. so. when is the company you are mentioning going to go back to the part-time unix admin they used to have for email, instead of, what, three full-time nt-exch admins? From pjdc at eircom.net Mon May 1 03:09:01 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: "Michael H. Warfield"'s message of "Mon, 1 May 2000 12:13:50 +1000" References: <14604.8914.760923.994025@wire.cadcamlab.org> <3.0.6.32.20000430074019.00955580@203.16.214.248> <20000430211058.A1874@alcove.wittsend.com> Message-ID: >>>>> "Michael" == Michael H Warfield writes: Michael> Actually.... Things do seem to go steadily down hill Michael> after the first one. One of those slippery slope Michael> thingies. Trouble is that after you lay in a thousand Michael> users or so and add a decent amount of E-Mail traffic on Michael> top of that, one server ain't gonna cut it. Of course, Michael> with multiple servers you get a law of diminishing Michael> returns. At what point does the demand on the network Michael> from synchronization of multiple exchange servers exceed Michael> the random acts of terrorism resulting from overloading Michael> one. I think the answer is "two". :-) What precisely is being synchronised between all the Exchange servers in the site? Don't they each hold a distinct subset of the mailboxes? And on the subject of Exchange limits, I was talking to one of our server administrators, and he told me that there is a limit of 300 simultaneous MAPI connections per Exchange server. This came up in the context of some server-side virus scanning product that apparently does terrible things to the information store. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Mon May 1 03:10:49 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: Message-ID: > What precisely is being synchronised between all the Exchange servers > in the site? Don't they each hold a distinct subset of the mailboxes? *short silence for contemplation* ... you know... a side-effect of when i get round to doing "exchange for unix" is that there will be a statistically significant increase in the amount of email traffic on ntbugtraq... please, let me know when you've had enough of this subversive microsoft-bashing, i know, i know, follow the same rules. p.s i release a 2.5.1, and didn't tell anyone :) From pjdc at eircom.net Mon May 1 04:00:39 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:39 2003 Subject: Join NT4 BDC to Samba/TNG PDC In-Reply-To: Luke Kenneth Casson Leighton's message of "Mon, 1 May 2000 13:13:06 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> please, let me know when you've had enough of this Luke> subversive microsoft-bashing, i know, i know, follow the Luke> same rules. It was a genuine question. I don't know much about Exchange. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon May 1 08:04:10 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:39 2003 Subject: can't login from windows nt anymore Message-ID: <390D3A7A.EEF52E7D@kneschke.de> Hello! I have not much time, but i want mention it! I'm not able to login from windows nt anymore. Windows NT tells me only, that it can't load my server side profile, and that it takes the local one. It say's nothing about that it cant found the domain controller. But when i browse the network neighb... i need to enter a password(which also don't work). But i'm able to login with smbclient! Hope you can find something, because i need to go to the zoo with my children. I just include the last lines from log.smb, debug level 3. rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 46 of length 185 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 109 registered to unix name root policy(pnum=11 ): Setting policy state setting policy con policy(pnum=11 ): Getting policy state Getting policy con state policy(pnum=11 ): Getting policy state Getting policy con state Duplicating policy state pnum=11 policy(pnum=12 ): Setting policy state setting policy con policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Closing policy(pnum=11 ): Getting policy state Getting policy con state policy(pnum=11 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 47 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 110 registered to unix name root policy(pnum=13 ): Setting policy state setting policy con policy(pnum=13 ): Getting policy state Getting policy con state policy(pnum=13 ): Getting policy state Getting policy con state Duplicating policy state pnum=13 policy(pnum=14 ): Setting policy state setting policy con policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Closing policy(pnum=13 ): Getting policy state Getting policy con state policy(pnum=13 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 48 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 111 registered to unix name root policy(pnum=15 ): Setting policy state setting policy con policy(pnum=15 ): Getting policy state Getting policy con state policy(pnum=15 ): Getting policy state Getting policy con state Duplicating policy state pnum=15 policy(pnum=16 ): Setting policy state setting policy con policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Closing policy(pnum=15 ): Getting policy state Getting policy con state policy(pnum=15 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 49 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 112 registered to unix name root policy(pnum=17 ): Setting policy state setting policy con policy(pnum=17 ): Getting policy state Getting policy con state policy(pnum=17 ): Getting policy state Getting policy con state Duplicating policy state pnum=17 policy(pnum=18 ): Setting policy state setting policy con policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Closing policy(pnum=17 ): Getting policy state Getting policy con state policy(pnum=17 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Have nice 1.may. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lkcl at samba.org Mon May 1 08:21:24 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:39 2003 Subject: can't login from windows nt anymore In-Reply-To: <390D3A7A.EEF52E7D@kneschke.de> Message-ID: > I just include the last lines from log.smb, debug level 3. > > rpc_api_pipe_req: data_end: 72 and offset 58 wrong ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ lars, it's important that i know what went wrong, here. this means that the rpc_client code is receiving something that is longer than it is expecting, which shouldn't really happen! log level 100, please. do you have "client schannel = yes or auto" in your smb.conf, by chance? From malang at netengine.at Mon May 1 08:30:54 2000 From: malang at netengine.at (Oliver Malang) Date: Tue Dec 2 02:29:39 2003 Subject: AW: can't login from windows nt anymore In-Reply-To: <390D3A7A.EEF52E7D@kneschke.de> Message-ID: look if your nmbd is running. I had exactly the same problem and I saw that my nmbd was not running any more. the logfile said something about panic...I think nmbd just crashed somehow. however, after restarting nmbd, the logon was working again.... regards oliver -----Ursprungliche Nachricht----- Von: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]Im Auftrag von Lars Kneschke Gesendet: Montag, 1. Mai 2000 10:16 An: Multiple recipients of list SAMBA-NTDOM Betreff: can't login from windows nt anymore Hello! I have not much time, but i want mention it! I'm not able to login from windows nt anymore. Windows NT tells me only, that it can't load my server side profile, and that it takes the local one. It say's nothing about that it cant found the domain controller. But when i browse the network neighb... i need to enter a password(which also don't work). But i'm able to login with smbclient! Hope you can find something, because i need to go to the zoo with my children. I just include the last lines from log.smb, debug level 3. rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 46 of length 185 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 109 registered to unix name root policy(pnum=11 ): Setting policy state setting policy con policy(pnum=11 ): Getting policy state Getting policy con state policy(pnum=11 ): Getting policy state Getting policy con state Duplicating policy state pnum=11 policy(pnum=12 ): Setting policy state setting policy con policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Getting policy state Getting policy con state policy(pnum=12 ): Closing policy(pnum=11 ): Getting policy state Getting policy con state policy(pnum=11 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 47 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 110 registered to unix name root policy(pnum=13 ): Setting policy state setting policy con policy(pnum=13 ): Getting policy state Getting policy con state policy(pnum=13 ): Getting policy state Getting policy con state Duplicating policy state pnum=13 policy(pnum=14 ): Setting policy state setting policy con policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Getting policy state Getting policy con state policy(pnum=14 ): Closing policy(pnum=13 ): Getting policy state Getting policy con state policy(pnum=13 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 48 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 111 registered to unix name root policy(pnum=15 ): Setting policy state setting policy con policy(pnum=15 ): Getting policy state Getting policy con state policy(pnum=15 ): Getting policy state Getting policy con state Duplicating policy state pnum=15 policy(pnum=16 ): Setting policy state setting policy con policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Getting policy state Getting policy con state policy(pnum=16 ): Closing policy(pnum=15 ): Getting policy state Getting policy con state policy(pnum=15 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error:Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Transaction 49 of length 192 switch message SMBsesssetupX (pid 15742) passlen: 24 24 Domain=[LARS] NativeOS=[Windows NT 1381] NativeLanMan=[] sesssetupX:name=[root] root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 511, 514 uid 0 registered to name root Clearing default real name uid 0 vuid 112 registered to unix name root policy(pnum=17 ): Setting policy state setting policy con policy(pnum=17 ): Getting policy state Getting policy con state policy(pnum=17 ): Getting policy state Getting policy con state Duplicating policy state pnum=17 policy(pnum=18 ): Setting policy state setting policy con policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Getting policy state Getting policy con state policy(pnum=18 ): Closing policy(pnum=17 ): Getting policy state Getting policy con state policy(pnum=17 ): Closing rpc_api_pipe_req: data_end: 72 and offset 58 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': bad password 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = Datei oder Verzeichnis nicht gefunden Have nice 1.may. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lkcl at samba.org Mon May 1 08:42:22 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:39 2003 Subject: AW: can't login from windows nt anymore In-Reply-To: Message-ID: On Mon, 1 May 2000, Oliver Malang wrote: > > look if your nmbd is running. > I had exactly the same problem and I saw that my nmbd was not running any > more. the logfile said something about panic...I think nmbd just crashed > somehow. that's a fairly serious problem, nmbd crashing: it's a critical single process (multi-purpose). can you get more details, please follow jens' reporting template. thx. From pilsl at goldfisch.atat.at Mon May 1 08:59:59 2000 From: pilsl at goldfisch.atat.at (peter pilsl) Date: Tue Dec 2 02:29:39 2003 Subject: strange behavior with roaming-profiles on NT4 and samba2.06 In-Reply-To: References: Message-ID: <20000501105959.A17112@goldfisch.atat.at> On Mon, May 01, 2000 at 07:31:08AM +1000, James Tait wrote: > > I get exactly this behaviour at work with NT4 SP4 clients and and NT4 > Server PDC. I'm a sysadmin, so my old profile is splattered on desktops > all over the site! Delete the locally-stored profile (I just get rid of > C:\WINNT\Profiles\JTait*.*) and next time you login on that workstation > it'll download your current romaing profile from the server. I believe > there is a reg hack to stop it storing the profile locally - search the > archives. > So its a feature of beloved microsoft ... you dont need a reghack, you can also use a setting in the system-policy, but I really need local cached profiles, cause my users have local outlook-imap-profiles sized>100MB ..... I think I?ll extend the loginscript for deleting all local profile-files that are not on the server !! peter -- mag. peter pilsl phone: +43/(0)/6763574035 fax : +43/(0)/6763546512 email: pilsl@goldfisch.atat.at sms: pilsl_mobil@goldfisch.atat.at pgp-key available From gregr at ee.uwa.edu.au Mon May 1 09:19:29 2000 From: gregr at ee.uwa.edu.au (Greg Roberts) Date: Tue Dec 2 02:29:39 2003 Subject: Password change under NT Message-ID: Hi all. I'm currently having problems with changing passwords under NT and having this new password being stored in /etc/yp/passwd and smbpasswd. Here are the entries in my smb.conf file: encrypt passwords = yes smb passwd file = /usr/local/daemon/samba/private/smbpasswd unix password sync = yes passwd program = /usr/bin/yppasswd %u passwd chat = *Old*password* %o\n *New*password* %n\n *Retype*password* %n\n *changed* log level = 3 passwd chat debug = yes Here's the entries made in the log file when I hit to update the password: [2000/05/01 16:13:08, 3] lib/doscalls.c:(352) dos_ChDir to /tmp [2000/05/01 16:13:08, 3] smbd/nttrans.c:(577) nt_open_pipe: Known pipe samr opening. [2000/05/01 16:13:08, 3] smbd/process.c:(623) Transaction 1060 of length 209 [2000/05/01 16:13:08, 3] smbd/process.c:(453) switch message SMBtrans (pid 23831) [2000/05/01 16:13:08, 3] smbd/ipc.c:(3664) trans <\PIPE\> data=129 params=0 setup=2 [2000/05/01 16:13:08, 3] smbd/ipc.c:(3522) named pipe command on <> name [2000/05/01 16:13:08, 3] smbd/ipc.c:(3324) Got API command 0x26 on pipe "samr" (pnum 7035)api_pipe_bind_req: \PIPE\samr - > \PIPE\lsass [2000/05/01 16:13:08, 0] rpc_parse/parse_prs.c:(350) prs_mem_get: reading data of size 6 would overrun buffer. [2000/05/01 16:13:08, 0] rpc_server/srv_pipe.c:(763) api_pipe_bind_req: Failed to unmarshall RPC_AUTH_NTLMSSP_NEG. [2000/05/01 16:13:08, 3] rpc_server/srv_pipe_hnd.c:(559) process_complete_pdu: DCE/RPC fault sent on pipe lsass I'm using the CVS source of Samba (pre-3.0.0 - I grabbed it around mid-late April) and it's running under Digital Unix 4.0E. Any ideas? ------------ Greg Roberts Computer Systems Officer Dept. of Electrical & Electronic Engineering The University of Western Australia NEDLANDS WA 6907 Australia Ph : +61-08-9380-7366 Fax : +61-08-9380-1065 Email : gregr@ee.uwa.edu.au From peter at cadcamlab.org Mon May 1 09:28:28 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:39 2003 Subject: netlogond 95%cpu References: <3909372E.CDD5552A@univ-lehavre.fr> Message-ID: <14605.19777.791963.517455@wire.cadcamlab.org> [Olivier Brousselle] > My complete smbpasswd have at least 1300 lines (50 workstations and > 1250 users). When a user log in, netlogon read smbpasswd file, and > because it is very big, the 10 seconds limit is reached. > > If I reduce my smbpasswd to some users and workstations, no problem, > domain is OK. Sounds like you need a key-value database for your passwd file. Most Unices have an option for this somewhere, if you dig for it. If your vendor doesn't, you can probably hack it with loopback NIS. Although ugly in the extreme, I expect this would be faster (as your passwd file scales up). Peter From malang at netengine.at Mon May 1 09:31:37 2000 From: malang at netengine.at (Oliver Malang) Date: Tue Dec 2 02:29:39 2003 Subject: AW: AW: can't login from windows nt anymore In-Reply-To: Message-ID: > > On Mon, 1 May 2000, Oliver Malang wrote: > > > > > look if your nmbd is running. > > I had exactly the same problem and I saw that my nmbd was not > running any > > more. the logfile said something about panic...I think nmbd just crashed > > somehow. > > that's a fairly serious problem, nmbd crashing: it's a critical single > process (multi-purpose). > > can you get more details, please follow jens' reporting template. ok, here it is: linux, suse 6.2, kernel 2.2.13 gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) samba-tng 2.5 I'm running tng for a week now. my workstation is a win2k pro and samba is acting as a pdc. domain logons work fine so far with the single exception described above. the strange thing is, that before the domain logon failed, I recognized, that my IE was getting VERY slow!?!? I restarted my machine(as this often helps for MS problems...) and then after logging on the domain, win2k said it could not load the server profile and will use a temporary local profile. so I took a look at my linux box and saw that nmbd was not running any more. I started it again and *wow*, the domain logon succeded as before. besides the IE was working at normal speed again(I've no idea if this problem was in cunjunction with the nmbd...). the problem occurred only once so far. I can not reproduce it (I'm afraid I have no idea how to do....bad luck for you;-)) smb.conf is attached the respective part of log.nmb follows at the bottom of this mail hope I didn't forget anything... :)regards oliver ------------------------------------------------------------------------ process_logon_packet: Logon from 192.168.0.5: code = 0x12 process_logon_packet: Logon from 192.168.0.5: code = 0x7 process_logon_packet: Logon from 192.168.0.5: code = 0x12 process_logon_packet: Logon from 192.168.0.5: code = 0x12 Got SIGHUP dumping debug info. dump_workgroups() dump workgroup on subnet 192.168.0.3: netmask= 255.255.255.0: OMBOX.NET(1) current master browser = MISTRESS MISTRESS 400c9b0b (Samba TNG-alpha) SLAVE 40011003 () =============================================================== INTERNAL ERROR: Signal 11 in pid 23654 (TNG-alpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error [2000/04/27 10:52:49, 1] nmbd/nmbd.c:main(760) Netbios nameserver version TNG-alpha started. Copyright Andrew Tridgell 1994-1998 started asyncdns process 26000 add_domain_logon_names: Attempting to become logon server for workgroup OMBOX.NET on subnet 192.168.0.3 add_domain_logon_names: Attempting to become logon server for workgroup OMBOX.NET on subnet UNICAST_SUBNET become_domain_master_browser_wins: Attempting to become domain master browser on workgroup OMBOX.NET, subnet UNICAST_SUBNET. become_domain_master_browser_wins: querying WINS server at IP 192.168.0.3 for domain master browser name OMBOX.NET<1b> on workgroup OMBOX.NET become_logon_server_success: Samba is now a logon server for workgroup OMBOX.NET on subnet UNICAST_SUBNET ***** Samba server MISTRESS is now a domain master browser for workgroup OMBOX.NET on subnet UNICAST_SUBNET ***** become_domain_master_browser_bcast: Attempting to become domain master browser on workgroup OMBOX.NET on subnet 192.168.0.3 become_domain_master_browser_bcast: querying subnet 192.168.0.3 for domain master browser on workgroup OMBOX.NET become_logon_server_success: Samba is now a logon server for workgroup OMBOX.NET on subnet 192.168.0.3 ***** ---------------------------------------------------------------------------- - -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 2526 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000501/8983f72b/smb.obj From peter at cadcamlab.org Mon May 1 09:32:53 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:39 2003 Subject: Compiling Latest NT Domain Controller Code References: Message-ID: <14605.20271.338891.719175@wire.cadcamlab.org> [Tom Crummey] > Use SAMBA-TNG instead of BRANCH-NTDOM. If that doesn't work, try SAMBA_TNG. (: Peter From peter at cadcamlab.org Mon May 1 09:50:17 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:39 2003 Subject: Compiling for use on another host References: <3909C855.3071BD96@aw.com.pl> <3909E9DD.DB68547F@aw.com.pl> Message-ID: <14605.21069.682774.710460@wire.cadcamlab.org> [Paul J Collins] > Doh! I got this the wrong way 'round. What I should have said is > that a gcc on a PII is perfectly capable of generating code that will > run perfectly well on a Pentium. ...And does by default, unless you've played with your specs file. Peter From Skripi at hrzpub.tu-darmstadt.de Mon May 1 10:16:08 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:39 2003 Subject: TNG does not compile Message-ID: <20000501121607.A17053@shadowland.sc> G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : compile error with smbd ------------- Trigger : make distclean CFLAGS="-m486 -O2" ./configure \ --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ --with-gnu-ld \ --with-automount \ --with-pam \ --with-sam-pwdb=passdb \ --with-syslog \ --with-privatedir=/usr/local/etc/samba/private/ \ --with-lockdir=/var/lock/samba/ \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba/ make ------------- Solution : NONE ------------- ------------- Compile Log: Compiling lib/util_wunistr.c with libtool lib/util_wunistr.c: In function `dos_buffer2_to_str': lib/util_wunistr.c:227: warning: initialization from incompatible pointer type lib/util_wunistr.c: In function `dos_buffer2_to_multistr': lib/util_wunistr.c:256: warning: initialization from incompatible pointer type include/unicode_map_table.h: At top level: In file included from lib/util_wunistr.c:929: include/unicode_map_table.h:61170: parse error before character 020 make: *** [lib/util_wunistr.lo] Error 1 ------------- P.S.: how can i get cvs to tell me the date and time of my last update ? ^^^^ ^^^ ^^^^^^^^^^ Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From mg at plum.de Mon May 1 10:20:06 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:39 2003 Subject: Password change under NT References: Message-ID: <007f01bfb356$d265f5c0$1004010a@plum.int> > Hi all. I'm currently having problems with changing passwords under NT and > having this new password being stored in /etc/yp/passwd and smbpasswd. Its not working as of TNG 2.5, but Luke promised to fix it ;) regards, Michael From peter at cadcamlab.org Mon May 1 10:21:16 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:39 2003 Subject: Problems Starting SAMBA References: <3909F4F6.3AAF3A1F@aw.com.pl> <390A5FB8.2D2F204E@dynetics.com> Message-ID: <14605.22215.810105.612735@wire.cadcamlab.org> [Jim Levie] > Except for a problem with gcc having an internal error w/optimzation > on in rpcclient.c (fix by using Sun's cc or turn off optimization) I reported this to the gcc people. gcc 2.95.2 compiles it with -O0 and -O2 but not with -O. Since I'm using Linux/i386, it seems the bug is rather backend-independent. > I have some suspicions that at least some of the Solaris problems may > be directly attributed to the daemons being split out. Are they just suspicions, or do you have any evidence? Does Solaris not have a good implementation of Unix domain sockets? In my (rather limited) experience, modularity nearly always makes for easier debugging. Peter From lkcl at samba.org Mon May 1 10:55:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: AW: AW: can't login from windows nt anymore In-Reply-To: Message-ID: ok, exactly what did you do at this time? it was probably something very specific, e.g... oh, i dunno... you ran usrmgr.exe or anything? On Mon, 1 May 2000, Oliver Malang wrote: > > > > On Mon, 1 May 2000, Oliver Malang wrote: > > > > > > > > look if your nmbd is running. > > > I had exactly the same problem and I saw that my nmbd was not > > running any > > > more. the logfile said something about panic...I think nmbd just crashed > > > somehow. > > > > that's a fairly serious problem, nmbd crashing: it's a critical single > > process (multi-purpose). > > > > can you get more details, please follow jens' reporting template. > > ok, here it is: > linux, suse 6.2, kernel 2.2.13 > gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > samba-tng 2.5 > > I'm running tng for a week now. my workstation is a win2k pro and samba is > acting as a pdc. domain logons work fine so far with the single exception > described above. the strange thing is, that before the domain logon failed, > I recognized, that my IE was getting VERY slow!?!? I restarted my machine(as > this often helps for MS problems...) and then after logging on the domain, > win2k said it could not load the server profile and will use a temporary > local profile. so I took a look at my linux box and saw that nmbd was not > running any more. I started it again and *wow*, the domain logon succeded as > before. besides the IE was working at normal speed again(I've no idea if > this problem was in cunjunction with the nmbd...). > > the problem occurred only once so far. I can not reproduce it (I'm afraid I > have no idea how to do....bad luck for you;-)) > > smb.conf is attached > the respective part of log.nmb follows at the bottom of this mail > > hope I didn't forget anything... > > :)regards > oliver > > > ------------------------------------------------------------------------ > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > process_logon_packet: Logon from 192.168.0.5: code = 0x7 > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > Got SIGHUP dumping debug info. > dump_workgroups() > dump workgroup on subnet 192.168.0.3: netmask= 255.255.255.0: > OMBOX.NET(1) current master browser = MISTRESS > MISTRESS 400c9b0b (Samba TNG-alpha) > SLAVE 40011003 () > =============================================================== > INTERNAL ERROR: Signal 11 in pid 23654 (TNG-alpha) > Please read the file BUGS.txt in the distribution > =============================================================== > PANIC: internal error > [2000/04/27 10:52:49, 1] nmbd/nmbd.c:main(760) > Netbios nameserver version TNG-alpha started. > Copyright Andrew Tridgell 1994-1998 > started asyncdns process 26000 > add_domain_logon_names: > Attempting to become logon server for workgroup OMBOX.NET on subnet > 192.168.0.3 > add_domain_logon_names: > Attempting to become logon server for workgroup OMBOX.NET on subnet > UNICAST_SUBNET > become_domain_master_browser_wins: > Attempting to become domain master browser on workgroup OMBOX.NET, subnet > UNICAST_SUBNET. > become_domain_master_browser_wins: querying WINS server at IP 192.168.0.3 > for domain master browser name OMBOX.NET<1b> on workgroup OMBOX.NET > become_logon_server_success: Samba is now a logon server for workgroup > OMBOX.NET on subnet UNICAST_SUBNET > ***** > > Samba server MISTRESS is now a domain master browser for workgroup OMBOX.NET > on subnet UNICAST_SUBNET > > ***** > become_domain_master_browser_bcast: > Attempting to become domain master browser on workgroup OMBOX.NET on subnet > 192.168.0.3 > become_domain_master_browser_bcast: querying subnet 192.168.0.3 for domain > master browser on workgroup OMBOX.NET > become_logon_server_success: Samba is now a logon server for workgroup > OMBOX.NET on subnet 192.168.0.3 > ***** > ---------------------------------------------------------------------------- > - > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon May 1 10:57:00 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile In-Reply-To: <20000501121607.A17053@shadowland.sc> Message-ID: argh. this is because your compiler is running out of memory: include/unicode_map_table.h is 3mb in size. i'll be dealing with this one, soon. On Mon, 1 May 2000, Jens Skripczynski wrote: > > G E N E R A L > * * * * * * * * > ------------- > OS : linux (redhat 6.2b) > ------------- > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > ------------- > CVS-Branch : SAMBA_TNG > ------------- > Version/Date: today (how can I retrive the time of the last update ?) > ------------- > Error Type : reproduceable > ------------- > Short Desc. : compile error with smbd > ------------- > Trigger : > > make distclean > CFLAGS="-m486 -O2" ./configure \ > --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ > --with-gnu-ld \ > --with-automount \ > --with-pam \ > --with-sam-pwdb=passdb \ > --with-syslog \ > --with-privatedir=/usr/local/etc/samba/private/ \ > --with-lockdir=/var/lock/samba/ \ > --sysconfdir=/usr/local/etc/samba \ > --localstatedir=/var/log/samba/ > make > > ------------- > Solution : NONE > ------------- > > ------------- > Compile Log: > Compiling lib/util_wunistr.c with libtool > lib/util_wunistr.c: In function `dos_buffer2_to_str': > lib/util_wunistr.c:227: warning: initialization from incompatible pointer type > lib/util_wunistr.c: In function `dos_buffer2_to_multistr': > lib/util_wunistr.c:256: warning: initialization from incompatible pointer type > include/unicode_map_table.h: At top level: > In file included from lib/util_wunistr.c:929: > include/unicode_map_table.h:61170: parse error before character 020 > make: *** [lib/util_wunistr.lo] Error 1 > > > ------------- > > > P.S.: how can i get cvs to tell me the date and time of my last update ? > ^^^^ ^^^ ^^^^^^^^^^ > > > Ciao > > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > > Computers are like airconditioners: They stop working > properly if you open windows. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Mon May 1 10:57:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: Password change under NT In-Reply-To: <007f01bfb356$d265f5c0$1004010a@plum.int> Message-ID: On Mon, 1 May 2000, Michael Glauche wrote: > > Hi all. I'm currently having problems with changing passwords under NT and > > having this new password being stored in /etc/yp/passwd and smbpasswd. > > Its not working as of TNG 2.5, but Luke promised to fix it ;) *big grin* i did, didn't i? From peter at cadcamlab.org Mon May 1 11:06:02 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:40 2003 Subject: make distclean (make realclean) References: <20000430114736.A1303@shadowland.sc> Message-ID: <14605.25374.777803.209729@wire.cadcamlab.org> [Jens Skripczynski] > wouldn't it be better to write: > realclean: clean > -rm -f config.log > -rm -rf bin/.libs > -rm -f bin/* > > Which will erase the .dummy file, and all compiled libraries and executeales. Not quite. "*" does not include ".*" for most Unix shells. A good thing, too, because you usually do not want to include "..". My usual idiom for getting all files in a directory is "* .??*" which is not perfect but works as long as I don't have any ".?" files. Peter From peter at cadcamlab.org Mon May 1 11:20:43 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile References: <20000501121607.A17053@shadowland.sc> Message-ID: <14605.26634.929705.644370@wire.cadcamlab.org> [Jens Skripczynski] > P.S.: how can i get cvs to tell me the date and time of my last update ? find {source-dir} -name CVS | xargs ls -ldt | head -1 to see the newest CVS directory. Peter From malang at netengine.at Mon May 1 11:25:01 2000 From: malang at netengine.at (Oliver Malang) Date: Tue Dec 2 02:29:40 2003 Subject: AW: AW: can't login from windows nt anymore In-Reply-To: Message-ID: I REALLY have no idea...sorry. but I promise to be more cautious the next time:) > ok, exactly what did you do at this time? it was probably something very > specific, e.g... oh, i dunno... you ran usrmgr.exe or anything? > > On Mon, 1 May 2000, Oliver Malang wrote: > > > > > > > On Mon, 1 May 2000, Oliver Malang wrote: > > > > > > > > > > > look if your nmbd is running. > > > > I had exactly the same problem and I saw that my nmbd was not > > > running any > > > > more. the logfile said something about panic...I think nmbd > just crashed > > > > somehow. > > > > > > that's a fairly serious problem, nmbd crashing: it's a critical single > > > process (multi-purpose). > > > > > > can you get more details, please follow jens' reporting template. > > > > ok, here it is: > > linux, suse 6.2, kernel 2.2.13 > > gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > > samba-tng 2.5 > > > > I'm running tng for a week now. my workstation is a win2k pro > and samba is > > acting as a pdc. domain logons work fine so far with the single > exception > > described above. the strange thing is, that before the domain > logon failed, > > I recognized, that my IE was getting VERY slow!?!? I restarted > my machine(as > > this often helps for MS problems...) and then after logging on > the domain, > > win2k said it could not load the server profile and will use a temporary > > local profile. so I took a look at my linux box and saw that > nmbd was not > > running any more. I started it again and *wow*, the domain > logon succeded as > > before. besides the IE was working at normal speed again(I've no idea if > > this problem was in cunjunction with the nmbd...). > > > > the problem occurred only once so far. I can not reproduce it > (I'm afraid I > > have no idea how to do....bad luck for you;-)) > > > > smb.conf is attached > > the respective part of log.nmb follows at the bottom of this mail > > > > hope I didn't forget anything... > > > > :)regards > > oliver > > > > > > ------------------------------------------------------------------------ > > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > > process_logon_packet: Logon from 192.168.0.5: code = 0x7 > > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > > process_logon_packet: Logon from 192.168.0.5: code = 0x12 > > Got SIGHUP dumping debug info. > > dump_workgroups() > > dump workgroup on subnet 192.168.0.3: netmask= 255.255.255.0: > > OMBOX.NET(1) current master browser = MISTRESS > > MISTRESS 400c9b0b (Samba TNG-alpha) > > SLAVE 40011003 () > > =============================================================== > > INTERNAL ERROR: Signal 11 in pid 23654 (TNG-alpha) > > Please read the file BUGS.txt in the distribution > > =============================================================== > > PANIC: internal error > > [2000/04/27 10:52:49, 1] nmbd/nmbd.c:main(760) > > Netbios nameserver version TNG-alpha started. > > Copyright Andrew Tridgell 1994-1998 > > started asyncdns process 26000 > > add_domain_logon_names: > > Attempting to become logon server for workgroup OMBOX.NET on subnet > > 192.168.0.3 > > add_domain_logon_names: > > Attempting to become logon server for workgroup OMBOX.NET on subnet > > UNICAST_SUBNET > > become_domain_master_browser_wins: > > Attempting to become domain master browser on workgroup > OMBOX.NET, subnet > > UNICAST_SUBNET. > > become_domain_master_browser_wins: querying WINS server at IP > 192.168.0.3 > > for domain master browser name OMBOX.NET<1b> on workgroup OMBOX.NET > > become_logon_server_success: Samba is now a logon server for workgroup > > OMBOX.NET on subnet UNICAST_SUBNET > > ***** > > > > Samba server MISTRESS is now a domain master browser for > workgroup OMBOX.NET > > on subnet UNICAST_SUBNET > > > > ***** > > become_domain_master_browser_bcast: > > Attempting to become domain master browser on workgroup > OMBOX.NET on subnet > > 192.168.0.3 > > become_domain_master_browser_bcast: querying subnet 192.168.0.3 > for domain > > master browser on workgroup OMBOX.NET > > become_logon_server_success: Samba is now a logon server for workgroup > > OMBOX.NET on subnet 192.168.0.3 > > ***** > > > ------------------------------------------------------------------ > ---------- > > - > > > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > From lkcl at samba.org Mon May 1 11:41:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: AW: AW: can't login from windows nt anymore In-Reply-To: Message-ID: On Mon, 1 May 2000, Oliver Malang wrote: > I REALLY have no idea...sorry. but I promise to be more cautious the next > time:) no, please don't be: break it as much as you can! > > ok, exactly what did you do at this time? it was probably something very > > specific, e.g... oh, i dunno... you ran usrmgr.exe or anything? From malang at netengine.at Mon May 1 11:55:47 2000 From: malang at netengine.at (Oliver Malang) Date: Tue Dec 2 02:29:40 2003 Subject: AW: AW: AW: can't login from windows nt anymore In-Reply-To: Message-ID: oh....what i wanted to say was: when I break it the next time, I will follow it more closely.(be cautious what i am doing before it crashes, not be cautious that it doesn't crash again). Obviously I've just chosen the wrong words for the right meaning....my english is not perfect:) > -----Ursprungliche Nachricht----- > Von: Luke Leighton [mailto:lkcl@samba.org] > Gesendet: Montag, 1. Mai 2000 13:42 > An: Oliver Malang > Cc: Multiple recipients of list SAMBA-NTDOM > Betreff: Re: AW: AW: can't login from windows nt anymore > > > On Mon, 1 May 2000, Oliver Malang wrote: > > > I REALLY have no idea...sorry. but I promise to be more > cautious the next > > time:) > > no, please don't be: break it as much as you can! > > > > ok, exactly what did you do at this time? it was probably > something very > > > specific, e.g... oh, i dunno... you ran usrmgr.exe or anything? > > From Skripi at hrzpub.tu-darmstadt.de Mon May 1 12:33:00 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile In-Reply-To: ; from lkcl@samba.org on Mon, May 01, 2000 at 08:57:00PM +1000 References: <20000501121607.A17053@shadowland.sc> Message-ID: <20000501143300.A17563@shadowland.sc> Luke Kenneth Casson Leighton: > argh. this is because your compiler is running out of memory: > include/unicode_map_table.h is 3mb in size. > > i'll be dealing with this one, soon. Well, i thought 128 MB of Ram should suffice. Would shall the people do with their 486/16MB Manchienes ... !? Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Mon May 1 12:13:07 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:40 2003 Subject: make distclean (make realclean) In-Reply-To: <14605.25374.777803.209729@wire.cadcamlab.org>; from peter@cadcamlab.org on Mon, May 01, 2000 at 06:06:02AM -0500 References: <20000430114736.A1303@shadowland.sc> <14605.25374.777803.209729@wire.cadcamlab.org> Message-ID: <20000501141307.A17494@shadowland.sc> Peter Samuelson: > > [Jens Skripczynski] > > wouldn't it be better to write: > > realclean: clean > > -rm -f config.log > > -rm -rf bin/.libs > > -rm -f bin/* > > > > Which will erase the .dummy file, and all compiled libraries and executeales. > > Not quite. "*" does not include ".*" for most Unix shells. A good > thing, too, because you usually do not want to include "..". My usual > idiom for getting all files in a directory is "* .??*" which is not > perfect but works as long as I don't have any ".?" files. This is why i chose bin/*. because 'ls -la' yields: ./ .cvsignore .libs/ libmsrpc.la libsamba.la libsurs.la ../ .dummy CVS/ libnmb.la libsmb.la libubiqx.la So might want to erase all l ibs, smbd, nmbd,... maybe the dummy file but not the 'bin/CVS/*' dir and not 'bin/.cvsignore'. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pjdc at eircom.net Mon May 1 13:54:35 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:40 2003 Subject: netlogond 95%cpu In-Reply-To: Peter Samuelson's message of "Mon, 1 May 2000 19:30:53 +1000" References: <14605.19777.791963.517455@wire.cadcamlab.org> Message-ID: >>>>> "Peter" == Peter Samuelson writes: Peter> Sounds like you need a key-value database for your passwd Peter> file. Most Unices have an option for this somewhere, if Peter> you dig for it. If your vendor doesn't, you can probably Peter> hack it with loopback NIS. Although ugly in the extreme, I Peter> expect this would be faster (as your passwd file scales Peter> up). It's the smbpasswd file that is the problem, not /etc/passwd. You should be able to build Samba with the --with-sampwdb=tdb, which will use Samba's Way Cool (R) key-value database. Peter> Peter Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon May 1 13:34:50 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile References: <20000501121607.A17053@shadowland.sc> <20000501143300.A17563@shadowland.sc> Message-ID: <390D87FA.31884A1A@kneschke.de> Jens Skripczynski wrote: > > Luke Kenneth Casson Leighton: > > argh. this is because your compiler is running out of memory: > > include/unicode_map_table.h is 3mb in size. > > > > i'll be dealing with this one, soon. > Well, i thought 128 MB of Ram should suffice. Would shall the people do > with their 486/16MB Manchienes ... !? Maybe we have more time and swap! :-) Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From mg at plum.de Mon May 1 14:45:41 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile References: <20000501121607.A17053@shadowland.sc> <20000501143300.A17563@shadowland.sc> Message-ID: <001f01bfb37b$ec2f37d0$1004010a@plum.int> > Luke Kenneth Casson Leighton: > > argh. this is because your compiler is running out of memory: > > include/unicode_map_table.h is 3mb in size. > > > > i'll be dealing with this one, soon. > Well, i thought 128 MB of Ram should suffice. Would shall the people do > with their 486/16MB Manchienes ... !? hmm .. it compiles fine on my home-server (p133, 32 mb ram + 32 mb swap) .. I did get other error-messages than this one (like "compiler ran out of virtual memory" or so) altough I had to stop nearly every service running ... ;))) regards, Michael From jahall at nea.org Mon May 1 15:17:45 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain Message-ID: I have compiled and started Samba-TNG-2.5, but I cannot join the domain. When I use samedit to create the computer account, I receive the following message SAM Create Domain User Domain: XXXXX Name: net-admin$ ACB: [W ] Resetting Trust Account to insecure, initial, well-known value: "net-admin" net-admin can now be joined to the domain, which should be done on a private, secure network as soon as possible Create Domain User: FAILED When I try to join the domain from the NT Workstation, I receive the following message: Unable to connect to the domain controller for this domain. Have your administrator check the computer account in the domain. Any suggestions? Thanks in advance for your help. Jay From helas at rbg.informatik.tu-darmstadt.de Mon May 1 15:31:55 2000 From: helas at rbg.informatik.tu-darmstadt.de (Martin Helas) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain In-Reply-To: Message-ID: > I have compiled and started Samba-TNG-2.5, but I cannot join the domain. > > When I use samedit to create the computer account, I receive the > following > message > > SAM Create Domain User > Domain: XXXXX Name: net-admin$ ACB: [W ] > Resetting Trust Account to insecure, initial, well-known value: > "net-admin" > net-admin can now be joined to the domain, which should > be done on a private, secure network as soon as possible > Create Domain User: FAILED > > When I try to join the domain from the NT Workstation, I receive > the following > message: > > Unable to connect to the domain controller for this domain. Have your > administrator check the computer account in the domain. > > Any suggestions? Thanks in advance for your help. > have you added an account using "useradd -s /bin/false -c "Workstation account for Net-Admin" -d /tmp net-admin$" first you have to add an account on the Linux machine Martin > > > Jay > -- Martin Helas Network Admin-Group of the Ludwig-Georgs-Gymnasium Darmstadt mh@lgg.da.schule.hessen.de or helas@gmx.net From pjdc at eircom.net Mon May 1 15:43:58 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile In-Reply-To: "Michael Glauche"'s message of "Tue, 2 May 2000 00:50:48 +1000" References: <20000501121607.A17053@shadowland.sc> <20000501143300.A17563@shadowland.sc> <001f01bfb37b$ec2f37d0$1004010a@plum.int> Message-ID: >>>>> "Michael" == Michael Glauche writes: Michael> I did get other error-messages than this one (like Michael> "compiler ran out of virtual memory" or so) If you are using Linux, there is a quick trick you can do to use a file for swap. Basically, create a large empty file using dd to copy from /dev/zero, do a sync, runk mkswap on the new file and then do swapon. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mharo at area51.fremont.ca.us Mon May 1 19:31:34 2000 From: mharo at area51.fremont.ca.us (Michael Haro) Date: Tue Dec 2 02:29:40 2003 Subject: Samba 2.0.7 PDC and Win2K Message-ID: <20000501123134.A24382@area51.fremont.ca.us> Hi, I'm trying to get Win2K to login to a domain where samba acts as the PDC. I saw postings talking about how 2.0.6 will never support Win2K and domain logins, but haven't been able to find anything about 2.0.7. Does 2.0.7 support this or do I need to download a branch from the CVS repo? The error Win2K gives me when I try to join the domain is: The procedure number is out of range. my smb.conf global section: [global] workgroup = AREA51 server string = Samba Server load printers = no log file = /var/log/log.%m max log size = 50 security = user encrypt passwords = yes smbpasswd file = /usr/local/samba/private/smbpasswd socket options = TCP_NODELAY local master = yes os level = 34 domain master = yes preferred master = yes domain logons = yes logon home = \\%L\%U logon drive = H: wins support = yes wins proxy = yes dns proxy = no deadtime = 10 time server = yes Thanks, Michael From ralf at is.rice.edu Mon May 1 20:22:27 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain Message-ID: Please someone help!!!! I already posted before a call for help and nobody answered. I can't join the domain!!!!! This is what the log registers if I try "smbclient -L samba_server -Uusername" *********** msrpc_receive: failed domain_client_validate: unable to validate password for user ralf in domain BOSANOVA_TNG to Domain controller \\.. SMB LM/NT Password did not match! Rejecting user 'ralf': authentication failed netbios connect: name1=*SMBSERVER name2=SULPHUR ********* On the command line I get this: sulphur.is.rice.edu# ../bin/smbclient -L sulphur -Uralf doing parameter workgroup = BOSANOVA_TNG doing parameter server string = Samba Server TNG %v doing parameter netbios name = sulphur doing parameter encrypt passwords = yes doing parameter security = user doing parameter smb passwd file = /usr/site/samba-cvs/private/smbpasswd doing parameter log level = 2 added interface ip=128.42.42.19 bcast=128.42.42.255 nmask=255.255.255.0 Password: failed session setup failed session setup If I try to make an NT4.0 machine join the domain, I get the "Check the computer account on the domain" thing. The accounts for the computer and the user were created with samedit, by root. So, they are in the proper format -I would think-. For sure it is not the format that samba 2.0.6 uses. Again, here's the smb.conf file: [global] debug level = 3 workgroup = BOSANOVA_TNG server string = Samba Server TNG %v netbios name = sulphur encrypt passwords = yes security = user smb passwd file = /usr/site/samba-cvs/private/smbpasswd log level = 2 log file = /usr/site/samba-cvs/var/logs/log.%m_%U max log size = 100 socket options = TCP_NODELAY printcap name = /etc/printcap logon path = "" logon drive = U: domain logons = Yes os level = 65 preferred master = Yes domain master = Yes local master = yes time server = yes dns proxy = No wins support = Yes hosts allow = 128.42. 127.0.0.1 domain group map = /opt2/samba-cvs/sunos5/lib/domaingroup.map user name map = /opt2/samba-cvs/sunos5/lib/username.map local group map = /opt2/samba-cvs/sunos5/lib/localgroup.map domain user map = /opt2/samba-cvs/sunos5/lib/domainuser.map Please!!!! Anybody sees something wrong here??? This is what the smbpasswd looks like: sulphur$:60005:3D848D03D4982961AAD3B435B51404EE:AB780236A0CE61104D60C0F80B2889EF:[W ]:LCT-3909A3FE: toshiba$:60004:9AAA0D46684DD8A1AAD3B435B51404EE:97A0B6F8FA0E90598CDE871E1EA5E63E:[W ]:LCT-390DCD27: ralf:19544:04A583FB3B6E196D7584248B8D2C9F9E:D91099AFB6FDED30AE9D87CCC4BFA56E:[U ]:LCT-3909A498: Please help. Thanks; Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- From helas at rbg.informatik.tu-darmstadt.de Mon May 1 20:35:35 2000 From: helas at rbg.informatik.tu-darmstadt.de (Martin Helas) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain In-Reply-To: Message-ID: Have you started all the daemons with the "-d" command before adding that account? I already had that problem. If the daemons are not started, samedit won't work. It would also be helpful to have a look on the log files. (level 10 or something like this) Martin > > > Yes. I have created the computer account using useradd. > > Any other suggestions. > > I have compiled and started Samba-TNG-2.5, but I cannot join the domain. > > > > When I use samedit to create the computer account, I receive the > > following > > message > > > > SAM Create Domain User > > Domain: XXXXX Name: net-admin$ ACB: [W ] > > Resetting Trust Account to insecure, initial, well-known value: > > "net-admin" > > net-admin can now be joined to the domain, which should > > be done on a private, secure network as soon as possible > > Create Domain User: FAILED > > > > When I try to join the domain from the NT Workstation, I receive > > the following > > message: > > > > Unable to connect to the domain controller for this domain. Have your > > administrator check the computer account in the domain. > > > > Any suggestions? Thanks in advance for your help. > > > > have you added an account using "useradd -s /bin/false -c "Workstation > account for Net-Admin" -d /tmp net-admin$" > > first you have to add an account on the Linux machine > > > Martin > > > > > > > > Jay > > > -- > > > - - - - - - - - - - - - End of Original Message - - - - - - - - - - - - > > -- Martin Helas Network Admin-Group of the Ludwig-Georgs-Gymnasium Darmstadt mh@lgg.da.schule.hessen.de or helas@gmx.net From helas at rbg.informatik.tu-darmstadt.de Mon May 1 20:41:01 2000 From: helas at rbg.informatik.tu-darmstadt.de (Martin Helas) Date: Tue Dec 2 02:29:40 2003 Subject: no way to login from nt Message-ID: Hi, I am using Samba-TNG alpha 2.5 on a Linux-i386 system. I have added the machine-account and the user account. After starting all the daemons, I try to login from the NT m/c (NT 4, SP 5). But NT tells me, that it is not possible yet, to login, because there is no Domain-Controller on the domain home. When trying to login as user I added local on the NT m/c before, I am able to login. I attached all the logs using log-level 10 as well as my smb.conf. Martin -- Martin Helas Network Admin-Group of the Ludwig-Georgs-Gymnasium Darmstadt mh@lgg.da.schule.hessen.de or helas@gmx.net -------------- next part -------------- A non-text attachment was scrubbed... Name: tng.zip Type: application/x-zip-compressed Size: 24374 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000501/0a535189/tng.bin From ralf at is.rice.edu Mon May 1 20:51:10 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain In-Reply-To: Message-ID: Forgot to mention. I'm using SAMBA-2.5 TNG on Solaris 2.6 Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- On Tue, 2 May 2000, Alfredo Ramos wrote: > > Please someone help!!!! > > I already posted before a call for help and nobody answered. I can't join > the domain!!!!! > > This is what the log registers if I try > "smbclient -L samba_server -Uusername" > > *********** > > msrpc_receive: failed > domain_client_validate: unable to validate password > for user ralf in domain BOSANOVA_TNG to Domain > controller \\.. > SMB LM/NT Password did not match! > Rejecting user 'ralf': authentication failed > netbios connect: name1=*SMBSERVER name2=SULPHUR > > ********* > > On the command line I get this: > > sulphur.is.rice.edu# ../bin/smbclient -L sulphur -Uralf > doing parameter workgroup = BOSANOVA_TNG > doing parameter server string = Samba Server TNG %v > doing parameter netbios name = sulphur > doing parameter encrypt passwords = yes > doing parameter security = user > doing parameter smb passwd file = /usr/site/samba-cvs/private/smbpasswd > doing parameter log level = 2 > added interface ip=128.42.42.19 bcast=128.42.42.255 nmask=255.255.255.0 > Password: > failed session setup > failed session setup > > If I try to make an NT4.0 machine join the domain, I get the "Check the > computer account on the domain" thing. > > The accounts for the computer and the user were created with samedit, by > root. So, they are in the proper format -I would think-. For sure it is > not the format that samba 2.0.6 uses. > > Again, here's the smb.conf file: > > [global] > debug level = 3 > workgroup = BOSANOVA_TNG > server string = Samba Server TNG %v > netbios name = sulphur > encrypt passwords = yes > security = user > smb passwd file = /usr/site/samba-cvs/private/smbpasswd > log level = 2 > log file = /usr/site/samba-cvs/var/logs/log.%m_%U > max log size = 100 > socket options = TCP_NODELAY > printcap name = /etc/printcap > logon path = "" > logon drive = U: > domain logons = Yes > os level = 65 > preferred master = Yes > domain master = Yes > local master = yes > time server = yes > dns proxy = No > wins support = Yes > hosts allow = 128.42. 127.0.0.1 > domain group map = /opt2/samba-cvs/sunos5/lib/domaingroup.map > user name map = /opt2/samba-cvs/sunos5/lib/username.map > local group map = /opt2/samba-cvs/sunos5/lib/localgroup.map > domain user map = /opt2/samba-cvs/sunos5/lib/domainuser.map > > > Please!!!! Anybody sees something wrong here??? > > This is what the smbpasswd looks like: > > sulphur$:60005:3D848D03D4982961AAD3B435B51404EE:AB780236A0CE61104D60C0F80B2889EF:[W > ]:LCT-3909A3FE: > toshiba$:60004:9AAA0D46684DD8A1AAD3B435B51404EE:97A0B6F8FA0E90598CDE871E1EA5E63E:[W > ]:LCT-390DCD27: > ralf:19544:04A583FB3B6E196D7584248B8D2C9F9E:D91099AFB6FDED30AE9D87CCC4BFA56E:[U > ]:LCT-3909A498: > > > Please help. > > Thanks; > > Al. > > > > --------------------------------------------------------------------------------- > | Alfredo Ramos > This space available for rent. | New Media & Student Computing > Get your product moving. Advertise here! | Rice University. > | Email: ralf@is.rice.edu > --------------------------------------------------------------------------------- > > From lharold at mrc.uidaho.edu Mon May 1 21:19:40 2000 From: lharold at mrc.uidaho.edu (Len Harold) Date: Tue Dec 2 02:29:40 2003 Subject: TNG does not compile on HP-UX Message-ID: <200005012119.OAA08635@hydra.mrc.uidaho.edu> I still can't get TNG to compile under HP-UX 10.20 using either HP's cc 10.32.05 or gcc 2.7.2.1. The error message is actually from the linker (ld B.10.37) but I'm guessing it is a library problem. The error message is: /usr/bin/ld: Unsatisfied symbols: dlclose (code) /usr/bin/ld: Invalid loader fixup for symbol "global_myworkgroup". *** Error exit code 1 Len From pjdc at eircom.net Mon May 1 21:53:19 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:40 2003 Subject: Unable to join domain In-Reply-To: "Martin Helas"'s message of "Tue, 2 May 2000 06:37:35 +1000" References: Message-ID: >>>>> "Martin" == Martin Helas writes: Martin> Have you started all the daemons with the "-d" command "-D" perhaps? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From williamdiaz at starmedia.com Mon May 1 23:02:02 2000 From: williamdiaz at starmedia.com (williamdiaz@starmedia.com) Date: Tue Dec 2 02:29:40 2003 Subject: Problem start sesion Message-ID: <20000501230202.19577.cpmta@c009.sfo.cp.net> =========================================================================== Message in English Hello. Pardon the bad thing of ingles, which happens is that this message this writing in Spanish and translated by one of those programs translators. I have a machine qbex with linux redhat 6,1 and samba (version between 2.0.5a and 2,0,6) like server of dominions, and here they validate the machine win98, but it presents/displays the following problem: Accustom valued perfect the user, but you accustom no, showing the message that his key not is correct (and I am 100% insurance that if it is it), today 1 of May in the morning I let make session with a user, and as 2 hours later I do not let make session with any user (not even with whom I enter the morning). Work in a University, and tomorrow must give service of Internet and if you do not validate the users cannot be used the terminals win98. That it will be the problem. I already reviewed the configuration and not this modified (bony it has the same one of when it worked). I hope to be able to have answer soon. =========================================================================== =========================================================================== Mensaje en español Hola. Perdone lo malo del ingles, lo que pasa es que este mensaje esta escrito en español y traducido por uno de esos programas traductores Poseo una maquina qbex con linux redhat 6.1 y samba (versión entre la 2.0.5a y 2.0.6) como servidor de dominios, y aquí validan las maquinas win98, pero presenta el siguiente problema: Aveces valida perfecto el usuario, pero aveces no, mostrando el mensaje que su clave no es correcta (y estoy 100% seguro que si lo es), hoy 1 de mayo en la mañana dejo hacer sesión con un usuario, y como 2 horas después no dejo hacer sesión con ningún usuario (ni siquiera con el que entro en la mañana). Trabajo en una Universidad, y mañana se tiene que dar servicio de internet y si no validad los usuarios no se pueden usar las terminales win98. Que será el problema. Ya revisé la configuración y no esta modificada (ósea tiene la misma de cuando funcionaba). Espero poder tener respuesta pronto. ============================================================================== William Cúcuta - Colombia Abre gratis una cuenta de email en StarMedia Mail. El mejor servicio de email gratis de toda Latinoamérica. http://www.starmedia.com From gregr at ee.uwa.edu.au Tue May 2 01:10:36 2000 From: gregr at ee.uwa.edu.au (Greg Roberts) Date: Tue Dec 2 02:29:40 2003 Subject: Password change under NT In-Reply-To: <007f01bfb356$d265f5c0$1004010a@plum.int> Message-ID: On Mon, 1 May 2000, Michael Glauche wrote: > > Hi all. I'm currently having problems with changing passwords under NT and > > having this new password being stored in /etc/yp/passwd and smbpasswd. > > Its not working as of TNG 2.5, but Luke promised to fix it ;) > Hmmm, ok. So what do people recommend my next step be: 1. - grab pre-2.5 source from somewhere (where?) and use this? 2. - wait for it to be fixed? I don't have a lot of time and if I can't get this feature working, then I'm going to scrap Samba all together. There's not much point in using it as a logon mechanism if users can't change their password from one point and have it updated for both smbpasswd and NIS (it would cause too much confusion). ------------ Greg Roberts Computer Systems Officer Dept. of Electrical & Electronic Engineering The University of Western Australia NEDLANDS WA 6907 Australia Ph : +61-08-9380-7366 Fax : +61-08-9380-1065 Email : gregr@ee.uwa.edu.au From lkcl at samba.org Tue May 2 01:12:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: netlogond 95%cpu In-Reply-To: Message-ID: uh... i haven't finished that, yet, paul :) On Mon, 1 May 2000, Paul J Collins wrote: > >>>>> "Peter" == Peter Samuelson writes: > > Peter> Sounds like you need a key-value database for your passwd > Peter> file. Most Unices have an option for this somewhere, if > Peter> you dig for it. If your vendor doesn't, you can probably > Peter> hack it with loopback NIS. Although ugly in the extreme, I > Peter> expect this would be faster (as your passwd file scales > Peter> up). > > It's the smbpasswd file that is the problem, not /etc/passwd. You > should be able to build Samba with the --with-sampwdb=tdb, which will > use Samba's Way Cool (R) key-value database. > > Peter> Peter > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From peter at cadcamlab.org Tue May 2 03:59:32 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:40 2003 Subject: Samba 2.0.7 PDC and Win2K References: <20000501123134.A24382@area51.fremont.ca.us> Message-ID: <14606.21015.468144.912316@wire.cadcamlab.org> [Michael Haro ] > I saw postings talking about how 2.0.6 will never support Win2K and > domain logins, but haven't been able to find anything about 2.0.7. You can read "2.0.6" as "2.0.x". If you need a domain controller, your best bet currently is the SAMBA_TNG branch, or possibly the SAMBA_TNG_2_5_GOOD branch which is a snapshot of code certain people have spoken well of. Peter From moser at egu.schule.ulm.de Tue May 2 04:59:52 2000 From: moser at egu.schule.ulm.de (Steffen Moser) Date: Tue Dec 2 02:29:40 2003 Subject: Samba 2.0.7 PDC and Win2K References: <20000501123134.A24382@area51.fremont.ca.us> Message-ID: <390E60C8.5317957A@egu.schule.ulm.de> Hi, Michael Haro wrote: > Hi, I'm trying to get Win2K to login to a domain where samba acts as the > PDC. I saw postings talking about how 2.0.6 will never support Win2K > and domain logins, but haven't been able to find anything about 2.0.7. > Does 2.0.7 support this or do I need to download a branch from the > CVS repo? "samba-2.0.x" cannot be used as a PDC for Win2k machines. AFAIK the only solution to your problem is to use "samba-TNG" instead of "samba-2.0.x". Bye, Steffen From leymarie_gerard at accor-hotels.com Tue May 2 08:14:48 2000 From: leymarie_gerard at accor-hotels.com (LEYMARIE Gerard) Date: Tue Dec 2 02:29:40 2003 Subject: Upgrade from 2.0.6 to 2.0.7 In-Reply-To: Message-ID: <002301bfb40e$7d555770$2300c839@accorhotels.com> All, Is there any know problem to upgrade from 2.0.6 to 2.0.7 version? Any special action to do, to prevent any problems? Many Thks Gerard From conrad at opus5.de Tue May 2 09:22:55 2000 From: conrad at opus5.de (Peter Conrad) Date: Tue Dec 2 02:29:40 2003 Subject: rpcclient / remote shutdown doesn't work Message-ID: <20000502112255.E501@opus5.de> Hi, I'm trying to remotely shut down an NT server from a linux box. I've seen the rpcclient command mentioned in the archives, and its shutdown -m [message] -t [timeout] ... statement. I have retrieved and compiled the latest TNG version from the CVS repository. My system is a SUSE linux with libc5. I can start rpcclient and connect to the NT server as administrator. I can issue simple commands like 'enumusers' and they work. Other commands like 'shutdown' or 'at' don't. conrad@tarantino > ./bin/rpcclient -S eastwood -U administrator added interface ip=192.168.32.2 bcast=192.168.32.255 nmask=255.255.255.0 Enter Password: Server: \\EASTWOOD: User: administrator Domain: Connection: error connecting to 192.168.32.21:445 (Connection refused) session setup ok Domain=[OPUS_5] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] OK [administrator@EASTWOOD]$ shutdown -m test -t 300 shutdown -m test -t 300 Failed [administrator@EASTWOOD]$ So what am I doing wrong? What's that port 445 it's trying to connect to on the server? Thanks, Peter -- Peter Conrad Tel.: +49-6103-5853-0 opus 5 interaktive medien gmbh Fax : +49-6103-5853-200 Frankfurter Str. 151 63303 Dreieich-Sprendlingen Germany From snail_talk at yahoo.com Tue May 2 09:44:13 2000 From: snail_talk at yahoo.com (Geoffrey Lee) Date: Tue Dec 2 02:29:40 2003 Subject: Upgrade from 2.0.6 to 2.0.7 In-Reply-To: <002301bfb40e$7d555770$2300c839@accorhotels.com> Message-ID: <000601bfb41a$f935b860$0200000a@workstation1> > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > LEYMARIE Gerard > Sent: Tuesday, May 02, 2000 4:16 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Upgrade from 2.0.6 to 2.0.7 > > > All, > > Is there any know problem to upgrade from 2.0.6 to 2.0.7 version? > i have experienced pb. > Any special action to do, to prevent any problems? > after upgrading pdc support seems a little broken, and if you awnt to fix it, yiou havet o restart NT workstation :(((( > Many Thks > > Gerard > From lkcl at samba.org Tue May 2 11:13:49 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: CVS update: samba/source/netlogond (fwd) Message-ID: someone was complaining about password changes, and *horror* threatened to drop TNG if it didn't work. ... can't have that, now, can we? :) force them to inflict alpha-code on poor unsuspecting production environments. could someone please check (matthew b?) if win9x password changes now also work? thx ppl. P.S. the "locking" code is being rewritten at the moment. TNG *can* be used for file-service, however it is recommend that you do this: posix locking = no stat cache = no and _don't_ use nfs or any other remote access to the same file-system at the same time, ok? [jeremy, locking code don't pass smbtorture at the mo., andrew n me ran a test on it in TNG, today]. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals ---------- Forwarded message ---------- Date: Tue, 2 May 2000 21:08:49 +1000 From: Luke Leighton To: Multiple recipients of list SAMBA-CVS Subject: CVS update: samba/source/netlogond Date: Tuesday May 2, 2000 @ 21:08 Author: lkcl Update of /data/cvs/samba/source/netlogond In directory samba:/tmp/cvs-serv14178/netlogond Modified Files: Tag: SAMBA_TNG srv_netlogon_nt.c Log Message: OLE!! password changing is back again, client and server. [anonymous netlogons were broken, and *encrypted* anonymous samr connections were broken!] Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From schs at apatity.ru Tue May 2 11:44:44 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:40 2003 Subject: CVS update: samba/source/netlogond (fwd) References: Message-ID: <000b01bfb42b$d2822080$0a02a8c0@SAMBA> > someone was complaining about password changes, and *horror* threatened to > drop TNG if it didn't work. > > .. can't have that, now, can we? :) force them to inflict alpha-code on > poor unsuspecting production environments. > > could someone please check (matthew b?) if win9x password changes now also > work? TNG 2.5.1 - work fine. From lkcl at samba.org Tue May 2 11:54:31 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: CVS update: samba/source/netlogond (fwd) In-Reply-To: <000b01bfb42b$d2822080$0a02a8c0@SAMBA> Message-ID: On Tue, 2 May 2000, Sergey Shibeko wrote: > > someone was complaining about password changes, and *horror* threatened to > > drop TNG if it didn't work. > > > > .. can't have that, now, can we? :) force them to inflict alpha-code on > > poor unsuspecting production environments. > > > > could someone please check (matthew b?) if win9x password changes now also > > work? > TNG 2.5.1 - work fine. urrr...... oh! From lkcl at samba.org Tue May 2 11:58:14 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:40 2003 Subject: samba-tng-alpha-2.5.2.tar.bz2 Message-ID: ftp://samba.org/pub/samba/alpha and mirror sites. smbd, whilst up-to-date with cvs main, is slightly broken - locking is under development. recommend "posix locking = no" and "stat cache = no", and don't use it with other remote fileserver systems (e.g nfs) to simultaneously access the same filesystem, if you expect locking to work ('cos it won't). please let me know if this version works for you (i fixed nt pwd changing, for example). if so, i will go to the next version-number (2.6). thx ppl, luke Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From schs at apatity.ru Tue May 2 12:41:04 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:40 2003 Subject: Not compile unicode_map for koi8-r Message-ID: <008201bfb433$ae135ea0$0a02a8c0@SAMBA> OS : Linux Mandrake 7.0RE with kernel 2.2.14 Compiler : gcc version 2.95.2 19991024 (release) CVS-Branch : samba-TNG Version/Date : 2.5.1 Error Type : reproduceable Short Desc. : Not compile unicode_map for koi8-r Trigger : ./configure : make : make install Log-Files : none smb.conf : none fix : In source/Makefile.in change CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 koi8-r to CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 ISO8859-2 ISO8859-5 ISO8859-7 KOI8-R From schs at apatity.ru Tue May 2 12:46:24 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:41 2003 Subject: Not work [homes] share Message-ID: <009701bfb434$767f0c40$0a02a8c0@SAMBA> OS : Linux Mandrake 7.0RE with kernel 2.2.14 Compiler : gcc version 2.95.2 19991024 (release) CVS-Branch : samba-TNG Version/Date: 2.5.1 Error Type : reproduceable Short Desc. : Not work [homes] share Trigger : Login as user shibeko. Open Win98 Network Neighborhood, server, : look: netlogon, profile, public, root. Log-Files : attached smb.conf : debug level = 100 workgroup = SAMBATEST domain group map = /usr/local/samba/private/domaingroup.map domain alias map = /usr/local/samba/private/domainalias.map security = user domain logons = yes encrypt passwords = yes os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = U: logon home = \\TEST\%U logon path = \\TEST\profile\%U server string = TEST TNG guest account = nobody character set = koi8-r client code page = 866 name resolve order = lmhosts wins bcast [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba/netlogon writable = no guest ok = no comment = PDC netlogon share [profile] path = /usr/local/samba/profiles writeable = yes [public] path = /usr/local/samba/public browseable = yes public = yes comment = Public share -------------- next part -------------- A non-text attachment was scrubbed... Name: log.smb.bz2 Type: application/octet-stream Size: 25576 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/9f7bfca9/log.smb.obj From lkcl at samba.org Tue May 2 12:58:14 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: Not compile unicode_map for koi8-r In-Reply-To: <008201bfb433$ae135ea0$0a02a8c0@SAMBA> Message-ID: i did that, didn't i???? On Tue, 2 May 2000, Sergey Shibeko wrote: > OS : Linux Mandrake 7.0RE with kernel 2.2.14 > Compiler : gcc version 2.95.2 19991024 (release) > CVS-Branch : samba-TNG > Version/Date : 2.5.1 > Error Type : reproduceable > Short Desc. : Not compile unicode_map for koi8-r > Trigger : ./configure > : make > : make install > Log-Files : none > smb.conf : none > fix : In source/Makefile.in change > CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 > ISO8859-2 ISO8859-5 ISO8859-7 koi8-r > to > CODEPAGELIST= 437 737 775 850 852 861 932 866 949 950 936 1251 ISO8859-1 > ISO8859-2 ISO8859-5 ISO8859-7 KOI8-R > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From pll at mclinux.com Tue May 2 13:05:06 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:41 2003 Subject: Password change under NT In-Reply-To: Your message of "Tue, 02 May 2000 11:11:51 +1000." References: Message-ID: <200005021305.JAA15793@lussier.mclinux.com> In a message dated: Tue, 02 May 2000 11:11:51 +1000 Greg Roberts said: >I don't have a lot of time and if I can't get this feature working, then >I'm going to scrap Samba all together. There's not much point in using it >as a logon mechanism if users can't change their password from one point >and have it updated for both smbpasswd and NIS (it would cause too much >confusion). One of the things we're doing, rather than try to get this working is provide a central web site on our intranet which uses SSL to allow the person to change their password. This will allow users to change both smbpasswd and /etc/passwd or yp passwords. Additionally, when we add services in the future which may require new passwords, it will be trivial to add password changing capabilities for these services to this one location. -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From schs at apatity.ru Tue May 2 13:13:59 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:41 2003 Subject: The code conversion does not work correctly with russian names of files and catalogues Message-ID: <00b001bfb438$4c049440$0a02a8c0@SAMBA> OS : Linux Mandrake 7.0RE with kernel 2.2.14 Compiler : gcc version 2.95.2 19991024 (release) CVS-Branch : samba-TNG Version/Date: 2.5.1 Error Type : reproduceable Short Desc. : The code conversion does not work correctly with russian names of files and catalogues. Trigger : in smb.conf set: : character set = koi8-r : client code page = 866 : create any file with russian name : Is created normally, but is not seen from the client machine, on server ok. : if set "client code page = 866" only, the created files see and open, : but on the server have incorrect names. Log-Files : attached smb.conf : debug level = 100 workgroup = SAMBATEST domain group map = /usr/local/samba/private/domaingroup.map domain alias map = /usr/local/samba/private/domainalias.map security = user domain logons = yes encrypt passwords = yes os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = U: logon home = \\TEST\%U logon path = \\TEST\profile\%U server string = TEST TNG guest account = nobody character set = koi8-r client code page = 866 name resolve order = lmhosts wins bcast [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba/netlogon writable = no guest ok = no comment = PDC netlogon share [profile] path = /usr/local/samba/profiles writeable = yes [public] path = /usr/local/samba/public browseable = yes public = yes comment = Public share fix : ? -------------- next part -------------- A non-text attachment was scrubbed... Name: log.smb.bz2 Type: application/octet-stream Size: 19940 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/aee6de29/log.smb.obj From kaiser at 3points.de Tue May 2 13:40:41 2000 From: kaiser at 3points.de (Marco Kaiser) Date: Tue Dec 2 02:29:41 2003 Subject: Domain / Workgroup Problems... Message-ID: Hi, i'm new at this ML and sorry for my bad english. :-P Ok here my problem. I have samba 2.0.6 he is the PDC in my local network. In the network are few Windows NT and some Win9x PC. The problem is 1x Win9x and 1x Winnt cant see any PC in the network but if i try \\ thats work. Some con see my Linux box and 1-3 NT and 1-4 Win9X and other more Win9x and none NT, Linux PC's. Whats wrong? here my Global section of the SMB server. I have on all machines the TCP/IP protocol installed ... it works great but i cat see in my Network the other PC. [global] workgroup = deepspace server string = VOYAGER keep alive = 30 debug level = 3 hosts allow = 192.168. 127. hosts deny = all interfaces = 192.168.10.1/24 bind interfaces only = yes printing = bsd printcap name = /etc/printcap load printers = yes log file = /var/log/sambalog.%m log level = 8 max log size = 50 security = user encrypt passwords = yes socket options = TCP_NODELAY nt smb support = no nt pipe support = no nt acl support = no #DOMAIN CONTROLLER os level = 50 preferred master = yes local master = yes wins support = yes domain master = yes lm interval = 0 domain logons = yes time server = yes logon path = \\%N\home\profile logon script = logon.bat name resolve order = lbcast host mhosts wins Thanks From marc.mclaughlin at eds.com Tue May 2 14:00:41 2000 From: marc.mclaughlin at eds.com (Mclaughlin, Marc) Date: Tue Dec 2 02:29:41 2003 Subject: Problem start sesion Message-ID: I needed to practice my Spanish, so I thought I would try translating William's email. Programmed translators rarely seem to work with technical terms! Regards, Marc *** START OF TRANSLATION *** I have a QBEX machine with Linux RedHat 6.1 and Samba (between version 2.0.5a and 2.0.6) as domain server, authenticating the Windows98 clients. But I have the following problem : Sometimes the user is authenticated perfectly, but at other times not, saying that the password is incorrect (and I am 100% sure that it is). Today, 1st of May, in the morning I managed to log in with a user account, but two hours later I could not log in with any user account (including the one that I used in the morning). I work in a University and tomorrow I need to be able to provide Internet access. Without user authentication the Windows 98 terminals cannot be used. What could be the problem? I have already checked the configuration and it hasn't changed (it worked previously). Hoping for a prompt reply, William *** END OF TRANSLATION *** -----Original Message----- From: williamdiaz@starmedia.com [mailto:williamdiaz@starmedia.com] Sent: 02 May 2000 00:04 To: Multiple recipients of list SAMBA-NTDOM Subject: Problem start sesion =========================================================================== Message in English Hello. Pardon the bad thing of ingles, which happens is that this message this writing in Spanish and translated by one of those programs translators. I have a machine qbex with linux redhat 6,1 and samba (version between 2.0.5a and 2,0,6) like server of dominions, and here they validate the machine win98, but it presents/displays the following problem: Accustom valued perfect the user, but you accustom no, showing the message that his key not is correct (and I am 100% insurance that if it is it), today 1 of May in the morning I let make session with a user, and as 2 hours later I do not let make session with any user (not even with whom I enter the morning). Work in a University, and tomorrow must give service of Internet and if you do not validate the users cannot be used the terminals win98. That it will be the problem. I already reviewed the configuration and not this modified (bony it has the same one of when it worked). I hope to be able to have answer soon. =========================================================================== =========================================================================== Mensaje en espa?ol Hola. Perdone lo malo del ingles, lo que pasa es que este mensaje esta escrito en espa?ol y traducido por uno de esos programas traductores Poseo una maquina qbex con linux redhat 6.1 y samba (versi?n entre la 2.0.5a y 2.0.6) como servidor de dominios, y aqu? validan las maquinas win98, pero presenta el siguiente problema: Aveces valida perfecto el usuario, pero aveces no, mostrando el mensaje que su clave no es correcta (y estoy 100% seguro que si lo es), hoy 1 de mayo en la ma?ana dejo hacer sesi?n con un usuario, y como 2 horas despu?s no dejo hacer sesi?n con ning?n usuario (ni siquiera con el que entro en la ma?ana). Trabajo en una Universidad, y ma?ana se tiene que dar servicio de internet y si no validad los usuarios no se pueden usar las terminales win98. Que ser? el problema. Ya revis? la configuraci?n y no esta modificada (?sea tiene la misma de cuando funcionaba). Espero poder tener respuesta pronto. ============================================================================ == William C?cuta - Colombia Abre gratis una cuenta de email en StarMedia Mail. El mejor servicio de email gratis de toda Latinoam?rica. http://www.starmedia.com From cwg-samba-ntdom at DeepEddy.Com Tue May 2 14:49:00 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 Message-ID: <13126.957278940@backstroke.deepeddy.com> I'm running a linux system somewhere between redhat 6.1 and 6.2, and am configuring with: ./configure --prefix=/usr --with-lockdir=/var/lock/samba --with-sambaconfdir=/etc --with-privatedir=/etc --with-swatdir=/usr/share/swat --localstatedir=/var/log/samba --with-automount --with-quotas --with-pam --with-smbmount --with-ldap and it ends with: ... checking configure summary ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config Looking in config.log, I find this: configure:9785: checking for fcntl locking configure:9798: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 /tmp/ccjBUaf2.o: In function `main': /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' collect2: ld returned 1 exit status configure: failed program was: #line 9794 "configure" #include "confdefs.h" #include "./tests/fcntl_lock.c" configure:9821: checking for broken (glibc2.1/x86) 64 bit fcntl locking configure:9834: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 tests/fcntl_lock64.c: In function `main': In file included from configure:9831: tests/fcntl_lock64.c:35: storage size of `lock' isn't known configure: failed program was: #line 9830 "configure" #include "confdefs.h" #include "./tests/fcntl_lock64.c" configure:9859: checking for 64 bit fcntl locking configure:9892: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 configure: In function `main': configure:9883: storage size of `fl64' isn't known configure: failed program was: #line 9868 "configure" #include "confdefs.h" #if defined(HAVE_UNISTD_H) #include #endif #include #include #ifdef HAVE_FCNTL_H #include #endif #ifdef HAVE_SYS_FCNTL_H #include #endif main() { struct flock64 fl64; #if defined(F_SETLKW64) && defined(F_SETLK64) && defined(F_GETLK64) exit(0); #else exit(1); #endif } -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/6f4090f7/attachment.bin From skvidal at phy.duke.edu Tue May 2 14:56:54 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <13126.957278940@backstroke.deepeddy.com> Message-ID: > I'm running a linux system somewhere between redhat 6.1 and 6.2, and am > configuring with: ditto here with a stock 6.2 and a very-odd debian slink and a half -sv From cwg-samba-ntdom at DeepEddy.Com Tue May 2 15:01:47 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <13126.957278940@backstroke.deepeddy.com> References: <13126.957278940@backstroke.deepeddy.com> Message-ID: <13386.957279707@backstroke.deepeddy.com> > From: Chris Garrigues > Date: Tue, 02 May 2000 09:49:00 -0500 > > /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' > /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' > /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' I got past this point by simply removing the 'sys_'. Was that the right thing to do? Now it configures, but whines about not having shared memory. I suspect that's a similar problem. Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/62b10592/attachment.bin From mg at plum.de Tue May 2 16:05:31 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 References: <13126.957278940@backstroke.deepeddy.com> Message-ID: <00a801bfb450$3e0372e0$0201010a@defiant> --with-lockdir=/var/lock/samb does /var/lock/samba exist ? regards, Michael From cwg-samba-ntdom at DeepEddy.Com Tue May 2 15:16:31 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <00a801bfb450$3e0372e0$0201010a@defiant> References: <13126.957278940@backstroke.deepeddy.com> <00a801bfb450$3e0372e0$0201010a@defiant> Message-ID: <13675.957280591@backstroke.deepeddy.com> -----BEGIN PGP MESSAGE----- Version: 2.6.2 owGFUs9rE0EUbk09dGFrbyIefBQxh2Y3myYxJmi0pD8IGFuwaBVUJtnJ7tjdnTAz m20u4sGfoLZeCh6KVqQX6aF/gHrqQaFHL5biqSCoiKCgF3UmrVIq4oOBefO+9+17 37e3O8LY7s58z+exudn5xetwd76z8839XT/HH23cej87M7Tyavn8hwMXvKU7L2+8 bnZ9KuXPPVxz3u1fnPu2trL8tQc9qb24d3Fhfb345emksXHZWiHP82+XCw8+Tqx+ H7+6p/lsdcHZ1zVf9M+4Uz+uDe89efDm40MzvUuxmOi1TJ87ZmogZ2VNPO27HTJ0 rQgjjPoFgL4KqbkIezDqobDm4j446jsnGl7omzYuKuAQElgCAc5iOwFpqKAWDFiW BVaqYOUKVh76UzKVUIU2jIgI1/Bobcom7FiyiVhSJUmO/CpSCHVsijnsqAGeJlzA cV3TtbJoQ0yAsohzqIbEs0ngQEAjEC4SUAaGfdrEtkyxvNcxw0FNkgoKcd7il+JA gnZN1wTmggMPq3IgU7GXXEa4uhgGbGUwihgjTigZdkaTsFJ5TNdcIRqFZDKKInMI 48awbbfMEvWTV2qRk+zeVt1sUDVd609BNjUAmbQ8VubwX+Rb9XQuA1ZWidgtI5NO ZWCwiYMQQ0nXxgz1OBhyQYIETEwC5I7ksikjnbPyugb/CbUnQKUF2EfEA2TbDHMO cmUUSMkbmBEfB0LJdXp8sALYIz4JkCA0kPKPUCZxikFCPbT5DrQOkXIhwnGGpVPS mgRwjOFfGgmfm67wva1pAE7RKrXlTE3MwKEC6oRJL+vya9WwpZyWvyWjnNZF4veK 1VAoQ1tQo6Fng4O3dzHstdvkcH86217r2i8= =aQN5 -----END PGP MESSAGE----- From helas at rbg.informatik.tu-darmstadt.de Tue May 2 15:32:50 2000 From: helas at rbg.informatik.tu-darmstadt.de (Martin Helas) Date: Tue Dec 2 02:29:41 2003 Subject: Domain / Workgroup Problems... In-Reply-To: Message-ID: > > Hi, > > i'm new at this ML and sorry for my bad english. :-P > > Ok here my problem. I have samba 2.0.6 he is the PDC in my local network. > In the network are few Windows NT and some Win9x PC. > The problem is 1x Win9x and 1x Winnt cant see any PC in the > network but if i > try \\ thats work. Some con see my Linux box and 1-3 NT and 1-4 > Win9X and other more Win9x and none NT, Linux PC's. Whats wrong? > > here my Global section of the SMB server. I have on all machines > the TCP/IP > protocol installed ... it works great but i cat see in my Network > the other > PC. > just try to set the wins-server on the clients to the ip of the samba-server than try it again, it should work martin From cwg-samba-ntdom at DeepEddy.Com Tue May 2 16:07:08 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: Can't log in with 2.5.2 Message-ID: <14394.957283628@backstroke.deepeddy.com> Okay, now that I've got 2.5.2 built, it's time to figure out how to get it working. Again, I'm configuring like this: ./configure --prefix=/usr --with-lockdir=/var/lock/samba --with-sambaconfdir=/etc --with-privatedir=/etc --with-swatdir=/usr/share/swat --localstatedir=/var/log/samba --with-automount --with-quotas --with-pam --with-smbmount --with-ldap My first test is: smbclient //deepeddy/ -U cwg load_unicode_map: filename /usr/lib/codepages/unicode_map.850 does not exist. added interface ip=10.1.2.1 bcast=10.1.2.255 nmask=255.255.255.0 Password: failed session setup failed session setup In log.deepeddy, I find: SMB LM/NT Password did not match! Rejecting user '<91><98>'<97>?ufff=?ls>?*+?5&~^\ibcwg': authentication failed and my ldap log shows: May 2 11:01:23 deepeddy slapd[9141]: conn=10007 fd=8 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29521]: conn=10007 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29521]: conn=10007 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29522]: conn=10007 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29522]: conn=10007 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29523]: conn=10007 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29523]: conn=10007 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29524]: conn=10007 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29524]: conn=10007 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29525]: conn=10007 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29525]: conn=10007 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29526]: conn=10007 op=5 UNBIND May 2 11:01:23 deepeddy slapd[9141]: conn=10008 fd=15 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29526]: conn=10007 op=5 fd=8 closed errno=4 May 2 11:01:23 deepeddy slapd[29527]: conn=10008 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29527]: conn=10008 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29528]: conn=10008 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29528]: conn=10008 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29529]: conn=10008 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29529]: conn=10008 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29530]: conn=10008 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29530]: conn=10008 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29531]: conn=10008 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29531]: conn=10008 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29532]: conn=10008 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29532]: conn=10008 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29533]: conn=10008 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29533]: conn=10008 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29534]: conn=10008 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29534]: conn=10008 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29535]: conn=10008 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29535]: conn=10008 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29536]: conn=10008 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29536]: conn=10008 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29537]: conn=10008 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29537]: conn=10008 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29538]: conn=10008 op=11 UNBIND May 2 11:01:23 deepeddy slapd[29538]: conn=10008 op=11 fd=15 closed errno=4 May 2 11:01:23 deepeddy slapd[9141]: conn=10009 fd=8 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29539]: conn=10009 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29539]: conn=10009 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29540]: conn=10009 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29540]: conn=10009 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29541]: conn=10009 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29541]: conn=10009 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29542]: conn=10009 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29542]: conn=10009 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29543]: conn=10009 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29543]: conn=10009 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29544]: conn=10009 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29544]: conn=10009 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29545]: conn=10009 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29545]: conn=10009 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29546]: conn=10009 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29546]: conn=10009 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29547]: conn=10009 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29547]: conn=10009 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29548]: conn=10009 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29548]: conn=10009 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29549]: conn=10009 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29549]: conn=10009 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29550]: conn=10009 op=11 UNBIND May 2 11:01:23 deepeddy slapd[29550]: conn=10009 op=11 fd=8 closed errno=4 May 2 11:01:23 deepeddy slapd[9141]: conn=10010 fd=8 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29551]: conn=10010 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29551]: conn=10010 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29552]: conn=10010 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29552]: conn=10010 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29553]: conn=10010 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29553]: conn=10010 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29554]: conn=10010 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29554]: conn=10010 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29555]: conn=10010 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29555]: conn=10010 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29556]: conn=10010 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29556]: conn=10010 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29557]: conn=10010 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29557]: conn=10010 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29558]: conn=10010 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29558]: conn=10010 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29559]: conn=10010 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29559]: conn=10010 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29560]: conn=10010 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29560]: conn=10010 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29561]: conn=10010 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29561]: conn=10010 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29562]: conn=10010 op=11 UNBIND May 2 11:01:23 deepeddy slapd[9141]: conn=10011 fd=15 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29562]: conn=10010 op=11 fd=8 closed errno=4 May 2 11:01:23 deepeddy slapd[29563]: conn=10011 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29563]: conn=10011 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29564]: conn=10011 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29564]: conn=10011 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29565]: conn=10011 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29565]: conn=10011 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29566]: conn=10011 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29566]: conn=10011 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29567]: conn=10011 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29567]: conn=10011 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29568]: conn=10011 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29568]: conn=10011 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29569]: conn=10011 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29569]: conn=10011 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29570]: conn=10011 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29570]: conn=10011 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29571]: conn=10011 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29571]: conn=10011 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29572]: conn=10011 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29572]: conn=10011 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29573]: conn=10011 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29573]: conn=10011 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29574]: conn=10011 op=11 UNBIND May 2 11:01:23 deepeddy slapd[29574]: conn=10011 op=11 fd=15 closed errno=0 May 2 11:01:23 deepeddy slapd[9141]: conn=10012 fd=8 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29575]: conn=10012 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29575]: conn=10012 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29576]: conn=10012 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29576]: conn=10012 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29577]: conn=10012 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29577]: conn=10012 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29578]: conn=10012 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29578]: conn=10012 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29579]: conn=10012 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29579]: conn=10012 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29580]: conn=10012 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29580]: conn=10012 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29581]: conn=10012 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=DEEPEDDY))" May 2 11:01:23 deepeddy slapd[29581]: conn=10012 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29582]: conn=10012 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29582]: conn=10012 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29583]: conn=10012 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29583]: conn=10012 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29584]: conn=10012 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29584]: conn=10012 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29585]: conn=10012 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29585]: conn=10012 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29586]: conn=10012 op=11 UNBIND May 2 11:01:23 deepeddy slapd[9141]: conn=10013 fd=15 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29586]: conn=10012 op=11 fd=8 closed errno=4 May 2 11:01:23 deepeddy slapd[29587]: conn=10013 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29587]: conn=10013 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29588]: conn=10013 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29588]: conn=10013 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29589]: conn=10013 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29589]: conn=10013 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29590]: conn=10013 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29590]: conn=10013 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29591]: conn=10013 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29591]: conn=10013 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29592]: conn=10013 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29592]: conn=10013 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29593]: conn=10013 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29593]: conn=10013 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29594]: conn=10013 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29594]: conn=10013 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29595]: conn=10013 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29595]: conn=10013 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29596]: conn=10013 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29596]: conn=10013 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29597]: conn=10013 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29597]: conn=10013 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29598]: conn=10013 op=11 UNBIND May 2 11:01:23 deepeddy slapd[29598]: conn=10013 op=11 fd=15 closed errno=0 May 2 11:01:23 deepeddy slapd[9141]: conn=10014 fd=8 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29599]: conn=10014 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29599]: conn=10014 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29600]: conn=10014 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29600]: conn=10014 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29601]: conn=10014 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29601]: conn=10014 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29602]: conn=10014 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29602]: conn=10014 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29603]: conn=10014 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29603]: conn=10014 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29604]: conn=10014 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29604]: conn=10014 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29605]: conn=10014 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29605]: conn=10014 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29606]: conn=10014 op=7 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29606]: conn=10014 op=7 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29607]: conn=10014 op=8 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29607]: conn=10014 op=8 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29608]: conn=10014 op=9 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29608]: conn=10014 op=9 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29609]: conn=10014 op=10 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29609]: conn=10014 op=10 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29610]: conn=10014 op=11 UNBIND May 2 11:01:23 deepeddy slapd[9141]: conn=10015 fd=15 connection from unknown (10.1.2.1) accepted. May 2 11:01:23 deepeddy slapd[29610]: conn=10014 op=11 fd=8 closed errno=4 May 2 11:01:23 deepeddy slapd[29611]: conn=10015 op=0 BIND dn="" method=128 May 2 11:01:23 deepeddy slapd[29611]: conn=10015 op=0 RESULT err=0 tag=97 nentries=0 May 2 11:01:23 deepeddy slapd[29612]: conn=10015 op=1 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29612]: conn=10015 op=1 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29613]: conn=10015 op=2 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29613]: conn=10015 op=2 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29614]: conn=10015 op=3 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29614]: conn=10015 op=3 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29615]: conn=10015 op=4 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29615]: conn=10015 op=4 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29616]: conn=10015 op=5 SRCH base="DC=DEEPEDDY,DC=COM" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29616]: conn=10015 op=5 RESULT err=9 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[29617]: conn=10015 op=6 SRCH base="O=VIRCIO,C=US" scope=2 filter="(&(objectclass=POSIXACCOUNT)(uid=??'??UFFF=?LS>?*+?5&~^\IBCWG))" May 2 11:01:23 deepeddy slapd[29617]: conn=10015 op=6 RESULT err=0 tag=101 nentries=0 May 2 11:01:23 deepeddy slapd[9141]: conn=10015 op=-1 fd=15 closed errno=0 I'll see if I can understand the code after lunch, but if someone wanted to send me pointers where to look before I get started, it would be much appreciated. Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/bc26ff65/attachment.bin From peter at cadcamlab.org Tue May 2 16:15:31 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 References: <13126.957278940@backstroke.deepeddy.com> <13386.957279707@backstroke.deepeddy.com> Message-ID: <14606.65188.793884.313057@wire.cadcamlab.org> [Chris Garrigues ] > > /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' > > /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' > > /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' That looks like a mangled merge from HEAD. (Tridge recently added those functions.) > I got past this point by simply removing the 'sys_'. Was that the > right thing to do? Yes, if my theory is correct. > Now it configures, but whines about not having shared memory. I > suspect that's a similar problem. You aren't by any chance running Linux 2.3.x, are you? If so, don't forget to mount the shm filesystem. (See Documentation/Changes.) Peter From skvidal at phy.duke.edu Tue May 2 16:16:01 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:41 2003 Subject: Can't log in with 2.5.2 In-Reply-To: <14394.957283628@backstroke.deepeddy.com> Message-ID: On Wed, 3 May 2000, Chris Garrigues wrote: > Okay, now that I've got 2.5.2 built, it's time to figure out how to get it > working. how did you get it working? I'm still getting locking errors. -sv From jojowil at hvcc.edu Tue May 2 16:30:13 2000 From: jojowil at hvcc.edu (William Jojo) Date: Tue Dec 2 02:29:41 2003 Subject: Compiling 2.5 vs 2.5.2 Message-ID: <390F0295.B38649B5@hvcc.edu> I have experienced come compile problems on AIX 4.3.2: 1) TNG alpha 2.5 & 2.5.2 Compiles fine if I do NOT enable shared libs. It tries to create a library in .libs instead of ./libs Item 1) has been a problem on AIX for some time (since alpha-0.x) and I do not know libtool, so I was not able to identify the cuase. 2) TNG alpha 2.5.2 says I do not have shared memory support where 2.5 did not complain. 