From jeremy at valinux.com Wed Nov 1 02:53:41 2000 From: jeremy at valinux.com (jeremy@valinux.com) Date: Tue Dec 2 02:32:11 2003 Subject: Samba 2.0.7 SWAT vulnerabilities (fwd) In-Reply-To: ; from miah@uberhax0r.net on Tue, Oct 31, 2000 at 10:24:14AM -0800 References: Message-ID: <20001031185341.A16319@valinux.com> On Tue, Oct 31, 2000 at 10:24:14AM -0800, miah wrote: > > You guys really need a "security@samba.org" contact. > > -miah > > ****************************************************************************** > the original writeup can be found at http://www.uberhax0r.net/~miah/swat > along with all the code mentioned in this advisory > ****************************************************************************** > > The program swat included in the samba distribution allows username and > password bruteforcing. An attacker can easily generate userlists and then > bruteforce their passwords. Comments in the source code show that somebody > tried to prevent this from happening[1]. First of all - the CGI logging code is not turned on, no distribution of Samba turns it on. Yes it is broken, but it is *so* broken a better fix would be to just remove it altogether, not use the fix given (which Andrew has already pointed out introduces a race condition). Failed auth logging should be done to syslog, and I'll make sure this goes into the 2.2 version of SWAT. I'll also just remove the CGI logging code. As for the "username/password bruteforcing" - so does telnet ! Anything that does remote auth allows username/password pairs to be remotely tested. An easier attack would be to code up a special version of smbclient that does multiple ssessionsetupandX calls - look - that works against all SMB servers ! SWAT can be protected using ssl wrappers like stunnel and also obeys the hosts allow/hosts deny smb.conf parameters. This is a better fix. This is not a panic fix bug report. The only annoying thing is the difference in return for valid/invalid usernames which would allow valid usernames to be determined remotely. That's due to the Get_Pwnam call done in one code path and not another which is easily fixed (I'll post a quick patch for that later this week - I'm in DC at the moment with poor net access). The idea for a security@samba.org is a very good one though, I'll get to that once I'm back. In the words of the HitchHikers Guide to the Galaxy, "DON'T PANIC" - especially over this so called "exploit" which requires the hacker to persuade the Samba admin to change source code and recompile and re-install swat before the "root" exploit is permissable. I the hacker can get the admin to do that I can think of easier "root" attempts. I won't repeat what Andrew said about this report :-) :-) :-). Cheers, Jeremy Allison, Samba TEam. From carlos_capellan at yahoo.com Wed Nov 1 03:59:58 2000 From: carlos_capellan at yahoo.com (Carlos Capellan) Date: Tue Dec 2 02:32:11 2003 Subject: can't join NT domain Message-ID: <20001101035958.33833.qmail@web9007.mail.yahoo.com> Help! I think I've done my homework here, but it's still not working. I got the network folks here to make me a machine account in Server Manager so I can join the domain (which I don't control). They told me everything should be ready, and when I type in the command (after stopping samba): smbpasswd -j -r I get the standard NT_STATUS_NO_TRUST_SAM_ACCOUNT error, which I've seen several posts here about. From burcin at ce.metu.edu.tr Wed Nov 1 08:01:58 2000 From: burcin at ce.metu.edu.tr (Burcin Onur Ozer) Date: Tue Dec 2 02:32:11 2003 Subject: (no subject) Message-ID: REDHAT 6.2 samba 2.07 PDC 50 ntws4.0 client one printer attach to an nttws I want some of the unix user to pause ,cancel,restart the printer How can I make this by creating a general group in the samba domain whose name is print operators? From jester at optonline.net Wed Nov 1 12:33:06 2000 From: jester at optonline.net (Christopher Johnston) Date: Tue Dec 2 02:32:12 2003 Subject: (no subject) Message-ID: <004501c043ff$e29d3950$0200000a@evolution> unsubscribe Christopher Johnston Unix System Administrator Salomon Smith Barney New York, NY -------------- next part -------------- HTML attachment scrubbed and removed From noelk at bc.edu Wed Nov 1 12:49:28 2000 