3) TNG alpha 2.5.2 with gcc 2.8.1 complains that I do not have locking, but the IBM compiler seems to find it. Thought this might help. Bill -- /------------------------------------------------------\ | | | William E. Jojo, Jr. | | | | Senior Systems and Network Specialist | | | | Hudson Valley Community College | | | | (518) 629 7540 | | | | jojowil@hvcc.edu | | | \------------------------------------------------------/ So I held my up high Hiding hate that burns inside Which only fuels their selfish pride We're all held captive out from the sun A sun that shines on only some We the meek are all in one From snail_talk at yahoo.com Tue May 2 16:54:52 2000 From: snail_talk at yahoo.com (Geoffrey Lee) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <13126.957278940@backstroke.deepeddy.com> Message-ID: <001401bfb457$227c9e50$0200000a@workstation1> > > I'm running a linux system somewhere between redhat 6.1 and 6.2, and am > configuring with: > fcntl locking seems to be broekn for me too, easy fix is to grab the old .2.5 source and replace fcntl test c program files with the old versions. there were some changes and now it doesn't work .. > /configure --prefix=/usr --with-lockdir=/var/lock/samba > --with-sambaconfdir=/etc --with-privatedir=/etc > --with-swatdir=/usr/share/swat --localstatedir=/var/log/samba > --with-automount --with-quotas --with-pam --with-smbmount --with-ldap > > and it ends with: > > .. > checking configure summary > ERROR: No locking available. Running Samba would be unsafe > configure: error: summary failure. Aborting config > > Looking in config.log, I find this: > > configure:9785: checking for fcntl locking > configure:9798: gcc -o conftest -O conftest.c -lreadline -ldl > -lcrypt 1>&5 > /tmp/ccjBUaf2.o: In function `main': > /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' > /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' > /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' > collect2: ld returned 1 exit status > configure: failed program was: > #line 9794 "configure" > #include "confdefs.h" > #include "./tests/fcntl_lock.c" > configure:9821: checking for broken (glibc2.1/x86) 64 bit fcntl locking > configure:9834: gcc -o conftest -O conftest.c -lreadline -ldl > -lcrypt 1>&5 > tests/fcntl_lock64.c: In function `main': > In file included from configure:9831: > tests/fcntl_lock64.c:35: storage size of `lock' isn't known > configure: failed program was: > #line 9830 "configure" > #include "confdefs.h" > #include "./tests/fcntl_lock64.c" > configure:9859: checking for 64 bit fcntl locking > configure:9892: gcc -o conftest -O conftest.c -lreadline -ldl > -lcrypt 1>&5 > configure: In function `main': > configure:9883: storage size of `fl64' isn't known > configure: failed program was: > #line 9868 "configure" > #include "confdefs.h" > > #if defined(HAVE_UNISTD_H) > #include > #endif > #include > #include > > #ifdef HAVE_FCNTL_H > #include > #endif > > #ifdef HAVE_SYS_FCNTL_H > #include > #endif > main() { struct flock64 fl64; > #if defined(F_SETLKW64) && defined(F_SETLK64) && defined(F_GETLK64) > exit(0); > #else > exit(1); > #endif > } > > -- > Chris Garrigues virCIO > http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com > +1 512 432 4046 +1 512 374 0500 > 4314 Avenue C > O- Austin, TX 78751-3709 > > > My email address is an experiment in SPAM elimination. For an > explanation of what we're doing, see http://www.DeepEddy.Com/tms.html > > Nobody ever got fired for buying Microsoft, > but they could get fired for relying on Microsoft. > > > From jeremy at valinux.com Tue May 2 16:54:43 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:41 2003 Subject: CVS update: samba/source/netlogond (fwd) References: Message-ID: <390F0853.9EED7B67@valinux.com> Luke Kenneth Casson Leighton wrote: > > > [jeremy, locking code don't pass smbtorture at the mo., andrew n me ran a > test on it in TNG, today]. Hmmm. This may be old news, I tested it late last night in HEAD (US Pacific time) and it passes all tests so long as you add "strict locking = true". Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From cwg-samba-ntdom at DeepEddy.Com Tue May 2 17:17:57 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: Can't log in with 2.5.2 In-Reply-To: References: Message-ID: <15082.957287877@backstroke.deepeddy.com> > From: Seth Vidal > Date: Tue, 2 May 2000 12:16:01 -0400 (EDT) > > On Wed, 3 May 2000, Chris Garrigues wrote: > > > Okay, now that I've got 2.5.2 built, it's time to figure out how to get it > > working. > > how did you get it working? > I'm still getting locking errors. I simply took 'sys_' off all the function calls that it complained about; removed config.cache; and tried again. Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/1f39cdb5/attachment.bin From pjdc at eircom.net Tue May 2 17:49:57 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:41 2003 Subject: netlogond 95%cpu In-Reply-To: Luke Kenneth Casson Leighton's message of "Tue, 2 May 2000 11:15:19 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> On Mon, 1 May 2000, Paul J Collins wrote: >> It's the smbpasswd file that is the problem, not /etc/passwd. You >> should be able to build Samba with the --with-sampwdb=tdb, which will >> use Samba's Way Cool (R) key-value database. Luke> uh... i haven't finished that, yet, paul :) Always with these *details*.... ;-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From cwg-samba-ntdom at DeepEddy.Com Tue May 2 18:31:53 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:41 2003 Subject: Can't log in with 2.5.2 In-Reply-To: <14394.957283628@backstroke.deepeddy.com> References: <14394.957283628@backstroke.deepeddy.com> Message-ID: <16025.957292313@backstroke.deepeddy.com> > From: "Chris Garrigues" > Date: Wed, 3 May 2000 02:08:57 +1000 It appears that the problems I was seeing were triggered by having the wrong smb.conf (I was using the one from ./packaging/RedHat instead of the one that I'd previously had working with the HEAD branch.) Once I got the right smb.conf in there, things worked much better. Of course, there is clearly something real bogus in the logs that I was seeing. Somehow it was getting a bad value for the user. That will need to be fixed eventually. Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/b53d1365/attachment.bin From Skripi at hrzpub.tu-darmstadt.de Tue May 2 19:10:42 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:41 2003 Subject: undefinde sys_ Message-ID: <20000502211042.A19722@shadowland.sc> Hi, I got the same Problems with configure... So as everytime: G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : configure twice. Once shared mem and once locking ------------- Trigger : make distclean CFLAGS="-m486 -O2" ./configure \ --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ --with-gnu-ld \ --with-automount \ --with-pam \ --with-sam-pwdb=passdb \ --with-syslog \ --with-privatedir=/usr/local/etc/samba/private/ \ --with-lockdir=/var/lock/samba/ \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba/ make ------------- Solution : Workaround: 1) look in config.log for gcc error with sys_ ------------- 2) erase the sys_ 3) rm -f config.cache 4) continue with one until no more errors and warnings occure (shared mem) error since: It seems to me that the change Tuesday May 2, 2000 @ 14:50 of fcntl_lock.c did break the lock checking. the shared mem change i did not find yet. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Tue May 2 18:59:16 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:41 2003 Subject: CVS update: samba/source/tests In-Reply-To: <20000502045018Z13183380-27273+19216@samba.org>; from lkcl@samba.org on Tue, May 02, 2000 at 02:52:59PM +1000 References: <20000502045018Z13183380-27273+19216@samba.org> Message-ID: <20000502205916.A11289@shadowland.sc> Luke Leighton: > > Date: Tuesday May 2, 2000 @ 14:50 > Author: lkcl > > Update of /data/cvs/samba/source/tests > In directory samba:/tmp/cvs-serv11379/tests > > Modified Files: > Tag: SAMBA_TNG > fcntl_lock.c fcntl_lock64.c shared_mmap.c sysv_ipc.c > Log Message: > merge fun. Luke, I think this merge did break the flock checking for Linux... Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From skvidal at phy.duke.edu Tue May 2 19:05:53 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:41 2003 Subject: error on 2.5.2 (with fcntl fixes) compile Message-ID: I'm trying to compile samba on debian slink and half and tng 2.5.2 here is the error I get on the compile. Linking bin/smbd /usr/lib/libdl.a(dlsym.o): In function `doit.2': dlsym.o(.text+0x22): undefined reference to `_dl_default_scope' dlsym.o(.text+0x4c): undefined reference to `_dl_default_scope' make: *** [bin/smbd] Error 1 any pointers? -sv From jahall at nea.org Tue May 2 19:37:40 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:41 2003 Subject: Disabling Roaming Profiles Message-ID: How are roaming profiles disabled? I have tried commenting the logon path line, but without success. Thanks for your help. Jay Hall From kevinc at grainsystems.com Tue May 2 22:15:37 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:41 2003 Subject: MAILs References: Message-ID: <390F5389.23883752@grainsystems.com> Whether everyone uses Outlook, Outlook Express, Messenger, or elm doesn't really matter one bit. However, you should strongly consider setting your mail up to be strict plaintext, whatever the mailer. Any HTMLified or even MIME-encoded (for those of you that say, "...but I do both!") mail sent to any mailing list may not actually be read by the person who can help you, if anyone at all. No one is going to work too hard to support you. When I need help, I try to reach out to those who can help me. - Kevin Colby kevinc@grainsystems.com From lkcl at samba.org Tue May 2 22:36:36 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: Password change under NT In-Reply-To: <200005021305.JAA15793@lussier.mclinux.com> Message-ID: On Tue, 2 May 2000, Paul Lussier wrote: > > In a message dated: Tue, 02 May 2000 11:11:51 +1000 > Greg Roberts said: > > >I don't have a lot of time and if I can't get this feature working, then > >I'm going to scrap Samba all together. There's not much point in using it > >as a logon mechanism if users can't change their password from one point > >and have it updated for both smbpasswd and NIS (it would cause too much > >confusion). i sorted it. From lkcl at samba.org Tue May 2 22:40:58 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <13126.957278940@backstroke.deepeddy.com> Message-ID: tee hee :) On Wed, 3 May 2000, Chris Garrigues wrote: > I'm running a linux system somewhere between redhat 6.1 and 6.2, and am > configuring with: > > /configure --prefix=/usr --with-lockdir=/var/lock/samba --with-sambaconfdir=/etc --with-privatedir=/etc --with-swatdir=/usr/share/swat --localstatedir=/var/log/samba --with-automount --with-quotas --with-pam --with-smbmount --with-ldap > > and it ends with: > > .. > checking configure summary > ERROR: No locking available. Running Samba would be unsafe > configure: error: summary failure. Aborting config > > Looking in config.log, I find this: > > configure:9785: checking for fcntl locking > configure:9798: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 > /tmp/ccjBUaf2.o: In function `main': > /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' > /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' > /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' > collect2: ld returned 1 exit status > configure: failed program was: > #line 9794 "configure" > #include "confdefs.h" > #include "./tests/fcntl_lock.c" > configure:9821: checking for broken (glibc2.1/x86) 64 bit fcntl locking > configure:9834: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 > tests/fcntl_lock64.c: In function `main': > In file included from configure:9831: > tests/fcntl_lock64.c:35: storage size of `lock' isn't known > configure: failed program was: > #line 9830 "configure" > #include "confdefs.h" > #include "./tests/fcntl_lock64.c" > configure:9859: checking for 64 bit fcntl locking > configure:9892: gcc -o conftest -O conftest.c -lreadline -ldl -lcrypt 1>&5 > configure: In function `main': > configure:9883: storage size of `fl64' isn't known > configure: failed program was: > #line 9868 "configure" > #include "confdefs.h" > > #if defined(HAVE_UNISTD_H) > #include > #endif > #include > #include > > #ifdef HAVE_FCNTL_H > #include > #endif > > #ifdef HAVE_SYS_FCNTL_H > #include > #endif > main() { struct flock64 fl64; > #if defined(F_SETLKW64) && defined(F_SETLK64) && defined(F_GETLK64) > exit(0); > #else > exit(1); > #endif > } > > -- > Chris Garrigues virCIO > http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com > +1 512 432 4046 +1 512 374 0500 > 4314 Avenue C > O- Austin, TX 78751-3709 > > > My email address is an experiment in SPAM elimination. For an > explanation of what we're doing, see http://www.DeepEddy.Com/tms.html > > Nobody ever got fired for buying Microsoft, > but they could get fired for relying on Microsoft. > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000503/3065f3c8/attachment.bin From lkcl at samba.org Tue May 2 22:42:50 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: My first attempt to build 2.5.2 In-Reply-To: <13386.957279707@backstroke.deepeddy.com> Message-ID: On Wed, 3 May 2000, Chris Garrigues wrote: > > From: Chris Garrigues > > Date: Tue, 02 May 2000 09:49:00 -0500 > > > > /tmp/ccjBUaf2.o(.text+0x24): undefined reference to `sys_fork' > > /tmp/ccjBUaf2.o(.text+0x6d): undefined reference to `sys_getpid' > > /tmp/ccjBUaf2.o(.text+0xd8): undefined reference to `sys_getpid' > > I got past this point by simply removing the 'sys_'. Was that the right thing > to do? yes. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000503/79991969/attachment.bin From lkcl at samba.org Tue May 2 22:50:31 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: Compiling 2.5 vs 2.5.2 In-Reply-To: <390F0295.B38649B5@hvcc.edu> Message-ID: aix? yes. you will, apparently, need gcc 2.95 for aix. if you happen to get binaries for gcc 2.95 on aix... GIVE THEM TO ME!!!!! i royally screwed up an aix 4.2.2 box because we had a 4.3 upgrade cd, oh, great, let's upgrade to 4.3. oh xxxx it's actually a 4.3.2.3 upgrade that requires 4.3.2.0 as a prerequisite. [error, cannot recognise cd-rom. error, cannot load dsia. error, cannot install. AGH!] On Wed, 3 May 2000, William Jojo wrote: > > > I have experienced come compile problems on AIX 4.3.2: > > > 1) TNG alpha 2.5 & 2.5.2 Compiles fine if I do NOT enable shared libs. It tries > to create a library in .libs instead of ./libs > > Item 1) has been a problem on AIX for some time (since alpha-0.x) and I do not > know libtool, so I was not able to identify the cuase. > > 2) TNG alpha 2.5.2 says I do not have shared memory support where 2.5 did not > complain. > > 3) TNG alpha 2.5.2 with gcc 2.8.1 complains that I do not have locking, but the > IBM compiler seems to find it. > > > Thought this might help. > > > Bill > > > -- > > > /------------------------------------------------------\ > | | > | William E. Jojo, Jr. | > | | > | Senior Systems and Network Specialist | > | | > | Hudson Valley Community College | > | | > | (518) 629 7540 | > | | > | jojowil@hvcc.edu | > | | > \------------------------------------------------------/ > > > So I held my up high > > Hiding hate that burns inside > > Which only fuels their selfish pride > > > We're all held captive out from the sun > > A sun that shines on only some > > We the meek are all in one > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue May 2 22:51:35 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:41 2003 Subject: CVS update: samba/source/netlogond (fwd) In-Reply-To: <390F0853.9EED7B67@valinux.com> Message-ID: On Tue, 2 May 2000, Jeremy Allison wrote: > Luke Kenneth Casson Leighton wrote: > > > > > > [jeremy, locking code don't pass smbtorture at the mo., andrew n me ran a > > test on it in TNG, today]. > > Hmmm. This may be old news, I tested it late last night in > HEAD (US Pacific time) and it passes all tests so long as > you add "strict locking = true". yeh. _that_ worked, bu sl=y, pl=y didn't. From lkcl at samba.org Tue May 2 22:53:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:42 2003 Subject: Can't log in with 2.5.2 In-Reply-To: <16025.957292313@backstroke.deepeddy.com> Message-ID: hm, what diffs between smb.confs? "encrypt passwords = no", by any chance? On Wed, 3 May 2000, Chris Garrigues wrote: > > From: "Chris Garrigues" > > Date: Wed, 3 May 2000 02:08:57 +1000 > > It appears that the problems I was seeing were triggered by having the wrong > smb.conf (I was using the one from ./packaging/RedHat instead of the one that > I'd previously had working with the HEAD branch.) Once I got the right > smb.conf in there, things worked much better. > > Of course, there is clearly something real bogus in the logs that I was > seeing. Somehow it was getting a bad value for the user. That will need to > be fixed eventually. > > Chris > > -- > Chris Garrigues virCIO > http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com > +1 512 432 4046 +1 512 374 0500 > 4314 Avenue C > O- Austin, TX 78751-3709 > > > My email address is an experiment in SPAM elimination. For an > explanation of what we're doing, see http://www.DeepEddy.Com/tms.html > > Nobody ever got fired for buying Microsoft, > but they could get fired for relying on Microsoft. > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000503/962f1564/attachment.bin From lkcl at samba.org Tue May 2 22:54:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:42 2003 Subject: CVS update: samba/source/tests In-Reply-To: <20000502205916.A11289@shadowland.sc> Message-ID: On Tue, 2 May 2000, Jens Skripczynski wrote: > Luke Leighton: > > > > Date: Tuesday May 2, 2000 @ 14:50 > > Author: lkcl > > > > Update of /data/cvs/samba/source/tests > > In directory samba:/tmp/cvs-serv11379/tests > > > > Modified Files: > > Tag: SAMBA_TNG > > fcntl_lock.c fcntl_lock64.c shared_mmap.c sysv_ipc.c > > Log Message: > > merge fun. > Luke, > > I think this merge did break the flock checking for Linux... oops! From kevinc at grainsystems.com Tue May 2 23:00:27 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:42 2003 Subject: MAILs References: <390F5389.23883752@grainsystems.com> Message-ID: <390F5E0B.9A24CC39@grainsystems.com> Sorry, although it may still be pertinent, I meant that for another list. - Kevin Colby kevinc@grainsystems.com From jeremy at valinux.com Tue May 2 22:59:48 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:42 2003 Subject: CVS update: samba/source/netlogond (fwd) References: Message-ID: <390F5DE4.92799975@valinux.com> Luke Kenneth Casson Leighton wrote: > > On Tue, 2 May 2000, Jeremy Allison wrote: > > > Luke Kenneth Casson Leighton wrote: > > > > > > > > > [jeremy, locking code don't pass smbtorture at the mo., andrew n me ran a > > > test on it in TNG, today]. > > > > Hmmm. This may be old news, I tested it late last night in > > HEAD (US Pacific time) and it passes all tests so long as > > you add "strict locking = true". > > yeh. _that_ worked, bu sl=y, pl=y didn't. No, that's what I meant - sl=y, pl=y works in HEAD. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From cwg-samba-ntdom at DeepEddy.Com Tue May 2 23:22:40 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:42 2003 Subject: Can't log in with 2.5.2 In-Reply-To: References: Message-ID: <19187.957309760@backstroke.deepeddy.com> > From: Luke Kenneth Casson Leighton > Date: Wed, 3 May 2000 08:53:03 +1000 > > hm, what diffs between smb.confs? "encrypt passwords = no", by any > chance? The one that works has "encrypt passwords = yes"; the one that doesn't has "; encrypt passwords = yes" (again, it's the one distributed as packaging/RedHat/smb.conf, if you want to try it.) Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000502/a2320411/attachment.bin From gregr at ee.uwa.edu.au Wed May 3 03:03:56 2000 From: gregr at ee.uwa.edu.au (Greg Roberts) Date: Tue Dec 2 02:29:42 2003 Subject: Password change under NT In-Reply-To: <007f01bfb356$d265f5c0$1004010a@plum.int> Message-ID: On Mon, 1 May 2000, Michael Glauche wrote: > > Hi all. I'm currently having problems with changing passwords under NT and > > having this new password being stored in /etc/yp/passwd and smbpasswd. > > Its not working as of TNG 2.5, but Luke promised to fix it ;) > > regards, > Michael Is there a version of Samba that I can download and use that will allow users to change their Samba Password in smbpasswd and to have this also updated in the UNIX passwd file? Is it just a matter of getting pre TNG 2.5 source? I know it was able to be done in the past, as I have printouts of mail sent from users saying they had it working (even under the OS type I'm trying to get it work on - Digital Unix 4.0D). The mail was dated Nov, 1998 however - (what version of Samba would this correspond to?) Also, I need to know how to setup a Domain Administrator that actually works on the NT clients. We tried the mapping of root=Administrator and having Administrator in the adm group in /etc/group, but it didn't change any access privileges. I was using: domain admin group = /usr/local/daemon/samba/lib/domaingroup.map domain admin users = /usr/local/daemon/samba/lib/domainuser.map With: adm="Domain Admins" in the first map and root=Administrator in the second map. Thanks, ------------ Greg Roberts Computer Systems Officer Dept. of Electrical & Electronic Engineering The University of Western Australia NEDLANDS WA 6907 Australia Ph : +61-08-9380-7366 Fax : +61-08-9380-1065 Email : gregr@ee.uwa.edu.au From Dirk.Hennrichs at stadt-gummersbach.de Wed May 3 05:11:25 2000 From: Dirk.Hennrichs at stadt-gummersbach.de (Dirk Hennrichs) Date: Tue Dec 2 02:29:42 2003 Subject: How to become a memeber of a NT-PDC ?? Message-ID: <390FB4FD.FD40FDF8@stadt-gummersbach.de> I'am trying to set up a Samba TNG 2.5.2 as a member of a NT-PDC. With Samba 2.0.x it works with smbpasswd -j NTDOM -r NTPDC, but TNG seems to use another scheme. Can anyone give me a hint how to do this with TNG 2.5.2 ?? dirk From fricke at Team.OWL-Online.DE Wed May 3 11:30:32 2000 From: fricke at Team.OWL-Online.DE (fricke@Team.OWL-Online.DE) Date: Tue Dec 2 02:29:42 2003 Subject: Appledouble Message-ID: Hi, after integrating a MAC in my network the machine always makes directories called Appledouble. Is there a way to kill that. It?s like a slimy point in every directory the MAC was. The only way I know is Script or a cronjob to delete or move thewm to /dev/null but is there another possibility? Thx for help -------------------------------------------------------------------------------------------------- Mit freundlichen Gr??en Cord-H. Fricke Fon: 0 52 1 / 52 51-133 Fax: 0 52 1 / 52 51-115 ...keep on headbangin? , that rocks!!! From mg at plum.de Wed May 3 13:17:17 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:42 2003 Subject: Password change under NT References: Message-ID: <009501bfb501$e7c69850$0201010a@defiant> > Is there a version of Samba that I can download and use that will allow > users to change their Samba Password in smbpasswd and to have this also > updated in the UNIX passwd file? Is it just a matter of getting pre TNG > 2.5 source? TNG at 2.5.2 can change passwords, but it has some problems with locking ;) So I think 2.6 (when it comes out) will be pretty good .. ;) (login + change pw + locking .. ;) > Also, I need to know how to setup a Domain Administrator that actually > works on the NT clients. We tried the mapping of root=Administrator and > having Administrator in the adm group in /etc/group, but it didn't change > any access privileges. I was using: > > domain admin group = /usr/local/daemon/samba/lib/domaingroup.map > domain admin users = /usr/local/daemon/samba/lib/domainuser.map > > With: > > adm="Domain Admins" in the first map and > root=Administrator in the second map. > it works fine here with tng 2.5 and NT4 sp5/6 clients, Check it whith the usrmgr, if you are in the right group. Check if those mappings are world-readable (?) I did use admin="Domain Admins" in the domaingroup.map file. regards, Michael From mbreuer at siac.com Wed May 3 13:01:57 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:42 2003 Subject: Appledouble References: Message-ID: <39102345.F6C0E0EE@siac.com> This is not a samba issue... assuming you're running linux & netatalk, look into the configurability of netatalk... but... before you trash the files, understand that your mac users might need them. The "appledouble" files are netatalk's way of preserving the "resource" fork of Macintosh files. On the Mac, each contains a data fork, a resource fork, or both. The resource fork is required to identify the type of file (no suffix necessary) and may also contain significant additional information required for applications to utilized the "data" fork of the file. For files shared between PC's and Macs, typically only the data fork is required. fricke@Team.OWL-Online.DE wrote: > Hi, > > after integrating a MAC in my network the machine always makes > directories called Appledouble. Is there a way to kill that. > It?s like a slimy point in every directory the MAC was. > The only way I know is Script or a cronjob to delete or move thewm to > /dev/null but is there another possibility? > > Thx for help > -------------------------------------------------------------------------------------------------- > Mit freundlichen Gr??en > > Cord-H. Fricke > Fon: 0 52 1 / 52 51-133 > Fax: 0 52 1 / 52 51-115 > > ..keep on headbangin? , that rocks!!! From dugan at libwais.sonoma.edu Wed May 3 14:27:32 2000 From: dugan at libwais.sonoma.edu (ME) Date: Tue Dec 2 02:29:42 2003 Subject: Appledouble In-Reply-To: <39102345.F6C0E0EE@siac.com> Message-ID: There is information in the readme/howto for samba on netatalk Check out the options: veto files, and delete veto files Helpful ones I/we use: veto files=/.bashrc/.profile/.cshrc/.rhosts/.htaccess/.AppleDesktop/.AppleDouble/Network Trash Folder/ delete veto files = yes hide dot files = yes "hide dot files" just makes the dot files not show up by default on the client side, but they can enable seeing files that are "hidden" on the client side to over-ride this veto files are lists of files not offered by the server in listings, and access to them oer smb is supposed to be eliminated by the service on the server. delete veto files, allows pc/window users to recursively delete the diirectories that may contain the veto files. (Very good idea if you don't allow them to see the AppleDouble files, since they cannot delete what they cannot see.) Read more on this in the man pages/documents on samba and netatalk on how to have them work together in your favor. (There are/were some ./configure options before compiling samba to have it work with netatalk, but I do not know the status of this --with-netatalk option. Others may include the use of character sets that both services share.) -ME On Wed, 3 May 2000, Michael Breuer wrote: > Date: Wed, 03 May 2000 23:04:25 +1000 > From: Michael Breuer > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Appledouble > > This is not a samba issue... assuming you're running linux & netatalk, look into the configurability of netatalk... but... before > you trash the files, understand that your mac users might need them. The "appledouble" files are netatalk's way of preserving the > "resource" fork of Macintosh files. On the Mac, each contains a data fork, a resource fork, or both. The resource fork is required > to identify the type of file (no suffix necessary) and may also contain significant additional information required for applications > to utilized the "data" fork of the file. For files shared between PC's and Macs, typically only the data fork is required. > > fricke@Team.OWL-Online.DE wrote: > > > Hi, > > > > after integrating a MAC in my network the machine always makes > > directories called Appledouble. Is there a way to kill that. > > It?s like a slimy point in every directory the MAC was. > > The only way I know is Script or a cronjob to delete or move thewm to > > /dev/null but is there another possibility? > > > > Thx for help > > -------------------------------------------------------------------------------------------------- > > Mit freundlichen Gr??en > > > > Cord-H. Fricke > > Fon: 0 52 1 / 52 51-133 > > Fax: 0 52 1 / 52 51-115 > > > > ..keep on headbangin? , that rocks!!! > > From mailing at lastminutetour.com Wed May 3 13:42:32 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:42 2003 Subject: change password, with 2.0.7 Message-ID: <20000503154232.A19010@giove.lastminutetour.com> Hi all, After a successful login, with my profile, netlgon and so on, i test to change my password.Nothing, here is the log: [2000/05/03 15:09:56, 0] smbd/nttrans.c:call_nt_transact_ioctl(2516) call_nt_transact_ioctl: Currently not implemented. [2000/05/03 15:12:44, 0] smbd/chgpasswd.c:check_oem_password(638) check_oem_password: getsmbpwnam returned NULL [2000/05/03 15:12:59, 0] smbd/chgpasswd.c:check_oem_password(638) check_oem_password: getsmbpwnam returned NULL [2000/05/03 15:13:11, 0] smbd/chgpasswd.c:check_oem_password(638) check_oem_password: getsmbpwnam returned NULL the passwords are different and no NULL..... From jahall at nea.org Wed May 3 13:52:55 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:42 2003 Subject: Windows 2000 Server Compatibility Message-ID: I have been told we will be moving to Windows 2000 Server in March of next year. Right now, we are working to deploy several SAMBA servers to provide functionality at our regional offices so users have print spoolers, and the ability to login if the frame relay link to the central office goes down. These servers also provide a central location for me to download updates for the offices, etc. Once these servers are implemented, will they work with the Windows 2000 Server once it is implemented without losing any functionality? Thanks in advance for your assistace. Jay Hall From Skripi at hrzpub.tu-darmstadt.de Wed May 3 14:12:33 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:42 2003 Subject: again SAMBA-TNG does not compile :=?ISO-8859-1?Q?(=1B?= Message-ID: <20000503161233.A31446@shadowland.sc> Hi, the same procedure....: G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : lib/sursalgdomonly.lo fails ------------- Trigger : make clean CFLAGS="-m486 -O2" ./configure \ --prefix=/usr/local/sw/i386_lnx2/samba-head-2000.04.29/ \ --with-gnu-ld \ --with-automount \ --with-pam \ --with-sam-pwdb=passdb \ --with-syslog \ --with-privatedir=/usr/local/etc/samba/private/ \ --with-lockdir=/var/lock/samba/ \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba/ make ------------- Solution : none ------------- Console Log : Compiling lib/sursalgdomonly.c with libtool lib/sursalgdomonly.c:75: parse error before `POSIX_ID' lib/sursalgdomonly.c: In function `surs_algdomonly_sam_sid_to_unixid': lib/sursalgdomonly.c:82: `sid' undeclared (first use in this function) lib/sursalgdomonly.c:82: (Each undeclared identifier is reported only once lib/sursalgdomonly.c:82: for each function it appears in.) lib/sursalgdomonly.c:89: `id' undeclared (first use in this function) lib/sursalgdomonly.c:99: `SURS_POSIX_UID_AS_USR' undeclared (first use in this function) lib/sursalgdomonly.c:104: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:109: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c: At top level: lib/sursalgdomonly.c:124: parse error before `*' lib/sursalgdomonly.c: In function `surs_algdomonly_unixid_to_sam_sid': lib/sursalgdomonly.c:127: `sid' undeclared (first use in this function) lib/sursalgdomonly.c:128: `id' undeclared (first use in this function) lib/sursalgdomonly.c:130: `SURS_POSIX_UID_AS_USR' undeclared (first use in this function) lib/sursalgdomonly.c:135: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:140: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c:132: warning: unreachable code at beginning of switch statement make: *** [lib/sursalgdomonly.lo] Error 1 ------------- Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From ralf at is.rice.edu Wed May 3 14:05:29 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:42 2003 Subject: Password change under NT In-Reply-To: <009501bfb501$e7c69850$0201010a@defiant> Message-ID: Just what is the name of the branch for tng 2.5.2? I've used SAMBA_TNG-2.5.2, TNG_2.5.2, SAMBA_TNG_2.5.2, SAMBA-TNG_2.5.2, etc., etc. and nothing works. Please do tell. Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- On Wed, 3 May 2000, Michael Glauche wrote: > > Is there a version of Samba that I can download and use that will allow > > users to change their Samba Password in smbpasswd and to have this also > > updated in the UNIX passwd file? Is it just a matter of getting pre TNG > > 2.5 source? > > TNG at 2.5.2 can change passwords, but it has some problems with > locking ;) > > So I think 2.6 (when it comes out) will be pretty good .. ;) > (login + change pw + locking .. ;) > > > Also, I need to know how to setup a Domain Administrator that actually > > works on the NT clients. We tried the mapping of root=Administrator and > > having Administrator in the adm group in /etc/group, but it didn't change > > any access privileges. I was using: > > > > domain admin group = /usr/local/daemon/samba/lib/domaingroup.map > > domain admin users = /usr/local/daemon/samba/lib/domainuser.map > > > > With: > > > > adm="Domain Admins" in the first map and > > root=Administrator in the second map. > > > > it works fine here with tng 2.5 and NT4 sp5/6 clients, Check it whith the > usrmgr, if you are in the right group. Check if those mappings are > world-readable (?) > > I did use admin="Domain Admins" in the domaingroup.map file. > > regards, > Michael > > From Denis.Ducamp at hsc.fr Wed May 3 14:45:04 2000 From: Denis.Ducamp at hsc.fr (Denis Ducamp) Date: Tue Dec 2 02:29:42 2003 Subject: Password change under NT In-Reply-To: ; from ralf@is.rice.edu on Thu, May 04, 2000 at 12:09:45AM +1000 References: <009501bfb501$e7c69850$0201010a@defiant> Message-ID: <20000503164504.C881@hsc.fr> On Thu, May 04, 2000 at 12:09:45AM +1000, Alfredo Ramos wrote: > Just what is the name of the branch for tng 2.5.2? I've used > SAMBA_TNG-2.5.2, TNG_2.5.2, SAMBA_TNG_2.5.2, SAMBA-TNG_2.5.2, etc., etc. > and nothing works. At the bottom of http://samba.org/cgi-bin/cvsweb/samba/ you have the complete list. I don't think that there is a special tag for the 2.5.2 version. I personaly use SAMBA_TNG since a few days which looks to be the current TNG version. > Please do tell. Hope... > Al. Denis Ducamp. -- Denis.Ducamp@hsc.fr -- Herv? Schauer Consultants -- http://www.hsc.fr/ From mbreuer at siac.com Wed May 3 15:30:38 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:42 2003 Subject: TNG 2.5.3 compile error... Message-ID: <3910461D.AF007F5A@siac.com> System: Irix 6.5.7f Error: rpc_client/ncalrpc_l_use.c, line 174 A value of type "int" cannot be assigned to an entity of type "struct msrpc_local *" Note: everything appears correctly defined at that point in the code, so this may be some sort of weird IRIX issue. From mbreuer at siac.com Wed May 3 15:38:08 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:42 2003 Subject: TNG 2.5.3 compile error... References: <3910461D.AF007F5A@siac.com> Message-ID: <391047DF.A41BCB11@siac.com> Ok... I've tracked this down. rpc_client/ncalrpc_l_use.c does not include rpc_parse.h, and should. Michael Breuer wrote: > System: Irix 6.5.7f > Error: rpc_client/ncalrpc_l_use.c, line 174 > A value of type "int" cannot be assigned to an entity of type "struct msrpc_local *" > > Note: everything appears correctly defined at that point in the code, so this may be some sort of weird IRIX issue. From mrapp at telegroup.com Wed May 3 16:05:36 2000 From: mrapp at telegroup.com (Marilyn Rapp) Date: Tue Dec 2 02:29:42 2003 Subject: Please put me on your mailing list Message-ID: <00050311071200.27454@mrapprh> Please put me on your mailing list: mrapp@telegroup.com M. Rapp Primus/Telegroup 102 S. 23rd St. Fairfield, IA 52556 Thank you From Elrond at Wunder-Nett.org Wed May 3 16:06:19 2000 From: Elrond at Wunder-Nett.org (Elrond) Date: Tue Dec 2 02:29:42 2003 Subject: Compiling 2.5 vs 2.5.2 In-Reply-To: ; from Luke Kenneth Casson Leighton on Wed, May 03, 2000 at 08:52:30AM +1000 References: <390F0295.B38649B5@hvcc.edu> Message-ID: <20000503180618.A16206@baerbel.mug.maschinenbau.tu-darmstadt.de> I'll take a look at aix at some time. (including cc) (My main work-boxes are aix, I just run/devel TNG on linux, cause it is so much nicer for devel-things.) On Wed, May 03, 2000 at 08:52:30AM +1000, Luke Kenneth Casson Leighton wrote: > aix? yes. you will, apparently, need gcc 2.95 for aix. if you happen to > get binaries for gcc 2.95 on aix... GIVE THEM TO ME!!!!! _Maybe_ I'm going to build gcc on 4.2.1. [...] Elrond From jojowil at hvcc.edu Wed May 3 16:20:28 2000 From: jojowil at hvcc.edu (William Jojo) Date: Tue Dec 2 02:29:42 2003 Subject: Compiling 2.5 vs 2.5.2 References: <390F0295.B38649B5@hvcc.edu> <20000503180618.A16206@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <391051CC.87A63D9A@hvcc.edu> I'm currently compiling 2.95.2 on 4.3.2 using gcc 2.8.1. I just got past the "bigtoc" problem. Once completed, I'll send Luke a tarball, unless you *really* want to do it :) Bill Elrond wrote: > > I'll take a look at aix at some time. (including cc) > (My main work-boxes are aix, I just run/devel TNG on > linux, cause it is so much nicer for devel-things.) > > On Wed, May 03, 2000 at 08:52:30AM +1000, Luke Kenneth Casson Leighton wrote: > > aix? yes. you will, apparently, need gcc 2.95 for aix. if you happen to > > get binaries for gcc 2.95 on aix... GIVE THEM TO ME!!!!! > > _Maybe_ I'm going to build gcc on 4.2.1. > > [...] > > Elrond -- /------------------------------------------------------\ | | | William E. Jojo, Jr. | | | | Senior Systems and Network Specialist | | | | Hudson Valley Community College | | | | (518) 629 7540 | | | | jojowil@hvcc.edu | | | \------------------------------------------------------/ So I held my up high Hiding hate that burns inside Which only fuels their selfish pride We're all held captive out from the sun A sun that shines on only some We the meek are all in one From Skripi at hrzpub.tu-darmstadt.de Wed May 3 16:48:08 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:42 2003 Subject: Please put me on your mailing list In-Reply-To: <00050311071200.27454@mrapprh>; from mrapp@telegroup.com on Thu, May 04, 2000 at 02:05:29AM +1000 References: <00050311071200.27454@mrapprh> Message-ID: <20000503184808.A32347@shadowland.sc> Marilyn Rapp: > Please put me on your mailing list: > > > mrapp@telegroup.com SAMBA-TNG FAQ http://www.kneschke.de/projekte/samba_tng/index.php3 SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt Mailinglist subscribtion Web Interface: ^^^ http://lists.samba.org/cgi-bin/weblist Old Mailinglist digest http://us1.samba.org/listproc/samba-ntdom/ Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From mbreuer at siac.com Wed May 3 17:38:09 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:42 2003 Subject: TNG 2.5.3 - another compiler error... Message-ID: <39106401.BA23460C@siac.com> source/smbwrapper/smbw.c:323 - too few parameters | string_sub(path, "/", "\\") should be string_sub(path, "/", "\\", 0) From mbreuer at siac.com Wed May 3 17:40:39 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:42 2003 Subject: [TNG 2.5.3 - another compiler error...(smbw_dir.c) Message-ID: <39106497.3ED98E39@siac.com> source/smbwrapper/smbw_dir.c:201 - too few parameters | string_sub(path, "\\\\", "\\") should be string_sub(path, "\\\\", "\\", 0) From pjdc at eircom.net Wed May 3 17:48:19 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:42 2003 Subject: Password change under NT In-Reply-To: Greg Roberts's message of "Wed, 3 May 2000 13:05:32 +1000" References: Message-ID: >>>>> "Greg" == Greg Roberts writes: Greg> Also, I need to know how to setup a Domain Administrator Greg> that actually works on the NT clients. We tried the mapping Greg> of root=Administrator and having Administrator in the adm Greg> group in /etc/group, but it didn't change any access Greg> privileges. I was using: I may have picked you up wrong, but you need to have "root" as a member of the "adm" group, not Administrator, since the username Administrator is not know on the Unix side. I have this set up working on my box, although I created a new group "domadmin", which I mapped to "Domain Admins". Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mg at plum.de Wed May 3 18:51:59 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:42 2003 Subject: TNG 2.5.3 - quick test Message-ID: <006f01bfb530$a92e1350$0201010a@defiant> Quick Test with 2.5.3 - compiles fine on Linux2.2/ix86/glibc2.1 - NT 4.0 printig works if printershare is specified - password change from NT 4.0 works like a charm ;) - login from '98 works - printing also (did not work with 2.5) - password change in '98 is "grayed out", although the default login is set to "client for microsoft networks" regards, Michael From mg at plum.de Wed May 3 19:24:33 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:42 2003 Subject: spoolss printing with NT Message-ID: <000b01bfb535$3662c500$0201010a@defiant> Ok .. I did play around with the new spoolss code (TNG 2.5.3) and nt 4.0 : I got it to work .. sort of ;) When I add a new Printer to the server, it installs the printer-driver in the print$ share, but then I get a: add_a_printer_driver_3: Cannot create driver file [/opt/samba-tng/lib/NTdriver_W32X86_Kyocera F-800]. Error was Keine Berechtigung (no right to write there) Ok .. changed permission to .../lib to 777 and did try again, then it worked. (is there a smb.conf option to change this location ?) I can now see the queue of the Linux-Printer (at least it seems so). When I now try to print a test-page (within the printer-setup) it fails. When I click on the new Printer in the folders "Printers" on the samba-server, (there where I can find the queue), I can add the driver for the printer to the local machine (works fine), but I can't print. The port (in the NT window) is set to "lp" (the name of the normal lpr printer), and I get malformed printer driver entry (no :) malformed printer driver entry (no :) write_socket_data: write failure. Error = Daten?bergabe unterbrochen (broken pipe) write_socket: Error writing 32 bytes to socket 6: ERRNO = Daten?bergabe unterbrochen (broken pipe) in the logfile. Is this suppose to work ? :) (i.e. does it make sense to look further into this yet ? ;) It looks very promising ! btw .. "normal" printing works fine with 2.5.3 ... (use local port \\server\printer) TIA, Michael From Jean-Francois.Micouleau at dalalu.fr Wed May 3 21:03:40 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:29:42 2003 Subject: spoolss printing with NT In-Reply-To: <000b01bfb535$3662c500$0201010a@defiant> Message-ID: On Thu, 4 May 2000, Michael Glauche wrote: > Ok .. I did play around with the new spoolss code (TNG 2.5.3) and nt 4.0 : > I got it to work .. sort of ;) > > When I add a new Printer to the server, it installs the printer-driver in the > print$ share, but then > I get a: > add_a_printer_driver_3: Cannot create driver file > [/opt/samba-tng/lib/NTdriver_W32X86_Kyocera F-800]. Error was Keine Berechtigung > (no right to write there) > Ok .. changed permission to .../lib to 777 and did try again, then it worked. > (is there a smb.conf option to change this location ?) yep: nt printer driver = /where/you/want nt forms file = /some/place/ntforms.def > I can now see the queue of the Linux-Printer (at least it seems so). good > When I now try to print a test-page (within the printer-setup) it fails. bad. > When I click on the new Printer in the folders "Printers" on the samba-server, > (there > where I can find the queue), I can add the driver for the printer to the local > machine (works fine), good. > but I can't print. bad. > The port (in the NT window) is set to "lp" (the name of the normal lpr printer), > and I get normal as long as "lp" is also the sharename. > malformed printer driver entry (no :) > malformed printer driver entry (no :) harmless. > write_socket_data: write failure. Error = Daten?bergabe unterbrochen (broken > pipe) > write_socket: Error writing 32 bytes to socket 6: ERRNO = Daten?bergabe > unterbrochen (broken pipe) > > in the logfile. strange. > Is this suppose to work ? :) (i.e. does it make sense to look further into this > yet ? ;) It looks very promising ! it works in HEAD. I attached a quick step by step readme file explaining how to use the new printing code of HEAD. I should add a copyright notice :-) J.F. -------------- next part -------------- Printing from an NT4 machine to a Samba server and downloading NT printer's driver to an NT box. Jean Fran?ois Micouleau (jfm@samba.org) 28 Mars 2000 Printing support for NT machines has been greatly enhanced in the HEAD branch of Samba (aka Samba 3.0). To sum up, the new functionnalities are: - ability to list the printers and the print jobs using the native NT RPC calls - it's now possible to print directly to the samba server without first creating the printer on the workstation - the NT printer's driver can be stored on the samba server and be administratively downloaded on the workstation or automatically downloaded by the user at print time. Setup of the Samba server: -------------------------- You need to create a new hidden disk service (a share) called 'print$' in the smb.conf file of samba. This share is being used to store the printer's driver files (the dlls, the help files, the ppds, ...). It needs to be readable by everyone so that every user can download the latest version of the driver to the workstation and only writable to the administrators/root accounts. So it's looking like this is in smb.conf: [print$] path = /usr/local/samba/printers guest ok = Yes write list = ntadmin inside the unix path pointed by the print$ share create a directory called 'W32X86': mkdir /usr/local/samba/printers/W32X86 that's the directory where the files be will really stored for NT4 on i386 (intel) architecture. Even if the share is hidden, it's a good idea to protect the directories from the unix side of things. usr/local/samba/printers chown ntadmin /usr/local/samba/printers/W32X86 chmod 755 /usr/local/samba/printers chmod 755 /usr/local/samba/printers/W32X86 where ntadmin is the unix account of the NT administrator. Samba also needs to know where to store the printers definitions. Printers definitions are text files describing the printers features like what paper size is in upper bin or what's the driver dll file name. By default the directory where those files will be stored is '/usr/local/samba/lib/ntprinters' if samba is installed in the default '/usr/local/samba' directory. As this directory is not (yet) created by the make install, you have to do it by hand: mkdir /usr/local/samba/lib/ntprinters chown ntadmin /usr/local/samba/lib/ntprinters chmod 755 /usr/local/samba/lib/ntprinters You can change this default location with the smb.conf directive 'nt printer driver'. A special file named 'ntforms.def' by default will also be stored in this directory, it's used to store the printers' paper sizes of all the printers defined on the samba server. You can also change this file's location in smb.conf, for example: nt forms file = /usr/local/etc/nt_paper_size.def Installing the printers on the Samba server: -------------------------------------------- Now that the Samba server is configured, you need to copy the drivers to the samba server and build the printers definitions files. If you are an NT printer admin wizard, you can copy the files by hand and construct the definitions in your favorite editor. For example, the HP LaserJet 5P driver definition looks like: [root@doubleface ~]# cat /usr/local/samba/lib/ntprinters/NTdriver_W32X86_HP\ LaserJet\ 5P version: 2 name: HP LaserJet 5P environment: Windows NT x86 driverpath: RASDD.DLL datafile: PCL5EMS.DLL configfile: RASDDUI.DLL helpfile: RASDDUI.HLP monitorname: PJL Language Monitor defaultdatatype: dependentfile: PCL5EMS.DLL dependentfile: PJLMON.DLL dependentfile: RASDD.DLL dependentfile: RASDDUI.DLL dependentfile: RASDDUI.HLP [root@doubleface ~]# and the printer definition file using this driver looks like: [root@doubleface ntprinters]# cat NTprinter_name-s1 attributes: 4120 priority: 0 default_priority: 0 starttime: 0 untiltime: 0 status: 1 cjobs: 0 averageppm: 0 servername: printername: Laser sharename: name-s1 portname: name-s1 drivername: HP LaserJet 5P location: sepfile: printprocessor: winprint datatype: parameters: formname: A4 specversion: 1025 driverversion: 1024 size: 220 driverextra: 0 fields: 83731 orientation: 1 papersize: 9 paperlength: 0 paperwidth: 0 scale: 100 copies: 1 defaultsource: 15 printquality: 600 color: 1 duplex: 1 yresolution: 0 ttoption: 3 collate: 0 icmmethod: 0 icmintent: 0 mediatype: 0 dithertype: 0 specific: Country#4#4#21000000 specific: Model#1#30#4800500020004C0061007300650072004A00650074002000350050000000 specific: TrayFormTable#7#172#5000720065006D006900650072002000620061006300200064 006900730070006F006E00690062006C006500000041003400000030000000420061006300200064 007500200068006100750074000000300000003000000041006C0069006D0065006E007400610074 0069006F006E0020006D0061006E00750065006C006C006500000030000000300000004200610063 002000640075002000620061007300000030000000300000000000 specific: FreeMem#3#4#00080000 specific: RasddFlags#3#2#0000 specific: FontCart#7#6#300000000000 [root@doubleface ntprinters]# Easy isn't it ? NO ? OK, there is an easier solution, you can make NT copy the correct files to the samba server and generate the driver and printer definition files. To do that, you have to find a free NT workstation (or server) and log on with the ntadmin account who is allowed to write to the print$ share and to the ntprinters/ directory as defined above. Once logged on the NT box: - go to Network Neighborhood, - go to the Samba server where you want to install the NT drivers, - click on the Printers folder, - click on Add Printer, - you have no other choice to install on the Samba server, so click Next. - in the available ports list, you should get the printer shares list you have defined in the smb.conf file or that have been autoloaded from your printcap file. It's normal, under NT the basic entity for a printer is the port (LPT1:, LPT2, COM1:, ...) whereas with Samba it's the share entry. So select the share on which you want to install the NT printer and click Next, - select the printer model, - put the name you want, - sharing or not sharing has no effect. On Samba the printer is always shared, - you can try to print a test page to check that everything is fine. At this point your printer driver is copied on the samba server and some basic printer's parameters are also stored on the samba server. Now, you need to check the printer's properties and the document defaults properties as Samba has no way to figure them out. On an NT server this step is not required as NT would run the printer's driver, asking the default printer values and storing them in the registry. As Samba is unable to run a NT driver, the administrator has to do it by hand. To define the defaults values: - go to the Printers windows, - click on View -> Refresh or press the F5 key, - the printer you have setup would appear in the list, - do a right-click on the printer to get the context menu, - go on properties, - go on the device settings tab, check that the values are correct, - click on OK, - get again the context menu to go on the document defaults, - check the values and click OK. Now your printer is setup on the samba server. From cwg-samba-ntdom at DeepEddy.Com Wed May 3 21:11:49 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:42 2003 Subject: Following LDAP referrals? Message-ID: <28030.957388309@backstroke.deepeddy.com> I want to have certain users who have valid accounts across all my systems (myself, for instance), so I set up an LDAP referral to an LDAP database containing those accounts. This works fine for Unix logins, but doesn't work for samba logins. This is because ldap_search_for (in ldap.c) calls ldap_search_s with a scope of LDAP_SCOPE_ONELEVEL instead of LDAP_SCOPE_SUBTREE. Is there a good reason for using LDAP_SCOPE_ONELEVEL or can this be changed to LDAP_SCOPE_SUBTREE. Also, a related question. It looks like users and groups are expected to be in the same part of the LDAP tree. Would it be possible to put them in separate places? Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000503/79abe935/attachment.bin From mg at plum.de Wed May 3 22:34:59 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:42 2003 Subject: spoolss printing with NT References: Message-ID: <006d01bfb54f$d0e0a3d0$0201010a@defiant> Ok .. some more testing: NT breaks on the test page with "RPC call has a protocol error " (or simmilar, its in german ;) This looks interesting: Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x1d - api_rpc_command: SPOOLSS_CLOSEPRINTER 000008 spoolss_io_q_closeprinter Whoops, Printer handle not found: Error closing printer handle 000000 spoolss_io_r_closeprinter create_noauth_reply: data_start: 0 data_end: 24 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x45 - api_rpc_command: SPOOLSS_OPENPRINTEREX 000008 spoolss_io_q_open_printer_ex checking name: \\prangh\Kyocera F-800 Found printer handle Setting printer type=\\prangh\Kyocera F-800 Printer is a printer Found printer handle Setting printer name=\\prangh\Kyocera F-800 (len=22) searching for [Kyocera F-800] (len=13) share:printers get_a_printer_2: Cannot open printer file [/opt/samba-tng/lib/NTprinter_printers]. Error was Datei oder Verzeichnis ni cht gefunden share:lp Printer found: Kyocera F-800 -> lp[9] Found printer handle Setting printer access=0 000000 spoolss_io_r_open_printer_ex create_noauth_reply: data_start: 0 data_end: 24 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x8 - api_rpc_command: SPOOLSS_GETPRINTER 000008 spoolss_io_q_getprinter Found printer handle short name:lp Running the command `lpq -Plp' gave 0 000000 smb_io_printer_info_0 000000 spoolss_io_r_getprinter create_noauth_reply: data_start: 0 data_end: 1180 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user api_pipe_bind_req: decode request. 387 api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolssd 000000 smb_io_rpc_hdr_rb api_pipe_bind_req: make response. 334 000000 smb_io_rpc_hdr_ba 000000 smb_io_rpc_hdr end of file from client Changed root to / 000000 creds_io_cmd creds 000004 vuid_io_key key 0004 pid : 00007dd9 0008 vuid: 0066 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 become_unix_sec_ctx: 510 100 2 0x80f4618 Setting 510 in 2 groups: 100, 508 become_unix_sec_ctx uid=(0,510) gid=(0,100) vuser=(32217,66) 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 adding home directory sysop at /home/sysop Serverzone is -7200 msrpc_process: client_name: spoolss my_name: prangh 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user api_pipe_bind_req: decode request. 387 api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolssd 000000 smb_io_rpc_hdr_rb api_pipe_bind_req: make response. 334 000000 smb_io_rpc_hdr_ba 000000 smb_io_rpc_hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x1d - api_rpc_command: SPOOLSS_CLOSEPRINTER 000008 spoolss_io_q_closeprinter Whoops, Printer handle not found: Error closing printer handle 000000 spoolss_io_r_closeprinter create_noauth_reply: data_start: 0 data_end: 24 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp Closing connections Server exit (normal exit) 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x38 - api_rpc_command: SPOOLSS_FCPN 000008 spoolss_io_q_fcpn Whoops, Printer handle not found: 000000 spoolss_io_r_fcpn create_noauth_reply: data_start: 0 data_end: 4 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 Skipping become_unix_sec_ctx - already user Doing \PIPE\spoolss api_rpc_command: api_spoolss_rpc op 0x1d - api_rpc_command: SPOOLSS_CLOSEPRINTER 000008 spoolss_io_q_closeprinter Whoops, Printer handle not found: Error closing printer handle 000000 spoolss_io_r_closeprinter create_noauth_reply: data_start: 0 data_end: 24 max_tsize: 5680 000000 smb_io_rpc_hdr rhdr 000010 smb_io_rpc_hdr_resp resp 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr hdr 000000 smb_io_rpc_hdr_req req 000000 vuid_io_key key 0000 pid : 00007dd9 0004 vuid: 0066 so, I guess it has something to do with that "Whoops, Printer handle not found: Error closing printer handle" line ;) Is the printer name too long ? (its the default what NT suggested/used) regards, Michael From Jean-Francois.Micouleau at dalalu.fr Wed May 3 21:49:32 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:29:42 2003 Subject: spoolss printing with NT In-Reply-To: <006d01bfb54f$d0e0a3d0$0201010a@defiant> Message-ID: On Wed, 3 May 2000, Michael Glauche wrote: > Skipping become_unix_sec_ctx - already user > api_pipe_bind_req: decode request. 387 > api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolssd > 000000 smb_io_rpc_hdr_rb > api_pipe_bind_req: make response. 334 > 000000 smb_io_rpc_hdr_ba > 000000 smb_io_rpc_hdr > end of file from client looks like the connection terminated here at the SMB level. I think the RPC alter-context code in TNG is wrong (or buggy), NT doesn't like the reply and close the connection. J.F. From p.mayers at ic.ac.uk Wed May 3 22:45:53 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:42 2003 Subject: Following LDAP referrals? References: <28030.957388309@backstroke.deepeddy.com> Message-ID: <3910AC21.26FDFE27@ic.ac.uk> I looked at the code a while back - changing the search level ought not to make any difference. It would also allow you to have users and groups in different ou's, *IF* you don't use samba's adduser functionality to add them (incidentally, this would be trivial if "smbpasswd -m MACHINE" actually *RESET* the password to the default machine password, instead of doing whatever the hell it does...) Cheers, Phil Chris Garrigues wrote: > > I want to have certain users who have valid accounts across all my > systems > (myself, for instance), so I set up an LDAP referral to an LDAP database > > containing those accounts. This works fine for Unix logins, but doesn't > work > for samba logins. This is because ldap_search_for (in ldap.c) calls > ldap_search_s with a scope of LDAP_SCOPE_ONELEVEL instead of > LDAP_SCOPE_SUBTREE. > > Is there a good reason for using LDAP_SCOPE_ONELEVEL or can this be > changed to > LDAP_SCOPE_SUBTREE. > > Also, a related question. It looks like users and groups are expected > to be > in the same part of the LDAP tree. Would it be possible to put them in > separate places? > > Chris > > -- > Chris Garrigues virCIO > http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com > +1 512 432 4046 +1 512 374 0500 > 4314 Avenue C > O- Austin, TX 78751-3709 > > > My email address is an experiment in SPAM elimination. For an > explanation of what we're doing, see http://www.DeepEddy.Com/tms.html > > Nobody ever got fired for buying Microsoft, > but they could get fired for relying on Microsoft. From shane at nls.net.au Wed May 3 23:22:12 2000 From: shane at nls.net.au (Shane Machon) Date: Tue Dec 2 02:29:42 2003 Subject: TNG and policies. Message-ID: Greetings, Is TNG capable of having group user policies within the PDC domain. Example, Workstation restrictions for users (access to my computer, control panel etc)? Any information is helpful, Regards, Shane. ___________________________________ Shane Machon Network Technical Consultant/Programmer Network and Linux Solutions http://www.nls.net.au Total IT Solutions From mg at plum.de Thu May 4 00:27:38 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:42 2003 Subject: Adding users with usrmgr.exe Message-ID: <000d01bfb55f$8d27a750$0201010a@defiant> Hi, there's a problem adding users to samba with usrmgr when using a non-root login: api_rpc_command: api_samr_rpc op 0x25 - api_rpc_command: SAMR_SET_USERINFO2 000008 samr_io_q_set_userinfo2 prs_grow_data: 452 > 449 samr_reply_set_userinfo2: 2197 Found policy hnd[22] [000] 00 00 00 00 00 A3 5B 80 55 B5 BF 01 44 33 00 00 ......[. U...D3.. [010] 14 00 00 00 .... policy(pnum=22 ): Getting policy state Getting policy sid=S-1-5-21-875121446-1962601162-102799029-1000 samr_reply_set_userinfo2: rid:0x3e8 startfileent: unable to open file /opt/samba-tng/private/smbpasswd unable to open sam password database. 000000 samr_io_r_set_userinfo2 create_noauth_reply: data_start: 0 data_end: 4 max_tsize: 5680 The user is in the Domain Admin group, but smbpasswd is only readable by user root, noone else. Could something like: if (user is in group "domain admin") suid 0 work ? regards, Michael From Skripi at hrzpub.tu-darmstadt.de Wed May 3 23:45:33 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:42 2003 Subject: 1 general Question and 2 Windows 95 "Errors" Message-ID: <20000504014533.A2158@shadowland.sc> Hi, my first question is concerning the Head <> TNG Merge: How far did it get until now ? (approximate 50/70/90 %) How long will it, may it take until "equality" is reached ? Windows 95: Today i noticed to 2 Errors of the TNG Code and Windows 95 and i want to know, if others spotted the same: 1) I have domain login aktivated on my Windows 95 Machine, but the properly working login script 'netlogon.bat' is no more executed on login time. So no drives are mapped. Executing the script by hand yields no errors... 2) After doing a 95 Domain Logon, I spotted on my samba share a share named 'root', even so my own login Name is 'jens'. So it seems to me that the anonymous access is somehow wrong. 'smbclient -L shadowland' shows the 'root' share as 'Home Directories' which is also not correkt. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pjdc at eircom.net Wed May 3 23:44:24 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:42 2003 Subject: Adding users with usrmgr.exe In-Reply-To: "Michael Glauche"'s message of "Thu, 4 May 2000 09:27:00 +1000" References: <000d01bfb55f$8d27a750$0201010a@defiant> Message-ID: >>>>> "Michael" == Michael Glauche writes: Michael> The user is in the Domain Admin group, but smbpasswd is Michael> only readable by user root, noone else. Michael> Could something like: Michael> if (user is in group "domain admin") Michael> suid 0 Michael> work ? No need. Change the group of smbpasswd to the group that is mapped to "domain admins" and then do chmod g+rw smbpasswd. This is may or may not cause potential or actual security issues. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From Jim.Levie at dynetics.com Wed May 3 23:49:15 2000 From: Jim.Levie at dynetics.com (Jim Levie) Date: Tue Dec 2 02:29:42 2003 Subject: TNG 2.5.3 difficulty Message-ID: <3910BAFB.86DD1541@dynetics.com> System RH6.2 TNG 2.5.3 configure options: none other than --prefix There's not much in smb.conf: workgroup = MYDOM server string = Samba-PDC domain logons = yes domain master = yes preferred master = yes local master = yes os level = 65 security = user encrypt passwords = yes After an un-remarkable compile & install I created netlogon, private, profile and set mode 1777 on profile, and "touched" private/smbpasswd then: start samba via samba-init.d script (everybody started & runs) samedit -S. -Uroot% [root@.]$ createuser root [root@.]$ createuser chaos$ (This system, to be a PDC) [root@.]$ createuser chaos$ -s -j mydom [root@.]$ createuser nt-wks$ (an NT4 workstation account) [root@.]$ createuser user -p users-pass [root@.]$ quit stop & restart samba logs all look normal have the workstation join the domain (apparently successfully) attempt a logon from the workstation, which fusses about no roaming profile being available and return to the "ctrl-alt-delete" to log on. Looking in log.lsarpc I see errors of "_lsa_open_secret: couldn't open secret db...". That's the only error being reported in any of the log files & I have no idea why it's there or how to fix it. Why? Have I missed something critical in setting up the PDC such that it can't open it's password data, or what? -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ Jim Levie email: Jim.Levie@dynetics.com Dynetics Inc, Huntsville, Al Ph. 256.964.4337 The opinions expressed above are just that... From AVShutko at mail.khstu.ru Thu May 4 01:01:08 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:42 2003 Subject: Wrong KOI8 --> 866 convertation (Bug report) Message-ID: <7500.000504@mail.khstu.ru> OS : FreeBSD 3.3-RELEASE #1: Tue Feb 22 19:12:08 VLAT 2000 Compiler : gcc version 2.7.2.3 CVS-Branch : SAMBA_TNG Version/Date : 2.5.3 / 03.05.00 9:10 Error Type : reproduceable Short Desc. : Wrong KOI8 --> 866 convertation Trigger : If i rename file.txt on network drive to Russian it disappears (but I can view it on Unix disk - its name in KOI8). All files in Russian are not showing on smb shares. Fix : This is because of dual filename encoding in /smbd/vfs.c //------------------------------------------------------------------------ { static pstring buf; memcpy(buf, dname, NAMLEN(ptr)+1); THIS****** unix_to_dos(buf, True); dname = buf; } AND THIS***** unix_to_dos(dname, True); // I removed this and all work fine. return(dname); } //------------------------------------------------------------------------ A.V.Shutko mailto:AVShutko@mail.khstu.ru -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 3187 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000504/c91985da/smb.obj From williamdiaz at starmedia.com Thu May 4 02:00:19 2000 From: williamdiaz at starmedia.com (williamdiaz@starmedia.com) Date: Tue Dec 2 02:29:43 2003 Subject: Ref: Problem start sesion Message-ID: <20000504020019.4813.cpmta@c009.sfo.cp.net> El Tue, 02 May 2000, "Mclaughlin, Marc" escribió: > > I needed to practice my Spanish, so I thought I would try translating > William's email. Programmed translators rarely seem to work with technical > terms! > > Regards, > > Marc > > > > *** START OF TRANSLATION *** > I have a QBEX machine with Linux RedHat 6.1 and Samba (between version > 2.0.5a and 2.0.6) as domain server, authenticating the Windows98 clients. > But I have the following problem : > > Sometimes the user is authenticated perfectly, but at other times not, > saying that the password is incorrect (and I am 100% sure that it is). > Today, 1st of May, in the morning I managed to log in with a user account, > but two hours later I could not log in with any user account (including the > one that I used in the morning). > > I work in a University and tomorrow I need to be able to provide Internet > access. Without user authentication the Windows 98 terminals cannot be > used. > > What could be the problem? I have already checked the configuration and it > hasn't changed (it worked previously). > > Hoping for a prompt reply, > > William > > *** END OF TRANSLATION *** Thanks very much by the translation. William _ _ _ _ _ _ _ _ _ | | | | | | | | | | | | / _ \ | \_/ | | |/\| | | | | |_ | |_ | | / / \ \ | |\_/| | |__/\__| |_| |___| |___| |_| /_/---\_\ |_| |_| Abre gratis una cuenta de email en StarMedia Mail. El mejor servicio de email gratis de toda Latinoamérica. http://www.starmedia.com From lkcl at samba.org Thu May 4 02:07:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Windows 2000 Server Compatibility In-Reply-To: Message-ID: On Wed, 3 May 2000 jahall@nea.org wrote: > I have been told we will be moving to Windows 2000 Server in March of next > year. *giggle* > Right now, we are working to deploy several SAMBA servers to provide > functionality at our regional offices so users have print spoolers, and the > ability to login if the frame relay link to the central office goes down. > These servers also provide a central location for me to download updates for > the offices, etc. > > Once these servers are implemented, will they work with the Windows 2000 > Server once it is implemented without losing any functionality? only if they stick to nt4-backwards-compatibility on the nt5 servers. From lkcl at samba.org Thu May 4 02:10:28 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Password change under NT In-Reply-To: <20000503164504.C881@hsc.fr> Message-ID: .s are replaced with _s in automatic tag generation. so it will be SAMBA_TNG_2_5_2. On Thu, 4 May 2000, Denis Ducamp wrote: > On Thu, May 04, 2000 at 12:09:45AM +1000, Alfredo Ramos wrote: > > Just what is the name of the branch for tng 2.5.2? I've used > > SAMBA_TNG-2.5.2, TNG_2.5.2, SAMBA_TNG_2.5.2, SAMBA-TNG_2.5.2, etc., etc. > > and nothing works. > > At the bottom of http://samba.org/cgi-bin/cvsweb/samba/ you have the > complete list. > > I don't think that there is a special tag for the 2.5.2 version. I personaly > use SAMBA_TNG since a few days which looks to be the current TNG version. > > > Please do tell. > > Hope... > > > Al. > > Denis Ducamp. > > -- > Denis.Ducamp@hsc.fr -- Herv? Schauer Consultants -- http://www.hsc.fr/ > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From AVShutko at mail.khstu.ru Thu May 4 02:11:55 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:43 2003 Subject: One more thing... Message-ID: <9549.000504@mail.khstu.ru> A.V.Shutko> Short Desc. : Wrong KOI8 --> 866 convertation A.V.Shutko> Trigger : If i rename file.txt on network drive to Russian A.V.Shutko> it disappears (but I can view it on Unix disk - A.V.Shutko> its name in KOI8). All files in Russian are not A.V.Shutko> showing on smb shares. Hmm... One more thing... In TNG 2.5.3 (Makefile.in) i found this: CODEPAGELIST = [skiped] ISO8859-2 ISO8859-5 ISO8859-7 *koi8-r* instead of CODEPAGELIST = [skiped] ISO8859-2 ISO8859-5 ISO8859-7 *KOI8-R* Why you didn't fix it? A.V.Shutko mailto:AVShutko@mail.khstu.ru From lkcl at samba.org Thu May 4 02:21:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 compile error... In-Reply-To: <3910461D.AF007F5A@siac.com> Message-ID: compiler being fussy, not having the prototypes for this fn. #include "rpc_parse_proto.h" at the top. On Thu, 4 May 2000, Michael Breuer wrote: > System: Irix 6.5.7f > Error: rpc_client/ncalrpc_l_use.c, line 174 > A value of type "int" cannot be assigned to an entity of type "struct msrpc_local *" > > Note: everything appears correctly defined at that point in the code, so this may be some sort of weird IRIX issue. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu May 4 02:22:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 compile error... In-Reply-To: <3910461D.AF007F5A@siac.com> Message-ID: sorry, rpc_parse.h and rpc_client.h at the top. On Thu, 4 May 2000, Michael Breuer wrote: > System: Irix 6.5.7f > Error: rpc_client/ncalrpc_l_use.c, line 174 > A value of type "int" cannot be assigned to an entity of type "struct msrpc_local *" > > Note: everything appears correctly defined at that point in the code, so this may be some sort of weird IRIX issue. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu May 4 02:24:06 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Compiling 2.5 vs 2.5.2 In-Reply-To: <20000503180618.A16206@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: > > aix? yes. you will, apparently, need gcc 2.95 for aix. if you happen to > > get binaries for gcc 2.95 on aix... GIVE THEM TO ME!!!!! > > _Maybe_ I'm going to build gcc on 4.2.1. i tried, it failed, so i gave up and went searching for pre-compiled. From lkcl at samba.org Thu May 4 02:24:21 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Please put me on your mailing list In-Reply-To: <00050311071200.27454@mrapprh> Message-ID: http://samba.org/listproc. On Thu, 4 May 2000, Marilyn Rapp wrote: > Please put me on your mailing list: > > > mrapp@telegroup.com > > M. Rapp > Primus/Telegroup > 102 S. 23rd St. > Fairfield, IA 52556 > > > Thank you > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu May 4 02:29:50 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Compiling 2.5 vs 2.5.2 In-Reply-To: <391051CC.87A63D9A@hvcc.edu> Message-ID: well, the aix system is currently sitting doing absolutely nothing, because it can't even recognise the cd. see my diary on http://advogato.org/person/lkcl for details... On Thu, 4 May 2000, William Jojo wrote: > > I'm currently compiling 2.95.2 on 4.3.2 using gcc 2.8.1. I just got past the > "bigtoc" problem. Once completed, I'll send Luke a tarball, unless you *really* > want to do it :) > > Bill > > Elrond wrote: > > > > I'll take a look at aix at some time. (including cc) > > (My main work-boxes are aix, I just run/devel TNG on > > linux, cause it is so much nicer for devel-things.) > > > > On Wed, May 03, 2000 at 08:52:30AM +1000, Luke Kenneth Casson Leighton wrote: > > > aix? yes. you will, apparently, need gcc 2.95 for aix. if you happen to > > > get binaries for gcc 2.95 on aix... GIVE THEM TO ME!!!!! > > > > _Maybe_ I'm going to build gcc on 4.2.1. > > > > [...] > > > > Elrond > > -- > > > /------------------------------------------------------\ > | | > | William E. Jojo, Jr. | > | | > | Senior Systems and Network Specialist | > | | > | Hudson Valley Community College | > | | > | (518) 629 7540 | > | | > | jojowil@hvcc.edu | > | | > \------------------------------------------------------/ > > > So I held my up high > > Hiding hate that burns inside > > Which only fuels their selfish pride > > > We're all held captive out from the sun > > A sun that shines on only some > > We the meek are all in one > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu May 4 02:47:05 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: spoolss printing with NT In-Reply-To: <000b01bfb535$3662c500$0201010a@defiant> Message-ID: michael, you will need specifically to log in to the nt wksta as a user that has write-rights to the driver-directory on the samba server. anything else is a security risk, e.g what you suggest below :) On Thu, 4 May 2000, Michael Glauche wrote: > Ok .. I did play around with the new spoolss code (TNG 2.5.3) and nt 4.0 : > I got it to work .. sort of ;) > > When I add a new Printer to the server, it installs the printer-driver in the > print$ share, but then > I get a: > add_a_printer_driver_3: Cannot create driver file > [/opt/samba-tng/lib/NTdriver_W32X86_Kyocera F-800]. Error was Keine Berechtigung > (no right to write there) > Ok .. changed permission to .../lib to 777 and did try again, then it worked. > (is there a smb.conf option to change this location ?) > > I can now see the queue of the Linux-Printer (at least it seems so). > > When I now try to print a test-page (within the printer-setup) it fails. > > When I click on the new Printer in the folders "Printers" on the samba-server, > (there > where I can find the queue), I can add the driver for the printer to the local > machine (works fine), > but I can't print. > The port (in the NT window) is set to "lp" (the name of the normal lpr printer), > and I get > malformed printer driver entry (no :) > malformed printer driver entry (no :) > write_socket_data: write failure. Error = Daten?bergabe unterbrochen (broken > pipe) > write_socket: Error writing 32 bytes to socket 6: ERRNO = Daten?bergabe > unterbrochen (broken pipe) > > in the logfile. > > Is this suppose to work ? :) (i.e. does it make sense to look further into this > yet ? ;) It looks very promising ! > > btw .. "normal" printing works fine with 2.5.3 ... (use local port > \\server\printer) > > TIA, > Michael > > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Thu May 4 02:55:50 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: spoolss printing with NT In-Reply-To: Message-ID: On Thu, 4 May 2000, Jean Francois Micouleau wrote: > > On Wed, 3 May 2000, Michael Glauche wrote: > > > Skipping become_unix_sec_ctx - already user > > api_pipe_bind_req: decode request. 387 > > api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolssd > > 000000 smb_io_rpc_hdr_rb > > api_pipe_bind_req: make response. 334 > > 000000 smb_io_rpc_hdr_ba > > 000000 smb_io_rpc_hdr > > end of file from client > > looks like the connection terminated here at the SMB level. > > I think the RPC alter-context code in TNG is wrong (or buggy), NT doesn't > like the reply and close the connection. yeah, it's tricky, i'm trying to do something that keeps actual alter-context state, rather than "fake" the response like it is in cvs main. From lkcl at samba.org Thu May 4 03:01:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Adding users with usrmgr.exe In-Reply-To: <000d01bfb55f$8d27a750$0201010a@defiant> Message-ID: On Thu, 4 May 2000, Michael Glauche wrote: > Hi, > there's a problem adding users to samba with usrmgr when using a > non-root login: :) well YEAH! GOOD! From lkcl at samba.org Thu May 4 03:01:47 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Adding users with usrmgr.exe In-Reply-To: <000d01bfb55f$8d27a750$0201010a@defiant> Message-ID: On Thu, 4 May 2000, Michael Glauche wrote: > Hi, > there's a problem adding users to samba with usrmgr when using a > non-root login: > api_rpc_command: api_samr_rpc op 0x25 - api_rpc_command: SAMR_SET_USERINFO2 > 000008 samr_io_q_set_userinfo2 > prs_grow_data: 452 > 449 > samr_reply_set_userinfo2: 2197 > Found policy hnd[22] [000] 00 00 00 00 00 A3 5B 80 55 B5 BF 01 44 33 00 00 > .....[. U...D3.. > [010] 14 00 00 00 .... > policy(pnum=22 ): Getting policy state > Getting policy sid=S-1-5-21-875121446-1962601162-102799029-1000 > samr_reply_set_userinfo2: rid:0x3e8 > startfileent: unable to open file /opt/samba-tng/private/smbpasswd > unable to open sam password database. > 000000 samr_io_r_set_userinfo2 > create_noauth_reply: data_start: 0 data_end: 4 max_tsize: 5680 > > The user is in the Domain Admin group, but smbpasswd is only readable by user > root, noone else. > Could something like: > if (user is in group "domain admin") > suid 0 no. ah. smbpasswd should be group 0, rw-rw---. hmm. From lkcl at samba.org Thu May 4 03:02:18 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: 1 general Question and 2 Windows 95 "Errors" In-Reply-To: <20000504014533.A2158@shadowland.sc> Message-ID: On Thu, 4 May 2000, Jens Skripczynski wrote: > 2) After doing a 95 Domain Logon, I spotted on my samba share > a share named 'root', even so my own login Name is 'jens'. > So it seems to me that the anonymous access is somehow wrong. > 'smbclient -L shadowland' shows the 'root' share as > 'Home Directories' which is also not correkt. i know. thanks. From lkcl at samba.org Thu May 4 03:04:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 difficulty In-Reply-To: <3910BAFB.86DD1541@dynetics.com> Message-ID: On Thu, 4 May 2000, Jim Levie wrote: > System RH6.2 > TNG 2.5.3 > configure options: none other than --prefix > > There's not much in smb.conf: > > workgroup = MYDOM > server string = Samba-PDC > domain logons = yes > domain master = yes > preferred master = yes > local master = yes > os level = 65 > security = user > encrypt passwords = yes > > After an un-remarkable compile & install I created netlogon, private, > profile and set mode 1777 on profile, and "touched" private/smbpasswd > then: > > start samba via samba-init.d script (everybody started & runs) > > [root@.]$ createuser chaos$ (This system, to be a PDC) > [root@.]$ createuser chaos$ -s -j mydom this not necessary. looks fine, otherwise. From lkcl at samba.org Thu May 4 03:07:38 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: Password change under NT In-Reply-To: Message-ID: On Thu, 4 May 2000, Luke Kenneth Casson Leighton wrote: > s are replaced with _s in automatic tag generation. sorry, .s not s. > so it will be SAMBA_TNG_2_5_2. From lkcl at samba.org Thu May 4 03:08:29 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:43 2003 Subject: One more thing... In-Reply-To: <9549.000504@mail.khstu.ru> Message-ID: i did, i promise! > Hmm... One more thing... In TNG 2.5.3 (Makefile.in) i found this: > CODEPAGELIST = [skiped] ISO8859-2 ISO8859-5 ISO8859-7 *koi8-r* > instead of > CODEPAGELIST = [skiped] ISO8859-2 ISO8859-5 ISO8859-7 *KOI8-R* > Why you didn't fix it? k From mg at plum.de Thu May 4 09:16:35 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:43 2003 Subject: Adding users with usrmgr.exe References: Message-ID: <009e01bfb5a9$71efe1b0$0201010a@defiant> > > The user is in the Domain Admin group, but smbpasswd is only readable by user > > root, noone else. > > Could something like: > > if (user is in group "domain admin") > > suid 0 > > no. ah. > > smbpasswd should be group 0, rw-rw---. smbpasswd is allways rw-------. samba changes to these permissions when not using these ... so there is no way for an non-uid 0 account to create a samba user :( regards, Michael From mailing at lastminutetour.com Thu May 4 08:30:40 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:43 2003 Subject: 2.0.7, description for users of the domain Message-ID: <20000504103040.A25557@giove.lastminutetour.com> Hi all, recently i've seen a problem, not so big, but very stupid.The users of the domain have no description, or full name.When i push ctrl-alt-canc, for example to change password, i see loggend in domain/user. How i can complete the information??? thanks... From mailing at lastminutetour.com Thu May 4 09:17:49 2000 From: mailing at lastminutetour.com (Mailing Manager) Date: Tue Dec 2 02:29:43 2003 Subject: was change password on nt, with 2.0.7 Message-ID: <20000504111749.A27375@giove.lastminutetour.com> Hi all, i founded that when i try to change the password i need to use the real user login from /etc/passwd, if i use the alias it doesn't work... it is correct?? can i have teh alias working also for to change password?? thanks From m.g.ross at herts.ac.uk Thu May 4 11:43:50 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:43 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) Message-ID: After starting all the daemons (debug level = 3), I run: # samedit -S . -U root% pm_process() returned Yes added interface ip=147.xxx.xxx.xxx bcast=147.xxx.xxx.xxx nmask=255.xxx.xxx.xxx 2000/05/04 12:22:53 client started (version TNG-alpha) [root@.]$ createuser root createuser root root is in 11 groups: 1, 0, 2, 3, 4, 5, 6, 7, 8, 9, 12 uid 0 registered to name root Clearing default real name uid 0 vuid 100 registered to unix name root policy(pnum=1 ): Setting policy state setting policy con policy(pnum=1 SAM_CONNECT): Getting policy state Getting policy con state policy(pnum=1 SAM_CONNECT): Getting policy state Getting policy con state policy(pnum=1 SAM_CONNECT): Getting policy state Getting policy con state policy(pnum=1 SAM_CONNECT): Closing SAM Create Domain User Domain: FEISPCLABS Name: root ACB: [U ] root is in 11 groups: 1, 0, 2, 3, 4, 5, 6, 7, 8, 9, 12 uid 0 registered to name root Clearing default real name uid 0 vuid 101 registered to unix name root policy(pnum=2 ): Setting policy state setting policy con policy(pnum=2 SAM_CONNECT): Getting policy state Getting policy con state policy(pnum=2 SAM_CONNECT): Getting policy state Getting policy con state Duplicating policy state pnum=2 policy(pnum=3 ): Setting policy state setting policy con policy(pnum=3 SAM_DOMAIN): Getting policy state Getting policy con state policy(pnum=3 SAM_DOMAIN): Getting policy state Getting policy con state Duplicating policy state pnum=3 policy(pnum=4 ): Setting policy state setting policy con policy(pnum=4 ): Getting policy state Getting policy con state policy(pnum=4 ): Closing policy(pnum=3 SAM_DOMAIN): Getting policy state Getting policy con state policy(pnum=3 SAM_DOMAIN): Closing policy(pnum=2 SAM_CONNECT): Getting policy state Getting policy con state policy(pnum=2 SAM_CONNECT): Closing Create Domain User: OK [root@.]$q free_connections: closing all MSRPC connections # more /usr/local/samba/private/smbpasswd root:0:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU ]:LCT-FFFFFFFF: # This is an invalid entry, right? My [globals] section is: [global] workgroup = FEISPCLABS netbios name = LAWN server string = FEIS Samba Server encrypt passwords = Yes null passwords = Yes smb passwd file = /usr/local/samba/private/smbpasswd passwd program = /usr/bin/yppasswd log file = /usr/local/samba/var/_%m.log max log size = 200 name resolve order = host wins bcast time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 local group map = /usr/local/samba/lib/localgroups.map domain group map = /usr/local/samba/lib/domaingroups.map domain user map = /usr/local/samba/lib/usermap.map logon path = \\bantam\user1\profiles\admin logon drive = q: logon home = e:\auser domain logons = Yes lm announce = False preferred master = Yes domain master = Yes dns proxy = No wins server = 147.xxx.xxx.xxx admin users = comtmgr comtpm hosts allow = 147.xxx. 127. client code page = 850 debug level = 3 My OS is: SunOS lawn 5.7 Generic_106541-08 sun4u sparc SUNW,Ultra-250 If I try and do: # smbpasswd pm_process() returned Yes added interface ip=147.197.206.144 bcast=147.197.207.255 nmask=255.255.248.0 New SMB password: Retype new SMB password: Segmentation Fault (core dumped) The same thing has happened the last few times I have tried this (each day using CVS in the morning to update, except for this time when I downloaded http://ie.samba.org/samba/ftp/alpha/samba-tng-alpha.2.5.3.tar.gz). Matt Ross -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From Jean-Francois.Micouleau at dalalu.fr Thu May 4 12:20:47 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:29:43 2003 Subject: spoolss printing with NT In-Reply-To: Message-ID: On Thu, 4 May 2000, Luke Kenneth Casson Leighton wrote: > yeah, it's tricky, i'm trying to do something that keeps actual > alter-context state, rather than "fake" the response like it is in cvs > main. what for ? I never understood the real reason why there is an alter-context on that pipe only (outside of the fact that if netmon and NT share the same IDL then there is a small alignment bug in NT rpc bind reply code). J.F. From marc.mclaughlin at eds.com Thu May 4 13:21:49 2000 From: marc.mclaughlin at eds.com (Mclaughlin, Marc) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE Message-ID: Hi, I cannot use USERMGR.EXE. When loading USERMGR.EXE, the domain members are not listed. When attempting to add a user, I get an error saying "this program has performed an illegal operation and will be shut down". Further details given below. Logs at debug level 10 available later if required. Good news is that last time I tried (version 1.8 I believe) USERMGR.EXE could not find the PDC. Looking in Server Manager, the Samba server appeared as type "Backup". With version 2.5.3 it now appears as type "Primary". Regards, Marc (Cheers to Jens Skripczynski for the bugreport template) G E N E R A L * * * * * * * * ------------- OS : solaris 7 (sparc) ------------- Compiler : gcc version 2.95.2 19991024 (release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: 2.5.3 ------------- Error Type : reproduceable ------------- Short Desc. : USERMGR not displaying domain members and also crashing when attempting to add a user ------------- Trigger : Run USERMGR.EXE on a Windows 95 machine (USERMGR.EXE is part of Nexus package). Domain members are not displayed. Select "New User" from File menu. USERMGR.EXE crashes. ------------- Solution : not known ------------- The following entries appear in log.smb when starting USERMGR.EXE : api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 write_socket_data: write failure. Error = Broken pipe write_socket: Error writing 72 bytes to socket 14: ERRNO = Broken pipe api_fd_reply: INVALID PIPE HANDLE: 0 write_socket_data: write failure. Error = Broken pipe write_socket: Error writing 72 bytes to socket 14: ERRNO = Broken pipe api_fd_reply: INVALID PIPE HANDLE: 0 write_socket_data: write failure. Error = Broken pipe write_socket: Error writing 72 bytes to socket 14: ERRNO = Broken pipe The following entries appear in log.smb when attempting to add a user in USERMGR.EXE : api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 api_fd_reply: INVALID PIPE HANDLE: 0 User Manager error : USRMGR caused an invalid page fault in module RADMIN32.DLL at 0137:00402bdc. Registers: EAX=004654bd CS=0137 EIP=00402bdc EFLGS=00010246 EBX=00000004 SS=013f ESP=006af0ec EBP=00000000 ECX=004654bd DS=013f ESI=00000000 FS=2ff7 EDX=0049003c ES=013f EDI=004654bc GS=0000 Bytes at CS:EIP: ff 34 1e e8 36 00 00 00 85 c0 75 28 8d 44 24 10 Stack dump: 00000064 00000000 006af14c 004654bc 004654bd 0040aba5 00000000 00000001 004654bc 006af1e8 0049278c 59224348 01025ff0 00492470 ffffffff 592049b3 My smb.conf : #NetBIOS name isn't needed if it's the same as the hostname netbios name = SAMBAPDC workgroup = MYTEST #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes admin users = admin #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #LDAP bits n bobs ldap server = spmmfw1 ldap bind as = "uid=samba,ou=People,o=Z" ldap suffix = "OU=X,OU=Y,OU=PEOPLE,O=Z" ldap passwd file = /usr/local/samba/private/ldappasswd #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = U: logon home = \\SAMBAPDC\%U logon path = \\SAMBAPDC\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /opt/samba-tng/profile writeable = yes #a public share [public] path = /opt/samba-tng/public browseable = yes public = yes comment = Public share From mg at plum.de Thu May 4 14:39:44 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:43 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) References: Message-ID: <000901bfb5d6$96778fb0$0201010a@defiant> > After starting all the daemons (debug level = 3), I run: > > # samedit -S . -U root% > pm_process() returned Yes > added interface ip=147.xxx.xxx.xxx bcast=147.xxx.xxx.xxx > nmask=255.xxx.xxx.xxx > 2000/05/04 12:22:53 client started (version TNG-alpha) > [root@.]$ createuser root > createuser root use createuser root -p supersecretpassword then it should work ;) regards, Michael From mg at plum.de Thu May 4 14:41:32 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE References: Message-ID: <002201bfb5d6$d73d97b0$0201010a@defiant> > Hi, > > I cannot use USERMGR.EXE. When loading USERMGR.EXE, the domain members are > not listed. When attempting to add a user, I get an error saying "this > program has performed an illegal operation and will be shut down". Further > details given below. Logs at debug level 10 available later if required. are you logged on as "root" when adding the user ? if not, it won't work. (see my previous mails) regards, Michael From marc.mclaughlin at eds.com Thu May 4 13:56:08 2000 From: marc.mclaughlin at eds.com (Mclaughlin, Marc) Date: Tue Dec 2 02:29:43 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE Message-ID: I'm logged on as a user who should be a domain admin. I saw your email, but didn't think it was relevant as I am using LDAP. Is the smbpassword file used if you're using LDAP? Regards, Marc -----Original Message----- From: Michael Glauche [mailto:mg@plum.de] Sent: 04 May 2000 15:42 To: Mclaughlin, Marc; Multiple recipients of list SAMBA-NTDOM Subject: Re: TNG 2.5.3 - problems with USERMGR.EXE > Hi, > > I cannot use USERMGR.EXE. When loading USERMGR.EXE, the domain members are > not listed. When attempting to add a user, I get an error saying "this > program has performed an illegal operation and will be shut down". Further > details given below. Logs at debug level 10 available later if required. are you logged on as "root" when adding the user ? if not, it won't work. (see my previous mails) regards, Michael From Skripi at hrzpub.tu-darmstadt.de Thu May 4 14:19:49 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:43 2003 Subject: 2.0.7, description for users of the domain In-Reply-To: <20000504103040.A25557@giove.lastminutetour.com>; from mailing@lastminutetour.com on Thu, May 04, 2000 at 06:31:20PM +1000 References: <20000504103040.A25557@giove.lastminutetour.com> Message-ID: <20000504161949.A1413@shadowland.sc> Mailing Manager: > > Hi all, > recently i've seen a problem, not so big, but very stupid.The users > of the domain have no description, or full name.When i push ctrl-alt-canc, > for example to change password, i see loggend in domain/user. > How i can complete the information??? As far as I know this is not implemented in the 2.0 Distribution. It may be possible to supply this kind of Information in SAMBA_TNG. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From ggeorge at digisolv.com Thu May 4 14:16:58 2000 From: ggeorge at digisolv.com (Gerry George) Date: Tue Dec 2 02:29:43 2003 Subject: SAMBA & Printing to a WinX share Message-ID: <4.3.2.20000504101600.025c7410@mail.digisolv.com> My SAMBA is configured (non-TNG) and all clients are connecting, everything else is fine. One problem I'm having, not sure if it is a SAMBA or Linux issue, is to print to a WinX (9x or NT) printer. The other WinX systems can see AND use the printer share. SAMBA/Linux does not complain and spools the jobs, yet nothing comes out of the printer. The job does get cleared from the soppl directory. This is one are where I'm stuck. My printcap is as follows: HP-Color|lp|lpr|HP4500N:\ :sd=/var/spool/lpd/lp-color:\ :mx#0:\ :sh:\ :rm=HP4500:\ :rp=:\ :if=/var/spool/lpd/lp-color/filter: ##PRINTTOOL3## SMB uniprint NAxNA letter {} U_EpsonStylusColor stc1520h {} PhotoEX:\ :sd=/var/spool/lpd/PhotoEX:\ :mx#0:\ :sh:\ :if=/var/spool/lpd/PhotoEX/filter:\ :af=/var/spool/lpd/PhotoEX/acct:\ :lp=/dev/null: The HP-4500 is an HP Color with a JetDirect card. Printing is direct via TCP/IP - works The Epson PhotoEX is an inkjet connected to an NT server, where the printer share is exported as PhotoEX. Both entries were created using the LinuxConf printer tool. I notice that there is no reference to the target machine in the second instance, nor the fact that it is an SMB-accessed printer. Any suggestions? Gerry George PS: For you NT experts, how do I force a share off? I do not wish to share drive C:, yet everytime I turn off the share of "C:" and "C:\WINNT" it comes back. Gerry E. George Information Technology Specialist, DigiSolv, Inc. http://www.digisolv.com .. From abrock at georgefox.edu Thu May 4 12:30:43 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:43 2003 Subject: Adding new users with USERMGR.EXE In-Reply-To: Message-ID: <4.2.2.20000504072151.00a52c80@localhost> On a related note to some of the current discussion (at least it seems related to me), Are there any plans to implement methods where a user is automatically added to the /etc/passwd database if they don't already exist when attempting to added them to private/smbpasswd ? This functionality will be necessary in the long term (especially for those of us who need to grant these types of privileges, without granting telnet to the UNIX box). I am thinking of something like an optional script that is run BEFORE samba checks for an existing /etc/passwd account when trying to add a new user. We could check in the script (or samba could check for us before running the script) to see if the user exists, and create the necessary account if it meets qualifications (correct length, character set, case, etc). This is just a thought, but we will need this kind of functionality long term since we have about 14 people with 'superuser' privileges on our NT boxes, and none of them are UNIX savvy (and would be extremely dangerous at a command prompt). Optionally, please inform me if this functionality already exists, and how to implement it. Thanks! Tony At 06:58 AM 5/4/00 -0700, marc.mclaughlin@eds.com wrote: >I'm logged on as a user who should be a domain admin. I saw your email, >but >didn't think it was relevant as I am using LDAP. Is the smbpassword file >used if you're using LDAP? > >Regards, > >Marc ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From nord at cdt.luth.se Thu May 4 15:04:25 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:43 2003 Subject: TNG and policies. References: Message-ID: <39119179.52B29D65@cdt.luth.se> I would think so although I havent tried it. Someone will proably correct me but you need a share called Netlogon$. And sometimes NT is picky about the capitaliaxation of the filename NTConfig.pol or NTCOnfig.POL seem to work best. (Although it shouldnt care less about the capitalization) /James Shane Machon wrote: > > Greetings, > > Is TNG capable of having group user policies within the PDC domain. Example, > Workstation restrictions for users (access to my computer, control panel > etc)? > > Any information is helpful, > > Regards, > Shane. > ___________________________________ > Shane Machon > Network Technical Consultant/Programmer > Network and Linux Solutions > http://www.nls.net.au > > Total IT Solutions -- Technology is a word that describes something that doesn't work yet. Douglas Adams From mg at plum.de Thu May 4 15:32:36 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:43 2003 Subject: Adding new users with USERMGR.EXE References: <4.2.2.20000504072151.00a52c80@localhost> Message-ID: <003101bfb5dd$f954d730$0201010a@defiant> > On a related note to some of the current discussion (at least it seems > related to me), > > Are there any plans to implement methods where a user is automatically > added to the /etc/passwd database if they don't already exist when > attempting to added them to private/smbpasswd ? This functionality will be > necessary in the long term (especially for those of us who need to grant > these types of privileges, without granting telnet to the UNIX box). for BDC this works with "add user script". Don't know if it is possible with PDC ... But I think it's not needed anymore if the "winbind" project succeeds ... ;) > I am thinking of something like an optional script that is run BEFORE samba > checks for an existing /etc/passwd account when trying to add a new > user. We could check in the script (or samba could check for us before > running the script) to see if the user exists, and create the necessary > account if it meets qualifications (correct length, character set, case, etc). > > This is just a thought, but we will need this kind of functionality long > term since we have about 14 people with 'superuser' privileges on our NT > boxes, and none of them are UNIX savvy (and would be extremely dangerous at > a command prompt). Optionally, please inform me if this functionality > already exists, and how to implement it. > that problem sound familliar ... ;)) regards, Michael From apohl at vegu.de Thu May 4 15:53:08 2000 From: apohl at vegu.de (A. Pohl) Date: Tue Dec 2 02:29:43 2003 Subject: vuid.tdb grows very fast to a very large file Message-ID: <000d01bfb5e0$d8944280$cbe519c0@vegu.de> I have Samba_TNG 2.5 with 20 users. the file samba/var/locks/vuid.tdb grows to 10 MB in 3 hours! In 2 days to 200 MB!!! Then the PDC is unreachable. :( What is wrong here? Thanks, Andreas smb.conf: [global] guest ok = no security = user encrypt passwords = yes smb passwd file = /usr/local/samba/private/smbpasswd workgroup = VEGU server string = Samba %v auf (%L) domain logons = yes domain group map = /usr/local/samba/lib/domaingroup.mapping os level = 34 local master = yes preferred master = yes domain master = yes logon script = %U.bat logon path = \\hera\profiles\%U logon drive = H: logon home = \\hera\%U printer driver file = /usr/local/samba/print/printers.def wins support = yes name resolve order = wins lmhosts hosts bcast dns proxy = yes time server =yes dos filetimes = yes fake directory create times = yes dos filetime resolution = yes log level = 0 max log size = 5000 debug timestamp = no syslog = 0 socket options = TCP_NODELAY dead time = 15 ; Default is 0 getwd cache = yes hosts allow = 192.168.1. 192.25.229. localhost interfaces = 192.25.229.243 \ 192.25.229.244 localhost bind interfaces only = yes follow symlinks = yes wide links = yes map archive = yes map system = yes map hidden = yes 9-1 [netlogon] comment = The domain logon service path = /home/netlogon ;public = no writeable = yes browsable = no [profiles] comment = Benutzer-Profile path = /home/profile create mode = 0600 directory mode = 0700 writable = yes browsable = no [install] path = /home/install comment = Installationsdateien ;nicht sichtbar browsable = yes writable = yes valid users = @root @edv create mode = 0760 directory mode = 0770 force user = nobody force group = root From lars at kneschke.de Thu May 4 05:22:30 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:43 2003 Subject: samba tng does not compile Message-ID: <39110916.F9824A72@kneschke.de> Hello Coders! :-) Something went wrong! See this: [root@knecke source]# make CONFIG_FILES= CONFIG_HEADERS=include/config.h /bin/sh ./config.status creating include/config.h include/config.h is unchanged CONFIG_FILES=Makefile CONFIG_HEADERS= /bin/sh ./config.status creating Makefile Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba-tng/var" -DSMBLOGFILE="/opt/samba-tng/var/log.smb" -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" -DLOCKDIR="/opt/samba-tng/var/locks" -DSMBRUN="/opt/samba-tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" -DDRIVERFILE="/opt/samba-tng/lib/printers.def" -DBINDIR="/opt/samba-tng/bin" -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" -DSAM_DIR="/opt/samba-tng/sam" -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lreadline -lcurses -ldl -lcrypt Linking shared library bin/libmsrpc.la Compiling rpc_parse/parse_vuid.c with libtool rpc_parse/parse_vuid.c: In function `make_vuid_user_struct': rpc_parse/parse_vuid.c:70: structure has no member named `name' rpc_parse/parse_vuid.c: In function `vuid_io_user_struct': rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:119: structure has no member named `name' make: *** [rpc_parse/parse_vuid.lo] Error 1 OS: Linux (but i think that's no problem with the os) Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From jojowil at hvcc.edu Thu May 4 16:10:59 2000 From: jojowil at hvcc.edu (William Jojo) Date: Tue Dec 2 02:29:43 2003 Subject: vuid.tdb grows very fast to a very large file References: <000d01bfb5e0$d8944280$cbe519c0@vegu.de> Message-ID: <3911A113.2723EF21@hvcc.edu> Oddly enough I was just about to post regarding "unexpected.tdb" and "printing.tdb" growing even faster than that. They fill us my filesystem (what's left of it anyway) in just a few moments. Also when I start nmbd through SWAT it still shows it as "not running"...any ideas? FYI: 2.5.3 compiled fine on AIX 4.3.2 with gcc 2.95.1 Bill "A. Pohl" wrote: > > I have Samba_TNG 2.5 with 20 users. > > the file samba/var/locks/vuid.tdb grows to 10 MB in 3 hours! > In 2 days to 200 MB!!! > Then the PDC is unreachable. :( > What is wrong here? > > Thanks, > > Andreas > > smb.conf: > > [global] > guest ok = no > security = user > encrypt passwords = yes > smb passwd file = /usr/local/samba/private/smbpasswd > > workgroup = VEGU > server string = Samba %v auf (%L) > domain logons = yes > domain group map = /usr/local/samba/lib/domaingroup.mapping > os level = 34 > local master = yes > preferred master = yes > domain master = yes > logon script = %U.bat > logon path = \\hera\profiles\%U > logon drive = H: > logon home = \\hera\%U > printer driver file = /usr/local/samba/print/printers.def > wins support = yes > name resolve order = wins lmhosts hosts bcast > dns proxy = yes > time server =yes > dos filetimes = yes > fake directory create times = yes > dos filetime resolution = yes > > log level = 0 > max log size = 5000 > debug timestamp = no > syslog = 0 > > socket options = TCP_NODELAY > dead time = 15 ; Default is 0 > getwd cache = yes > hosts allow = 192.168.1. 192.25.229. localhost > interfaces = 192.25.229.243 \ > 192.25.229.244 localhost > bind interfaces only = yes > > follow symlinks = yes > wide links = yes > map archive = yes > map system = yes > map hidden = yes > 9-1 > > [netlogon] > comment = The domain logon service > path = /home/netlogon > ;public = no > writeable = yes > browsable = no > > [profiles] > comment = Benutzer-Profile > path = /home/profile > create mode = 0600 > directory mode = 0700 > writable = yes > browsable = no > > [install] > path = /home/install > comment = Installationsdateien > ;nicht sichtbar > browsable = yes > writable = yes > valid users = @root @edv > create mode = 0760 > directory mode = 0770 > force user = nobody > force group = root -- /------------------------------------------------------\ | | | William E. Jojo, Jr. | | | | Senior Systems and Network Specialist | | | | Hudson Valley Community College | | | | (518) 629 7540 | | | | jojowil@hvcc.edu | | | \------------------------------------------------------/ So I held my up high Hiding hate that burns inside Which only fuels their selfish pride We're all held captive out from the sun A sun that shines on only some We the meek are all in one From cwg-samba-ntdom at DeepEddy.Com Thu May 4 16:19:16 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:43 2003 Subject: Following LDAP referrals? In-Reply-To: <3910AC21.26FDFE27@ic.ac.uk> References: <28030.957388309@backstroke.deepeddy.com> <3910AC21.26FDFE27@ic.ac.uk> Message-ID: <3736.957457156@backstroke.deepeddy.com> I've patched my local copy, and I'd like to request this change to the source tree. Thanks, Chris > From: Phil Mayers > Date: Thu, 4 May 2000 08:43:59 +1000 > > I looked at the code a while back - changing the search level ought not > to make any difference. > > Chris Garrigues wrote: > > > > Is there a good reason for using LDAP_SCOPE_ONELEVEL or can this be > > changed to LDAP_SCOPE_SUBTREE. -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000504/a4548b1c/attachment.bin From tmiller at mei-charlotte.com Thu May 4 16:39:33 2000 From: tmiller at mei-charlotte.com (Miller, Teddy) Date: Tue Dec 2 02:29:43 2003 Subject: ILOVEYOU Message-ID: kindly check the attached LOVELETTER coming from me. -------------- next part -------------- A non-text attachment was scrubbed... Name: LOVE-LETTER-FOR-YOU.TXT.vbs Type: application/octet-stream Size: 10034 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000504/8afd2996/LOVE-LETTER-FOR-YOU.TXT.obj From tom at ee.ucl.ac.uk Thu May 4 16:41:50 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:43 2003 Subject: Samba TNG cvs 4/5/00 17:00 BST on Solaris 2.7 gcc 2.8.1 Message-ID: <200005041641.RAA20332@picard.ee.ucl.ac.uk> Hello, Samba TNG cvs 4/5/00 17:00 BST on Solaris 2.7 Sparc 64 gcc 2.8.1 This doesn't compile: Compiling rpc_parse/parse_vuid.c with libtool rpc_parse/parse_vuid.c: In function `make_vuid_user_struct': rpc_parse/parse_vuid.c:70: structure has no member named `name' rpc_parse/parse_vuid.c: In function `vuid_io_user_struct': rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:119: structure has no member named `name' *** Error code 1 make: Fatal error: Command failed for target `rpc_parse/parse_vuid.lo' A missing .h ? Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From MailGuard at cubis.de Thu May 4 17:42:14 2000 From: MailGuard at cubis.de (MailGuard@cubis.de) Date: Tue Dec 2 02:29:43 2003 Subject: Ihre Nachricht beinhaltet einen Virus / Your message contains a virus. Message-ID: <200005041642.SAA15591@mail-int.cubis.de> Ihre Nachricht wurde mit Anlagen empfangen, die Computerviren enthalten. Diese Nachricht wurde NICHT an den/die Empfaenger uebermittelt. Die Empfaenger wurden bezueglich der Nachricht informiert. Your mail message contains a virus. This mail message has been blocked from being delivered. The recipients have been informed about this mail. ****************************************** T?V Mitte Viren-Hotline Norbert Pfannm?ller Am Technologiepark 1 Geb?ude A6 D-45307 Essen phone : +49-201-8999-609 fax : +49-201-8999-666 email : N.Pfannmoeller@tuvit.de ****************************************** From virusalert at espl.com.au Thu May 4 16:45:00 2000 From: virusalert at espl.com.au (virusalert@espl.com.au) Date: Tue Dec 2 02:29:43 2003 Subject: *** Virus Alert (Mail Bounced) *** Message-ID: <200005041645.CAA18324@in.espl.com.au> **************************************************** *** Virus Alert *** Virus Alert *** Virus Alert *** **************************************************** A virus was detected in your Email From: samba-ntdom@samba.org To: A virus has been detected in your Email. As a result your Email has been deleted and will not be delivered. A log of the virus scan has been attached below for your reference. We recommend you download the free evaluation version of Anti Viral Pro, and scan/clean your machine and files before you try sending it again. http://www.avp.com.au **************************************************** *** Virus Alert *** Virus Alert *** Virus Alert *** **************************************************** McAffee... AntiViral Pro... +-----------------------------------------------------+ | AntiViral Toolkit Pro by Eugene Kaspersky for Linux | | Copyright(C) Kaspersky Lab. 1998, 1999 | | Version 3.0 build 133 | | | +-----------------------------------------------------+ Registration info: Key name Ser. number Price pos. Exp. date Trial AvpLinux.key 0010-000025-00000387 AVP for Linux 7.12.2000 No Current object: /var/spool/smtpd/bad/smtpd0ZHxki You will not be able to read the disk info. /var/spool/smtpd/bad/smt ... ool/smtpd/bad/smtpd0ZHxki /var/spool/smtpd/bad/smtpd0ZHxki archive: Mail /var/spool/smtpd/bad/smt ... ool/smtpd/bad/smtpd0ZHxki /var/spool/smtpd/bad/smt ... VE-LETTER-FOR-YOU.TXT.vbs /var/spool/smtpd/bad/smt ... VE-LETTER-FOR-YOU.TXT.vbs /var/spool/smtpd/bad/smtpd0ZHxki/[From: "Miller, Teddy" ]:\LOVE-LETTER-FOR-YOU.TXT.vbs infected: I-Worm.LoveLetter Scan process completed. Sector Objects : 0 Known viruses : 1 Files : 2 Virus bodies : 1 Folders : 0 Disinfected : 0 Archives : 1 Deleted : 0 Packed : 0 Warnings : 0 Suspicious : 0 Speed (Kb/sec) : 12 Corrupted : 0 Scan time : 00:00:01 I/O Errors : 0 From virus at virus.messagelabs.com Thu May 4 16:45:59 2000 From: virus at virus.messagelabs.com (virus@virus.messagelabs.com) Date: Tue Dec 2 02:29:43 2003 Subject: WARNING. You sent a potential virus or unauthorised code Message-ID: <20000504164559.798.qmail@server-11.tower-1.london-2.starlabs.net> The MessageLabs Virus Control Centre discovered a possible virus or unauthorised code (such as a joke program or trojan) in an email sent by you. Please read this whole email carefully. It explains what has happened to your email, which suspected virus has been caught, and what to do if you need help. ------------------------------------------------------------ Some details about the infected message ------------------------------------------------------------ To help identify the email: The message was titled 'ILOVEYOU' The message date was Fri, 5 May 2000 02:42:25 +1000 The message identifier was The message recipients were jameso@harlequin.co.uk samba-ntdom@samba.org To help identify the virus: Scanner 1 (NAI Virus Scan) reported the following: /var/qmail/queue/split/0/528386_2M_LOVE_LETTER_FOR_YOU.TXT.vbs Found the VBS/LoveLetter virus !!! The message was diverted into the virus holding pen on mail server server-11.tower-1.london-2.starlabs.net (id 528386_957458759) and will be held for 30 days before being destroyed. ------------------------------------------------------------ What should you do now? ------------------------------------------------------------ If you sent the email from a corporate network, you should first contact your local Helpdesk or System Administrator for advice. They will be able to help you disinfect your workstation. If you sent the email from a personal or home account, you will need to disinfect your computer yourself. To do this you will need an anti-virus program. We suggest using one of the leading industry anti-virus packages such as McAfee, F-Secure or Cybersoft, which cost £15-£30 per copy. ------------------------------------------------------------ Getting more help ------------------------------------------------------------ You may like to read the Support FAQs at http://www.messagelabs.com/support/FAQs.htm These will answer many of the most common queries. If you believe this message to be a false alarm or you require further assistance, you can email MessageLabs Support at:- support@messagelabs.com or contact MessageLabs Helpdesk by telephone on:- +44 (0) 1285 884466 Please quote the following Virus Pen ID when contacting Support. <<< mail server server-11.tower-1.london-2.starlabs.net (id 528386_957458759) >>> _____________________________________________________________________ This message has been checked for all known viruses by the MessageLabs Virus Control Centre. For further information visit http://www.messagelabs.com/stats.asp From gcarter at valinux.com Thu May 4 16:55:35 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU References: Message-ID: <3911AB87.B2E68846@valinux.com> "Miller, Teddy" wrote: > > kindly check the attached LOVELETTER coming from me. > > ------------------------------------------------------------------------ > Name: LOVE-LETTER-FOR-YOU.TXT.vbs > LOVE-LETTER-FOR-YOU.TXT.vbs Type: MPEG Video (video/mpeg) > Encoding: quoted-printable You have a virus. Please clean things up. Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From simo.sorce at polimi.it Thu May 4 16:54:43 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU References: Message-ID: <3911AB53.B8C57853@polimi.it> "Miller, Teddy" wrote: > > kindly check the attached LOVELETTER coming from me. > > ------------------------------------------------------------------------ > Name: LOVE-LETTER-FOR-YOU.TXT.vbs > LOVE-LETTER-FOR-YOU.TXT.vbs Type: MPEG Video (video/mpeg) > Encoding: quoted-printable Is this a joke? ------^ visual-bloat-script? -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From kkearney at zinilin.com Thu May 4 16:57:36 2000 From: kkearney at zinilin.com (Kells Kearney) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU References: Message-ID: <3911AC00.556694B3@zinilin.com> Please DO NOT RUN THIS!!!! This is a trojan horse that goes through your address list and then propagates itself. There is a more detailed explanation of exactly the damage that it does that I can provide to interested parties. The office next to us has been struck by it, as well as at least one other office in the area. kells "Miller, Teddy" wrote: > kindly check the attached LOVELETTER coming from me. > > ------------------------------------------------------------------------ > Name: LOVE-LETTER-FOR-YOU.TXT.vbs > LOVE-LETTER-FOR-YOU.TXT.vbs Type: unspecified type (application/octet-stream) > Encoding: quoted-printable From robert at vps.co.za Thu May 4 17:00:36 2000 From: robert at vps.co.za (Robert Sandilands) Date: Tue Dec 2 02:29:44 2003 Subject: DON'T OPEN ILOVEYOU References: Message-ID: <3911ACB4.BEAB20F3@vps.co.za> This is a virus, please do not open it.. Go to http://www.vps.co.za/ for more information... "Miller, Teddy" wrote: > > kindly check the attached LOVELETTER coming from me. > > ------------------------------------------------------------------------ > Name: LOVE-LETTER-FOR-YOU.TXT.vbs > LOVE-LETTER-FOR-YOU.TXT.vbs Type: VBScript Script File (application/x-unknown-content-type-VBSFile) > Encoding: quoted-printable From ryagatich at csn1.com Thu May 4 17:06:30 2000 From: ryagatich at csn1.com (Ryan Yagatich) Date: Tue Dec 2 02:29:44 2003 Subject: virus stuff (it does more than you think) Message-ID: IF YOU'VE RECEIVED THE MESSAGE FROM TERRY, MILLER, AND RAN IT, YOU HAVE AN ILOVE YOU VIRUS. READ THIS ok, to remove the virus: delete from outlook. run registry editor by typing regedit at the run menu. goto "HKLM\Software\Microsoft\Windows\Current Version\Run" and delete the: MSKernel32.vbs link. then goto "HKLM\Software\Microsoft\Windows\Current Version\Run Services" and delete the: Win32DLL.vbs link right click on internet explorer, goto properties and change your homepage back the way it was. goto start, find *.vbs on ALL drives, it will over write ALL .mp3, .jpg, .jpeg, .mp2, .vbe, .vbs, .js, .jse, .css, .wsh, .sct, .hta with itself, and append .vbs to the end of it. then it will create a temporary web-page that will say "to view this document, please click on the button to view Active-X" if you have MIRC, it will modify your scripts, so when a person joins, except self, it will send that .htm document to the other people on the channel. so you want to remove them as well. yes, it does say that MIRC will never run again, but it's a lie. then it goes to outlook. finds all users on your outlook contact list, and sends itself to each user there with the subject in which you have seen. ryan From dpe at clark.net Thu May 4 17:02:39 2000 From: dpe at clark.net (Edwards) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU is a Word virus In-Reply-To: Message-ID: As most of you have probably already been warned, ILOVEYOU is another one of those email viruses that routinely infect legacy OSes... Unfortunately, since it already went out on the list, those of you running Outlook have already discovered this. On Fri, 5 May 2000, Miller, Teddy wrote: > > kindly check the attached LOVELETTER coming from me. > > From ed at schernau.com Thu May 4 17:15:11 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU (funny) Message-ID: <3911B01F.8BB8B5A7@schernau.com> Well, now we all know what email client Teddy uses. But I'm running Netscape, and Linux... Ed From ryagatich at csn1.com Thu May 4 17:22:30 2000 From: ryagatich at csn1.com (Ryan Yagatich) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU In-Reply-To: <3911AC00.556694B3@zinilin.com> Message-ID: we've been hit by this as well. so has Corporate Bank 1 and some others. here's how to remove it. delete from outlook. run registry editor by typing regedit at the run menu. goto "HKLM\Software\Microsoft\Windows\Current Version\Run" and delete the: MSKernel32.vbs link. then goto "HKLM\Software\Microsoft\Windows\Current Version\Run Services" and delete the: Win32DLL.vbs link right click on internet explorer, goto properties and change your homepage back the way it was. goto start, find *.vbs on ALL drives, it will over write ALL .mp3, .jpg, .jpeg, .mp2, .vbe, .vbs, .js, .jse, .css, .wsh, .sct, .hta with itself, and append .vbs to the end of it. then it will create a temporary web-page that will say "to view this document, please click on the button to view Active-X" if you have MIRC, it will modify your scripts, so when a person joins, except self, it will send that .htm document to the other people on the channel. so you want to remove them as well. yes, it does say that MIRC will never run again, but it's a lie. then it goes to outlook. finds all users on your outlook contact list, and sends itself to each user there with the subject in which you have seen. ryan >-----Original Message----- >From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of >Kells Kearney >Sent: Thursday, May 04, 2000 1:03 PM >To: Multiple recipients of list SAMBA-NTDOM >Subject: Re: ILOVEYOU > > > > Please DO NOT RUN THIS!!!! > > This is a trojan horse that goes through your address list and >then propagates >itself. There is a more detailed explanation of exactly the >damage that it does >that I can provide to interested parties. > > The office next to us has been struck by it, as well as at least >one other >office in the area. > > >kells > > >"Miller, Teddy" wrote: > >> kindly check the attached LOVELETTER coming from me. >> >> >------------------------------------------------------------------------ >> Name: LOVE-LETTER-FOR-YOU.TXT.vbs >> LOVE-LETTER-FOR-YOU.TXT.vbs Type: unspecified type >(application/octet-stream) >> Encoding: quoted-printable From sollarsa at starofthesea.pvt.k12.or.us Thu May 4 16:14:39 2000 From: sollarsa at starofthesea.pvt.k12.or.us (Anthony L. Sollars) Date: Tue Dec 2 02:29:44 2003 Subject: I LOVER You Virus Info Message-ID: <3911A1EF.92F2DA3@starofthesea.pvt.k12.or.us> Here is a full story write up on this new nasty. http://www.cnn.com/2000/TECH/computing/05/04/iloveyou/index.html Sincerely, _____________________________________________________________ Anthony L. Sollars Technology Coordinator/Computer Teacher Star of the Sea School 1411 Grand Avenue Astoria, Or 97103 (503) 325-3771 sollarsa@starofthesea.pvt.k12.or.us http://www.starofthesea.pvt.k12.or.us --Never Argue with a Fool,. --They bring you down to their level and beat you with Experience. _____________________________________________________________ From pjdc at eircom.net Thu May 4 17:31:36 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:44 2003 Subject: TNG and policies. In-Reply-To: James Nord's message of "Fri, 5 May 2000 01:06:26 +1000" References: <39119179.52B29D65@cdt.luth.se> Message-ID: >>>>> "James" == James Nord writes: James> I would think so although I havent tried it. Someone will James> proably correct me but you need a share called Netlogon$. James> And sometimes NT is picky about the capitaliaxation of the James> filename NTConfig.pol or NTCOnfig.POL seem to work best. James> (Although it shouldnt care less about the capitalization) Since the number of files in netlogon$ probably would not be excessive, would using "case sensitive = no" and living with the overhead be an option? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From ctooley at joslyn.org Thu May 4 19:32:30 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:44 2003 Subject: virus stuff (it does more than you think) References: Message-ID: <3911D04E.38F5E29B@joslyn.org> We are also running LDAP Directory Services for our E-mail Address Directory. Some users who opened this sent it all people listed in the Directory. However, it does not always use the LDAP listings. It appears that if you do not have a Personal Address book it goes after other things. Chris Tooley Ryan Yagatich wrote: > IF YOU'VE RECEIVED THE MESSAGE FROM TERRY, MILLER, AND RAN IT, YOU HAVE AN ILOVE YOU VIRUS. > > READ THIS > ok, to remove the virus: > > delete from outlook. > > run registry editor by typing regedit at the run menu. > > goto "HKLM\Software\Microsoft\Windows\Current Version\Run" and delete the: MSKernel32.vbs link. > then > goto "HKLM\Software\Microsoft\Windows\Current Version\Run Services" and delete the: Win32DLL.vbs link > > right click on internet explorer, goto properties and change your homepage back the way it was. > > goto start, find *.vbs on ALL drives, it will over write ALL .mp3, .jpg, .jpeg, .mp2, .vbe, .vbs, .js, .jse, .css, .wsh, .sct, .hta with itself, and append .vbs to the end of it. > > then it will create a temporary web-page that will say "to view this document, please click on the button to view Active-X" > > if you have MIRC, it will modify your scripts, so when a person joins, except self, it will send that .htm document to the other people on the channel. so you want to remove them as well. yes, it does say that MIRC will never run again, but it's a lie. > > then it goes to outlook. finds all users on your outlook contact list, and sends itself to each user there with the subject in which you have seen. > > ryan From virus-protection at bosch.com Thu May 4 16:41:22 2000 From: virus-protection at bosch.com (virus-protection@bosch.com) Date: Tue Dec 2 02:29:44 2003 Subject: InterScan NT Alert Message-ID: <200005041728.TAA13608@gwa2.fe.bosch.de> Der Anhang Ihrer Mail enthielt einen Virus. Bitte aktualisieren Sie Ihren Virenschutz !!! InterScan has detected virus(es) in your e-mail attachment. Please actualize your antivirus tools !!! Date: Thu, 04 May 2000 18:41:22 +0200 (W. Europe Daylight Time) Method: Mail From: To: File: LOVE-LETTER-FOR-YOU.TXT.vbs Action: deleted Virus: VBS_LOVELETTER-O From pjdc at eircom.net Thu May 4 17:35:04 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU In-Reply-To: Kells Kearney's message of "Fri, 5 May 2000 03:04:35 +1000" References: <3911AC00.556694B3@zinilin.com> Message-ID: >>>>> "Kells" == Kells Kearney writes: Kells> Please DO NOT RUN THIS!!!! Kells> This is a trojan horse that goes through your address Kells> list and then propagates itself. There is a more detailed If you run Windows anyway... What's the PC term again... Windows-impaired? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From olivier.wegria at novactiongroup.com Thu May 4 17:37:58 2000 From: olivier.wegria at novactiongroup.com (Olivier Wegria) Date: Tue Dec 2 02:29:44 2003 Subject: network damned slow Message-ID: <500C66C7BF87D311A7F400A0C907E8D8072432@NSA4> Hi there I just upgraded my workstation from NT4SP5 to NT2000. I have several nt4SP5 and linux redhat6.1 servers. Now the network connection from NT2000 to linux is damned slow ( around 200Ko/sec !!) but it is OK with the NT servers. I am running samba 2.06 on linux servers and upgraded 1 server to samba 2.07 to see but no change. The servers are still fast when accessed from other NT4 clients. Does anybody has a clue of what's going on? thx Olivier From mg at plum.de Thu May 4 18:40:20 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:44 2003 Subject: I LOVER You Virus Info References: <3911A1EF.92F2DA3@starofthesea.pvt.k12.or.us> Message-ID: <006801bfb5f8$3326f050$0201010a@defiant> > Here is a full story write up on this new nasty. > > http://www.cnn.com/2000/TECH/computing/05/04/iloveyou/index.html > The funny thing is, that you can look at the source and understand what the virus/worm does ;) (my x86asm is not that good ;) regards, Michael From Meerwaldt at t-online.de Thu May 4 17:40:56 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:44 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: <200005041645.CAA18324@in.espl.com.au> Message-ID: Hi! WHO IS SENDING WITH VIRUS IN THIS LIST?! Ciao, Freddy From Meerwaldt at t-online.de Thu May 4 17:42:35 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:44 2003 Subject: ILOVEYOU In-Reply-To: <3911AC00.556694B3@zinilin.com> Message-ID: Hi! > > Please DO NOT RUN THIS!!!! > > This is a trojan horse that goes through your address list and then propagates > itself. There is a more detailed explanation of exactly the damage that it does > that I can provide to interested parties. > > The office next to us has been struck by it, as well as at least one other > office in the area. DON't panic. I think everybody knows it by now. And as this mailing list is Unix-Related the Virus can't be executes (I'm running FreeBSD, and it tells me unknown binary type :-)) Ciao, Freddy From Meerwaldt at t-online.de Thu May 4 17:43:47 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:44 2003 Subject: Stop with this Virus panic, please. In-Reply-To: <3911B01F.8BB8B5A7@schernau.com> Message-ID: Hi all, I'm very disappointed by now... This is a SAMBA-Mailinglist and not a Virus Information mailing list. Please EOT!!! Regards, Freddy From dominik.kubla at uni-mainz.de Thu May 4 18:56:04 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:44 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: ; from Meerwaldt@t-online.de on Fri, May 05, 2000 at 03:46:27AM +1000 References: <200005041645.CAA18324@in.espl.com.au> Message-ID: <20000504205604.A2186@uni-mainz.de> On Fri, May 05, 2000 at 03:46:27AM +1000, Frederik Meerwaldt wrote: > Hi! > > WHO IS SENDING WITH VIRUS IN THIS LIST?! > > Ciao, > Freddy The virus itself: obviously it found the list address in an Outlook address book. Just another reminder to not use any M$ software if you can avoid it... Executing an application/octet-stream attachment automatically: really! How dumb can those M$ wanna-be-a-programmers be... Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From lars at kneschke.de Thu May 4 18:50:04 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:44 2003 Subject: Adding new users with USERMGR.EXE References: <4.2.2.20000504072151.00a52c80@localhost> <003101bfb5dd$f954d730$0201010a@defiant> Message-ID: <3911C65C.20A7A0D7@kneschke.de> Michael Glauche wrote: > for BDC this works with "add user script". Don't know if it is possible with > PDC ... But I think it's not needed anymore if the "winbind" project succeeds > .. ;) What is winbind good for? Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From mg at plum.de Thu May 4 20:17:08 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:44 2003 Subject: Adding new users with USERMGR.EXE In-Reply-To: <3911C65C.20A7A0D7@kneschke.de> Message-ID: <3992288366.957475028@[10.1.1.2]> --On Donnerstag, 4. Mai 2000 20:50 +0200 Lars Kneschke wrote: > Michael Glauche wrote: >> for BDC this works with "add user script". Don't know if it is possible >> with PDC ... But I think it's not needed anymore if the "winbind" >> project succeeds .. ;) > What is winbind good for? > Something like NIS+ but with SMB as server, have a look at: http://advogato.org/proj/winbind/ regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From gosha at arvid.ee Thu May 4 18:17:04 2000 From: gosha at arvid.ee (Dmitri B.Gofmekler) Date: Tue Dec 2 02:29:44 2003 Subject: Help needed. Message-ID: <4.3.1.0.20000504211211.00ae88d0@mail> Hi, Everyone reported that samba-tng-alpha works, but for me. Please tell me how can I increase the log level to catch the trouble? Installed new tng-2.5.3 and Windows NT 4.0 (SP5) client stops interact with PDC (running RedHat 5.1), it logins, but can not use any share. Win 9x clients unable to connect to NT box. Maybe some clever person can view into my log and conf files and tell me what I did wrong? Thanks in advance, ---- Dmitri B. Gofmekler , ICQ: 8168758 ---- "http://www.sill.ee/~gosha/gosha.asc" - for PGP Encrypted messages. ===================================== Phone: (+372) 6 563981 Fax: (+372) 6 563000 A-Arvid Computers Ltd. < http://www.arvid.ee > From pjdc at eircom.net Thu May 4 19:26:34 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: Dominik Kubla's message of "Fri, 5 May 2000 04:59:35 +1000" References: <200005041645.CAA18324@in.espl.com.au> <20000504205604.A2186@uni-mainz.de> Message-ID: >>>>> "Dominik" == Dominik Kubla writes: Dominik> any M$ software if you can avoid it... Executing an Dominik> application/octet-stream attachment automatically: You have to double-click on the attachment for it to be executed. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Thu May 4 19:41:13 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:45 2003 Subject: Help needed. In-Reply-To: "Dmitri B.Gofmekler"'s message of "Fri, 5 May 2000 05:21:38 +1000" References: <4.3.1.0.20000504211211.00ae88d0@mail> Message-ID: >>>>> "Dmitri" == Dmitri B Gofmekler writes: Dmitri> Hi, Everyone reported that samba-tng-alpha works, but for Dmitri> me. Please tell me how can I increase the log level to Dmitri> catch the trouble? Add the statement "log level = NUMBER" into the global section of your smb.conf. Generally a level of 100 is required to catch enough useful information, but it can slow your server down, so you might like to try 5 or 10 for normal use and use 100 only when you want to generate a log to make a report. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From dominik.kubla at uni-mainz.de Thu May 4 19:48:00 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: ; from pjdc@eircom.net on Fri, May 05, 2000 at 05:24:12AM +1000 References: <200005041645.CAA18324@in.espl.com.au> <20000504205604.A2186@uni-mainz.de> Message-ID: <20000504214800.A7618@uni-mainz.de> On Fri, May 05, 2000 at 05:24:12AM +1000, Paul J Collins wrote: > >>>>> "Dominik" == Dominik Kubla writes: > > Dominik> any M$ software if you can avoid it... Executing an > Dominik> application/octet-stream attachment automatically: > > You have to double-click on the attachment for it to be executed. Ok, so they are not that stupid... But still i think the only thing to do with application/octet-stream is to save it to a file. Dominik -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From Meerwaldt at t-online.de Thu May 4 19:48:02 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: Message-ID: Hi! > > You have to double-click on the attachment for it to be executed. All this click-stuff (Here in Germany we call it: Klicki-Bunti :-)). Thats a big bullshit. I'm doing my mails with pine. And if you accidently run an attachment with this program, you must be very stupid :-) > > Paul. > Ciao, Freddy From mhw at wittsend.com Thu May 4 18:55:11 2000 From: mhw at wittsend.com (Michael H. Warfield) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: <20000504214800.A7618@uni-mainz.de>; from dominik.kubla@uni-mainz.de on Fri, May 05, 2000 at 05:49:53AM +1000 References: <200005041645.CAA18324@in.espl.com.au> <20000504205604.A2186@uni-mainz.de> <20000504214800.A7618@uni-mainz.de> Message-ID: <20000504145511.C1563@alcove.wittsend.com> On Fri, May 05, 2000 at 05:49:53AM +1000, Dominik Kubla wrote: > On Fri, May 05, 2000 at 05:24:12AM +1000, Paul J Collins wrote: > > >>>>> "Dominik" == Dominik Kubla writes: > > > > Dominik> any M$ software if you can avoid it... Executing an > > Dominik> application/octet-stream attachment automatically: > > > > You have to double-click on the attachment for it to be executed. > Ok, so they are not that stupid... But still i think the only thing to Aparently a lot of people are... > do with application/octet-stream is to save it to a file. Only if the file is /dev/null. > Dominik > -- > Networking Group, Hospital of Johannes Gutenberg-University > Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany > Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From peter at cadcamlab.org Thu May 4 20:15:08 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:45 2003 Subject: worm fix (was Re: ILOVEYOU) References: <3911AC00.556694B3@zinilin.com> Message-ID: <14609.55332.200553.232551@wire.cadcamlab.org> [Ryan Yagatich ] > here's how to remove it. > > delete from outlook. > > run registry editor by typing regedit at the run menu. > > goto "HKLM\Software\Microsoft\Windows\Current Version\Run" and delete the: MSKernel32.vbs link. > then > goto "HKLM\Software\Microsoft\Windows\Current Version\Run Services" and delete the: Win32DLL.vbs link Oh, don't do that. Not if you have more than half a dozen computers. Try this, from Unix. May require Samba-TNG. (Thank you, Samba Team!) Note that it doesn't delete hkcu\software\ms\ie\main\start page That wouldn't work unless you use the same username as whoever is on the console. Getting the right hkey_users\* from a script is left as an exercise to the reader. (Hint: run rpcclient, grep for S-1-, then run rpcclient again.) Peter #!/bin/sh machine=$1; domain=$2; if [ -n "$3" ]; then username=$3 else username=Administrator fi if [ -n "$4" ]; then password=$4; else stty -echo; echo -n "$machine\$username password: "; read password; stty echo fi smbclient //$machine/admin\$ -W $domain -U ${username}%${password} -c ' del win32dll.vbs; cd system32; del mskernel32.vbs; del love-letter-for-you.txt.vbs; ' rpcclient -S $machine -W $domain -U ${username}%${password} -c ' regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\run\mskernel32"; regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\runservices\win32dll"; regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\run\win-bugsfix"; quit; ' From paul.rogers at mis-cds.com Thu May 4 16:51:55 2000 From: paul.rogers at mis-cds.com (Paul Rogers) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! Message-ID: Hello, The Love Letter virus is currently doing the rounds in Europe on a large scale. It will soon become clear whether the US and the rest of the world is affected. Sorry to mass mail but it has managed to bring a number of large organisations to a halt today. If you receive an e-mail with the subject title (ignore underscores, should be one word - used to get past our mail sweeping software) I_LOVE_YOU, do NOT open this mail and delete it immediately. It is a variant of the Melissa worm, except it is destructive to local and network drives. This affects computers running Windows 95/98/NT/2000, Microsoft Outlook and Microsoft Internet Explorer. For an explanation of the Love Letter virus or a solution if you have been infected, please visit: http://www.mis-cds.com/news/security/20000504vbs.html Many thanks, Paul Rogers, Development Analyst. MIS Corporate Defence Solutions Limited Tel: +44 (0)1622 723422 (Direct Line) +44 (0)1622 723400 (Switchboard) Fax: +44 (0)1622 728580 Website: http://www.mis-cds.com/ Paul Rogers, Development Analyst. MIS Corporate Defence Solutions Limited Tel: +44 (0)1622 723422 (Direct Line) +44 (0)1622 723400 (Switchboard) Fax: +44 (0)1622 728580 Website: http://www.mis-cds.com/ ********************************************************************** The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the addressee. If you are not the addressee any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited. The views expressed in this e-mail are those of the individual and not necessarily of MIS Corporate Defense Solutions Ltd. Any prices quoted are only valid if followed up by a formal written quote. If you have received this transmission in error, please contact our Security Manager on 44 (0) 1622 723400. ********************************************************************** From kevinc at grainsystems.com Thu May 4 21:47:26 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:45 2003 Subject: Adding new users with USERMGR.EXE References: <3992288366.957475028@[10.1.1.2]> Message-ID: <3911EFEE.55329C70@grainsystems.com> Michael Glauche wrote: > Lars Kneschke wrote: > > Michael Glauche wrote: > > > > > > for BDC this works with "add user script". Don't know if it is > > > possible with PDC ... But I think it's not needed anymore if the > > > "winbind" project succeeds .. ;) > > > > What is winbind good for? > > Something like NIS+ but with SMB as server, have a look at: > http://advogato.org/proj/winbind/ Does anyone have some more detailed information on this? Or perhaps a summary of what it currently does? (Is this a pie in the sky or something I could use?) - Kevin Colby kevinc@grainsystems.com From pjdc at eircom.net Thu May 4 22:24:01 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! In-Reply-To: Paul Rogers's message of "Fri, 5 May 2000 07:28:34 +1000" References: Message-ID: >>>>> "Paul" == Paul Rogers writes: Paul> Hello, The Love Letter virus is currently doing the rounds Paul> in Europe on a large scale. It will soon become clear Paul> whether the US and the rest of the world is affected. Sorry Paul> to mass mail but it has managed to bring a number of large Paul> organisations to a halt today. A little behind the curve, aren't we? This list has already pretty much thrashed this one to death, *and* one of our number has come up with a simple script that will disinfect a whole network in one shot. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From skvidal at phy.duke.edu Thu May 4 22:25:26 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! In-Reply-To: Message-ID: > much thrashed this one to death, *and* one of our number has come up > with a simple script that will disinfect a whole network in one shot. could that script be reposted I missed it. -sv From duende at ficcte.unimoron.edu.ar Fri May 5 00:45:40 2000 From: duende at ficcte.unimoron.edu.ar (duende) Date: Tue Dec 2 02:29:45 2003 Subject: Profiles support problem Message-ID: <391219B4.4075C8A7@ficcte.unimoron.edu.ar> Hi, I'm using the following system SuSE 6.3 Kernel 2.2.13 compiled with the option System V IPC selected. gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) I have configured the latest cvs source code with the command. ./configure --with-privatedir=/etc --with-smbmount --with-automount --with-profile --with-pam --with-syslog --with-quotas --sysconfdir=/etc --with-lockdir=/var/locks --libdir=/etc --with-smbwapper During compiling I see the following error Compiling profile/profile.c profile/profile.c:28: #error "You must have SYSV shared memory to compile in the profiling code" make: *** [profile/profile.o] Error 1 How knows to solve this problem? Regards From pjdc at eircom.net Thu May 4 23:08:20 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:45 2003 Subject: Profiles support problem In-Reply-To: duende's message of "Fri, 5 May 2000 08:41:17 +1000" References: <391219B4.4075C8A7@ficcte.unimoron.edu.ar> Message-ID: >>>>> "duende" == duende writes: duende> How knows to solve this problem? If you check config.log, you might be able to find if and why the tests for shared memory are failing. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Fri May 5 01:02:09 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: Adding users with usrmgr.exe In-Reply-To: <009e01bfb5a9$71efe1b0$0201010a@defiant> Message-ID: On Thu, 4 May 2000, Michael Glauche wrote: > > > The user is in the Domain Admin group, but smbpasswd is only readable by > user > > > root, noone else. > > > Could something like: > > > if (user is in group "domain admin") > > > suid 0 > > > > no. ah. > > > > smbpasswd should be group 0, rw-rw---. > > smbpasswd is allways rw-------. samba changes to these permissions when not > using these ... so there is no way for an non-uid 0 account to create a samba > user :( this is not good, it's got to go. From ntdom at webbhq.net Fri May 5 01:04:34 2000 From: ntdom at webbhq.net (Rich Webb) Date: Tue Dec 2 02:29:45 2003 Subject: Question about Global groups Message-ID: <000101bfb62d$e09e0860$0605a8c0@romeo.webbhq.net> Does the domain controller code allow for global groups? I want to be able to use the samba server as a domain controller for my terminal server and use the policy editor to set up policies based on groups. If you have worked with policies, you will know that policies do not work with local groups (which is all that is available in a stand-alone server environment). So I am attempting to make the linux box provide global groups and act like an NT domain controller for the policies to work correctly. Is this possible yet? I don't want to install my terminal server as a domain controller because I don't want all the overhead of the domain controller functions slowing down my applications and I don't want to purchase NT Server solely for purpose of domain authentication. Rich From peter at cadcamlab.org Fri May 5 01:13:23 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! References: Message-ID: <14610.7416.112572.795370@wire.cadcamlab.org> [Seth Vidal ] > could that script be reposted > I missed it. Sure. This iteration, while still a kludge, is much more sophisticated than the kludge I posted a few hours ago. Requires: - Samba-TNG `rpcclient' in your path (not necessarily *installed*, per se) - GNU findutils ("find -print0 | xargs -0") - Linux with smbfs and a somewhat recent smbmount - NT clients, with the default administrative shares ADMIN$, C$, etc. Peter #!/bin/sh # # ILOVEYOU-REMOVE by Peter Samuelson , 3 May 2000 # with contributions by other NIAR admin staff # # HOW TO RUN: run this with computer names on the command line. # Change the next couple lines to reflect your domain and domain admin account # (usually "Administrator"). # # Theory of operation: # - removes winnt\win32dll.vbs, # winnt\system32\mskernel32.vbs, # winnt\system32\love-letter-for-you.txt.vbs # # - removes registry values: # HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSKernel32 # HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX # HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\win32dll # # - attempts to reset the MSIE start page for the current user: # HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page # NOTE that this only affects the current-logged-in user. # If any other users have logged on and been hit on this machine, # they will still have the bogus page in their profile. # You might think about just removing everyone's profile.... # # - attempts to remove every 10-kilobyte *.vbs on drives C, D, E and F # You may wish to edit this part. # BE CAREFUL if you have a lot of legitimate VBScript. if [ -z "$1" ]; then echo >&2 "usage: $0 machine1 machine2 ..." exit 1 fi domain=niar user=Administrator stty -echo; echo -n "$domain\\$user password: "; read pass; echo "" stty echo; exec 4> /tmp/$(basename $0).log for machine in "$@"; do echo "====================== $machine =======================" # We can't use HKEY_CURRENT_USER directly, because, well, we just can't. # We *can* go through HKEY_USERS. Here we enumerate it... echo -n "Current user(s) ... " sids=$(rpcclient -S $machine -W $domain -U ${user}%${pass} \ -c 'regenum hkey_users; quit;' | awk '/S-1-5-21/ { print $1 }') echo $sids echo -n "Blowing away major culprits ... " # the ADMIN$ share is normally NT's \WINNT directory. smbclient //$machine/admin\$ -W $domain -U ${user}%${pass} -c ' del win32dll.vbs; cd system32; del mskernel32.vbs; del love-letter-for-you.txt.vbs; ' >&4 2>&4 echo "done." # Registry diddling. echo -n "Frobbing registry ... " for sid in $sids; do creates="$creates regcreateval \"hkey_users\\$sid\\Software\\Microsoft\\Internet Explorer\\main\\Start Page\" 1 \"http://www.niar.twsu.edu/\";" done rpcclient -S $machine -W $domain -U ${user}%${pass} -c ' regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\run\mskernel32"; regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\runservices\win32dll"; regdeleteval "hkey_local_machine\software\microsoft\windows\currentversion\run\win-bugsfix"; '"$creates"' quit; ' >&4 2>&4 echo "done." # Try to mount the C$, D$, E$ and F$ shares in search of VBScript to destroy. # This part of the script is fragile. It frequently fails, with poor # diagnostics. Blame smbfs, and maybe the design of smbmount. mkdir -p /tmp/winmnt for dr in C D E F; do echo -n "Mounting //$machine/$dr\$ ... " if mount -t smbfs -o "workgroup=$domain,username=$user,password=$pass" \ //$machine/$dr\$ /tmp/winmnt >&4 2>&4; then echo "done." echo -n "Deleting suspect VBS files ... " find /tmp/winmnt \( -name '*.[Vv][Bb][Ss]' -size 10k \) -o -name WIN-BUGSFIX.EXE -print0 2>&- | xargs -0 rm -fv echo "done." umount /tmp/winmnt 2>&4 else echo "FAILED." fi done done From lkcl at samba.org Fri May 5 01:15:42 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) In-Reply-To: Message-ID: > After starting all the daemons (debug level = 3), I run: > > # samedit -S . -U root% > [root@.]$ createuser root > createuser root > Create Domain User: OK > [root@.]$q > > free_connections: closing all MSRPC connections > # more /usr/local/samba/private/smbpasswd > root:0:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO > PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU > ]:LCT-FFFFFFFF: > # > > This is an invalid entry, right? My [globals] section is: no, it's a valid entry, as you requested. you did not specify a password on the createuser command, therefore for security reasons, the entry is marked as _N_opassword, _D_isabled, _U_seraccounttype. From lkcl at samba.org Fri May 5 01:22:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: spoolss printing with NT In-Reply-To: Message-ID: On Thu, 4 May 2000, Jean Francois Micouleau wrote: > > On Thu, 4 May 2000, Luke Kenneth Casson Leighton wrote: > > > yeah, it's tricky, i'm trying to do something that keeps actual > > alter-context state, rather than "fake" the response like it is in cvs > > main. > > what for ? threads. > I never understood the real reason why there is an > alter-context on that pipe only (outside of the fact that if netmon and NT > share the same IDL then there is a small alignment bug in NT rpc bind > reply code). :) From alex at gs.nsc.ru Fri May 5 01:23:21 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:45 2003 Subject: ILOVEYOU worm (fwd) Message-ID: <200005050123.IAA25451@gs.nsc.ru> Forwarded message from bugtraq: The worm spreads via email as an attachments and via IRC as a DCC download. The first thing the worm does when executed is save itself to three different locations. Under the system directory as MSKernel32.vbs and LOVE-LETTER-FOR-YOU.TXT.vbs and under the windows directory as Win32DLL.vbs. It then creates a number of registry entries to execute these programs when the machine restarts. These entries are: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL It will also modify Internet Explorer's start page to point to a web page that downloads a binary called WIN-BUGSFIX.exe. It randomly selects between four different URLs: http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3Vbvg/WIN-BUGSFIX.exe http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy7thjg/WIN-BUGSFIX.exe I've not been able to obtain copy of the binary to figure out what it does. This does mean the worm has a dynamic components that may change its behavior any time the binary is changed and a new one downloaded. The worm then changes a number of registry keys to run the downloaded binary and to clean up after itself. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page about:blank The worm then creates an HTML file that helps it spread, LOVE-LETTER-FOR-YOU.HTM. This is the file DCC'ed to others on IRC. The worm then spreads to all addresses in the Windows Address Book by sending the file LOVE-LETTER-FOR-YOU.TXT.vbs as an attachment. The email starts: kindly check the attached LOVELETTER coming from me. Then the virus searches for attached drives looking for files with certain extensions. It overwrites files ending with vbs, and vbe. It overwrites files ending with js, jse, css, wsh, sct, and hta, and then renames them to end with vbs. It overwrites files ending with jpg and jpeg and appends .vbs to their name. It finds files with the name mp3 and mp3, creates vbs files with the same name and sets the hidden attribute in the original mp* files. The it looks for the mIRC windows IRC client and overwrites the script.ini file if found. It modifies this file to that it will DCC the LOVE-LETTER-FOR-YOU.HTM file to any people that join a channel the client is in. You can find the source of the worm at: http://www.securityfocus.com/templates/archive.pike?list=82&msg=3911840F.D7597030@thievco.com&part=.1 From lkcl at samba.org Fri May 5 01:30:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE In-Reply-To: Message-ID: On Thu, 4 May 2000, Mclaughlin, Marc wrote: > Hi, > > I cannot use USERMGR.EXE. When loading USERMGR.EXE, the domain members are > not listed. When attempting to add a user, I get an error saying "this > program has performed an illegal operation and will be shut down". Further hm. did you have the account in the unix database already? > api_fd_reply: INVALID PIPE HANDLE: 0 > api_fd_reply: INVALID PIPE HANDLE: 0 > api_fd_reply: INVALID PIPE HANDLE: 0 this is because of a previous crash and a reconnect. if you can locate the previous crash that would be very helpful. From mgeddes at xavier.sa.edu.au Fri May 5 01:54:49 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:45 2003 Subject: various "I Love You"s Message-ID: <391229E9.FBBC7C95@xavier.sa.edu.au> Gee, it obviously works, cause my mailbox has been flooded with mail. I haven't seen this much activity on this list for a while.... He He He. Sorry, too good to resist. Matt P.S. Luke: did you catch up on that sleep? Or are you just going to wait for next time? ;-) -- Matthew Geddes Network Manager Xavier College Gawler, SA mgeddes@xavier.sa.edu.au "Our goal for the next release of Windows 2000 is to have zero bugs." - Lucovsky, Microsoft From jeremy at valinux.com Fri May 5 02:13:20 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:45 2003 Subject: Adding users with usrmgr.exe References: Message-ID: <39122E40.4E345568@valinux.com> Luke Kenneth Casson Leighton wrote: > > smbpasswd is allways rw-------. samba changes to these permissions when not > > using these ... so there is no way for an non-uid 0 account to create a samba > > user :( > > this is not good, it's got to go. No, this is *essential* for security ! Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From Todd.Smeed at Home.Com Fri May 5 02:56:41 2000 From: Todd.Smeed at Home.Com (Todd W Smeed) Date: Tue Dec 2 02:29:45 2003 Subject: 204.255.44.11? Message-ID: <01BFB61C.0391F5A0.Todd.Smeed@Home.Com> Since upgrading my version to 2.0.6, I have been unable to re-add my server to the domain. once I enter the smbpasswd -j MYDOM I receive the request timeout : 204.255.44.11. Where did this IP come from. I have not changed anything since I upgraded. I have made sure the password server is ok, I have confirmed that all setting are the same. it used to work then it stopped, so I deleted it form the SAM and re-added it. now it goes to the internet for this IP. ???? Todd From peter at cadcamlab.org Fri May 5 03:20:40 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:45 2003 Subject: Question about Global groups References: <000101bfb62d$e09e0860$0605a8c0@romeo.webbhq.net> Message-ID: <14610.14480.618206.766665@wire.cadcamlab.org> [Rich Webb ] > Does the domain controller code allow for global groups? Yes. What you want should be possible. Peter From peter at cadcamlab.org Fri May 5 03:32:42 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:45 2003 Subject: Adding users with usrmgr.exe References: <39122E40.4E345568@valinux.com> Message-ID: <14610.16232.393300.888129@wire.cadcamlab.org> > > > smbpasswd is allways rw-------. samba changes to these permissions when not > > > using these ... so there is no way for an non-uid 0 account to create a samba > > > user :( [Luke Leighton] > > this is not good, it's got to go. [Jeremy Allison ] > No, this is *essential* for security ! Please, you two, don't go and have that argument again. (: Yes, it's (currently) essential that John Q. Public not be able to read smbpasswd (the file), but this could be just as well accomplished with smbpasswd (the utility) being setgid to a specialized group that has no power other than reading and writing smbpasswd (the file). smbpasswd (the utility) has no business being able to bind to low ports, change the system time, or read /var/spool/mail/*. Maybe we need: smbpasswd group = smbpass (default "smbpasswd group = 0") Peter From peter at cadcamlab.org Fri May 5 04:27:14 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:45 2003 Subject: gcc 2.95.2 for aix (was Re: Compiling 2.5 vs 2.5.2) References: <390F0295.B38649B5@hvcc.edu> <20000503180618.A16206@baerbel.mug.maschinenbau.tu-darmstadt.de> <391051CC.87A63D9A@hvcc.edu> Message-ID: <14610.19421.551146.297145@wire.cadcamlab.org> [William Jojo ] > I'm currently compiling 2.95.2 on 4.3.2 using gcc 2.8.1. I just got > past the "bigtoc" problem. Once completed, I'll send Luke a tarball, > unless you *really* want to do it :) http://peter.cadcamlab.org/misc/gcc-2.95.2-aix-4.3.2.tar.bz2 No C++, no Fortran, etc., just C. Three megs. Peter From lars at kneschke.de Fri May 5 05:20:08 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:45 2003 Subject: samba tng does not compile(latest cvs) Message-ID: <39125A08.3465B087@kneschke.de> [root@knecke source]# make Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba-tng/var" -DSMBLOGFILE="/opt/samba-tng/var/log.smb" -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" -DLOCKDIR="/opt/samba-tng/var/locks" -DSMBRUN="/opt/samba-tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" -DDRIVERFILE="/opt/samba-tng/lib/printers.def" -DBINDIR="/opt/samba-tng/bin" -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" -DSAM_DIR="/opt/samba-tng/sam" -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lreadline -lcurses -ldl -lcrypt Compiling rpc_client/cli_login.c with libtool In file included from include/includes.h:704, from rpc_client/cli_login.c:23: include/proto.h:425: parse error before `POSIX_ID' include/proto.h:427: parse error before `*' make: *** [rpc_client/cli_login.lo] Error 1 -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From D.Bannon at latrobe.edu.au Fri May 5 05:32:09 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:45 2003 Subject: TNG Compile error, "structure has no member named `name'" In-Reply-To: <3910BAFB.86DD1541@dynetics.com> Message-ID: <3.0.6.32.20000505153209.008d9ab0@bioserve.latrobe.edu.au> Hi All, A compile error with TNG, cvs this mornings (8:00am Aust EST). Redhat 6.2 gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) Kernal 2.2.14 The config command was : ./configure --prefix=/usr/local/samba-tng P100 with 32 meg Ram (OK, so its a test machine ! ) Compiling rpc_parse/parse_vuid.c with libtool rpc_parse/parse_vuid.c: In function `make_vuid_user_struct': rpc_parse/parse_vuid.c:70: structure has no member named `name' rpc_parse/parse_vuid.c: In function `vuid_io_user_struct': rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:118: structure has no member named `name' rpc_parse/parse_vuid.c:119: structure has no member named `name' make: *** [rpc_parse/parse_vuid.lo] Error 1 And its right too ! the structure conserned, 'user_struct' defined in include/smb.h does not have a member called name. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From lkcl at samba.org Fri May 5 05:44:58 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: TNG Compile error, "structure has no member named `name'" In-Reply-To: <3.0.6.32.20000505153209.008d9ab0@bioserve.latrobe.edu.au> Message-ID: use smb.h from yesterday. On Fri, 5 May 2000, David Bannon wrote: > Hi All, > A compile error with TNG, cvs this mornings (8:00am Aust EST). > > Redhat 6.2 > gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > Kernal 2.2.14 > The config command was : > ./configure --prefix=/usr/local/samba-tng > P100 with 32 meg Ram (OK, so its a test machine ! ) > > Compiling rpc_parse/parse_vuid.c with libtool > rpc_parse/parse_vuid.c: In function `make_vuid_user_struct': > rpc_parse/parse_vuid.c:70: structure has no member named `name' > rpc_parse/parse_vuid.c: In function `vuid_io_user_struct': > rpc_parse/parse_vuid.c:118: structure has no member named `name' > rpc_parse/parse_vuid.c:118: structure has no member named `name' > rpc_parse/parse_vuid.c:119: structure has no member named `name' > make: *** [rpc_parse/parse_vuid.lo] Error 1 > > > And its right too ! the structure conserned, 'user_struct' defined in > include/smb.h does not have a member called name. > > David > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > .... Humpty Dumpty was pushed ! > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri May 5 05:51:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: vuid.tdb grows very fast to a very large file In-Reply-To: <000d01bfb5e0$d8944280$cbe519c0@vegu.de> Message-ID: On Fri, 5 May 2000, A. Pohl wrote: > I have Samba_TNG 2.5 with 20 users. > > the file samba/var/locks/vuid.tdb grows to 10 MB in 3 hours! > In 2 days to 200 MB!!! > Then the PDC is unreachable. :( > What is wrong here? interesting. tee hee. i shall look at fixing this, for you. From lkcl at samba.org Fri May 5 06:03:00 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: ILOVEYOU In-Reply-To: Message-ID: well done, i always like receiving word macro viruses, especially when i run pine on a unix box. Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri May 5 06:12:23 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: ILOVEYOU In-Reply-To: Message-ID: On Fri, 5 May 2000, Ryan Yagatich wrote: > > we've been hit by this as well. so has Corporate Bank 1 and some others. > > here's how to remove it. > > delete from outlook. sorry, is that delete outlook depressed, or delete _from_ outlook depressed? From lkcl at samba.org Fri May 5 06:13:36 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: Loveletter Worm (fwd) Message-ID: Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals ---------- Forwarded message ---------- Date: Thu, 4 May 2000 13:10:48 -0400 From: Russ To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: Loveletter Worm Seems quite a few people have been hit with a new worm called Loveletter. I received a number of copies from infected folks, as well as several other warnings. I opened an infected message using Outlook 2000 with my customized zone settings (basically, everything set to prompt) and was not prompted at all (or warned in any way.) This, of course, on a system with no AV installed. This means, to me at least, that infection comes as a result of actually clicking on the attached VBS (Visual Basic Script). Of course its possible that other email clients might automatically invoke the script, particularly I assume HTML-based packages. I offer, once again, my two works on dealing with email and security; http://ntbugtraq.ntadvice.com/safemail.asp and http://ntbugtraq.ntadvice.com/outlookviews.asp Neither are intended to be a complete solution. You should contact your support group and find out what, if anything, you need to do to ensure your anti-virus programs are up-to-date. I know that Symantec, Datafellows, and even NAI have updated definitions available for this latest wave. Regardless of how much you might think someone is going to send you a love letter, you should treat any anonymous email as you would a knock at your door at 3:00am in the morning... I was particularly disturbed at receiving infected messages from RSA Security, Inc. and Xerox Corporation...oh how even the mighty can fall. Cheers, Russ - NTBugtraq Editor "dot-age" (as in "we're in the dot-age") = senility (source Webster's) From lkcl at samba.org Fri May 5 06:14:29 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** In-Reply-To: Message-ID: practically everybody, worldwide, has been affected. On Fri, 5 May 2000, Frederik Meerwaldt wrote: > Hi! > > WHO IS SENDING WITH VIRUS IN THIS LIST?! > > Ciao, > Freddy > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri May 5 06:32:04 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: Adding new users with USERMGR.EXE In-Reply-To: <3911EFEE.55329C70@grainsystems.com> Message-ID: On Fri, 5 May 2000, Kevin Colby wrote: > Michael Glauche wrote: > > Lars Kneschke wrote: > > > Michael Glauche wrote: > > > > > > > > for BDC this works with "add user script". Don't know if it is > > > > possible with PDC ... But I think it's not needed anymore if the > > > > "winbind" project succeeds .. ;) > > > > > > What is winbind good for? > > > > Something like NIS+ but with SMB as server, have a look at: > > http://advogato.org/proj/winbind/ > > Does anyone have some more detailed information on this? > Or perhaps a summary of what it currently does? > > (Is this a pie in the sky or something I could use?) it's in tng source/nsswitch, it's compiled by doing make bin/winbindd and make bin/ntdom.so. if you work them out, great. we're a bit busy getting them sorted out, so please work it out yourselves, for now. thanks From lkcl at samba.org Fri May 5 06:34:03 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! In-Reply-To: Message-ID: no! seth, you been around for a while: shame on you for starting a "me-too-posting", i thought those were reserved for aol.com users only :) go get it from http://samba.org/listproc/samba-ntdom! all the best, luke On Fri, 5 May 2000, Seth Vidal wrote: > > much thrashed this one to death, *and* one of our number has come up > > with a simple script that will disinfect a whole network in one shot. > > could that script be reposted > I missed it. > -sv > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From D.Bannon at latrobe.edu.au Fri May 5 06:42:07 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:45 2003 Subject: TNG Compile error, "structure has no member named `name'" In-Reply-To: References: <3.0.6.32.20000505153209.008d9ab0@bioserve.latrobe.edu.au> Message-ID: <3.0.6.32.20000505164207.008eabb0@bioserve.latrobe.edu.au> At 03:44 PM 05/05/2000 +1000, Luke Kenneth Casson Leighton wrote: >use smb.h from yesterday. > Hm... not there yet ..... Compiling rpc_client/cli_login.c with libtool In file included from include/includes.h:704, from rpc_client/cli_login.c:23: include/proto.h:425: parse error before `POSIX_ID' include/proto.h:427: parse error before `*' make: *** [rpc_client/cli_login.lo] Error 1 >> A compile error with TNG, cvs this mornings (8:00am Aust EST). >> >> Redhat 6.2 >> gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) >> Kernal 2.2.14 >> The config command was : >> ./configure --prefix=/usr/local/samba-tng >> P100 with 32 meg Ram (OK, so its a test machine ! ) >> ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From lkcl at samba.org Fri May 5 07:14:39 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: various "I Love You"s In-Reply-To: <391229E9.FBBC7C95@xavier.sa.edu.au> Message-ID: On Fri, 5 May 2000, Matthew Geddes wrote: > Gee, it obviously works, cause my mailbox has been flooded with mail. I > haven't seen this much activity on this list for a while.... > > He He He. Sorry, too good to resist. > > Matt > > P.S. Luke: did you catch up on that sleep? Or are you just going to wait > for next time? ;-) zzzblhwhat??? From lkcl at samba.org Fri May 5 07:35:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:45 2003 Subject: gcc 2.95.2 for aix (was Re: Compiling 2.5 vs 2.5.2) In-Reply-To: <14610.19421.551146.297145@wire.cadcamlab.org> Message-ID: *sigh* it's 2.95-2-aix-4.2 i need, not 4.3. On Fri, 5 May 2000, Peter Samuelson wrote: > > [William Jojo ] > > I'm currently compiling 2.95.2 on 4.3.2 using gcc 2.8.1. I just got > > past the "bigtoc" problem. Once completed, I'll send Luke a tarball, > > unless you *really* want to do it :) > > http://peter.cadcamlab.org/misc/gcc-2.95.2-aix-4.3.2.tar.bz2 > > No C++, no Fortran, etc., just C. Three megs. > > Peter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From m.g.ross at herts.ac.uk Fri May 5 07:46:23 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:45 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) In-Reply-To: Message-ID: > > root:0:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO > > PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU > > ]:LCT-FFFFFFFF: > > # > > > > This is an invalid entry, right? My [globals] section is: > > no, it's a valid entry, as you requested. > > you did not specify a password on the createuser command, therefore for > security reasons, the entry is marked as _N_opassword, _D_isabled, > _U_seraccounttype. Sorry, what I meant to say is that with previous versions of Samba (ie. 2.0.6 standard) each smbpasswd entry had many more fields, such as in this example from an old smbpasswd file: chris:114:0x0:0:0x0:[U ]:D39A56F77F16F766AAD3B435B51404EE:8112DCAAE E271 E437FB42571E51E2BCF:LNT-FFFFFFFF:LOT-FFFFFFFF:KOT-FFFFFFFF:LCT-38EDB215:CCT- FFFF FFFF:MCT-FFFFFFFF::/home/technical/comtcm:::\\bantam\user1\profiles\chris::: I gather the differences are because I'm now using TNG? That would explain much of the odd behaviour and crashes I have been getting as I only restarted the smbpasswd from scratch recently. That does make more sense to me now, as I used to get lots of errors about the format of the entries. Thanks, Matt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From paul.rogers at mis-cds.com Fri May 5 07:50:58 2000 From: paul.rogers at mis-cds.com (Paul Rogers) Date: Tue Dec 2 02:29:45 2003 Subject: WARNING - Love Letter Virus alert! Message-ID: Paul J Collins wrote: > A little behind the curve, aren't we? This list has already pretty > much thrashed this one to death, *and* one of our number has come up > with a simple script that will disinfect a whole network in one shot. Aaarrggghh I hate living in the UK! It took about 6-7 hours for this e-mail to land back at my desk after sending it, so therefore once it arrived on everyone elses desk, it was after the other postings. Apologies ppl. Cheers, Paul Rogers, Development Analyst. MIS Corporate Defence Solutions Limited Tel: +44 (0)1622 723422 (Direct Line) +44 (0)1622 723400 (Switchboard) Fax: +44 (0)1622 728580 Website: http://www.mis-cds.com/ > -----Original Message----- > From: Paul J Collins [mailto:pjdc@eircom.net] > Sent: 04 May 2000 23:24 > To: samba-ntdom@samba.org > Cc: Paul Rogers > Subject: Re: WARNING - Love Letter Virus alert! > > > >>>>> "Paul" == Paul Rogers writes: > > Paul> Hello, The Love Letter virus is currently doing the rounds > Paul> in Europe on a large scale. It will soon become clear > Paul> whether the US and the rest of the world is affected. Sorry > Paul> to mass mail but it has managed to bring a number of large > Paul> organisations to a halt today. > > A little behind the curve, aren't we? This list has already pretty > much thrashed this one to death, *and* one of our number has come up > with a simple script that will disinfect a whole network in one shot. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > ********************************************************************** The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the addressee. If you are not the addressee any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited. The views expressed in this e-mail are those of the individual and not necessarily of MIS Corporate Defense Solutions Ltd. Any prices quoted are only valid if followed up by a formal written quote. If you have received this transmission in error, please contact our Security Manager on 44 (0) 1622 723400. ********************************************************************** From simo.sorce at polimi.it Fri May 5 07:58:15 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:45 2003 Subject: *** Virus Alert (Mail Bounced) *** References: Message-ID: <39127F17.4225EABA@polimi.it> Luke Kenneth Casson Leighton wrote: > > practically everybody, worldwide, has been affected. > > On Fri, 5 May 2000, Frederik Meerwaldt wrote: > > > Hi! > > > > WHO IS SENDING WITH VIRUS IN THIS LIST?! > > > > Ciao, > > Freddy > > Hey man, every outlook user do not mean everybody. I've been at least reached, surely not affected as I read my mail in a Linux box!!! -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From alex at gs.nsc.ru Fri May 5 08:25:23 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:46 2003 Subject: UID, GID? Message-ID: <18642.000505@gs.nsc.ru> Hello, I'm using FreeBSD 4.0, gcc 2.95.2, PDC samba-tng-2.5 It seems samba PDC mixing users and groups. There is a user USER uid 1000, user USER1 uid 1001 and group GRP gid 1001, the same gid as USER1 uid. USER included in GRP, but USER1 didn't. samuser USER -g shows: SAM query User: USER From: MPOOL To: \\. Domain: GSN SID: S-1-5-21-452508853-406631926-770656427 User RID: 13a0 User Name: USER Members: ------- Member Name: Domain Guests Type: Domain Group Member Name: Domain Users Type: Domain Group Member Name: USER1 Type: User ^^^^^ But after deleting USER1 samuser USER -g : SAM Query User: USER From: MPOOL To: \\. Domain: GSN SID: S-1-5-21-452508853-406631926-770656427 User RID: 13a0 User Name: USER Members: ------- Member Name: Domain Guests Type: Domain Group Member Name: Domain Users Type: Domain Group Member Name: GRP Type: Domain Group usermgr under WIN2k behavies similar. Best regards, Alex mailto:alex@gs.nsc.ru From jeka at linuxfan.com Fri May 5 08:41:17 2000 From: jeka at linuxfan.com (Jetchko Jekov) Date: Tue Dec 2 02:29:46 2003 Subject: Samba as BDC Message-ID: <3912892D.7577633E@linuxfan.com> Hello, I have one question: Which ver of Samba can I use to perform a functions of Backup Domain Controler? My network contains PCs with Win95/Win98 and PDC is NT4/SP6 Thaks Jeka From lkcl at samba.org Fri May 5 09:03:24 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:46 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) In-Reply-To: Message-ID: On Fri, 5 May 2000, Matt Ross wrote: > > > root:0:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO > > > PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDU > > > ]:LCT-FFFFFFFF: > > > # > > > > > > This is an invalid entry, right? My [globals] section is: > > > > no, it's a valid entry, as you requested. > > > > you did not specify a password on the createuser command, therefore for > > security reasons, the entry is marked as _N_opassword, _D_isabled, > > _U_seraccounttype. > > Sorry, what I meant to say is that with previous versions of Samba (ie. > 2.0.6 standard) each smbpasswd entry had many more fields, such as in this > example from an old smbpasswd file: > > chris:114:0x0:0:0x0:[U ]:D39A56F77F16F766AAD3B435B51404EE:8112DCAAE > E271 > E437FB42571E51E2BCF:LNT-FFFFFFFF:LOT-FFFFFFFF:KOT-FFFFFFFF:LCT-38EDB215:CCT- > FFFF > FFFF:MCT-FFFFFFFF::/home/technical/comtcm:::\\bantam\user1\profiles\chris::: it did????????? it does????? uh... where in hell's name did you get THAT from????? ok, i need to know EXACTLY where you got your distribution of 2.0.6 from, and i'm going to have "words" with the people that supplied it. i just checked _all_ the versions of sampass.c in cvs main, tng, SAMBA_2_0 and SAMBA_2_0_RELEASE - *none* of them produce a file like this. if there is a binary distribution out there that is producing *different* smbpasswd files i want to KNOW about it. > I gather the differences are because I'm now using TNG? That would explain > much of the odd behaviour and crashes I have been getting as I only > restarted the smbpasswd from scratch recently. > > That does make more sense to me now, as I used to get lots of errors about > the format of the entries. wel... YEAH! From peter at cadcamlab.org Fri May 5 09:04:37 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:46 2003 Subject: WARNING - Love Letter Virus alert! References: <14610.7416.112572.795370@wire.cadcamlab.org> Message-ID: <14610.36315.363732.260816@wire.cadcamlab.org> > #!/bin/sh > # > # ILOVEYOU-REMOVE by Peter Samuelson , 3 May 2000 Stupid, stupid, STUPID bug. This > find /tmp/winmnt \( -name '*.[Vv][Bb][Ss]' -size 10k \) > -o -name WIN-BUGSFIX.EXE -print0 2>&- | xargs -0 rm -fv needs a \ at the end of the first line. I can't believe I didn't notice that this part wasn't working. *sigh* Peter From m.g.ross at herts.ac.uk Fri May 5 09:26:29 2000 From: m.g.ross at herts.ac.uk (Matt Ross) Date: Tue Dec 2 02:29:46 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) In-Reply-To: Message-ID: > it did????????? it does????? uh... where in hell's name did you get THAT > from????? I got it from the usual place. I'm not making this up (honest). When I first started with Samba a few months ago I started with the plain 2.0.6, moved up to 2.0.7pre4, then the main Samba CVS (pre 3.0) version. The only thing I used to do differently is NIS+. All our unix accounts are on NIS+, and initially I used './configure --with-nisplus --with-nisplus-home'. As NIS+ support seemed very flaky to me (it usually wouldn't even compile with it on), I stopped using it. I only started using the TNG branch when I realised PDC functionality did not work consistently for me (about a month ago). > ok, i need to know EXACTLY where you got your distribution of 2.0.6 from, > and i'm going to have "words" with the people that supplied it. i just > checked _all_ the versions of sampass.c in cvs main, tng, SAMBA_2_0 and > SAMBA_2_0_RELEASE - *none* of them produce a file like this. NIS+ table support is the only difference from a normal install that I used to use. > if there is a binary distribution out there that is producing *different* > smbpasswd files i want to KNOW about it. Oops. Hope I haven't started a fight. Matt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Principal Technical Officer Faculty of Engineering and Information Sciences University of Hertfordshire Phone: +44 (0)1707 286297 (3297 Internal) E-Mail: m.g.ross@herts.ac.uk WWW: http://fly.to/mgr -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From ralph.schuster at oetv.de Fri May 5 09:26:06 2000 From: ralph.schuster at oetv.de (Ralph Schuster) Date: Tue Dec 2 02:29:46 2003 Subject: NT - unix password sync works for AIX after some change in chgpasswd.c Message-ID: <391293AE.F97FAA56@syskoplan.de> Hi all, NT - unix password synchronisation works for AIX 4.21, if one performs some (hopefully) minor changes in the source file "chgpasswd.c". I tried to configure "unix password sync" for samba 2.0.6 on a RS6000 with AIX 4.21. However, looking in the log file - with log level 100 - it seemed that samba doesn't chat with the unix passwd program. The problem was hidden in the function "dochild", where the function call ioctl(slave, I_PUSH, "ldterm"); in line 137 causes an (uncontrolled) interrupt. After commenting this line out, the problem disappeared. I think this problem will affect several unix dialects. I'm not a specialist in programming user-kernel process communications, so I don't know whether I opened some holes. Can anybody tell me something? At Last a hint: There will be a ADMCHG flag in /etc/security/passwd if root changes a password of a user. This causes the user to change his password when he logs in. My personal solution to circumvent this annoying feature is by adding the lines #ifdef AIX pstrcat(passwordprogram,"; pwdadm -c "); pstrcat(passwordprogram,name); #endif to the source code. The shell command "pwdadm -c" removes all (!!) flags for the user in /etc/security/passwd. Sorry for putting this mail to this place, but I don't know where the best place is for it. ciao Ralph From lkcl at samba.org Fri May 5 09:35:41 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:46 2003 Subject: samedit not creating valid smbpasswd entry (2.5.3 TNG) In-Reply-To: Message-ID: On Fri, 5 May 2000, Matt Ross wrote: > > it did????????? it does????? uh... where in hell's name did you get THAT > > from????? > > I got it from the usual place. I'm not making this up (honest). When I first > started with Samba a few months ago I started with the plain 2.0.6, moved up ok, now i'm *really* confused. > NIS+ table support is the only difference from a normal install that I used > to use. > > > if there is a binary distribution out there that is producing *different* > > smbpasswd files i want to KNOW about it. > > Oops. Hope I haven't started a fight. no... From damen at scintilla.utwente.nl Fri May 5 12:35:10 2000 From: damen at scintilla.utwente.nl (M.S. Damen) Date: Tue Dec 2 02:29:46 2003 Subject: Problems building samba tng from cvs Message-ID: Hi, today I got tng samba from cvs but I get an error while compiling: [root@cc7986-a source]# make Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba-tng/var" -DSMBLOGFILE="/opt/samba-tng/var/log.smb" -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" -DLOCKDIR="/opt/samba-tng/var/locks" -DSMBRUN="/opt/samba-tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" -DDRIVERFILE="/opt/samba-tng/lib/printers.def" -DBINDIR="/opt/samba-tng/bin" -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" -DSAM_DIR="/opt/samba-tng/sam" -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lreadline -lcurses -ldl -lcrypt Compiling rpc_client/cli_login.c with libtool In file included from include/includes.h:704, from rpc_client/cli_login.c:23: include/proto.h:425: parse error before `POSIX_ID' include/proto.h:427: parse error before `*' make: *** [rpc_client/cli_login.lo] Error 1 [root@cc7986-a source]# ---------------------------------------------------- Anyone an idea? Tnx, Martijn From jens.skripczynski at igd.fhg.de Fri May 5 12:47:56 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:46 2003 Subject: Problems building samba tng from cvs In-Reply-To: ; from damen@scintilla.utwente.nl on Fri, May 05, 2000 at 10:36:44PM +1000 References: Message-ID: <20000505144756.A22273@pclinux.igd.fhg.de> M.S. Damen: > Hi, > > today I got tng samba from cvs but I get an error while compiling: Sorry you did not supply enough information. Please see: SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt SAMBA-TNG FAQ http://www.kneschke.de/projekte/samba_tng/index.php3 Mailinglist subscribtion Web Interface: http://lists.samba.org/cgi-bin/weblist Old Mailinglist digest http://us1.samba.org/listproc/samba-ntdom/ Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From jens.skripczynski at igd.fhg.de Fri May 5 12:51:16 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:46 2003 Subject: Bug reports... In-Reply-To: <20000407172610.B30170@pclinux.igd.fhg.de>; from jens.skripczynski@igd.fhg.de on Fri, May 05, 2000 at 10:49:15PM +1000 References: <20000407172610.B30170@pclinux.igd.fhg.de> Message-ID: <20000505145115.A22343@pclinux.igd.fhg.de> > [....] Sorry bounced the wrong one to the wrong list. Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From gosha at arvid.ee Fri May 5 12:32:19 2000 From: gosha at arvid.ee (Dmitri B.Gofmekler) Date: Tue Dec 2 02:29:46 2003 Subject: TNG-2.5.3. Unable to access the files on the PDC. Message-ID: <4.3.1.0.20000505153118.00bbd910@mail> Hi, The problem is the following: I can login into the domain but can not access any shares on PDC. PDC running Samba-TNG-alpha-2.5.3, RedHAT 6.1 (Samba configured to bind to the second LAN card (eth1) and loopback lo) Client - Windows NT 4.0 Workstation SP5. Compressed my log files (log level = 100): http://www.arvid.ee/opt.samba-tng.var.tar.bz2 And the smb.conf file is: smb.conf: ================================================================ [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = MASTER workgroup = ARVID interfaces = 192.168.0.1 127.0.0.1 bind interfaces only = True name resolve order = lmhosts host wins dns #log level = 100 #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /opt/samba-tng/private/domaingroup.map domain alias map = /opt/samba-tng/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes admin users = gosha root #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = U: logon home = \\%L\%U logon path = \\%L\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /opt/samba-tng/profile writeable = yes browseable = no [web] path = /home/httpd read only = no [1s] path = /home/1s #browseable = no public = yes comment = Accountant database writeable = yes force group = arvid create mask = 0770 directory mask = 0770 force create mode = 0770 force directory mode = 0770 [arvid] path = /share/arvid browseable = yes comment = A-Arvid Computers work files. writeable = yes force group = arvid create mask = 0770 directory mask = 0770 force create mode = 0770 force directory mode = 0770 [doc] path = /usr/doc browseable = yes read only = yes comment = /usr/doc standart linux documentation ================================================================ Thanks in advance for any help, Sincerely yours, ---- Dmitri B. Gofmekler , ICQ: 8168758 ---- "http://www.sill.ee/~gosha/gosha.asc" - for PGP Encrypted messages. ===================================== Phone: (+372) 6 563981 Fax: (+372) 6 563000 A-Arvid Computers Ltd. < http://www.arvid.ee > From jens.skripczynski at igd.fhg.de Fri May 5 13:40:44 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:46 2003 Subject: TNG-2.5.3. Unable to access the files on the PDC. In-Reply-To: <4.3.1.0.20000505153118.00bbd910@mail>; from gosha@arvid.ee on Fri, May 05, 2000 at 11:35:49PM +1000 References: <4.3.1.0.20000505153118.00bbd910@mail> Message-ID: <20000505154044.A22711@pclinux.igd.fhg.de> Dmitri B.Gofmekler: > Hi, > > The problem is the following: I can login into the domain but can not > access any shares on PDC. > > PDC running Samba-TNG-alpha-2.5.3, RedHAT 6.1 > (Samba configured to bind to the second LAN card (eth1) and loopback lo) > > Client - Windows NT 4.0 Workstation SP5. > > Compressed my log files (log level = 100): > http://www.arvid.ee/opt.samba-tng.var.tar.bz2 Two questions: Can you login using 'rpcclient' and 'smbclient' ? Can you access the shares 'smbclient' ? Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From gosha at arvid.ee Fri May 5 12:51:29 2000 From: gosha at arvid.ee (Dmitri B.Gofmekler) Date: Tue Dec 2 02:29:46 2003 Subject: TNG-2.5.3. Unable to access the files on the PDC. In-Reply-To: <20000505154044.A22711@pclinux.igd.fhg.de> References: <4.3.1.0.20000505153118.00bbd910@mail> <4.3.1.0.20000505153118.00bbd910@mail> Message-ID: <4.3.1.0.20000505154850.00bc9bc0@mail> At 03:40 PM 05.05.00 +0200, you wrote: >Can you login using 'rpcclient' and 'smbclient' ? Samedit, such as rpcclient does not works. >Can you access the shares 'smbclient' ? No, can't in case if NT Box logged into domain. Win9x clients in this case unable to access to NT shares too. Thx, ---- Dmitri B. Gofmekler , ICQ: 8168758 ---- "http://www.sill.ee/~gosha/gosha.asc" - for PGP Encrypted messages. ===================================== Phone: (+372) 6 563981 Fax: (+372) 6 563000 A-Arvid Computers Ltd. < http://www.arvid.ee > From marc.mclaughlin at eds.com Fri May 5 14:13:37 2000 From: marc.mclaughlin at eds.com (Mclaughlin, Marc) Date: Tue Dec 2 02:29:46 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE Message-ID: But do I need to add users to the Unix password file if I am using LDAP? -----Original Message----- From: Luke Kenneth Casson Leighton [mailto:lkcl@samba.org] Sent: 05 May 2000 02:31 To: Mclaughlin, Marc Cc: Multiple recipients of list SAMBA-NTDOM Subject: Re: TNG 2.5.3 - problems with USERMGR.EXE On Thu, 4 May 2000, Mclaughlin, Marc wrote: > Hi, > > I cannot use USERMGR.EXE. When loading USERMGR.EXE, the domain members are > not listed. When attempting to add a user, I get an error saying "this > program has performed an illegal operation and will be shut down". Further hm. did you have the account in the unix database already? > api_fd_reply: INVALID PIPE HANDLE: 0 > api_fd_reply: INVALID PIPE HANDLE: 0 > api_fd_reply: INVALID PIPE HANDLE: 0 this is because of a previous crash and a reconnect. if you can locate the previous crash that would be very helpful. From jens.skripczynski at igd.fhg.de Fri May 5 14:24:37 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:46 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE In-Reply-To: ; from marc.mclaughlin@eds.com on Sat, May 06, 2000 at 12:14:54AM +1000 References: Message-ID: <20000505162436.A29706@pclinux.igd.fhg.de> Mclaughlin, Marc: > But do I need to add users to the Unix password file if I am using LDAP? Always... Samba need a proper uid to access files... Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From marc.mclaughlin at eds.com Fri May 5 15:44:45 2000 From: marc.mclaughlin at eds.com (Mclaughlin, Marc) Date: Tue Dec 2 02:29:46 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE Message-ID: In that case I may have a problem. I'll give you some background as to why I was trying Samba TNG. At present, I look after a load of firewalls. Behind these firewalls we have employees of our company working at customer sites. In order for them to access our company web servers, they use anything up to 5 passwords before they get through. 1) I would like to create a Samba-controlled NT domain, which is trusted by the webservers. The Samba domain authenticates users against an LDAP directory, which is also used by the firewall therefore cutting down on some passwords. 2) I also want support staff to be able to use USERMGR so that they can add users to the Samba domain. They will be Domain administrators of another domain which the Samba domain will trust. 3) Due to the numbers of users involved (pilot will start with about 600 users), I do not want to have to maintain a password file as well as adding users with USERMGR and the Firewall Account Management tool. I do not need file sharing, just domain authentication. So, based on the current status of SAMBA TNG, is this possible? Thanks, Marc -----Original Message----- From: Jens Skripczynski [mailto:jens.skripczynski@igd.fhg.de] Sent: 05 May 2000 15:27 To: Multiple recipients of list SAMBA-NTDOM Subject: Re: TNG 2.5.3 - problems with USERMGR.EXE Mclaughlin, Marc: > But do I need to add users to the Unix password file if I am using LDAP? Always... Samba need a proper uid to access files... Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From ralf at is.rice.edu Fri May 5 16:04:03 2000 From: ralf at is.rice.edu (Alfredo Ramos) Date: Tue Dec 2 02:29:46 2003 Subject: passwords Message-ID: I was just noticing the following from a previous posting: On Mon, 1 May 2000, Michael Glauche wrote: > > Hi all. I'm currently having problems with changing passwords under NT and > > having this new password being stored in /etc/yp/passwd and smbpasswd. Is this true?? Are samba passwords stored in /etc/yp/passwd and smbpasswd? Is the /etc/yp/ path hardcoded? Are machine passwords also in /etc/yp/passwd? Under 2.0.6 and before, samba is able to find the unix passwords whereever they might live, and machine passwords lived only in smbpasswd. Did authentication change within TNG? I'm wondering, maybe that's why I can't seem to be able to make an NT machine join a domain or even establish an smbclient session from a unix box. Running Solaris 2.6 and TNG-2.5.X Please help! Al. --------------------------------------------------------------------------------- | Alfredo Ramos This space available for rent. | New Media & Student Computing Get your product moving. Advertise here! | Rice University. | Email: ralf@is.rice.edu --------------------------------------------------------------------------------- From David.Bear at asu.edu Fri May 5 16:29:56 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:46 2003 Subject: smbwrapper vs smbmount Message-ID: Just going through the O'Reilly "Using Samba". On p 34 it mentiones a problem with smbwrapper and libc v2.1 on Red Hat. I'm using Caldera and my libc is 2.2.1-1 -- anyone know if there is still a problem with that and the latest 2.0.7 release? Also, I'm still not clear as to the difference between --with-smbwrapper and using smbmount ? The book indicates smbwrapper is more "portable" across unicies... I've used smbmount on caldera with great success. So, now that I'm ungrading to 2.0.7 I just want to be carefull and choose the 'best' option. BTW, I may also be doing this on FreeBSD as well -- if that makes a difference. David Bear College of Public Programs/ASU From peter at cadcamlab.org Fri May 5 17:34:07 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:46 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE References: <20000505162436.A29706@pclinux.igd.fhg.de> Message-ID: <14611.1471.23709.982896@wire.cadcamlab.org> [Marc Mclaughlin] > > But do I need to add users to the Unix password file if I am using LDAP? [Jens Skripczynski ] > Always... No, not if your Unix host is also using LDAP. Samba just needs to be able to look up users. It doesn't have /etc/passwd hard-coded in. Peter From peter at cadcamlab.org Fri May 5 17:46:51 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:46 2003 Subject: SAMBA & Printing to a WinX share References: <4.3.2.20000504101600.025c7410@mail.digisolv.com> Message-ID: <14611.1654.438987.598234@wire.cadcamlab.org> [Gerry George ] > PhotoEX:\ > :sd=/var/spool/lpd/PhotoEX:\ > :mx#0:\ > :sh:\ > :if=/var/spool/lpd/PhotoEX/filter:\ > :af=/var/spool/lpd/PhotoEX/acct:\ > :lp=/dev/null: [...] > I notice that there is no reference to the target machine in the > second instance, nor the fact that it is an SMB-accessed printer. The standard Berkeley printer daemon (lpd) does not directly support SMB. So the usual way to handle this is to set up your input filter (the "if=" field) to a script that calls `smbclient' -- and then to set your print device ("lp=") to /dev/null. So check your /var/spool/lpd/PhotoEX/filter script, and get back to us. > PS: For you NT experts, how do I force a share off? I do not wish to > share drive C:, yet everytime I turn off the share of "C:" and > "C:\WINNT" it comes back. Dunno. That's weird. We've never had any trouble with this. Peter From pjdc at eircom.net Fri May 5 18:01:33 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:46 2003 Subject: WARNING - Love Letter Virus alert! In-Reply-To: Paul Rogers's message of "Fri, 5 May 2000 17:52:13 +1000" References: Message-ID: >>>>> "Paul" == Paul Rogers writes: Paul> Aaarrggghh I hate living in the UK! It took about 6-7 hours Paul> for this e-mail to land back at my desk after sending it, so Paul> therefore once it arrived on everyone elses desk, it was Paul> after the other postings. Apologies ppl. Hmmmm. I live in Ireland, and I find that list messages get to me pretty promptly. Definitely not with a six to seven hour delay. I'd be inclined to investigate your delay, if I were you. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri May 5 18:06:46 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:46 2003 Subject: smbwrapper vs smbmount In-Reply-To: iddwb's message of "Sat, 6 May 2000 02:31:51 +1000" References: Message-ID: >>>>> "iddwb" == iddwb writes: iddwb> Just going through the O'Reilly "Using Samba". On p 34 it iddwb> mentiones a problem with smbwrapper and libc v2.1 on Red iddwb> Hat. I'm using Caldera and my libc is 2.2.1-1 -- anyone iddwb> know if there is still a problem with that and the latest iddwb> 2.0.7 release? I seem to recall reading a post saying that GNU libc 2.1 has changes made that meant that smbwrapper was no longer able to override the filesystem calls necessary to provide transparent access to smb shares. I don't believe that this problem would be specific to Red Hat. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mg at plum.de Fri May 5 19:05:14 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:46 2003 Subject: Adding users with usrmgr.exe In-Reply-To: <14610.16232.393300.888129@wire.cadcamlab.org> Message-ID: <4074375256.957557114@[10.1.1.2]> --On Freitag, 5. Mai 2000 13:34 +1000 Peter Samuelson wrote: > >> > > smbpasswd is allways rw-------. samba changes to these permissions >> > > when not using these ... so there is no way for an non-uid 0 account >> > > to create a samba user :( > [Luke Leighton] >> > this is not good, it's got to go. > > [Jeremy Allison ] >> No, this is *essential* for security ! > > Please, you two, don't go and have that argument again. (: > > Yes, it's (currently) essential that John Q. Public not be able to read > smbpasswd (the file), but this could be just as well accomplished with > smbpasswd (the utility) being setgid to a specialized group that has no > power other than reading and writing smbpasswd (the file). smbpasswd > (the utility) has no business being able to bind to low ports, change > the system time, or read /var/spool/mail/*. Maybe we need: > > smbpasswd group = smbpass > > (default "smbpasswd group = 0") Hmm .. I like that Idea. So you simply could put that group into the "Domain Admin" group ... regards, Michael From pjdc at eircom.net Fri May 5 18:20:24 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:46 2003 Subject: Adding users with usrmgr.exe In-Reply-To: Michael Glauche's message of "Sat, 6 May 2000 04:06:45 +1000" References: <4074375256.957557114@[10.1.1.2]> Message-ID: >>>>> "Michael" == Michael Glauche writes: Michael> Hmm .. I like that Idea. So you simply could put that Michael> group into the "Domain Admin" group ... Nope. Global groups cannot contain other groups. However, there is nothing to stop you granting user-management privileges by adding users to smbpass, unless there are also other controls that also need to be relaxed for said users. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From peter at cadcamlab.org Fri May 5 18:23:45 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:47 2003 Subject: Adding users with usrmgr.exe References: <4074375256.957557114@[10.1.1.2]> Message-ID: <14611.4445.964783.161654@wire.cadcamlab.org> [Michael Glauche ] > > Hmm .. I like that Idea. So you simply could put that group into > > the "Domain Admin" group ... [Paul J Collins ] > Nope. Global groups cannot contain other groups. I think he meant the other way around. Put "Domain Admins" into your smbpasswd group, which I guess could be considered local for this purpose.... ? Peter From pjdc at eircom.net Fri May 5 18:59:14 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: Adding users with usrmgr.exe In-Reply-To: Peter Samuelson's message of "Sat, 6 May 2000 04:27:06 +1000" References: <4074375256.957557114@[10.1.1.2]> <14611.4445.964783.161654@wire.cadcamlab.org> Message-ID: >>>>> "Peter" == Peter Samuelson writes: Peter> I think he meant the other way around. Put "Domain Admins" Peter> into your smbpasswd group, which I guess could be Peter> considered local for this purpose.... ? The thing is, Unix has no way of representing this in its own password and group databases, whereas adding users directly to smbpass is a snap. ("Netgroups" notwithstanding; I know nothing about NIS/NIS+.) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jeremy at valinux.com Fri May 5 19:55:44 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:47 2003 Subject: Wrong KOI8 --> 866 convertation (Bug report) References: <7500.000504@mail.khstu.ru> Message-ID: <39132740.8D22FA2@valinux.com> "A.V.Shutko" wrote: > > OS : FreeBSD 3.3-RELEASE #1: Tue Feb 22 19:12:08 VLAT 2000 > Compiler : gcc version 2.7.2.3 > CVS-Branch : SAMBA_TNG > Version/Date : 2.5.3 / 03.05.00 9:10 > Error Type : reproduceable > Short Desc. : Wrong KOI8 --> 866 convertation > Trigger : If i rename file.txt on network drive to Russian > it disappears (but I can view it on Unix disk - > its name in KOI8). All files in Russian are not > showing on smb shares. > > Fix : This is because of dual filename encoding in > /smbd/vfs.c > > //------------------------------------------------------------------------ > { > static pstring buf; > memcpy(buf, dname, NAMLEN(ptr)+1); > THIS****** unix_to_dos(buf, True); > dname = buf; > } > > AND THIS***** unix_to_dos(dname, True); // I removed this and all > work fine. > > return(dname); > } Thanks for that fix - I've added it to TNG and HEAD. Cheers, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From kevinc at grainsystems.com Fri May 5 21:55:33 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share References: <4.3.2.20000504101600.025c7410@mail.digisolv.com> <14611.1654.438987.598234@wire.cadcamlab.org> Message-ID: <39134355.1ADAB7FD@grainsystems.com> > PS: For you NT experts, how do I force a share off? I do not wish to > share drive C:, yet everytime I turn off the share of "C:" and > "C:\WINNT" it comes back. That's NT for you. IIRC, you can't stop it. - Kevin Colby kevinc@grainsystems.com From ctooley at joslyn.org Sat May 6 00:40:23 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share References: <4.3.2.20000504101600.025c7410@mail.digisolv.com> <14611.1654.438987.598234@wire.cadcamlab.org> <39134355.1ADAB7FD@grainsystems.com> Message-ID: <391369F7.33BCB2D1@joslyn.org> These "Administrative Shares" can not be removed without considerable work. However I hear rumors (though I've never seen it accomplished) that there are hacks out there that make them go away. Chris Tooley Kevin Colby wrote: > > PS: For you NT experts, how do I force a share off? I do not wish to > > share drive C:, yet everytime I turn off the share of "C:" and > > "C:\WINNT" it comes back. > > That's NT for you. IIRC, you can't stop it. > > - Kevin Colby > kevinc@grainsystems.com From anders at aae.wisc.edu Fri May 5 23:43:08 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:47 2003 Subject: Problems building samba tng from cvs (fwd) Message-ID: <200005052343.SAA05165@pug.aae.wisc.edu> I'm having the _exact_ same problem. Commenting out those two lines causes the program to continue. This might be some gcc problem. I've seen the problem on the following machines: 1: RedHat 6.2, w/ libc 2.1.3 gcc ver. 2.99.61 2: Debian 2.2 w/ libc 2.1.3 gcc ver. 2.95.2 3: Debian 2.1 w/ libc 2.0.7 gcc ver. 2.95.2 All with Linux 2.2.14 / 2.2.13. I've not been having enough time to track this one down, but it applies to cvs tng from last Sunday till now.... --Anders ----- Forwarded message from M.S. Damen ----- -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lreadline -lcurses -ldl -lcrypt Compiling rpc_client/cli_login.c with libtool In file included from include/includes.h:704, from rpc_client/cli_login.c:23: include/proto.h:425: parse error before `POSIX_ID' include/proto.h:427: parse error before `*' make: *** [rpc_client/cli_login.lo] Error 1 [root@cc7986-a source]# ---------------------------------------------------- Anyone an idea? Tnx, Martijn ----- End of forwarded message from M.S. Damen ----- From ntdom at webbhq.net Sat May 6 05:36:04 2000 From: ntdom at webbhq.net (Rich Webb) Date: Tue Dec 2 02:29:47 2003 Subject: samba-tng Message-ID: <000401bfb71c$f88200e0$0605a8c0@romeo.webbhq.net> I guess that it is samba-tng that I want in order to do anything with domain controller code. I retrieved the cvs sources as was instructed, but I cannot make it compile correctly. I have read several messages on this list pertaining to the error that I am having, and they all say to use smb.h from yesterday. I tried that as well, and it still doesn't work. Also I'm wondering if samba-2.1 is the same as samba-tng? I have successfully compiled 2.1 on my system, but every time I try to execute the binary, it core dumps on me. I am on Redhat 6.2 on a PII 350 with 256mb of ram. The following is an excerpt from the compile: Using LIBS = -lreadline -lcurses -ldl -lcrypt Compiling rpc_client/cli_login.c with libtool In file included from include/smb.h:1686, from include/includes.h:651, from rpc_client/cli_login.c:23: include/rpc_creds.h:66: parse error before `NET_USER_INFO_3' include/rpc_creds.h:66: warning: no semicolon at end of struct or union include/rpc_creds.h:69: parse error before `}' include/rpc_creds.h:69: warning: data definition has no type or storage class include/rpc_creds.h:73: parse error before `CREDS_HYBRID' .... Content clipped .... include/rpc_client_proto.h:38: warning: data definition has no type or storage c lass include/rpc_client_proto.h:711: parse error before `*' include/rpc_client_proto.h:713: parse error before `*' include/rpc_client_proto.h:718: parse error before `*' include/rpc_client_proto.h:727: parse error before `*' include/rpc_client_proto.h:730: parse error before `*' rpc_client/cli_login.c: In function `cli_nt_setup_creds': rpc_client/cli_login.c:105: storage size of `creds' isn't known make: *** [rpc_client/cli_login.lo] Error 1 Lots and lots of parse errors in between these two sections. Any help would be appreciated. Rick From sharpe at ns.aus.com Sat May 6 06:49:26 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share In-Reply-To: <14611.1654.438987.598234@wire.cadcamlab.org> References: <4.3.2.20000504101600.025c7410@mail.digisolv.com> Message-ID: <3.0.6.32.20000506154926.00966210@203.16.214.248> At 03:49 AM 5/6/00 +1000, Peter Samuelson wrote: > >[Gerry George ] >> PhotoEX:\ >> :sd=/var/spool/lpd/PhotoEX:\ >> :mx#0:\ >> :sh:\ >> :if=/var/spool/lpd/PhotoEX/filter:\ >> :af=/var/spool/lpd/PhotoEX/acct:\ >> :lp=/dev/null: >[...] >> I notice that there is no reference to the target machine in the >> second instance, nor the fact that it is an SMB-accessed printer. > >The standard Berkeley printer daemon (lpd) does not directly support >SMB. So the usual way to handle this is to set up your input filter >(the "if=" field) to a script that calls `smbclient' -- and then to set >your print device ("lp=") to /dev/null. There is already such a script included with Samba: smbprint. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From lars at kneschke.de Sat May 6 07:38:09 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again Message-ID: <3913CBE1.3A22FFDE@kneschke.de> Hello coders! That's the error message: [root@knecke source]# make Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba-tng/var" -DSMBLOGFILE="/opt/samba-tng/var/log.smb" -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" -DLOCKDIR="/opt/samba-tng/var/locks" -DSMBRUN="/opt/samba-tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" -DDRIVERFILE="/opt/samba-tng/lib/printers.def" -DBINDIR="/opt/samba-tng/bin" -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" -DSAM_DIR="/opt/samba-tng/sam" -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lreadline -lcurses -ldl -lcrypt Compiling lib/sursalgdomonly.c with libtool lib/sursalgdomonly.c: In function `surs_algdomonly_sam_sid_to_unixid': lib/sursalgdomonly.c:99: `SURS_POSIX_UID_AS_USR' undeclared (first use in this function) lib/sursalgdomonly.c:99: (Each undeclared identifier is reported only once lib/sursalgdomonly.c:99: for each function it appears in.) lib/sursalgdomonly.c:104: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:109: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c: In function `surs_algdomonly_unixid_to_sam_sid': lib/sursalgdomonly.c:130: `SURS_POSIX_UID_AS_USR' undeclared (first use in this function) lib/sursalgdomonly.c:135: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:140: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c:132: warning: unreachable code at beginning of switch statement make: *** [lib/sursalgdomonly.lo] Error 1 Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From Skripi at hrzpub.tu-darmstadt.de Sat May 6 12:27:18 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again In-Reply-To: <3913CBE1.3A22FFDE@kneschke.de>; from lars@kneschke.de on Sat, May 06, 2000 at 05:50:05PM +1000 References: <3913CBE1.3A22FFDE@kneschke.de> Message-ID: <20000506142718.A1819@shadowland.sc> Lars Kneschke: > Hello coders! > > That's the error message: > > [root@knecke source]# make > [...] > make: *** [lib/sursalgdomonly.lo] Error 1 I get the same compile error on my Linux, too. ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- error: see Lars Mail... Why do all these compile's fail on linux boxes ? Does the rest use Solaris ? Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From os at nfgs.essex.sch.uk Sat May 6 16:10:18 2000 From: os at nfgs.essex.sch.uk (James Osbourn) Date: Tue Dec 2 02:29:47 2003 Subject: Cannot start semaphore when starting samba Message-ID: <391443EA.5B250081@nfgs.essex.sch.uk> I am running version 2.0.5a of samba. I have just performed a solaris 7 upgrade and am now not able to get samba going again. The smbd & nmbd processes start, but on running smbstatus i get Samba version 2.0.5a Service uid gid pid machine ---------------------------------------------- ERROR: root did not create the semaphore ERROR: Failed to initialise share modes Can't initialise shared memory - exiting Also, as a result, when we try and connect from a pc we get "netrwork name cannot be found" I believe that it is something that has happened as a result of the upgrade, but would be grateful for any info. thanks James From lars at kneschke.de Sat May 6 18:31:06 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again References: <3913CBE1.3A22FFDE@kneschke.de> Message-ID: <391464EA.501D612A@kneschke.de> Lars Kneschke wrote: > > Hello coders! > > That's the error message: > > [root@knecke source]# make > Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper > -DLOGFILEBASE="/opt/samba-tng/var" > -DSMBLOGFILE="/opt/samba-tng/var/log.smb" > -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" > -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" > -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" > -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" > -DLOCKDIR="/opt/samba-tng/var/locks" > -DSMBRUN="/opt/samba-tng/bin/smbrun" > -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" > -DDRIVERFILE="/opt/samba-tng/lib/printers.def" > -DBINDIR="/opt/samba-tng/bin" > -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" > -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H > -DPASSWD_PROGRAM="/bin/passwd" > -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" > -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" > -DSAM_DIR="/opt/samba-tng/sam" > -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" > -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" > -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" > Using LIBS = -lreadline -lcurses -ldl -lcrypt > Compiling lib/sursalgdomonly.c with libtool > lib/sursalgdomonly.c: In function `surs_algdomonly_sam_sid_to_unixid': > lib/sursalgdomonly.c:99: `SURS_POSIX_UID_AS_USR' undeclared (first use > in this function) > lib/sursalgdomonly.c:99: (Each undeclared identifier is reported only > once > lib/sursalgdomonly.c:99: for each function it appears in.) > lib/sursalgdomonly.c:104: `SURS_POSIX_GID_AS_ALS' undeclared (first use > in this function) > lib/sursalgdomonly.c:109: `SURS_POSIX_GID_AS_GRP' undeclared (first use > in this function) > lib/sursalgdomonly.c: In function `surs_algdomonly_unixid_to_sam_sid': > lib/sursalgdomonly.c:130: `SURS_POSIX_UID_AS_USR' undeclared (first use > in this function) > lib/sursalgdomonly.c:135: `SURS_POSIX_GID_AS_ALS' undeclared (first use > in this function) > lib/sursalgdomonly.c:140: `SURS_POSIX_GID_AS_GRP' undeclared (first use > in this function) > lib/sursalgdomonly.c:132: warning: unreachable code at beginning of > switch statement > make: *** [lib/sursalgdomonly.lo] Error 1 After adding this line to lib/sursalgdomonly.c i was able to compile lib/sursalgdomonly.c. #include "nsswitch/winbindd.h" Now i have the structure has no member named `name'-problem. Compiling smbd/password.c smbd/password.c: In function `authorise_login': smbd/password.c:267: structure has no member named `name' smbd/password.c:268: structure has no member named `name' smbd/password.c:271: structure has no member named `name' smbd/password.c:316: structure has no member named `name' smbd/password.c:318: structure has no member named `name' make: *** [smbd/password.o] Error 1 Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lars at kneschke.de Sat May 6 19:47:26 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again References: <3913CBE1.3A22FFDE@kneschke.de> <391464EA.501D612A@kneschke.de> Message-ID: <391476CE.DECE0E01@kneschke.de> Lars Kneschke wrote: > After adding this line to lib/sursalgdomonly.c i was able to compile > lib/sursalgdomonly.c. > > #include "nsswitch/winbindd.h" > > Now i have the structure has no member named `name'-problem. > > Compiling smbd/password.c > smbd/password.c: In function `authorise_login': > smbd/password.c:267: structure has no member named `name' > smbd/password.c:268: structure has no member named `name' > smbd/password.c:271: structure has no member named `name' > smbd/password.c:316: structure has no member named `name' > smbd/password.c:318: structure has no member named `name' > make: *** [smbd/password.o] Error 1 After downgrading smb.h with cvs update -r 1.262.2.40 smb.h i was able to compile samba tng succesfull. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From jlucas at uvi.edu Sat May 6 20:36:20 2000 From: jlucas at uvi.edu (John Lucas) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again In-Reply-To: <391476CE.DECE0E01@kneschke.de> Message-ID: On Sun, 7 May 2000, Lars Kneschke wrote: > Lars Kneschke wrote: > > After adding this line to lib/sursalgdomonly.c i was able to compile > > lib/sursalgdomonly.c. > > > > #include "nsswitch/winbindd.h" > > > > Now i have the structure has no member named `name'-problem. > > > > Compiling smbd/password.c > > smbd/password.c: In function `authorise_login': > > smbd/password.c:267: structure has no member named `name' > > smbd/password.c:268: structure has no member named `name' > > smbd/password.c:271: structure has no member named `name' > > smbd/password.c:316: structure has no member named `name' > > smbd/password.c:318: structure has no member named `name' > > make: *** [smbd/password.o] Error 1 > After downgrading smb.h with > > cvs update -r 1.262.2.40 smb.h > > i was able to compile samba tng succesfull. > That took care of my first problem, then I ran into this one: Compiling rpc_parse/parse_vuid.c with libtool rpc_parse/parse_vuid.c: In function `make_vuid_user_struct': rpc_parse/parse_vuid.c:70: structure has no member named `unix_name' rpc_parse/parse_vuid.c: In function `vuid_io_user_struct': rpc_parse/parse_vuid.c:118: structure has no member named `unix_name' rpc_parse/parse_vuid.c:118: structure has no member named `unix_name' rpc_parse/parse_vuid.c:119: structure has no member named `unix_name' *** Error code 1 I'm doing this on FreeBSD v4.0-RELEASE, with gcc version 2.95.2 19991024 (release). Any helpful hints on this one? -- "After all, if it weren't for change, your job would largely consist of making sure the corporate abacus rods were adequately greased." - John Cleese | John Lucas jlucas@uvi.edu | | Information Technology NIC Handle: JL423 | | University of the Virgin Islands (340) 693-1216 | | St. Thomas, VI 00802 http://www.uvi.edu/jlucas.html | From mg at plum.de Sat May 6 23:09:46 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:47 2003 Subject: samba tng is not compileable, once again In-Reply-To: <391464EA.501D612A@kneschke.de> Message-ID: <4175446334.957658186@[10.1.1.2]> --On Sonntag, 7. Mai 2000 04:50 +1000 Lars Kneschke wrote: > Lars Kneschke wrote: > After adding this line to lib/sursalgdomonly.c i was able to compile > lib/sursalgdomonly.c. > > #include "nsswitch/winbindd.h" > > Now i have the structure has no member named `name'-problem. > > Compiling smbd/password.c > smbd/password.c: In function `authorise_login': > smbd/password.c:267: structure has no member named `name' > smbd/password.c:268: structure has no member named `name' > smbd/password.c:271: structure has no member named `name' > smbd/password.c:316: structure has no member named `name' > smbd/password.c:318: structure has no member named `name' > make: *** [smbd/password.o] Error 1 > replace name with unix_name regards, Michael -- Samba Information HQ (in german) http://www.sambahq.de/ From lars at kneschke.de Sun May 7 06:04:26 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:47 2003 Subject: The current compile problems Message-ID: <3915076A.E5FA81B6@kneschke.de> Hello! These are the necessary changes to compile samba-tng. With the latest smb.h. I replaced 'name' where necessary with 'unix_name'. That was easy. I added #include "nsswitch/winbindd.h" to lib/sursalgmultidom.c. But this can't work! lib/sursalgmultidom.c(line 246) /* if (!parse_id_list(lp_surs_domainrange_uid(), True) || !parse_id_list(lp_surs_domainrange_gid(), False)) { return False; }*/ I can't find any lp_surs_domainrange_*-function in the source-code. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From Meerwaldt at t-online.de Sun May 7 13:46:57 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:47 2003 Subject: UID, GID? In-Reply-To: <18642.000505@gs.nsc.ru> Message-ID: Have you set the Windows User <--> Unix User Mapping (entry in /etc/master.passwd....). HTH, Freddy From merkes at t-online.de Sun May 7 17:02:17 2000 From: merkes at t-online.de (markus stephany) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share In-Reply-To: <14611.1654.438987.598234@wire.cadcamlab.org> References: <14611.1654.438987.598234@wire.cadcamlab.org> Message-ID: <12793.000507@merkespages.de> >> PS: For you NT experts, how do I force a share off? I do not wish to >> share drive C:, yet everytime I turn off the share of "C:" and >> "C:\WINNT" it comes back. PS> Dunno. That's weird. We've never had any trouble with this. PS> Peter those are so called "Administrative Shares", they are recreated at every reboot by default. to stop this, you have to add a value to the registry: - NT Server : HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters -> (DWORD)AutoShareServer = 0 - NT Workstation : HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters -> (DWORD)AutoShareWks = 0 -- rgds, markus stephany ==================================== mailto:merkes@merkespages.de http://www.merkespages.de From tbaldwin at htc.net Sun May 7 17:15:57 2000 From: tbaldwin at htc.net (Troy R. Baldwin) Date: Tue Dec 2 02:29:47 2003 Subject: subscribe Message-ID: <3915A4C6.E08BC075@htc.net> subscribe -------------- next part -------------- A non-text attachment was scrubbed... Name: tbaldwin.vcf Type: text/x-vcard Size: 225 bytes Desc: Card for Troy R. Baldwin Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000507/c6554f03/tbaldwin.vcf From pjdc at eircom.net Sun May 7 18:13:59 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share In-Reply-To: merkes@t-online.de's message of "Mon, 8 May 2000 03:05:51 +1000" References: <14611.1654.438987.598234@wire.cadcamlab.org> <12793.000507@merkespages.de> Message-ID: >>>>> "markus" == markus stephany writes: markus> those are so called "Administrative Shares", they are markus> recreated at every reboot by default. markus> to stop this, you have to add a value to the registry: markus> - NT Server : markus> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters markus> -> (DWORD)AutoShareServer = 0 markus> - NT Workstation : markus> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters markus> -> (DWORD)AutoShareWks = 0 I posted a message to the list a day or two ago with this info in it. I hadn't received it back, and so I posted it again. Still no sign. Has anyone else seen it? Am I going mad? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From jweber at math.cudenver.edu Sun May 7 18:21:43 2000 From: jweber at math.cudenver.edu (John Weber) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share In-Reply-To: Message-ID: I see it. John S. Weber System Administrator Center for Computational Mathematics University of Colorado at Denver Phone: (303)556-5394 Fax: (303)556-8550 jweber@math.cudenver.edu http://www-math.cudenver.edu/~jweber On Mon, 8 May 2000, Paul J Collins wrote: > >>>>> "markus" == markus stephany writes: > > markus> those are so called "Administrative Shares", they are > markus> recreated at every reboot by default. > > markus> to stop this, you have to add a value to the registry: > > markus> - NT Server : > markus> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters > markus> -> (DWORD)AutoShareServer = 0 > > markus> - NT Workstation : > markus> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters > markus> -> (DWORD)AutoShareWks = 0 > > I posted a message to the list a day or two ago with this info in it. > I hadn't received it back, and so I posted it again. Still no sign. > Has anyone else seen it? Am I going mad? > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > From D.Bannon at latrobe.edu.au Mon May 8 00:47:04 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:47 2003 Subject: Compile problems - `SURS_POSIX_UID_AS_USR' undeclared In-Reply-To: <3915076A.E5FA81B6@kneschke.de> Message-ID: <3.0.6.32.20000508104704.008bad00@bioserve.latrobe.edu.au> The TNG of a few hours ago (specifically about 9:00am, Monday 8th May, Melbourne Aust Time), still has compile problems on Redhat 6.2 gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) Kernal 2.2.14 The config command was : ./configure --prefix=/usr/local/samba-tng P100 with 32 meg Ram Compiling lib/sursalgdomonly.c with libtool lib/sursalgdomonly.c: In function `surs_algdomonly_sam_sid_to_unixid': lib/sursalgdomonly.c:99: `SURS_POSIX_UID_AS_USR' undeclared (first use in this f unction) lib/sursalgdomonly.c:99: (Each undeclared identifier is reported only once lib/sursalgdomonly.c:99: for each function it appears in.) lib/sursalgdomonly.c:104: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:109: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c: In function `surs_algdomonly_unixid_to_sam_sid': lib/sursalgdomonly.c:130: `SURS_POSIX_UID_AS_USR' undeclared (first use in this function) lib/sursalgdomonly.c:135: `SURS_POSIX_GID_AS_ALS' undeclared (first use in this function) lib/sursalgdomonly.c:140: `SURS_POSIX_GID_AS_GRP' undeclared (first use in this function) lib/sursalgdomonly.c:132: warning: unreachable code at beginning of switch state ment make: *** [lib/sursalgdomonly.lo] Error I cannot find any declaration for 'SURS_POSIX_UID_AS_USR' etc in the the source. Is this a bad merge that has not brought everything with it or are these things defined in some other library ?? david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From lkcl at samba.org Mon May 8 03:30:43 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... In-Reply-To: <20000407172610.B30170@pclinux.igd.fhg.de> Message-ID: On Fri, 5 May 2000, Jens Skripczynski wrote: > Hi Luke, > > people always seem to forget, what they should supply for > an complete bug report. it's ok, i just ignore those unless it's critical. > I could make some php Skript checking whether the User supplied everything > and then send it to the List. if you think it would help, and people would use it, sure: why not. From lkcl at samba.org Mon May 8 03:32:44 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:47 2003 Subject: TNG 2.5.3 - problems with USERMGR.EXE In-Reply-To: Message-ID: yes. On Fri, 5 May 2000, Mclaughlin, Marc wrote: > But do I need to add users to the Unix password file if I am using LDAP? From b.young at cqu.edu.au Mon May 8 05:12:31 2000 From: b.young at cqu.edu.au (Bruce Young) Date: Tue Dec 2 02:29:47 2003 Subject: ERROR! Out of file structures. Message-ID: <39164CBF.DFBF29A0@cqu.edu.au> Hi all, I am having this eeror message appear in one of my users: [2000/05/08 14:16:10, 0] smbd/files.c:(85) ERROR! Out of file structures Can anybody point me to the resolution. Samba 2.0.4b Tru64 Unix 4.0f Patch 2 Bruce -- ***************************************************************** CCC QQQ U U Bruce Young C Q Q U U Unix Administrator C Q Q U U Project Renaissance C Q Q U U Central Queensland University C Q Q U U E-Mail: b.young@cqu.edu.au C Q \Q U U Phone: +61 7 4930 6383 CCC QQQ\ UUU Fax: +61 7 4930 9340 ***************************************************************** From alex at gs.nsc.ru Mon May 8 05:38:20 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:47 2003 Subject: UID, GID? In-Reply-To: from Frederik Meerwaldt at "May 7, 2000 11:57:50 pm" Message-ID: <200005080538.MAA47349@gs.nsc.ru> Hi! > Have you set the Windows User <--> Unix User Mapping (entry in > /etc/master.passwd....). Sorry, i don't understand, what you mean: i think theris no such parameter in master.passwd if you mean 'username map' parameter in smb.conf - it is points to username map file. > > HTH, > Freddy > > Here is my username.map: root = admin administrator Here is my smb.conf: # Global parameters [global] workgroup = GSN netbios name = MPOOL netbios aliases = PDC server string = Samba TNG encrypt passwords = Yes username map = /usr/local/samba/private/username.map password level = 4 username level = 2 log level = 3 timestamp logs = Yes debug hires timestamp = Yes debug pid = Yes debug uid = Yes announce version = 4.2 name resolve order = wins lmhosts host bcast time server = Yes deadtime = 5 keepalive = 60 load printers = No local group map = /usr/local/samba/private/domainalias.map domain group map = /usr/local/samba/private/domaingroup.map logon script = login.bat logon path = \\MPOOL\profile\%U logon drive = U: logon home = \\MPOOL\%U domain logons = Yes os level = 65 lm announce = False preferred master = True domain master = True wins proxy = Yes wins server = 192.168.1.1 remote announce = 192.168.1.255/GSN 192.168.1.255/GS remote browse sync = 192.168.1.255 194.226.184.255 194.226.185.255 194.226.186.255 194.226.187.255 wide links = No follow symlinks = No [homes] comment = Users' home directories read only = No browseable = No [netlogon] comment = PDC netlogon share path = /usr/local/samba/netlogon [profile] path = /usr/local/samba/profile read only = No [public] comment = Public share path = /usr/local/samba/public guest ok = Yes [home1] comment = 8 GB path = /export/home1 read only = No [cdrom0] comment = CDROM path = /cdrom/cdrom0 guest only = Yes guest ok = Yes From ralph.schuster at oetv.de Mon May 8 09:09:24 2000 From: ralph.schuster at oetv.de (Ralph Schuster) Date: Tue Dec 2 02:29:47 2003 Subject: NT - unix password sync ... (from Fri May 05) Message-ID: <39168444.D887BC4E@syskoplan.de> Hi, as a resonance to my mail: NT - unix password sync works for AIX after some change in chgpasswd.c at Friday, May 05, I got a question about HP-UX. This works too, if one performs the change described in the mail! For sure, there will be several other unix dialects where this change will work. However, I tested only these two (AIX 4.21,HP-UX 10.20). ciao Ralph From paul.rogers at mis-cds.com Mon May 8 09:22:25 2000 From: paul.rogers at mis-cds.com (Paul Rogers) Date: Tue Dec 2 02:29:47 2003 Subject: WARNING - Love Letter Virus alert! Message-ID: Sometimes it's prompt and sometimes it is dog slow - I think it depends on what the weather is like. :) We do not have a problem with any other mailing lists or connectivity issues. Paul Rogers, Development Analyst. MIS Corporate Defence Solutions Limited Tel: +44 (0)1622 723422 (Direct Line) +44 (0)1622 723400 (Switchboard) Fax: +44 (0)1622 728580 Website: http://www.mis-cds.com/ > -----Original Message----- > From: Paul J Collins [mailto:pjdc@eircom.net] > Sent: 05 May 2000 18:58 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: WARNING - Love Letter Virus alert! > > > >>>>> "Paul" == Paul Rogers writes: > > Paul> Aaarrggghh I hate living in the UK! It took about 6-7 hours > Paul> for this e-mail to land back at my desk after sending it, so > Paul> therefore once it arrived on everyone elses desk, it was > Paul> after the other postings. Apologies ppl. > > Hmmmm. I live in Ireland, and I find that list messages get to me > pretty promptly. Definitely not with a six to seven hour delay. I'd > be inclined to investigate your delay, if I were you. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > ********************************************************************** The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the addressee. If you are not the addressee any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited. The views expressed in this e-mail are those of the individual and not necessarily of MIS Corporate Defense Solutions Ltd. Any prices quoted are only valid if followed up by a formal written quote. If you have received this transmission in error, please contact our Security Manager on 44 (0) 1622 723400. ********************************************************************** From jens.skripczynski at igd.fhg.de Mon May 8 10:27:13 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:47 2003 Subject: subscribe In-Reply-To: <3915A4C6.E08BC075@htc.net>; from tbaldwin@htc.net on Mon, May 08, 2000 at 03:16:31AM +1000 References: <3915A4C6.E08BC075@htc.net> Message-ID: <20000508122713.A4988@pclinux.igd.fhg.de> Troy R. Baldwin: > subscribe see SAMBA-TNG FAQ http://www.kneschke.de/projekte/samba_tng/index.php3 SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt Mailinglist subscribtion Web Interface: http://lists.samba.org/cgi-bin/weblist Old Mailinglist digest http://us1.samba.org/listproc/samba-ntdom/ Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From skvidal at phy.duke.edu Mon May 8 12:51:43 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... In-Reply-To: Message-ID: > it's ok, i just ignore those unless it's critical. > > > I could make some php Skript checking whether the User supplied everything > > and then send it to the List. > > if you think it would help, and people would use it, sure: why not. I know this a radical concept but maybe its worth considering a BTS like bugzilla or debbugs. It would seem reasonable. does samba already have a BTS? if so can they provide a branch for TNG? -sv From lkcl at samba.org Mon May 8 13:09:25 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... In-Reply-To: Message-ID: On Mon, 8 May 2000, Seth Vidal wrote: > > it's ok, i just ignore those unless it's critical. > > > > > I could make some php Skript checking whether the User supplied everything > > > and then send it to the List. > > > > if you think it would help, and people would use it, sure: why not. > > I know this a radical concept but maybe its worth considering a BTS like > bugzilla or debbugs. > > It would seem reasonable. > > does samba already have a BTS? if so can they provide a branch for TNG? yes, we have jitterbug. we switched it off after the messages remained at 15,000 or so after a couple of years. From keithd at zartis.com Mon May 8 13:39:47 2000 From: keithd at zartis.com (Keith Davey) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... References: Message-ID: <3916C3A3.1D7886A7@zartis.com> If everyone wants to go ahead with this I could have Bugzilla up by this evening. I have a spare machine waiting for something to do and have set up Buzilla several times. Keith. Luke Kenneth Casson Leighton wrote: > On Mon, 8 May 2000, Seth Vidal wrote: > > > > it's ok, i just ignore those unless it's critical. > > > > > > > I could make some php Skript checking whether the User supplied everything > > > > and then send it to the List. > > > > > > if you think it would help, and people would use it, sure: why not. > > > > I know this a radical concept but maybe its worth considering a BTS like > > bugzilla or debbugs. > > > > It would seem reasonable. > > > > does samba already have a BTS? if so can they provide a branch for TNG? > > yes, we have jitterbug. we switched it off after the messages remained at > 15,000 or so after a couple of years. -- Keith Davey Chief Technical Officer _____________________ Zartis.com 3015 Lake Drive National Digital Park Citywest Dublin 24 Ph: +353 1 4038470 Fax: +353 1 4661002 Web: www.zartis.com From Meerwaldt at t-online.de Mon May 8 13:39:19 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:47 2003 Subject: UID, GID? In-Reply-To: <200005080538.MAA47349@gs.nsc.ru> Message-ID: Hi! > > Have you set the Windows User <--> Unix User Mapping (entry in > > /etc/master.passwd....). > Sorry, i don't understand, what you mean: > i think theris no such parameter in master.passwd > if you mean 'username map' parameter in smb.conf - it is > points to username map file. Sorry. I ment that what you have already done. I ment setting up a username map and an entry in the passwd file. I don't know what your problem could be. Sorry. Regards, Freddy [the longest smb.conf file I've ever seen] From rink at springer.cx Mon May 8 16:14:39 2000 From: rink at springer.cx (Rink Springer) Date: Tue Dec 2 02:29:47 2003 Subject: Can't login from Win2K box Message-ID: <001601bfb908$82fa6c70$3400000a@aurum> Hi, I've got a problem: I can't login from my Windows 2000 Professional box to my Samba TNG running on FreeBSD 4.0. This shows up in my log file (smb.log): --- LSA_OPENSECRET: unknown error SMB LM/NT Password did not match! Rejecting user 'rink': authentication failed --- Can someone please help me? Thanks! Rink From kevinc at grainsystems.com Mon May 8 16:38:49 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... References: Message-ID: <3916ED99.FB228B7E@grainsystems.com> Seth Vidal wrote: > > > it's ok, i just ignore those unless it's critical. > > > > > I could make some php Skript checking whether the User supplied everything > > > and then send it to the List. > > > > if you think it would help, and people would use it, sure: why not. > > I know this a radical concept but maybe its worth considering a BTS like > bugzilla or debbugs. > > It would seem reasonable. > > does samba already have a BTS? if so can they provide a branch for TNG? It might be worth noting that bugzilla was just cited in the recent Apache break-in. - Kevin Colby kevinc@grainsystems.com From skvidal at phy.duke.edu Mon May 8 16:55:18 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... In-Reply-To: <3916ED99.FB228B7E@grainsystems.com> Message-ID: > > It might be worth noting that bugzilla was just cited in > the recent Apache break-in. it might also be worth noting that bugzilla was only citeable due to a dainbramaged mysql configuration - additionally a poorly organized www and ftp root dirs. bugzilla has no inherent flaw if memory serves from the apache write-up - only a poor configuration issue. -sv From kevinc at grainsystems.com Mon May 8 17:07:47 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... References: Message-ID: <3916F463.960E9A03@grainsystems.com> Seth Vidal wrote: > > > > It might be worth noting that bugzilla was just cited in > > the recent Apache break-in. > > it might also be worth noting that bugzilla was only citeable due to a > dainbramaged mysql configuration - additionally a poorly organized www > and ftp root dirs. > > bugzilla has no inherent flaw if memory serves from the apache write-up > - only a poor configuration issue. Still, it's a lesson to learn from. Be careful with this stuff. - Kevin Colby kevinc@grainsystems.com From pjdc at eircom.net Mon May 8 17:48:36 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: UID, GID? In-Reply-To: "Alex A. Emanov"'s message of "Mon, 8 May 2000 15:40:55 +1000" References: <200005080538.MAA47349@gs.nsc.ru> Message-ID: >>>>> "Alex" == Alex A Emanov writes: Alex> Here is my username.map: Alex> root = admin administrator If I'm not mistaken, the maps in Samba TNG only allow a one-to-one mapping, so your username.map should read: root = Administrator Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Mon May 8 17:50:47 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: Bug reports... In-Reply-To: Kevin Colby's message of "Tue, 9 May 2000 03:08:43 +1000" References: <3916F463.960E9A03@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: >> bugzilla has no inherent flaw if memory serves from the apache write-up >> - only a poor configuration issue. Kevin> Still, it's a lesson to learn from. Be careful with this stuff. I read the exploit report, and apparently the issue was covered in the Bugzilla README, so Rule #1 is now: +-----------------------------------+ | | | It's called README for a reason. | | | +-----------------------------------+ Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Mon May 8 17:52:07 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: WARNING - Love Letter Virus alert! In-Reply-To: Paul Rogers's message of "Mon, 8 May 2000 19:44:32 +1000" References: Message-ID: >>>>> "Paul" == Paul Rogers writes: Paul> Sometimes it's prompt and sometimes it is dog slow - I think Paul> it depends on what the weather is like. :) We do not have a Paul> problem with any other mailing lists or connectivity issues. I have a feeling my ISP's relay just doesn't like me. I've reposted the message, just for kicks. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri May 5 18:16:48 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:47 2003 Subject: SAMBA & Printing to a WinX share In-Reply-To: Gerry George's message of "Fri, 5 May 2000 00:33:35 +1000" References: <4.3.2.20000504101600.025c7410@mail.digisolv.com> Message-ID: >>>>> "Gerry" == Gerry George writes: Gerry> PS: For you NT experts, how do I force a share off? I do Gerry> not wish to share drive C:, yet everytime I turn off the Gerry> share of "C:" and "C:\WINNT" it comes back. This is a "feature" of Windows NT. By default, %systemroot% is shared as ADMIN$, and each drive is shared as C$, D$ etc. They don't show up when you browse into a machine, but they do exists. To disable them permanently, add this key to the registry: Key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters Value: AutoShareWks (DWORD) -- WORKSTATION ONLY Value: AutoShareServer (DWORD) -- SERVER ONLY Data: 0 You only need one of the above values, depending on what kind of NT your machine is running. You will need to reboot for it to take effect, or you can delete them using "net share C$ /delete", etc. if you don't want to restart just yet. Disclaimer: I am not an expert, I stole this from: http://www.ntfaq.com/ntfaq/network21.html Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From aedem at kaxis.cx Mon May 8 19:09:54 2000 From: aedem at kaxis.cx (Andrew Edem) Date: Tue Dec 2 02:29:47 2003 Subject: Can't login from Win2K box In-Reply-To: <001601bfb908$82fa6c70$3400000a@aurum> References: <001601bfb908$82fa6c70$3400000a@aurum> Message-ID: I am having the same problem. Has this worked in the past? Also, least in my case, shares are accessible when W2K uses workgroup security instead of logging onto a domain. Would this be a W2K bug, or a samba one? -Andrew >Hi, > >I've got a problem: I can't login from my Windows 2000 Professional box to >my Samba TNG running on FreeBSD 4.0. This shows up in my log file (smb.log): > >--- >LSA_OPENSECRET: unknown error >SMB LM/NT Password did not match! >Rejecting user 'rink': authentication failed >--- > >Can someone please help me? Thanks! > >Rink From rink at springer.cx Mon May 8 19:09:24 2000 From: rink at springer.cx (Rink Springer) Date: Tue Dec 2 02:29:47 2003 Subject: Can't login from Win2K box References: <001601bfb908$82fa6c70$3400000a@aurum> Message-ID: <001701bfb920$ec9e69c0$3400000a@aurum> ----- Original Message ----- From: "Andrew Edem" To: Cc: Sent: Monday, May 08, 2000 9:09 PM Subject: Re: Can't login from Win2K box It works fine with a Samba that is *not* TNG, so I think the problem is in Samba... could someone please look into this? Thanks! --Rink > I am having the same problem. Has this worked in the past? Also, > least in my case, shares are accessible when W2K uses workgroup > security instead of logging onto a domain. Would this be a W2K bug, > or a samba one? > > -Andrew > > >Hi, > > > >I've got a problem: I can't login from my Windows 2000 Professional box to > >my Samba TNG running on FreeBSD 4.0. This shows up in my log file (smb.log): > > > >--- > >LSA_OPENSECRET: unknown error > >SMB LM/NT Password did not match! > >Rejecting user 'rink': authentication failed > >--- > > > >Can someone please help me? Thanks! > > > >Rink > From p.grimmerink at home.nl Mon May 8 19:25:35 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:47 2003 Subject: Can't login from Win2K box In-Reply-To: <001701bfb920$ec9e69c0$3400000a@aurum> Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Rink Springer > Sent: maandag 8 mei 2000 21:11 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Can't login from Win2K box > It works fine with a Samba that is *not* TNG, so I think the problem is in > Samba... could someone please look into this? What version of TNG? Mine (2.2, also tried 2.4 and 2.5, all the same) works fine with Win2k. Any errormessages while creating the machineaccount? Best regards, Pieter From jahall at nea.org Mon May 8 19:25:02 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:47 2003 Subject: DNS Problem Message-ID: I have been trying to search the mail archives to answer a question I have seen posted before, but whenever I click on a link, I receive a message stating the URL http://us1.samba.org/listproc/samba-technical/February2000/0099.html cannot be found. If I goto the us1.samba.org homepage as Internet Explorer suggests, I end up at BrainStorm Technologies Homepage. Is this a problem with my provider's DNS entries, or I have I screwed something up with the computer I am using? Thanks for your help. Jay From gcarter at valinux.com Mon May 8 19:45:04 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:47 2003 Subject: DNS Problem References: Message-ID: <39171940.B5CB7453@valinux.com> jahall@nea.org wrote: > > I have been trying to search the mail archives to answer a question I have > seen posted before, but whenever I click on a link, I receive a message > stating the URL > http://us1.samba.org/listproc/samba-technical/February2000/0099.html cannot be > found. Goto... http://www.samba.org/listproc/samba-technical/February2000/0099.html Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pjdc at eircom.net Mon May 8 19:45:35 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS Message-ID: I updated my CVS tree at approximately 18:30 GMT. The build went fine, but when I log in from my workstation, I am told that my roaming profile could not be found, and that my local one will be used. I OK this and continue. My home dir is not mapped, and when I attempt to access it using the \\server\share notation, I am asked for username and password. Authentication fails. When I log out and in again, I get the same roaming profile error, but after I OK that, I am told that the domain is not available. Tests using "ntlogin" in rpcclient succeed with no errors. Looking in log.smb reveals that authentication for the account I was attempting to use fails multiple times. This is the same smbpasswd I have been using for a while now. Below is a sample of the kind of info I get for a log in failure. Am I doing something silly? Paul. --- BEGIN "log.smb" --- cli_net_req_chal: LSA Request Challenge from \\. to STO-KERRIG: A3F59D2F48180793 make_q_req_chal: 542 make_q_req_chal: 552 000000 net_io_q_req_chal 0000 undoc_buffer: 00000001 000004 smb_io_unistr2 logon_srv 0004 uni_max_len: 00000004 0008 undoc : 00000000 000c uni_str_len: 00000004 0010 buffer : \.\..... 000018 smb_io_unistr2 logon_clnt 0018 uni_max_len: 0000000b 001c undoc : 00000000 0020 uni_str_len: 0000000b 0024 buffer : S.T.O.-.K.E.R.R.I.G... 00003a smb_io_chal clnt_chal 003a data: a3 f5 9d 2f 48 18 07 93 rpc_con_pipe_req: op_num 4 offset 66 used: 66 rpc_api_pipe_req: start: 0 off: 66 create_rpc_request: opnum: 0x4 data_len: 0x30 create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 01 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000097 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000018 0014 context_id: 0064 0016 opnum : 0004 frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 create_noauth_pdu: 95 create_noauth_pdu: 102 rpc_api_pipe_req: end: 24 ncalrpc_l_send_prs: data: 0x80a0bd0 len 48 [000] 05 00 00 01 10 00 00 00 30 00 00 00 97 00 00 00 ........ 0....... [010] 18 00 00 00 64 00 04 00 01 00 00 00 04 00 00 00 ....d... ........ [020] 00 00 00 00 04 00 00 00 5C 00 5C 00 2E 00 00 00 ........ \.\..... write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: start: 24 off: 66 create_rpc_request: opnum: 0x4 data_len: 0x30 create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 00 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000098 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000018 0014 context_id: 0064 0016 opnum : 0004 frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 create_noauth_pdu: 95 create_noauth_pdu: 102 rpc_api_pipe_req: end: 48 ncalrpc_l_send_prs: data: 0x80a0b00 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 98 00 00 00 ........ 0....... [010] 18 00 00 00 64 00 04 00 0B 00 00 00 00 00 00 00 ....d... ........ [020] 0B 00 00 00 53 00 54 00 4F 00 2D 00 4B 00 45 00 ....S.T. O.-.K.E. write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: start: 48 off: 66 create_rpc_request: opnum: 0x4 data_len: 0x30 create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 00 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000099 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000018 0014 context_id: 0064 0016 opnum : 0004 frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 create_noauth_pdu: 95 create_noauth_pdu: 102 rpc_api_pipe_req: end: 72 ncalrpc_l_send_prs: data: 0x80a0bd0 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 99 00 00 00 ........ 0....... [010] 18 00 00 00 64 00 04 00 52 00 52 00 49 00 47 00 ....d... R.R.I.G. [020] 00 00 A3 F5 9D 2F 48 18 07 93 00 00 89 00 00 00 ...../H. ........ write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: data_end: 72 and offset 66 wrong rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'henry': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=1792 smt_wct=0 smb_bcc=0 -- END "log.smb" -- --- BEGIN "smb.conf" --- [global] debug level = 100 netbios name = STO-KERRIG server string = Samba (Primary DC) workgroup = MELOCHORD interfaces = 172.16.252.1/16 domain user map = /usr/local/samba-tng/private/domainuser.map domain group map = /usr/local/samba-tng/private/domaingroup.map security = user domain logons = yes encrypt passwords = yes null passwords = no os level = 65 domain master = yes preferred master = yes local master = yes wins support = yes time server = yes logon script = login.bat logon drive = H: logon home = \\STO-KERRIG\%U logon path = \\STO-KERRIG\profile\%U #print related junk print command = /usr/bin/lpr -r -P%p %s lpq command = /usr/bin/lpq -P%p lprm command = /usr/bin/lprm -P%p %j printcap name = /etc/printcap load printers = yes [homes] browseable = no writable = yes comment = Users' home directories [netlogon] path = /usr/local/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share [profile] path = /usr/local/samba-tng/profile writeable = yes [printers] printing = bsd comment = All Printers path = /tmp browseable = no guest ok = yes writable = no printable = yes [print$] path = /usr/local/samba-tng/print writable = yes guest ok = yes --- END "smb.conf" --- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mbreuer at siac.com Mon May 8 19:40:08 2000 From: mbreuer at siac.com (Michael Breuer) Date: Tue Dec 2 02:29:48 2003 Subject: DNS Problem References: Message-ID: <39171817.299570C5@siac.com> Nope, not just you... I tried and got the same info. jahall@nea.org wrote: > I have been trying to search the mail archives to answer a question I have > seen posted before, but whenever I click on a link, I receive a message > stating the URL > http://us1.samba.org/listproc/samba-technical/February2000/0099.html cannot be > found. > > If I goto the us1.samba.org homepage as Internet Explorer suggests, I end up > at BrainStorm Technologies Homepage. Is this a problem with my provider's DNS > entries, or I have I screwed something up with the computer I am using? > > Thanks for your help. > > Jay From pjdc at eircom.net Mon May 8 19:47:48 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: DNS Problem In-Reply-To: 's message of "Tue, 9 May 2000 05:31:37 +1000" References: Message-ID: >>>>> "Jay" == writes: Jay> I have been trying to search the mail archives to answer a Jay> question I have seen posted before, but whenever I click on a Jay> link, I receive a message stating the URL Jay> http://us1.samba.org/listproc/samba-technical/February2000/0099.html Jay> cannot be found. Try this: http://www.samba.org/listproc/samba-technical/February2000/0099.html Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lars at kneschke.de Mon May 8 19:42:08 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS References: Message-ID: <39171890.DFC1D5A8@kneschke.de> Paul J Collins wrote: > > I updated my CVS tree at approximately 18:30 GMT. The build went > fine, but when I log in from my workstation, I am told that my roaming > profile could not be found, and that my local one will be used. I OK > this and continue. My home dir is not mapped, and when I attempt to > access it using the \\server\share notation, I am asked for username > and password. Authentication fails. ..... I have this prblem too! Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From lars at kneschke.de Mon May 8 19:58:26 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:48 2003 Subject: Bug reports... References: <3916C3A3.1D7886A7@zartis.com> Message-ID: <39171C62.B2D1371@kneschke.de> Keith Davey wrote: > > If everyone wants to go ahead with this I could have Bugzilla up by this evening. > I have a spare machine waiting for something to do and have set up Buzilla several > times. Jens Skripczynski suggested a php-script for bugreporting. This script could send the email to the list. I would like to see this very much. If it goes to the list, anybody knows that someone has found the bug already, so i(or others) don't need to write the same email again. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From s.striker at striker.nl Mon May 8 20:50:12 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Samba-TNG CVS In-Reply-To: <39171890.DFC1D5A8@kneschke.de> Message-ID: Same here. I'm using an alpha snaphot at the office now, because that works. :-) However I'm always very eager to run the cvs version, so when this problem is fixed I will switch again. It seems that the NTLM hashes that the workstation (w2k in my case) doesn't match against what TNG expects. I've tried synchronizing all my clocks, which solved problems before, but this time to no avail. Too bad. If anyone has got the time to create a report using Jens' bugreport templates... Sander >Paul J Collins wrote: >> >> I updated my CVS tree at approximately 18:30 GMT. The build went >> fine, but when I log in from my workstation, I am told that my roaming >> profile could not be found, and that my local one will be used. I OK >> this and continue. My home dir is not mapped, and when I attempt to >> access it using the \\server\share notation, I am asked for username >> and password. Authentication fails. >.... > >I have this prblem too! > >Cu > >-- >Watch our projects at http://www.kneschke.de/projekte! >GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer > From damen at scintilla.utwente.nl Mon May 8 21:01:16 2000 From: damen at scintilla.utwente.nl (M.S. Damen) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with settinmg nettim,e In-Reply-To: Message-ID: Hi, At our study association we have some serious problems with the roaming profiles of NT with samba. We think it has something to do with the time-sync, but the problem is that normal users don't have the priviledge to set the time at the windows nt machines, so the net time command doesnt work. Has anyone an idea how to work arround this problem? Tnx, Martijn Damen Scintilla, University of Twente From hulet at ittc.ukans.edu Mon May 8 21:13:12 2000 From: hulet at ittc.ukans.edu (Michael S. Hulet) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with settinmg nettim,e In-Reply-To: Message-ID: Change the permissions in User Manager/Policies/User Rights/Change the system time Add Everyone and everyone will be able to change the system time. Michael Hulet Network System Administrator ITTC, University of Kansas On Tue, 9 May 2000, M.S. Damen wrote: > Hi, > > At our study association we have some serious problems with the roaming > profiles of NT with samba. We think it has something to do with the > time-sync, but the problem is that normal users don't have the priviledge > to set the time at the windows nt machines, so the net time command doesnt > work. Has anyone an idea how to work arround this problem? > > Tnx, Martijn Damen > Scintilla, University of Twente > From hwimmer at bakerref.com Mon May 8 21:09:19 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration Message-ID: <002501bfb931$ad90fe80$9f01a8c0@523.bakerref.com> i have a domain and an nt server in the domain. how can i administer that nt box w/o logging on as administrator of that box, i set up a useraccount on the domain administrator but i cant perform admin functions. i know i am doing something dumb... also, when is nt server domain support going to be oficially released??? From pjdc at eircom.net Mon May 8 21:33:26 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: "Hayden Wimmer"'s message of "Tue, 9 May 2000 07:17:47 +1000" References: <002501bfb931$ad90fe80$9f01a8c0@523.bakerref.com> Message-ID: >>>>> "Hayden" == Hayden Wimmer writes: Hayden> i have a domain and an nt server in the domain. how can i Hayden> administer that nt box w/o logging on as administrator of Hayden> that box, i set up a useraccount on the domain Hayden> administrator but i cant perform admin functions. i know Hayden> i am doing something dumb... Normally adding a domain user account to the group Domain Admins is sufficient. You may want to check the settings for the user right "Log on locally"; I don't recall what the defaults for NT server are. Make sure also that DOMAIN\Domain Admins is in the NTSERVER\Administrators local group on the server in question. It is by default, but perhaps it was changed by one of your admins. Hayden> also, when is nt server domain support going to be Hayden> oficially released??? Er, when Luke gets tired of breaking it? ;-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sam at topic.com.au Mon May 8 23:42:24 2000 From: sam at topic.com.au (Sam Couter) Date: Tue Dec 2 02:29:48 2003 Subject: Bug reports... In-Reply-To: ; from lkcl@samba.org on Mon, May 08, 2000 at 11:11:56PM +1000 References: Message-ID: <20000509094224.B28064@topic.com.au> Luke Kenneth Casson Leighton wrote: > > yes, we have jitterbug. we switched it off after the messages remained at > 15,000 or so after a couple of years. No bug tracking system is ever going to work if the developers don't use it. -- Sam Couter sam@topic.com.au Internet Engineer http://www.topic.com.au/ tSA Consulting -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000509/632b236f/attachment.bin From hwimmer at bakerref.com Mon May 8 23:49:12 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration Message-ID: <005e01bfb948$037beba0$9f01a8c0@523.bakerref.com> the domain controller is linux/samba.... so when the nt server logs into the domain as myself i cant perform nt user mgr for domains. i get a rpc error. i am using the version of samba that came with redhat 6.1. i am desperately trying to get this stuff to work. win2000 has arrived and the boss is favoring it...i dont want us to fall into microsoft's clutch any more than we already are... i created the domain admins group acct and added a user administrator.. the nt server in ? still wont let me modify services on that box... >>>>> "Hayden" == Hayden Wimmer writes: Hayden> i have a domain and an nt server in the domain. how can i Hayden> administer that nt box w/o logging on as administrator of Hayden> that box, i set up a useraccount on the domain Hayden> administrator but i cant perform admin functions. i know Hayden> i am doing something dumb... Normally adding a domain user account to the group Domain Admins is sufficient. You may want to check the settings for the user right "Log on locally"; I don't recall what the defaults for NT server are. Make sure also that DOMAIN\Domain Admins is in the NTSERVER\Administrators local group on the server in question. It is by default, but perhaps it was changed by one of your admins. Hayden> also, when is nt server domain support going to be Hayden> oficially released??? Er, when Luke gets tired of breaking it? ;-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From mgeddes at mail.xavier.sa.edu.au Mon May 8 22:33:10 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: <005e01bfb948$037beba0$9f01a8c0@523.bakerref.com> References: <005e01bfb948$037beba0$9f01a8c0@523.bakerref.com> Message-ID: <200005082233.IAA22764@mail.xavier.sa.edu.au> Quoting Hayden Wimmer : > the domain controller is linux/samba.... so when the nt server logs into > the > domain as myself i cant perform nt user mgr for domains. i get a rpc > error. > i am using the version of samba that came with redhat 6.1. There be your problem. Use samba TNG. http://www.kneschke.de/projekte/samba_tng/ ======================================= Xavier College Gawler, South Australia visit http://www.xavier.sa.edu.au/ --------------------------------------- Xavier College Staff E-mail is Powered by IMP http://www.horde.org/ From sneakums at eircom.net Tue May 9 00:08:28 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: "Hayden Wimmer"'s message of "Mon, 8 May 2000 19:49:12 -0400" References: <005e01bfb948$037beba0$9f01a8c0@523.bakerref.com> Message-ID: >>>>> "Hayden" == Hayden Wimmer writes: Hayden> the domain controller is linux/samba.... so when the nt Hayden> server logs into the domain as myself i cant perform nt Hayden> user mgr for domains. i get a rpc error. i am using the Hayden> version of samba that came with redhat 6.1. i am Hayden> desperately trying to get this stuff to work. win2000 has Hayden> arrived and the boss is favoring it...i dont want us to Hayden> fall into microsoft's clutch any more than we already Hayden> are... That is almost certainly a 2.0 version of Samba. That version of Samba has extremely incomplete domain controller support. It's definitely not recommneded for use as a production domain controller. If you want full domain controller support, you will have to use Samba-TNG. I'm not sure which alpha version would be the best for you to try. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Tue May 9 06:43:56 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS In-Reply-To: Message-ID: paul, there was a bug in doman_client_validate which had been modded i fxed it. On Tue, 9 May 2000, Paul J Collins wrote: > > I updated my CVS tree at approximately 18:30 GMT. The build went > fine, but when I log in from my workstation, I am told that my roaming > profile could not be found, and that my local one will be used. I OK > this and continue. My home dir is not mapped, and when I attempt to > access it using the \\server\share notation, I am asked for username > and password. Authentication fails. > > When I log out and in again, I get the same roaming profile error, but > after I OK that, I am told that the domain is not available. > > Tests using "ntlogin" in rpcclient succeed with no errors. > > Looking in log.smb reveals that authentication for the account I was > attempting to use fails multiple times. This is the same smbpasswd I > have been using for a while now. Below is a sample of the kind of > info I get for a log in failure. > > Am I doing something silly? > > Paul. > > --- BEGIN "log.smb" --- > > cli_net_req_chal: LSA Request Challenge from \\. to STO-KERRIG: A3F59D2F48180793 > make_q_req_chal: 542 > make_q_req_chal: 552 > 000000 net_io_q_req_chal > 0000 undoc_buffer: 00000001 > 000004 smb_io_unistr2 logon_srv > 0004 uni_max_len: 00000004 > 0008 undoc : 00000000 > 000c uni_str_len: 00000004 > 0010 buffer : \.\..... > 000018 smb_io_unistr2 logon_clnt > 0018 uni_max_len: 0000000b > 001c undoc : 00000000 > 0020 uni_str_len: 0000000b > 0024 buffer : S.T.O.-.K.E.R.R.I.G... > 00003a smb_io_chal clnt_chal > 003a data: a3 f5 9d 2f 48 18 07 93 > rpc_con_pipe_req: op_num 4 offset 66 used: 66 > rpc_api_pipe_req: start: 0 off: 66 > create_rpc_request: opnum: 0x4 data_len: 0x30 > create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 > 000000 smb_io_rpc_hdr hdr > 0000 major : 05 > 0001 minor : 00 > 0002 pkt_type : 00 > 0003 flags : 01 > 0004 pack_type : 10 00 00 00 > prs_set_packtype: bigendian: No > 0008 frag_len : 0030 > 000a auth_len : 0000 > 000c call_id : 00000097 > 000010 smb_io_rpc_hdr_req hdr_req > 0010 alloc_hint: 00000018 > 0014 context_id: 0064 > 0016 opnum : 0004 > frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 > create_noauth_pdu: 95 > create_noauth_pdu: 102 > rpc_api_pipe_req: end: 24 > ncalrpc_l_send_prs: data: 0x80a0bd0 len 48 > [000] 05 00 00 01 10 00 00 00 30 00 00 00 97 00 00 00 ........ 0....... > [010] 18 00 00 00 64 00 04 00 01 00 00 00 04 00 00 00 ....d... ........ > [020] 00 00 00 00 04 00 00 00 5C 00 5C 00 2E 00 00 00 ........ \.\..... > write_socket(14,48) > write_socket(14,48) wrote 48 > rpc_api_pipe_req: start: 24 off: 66 > create_rpc_request: opnum: 0x4 data_len: 0x30 > create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 > 000000 smb_io_rpc_hdr hdr > 0000 major : 05 > 0001 minor : 00 > 0002 pkt_type : 00 > 0003 flags : 00 > 0004 pack_type : 10 00 00 00 > prs_set_packtype: bigendian: No > 0008 frag_len : 0030 > 000a auth_len : 0000 > 000c call_id : 00000098 > 000010 smb_io_rpc_hdr_req hdr_req > 0010 alloc_hint: 00000018 > 0014 context_id: 0064 > 0016 opnum : 0004 > frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 > create_noauth_pdu: 95 > create_noauth_pdu: 102 > rpc_api_pipe_req: end: 48 > ncalrpc_l_send_prs: data: 0x80a0b00 len 48 > [000] 05 00 00 00 10 00 00 00 30 00 00 00 98 00 00 00 ........ 0....... > [010] 18 00 00 00 64 00 04 00 0B 00 00 00 00 00 00 00 ....d... ........ > [020] 0B 00 00 00 53 00 54 00 4F 00 2D 00 4B 00 45 00 ....S.T. O.-.K.E. > write_socket(14,48) > write_socket(14,48) wrote 48 > rpc_api_pipe_req: start: 48 off: 66 > create_rpc_request: opnum: 0x4 data_len: 0x30 > create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 > 000000 smb_io_rpc_hdr hdr > 0000 major : 05 > 0001 minor : 00 > 0002 pkt_type : 00 > 0003 flags : 00 > 0004 pack_type : 10 00 00 00 > prs_set_packtype: bigendian: No > 0008 frag_len : 0030 > 000a auth_len : 0000 > 000c call_id : 00000099 > 000010 smb_io_rpc_hdr_req hdr_req > 0010 alloc_hint: 00000018 > 0014 context_id: 0064 > 0016 opnum : 0004 > frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 > create_noauth_pdu: 95 > create_noauth_pdu: 102 > rpc_api_pipe_req: end: 72 > ncalrpc_l_send_prs: data: 0x80a0bd0 len 48 > [000] 05 00 00 00 10 00 00 00 30 00 00 00 99 00 00 00 ........ 0....... > [010] 18 00 00 00 64 00 04 00 52 00 52 00 49 00 47 00 ....d... R.R.I.G. > [020] 00 00 A3 F5 9D 2F 48 18 07 93 00 00 89 00 00 00 ...../H. ........ > write_socket(14,48) > write_socket(14,48) wrote 48 > rpc_api_pipe_req: data_end: 72 and offset 66 wrong > rpc_con_pipe_req FAILED > cli_nt_setup_creds: request challenge failed > domain_client_validate: credentials failed (\\.) > SMB LM/NT Password did not match! > Rejecting user 'henry': authentication failed > 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] > error string = No such file or directory > size=35 > smb_com=0x73 > smb_rcls=109 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=16384 > smb_tid=0 > smb_pid=51966 > smb_uid=0 > smb_mid=1792 > smt_wct=0 > smb_bcc=0 > > -- END "log.smb" -- > > > > --- BEGIN "smb.conf" --- > > [global] > debug level = 100 > > netbios name = STO-KERRIG > server string = Samba (Primary DC) > workgroup = MELOCHORD > interfaces = 172.16.252.1/16 > > domain user map = /usr/local/samba-tng/private/domainuser.map > domain group map = /usr/local/samba-tng/private/domaingroup.map > > security = user > domain logons = yes > encrypt passwords = yes > null passwords = no > > os level = 65 > domain master = yes > preferred master = yes > local master = yes > > wins support = yes > time server = yes > > logon script = login.bat > logon drive = H: > logon home = \\STO-KERRIG\%U > logon path = \\STO-KERRIG\profile\%U > > #print related junk > print command = /usr/bin/lpr -r -P%p %s > lpq command = /usr/bin/lpq -P%p > lprm command = /usr/bin/lprm -P%p %j > printcap name = /etc/printcap > load printers = yes > > [homes] > browseable = no > writable = yes > comment = Users' home directories > > [netlogon] > path = /usr/local/samba-tng/netlogon > writable = no > guest ok = no > comment = PDC netlogon share > > [profile] > path = /usr/local/samba-tng/profile > writeable = yes > > [printers] > printing = bsd > comment = All Printers > path = /tmp > browseable = no > guest ok = yes > writable = no > printable = yes > > [print$] > path = /usr/local/samba-tng/print > writable = yes > guest ok = yes > > --- END "smb.conf" --- > > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From tomek at is.fh-hamburg.de Tue May 9 08:50:05 2000 From: tomek at is.fh-hamburg.de (Tomek Jarosinski) Date: Tue Dec 2 02:29:48 2003 Subject: Samba on Linux Cluster ? Message-ID: <3917D13D.259935DC@is.fh-hamburg.de> We are planning one Linux cluster for hundreds of Windows and Linux Clients here. Does anybody is using Samba on Linux Clusters ? What clustering software are you using ? How ist it working ? Any informations are welcome. -- Have a nice day ! Tomek Jarosinski Fachhochschule Hamburg - University of Applied Sciences Rechenzentrum Berliner Tor 20099 Hamburg,Berliner Tor 21, R. 301 Tel:040/42859-3030 Fax:040/42859-2890 E-Mail: tomek@rzbt.fh-hamburg.de --Linux is like a wigwam: no gates, no windows, and an apache inside-- From johanh at fusion.kth.se Tue May 9 08:51:23 2000 From: johanh at fusion.kth.se (Johan Hedin) Date: Tue Dec 2 02:29:48 2003 Subject: domain_client_validate: credentials failed (\\.) Message-ID: Using TNG 2.5.3 and the newest CVS (update today), I get domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! while trying to log in from NT4SP6. smbclient from the same source works. Using an older version of TNG works fine (sorry don't remeber the date its from, but after the change to sbin). Has something changed so I need to do some reconfiguration of my smbd.conf or smbpasswd? All running on Solaris 2.6. TIA Johan Hedin From tom at ee.ucl.ac.uk Tue May 9 10:15:59 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:48 2003 Subject: samba-TNG cvs update 10:30 BST Message-ID: <200005091015.LAA17852@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 10:30 BST Solaris 2.7 Sparc 64 gcc 2.8.1 samba-TNG now compiles after the last few days of problems. There are lots of warnings about discarded consts and initialisations from incompatible pointer types. I will post them if anyone wants them. Domain logins work, but... Profiles and accessing drives do not work: (see log fragment below) rpc_api_pipe_req: end: 24 ncalrpc_l_send_prs: data: 1a7018 len 48 [000] 05 00 00 01 10 00 00 00 30 00 00 00 39 00 00 00 ........ 0...9... [010] 18 00 00 00 64 00 04 00 01 00 00 00 04 00 00 00 ....d... ........ [020] 00 00 00 00 04 00 00 00 5C 00 5C 00 2E 00 00 00 ........ \.\..... write_socket(14,48) write_socket_data: write failure. Error = Broken pipe write_socket(14,48) wrote -1 write_socket: Error writing 48 bytes to socket 14: ERRNO = Broken pipe rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'tom': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = Broken pipe size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=4289 smt_wct=0 smb_bcc=0 write_socket(7,39) write_socket(7,39) wrote 39 From iulica at dntis.ro Tue May 9 12:21:04 2000 From: iulica at dntis.ro (Iulian Ciorascu) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration Message-ID: <006e01bfb9b1$0c1cfec0$9d443f8b@g3610.research.kpn.com> -----Original Message----- From: Paul J Collins To: Multiple recipients of list SAMBA-NTDOM Date: Tuesday, May 09, 2000 1:07 AM Subject: Re: winnt administration >>>>>> "Hayden" == Hayden Wimmer writes: > > Hayden> the domain controller is linux/samba.... so when the nt > Hayden> arrived and the boss is favoring it...i dont want us to > Hayden> fall into microsoft's clutch any more than we already > Hayden> are... > >That is almost certainly a 2.0 version of Samba. That version of >Samba has extremely incomplete domain controller support. It's >definitely not recommneded for use as a production domain controller. > >If you want full domain controller support, you will have to use >Samba-TNG. I'm not sure which alpha version would be the best for you >to try. I use samba-tng-alpha.1.6 as a PDC and only with netlogon service. As a file, homes, profiles, printing server I use a samba-2.0.6 domain member in the same linux box. It works well with Win9x, W2k. Best wishes, Iulian From dworz at musistation.amazing.ch Tue May 9 11:37:21 2000 From: dworz at musistation.amazing.ch (Christoph Dworzak) Date: Tue Dec 2 02:29:48 2003 Subject: samba-TNG cvs update 10:30 BST In-Reply-To: <200005091015.LAA17852@picard.ee.ucl.ac.uk> References: <200005091015.LAA17852@picard.ee.ucl.ac.uk> Message-ID: <20000509133721.B3775@amazing.ch> On Tue, May 09, 2000 at 08:17:40PM +1000, Tom Crummey wrote: > samba-TNG cvs update 10:30 BST Solaris 2.7 Sparc 64 gcc 2.8.1 > > samba-TNG now compiles after the last few days of problems. There are > lots of warnings about discarded consts and initialisations from incompatible > pointer types. I will post them if anyone wants them. same here on RH6.2 i386, kernel 2.2.14, samba from yesterday ~16:00 GMT. > Domain logins work, but... > > Profiles and accessing drives do not work: (see log fragment below) Same here, but if I restart samba after the login on NT, then I can access the shares. Bye dworz From janet at bioss.sari.ac.uk Tue May 9 12:15:58 2000 From: janet at bioss.sari.ac.uk (Janet Dickson) Date: Tue Dec 2 02:29:48 2003 Subject: Multiple boot PCs Message-ID: <3918017E.AF97706A@bioss.sari.ac.uk> Hi I have 2.0.5a as a production server (Win9x machines) and a TNG-alpha server set up from cvs on May 1st. I have a multiple boot PC (Win98/WinNT/Win2k). I can logon to the sambaTNG domain from Win98 and Win2000 so the server is working OK. However, when I try to logon to the sambaTNG domain from WinNT it says 'The domain controller for this domain cannot be located'. I have an earlier NTdomain server (2.1.0-prealpha) that has been up and running for some time now. I have another WinNT PC which logs into this domain, but when I try and change it to sambaTNG it also says 'The domain controller for this domain cannot be located'. The machine accounts have been set up on both Samba servers. One further question - can I mount the private, profile and netlogon directories via NIS or would this cause any problems ? Janet ************************************************************************* Janet Dickson | http://www.bioss.sari.ac.uk/~janet Biomathematics & Statistics Scotland | email: janet@bioss.sari.ac.uk The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 ************************************************************************* From lkcl at samba.org Tue May 9 12:31:45 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: Multiple boot PCs In-Reply-To: <3918017E.AF97706A@bioss.sari.ac.uk> Message-ID: most certainly do NOT sent the private/smbpasswd contents over a network, it contans clear-text-equivalent password hashes. unless you have no concern for security at your site. On Tue, 9 May 2000, Janet Dickson wrote: > Hi > I have 2.0.5a as a production server (Win9x machines) and a TNG-alpha > server set up from cvs on May 1st. > > I have a multiple boot PC (Win98/WinNT/Win2k). I can logon to the > sambaTNG domain from Win98 and Win2000 so the server is working OK. > However, when I try to logon to the sambaTNG domain from WinNT it says > 'The domain controller for this domain cannot be located'. > > I have an earlier NTdomain server (2.1.0-prealpha) that has been up and > running for some time now. I have another WinNT PC which logs into this > domain, but when I try and change it to sambaTNG it also says 'The > domain controller for this domain cannot be located'. The machine > accounts have been set up on both Samba servers. > > One further question - can I mount the private, profile and netlogon > directories via NIS or would this cause any problems ? > > Janet > > ************************************************************************* > Janet Dickson | > http://www.bioss.sari.ac.uk/~janet > Biomathematics & Statistics Scotland | email: janet@bioss.sari.ac.uk > The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 > Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 > ************************************************************************* > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From simo.sorce at polimi.it Tue May 9 12:47:02 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:48 2003 Subject: Multiple boot PCs References: <3918017E.AF97706A@bioss.sari.ac.uk> Message-ID: <391808C6.DC5DA28C@polimi.it> Janet Dickson wrote: > > Hi > I have 2.0.5a as a production server (Win9x machines) and a TNG-alpha > server set up from cvs on May 1st. > > I have a multiple boot PC (Win98/WinNT/Win2k). I can logon to the > sambaTNG domain from Win98 and Win2000 so the server is working OK. > However, when I try to logon to the sambaTNG domain from WinNT it says > 'The domain controller for this domain cannot be located'. > > I have an earlier NTdomain server (2.1.0-prealpha) that has been up and > running for some time now. I have another WinNT PC which logs into this > domain, but when I try and change it to sambaTNG it also says 'The > domain controller for this domain cannot be located'. The machine > accounts have been set up on both Samba servers. Do the WinNT and Win2k sistems have the same workstation name on the same PC? Remember that also Workstation accounts are treatened as users in WinDomains so if you use the same wks names only one of the systems have the correct passowrd for the workstation account! > > One further question - can I mount the private, profile and netlogon > directories via NIS or would this cause any problems ? if you mean NFS I suggest to not export the private files unless your trust really much your users -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From hwimmer at bakerref.com Tue May 9 13:39:47 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:48 2003 Subject: HELP Message-ID: <000501bfb9bc$0af6a630$9f01a8c0@523.bakerref.com> I am trying to use cvs here is my command cvs -d :pserver:cvs@cvs.samba.org:/cvsroot login i get an error finding home directory??? please help... :o) From hwimmer at bakerref.com Tue May 9 13:47:21 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:48 2003 Subject: HELP Message-ID: <001001bfb9bd$26b9ede0$9f01a8c0@523.bakerref.com> nevermind, samba's web site provides a nice interface From trevor at steinmetznet.com Tue May 9 14:14:32 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration References: <005e01bfb948$037beba0$9f01a8c0@523.bakerref.com> Message-ID: <39181D48.8133E4E4@steinmetznet.com> Paul J Collins wrote: > >>>>> "Hayden" == Hayden Wimmer writes: > > Hayden> the domain controller is linux/samba.... so when the nt > Hayden> server logs into the domain as myself i cant perform nt > Hayden> user mgr for domains. i get a rpc error. i am using the > Hayden> version of samba that came with redhat 6.1. i am > Hayden> desperately trying to get this stuff to work. win2000 has > Hayden> arrived and the boss is favoring it...i dont want us to > Hayden> fall into microsoft's clutch any more than we already > Hayden> are... > > That is almost certainly a 2.0 version of Samba. That version of > Samba has extremely incomplete domain controller support. It's > definitely not recommneded for use as a production domain controller. > > If you want full domain controller support, you will have to use > Samba-TNG. I'm not sure which alpha version would be the best for you > to try. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" Hi, We are using TNG-alpha-2.5 in a semi production envronment, and everything is stable. Only issue is that you can't change password from NT (Not an issue on our sites, I control passwords directly). If you can live with that flaw, 2.5 seem to be rock solid (We have been using it for all logins on one site for almost a week. It is running on a 486/33 with 16 MB of RAM and serves 12 clients. We have had no crashes and no reports of problems. I wonder if I could even get NT server to RUN on this machine.) -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From simo.sorce at polimi.it Tue May 9 14:24:29 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:48 2003 Subject: Multiple boot PCs References: <3918017E.AF97706A@bioss.sari.ac.uk> <391808C6.DC5DA28C@polimi.it> <3918133C.FE7E0FAC@bioss.sari.ac.uk> Message-ID: <39181F9D.9F7E3AEE@polimi.it> Janet Dickson wrote: > > Simo Sorce wrote: > > > Do the WinNT and Win2k sistems have the same workstation name on the > > same PC? > > Remember that also Workstation accounts are treatened as users in > > WinDomains so if you use the same wks names only one of the systems have > > the correct passowrd for the workstation account! > > Yes they do have the same name. However, I tried copying the password > from the smbpasswd file on the old server to the new one but it still > cant find the domain controller. The problem is that when you insert a machine in the domain it changes his account password. When you add another machine with the same name it changes the password again, so the first do not have anymore a valid password! I think the best way is to have different names as host/hostNT or the like. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From p.grimmerink at home.nl Tue May 9 14:41:16 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:48 2003 Subject: NT domainmember in mulltiple domains Message-ID: OFFTOPIC I know this is a problem Bill should solve, I don't think he already did, but does anyone know wether there's a way to make a laptop (running NT4 or 5) a member of multiple domains? I would like to be able to log in to domains at different locations with my laptop, for that reason I'm running win98 now, to avoid the machine accounts. Best regards, Pieter From trevor at steinmetznet.com Tue May 9 14:43:04 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:48 2003 Subject: Slightly off topic SCO question Message-ID: <391823F8.AC45CB63@steinmetznet.com> Hello, I'm having a problem compiling TNG 2.5 on a SCO OpenServer 5 box. I don't think the problem is related to Samba, but I am hoping someone here might have an idea of what it is. I had to install gcc on the box myself (Earlier versions of SCO don't come with a compiler, latter versions may, I don't know). I installed a Custom package gcc from their Skunkware site, and all seemed to go well. Custom says gcc is installed, the gcc command does what you'd expect when given no arguments.. I assumed all was well (gcc 2.95 BTW). Downloaded samba, untarred, and typed ./configure. Configure finds gcc, checks gcc -O, and then comes back with "gcc cannot make executables, install failed" or something to that effect, and bombs. I am really hoping someone with SCO experience can help me out with this one. I can't find any doc's on the matter, and I am not sure where to go from here. I am beginning to REALLY hate this OS. -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From skvidal at phy.duke.edu Tue May 9 14:54:07 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:48 2003 Subject: Slightly off topic SCO question In-Reply-To: <391823F8.AC45CB63@steinmetznet.com> Message-ID: > I'm having a problem compiling TNG 2.5 on a SCO OpenServer 5 box. I > don't think the problem is related to Samba, but I am hoping someone > here might have an idea of what it is. I had to install gcc on the box > myself (Earlier versions of SCO don't come with a compiler, latter > versions may, I don't know). I installed a Custom package gcc from > their Skunkware site, and all seemed to go well. Custom says gcc is > installed, the gcc command does what you'd expect when given no > arguments.. I assumed all was well (gcc 2.95 BTW). Downloaded samba, > untarred, and typed ./configure. Configure finds gcc, checks gcc -O, > and then comes back with "gcc cannot make executables, install failed" > or something to that effect, and bombs. I am really hoping someone with > SCO experience can help me out with this one. I can't find any doc's on > the matter, and I am not sure where to go from here. I am beginning to > REALLY hate this OS. > I have some sco experience Openserver 5 and unixware. ditch it. go to linux or one of the bsd's it will make your life happy. -sv From lkcl at samba.org Tue May 9 14:59:47 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: Message-ID: dual installations, waste a bit of disk space, what the heck :) On Wed, 10 May 2000, Pieter Grimmerink wrote: > OFFTOPIC > > I know this is a problem Bill should solve, I don't think he already did, > but does anyone know wether there's a way to make a laptop (running NT4 or > 5) a member of multiple domains? > > I would like to be able to log in to domains at different locations with my > laptop, for that reason I'm running win98 now, to avoid the machine > accounts. > > Best regards, > > Pieter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Tue May 9 15:00:49 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: Slightly off topic SCO question In-Reply-To: <391823F8.AC45CB63@steinmetznet.com> Message-ID: hi trevor, do a ./configure --enable-shared=no i tried compiling on sco, too, and libtool went "urgh, sco!". On Wed, 10 May 2000, Trevor Antczak wrote: > Hello, > > I'm having a problem compiling TNG 2.5 on a SCO OpenServer 5 box. I > don't think the problem is related to Samba, but I am hoping someone > here might have an idea of what it is. I had to install gcc on the box > myself (Earlier versions of SCO don't come with a compiler, latter > versions may, I don't know). I installed a Custom package gcc from > their Skunkware site, and all seemed to go well. Custom says gcc is > installed, the gcc command does what you'd expect when given no > arguments.. I assumed all was well (gcc 2.95 BTW). Downloaded samba, > untarred, and typed ./configure. Configure finds gcc, checks gcc -O, > and then comes back with "gcc cannot make executables, install failed" > or something to that effect, and bombs. I am really hoping someone with > SCO experience can help me out with this one. I can't find any doc's on > the matter, and I am not sure where to go from here. I am beginning to > REALLY hate this OS. > > -- > Thank you, > Trevor Antczak > Technology Manager > Steinmetz & Associates > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From drobbins at gentoo.org Tue May 9 16:49:59 2000 From: drobbins at gentoo.org (Daniel Robbins) Date: Tue Dec 2 02:29:48 2003 Subject: got PDC/Samba 2.0.7 Working Easily Message-ID: <20000509104959.A73905@gentoo.org> Hi, I just wanted to let everyone know that within about 1/2 an hour, I was able to get domain logons and NT roaming profiles working perfectly -- using Samba pre-2.0.8! I had no problems or quirks during the setup process. This is the first time I've gotten both working perfectly at the same time, and I was so surprised that it happened with a 2.0 series Samba that I wanted to let everyone know. Best Regards, -- Daniel Robbins President/CEO http://www.gentoo.org Gentoo Technologies, Inc. From lars at kneschke.de Tue May 9 17:06:56 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS References: Message-ID: <391845B0.80D1D7E2@kneschke.de> Luke Kenneth Casson Leighton wrote: > > paul, there was a bug in doman_client_validate which had been modded i > fxed it. > You mean you fixed it? But did you also commit it? Because it doesn't work until now! Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From hwimmer at bakerref.com Tue May 9 17:23:26 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:48 2003 Subject: where to get samba tng (w/o cvs) Message-ID: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> where do i get tng??? i went to samba.org and get the "latest" and it didnt cure the nt admin probs i have been having...and when i cvs it says error-can't fine home dir... also, if anyone is as stupid as me DONT use win zip to unzip the tar and gzip files. i did that and then ftp'ed them to the server and it wouldnt complie but when i used gzip -c and then tar -x -f it compiled fine... just a warning. From lkcl at samba.org Tue May 9 17:38:48 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS In-Reply-To: <391845B0.80D1D7E2@kneschke.de> Message-ID: On Tue, 9 May 2000, Lars Kneschke wrote: > Luke Kenneth Casson Leighton wrote: > > > > paul, there was a bug in doman_client_validate which had been modded i > > fxed it. > > > You mean you fixed it? But did you also commit it? Because it doesn't > work until now! hmmm... well, it sorta-works, for me, i disconnect and it goes. hmm, i think something's unreliable-broke. From lars at kneschke.de Tue May 9 17:38:42 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:48 2003 Subject: where to get samba tng (w/o cvs) References: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> Message-ID: <39184D22.1E8DBEDD@kneschke.de> Hayden Wimmer wrote: > > where do i get tng??? i went to samba.org and get the "latest" and it didnt > cure the nt admin probs i have been having...and when i cvs it says > error-can't fine home dir... > > also, if anyone is as stupid as me > > DONT use win zip to unzip the tar and gzip files. i did that and then > ftp'ed them to the server and it wouldnt complie but when i used gzip -c and > then tar -x -f it compiled fine... just a warning. http://www.kneschke.de/projekte/samba_tng gives you all you need to know. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From Skripi at hrzpub.tu-darmstadt.de Tue May 9 17:07:28 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: ; from pjdc@eircom.net on Tue, May 09, 2000 at 07:28:50AM +1000 References: <002501bfb931$ad90fe80$9f01a8c0@523.bakerref.com> Message-ID: <20000509190728.A1761@shadowland.sc> Paul J Collins: > Er, when Luke gets tired of breaking it? ;-) I think saying Luke is breaking it is not fair. 1) There is the merge going on from MAIN to TNG, so that the smbd becomes as stable as in Main and serves files as good as MAIN does. I remember TNG in January, when it was almost impossible to use TNG as Fileserver for W95. 2) TNG ist still alpha: - code is _not_ to be concidered for working environments - like in the 2.(2k+1) Kernels features may be added and taken away, and it is not said, that it will compile. In my opinion the current stage is a stage one can live with. It seem to me, that in this last 5 month there have been some major break through's on reengeneering (?) the SMB protocol. And i would like to see a few more features to be added. Because after alpha comes beta (usually) and in this stage there will be a feature freeze. By the many merges that have been done in the last 2 month i would think it takes at least 3 month for this code to become stable again. (all features on NT and win95 working ...). So the more features there are in the code will be in the beta test and imediatly useable after the final release by the rest of the world (and of course not a final release by M$ but hopefully as stable as some OS SP3... in the first release !). I know there are many people waiting for a simulated M$ PDC. Even many productive Environments. But reports on this list show that some snapshots can even be used as some kind of beta version. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Tue May 9 18:09:30 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:48 2003 Subject: where to get samba tng (w/o cvs) In-Reply-To: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com>; from hwimmer@bakerref.com on Wed, May 10, 2000 at 03:29:18AM +1000 References: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> Message-ID: <20000509200930.A14298@shadowland.sc> Hayden Wimmer: > where do i get tng??? i went to samba.org and get the "latest" and it didnt > cure the nt admin probs i have been having...and when i cvs it says > error-can't fine home dir... > > DONT use win zip to unzip the tar and gzip files. i did that and then > ftp'ed them to the server and it wouldnt complie but when i used gzip -c and > then tar -x -f it compiled fine... just a warning. *HMM* I haven't had the error's you are describing but have a look at these pages : SAMBA-TNG FAQ http://www.kneschke.de/projekte/samba_tng/index.php3 ^^ this should document how to get tng working... Hope you did not read the "old" FAQ on samba.org as it is a bit out of date... SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From lars at kneschke.de Tue May 9 17:49:27 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS References: Message-ID: <39184FA7.D2BB01D3@kneschke.de> Luke Kenneth Casson Leighton wrote: > > On Tue, 9 May 2000, Lars Kneschke wrote: > > > Luke Kenneth Casson Leighton wrote: > > > > > > paul, there was a bug in doman_client_validate which had been modded i > > > fxed it. > > > > > You mean you fixed it? But did you also commit it? Because it doesn't > > work until now! > > hmmm... well, it sorta-works, for me, i disconnect and it goes. > > hmm, i think something's unreliable-broke. Do you need something, to find the bug? CU -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From sneakums at eircom.net Tue May 9 18:09:39 2000 From: sneakums at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: Jens Skripczynski's message of "Tue, 9 May 2000 19:07:28 +0200" References: <002501bfb931$ad90fe80$9f01a8c0@523.bakerref.com> <20000509190728.A1761@shadowland.sc> Message-ID: >>>>> "Jens" == Jens Skripczynski writes: Jens> Paul J Collins: >> Er, when Luke gets tired of breaking it? ;-) Jens> I think saying Luke is breaking it is not fair. I accept all your points, but please note that I was joking. I am aware of how hard Luke and the rest of Samba-Team are working to make an NT-free server environment a reality. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From skvidal at phy.duke.edu Tue May 9 18:33:43 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:48 2003 Subject: got PDC/Samba 2.0.7 Working Easily In-Reply-To: <20000509104959.A73905@gentoo.org> Message-ID: > I just wanted to let everyone know that within about 1/2 an hour, I > was able to get domain logons and NT roaming profiles working > perfectly -- using Samba pre-2.0.8! I had no problems or quirks > during the setup process. This is the first time I've gotten both > working perfectly at the same time, and I was so surprised that it > happened with a 2.0 series Samba that I wanted to let everyone know. is pre 2.0.8 the 2.0 side of the TNG merge? -sv From lkcl at samba.org Tue May 9 18:36:06 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:48 2003 Subject: winnt administration In-Reply-To: Message-ID: On Wed, 10 May 2000, Paul J Collins wrote: > >>>>> "Jens" == Jens Skripczynski writes: > > Jens> Paul J Collins: > >> Er, when Luke gets tired of breaking it? ;-) > > Jens> I think saying Luke is breaking it is not fair. hey, i keep breaking it, fixing it, depending on how i feel. thanks jens: i knew paul was kidding, he made me laugh. From trevor at steinmetznet.com Tue May 9 18:37:57 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:48 2003 Subject: Slightly off topic SCO question References: Message-ID: <39185B05.53465FBD@steinmetznet.com> Thanks for the help guys... Actually the problem was that the API headers had never been installed (What kind of system requires you to seperatley install api headers?). Since I did not put this thing together in the first place, I didn't know. Seems to be working now. I wish I could switch OS's but for right now, I need SCO to run our CAD software (No Linux/BSD port). Thanks for the help.... Luke Kenneth Casson Leighton wrote: > hi trevor, do a ./configure --enable-shared=no > > i tried compiling on sco, too, and libtool went "urgh, sco!". > > On Wed, 10 May 2000, Trevor Antczak wrote: > > > Hello, > > > > I'm having a problem compiling TNG 2.5 on a SCO OpenServer 5 box. I > > don't think the problem is related to Samba, but I am hoping someone > > here might have an idea of what it is. I had to install gcc on the box > > myself (Earlier versions of SCO don't come with a compiler, latter > > versions may, I don't know). I installed a Custom package gcc from > > their Skunkware site, and all seemed to go well. Custom says gcc is > > installed, the gcc command does what you'd expect when given no > > arguments.. I assumed all was well (gcc 2.95 BTW). Downloaded samba, > > untarred, and typed ./configure. Configure finds gcc, checks gcc -O, > > and then comes back with "gcc cannot make executables, install failed" > > or something to that effect, and bombs. I am really hoping someone with > > SCO experience can help me out with this one. I can't find any doc's on > > the matter, and I am not sure where to go from here. I am beginning to > > REALLY hate this OS. > > > > -- > > Thank you, > > Trevor Antczak > > Technology Manager > > Steinmetz & Associates > > > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From pjdc at eircom.net Tue May 9 18:52:07 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with recent Smaba-TNG CVS In-Reply-To: Luke Kenneth Casson Leighton's message of "Tue, 9 May 2000 16:46:55 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> paul, there was a bug in doman_client_validate which had Luke> been modded i fxed it. Alas, as of 18:00 GMT, it is still broken. I can confirm that restarting Samba after the log in allows access to the server again. In case the problem has been changed by your changes, below is the chunk of log.smb that relates to an authentication failure. Two differenes I have been able to see are the call_id in prs_set_packtype, and the data in ncalrpc_l_send_prs (don't know if this one should vary). Paul. --- BEGIN "log.smb" --- cli_net_req_chal: LSA Request Challenge from \\. to STO-KERRIG: 0F6056C591E6FD6E make_q_req_chal: 542 make_q_req_chal: 552 000000 net_io_q_req_chal 0000 undoc_buffer: 00000001 000004 smb_io_unistr2 logon_srv 0004 uni_max_len: 00000004 0008 undoc : 00000000 000c uni_str_len: 00000004 0010 buffer : \.\..... 000018 smb_io_unistr2 logon_clnt 0018 uni_max_len: 0000000b 001c undoc : 00000000 0020 uni_str_len: 0000000b 0024 buffer : S.T.O.-.K.E.R.R.I.G... 00003a smb_io_chal clnt_chal 003a data: 0f 60 56 c5 91 e6 fd 6e rpc_con_pipe_req: op_num 4 offset 66 used: 66 rpc_api_pipe_req: start: 0 off: 66 create_rpc_request: opnum: 0x4 data_len: 0x30 create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 01 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 000000cb 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000018 0014 context_id: 0064 0016 opnum : 0004 frag_len: 0x30 data_len: 0x18 data_calc_len: 0x18 create_noauth_pdu: 95 create_noauth_pdu: 102 rpc_api_pipe_req: end: 24 ncalrpc_l_send_prs: data: 0x80cef00 len 48 [000] 05 00 00 01 10 00 00 00 30 00 00 00 CB 00 00 00 ........ 0....... [010] 18 00 00 00 64 00 04 00 01 00 00 00 04 00 00 00 ....d... ........ [020] 00 00 00 00 04 00 00 00 5C 00 5C 00 2E 00 00 00 ........ \.\..... write_socket(14,48) write_socket_data: write failure. Error = Broken pipe write_socket(14,48) wrote -1 write_socket: Error writing 48 bytes to socket 14: ERRNO = Broken pipe rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'sneakums': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = Broken pipe size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=51966 smb_uid=0 smb_mid=2944 smt_wct=0 smb_bcc=0 --- END "log.smb" --- -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From nwong at booksys.com Tue May 9 19:03:11 2000 From: nwong at booksys.com (Nicholas Wong) Date: Tue Dec 2 02:29:48 2003 Subject: Problems with Samba from a moron Message-ID: <000801bfb9e9$38e1bda0$f40aa8c0@booksys.com> Hi, I just started my life as home/office netadmin. Elected from my grassroots Game Development team, and I am having the folowing problems with Samba, if anyone could help with any of these, I would be really greatfull. First, I can't seem to make the domain secure. We have a machine that can join the workgroup without logging in, and browse everything on the computers in the domain, but not the server becuase there is no Guest access on it. Second, The server seems to quit working after being left alone for several hours. Third, Win2000 no likey. Dosn't find the domain, dosn't log in, IOW: no like-y. Tried the NT workstation rules, didn't work. If someone could send me a good smb.conf file that would really help me out. Thanks! Viper-X From hwimmer at bakerref.com Tue May 9 19:05:05 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:49 2003 Subject: winnt admin Message-ID: <006701bfb9e9$82ec3560$9f01a8c0@523.bakerref.com> i have samba-tng 2.5.3 installed and running. i still cant use user mgr for domains or perform admin functions on the nt boxes while logged on as admin in the samba pdc domain. using usermgr yeilds a rpc error and server mgr yeilds a acces denied error. please help From hwimmer at bakerref.com Tue May 9 19:10:42 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:49 2003 Subject: Problems with Samba from a moron Message-ID: <008001bfb9ea$523bcd80$9f01a8c0@523.bakerref.com> the default file works fine with a little tweaking. look past samba and make sure the permissions on the actual files are set use the chmod and chgrp commands...also, creating groups should help. about win2k microsoft sucks... From nwong at booksys.com Tue May 9 19:22:29 2000 From: nwong at booksys.com (Nicholas Wong) Date: Tue Dec 2 02:29:49 2003 Subject: Other problems that I have had/ Message-ID: <000001bfb9eb$eb2b4d80$f40aa8c0@booksys.com> First, in the logs, it says that Gethostbyaddr failed. Something about a .c file, I am not at the server, so I can't say exactly what it says. Another problem is that it usually says that netlogon failed. I have no idea what this meens, and I find that there is no help about what the log file says. Any suggestions? Viper-X aka Nicholas Wong From johnny at highlander.com Tue May 9 19:31:52 2000 From: johnny at highlander.com (Johnny Hall) Date: Tue Dec 2 02:29:49 2003 Subject: where to get samba tng (w/o cvs) References: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> Message-ID: <391867A8.5CD9D577@highlander.com> On this note, I can't use cvs from here. How big is the source? If not two big could someone just email it to me? Thanks, Johnny Hayden Wimmer wrote: > where do i get tng??? i went to samba.org and get the "latest" and it didnt > cure the nt admin probs i have been having...and when i cvs it says > error-can't fine home dir... > > also, if anyone is as stupid as me > > DONT use win zip to unzip the tar and gzip files. i did that and then > ftp'ed them to the server and it wouldnt complie but when i used gzip -c and > then tar -x -f it compiled fine... just a warning. -- "Nothing is more difficult than the art of maneuvering for advantageous positions." - Sun Tzu -------------- next part -------------- A non-text attachment was scrubbed... Name: johnny.vcf Type: text/x-vcard Size: 320 bytes Desc: Card for Johnny Hall Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000509/22631766/johnny.vcf From lars at kneschke.de Tue May 9 19:32:55 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:49 2003 Subject: where to get samba tng (w/o cvs) References: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> <391867A8.5CD9D577@highlander.com> Message-ID: <391867E7.BE2B6DFF@kneschke.de> Johnny Hall wrote: > > On this note, I can't use cvs from here. How big is the source? If not two big > could someone just email it to me? It's all in the faq! :-) http://www.kneschke.de/projekte/samba_tng/faq/snapshots.php3 Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From pjdc at eircom.net Tue May 9 19:48:42 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:49 2003 Subject: where to get samba tng (w/o cvs) In-Reply-To: Johnny Hall's message of "Wed, 10 May 2000 05:33:57 +1000" References: <003701bfb9db$5be3dee0$9f01a8c0@523.bakerref.com> <391867A8.5CD9D577@highlander.com> Message-ID: >>>>> "Johnny" == Johnny Hall writes: Johnny> On this note, I can't use cvs from here. How big is the Johnny> source? If not two big could someone just email it to me? Whenever Luke makes an alpha release of Samba, it is placed in the alpha directory on the FTP server. Check http://www.samba.org/ for a list of mirrors. The tarballs are around three meg each. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From Meerwaldt at t-online.de Tue May 9 19:51:43 2000 From: Meerwaldt at t-online.de (Frederik Meerwaldt) Date: Tue Dec 2 02:29:49 2003 Subject: Little bit OT: Printing to Samba Message-ID: Hi all, I know, that that's a little bit OT, because it's not related to Samba-NTDomain, but thats the only list, I'm subscribed to. I have a problem printing to an Samba 2.0.6 FreeBSD V4.0/i386 Server. I can print locally (lpr /etc/rc.conf for example works), but if I share it with samba, and I connect to it from a Windows box, I always get the message, that the printer is not on the Server. If I browse the Server, I see the printer. Here are some important points of my smb.conf: [global] workgroup=MYDOMAIN load printers=yes security=domain password server=* encrypt passwords=yes [Laser001] printable = yes printer = lp writable = yes postscript = yes path = /var/spool/lpd/lp public = yes guest ok = yes >From my Log files (when I try to connect) (/var/log/log.windowsbox): [2000/05/09 21:14:56, 0] locking/shmem.c:smb_shm_unregister_process(475) ERROR smb_shm_unregister_process : couldn't find pid 33960 in file /var/spool/lock/SHARE_MEM_FILE.processes A ls -la in /var/spool/lpd/lp: total 7 drwxr-xr-x 2 root deamon 512 Apr 19 18:21 . drwxr-xr-x 6 root deamon 512 Apr 19 18:58 .. -rw-r----x 1 root deamon 4 Apr 19 18:20 .seq -rw-rw---- 1 root deamon 38 Apr 18 10:57 dfA000mycomputer.mydomain.com -rw-rw-r-- 1 root deamon 42 Apr 19 18:20 lock -rw-rw-r-- 1 root deamon 26 Apr 19 18:20 status -rw-rw---- 1 deamon deamon 117 Apr 18 10:57 ftA00mycomputer.mydomain.com A lpc status lp gives out, that the printer is idle, no print jobs.... I don't know if that matters, but the printer is a network printer, and the FreeBSD Computer talks to it via TCP/IP (directly in the /etc/printcap: rm=192.168.1.232 rp=port1......). Thanks in advance, Freddy From tas at webspan.net Tue May 9 20:43:22 2000 From: tas at webspan.net (Todd Sabin) Date: Tue Dec 2 02:29:49 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: "Pieter Grimmerink"'s message of "Wed, 10 May 2000 00:42:22 +1000" References: Message-ID: "Pieter Grimmerink" writes: > OFFTOPIC > > I know this is a problem Bill should solve, I don't think he already did, > but does anyone know wether there's a way to make a laptop (running NT4 or > 5) a member of multiple domains? > > I would like to be able to log in to domains at different locations with my > laptop, for that reason I'm running win98 now, to avoid the machine > accounts. > Do you really need to have your machine in the domain(s)? Have you tried just using a standalone NT box, and keeping your username/passwords in sync? That may give you the behavior you're looking for. Todd From p.grimmerink at home.nl Tue May 9 21:00:58 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:49 2003 Subject: NT domainmember in mulltiple domains References: Message-ID: <39187C8A.22BC8F6F@home.nl> Todd Sabin wrote: > > Do you really need to have your machine in the domain(s)? Have you > tried just using a standalone NT box, and keeping your > username/passwords in sync? That may give you the behavior you're > looking for. You are right. I think I will have to live with that. Thanks, Pieter From sharpe at ns.aus.com Sun May 7 19:14:19 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:49 2003 Subject: Processing Logon Scripts hosted on an NT PDC using Samba In-Reply-To: <00050908080400.01604@panther> References: <3.0.6.32.20000507225039.009d93a0@203.16.214.248> <3.0.6.32.20000507225039.009d93a0@203.16.214.248> Message-ID: <3.0.6.32.20000508041419.00999970@203.16.214.248> At 07:58 AM 5/9/00 -0400, you wrote: >On Sun, 07 May 2000, Richard Sharpe wrote: > >> >> Oh dear ... This is a problem :-) >> >> >> The location of the logon script is not provided in logon processing, and I >> don't have time to describe exactly what goes on. You should see Special >> Edition, Using Samba, when it comes out. >> >> However, the client does a NetWkstaUserLogon request to retrieve the >> location of their logon script, and then connect to the netlogon share (not >> netlogon$ as some have suggested) to retrieve the logon script. > >In this case I'm assuming the client performs this call to the samba machine, >does the samba machine then pass this request along to the PDC ? If so, what >role does the samba machine have to play to accomplish this ? Security = >DOMAIN, SERVER, USER, SHARE ? Well, you have to understand the steps taken when a Win9X client logs on to the domain: 1. Win9X box does a GetDC request (broadcast as a NETLOGON) 2. Samba (or someone) responds with the name of a logon server 3. Client connects to the logon server 4. Client does a NegProt 5. Client does a SessSetup&X. This is the authenticate step. If Samba is setup for security=server it will do passthrough authentication. If Samba is set up for security=domain, then it had better not be a logon server as well, and therefore will not even be involved. 6. Once authenticated, client then does a NetWkstaUserLogon which retrieves the user's home share location and logon script. This is not passed through to another server, but could perhaps be with some coding. Some more things are done after this. It is unclear whether or not the NetWkstaUserLogon could be passed on to the domain controller, and in anycase, Samba should not be configured to support network logons if it is operating in the same domain/workstation as the NT domain controller. >> >> The best I can suggest is that you retrieve this info somehow (and I can't >> provide any solutions at the moment) and then use a dynamically generated >> logon script to provide what they want, or you standardize on logon script >> names. >> >> >Regards >> > >> Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From hwimmer at bakerref.com Tue May 9 21:39:34 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:49 2003 Subject: rpc error Message-ID: <00b301bfb9ff$1213cdb0$9f01a8c0@523.bakerref.com> >i have samba-tng 2.5.3 installed and running. i still cant use user mgr for >domains or perform admin functions on the nt boxes while logged on as admin >in the samba pdc domain. using usermgr yeilds a rpc error and server mgr >yeilds a acces denied error. please help > From timothy_d_cole at md.northgrum.com Tue May 9 22:08:47 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:49 2003 Subject: NT domainmember in mulltiple domains Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F4707A@xcgmd008.md.essd.northgrum.com> Alternatively, you may be able to take advantage of trust relationships between the domains. > -----Original Message----- > From: Pieter Grimmerink [SMTP:p.grimmerink@home.nl] > Sent: Tuesday, May 09, 2000 17:02 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: NT domainmember in mulltiple domains > > Todd Sabin wrote: > > > > Do you really need to have your machine in the domain(s)? Have you > > tried just using a standalone NT box, and keeping your > > username/passwords in sync? That may give you the behavior you're > > looking for. > > You are right. I think I will have to live with that. > > Thanks, > > Pieter From pjdc at eircom.net Tue May 9 22:22:23 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:49 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: "Cole, Timothy D."'s message of "Wed, 10 May 2000 08:10:57 +1000" References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4707A@xcgmd008.md.essd.northgrum.com> Message-ID: >>>>> "Cole," == Cole, Timothy D writes: Cole,> Alternatively, you may be able to take advantage of trust Cole,> relationships between the domains. I'm guessing that the domains in question here are unrelated. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From D.Bannon at latrobe.edu.au Tue May 9 23:00:35 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:49 2003 Subject: Problems with Samba from a moron In-Reply-To: <000801bfb9e9$38e1bda0$f40aa8c0@booksys.com> Message-ID: <3.0.6.32.20000510090035.008c7860@bioserve.latrobe.edu.au> At 05:07 AM 10/05/2000 +1000, Nicholas Wong wrote: >Hi, I just started my life as home/office netadmin..... >We have a machine .... browse everything on the >computers in the domain, but not the server becuase there is no Guest access >on it. Are you sure that is not because the computers in question are offering their own shares without protection? Thats nothing to do with the domain. > David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From gene_yee at hotmail.com Tue May 9 23:19:12 2000 From: gene_yee at hotmail.com (Gene Yee) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? Message-ID: <20000509231912.59181.qmail@hotmail.com> I've seeked help from NT newsgroups, from friends at MS, from countless books. Then I started to think who else might have the answer? Few people know how MS Domains work better than you guys so here goes: When a workstation logs onto a domain it can locate a DC via broadcasts or WINS. If it is located via broadcast it is obviously going to be the nearest server. If it is located via WINS, how does the workstation know not to go across a slow WAN for authentication? How does a workstation decide which DC to use for authentication? ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From anders at aae.wisc.edu Tue May 9 23:41:44 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? In-Reply-To: <20000509231912.59181.qmail@hotmail.com> from Gene Yee at "May 10, 2000 09:21:21 am" Message-ID: <200005092341.SAA19438@pug.aae.wisc.edu> Well... my guess would be to look at the subnet (ip AND netmask) --Anders > > I've seeked help from NT newsgroups, from friends at MS, from countless > books. Then I started to think who else might have the answer? Few people > know how MS Domains work better than you guys so here goes: > > When a workstation logs onto a domain it can locate a DC via broadcasts or > WINS. If it is located via broadcast it is obviously going to be the > nearest server. > > If it is located via WINS, how does the workstation know not to go > across a slow WAN for authentication? How does a workstation decide > which DC to use for authentication? > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > From gene_yee at hotmail.com Tue May 9 23:52:44 2000 From: gene_yee at hotmail.com (Gene Yee) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? Message-ID: <20000509235244.77031.qmail@hotmail.com> The ip/subnet wouldn't tell the workstation which is the closest/fastest DC. I'm wondering if the workstation what keeps the workstation from trying to authenticate with a DC over in Asia if I am in California. >From: "Anders C. Thorsen" >To: gene_yee@hotmail.com >CC: samba-ntdom@samba.org >Subject: Re: How does NT choose a DC? >Date: Tue, 9 May 2000 18:41:44 -0500 (CDT) > >Well... my guess would be to look at the subnet (ip AND netmask) > > >--Anders > > > > > I've seeked help from NT newsgroups, from friends at MS, from countless > > books. Then I started to think who else might have the answer? Few >people > > know how MS Domains work better than you guys so here goes: > > > > When a workstation logs onto a domain it can locate a DC via broadcasts >or > > WINS. If it is located via broadcast it is obviously going to be the > > nearest server. > > > > If it is located via WINS, how does the workstation know not to go > > across a slow WAN for authentication? How does a workstation decide > > which DC to use for authentication? > > > > ________________________________________________________________________ > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > > > ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From pjdc at eircom.net Wed May 10 00:00:47 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? In-Reply-To: "Anders C. Thorsen"'s message of "Wed, 10 May 2000 09:45:49 +1000" References: <200005092341.SAA19438@pug.aae.wisc.edu> Message-ID: >>>>> "Anders" == Anders C Thorsen writes: Anders> Well... my guess would be to look at the subnet (ip AND Anders> netmask) But that *is* a broadcast, they exact type that is done in the absence of WINS. I seem to recall hearing that the client gets a list of all the DCs in the WINS and sends a request to each of them and then picks the one that responds first; a focused broadcast, if you will. NetBIOS names with type 0x1c are domain controllers, I believe. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From David.Bear at asu.edu Wed May 10 00:03:17 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:49 2003 Subject: configure error Message-ID: I'm trying to configure a very simple 2.0.7 and configure is exiting with an error that doesn't tell me anything.. configure ends with "checking configure summary" "configure: summary failure, Aborting config" Do I have to be root to config? David Bear College of Public Programs/ASU From pjdc at eircom.net Wed May 10 00:17:17 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:49 2003 Subject: configure error In-Reply-To: iddwb's message of "Wed, 10 May 2000 10:06:28 +1000" References: Message-ID: >>>>> "iddwb" == iddwb writes: iddwb> Do I have to be root to config? Nope, that isn't necessary. Check config.log to see if there are any clues there. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From David.Bear at asu.edu Wed May 10 01:16:14 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:49 2003 Subject: configure error In-Reply-To: Message-ID: On Wed, 10 May 2000, Paul J Collins wrote: > >>>>> "iddwb" == iddwb writes: > > iddwb> Do I have to be root to config? > > Nope, that isn't necessary. Check config.log to see if there are any > clues there. > Thanks for the pointers. I checked the config.log and found various errors dealing with sys/id.h sys/mode.h sys/fileio.h sys/filesys.h tests/summary.c .. I removed the parm "--with-pam" and it configures, there are errors, but they don't seem to be critical. Do I need pam if I have 'security=server'? I authenticate to a warp domain controller... David Bear College of Public Programs/ASU From p.grimmerink at home.nl Tue May 9 23:16:14 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:49 2003 Subject: NT domainmember in mulltiple domains References: <51FBD4A8EFD9D111BA7300A0C927DADB03F4707A@xcgmd008.md.essd.northgrum.com> Message-ID: <39189C3E.18BF7ED0@home.nl> Paul J Collins wrote: > > >>>>> "Cole," == Cole, Timothy D writes: > > Cole,> Alternatively, you may be able to take advantage of trust > Cole,> relationships between the domains. > > I'm guessing that the domains in question here are unrelated. Yes, they are indeed. Pieter From alex at gs.nsc.ru Wed May 10 05:43:59 2000 From: alex at gs.nsc.ru (Alex A. Emanov) Date: Tue Dec 2 02:29:49 2003 Subject: UID, GID? In-Reply-To: References: Message-ID: <17530.000510@gs.nsc.ru> Hello , Tuesday, May 09, 2000, 12:45:55 AM, you wrote: >>>>>> "Alex" == Alex A Emanov writes: PJC> Alex> Here is my username.map: PJC> Alex> root = admin administrator PJC> If I'm not mistaken, the maps in Samba TNG only allow a one-to-one PJC> mapping, so your username.map should read: PJC> root = Administrator But it didn't correct the problem. PJC> Paul. Best regards, Alex mailto:alex@gs.nsc.ru From lkcl at samba.org Wed May 10 06:39:17 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? In-Reply-To: Message-ID: udp 138 mailslot GETDC request. On Wed, 10 May 2000, Paul J Collins wrote: > >>>>> "Anders" == Anders C Thorsen writes: > > Anders> Well... my guess would be to look at the subnet (ip AND > Anders> netmask) > > But that *is* a broadcast, they exact type that is done in the absence > of WINS. > > I seem to recall hearing that the client gets a list of all the DCs in > the WINS and sends a request to each of them and then picks the one > that responds first; a focused broadcast, if you will. NetBIOS names > with type 0x1c are domain controllers, I believe. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From dominik.kubla at uni-mainz.de Wed May 10 08:07:11 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:49 2003 Subject: Problems compiling Samba-TNG against Linux/GLIBC 2.1.3 Message-ID: <20000510100710.A12214@uni-mainz.de> Multiple problems occured while i tried to compile Samba-TNG (CVS checkout from yesterday morning) on a Debian/GNU Linux 2.2 system which uses GLIBC 2.1.3. 1. UTMP support only compiles with the attached patch applied. 2. PROFILE support only compiles if is included in profile/profile.c Yours, Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 -------------- next part -------------- --- smbd/connection.c.orig Tue May 9 15:26:31 2000 +++ smbd/connection.c Wed May 10 09:23:34 2000 @@ -340,7 +340,7 @@ } } -static void utmp_claim(const struct connect_record *crec, const connection_struct *conn) +static void utmp_claim(const struct connections_data *crec, const connection_struct *conn) { struct utmp u; @@ -354,8 +354,8 @@ return; } - DEBUG(2,("utmp_claim: conn: user:%s cnum:%d i:%d\n", - conn->user, conn->cnum, i)); + DEBUG(2,("utmp_claim: conn: user:%s cnum:%d\n", + conn->user, conn->cnum)); DEBUG(2,("utmp_claim: crec: pid:%d, cnum:%d name:%s addr:%s mach:%s DNS:%s\n", crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_name())); From p.mayers at ic.ac.uk Wed May 10 09:48:42 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:49 2003 Subject: Problems with Samba from a moron References: <000801bfb9e9$38e1bda0$f40aa8c0@booksys.com> Message-ID: <3919307A.B45C2EDD@ic.ac.uk> What version? What platform? Without more information, we can't help you. Cheers, Phil Nicholas Wong wrote: > > Hi, I just started my life as home/office netadmin. Elected from my > grassroots Game Development team, and I am having the folowing problems with > Samba, if anyone could help with any of these, I would be really greatfull. > > First, I can't seem to make the domain secure. We have a machine that can > join the workgroup without logging in, and browse everything on the > computers in the domain, but not the server becuase there is no Guest access > on it. > > Second, The server seems to quit working after being left alone for several > hours. > > Third, Win2000 no likey. Dosn't find the domain, dosn't log in, IOW: no > like-y. Tried the NT workstation rules, didn't work. > > If someone could send me a good smb.conf file that would really help me out. > Thanks! > > Viper-X From tom at ee.ucl.ac.uk Wed May 10 10:39:08 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:49 2003 Subject: samba-TNG cvs update 10/5/00 11:00 BST Message-ID: <200005101039.LAA09466@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 10/5/00 11:00 BST Solaris 2.7 Sparc 64 gcc 2.8.1 Configured with: ./configure --prefix=/opt/samba-TNG compiles fine, except for various warnings: Linking bin/netlogond ld: warning: file bin/.libs/libubiqx.so: attempted multiple inclusion of file Compiling web/cgi.c web/cgi.c: In function `cgi_handle_authorization': web/cgi.c:365: warning: assignment discards `const' from pointer target type Compiling rpcclient/svcctrl_cmds.c rpcclient/svcctrl_cmds.c:85: warning: initialization from incompatible pointer type rpcclient/svcctrl_cmds.c:92: warning: initialization from incompatible pointer type rpcclient/svcctrl_cmds.c:99: warning: initialization from incompatible pointer type rpcclient/svcctrl_cmds.c:106: warning: initialization from incompatible pointer type rpcclient/svcctrl_cmds.c:113: warning: initialization from incompatible pointer type rpcclient/svcctrl_cmds.c:120: warning: initialization from incompatible pointer type etc etc. Domain login works from Win2000, but no shares can be accessed. A complete log file for a boot and login is attached as a gzip. If any other information is required I would be glad to supply it if I can. Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: log.gz Type: application/octet-stream Size: 13967 bytes Desc: log.gz Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000510/ee9cc6d9/log.obj From peter at cadcamlab.org Wed May 10 10:52:47 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:49 2003 Subject: Problems compiling Samba-TNG against Linux/GLIBC 2.1.3 References: <20000510100710.A12214@uni-mainz.de> Message-ID: <14617.15804.127189.650409@wire.cadcamlab.org> [Dominik Kubla ] > 1. UTMP support only compiles with the attached patch applied. I sent that same patch to Luke quite some time ago. He promptly applied it to TNG and had me send it on to samba-patches for HEAD. Tridge *claimed* to have applied it to HEAD, but a week or so later, TNG regressed and Luke blamed it on a HEAD->TNG merge. I resent the patch to Luke who promptly forwarded it on to Tridge and Jeremy. So I'm not sure what's going on there. Peter From dominik.kubla at uni-mainz.de Wed May 10 12:21:01 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:49 2003 Subject: NT PDC and Samba-TNG BDC? Anyone? Message-ID: <20000510142101.A17815@uni-mainz.de> Ok. Here's the story: i want to setup a Samba-TNG BDC to prove it can be done, so that i can later on just switch roles with our NT4 PDC (should make password synchronization between Mail/Unix/NT a lot easier if you get the drift...) In any case, i checked out the latest code from CVS and installed on my (Linux) Admin system. Then i read the TNG FAQ at www.kneschke.de and configured a smb.conf according to the provided example. Now here is where i fail: =============================================================================== # rpcclient -S NT4PDC -U administrator -W MYGROUP -n ADMIN added interface ip=10.0.0.2 bcast=10.0.0.127 nmask=255.255.255.128 Enter Password: Server: \\NT4PDC: User: administrator Domain: MYGROUP Connection: error connecting to 10.0.0.34:445 (Connection refused) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ What is this? session setup ok Domain=[MYGROUP] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] OK [MYGROUP\administrator@NT4PDC]$ lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: MYGROUP SID: S-x-x-xx-xxxxxxxxx-xxxxxxxxx-xxxxxxxxx Domain Controller - Domain: MYGROUP SID: S-x-x-xx-xxxxxxxxx-xxxxxxxxx-xxxxxxxxx [MYGROUP\administrator@NT4PDC]$ createuser ADMIN$ -s -j MYGROUP createuser ADMIN$ -s -j MYGROUP SAM Create Domain User error connecting to 10.0.0.2:445 (Connection refused) Domain: MYGROUP Name: admin$ ACB: [S ] ^^^^^ Why is this in lower caps? error connecting to 10.0.0.2:445 (Connection refused) Create Domain User: OK Join ADMIN to Domain MYGROUP LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED Set $MACHINE.ACC: FAILED ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Why does this fail? [MYGROUP\administrator@NT4PDC]$ =============================================================================== Any hints on how to proceed? Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From p.grimmerink at home.nl Wed May 10 12:34:13 2000 From: p.grimmerink at home.nl (someone) Date: Tue Dec 2 02:29:49 2003 Subject: NT PDC and Samba-TNG BDC? Anyone? References: <20000510142101.A17815@uni-mainz.de> Message-ID: <39195745.74083CC1@home.nl> Dominik Kubla wrote: > # rpcclient -S NT4PDC -U administrator -W MYGROUP -n ADMIN > added interface ip=10.0.0.2 bcast=10.0.0.127 nmask=255.255.255.128 > Enter Password: > Server: \\NT4PDC: User: administrator Domain: MYGROUP > Connection: error connecting to 10.0.0.34:445 (Connection refused) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > What is this? > > session setup ok > Domain=[MYGROUP] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] > OK > [MYGROUP\administrator@NT4PDC]$ lsaquery > lsaquery > LSA Query Info Policy > Domain Member - Domain: MYGROUP SID: S-x-x-xx-xxxxxxxxx-xxxxxxxxx-xxxxxxxxx > Domain Controller - Domain: MYGROUP SID: S-x-x-xx-xxxxxxxxx-xxxxxxxxx-xxxxxxxxx At this stage you should do a : use -Sadmin -Ulocalrootaccount -Wadmin The localrootaccount should be in the smbpasswd file, with a correct password Note the -Wadmin, indicating that you really want to log in as a local user. Now you have a connection to the samba machine, you can proceed. > [MYGROUP\administrator@NT4PDC]$ createuser ADMIN$ -s -j MYGROUP > createuser ADMIN$ -s -j MYGROUP > SAM Create Domain User > error connecting to 10.0.0.2:445 (Connection refused) > Domain: MYGROUP Name: admin$ ACB: [S ] > ^^^^^ > Why is this in lower caps? Case insensitive. No problem Regards, Pieter From hwimmer at bakerref.com Wed May 10 12:55:36 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:49 2003 Subject: bug report Message-ID: <002101bfba7f$0f61bde0$9f01a8c0@523.bakerref.com> G E N E R A L * * * * * * * * ------------- OS :redhat 6.1 ------------- Compiler :gcc ver 2.91.66 ------------- CVS-Branch : samba 2.5.3 ------------ Version/Date: samba 2.5.3 ------------- Error Type :rpc ------------- Short Desc. :user mgr for domains doesnt work, gives rpc error ------------- Trigger : ------------- S P E C I A L * * * * * * * * ------------- GDB : ------------- ------------- Log-Files : ------------- ------------- smb.conf :attached ------------- --------------- tcpdump/netmon: --------------- i dont know where to send this or if this is even a bug. i may have something wrong. -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 11144 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000510/38c3c6cc/smb.obj From dominik.kubla at uni-mainz.de Wed May 10 13:55:38 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:49 2003 Subject: NT PDC and Samba-TNG BDC? Anyone? In-Reply-To: <20000510142101.A17815@uni-mainz.de>; from dominik.kubla@uni-mainz.de on Wed, May 10, 2000 at 10:23:03PM +1000 References: <20000510142101.A17815@uni-mainz.de> Message-ID: <20000510155538.C17815@uni-mainz.de> I just found something interesting in the lsarpcd logfile: [2000/05/10 15:49:42, 1] msrpc/msrpcd.c:main(444) lsarpcd version TNG-alpha started. Copyright Andrew Tridgell 1992-1999 create_pipe_socket: /var/lock/samba-tng/.msrpc 448 /var/lock/samba-tng/.msrpc/lsarpc 448 *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /var/lock/samba-tng/.msrpc/lsarpc failed _lsa_open_secret: couldn't open secret_db. Possible attack? uid=0, gid=0, euid=65534, egid=65534 I doestn't surprise me the least that this fails, because the permisions on the secret_db are: -rw------- 1 root root 8192 May 10 15:49 NETZGRUPPE.ADMIN.tdb So there is no way nobody.nogroup can open this file O_RDWR. Is this a bug or a misconfiguration on my behalf? Dominik -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From Daniel.Moeller at de.bosch.com Wed May 10 11:33:57 2000 From: Daniel.Moeller at de.bosch.com (Moeller Daniel (QI/AST10) *) Date: Tue Dec 2 02:29:49 2003 Subject: AW: where to get samba tng (w/o cvs) Message-ID: <782FA6543FA5D111933D0000F86AEFA803A8303C@simail5.si.bosch.de> You have to switch off automatic CR/LF translation in WinZip .... -----Urspr?ngliche Nachricht----- Von: Hayden Wimmer [mailto:hwimmer@bakerref.com] Gesendet: Dienstag, 9. Mai 2000 19:30 An: Multiple recipients of list SAMBA-NTDOM Betreff: where to get samba tng (w/o cvs) where do i get tng??? i went to samba.org and get the "latest" and it didnt cure the nt admin probs i have been having...and when i cvs it says error-can't fine home dir... also, if anyone is as stupid as me DONT use win zip to unzip the tar and gzip files. i did that and then ftp'ed them to the server and it wouldnt complie but when i used gzip -c and then tar -x -f it compiled fine... just a warning. From nwong at booksys.com Wed May 10 15:41:18 2000 From: nwong at booksys.com (Nicholas Wong) Date: Tue Dec 2 02:29:49 2003 Subject: Problems with Samba from a moron In-Reply-To: <3919307A.B45C2EDD@ic.ac.uk> Message-ID: <000901bfba96$2fbf7340$f40aa8c0@booksys.com> Jeez I'm sorry. I didn't think about that at the time... I am running LinuxPPC on a G3 266 mac on a 10 baseT lan with mostly 100 baseT win98 machines (that work fine) and one Win2000 Machine (that dosn't work at all). as far as the exact number for the samba distro, it is the one that came with LinuxPPC. I believe (not sure here) that it is 2.0.0.6 The package is samba-2.0.0.6-12.ppc.rpm. When I installed it it came with no default smb.conf file, and I used the web administration tool to create one. After about 2 hours of working on it, I finally got logons to work. Now, I need to get better network security, (perhaps a newer version of samba is in order?), I need to get this Win2000 computer logged in, and try to get PoPToP working with it to allow VPN domain logons. (but that is much later) I need the server to be my router for my ADSL connection for sure, Samba is for mostly filesharing and VPN, and perhaps a webserver. That's probably more information than you need, but here are the problems I can identify with it. 1. It says that netlogon has failed in the logs when I logon. 2. It says (all the time) that Gethostbyaddr in some c library has failed. 3. Sometimes Samba just shuts down (perhaps this is just shotty power in the apartment) If you could help with any of this I would be greatful. Nick > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Phil Mayers > Sent: Wednesday, May 10, 2000 4:48 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Problems with Samba from a moron > > > What version? What platform? Without more information, we can't help > you. > > > Cheers, > Phil > > Nicholas Wong wrote: > > > > Hi, I just started my life as home/office netadmin. Elected from my > > grassroots Game Development team, and I am having the > folowing problems with > > Samba, if anyone could help with any of these, I would be > really greatfull. > > > > First, I can't seem to make the domain secure. We have a > machine that can > > join the workgroup without logging in, and browse everything on the > > computers in the domain, but not the server becuase there > is no Guest access > > on it. > > > > Second, The server seems to quit working after being left > alone for several > > hours. > > > > Third, Win2000 no likey. Dosn't find the domain, dosn't log > in, IOW: no > > like-y. Tried the NT workstation rules, didn't work. > > > > If someone could send me a good smb.conf file that would > really help me out. > > Thanks! > > > > Viper-X > From pjdc at eircom.net Wed May 10 17:33:05 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:49 2003 Subject: configure error In-Reply-To: iddwb's message of "Wed, 10 May 2000 11:18:45 +1000" References: Message-ID: >>>>> "iddwb" == iddwb writes: iddwb> Do I need pam if I have 'security=server'? I authenticate iddwb> to a warp domain controller... Nope. In fact, you don't need it at all, unless you want logons on the Unix box to be authenticated against Samba or NT. There is a pam module (pam_ntdom ?) with Samba that you simply slot into your pam config (/etc/pam.d, I think). Full instructions on configuring it are in ``source/pam_ntdom/README''. There is also some code in the nsswitch directory that allows a Unix box to lookup users, groups etc in the NT Domain. Say a big thanks to Sun for designing PAM and nsswitch so that the Linux and GNU people could copy them. :-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Wed May 10 18:06:30 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:49 2003 Subject: NT PDC and Samba-TNG BDC? Anyone? In-Reply-To: <20000510155538.C17815@uni-mainz.de> Message-ID: > I doestn't surprise me the least that this fails, because the permisions > on the secret_db are: > > -rw------- 1 root root 8192 May 10 15:49 NETZGRUPPE.ADMIN.tdb > > So there is no way nobody.nogroup can open this file O_RDWR. Is this a bug > or a misconfiguration on my behalf? > it's possibly a bug, it's definitely not mis-config. From btenison at rstc.cc.al.us Wed May 10 18:06:36 2000 From: btenison at rstc.cc.al.us (Bruce Tenison) Date: Tue Dec 2 02:29:49 2003 Subject: Using rpcclient on a Win2k Server Message-ID: <000a01bfbaaa$7b8e6740$0105a8c0@irstc.cc.al.us> Hi everyone! Just been experimenting with Win2k here, and have noticed that password setting on a win2k server failes with SAMBA_TNG's rpcclient, where it works fine with an NT4.0 server. Any ideas on what could be up? I have a debuglevel 100 log of both transactions if anyone is interested. Thanks! Bruce From gene_yee at hotmail.com Wed May 10 18:29:48 2000 From: gene_yee at hotmail.com (Gene Yee) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? Message-ID: <20000510182948.2689.qmail@hotmail.com> Luke, with such a quick responce I wasn't quite sure if you were just making a statement or confirming what Paul said. So does a workstation make a request from all the DCs located from WINS and authenticates with the quickest server? Seems a bit chatty if you ask me... >From: Luke Kenneth Casson Leighton >Reply-To: lkcl@samba.org >To: Multiple recipients of list SAMBA-NTDOM >Subject: Re: How does NT choose a DC? >Date: Wed, 10 May 2000 16:40:52 +1000 > >udp 138 mailslot GETDC request. > >On Wed, 10 May 2000, Paul J Collins wrote: > > > >>>>> "Anders" == Anders C Thorsen writes: > > > > Anders> Well... my guess would be to look at the subnet (ip AND > > Anders> netmask) > > > > But that *is* a broadcast, they exact type that is done in the absence > > of WINS. > > > > I seem to recall hearing that the client gets a list of all the DCs in > > the WINS and sends a request to each of them and then picks the one > > that responds first; a focused broadcast, if you will. NetBIOS names > > with type 0x1c are domain controllers, I believe. > > > > Paul. > > > > -- > > Paul Collins - - - - - [ A&P,a&f ] > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > "Linux: it's just this operating system, you know?" > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > >ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From lkcl at samba.org Wed May 10 18:52:48 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? In-Reply-To: <20000510182948.2689.qmail@hotmail.com> Message-ID: On Thu, 11 May 2000, Gene Yee wrote: > > Luke, with such a quick responce I wasn't quite sure if you were just making > a statement or confirming what Paul said. rsi. > So does a workstation make a request from all the DCs located from WINS and > authenticates with the quickest server? Seems a bit chatty if you ask me... multi-stage, and yes, it's chatty, and insecure [all based on UDP]. nbt 137 lookup domain<1c> bcast & wins. fail? nbt 137 lookup domain<1b> wins & bcast. fail? nbt 137 lookup domain<00> bcast. fail? failed? any success: from nbt 137 contains ip of pdc or bdc. nbt 138 GETDC to ip-of-domain from above. fail? failed. success: response contains name-of-server. nbt 137 lookup server<00> wins & bcast. fail? failed. success: *now* you can do an SMB session request. this is not all, there are bits left out. now, is anyone curious as to _why_ it sometimes takes 30 seconds to time-out if your DC can't be found? > >From: Luke Kenneth Casson Leighton > >Reply-To: lkcl@samba.org > >To: Multiple recipients of list SAMBA-NTDOM > >Subject: Re: How does NT choose a DC? > >Date: Wed, 10 May 2000 16:40:52 +1000 > > > >udp 138 mailslot GETDC request. > > > >On Wed, 10 May 2000, Paul J Collins wrote: > > > > > >>>>> "Anders" == Anders C Thorsen writes: > > > > > > Anders> Well... my guess would be to look at the subnet (ip AND > > > Anders> netmask) > > > > > > But that *is* a broadcast, they exact type that is done in the absence > > > of WINS. > > > > > > I seem to recall hearing that the client gets a list of all the DCs in > > > the WINS and sends a request to each of them and then picks the one > > > that responds first; a focused broadcast, if you will. NetBIOS names > > > with type 0x1c are domain controllers, I believe. > > > > > > Paul. > > > > > > -- > > > Paul Collins - - - - - [ A&P,a&f ] > > > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > > > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > > > "Linux: it's just this operating system, you know?" > > > > > > > Luke Kenneth Casson Leighton > > Samba and Network Development > > Samba Web site > > Macmillan Technical Publishing > > > >ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals > > > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From osabmt00 at fht-esslingen.de Wed May 10 20:16:09 2000 From: osabmt00 at fht-esslingen.de (Osama Abu-Aish) Date: Tue Dec 2 02:29:49 2003 Subject: still can't join domain In-Reply-To: References: <20000510155538.C17815@uni-mainz.de> Message-ID: <200005101913.VAA30298@rslx01.fht-esslingen.de> Hallo everyone, when trying to join a NT4SP5 controlled Domain with samba-TNG from yesterday evening it looks lie this: ./rpcclient -S ASTERIX -U root -W HOMENET.OAA -n GARNIX added interface ip=192.168.1.6 bcast=192.168.1.255 nmask=255.255.255.0 Enter Password: Server: \\ASTERIX: User: root Domain: HOMENET.OAA Connection: error connecting to 192.168.1.1:445 (Connection refused) session setup ok Domain=[HOMENET.OAA] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] OK [HOMENET.OAA\root@ASTERIX]$ lsaquery lsaquery LSA Query Info Policy Domain Member - Domain: HOMENET.OAA SID: S-and_so_on Domain Controller - Domain: HOMENET.OAA SID: S-and_so_on [HOMENET.OAA\root@ASTERIX]$ use \\GARNIX -U ROOT -W GARNIX use \\GARNIX -U ROOT -W GARNIX Enter Password: Server: \\GARNIX: User: ROOT Domain: GARNIX Connection: error connecting to 192.168.1.6:445 (Connection refused) session setup ok Domain=[HOMENET.OAA] OS=[Unix] Server=[Samba TNG-alpha] OK [GARNIX\ROOT@ASTERIX]$ createuser GARNIX$ -s -j HOMENET.OAA createuser GARNIX$ -s -j HOMENET.OAA SAM Create Domain User error connecting to 192.168.1.1:445 (Connection refused) Domain: HOMENET.OAA Name: garnix$ ACB: [S ] Create Domain User: OK Join GARNIX to Domain HOMENET.OAA LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED Set $MACHINE.ACC: OK Connecting to the TNG-WKSTA fails with the following in the log: cli_nt_setup_creds: auth2 challenge failed. status: c000018b domain_client_validate: credentials failed (\\ASTERIX) SMB LM/NT Password did not match! what does this error-code mean? Attached is the smb.conf. If logfile is needed, I can send it. THX, Osama --- Fachhochschule f?r Technik Esslingen Au?enstelle Goeppingen -------------- next part -------------- # /etc/smb.conf.TNG # Configuration File for Samba-Server on garnix.homenet.oaa # 08/12/99 Osama Abu-Aish # # globale Einstellungen # [global] # workgroup=HOMENET.OAA.TNG workgroup=HOMENET.OAA netbios name=GARNIX announce as = NT announce version = 4.2 share modes = yes server string = Samba Server on \\%h (v%v) interfaces = 192.168.1.6/255.255.255.0 bind interfaces only = yes time server = no nt pipe support = yes nt smb support = yes client ntlmv2 = yes server ntlmv2 = yes unix realname = yes force create mode = 644 force directory mode = 755 # # Domain-Einstellungen # domain logons = yes domain master = no # # Security Options # security = domain password server = asterix # smb passwd file = /etc/samba-TNG/smbpasswd # sam directory = /etc/samba-TNG encrypt passwords = yes domain group map =/usr/local/samba-TNG/etc/domaingroup.map domain user map =/usr/local/samba-TNG/etc/domainuser.map local group map =/usr/local/samba-TNG/etc/localgroup.map hosts allow = 192.168.1. 192.168.2. 127.0.0.1 guest account = nobody follow symlinks = yes null passwords = no hide dotfiles = yes # # DOS <-> UNIX Conversions # dos filetimes = yes character set = iso8859-1 client codepage = 850 hide dotfiles = no preserve case = yes mangle case = no case sensitive = no default case = lower # # Einstellungen f?r den WINS-Server # wins proxy = no wins support = no local master = no preferred master = no domain master = no browse list = yes os level = 31 remote announce = 192.168.1.1 192.168.1.5 wins server = 192.168.1.5 name resolve order = wins lmhosts hosts bcast # # logging und auditing # debug level = 1 log level = 1 max log size = 10000 log file = /usr/local/samba-TNG/var/log.TNG.%m status = yes # # Tuning Options # read raw = yes writeraw = yes read prediction = yes getwd cache = yes wide links = no socket options = TCP_NODELAY # # File locking # blocking locks = no # # File-shares # [homes] path = /autohome/%S writable = yes comment = Home-Directory guest ok = no [root] path = /root writable = yes browseable = no comment = Home-Dir root guest ok = no user = root [root_fs] path = / writable = yes browseable = no comment = Root-Filesystem user = root guest ok = no [MSOffice] path = /share/msoffice writable = no write list = root browseable = yes guest ok = no comment = M$ Office 7.0 [Tools] path = /share/tools writable = no write list = root browseable = yes guest ok = no comment = Tools und Programme [Admin] path = /share/admin writable = yes browseable = yes guest ok = no comment = Administrations-Tools user = root [cdrom1] path = /cdrom1 fstype = CDFS writable = no browseable = yes guest ok = no comment = 6speed-CDROM [cdrom2] path = /cdrom2 fstype = CDFS writable = no browseable = yes guest ok = no comment = Doublespeed - da geht was !!! # # File-Share f?r Druckertreiber # [PRINT$] path=/etc/samba/printers public=no writable=no browseable=no [W32X86] path=/etc/samba/printers/W32X86 public=no writable=no browseable=no # # Printer-shares # # Port 1 [AGFA1] path = /tmp/spool.samba browseable = yes comment = NUR FUER TEST - NICHT BENUTZEN! printable = yes printer = raw public = yes guest ok = yes printing = BSD lpq command = /usr/bin/lpq -Praw [LaserJet] path = /tmp/spool.samba browseable = yes comment = HP LaserJet 6P printable = yes printer = raw public = yes guest ok = yes printing = BSD lpq command = /usr/bin/lpq -Praw print command = /usr/bin/lpr -Praw -m -r %s # [FAX-Printer] # path = /tmp/spool.samba # browseable = yes # comment = FAX-Modem # printable = yes # printer = fax # public = no # guest ok = no [PDF-Writer] path = /tmp/spool.samba browseable = yes comment = PDF-Schreiber printable = yes print command = echo File: %s >> /tmp/print.log; ps2pdf %s `pdfname %s %H %U %m`; rm %s public = no guest ok = no From Skripi at hrzpub.tu-darmstadt.de Wed May 10 19:19:21 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:49 2003 Subject: Problems with Samba from a moron In-Reply-To: <000901bfba96$2fbf7340$f40aa8c0@booksys.com>; from nwong@booksys.com on Thu, May 11, 2000 at 01:43:46AM +1000 References: <3919307A.B45C2EDD@ic.ac.uk> <000901bfba96$2fbf7340$f40aa8c0@booksys.com> Message-ID: <20000510211921.A1394@shadowland.sc> Nicholas Wong: > Jeez I'm sorry. I didn't think about that at the time... > > I am running LinuxPPC on a G3 266 mac on a 10 baseT lan with mostly 100 > baseT win98 machines (that work fine) and one Win2000 Machine (that dosn't > work at all). Windows 2000 support is not officially included in the 2.0 branch at all. So for PDC support you will have to use the current cvs branch named SAMBA_TNG. See: SAMBA-TNG FAQ http://www.kneschke.de/projekte/samba_tng/index.php3 SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt it should answer some questions. > When I installed it it came with no default smb.conf file, and I used the > web administration tool to create one. After about 2 hours of working on it, > I finally got logons to work. Now, I need to get better network security, > (perhaps a newer version of samba is in order?), I need to get this Win2000 > computer logged in, and try to get PoPToP working with it to allow VPN > domain logons. (but that is much later) s. above > I need the server to be my router for my ADSL connection for sure, Samba is > for mostly filesharing and VPN, and perhaps a webserver. You can also configure a Linux-Box a NAT Router & Firewall, even this would be topic to a different Mailinglist. I have on my LinuxBox a webserver with a script which initiates an internet connection at will. > That's probably more information than you need, but here are the problems I > can identify with it. > > 1. It says that netlogon has failed in the logs when I logon. > 2. It says (all the time) that Gethostbyaddr in some c library has failed. > 3. Sometimes Samba just shuts down (perhaps this is just shotty power in the > apartment) Again see above. P.S.: do only quote text you answer, but do not attach the whole Mailmessage block from before, as it increases the traffic very much, and usually does not contain additional information... Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From david.daugherty at netmanage.com Wed May 10 19:28:14 2000 From: david.daugherty at netmanage.com (david.daugherty@netmanage.com) Date: Tue Dec 2 02:29:49 2003 Subject: do I need trust? Message-ID: <65D9F02E69E3D111AF510004AC62F0A3862878@exchbham01.walldata.com> Hello all, I'm trying to get samba to pull in the auth from an NT PDC using the web page http://us1.samba.org/samba/docs/ntdom_faq/page6.html. If I set security=server I can get it to work i.e. smbpasswd -j domainname works. However, using security=domain is supposed to create less traffic by not keeping the sockets open. If I change security=domain then running smbpasswd -j domainname pitches a fit: cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials to machine MYPDC. Error was : NT_STATUS_ACCESS_DENIED. It looks like a need to create a trust between the PDC and my samba client. Is there any other way around this? David Daugherty Software Eng., Intern Rumba Server Mgmt. Team david.daugherty@netmanage.com 360.650.5426 From stat at atria.com Wed May 10 19:32:47 2000 From: stat at atria.com (Seiichi Tatsukawa) Date: Tue Dec 2 02:29:49 2003 Subject: How does NT choose a DC? References: Message-ID: <01d501bfbab6$86115400$c968f3ce@atria.com> | this is not all, there are bits left out. And don't forget that the Service Pack changes the selection behavior, e.g., SP4 prefers DCs responding to the broadcast, which kinda makes sense because they are likely near you... Then, there is "setprfdc" command (Q167029, Q181171). --- Seiichi From psmorris at rmanet.com Wed May 10 20:11:10 2000 From: psmorris at rmanet.com (Peter S. Morris) Date: Tue Dec 2 02:29:50 2003 Subject: Samba Solaris Oracle and Semaphores problem Message-ID: <001001bfbabb$e29cc9c0$abfe64d8@rmanet.com> Hi - I am running: Sun Solaris 2.7 Samba 2.0.7 Oracle 8.0.5 Boot the server: Oracle successfully starts up 1st. Samba successfully starts up 2nd. Afterboot: I can shut down Oracle successfully. However, when restarting Oracle I get a "no available semaphores" Failure. Then... If I shutdown Samba ipcs shows that it did not release it's resources. I have to ipcrm Samba's resources before I can restart Oracle successfully. Samba seems to be eating up all of the semaphores and not letting go. How do I configure the system to allow for Samba and Oracle to co-exist? And allow for Oracle to be restarted? I saw some posts about changing /etc/system but when I changed it to the recommended values, my lic_mgr (Sun Workshop and C/C++) went wacko. So I had to roll it back to the old system. Does anyone have recommendations on what to place in the /etc/system that would help? Thanks, Peter psmorris@rmanet.com From gcarter at valinux.com Wed May 10 20:28:35 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:50 2003 Subject: do I need trust? References: <65D9F02E69E3D111AF510004AC62F0A3862878@exchbham01.walldata.com> Message-ID: <3919C673.D64763EB@valinux.com> david.daugherty@netmanage.com wrote: > > I'm trying to get samba to pull in the auth from an NT > PDC using the web page > http://us1.samba.org/samba/docs/ntdom_faq/page6.html. If I > set security=server I can get it to work i.e. smbpasswd -j > domainname works. > > However, using security=domain is supposed to create less > traffic by not keeping the sockets open. If I change > security=domain then running smbpasswd -j domainname > pitches a fit: > cli_net_auth2: Error NT_STATUS_ACCESS_DENIED > cli_nt_setup_creds: auth2 challenge failed David, When joining a Windows NT domain. All member machines have a machine trust account. This is not the same thing as an inter domain trust though. After you executed smbpasswd -j -r , the Samba server changed the account password. When you executed the previous command again, it would not work because the account password was not set to the default value. You will need to remove and readd the machine from the domain in the Server Manager (NT tool) and then reexecute the smbpasswd again. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pjdc at eircom.net Wed May 10 20:48:21 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:50 2003 Subject: Problems with Samba from a moron In-Reply-To: Jens Skripczynski's message of "Thu, 11 May 2000 05:26:48 +1000" References: <3919307A.B45C2EDD@ic.ac.uk> <000901bfba96$2fbf7340$f40aa8c0@booksys.com> <20000510211921.A1394@shadowland.sc> Message-ID: >>>>> "Jens" == Jens Skripczynski writes: Jens> Windows 2000 support is not officially included in the 2.0 Jens> branch at all. So for PDC support you will have to use the Jens> current cvs branch named SAMBA_TNG. See: Windows 2000 is fully supported in 2.0.7 when the Samba server is configured as a member server (not PDC). TNG is of course required for PDC support. Jens> You can also configure a Linux-Box a NAT Router & Firewall, The IP-Masquerade and Ipchains HOWTOs, available at http://www.linuxdoc.org/ , will cover much of this. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Wed May 10 20:59:34 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:50 2003 Subject: How does NT choose a DC? In-Reply-To: Luke Kenneth Casson Leighton's message of "Thu, 11 May 2000 04:54:47 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> now, is anyone curious as to _why_ it sometimes takes 30 Luke> seconds to time-out if your DC can't be found? There is a good doc on the NT DC location process here and how to hack it here: http://support.microsoft.com/support/kb/articles/Q181/1/71.ASP?LN=EN-US&SD=gn&FR=0 There seems to be a form of DC location called H-node that will broadcast if WINS fails to give it some DCs. The 30 secs is probably the default timeout. I saw a situation like this today on a machine that had a bogus WINS address for our primary domain. Then there is M-node, which broadcasts first but does not wait for the full timeout. In all there are about 5 different location mechanisms mentioned in that article. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Wed May 10 20:59:38 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:50 2003 Subject: still can't join domain In-Reply-To: "Osama Abu-Aish"'s message of "Thu, 11 May 2000 05:15:53 +1000" References: <20000510155538.C17815@uni-mainz.de> <200005101913.VAA30298@rslx01.fht-esslingen.de> Message-ID: >>>>> "Osama" == Osama Abu-Aish writes: Osama> Hallo everyone, when trying to join a NT4SP5 controlled Osama> Domain with samba-TNG from yesterday evening it looks lie Osama> this: There are problems with logging on with the current CVS Samba. Watch this list for updates. Osama> /rpcclient -S ASTERIX -U root -W HOMENET.OAA -n GARNIX I believe NT has issues with domains that have periods in the names (tends to truncate the name from the first period onwards, I believe). This may or may not be a contribution to the problems you are having, but it is not recommended. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From sharpe at ns.aus.com Wed May 10 15:02:02 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:50 2003 Subject: How does NT choose a DC? In-Reply-To: References: Message-ID: <3.0.6.32.20000511000202.009b5e50@203.16.214.248> At 06:54 AM 5/11/00 +1000, Paul J Collins wrote: >>>>>> "Luke" == Luke Kenneth Casson Leighton writes: > > Luke> now, is anyone curious as to _why_ it sometimes takes 30 > Luke> seconds to time-out if your DC can't be found? > >There is a good doc on the NT DC location process here and how to hack >it here: > >http://support.microsoft.com/support/kb/articles/Q181/1/71.ASP?LN=EN-US&SD= gn&FR=0 > >There seems to be a form of DC location called H-node that will >broadcast if WINS fails to give it some DCs. The 30 secs is probably >the default timeout. I saw a situation like this today on a machine >that had a bogus WINS address for our primary domain. Hmmm, seems to be some confusion re NBNS, which can be B-node, P-node, H-node and M-node, and DC location, which, IMHO, uses NBNS. >Then there is M-node, which broadcasts first but does not wait for the >full timeout. In all there are about 5 different location mechanisms >mentioned in that article. > >Paul. > >-- >Paul Collins - - - - - [ A&P,a&f ] Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From jahall at nea.org Wed May 10 21:15:31 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:50 2003 Subject: Unable to connect to printer Message-ID: I am running SAMBA TNG 2.5 on a RedHat 6.1 box. Everything within SAMBA is working great except for printing. I have created an entry in the printcap file for the printer and I am able to print to the printer from the Linux box without any problems. When I try to connect to the printer using the Add Printer icon, I receive the following message "Could not connect to the printer. The printer name is invalid." However, I am able to add the printer using net use lpt1: \\servername\printername. Any suggestions would be greatly appreciated. Jay From jahall at nea.org Wed May 10 23:20:28 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:50 2003 Subject: Ivalid Printer Name Message-ID: I am unable to connect to a printer using the Add Printer Icon. The printer is displayed under my domain, but when I try to connect to the printer, I get a message that says, "Could not connect to printer. Printer Name is invalid." I am running RedHat 6.1 and Samba 2.5.2. I am able to print to the printer from Linux without any problems. Thanks in advance for your assistance. Jay From peter at cadcamlab.org Thu May 11 05:11:21 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:50 2003 Subject: Unable to connect to printer References: Message-ID: <14618.16535.193605.416712@wire.cadcamlab.org> [jahall@nea.org ] > I am running SAMBA TNG 2.5 on a RedHat 6.1 box. Everything within > SAMBA is working great except for printing. [...] > When I try to connect to the printer using the Add Printer icon, I > receive the following message "Could not connect to the printer. The > printer name is invalid." However, I am able to add the printer > using net use lpt1: \\servername\printername. Some mention of your client software might help. From the mention of "lpt1:", can we assume it is a Microsoft operating system? If so, which one? Yes, it does make a difference. Peter From p.grimmerink at home.nl Thu May 11 07:35:55 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:50 2003 Subject: still can't join domain In-Reply-To: <200005102201.AAA03439@rslx01.fht-esslingen.de> Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Osama Abu-Aish > Sent: vrijdag 12 mei 2000 3:09 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: still can't join domain > The TNG machine is not a logon server - the domain is controlled > by a WinNT4SP5 > PDC. I have several Samba 2.0.6 servers as domain members without > any problems. > Only TNG can't join the domain. > Could there be any problem because TNG is running on a virtual > iface (eth0:0) with > samba 2.0.6 machine (eth0:1). The have different netbios names > and IPs. And I use the > "bind interfaces only" parameter in smb.conf. Well, I've also still not succeeded in joining any version of samba-tng to an NT4 domain. TNG is working fine as a PDC (except login as administrator and root from an NT4 client still fails) and as a member of a samba-tng controlled domain, but I definitely can't get it to join an NT4 controlled domain. I gave this up. Pieter From lauffer at ph-freiburg.de Thu May 11 12:39:03 2000 From: lauffer at ph-freiburg.de (Stephan Lauffer) Date: Tue Dec 2 02:29:50 2003 Subject: bug in nmbd_nameregiste still there (all versions; tng & stable 2.0.x) Message-ID: Hi all! Some weeks ago i posted a bugreport here. I?m really no good c-pogrammer, so it would be nice, if someone other could fix this problem. It?s really simple to fix... just fix a simple "for loop" or something like this. ;) And the bug is really nasty - browsing fails, dmb sucks down... Problem: nmbd_nameregister is trying to register all ip-addresses listed in smb.conf by 'interfaces =' In some cases you?ve to add the localhost to this list, too (if you would change password...). Ok, can you see the problem? No? Then let?s go on! If samba is a dmb, pdc or something like this and has got to register his name to an wins-server, the register would be rejected, because die localhost could not be registered by an other host as the localhost himself... (the samba-server is NOT the localhost for a wins-server or any other client in the worl!) Look: --- [2000/02/22 17:19:10, 0] nmbd/nmbd_packets.c:send_netbios_packet(173) send_netbios_packet: send_packet() to IP 193.197.133.9 port 137 failed [2000/02/22 17:19:10, 0] nmbd/nmbd_nameregister.c:multihomed_register_name(312) multihomed_register_name: Failed to send packet trying to register name MAIL1<00> IP 127.0.0.1 [2000/02/22 17:19:10, 0] libsmb/nmblib.c:send_udp(755) Packet send failed to 193.197.133.9(137) ERRNO=Invalid argument [2000/02/22 17:19:10, 0] nmbd/nmbd_packets.c:send_netbios_packet(173) send_netbios_packet: send_packet() to IP 193.197.133.9 port 137 failed [2000/02/22 17:19:10, 0] nmbd/nmbd_nameregister.c:multihomed_register_name(312) multihomed_register_name: Failed to send packet trying to register name LINUX-AG<00> IP 127.0.0.1 --- (there are some more errors... anyway...) Ok, what will happen then? There?s no DMB, samba couldn?t sync the browsinglist with the LMBs... the complete browsing sucks down!!! The onyl workaround is do "disable" the passwort-change while delete the localhost from the interface-list. Ok, my english is bad, my c-knowledge, too. But the problem to fix must be easy: I?m thinking, it?s about line 265... let?s have a look... --- nmbd_nameregister.c - about line 265 ---- /* Now try and register the name, num_ips times. On the last time use the given success and fail functions. */ for( i = 0; i < num_ips; i++) { if(queue_register_multihomed_name( unicast_subnet, register_name_response, register_name_timeout_response, (i == num_ips - 1) ? success_fn : NULL, (i == num_ips - 1) ? fail_fn : NULL, (i == num_ips - 1) ? userdata : NULL, nmbname, nb_flags, ip_list[i]) == NULL) { DEBUG(0,("multihomed_register_name: Failed to send packet trying to \ register name %s IP %s\n", nmb_namestr(nmbname), inet_ntoa(ip_list[i]) )); free((char *)ip_list); return True; } ---------- could it be, that ip_list[i] contains the ips from 'interfaces = ...'? So if it?s so, something like this should work "if (ip_list[i] == "127.0.0.1") { next }". Please - I?m sure, it?s easy to fix this bug - it tooks less then 10 minutes for a good prgrammer to solve the problem, so it would nice to help me out. In special cases i can offer a root-login to a test-machine in our network. So it is no problem to check out the patch in a bigger enviroment. Liebe Gruesse, Stephan Lauffer [ Freiburg - Germany ] [ Tel.: 0761 - 682 459 Mobil: 0172 - 7145 197 ] From jahall at nea.org Thu May 11 12:45:00 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:50 2003 Subject: Unable to connect to printer Message-ID: I am using NT 4 SP5. I found an article late last night stating that printing in SP5 and above is not yet supported. What is the status of this? Thanks for your help. Jay - - - - - - - - - - - - - - Original Message - - - - - - - - - - - - - - [jahall@nea.org ] > I am running SAMBA TNG 2.5 on a RedHat 6.1 box. Everything within > SAMBA is working great except for printing. [...] > When I try to connect to the printer using the Add Printer icon, I > receive the following message "Could not connect to the printer. The > printer name is invalid." However, I am able to add the printer > using net use lpt1: \\servername\printername. Some mention of your client software might help. From the mention of "lpt1:", can we assume it is a Microsoft operating system? If so, which one? Yes, it does make a difference. Peter - - - - - - - - - - - - End of Original Message - - - - - - - - - - - - From gcarter at valinux.com Thu May 11 14:46:38 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:50 2003 Subject: Working on LDAP support in HEAD Message-ID: <391AC7CE.EC13538F@valinux.com> [note that the original message has been cross posted to samba-ntdom@samba.org as well. However, let's keep all discussion on samba-technical as that should make it easier to follow in the archives. Thanks --jerry] Folks, I need some input on a judgement call for fixing the LDAP support in the HEAD branch. The issue the allocation of user RID's in the LDAP entries. Under the scheme devised for SAMBA_TNG (i'm talking about the older LDAP schema), RID's are generated automatically and in a monotonically increasing order (like NT). However, this will make it very difficult to migrate from smbpasswd to LDAP in a Samba controlled NT domain. Why you ask? :-) Changing the user RID will break existing profiles. So how do we get around this? By setting the RID to be the same. I have some perl scripts that will transder an smbpasswd into an LDAP tree while keeping this existing user RID (as defined by the algorithms currently coded in smbd). However, this migration strategy breaks the incremental RID allocation scheme use by the LDAP passwd backend. Finally, my point. I would like to allocate the RID's based upon the samba uid <-> RID mapping function implemented in the main branch. What say people to this? Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From janet at bioss.sari.ac.uk Thu May 11 14:54:21 2000 From: janet at bioss.sari.ac.uk (Janet Dickson) Date: Tue Dec 2 02:29:50 2003 Subject: password problems Message-ID: <391AC99D.84E5EF39@bioss.sari.ac.uk> Hi I've set up samba-tng release 2.5.3 dated 3rd May on the ftp site under Solaris 7. I have 2 WinNT machines. One can join my sambatng domain, the other cannot find the domain controller for the domain. Both machines are in /private/smbpasswd. The machine that cannot join can see the domain in nethood but it is empty. It can see stuff in other domains (and join them). Nothing's appearing in the logs to give me any clue. Anyone any ideas why one machine can join and the other cannot ? Janet ************************************************************************* Janet Dickson | http://www.bioss.sari.ac.uk/~janet Biomathematics & Statistics Scotland | email: janet@bioss.sari.ac.uk The King's Buildings, Mayfield Rd | Telephone: +44 (0) 131 650 4888 Edinburgh EH9 3JZ, Scotland, UK. | Fax: +44 (0) 131 650 4901 ************************************************************************* From jmanuel.lapuerta at adi.uam.es Thu May 11 15:01:09 2000 From: jmanuel.lapuerta at adi.uam.es (Juan Manuel Lapuerta) Date: Tue Dec 2 02:29:50 2003 Subject: Problems with NT boxes joining samba domain Message-ID: <391ACB35.99FD909A@adi.uam.es> Hello all. I'm trying to entablish a NT Domain using Samba as PDC. As described in the documentation I enabled encrypted passwords, made my Linux box to accept domain logons, and so (I attach my smb.conf file). W95 boxes join the domain without any problem, users logs on and scripts are executed; but when a NT tries to join the domain I get a Dr.Watson (Who is that man? He's always in all my NT machines ;-) error, even if he is in installation stage! Is there any know issue that could help me? Thaks. Juan. From trevor at steinmetznet.com Thu May 11 15:01:45 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:50 2003 Subject: Still having SCO problems Message-ID: <391ACB59.A70091BC@steinmetznet.com> Hi, I'm still trying to compile on this damn SCO box. I was finally able to get configure to work, but now make fails. When I type make and hit enter I get an immediate error (it does not appear to try to compile anything) saying that "function getcwd is not implanted" A quick grep of ./source/lib tells me that the only C call to getcwd is in system.c (It's mentioned in a comment in doscalls.c) configure looks for it, but it is never mentioned in mt Makefile. Since I don't think make is even trying to compile anything, I am getting a bit confused. Should I try to comment out the call in system.c? Will it break Samba? I don't even think that make is looking at system.c (at any rate it doesn't say so). My boss has already nixed switching OS's, so that is out I tried ./configure --enable-shared=no as Luke suggested, no luck. I've never installed a compiler from scratch before, and SCO makes it exceedingly difficult from what I can tell. I am running out of ideas. I tried a SCO newsgroup, but succeeded in little other than getting flamed. I gotta say- If SCO was the alternative, I begin to see how NT got a foothold. If anyone has any further ideas, I would greatly appreciate them. This is TNG 2.5, trying to compile on SCO Open Server 5.04 with gcc 2.95. -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From lkcl at samba.org Thu May 11 17:59:06 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:50 2003 Subject: Still having SCO problems In-Reply-To: <391ACB59.A70091BC@steinmetznet.com> Message-ID: um... trevor, i think we actually have one of those, here, and it compiled fine. did you try typing gmake instead of make? have you tried cvs main not tng [because there may be some libtool issues]? > foothold. If anyone has any further ideas, I would greatly appreciate > them. This is TNG 2.5, trying to compile on SCO Open Server 5.04 with > gcc 2.95. > > -- > Thank you, > Trevor Antczak > Technology Manager > Steinmetz & Associates > > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From rmk at ams.org Thu May 11 21:41:28 2000 From: rmk at ams.org (Rob King) Date: Tue Dec 2 02:29:50 2003 Subject: credentials failed? Message-ID: I'm having a bugger of a time trying to get domain logons working. I'm using samba-tng-alpha.2.5.3 on debian 2.1r4 (linux 2.2.14 kernel). I'm using SunDS for LDAP, and nt4, service pack 4. I set up a domain, and can login just fine. After I log in, when the workstation tries to mount its profiles and such, I get this error in the log file: rpc_api_pipe_req: data_end: 72 and offset 66 wrong cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'rmk': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = Address already in use Transaction 1 of length 174 switch message SMBnegprot (pid 16087) I'm stymied here. If there's any more information I can provide for background on this, let me know. Here is the machine account LDAP entry: dn: uid=slartibartfast$,ou=People,ou=pvd,o=ams.org objectclass: sambaaccount objectclass: top creatorsname: cn=admin,o=ams.org createtimestamp: 20000425184104Z subschemasubentry: cn=schema uid: slartibartfast$ rid: 10000 ntuid: slartibartfast$ lmpassword: [deletia] ntpassword: [deletia] pwdlastset: 3911BBC9 acctflags: [W ] gidnumber: 120 grouprid: 5c9 pwdcanchange: 00000000 pwdmustchange: 00000000 logontime: 00000000 logofftime: 00000000 kickofftime: 00000000 modifytimestamp: 20000511193743Z modifiersname: cn=admin,o=ams.org uidnumber: 11036 And here's my account entry: dn: uid=rmk,ou=People,ou=pvd,o=ams.org creatorsname: cn=admin,o=ams.org createtimestamp: 19990928222837Z subschemasubentry: cn=schema ctcaldefaultreminder: 0:10 ctcaloperatingprefs: 0:255:0:0:0:0:0:1440:0:1440:0:0:1440:0:1440:0:0:1440:0:14 40:0:0:1440:0:1440:0:0:1440:0:1440:0:0:1440:0:1440:0:0:1440:0:1440 ctcalflags: 0 ctcaldefaulttaskreminder: 0:0 ctcalrefreshprefs: 1:60 ctcaldefaultnotereminder: 0:0 ctcallanguageid: 0 ctcalpasswordrequired: 1 ctcalnotifmechanism: 1 title: sysadmin ctcalsysopcanwritepassword: 1 ctcaldisplayprefs: 4:480:1080:1:30:190:2 ctcaltimezone: 29 authserviceprotocol: Framed-User framedcompression: Van-Jacobson-TCP-IP framedprotocol: PPP framedmtu: 1500 ipnetmasknumber: 255.255.240.0 framedipaddress: 130.44.1.250 ctcalxitemid: 10000:00731 objectclass: account objectclass: ctcaluser objectclass: inetorgperson objectclass: organizationalperson objectclass: person objectclass: posixaccount objectclass: remoteuser objectclass: sambaaccount objectclass: top ipxnetworknumber: 25.149.190.173 framedrouting: Broadcast-Listen cn: Rob King sn: King givenname: Robert uid: rmk uidnumber: 1036 gidnumber: 120 homedirectory: /usr/users/opn/rmk loginshell: /usr/local/bin/tcsh mail: rmk@ams.org telephonenumber: x4097 gecos: Rob King radiusauthfailedaccess: 4 grpcheckinfo: uid grpcheckinfo: userpassword modifytimestamp: 20000511210511Z modifiersname: cn=admin,o=ams.org userpassword: {crypt}[deletia] ntpassword: deletia ntuid: rmk rid: 1036 lmpassword: deletia -- Rob King The next day is never as good as the day before. UNIX Sys Admin rmk@ams.org -- Publius Syrus From dkrovich at wvu.edu Thu May 11 21:21:50 2000 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:29:50 2003 Subject: PAM-NTDOM Message-ID: I'm having problems getting pam_ntdom to compile. I'm using Solaris 8, gcc 2.95.2, and make 3.78.1. Here is the error I get: # ./configure loading cache ./config.cache Will compile with encrypted password support checking for gcc... (cached) gcc checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking whether we are using GNU C... (cached) yes checking whether the C compiler (gcc -O2 ) works... yes checking whether the C compiler (gcc -O2 ) is a cross-compiler... no checking whether we are using GNU C... (cached) yes checking whether make sets ${MAKE}... (cached) yes checking for a BSD compatible install... ./install-sh -c checking how to run the C preprocessor... (cached) gcc -E checking for ANSI C header files... (cached) yes checking for shadow.h... (cached) yes checking for security/pam_appl.h... (cached) yes checking for unistd.h... (cached) yes checking for security/pam_modules.h... (cached) yes checking for LOG_AUTHPRIV... no checking for main in -lcrypt... (cached) yes checking for working const... (cached) yes checking system version (for dynamic loading)... SunOS-5.8 checking for dlopen in -ldl... (cached) yes creating ./config.status creating Makefile creating config.h config.h is unchanged # make mkdir -p ./dynamic *** Building pam-ntdom(alpha) module of the framework... Contact: lkcl@samba.anu.edu.au gcc -c -O2 -DHAVE_CONFIG_H -fPIC -I./lib/include -I./lib/rpc/include -I./rpc_validate -o lib/util/util.o lib/util/util.c lib/util/util.c: In function `Get_Hostbyname': lib/util/util.c:93: warning: initialization makes pointer from integer without a cast lib/util/util.c: In function `get_myname': lib/util/util.c:164: warning: initialization makes pointer from integer without a cast lib/util/util.c: In function `set_blocking': lib/util/util.c:549: `F_GETFL' undeclared (first use in this function) lib/util/util.c:549: (Each undeclared identifier is reported only once lib/util/util.c:549: for each function it appears in.) lib/util/util.c:555: `F_SETFL' undeclared (first use in this function) lib/util/util.c: In function `set_socket_options': lib/util/util.c:1053: warning: assignment makes pointer from integer without a cast make: *** [lib/util/util.o] Error 1 From osabmt00 at fht-esslingen.de Fri May 12 05:32:02 2000 From: osabmt00 at fht-esslingen.de (Osama Abu-Aish) Date: Tue Dec 2 02:29:50 2003 Subject: still can't join domain In-Reply-To: References: <200005102201.AAA03439@rslx01.fht-esslingen.de> Message-ID: <200005112309.BAA20106@rslx01.fht-esslingen.de> Am 12 May 00, um 17:44 Uhr schrieb Pieter Grimmerink zum Thema RE: still can't join domain: Dazu meine Meinung: > Well, I've also still not succeeded in joining any version of samba-tng to > an NT4 domain. > TNG is working fine as a PDC (except login as administrator and root from an > NT4 client still fails) and as a member of a samba-tng controlled domain, > but I definitely can't get it to join an NT4 controlled domain. > I gave this up. What was Your problem? Greetings, Osama --- Fachhochschule f?r Technik Esslingen Au?enstelle Goeppingen From lkcl at samba.org Thu May 11 23:20:50 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:50 2003 Subject: PAM-NTDOM In-Reply-To: Message-ID: use winbind. thx! > I'm having problems getting pam_ntdom to compile. From peter at cadcamlab.org Fri May 12 04:33:43 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:50 2003 Subject: Still having SCO problems References: <391ACB59.A70091BC@steinmetznet.com> Message-ID: <14619.35135.974215.46929@wire.cadcamlab.org> [Trevor Antczak ] > When I type make and hit > enter I get an immediate error (it does not appear to try to compile > anything) saying that "function getcwd is not implanted" Hmmm, that almost sounds like a `make' bug. Are you using a vendor make or GNU make? If you haven't already, you should consider installing GNU make. (On many systems, as Luke has said, GNU make is installed as `gmake', so try that too.) Peter From lkneschke at vater-gmbh.de Fri May 12 04:47:48 2000 From: lkneschke at vater-gmbh.de (Lars Kneschke) Date: Tue Dec 2 02:29:50 2003 Subject: There are still login problems Message-ID: Hello! Some days ago 3 or 4 people posted a email, that they can't login corectly. After login you get a message that win nt can't load the profile, and in smb.log you will see, that samba thinks that the supplied password is wrong. But the password is ok, you login using smbclient. This problems still exists. If no one will fix it, samba tng is not useable, and no serious testing can be done! Have some other people this problem too? Cu -- Lars Kneschke http://www.kneschke.de From Janne.Uimonen at syspro.fi Fri May 12 06:27:26 2000 From: Janne.Uimonen at syspro.fi (Janne Uimonen) Date: Tue Dec 2 02:29:50 2003 Subject: There are still login problems Message-ID: > Some days ago 3 or 4 people posted a email, that they can't > login corectly. > After login you get a message that win nt can't load the > profile, and in > smb.log you will see, that samba thinks that the supplied > password is wrong. > But the password is ok, you login using smbclient. This problems still > exists. If no one will fix it, samba tng is not useable, and > no serious > testing can be done! > > Have some other people this problem too? I'm having same problem with Samba TNG 2.5.3 and Win2k, it works fine with win98. - Janne Uimonen From p.grimmerink at home.nl Fri May 12 07:34:59 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:50 2003 Subject: still can't join domain In-Reply-To: <200005112309.BAA20106@rslx01.fht-esslingen.de> Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Osama Abu-Aish > Sent: vrijdag 12 mei 2000 1:12 > Subject: RE: still can't join domain > > > Am 12 May 00, um 17:44 Uhr schrieb Pieter Grimmerink zum Thema > RE: still can't join domain: > Dazu meine Meinung: > > > Well, I've also still not succeeded in joining any version of > samba-tng to > > an NT4 domain. > > TNG is working fine as a PDC (except login as administrator and > root from an > > NT4 client still fails) and as a member of a samba-tng > controlled domain, > > but I definitely can't get it to join an NT4 controlled domain. > > I gave this up. > > What was Your problem? If I remember correctly, the last time I tried (version 2.5) I got an 'LSA_OPENSECRET unknown error' while creating a machineaccount. After this, the machineaccount was created on the NTPDC, but the password was not known by Samba. Pieter From dominik.kubla at uni-mainz.de Fri May 12 08:38:28 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:50 2003 Subject: still can't join domain In-Reply-To: ; from p.grimmerink@home.nl on Fri, May 12, 2000 at 05:41:48PM +1000 References: <200005112309.BAA20106@rslx01.fht-esslingen.de> Message-ID: <20000512103828.A10525@uni-mainz.de> On Fri, May 12, 2000 at 05:41:48PM +1000, Pieter Grimmerink wrote: ... > If I remember correctly, the last time I tried (version 2.5) I got an > 'LSA_OPENSECRET unknown error' while creating a machineaccount. > After this, the machineaccount was created on the NTPDC, but the password > was not known by Samba. Yep. Same here. Dominik Kubla -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From Tim.Deegan at domainregistry.ie Fri May 12 09:17:38 2000 From: Tim.Deegan at domainregistry.ie (Tim Deegan) Date: Tue Dec 2 02:29:50 2003 Subject: There are still login problems In-Reply-To: References: Message-ID: <20000512101738.T16575@phlogiston.domainregistry.ie> Hi, On Fri, May 12, 2000 at 02:48:54PM +1000, Lars Kneschke wrote: > Hello! > > Some days ago 3 or 4 people posted a email, that they can't login corectly. > After login you get a message that win nt can't load the profile, and in > smb.log you will see, that samba thinks that the supplied password is wrong. > But the password is ok, you login using smbclient. This problems still > exists. If no one will fix it, samba tng is not useable, and no serious > testing can be done! > > Have some other people this problem too? Yes, from Win2k, the login was accepted but then the win2k user couldn't access shares on the Samba Server (TNG alpha 2.5.3 on RH6.2/x86). ISTR if I gave "TESTDOMAIN\user" as the username (in the dialog box for mapping to the share) it then accepted the connection. My smb.conf is below. Sorry I can't give you more details, I toasted my only Win2k box and won't have a chance to fix it till next week. Tim. -- | Tim Deegan TJD7-RIPE | ...we were back to the sad age-old | | | knowledge that there are only | | tim.deegan@domainregistry.ie | two genuine aphrodisiacs: | | http://www.domainregistry.ie/ | youth and boredom. | [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = PDC workgroup = TESTDOMAIN server string = Test PDC running Samba TNG # Security hosts allow = xxx.x.xxx. 127. interfaces = eth0:8 bind interfaces only = yes # Deal with case changes preserve case = yes short preserve case = yes # Keep away from Samba 2.0.x server log file = /var/log/samba-tng/log.%m lock dir = /var/lock/samba-tng #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /usr/local/samba-tng/private/domaingroup.map domain alias map = /usr/local/samba-tng/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = U: logon home = \\PDC\%U logon path = \\PDC\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /usr/local/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /usr/local/samba-tng/profile [profile] path = /usr/local/samba-tng/profile writeable = yes #a public share [public] path = /usr/groups/noc browseable = yes public = yes comment = Public share From lkcl at samba.org Fri May 12 09:22:34 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:50 2003 Subject: There are still login problems In-Reply-To: <20000512101738.T16575@phlogiston.domainregistry.ie> Message-ID: On Fri, 12 May 2000, Tim Deegan wrote: > Hi, > > On Fri, May 12, 2000 at 02:48:54PM +1000, Lars Kneschke wrote: > > Hello! > > > > Some days ago 3 or 4 people posted a email, that they can't login corectly. > > After login you get a message that win nt can't load the profile, and in > > smb.log you will see, that samba thinks that the supplied password is wrong. > > But the password is ok, you login using smbclient. This problems still > > exists. If no one will fix it, samba tng is not useable, and no serious > > testing can be done! > > > > Have some other people this problem too? > > Yes, from Win2k, the login was accepted but then the win2k user > couldn't access shares on the Samba Server (TNG alpha 2.5.3 on > RH6.2/x86). i have an idea of what probl. is. From s.striker at striker.nl Fri May 12 09:32:31 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:51 2003 Subject: There are still login problems In-Reply-To: <20000512101738.T16575@phlogiston.domainregistry.ie> Message-ID: Indeed, there are. Luke is aware of this problem, so I guess someone will look into this. Be patient. I'm currently running the TNG 2.5 version which does the comlete login + profiles ok. Sander Striker >Hi, > >On Fri, May 12, 2000 at 02:48:54PM +1000, Lars Kneschke wrote: >> Hello! >> >> Some days ago 3 or 4 people posted a email, that they can't >login corectly. >> After login you get a message that win nt can't load the profile, and in >> smb.log you will see, that samba thinks that the supplied >password is wrong. >> But the password is ok, you login using smbclient. This problems still >> exists. If no one will fix it, samba tng is not useable, and no serious >> testing can be done! >> >> Have some other people this problem too? > >Yes, from Win2k, the login was accepted but then the win2k user >couldn't access shares on the Samba Server (TNG alpha 2.5.3 on >RH6.2/x86). > >ISTR if I gave "TESTDOMAIN\user" as the username (in the dialog box for >mapping to the share) it then accepted the connection. > >My smb.conf is below. Sorry I can't give you more details, I toasted >my only Win2k box and won't have a chance to fix it till next week. > >Tim. > >-- >| Tim Deegan TJD7-RIPE | ...we were back to the sad age-old | >| | knowledge that there are only | >| tim.deegan@domainregistry.ie | two genuine aphrodisiacs: | >| http://www.domainregistry.ie/ | youth and boredom. | > > >[global] > >#NetBIOS name isn't needed if it's the same as the hostname >netbios name = PDC >workgroup = TESTDOMAIN >server string = Test PDC running Samba TNG > ># Security >hosts allow = xxx.x.xxx. 127. >interfaces = eth0:8 >bind interfaces only = yes > ># Deal with case changes >preserve case = yes >short preserve case = yes > ># Keep away from Samba 2.0.x server >log file = /var/log/samba-tng/log.%m >lock dir = /var/lock/samba-tng > >#flat files that map Unix groups to NT type groups. >#these files take the form unix_group = `Windows NT group'' >domain group map = /usr/local/samba-tng/private/domaingroup.map >domain alias map = /usr/local/samba-tng/private/domainalias.map > >#Domain controllers use user security and we need encrypted >#passwords (see ENCRYPTION.txt) >security = user >domain logons = yes >encrypt passwords = yes > >#And in order for us to be *sure* to win browser elections >os level = 65 >domain master = yes >preferred master = yes >local master = yes > >#WINS is the equivalent of DNS for NetBIOS. >wins support = yes >time server = yes > >#the next lines are equivalent to the various profile details >#found in NT's User Manager >logon script = login.bat >logon drive = U: >logon home = \\PDC\%U >logon path = \\PDC\profile\%U > >#share all home directories >[homes] >browseable = no >writable = yes >comment = Users' home directories > >#set up netlogon share for system policies and login scripts >[netlogon] >path = /usr/local/samba-tng/netlogon >writable = no >guest ok = no >comment = PDC netlogon share > >#the profiles share >#to create automatic subdirs for the different users >#chmod 1777 /usr/local/samba-tng/profile >[profile] >path = /usr/local/samba-tng/profile >writeable = yes > >#a public share >[public] >path = /usr/groups/noc >browseable = yes >public = yes >comment = Public share > From s.striker at striker.nl Fri May 12 09:50:39 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:51 2003 Subject: There are still login problems In-Reply-To: Message-ID: heh heh Always when I write replies, Luke is a step ahead of me. Ignore my posting please. Sander >On Fri, 12 May 2000, Tim Deegan wrote: > >> Hi, >> >> On Fri, May 12, 2000 at 02:48:54PM +1000, Lars Kneschke wrote: >> > Hello! >> > >> > Some days ago 3 or 4 people posted a email, that they can't >login corectly. >> > After login you get a message that win nt can't load the >profile, and in >> > smb.log you will see, that samba thinks that the supplied >password is wrong. >> > But the password is ok, you login using smbclient. This problems still >> > exists. If no one will fix it, samba tng is not useable, and no serious >> > testing can be done! >> > >> > Have some other people this problem too? >> >> Yes, from Win2k, the login was accepted but then the win2k user >> couldn't access shares on the Samba Server (TNG alpha 2.5.3 on >> RH6.2/x86). > >i have an idea of what probl. is. > From schmid at atmos.albany.edu Fri May 12 14:35:49 2000 From: schmid at atmos.albany.edu (Peter Schmid) Date: Tue Dec 2 02:29:51 2003 Subject: printing problem Message-ID: <200005121435.OAA05207@beech.atmos.albany.edu> Hello All, I have been having trouble setting up printing with TNG 2.5 on my Sun Solaris 8 machine compiled with Sun's compiler. I have followed the instructions given by Jean Francois Micouleau in a previous post. I have the print$ and the W32X86 directory setup with 755 perms etc.... I redone the installation 3 times so I don't think it's user error:)... but of course I could be wrong. >From my NT4 SP3 machine I click on the server, Printers, Add printer. I install a Postscript printer driver for my ghostscript driven printer attached to my Samba Server. The driver gets installed but when it tried to print the test pages I get an error: "Test page failed to printer...... The remote procedure call failed. I have spools running with -d100. I don't know what output anyone would like to help debug this. There is tons of info! I don't really want to send via this list the contents of this file. Thanks, Pete. Peter Schmid Sr. Programmer/Analyst SUNY at Albany Department of Earth and Atmospheric Sciences Phone:(518)-442-4571 E-Mail:schmid@atmos.albany.edu From ntdom at webbhq.net Fri May 12 15:00:53 2000 From: ntdom at webbhq.net (Rich Webb) Date: Tue Dec 2 02:29:51 2003 Subject: There are still login problems In-Reply-To: Message-ID: <000001bfbc22$dec7a8c0$ac00000a@rtstrans.com> > Some days ago 3 or 4 people posted a email, that they can't > login corectly. > After login you get a message that win nt can't load the > profile, and in > smb.log you will see, that samba thinks that the supplied > password is wrong. > But the password is ok, you login using smbclient. This problems still > exists. If no one will fix it, samba tng is not useable, and > no serious > testing can be done! > > Have some other people this problem too? I am having a similar problem. I am using a terminal server to join the domain and that works fine, and if I logon immediately following the join, that too works. If I leave the machine alone for a couple of minutes and go back to log in again, it says that it's logging on using cached profile information and that a domain controller could not be contacted. windows 95 works fine to log in using the domain tho. I am using the information on the kneschke.de site. Rich From jakubowski at szczecin.top.pl Fri May 12 15:18:37 2000 From: jakubowski at szczecin.top.pl (Marcin Jakubowski) Date: Tue Dec 2 02:29:51 2003 Subject: Wins Message-ID: Hello I have Linux as a PDC and win95/98 log in domain without problem. My friend have real WinNT but his wins cann not see my network. Samba 2.0.6 from Debian package TIA -- Marcin Jakubowski, InterNetia Telekom .''`. mailto:jakubowski@szczecin.top.pl : :' : `. `' `- From pli at ee.ualberta.ca Fri May 12 16:46:35 2000 From: pli at ee.ualberta.ca (Patrick Li) Date: Tue Dec 2 02:29:51 2003 Subject: Not able to add to domain Message-ID: SGVsbG8gdGhlcmUsDQoNCkl0IHdhcyB3b3JraW5nIGZpbmUgd2l0aCBtZSBiZWZvcmUsIGJ1dCBu b3Qgbm93DQpJIGFtIHN0aWxsIHVzaW5nIFRORy0yLjQNCk15IHByb2JsZW0gaXMgd2hlbiBJIHRy aWVkIHRvIGpvaW4gdGhlIGRvbWFpbiBvbiBteSBXMmsNCmZpcnN0IGl0IGFzayBtZSB0aGUgd2lu ZG93cyB1c2VybmFtZSwgc28gSSBwdXQgaXQgaW4NCnRoZW4gaXQgYXNrIG1lIHRoZSBjb21wdXRl ciBhbmQgZG9tYWluLCB0aGVuIEkgcHV0IHRoYXQgaW4NCmxhc3RseSBpdCBhc2sgbWUgdGhlIHVz ZXJuYW1lIGFnYWluLCBJIHB1dCB0aGF0IGluIHRvbw0KYnV0LCB3aGF0IEkgZ290IGlzIHVuYWJs ZSB0byBhZGQgdG8gZG9tYWluIGJlY2F1c2UgeW91IGFyZSB1c2luZyBhIG1hY2hpbmUgYWNjb3Vu dA0KcGxlYXNlIHVzZSBhIGdlbmVyYWwgdXNlciBhL2MgdG8gZG8gdGhhdA0KDQpBbnlvbmUgZ290 IGEgY2x1ZSBvbiB3aHkgaXMgdGhhdD8NCg0KVGhhbngNCg0KUGF0cmljaw== From ntdom at webbhq.net Fri May 12 17:23:44 2000 From: ntdom at webbhq.net (Rich Webb) Date: Tue Dec 2 02:29:51 2003 Subject: Where to get information Message-ID: <000001bfbc36$d3785dc0$ac00000a@rtstrans.com> Where can I find information on what different versions of TNG there are and how do I get different releases? All the documentation that I have found is referring to the earlier releases and doesn't seem to pertain much. I need a version of TNG that will act as a PDC, allow domain logons, and have domain groups that I can base policies on. Does one exist that those three things are functional? Any help would be appreciated. Rich Webb From tom at ee.ucl.ac.uk Fri May 12 17:55:18 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:51 2003 Subject: samba-TNG cvs doesn't compile Message-ID: <200005121755.SAA18173@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs udpate 12/05/00 18:00 BST Solaris 2.7 Sparc 64 gcc 2.8.1 Fails to compile with: Linking bin/smbd Undefined first referenced symbol in file unistr_to_dos smbd/trans2.o ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd *** Error code 1 make: Fatal error: Command failed for target `bin/smbd' Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From trevor at steinmetznet.com Fri May 12 18:08:04 2000 From: trevor at steinmetznet.com (Trevor Antczak) Date: Tue Dec 2 02:29:51 2003 Subject: Still SCOing Message-ID: <391C4883.1BA6BB2A@steinmetznet.com> Hello again, Progress has been made. I think this problem actually has something to do with Samba. The last problem was that I had installed "make" for the wrong version of SCO. After that I had to edit include/includes.h, because some of the libraries were in different places on this system (and I had to steal a few libraries from a different system I don't think this is a problem, but if it is let me know). Now I compile for quite a while (at some point I also had to find and install the GNU "ar" utility, cause SCO lacks one unless you install their "pay to play" development tools). Now I run fine until make tries to compile fsuage.c. I get he following error: Compiling lib/fsusage.c with libtool lib/fsusage.c: In function `sys_fsusage': lib/fsusage.c:129: storage size of `fsd' isn't known make: *** [lib/fsusage.lo] Error 1 I took a quick look at fsusage.c, and to my (very inexperienced) eyes, everything looks fine (at any rate, this same code compiles fine on other boxes for me). This is (still ;-)) a SCO Open Server 5 system, compiling TNG 2.5 with gcc 2.95. If I start to get to irritating tell me to go away, but if I can get this work I'm going to write a HOW-TO or something. -- Thank you, Trevor Antczak Technology Manager Steinmetz & Associates From lkcl at samba.org Fri May 12 18:30:54 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:51 2003 Subject: samba-TNG cvs doesn't compile In-Reply-To: <200005121755.SAA18173@picard.ee.ucl.ac.uk> Message-ID: don't compile - for now - with --with-msdfs. On Sat, 13 May 2000, Tom Crummey wrote: > Hello, > > samba-TNG cvs udpate 12/05/00 18:00 BST Solaris 2.7 Sparc 64 gcc 2.8.1 > > Fails to compile with: > > Linking bin/smbd > Undefined first referenced > symbol in file > unistr_to_dos smbd/trans2.o > ld: fatal: Symbol referencing errors. No output written to bin/.libs/smbd > *** Error code 1 > make: Fatal error: Command failed for target `bin/smbd' > > > Tom. > > ---------------------------------------------------------------------------- > Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > University College London, TEL: +44 (0)20 7679 3898 > Torrington Place, FAX: +44 (0)20 7388 9325 > London, UK, WC1E 7JE. > ---------------------------------------------------------------------------- > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From cigor at EUnet.yu Fri May 12 17:03:51 2000 From: cigor at EUnet.yu (=?ISO-8859-2?Q?=C8olovi=E6_Igor?=) Date: Tue Dec 2 02:29:51 2003 Subject: Error compiling CVS Message-ID: OS : RH 5.2 Kernel: 2.2.9 CVS: TNG 12.05 17:30 Error: *** No rule to make target `msdfs/msdfs.o', needed by bin/smbd. I have tryed with and without msdfs but the result is the same. -- Nothing makes a person more productive than the last minute. From jens.skripczynski at igd.fhg.de Fri May 12 19:28:37 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: error compiling TNG from today (fails in trans2.c) Message-ID: <20000512212836.A2196@pclinux.igd.fhg.de> G E N E R A L * * * * * * * * ------------- OS : 2.2.14 #1 SMP Fri Apr 7 16:46:08 CEST 2000 i686 ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA-TNG ------------- Version/Date: today ------------- Error Type : reproduceable ------------- Short Desc. : smbd/trans2.c fails to compile (missing funcion ?) ------------- Trigger : configure : ------------- INSTALLDIR=/sw/i386_linux-2.0_glibc2/samba-TNG-`date +%Y.%m.%d` \ CFLAGS="-O2 -m486" ./configure \ --prefix=$INSTALLDIR \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba \ --libdir=/usr/local/etc/samba/lib \ --with-privatedir=/usr/local/etc/samba/private \ --with-sambaconfdir=/usr/local/etc/samba \ --with-lockdir=/var/lock/samba \ --with-sam-pwdb=passwd \ --with-gnu-ld \ --with-pam \ && { if [! -d $INSTALLDIR ]; then \ { mkdir $INSTALLDIR } fi } \ && make make error: ... Compiling smbd/trans2.c Linking bin/smbd smbd/trans2.o: In function `call_trans2getdfsreferral': smbd/trans2.o(.text+0x4e8a): undefined reference to `unistr_to_dos' collect2: ld returned 1 exit status make: *** [bin/smbd] Error 1 --------------------- --------------- Solution : Partially i think call_... is looking for a function --------------- called unistr_to_dos which no longer exists : >rgrep -x c unistr_to_dos * smbd/trans2.c: unistr_to_dos(pathname, ¶ms[2]); >rgrep -x h unistr_to_dos * include/proto.h:void unistr_to_dos(char* dst,char* src) ; So only proto.h knows about it. Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From jens.skripczynski at igd.fhg.de Fri May 12 19:38:07 2000 From: jens.skripczynski at igd.fhg.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: ; from p.grimmerink@home.nl on Wed, May 10, 2000 at 12:41:29AM +1000 References: Message-ID: <20000512213807.B2196@pclinux.igd.fhg.de> Pieter Grimmerink: > OFFTOPIC > > I know this is a problem Bill should solve, I don't think he already did, > but does anyone know wether there's a way to make a laptop (running NT4 or > 5) a member of multiple domains? Solution 4 NT4. Today I asked a NT friend about it. He said, that you just have to make the NT Computer get an entry into the Domain, so you can log into the domain. Everytime you want to log in, it will broadcast to check whether the PDC are avaible. This is how he told me to work things out for an NT4 WS. 1) Join the WS to the fist Domain you want to use. (Should not be a problem). 2) reboot (the usual stuff) 3) Again go to the network setup and change the Domainname to DOMAINNAME2. You may need an administrator account to add it automatically or do it manually on the PDC. Windows will ask you whether you want to leave the old Domain (ignore this and click "yes" or "ok" <- i don't know which button shows up) the reboot and everything should be fine. 3 "Domains" 1 local and 2 Network domains. In our Lab we have one PC for checking which is included into 5 network domains. Ciao Jens Skripczynski -- E-Mail: skripi@igd.fhg.de Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. From pjdc at eircom.net Fri May 12 20:24:05 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:51 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: Jens Skripczynski's message of "Sat, 13 May 2000 05:40:49 +1000" References: <20000512213807.B2196@pclinux.igd.fhg.de> Message-ID: >>>>> "Jens" == Jens Skripczynski writes: Jens> In our Lab we have one PC for checking which is included Jens> into 5 network domains. I was under the impression that the only time more than two domains are listed in the "Domain" list on the logon screen is when the domain your machine is currently a member of trusts other domains. I don't see how a machine could be a member of two unrelated domains and still let you log on to both, since the only DOMAIN\Domain Users global group in WKS\Users would be that belonging to the domain you most recently joined. I had a root around in the Knowledge Base trying to find info on this, but no joy. yours in curiosity, Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From Skripi at hrzpub.tu-darmstadt.de Fri May 12 21:11:48 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: Where to get information In-Reply-To: <000001bfbc36$d3785dc0$ac00000a@rtstrans.com>; from ntdom@webbhq.net on Sat, May 13, 2000 at 03:24:03AM +1000 References: <000001bfbc36$d3785dc0$ac00000a@rtstrans.com> Message-ID: <20000512231148.C1444@shadowland.sc> Rich Webb: > Where can I find information on what different versions of TNG there are and > how do I get different releases? All the documentation that I have found is > referring to the earlier releases and doesn't seem to pertain much. Currently there is no documentation of TNG avaible. It changes very fast and all documentation about it is almost in time outdated... Currently there is still a log of merging with the HEAD. So it may take a month (?) until things become stable. > I need a version of TNG that will act as a PDC, allow domain logons, My version of yesterday does.. > and have domain groups that I can base policies on. You mean using the poledit Programm ? I currently can't remember anybody talking on that subject and would be interested if it is included ? Luke ? > Does one exist that those three things are functional? Domain groups exist and can be viewed by the Usermanager. But policies... I don't know. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Fri May 12 21:07:05 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: Not able to add to domain In-Reply-To: ; from pli@ee.ualberta.ca on Sat, May 13, 2000 at 02:42:46AM +1000 References: Message-ID: <20000512230705.B1444@shadowland.sc> Patrick Li: > Hello there, > > It was working fine with me before, but not now > I am still using TNG-2.4 > My problem is when I tried to join the domain on my W2k > first it ask me the windows username, so I put it in > then it ask me the computer and domain, then I put that in > lastly it ask me the username again, I put that in too > but, what I got is unable to add to domain because you are using a machine account > please use a general user a/c to do that > > Anyone got a clue on why is that? *HMM* I got a bit mixed up. Whom do you want to join to who's domain ? What is your setup. I gues that you want an NT2000 WS to join an SAMBA controlled Domain. Is that right ? Is your error reproduceable. What do the log files tell ? The information above leaves those out. Please see: SAMBA Bug report "How to" http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 SAMBA Bug report template http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt Also check out whether this issue was solved in newer samba-alpha tar's or the current cvs. (current tar ball version is 2.5.3). Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From Skripi at hrzpub.tu-darmstadt.de Fri May 12 21:02:42 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: Wins In-Reply-To: ; from jakubowski@szczecin.top.pl on Sat, May 13, 2000 at 01:27:21AM +1000 References: Message-ID: <20000512230242.A1444@shadowland.sc> Marcin Jakubowski: > I have Linux as a PDC and win95/98 log in domain without problem. 1) PDC functionality has _nothing_ to do with 95/98 domain logons. Primary Domain Controller was and the underlying security system can only be used with NT4 and NT5 alias NT 2000. > My friend have real WinNT but his wins cann not see my network. Well your information is not sufficient on this subject. 1) be your friends setup (IPX or TCP/IP). 2) smb.conf file 3) did you enable wins 4) What do the logfiles tell you ? > Samba 2.0.6 from Debian package Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pli at ee.ualberta.ca Fri May 12 21:34:02 2000 From: pli at ee.ualberta.ca (Patrick Li) Date: Tue Dec 2 02:29:51 2003 Subject: Not able to add to domain In-Reply-To: <20000512230705.B1444@shadowland.sc> Message-ID: Patrick Li Sorry no signature today! On Sat, 13 May 2000, Jens Skripczynski wrote: > Patrick Li: > > Hello there, > > > > It was working fine with me before, but not now > > I am still using TNG-2.4 > > My problem is when I tried to join the domain on my W2k > > first it ask me the windows username, so I put it in > > then it ask me the computer and domain, then I put that in > > lastly it ask me the username again, I put that in too > > but, what I got is unable to add to domain because you are using a machine account > > please use a general user a/c to do that > > > > Anyone got a clue on why is that? > *HMM* I got a bit mixed up. > > Whom do you want to join to who's domain ? What is your setup. > > I gues that you want an NT2000 WS to join an SAMBA controlled Domain. > Is that right ? Yup > > Is your error reproduceable. What do the log files tell ? > The information above leaves those out. The error is something like "Unable to join domain you are using a machines a/c now, please use a general user or admin a/c in order to join the domain > > Please see: > > SAMBA Bug report "How to" > http://www.kneschke.de/projekte/samba_tng/faq/bugreport.php3 > SAMBA Bug report template > http://www.kneschke.de/projekte/samba_tng/faq/samba-bugreport-template.txt > > Also check out whether this issue was solved in newer samba-alpha tar's or > the current cvs. (current tar ball version is 2.5.3). > > > Ciao > > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > > Computers are like airconditioners: They stop working > properly if you open windows. > From Skripi at hrzpub.tu-darmstadt.de Fri May 12 21:57:19 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) Message-ID: <20000512235718.A2745@shadowland.sc> Hi, G E N E R A L * * * * * * * * ------------- OS : linux (redhat 6.2b) ------------- Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) ------------- CVS-Branch : SAMBA_TNG ------------- Version/Date: today (how can I retrive the time of the last update ?) ------------- Error Type : reproduceable ------------- Short Desc. : libsamrpass.so fails to compile ------------- Trigger : export INSTALLDIR=$SW_ROOT/i386_lnx2/samba-TNG-`date +%Y.%m.%d` echo $INSTALLDIR CFLAGS="-O2 -m486" \ ./configure \ --prefix=$INSTALLDIR \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba \ --libdir=/usr/local/etc/samba/lib \ --with-privatedir=/usr/local/etc/samba/private \ --with-sambaconfdir=/usr/local/etc/samba \ --with-lockdir=/var/lock/samba \ --with-sam-pwdb=passwd \ --with-gnu-ld \ --with-pam \ && make LOG: Linking bin/samrd rpc_server/srv_pipe_ntlmssp.o: In function `api_ntlmssp_verify': rpc_server/srv_pipe_ntlmssp.o(.text+0x9f7): undefined reference to `map_nt_and_unix_username' bin/.libs/libsamrpass.so: undefined reference to `del_group_entry' ...(many lines deleted) bin/.libs/libsamrpass.so: undefined reference to `add_alias_member' collect2: ld returned 1 exit status make: *** [bin/samrd] Error 1 ------------- Solution : partially ... >rgrep -x h del_group_entry * include/proto.h:BOOL del_group_entry(uint32 rid); include/smb.h: BOOL (*del_group_entry) (uint32); >rgrep -x c del_group_entry * groupdb/groupdb.c:BOOL del_group_entry(uint32 rid) groupdb/groupdb.c: return gpdb_ops->del_group_entry(rid); samrd/srv_samr_grp_tdb.c: if (!del_group_entry(group_rid)) samrd/srv_samr_passdb.c: if (!del_group_entry(group_rid)) Seems that del_group_entry lives in groupdb.c. Maybe some includes/libs/... are missing ? Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pjdc at eircom.net Sat May 13 00:18:49 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: Jens Skripczynski's message of "Sat, 13 May 2000 07:50:45 +1000" References: <20000512235718.A2745@shadowland.sc> Message-ID: >>>>> "Jens" == Jens Skripczynski writes: Jens> Short Desc. : libsamrpass.so fails to compile I updated approximately four hours ago and built successfully. The login problem remains, however. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Sat May 13 07:26:11 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:51 2003 Subject: Error compiling CVS In-Reply-To: Message-ID: hm, i think public cvs out of sync. On Sat, 13 May 2000, [ISO-8859-2] ?olovi? Igor wrote: > > > OS : RH 5.2 > Kernel: 2.2.9 > CVS: TNG 12.05 17:30 > Error: > *** No rule to make target `msdfs/msdfs.o', needed by bin/smbd. > > I have tryed with and without msdfs but the result is the same. > > > -- > Nothing makes a person more productive than the last minute. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sat May 13 08:03:19 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: <20000512235718.A2745@shadowland.sc> Message-ID: hey, guys, try complete new checkouts. destroy the entire cvs copy you have, don't use cvs update, i think public cvs got out-of-sync. On Sat, 13 May 2000, Jens Skripczynski wrote: > Hi, > > G E N E R A L > * * * * * * * * > ------------- > OS : linux (redhat 6.2b) > ------------- > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > ------------- > CVS-Branch : SAMBA_TNG > ------------- > Version/Date: today (how can I retrive the time of the last update ?) > ------------- > Error Type : reproduceable > ------------- > Short Desc. : libsamrpass.so fails to compile > ------------- > Trigger : > export INSTALLDIR=$SW_ROOT/i386_lnx2/samba-TNG-`date +%Y.%m.%d` > echo $INSTALLDIR > CFLAGS="-O2 -m486" \ > /configure \ > --prefix=$INSTALLDIR \ > --sysconfdir=/usr/local/etc/samba \ > --localstatedir=/var/log/samba \ > --libdir=/usr/local/etc/samba/lib \ > --with-privatedir=/usr/local/etc/samba/private \ > --with-sambaconfdir=/usr/local/etc/samba \ > --with-lockdir=/var/lock/samba \ > --with-sam-pwdb=passwd \ > --with-gnu-ld \ > --with-pam \ > && make > > LOG: > Linking bin/samrd > rpc_server/srv_pipe_ntlmssp.o: In function `api_ntlmssp_verify': > rpc_server/srv_pipe_ntlmssp.o(.text+0x9f7): undefined reference to > `map_nt_and_unix_username' > bin/.libs/libsamrpass.so: undefined reference to `del_group_entry' > ..(many lines deleted) > bin/.libs/libsamrpass.so: undefined reference to `add_alias_member' > collect2: ld returned 1 exit status > make: *** [bin/samrd] Error 1 > > ------------- > Solution : partially ... > >rgrep -x h del_group_entry * > include/proto.h:BOOL del_group_entry(uint32 rid); > include/smb.h: BOOL (*del_group_entry) (uint32); > > >rgrep -x c del_group_entry * > groupdb/groupdb.c:BOOL del_group_entry(uint32 rid) > groupdb/groupdb.c: return gpdb_ops->del_group_entry(rid); > samrd/srv_samr_grp_tdb.c: if (!del_group_entry(group_rid)) > samrd/srv_samr_passdb.c: if (!del_group_entry(group_rid)) > > > Seems that del_group_entry lives in groupdb.c. > Maybe some includes/libs/... are missing ? > > > Ciao > > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > > Computers are like airconditioners: They stop working > properly if you open windows. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From Skripi at hrzpub.tu-darmstadt.de Sat May 13 09:08:15 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: ; from lkcl@samba.org on Sat, May 13, 2000 at 06:03:49PM +1000 References: <20000512235718.A2745@shadowland.sc> Message-ID: <20000513110815.A24692@shadowland.sc> Luke Kenneth Casson Leighton: > hey, guys, try complete new checkouts. destroy the entire cvs copy you > have, don't use cvs update, i think public cvs got out-of-sync. *Grmpf* I think someone should improve this. Everytime it is out of sync, I have to suck 23 MB from the web again. Anyway, how is it possible for cvs to be out of sync ? I mean the connection can terminate in between and cvs will automatically continue where it stopped. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From s.striker at striker.nl Sat May 13 09:52:40 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: <20000513110815.A24692@shadowland.sc> Message-ID: >Luke Kenneth Casson Leighton: >> hey, guys, try complete new checkouts. destroy the entire cvs copy you >> have, don't use cvs update, i think public cvs got out-of-sync. >*Grmpf* I think someone should improve this. >Everytime it is out of sync, I have to suck 23 MB from the web again. That's very inconvenient, especially for those of you with dialup connections. >Anyway, how is it possible for cvs to be out of sync ? I mean the >connection can terminate in between and cvs will automatically continue >where it stopped. There is public cvs, for anonymous checkouts and there is private cvs for samba team members. Those two can get out of sync (unfortunately). The only way to get it to be the same as private cvs is a fresh new checkout, since updates won't do the trick. Sander From pjdc at eircom.net Sat May 13 12:10:29 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:51 2003 Subject: CVS getting out of sync {was: Re: TNG does not compile} In-Reply-To: "Sander Striker"'s message of "Sat, 13 May 2000 19:53:52 +1000" References: Message-ID: >>>>> "Sander" == Sander Striker writes: Sander> That's very inconvenient, especially for those of you with Sander> dialup connections. I find that giving cvs the "-z 3" option improves download times enormously. (Approx 1/2 hr for my entire-tree donload.) Sander> There is public cvs, for anonymous checkouts and there is Sander> private cvs for samba team members. Those two can get out Sander> of sync (unfortunately). The only way to get it to be the Sander> same as private cvs is a fresh new checkout, since updates Sander> won't do the trick. I don't really get this either. If we're all talking to the one cvs repository, how do things get out of sync? If there are two cvs repositories, how does stuff get from the private one to the public one? More confused than ever, Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Sat May 13 12:56:42 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:51 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: Luke Kenneth Casson Leighton's message of "Sat, 13 May 2000 18:05:02 +1000" References: Message-ID: >>>>> "Luke" == Luke Kenneth Casson Leighton writes: Luke> hey, guys, try complete new checkouts. destroy the entire Luke> cvs copy you have, don't use cvs update, i think public cvs Luke> got out-of-sync. Did a complete new check-out at approx 11:30 GMT. Built okay, but I am still getting the same error re not being able to load the profile. The messages in log.smb (log level 10) re authentication read as follows: ncalrpc_l_send_prs: data: 0x80ce888 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 6C 00 00 00 ........ 0...l... [010] 18 00 00 00 64 00 04 00 52 00 52 00 49 00 47 00 ....d... R.R.I.G. [020] 00 00 64 C1 F7 CF BE B8 C5 E0 30 40 B0 06 30 40 ..d..... ..0@..0@ write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: data_end: 72 and offset 66 wrong rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'root': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory in log.smb. However, if I restart samba (i.e. all the daemons, haven't tried each one in turn) I can browse right into my server. Authentication success is reported as follows: clnt_deal_with_creds: 153 cred_create sess_key : 28729EF40ACEFB69 stor_cred: C7A671CE72D068F5 timestamp: 391d4c20 timecred : E7F28E0772D068F5 calc_cred: 8CC773AA97F95018 cred_assert challenge : 8CC773AA97F95018 calculated: 8CC773AA97F95018 credentials check ok new clnt cred: E7F28E0772D068F5 domain_client_validate: user MELOCHORD\root OK domain_client_validate: check lockout / pwd expired! password_ok: domain auth succeeded lp_servicenumber: couldn't find root get_smbhome_dir: returning /root for user root adding home directory root at /root root is in 9 groups: 0, 1, 2, 3, 4, 6, 10, 11, 508 uid 0 registered to name root Clearing default real name User name: root Real name: root uid 0 vuid 103 registered to unix name root storing user 2817,67 000000 vuid_io_key key 0000 pid : 00002817 0004 vuid: 0067 However, that message regarding the lockout/expiration intrigues me. After I log in, if I restart samba, I can browse right into the server; I can even map other user's shares using the IP address trick. BTW, if I'm not presenting enough or incorrect info from the logs, let me know. Thanks, Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From s.striker at striker.nl Sat May 13 13:40:05 2000 From: s.striker at striker.nl (Sander Striker) Date: Tue Dec 2 02:29:51 2003 Subject: CVS getting out of sync {was: Re: TNG does not compile} In-Reply-To: Message-ID: > Sander> That's very inconvenient, especially for those of you with > Sander> dialup connections. > >I find that giving cvs the "-z 3" option improves download times >enormously. (Approx 1/2 hr for my entire-tree donload.) Indeed this helps a lot. > Sander> There is public cvs, for anonymous checkouts and there is > Sander> private cvs for samba team members. Those two can get out > Sander> of sync (unfortunately). The only way to get it to be the > Sander> same as private cvs is a fresh new checkout, since updates > Sander> won't do the trick. > >I don't really get this either. If we're all talking to the one cvs >repository, how do things get out of sync? If there are two cvs >repositories, how does stuff get from the private one to the public >one? There is one repository, however, there are (at least) two interfaces to it. One the :pserver: (public) and second a private cvs interface over a secure connection (private). And then some samba team members can probably do local cvs when they are working on the box that holds the repository. Anyhow, there must be a (small) difference between the public and private way of getting things... >More confused than ever, I don't know how the deal is exactly either. I did a lot of guessing. It doesn't really matter though; just do a fresh checkout whenever you have the feeling you are the only one who can't compile or if you just want to make sure this is not the problem. Sander From jojowil at hvcc.edu Sat May 13 14:20:52 2000 From: jojowil at hvcc.edu (William Jojo) Date: Tue Dec 2 02:29:51 2003 Subject: TNG shared lib Message-ID: <391D64C4.BCFBBB9B@hvcc.edu> Did a complete refresh as suggested by Luke, but still have problem with shared lib compile...have reverted back to static... OS: AIX 4.3.2 CC: gcc 2.95.1 (all other components are AIX) I'm assuming .libs should be ./libs.....if someone would like to point out where it decides this, I'd gladly fix it.... error: mkdir bin Linking shared library bin/libmsrpc.la ld: 0711-934 SEVERE ERROR: Cannot create the output file: .libs/libmsrpc.so.0.0.1 ld:open() No such file or directory collect2: ld returned 12 exit status make: The error code from the last command is 1. Stop. -- /------------------------------------------------------\ | | | William E. Jojo, Jr. | | | | Senior Systems and Network Specialist | | | | Hudson Valley Community College | | | | (518) 629 7540 | | | | jojowil@hvcc.edu | | | \------------------------------------------------------/ So I held my up high Hiding hate that burns inside Which only fuels their selfish pride We're all held captive out from the sun A sun that shines on only some We the meek are all in one From elrond at samba.org Sat May 13 14:46:27 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:51 2003 Subject: TNG shared lib In-Reply-To: <391D64C4.BCFBBB9B@hvcc.edu>; from William Jojo on Sun, May 14, 2000 at 12:22:32AM +1000 References: <391D64C4.BCFBBB9B@hvcc.edu> Message-ID: <20000513164626.A13802@baerbel.mug.maschinenbau.tu-darmstadt.de> Hi, Oh well, aix. Normaly my area. But I admit, that I'm currently ignoring aix in the field of samba completely. (and my next target is HP-UX, cause that seems to be more complex. ;)) I currently only have one suggestion: Compile static: ./configure --disable-shared Lars, could you add this suggestion somewhere on your pages? On Sun, May 14, 2000 at 12:22:32AM +1000, William Jojo wrote: [...] > I'm assuming .libs should be ./libs.....if someone would like to point out where > it decides this, I'd gladly fix it.... [...] No, the dot is right, these are internal hidden directories of libtool, and libtool seems to be broken for aix and the type of build, samba is currently using. I will look at it at some time... Just remind me in 2 or 3 weeks. ;) Oh, and you wont have much fun on aix with TNG, unless you restrict your nt boxes to names stricly shorter then 8 chars (that is, max 7 chars). Elrond From elrond at samba.org Sat May 13 15:28:11 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:51 2003 Subject: CVS getting out of sync {was: Re: TNG does not compile} In-Reply-To: ; from Sander Striker on Sat, May 13, 2000 at 11:39:13PM +1000 References: Message-ID: <20000513172811.B13802@baerbel.mug.maschinenbau.tu-darmstadt.de> On Sat, May 13, 2000 at 11:39:13PM +1000, Sander Striker wrote: [...] > > Sander> There is public cvs, for anonymous checkouts and there is > > Sander> private cvs for samba team members. Those two can get out > > Sander> of sync (unfortunately). The only way to get it to be the > > Sander> same as private cvs is a fresh new checkout, since updates > > Sander> won't do the trick. > > > >I don't really get this either. If we're all talking to the one cvs > >repository, how do things get out of sync? If there are two cvs > >repositories, how does stuff get from the private one to the public > >one? > > There is one repository, however, there are (at least) two interfaces > to it. One the :pserver: (public) and second a private cvs interface > over a secure connection (private). And then some samba team members > can probably do local cvs when they are working on the box that holds > the repository. > Anyhow, there must be a (small) difference between the public and private > way of getting things... I don't know either, were the difference is. And public cvs never broke for me for a realy long time. I'm using "cvs -z3 update -P -d -r SAMBA_TNG". > Sander Elrond From elrond at samba.org Sat May 13 15:44:32 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:51 2003 Subject: error compiling TNG from today (fails in trans2.c) In-Reply-To: <20000512212836.A2196@pclinux.igd.fhg.de>; from Jens Skripczynski on Sat, May 13, 2000 at 05:30:43AM +1000 References: <20000512212836.A2196@pclinux.igd.fhg.de> Message-ID: <20000513174432.C13802@baerbel.mug.maschinenbau.tu-darmstadt.de> On Sat, May 13, 2000 at 05:30:43AM +1000, Jens Skripczynski wrote: [...] > --------------- > Solution : Partially i think call_... is looking for a function > --------------- called unistr_to_dos which no longer exists : > >rgrep -x c unistr_to_dos * > smbd/trans2.c: unistr_to_dos(pathname, ¶ms[2]); > > >rgrep -x h unistr_to_dos * > include/proto.h:void unistr_to_dos(char* dst,char* src) ; > > So only proto.h knows about it. [...] proto.h knows about it, cause it has to be somewhere in the tree: source $ grep unistr_to_dos */*.c msdfs/msdfs.c:void unistr_to_dos(char* dst,char* src) smbd/trans2.c: unistr_to_dos(pathname, ¶ms[2]); source $ nm msdfs/msdfs.o | grep uni 00000014 T unistr_to_dos Okay, please remove msdfs/msdfs.