From: noelk at bc.edu (Kenneth Noel) Date: Tue Dec 2 02:32:12 2003 Subject: smbpasswd file Message-ID: <3A001158.3A50F350@bc.edu> Could someone tell me where in 2.6 the sid is? Is it in the smbpasswd file? I've been looking through the documentation and have found information about the rid but the sid is never mentioned. The sid is very important in NT. The user is identified by the sid. I would like to move users from one NT domain to a new samba domain. To do that I need to keep the users sid, this make it transparent to the users and administrators on NT servers. Thanks for any help offered. Ken ps 2.6 looks great! can't wait for 3.0. -------------- next part -------------- A non-text attachment was scrubbed... Name: noelk.vcf Type: text/x-vcard Size: 290 bytes Desc: Card for Kenneth Noel Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001101/fefe5502/noelk.vcf From ganze at eng.buffalo.edu Wed Nov 1 14:29:49 2000 From: ganze at eng.buffalo.edu (Phillip E. Ganze) Date: Tue Dec 2 02:32:12 2003 Subject: Samba 2_2 Message-ID: <3A0028DD.8F6A3E5C@eng.buffalo.edu> Where can I download Samba 2_2 from? I have looked in several places but have not been able to find it. Thanks, Phil... -- Phillip E. Ganze Senior Systems Integrator University at Buffalo, SENS 108 Bell Hall Buffalo, NY 14260 Phone: (716) 645-3797 x2175 Fax: (716) 645-3704 E-mail: ganze@eng.buffalo.edu http://www.eng.buffalo.edu/~ganze From ljames at hera.apollo3.com Wed Nov 1 14:55:49 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:12 2003 Subject: Can Samba Provide a User List for Win98 Sharing Message-ID: <200011011455.JAA21597@hera.apollo3.com> Thanks, James, for all the help. Looking at the web resource you gave me was the key to getting things up and running. There's a strange problem that's happening with the configuration. I used the default pdc.smb.conf making a few changes as posible so as not to break the setup, and to actually see it work. Now when I try to set the domain to something other than the "LARS" which was in the default file, I it won't allow me to use the resources. My passwords don't work. This is the error that comes in the log.smb: LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND SMB LM/NT Password did not match! Rejecting user 'ljames': authentication failed Is there some place where the workgroup/domain information is stored and some way I can change it? I deleted the /usr/local/samba directory and started over fresh. However, still, the "LARS" works, while any other name for the workgroup will always produce the same error. Thanks in adance for anyone who has any suggestions or comments. -- L. James > > Message: 6 > From: "James W. Beauchamp" > To: "Larry James" , > Subject: Re: Can Samba Provide a User List for Win98 Sharing > Date: Tue, 31 Oct 2000 12:26:11 -0800 > > Larry: > Take a look at http://www.kneschke.de/projekte/samba_tng/index.php3 > > and also www.samba-tng.org > for thorough discussions of these issues. > -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From ctooley at amoa.org Wed Nov 1 15:12:34 2000 From: ctooley at amoa.org (ctooley@amoa.org) Date: Tue Dec 2 02:32:12 2003 Subject: Samba 2_2 Source Tarball Message-ID: <8625698A.00531C6B.00@amoa.org> Does anyone have a source base that they have confirmed use of Windows 2000 Domain logins on. If so, could you please tar it up and let me try to use your source base. I've been getting all kinds of weird problems and I just cannot get my Win 2k machine to join the Samba domain. I've grabbed the snapshot and cvs (on 4 or 5 occasions) and every time I get a different error. After reading the mailing lists, I'm not sure that what is checked into cvs is allowing W2k to join the domain. Thank you for your assistance, Chris P.S. If I get a working copy of the code I'll be more than happy to post a page to allow others to grab that for testing purposes. From gaa at ulticom.com Wed Nov 1 15:23:36 2000 From: gaa at ulticom.com (Gary Algier) Date: Tue Dec 2 02:32:12 2003 Subject: Samba 2_2 References: <3A0028DD.8F6A3E5C@eng.buffalo.edu> Message-ID: <3A003578.2C7B96DE@ulticom.com> See: http://www.samba.org/samba/cvs.html "Phillip E. Ganze" wrote: > > Where can I download Samba 2_2 from? I have looked in several