*, smbd/trans2.*, Makefile.in and do a cvs update -d -P (No, I have no idea, why this function is in msdfs.c) Elrond From elrond at samba.org Sat May 13 15:58:30 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: Where to get information In-Reply-To: <20000512231148.C1444@shadowland.sc>; from Jens Skripczynski on Sat, May 13, 2000 at 07:08:38AM +1000 References: <000001bfbc36$d3785dc0$ac00000a@rtstrans.com> <20000512231148.C1444@shadowland.sc> Message-ID: <20000513175830.D13802@baerbel.mug.maschinenbau.tu-darmstadt.de> On Sat, May 13, 2000 at 07:08:38AM +1000, Jens Skripczynski wrote: [...] > > and have domain groups that I can base policies on. > You mean using the poledit Programm ? I currently can't remember anybody > talking on that subject and would be interested if it is included ? > Luke ? [...] I use poledit with Samba, and it works fine, but I do not use it with groups, just for the general computer and user stuff. But I currently don't see any reason for poledit not to work with groups. Elrond From elrond at samba.org Sat May 13 16:41:22 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: ; from Paul J Collins on Sat, May 13, 2000 at 06:19:34AM +1000 References: <20000512213807.B2196@pclinux.igd.fhg.de> Message-ID: <20000513184121.E13802@baerbel.mug.maschinenbau.tu-darmstadt.de> Just a crazy idea: If you have NT4 Server, you should be able to create your own domain and then create a trust-relationship to both domains. That is: localdomain trusts domain-a localdomain trusts domain-b Would that work? Elrond On Sat, May 13, 2000 at 06:19:34AM +1000, Paul J Collins wrote: > >>>>> "Jens" == Jens Skripczynski writes: > > Jens> In our Lab we have one PC for checking which is included > Jens> into 5 network domains. > > I was under the impression that the only time more than two domains > are listed in the "Domain" list on the logon screen is when the domain > your machine is currently a member of trusts other domains. I don't > see how a machine could be a member of two unrelated domains and still > let you log on to both, since the only DOMAIN\Domain Users global > group in WKS\Users would be that belonging to the domain you most > recently joined. > > I had a root around in the Knowledge Base trying to find info on this, > but no joy. > > yours in curiosity, > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From Skripi at hrzpub.tu-darmstadt.de Sat May 13 17:31:35 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:52 2003 Subject: 10th run and samba-tng does not compile for me... Message-ID: <20000513193134.A12377@shadowland.sc> Hi, I do have a slight problem on compiling samba-tng on my linuxbox. It is in sync (done twice a complete new TNG checkout). But trying to compile TNG still fails. Suddenly the compilation stops at unpredicable places. After rerunning make the compilation continues. It does not seem to be a memory problem. G E N E R A L * * * * * * * * OS : linux (redhat 6.2b) Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) CVS-Branch : SAMBA_TNG Version/Date: today Error Type : not reproducealbe Short Desc. : 1) CFLAGS="-O2 -m486" \ ./configure \ --prefix=$INSTALLDIR \ --sysconfdir=/usr/local/etc/samba \ --localstatedir=/var/log/samba \ --libdir=/usr/local/etc/samba/lib \ --with-privatedir=/usr/local/etc/samba/private \ --with-sambaconfdir=/usr/local/etc/samba \ --with-lockdir=/var/lock/samba \ --with-sam-pwdb=passwd \ --with-gnu-ld \ --with-pam \ && make Compiling lib/set_uid.c In file included from include/includes.h:653, from lib/set_uid.c:22: include/nameserv.h:302: parse error at null character make: *** [lib/set_uid.o] Error 1 2)make Compiling smbd/message.c In file included from /usr/include/sys/unistd.h:1, from include/includes.h:96, from smbd/message.c:27: /usr/include/unistd.h:491: parse error at null character make: *** [smbd/message.o] Error 1 3) make Linking bin/samrd rpc_server/srv_pipe_ntlmssp.o: In function `api_ntlmssp_verify': rpc_server/srv_pipe_ntlmssp.o(.text+0x9f7): undefined reference to `map_nt_and_unix_username' bin/.libs/libsamrpass.so: undefined reference to `del_group_entry' bin/.libs/libsamrpass.so: undefined reference to `lookup_wk_alias_rid' .... bin/.libs/libsamrpass.so: undefined reference to `add_alias_member' collect2: ld returned 1 exit status make: *** [bin/samrd] Error 1 make fails from here with a constant error .... -------------- Has someone had/have a similar behavior ? As I'm not yet to bright in C coding and compiling, I relly can't understand why and where it fails. I only have the error messages... a1) Memory is not the problem there are always at least 5 MB physical (?) memory free a2) Disk space is not the problem there are 79 MB left on the device Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From pjdc at eircom.net Sat May 13 17:51:25 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:52 2003 Subject: NT domainmember in mulltiple domains In-Reply-To: Elrond's message of "Sun, 14 May 2000 02:43:15 +1000" References: <20000512213807.B2196@pclinux.igd.fhg.de> <20000513184121.E13802@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: >>>>> "Elrond" == Elrond writes: Elrond> If you have NT4 Server, you should be able to create your Elrond> own domain and then create a trust-relationship to both Elrond> domains. Elrond> That is: Elrond> localdomain trusts domain-a Elrond> localdomain trusts domain-b Elrond> Would that work? Before you can do that, the administrators of the domains you wish to trust must allow you to trust them. Under the hood, when they let you trust them, they are creating a special domain trust account; when you take the step of trusting thier domain, you are then utilising that account to authenticate against their SAM. The mechanism is very similar to the way a workstation trusts the domain. Detail: Go to http://support.microsoft.com/search and search by article ID for Q128489. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From ntdom at webbhq.net Sat May 13 22:08:23 2000 From: ntdom at webbhq.net (Rich Webb) Date: Tue Dec 2 02:29:52 2003 Subject: Where to get information In-Reply-To: <20000513175830.D13802@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <000001bfbd27$c1289620$0605a8c0@romeo.webbhq.net> > > On Sat, May 13, 2000 at 07:08:38AM +1000, Jens Skripczynski wrote: > [...] > > > and have domain groups that I can base policies on. > > You mean using the poledit Programm ? I currently can't remember anybody > > talking on that subject and would be interested if it is included ? > > Luke ? > [...] > > I use poledit with Samba, and it works fine, but I do not > use it with groups, just for the general computer and user > stuff. But I currently don't see any reason for poledit not > to work with groups. > > > Elrond > I haven't even gotten that far yet because I can't make my NT Terminal Server consistantly log into the samba server. I end up getting "unable to contact domain controller" sooner or later and nothing in the logs tell me what the problem is. Is there a more stable earlier version -- maybe 2.4 or something that I could get somewhere and where can I get it? Rich From Skripi at hrzpub.tu-darmstadt.de Sat May 13 23:11:41 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:52 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: <20000512235718.A2745@shadowland.sc>; from Skripi@hrzpub.tu-darmstadt.de on Sat, May 13, 2000 at 07:49:23AM +1000 References: <20000512235718.A2745@shadowland.sc> Message-ID: <20000514011141.A5571@shadowland.sc> Jens Skripczynski: > Hi, > > G E N E R A L > * * * * * * * * > OS : linux (redhat 6.2b) > Compiler : gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release) > CVS-Branch : SAMBA_TNG > Version/Date: today (how can I retrive the time of the last update ?) > Error Type : reproduceable > Short Desc. : libsamrpass.so fails to compile > Trigger : > export INSTALLDIR=$SW_ROOT/i386_lnx2/samba-TNG-`date +%Y.%m.%d` > echo $INSTALLDIR > CFLAGS="-O2 -m486" \ > /configure \ > --prefix=$INSTALLDIR \ > --sysconfdir=/usr/local/etc/samba \ > --localstatedir=/var/log/samba \ > --libdir=/usr/local/etc/samba/lib \ > --with-privatedir=/usr/local/etc/samba/private \ > --with-sambaconfdir=/usr/local/etc/samba \ > --with-lockdir=/var/lock/samba \ > --with-sam-pwdb=passwd \ > --with-gnu-ld \ > --with-pam \ > && make > ------------- Solution : traced things down to this: configure using option "--with-sam-pwdb=passwd \" make the compile fail. I don't know why since it is the standard build option. Doing all the above and leaving "--with-sam-pwdb=passwd \" out, tng compiles correctly (leaving out all the compile warnings...). Looking at the configure script i do not find any difference on the case statement at line 10608. Just the output of the configure skript is different. error with --with-sam-pwdb=passwd: Compiling groupdb/aliasdb.c with libtool bin/.libs/libsamrpass.so: undefined reference to `lookup_builtin_alias_name' bin/.libs/libsamrpass.so: undefined reference to `initialise_passgrp_db' bin/.libs/libsamrpass.so: undefined reference to `add_group_entry' bin/.libs/libsamrpass.so: undefined reference to `local_password_change' bin/.libs/libsamrpass.so: undefined reference to `initialise_group_db' bin/.libs/libsamrpass.so: undefined reference to `del_smbpwd_entry' bin/.libs/libsamrpass.so: undefined reference to `initialise_builtin_db' .... Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From peter at cadcamlab.org Sun May 14 00:00:56 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:52 2003 Subject: NT domainmember in mulltiple domains References: <20000512213807.B2196@pclinux.igd.fhg.de> <20000513184121.E13802@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <14621.60501.886452.509048@wire.cadcamlab.org> [Elrond ] > If you have NT4 Server, you should be able to create your own domain > and then create a trust-relationship to both domains. Should work ... IF you have an NT4 Server. An expensive solution, to be sure. Peter From lkcl at samba.org Sun May 14 08:54:32 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: <20000513110815.A24692@shadowland.sc> Message-ID: public cvs is in a chroot jail, synchronised with the real cvs tree using rsync. no public unsecured access is allowed to the real cvs tree. On Sat, 13 May 2000, Jens Skripczynski wrote: > Luke Kenneth Casson Leighton: > > hey, guys, try complete new checkouts. destroy the entire cvs copy you > > have, don't use cvs update, i think public cvs got out-of-sync. > *Grmpf* I think someone should improve this. > Everytime it is out of sync, I have to suck 23 MB from the web again. > > Anyway, how is it possible for cvs to be out of sync ? I mean the > connection can terminate in between and cvs will automatically continue > where it stopped. > > > Ciao > > Jens Skripczynski > -- > E-Mail: skripi@hrzpub.tu-darmstadt.de > > Computers are like airconditioners: They stop working > properly if you open windows. > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Sun May 14 08:58:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: Message-ID: On Sat, 13 May 2000, Sander Striker wrote: > PS. Luke, I somewhat guessed the above part and would like you to correct > me where I'm wrong. Is there a way to improve cvs behaviour, ie. make > update work all the time? 23MB seems a lot... don't know. i use dialup to download over dialup sometimes. when i do this, i only do the samba/source directory: cvs co samba/source. From lkcl at samba.org Sun May 14 08:58:59 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: CVS getting out of sync {was: Re: TNG does not compile} In-Reply-To: Message-ID: > I don't really get this either. If we're all talking to the one cvs > repository, you're not. > how do things get out of sync? don't know. > If there are two cvs > repositories, how does stuff get from the private one to the public > one? rsync. From lkcl at samba.org Sun May 14 09:00:35 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: TNG does not compile (libsamrpass.so undefined reference to ...) In-Reply-To: Message-ID: > in log.smb. However, if I restart samba (i.e. all the daemons, > haven't tried each one in turn) I can browse right into my server. i know why this is. > domain_client_validate: check lockout / pwd expired! > However, that message regarding the lockout/expiration intrigues me. it's a TODO. would you believe it, but NT relies on the clients doing certain kinds of validations [e.g. login allowed only from certain wkstas etc]. From lkcl at samba.org Sun May 14 09:01:57 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: TNG shared lib In-Reply-To: <391D64C4.BCFBBB9B@hvcc.edu> Message-ID: On Sun, 14 May 2000, William Jojo wrote: > > > Did a complete refresh as suggested by Luke, but still have problem with shared > lib compile... apparently, this is normal for libtool on aix to get it wrong. search libtool and ltmain.sh for place to email a bug-report. From Skripi at hrzpub.tu-darmstadt.de Sun May 14 12:47:17 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:52 2003 Subject: Theoretical Question about Databases Message-ID: <20000514144717.A3665@shadowland.sc> Hi, 1) I wanted to ask about the new Database shemes and what they are supposed to be implementing. The currtent smbpasswd sheme only implements the storing of - Users with SIDS and Passwords - WS of the current Domain with SIDS. This old scheme will fail in the Future if most of the PDC Concept shall be emulated by TNG: - Users information will not only contain SIDS and Password but: - as by Usermanager - Full Name - Describtion - Groupmembership - logon Times for certain Machines... - PDC database containig - the own DOMAIN SID (?) - the WS Sids of the DOMAIN - Passwords and Accounts for trusted relationship - SIDS for established relationships - ... a) Is the current database implementing these issues ? b) Is the LDAP port also implementing the same or are there any differences ? c) What about some pluggable database, in case there are more to come, so that any database can be plugged in for use. 2) The administrative User from NT side should not have UID 0 I know that under all circumstances UID 0 and mode 0600 for smbpasswd shields the password database from misuse and insecurity. But in my opinion the root-account in only used for administrative use on the Machine such that installing or upgrading Programms. Also (if) TNG is totally behaves like a PDC people used to NT might not see the difference and delete certain files, they could not, if the do not obtain UID 0. In my opionion some properly code "sudo" Group, that gets for Administrative Use the uid 0 priviligdes would be great. Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From AVShutko at mail.khstu.ru Mon May 15 01:24:35 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:52 2003 Subject: Winbind. where is the nss.h?? Message-ID: <17517.000515@mail.khstu.ru> Hello, could anybody tell me how i can make winbind daemon ? Is it ready or not ? I looked in its source and understand that it is a part of domain inter-trust code.... but then I try to compile it with bash-2.03#./make nsswitch [skipped] Compiling nsswitch/winbind_nss.c with -fpic In file included from nsswitch/winbind_nss.c:25: nsswitch/winbind_nss_config.h:62: nss.h: No such file or directory *** Error code 1 Where is this file ? A.V.Shutko mailto:AVShutko@mail.khstu.ru From gcarter at valinux.com Mon May 15 02:52:58 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:52 2003 Subject: Winbind. where is the nss.h?? References: <17517.000515@mail.khstu.ru> Message-ID: <391F668A.35546A13@valinux.com> "A.V.Shutko" wrote: > > Where is this file ? >From a RedHat 6.2 system [gcarter@pogo gcarter]2$ cd /usr/include/ [gcarter@pogo include]3$ ls -l nss* -rw-r--r-- 1 root root 1750 Feb 29 15:58 nss.h [gcarter@pogo include]4$ rpm -qf nss.h glibc-devel-2.1.3-15 Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From schs at apatity.ru Mon May 15 05:18:12 2000 From: schs at apatity.ru (Sergey Shibeko) Date: Tue Dec 2 02:29:52 2003 Subject: How to hide unnecessary groups shown in the list of the users and groups Message-ID: <003f01bfbe2d$03dbb780$0a02a8c0@SAMBA> How to hide unnecessary groups shown in the list of the users and groups. Now they through domaingroup.map are shown as "SYSTEM" adm_gr = SYSTEM audio_gr = SYSTEM bin_gr = SYSTEM cdrom_gr = SYSTEM console_gr = SYSTEM daemon_gr = SYSTEM dip_gr = SYSTEM disk_gr = SYSTEM floppy_gr = SYSTEM ftp_gr = SYSTEM It would be desirable that the group was one or unnecessary were not visible. From jakubowski at szczecin.top.pl Mon May 15 09:32:11 2000 From: jakubowski at szczecin.top.pl (Marcin Jakubowski) Date: Tue Dec 2 02:29:52 2003 Subject: Wins In-Reply-To: <20000512230242.A1444@shadowland.sc> Message-ID: On Sat, 13 May 2000, Jens Skripczynski wrote: > Date: Sat, 13 May 2000 07:13:04 +1000 > From: Jens Skripczynski > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Wins > > Marcin Jakubowski: > > I have Linux as a PDC and win95/98 log in domain without problem. > 1) PDC functionality has _nothing_ to do with 95/98 domain logons. > Primary Domain Controller was and the underlying security system > can only be used with NT4 and NT5 alias NT 2000. > > > My friend have real WinNT but his wins cann not see my network. > Well your information is not sufficient on this subject. > 1) be your friends setup (IPX or TCP/IP). > 2) smb.conf file > 3) did you enable wins > 4) What do the logfiles tell you ? > This is my smb file, my network is a.a.a.a and all machines in my network log in to samba (masq net too) in c.c.c.c network is another Debian and I can mount his shares. Problem is with b.b.b.b network where is Win NT and another domain. A have added b.b.b.b PDC into lmhost and I can list and mount shares from this machines on a.a.a.a PDC and other linux machines in my network but his wins on NT can't see my computer. I have nothing in my log files when WinNT try to search my wins. [global] invalid users = root security = domain workgroup = TERNET server string = %h server (Samba %v) socket options = SO_BROADCAST IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096 keepalive = 45 nt acl support = yes strict locking = yes blocking locks = True shared mem size = 5242880 domain logons = yes logon script = netlogin.bat max connections = 0 keepalive = 180 lock directory = /var/samba change notify timeout = 15 deadtime = 10 character set = ISO8859-2 client code page = 852 wins support = yes remote browse sync = 10.0.0.1 remote browse sync = 192.168.1.1 remote browse sync = c.c.c.c remote browse sync = b.b.b.b remote browse sync = a.a.a.a remote announce = 192.168.1.0/255.255.255.0 remote announce = c.c.c.c/255.255.255.224 remote announce = b.b.b.b/255.255.255.224 remote announce = a.a.a.a/255.255.255.255 interfaces = 192.168.1.1/255.255.255.0 10.0.0.0/255.255.255.0 a.a.a.a/255.255.255.255 name resolve order = lmhosts wins bcast host os level = 128 domain master = yes local master = yes preferred master = yes dns proxy = yes wins proxy = yes preserve case = no short preserve case = no unix password sync = false passwd program = /usr/bin/passwd %u passwd chat = *New\spassword:* %n\n *Re-enter\snew\spassword:* %n\n *Password encrypt passwords = yes [homes] comment = Home Directories browseable = yes read only = no create mask = 0700 directory mask = 0700 writable = yes [netlogon] path = /etc/samba/login writable = no guest ok = no [www] path = /var/www writable = yes browseable = yes TIA -- Marcin Jakubowski, InterNetia Telekom .''`. mailto:jakubowski@szczecin.top.pl : :' : `. `' `- From jahall at nea.org Mon May 15 13:48:50 2000 From: jahall at nea.org (jahall@nea.org) Date: Tue Dec 2 02:29:52 2003 Subject: SPOOLSS Message-ID: What is the latest information concerning the status of the spoolss upgrade necessary to allow NT Clients with service pack 5 and higher to print? Thanks for your help Jay From pll at mclinux.com Mon May 15 18:05:06 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:52 2003 Subject: 2.0.7 and WinNT 4.0 logins? Message-ID: <200005151805.OAA17072@coda.mclinux.com> Hi all, Someone late last week mentioned to me that 2.0.7 would not allow NT4.0 systems to take part in a Samba controlled domain. Is this true? What I want to do (since we have so few NT systems here) is enable plaintext passwords on all win98/NT systems so they can authenticate against a Samba PDC using NIS. I know this worked in the past with Win95/98, and I could've sworn it worked for NT4.0 as well, but this was back around 2.0.4 or so. Am I still okay going this route with 2.0.7? Thanks, -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From elrond at samba.org Mon May 15 19:27:03 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: OT: Trusts and winlogon problems Message-ID: <20000515212702.A19926@baerbel.mug.maschinenbau.tu-darmstadt.de> Okay, this time, I would appreciate some help from the nt gurus here. Here's the scenario: There's an NT-Terminal-server, which is a member of an NT-Domain. This NT-Domain now trusts my Samba-Domain (was some tricky, I'll write something about that too). This seems to work mainly (there are small issues, if neccessary, I'll explain them). Mainly means: The NT-PDC has my samba-domain in its logon-box. BUT: The Terminal-Server doesn't have it in its logon-box. For understandable reasons, I can't currently reboot it. I tried to stop and start the logon-service ("Anmeldedienst" in german, not sure, if I translated it corrctly back) on it, but that did't help. So how do I tell the Terminalserver to "reread" the lists of valid domains from its PDC? Just as a side-note: The trust-relationship seems to work, as I can access shares on the Terminalserver with accounts from my samba-domain, so the main trust works, just the logon-box doesn't list my domain. This should be fixable by rebooting, which I currently don't want to do. Elrond From GLeblanc at cu-portland.edu Mon May 15 20:09:55 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:52 2003 Subject: Trusts and winlogon problems Message-ID: > -----Original Message----- > From: Elrond [mailto:elrond@samba.org] > Sent: Monday, May 15, 2000 12:30 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: OT: Trusts and winlogon problems > > Okay, this time, I would appreciate some help from the nt > gurus here. Well, I don't think there'a any such thing as an "NT Guru", but let me see what I can answer. > Here's the scenario: > > There's an NT-Terminal-server, which is a member of an > NT-Domain. This NT-Domain now trusts my Samba-Domain (was > some tricky, I'll write something about that too). This > seems to work mainly (there are small issues, if > neccessary, I'll explain them). That's kinda cool... I'm going to have to try that out. > Mainly means: The NT-PDC has my samba-domain in its > logon-box. > > BUT: The Terminal-Server doesn't have it in its logon-box. > For understandable reasons, I can't currently reboot it. I > tried to stop and start the logon-service ("Anmeldedienst" > in german, not sure, if I translated it corrctly back) on > it, but that did't help. The "native" name is "netlogon". > So how do I tell the Terminalserver to "reread" the lists > of valid domains from its PDC? It should do that as part of the browser services on NT. Try restarting the "computer browser" service, assuming that it doesn't have any dependancies (sorry, I can't remember any, but who knows). I'd think that either this service, or the "server" service would be in charge of these. However, if you restart the server service, you're going to cut everybody off, which doesn't sound high on your list of things to do today. Other than that, I don't see any possibilities except rebooting the server. > Just as a side-note: The trust-relationship seems to work, > as I can access shares on the Terminalserver with > accounts from my samba-domain, so the main trust works, > just the logon-box doesn't list my domain. This should be > fixable by rebooting, which I currently don't want to do. Ah, just reboot and cut everybody. They're only NT users, who cares? :-) Grego From pjdc at eircom.net Mon May 15 21:33:10 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:52 2003 Subject: Trusts and winlogon problems In-Reply-To: Gregory Leblanc's message of "Tue, 16 May 2000 06:13:18 +1000" References: Message-ID: >>>>> "Gregory" == Gregory Leblanc writes: Gregory> It should do that as part of the browser services on NT. I have a vague recollection that the building of the domain list is handled by the Local Security Authority, LSASS.EXE, but restarting that would probably not be a good idea of the server is in use. Perhaps calling WaitForSingleObject(GetProcessHandle("LKCL.EXE")) is in order? ;-) Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From brandon at sci.brooklyn.cuny.edu Tue May 16 00:28:31 2000 From: brandon at sci.brooklyn.cuny.edu (Brandon) Date: Tue Dec 2 02:29:52 2003 Subject: SAMBA-TNG and LDAP Message-ID: <86ln1buymo.fsf@DEC.stephenst.org> I've been working with samba-tng and ldap and would like to know what the differences between the --with-ldap and --with-nt5ldap options are. I know you need to use --with-sam-pwdb=nt5ldap to have samba store its user database in ldap but then what does --with-ldap do? Brandon From brandon at sci.brooklyn.cuny.edu Tue May 16 00:15:11 2000 From: brandon at sci.brooklyn.cuny.edu (Brandon) Date: Tue Dec 2 02:29:52 2003 Subject: LDAP and SAMBA-TNG Message-ID: <86puqnuz8w.fsf@DEC.stephenst.org> I have been working with ldap with samba-tng and was wondering what the differences between --with-ldap and --with-nt5ldap configure options are. I know that you need to specify --with-sam-pwdb=nt5ldap to have samba store the user database in ldap but then what does --with-ldap do? Brandon From tom at ee.ucl.ac.uk Tue May 16 13:12:16 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:52 2003 Subject: samba-TNG does not allow shares to be accessed Message-ID: <200005161312.OAA06863@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 1300 BST 16/5/00 Solaris 2.7 Sparc64 gcc 2.8.1 samba-TNG now compiles again, after a complete removal of the samba tree and a new cvs check-out. The problem of being unable to access any shares on domain login from a client is still there. Log fragment follows. ncalrpc_l_send_prs: data: 89140 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 24 00 00 00 ........ 0...$... [010] 18 00 00 00 65 00 04 00 3D B4 24 89 D6 D0 6F 48 ....e... =.$...oH [020] 00 00 00 49 00 00 00 00 01 01 00 00 00 00 00 05 ...I.... ........ write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: data_end: 72 and offset 56 wrong rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'tom': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=1536 smt_wct=0 smb_bcc=0 Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lkcl at samba.org Tue May 16 13:18:16 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:52 2003 Subject: OT: Trusts and winlogon problems In-Reply-To: <20000515212702.A19926@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: elrond, the fn call to look at is net_trust_dom_list, in srv_netlogon_nt.c. On Tue, 16 May 2000, Elrond wrote: > > Okay, this time, I would appreciate some help from the nt > gurus here. > > Here's the scenario: > > There's an NT-Terminal-server, which is a member of an > NT-Domain. This NT-Domain now trusts my Samba-Domain (was > some tricky, I'll write something about that too). This > seems to work mainly (there are small issues, if > neccessary, I'll explain them). > > Mainly means: The NT-PDC has my samba-domain in its > logon-box. > > BUT: The Terminal-Server doesn't have it in its logon-box. > For understandable reasons, I can't currently reboot it. I > tried to stop and start the logon-service ("Anmeldedienst" > in german, not sure, if I translated it corrctly back) on > it, but that did't help. > > So how do I tell the Terminalserver to "reread" the lists > of valid domains from its PDC? > > Just as a side-note: The trust-relationship seems to work, > as I can access shares on the Terminalserver with > accounts from my samba-domain, so the main trust works, > just the logon-box doesn't list my domain. This should be > fixable by rebooting, which I currently don't want to do. > > > Elrond > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From cwg-samba-ntdom at DeepEddy.Com Tue May 16 14:30:14 2000 From: cwg-samba-ntdom at DeepEddy.Com (Chris Garrigues) Date: Tue Dec 2 02:29:52 2003 Subject: There are still login problems In-Reply-To: References: Message-ID: <12260.958487414@backstroke.deepeddy.com> > From: Luke Kenneth Casson Leighton > Date: Fri, 12 May 2000 19:24:48 +1000 > > On Fri, 12 May 2000, Tim Deegan wrote: > > > Hi, > > > > On Fri, May 12, 2000 at 02:48:54PM +1000, Lars Kneschke wrote: > > > Hello! > > > > > > Some days ago 3 or 4 people posted a email, that they can't login corec > tly. > > > After login you get a message that win nt can't load the profile, and i > n > > > smb.log you will see, that samba thinks that the supplied password is w > rong. > > > But the password is ok, you login using smbclient. This problems still > > > exists. If no one will fix it, samba tng is not useable, and no serious > > > testing can be done! > > > > > > Have some other people this problem too? > > > > Yes, from Win2k, the login was accepted but then the win2k user > > couldn't access shares on the Samba Server (TNG alpha 2.5.3 on > > RH6.2/x86). > > i have an idea of what probl. is. > Has this problem been fixed in CVS? I'm being bitten by this in TNG alpha 2.5.2; if it's been fixed, I'd like to try the CVS version. Chris -- Chris Garrigues virCIO http://www.DeepEddy.Com/~cwg/ http://www.virCIO.Com +1 512 432 4046 +1 512 374 0500 4314 Avenue C O- Austin, TX 78751-3709 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 239 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000516/0f5d7261/attachment.bin From oolberg at eenet.ee Tue May 16 17:47:40 2000 From: oolberg at eenet.ee (Imre Oolberg) Date: Tue Dec 2 02:29:52 2003 Subject: windows 2000 and samba as its PDC Message-ID: Hallo, i can say that i have used samba for some good years and its great. I put into work a 12 NT 4.0 workstations computerclass and Samba as its PDC, it does user autentication and logging and printer sharing and fileshareing. Now i try to do the same with Windows 2000 (Proffessional) Client. I can visit from these clients Samba Shares and vice versa, visit 2000 thru smbclient. But i seem to bo not able to set up 2000 so that samba authenticates its users ie is 2000's PDC. When i choose from 2000 Start -> Control Panel -> System -> Network ID -> Propeties and try to change Workgroup into domain it open a dialog and sais 'Enter the name and the password of the account with permission tojoin the domain' When i did it under administrator and gave my personal Samba username and password it repied 'The procedure number is out of range' I used samba 2.0.7 and compiled it like ./configure; make install and used the same smb.conf which worked great for NT logins and PDCing. I suspect i need some weird username&passord ie account to set up somewhere for joining the bloody 2000 into that domain. Please help me out! Best regards, Imre From elrond at samba.org Tue May 16 18:15:52 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: OT: Trusts and winlogon problems In-Reply-To: ; from Luke Kenneth Casson Leighton on Tue, May 16, 2000 at 11:18:16PM +1000 References: <20000515212702.A19926@baerbel.mug.maschinenbau.tu-darmstadt.de> Message-ID: <20000516201552.A17634@baerbel.mug.maschinenbau.tu-darmstadt.de> On Tue, May 16, 2000 at 11:18:16PM +1000, Luke Kenneth Casson Leighton wrote: > > elrond, the fn call to look at is net_trust_dom_list, in > srv_netlogon_nt.c. Thanks for the hint. But: This is more an NT-problem (also it turns to also have some other issues, more below) It is like this: NT-Terminal-Server | member-of | V NT-PDC-controlled-Domain. | trusts | V Samba-PDC-controlled-Domain. I just can't reboot the Terminalserver (it's not "mine", also they were kind enough to give me the admin-pw, and there are some big calculations running on it) And the problem is, that the samba-domain is not showing up in the listbox, when you try to log into the terminal-server. >From your suggestion, I run rpcclient against the TS and did a domlist and samba-dom was in it. So the main things seem to work, just that listbox doesn't want to contain the new domain. (I said, it's an nt-issue, and I guess, rebooting will help) Now about the samba-related stuff: (I have to note, since it's more "production", it's currently an older samba version, but I'm updating it while typing this mail.) Here's, what I did and what happened: First off all, I remembered, that the "trusting domains" parameter in smb.conf was useless, no code used it, so I didn't even touch it. So I just created an nt-dom$ in my passwd, did the "createuser nt-dom$ -i", and "samuser nt-dom$ -p pw", then called the admin of the nt-box to do the right stuff in usrmgr on his pdc. Until here, all seemed to have worked properly. So I tried to access their boxes with smbclient / rpcclient. This failed somehow, after some debugging, raising log-levels and stuff like that, I got it: The nt-pdc does some net_req_chal, but with its own name as the "trust-account", not the name of its domain. So I thought, "you want your name, okay, you can have that too" and added nt-pdc$ also as an interdom-trust-account, did set the same pw, et voila, smbclient / rpcclient worked fine. (more on this stuff below...) Now we come to something, that might be a problem in samba (that's, why I'm updating it): After a while, I started to ask myself, wether interactive logons would work anyway, so I asked the admin of the nt-pdc to log into his pdc with some account from the samba-domain. This failed, and NT said something about "the trust-connection between the primary and the trusting domain could not be set up." or the like. I currently haven't got good logs for this, so this is just a start of a possible "bug". Okay, that's, where I'm currently. So after the above nt-pdc$-action, I asked myself, wether NT-Servers, that let other domains other domains trust it, also had this stuff, and what it was created like, so I got to some company with lots of nt, compiled rpcclient on a small Sun and checked. There wasn't any nt-pdc$, just nt-dom$. So how does NT handle this stuff? The thing, I could imagine, would be: trusting-pdc connects to trusted-pdc, requests chal for "trusting-pdc". trusted-pdc now does some lots of work (querying wins, doing dclist on 138, etc.) to get a complete list of dcs for trusting-dom and verify, that trusting-pdc is in there. and then traet "trusting-pdc" as "trusting-dom". I wasn't able to get any traces from pdc-to-pdc in that company (I was glad, I could run rpcclient towards theier boxes.) Elrond > > > On Tue, 16 May 2000, Elrond wrote: > > > > > Okay, this time, I would appreciate some help from the nt > > gurus here. > > > > Here's the scenario: > > > > There's an NT-Terminal-server, which is a member of an > > NT-Domain. This NT-Domain now trusts my Samba-Domain (was > > some tricky, I'll write something about that too). This > > seems to work mainly (there are small issues, if > > neccessary, I'll explain them). > > > > Mainly means: The NT-PDC has my samba-domain in its > > logon-box. > > > > BUT: The Terminal-Server doesn't have it in its logon-box. > > For understandable reasons, I can't currently reboot it. I > > tried to stop and start the logon-service ("Anmeldedienst" > > in german, not sure, if I translated it corrctly back) on > > it, but that did't help. > > > > So how do I tell the Terminalserver to "reread" the lists > > of valid domains from its PDC? > > > > Just as a side-note: The trust-relationship seems to work, > > as I can access shares on the Terminalserver with > > accounts from my samba-domain, so the main trust works, > > just the logon-box doesn't list my domain. This should be > > fixable by rebooting, which I currently don't want to do. > > > > > > Elrond > > > > Luke Kenneth Casson Leighton > Samba and Network Development > Samba Web site > Macmillan Technical Publishing > > ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From jroman6 at ford.com Tue May 16 18:51:15 2000 From: jroman6 at ford.com (Roman, James (J.D.)) Date: Tue Dec 2 02:29:52 2003 Subject: Copying files from Unix to NT while maintaining ownership Message-ID: <200005161851.OAA04359@mailfw6.ford.com> Skipped content of type multipart/alternative-------------- next part -------------- A non-text attachment was scrubbed... Name: Roman, James (J.D.).vcf Type: application/octet-stream Size: 540 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000516/f192d2c9/RomanJamesJ.D..obj From hwimmer at bakerref.com Tue May 16 20:43:24 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:52 2003 Subject: windows 2000 and samba as its PDC Message-ID: <020701bfbf77$642f2d10$9f01a8c0@523.bakerref.com> i dunno if this helps or not, but under nt4server i had to add an entry in the /etc/passwd file with the username as the machinename & a $ sign, for example www$ then run smbpasswd for that user, then the machine acct is created...when the machine logs in for the first time (remember you set a blank passwd) it will change the password. if you ever remove it from the domain i think you need to repeat the steps. does this help? From AVShutko at mail.khstu.ru Wed May 17 06:59:25 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:52 2003 Subject: smbd Internal Error.... (bug report) Message-ID: <14749.000517@mail.khstu.ru> OS : FreeBSD 3.3-RELEASE #1: Tue Feb 22 19:12:08 VLAT 2000 Compiler : gcc version 2.7.2.3 CVS-Branch : SAMBA_TNG Version/Date : CVS (17.05.00 15:00) Error Type : reproduceable (or not ?) Short Desc. : smbd Internal Error (many times) *after* heavy load... Trigger : I run two Far manager under NT for searching substring in ~50000 files (~700Mb) and sometimes after searching smbd got frequentative errors on dir reading: May 17 17:22:06 service /kernel: pid 71793 (smbd), uid 0: exited on signal 6 May 17 17:22:16 service /kernel: pid 73935 (smbd), uid 0: exited on signal 6 May 17 17:22:21 service /kernel: pid 74003 (smbd), uid 0: exited on signal 6 May 17 17:22:26 service /kernel: pid 74060 (smbd), uid 0: exited on signal 6 May 17 17:23:56 service /kernel: pid 74117 (smbd), uid 0: exited on signal 6 May 17 17:23:57 service /kernel: pid 74385 (smbd), uid 0: exited on signal 6 (core dumped) May 17 17:23:57 service /kernel: pid 74386 (smbd), uid 0: exited on signal 6 (core dumped) May 17 17:24:10 service /kernel: pid 72068 (smbd), uid 0: exited on signal 6 May 17 17:25:06 service /kernel: pid 71783 (smbd), uid 0: exited on signal 6 (core dumped) If I restart all services it worked fine. --------------------------------------------------------------------------------------------- GDB info : Backtrace (gdb) where #0 0x282573d0 in ?? () #1 0x281621f3 in ?? () #2 0x2815a0ae in ?? () #3 0x2815a100 in ?? () #4 0xbfbfdfdc in ?? () #5 0x807f448 in ?? () #6 0x8057517 in ?? () #7 0x80506d4 in ?? () #8 0x80510b7 in ?? () #9 0x8050021 in ?? () --------------------------------------------------------------------------------------------- part of logs: [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(40) =============================================================== [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(41) INTERNAL ERROR: Signal 11 in pid 72068 (TNG-alpha) Please read the file BUGS.txt in the distribution [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(43) =============================================================== [2000/05/17 17:24:10, 0] lib/util.c:smb_panic(1381) PANIC: internal error A.V.Shutko mailto:AVShutko@mail.khstu.ru From elrond at samba.org Wed May 17 12:43:27 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: smbd Internal Error.... (bug report) In-Reply-To: <14749.000517@mail.khstu.ru>; from A.V.Shutko on Wed, May 17, 2000 at 05:02:48PM +1000 References: <14749.000517@mail.khstu.ru> Message-ID: <20000517144327.A19592@baerbel.mug.maschinenbau.tu-darmstadt.de> Hi, Can you try to disable all maps? I know, that's not nice, but I suspect a memory-corruption in domainname_map.c Alternatively, you could try "qualifying" all nt-names in the maps with the appropiate domainname and don't use any other domains than the one, you're controlling: ntadmins="YOURDOMAIN\Domains Admins" Please report your results. On Wed, May 17, 2000 at 05:02:48PM +1000, A.V.Shutko wrote: [...] > GDB info : > Backtrace > (gdb) where > #0 0x282573d0 in ?? () > #1 0x281621f3 in ?? () > #2 0x2815a0ae in ?? () > #3 0x2815a100 in ?? () > #4 0xbfbfdfdc in ?? () > #5 0x807f448 in ?? () > #6 0x8057517 in ?? () > #7 0x80506d4 in ?? () > #8 0x80510b7 in ?? () > #9 0x8050021 in ?? () Not very helpful, you should recompile with debugging. (configure.developer) > --------------------------------------------------------------------------------------------- > part of logs: > > [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(40) > =============================================================== > [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(41) > INTERNAL ERROR: Signal 11 in pid 72068 (TNG-alpha) > Please read the file BUGS.txt in the distribution > [2000/05/17 17:24:10, 0] lib/fault.c:fault_report(43) > =============================================================== > [2000/05/17 17:24:10, 0] lib/util.c:smb_panic(1381) > PANIC: internal error Well, that's the part of the log, we all know, interesting are the lines above it (not currently, as I have some ideas, what's happening, I was debugging a long time this morning.) Elrond From elrond at samba.org Wed May 17 12:47:35 2000 From: elrond at samba.org (Elrond) Date: Tue Dec 2 02:29:52 2003 Subject: samba-TNG does not allow shares to be accessed In-Reply-To: <200005161312.OAA06863@picard.ee.ucl.ac.uk>; from Tom Crummey on Tue, May 16, 2000 at 11:13:48PM +1000 References: <200005161312.OAA06863@picard.ee.ucl.ac.uk> Message-ID: <20000517144734.B19592@baerbel.mug.maschinenbau.tu-darmstadt.de> Hi, I've seen this too. Can you take a look at my other post, some minutes ago, "smbd internal error"? I think, this is related... Elrond On Tue, May 16, 2000 at 11:13:48PM +1000, Tom Crummey wrote: > Hello, > > samba-TNG cvs update 1300 BST 16/5/00 Solaris 2.7 Sparc64 gcc 2.8.1 > > samba-TNG now compiles again, after a complete removal of the samba tree > and a new cvs check-out. > > The problem of being unable to access any shares on domain login from a client > is still there. > > Log fragment follows. > > ncalrpc_l_send_prs: data: 89140 len 48 > [000] 05 00 00 00 10 00 00 00 30 00 00 00 24 00 00 00 ........ 0...$... > [010] 18 00 00 00 65 00 04 00 3D B4 24 89 D6 D0 6F 48 ....e... =.$...oH > [020] 00 00 00 49 00 00 00 00 01 01 00 00 00 00 00 05 ...I.... ........ > write_socket(14,48) > write_socket(14,48) wrote 48 > rpc_api_pipe_req: data_end: 72 and offset 56 wrong > rpc_con_pipe_req FAILED > cli_nt_setup_creds: request challenge failed > domain_client_validate: credentials failed (\\.) > SMB LM/NT Password did not match! > Rejecting user 'tom': authentication failed > 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: > Unknown error (109,49152)] > error string = No such file or directory > size=35 > smb_com=0x73 > smb_rcls=109 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=16384 > smb_tid=0 > smb_pid=65279 > smb_uid=0 > smb_mid=1536 > smt_wct=0 > smb_bcc=0 > > > Tom. > > ---------------------------------------------------------------------------- > Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk > Department of Electronic and Electrical Engineering, > University College London, TEL: +44 (0)20 7679 3898 > Torrington Place, FAX: +44 (0)20 7388 9325 > London, UK, WC1E 7JE. > ---------------------------------------------------------------------------- From gcarter at valinux.com Wed May 17 13:02:33 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:52 2003 Subject: SPOOLSS References: Message-ID: <39229869.CDA0C084@valinux.com> jahall@nea.org wrote: > > What is the latest information concerning the status of > the spoolss upgrade necessary to allow NT Clients with > service pack 5 and higher to print? Plans are to include it in the next stable release. The code base is currently checked in to the HEAD development branch. Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From sibilia at ims.ee.ethz.ch Wed May 17 13:02:20 2000 From: sibilia at ims.ee.ethz.ch (Riccardo Sibilia) Date: Tue Dec 2 02:29:52 2003 Subject: HEAD to TNG help Message-ID: <3922985C.3F946D03@ims.ee.ethz.ch> Hi! I am trying to set up a TNG server with the most up-to-date cvs code. I was running the HEAD branch until today. My feeling is that the smbpasswd file or the server SID cannot be simply copied to the TNG code. Is that so? The deamons seem to run ok, but refuse to authenticate my users, etc. Sorry if this is a FAQ, I have been searching for an answer to this around but w/o luck... Rick -- Riccardo Sibilia sibilia@ims.ee.ethz.ch Institute for Military Security Technology http://www.ims.ee.ethz.ch/ Auf der Mauer 2 Tel. +41 1 252 6260 8001 Zurich / Switzerland Fax. +41 1 252 1667 From ctooley at joslyn.org Wed May 17 15:37:02 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:52 2003 Subject: Registry entries via netlogon batch file Message-ID: <3922BC9E.6014BD1F@joslyn.org> Is there any way to make registry changes to a client machine (change a DWORD value and a key value). I am trying to automate the roll over from one Samba login erver to another, via scripting and redundancy of machines. My thought process is to: Move all of the shares, home directories and user information to the new machine (which is relatively easy to do), and create a samba login server to handle logins to "NEWDC". All of the users trying to log into this DC will have to use encrypted passwords. However, all of the users are using "PlainTextPasswordsEnabled" to login into the old login server "OLDDC" (names have been changed to protect the innocent :)). I want to mount the data on the "NEWDC" via NFS (probably safer) or if possible SMBfs (much easier as they are already going to be shared this way) mounts and reshare them in the same way OLDDC has been sharing them all along. This way users notice nothing but a very slight slow down in performance (I hope). When they logon to the OLDDC server I want to make the necessary registry changes to change the Domain they are logging into and to disable PlainTextPasswords (which is very easy to do). The next time they reboot, they never know the difference other than some of the names have changed, which they won't notice anyway. Does anyone see any holes in this and if it seems somewhat plausible can someone tell me how to make the registry changes via the Netlogon script? We have a different script for each user and a universal script for every user. Both of which are ran at login time. I'm thinking at this point that it would be better to put this in the user's script so that I can allow for differences between Win 95 and 98. I have no NT Workstations to worry about so this should be a fairly simple task, I'm thinking. I just want it to be almost totally invisible to the user. I appreciate any help and any suggestions. Chris Tooley From Gordon.Morrison at vf.vodafone.co.uk Wed May 17 13:53:48 2000 From: Gordon.Morrison at vf.vodafone.co.uk (Gordon.Morrison@vf.vodafone.co.uk) Date: Tue Dec 2 02:29:52 2003 Subject: Samba problem: Delayed access with multiple shares Message-ID: <1763F57BB8BAD211B06500A0C9E5D92002B14BD0@barking.vodafone_ip> I'm hoping you can help with a Samba problem that has been going on for some time now. A group of users are having problems with a couple of shares I set up recently. They are running windows NT 4, and sharing an area on a server running HP-UX. When they log onto the network and enter their password for these samba shares, they get the error message "Incorrect password or unknown username for (share_name)". They try several times with the same result, but if they leave it for a few minutes and try again, their password is accepted. When I map these drives on my own PC, I have no problem. At first, I thought it must be a network problem, so I got our Network Support people to have a look, but they couldn't find anything wrong. These people have lots of shares on various different servers, and the affected ones are the last ones added (drives W: & X:). They have at least one other share on the same server which works fine, and was used as a template for creating the affected shares. As an experiment I asked them to change the order of their share drive letters so that the affected shares are connected earlier - this made no difference. The new shares are set up exactly the same as other shares they have been using for months without problems. The log files don't contain any of the errors associated with "shared mem size" being set too low (it is set to the default), likewise "max open files" and "max connections" are also using the default values. Any help you could offer would be much appreciated. Thank you Gordon Morrison ITSD Unix Support gordon.morrison@vf.vodafone.co.uk =========================== It's my delusion That science has proven That atoms are only illusions But everything else is real =========================== From nord at cdt.luth.se Wed May 17 14:38:31 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:53 2003 Subject: windows 2000 and samba as its PDC References: Message-ID: <3922AEE7.55DED83E@cdt.luth.se> Imre Oolberg wrote: > > Hallo, > > i can say that i have used samba for some good years and its great. > I put into work a 12 NT 4.0 workstations computerclass and Samba as its > PDC, it does user autentication and logging and printer sharing and > fileshareing. > > Now i try to do the same with Windows 2000 (Proffessional) Client. > I can visit from these clients Samba Shares and vice versa, visit 2000 > thru smbclient. But i seem to bo not able to set up 2000 so that samba > authenticates its users ie is 2000's PDC. > > When i choose from 2000 Start -> Control Panel -> System -> Network ID -> > Propeties > > and try to change Workgroup into domain it open a dialog and sais > > 'Enter the name and the password of the account with permission tojoin the > domain' > > When i did it under administrator and gave my personal Samba username and > password it repied 'The procedure number is out of range' > > I used samba 2.0.7 and compiled it like ./configure; make install Samba 2.0.x cannot be used as a PDC for windows 2000 clients. There is a experimental samba (TNG) that *may* work which handles 2000 domain clients however its stability fluctuates. /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams From it-samba at computerbild.de Wed May 17 14:44:32 2000 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:53 2003 Subject: HEAD to TNG help References: <3922985C.3F946D03@ims.ee.ethz.ch> Message-ID: <034e01bfc00f$b7b04c10$012ca8c0@combi.de> > I was running the HEAD branch until today. Have you checked for stale utils and daemons? They have moved to a different directory lately. Ingo From it-samba at computerbild.de Wed May 17 14:47:41 2000 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:53 2003 Subject: Registry entries via netlogon batch file References: <3922BC9E.6014BD1F@joslyn.org> Message-ID: <034f01bfc00f$b80d8740$012ca8c0@combi.de> > Is there any way to make registry changes to a client machine (change a > DWORD value and a key value). Have a look at KIX32 from the Resource Kit. It's a pretty nice logon script processor with nice registry manipulation functions. Ingo From dkrovich at wvu.edu Wed May 17 18:56:29 2000 From: dkrovich at wvu.edu (David Krovich) Date: Tue Dec 2 02:29:53 2003 Subject: SAMBA_TNG nsswitch compile problems Message-ID: I'm having problems trying to compile doing a "make nsswitch" with SAMBA_TNG Solaris 8, gcc version 2.95.2, /usr/ccs/bin/make Here is the error: # /usr/ccs/bin/make nsswitch Using FLAGS = -O -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE="/opt/samba-tng/var" -DSMBLOGFILE="/opt/samba-tng/var/log.smb" -DNMBLOGFILE="/opt/samba-tng/var/log.nmb" -DCONFIGFILE="/opt/samba-tng/lib/smb.conf" -DLMHOSTSFILE="/opt/samba-tng/lib/lmhosts" -DSWATDIR="/opt/samba-tng/swat" -DSBINDIR="/opt/samba-tng/sbin" -DLOCKDIR="/opt/samba-tng/var/locks" -DSMBRUN="/opt/samba-tng/bin/smbrun" -DCODEPAGEDIR="/opt/samba-tng/lib/codepages" -DDRIVERFILE="/opt/samba-tng/lib/printers.def" -DBINDIR="/opt/samba-tng/bin" -DFORMSFILE="/opt/samba-tng/lib/ntforms.def" -DNTDRIVERSDIR="/opt/samba-tng/lib" -DHAVE_INCLUDES_H -DPASSWD_PROGRAM="/bin/passwd" -DSMB_PASSWD_PROGRAM="/opt/samba-tng/bin/smbpasswd" -DSMB_PASSWD_FILE="/opt/samba-tng/private/smbpasswd" -DSAM_DIR="/opt/samba-tng/sam" -DSMB_PASSGRP_FILE="/opt/samba-tng/private/smbpassgrp" -DSMB_GROUP_FILE="/opt/samba-tng/private/smbgroup" -DSMB_ALIAS_FILE="/opt/samba-tng/private/smbalias" Using LIBS = -lsec -lgen -lsocket -lnsl -lcurses -ldl Compiling nsswitch/winbind_nss.c with -fpic In file included from nsswitch/winbind_nss.c:25: nsswitch/winbind_nss_config.h:62: nss.h: No such file or directory *** Error code 1 make: Fatal error: Command failed for target `nsswitch/winbind_nss.po' From jeremy at valinux.com Wed May 17 21:25:06 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. Message-ID: <39230E32.69BC2B5F@valinux.com> Hi all, I'd like to ask to make a version number change for the next stable release. Currently we're planning to release something we're planning to call 2.0.8. However, what I'm actually busyly creating in the CVS tree is HEAD minus vfs and dfs and some of the TNG mods. This is a very big change to call 2.0.8, which implies a minor rev. on 2.0.7. Now I still want to ship this code as the next release, as it is *significantly* better than what otherwise would be in 2.0.8. I will go into more details on the changes in a later email, but this code is *definately* more robust and correct from an SMB standpoint than the 2.0.x code. But I'd like to call it 2.2.0 instead. That way people know this is a more significant change, and will hopefully do more testing before slotting this into a production system. Currently I have buy off from the rest of the Samba Team on this version change, what does everyone else think ? Regards, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From ctooley at joslyn.org Wed May 17 21:39:07 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <39230E32.69BC2B5F@valinux.com> Message-ID: <3923117B.42F0D4B5@joslyn.org> I think this is a great idea. I'm getting a little worried about the enormous jump from 2.0.x versions of Samba to what I am seeing come together from the HEAD and TNG branches of the code. I slightly smaller jump, named 2.2.x that would allow a transition in steps would be a nice way to make the baby steps. We're currently deciding if we want to stay with NT 4.0 based Domains or upgrade to Win2000 and ADS, and I see that as a huge headache of a migration. I see going from 2.0.x to TNG or HEAD almost as bad (although on a somewhat totally different level :)), a "first step" to the upgrade would be welcomed in my opinion. Plus 2.0.7 seems to be stable, for us, and works perfectly, for the features the 2.0.x line can support, with no more adjustments (I'm sure this is not an absolute for everyone). The next logical step is the new features, not necessarily fixing the features that work, at least for me. Chris Tooley Jeremy Allison wrote: > Hi all, > > I'd like to ask to make a version number change > for the next stable release. Currently we're planning to > release something we're planning to call 2.0.8. > > However, what I'm actually busyly creating in the CVS tree > is HEAD minus vfs and dfs and some of the TNG mods. > > This is a very big change to call 2.0.8, which implies a > minor rev. on 2.0.7. > > Now I still want to ship this code as the next release, > as it is *significantly* better than what otherwise would > be in 2.0.8. I will go into more details on the changes > in a later email, but this code is *definately* more robust > and correct from an SMB standpoint than the 2.0.x code. > > But I'd like to call it 2.2.0 instead. That way people > know this is a more significant change, and will hopefully > do more testing before slotting this into a production > system. > > Currently I have buy off from the rest of the Samba Team > on this version change, what does everyone else think ? > > Regards, > > Jeremy Allison, > Samba Team. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- From btenison at dibbs.net Wed May 17 21:41:16 2000 From: btenison at dibbs.net (Bruce Tenison) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: <39230E32.69BC2B5F@valinux.com> Message-ID: I'm all for it, myself. We're used to seeing the last digit meaning bugfixes and if this is a more-major enhancement, I say go for it! Bruce > Hi all, > > I'd like to ask to make a version number change > for the next stable release. Currently we're planning to > release something we're planning to call 2.0.8. > > However, what I'm actually busyly creating in the CVS tree > is HEAD minus vfs and dfs and some of the TNG mods. > > This is a very big change to call 2.0.8, which implies a > minor rev. on 2.0.7. > > Now I still want to ship this code as the next release, > as it is *significantly* better than what otherwise would > be in 2.0.8. I will go into more details on the changes > in a later email, but this code is *definately* more robust > and correct from an SMB standpoint than the 2.0.x code. > > But I'd like to call it 2.2.0 instead. That way people > know this is a more significant change, and will hopefully > do more testing before slotting this into a production > system. > > Currently I have buy off from the rest of the Samba Team > on this version change, what does everyone else think ? > > Regards, > > Jeremy Allison, > Samba Team. > > -- Bruce Tenison btenison@dibbs.net Public Key available at: http://www.keyserver.net From GLeblanc at cu-portland.edu Wed May 17 21:45:00 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. Message-ID: > -----Original Message----- > From: Jeremy Allison [mailto:jeremy@valinux.com] > Sent: Wednesday, May 17, 2000 2:28 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Next stable version of Samba. > > Hi all, > > I'd like to ask to make a version number change > for the next stable release. Currently we're planning to > release something we're planning to call 2.0.8. > > However, what I'm actually busyly creating in the CVS tree > is HEAD minus vfs and dfs and some of the TNG mods. > > This is a very big change to call 2.0.8, which implies a > minor rev. on 2.0.7. > > Now I still want to ship this code as the next release, > as it is *significantly* better than what otherwise would > be in 2.0.8. I will go into more details on the changes > in a later email, but this code is *definately* more robust > and correct from an SMB standpoint than the 2.0.x code. > > But I'd like to call it 2.2.0 instead. That way people > know this is a more significant change, and will hopefully > do more testing before slotting this into a production > system. > > Currently I have buy off from the rest of the Samba Team > on this version change, what does everyone else think ? My understanding, while possibly flawed, was that the 2.0.x increments were for bug fixing, and perhaps minor feature enhancements. If there is going to be more than minor feature changes, then I'd agreen with "upping" the revision more sifignantly. It doesn't seem like this is something that should require big discussions, and anybody who wants to respond should probably have taken a look at the Software-Release-Practices HOWTO by ESR. Hopefully I haven't overstepped my bounds, and won't get too many flames for that one. Greg P.S. I'm looking forward to seeing what the proposed changes will be for the next Samba, TNG is too scary to use on my real domain at work. From steve at genie96.com Wed May 17 21:49:10 2000 From: steve at genie96.com (Steve Williams) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: <39230E32.69BC2B5F@valinux.com> from "Jeremy Allison" at May 18, 2000 07:27:22 AM Message-ID: <200005172149.PAA66288@spanner.genie96.com> Hi, Just a small thought... How does this fit into some of the Paper publications out there? I have the O'Reilly "Using Samba" book, and in it there is a paragraph that states (page 186): "You will need to use at least Samba 2.1 to ensure that PDC functionality for Windows NT clients is present..." If the new version makes that an invalid statement, then I'd be concerned about "newbies" out there having problems..even after they have RTFM'd!! my $0.02 Thanks!! > > Hi all, > > I'd like to ask to make a version number change > for the next stable release. Currently we're planning to > release something we're planning to call 2.0.8. > > However, what I'm actually busyly creating in the CVS tree > is HEAD minus vfs and dfs and some of the TNG mods. > > This is a very big change to call 2.0.8, which implies a > minor rev. on 2.0.7. > > Now I still want to ship this code as the next release, > as it is *significantly* better than what otherwise would > be in 2.0.8. I will go into more details on the changes > in a later email, but this code is *definately* more robust > and correct from an SMB standpoint than the 2.0.x code. > > But I'd like to call it 2.2.0 instead. That way people > know this is a more significant change, and will hopefully > do more testing before slotting this into a production > system. > > Currently I have buy off from the rest of the Samba Team > on this version change, what does everyone else think ? > > Regards, > > Jeremy Allison, > Samba Team. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- > -- Steve Williams, Calgary, Alberta, Canada Genie Computer Systems Inc. steve@genie96.com "A man doesn't begin to attain wisdom until he recognizes that he is no longer indispensable." - Admiral Richard E. Byrd ( 1888-1957 ) From GLeblanc at cu-portland.edu Wed May 17 22:40:09 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. Message-ID: > -----Original Message----- > From: Steve Williams [mailto:steve@genie96.com] > Sent: Wednesday, May 17, 2000 3:21 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Next stable version of Samba. > > Hi, > > Just a small thought... > > How does this fit into some of the Paper publications out there? > > I have the O'Reilly "Using Samba" book, and in it there is a > paragraph that states (page 186): > > "You will need to use at least Samba 2.1 to ensure that PDC > functionality for Windows NT clients is present..." So, uhm, how did the Samba Team let this go out? To the best of my knowledge, there has never been an officially released "Samba 2.1", so it seems that it's kind of a strange statement. > If the new version makes that an invalid statement, then I'd be > concerned about "newbies" out there having problems..even after > they have RTFM'd!! Hmm, definately a strange can of worms. The O'Reilly page says that it's officially adopted by the Samba Team, so I guess that there is or was an official Samba 2.1. If it's referring to the "HEAD" branch in Samba, it seems a bit strange that they would have published it with a version number instead. Grego > > > my $0.02 > > Thanks!! > > > > > Hi all, > > > > I'd like to ask to make a version number change > > for the next stable release. Currently we're planning to > > release something we're planning to call 2.0.8. > > > > However, what I'm actually busyly creating in the CVS tree > > is HEAD minus vfs and dfs and some of the TNG mods. > > > > This is a very big change to call 2.0.8, which implies a > > minor rev. on 2.0.7. > > > > Now I still want to ship this code as the next release, > > as it is *significantly* better than what otherwise would > > be in 2.0.8. I will go into more details on the changes > > in a later email, but this code is *definately* more robust > > and correct from an SMB standpoint than the 2.0.x code. > > > > But I'd like to call it 2.2.0 instead. That way people > > know this is a more significant change, and will hopefully > > do more testing before slotting this into a production > > system. > > > > Currently I have buy off from the rest of the Samba Team > > on this version change, what does everyone else think ? > > > > Regards, > > > > Jeremy Allison, > > Samba Team. > > > > -- > > -------------------------------------------------------- > > Buying an operating system without source is like buying > > a self-assembly Space Shuttle with no instructions. > > -------------------------------------------------------- > > > > > -- > Steve Williams, Calgary, Alberta, Canada > Genie Computer Systems Inc. > steve@genie96.com > > "A man doesn't begin to attain wisdom until he recognizes that he is > no longer indispensable." > - Admiral Richard E. Byrd ( 1888-1957 ) > From D.Bannon at latrobe.edu.au Wed May 17 23:08:23 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Message-ID: <3.0.6.32.20000518090823.0086eb30@bioserve.latrobe.edu.au> At 08:41 AM 18/05/2000 +1000, Gregory Leblanc wrote: >> "You will need to use at least Samba 2.1 to ensure that PDC >> functionality for Windows NT clients is present..." > >... If it's referring to the "HEAD" branch in Samba, it >seems a bit strange that they would have published it with a version number >instead. yep, the HEAD branch was refered to as 2.1.x at one stage, it identified itself as such. Please see attached gif for an eg (it says under the server's properties that is a '2.1.0 prealpha'). How can we freeze the version number until Luke et al catches up ? > >> >> >> my $0.02 >> >> Thanks!! >> >> > >> > Hi all, >> > >> > I'd like to ask to make a version number change >> > for the next stable release. Currently we're planning to >> > release something we're planning to call 2.0.8. >> > >> > However, what I'm actually busyly creating in the CVS tree >> > is HEAD minus vfs and dfs and some of the TNG mods. >> > >> > This is a very big change to call 2.0.8, which implies a >> > minor rev. on 2.0.7. >> > >> > Now I still want to ship this code as the next release, >> > as it is *significantly* better than what otherwise would >> > be in 2.0.8. I will go into more details on the changes >> > in a later email, but this code is *definately* more robust >> > and correct from an SMB standpoint than the 2.0.x code. >> > >> > But I'd like to call it 2.2.0 instead. That way people >> > know this is a more significant change, and will hopefully >> > do more testing before slotting this into a production >> > system. >> > >> > Currently I have buy off from the rest of the Samba Team >> > on this version change, what does everyone else think ? >> > >> > Regards, >> > >> > Jeremy Allison, >> > Samba Team. >> > >> > -- >> > -------------------------------------------------------- >> > Buying an operating system without source is like buying >> > a self-assembly Space Shuttle with no instructions. >> > -------------------------------------------------------- >> > >> >> >> -- >> Steve Williams, Calgary, Alberta, Canada >> Genie Computer Systems Inc. >> steve@genie96.com >> >> "A man doesn't begin to attain wisdom until he recognizes that he is >> no longer indispensable." >> - Admiral Richard E. Byrd ( 1888-1957 ) >> > -------------- next part -------------- A non-text attachment was scrubbed... Name: samba21.gif Type: application/octet-stream Size: 9336 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000518/0da9c98e/samba21.obj -------------- next part -------------- ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From pjdc at eircom.net Wed May 17 23:28:34 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Gregory Leblanc's message of "Thu, 18 May 2000 08:41:43 +1000" References: Message-ID: >>>>> "Gregory" == Gregory Leblanc writes: >> "You will need to use at least Samba 2.1 to ensure that PDC >> functionality for Windows NT clients is present..." Gregory> So, uhm, how did the Samba Team let this go out? To the Gregory> best of my knowledge, there has never been an officially Gregory> released "Samba 2.1", so it seems that it's kind of a Gregory> strange statement. Samba 2.1 has always been taken to refer to "the development version". You are correct, there was no 2.1 release. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From GLeblanc at cu-portland.edu Wed May 17 23:31:48 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. Message-ID: > -----Original Message----- > From: Paul J Collins [mailto:pjdc@eircom.net] > Sent: Wednesday, May 17, 2000 4:25 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Next stable version of Samba. > > > >>>>> "Gregory" == Gregory Leblanc writes: > > >> "You will need to use at least Samba 2.1 to ensure that PDC > >> functionality for Windows NT clients is present..." > > Gregory> So, uhm, how did the Samba Team let this go out? To the > Gregory> best of my knowledge, there has never been an officially > Gregory> released "Samba 2.1", so it seems that it's kind of a > Gregory> strange statement. > > Samba 2.1 has always been taken to refer to "the development > version". You are correct, there was no 2.1 release. Sorry to do this, but... If it's taken to refer to "the development version", and there's something in books like this that state that "Samba 2.1" isn't released, and that the release schedule isn't set (at the time of printing), then the Samba Team should have no qualms about invalidating this version reference. Since it's meant to refer to "the development version", I'd say that we shouldn't have any qualms about invalidating this statement in the book "Using Samba". Maybe that's just me... Greg From swaters at amicus.com Wed May 17 23:41:25 2000 From: swaters at amicus.com (Stephen Waters) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: Message-ID: <39232E25.7DF7E6B5@amicus.com> Gregory Leblanc wrote: > > > -----Original Message----- > > From: Paul J Collins [mailto:pjdc@eircom.net] > > Sent: Wednesday, May 17, 2000 4:25 PM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: Next stable version of Samba. > > > > > > >>>>> "Gregory" == Gregory Leblanc writes: > > > > >> "You will need to use at least Samba 2.1 to ensure that PDC > > >> functionality for Windows NT clients is present..." > > > > Gregory> So, uhm, how did the Samba Team let this go out? To the > > Gregory> best of my knowledge, there has never been an officially > > Gregory> released "Samba 2.1", so it seems that it's kind of a > > Gregory> strange statement. > > > > Samba 2.1 has always been taken to refer to "the development > > version". You are correct, there was no 2.1 release. > > Sorry to do this, but... If it's taken to refer to "the development > version", and there's something in books like this that state that "Samba > 2.1" isn't released, and that the release schedule isn't set (at the time of > printing), then the Samba Team should have no qualms about invalidating this > version reference. Since it's meant to refer to "the development version", > I'd say that we shouldn't have any qualms about invalidating this statement > in the book "Using Samba". Maybe that's just me... > Greg You are correct, Greg. IMHO. -s From jweber at math.cudenver.edu Wed May 17 23:46:27 2000 From: jweber at math.cudenver.edu (John Weber) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Message-ID: Hi, I bought the book "Using Samba" because it says "Officially adopted by the Samba team" on the cover and it's O'Reilly. I wanted to figure out how to authenticate NT logons. I spent several days thrashing around the samba site trying to find version 2.1 as mentioned in the book. I eventually wound up playing with TNG and only now in these last few emails on this list did I ever see that 2.1 meant "the development version". I like what I've found now, but it was a rough entry. John S. Weber System Administrator Center for Computational Mathematics University of Colorado at Denver Phone: (303)556-5394 Fax: (303)556-8550 jweber@math.cudenver.edu http://www-math.cudenver.edu/~jweber On Thu, 18 May 2000, Gregory Leblanc wrote: > > -----Original Message----- > > From: Paul J Collins [mailto:pjdc@eircom.net] > > Sent: Wednesday, May 17, 2000 4:25 PM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: Next stable version of Samba. > > > > > > >>>>> "Gregory" == Gregory Leblanc writes: > > > > >> "You will need to use at least Samba 2.1 to ensure that PDC > > >> functionality for Windows NT clients is present..." > > > > Gregory> So, uhm, how did the Samba Team let this go out? To the > > Gregory> best of my knowledge, there has never been an officially > > Gregory> released "Samba 2.1", so it seems that it's kind of a > > Gregory> strange statement. > > > > Samba 2.1 has always been taken to refer to "the development > > version". You are correct, there was no 2.1 release. > > Sorry to do this, but... If it's taken to refer to "the development > version", and there's something in books like this that state that "Samba > 2.1" isn't released, and that the release schedule isn't set (at the time of > printing), then the Samba Team should have no qualms about invalidating this > version reference. Since it's meant to refer to "the development version", > I'd say that we shouldn't have any qualms about invalidating this statement > in the book "Using Samba". Maybe that's just me... > Greg > From greg at discreet.com Thu May 18 00:10:52 2000 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: <39230E32.69BC2B5F@valinux.com> Message-ID: sounds good to me. Greg On 17-May-00 Jeremy Allison wrote: > Hi all, > > I'd like to ask to make a version number change > for the next stable release. Currently we're planning to > release something we're planning to call 2.0.8. > > However, what I'm actually busyly creating in the CVS tree > is HEAD minus vfs and dfs and some of the TNG mods. > > This is a very big change to call 2.0.8, which implies a > minor rev. on 2.0.7. > > Now I still want to ship this code as the next release, > as it is *significantly* better than what otherwise would > be in 2.0.8. I will go into more details on the changes > in a later email, but this code is *definately* more robust > and correct from an SMB standpoint than the 2.0.x code. > > But I'd like to call it 2.2.0 instead. That way people > know this is a more significant change, and will hopefully > do more testing before slotting this into a production > system. > > Currently I have buy off from the rest of the Samba Team > on this version change, what does everyone else think ? > > Regards, > > Jeremy Allison, > Samba Team. > > -- > -------------------------------------------------------- > Buying an operating system without source is like buying > a self-assembly Space Shuttle with no instructions. > -------------------------------------------------------- --------------------------------------------------------------------- Greg Dickie Just A Guy greg@discreet.com From mgeddes at mail.xavier.sa.edu.au Thu May 18 02:06:35 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:53 2003 Subject: Domain Admins Message-ID: <200005180206.LAA07435@mail.xavier.sa.edu.au> Hi guys, Sorry, but I haven\'t been paying enough attention to the list / TNG for the last couple of weeks and I apologise if this has already been addressed (or if I\'m just plain stupid). I have a box set up with yesterday\'s TNG CVS. I can log in as administrator and another admin account and they now both work as Local Administrators. I have the domain group map = , local group map = and domain alias map = lines in smb.conf (with the full path names of course). The group I am using for the Domain Admin group is the user\'s primary Unix group, it is unique (ie, there are no users with the same name) and the local administrators group is also unique. When I try to browse, map a drive, remote admin, etc. I get an access denied message. I am using user level security, domain logons are on, it\'s the master browser, WINS works (it\'s actually pointing to our dodgy NT WINS server) and the users are in the smbpasswd file. When I do a \'samgroupmem administrators\' I am told that the Administrator and the user account (as well as two name-less accounts) exist in that group. When I do the same with \"Domain Admins\" (and it is looking Domain Admins not just Domain), It returns nothing. enumg returns all the groups and instead of the Unix group showing, the correct NT group is returned. Apart from that, TNG looks *really* good. It is heaps quicker logging in than the NT box (identical hardware), but that could just be the inability to load a remote profile from the server. Good work peoples! Thanks, Matt P.S. Luke/Rest of Samba team: Would you be interested in having a couple of other \"support\" files (like the example smb.conf file(s)) updated for TNG? ======================================= Xavier College Gawler, South Australia visit http://www.xavier.sa.edu.au/ --------------------------------------- Xavier College Staff E-mail is Powered by IMP http://www.horde.org/ From kevinc at grainsystems.com Thu May 18 03:47:32 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: Message-ID: <392367D4.5D1EB180@grainsystems.com> This situation is unfortunate. While I am in favor of the "2.2" designation, this points out how important careful versioning is--even in devlopment releases. I must admit that I find the 2.1/HEAD/TNG thing a bit disorienting myself. I hope that soon (in part with this 2.2?) the branches can be better defined and, of course, eventually merged. As always, thanks to everyone for the great job thusfar. - Kevin Colby kevinc@grainsystems.com John Weber wrote: > > Hi, > > I bought the book "Using Samba" because it says "Officially adopted by the > Samba team" on the cover and it's O'Reilly. I wanted to figure out how to > authenticate NT logons. I spent several days thrashing around the samba > site trying to find version 2.1 as mentioned in the book. I eventually > wound up playing with TNG and only now in these last few emails on this > list did I ever see that 2.1 meant "the development version". > > I like what I've found now, but it was a rough entry. > > John S. Weber > > System Administrator > Center for Computational Mathematics > University of Colorado at Denver > Phone: (303)556-5394 Fax: (303)556-8550 > jweber@math.cudenver.edu > http://www-math.cudenver.edu/~jweber > > On Thu, 18 May 2000, Gregory Leblanc wrote: > > > > -----Original Message----- > > > From: Paul J Collins [mailto:pjdc@eircom.net] > > > Sent: Wednesday, May 17, 2000 4:25 PM > > > To: Multiple recipients of list SAMBA-NTDOM > > > Subject: Re: Next stable version of Samba. > > > > > > > > > >>>>> "Gregory" == Gregory Leblanc writes: > > > > > > >> "You will need to use at least Samba 2.1 to ensure that PDC > > > >> functionality for Windows NT clients is present..." > > > > > > Gregory> So, uhm, how did the Samba Team let this go out? To the > > > Gregory> best of my knowledge, there has never been an officially > > > Gregory> released "Samba 2.1", so it seems that it's kind of a > > > Gregory> strange statement. > > > > > > Samba 2.1 has always been taken to refer to "the development > > > version". You are correct, there was no 2.1 release. > > > > Sorry to do this, but... If it's taken to refer to "the development > > version", and there's something in books like this that state that "Samba > > 2.1" isn't released, and that the release schedule isn't set (at the time of > > printing), then the Samba Team should have no qualms about invalidating this > > version reference. Since it's meant to refer to "the development version", > > I'd say that we shouldn't have any qualms about invalidating this statement > > in the book "Using Samba". Maybe that's just me... > > Greg > > From peter at cadcamlab.org Thu May 18 04:09:08 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:53 2003 Subject: Registry entries via netlogon batch file References: <3922BC9E.6014BD1F@joslyn.org> Message-ID: <14627.27007.551758.6093@wire.cadcamlab.org> [Chris Tooley ] > Is there any way to make registry changes to a client machine (change > a DWORD value and a key value). `rpcclient' is made for this sort of thing, although I don't know if there's a version out there that can connect to a Win95/98 registry. You might look around. I know the TNG one craps out with Win98. > When they logon to the OLDDC server I want to make the necessary > registry changes to change the Domain they are logging into and to > disable PlainTextPasswords (which is very easy to do). The next time > they reboot, they never know the difference other than some of the > names have changed, which they won't notice anyway. If you can find a `rpcclient' that gets along with Win95, do this: for m in win95box1 win95box2 win95box3 win98box1 win98box2 win98box3; do rpcclient -S $m -c \ 'regsetval hkey_local_machine\system\currentcontrolset\services\vxd\vnetsup\enableplaintextpassword 4 0; quit' done > Does anyone see any holes in this and if it seems somewhat plausible can > someone tell me how to make the registry changes via the Netlogon > script? You can give REGEDIT.EXE an import file (like the ones in samba/docs/) and it will plug it right in. (At least the REGEDIT.EXE for NT....) There's a flag for quiet/unprompted operation, though I don't remember what it is. Peter From peter at cadcamlab.org Thu May 18 04:18:47 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <39230E32.69BC2B5F@valinux.com> <3923117B.42F0D4B5@joslyn.org> Message-ID: <14627.28028.348752.767173@wire.cadcamlab.org> [Chris Tooley ] > Plus 2.0.7 seems to be stable, for us, and works perfectly, for the > features the 2.0.x line can support, with no more adjustments (I'm > sure this is not an absolute for everyone). That brings up a good point: Jeremy, could you think about releasing a 2.0.7a to fix those minor bugs 2.0.7 has brought to light? I'm thinking in particular of David Lee's latest UTMP, the "rm -r source/bin" for building outside the source directory, and there are a couple other obvious things in my list at http://kt.linuxcare.com/samba/sm20000504_21.epl Then, that stuff put to rest, I'd say go ahead with 2.2.0. Peter From it-samba at computerbild.de Thu May 18 06:40:56 2000 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <392367D4.5D1EB180@grainsystems.com> Message-ID: <013601bfc094$98ff3c60$012ca8c0@combi.de> I think that the 2.2 for the release branch is favorable while the "2.1" in the book is unfortunate. How about a prominently placed "Samba version guide" right on www.samba.org? I don't think anybody buying the book will get by without looking there. Ingo From allen at gist.net.au Thu May 18 07:00:36 2000 From: allen at gist.net.au (Allen) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Message from "Ingo T. Storm" of "Thu, 18 May 2000 16:47:24 +1000." <013601bfc094$98ff3c60$012ca8c0@combi.de> Message-ID: <20000518070036.998151F85C@harper.gist.net.au> it-samba@computerbild.de said: > I think that the 2.2 for the release branch is favorable while the > "2.1" in the book is unfortunate. Isn't it obvious to anyone here, that if the book says 2.1, and the released version is 2.2, then the 2.2 version would obviously be newer, and obviously fulfill the requirement as the 2.1 versiion was intended to in the book? my 2c -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Allen Bolderoff LNC - Linux, help and commentary http://linux.netnerve.com CTPC - Caffeine - get it here: http://www.coffee-tea-pots-cups.com/ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ GPG fingerprint = CBB0 8626 702C 3D01 B5AD A54A DC2C 93B7 3E4B 6472 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From Michael.Weisbach at de.ibm.com Thu May 18 08:29:39 2000 From: Michael.Weisbach at de.ibm.com (Michael.Weisbach@de.ibm.com) Date: Tue Dec 2 02:29:53 2003 Subject: LDAP assistance Message-ID: Hy community:) Last week, I tested some LDAP-stuff but no success. Anyone out there, who could assist me getting this stuff running for a little test side? Software: OpenLDAP 1.2.9 Samba-TNG cvs-checkout - actual... seems broken?... there are incorrect LDAP-requests shown in /var/log/messages... is'nt it? Samba-TNG 1999-15-10... shown as in PDC-LDAP-Howto What I need: Some instruction about filling LDAP with the right informations needed for SambaTNG - ldif-File, or so. A running sample-configuration would be fine. What's the minimum ACL-set in OpenLDAP I need therefore? Some scripts - I've seen a adapted useradd-Skript but could'n find them anymore :-( Questions: Does Samba+LDAP needs classical unix-accounts to work? I hope not so. Greetz and TIA, -- Micha +49-6131-84-2777 -- csg Computer Service GmbH... an IBM Global Services Company, UB SwP/L14 michael.weisbach@de.ibm.com / +49-172-8069068 IBM Mainz, Central Region Linux Team http://www.de.ibm.com/service/linux/ From steve at genie96.com Thu May 18 08:08:33 2000 From: steve at genie96.com (Steve Williams) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: <20000518070036.998151F85C@harper.gist.net.au> from "Allen" at May 18, 2000 05:00:16 PM Message-ID: <200005180808.CAA16428@spanner.genie96.com> > > > it-samba@computerbild.de said: > > I think that the 2.2 for the release branch is favorable while the > > "2.1" in the book is unfortunate. > > Isn't it obvious to anyone here, that if the book says 2.1, and the released > version is 2.2, then the 2.2 version would obviously be newer, and obviously > fulfill the requirement as the 2.1 versiion was intended to in the book? > Precisely... that's why I raised the point. I wanted to know that the 2.2 version WOULD fulfull the requiremts of the (2.1) version mentioned in the book. It's no big deal if it doesn't, I just wanted to mention it so that it might be considered... Someone mentioned putting something on the samba.org web page, that would more than likely resolve any potential conflicts... Whatever, > > my 2c > -- > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > Allen Bolderoff > LNC - Linux, help and commentary http://linux.netnerve.com > CTPC - Caffeine - get it here: http://www.coffee-tea-pots-cups.com/ > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > GPG fingerprint = CBB0 8626 702C 3D01 B5AD A54A DC2C 93B7 3E4B 6472 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > -- Steve Williams, Calgary, Alberta, Canada Genie Computer Systems Inc. steve@genie96.com "A man doesn't begin to attain wisdom until he recognizes that he is no longer indispensable." - Admiral Richard E. Byrd ( 1888-1957 ) From Olivier.Brousselle at univ-lehavre.fr Thu May 18 09:24:14 2000 From: Olivier.Brousselle at univ-lehavre.fr (Olivier Brousselle) Date: Tue Dec 2 02:29:53 2003 Subject: TNG as a BDC Message-ID: <3923B6BE.4893CC04@univ-lehavre.fr> Hi all, OS : Linux Slackware 7.0 PLATFORM : Pentium II/266 GCC : egcs-2.91.66 SAMBA : TNG CVS this morning ERROR : NT_STATUS_ACCESS_DENIED NT SERVER : Windows NT 4 SP 5 I have a little problem. I want that my Linux/Samba TNG act as a BDC of a Windows NT 4 SP5 server. So, I configure my smb.conf with : workgroup = ETUDES security = user domain logons = Yes encrypt passwords = Yes update encrypted = Yes domain master = no password server = SOLEX os level = 20 domain master = no preferred master = no local master = no Accounts of machines are in /etc/passwd of the linux system. Start Samba daemons, and go to rpcclient (SOLEX is the PDC, BUFFY is the Linux/Samba) : >> buffy:~# rpcclient -S SOLEX -U Administrateur -W ETUDES >> added interface ip=172.16.1.23 bcast=172.16.1.255 nmask=255.255.255.0 >> Enter Password: >> Server: \\SOLEX: User: Administrateur Domain: ETUDES >> Connection: session setup ok >> Domain=[ETUDES] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] >> OK >> [ETUDES\Administrateur@SOLEX]$ lsaquery >> lsaquery >> LSA Query Info Policy >> Domain Member - Domain: ETUDES SID: S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX >> Domain Controller - Domain: ETUDES SID: S-X-X-XX-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX >> [ETUDES\Administrateur@SOLEX]$ createuser BUFFY$ -s -j ETUDES >> createuser BUFFY$ -s -j ETUDES >> SAM Create Domain User >> Domain: ETUDES Name: buffy$ ACB: [S ] >> Create Domain User: OK >> Join BUFFY to Domain ETUDES >> LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED >> Set $MACHINE.ACC: OK There is no log in file log.lsarpc. Is there a mistake somewhere ? Olivier From mohacsi at ik.bme.hu Thu May 18 09:49:23 2000 From: mohacsi at ik.bme.hu (Mohacsi Janos) Date: Tue Dec 2 02:29:53 2003 Subject: How to prevent Samba domain member become Domain controller? Message-ID: Dear Sirs, I have a Samba 2.0.6 samba installed on a Digital Unix system. I use the domain security scheme. Then Add machine to domain on the NT Server. I set up Domain and Password server, then my samba server join to Domain. The first strange thing that I add samba server as a member server of the domain, but the NT Server manager displays it as BDC, the second strange thing is that: if the NT Domain controller is not reachable for certain amount of time, then Samba server become real domain controller, that prevent users login to the domain, because some users haven't got account on the unix machine. Which option should I set to prevent becoming domain controller the samba server in security=domain? Thanks in advance, Janos Mohacsi From peter at cadcamlab.org Thu May 18 11:25:03 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:53 2003 Subject: How to prevent Samba domain member become Domain controller? References: Message-ID: <14627.54004.718215.746432@wire.cadcamlab.org> [Mohacsi Janos ] > Which option should I set to prevent becoming domain controller the > samba server in security=domain? domain logons = no Peter From gcarter at valinux.com Thu May 18 12:27:19 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <20000518070036.998151F85C@harper.gist.net.au> Message-ID: <3923E1A7.FD77D323@valinux.com> Allen wrote: > > Isn't it obvious to anyone here, that if the book says 2.1, > and the released version is 2.2, then the 2.2 version > would obviously be newer, and obviously fulfill the requirement > as the 2.1 versiion was intended to in the book? 2.2 will not contain an officially supported PDC implementation. That is still in SAMBA_TNG code branch. Just to clarify. Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pll at mclinux.com Thu May 18 14:30:16 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Your message of "Thu, 18 May 2000 16:46:59 +1000." <013601bfc094$98ff3c60$012ca8c0@combi.de> References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> Message-ID: <200005181430.KAA32330@coda.mclinux.com> In a message dated: Thu, 18 May 2000 16:46:59 +1000 "Ingo T. Storm" said: >I think that the 2.2 for the release branch is favorable while the "2.1" in >the book is unfortunate. > >How about a prominently placed "Samba version guide" right on www.samba.org? >I don't think anybody buying the book will get by without looking there. I know I'd appreciate it. I've been playing around with Samba for quite some time, but was off the list for a few months. I still don't quite get the 2.0.x vs. HEAD vs. TNG thing. Something explaining which is which, and what the differences/goals of each are on the website would be great! Thanks, -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From pll at mclinux.com Thu May 18 14:34:25 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Your message of "Thu, 18 May 2000 22:24:23 +1000." <3923E1A7.FD77D323@valinux.com> References: <20000518070036.998151F85C@harper.gist.net.au> <3923E1A7.FD77D323@valinux.com> Message-ID: <200005181434.KAA32479@coda.mclinux.com> In a message dated: Thu, 18 May 2000 22:24:23 +1000 Gerald Carter said: >2.2 will not contain an officially supported PDC implementation. >That is still in SAMBA_TNG code branch. Just to clarify. Jerry, Can you define "officially supported PDC impementation"? i.e., what will be different capability-wise when TNG is "released" vs. what's currently available in 2.0.7? Currently I seem to get domain logons and roaming profiles with 2.0.7, which implies to me that TNG will have more. If this is correct, what? :) Thanks, -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From ed at schernau.com Thu May 18 14:43:13 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:53 2003 Subject: status of pam_ntdom, or is it winbind? Message-ID: <39240181.7843A19D@schernau.com> Can someone tell me what the current status of whatever the software is called to authenticate users on Unix via an NT Domain? -- Edward Schernau, mailto:ed@schernau.com Network Architect http://www.schernau.com RC5-64#: 243249 e-gold acct #:131897 From gcarter at valinux.com Thu May 18 15:14:07 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <20000518070036.998151F85C@harper.gist.net.au> <3923E1A7.FD77D323@valinux.com> <200005181434.KAA32479@coda.mclinux.com> Message-ID: <392408BF.9F02B600@valinux.com> Paul Lussier wrote: > > Can you define "officially supported PDC impementation"? > i.e., what will be different capability-wise when TNG > is "released" vs. what's currently available in 2.0.7? Officially in this sense means "We advertise this functionality to work and will correct problems if it does not." It also means that we (SAMBA Team) are locked into supporting the options/functionality included in the official release. i.e. "backwards compatibility" Here's the deal. Luke and others have done a wonderful job of implementing the functionality. The advantage of Luke having his own branch is that he does not have to worry about breaking other things while he is working (e.g. Windows 9x logons...which he has done several times in TNG). However, this freedom to redesign does not exist as much in the release (2.0.x) branch. What arrives in the release branch is usually the second implementation. What I mean is that the first implementation for new functionality is normally done in one of the development branches such as SAMBA_TNG or the HEAD branch. Luke and Andrew are (and have been) working very hard to merge the HEAD and TNG branches. Eventually, this merge will filter down to the current release tree (of which Jeremy is in charge of). Of course this all takes a great deal of coordination to pull off :-) > Currently I seem to get domain logons and roaming > profiles with 2.0.7, which implies to me that TNG will > have more. If this is correct, what? :) See http://www.kneschke.de/projekte/samba_tng/index.php3 for more information on SAMBA_TNG. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From peter at cadcamlab.org Thu May 18 15:16:17 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <20000518070036.998151F85C@harper.gist.net.au> <3923E1A7.FD77D323@valinux.com> <200005181434.KAA32479@coda.mclinux.com> Message-ID: <14628.1891.11880.129169@wire.cadcamlab.org> [Paul Lussier ] > Can you define "officially supported PDC impementation"? i.e., what > will be different capability-wise when TNG is "released" vs. what's > currently available in 2.0.7? User Manager for Domains ... Server Manager (maybe -- the jury's still split on whether that would be a feature or a bug) ... BDC and general replication support ... trust relationships ... Windows 2000 domain clients ... That's what I can think of. I know so little about the whole MS-RPC business that I'm sure there's a lot more. Peter From pll at mclinux.com Thu May 18 15:30:19 2000 From: pll at mclinux.com (Paul Lussier) Date: Tue Dec 2 02:29:53 2003 Subject: Differences between branches [was Re: Next stable version of Samba. ] In-Reply-To: Your message of "Thu, 18 May 2000 10:16:17 CDT." <14628.1891.11880.129169@wire.cadcamlab.org> References: <20000518070036.998151F85C@harper.gist.net.au> <3923E1A7.FD77D323@valinux.com> <200005181434.KAA32479@coda.mclinux.com> <14628.1891.11880.129169@wire.cadcamlab.org> Message-ID: <200005181530.LAA02133@coda.mclinux.com> In a message dated: Thu, 18 May 2000 10:16:17 CDT Peter Samuelson said: >[Paul Lussier ] >> Can you define "officially supported PDC impementation"? i.e., what >> will be different capability-wise when TNG is "released" vs. what's >> currently available in 2.0.7? > >User Manager for Domains ... Server Manager (maybe -- the jury's still >split on whether that would be a feature or a bug) ... BDC and general >replication support ... trust relationships ... Windows 2000 domain >clients ... > >That's what I can think of. I know so little about the whole MS-RPC >business that I'm sure there's a lot more. I'd like thank everyone for all the great explanations of the branch differences and pointers to the website. Keep up the great work!! :) -- Seeya, Paul ---- "I always explain our company via interpretive dance. I meet lots of interesting people that way." Niall Kavanagh, 10 April, 2000 If you're not having fun, you're not doing it right! From gcarter at valinux.com Thu May 18 15:38:41 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> <200005181430.KAA32330@coda.mclinux.com> Message-ID: <39240E81.8F2B2258@valinux.com> Paul Lussier wrote: > > I know I'd appreciate it. I've been playing around with > Samba for quite some time, but was off the list for a few > months. I still don't quite get the 2.0.x vs. HEAD vs. > TNG thing. Something explaining which is which, and what > the differences/goals of each are on the website would be great! Tag Description --- ----------- HEAD Main development branch corresponding to 3.0 release SAMBA_TNG Luke's experiemental development branch (mostly for PDC work) SAMBA_2_0_RELEASE Corresponds to the release code (e.g 2.0.6, 2.0.7, etc...) SAMBA_2_0 tree for 2.0 development (now proposed for 2.2) So work is done in HEAD, merged into SAMBA_2_0, and the becomes the release (while being snapshotted into SAMBA_2_0_RELEASE Any work done is TNG is merged back into HEAD as the code is reviewed. Does this help everyone? jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From msgresha at veribest.com Thu May 18 15:36:56 2000 From: msgresha at veribest.com (msgresha@veribest.com) Date: Tue Dec 2 02:29:53 2003 Subject: remove Message-ID: remove From Giles.Carre at enseeiht.fr Thu May 18 15:48:24 2000 From: Giles.Carre at enseeiht.fr (Giles Carre) Date: Tue Dec 2 02:29:53 2003 Subject: Samba 2.0.7 or Samba TNG Message-ID: <200005181548.e4IFmOs06329@colombe.spi.enseeiht.fr> Hello, Sorry for this basic question. To have a PDC acting as : . authentication server for NT clients . netlogon server . WINS server . file server . print server is 2.0.7 sufficient, or do I need TNG ? Note that today, I don't need synchronisation between DCs or WINS, RDR service or RPC for use with the NT admin tools. Thanks in advance. ________________________________________________________________________ Giles Carr? - Responsable du p?le Syst?mes | Giles.Carre@enseeiht.fr Centre de Ressources Informatiques | http://www.enseeiht.fr ENSEEIHT - INP Toulouse | T?l : 05 61 58 84 01 2, rue Camichel - 31071 Toulouse Cedex 7 | Fax : 05 61 58 82 09 ________________________________________________________________________ From pjdc at eircom.net Thu May 18 17:34:23 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. In-Reply-To: Gerald Carter's message of "Fri, 19 May 2000 01:43:52 +1000" References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> <200005181430.KAA32330@coda.mclinux.com> <39240E81.8F2B2258@valinux.com> Message-ID: >>>>> "Gerald" == Gerald Carter writes: Gerald> Any work done is TNG is merged back into HEAD as the code Gerald> is reviewed. I was under the impression that HEAD was being merged into TNG as it was significantly less difficult to do that way. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From David_Nagrosst at middlesex.cc.nj.us Thu May 18 18:14:09 2000 From: David_Nagrosst at middlesex.cc.nj.us (David_Nagrosst) Date: Tue Dec 2 02:29:53 2003 Subject: In researching samba to integrate in domain, i was trying to use ftp on nt though a samba file share, and I get Dr.watson some up with an exception error. Message-ID: In researching samba to integrate in domain, i was trying to use ftp on nt though a samba file share, and I get Dr.watson coming up with an exception error when I try to login as administrator or a user. What I have is TWO NT machines, one pdc, and one bdc, then I have a samba server that has joined the domain. I can see the share, transfer stuff in and out and what ever else through netbios. However, what I am trying to is to see if I can use IIS4 on NT to ftp to the share that has been set up, that way I don't have to worry about syncronzing passwords, and the only thing the samba box will do is be a webserver, and putting and getting files will be up to NT and Samba. Doesn't seem to work though... I get exception errors from the good Doctor. Thanks in advance, David From hxpro at cinesite.co.uk Thu May 18 18:08:20 2000 From: hxpro at cinesite.co.uk (Kevin (HxPro) Wheatley) Date: Tue Dec 2 02:29:53 2003 Subject: Next stable version of Samba. References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> <200005181430.KAA32330@coda.mclinux.com> <39240E81.8F2B2258@valinux.com> Message-ID: <39243194.AD90305D@cinesite.co.uk> Gerald Carter wrote: > Tag Description > --- ----------- > HEAD Main development branch corresponding to 3.0 > release > > SAMBA_TNG Luke's experiemental development branch (mostly > for PDC work) > > SAMBA_2_0_RELEASE Corresponds to the release code (e.g 2.0.6, > 2.0.7, etc...) > > SAMBA_2_0 tree for 2.0 development (now proposed for 2.2) > > So work is done in HEAD, merged into SAMBA_2_0, and the > becomes the release (while being snapshotted into SAMBA_2_0_RELEASE > > Any work done is TNG is merged back into HEAD as the code > is reviewed. > >From my point of view the sooner the TNG code becomes mainstream the better, especially Win2K, PDC<->BDC, etc. I guess the other important factor is giving an order of magnitude release date would be good to also include on the web site for the various releases, perhaps along with a list of features included/aimed to be included. Sitting on the outside (on some of the lists) as I do, its quite easy to see where the confusion comes from, perhaps a periodic status update to the lists would be useful ? I'd offer to do it myself but I have enough trouble trying to compile and install the TNG bundles on my IRIX 6.5.8f box, (actually besides one missing include, it's the install scripts which are the problem in the latest one). this is probably really asking for touble but ... has anybody considered using linux like versioning to indicate stable vs not ? I guess that doesn't solve the split branch problem, but then surely ay branch that lasts too long from the main is asking for merge nightmares when you try get it back into the main. > Does this help everyone? I hope so :-) Kevin -- | Kevin Wheatley | These are the opinions of nobody | | Technical Services Manager | and are not shared by my employers | | Cinesite Digital Studios | | From dominik.kubla at uni-mainz.de Thu May 18 18:14:19 2000 From: dominik.kubla at uni-mainz.de (Dominik Kubla) Date: Tue Dec 2 02:29:53 2003 Subject: TNG as a BDC In-Reply-To: <3923B6BE.4893CC04@univ-lehavre.fr>; from Olivier.Brousselle@univ-lehavre.fr on Thu, May 18, 2000 at 07:25:41PM +1000 References: <3923B6BE.4893CC04@univ-lehavre.fr> Message-ID: <20000518201419.C25803@uni-mainz.de> On Thu, May 18, 2000 at 07:25:41PM +1000, Olivier Brousselle wrote: > I want that my Linux/Samba TNG act as a BDC of a Windows NT 4 SP5 > server. ... > Is there a mistake somewhere ? No. Or a lot of people are making the same mistake (myself included). I am inclinded to say "it doesn't work, cause unknown"... Dominik -- Networking Group, Hospital of Johannes Gutenberg-University Obere Zahlbacher Stra?e 69, 55101 Mainz, Germany Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521 From gcarter at valinux.com Thu May 18 18:27:56 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:53 2003 Subject: Copying Kernel versioning [was Re: Next stable version of Samba.] References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> <200005181430.KAA32330@coda.mclinux.com> <39240E81.8F2B2258@valinux.com> <39243194.AD90305D@cinesite.co.uk> Message-ID: <3924362C.90243EE8@valinux.com> "Kevin (HxPro) Wheatley" wrote: > > this is probably really asking for touble but ... has > anybody considered using linux like versioning to indicate > stable vs not ? I guess that doesn't solve the split > branch problem, but then surely ay branch that lasts too > long from the main is asking for merge nightmares when you try > get it back into the main. See Jeremy's previous proposal to the 2.0.8 release to 2.2.0 (which started this entire thread on the main samba list). jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Thu May 18 18:52:33 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:29:53 2003 Subject: [Annoucement] Imprints Project Message-ID: <39243BF1.549771B1@valinux.com> [Apologies for the cross posting, and if you receive multiple copies....] Greetings, With the upcoming release of Samba's support for Windows NT clients' "Point and Print" feature, the Imprints Project is an effort to simplify the packaging, retrieval, and installation of the necessary print drivers files needed by a Samba host. Imprints stands for (I)nstallation (m)anager of (p)rinter driver (r)etrieval for i n t (s)amba The following goals have initially been laid out: * develop a tool set which can be used to create, distribute, and install the printer drivers files needed by Samba to support automatic driver downloads for Windows 9x and Windows NT clients * design and implement a central database/directory which can be queried to locate the most current set of Windows 95/98/NT printer drivers needed by clients. (note that the population of this database is another matter entirely). * document the entire process in order to provide Samba administrators with the resources necessary to take advantage of this system. Currently these three goals are in the planning stages. I would like to invite all who would like to participate in the newly planned Imprints Project to subscribe to the development mailing list at http://lists.sourceforge.net/mailman/listinfo/imprints-devel The list archives can be found at http://www.geocrawler.com/lists/3/SourceForge/3860/0/ If you have questions, feel free to email me directly. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com VA Linux Systems gcarter@valinux.com http://www.samba.org SAMBA Team jerry@samba.org http://www.eng.auburn.edu/~cartegw "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From Jean-Francois.Micouleau at dalalu.fr Thu May 18 18:50:15 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:29:53 2003 Subject: TNG as a BDC In-Reply-To: <20000518201419.C25803@uni-mainz.de> Message-ID: On Fri, 19 May 2000, Dominik Kubla wrote: > No. Or a lot of people are making the same mistake (myself included). > I am inclinded to say "it doesn't work, cause unknown"... cause is known in fact. Several rpc calls are still missing in TNG to make it a BDC or an NT PDC. J.F. From brandon at sci.brooklyn.cuny.edu Thu May 18 21:00:56 2000 From: brandon at sci.brooklyn.cuny.edu (Brandon) Date: Tue Dec 2 02:29:53 2003 Subject: LDAP assistance In-Reply-To: Michael.Weisbach@de.ibm.com's message of "Thu, 18 May 2000 18:37:44 +1000" References: Message-ID: <86snvf7euv.fsf@DEC.stephenst.org> For setup of LDAP you need an account that can read/write the portion of the tree that samba is to use. Also, for schema you need to at the very minimum specify objectSid as a bin attribute. Here is the skeletin of my samba ldap tree: ou=SAMBA, dc=stephenst, dc=org objectclass=top objectclass=samDomain objectclass=domain objectguid=NOT PRINTABLE dc=STEPHENST nextrid=1023 cn=users, ou=SAMBA, dc=stephenst, dc=org objectclass=container cn=users cn=computers, ou=SAMBA, dc=stephenst, dc=org objectclass=container cn=computers Where ou=SAMBA, dc=stephenst, dc=org is the base given to samba to use. If you don't create anything samba will create the root entry for you (with nextrid) and objectguid but it will not create the cn=users and cn=computers parts (which seems like something it should do to me). For samba, I'm no expert but I believe you must specify --with-samr-pwdb=nt5ldap to use ldap for the SAM database. The code doesn't appear to be working very well at the moment. I've been playing around with it and have made some changes so basic functionality such as authorization works. smbpasswd will work to add users to the ldap db after everything is set up. And yes, classic unix-accounts are still neccesary for the users being added to the ldap db. Let me know if you want the patch for the changes I've made, it's against release-alpha-2-5-3. Brandon From sharpe at ns.aus.com Tue May 16 21:24:13 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: <200005181430.KAA32330@coda.mclinux.com> References: <392367D4.5D1EB180@grainsystems.com> <013601bfc094$98ff3c60$012ca8c0@combi.de> Message-ID: <3.0.6.32.20000517062413.0095d360@203.16.214.248> At 12:30 AM 5/19/00 +1000, Paul Lussier wrote: > >In a message dated: Thu, 18 May 2000 16:46:59 +1000 >"Ingo T. Storm" said: > >>I think that the 2.2 for the release branch is favorable while the "2.1" in >>the book is unfortunate. Hmmm, you have to appreciate that people writing books on Samba can only go on the best information available, and then things change. The Using Samba book, which is not the best Samba book out there and is quickly getting dated, was written at a time when 2.1 was looking like the next main release. I have just finished Special Edition, Using Samba, a much more comprehensive book, and more up-to-date, and I made reference to Samba 2.0.8, which now looks like it will never be released. C'est la vie. >>How about a prominently placed "Samba version guide" right on www.samba.org? >>I don't think anybody buying the book will get by without looking there. > >I know I'd appreciate it. I've been playing around with Samba for quite some >time, but was off the list for a few months. I still don't quite get the >2.0.x vs. HEAD vs. TNG thing. Something explaining which is which, and what >the differences/goals of each are on the website would be great! Not many people have the time to do this, we are either writing code or writing books or writing Samba courses ... Anyone want a Samba course? I have a 2-day one done ... >Thanks, >-- >Seeya, >Paul >---- > "I always explain our company via interpretive dance. > I meet lots of interesting people that way." > Niall Kavanagh, 10 April, 2000 > > If you're not having fun, you're not doing it right! > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From sharpe at ns.aus.com Tue May 16 21:27:49 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:54 2003 Subject: status of pam_ntdom, or is it winbind? In-Reply-To: <39240181.7843A19D@schernau.com> Message-ID: <3.0.6.32.20000517062749.00958380@203.16.214.248> At 12:44 AM 5/19/00 +1000, Edward Schernau wrote: >Can someone tell me what the current status of whatever the >software is called to authenticate users on Unix via an >NT Domain? Well, there is Samba 2.0.7, which can authenticate users from Windows NT 4.0 clients probably up to about SP 5, as long as you do not use NTLMv2. Then there is Samba TNG, which can handle Windows NT clients as well as NT5/Win2K clients and has a lot more stuff implemented such that things like User Manager for domains works better etc. Then there is the head code, in which some merging has been occurring. So it may also handle some aspects of NT5/Win2K logons now, but I have not tried it so I don't know. >-- >Edward Schernau, mailto:ed@schernau.com >Network Architect http://www.schernau.com >RC5-64#: 243249 e-gold acct #:131897 > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From laa at ipt.pt Thu May 18 22:18:13 2000 From: laa at ipt.pt (root) Date: Tue Dec 2 02:29:54 2003 Subject: domain controller for win2000 PRO Message-ID: <39246C25.EAFE979@ipt.pt> Hi, Do you know if is possible to join a win2000 professional box to a samba domain? My WinNT boxes and Win95 does not have any problem, but with win2000 i have the following problem: "The folllowing error ocurred validating the name"mydom" The specified domain either does not exist or could not be contacted" thanks laa@ipt.pt From it at computerbild.de Thu May 18 22:24:03 2000 From: it at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. Message-ID: <003701bfc117$c5e263a0$7400a8c0@dukat.combi.de> >Hmmm, you have to appreciate that people writing books on Samba can only go >on the best information available, and then things change. Of course. Sorry, no offence in intended. >Not many people have the time to do this, we are either writing code or >writing books or writing Samba courses ... I think almost all that is needed was in your next mail;-) >Well, there is Samba 2.0.7, which can authenticate users from Windows NT >Then there is Samba TNG, which can handle Windows NT clients as well as NT5/Win2K clients >Then there is the head code, I didn't ask for a comprehensive analysis of the details, but a summary of purposes and differences between the version along the lines (2.0.7 = STABLE domain member, HEAD = DEVEL member and PDC, TNG = DEVEL PDC + trusts) Ingo From D.Bannon at latrobe.edu.au Thu May 18 22:45:55 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: <20000518070036.998151F85C@harper.gist.net.au> References: Message-ID: <3.0.6.32.20000519084555.00869100@bioserve.latrobe.edu.au> At 05:01 PM 18/05/2000 +1000, you wrote: > >it-samba@computerbild.de said: >Isn't it obvious to anyone here, that if the book says 2.1, and the released >version is 2.2, then the 2.2 version would obviously be newer, and obviously >fulfill the requirement as the 2.1 versiion was intended to in the book? > The fact is that we cannot just stop Samba Version numbers at 2.0.x Mainstream samba will NEVER fulfill the 2.1 requirments mentioned in the book. All development towards PDC is in the TNG branch and works very differently from how 2.1.0 would have been described. If it was possible that the behaviour of 2.1.0 would eventually be merged into mainstream samba it would be a different matter, however when the PDC stuff appears there, it will behave like TNG, not 2.1.0. So the book is wrong, nothing can be done about that. I have been using the 2.1.0 and 'HEAD' stuff for years, a book about it that is unaware of TNG is no use at all in setting up TNG. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From mgeddes at mail.xavier.sa.edu.au Thu May 18 21:32:06 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:54 2003 Subject: status of pam_ntdom, or is it winbind? In-Reply-To: <3.0.6.32.20000517062749.00958380@203.16.214.248> References: <3.0.6.32.20000517062749.00958380@203.16.214.248> Message-ID: <200005182132.HAA09176@mail.xavier.sa.edu.au> Quoting Richard Sharpe : > Well, there is Samba 2.0.7, which can authenticate users from Windows NT > 4.0 clients probably up to about SP 5, as long as you do not use NTLMv2. > > Then there is Samba TNG, which can handle Windows NT clients as well as > NT5/Win2K clients and has a lot more stuff implemented such that things > like User Manager for domains works better etc. > Richard, you appear to have misunderstood the question. It would appear that he was after the status of the PAM stuff. \"to authenticate users on Unix via an NT Domain?\". Dan Shearer was telling us the other night that it\'s now possible to do the following on PAM-based systems: login: NT_DOMAIN\\Domain_User password: NT_password as well as things like chown and ls -l working. Can anybody point myself and Edward Schernau in the right direction? Thanks, Matt ======================================= Xavier College Gawler, South Australia visit http://www.xavier.sa.edu.au/ --------------------------------------- Xavier College Staff E-mail is Powered by IMP http://www.horde.org/ From allen at gist.net.au Thu May 18 23:04:11 2000 From: allen at gist.net.au (Allen) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: Message from David Bannon of "Fri, 19 May 2000 08:47:32 +1000." <3.0.6.32.20000519084555.00869100@bioserve.latrobe.edu.au> Message-ID: <20000518230411.B78B91F89B@harper.gist.net.au> D.Bannon@latrobe.edu.au said: > The fact is that we cannot just stop Samba Version numbers at 2.0.x > Mainstream samba will NEVER fulfill the 2.1 requirments mentioned in > the book. All development towards PDC is in the TNG branch and works > very differently from how 2.1.0 would have been described. > If it was possible that the behaviour of 2.1.0 would eventually be > merged into mainstream samba it would be a different matter, however > when the PDC stuff appears there, it will behave like TNG, not 2.1.0. > So the book is wrong, nothing can be done about that. If that is the case, why not renumber it to 4.0.0, with statements to the effect that it breaks old instructions. As I understand it, if this is such a MAJOR rewrite, then a MAJOR renumber should be in order. again, my 2c -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Allen Bolderoff LNC - Linux, help and commentary http://linux.netnerve.com CTPC - Caffeine - get it here: http://www.coffee-tea-pots-cups.com/ +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ GPG fingerprint = CBB0 8626 702C 3D01 B5AD A54A DC2C 93B7 3E4B 6472 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ From ed at schernau.com Thu May 18 23:29:51 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:54 2003 Subject: PAM Message-ID: <39247CEF.28BC8C3D@schernau.com> > Subject: > Re: status of pam_ntdom, or is it winbind? > Date: > Fri, 19 May 2000 08:57:42 +1000 > From: > Matthew Geddes > To: > Multiple recipients of list SAMBA-NTDOM > References: > 1 > Richard, you appear to have misunderstood the question. > It would appear that he was after the status of the PAM > stuff. \"to authenticate users on Unix via an NT > Domain?\". > > Dan Shearer was telling us the other night that it\'s now > possible to do the following on PAM-based systems: > > login: NT_DOMAIN\\Domain_User > password: NT_password > > as well as things like chown and ls -l working. And this is with PAM_NTDOM? I thought I heard Luke talking about winbind? And, what sorts of /etc/ files are needed for group ownerships, etc. Or is this all on the SAMBA-TNG FAQ page? =8-) Ed From vgill at technologist.com Fri May 19 02:01:32 2000 From: vgill at technologist.com (Vern H. Gill) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC Message-ID: Has anyone gotten this to work? I want to maintain my existing samba installation as my PDC, and add an NT 4 server as a BDC to run Exchange. I know, I know, but there are no GOOD equivalents of Exchange for Linux. If anyone has this working, I would appreciate some assistance with it. Thanks. Also, which version of TNG should I use. Vern H. Gill From martinja at ice-works.com Fri May 19 02:18:09 2000 From: martinja at ice-works.com (Joseph A. Martin The LaterDude) Date: Tue Dec 2 02:29:54 2003 Subject: using and compiling smb-agent Message-ID: <877lcr1dwe.fsf@hallam.later.dude> Hello, I am interested in the samba-agent program distributed with Samba TNG. Usually I just compile things myself and figure them out, but I ran into a problem with smb-agent: I can't compile it! Typing 'make bin/smb-agent' compiles a load of other stuff and then bombs out when the Makefile tries to compile smb-agent itself. Here are the build errors: Compiling utils/smb-agent.c utils/smb-agent.c: In function `init_client_connection': utils/smb-agent.c:147: warning: assignment makes pointer from integer without a cast utils/smb-agent.c: At top level: utils/smb-agent.c:200: warning: `struct sock_redir' declared inside parameter list utils/smb-agent.c:200: warning: its scope is only this definition or declaration, which is probably not what you want. utils/smb-agent.c: In function `process_cli_sock': utils/smb-agent.c:202: dereferencing pointer to incomplete type utils/smb-agent.c:205: dereferencing pointer to incomplete type utils/smb-agent.c:210: dereferencing pointer to incomplete type utils/smb-agent.c:211: dereferencing pointer to incomplete type utils/smb-agent.c:212: dereferencing pointer to incomplete type utils/smb-agent.c:216: dereferencing pointer to incomplete type utils/smb-agent.c:222: dereferencing pointer to incomplete type utils/smb-agent.c:226: dereferencing pointer to incomplete type utils/smb-agent.c: At top level: utils/smb-agent.c:249: warning: `struct sock_redir' declared inside parameter list utils/smb-agent.c: In function `process_srv_sock': utils/smb-agent.c:272: dereferencing pointer to incomplete type utils/smb-agent.c:276: dereferencing pointer to incomplete type utils/smb-agent.c:277: dereferencing pointer to incomplete type utils/smb-agent.c:279: dereferencing pointer to incomplete type utils/smb-agent.c:285: dereferencing pointer to incomplete type utils/smb-agent.c: In function `start_smb_agent': utils/smb-agent.c:320: variable `va' has initializer but incomplete type utils/smb-agent.c:321: warning: excess elements in struct initializer utils/smb-agent.c:321: warning: (near initialization for `va') utils/smb-agent.c:322: warning: excess elements in struct initializer utils/smb-agent.c:322: warning: (near initialization for `va') utils/smb-agent.c:323: warning: excess elements in struct initializer utils/smb-agent.c:323: warning: (near initialization for `va') utils/smb-agent.c:324: warning: excess elements in struct initializer utils/smb-agent.c:324: warning: (near initialization for `va') utils/smb-agent.c:325: warning: excess elements in struct initializer utils/smb-agent.c:325: warning: (near initialization for `va') utils/smb-agent.c:326: warning: excess elements in struct initializer utils/smb-agent.c:326: warning: (near initialization for `va') utils/smb-agent.c:328: warning: excess elements in struct initializer utils/smb-agent.c:328: warning: (near initialization for `va') utils/smb-agent.c:320: storage size of `va' isn't known make: *** [utils/smb-agent.o] Error 1 I am running TNG alpha 2.5.3. Since I can't figure smb-agent out for myself and am not very good at reading C code I will ask my questions. From all of the build dependencies it appears that smb-agent only runs with TNG. Is this a good assumption? Also, if programs such as gnomba are recompiled against TNG will they magically use smb-agent? Does support for smb-agent have to be specifically written into an application? How hard is this to do? thanks for the help. later, joseph -- the "LaterDude" ICQ: 52640402 martinja@ice-works.com http://www.ice-works.com/personal/LaterDude/index.html All opinions expressed are my own and not necessarily those of my employer unless otherwise noted. From AVShutko at mail.khstu.ru Fri May 19 02:38:44 2000 From: AVShutko at mail.khstu.ru (A.V.Shutko) Date: Tue Dec 2 02:29:54 2003 Subject: Transfer syntax not supported by RPC server Message-ID: <12568.000519@mail.khstu.ru> Hello, I got a dlg window after installing cvs (16.05.00) with message: "Transfer syntax not supported by RPC server" When I trying start\run --> \\uiserv\share I got this error, but when I enter cd \\uiserv\share in Far mgr all work fine... CVS 15.05.00 worked fine.... A.V.Shutko mailto:AVShutko@mail.khstu.ru -------------- next part -------------- A non-text attachment was scrubbed... Name: ErrDlg.gif Type: image/gif Size: 1697 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000519/e07b4da4/ErrDlg.gif From Michael.Weisbach at de.ibm.com Fri May 19 07:09:31 2000 From: Michael.Weisbach at de.ibm.com (Michael.Weisbach@de.ibm.com) Date: Tue Dec 2 02:29:54 2003 Subject: [Annoucement] Imprints Project Message-ID: Dear Jerry, Hi folks, it's a very interesting project. Would it "sinnvoll" - hell, what's the english word for that:) - reasonable to integrate a samba-own spooling mechanism too, so we can control print jobs in a windows-like manner (stopping, deleting, ...)?! I think, that is not only a "nice-to-have" feature... it's a "must-feature" for giving the community a real alternativ solution to *piep*censored*.... Greetz and a nice weekend, -- Micha -- csg Computer Service GmbH... an IBM Global Services Company, UB SwP/L14 michael.weisbach@de.ibm.com / +49-172-8069068 IBM Mainz, Central Region Linux Team http://www.de.ibm.com/service/linux/ From Michael.Weisbach at de.ibm.com Fri May 19 07:20:03 2000 From: Michael.Weisbach at de.ibm.com (Michael.Weisbach@de.ibm.com) Date: Tue Dec 2 02:29:54 2003 Subject: LDAP assistance Message-ID: Hi Brandon, thnx for your information right now. I'll try it on weekend. It would be very nice, if you could provide me you patches. Pls. send it to mwei@tuts.nu.remove.it (remove "remove.it" ;). I'll have a look at it... Still to have the classical accounts?! Bad. Why that?! Well, so I'll try to get running the stuff with pam_ldap-module that's working for me very well. My not-system-accounts are already LDAP-based :)... Greetz, -- Micha -- csg Computer Service GmbH... an IBM Global Services Company, UB SwP/L14 michael.weisbach@de.ibm.com / +49-172-8069068 IBM Mainz, Central Region Linux Team http://www.de.ibm.com/service/linux/ From simo.sorce at polimi.it Fri May 19 07:45:04 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. References: <20000518230411.B78B91F89B@harper.gist.net.au> Message-ID: <3924F100.A3C6DFB5@polimi.it> Allen wrote: > > D.Bannon@latrobe.edu.au said: > > The fact is that we cannot just stop Samba Version numbers at 2.0.x > > Mainstream samba will NEVER fulfill the 2.1 requirments mentioned in > > the book. All development towards PDC is in the TNG branch and works > > very differently from how 2.1.0 would have been described. > > > If it was possible that the behaviour of 2.1.0 would eventually be > > merged into mainstream samba it would be a different matter, however > > when the PDC stuff appears there, it will behave like TNG, not 2.1.0. > > So the book is wrong, nothing can be done about that. > > If that is the case, why not renumber it to 4.0.0, with statements to the > effect that it breaks old instructions. > > As I understand it, if this is such a MAJOR rewrite, then a MAJOR renumber > should be in order. > > again, my 2c If that matters, I agree with the lasts statments. The books are known to become soon obsolete and outdated in computer science field, so it should not be so important to maintain versioning compatibility with the book. I think it is more important that different samba products that contain major or consistent reworks are marked in a different way to avoid confusion. The way I see this is: 2.0.x Current stable+bugfix branch 2.2.x New enhanced (stable?) branch 3.0.x The current HEAD branch 4.0.x The TNG branch A page on www.samba.org that explain exactly what every version is and differs from the others should be implemented (Many questions on the list will be avoided). Regards, Simo Sorce -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From simo.sorce at polimi.it Fri May 19 08:14:09 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:54 2003 Subject: Samba 2.0.7 or Samba TNG References: <200005181548.e4IFmOs06329@colombe.spi.enseeiht.fr> Message-ID: <3924F7D1.D23E7F41@polimi.it> Giles Carre wrote: > > Hello, > > Sorry for this basic question. > > To have a PDC acting as : > > . authentication server for NT clients > . netlogon server > . WINS server > . file server > . print server > > is 2.0.7 sufficient, or do I need TNG ? > > Note that today, I don't need synchronisation between DCs or WINS, RDR service > or RPC for use with the NT admin tools. > > Thanks in advance. I use 2.0.5/2.0.6 succesfully as PDC,file,printer server and it works perfectly. The only problem is that I'm not able to launch AT commands or access administrative share from a NTclient to another. > > ________________________________________________________________________ > Giles Carr? - Responsable du p?le Syst?mes | Giles.Carre@enseeiht.fr > Centre de Ressources Informatiques | http://www.enseeiht.fr > ENSEEIHT - INP Toulouse | T?l : 05 61 58 84 01 > 2, rue Camichel - 31071 Toulouse Cedex 7 | Fax : 05 61 58 82 09 > ________________________________________________________________________ -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From simo.sorce at polimi.it Fri May 19 08:22:51 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC References: Message-ID: <3924F9DB.702868C1@polimi.it> "Vern H. Gill" wrote: > > Has anyone gotten this to work? I want to maintain my existing samba > installation as my PDC, and add an NT 4 server as a BDC to run Exchange. I > know, I know, but there are no GOOD equivalents of Exchange for Linux. If > anyone has this working, I would appreciate some assistance with it. Thanks. > Also, which version of TNG should I use. > > Vern H. Gill Just now the only way to have BDC support is using the TNG development branch of SAMBA, but it is not yet suitable for production enviroment! P.S: Anyway be aware that exchange is a pain to manage and is a memory eater :( What do exchange do that sendmail or qmail can't do ? -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From Jean-Francois.Micouleau at dalalu.fr Fri May 19 08:31:38 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:29:54 2003 Subject: [Annoucement] Imprints Project In-Reply-To: Message-ID: On Fri, 19 May 2000 Michael.Weisbach@de.ibm.com wrote: > integrate a samba-own spooling mechanism too, so we can control print > jobs in a windows-like manner (stopping, deleting, ...)?! I think, that > is not only a "nice-to-have" feature... it's a "must-feature" for giving > the community a real alternativ solution to *piep*censored*.... Take a look at the HEAD branch. All those features have been added there and will be standard in samba 2.2.0 J.F. From michael.both at mail.vahle.de Fri May 19 11:09:42 2000 From: michael.both at mail.vahle.de (Michael Both) Date: Tue Dec 2 02:29:54 2003 Subject: domain admin users Message-ID: <200005190910.LAA10846@mail.vahle.de> HI! I am using Samba 2.0.7 which is runnig as PDC. How do I configure samba to become domain admin rights for some NT users? Michael Both Tel.: 02307/704-361 Fax: 02307/74704 --------------------------------------------------------------------- Paul Vahle GmbH & Co. KG URL : http://www.vahle.de Westicker Strasse 52 D-59174 Kamen E-Mail : postmaster@vahle.de From simo.sorce at polimi.it Fri May 19 09:13:40 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> Message-ID: <392505C4.3B91B4DA@polimi.it> Ian Jamison wrote: > > Simo Sorce wrote: > > > > > > Has anyone gotten this to work? I want to maintain my existing samba > > > installation as my PDC, and add an NT 4 server as a BDC to run Exchange. I > > > know, I know, but there are no GOOD equivalents of Exchange for Linux. If > > > anyone has this working, I would appreciate some assistance with it. Thanks. > > I don't think it's necessary to have the Exchange box running as a BDC. We have an > experimental setup with Exchange running aparrently happily against a TNG domain. > The NT Server box that's hosting Exchange is configured as a "standalone server". Good news :) Still I think exchange is a mess and prefer qmail. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From nord at cdt.luth.se Fri May 19 09:32:42 2000 From: nord at cdt.luth.se (James Nord) Date: Tue Dec 2 02:29:54 2003 Subject: [Annoucement] Imprints Project References: Message-ID: <39250A3A.DE89BB6F@cdt.luth.se> Jean Francois Micouleau wrote: > > On Fri, 19 May 2000 Michael.Weisbach@de.ibm.com wrote: > > > integrate a samba-own spooling mechanism too, so we can control print > > jobs in a windows-like manner (stopping, deleting, ...)?! I think, that > > is not only a "nice-to-have" feature... it's a "must-feature" for giving > > the community a real alternativ solution to *piep*censored*.... > > Take a look at the HEAD branch. All those features have been added there > and will be standard in samba 2.2.0 Maybe I'm lucky but I can control print jobs using samba 2.0 (2.0.3 & 2.0.6) ;-) lpq cache time = 1 print command = /usr/local/bin/lpr -P%p -r %s lpq command = /usr/local/bin/lpq -P%p lprm command = /usr/local/bin/lprm -P%p %j lppause command = /usr/local/bin/lpc hold %p %j lpresume command = /usr/local/bin/lpc release %p %j queuepause command = /usr/local/bin/lpc -P%p stop queueresume command = /usr/local/bin/lpc -P%p start WFW cannot control the printqueues (just jobs?) but 9x and NT can. /James -- Technology is a word that describes something that doesn't work yet. Douglas Adams From p.mayers at ic.ac.uk Fri May 19 11:11:39 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:54 2003 Subject: status of pam_ntdom, or is it winbind? References: <3.0.6.32.20000517062749.00958380@203.16.214.248> <200005182132.HAA09176@mail.xavier.sa.edu.au> Message-ID: <3925216B.8B126BEC@ic.ac.uk> Right. There are two components: 1) A PAM module which handles the password checking. This was called pam_ntdom, but I think it was renamed to pam_winbind, along with some functionality changes. I could be wrong, they might be seperate PAM modules which do the same thing, but either way.. 2) An NSS module called winbind. This consists of the usual shared library libnss_winbind.so and: passwd: files winbind group: files winbind in /etc/nsswitch.conf. Then, a daemon (winbindd IIRC) that does all the work (connection to the domain, etc) and the .so communicates with it through a named pipe. I believe these exist in TNG and HEAD at the moment, although they're not built be default - I think it's "make bin/nsswitch" to build them. There isn't a lot of documentation, but I think there are several options in smb.conf which are documented in the man page, and maybe even a readme! I'm busy at the moment, so haven't looked at it - this is all garnered from reading CVS commit messages. If anyone gets it to work, document what you did and let us all know. Cheers, Phil Matthew Geddes wrote: > > > Richard, you appear to have misunderstood the question. > It would appear that he was after the status of the PAM > stuff. \"to authenticate users on Unix via an NT > Domain?\". > > Dan Shearer was telling us the other night that it\'s now > possible to do the following on PAM-based systems: > > login: NT_DOMAIN\\Domain_User > password: NT_password > > as well as things like chown and ls -l working. > > Can anybody point myself and Edward Schernau in the > right direction? > > Thanks, > Matt From sharpe at ns.aus.com Fri May 19 09:49:30 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:29:54 2003 Subject: status of pam_ntdom, or is it winbind? In-Reply-To: <200005182132.HAA09176@mail.xavier.sa.edu.au> References: <3.0.6.32.20000517062749.00958380@203.16.214.248> <3.0.6.32.20000517062749.00958380@203.16.214.248> Message-ID: <3.0.6.32.20000519184930.009594d0@203.16.214.248> At 08:57 AM 5/19/00 +1000, Matthew Geddes wrote: >Quoting Richard Sharpe : > >> Well, there is Samba 2.0.7, which can authenticate >users from Windows NT >> 4.0 clients probably up to about SP 5, as long as you >do not use NTLMv2. >> >> Then there is Samba TNG, which can handle Windows NT >clients as well as >> NT5/Win2K clients and has a lot more stuff implemented >such that things >> like User Manager for domains works better etc. >> > >Richard, you appear to have misunderstood the question. >It would appear that he was after the status of the PAM >stuff. \"to authenticate users on Unix via an NT >Domain?\". > >Dan Shearer was telling us the other night that it\'s now >possible to do the following on PAM-based systems: > >login: NT_DOMAIN\\Domain_User >password: NT_password > >as well as things like chown and ls -l working. > >Can anybody point myself and Edward Schernau in the >right direction? Well, I saw this last week. It really does work, and it is part of winbind but it also works with PAM ... It was neat to see: ls -al -rwxr-xr-x 1 DOMAIN\user DOMAIN\group ... Except that the user and group were truncated because of ls's problems with length. I think it is going into HEAD and TNG ... >Thanks, >Matt Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Co-author, SAMS Teach Yourself Samba in 24 Hours Author: First Australian 5-day, intensive, hands-on Linux SysAdmin course Author: First Australian 2-day, intensive, hands-on Samba course From jabachman at hiestandsupply.com Fri May 19 12:30:47 2000 From: jabachman at hiestandsupply.com (Jason Bachman) Date: Tue Dec 2 02:29:54 2003 Subject: Problem compiling TNG branch Message-ID: Hello List, I am currently running Linux-Mandrake 6.1 and Samba 2.0.6 and all is working VERY well, even as NT PDC. I tried to compile the TNG branch the other day to start playing with the more advanced PDC support, and I ran into a problem that I can't seem to figgure out. During the Configure script, I get an error that says there is no locking in the Kernel, and the script ends prematurely. I am running Kernel 2.2.13-SMP (on a dual P-III 500 machine) and all current applications run great. Does anyone have any suggestions on what to look for? Thanks in advance! Jason From t.nijenbrink at pink.nl Fri May 19 13:43:18 2000 From: t.nijenbrink at pink.nl (Tim Nijenbrink) Date: Tue Dec 2 02:29:54 2003 Subject: smbmount on Wk2 Message-ID: <002f01bfc198$3470ca20$0300a8c0@spike> Hello all, I installed tng on our local network, it works well. I have a little problem that might not directly have anything to do with tng. I am trying to mount a w2k share on the linux server, but I get Err no Acces messages all the time. I have tried everything I could think of. Would anybody have a clue as to how I could resolve this problem? -------------- next part -------------- HTML attachment scrubbed and removed From peter at cadcamlab.org Fri May 19 13:22:03 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:54 2003 Subject: ILOVEYOU version 2.0 .. Message-ID: <14629.16013.834646.984424@wire.cadcamlab.org> Ho hum, another VBScript virus makes the rounds. I just now looped through the output of a `smbclient -L PDC' with something very like for m in `cat /tmp/ntboxes`; do rpcclient -S $m -U admin%pass -W mydomain -c \ 'regdeletekey "hkey_classes_root\.VBS"; quit' done > /tmp/nomoreVBS.log 2>&1 Does that sound too drastic? Any better ideas? I am *really* getting tired of this stuff. *sigh* Peter From timothy_d_cole at md.northgrum.com Fri May 19 14:45:24 2000 From: timothy_d_cole at md.northgrum.com (Cole, Timothy D.) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. Message-ID: <51FBD4A8EFD9D111BA7300A0C927DADB03F47083@xcgmd008.md.essd.northgrum.com> I think in effect what's happened is that the development roadmap has changed. The general expectation a while back (when that text was probably written) would be that the next non-2.0 version would have all of the PDC goodies and whatnot. But, that's not really feasible at the moment, and there are enough new changes to warrant a 2.2 release, I think. So, the book made predictions about Samba development based on the roadmap at the time, only the roadmap's changed now. It happens. *shrug* I think we're basically just going to have to tell the newbies asking about this that the roadmap has changed somewhat since the book was written. > -----Original Message----- > From: Allen [SMTP:allen@gist.net.au] > Sent: Thursday, May 18, 2000 3:01 > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Next stable version of Samba. > > > it-samba@computerbild.de said: > > I think that the 2.2 for the release branch is favorable while the > > "2.1" in the book is unfortunate. > > Isn't it obvious to anyone here, that if the book says 2.1, and the > released > version is 2.2, then the 2.2 version would obviously be newer, and > obviously > fulfill the requirement as the 2.1 versiion was intended to in the book? > > > my 2c > -- > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > + > Allen Bolderoff > LNC - Linux, help and commentary http://linux.netnerve.com > CTPC - Caffeine - get it here: http://www.coffee-tea-pots-cups.com/ > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > + > GPG fingerprint = CBB0 8626 702C 3D01 B5AD A54A DC2C 93B7 3E4B 6472 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > + > From kevinc at grainsystems.com Fri May 19 15:21:37 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> Message-ID: <39255C01.C7FC1800@grainsystems.com> I have to concur that I would expect TNG to be given a new major release number--when it is released. However, if a number is assigned to it now, we may be having this same discussion next year, when suddenly "4.0" is something other than TNG. I don't honestly expect that now, but how many people expected "2.1" to be an issue? This should be given some serious thought. Of course, much like Netscape Communicator, should that happen "4.0" could simply be skipped and "5.0" be assigned to the next big thing. - Kevin Colby kevinc@grainsystems.com Simo Sorce wrote: > > Allen wrote: > > > > D.Bannon@latrobe.edu.au said: > > > The fact is that we cannot just stop Samba Version numbers at 2.0.x > > > Mainstream samba will NEVER fulfill the 2.1 requirments mentioned in > > > the book. All development towards PDC is in the TNG branch and works > > > very differently from how 2.1.0 would have been described. > > > > > If it was possible that the behaviour of 2.1.0 would eventually be > > > merged into mainstream samba it would be a different matter, however > > > when the PDC stuff appears there, it will behave like TNG, not 2.1.0. > > > So the book is wrong, nothing can be done about that. > > > > If that is the case, why not renumber it to 4.0.0, with statements to the > > effect that it breaks old instructions. > > > > As I understand it, if this is such a MAJOR rewrite, then a MAJOR renumber > > should be in order. > > > > again, my 2c > > If that matters, I agree with the lasts statments. > The books are known to become soon obsolete and outdated in computer > science field, so it should not be so important to maintain versioning > compatibility with the book. > I think it is more important that different samba products that contain > major or consistent reworks are marked in a different way to avoid > confusion. > > The way I see this is: > > 2.0.x Current stable+bugfix branch > 2.2.x New enhanced (stable?) branch > 3.0.x The current HEAD branch > 4.0.x The TNG branch > > A page on www.samba.org that explain exactly what every version is and > differs from the others should be implemented (Many questions on the > list will be avoided). > > Regards, > Simo Sorce > -- > Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano > E-mail: simo.sorce@polimi.it > Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 > ----------------------------------------------------------------- > Be happy, use Linux! From mhw at wittsend.com Fri May 19 14:24:14 2000 From: mhw at wittsend.com (Michael H. Warfield) Date: Tue Dec 2 02:29:54 2003 Subject: ILOVEYOU version 2.0 .. In-Reply-To: <14629.16013.834646.984424@wire.cadcamlab.org>; from peter@cadcamlab.org on Sat, May 20, 2000 at 01:02:01AM +1000 References: <14629.16013.834646.984424@wire.cadcamlab.org> Message-ID: <20000519102414.J25589@alcove.wittsend.com> On Sat, May 20, 2000 at 01:02:01AM +1000, Peter Samuelson wrote: > Ho hum, another VBScript virus makes the rounds. > I just now looped through the output of a `smbclient -L PDC' with > something very like > for m in `cat /tmp/ntboxes`; do > rpcclient -S $m -U admin%pass -W mydomain -c \ > 'regdeletekey "hkey_classes_root\.VBS"; quit' > done > /tmp/nomoreVBS.log 2>&1 > Does that sound too drastic? Any better ideas? I am *really* getting > tired of this stuff. Not drastic enough... If you find one, raise hell... This one destroys systems by zeroing out all the files that it finds that are not in use. > *sigh* > Peter Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From peter at cadcamlab.org Fri May 19 15:40:27 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:54 2003 Subject: regcreateval "(default)"? (was Re: ILOVEYOU version 2.0 ..) References: <14629.16013.834646.984424@wire.cadcamlab.org> <20000519102414.J25589@alcove.wittsend.com> Message-ID: <14629.24177.348502.772864@wire.cadcamlab.org> [Peter Samuelson ] > > Does that sound too drastic? Any better ideas? I am *really* > > getting tired of this stuff. [Michael H. Warfield ] > Not drastic enough... If you find one, raise hell... This one > destroys systems by zeroing out all the files that it finds that are > not in use. Yeah. Haven't seen it so far. But I *have* discovered something this morning, or rather I have failed to discover something. How to create the default value for a registry key. Remotely. - NT REGEDT32.EXE won't go near a remote hkey_classes_root. - NT REGEDIT.EXE pleads lack of permission to add values. - TNG rpcclient ... well, it can add keys and values just fine, but I can't get it to add the *default* value for a key. The issue is that I went through and deleted everyone's reg key: hkey_classes_root\.VBS which I now can't recreate for the machines I want to, because it's supposed to have a default value of "VBScript". In REGEDIT.EXE this shows up as the value named "(default)". If you export to a .REG file it is represented by "@". Luke? Anyone? Is there a way to do this in rpcclient? It's not urgent or anything, just annoying. Peter From pjdc at eircom.net Fri May 19 17:58:00 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: Kevin Colby's message of "Sat, 20 May 2000 01:25:43 +1000" References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> <39255C01.C7FC1800@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> given some serious thought. Of course, much like Netscape Kevin> Communicator, should that happen "4.0" could simply be Kevin> skipped and "5.0" be assigned to the next big thing. There was a Netscape Communicator 5.0; it was the open-source release of the 4.x code-base. This code-base was abandoned in 1998 in order to begin the current Mozilla effort, which is yielding excellent results. Note that Mozilla still says version 5.0 in the User-Agent string; since it's not version 6 yet, this is to be expected. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri May 19 17:59:38 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC In-Reply-To: Simo Sorce's message of "Fri, 19 May 2000 19:27:19 +1000" References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> Message-ID: >>>>> "Simo" == Simo Sorce writes: Simo> Still I think exchange is a mess and prefer qmail. Hmm... To the best of my knowledge, qmail is an MTA and does not provide the kind of mail storage and accessing capabilties that software such as Exchange and Cyrus IMAP (to name but two) provide. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From David.Bear at asu.edu Fri May 19 18:16:11 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:54 2003 Subject: net view Message-ID: Is there an equivalent in samba to 'net view' where with no parameters it lists all machine registered in the domain/workgroup? David Bear College of Public Programs/ASU From David.Bear at asu.edu Fri May 19 18:18:53 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:54 2003 Subject: netbios messages Message-ID: I'd like to setup a server to listen for netbios messages. smbclient -M can send a message.. I'd like to be able to have samba listen and log messages -- more specifically, I'd like to register multiple names with samba, and have samba log messages sent to each name... This would provide a primited Alert manager where I could send client alerts too.. any advice? David Bear College of Public Programs/ASU From lkcl at samba.org Fri May 19 19:02:51 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:54 2003 Subject: ILOVEYOU version 2.0 .. In-Reply-To: <20000519102414.J25589@alcove.wittsend.com> Message-ID: i cross-posted to NTBUGTRAQ, mike or anyone else if you think this does a lot of damage [more than the virus itself] please say so, thx. On Sat, 20 May 2000, Michael H. Warfield wrote: > On Sat, May 20, 2000 at 01:02:01AM +1000, Peter Samuelson wrote: > > > Ho hum, another VBScript virus makes the rounds. > > > I just now looped through the output of a `smbclient -L PDC' with > > something very like > > > for m in `cat /tmp/ntboxes`; do > > rpcclient -S $m -U admin%pass -W mydomain -c \ > > 'regdeletekey "hkey_classes_root\.VBS"; quit' > > done > /tmp/nomoreVBS.log 2>&1 > > > Does that sound too drastic? Any better ideas? I am *really* getting > > tired of this stuff. > > Not drastic enough... If you find one, raise hell... This one > destroys systems by zeroing out all the files that it finds that are not > in use. > > > *sigh* > > > Peter > > Mike > -- > Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com > (The Mad Wizard) | (770) 331-2437 | http://www.wittsend.com/mhw/ > NIC whois: MHW9 | An optimist believes we live in the best of all > PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From lkcl at samba.org Fri May 19 19:03:52 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:54 2003 Subject: regcreateval "(default)"? (was Re: ILOVEYOU version 2.0 ..) In-Reply-To: <14629.24177.348502.772864@wire.cadcamlab.org> Message-ID: hm, don't know, will take a look-see some day. On Sat, 20 May 2000, Peter Samuelson wrote: > > [Peter Samuelson ] > > > Does that sound too drastic? Any better ideas? I am *really* > > > getting tired of this stuff. > > [Michael H. Warfield ] > > Not drastic enough... If you find one, raise hell... This one > > destroys systems by zeroing out all the files that it finds that are > > not in use. > > Yeah. Haven't seen it so far. But I *have* discovered something this > morning, or rather I have failed to discover something. > > How to create the default value for a registry key. Remotely. > > - NT REGEDT32.EXE won't go near a remote hkey_classes_root. > - NT REGEDIT.EXE pleads lack of permission to add values. > - TNG rpcclient ... well, it can add keys and values just fine, but I > can't get it to add the *default* value for a key. > > The issue is that I went through and deleted everyone's reg key: > > hkey_classes_root\.VBS > > which I now can't recreate for the machines I want to, because it's > supposed to have a default value of "VBScript". > > In REGEDIT.EXE this shows up as the value named "(default)". If you > export to a .REG file it is represented by "@". > > Luke? Anyone? Is there a way to do this in rpcclient? It's not > urgent or anything, just annoying. > > Peter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From kevinc at grainsystems.com Fri May 19 19:40:21 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> Message-ID: <392598A5.C00FDE96@grainsystems.com> Paul J Collins wrote: > > >>>>> "Simo" == Simo Sorce writes: > > Simo> Still I think exchange is a mess and prefer qmail. > > Hmm... To the best of my knowledge, qmail is an MTA and does not > provide the kind of mail storage and accessing capabilties that > software such as Exchange and Cyrus IMAP (to name but two) provide. What capabilities? IMAP is supported via imapd. - Kevin Colby kevinc@grainsystems.com From kevinc at grainsystems.com Fri May 19 19:41:53 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> <39255C01.C7FC1800@grainsystems.com> Message-ID: <39259901.16134FDC@grainsystems.com> This was precisely my point, thank you. - Kevin Colby kevinc@grainsystems.com Paul J Collins wrote: > > >>>>> "Kevin" == Kevin Colby writes: > > Kevin> given some serious thought. Of course, much like Netscape > Kevin> Communicator, should that happen "4.0" could simply be > Kevin> skipped and "5.0" be assigned to the next big thing. > > There was a Netscape Communicator 5.0; it was the open-source release > of the 4.x code-base. This code-base was abandoned in 1998 in order > to begin the current Mozilla effort, which is yielding excellent > results. Note that Mozilla still says version 5.0 in the User-Agent > string; since it's not version 6 yet, this is to be expected. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From kevin_myer at iu13.k12.pa.us Fri May 19 20:13:03 2000 From: kevin_myer at iu13.k12.pa.us (Kevin M. Myer) Date: Tue Dec 2 02:29:54 2003 Subject: Recommendations for production environment needed Message-ID: Hi, I followed this list for some time about a year ago when I was working to get the Samba HEAD branch working as a PDC, in conjunction with a LDAP server. I'm happy to say that it did become a reality and worked fine. However, I've since changed jobs and now have a larger project to work on - consolidating our NT and Apple file/print servers onto a Linux box. I have read some of the mail archives and Lars' FAQ about Samba_TNG but I'm still not quite sure which direction to take for my project. My project requirements and my proposed solutions are (need not be achieved by a single program - for example, I'd be happy to run Samba HEAD to support Win 95 clients and Samba_TNG to support the NT PDC stuff): 1) NT PDC/BDC (Samba TNG) 2) SMB filesharing for NT (Samba HEAD) 3) SMB filesharing for Win95 (Stable Samba 2.0.7 ??) 4) AppleShare support (netatalk 2.1.4prewhateveritisbynow) 5) LDAP integration with everything (OpenLDAP and/or Netscape DS 4.11) I know the mantra about not using alpha quality software (but then again people use NT 4.0 ;) in production environments but I would like to know peoples' experience in using Samba TNG in conjunction with Samba HEAD. Is it _reasonably_ stable? Are the bugs minor irritants or are they bugs which affect the core components and core functionality? What is the current status of LDAP support in TNG? I sense from the archives that its in flux and isn't fully functional. I'm currently leaning towards going with a setup that is identical what I worked out last year, since I know the basic parts of that work (but it would be nice to have some of the features of Samba TNG that I read about). However, if there are abundant examples of working Samba TNG and HEAD installs and if my testing shows it will work well, I may go with that. Feedback anyone? Kevin -- Kevin M. Myer Systems Administrator Lancaster-Lebanon Intermediate Unit 13 (717)-560-6140 From ctooley at joslyn.org Fri May 19 22:16:08 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:54 2003 Subject: Registry entries via netlogon batch file References: <3922BC9E.6014BD1F@joslyn.org> <14627.27007.551758.6093@wire.cadcamlab.org> Message-ID: <3925BD28.BB4BA049@joslyn.org> Is rpcclient a general term to several small little apps that do this sort of thing or is rpcclient a specific binary that is part of the Samba package? I'm still kind of cutting my teeth on the whole remote registry hacking idea and since I don't have the luxury of doing it with machines that are at least a little aware of "this networking thing", it's become quite a pain. I've still got some old Win95 RTM boxes that aren't capable of encrypted passwords. So this is going to be a royal pain in the butt. Any ideas would be great. Peter Samuelson wrote: > [Chris Tooley ] > > Is there any way to make registry changes to a client machine (change > > a DWORD value and a key value). > > `rpcclient' is made for this sort of thing, although I don't know if > there's a version out there that can connect to a Win95/98 registry. > You might look around. I know the TNG one craps out with Win98. > > > When they logon to the OLDDC server I want to make the necessary > > registry changes to change the Domain they are logging into and to > > disable PlainTextPasswords (which is very easy to do). The next time > > they reboot, they never know the difference other than some of the > > names have changed, which they won't notice anyway. > > If you can find a `rpcclient' that gets along with Win95, do this: > > for m in win95box1 win95box2 win95box3 win98box1 win98box2 win98box3; do > rpcclient -S $m -c \ > 'regsetval hkey_local_machine\system\currentcontrolset\services\vxd\vnetsup\enableplaintextpassword 4 0; quit' > done > > > Does anyone see any holes in this and if it seems somewhat plausible can > > someone tell me how to make the registry changes via the Netlogon > > script? > > You can give REGEDIT.EXE an import file (like the ones in samba/docs/) > and it will plug it right in. (At least the REGEDIT.EXE for NT....) > There's a flag for quiet/unprompted operation, though I don't remember > what it is. > > Peter From pjdc at eircom.net Fri May 19 20:29:20 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: Kevin Colby's message of "Sat, 20 May 2000 05:42:53 +1000" References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> <39255C01.C7FC1800@grainsystems.com> <39259901.16134FDC@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> This was precisely my point, thank you. Er, my interpretation of your comment was that Mozilla had jumped from 4 to 6 with no version 5 *at all*; did I misunderstand? Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From peter at cadcamlab.org Fri May 19 20:27:40 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:54 2003 Subject: Registry entries via netlogon batch file References: <3922BC9E.6014BD1F@joslyn.org> <14627.27007.551758.6093@wire.cadcamlab.org> <3925BD28.BB4BA049@joslyn.org> Message-ID: <14629.41361.279444.309179@wire.cadcamlab.org> [Chris Tooley ] > Is rpcclient a general term to several small little apps that do this > sort of thing or is rpcclient a specific binary that is part of the > Samba package? Both, sort of. There *is* a binary called `rpcclient', and that's what I was thinking of, but at least in Samba-TNG there are other client programs such as `net' and `samedit' which share a lot of code with `rpcclient' and perform some of the same functions. Like I said, this may not be applicable to your situation, depending on whether you can get any version of `rpcclient' to cooperate with Windows95. Failing that, you can probably still do what you want with a client-side logon script as per my last post: > > You can give REGEDIT.EXE an import file (like the ones in > > samba/docs/) and it will plug it right in. (At least the > > REGEDIT.EXE for NT....) There's a flag for quiet/unprompted > > operation, though I don't remember what it is. Note that the "import file" can be created by using REGEDIT itself, the "export" menu item. Peter From pjdc at eircom.net Fri May 19 20:33:57 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC In-Reply-To: Kevin Colby's message of "Sat, 20 May 2000 05:39:55 +1000" References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> <392598A5.C00FDE96@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: >> Hmm... To the best of my knowledge, qmail is an MTA and does not >> provide the kind of mail storage and accessing capabilties that >> software such as Exchange and Cyrus IMAP (to name but two) provide. Kevin> What capabilities? IMAP is supported via imapd. But these capabilities are not native to qmail. (I should have also pointed out that Cyrus IMAP is not an MTA.) qmail is nothing *but* an MTA. All it can do is route mail and dump it somewhere, possibly in a fashion that Cyrus IMAP or imapd can take advantage of. Exchange is a big box of tricks that includes MTA stuff and central mail storage, as well as a quasi-directory and some other stuff I have probably forgotten about. I will not make comments on quality of same as I am not an Exchange guru. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From lkcl at samba.org Fri May 19 20:32:55 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:54 2003 Subject: Registry entries via netlogon batch file In-Reply-To: <14629.41361.279444.309179@wire.cadcamlab.org> Message-ID: rpcclient is the mother-of-all-rpc-client programs. samedit, regedit etc are just subsets of the commands in rpcclient. On Sat, 20 May 2000, Peter Samuelson wrote: > > [Chris Tooley ] > > Is rpcclient a general term to several small little apps that do this > > sort of thing or is rpcclient a specific binary that is part of the > > Samba package? > > Both, sort of. There *is* a binary called `rpcclient', and that's what > I was thinking of, but at least in Samba-TNG there are other client > programs such as `net' and `samedit' which share a lot of code with > `rpcclient' and perform some of the same functions. > > Like I said, this may not be applicable to your situation, depending on > whether you can get any version of `rpcclient' to cooperate with > Windows95. Failing that, you can probably still do what you want with > a client-side logon script as per my last post: > > > > You can give REGEDIT.EXE an import file (like the ones in > > > samba/docs/) and it will plug it right in. (At least the > > > REGEDIT.EXE for NT....) There's a flag for quiet/unprompted > > > operation, though I don't remember what it is. > > Note that the "import file" can be created by using REGEDIT itself, the > "export" menu item. > > Peter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From kevinc at grainsystems.com Fri May 19 21:57:04 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> <39255C01.C7FC1800@grainsystems.com> <39259901.16134FDC@grainsystems.com> Message-ID: <3925B8B0.8FB59159@grainsystems.com> No, my point was that if TNG is assigned to 4.0, and TNG ends up being superceded by a superior branch prior to its official release, that next branch could be given "5.0" anyway. The fact that "4.0" was never an officially supported release would be irrelevant. Any documentation referring to "4.0" would still be valid. If you don't do this, then either TNG cannot ever be given numbers in the main release schedule prior to "official" support, or you will again have this issue of documentation that refers to a nonexistant release. Comments? (I hope someone is still reading this thread.) - Kevin Colby kevinc@grainsystems.com Paul J Collins wrote: > > Er, my interpretation of your comment was that Mozilla had jumped from > 4 to 6 with no version 5 *at all*; did I misunderstand? > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From kevinc at grainsystems.com Fri May 19 22:04:59 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:54 2003 Subject: samba/TNG as PDC with WinNT4 as BDC References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> <392598A5.C00FDE96@grainsystems.com> Message-ID: <3925BA8B.29782B78@grainsystems.com> This is all correct, but I haven't heard of any Unix variant that doesn't include an MDA by default, and IMAP servers are easy to come by. Maybe I got this all wrong, but it sounded like you were saying this was a drawback to using qmail, which simply isn't true. - Kevin Colby kevinc@grainsystems.com Paul J Collins wrote: > > >>>>> "Kevin" == Kevin Colby writes: > > >> Hmm... To the best of my knowledge, qmail is an MTA and does not > >> provide the kind of mail storage and accessing capabilties that > >> software such as Exchange and Cyrus IMAP (to name but two) provide. > > Kevin> What capabilities? IMAP is supported via imapd. > > But these capabilities are not native to qmail. (I should have also > pointed out that Cyrus IMAP is not an MTA.) qmail is nothing *but* an > MTA. All it can do is route mail and dump it somewhere, possibly in a > fashion that Cyrus IMAP or imapd can take advantage of. > > Exchange is a big box of tricks that includes MTA stuff and central > mail storage, as well as a quasi-directory and some other stuff I have > probably forgotten about. I will not make comments on quality of same > as I am not an Exchange guru. > > Paul. > > -- > Paul Collins - - - - - [ A&P,a&f ] > GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD > PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C > "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri May 19 22:20:09 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:54 2003 Subject: Next stable version of Samba. In-Reply-To: Kevin Colby's message of "Sat, 20 May 2000 07:56:09 +1000" References: <20000518230411.B78B91F89B@harper.gist.net.au> <3924F100.A3C6DFB5@polimi.it> <39255C01.C7FC1800@grainsystems.com> <39259901.16134FDC@grainsystems.com> <3925B8B0.8FB59159@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> No, my point was that if TNG is assigned to 4.0, and TNG Kevin> ends up being superceded by a superior branch prior Kevin> to its official release, that next branch could be given Kevin> "5.0" anyway. The fact that "4.0" was never an officially Kevin> supported release would be irrelevant. Any documentation Kevin> referring to "4.0" would still be valid. Ah, now I understand. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Fri May 19 22:22:44 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:55 2003 Subject: samba/TNG as PDC with WinNT4 as BDC In-Reply-To: Kevin Colby's message of "Sat, 20 May 2000 08:04:06 +1000" References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> <392598A5.C00FDE96@grainsystems.com> <3925BA8B.29782B78@grainsystems.com> Message-ID: >>>>> "Kevin" == Kevin Colby writes: Kevin> This is all correct, but I haven't heard of any Unix Kevin> variant that doesn't include an MDA by default, and IMAP Kevin> servers are easy to come by. Maybe I got this all wrong, Kevin> but it sounded like you were saying this was a drawback to Kevin> using qmail, which simply isn't true. No, all I was saying is that Exchange and qmail are not equivalent, and to say that you use qmail in preference to Exchange imples that they are. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From GLeblanc at cu-portland.edu Fri May 19 22:24:20 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:55 2003 Subject: Next stable version of Samba. Message-ID: > -----Original Message----- > From: Kevin Colby [mailto:kevinc@grainsystems.com] > Sent: Friday, May 19, 2000 2:56 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: Re: Next stable version of Samba. > > No, my point was that if TNG is assigned to 4.0, and TNG > ends up being superceded by a superior branch prior > to its official release, that next branch could be given > "5.0" anyway. The fact that "4.0" was never an officially > supported release would be irrelevant. Any documentation > referring to "4.0" would still be valid. > > If you don't do this, then either TNG cannot ever be given > numbers in the main release schedule prior to "official" > support, or you will again have this issue of documentation > that refers to a nonexistant release. > > Comments? > (I hope someone is still reading this thread.) [snip] Yep, still reading. Personally, I don't think that WAY WAY WAY out alpha/beta code should be given release numbers, since it may or may not keep that schedule. I'd call the HEAD code HEAD, and the TNG code TNG. If you want to get into multiple revision numbers, then I'd make it follow the guidelines in the Software Release HOWTO. Now that I think about it some more, since Samba tends to have multiple development branches, it doesn't make a lot of sense to number any of them, except occasionally, like the change that Jeremy proposed. Depending on how confident the Samba Team is in the stability, it might be worth a few 2.1.x releases, with a fixed feature set, to ensure stability, leading up to a 2.2.x release, which would begin another stable branch like 2.0.x was. Greg From kevinc at grainsystems.com Fri May 19 22:33:29 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:29:55 2003 Subject: Next stable version of Samba. References: Message-ID: <3925C139.F5A9D559@grainsystems.com> Not numbering the branches is fine, but then we cannot send out documentation that refers to them as such. This goes not just for TNG, but any "unreleased" versions, as the "2.0.8" vs. "2.2" points out. - Kevin Colby kevinc@grainsystems.com Gregory Leblanc wrote: > > > -----Original Message----- > > From: Kevin Colby [mailto:kevinc@grainsystems.com] > > Sent: Friday, May 19, 2000 2:56 PM > > To: Multiple recipients of list SAMBA-NTDOM > > Subject: Re: Next stable version of Samba. > > > > No, my point was that if TNG is assigned to 4.0, and TNG > > ends up being superceded by a superior branch prior > > to its official release, that next branch could be given > > "5.0" anyway. The fact that "4.0" was never an officially > > supported release would be irrelevant. Any documentation > > referring to "4.0" would still be valid. > > > > If you don't do this, then either TNG cannot ever be given > > numbers in the main release schedule prior to "official" > > support, or you will again have this issue of documentation > > that refers to a nonexistant release. > > > > Comments? > > (I hope someone is still reading this thread.) > [snip] > > Yep, still reading. Personally, I don't think that WAY WAY WAY out > alpha/beta code should be given release numbers, since it may or may not > keep that schedule. I'd call the HEAD code HEAD, and the TNG code TNG. If > you want to get into multiple revision numbers, then I'd make it follow the > guidelines in the Software Release HOWTO. Now that I think about it some > more, since Samba tends to have multiple development branches, it doesn't > make a lot of sense to number any of them, except occasionally, like the > change that Jeremy proposed. Depending on how confident the Samba Team is > in the stability, it might be worth a few 2.1.x releases, with a fixed > feature set, to ensure stability, leading up to a 2.2.x release, which would > begin another stable branch like 2.0.x was. > Greg From mjwestkamper at weiinc.com Fri May 19 23:41:20 2000 From: mjwestkamper at weiinc.com (Mike Westkamper) Date: Tue Dec 2 02:29:55 2003 Subject: Next stable version of Samba. References: <3925C139.F5A9D559@grainsystems.com> Message-ID: <3925D120.3D62AC23@weiinc.com> >From a (ab)user and erstwhile lurker hereabouts... >From my understanding the nest stable release will include a lot of features that makes SAMBA an excellent platform for enterprise networking. The following release will likely include the domain controller and attendant pieces. If these are facts and it is the intent to provide a widely used platform then a couple of marketing factors might be considered. Make the next release 3.0. A little PR on the .ORG stating its readiness for prime-time. A list of bullets with the things IS managers will like to see. When the domain controller aspects are ready, make it 4.0. This is nice number. Sells well. You will need to upgrade the server to fibrechannel to handle the downloads. :Mike Westkamper :WEI Inc. Kevin Colby wrote: > Not numbering the branches is fine, but then we cannot send out > documentation that refers to them as such. This goes not just > for TNG, but any "unreleased" versions, as the "2.0.8" vs. "2.2" > points out. > > - Kevin Colby > kevinc@grainsystems.com > > Gregory Leblanc wrote: > > > > > -----Original Message----- > > > From: Kevin Colby [mailto:kevinc@grainsystems.com] > > > Sent: Friday, May 19, 2000 2:56 PM > > > To: Multiple recipients of list SAMBA-NTDOM > > > Subject: Re: Next stable version of Samba. > > > > > > No, my point was that if TNG is assigned to 4.0, and TNG > > > ends up being superceded by a superior branch prior > > > to its official release, that next branch could be given > > > "5.0" anyway. The fact that "4.0" was never an officially > > > supported release would be irrelevant. Any documentation > > > referring to "4.0" would still be valid. > > > > > > If you don't do this, then either TNG cannot ever be given > > > numbers in the main release schedule prior to "official" > > > support, or you will again have this issue of documentation > > > that refers to a nonexistant release. > > > > > > Comments? > > > (I hope someone is still reading this thread.) > > [snip] > > > > Yep, still reading. Personally, I don't think that WAY WAY WAY out > > alpha/beta code should be given release numbers, since it may or may not > > keep that schedule. I'd call the HEAD code HEAD, and the TNG code TNG. If > > you want to get into multiple revision numbers, then I'd make it follow the > > guidelines in the Software Release HOWTO. Now that I think about it some > > more, since Samba tends to have multiple development branches, it doesn't > > make a lot of sense to number any of them, except occasionally, like the > > change that Jeremy proposed. Depending on how confident the Samba Team is > > in the stability, it might be worth a few 2.1.x releases, with a fixed > > feature set, to ensure stability, leading up to a 2.2.x release, which would > > begin another stable branch like 2.0.x was. > > Greg From peter at cadcamlab.org Sat May 20 13:37:10 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:55 2003 Subject: ILOVEYOU version 2.0 .. References: <20000519102414.J25589@alcove.wittsend.com> Message-ID: <14630.37925.376274.150271@wire.cadcamlab.org> [Luke Kenneth Casson Leighton ] > i cross-posted to NTBUGTRAQ, mike or anyone else if you think this > does a lot of damage [more than the virus itself] please say so, thx. Oh, not more than the virus itself, it just breaks the association between *.VBS and VBScript, meaning that *.VBS files simply can't run. The real problem was that I couldn't find any easy way to reverse this except on the local console, since rpcclient seems unable to add a "default value" to a key and the NT regedit tools have other shortcomings in remote mode. I expect the rpcclient limitation will eventually be remedied, though I doubt I'm competent to write such a patch myself. (I did look at it the other day, no joy.) Peter From peter at cadcamlab.org Sat May 20 13:38:49 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:55 2003 Subject: net view References: Message-ID: <14630.38160.96101.908661@wire.cadcamlab.org> [iddwb ] > Is there an equivalent in samba to 'net view' where with no > parameters it lists all machine registered in the domain/workgroup? Well, "smbclient -L {DMB}" works. In some cases you need to supply credentials for a particular server to tell you anything useful. Peter From thomas.heiligenmann at t-online.de Sat May 20 14:36:04 2000 From: thomas.heiligenmann at t-online.de (Thomas Heiligenmann) Date: Tue Dec 2 02:29:55 2003 Subject: net view References: Message-ID: <3926A2D4.49432DB8@heiligenmann.de> iddwb wrote: > > Is there an equivalent in samba to 'net view' where with no parameters it > lists all machine registered in the domain/workgroup? > > David Bear > College of Public Programs/ASU smbclient -L yourpdc -N -- Thomas From IJamison at iss-dsp.com Sat May 20 16:38:26 2000 From: IJamison at iss-dsp.com (Ian Jamison) Date: Tue Dec 2 02:29:55 2003 Subject: OT: Mail servers / Exchange (was TNG PDC & NT BDC) Message-ID: <3926BF82.AF52A707@iss-dsp.com> Hi, The thread was sort of straying from the original post. This is all totally unrelated to NTDOM and should probably be elsewhere (or nowhere). The corporate calendar one of the few remaining big problems in the whole NT/Unix integration bundle. Our setup here is Samba (2.0.7 and TNG) for PDC/Files, HP JetDirect for printing and standard sendmail with U.Washington's Pop3d/Imapd for mail. We also use eXceed for all those good X thingies. We'd been evaluating Nutscrape (oops Netscape :-) Calendar, but had to switch to Outlook when some of our users required hotsync to Psion handhelds (NS Calendar hotsyncs with Palms OK, but not Psions). I'd been avoiding having an NT Server box, but Exchange's requirement to run on NT Server, coupled with our requirement to use Outlook for group scheduling meant I had to cave. Ho hum. So far we've only tried it out on a couple of users - against a trial TNG domain, not in a real use environment, but it appeared to work OK. Anyone done a real evaluation of HP's Openmail? This might be an alternative to Exchange, but I've no real idea whether it's complete enough. 'Bye, IanJ. ------------------------------------------------------------ Integrated Silicon Systems Ltd. Tel: +44 28 90 50 4000 50 Malone Road Fax: +44 28 90 50 4002 Belfast BT9 5BS Web: www.iss-dsp.com From moser at egu.schule.ulm.de Sat May 20 16:42:20 2000 From: moser at egu.schule.ulm.de (Steffen Moser) Date: Tue Dec 2 02:29:55 2003 Subject: windows 2000 and samba as its PDC References: Message-ID: <3926C06C.976795F1@egu.schule.ulm.de> Hallo, Imre Oolberg wrote: > When i did it under administrator and gave my personal Samba username and > password it repied 'The procedure number is out of range' > > I used samba 2.0.7 and compiled it like ./configure; make install > > and used the same smb.conf which worked great for NT logins and PDCing. > > I suspect i need some weird username&passord ie account to set up > somewhere for joining the bloody 2000 into that domain. Please help me > out! "samba-2.0.x" cannot be used as a PDC for Win2k machines. AFAIK the only solution to your problem is to use "samba-TNG" instead of "samba-2.0.x". Bye, Steffen From gosha at arvid.ee Sat May 20 20:15:22 2000 From: gosha at arvid.ee (Dmitri B.Gofmekler) Date: Tue Dec 2 02:29:55 2003 Subject: PLEASE HELP! Message-ID: <4.3.1.0.20000520230826.00b839f0@mail> Hello, I really need help, two weeks can not get samba working. Have a RedHAT 6.1 System, with Samba-tng-2.5.3 installed. Samba does not works (ntlogin from samedit answers "No") and I can not understand what's wrong. Would someone examine my attached log files (log level = 100, smb.conf and typescript - samedit session script) and tell me what I did wrong. Please help. Thanks in advance, -------------- next part -------------- A non-text attachment was scrubbed... Name: logs.tar.gz Type: application/x-gzip Size: 28797 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000520/1a914753/logs.tar.bin -------------- next part -------------- ---- Dmitri B. Gofmekler , ICQ: 8168758 ---- "http://www.sill.ee/~gosha/gosha.asc" - for PGP Encrypted messages. ===================================== Phone: (+372) 6 563981 Fax: (+372) 6 563000 A-Arvid Computers Ltd. < http://www.arvid.ee > From vgill at technologist.com Sun May 21 00:35:19 2000 From: vgill at technologist.com (Vern H. Gill) Date: Tue Dec 2 02:29:55 2003 Subject: Mail servers / Exchange (was TNG PDC & NT BDC) In-Reply-To: <3926BF82.AF52A707@iss-dsp.com> Message-ID: This thread was far from off topic. It is completely related to the list in the matter of will NT work as BDC with TNG PDC. Please refrain from handing out your personal opinion on what is or is not relative/off-topic. If you have information relating to using NT as a BDC with a TNG PDC, then please share that info. That is all that the question was asking. The matter of Exchange or equivalents was a lead in to the situation requiring the asking of the NT-BDC/TNG-PDC question. You state that you caved in to using Exchange in a trial domain, but fail to stat whether this is a TNG PDC controlled domain with NT as a BDC. That kind of info would be useful. In the future, please attempt to sift through ALL of the data in the posting to find what the user is asking for before informing us of the relativity to the list. Thank you. Vern H. Gill The thread was sort of straying from the original post. This is all totally unrelated to NTDOM and should probably be elsewhere (or nowhere). I'd been avoiding having an NT Server box, but Exchange's requirement to run on NT Server, coupled with our requirement to use Outlook for group scheduling meant I had to cave. Ho hum. So far we've only tried it out on a couple of users - against a trial TNG domain, not in a real use environment, but it appeared to work OK. From mjwestkamper at weiinc.com Sun May 21 01:35:05 2000 From: mjwestkamper at weiinc.com (Mike) Date: Tue Dec 2 02:29:55 2003 Subject: Mail servers / Exchange (was TNG PDC & NT BDC) References: Message-ID: <39273D49.F8C537DD@weiinc.com> Hey Guys, I am not impressed. What say you take the personal bickering to personal e-mails. Mike "Vern H. Gill" wrote: > This thread was far from off topic. It is completely related to the list in > the matter of will NT work as BDC with TNG PDC. Please refrain from handing > out your personal opinion on what is or is not relative/off-topic. If you > have information relating to using NT as a BDC with a TNG PDC, then please > share that info. That is all that the question was asking. The matter of > Exchange or equivalents was a lead in to the situation requiring the asking > of the NT-BDC/TNG-PDC question. You state that you caved in to using > Exchange in a trial domain, but fail to stat whether this is a TNG PDC > controlled domain with NT as a BDC. That kind of info would be useful. In > the future, please attempt to sift through ALL of the data in the posting to > find what the user is asking for before informing us of the relativity to > the list. Thank you. > > Vern H. Gill > > The thread was sort of straying from the original post. This is all > totally unrelated to NTDOM and should probably be elsewhere (or > nowhere). > > I'd been avoiding having an NT Server box, but Exchange's requirement to > run on NT Server, coupled with our requirement to use Outlook for group > scheduling meant I had to cave. Ho hum. So far we've only tried it out > on a couple of users - against a trial TNG domain, not in a real use > environment, but it appeared to work OK. From rwierzbicki at stryker.ca Sun May 21 06:46:29 2000 From: rwierzbicki at stryker.ca (Wierzbicki, Ralf) Date: Tue Dec 2 02:29:55 2003 Subject: Mail servers / Exchange (was TNG PDC & NT BDC) Message-ID: <8142BE56BFF7D311BC4E00B0D0219AF57831@mail.stryker.ca.1.67.10.in-addr.arpa> FYI, exchange does not have to run on a domain controller. > -----Original Message----- > From: Ian Jamison [mailto:IJamison@iss-dsp.com] > Sent: Saturday, May 20, 2000 12:38 PM > To: Multiple recipients of list SAMBA-NTDOM > Subject: OT: Mail servers / Exchange (was TNG PDC & NT BDC) > > > Hi, > > The thread was sort of straying from the original post. This is all > totally unrelated to NTDOM and should probably be elsewhere (or > nowhere). > > The corporate calendar one of the few remaining big problems in the > whole NT/Unix integration bundle. Our setup here is Samba (2.0.7 and > TNG) for PDC/Files, HP JetDirect for printing and standard > sendmail with > U.Washington's Pop3d/Imapd for mail. We also use eXceed for all those > good X thingies. > > We'd been evaluating Nutscrape (oops Netscape :-) Calendar, but had to > switch to Outlook when some of our users required hotsync to Psion > handhelds (NS Calendar hotsyncs with Palms OK, but not Psions). > > I'd been avoiding having an NT Server box, but Exchange's > requirement to > run on NT Server, coupled with our requirement to use Outlook > for group > scheduling meant I had to cave. Ho hum. So far we've only tried it out > on a couple of users - against a trial TNG domain, not in a real use > environment, but it appeared to work OK. > > Anyone done a real evaluation of HP's Openmail? This might be an > alternative to Exchange, but I've no real idea whether it's complete > enough. > > 'Bye, > IanJ. > ------------------------------------------------------------ > Integrated Silicon Systems Ltd. Tel: +44 28 90 50 4000 > 50 Malone Road Fax: +44 28 90 50 4002 > Belfast BT9 5BS Web: www.iss-dsp.com > > From mendes at mgconecta.com.br Sun May 21 14:01:51 2000 From: mendes at mgconecta.com.br (mendes) Date: Tue Dec 2 02:29:55 2003 Subject: After a NT crash, no directories on the NT is available! Message-ID: <00052111101400.00954@armagedon> Hello I had Samba running for almost a year without a single problem. Recently one of my colleagues received a virus-email which literally mirrored the nt box with another nt box just across the room. I had in my hands two nt boxes with same directories, users and IP names. I managed to recover the old nt box but samba is not the same anymore. The recovered nt box can see the user home directories as before but both the linux and solaris boxes can't browse the NT anymore. I checked if the home directories had the sharity option on and they had. I thought t was a samba problem but Sharity 2.3 has also the problem. I noticed that when trying smbmount sometimes a permission denied message comes out. Would someone help me out? Thanks a lot. Eduardo From danb at eocwa.org Sun May 21 16:18:05 2000 From: danb at eocwa.org (danb@eocwa.org) Date: Tue Dec 2 02:29:55 2003 Subject: OT: Mail servers / Exchange (was TNG PDC & NT BDC) Message-ID: > I'd been avoiding having an NT Server box, but Exchange's > requirement to > run on NT Server, coupled with our requirement to use Outlook > for group > scheduling meant I had to cave. Ho hum. So far we've only tried it out > on a couple of users - against a trial TNG domain, not in a real use > environment, but it appeared to work OK. > > Anyone done a real evaluation of HP's Openmail? This might be an > alternative to Exchange, but I've no real idea whether it's complete > enough. Yes. And yes. Openmail 6.0 with EP1 and a patch from EP2 seems real stable with outlook2k here. Using it for 50 users here and it works great (even on our old, overloaded P133/32mb). Why does everyone think Exchange is so stable and great anyway? They're both buggy, but I think Exchange is buggier. In our situation, we only had a P133, and you'll have more problems from running NT+Exchange on a P133 then you will from openmail. From GLeblanc at cu-portland.edu Sun May 21 16:50:28 2000 From: GLeblanc at cu-portland.edu (Gregory Leblanc) Date: Tue Dec 2 02:29:55 2003 Subject: OT: Mail servers / Exchange (was TNG PDC & NT BDC) Message-ID: > -----Original Message----- > From: danb@eocwa.org [mailto:danb@eocwa.org] > Sent: Sunday, May 21, 2000 9:20 AM > To: Multiple recipients of list SAMBA-NTDOM > Subject: RE: OT: Mail servers / Exchange (was TNG PDC & NT BDC) > > > I'd been avoiding having an NT Server box, but Exchange's > > requirement to > > run on NT Server, coupled with our requirement to use Outlook > > for group > > scheduling meant I had to cave. Ho hum. So far we've only > tried it out > > on a couple of users - against a trial TNG domain, not in a real use > > environment, but it appeared to work OK. > > > > Anyone done a real evaluation of HP's Openmail? This might be an > > alternative to Exchange, but I've no real idea whether it's complete > > enough. > > Yes. And yes. Openmail 6.0 with EP1 and a patch from EP2 seems real > stable with outlook2k here. Using it for 50 users here and it works > great (even on our old, overloaded P133/32mb). Why does > everyone think > Exchange is so stable and great anyway? They're both buggy, but I > think Exchange is buggier. I don't have any trouble with Exchange crashing, although it does suck ram (we've got a dual P-II 350, with 512MB of ram). As an aside, no administrator should EVER run exchange, it's a real pain. Users love it, admins should hate it. Don't ask for details unless you want a 200 page document. As for the domain controler bit, exchange does not need to run on a domain conroller. OWA, on the other hand, doesn't work properly unless it's on a PDC or BDC, because it expects the user to have an account on the local machine, which is only the case with DC boxes. On a stand-alone, as part of domain, the login name must be prefixed with the name of the user, e.g. "DOMAIN\joeuser". About 50% of our questions on OWA are caused by this little idiotic thing... Greg From lajbi at lajli.gau.hu Sun May 21 23:23:26 2000 From: lajbi at lajli.gau.hu (Lajber Zoltan) Date: Tue Dec 2 02:29:55 2003 Subject: printing in pre-3.0.0 ? In-Reply-To: <3926C06C.976795F1@egu.schule.ulm.de> Message-ID: Hi, Can I use printers on pre-3.0.0 smbd from NT4SP5? Bye, --=Lajbi=-------------------------------------------------------------------- LAJBER Zoltan lajbi@jht.gau.hu http://jht.gau.hu/~lajbi GAU Dept. of Vehicles and Thermal Tech. http://jht.gau.hu It is always easier to generate a complex solution than a simple, correct one. From p.grimmerink at home.nl Mon May 22 08:04:16 2000 From: p.grimmerink at home.nl (Pieter Grimmerink) Date: Tue Dec 2 02:29:55 2003 Subject: PLEASE HELP! In-Reply-To: <4.3.1.0.20000520230826.00b839f0@mail> Message-ID: > -----Original Message----- > From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of > Dmitri B.Gofmekler > Sent: zaterdag 20 mei 2000 23:19 > To: Multiple recipients of list SAMBA-NTDOM > Subject: PLEASE HELP! > I really need help, two weeks can not get samba working. Have a > RedHAT 6.1 > System, with Samba-tng-2.5.3 installed. Samba does not works > (ntlogin from > samedit answers "No") and I can not understand what's wrong. Did you start all the deamons? not only smbd and nmbd. Pieter From damen at scintilla.utwente.nl Mon May 22 13:24:30 2000 From: damen at scintilla.utwente.nl (Martijn Damen) Date: Tue Dec 2 02:29:55 2003 Subject: PLEASE HELP! References: Message-ID: <000f01bfc3f1$10079410$0300000a@kim> > > I really need help, two weeks can not get samba working. Have a > > RedHAT 6.1 > > System, with Samba-tng-2.5.3 installed. Samba does not works > > (ntlogin from > > samedit answers "No") and I can not understand what's wrong. > > Did you start all the deamons? not only smbd and nmbd. Ik have the same problem. I have a test-network to try to get samba tng working, but somehow the domain logon would not work. I made the users with the samedit program (is there somewhere more documentation about that?? I can't find it anywhere), but when I try to logon from the windows 2000 box I keep getting the message "Error: unknown username or invalid password". Also the login from samedit with ntlogin doesn't work. Please, who can help me a little bit further.. tnx, Martijn From bgmilne at ing.sun.ac.za Mon May 22 14:36:15 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:29:55 2003 Subject: Managing users for NT login to samba PDC Message-ID: <392945DF.31116A36@ing.sun.ac.za> Hi All, Firstly, if there is a document describing user management and permissions, could you direct me to it. Otherwise .... I have recently set up a samba server as PDC to our mainly NT network. It is logging users on ok, but I am having problem setting user rights/permissions. I have tried the following in the smb.conf file: domain admin group = domadm domain admin users = bgmilne with me (login bgmilne) a member of the unix group domadm. I also tried some options from "Using Samba" (version that ships with 2.0.7) domain group map = /etc/domgroup.map local group map = /etc/localuser.map with /etc/localuser.map containg things like wheel = BUILTIN\Administrators None of this worked. Did I use it wrong, or does it not work yet ... Do the following entries work, and if so how ? domain admin group domain admin users domain groups domain guest group domain guest users From abrock at georgefox.edu Mon May 22 14:30:02 2000 From: abrock at georgefox.edu (Anthony Brock) Date: Tue Dec 2 02:29:55 2003 Subject: Unable to join Domain from NT Server ... Message-ID: <4.2.2.20000522091357.00a51660@localhost> I updated against today's cvs this morning at 5-22-2000, 7:30, and compiled on my Sun Solaris 2.7 (64-bit) machine using gcc 2.95.2. It compile smoothly. I then uploaded the binaries to our Sun Solaris 2.7 (32-bit) machine which acts as our PDC, and started the software. I removed an NT Server we had in the Domain, and removed it's entry from smbpasswd. I then recreated the machine account, and attempted to join the domain. I am not seeing any messages in the PDC logs, but when attempting to join, I receive the following message from the NT Server: The domain controller for this domain cannot be located. However, when attempting to login to another server (already a member), everything works properly. 1) I also noticed we still have the problem where it displays the 'root' home directory for people who attempt to access shares on the PDC instead of their own home directory. 2) When using rpcclient to test, I can successfully login as a regular user (using: ntlogin ) but cannot login as DOMAIN\administrator despite a proper group and user map file. I CAN login as DOMAIN\root. 3) Changing passwords DOES appear to work from rpcclient (YES!). Any idea when or if joining the domain will be fixed? Thanks for the great work! This is a tremendous improvement over the code from a couple weeks ago. Tony ****************************************************************************** * Anthony Brock abrock@georgefox.edu * * Director of Network Services George Fox University * ****************************************************************************** From pjdc at eircom.net Mon May 22 18:17:44 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:55 2003 Subject: Managing users for NT login to samba PDC In-Reply-To: Buchan Milne's message of "Tue, 23 May 2000 00:37:25 +1000" References: <392945DF.31116A36@ing.sun.ac.za> Message-ID: >>>>> "Buchan" == Buchan Milne writes: -snip- Buchan> I have tried the following in the smb.conf file: Buchan> domain admin group = domadm Buchan> domain admin users = bgmilne -snip- Buchan> None of this worked. Did I use it wrong, or does it not work yet ... -snip- Typically, if you want a user to be a domain administrator: * create a Unix group to be the "Domain Admins" group, e.g. domadmin * Add the option "domain group map = " * add this line in the file pointed to be the above (must be world readable, afaik): domadmin = "Domain Admins" * add the domain user's account on the Unix box to the domadmin Unix group Buchan> Do the following entries work, and if so how ? Buchan> domain admin group Buchan> domain admin users Buchan> domain groups Buchan> domain guest group Buchan> domain guest users Are you using Samba-TNG? All of the above are deprecated in Samba-TNG. The maps in combination with groups on the Unix side cover all the functionality that the above were intended to provide. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From pjdc at eircom.net Mon May 22 18:20:59 2000 From: pjdc at eircom.net (Paul J Collins) Date: Tue Dec 2 02:29:55 2003 Subject: Unable to join Domain from NT Server ... In-Reply-To: Anthony Brock's message of "Tue, 23 May 2000 02:33:15 +1000" References: <4.2.2.20000522091357.00a51660@localhost> Message-ID: >>>>> "Anthony" == Anthony Brock writes: -snip- Anthony> The domain controller for this domain cannot be located. I built from CVS recently (in the last day or so) and got a similar problem with an existing machine account upon login, and an error about being unable to update the local security upon trying to join with a fresh machine account. Paul. -- Paul Collins - - - - - [ A&P,a&f ] GPG: 0A49 49A9 2932 0EE5 89B2 9EE0 3B65 7154 8131 1BCD PGP: 88BA 2393 8E3C CECF E43A 44B4 0766 DD71 04E5 962C "Linux: it's just this operating system, you know?" From hwimmer at bakerref.com Mon May 22 22:51:17 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:55 2003 Subject: speed Message-ID: <000801bfc440$3e06d750$9f01a8c0@523.bakerref.com> samba tng seems to be slow (file serving) as compared to the actual released version...is this true or do i have something mis configured??? From michael.both at mail.vahle.de Tue May 23 08:25:08 2000 From: michael.both at mail.vahle.de (Michael Both) Date: Tue Dec 2 02:29:55 2003 Subject: Managing users for NT login to samba PDC Message-ID: <200005230626.IAA09380@mail.vahle.de> >Typically, if you want a user to be a domain administrator: > >* create a Unix group to be the "Domain Admins" group, e.g. domadmin > >* Add the option "domain group map = " > >* add this line in the file pointed to be the above (must be world > readable, afaik): > > domadmin = "Domain Admins" > >* add the domain user's account on the Unix box to the domadmin Unix > group This do not work as this option ist not supported with Samba 2.0.7. The man page for smb.conf say, you have to use the option "domain admin group" and "domain admin user", but it does not say how to use this options. Has anyone samba 2.0.7 as PDC running with fully functional domain admin group or user? Or does anyone know how to use the options "domain admin group" or "domain admin group"? Michael Both Tel.: 02307/704-361 Fax: 02307/74704 --------------------------------------------------------------------- Paul Vahle GmbH & Co. KG URL : http://www.vahle.de Westicker Strasse 52 D-59174 Kamen E-Mail : postmaster@vahle.de From mgeddes at mail.xavier.sa.edu.au Tue May 23 05:36:33 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:55 2003 Subject: Managing users for NT login to samba PDC In-Reply-To: <200005230626.IAA09380@mail.vahle.de> References: <200005230626.IAA09380@mail.vahle.de> Message-ID: <200005230536.PAA24271@mail.xavier.sa.edu.au> Quoting Michael Both : > Has anyone samba 2.0.7 as PDC running with fully functional domain > admin group or user? Or does anyone know how to use the options \"domain > admin group\" or \"domain admin group\"? Yes. \'domain admin user = mrman\' will GIVE MRMAN ROOT ACCESS to the filesystem. \'domain admin group = group\' will give every member of group ROOT ACCESS. Have you tried Samba TNG? Hope it helps, Matt Matthew Geddes Network Manager Xavier College Gawler, SA ======================================= Xavier College Gawler, South Australia visit http://www.xavier.sa.edu.au/ --------------------------------------- Xavier College Staff E-mail is Powered by IMP http://www.horde.org/ From m.brodbelt at acu.ac.uk Tue May 23 10:44:31 2000 From: m.brodbelt at acu.ac.uk (Mike Brodbelt) Date: Tue Dec 2 02:29:55 2003 Subject: samba/TNG as PDC with WinNT4 as BDC References: <3924F9DB.702868C1@polimi.it> <392504D4.F9F6748@iss-dsp.com> <392505C4.3B91B4DA@polimi.it> <392598A5.C00FDE96@grainsystems.com> <3925BA8B.29782B78@grainsystems.com> Message-ID: <392A610F.A8A57953@acu.ac.uk> Paul J Collins wrote: > > >>>>> "Kevin" == Kevin Colby writes: > > Kevin> This is all correct, but I haven't heard of any Unix > Kevin> variant that doesn't include an MDA by default, and IMAP > Kevin> servers are easy to come by. Maybe I got this all wrong, > Kevin> but it sounded like you were saying this was a drawback to > Kevin> using qmail, which simply isn't true. > > No, all I was saying is that Exchange and qmail are not equivalent, > and to say that you use qmail in preference to Exchange imples that > they are. Personally, I'd use a combination of MTA and IMAP to achieve Exchange "equivalence" in loose terms. However, for those who really *need* Exchange features and Outlook integration HP OpenMail is apparently a drop-in Exchange replacement. There is a Linux version which is free for evaluation purposes, and you can upgrade the eval version to a full license free of charge if you're serving up to 50 users. Above that, you have to pay, but I'd think it's be worth it to avoid the pain of having to deal with Exchange. HTH, Mike. From yoshers at hotmail.com Tue May 23 16:55:06 2000 From: yoshers at hotmail.com (Kevin Chan) Date: Tue Dec 2 02:29:55 2003 Subject: stupid nt question Message-ID: <20000523165506.70702.qmail@hotmail.com> This may have absolutely nothing to do with Samba, but I suspect that it does. Basically, I am trying to fix the name that you get when you log into NT 4.0. When I hit Ctrl-Alt-Del, I get a screen that says "Nobody is logged in as (domain)/(username)". I know this happened after our previous samba admin moved our nt server to a samba server, so that's why I think it has something to do with samba. I was wondering if anyone has any thoughts about this. Thanks, KevinChan Systems Administrator Administrative Computing ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From hwimmer at bakerref.com Tue May 23 18:15:59 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:29:55 2003 Subject: Managing users for NT login to samba PDC Message-ID: <003901bfc4e2$f29e8030$9f01a8c0@523.bakerref.com> i have the latest (as of 2 weeks ago) version of tng, however, i still cant use user manager, server manager (i get a rpc error). also, i created the group map file and made the entries described and i still cant manage that server...any clues ??? -----Original Message----- From: Michael Both To: Multiple recipients of list SAMBA-NTDOM Date: Tuesday, May 23, 2000 2:31 AM Subject: Re: Managing users for NT login to samba PDC >>Typically, if you want a user to be a domain administrator: >> >>* create a Unix group to be the "Domain Admins" group, e.g. domadmin >> >>* Add the option "domain group map = " >> >>* add this line in the file pointed to be the above (must be world >> readable, afaik): >> >> domadmin = "Domain Admins" >> >>* add the domain user's account on the Unix box to the domadmin Unix >> group > >This do not work as this option ist not supported with Samba 2.0.7. The >man page for smb.conf say, you have to use the option "domain admin >group" and "domain admin user", but it does not say how to use this >options. > >Has anyone samba 2.0.7 as PDC running with fully functional domain >admin group or user? Or does anyone know how to use the options "domain >admin group" or "domain admin group"? > > >Michael Both > >Tel.: 02307/704-361 Fax: 02307/74704 >--------------------------------------------------------------------- >Paul Vahle GmbH & Co. KG URL : http://www.vahle.de >Westicker Strasse 52 D-59174 Kamen E-Mail : postmaster@vahle.de > > From ctooley at joslyn.org Tue May 23 22:46:41 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:55 2003 Subject: Samedit usefullness References: Message-ID: <392B0A51.428C7F3B@joslyn.org> Is there any documentation for samedit? I keep coming up with: [root@jams bin]# ./samedit -S \MYSAMBAPDC added interface ip=192.168.0.99 bcast=192.168.0.255 nmask=255.255.255.0 Enter Password: Server: \\MYSAMBAPDC: User: CTOOLEY Domain: Connection: write_socket_data: write failure. Error = Bad file descriptor write_socket: Error writing 43 bytes to socket -1: ERRNO = Bad file descriptor Error writing 43 bytes to client. -1 Segmentation fault whenever I try to connect. This may be a bad tarball of samba-tng too, but I would nevertheless like to see some documentation for samedit at least started. I'd be more than happy to start working on it, if I only knew how to use samedit. Lars' very nice and extremely helpful FAQ is simply not up to date as far as samedit goes and the documentation in the README in the source still says to do a "smbpasswd -c -m your_samba_server_name$" to add the server to the domain. Can anyone help me, either with the docs or with my specific problem? Chris Tooley From lkcl at samba.org Tue May 23 20:55:13 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:55 2003 Subject: Samedit usefullness In-Reply-To: <392B0A51.428C7F3B@joslyn.org> Message-ID: ./samedit -S mysambapdc or ./samedit \\\\mysambapdc use -U%. use -l logfilename. there are man pages. On Wed, 24 May 2000, Chris Tooley wrote: > Is there any documentation for samedit? I keep coming up with: > > [root@jams bin]# ./samedit -S \MYSAMBAPDC > added interface ip=192.168.0.99 bcast=192.168.0.255 nmask=255.255.255.0 > Enter Password: > Server: \\MYSAMBAPDC: User: CTOOLEY Domain: > Connection: write_socket_data: write failure. Error = Bad file descriptor > > write_socket: Error writing 43 bytes to socket -1: ERRNO = Bad file > descriptor > Error writing 43 bytes to client. -1 > Segmentation fault > > whenever I try to connect. This may be a bad tarball of samba-tng too, but I > would nevertheless like to see some documentation for samedit at least > started. I'd be more than happy to start working on it, if I only knew how > to use samedit. Lars' very nice and extremely helpful FAQ is simply not up > to date as far as samedit goes and the documentation in the README in the > source still says to do a "smbpasswd -c -m your_samba_server_name$" to add > the server to the domain. > > Can anyone help me, either with the docs or with my specific problem? > > Chris Tooley > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site Macmillan Technical Publishing ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From mg at plum.de Tue May 23 23:19:52 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:55 2003 Subject: problem loggin into TNG 2.5 Message-ID: <1349885804.959127592@[10.1.1.2]> Hi, I got some serious problem here: TNG 2.5, fresh install. user and machine accounts ok, smbclient works fine. But when i try to access from NT (join into TNG domain works perfectly) I get: cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'sysop': authentication failed cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'sysop': authentication failed cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'sysop': authentication failed cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'sysop': authentication failed strange thing is, user sysop works fine with smbclient form other machine ... : authorise_login: TODO. split function, it's 6 levels! authorise_login: TODO. split function, it's 6 levels! vesuv (10.1.4.43) connect to service netlogon as user sysop (uid=521, gid=100) (pid 8830) vesuv (10.1.4.43) closed connection to service netlogon any Ideas ? I'm pretty desperate here .. ;( (sorry for the lousy report. its late .. ;) TIA, Michael From mgeddes at mail.xavier.sa.edu.au Tue May 23 21:55:13 2000 From: mgeddes at mail.xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:29:55 2003 Subject: Samedit usefullness In-Reply-To: References: Message-ID: <200005232155.HAA06668@mail.xavier.sa.edu.au> Quoting Luke Kenneth Casson Leighton : > there are man pages. > > would nevertheless like to see some documentation for samedit at least > > started. I\'d be more than happy to start working on it, if I only knew > how > > to use samedit. check in the yodldocs directory. There should be man pages for all of the new daemons, samedit, rpcclient and regedit. If people don\'t have yodl or can\'t handle downloading, compiling and installing yodl, I would happily post them on one of our web servers. If you find any problems or inaccuracies in the man pages, please, please let me know. I realise that they are probably a little out of date, but I haven\'t had time to test TNG as much is I need (yes need, I am having withdrawals). Thanks, Matthew Geddes Network Manager Xavier College Gawler, SA ======================================= Xavier College Gawler, South Australia visit http://www.xavier.sa.edu.au/ --------------------------------------- Xavier College Staff E-mail is Powered by IMP http://www.horde.org/ From ctooley at joslyn.org Wed May 24 14:41:01 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:55 2003 Subject: Samedit usefullness References: <200005232155.HAA06668@mail.xavier.sa.edu.au> Message-ID: <392BE9FD.6A19FA00@joslyn.org> I didn't mean to make it sound like there was anything wrong with the way it was documented other than I couldn't find anything. Never used yodl (always wondered why documents weren't put out in plain text instead of man considering it's vi anyway), so I'll give that a shot before I complain too much more. On the other hand, does anyone have Codepage.000 (does one exist) as TNG seems to be missing this codepage and samedit is barking about that as well. Chris Tooley Matthew Geddes wrote: > Quoting Luke Kenneth Casson Leighton : > > > there are man pages. > > > > would nevertheless like to see some documentation > for samedit at least > > > started. I\'d be more than happy to start working on > it, if I only knew > > how > > > to use samedit. > > check in the yodldocs directory. There should be man > pages for all of the new daemons, samedit, rpcclient and > regedit. If people don\'t have yodl or can\'t handle > downloading, compiling and installing yodl, I would > happily post them on one of our web servers. > > If you find any problems or inaccuracies in the man > pages, please, please let me know. I realise that they > are probably a little out of date, but I haven\'t had > time to test TNG as much is I need (yes need, I am > having withdrawals). > > Thanks, > > Matthew Geddes > Network Manager > Xavier College > Gawler, SA > ======================================= > > Xavier College Gawler, South Australia > visit http://www.xavier.sa.edu.au/ > --------------------------------------- > Xavier College Staff E-mail is > Powered by IMP http://www.horde.org/ From tom at ee.ucl.ac.uk Wed May 24 15:04:32 2000 From: tom at ee.ucl.ac.uk (Tom Crummey) Date: Tue Dec 2 02:29:55 2003 Subject: samba-TNG cvs 24/5/00 16:00 BST shares broken again Message-ID: <200005241504.QAA10569@picard.ee.ucl.ac.uk> Hello, samba-TNG cvs update 24/5/00 1600BST Solaris 2.7 SParc 64 gcc 2.8.1 This version compiles fine, but does not allow access to shares. cvs update from yesterday did allow access to shares, but there were other profile problems. The logs show: ncalrpc_l_send_prs: data: 94d28 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 23 00 00 00 ........ 0...#... [010] 18 00 00 00 64 00 04 00 06 00 00 00 00 00 00 00 ....d... ........ [020] 06 00 00 00 53 00 4F 00 4E 00 49 00 43 00 00 00 ....S.O. N.I.C... write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: start: 48 off: 56 create_rpc_request: opnum: 0x4 data_len: 0x30 create_rpc_request: data_len: 30 auth_len: 0 alloc_hint: 18 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 00 0004 pack_type : 10 00 00 00 prs_set_packtype: bigendian: No 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000024 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000018 0014 context_id: 0064 0016 opnum : 0004 rpc_api_pipe_req: end: 72 ncalrpc_l_send_prs: data: e01a8 len 48 [000] 05 00 00 00 10 00 00 00 30 00 00 00 24 00 00 00 ........ 0...$... [010] 18 00 00 00 64 00 04 00 EC 07 66 14 44 14 2E C0 ....d... ..f.D... [020] 00 00 00 49 00 00 00 00 01 01 00 00 00 00 00 05 ...I.... ........ write_socket(14,48) write_socket(14,48) wrote 48 rpc_api_pipe_req: data_end: 72 and offset 56 wrong rpc_con_pipe_req FAILED cli_nt_setup_creds: request challenge failed domain_client_validate: credentials failed (\\.) SMB LM/NT Password did not match! Rejecting user 'tom': authentication failed 32 bit error packet at line 493 cmd=115 (SMBsesssetupX) eclass=c000006d [Error: Unknown error (109,49152)] error string = No such file or directory size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=16384 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=1985 smt_wct=0 smb_bcc=0 Tom. ---------------------------------------------------------------------------- Tom Crummey, Systems and Network Manager, EMAIL: tom@ee.ucl.ac.uk Department of Electronic and Electrical Engineering, University College London, TEL: +44 (0)20 7679 3898 Torrington Place, FAX: +44 (0)20 7388 9325 London, UK, WC1E 7JE. ---------------------------------------------------------------------------- From lkcl at samba.org Wed May 24 15:45:50 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:55 2003 Subject: Samedit usefullness In-Reply-To: <392BE9FD.6A19FA00@joslyn.org> Message-ID: On Wed, 24 May 2000, Chris Tooley wrote: > I didn't mean to make it sound like there was anything wrong with the > way it was documented other than I couldn't find anything. Never used > yodl (always wondered why documents weren't put out in plain text > instead of man considering it's vi anyway), so I'll give that a shot > before I complain too much more. > > On the other hand, does anyone have Codepage.000 (does one exist) as TNG > seems to be missing this codepage and samedit is barking about that as > well. codepage000 doesn't exist, not reading smb.conf. From tas at webspan.net Wed May 24 21:03:39 2000 From: tas at webspan.net (Todd Sabin) Date: Tue Dec 2 02:29:55 2003 Subject: regcreateval "(default)"? (was Re: ILOVEYOU version 2.0 ..) In-Reply-To: Peter Samuelson's message of "Sat, 20 May 2000 01:42:09 +1000" References: <14629.16013.834646.984424@wire.cadcamlab.org> <14629.24177.348502.772864@wire.cadcamlab.org> Message-ID: Peter Samuelson writes: > Yeah. Haven't seen it so far. But I *have* discovered something this > morning, or rather I have failed to discover something. > > How to create the default value for a registry key. Remotely. > > - NT REGEDT32.EXE won't go near a remote hkey_classes_root. > - NT REGEDIT.EXE pleads lack of permission to add values. > - TNG rpcclient ... well, it can add keys and values just fine, but I > can't get it to add the *default* value for a key. > > The issue is that I went through and deleted everyone's reg key: > > hkey_classes_root\.VBS > > which I now can't recreate for the machines I want to, because it's > supposed to have a default value of "VBScript". > > In REGEDIT.EXE this shows up as the value named "(default)". If you > export to a .REG file it is represented by "@". > > Luke? Anyone? Is there a way to do this in rpcclient? It's not > urgent or anything, just annoying. > Well, these values which show as "(Default)" in regedit (and "" in regedt32) actually have "" as their value-name. Yes, that's the Null string. Why MS lets you create values with no name is beyond me. Anyway, samba-tng's rpcclient (at least) can create these with a small patch. Here it is against samba-tng-alpha.2.5.3: --- cmd_reg.c~ Fri Apr 7 04:19:16 2000 +++ cmd_reg.c Wed May 24 16:25:03 2000 @@ -549,7 +549,7 @@ argc--; argv++; - if (keyname[0] == 0 || val_name[0] == 0) + if (keyname[0] == 0) { report(out_hnd, "invalid key name\n"); return; @@ -605,7 +605,7 @@ res = res ? reg_connect(srv_name, keyname, parent_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; - if ((*val_name) != 0) + if ((*parent_name) != 0) { /* open an entry */ res3 = res ? reg_open_entry(&pol_con, parent_name, This removes the check that the value name not be empty, and fixes a bug where it was checking the wrong variable before calling reg_open_entry. With this patch you can do, e.g., regcreateval HKCR\Software\Foo\ 1 bar Which creates a value with no name under key Foo. Note the trailing backslash. That might be confusing to some, but I don't have a better idea for how to handle it. Trying to express registry key/values as unixish paths has several gotchas, this being one of them. Todd From jojowil at hvcc.edu Wed May 24 22:08:06 2000 From: jojowil at hvcc.edu (William Jojo) Date: Tue Dec 2 02:29:55 2003 Subject: Samba list Message-ID: I've been trying to send mail to the samba@samba.org list and it doesn't seem to be up. I know this doesn't belong here, but I wasn't sure whom to notify. Thanks, Bill From peter at cadcamlab.org Wed May 24 23:29:41 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:55 2003 Subject: regcreateval "(default)"? (was Re: ILOVEYOU version 2.0 ..) References: <14629.16013.834646.984424@wire.cadcamlab.org> <14629.24177.348502.772864@wire.cadcamlab.org> Message-ID: <14636.25687.224197.27067@wire.cadcamlab.org> [Todd Sabin ] > Well, these values which show as "(Default)" in regedit (and " Name>" in regedt32) actually have "" as their value-name. Yes, > that's the Null string. I suspected as much. > Why MS lets you create values with no name is beyond me. Anyway, > samba-tng's rpcclient (at least) can create these with a small patch. > Here it is against samba-tng-alpha.2.5.3: Woohoo! I haven't tried it yet, but (assuming it works) many thanks! Full remote access to NT registries! Well, except for ACLs, but I don't really need those. > regcreateval HKCR\Software\Foo\ 1 bar > > Which creates a value with no name under key Foo. Note the trailing > backslash. That might be confusing to some, but I don't have a > better idea for how to handle it. No, that's absolutely intuitive. That's what I was trying to do before (and rpcclient of course wouldn't let me). Definitely you need the trailing slash, because it is possible to have a key and value of the same name under the same key. *That* is the confusing part, in my opinion, and as usual, it's All Microsoft's Fault. (: Peter From lkcl at samba.org Wed May 24 23:34:46 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:55 2003 Subject: regcreateval "(default)"? (was Re: ILOVEYOU version 2.0 ..) In-Reply-To: <14636.25687.224197.27067@wire.cadcamlab.org> Message-ID: hey, peter, you wanna add some parsing of [DWORD] instead of 1, etc? needs a str_to_enum_field() in lib/util_str.c which does the reverse, surprisingly, of enum_field_to_str(). str_to_enum_field should accept numbers as well as the string. On Thu, 25 May 2000, Peter Samuelson wrote: > > [Todd Sabin ] > > Well, these values which show as "(Default)" in regedit (and " > Name>" in regedt32) actually have "" as their value-name. Yes, > > that's the Null string. > > I suspected as much. > > > Why MS lets you create values with no name is beyond me. Anyway, > > samba-tng's rpcclient (at least) can create these with a small patch. > > Here it is against samba-tng-alpha.2.5.3: > > Woohoo! I haven't tried it yet, but (assuming it works) many thanks! > Full remote access to NT registries! Well, except for ACLs, but I > don't really need those. > > > regcreateval HKCR\Software\Foo\ 1 bar > > > > Which creates a value with no name under key Foo. Note the trailing > > backslash. That might be confusing to some, but I don't have a > > better idea for how to handle it. > > No, that's absolutely intuitive. That's what I was trying to do before > (and rpcclient of course wouldn't let me). > > Definitely you need the trailing slash, because it is possible to have > a key and value of the same name under the same key. *That* is the > confusing part, in my opinion, and as usual, it's All Microsoft's > Fault. (: > > Peter > Luke Kenneth Casson Leighton Samba and Network Development Samba Web site ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals From peter at cadcamlab.org Thu May 25 00:49:05 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:55 2003 Subject: Samba source style guide (was Re: regcreateval "(default)"?) References: <14636.25687.224197.27067@wire.cadcamlab.org> Message-ID: <14636.30119.80480.766647@wire.cadcamlab.org> Luke, hacking in your tree (which I hope to start doing more of as I learn my way around and find things I can actually understand well enough to hack on), do you have any sort of style guide? The GNU Project has one, the Linux kernel has one.... Do you have prefs? Does the Samba Team as a whole have prefs? I have seen conflicting styles in the source tree, and even within a source file. `while' or `for'? Do or don't use braces when there's only a single statement in an if/for/while? Spaces before and after `=' or not? Stuff like that. For indent conventions, if you could point me at one self-consistent source file demonstrating the "Correct Way", that'd be nice. Peter From jester at optonline.net Thu May 25 01:25:18 2000 From: jester at optonline.net (Christopher Johnston) Date: Tue Dec 2 02:29:55 2003 Subject: Samba list References: Message-ID: <004101bfc5e8$16649bc0$0b00000a@evolution> I have also noticed that the search engine on the Samba homepage doesnt seem to work for me either.. I can't pull up any archived mail from the mailing lists.. any ideas whats going on? Christopher Johnston System Analyst Salomon Smith Barney New York, NY ----- Original Message ----- From: "William Jojo" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Wednesday, May 24, 2000 6:09 PM Subject: Samba list > > I've been trying to send mail to the samba@samba.org list and it doesn't > seem to be up. I know this doesn't belong here, but I wasn't sure whom to > notify. > > Thanks, > > Bill > > > From lkcl at samba.org Thu May 25 01:30:40 2000 From: lkcl at samba.org (Luke Kenneth Casson Leighton) Date: Tue Dec 2 02:29:55 2003 Subject: Samba source style guide (was Re: regcreateval "(default)"?) In-Reply-To: <14636.30119.80480.766647@wire.cadcamlab.org> Message-ID: On Wed, 24 May 2000, Peter Samuelson wrote: > > Luke, hacking in your tree (which I hope to start doing more of as I > learn my way around and find things I can actually understand well > enough to hack on), do you have any sort of style guide? The GNU > Project has one, the Linux kernel has one.... Do you have prefs? YES! see source/.indent.pro, it's not perfect, but a pretty close fit. 1) always use a tab to indent, not spaces. 2) always use { and } even on single statements. 3) { and } always align like this, on everything (including switch and even case). if (...) { statement(s); } 4) limit of 80 chars per line. 5) if the number of indentations (when viewed with tab-as-eight-spaces) forces you to start wrapping functions messily at the right hand side of the screen, split the damn function! that's pretty much it. From Michael.Weisbach at de.ibm.com Thu May 25 10:27:37 2000 From: Michael.Weisbach at de.ibm.com (Michael.Weisbach@de.ibm.com) Date: Tue Dec 2 02:29:55 2003 Subject: OT: browsing between subnets Message-ID: Hi. Maybe a easy OT question. What's the recommented values to get following szenario working: subnet1: 192.168.1.0/24 with NT Server (not PDC) and clients subnet2: 192.168.2.0/24 various clients currently not showing NT in browse-list between a nmbd-only samba on UNIX line "interfaces = 192.168.1.254/24 192.168.2.254/24" Greetz, Michael -- csg Computer Service GmbH... an IBM Global Services Company, UB SwP/L14 michael.weisbach@de.ibm.com / +49-172-8069068 From simo.sorce at polimi.it Thu May 25 11:11:11 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:55 2003 Subject: OT: browsing between subnets References: Message-ID: <392D0A4F.58AA2EB3@polimi.it> Michael.Weisbach@de.ibm.com wrote: > > Hi. > > Maybe a easy OT question. What's the recommented values to get following > szenario > working: > > subnet1: 192.168.1.0/24 > with NT Server (not PDC) and clients > > subnet2: 192.168.2.0/24 > various clients currently not showing NT in browse-list > > between a nmbd-only samba on UNIX > line "interfaces = 192.168.1.254/24 192.168.2.254/24" > > Greetz, > > Michael The best way to manage multiple subnet with smb is using a wins server. Setup your unix samba server to act as a wins server, but be carefull not to have more than one wins server. Clearly you have to reconfigure your clints to use the wins server. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From ed at schernau.com Thu May 25 14:42:04 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets References: <392D0A4F.58AA2EB3@polimi.it> Message-ID: <392D3BBC.B0C165D7@schernau.com> Simo Sorce wrote: > > Michael.Weisbach@de.ibm.com wrote: > > > > Hi. > > > > Maybe a easy OT question. What's the recommented values to get following > > szenario > > working: > > > > subnet1: 192.168.1.0/24 > > with NT Server (not PDC) and clients > > > > subnet2: 192.168.2.0/24 > > various clients currently not showing NT in browse-list > > > > between a nmbd-only samba on UNIX > > line "interfaces = 192.168.1.254/24 192.168.2.254/24" > > > > Greetz, > > > > Michael > > The best way to manage multiple subnet with smb is using a wins server. > Setup your unix samba server to act as a wins server, but be carefull > not to have more than one wins server. > > Clearly you have to reconfigure your clints to use the wins server. Except that this still won't show multiple domains in Network Neighborhood. -- Edward Schernau, mailto:ed@schernau.com Network Architect http://www.schernau.com RC5-64#: 243249 e-gold acct #:131897 From isyn at isi.wat.waw.pl Thu May 25 17:09:15 2000 From: isyn at isi.wat.waw.pl (isyn@isi.wat.waw.pl) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: <392D3BBC.B0C165D7@schernau.com> Message-ID: > Except that this still won't show multiple domains in Network > Neighborhood. You have the same problem as I have...but there are 3 subnets in my LAN. I have only some Win98 machines but they can se only computers of the same workgroup. Maybe this a problem of windows smb clients not smbd server? -- ROBERT MAGIER From ed at schernau.com Thu May 25 19:08:59 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets References: Message-ID: <392D7A4B.84E6AEC2@schernau.com> isyn@isi.wat.waw.pl wrote: > > > Except that this still won't show multiple domains in Network > > Neighborhood. > > You have the same problem as I have...but there are 3 subnets in my LAN. > I have only some Win98 machines but they can se only computers of the > same workgroup. Maybe this a problem of windows smb clients not smbd > server? Not sure, all I know is that I have 2 domains, with a samba/wins server on 1 subnet and the 2nd domain on another subnet. All machines in question use WINS, but the browse list only contains the domain/workgroup that the samba server is local on. -- Edward Schernau, mailto:ed@schernau.com Network Architect http://www.schernau.com RC5-64#: 243249 e-gold acct #:131897 From isyn at isi.wat.waw.pl Thu May 25 19:32:29 2000 From: isyn at isi.wat.waw.pl (isyn@isi.wat.waw.pl) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: <392D7A4B.84E6AEC2@schernau.com> Message-ID: > Not sure, all I know is that I have 2 domains, with a samba/wins > server on 1 subnet and the 2nd domain on another subnet. All > machines in question use WINS, but the browse list only contains > the domain/workgroup that the samba server is local on. Exacly... I have the same For example if i have three workgroups... *dino *cyber *mamut If the smbd with wins support set on belong to workrgoup dino, that dino is seen by computers from workgroup cyber and mamut but dino doesn't see cyber and mamut. Of course mamut and cyber see their selves -- ROBERT MAGIER From jwhamps at ilstu.edu Thu May 25 20:51:48 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:56 2003 Subject: NT logon change password? Message-ID: Currenly I am operating RedHat 6.2 and running Samba 2.07. As a PDC it works fine, however, is it possible to make them change their passwords and can they do it using their Win9x, WinNT workstation as NT does. Or must I do it from the Linux side? -------------- next part -------------- HTML attachment scrubbed and removed From jwhamps at ilstu.edu Thu May 25 20:56:04 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:56 2003 Subject: TNG over 2.0.7 Redcat Message-ID: Currently I am running 2.07 on a Redcat 6.2. I want to play with TNG. I have './configure' it, then 'make' it, then 'make install'.. but it still seems like it is operating 2.07. What haven't I done or am doing wrong? thanx -------------- next part -------------- HTML attachment scrubbed and removed From cigor at EUnet.yu Thu May 25 20:21:22 2000 From: cigor at EUnet.yu (=?ISO-8859-2?Q?=C8olovi=E6_Igor?=) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: Message-ID: I do not know how to solve this problem, but just a idea: Did you try setting wins server on cyber and mamut to dino IP address. I an not shure that this make sense, but what do you know. -- Nothing makes a person more productive than the last minute. On Fri, 26 May 2000 isyn@isi.wat.waw.pl wrote: > Exacly... I have the same > For example if i have three workgroups... > *dino > *cyber > *mamut > > If the smbd with wins support set on belong to workrgoup dino, that dino > is seen by computers from workgroup cyber and mamut > but dino doesn't see cyber and mamut. > Of course mamut and cyber see their selves > > -- > ROBERT MAGIER > > From it-samba at computerbild.de Fri May 26 07:06:06 2000 From: it-samba at computerbild.de (Ingo T. Storm) Date: Tue Dec 2 02:29:56 2003 Subject: TNG over 2.0.7 Redcat References: Message-ID: <025001bfc6e1$035a1600$012ca8c0@combi.de> > Currently I am running 2.07 on a Redcat 6.2. > I want to play with TNG. I have './configure' it, then 'make' it, then > 'make install'.. but it still seems like it is operating 2.07. tng puts the daemons in other directories. If you did not remove the old binaries and did not adjust your rc.*-scripts, the old samba will be started. Ingo From antonia at fib.upc.es Fri May 26 08:59:49 2000 From: antonia at fib.upc.es (Antonia Gomez) Date: Tue Dec 2 02:29:56 2003 Subject: DENY_ALL Message-ID: <392E3D05.89C1EEC9@fib.upc.es> Hello! WE have installed the last versio of samba (2.0.7) and we have in the others, the compiler of eiffel under G:\elj-win32 (where G: is a network drive: NET USE G: \\STUDENTS\SOFTWARE). We have problems with this software why when any student use it by compiling , it blocks some files, like this: 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/libc.lib Fri May 26 09:27:39 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/lcccrt0.obj Fri May 26 09:27:38 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/comctl32.lib Fri May 26 09:27:39 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/user32.lib Fri May 26 09:27:39 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/kernel32.lib Fri May 26 09:27:39 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/gdi32.lib Fri May 26 09:27:39 2000 14951 DENY_ALL RDONLY EXCLUSIVE+BATCH /usr/local/samba/shares/software/elj-win32/lcc/lib/advapi32.lib Fri May 26 09:27:39 2000 and the rest of students can't compile at same time Are there any parameter in samba by controling this lock's or this is problem of the eiffel? Thanks in advanced! -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Antonia Gomez Gonzalez FIB (Laboratori de Calcul) UPC Barcelona ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -------------- next part -------------- HTML attachment scrubbed and removed From isyn at isi.wat.waw.pl Fri May 26 12:41:00 2000 From: isyn at isi.wat.waw.pl (isyn@isi.wat.waw.pl) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: Message-ID: > I do not know how to solve this problem, but just a idea: > > Did you try setting wins server on cyber and mamut to dino IP address. > I an not shure that this make sense, but what do you know. Yes I did this, it made nothing, all what happend was that the dino saw mamut and cyber, but they were not browseable for it... I have an idea to. One can write a ip and the name of computers to the lmhosts file. Maybe it will help... -- ROBERT MAGIER From simo.sorce at polimi.it Fri May 26 12:55:38 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets References: Message-ID: <392E744A.9AF5C473@polimi.it> isyn@isi.wat.waw.pl wrote: > > > I do not know how to solve this problem, but just a idea: > > > > Did you try setting wins server on cyber and mamut to dino IP address. > > I an not shure that this make sense, but what do you know. > Yes I did this, it made nothing, all what happend was that the dino saw > mamut and cyber, but they were not browseable for it... > > I have an idea to. > One can write a ip and the name of computers to the lmhosts file. Maybe it > will help... > > -- > ROBERT MAGIER You have a problem resolved many times and documented somwhere in samba faqs! However, there are some experiences explained (hope you will understand my bad english:( ) First of all: The windows smb protocol discovers machine on a brodcast basis, so if you have two separeted subnets the machines of one subnet do not see the ones of another subnet. To resolve this and other weird problem with broadcast discovery, wins were introduced. The wins server may reside in any subnet, the ckients must be configured to connect to wins server. Once a client come up, it register himself on the wins ang get back the list of currently registered machines, then it will resync every x-minutes with the wins to get updated browse lists. At this point however you have two scenarios: 1. you have only workgroup and no domains, once wins is activated, after some minutes(or hours) the wins clients should see all the other registered clients. 2. You have domains. In this case you will probably see al the windows domains but you can access other domains only if the other domain server permit this (the last statement is based on personal testing). So if you have more subnets you should really use a wins server (this will reduce also the brodacast trafic), if you have domains you should grant correct permissions (trusting) to access others domains. Ciao, Simo. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From ssparish at pittstate.edu Fri May 26 13:38:24 2000 From: ssparish at pittstate.edu (Scott Parish) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets References: Message-ID: <392E7E50.24649D7E@pittstate.edu> Michael.Weisbach@de.ibm.com wrote: > > Hi. > > Maybe a easy OT question. What's the recommented values to get following > szenario > working: > > subnet1: 192.168.1.0/24 > with NT Server (not PDC) and clients > > subnet2: 192.168.2.0/24 > various clients currently not showing NT in browse-list > > between a nmbd-only samba on UNIX > line "interfaces = 192.168.1.254/24 192.168.2.254/24" If your address space for your subnets is contiguous as in the above scenario you can experiment with supernetting: http://msep01.eng.ohio-state.edu/lud/computer/mcse/tcp/tcpintro11.htm http://www.murchison.net/techno/tcpip/super-chart.html This of course depends on what you are trying to do. Do you want all your clients to see everyone on the network? Then give all the clients a new subnet mask based on the supernetting scheme. This is the approach we've taken at our university to get around cross subnet browsing limitations. If your subnets are not contiguous, then this won't work. -- Scott Parish | "I really can't live without Christ. It's like ssparish@pittstate.edu | impossible to really have a true life without Him." | -- Cassie Bernall, martyr at Columbine High School. From hanak at IRIS.osu.cz Fri May 26 13:49:48 2000 From: hanak at IRIS.osu.cz (Ondrej Hanak) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: <392D7A4B.84E6AEC2@schernau.com> Message-ID: On Fri, 26 May 2000, Edward Schernau wrote: > isyn@isi.wat.waw.pl wrote: > > > > > Except that this still won't show multiple domains in Network > > > Neighborhood. > > > > You have the same problem as I have...but there are 3 subnets in my LAN. > > I have only some Win98 machines but they can se only computers of the > > same workgroup. Maybe this a problem of windows smb clients not smbd > > server? > > Not sure, all I know is that I have 2 domains, with a samba/wins > server on 1 subnet and the 2nd domain on another subnet. All > machines in question use WINS, but the browse list only contains > the domain/workgroup that the samba server is local on. We tried to solve cross-subnet browsing and i recognized that problem is in that: Domain-name/workgroup-name is only broadcasted on local net. In workgroup, domain master browser (DMB) does't exist (cause it is WORGROUP and not DOMAIN), so browsing scheme, as is described in BROWSING.TXT, failed. Local master browser (LMB) in workgroup don't look for DMB. So they (LMBs of same workgroup in other segments) can't synchronize their browse lists. Solution is to have all comuters in DOMAIN. But that's not all. You must have at min. 1 computer from one DOMAIN in other net segment, where is second DOMAIN. Than you will see both DOMAINS in browse lists on all computers. Of course !only! one WINS server must exist on network. And all client must be configured via DHCP with ip of that WINS. Or better solution, if your both PDC are SAMBA, than you can use feature REMOTE BROWSE SYNC in misc options in SWAT. Hope this helps you. O.H. From hanak at IRIS.osu.cz Fri May 26 14:19:37 2000 From: hanak at IRIS.osu.cz (Ondrej Hanak) Date: Tue Dec 2 02:29:56 2003 Subject: OT: browsing between subnets In-Reply-To: <392E744A.9AF5C473@polimi.it> Message-ID: On Fri, 26 May 2000, Simo Sorce wrote: > isyn@isi.wat.waw.pl wrote: > > > > > I do not know how to solve this problem, but just a idea: > > > > > > Did you try setting wins server on cyber and mamut to dino IP address. > > > I an not shure that this make sense, but what do you know. > > Yes I did this, it made nothing, all what happend was that the dino saw > > mamut and cyber, but they were not browseable for it... > > > > I have an idea to. > > One can write a ip and the name of computers to the lmhosts file. Maybe it > > will help... > > > > -- > > ROBERT MAGIER > > You have a problem resolved many times and documented somwhere in samba > faqs! > However, there are some experiences explained (hope you will understand > my bad english:( ) > > First of all: The windows smb protocol discovers machine on a brodcast > basis, so if you have two separeted subnets the machines of one subnet > do not see the ones of another subnet. > > To resolve this and other weird problem with broadcast discovery, wins > were introduced. The wins server may reside in any subnet, the ckients > must be configured to connect to wins server. > Once a client come up, it register himself on the wins ang get back the > list of currently registered machines, then it will resync every > x-minutes with the wins to get updated browse lists. > I must say, that this is not true. Once client comes up, it registers himself on the WINS server but is only looking for domain master browser (DMB) on WINS if it is local master browser (LMB), but if you are in WRKGROUP this fails. So you can see only comps in this WORKGROUP on local segment and these DOMAINS/WORKGROUPS, in which other comps are on that segment. In DOMAIN you can see all computers belonged to this DOMAIN wherever they are. But to see other WORKGROUP/DOMAINS it still depends on existence DOMAIN member comps in other segments, where members of these WORKGROPUS/DOMAINS are. This browsing is realy damn thing! O.H. From David.Bear at asu.edu Fri May 26 16:08:20 2000 From: David.Bear at asu.edu (iddwb) Date: Tue Dec 2 02:29:56 2003 Subject: lpd to smb printing Message-ID: I'd like to have my samba server receive print requests via lpd, then sent them to an smb printer share. Any pointers anywhere on how to do this? David Bear College of Public Programs/ASU From kellermg at potsdam.edu Fri May 26 16:19:45 2000 From: kellermg at potsdam.edu (Matthew Keller) Date: Tue Dec 2 02:29:56 2003 Subject: [Fwd: Microsoft Security Bulletin (MS00-036)] Message-ID: <392EA421.1154A409@potsdam.edu> Does this vulnerability affect any versions of Samba? -------- Original Message -------- Subject: Microsoft Security Bulletin (MS00-036) Date: Fri, 26 May 2000 07:17:45 -0700 From: Microsoft Product Security To: MICROSOFT_SECURITY@ANNOUNCE.MICROSOFT.COM The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. ******************************** -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin (MS00-036) - -------------------------------------- Patch Available for "ResetBrowser Frame" and "HostAnnouncement Flooding" Vulnerabilities Originally posted: May 25, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities, one affecting Microsoft(r) Windows NT(r) 4.0 and Windows(r) 2000, and the other affecting Windows NT 4.0 only. Under certain conditions, the vulnerability could allow a malicious user to make it difficult or impossible for other users to locate services and computers on a network; in the worst case, it could allow him to provide incorrect information about the same services and computers. Frequently asked questions regarding this vulnerability and the patch can be found at http://www.microsoft.com/technet/security/bulletin/fq00-036.asp Issue ===== Windows NT 4.0 and Windows 2000 implement the CIFS Computer Browser protocol. Two vulnerabilities exist because of the inability of administrators to limit whether Master Browsers respond to certain frames. The two vulnerabilities are: - The "ResetBrowser Frame" vulnerability, which affects both Windows NT 4.0 and Windows 2000. Like most implementations, the Windows implementation provides the ability for a Master Browser to shut down other browsers via the ResetBrowser frame. However, there is no capability to configure a browser to ignore ResetBrowser frames. This could allow a malicious user to shut down browsers on his subnet as a denial of service attack against the browser service, or, in the worst case, to shut down all browsers and declare his machine the new Master Browser. - The "HostAnnouncement Flooding" vulnerability, which does not affect Windows 2000. Because there is no means of limiting the size of the browse table in Windows NT 4.0, a malicious user could send a huge number of bogus HostAnnouncement frames to a Master Browser. The resulting replication traffic could consume most or all of the network bandwidth and cause other problems in processing the table as well. If a firewall were in place and blocking port 138 UDP, neither vulnerability could be exploited by an external user. Even an internal user could only attack browsers on the same subnet as his machine. Normal administrative tools would allow the administrator to determine who had mounted the attack. Affected Software Versions ========================== - Microsoft Windows NT 4.0 Workstation - Microsoft Windows NT 4.0 Server - Microsoft Windows NT 4.0 Server, Enterprise Edition - Microsoft Windows 2000 Professional - Microsoft Windows 2000 Server - Microsoft Windows 2000 Advanced Server NOTE: Windows 95, Windows 98, and Windows NT 4.0 Server, Terminal Server Edition, also provide an implementation of the Computer Browser protocol. However, they are not listed as affected products because the scenario in which these vulnerabilities could be exploited - large networks that rely on computer browsing - are exactly the ones most unlikely to use Windows 95, Windows 98 or Windows NT 4.0 Terminal Servers as master browsers. From jwhamps at ilstu.edu Fri May 26 17:06:25 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:56 2003 Subject: TNG running? Message-ID: Perhaps this is an ignorant question but how do I know I am running TNG? ------------------------------ Jeff Hampson -------------- next part -------------- HTML attachment scrubbed and removed From grahamj at virtue.cx Fri May 26 17:16:20 2000 From: grahamj at virtue.cx (Jonathan Graham) Date: Tue Dec 2 02:29:56 2003 Subject: TNG running? In-Reply-To: Message-ID: > > Perhaps this is an ignorant question but how do I know I am running TNG? > Well if you do a "ps xa" and see the following daemons running: 16617 ? S 0:00 /opt/samba-tng/sbin/browserd 16627 ? S 0:00 /opt/samba-tng/sbin/lsarpcd 16637 ? S 0:00 /opt/samba-tng/sbin/netlogond 16647 ? S 0:00 /opt/samba-tng/sbin/nmbd 16648 ? S 0:00 /opt/samba-tng/sbin/nmbd 16658 ? S 0:00 /opt/samba-tng/sbin/samrd 16668 ? S 0:00 /opt/samba-tng/sbin/smbd 16678 ? S 0:00 /opt/samba-tng/sbin/srvsvcd 16688 ? S 0:00 /opt/samba-tng/sbin/svcctld 16698 ? S 0:00 /opt/samba-tng/sbin/winregd 16708 ? S 0:00 /opt/samba-tng/sbin/wkssvcd 16718 ? S 0:00 /opt/samba-tng/sbin/spoolssd Then you know that TNG has everything it needs to work. However configuration issues can still stop you cold. Consult the FAQ for more details: http://www.kneschke.de/projekte/samba_tng/ From hsingh at pilot.net Fri May 26 17:49:09 2000 From: hsingh at pilot.net (Singh, Harpreet) Date: Tue Dec 2 02:29:56 2003 Subject: User Permissions Using SWAT Message-ID: Hello, I need some help with setting permissions on a user share on a Samba Server, which is a part of an NT Domain. The way it should work is: When someone creates a new folder, he/she has full control of his/her own folder and the files underneath the folder and others have Read Only access by default. And if that person wants to give others Write Access to his/her files he/she can do so. Any help will be greatly appreciated. Thank you, Harpreet From jwhamps at ilstu.edu Fri May 26 18:06:56 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:56 2003 Subject: Changing Passwords in 9x w/SMB PDC Message-ID: Would anyone be able to tell me or point me in a direction to place that can intsruct me how to set my Samba server up so that my end users can change their own passwrds from their Win9x boxes? More specifically in a way that NT does? thanks ------------------------------ Jeff Hampson -------------- next part -------------- HTML attachment scrubbed and removed From jwhamps at ilstu.edu Fri May 26 18:13:15 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:56 2003 Subject: NT joining Samba PDC domain Message-ID: When I attempt to join my NT server to my SambaPDC domain it prompts me for an account with permission to join the domain. I put in the NTserver name and the password I had set for it in smbpasswd. The error message that returns is " The credentials supplied conflict with an existing set of credentials" If it helps to explain how I created the smb account. I first altered the passwd file to create a machine account like the intructions I have seen said to do. then I use : smbpasswd -a -m machinename. is there something I am missing? thanx in advance ------------------------------ Jeff Hampson -------------- next part -------------- HTML attachment scrubbed and removed From skvidal at phy.duke.edu Fri May 26 18:07:43 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:56 2003 Subject: nt workstation in multiple domains Message-ID: Hi, I'm not sure that this has been entirely covered but I thought I'd ask. is it possible to have two different samba servers on separate domains and have an nt workstation be a member of both. so a user is presented with a login screen and chooses which domain to login to and they, if authenticated, get the services from that samba server and other services from another? so I guess the question is more about Nt than samba but is this possible and is anyone doing it? -sv From ranjan_bagchi at yahoo.com Fri May 26 18:25:22 2000 From: ranjan_bagchi at yahoo.com (Ranjan Bagchi) Date: Tue Dec 2 02:29:56 2003 Subject: OS Choices Message-ID: <20000526182522.7776.qmail@web2104.mail.yahoo.com> Hi -- I'm looking at adding a new windows computer to my collection: currently I'm running only NT4sp6 and an older version of Samba on Linux as PDC. The new model I'm looking at (IBM's NetVista) only is available in Win98 and Win2k versions. I'd like to stick with NT over '98, but what would I have to do so that the NT4 and new Win2k computer could still use Samba as PDC? Any help appreciated! Ranjan Bagchi __________________________________________________ Do You Yahoo!? Kick off your party with Yahoo! Invites. http://invites.yahoo.com/ From yoshers at hotmail.com Fri May 26 19:07:04 2000 From: yoshers at hotmail.com (Kevin Chan) Date: Tue Dec 2 02:29:56 2003 Subject: smbpasswd file Message-ID: <20000526190705.45444.qmail@hotmail.com> FYI: I am running Samba 2.0.6 as a PDC for NT 4.0 SP6 workstations. I have been cleaning up the lack of uniformity on my samba server and came upon an odd occurrence in the smbpasswd file. The last two fields of each entry are supposedly for Account Flags and Last Change Time. I have been using a PERL script to add users that I have written, which uses the smbpasswd command and it creates the entry perfectly. However, there are some entries from a previous administrator which look like this: username:uid:correct hash:correct hash:Full Name, misc info:\\domain\username The old administrator told me that he used the pwdump utility to convert the old password format to the present Samba format. Although there have been no problems with the users, I would like them to look the same, so is there some specific way that I should uniform them? Do I have to do it manually? Could there be problems if I don't change the incorrect format? I think these are the main questions. Thanks a lot for taken a look at this somewhat silly question. KevinChan Systems Administrator Administrative Computing. ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From peter at cadcamlab.org Fri May 26 21:59:43 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:56 2003 Subject: lpd to smb printing References: Message-ID: <14638.61631.164921.931925@wire.cadcamlab.org> [iddwb ] > I'd like to have my samba server receive print requests via lpd, then > sent them to an smb printer share. Not hard, look at the `smbprint' script (in the examples directory somewhere) and adjust that to your configuration. Refer to your modified smbprint script as your input filter in printcap, and use /dev/null as your print device: lp:\ :if=/your/smbprint:lp=/dev/null:sh:mx#0:........ Peter From peter at cadcamlab.org Fri May 26 22:14:51 2000 From: peter at cadcamlab.org (Peter Samuelson) Date: Tue Dec 2 02:29:56 2003 Subject: OS Choices References: <20000526182522.7776.qmail@web2104.mail.yahoo.com> Message-ID: <14638.63203.749724.265579@wire.cadcamlab.org> [Ranjan Bagchi ] > The new model I'm looking at (IBM's NetVista) only is available in > Win98 and Win2k versions. So NT4 won't run on it, or did you mean it's just not available pre-installed? > I'd like to stick with NT over '98, but what would I have to do so > that the NT4 and new Win2k computer could still use Samba as PDC? Samba 2.0.x cannot function as PDC for Windows 2000. PDC support in 2.0.x is experimental to begin with, and there are a lot of missing features. Too many missing features for Windows 2000 to work with it, even in NT4 compatibility mode. Peter From geniusbhatti at hotmail.com Sat May 27 19:17:23 2000 From: geniusbhatti at hotmail.com (Naseer Bhatti) Date: Tue Dec 2 02:29:56 2003 Subject: Cannot Login from NT Machine Message-ID: <20000527141723.1241.qmail@hotmail.com> hello. I am running samba-tng-2. I can succesfully login from the Local Linux machine but Unable to login from NT Machine. The Log says that LM/NT passwd did'nt mached. Can anyone help me what could be the solution to this problem ?? Thanks in Advance !! Naseer BhattI ! ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From lars at kneschke.de Sat May 27 16:44:03 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:29:56 2003 Subject: Cannot Login from NT Machine References: <20000527141723.1241.qmail@hotmail.com> Message-ID: <392FFB53.B0FAB0A7@kneschke.de> Naseer Bhatti wrote: > > hello. I am running samba-tng-2. > I can succesfully login from the Local Linux machine but Unable to login > from NT Machine. The Log says that LM/NT passwd did'nt mached. Can anyone > help me what could be the solution to this problem ?? This problem exists since 2 or 3 weeks, but it get's not fixed. Maybe other parts have higher priority. Cu -- Watch our projects at http://www.kneschke.de/projekte! GGI-TV, KSamba, PXTools, Samba TNG FAQ, myWebalizer From brandtwr-samba at draaw.net Sat May 27 20:51:19 2000 From: brandtwr-samba at draaw.net (Bill Brandt) Date: Tue Dec 2 02:29:56 2003 Subject: nt workstation in multiple domains In-Reply-To: References: <20000527180946Z13168294-445+6543@samba.org> Message-ID: <20000527165119.C29134@draaw.net> >Hi, >is it possible to have two different samba servers on separate domains >and have an nt workstation be a member of both. >so a user is presented with a login screen and chooses which domain to >login to and they, if authenticated, get the services from that samba >server and other services from another? >so I guess the question is more about Nt than samba but is this possible >and is anyone doing it? Two answers: 1. No it's not possible. Simply put a workstation can only be in one domain. 2. Now, a workstation does not even need to be in the domain to have access to resources. It only needs to get a login token with that domain. 95/98 don't allow you to connect to another domain unless the userids are sync'd (because if you try it will prompt for a password but not ask for a userid). Now with NTWS you can do the following: * login to the workstation or one of the domains (if your not physically at that site though, it will say it can't find a domain controller). * NTWS will cache that userid/passwd combo. If you try to connect to a PDC or BDC, it will use those credentials with your domain first. The PDC or BDC will say, sorry I don't know you. Your workstation then says, try userid/passwd/yourdomain to the domain controller. If that userid and password is sync'd it will login without asking. Otherwise, it will prompt you. * If it prompts you, you can type: Connect as: domain\user Password: password * If the server you are connecting to first is a resource server, it's a bit more complex because the failure will cause you machine to say, try userid/passwd/yourserveraccountlist. Unless you have a machine account on that resource server it will fail and prompt you. In that case, just do as above. Once you've entered the password once there, it will work. I prefer on a workstation to copy the local Administrator's account to a an account named after my domain accounts, keep all the domain accounts the same userid. I log in as my copy of the local Admin account. This means I don't get a no domain server message and then as long as I hit a domain controller first before any resource servers, I'm okay. If not, I just have to deal with the dialog box once. Bill From moebius at ip-solutions.net Sat May 27 21:26:28 2000 From: moebius at ip-solutions.net (moebius@ip-solutions.net) Date: Tue Dec 2 02:29:56 2003 Subject: nt workstation in multiple domains In-Reply-To: <20000527165119.C29134@draaw.net> Message-ID: Hey All, > Two answers: > > 1. No it's not possible. Simply put a workstation can only be in one domain. > 2. Now, a workstation does not even need to be in the domain to have access to > resources. It only needs to get a login token with that domain. 95/98 don't > allow you to connect to another domain unless the userids are sync'd (because if > you try it will prompt for a password but not ask for a userid). Now with NTWS > you can do the following: Bill I think that you are wrong about this. From memory we used to have 2 domain which on the logon screen the user could select the domain to which they wanted to logon to. Please correct me if I'm wrong. I will also go back thru our old setup stuff and see if I can find out how we were doing it. Harry Hoffman Manager - Information Technology Restaurants Unlimited Inc. 206.634.3082 x. 270 From magnus at hig.se Sat May 27 22:29:38 2000 From: magnus at hig.se (Magnus Larsson) Date: Tue Dec 2 02:29:56 2003 Subject: PDC - RPC problems Message-ID: Hi! I have a problem with making my Samba work correctly as a PDC for NT4 and NT4 server computers. I get the error message "A remote procedure call (RPC) protocol error occurred". I have been trying to solve this for a while now and I cant figure it out. Please help me if somebody know what needs to be done. I'm running Samba 2.0.5 on a Solaris system. I have searched everywhere for a example or some help on this but I haven't been able to find anything and I dont think I'm the only one with this problem! :) //Regards Magnus Larsson (Network Manager) ======================================================= University of G?vle E-Mail: magnus@hig.se Kungsb?cksv?gen 47 Tel. +46-(0)26 - 64 86 01 S-801 76 G?vle Mob. +46-(0)70 - 329 86 01 ======================================================= From Skripi at hrzpub.tu-darmstadt.de Sat May 27 23:00:40 2000 From: Skripi at hrzpub.tu-darmstadt.de (Jens Skripczynski) Date: Tue Dec 2 02:29:56 2003 Subject: nt workstation in multiple domains In-Reply-To: ; from moebius@ip-solutions.net on Sun, May 28, 2000 at 07:04:08AM +1000 References: <20000527165119.C29134@draaw.net> Message-ID: <20000528010040.A2058@shadowland.sc> moebius@ip-solutions.net: > Bill I think that you are wrong about this. From memory we used to have 2 > domain which on the logon screen the user could select the domain to which > they wanted to logon to. Please correct me if I'm wrong. I will also go > back thru our old setup stuff and see if I can find out how we were doing > it. As far as I know (very limited) this is can only be achieved by making trusted relationships between the domains. One sided or both. But not without. Has someone figured out, how to achieve trusted relationships with TNG ? Ciao Jens Skripczynski -- E-Mail: skripi@hrzpub.tu-darmstadt.de Computers are like airconditioners: They stop working properly if you open windows. From brandtwr-samba at draaw.net Sun May 28 16:39:13 2000 From: brandtwr-samba at draaw.net (Bill Brandt) Date: Tue Dec 2 02:29:56 2003 Subject: nt workstation in multiple domains In-Reply-To: References: <20000527165119.C29134@draaw.net> Message-ID: <20000528123913.A11103@draaw.net> That is possible if the two domains have trust relationships, but my understanding from the question posed was that the workstation was probably a laptop and moved between domains that had nothing to do with each other. Ex: I have domains with three separate organizations that my workstation logs into. Because the workstation can only join one domain, I can only get that domain and domains that it trusts in the logon drop-down box. Since the different domains belong to different organizations (which don't even recognize that each other exist), the result is that the workstation won't allow a login to the other two domains. Basically, your right, you can allow logon to multiple domains, but they must be part of an enterprise of trusting domains. Otherwise, your workstation couldn't possible have access to the userlist to allow it to have a local workstation user permission to allow local logon. Bill On Sat, May 27, 2000 at 02:26:28PM -0700, moebius@ip-solutions.net wrote: >Hey All, > >> Two answers: >> >> 1. No it's not possible. Simply put a workstation can only be in one domain. >> 2. Now, a workstation does not even need to be in the domain to have access to >> resources. It only needs to get a login token with that domain. 95/98 don't >> allow you to connect to another domain unless the userids are sync'd (because if >> you try it will prompt for a password but not ask for a userid). Now with NTWS >> you can do the following: > >Bill I think that you are wrong about this. From memory we used to have 2 >domain which on the logon screen the user could select the domain to which >they wanted to logon to. Please correct me if I'm wrong. I will also go >back thru our old setup stuff and see if I can find out how we were doing >it. > >Harry Hoffman >Manager - Information Technology >Restaurants Unlimited Inc. >206.634.3082 x. 270 > > From hasse at unjo.com Sun May 28 18:31:33 2000 From: hasse at unjo.com (Hans Almqvist) Date: Tue Dec 2 02:29:56 2003 Subject: Starting SAMBA TNG-alpha.2.5 Message-ID: <39316605.5BB99F76@unjo.com> Hi all! When staring SAMBA I get the following in the smb.log: added interface ip=192.168.1.1 bcast=192.168.1.255 nmask=255.255.255.0 Failed to set socket option SO_KEEPALIVE (Error Socket operation on non-socket) Failed to set socket option TCP_NODELAY (Error Socket operation on non-socket) file_init: Information only: requested 10000 open files, 1014 are available. loaded services Becoming a daemon. bind succeeded on port 139 waiting for a connection I think I have seen people complaining about this before but have never seen any explanation of if and what is wrong. Is this error message anything to worry about? /Hasse From cigor at EUnet.yu Sun May 28 20:24:15 2000 From: cigor at EUnet.yu (=?ISO-8859-2?Q?=C8olovi=E6_Igor?=) Date: Tue Dec 2 02:29:56 2003 Subject: Problems with NTWS login Message-ID: I found one strange situation. I will try to explain it. My configuration: NTWS 4.0 SP3 ----- RH 5.2 kernel 2.2.9 i486 UNKNOWN Samba CVS from 28.5.2000 22:00 On NTWS and on Linux I have account cigor. Password is the same for NT and for samba. Till tonight I did not have any problems loging in to samba, but have problems browsing samba server. It prompt me for username ad password. At first I thought that problem is in samba and samba only. But then I changed password on samba to something else, and now I can not login to samba server. The strange thing is that if I use password that is valid on NTWS it let me login, but I can not browse samba server. About att: log1.tar.gz is log(100) when in login dialog I type samba password. log2.tar.gz is log(100) when in login dialog I type local(NTWS) password. P.S. Luke because my configuration is not a production one I can play with it, just tel me what to do. -- Nothing makes a person more productive than the last minute. -------------- next part -------------- A non-text attachment was scrubbed... Name: log2.tar.bz2 Type: application/octet-stream Size: 14040 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000528/4ab430b3/log2.tar.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: log1.tar.bz2 Type: application/octet-stream Size: 4894 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000528/4ab430b3/log1.tar.obj From simo.sorce at polimi.it Mon May 29 08:08:47 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:56 2003 Subject: NT joining Samba PDC domain References: Message-ID: <3932258F.AA3DD128@polimi.it> > "Jeffrey W. Hampson" wrote: > > When I attempt to join my NT server to my SambaPDC domain it prompts > me for an account with permission to join the domain. I put in > the NTserver name and the password I had set for it in smbpasswd. > The error message that returns is " The credentials supplied conflict > with an existing set of credentials" " The credentials supplied conflict with an existing set of credentials" this message come from an NT box when you have alredy connected to the target host with another username/password, to avoid this you must logoff and then log in again. Howver the procedure you use to join a domain is not correct if you are using samba 2.0.x > > If it helps to explain how I created the smb account. I first altered > the passwd file to create a machine account like the intructions I > have seen said to do. then I use : smbpasswd -a -m machinename. > is there something I am missing? Yes, if you want to join a domain with samba 2.0.x you must not provide username and password if you want to join a domain. As explained in documentation, you need to set a machine account on your unix server with smbpasswd -a -m name$ the first time this command will set the samba account, but will also set the default password (machine name in lowercase letters). At this point to join the domain you simply use the network control panel select the join domain option and set the correct domain name, DO NOT select the "Create a computer account in the domain" and DO NOT provide any password and then press ok. If you need for any reson to rejoin the domain you have to enter a workgroup. Reset the password: smbpasswd machinename$ and set the password machinename (ie. the Windows Machine Name in lower case letters) Then rejion the domain with the previous instructions. Have fun, Simo -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From simo.sorce at polimi.it Mon May 29 08:21:17 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:56 2003 Subject: Starting SAMBA TNG-alpha.2.5 References: <39316605.5BB99F76@unjo.com> Message-ID: <3932287D.509F2535@polimi.it> Hans Almqvist wrote: > > Hi all! > > When staring SAMBA I get the following in the smb.log: > > added interface ip=192.168.1.1 bcast=192.168.1.255 nmask=255.255.255.0 > Failed to set socket option SO_KEEPALIVE (Error Socket operation on > non-socket) > Failed to set socket option TCP_NODELAY (Error Socket operation on > non-socket) > file_init: Information only: requested 10000 open files, 1014 are > available. > loaded services > Becoming a daemon. > bind succeeded on port 139 > waiting for a connection > > I think I have seen people complaining about this before but have never > seen any explanation of if and what is wrong. > > Is this error message anything to worry about? > > /Hasse I will resond you for the file_init error. This is not a problem unless you really need to open many files or serve a big domain with many shares, however you have this error because by default tour system allow you to open no more than 1024 files per process. To change this behaviour add this lines in your startup script: ulimit -Hn 16384 ulimit -Sn 16384 Set them before your script launches samba. example script for Linux RH6.0: -------------------------------cut here------------------------------- #!/bin/sh # # chkconfig: - 91 35 # description: Starts and stops the Samba smbd and nmbd daemons \ # used to provide SMB network services. # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 # Check that smb.conf exists. [ -f /etc/smb.conf ] || exit 0 # Set max number files limit to 16384 ulimit -Hn 16384 ulimit -Sn 16384 # See how we were called. case "$1" in start) echo -n "Starting SMB services: " daemon smbd -D echo echo -n "Starting NMB services: " daemon nmbd -D echo touch /var/lock/subsys/smb ;; stop) echo -n "Shutting down SMB services: " killproc smbd echo echo -n "Shutting down NMB services: " killproc nmbd rm -f /var/lock/subsys/smb echo "" ;; restart) $0 stop $0 start ;; status) status smbd status nmbd ;; *) echo "Usage: smb {start|stop|restart|status}" exit 1 esac ------------------------------------cut here----------------------------- -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From jakubowski at szczecin.top.pl Mon May 29 11:31:02 2000 From: jakubowski at szczecin.top.pl (Marcin Jakubowski) Date: Tue Dec 2 02:29:56 2003 Subject: Debian Message-ID: Hello I am looking for .deb packages of samba tng. Where I can find them. I am using Debian and compiling as a source is not good soluton fo me. TIA Marcin Jakubowski From mg at plum.de Mon May 29 12:56:37 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:56 2003 Subject: Debian References: Message-ID: <000d01bfc96d$5355e6a0$0201010a@defiant> > I am looking for .deb packages of samba tng. Where I can find them. I am > using Debian and compiling as a source is not good soluton fo me. > sorry, there aren't any pre-compiled versions of Samba-TNG aviable, and it is ok so, because TNG can be quite unstable.. If you still want to install it, look at: http://www.kneschke.de/projekte/samba_tng/index.php3 http://www.sambahq.de/download.php3/tng_en.html regards, Michael From dmaresch at microflash.de Mon May 29 12:08:21 2000 From: dmaresch at microflash.de (Daniel Maresch) Date: Tue Dec 2 02:29:56 2003 Subject: windows 2000 and samba as its PDC References: <020701bfbf77$642f2d10$9f01a8c0@523.bakerref.com> Message-ID: <008f01bfc966$954e5850$0a01a8c0@danny> Hello, my list ntdom! is there nobody who can tell me how to use TNG-2.5 for W2K-Clients. I have a trust account (danny$) with password (danny) and TNG is running without any problems: a NT4.0 Client can logon without any problem; the W2K said that he cannot find the domain to logon or there is no route to it. Please help me, TNG is really great work but if I cannot use it with w2k-clients, I have no use of it! DAN From jakubowski at szczecin.top.pl Mon May 29 12:30:44 2000 From: jakubowski at szczecin.top.pl (Marcin Jakubowski) Date: Tue Dec 2 02:29:56 2003 Subject: Debian In-Reply-To: <000d01bfc96d$5355e6a0$0201010a@defiant> Message-ID: > > > I am looking for .deb packages of samba tng. Where I can find them. I > am > > using Debian and compiling as a source is not good soluton fo me. > > > > sorry, there aren't any pre-compiled versions of Samba-TNG aviable, and it > is > ok so, because TNG can be quite unstable.. Yes but I need PDC in my network because in second domain (another IP pool) is a real NT and I have problems. This NT can't use my wins for proxy in my network. Debian is i stabel solutions I have Slink current stable wersion but my desktop is a Potato which is frozen with some debs from woody (unstable), solid-pop and php-admin. It works fine, I don't have problem and I am planing to upgrade Slink to Potato. One problem is NT domain and Samba-tng is a good solution. > > If you still want to install it, look at: > > http://www.kneschke.de/projekte/samba_tng/index.php3 > http://www.sambahq.de/download.php3/tng_en.html > Thans for links. Marcin Jakubowski From fricke at Team.OWL-Online.DE Mon May 29 13:18:09 2000 From: fricke at Team.OWL-Online.DE (fricke@Team.OWL-Online.DE) Date: Tue Dec 2 02:29:57 2003 Subject: Antwort: Re: Debian Message-ID: Hi, I have Debian (slink and potato) too and I have Samba 2.06 acting very good as a PDC for my 25 NT-Workstations. Just take the source and compile it with same options... it works much faster than a real NT-Server. -------------------------------------- Mit freundlichen Gr??en Cord-H. Fricke Fon: 0 52 1 / 52 51-133 Fax: 0 52 1 / 52 51-115 ...keep on headbangin? , that rocks!!! Marcin Jakubowski Gesendet von: samba-ntdom@samba.org 29.05.00 14:31 Bitte antworten an jakubowski An: Multiple recipients of list SAMBA-NTDOM Kopie: Thema: Re: Debian > > > I am looking for .deb packages of samba tng. Where I can find them. I > am > > using Debian and compiling as a source is not good soluton fo me. > > > > sorry, there aren't any pre-compiled versions of Samba-TNG aviable, and it > is > ok so, because TNG can be quite unstable.. Yes but I need PDC in my network because in second domain (another IP pool) is a real NT and I have problems. This NT can't use my wins for proxy in my network. Debian is i stabel solutions I have Slink current stable wersion but my desktop is a Potato which is frozen with some debs from woody (unstable), solid-pop and php-admin. It works fine, I don't have problem and I am planing to upgrade Slink to Potato. One problem is NT domain and Samba-tng is a good solution. > > If you still want to install it, look at: > > http://www.kneschke.de/projekte/samba_tng/index.php3 > http://www.sambahq.de/download.php3/tng_en.html > Thans for links. Marcin Jakubowski From jakubowski at szczecin.top.pl Mon May 29 13:32:02 2000 From: jakubowski at szczecin.top.pl (Marcin Jakubowski) Date: Tue Dec 2 02:29:57 2003 Subject: Antwort: Re: Debian In-Reply-To: Message-ID: > > Hi, > > I have Debian (slink and potato) too and I have Samba 2.06 acting very > good as a PDC for my 25 NT-Workstations. > Just take the source and compile it with same options... it works much > faster than a real NT-Server. > I have NT wokstations but I have to setup NT server and nt server can't log in to NT domain I add account to /etc/passwd and smbpasswd -a -m machine and nt type "domain controller for this domain cannot be located" I dont know what is wrong. Marcin Jakubowski From olivier.wegria at novactiongroup.com Mon May 29 14:46:35 2000 From: olivier.wegria at novactiongroup.com (Olivier Wegria) Date: Tue Dec 2 02:29:57 2003 Subject: update new shared drive Message-ID: <500C66C7BF87D311A7F400A0C907E8D847B0A4@NSA4> Hi there, I added some share in my smb.conf a few hours ago and there are still not accessible. How can I "refresh" the samba settings? The server is busy with loads of open files so I can't just restart samba because all those files will be unexpectedly close and the windows software will crash. Thanks for any help. Olivier Samba 2.0.7 on redhat 6.1 kernel 2.2.11 smp 2 intel celeron 500 From Christian.Duclou at eeigm.inpl-nancy.fr Mon May 29 15:29:42 2000 From: Christian.Duclou at eeigm.inpl-nancy.fr (Christian Duclou) Date: Tue Dec 2 02:29:57 2003 Subject: update new shared drive References: <500C66C7BF87D311A7F400A0C907E8D847B0A4@NSA4> Message-ID: <39328CE6.7D85FBC1@eeigm.inpl-nancy.fr> HI, Don't the SIGHUP signal on smbd process operate ? C.D. Olivier Wegria wrote: > Hi there, > > I added some share in my smb.conf a few hours ago and there are still not > accessible. > > How can I "refresh" the samba settings? > > The server is busy with loads of open files so I can't just restart samba > because all those files will be unexpectedly close and the windows software > will crash. > > Thanks for any help. > > Olivier > > Samba 2.0.7 on redhat 6.1 > kernel 2.2.11 smp > 2 intel celeron 500 -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE - 54010 NANCY - CEDEX - France Phone: +33 383.3683.27 - Fax: +33 383.3683.36 _______________ http://eeigm.inpl-nancy.fr _____________ From Christian.Duclou at eeigm.inpl-nancy.fr Mon May 29 15:37:34 2000 From: Christian.Duclou at eeigm.inpl-nancy.fr (Christian Duclou) Date: Tue Dec 2 02:29:57 2003 Subject: SMP References: <500C66C7BF87D311A7F400A0C907E8D847B0A4@NSA4> Message-ID: <39328EBE.B9398861@eeigm.inpl-nancy.fr> A SMP kernel does'it grow performance of a samba server? Can somebody gives a tipical size-scale for a samba server in a two field table configuration <=> performances needed where performance is probably function of # users, average used files, bytes flows, ... (i don't really know ...?) Thanks -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE - 54010 NANCY - CEDEX - France Phone: +33 383.3683.27 - Fax: +33 383.3683.36 _______________ http://eeigm.inpl-nancy.fr _____________ From Michael.Keightley at quadstone.com Mon May 29 15:55:09 2000 From: Michael.Keightley at quadstone.com (Michael.Keightley@quadstone.com) Date: Tue Dec 2 02:29:57 2003 Subject: profile not found in Samba-tng-alpha-2.5.3 Message-ID: <200005291555.QAA24952@gromit.quadstone.co.uk> Hi, I've installed Samba-tng-alpha-2.5.3 on a machine running Solaris 7. I managed to get a NT 4.0 (SP6a) machine to join the domain. I've also added a test user. The user can login but a roaming profile isn't found and no network drives can be mapped. What am I doing wrong? I get this error in log.browser when Samba is started: *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /home/samba_ruby/var/locks/.msrpc/browser failed Similarly in log.lsarpc; *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /home/samba_ruby/var/locks/.msrpc/lsarpc failed _lsa_open_secret: couldn't open secret_db. Possible attack? And log.netlogin: *** Please someone examine create_pipe_socket and fix it *** *** if used other than for exclusive root access *** *** (see perms, which should be 0700 and 0600) *** *** there is a race condition to be exploited. *** remove on /home/samba_ruby/var/locks/.msrpc/netlogon failed Here is my smb.conf: [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = RUBY workgroup = EDINBURGH server string = Quadstone SAMBA Server %h hosts allow = 194.80.190. 192.168.191. 192.168.193. 127. interfaces = 194.80.190.62/255.255.255.128 192.168.193.62/255.255.255.0 #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /home/samba_ruby/private/domaingroup.map domain alias map = /home/samba_ruby/private/domainalias.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) security = user domain logons = yes encrypt passwords = yes #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = yes #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = q: logon home = \\RUBY\%U logon path = \\RUBY\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Home Directories #set up netlogon share for system policies and login scripts [netlogon] path = /home/samba_ruby/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /home/samba_ruby/profile writeable = yes [printers] printing = SYSV lprm command = /usr/ucb/lprm -P%p %j path = /home/samba_pearl/var/spool/public public = yes writable = no printable = yes [software] comment = PC software path = /home/PC writeable = yes browseable = yes guest ok = no -- Michael Keightley Tel: +44 131 220 4491 Systems Manager, Quadstone Limited, Fax: +44 131 220 4492 16 Chester Street, Edinburgh EH3 7RA, Scotland http://www.quadstone.com From mg at plum.de Mon May 29 17:03:44 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:29:57 2003 Subject: profile not found in Samba-tng-alpha-2.5.3 References: <200005291555.QAA24952@gromit.quadstone.co.uk> Message-ID: <003d01bfc98f$d8e92e90$0201010a@defiant> > Hi, > I've installed Samba-tng-alpha-2.5.3 on a machine running Solaris 7. > I managed to get a NT 4.0 (SP6a) machine to join the domain. I've also added a > test user. The user can login but a roaming profile isn't found and no network > drives can be mapped. What am I doing wrong? I think it is broken in 2.5.3. Switch back to 2.5 for a quite stable PDC. (although password change does not work ... ;) regards, Michael From jacob.lorensen at e-postboks.dk Mon May 29 16:11:35 2000 From: jacob.lorensen at e-postboks.dk (Jacob Bohn Lorensen) Date: Tue Dec 2 02:29:57 2003 Subject: Win2k vs. SAMBA-TNG, some success, but problem with profile download Message-ID: <87snv15oaw.fsf@pippin.jblhome.ping.dk> Hi. I am tired of continually re-installing Windows 98 on my home PC's, and am thus in the process of trying out Windows 2000 in the hopes that it will turn out to be more stable. I have tried installing a Windows 2000 partition on two computers (one laptop and one desktop) and am experiencing the same two (unrelated) problems on both. My home server is running FreeBSD 4.0-STABLE. I have compiled and installed as per the SAMBA TNG FAQ (Kneschke's home page, I think it was). 1) It seems the Win2k clients can find and see the SAMBA-TNG PDC fine in that I cannot logon as a nonexisting user or with an invalid password. I can log on with my own username and password (created with samedit). However, I get a message saying that I am not allowed to connect to the \\server\profile share. If I clock OK to that message, I get logged on to the Win2k computer. Using "net use h: \\server\jacob" or "net use p: \\server\profile" I can connect to the [home] and [profile] shares with no problems!?!?? 2) Probably completely unrelated to SAMBA, but I'll mention it anyway. Networking performance is extremely poor. FTP'ing files or copying files from a samba share gives me approximately 35Kb/sec. If I boot Windows 98 I can FTP or copy files with 600-900 Kb/sec (10 Mbit ethernet). This happens on both the laptop and desktop computer. Now I realise that this is a development system and I cannot expect things to work smoothly all the time. I have therefore tried various versions of the SAMBA-TNG code (cvs update -D "three weeks ago", for example) to see if things would work better in an earlier version, but this seems not to be the case. So the questions becomes: How do I best narrow down the problem? Last time I diddled with the SAMBA code there were only two processes: nmbd and smbd. Now there are several, and I don't really know which one(s) would be responsible for authenticating the connection to the [profile] share... but I would really like to help nailing down this bug. Thanks for your time, Jacob. -- Jacob Lorensen; Mosebuen 33, 1.; DK-2820 Gentofte, Denmark; +45 39560401 PGPid: 0x752EB4DE Fingerprint: F609A0BAFF393EA904F7-F344680F8EED752EB4DE From jester at optonline.net Mon May 29 18:23:41 2000 From: jester at optonline.net (Christopher Johnston) Date: Tue Dec 2 02:29:57 2003 Subject: update new shared drive References: <500C66C7BF87D311A7F400A0C907E8D847B0A4@NSA4> Message-ID: <002801bfc99b$048e6d20$0b00000a@evolution> smbd restart ----- Original Message ----- From: "Olivier Wegria" To: "Multiple recipients of list SAMBA-NTDOM" Sent: Monday, May 29, 2000 10:44 AM Subject: update new shared drive > > Hi there, > > I added some share in my smb.conf a few hours ago and there are still not > accessible. > > How can I "refresh" the samba settings? > > The server is busy with loads of open files so I can't just restart samba > because all those files will be unexpectedly close and the windows software > will crash. > > Thanks for any help. > > Olivier > > > Samba 2.0.7 on redhat 6.1 > kernel 2.2.11 smp > 2 intel celeron 500 > > From jimmys2600 at hotmail.com Mon May 29 20:46:13 2000 From: jimmys2600 at hotmail.com (Jimmy S.) Date: Tue Dec 2 02:29:57 2003 Subject: POLEDIT.EXE -group policies Message-ID: <20000529204613.24518.qmail@hotmail.com> I am using Samba v. 2.0.7 and when I use POLEDIT to configure policies for clients only the user settings are recognized. When I set a Group policy (not just user) the policy uses the "default user" policy. I belive this is because of the fact windows will not recognize Unix (Linux) user groups to adjust the policies accordingly. Is this a known problem that Unix user groups are seen by windows or is there a setting I am overlooking? Please let me know it is going to be addressed in future versions of samba. Thanks, James Schmierbach ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From jpn at tlth.lth.se Tue May 30 06:18:42 2000 From: jpn at tlth.lth.se (=?iso-8859-1?Q?J=F6rgen_Persson?=) Date: Tue Dec 2 02:29:57 2003 Subject: as stable as possible Message-ID: <20000530081842.B474@seven> Hi, I'm about to implement a Samba server acting as PDC for a 10 machines LAN - no fancy bells or whistles but plain authentication and filesharing (no, not even print spooler). Which branch/version shall I head for? -- J?rgen Persson From jacob.lorensen at e-postboks.dk Tue May 30 07:30:50 2000 From: jacob.lorensen at e-postboks.dk (Jacob Bohn Lorensen) Date: Tue Dec 2 02:29:57 2003 Subject: as stable as possible In-Reply-To: =?ISO-8859-1?Q?J=F6rgen?= Persson's message of "Tue, 30 May 2000 16:19:15 +1000" References: <20000530081842.B474@seven> Message-ID: <87itvw5wb9.fsf@pippin.jblhome.ping.dk> >>>>> "Jörgen" == Jörgen Persson writes: Jörgen> Hi, I'm about to implement a Samba server acting as PDC Jörgen> for a 10 machines LAN - no fancy bells or whistles but Jörgen> plain authentication and filesharing (no, not even print Jörgen> spooler). Jörgen> Which branch/version shall I head for? Depends on what your client machines are. Win95/98 go with SAMBA-2.0.7. I think 2.0.7 can be a PDC for NT4.0 workstations too. If you have Windows 2000 machines you are stuck with Samba-TNG wich is alpha code. For testing purposes I have got samba-tng-2.5 up and running and it seems to work enough for logon and roving user profiles, which 2.5.3 does not. Explorer dumps core, though, if I try to change file ownerships (i.e. something goes wrong when it tries to get the users/groups from samba server). I hear password change does not work. There's probably more. With 10 or more clients I think you are in for a hard time telling people what they can and cannot do depending on what works with your version of samba-tng. Stay with the production version if at all possible. Jacob -- Jacob Lorensen; Mosebuen 33, 1.; DK-2820 Gentofte, Denmark; +45 39560401 PGPid: 0x752EB4DE Fingerprint: F609A0BAFF393EA904F7-F344680F8EED752EB4DE From jpn at tlth.lth.se Tue May 30 08:16:19 2000 From: jpn at tlth.lth.se (=?iso-8859-1?Q?J=F6rgen_Persson?=) Date: Tue Dec 2 02:29:57 2003 Subject: as stable as possible In-Reply-To: <87itvw5wb9.fsf@pippin.jblhome.ping.dk>; from jacob.lorensen@e-postboks.dk on Tue, May 30, 2000 at 09:30:50AM +0200 References: <20000530081842.B474@seven> <87itvw5wb9.fsf@pippin.jblhome.ping.dk> Message-ID: <20000530101619.A5048@seven> On Tue, May 30, 2000 at 09:30:50AM +0200, Jacob Bohn Lorensen wrote: [snip] > Depends on what your client machines are. Win95/98 go with > SAMBA-2.0.7. I think 2.0.7 can be a PDC for NT4.0 workstations too. [snip] An accidental case of senile dementia - please forgive me. *) WinNT clients *) UNIX accounts *) Stablity before the ability of users changing password through their clients. -- J?rgen Persson From Daniel.Moeller at de.bosch.com Tue May 30 08:57:13 2000 From: Daniel.Moeller at de.bosch.com (Moeller Daniel (QI/AST10) *) Date: Tue Dec 2 02:29:57 2003 Subject: AW: SMP Message-ID: <782FA6543FA5D111933D0000F86AEFA803A830F9@simail5.si.bosch.de> Hello, we use a Compaq SP700 with dual PII @ 450MHz with 512 MB RAM. Kernel 2.2.15 w/ SMP, Samba 2.0.7. We have a total of 3100 Clients, parameter "dead time" is set to 60 min. There are around 180 concurrent connections. Typically 2 to 5 users are transferring data at the same time. Typically the load is between 0.6 and 1.4. The more users are transferring data at the same time the more a SMP machine will help. Mit freundlichen Gr??en / Best regards / Saludos cordiales Daniel M?ller Unix Systembetreuung, QI/AST10 Tel: 0711/811-34340 FAX: -1922 -----Urspr?ngliche Nachricht----- Von: Christian Duclou [mailto:Christian.Duclou@eeigm.inpl-nancy.fr] Gesendet: Montag, 29. Mai 2000 17:38 An: Multiple recipients of list SAMBA-NTDOM Betreff: SMP A SMP kernel does'it grow performance of a samba server? Can somebody gives a tipical size-scale for a samba server in a two field table configuration <=> performances needed where performance is probably function of # users, average used files, bytes flows, ... (i don't really know ...?) Thanks -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE - 54010 NANCY - CEDEX - France Phone: +33 383.3683.27 - Fax: +33 383.3683.36 _______________ http://eeigm.inpl-nancy.fr _____________ From edevolder at eft.be Tue May 30 09:11:13 2000 From: edevolder at eft.be (EFT.Eric Devolder) Date: Tue Dec 2 02:29:57 2003 Subject: Win 2K and Samba as PDC Message-ID: <1BC82160B665D31188B8009027A8EAB40BFE98@woody.plasky.eft.be> Hello, I was very disappointed to admit that Win 2K client cannot join a Samba 2.0.7 domain. I got this confirmation from comp.protocols.smb newsgroup. The only way to manage this is to consider upgrading to Samba TNG, or to wait for samba 3.0 around October. Anyone can confirm this information ? However, considering upgrading to TNG is dangerous, isn't it ? We are running a production network, so I don't want to run server on unstable release. Maybe someone can tell me its experience about TNG, if it is stable, what can I do whit it ( trust relationship ? ;-) ). Regards, Eric Eric DEVOLDER E.F.T. Consultants s.a. av. Plasky 157 / 6 - 1030 Brussels - Belgium Tel +32 (0)2 736.89.11 - Fax +32 (0)2 736.88.53 URL http://www.eft.be From msmahesh71 at hotmail.com Tue May 30 15:48:29 2000 From: msmahesh71 at hotmail.com (Mahesh Rao) Date: Tue Dec 2 02:29:57 2003 Subject: Help: NT Domain configuration Message-ID: <20000530101829.36823.qmail@hotmail.com> Hello, I have installed and configured Samba 2.0.7 on Solaris 2.5 box. This has joined my NT domain also. But when I try to access a file on NT box thru smbclient , I get an error "added interface ip=144.21.64.5 bcast=144.21.255.255 nmask=255.255.0.0 Anonymous login successful Domain=[INDIABC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] tree connect failed: ERRDOS - ERRnoaccess (Access denied.)" How could I resolve this. Thanks in advance. Regards, Mahesh ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From p.mayers at ic.ac.uk Tue May 30 10:32:53 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:57 2003 Subject: as stable as possible References: <20000530081842.B474@seven> <87itvw5wb9.fsf@pippin.jblhome.ping.dk> <20000530101619.A5048@seven> Message-ID: <393398D5.E5099318@ic.ac.uk> 2.0.7 *BUT* the PDC functionality is 1) Incomplete 2) Will not be completed 3) Things like User Manager etc. don't work Why use such PDC functionality? Your only other options are HEAD (not working at the moment) or TNG (unstable compared to 2.0.7). Use 2.0.7, the PDC stuff does work, just don't expect any bells and whistles (like domain groups and such) to work well, or at all. Cheers, Phil J?rgen Persson wrote: > > On Tue, May 30, 2000 at 09:30:50AM +0200, Jacob Bohn Lorensen wrote: > [snip] > > Depends on what your client machines are. Win95/98 go with > > SAMBA-2.0.7. I think 2.0.7 can be a PDC for NT4.0 workstations too. > [snip] > > An accidental case of senile dementia - please forgive me. > > *) WinNT clients > *) UNIX accounts > *) Stablity before the ability of users changing password through > their clients. > > -- > J?rgen Persson From p.mayers at ic.ac.uk Tue May 30 10:34:39 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:57 2003 Subject: Win 2K and Samba as PDC References: <1BC82160B665D31188B8009027A8EAB40BFE98@woody.plasky.eft.be> Message-ID: <3933993F.C84A7E58@ic.ac.uk> Confirmed. I wouldn't use it in a production environment. That said, I know people that do. YMMV - I recommed setting up a test domain. Also, there's a specific CVS branch (can't recall the name) that has had "most success" round about version 2.5 - you probably want to look at that. Cheers, Phil "EFT.Eric Devolder" wrote: > > Hello, > > I was very disappointed to admit that Win 2K client cannot join a Samba > 2.0.7 domain. I got this confirmation from comp.protocols.smb newsgroup. The > only way to manage this is to consider upgrading to Samba TNG, or to wait > for samba 3.0 around October. > Anyone can confirm this information ? > > However, considering upgrading to TNG is dangerous, isn't it ? We are > running a production network, so I don't want to run server on unstable > release. Maybe someone can tell me its experience about TNG, if it is > stable, what can I do whit it ( trust relationship ? ;-) ). > > Regards, > > Eric > > Eric DEVOLDER > E.F.T. Consultants s.a. > av. Plasky 157 / 6 - 1030 Brussels - Belgium > Tel +32 (0)2 736.89.11 - Fax +32 (0)2 736.88.53 > URL http://www.eft.be From p.mayers at ic.ac.uk Tue May 30 10:40:09 2000 From: p.mayers at ic.ac.uk (Phil Mayers) Date: Tue Dec 2 02:29:57 2003 Subject: POLEDIT.EXE -group policies References: <20000529204613.24518.qmail@hotmail.com> Message-ID: <39339A89.97400614@ic.ac.uk> Known restriction of 2.0.x IIRC - the groups don't work properly, hence the group policies don't either. That said, I could be wrong... It works in TNG, and therefore will work when the "official" PDC implementation is released (post Samba 2.2). Use TNG until then if it's a must-have. Cheers, Phil "Jimmy S." wrote: > > I am using Samba v. 2.0.7 and when I use POLEDIT to configure policies for > clients only the user settings are recognized. When I set a Group policy > (not just user) the policy uses the "default user" policy. I belive this is > because of the fact windows will not recognize Unix (Linux) user groups to > adjust the policies accordingly. > Is this a known problem that Unix user groups are seen by windows or is > there a setting I am overlooking? Please let me know it is going to be > addressed in future versions of samba. > > Thanks, James Schmierbach > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com From moebius at ip-solutions.net Tue May 30 15:37:43 2000 From: moebius at ip-solutions.net (moebius@ip-solutions.net) Date: Tue Dec 2 02:29:57 2003 Subject: Help: NT Domain configuration In-Reply-To: <20000530101829.36823.qmail@hotmail.com> Message-ID: Hey Mahesh, Use "smbclient //server/share -U [username] it'll prompt for a password. It sounds like your shares aren't setup for just anyone to access. HTH, Harry Hoffman Manager - Information Technology Restaurants Unlimited Inc. 206.634.3082 x. 270 On Tue, 30 May 2000, Mahesh Rao wrote: > Hello, > > I have installed and configured Samba 2.0.7 on Solaris 2.5 box. > This has joined my NT domain also. > But when I try to access a file on NT box thru smbclient , I get an error > "added interface ip=144.21.64.5 bcast=144.21.255.255 nmask=255.255.0.0 > Anonymous login successful > Domain=[INDIABC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] > tree connect failed: ERRDOS - ERRnoaccess (Access denied.)" > > How could I resolve this. > > Thanks in advance. > Regards, > Mahesh > > > ________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com > From jwhamps at ilstu.edu Tue May 30 22:06:51 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share Message-ID: hello all, I have a share that I would only like a partilcular group to be able to view. ie. the user 'test' when navigated through network neighborhood should see their home directory but not the share SCS. Only a user that resides in the group SCS should see the share SCS apart from their home directory. currently this is how I have the share set up in my smb.conf file. am I missing something? why can test still see the SCS share? [SCS] path = /usr/home/SCSCAS/SCS directory mode = 0770 read list = @SCS write list = @SCS public = no force group = SCS thanks for your help! ------------------------------ Jeff Hampson From Michael.Keightley at quadstone.com Tue May 30 11:25:34 2000 From: Michael.Keightley at quadstone.com (Michael.Keightley@quadstone.com) Date: Tue Dec 2 02:29:57 2003 Subject: profile not found in Samba-tng-alpha-2.5.3 In-Reply-To: Michael Glauche's message of Mon, 29 May 2000 19:03:44 +0200 Message-ID: <200005301125.MAA26063@gromit.quadstone.co.uk> > > Hi, > > I've installed Samba-tng-alpha-2.5.3 on a machine running Solaris 7. > > I managed to get a NT 4.0 (SP6a) machine to join the domain. I've also > added a > > test user. The user can login but a roaming profile isn't found and no > network > > drives can be mapped. What am I doing wrong? > > I think it is broken in 2.5.3. Switch back to 2.5 for a quite stable PDC. > (although password change does not work ... ;) > > regards, > Michael > I compiled up TNG 2.5 on Solaris 7. I get this error log.smb: =============================================================== INTERNAL ERROR: Signal 11 in pid 11877 (TNG-alpha) Please read the file BUGS.txt in the distribution =============================================================== PANIC: internal error So smbd doesn't start. I tried compiling this with both Sun's cc compiler and gcc. The same error happens. Has anyone else managed to get this working on Solaris 7? Michael -- Michael Keightley Tel: +44 131 220 4491 Systems Manager, Quadstone Limited, Fax: +44 131 220 4492 16 Chester Street, Edinburgh EH3 7RA, Scotland http://www.quadstone.com From simo.sorce at polimi.it Tue May 30 13:38:18 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:29:57 2003 Subject: Help: NT Domain configuration References: <20000530101829.36823.qmail@hotmail.com> Message-ID: <3933C44A.1BA9DCCC@polimi.it> Mahesh Rao wrote: > > Hello, > > I have installed and configured Samba 2.0.7 on Solaris 2.5 box. > This has joined my NT domain also. > But when I try to access a file on NT box thru smbclient , I get an error > "added interface ip=144.21.64.5 bcast=144.21.255.255 nmask=255.255.0.0 > Anonymous login successful > Domain=[INDIABC] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0] > tree connect failed: ERRDOS - ERRnoaccess (Access denied.)" > > How could I resolve this. Entering a unix server/workstation into a domain does not mean you are not required to specify a username to logon as "Anonymous login successful" say. use: smbmnt //server/share /mount/point -o username=guess:) -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From cigor at EUnet.yu Tue May 30 15:57:44 2000 From: cigor at EUnet.yu (=?ISO-8859-2?Q?=C8olovi=E6_Igor?=) Date: Tue Dec 2 02:29:57 2003 Subject: Problems with NTWS login Message-ID: I found one strange situation. I will try to explain it. My configuration: NTWS 4.0 SP3 ----- RH 5.2 kernel 2.2.9 i486 UNKNOWN Samba CVS from 28.5.2000 22:00 On NTWS and on Linux I have account cigor. Password is the same for NT and for samba. Till tonight I did not have any problems login in to samba, but have problems browsing samba server. It prompt me for username ad password. At first I thought that problem is in samba and samba only. But then I changed password on samba to something else, and now I can not login to samba server. The strange thing is that if I use password that is valid on NTWS it let me login, but I can not browse samba server. About att: log1.tar.gz is log(100) when in login dialog I type samba password. log2.tar.gz is log(100) when in login dialog I type local(NTWS) password. P.S. Luke because my configuration is not a production one I can play with it, just tell me what to do. -- Nothing makes a person more productive than the last minute. -------------- next part -------------- A non-text attachment was scrubbed... Name: log2.tar.bz2 Type: application/octet-stream Size: 14040 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000530/f572fd18/log2.tar.obj -------------- next part -------------- A non-text attachment was scrubbed... Name: log1.tar.bz2 Type: application/octet-stream Size: 4894 bytes Desc: Url : http://lists.samba.org/archive/samba-ntdom/attachments/20000530/f572fd18/log1.tar.obj From ctooley at joslyn.org Tue May 30 16:35:06 2000 From: ctooley at joslyn.org (Chris Tooley) Date: Tue Dec 2 02:29:57 2003 Subject: AW: SMP References: <782FA6543FA5D111933D0000F86AEFA803A830F9@simail5.si.bosch.de> Message-ID: <3933EDBA.F260E8F3@joslyn.org> We have a Dual PII 333 with 256 M and Kernel 2.2.14 w/SMP. We have Samba 2.0.7 and TNG 2.5.3 (currently only for experimentation). There are a total of 75 users, with 55-60 concurrents at peak times and around 10-15 very active threads at a time. The majority of our users are using large datafiles that are housed on the server and there is always 2 or 3 active data retrevials (compiling a report that doesn't kill the workstation in this database is next to impossible) at any given time and sometimes up to 5. The system takes extensive hits during the day, but has not problems doing this as well as being our primary DNS, e-mail, and backup server. SMP made a huge difference. At first we had just one of the processors and the machine wasn't keeping up so we got the second one. As soon as we recompiled the kernel and rebooted again, it was like night and day as far as speed. Chris "Moeller Daniel (QI/AST10) *" wrote: > Hello, > > we use a Compaq SP700 with dual PII @ 450MHz with 512 MB RAM. Kernel 2.2.15 > w/ SMP, Samba 2.0.7. We have a total of 3100 Clients, parameter "dead time" > is set to 60 min. There are around 180 concurrent connections. Typically 2 > to 5 users are transferring data at the same time. Typically the load is > between 0.6 and 1.4. > The more users are transferring data at the same time the more a SMP machine > will help. > > Mit freundlichen Gr??en / Best regards / Saludos cordiales > > Daniel M?ller > Unix Systembetreuung, QI/AST10 > Tel: 0711/811-34340 FAX: -1922 > > -----Urspr?ngliche Nachricht----- > Von: Christian Duclou [mailto:Christian.Duclou@eeigm.inpl-nancy.fr] > Gesendet: Montag, 29. Mai 2000 17:38 > An: Multiple recipients of list SAMBA-NTDOM > Betreff: SMP > > A SMP kernel does'it grow performance of a samba server? > > Can somebody gives a tipical size-scale for a samba server in a two field > table > > configuration <=> performances needed > where performance is probably function of # users, average used files, bytes > flows, ... (i don't really know ...?) > > Thanks > -- > _____________ EEIGM - Service Informatique _____________ > 6, rue Bastien LEPAGE - 54010 NANCY - CEDEX - France > Phone: +33 383.3683.27 - Fax: +33 383.3683.36 > _______________ http://eeigm.inpl-nancy.fr _____________ From kellermg at potsdam.edu Tue May 30 12:40:46 2000 From: kellermg at potsdam.edu (Matthew Keller) Date: Tue Dec 2 02:29:57 2003 Subject: SMP References: <500C66C7BF87D311A7F400A0C907E8D847B0A4@NSA4> <39328EBE.B9398861@eeigm.inpl-nancy.fr> Message-ID: <3933B6CE.3A5058DA@potsdam.edu> Christian Duclou wrote: > > A SMP kernel does'it grow performance of a samba server? This is not true - As long as you're using a 2.2 kernel, "extra" processors can SIGNIFICANTLY improve performance. I've used Samba on 1,2 and 4 processor machines, and depending on the volume of traffic, the SMP boxes handle requests much faster, depending on your network. If you have 200 users connected over a shared 10mb network, then your bottleneck isn't going to be processor, its going to be bandwidth - But if you've got fast disks, fast network (and/or multiple network interfaces), and healthy memory then your processing power becomes a major factor (esp. in large file transfers) I can't recommend a configuration without knowing how many users you expect, and what kind of data is being transferred. -- Matthew Keller Lead Programmer/Analyst Distributed Computing/Telemedia Information Services Division State University of New York at Potsdam Website: http://mattwork.potsdam.edu/ PGP: http://mattwork.potsdam.edu/crypto/ Webcam: http://webcam.mattwork.potsdam.edu:85/ From volk at fh-koblenz.de Wed May 31 05:41:30 2000 From: volk at fh-koblenz.de (Alfred Volk) Date: Tue Dec 2 02:29:57 2003 Subject: Compile error SAMBA-TNG Message-ID: <3934A60A.C164883C@fh-koblenz.de> Hello, excuse my english. I?m compiling SAMBA_TNG_2.5 on a linux-machine and on a SUN-mchine (SOLARIS 2.6). I uses configure with the option --with-profile. During compilation I get the following error: profile/profile.c: In function `profile_setup': profile/profile.c:45: storage size of `shm_ds' isn't known profile/profile.c:51: warning: implicit declaration of function `shmget' profile/profile.c:58: `IPC_CREAT' undeclared (first use in this function) profile/profile.c:58: (Each undeclared identifier is reported only once profile/profile.c:58: for each function it appears in.) profile/profile.c:58: `IPC_EXCL' undeclared (first use in this function) profile/profile.c:58: `SHM_R' undeclared (first use in this function) profile/profile.c:58: `SHM_W' undeclared (first use in this function) profile/profile.c:68: warning: implicit declaration of function `shmat' profile/profile.c:69: `SHM_RDONLY' undeclared (first use in this function) profile/profile.c:77: warning: implicit declaration of function `shmctl' profile/profile.c:77: `IPC_STAT' undeclared (first use in this function) profile/profile.c:91: `IPC_RMID' undeclared (first use in this function) profile/profile.c:45: warning: unused variable `shm_ds' make: *** [profile/profile.o] Error 1 Can someone help me. Thank you very much. Alfred Volk volk@fh-koblenz.de FH Koblenz / Rechenzentrum Finkenherd 4 56075 Koblenz Tel: +49 261 9528133 Fax: +49 261 9528131 From Volker.Lendecke at SerNet.DE Wed May 31 07:15:32 2000 From: Volker.Lendecke at SerNet.DE (Volker Lendecke) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share In-Reply-To: References: Message-ID: On Wed, May 31, 2000 at 11:10:52AM +1000, Jeffrey W. Hampson wrote: > I have a share that I would only like a partilcular group to be able to > view. You will always 'see' the share, because Samba has to offer this information even if you only log in anonymously. You will however not be able to access it > [SCS] > path = /usr/home/SCSCAS/SCS > directory mode = 0770 > read list = @SCS > write list = @SCS > public = no > force group = SCS For this setup, I would always use [SCS] path = /usr/home/SCSCAS/SCS directory mode = 0770 create mode = 770 force directory mode = 020 force create mode = 020 force group = SCS write ok = yes valid users = @SCS Hope this helps, Volker From skvidal at phy.duke.edu Wed May 31 12:15:39 2000 From: skvidal at phy.duke.edu (Seth Vidal) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share In-Reply-To: Message-ID: > You will always 'see' the share, because Samba has to offer this > information even if you only log in anonymously. You will however not > be able to access it you could so something like load an additional config file that contains that share only for users in group %G -sv From Volker.Lendecke at SerNet.DE Wed May 31 14:19:45 2000 From: Volker.Lendecke at SerNet.DE (Volker Lendecke) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share In-Reply-To: (message from Seth Vidal on Wed, 31 May 2000 08:15:39 -0400 (EDT)) References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- > you could so something like load an additional config file that contains > that share only for users in group %G No. Showing the browse list can happen before *proper* login. The server has no idea who comes in. You could play tricks with %m (client machine netbios name), as this is known early enough. Volker -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: Processed by Mailcrypt 3.5.4, an Emacs/PGP interface iQCVAwUBOTUfgD/9BWnmOc5FAQFiogP+NUNIKut9Thr983yqfk660nV3DKdFMwGX 4HvuCLpQci/XfHmCEbEUlVL7I15ZdVlobAu9teQ353Y+6fhF1wtm7uXy+XlfwjvK 4MQDgV5hEgsGLuTMhNJhsslLXhrzrfgR8I1sNXbPJUnP8kjUJ3sx5gjSA2AMFsIb 1omrT41J94E= =DZ4C -----END PGP SIGNATURE----- From jwhamps at ilstu.edu Wed May 31 15:29:26 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share In-Reply-To: Message-ID: Yeah it worked! i set my share up as so: [SCS] include = /etc/smb.%G.conf unfortunately without defining a group.conf for the user 'test' it could still see the share. however when I created another group.conf specifically for the 'test' user's group and in it made SCS browseable = no. it then worked! Thanks a bunch!!!! Jeff -----BEGIN PGP SIGNED MESSAGE----- > you could so something like load an additional config file that contains > that share only for users in group %G No. Showing the browse list can happen before *proper* login. The server has no idea who comes in. You could play tricks with %m (client machine netbios name), as this is known early enough. Volker -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: Processed by Mailcrypt 3.5.4, an Emacs/PGP interface iQCVAwUBOTUfgD/9BWnmOc5FAQFiogP+NUNIKut9Thr983yqfk660nV3DKdFMwGX 4HvuCLpQci/XfHmCEbEUlVL7I15ZdVlobAu9teQ353Y+6fhF1wtm7uXy+XlfwjvK 4MQDgV5hEgsGLuTMhNJhsslLXhrzrfgR8I1sNXbPJUnP8kjUJ3sx5gjSA2AMFsIb 1omrT41J94E= =DZ4C -----END PGP SIGNATURE----- From jwhamps at ilstu.edu Wed May 31 16:20:27 2000 From: jwhamps at ilstu.edu (Jeffrey W. Hampson) Date: Tue Dec 2 02:29:57 2003 Subject: Group only, viewed share In-Reply-To: Message-ID: Perhaps an even beter way: [%G] path = /usr/home/SCSCAS/%G Wonder why I didn't think of this before... thanks again for all your help! Jeff -----Original Message----- From: samba-ntdom@samba.org [mailto:samba-ntdom@samba.org]On Behalf Of Jeffrey W. Hampson Sent: Wednesday, May 31, 2000 10:27 AM To: Multiple recipients of list SAMBA-NTDOM Subject: RE: Group only, viewed share Yeah it worked! i set my share up as so: [SCS] include = /etc/smb.%G.conf unfortunately without defining a group.conf for the user 'test' it could still see the share. however when I created another group.conf specifically for the 'test' user's group and in it made SCS browseable = no. it then worked! Thanks a bunch!!!! Jeff -----BEGIN PGP SIGNED MESSAGE----- > you could so something like load an additional config file that contains > that share only for users in group %G No. Showing the browse list can happen before *proper* login. The server has no idea who comes in. You could play tricks with %m (client machine netbios name), as this is known early enough. Volker -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: Processed by Mailcrypt 3.5.4, an Emacs/PGP interface iQCVAwUBOTUfgD/9BWnmOc5FAQFiogP+NUNIKut9Thr983yqfk660nV3DKdFMwGX 4HvuCLpQci/XfHmCEbEUlVL7I15ZdVlobAu9teQ353Y+6fhF1wtm7uXy+XlfwjvK 4MQDgV5hEgsGLuTMhNJhsslLXhrzrfgR8I1sNXbPJUnP8kjUJ3sx5gjSA2AMFsIb 1omrT41J94E= =DZ4C -----END PGP SIGNATURE----- From nicomalawi at malawi.net Thu May 25 07:48:27 2000 From: nicomalawi at malawi.net (Lemson Wittika) Date: Tue Dec 2 02:31:11 2003 Subject: INSTALLING A BACKUP DOMAIN CONTROLLER Message-ID: <000801bfc61d$a19040c0$1d01015d@wittika> Hi guys, Please assist me . I am trying to configure a machine as a BDC. On the network configuration portion I have been prompted to specify the domain on which this machine will participate as a BDC. I enter the domain name and the administrator password for the domain but this machine is constantly saying It cannot locate the domain controller for this domain. There must be something very wrong . Iam conviced I have setup up the NIC correctly and the cabling is quite OK . Please assist Yours Mathews -------------- next part -------------- HTML attachment scrubbed and removed