places > but have not been able to find it. > > Thanks, > Phil... > > -- > Phillip E. Ganze > Senior Systems Integrator > University at Buffalo, SENS > 108 Bell Hall > Buffalo, NY 14260 > Phone: (716) 645-3797 x2175 > Fax: (716) 645-3704 > E-mail: ganze@eng.buffalo.edu > http://www.eng.buffalo.edu/~ganze -- Gary Algier, WB2FWZ gary.algier@ulticom.com +1 856 787 2758 Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054 Fax:+1 856 866 2033 This space intentionally left blank by the censors. From jbcurry at hline.localhealth.net Wed Nov 1 15:48:14 2000 From: jbcurry at hline.localhealth.net (James B Curry) Date: Tue Dec 2 02:32:12 2003 Subject: wierd logon problems References: <200010241412750.SM00212@brian> <39F6CBA9.EDA09CCF@valinux.com> Message-ID: <3A003B3E.1B22725@hline.localhealth.net> I had a similar thing happen to me this morning. No users could log in to the Samba server - they received the "domain password not correct" message. I am running Red Hat 6.0 and Samba 2.0.6. Interestingly, this problem persisted without explanation until I used smbpasswd to change a user's password, just on a lark. Immediately, users were able to log in. Although it could be coincidence, it seems unlikely as the problem had been consistent for 30 minutes until just seconds after I used smbpasswd. The log.user files all contained the following error message: [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket_data(537) write_socket_data: write failure. Error = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket(563) write_socket: Error writing 4 bytes to socket 6: ERRNO = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:send_smb(751) Error writing 4 bytes to client. -1. Exiting I see that you had similar messages, though the sockets are different: > > > > [2000/10/24 13:03:22, 0] lib/util_sock.c:write_socket_data(570) > > write_socket_data: write failure. Error = Broken pipe > > [2000/10/24 13:03:22, 0] lib/util_sock.c:write_socket(596) > > write_socket: Error writing 4 bytes to socket 7: ERRNO = Broken pipe > > [2000/10/24 13:03:22, 0] lib/util_sock.c:send_smb(784) > > Error writing 4 bytes to client. -1. Exiting Does anybody know whether this problem could be related to the smbpasswd file? gcarter@valinux.com wrote: > > Brian Hawley wrote: > > > > When a user types in their password and clicks OK, > > windows pops up an error that says something > > like "domain password not correct or access to > > domain server has been denied". They usually have > > to retype their password and click OK 2-4 more times > > before the server lets them in. This happens everyday > > for every user. > > > > > domain master = no > > This needs to be yes. > > > preferred master = yes > > domain logons = yes > > wins support = yes > > dns proxy = no > > > > > > > [2000/10/24 13:03:26, 0] smbd/service.c:make_connection(208) > > wti4 (192.168.1.30) couldn't find service netlogon > > > > domain logon sfunctionality requires a [netlogon] share. > See docs/textdocs/DOMAIN.txt > > Cheers, jerry > ---------------------------------------------------------------------- > /\ Gerald (Jerry) Carter Professional Services > \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com > http://www.samba.org/ SAMBA Team jerry@samba.org > http://www.plainjoe.org/ jerry@plainjoe.org > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 ) From jbeauchamp at gesinc.com Wed Nov 1 18:59:14 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:12 2003 Subject: Can Samba Provide a User List for Win98 Sharing References: <200011011455.JAA21597@hera.apollo3.com> Message-ID: <004401c04435$d975b7e0$1d01a8c0@internal.net> Larry: My knowledge begins to run out here, but I can tell you how I solved similar problem here. I am only running 2.0.7 but I do have NtWS clients. I noticed that sometimes when I switch Domain names (while testing) or leave and rejoin the domain, SAMBA would respond with a domain not found or password invalid. What I have gotten in the habit of doing is going to SAMBA and resetting the machine password for the machine I'm working on. This seemed to solve the problem and I could rejoin the domain. I know this really has nothing to do with the version you're working on but you never can tell. It may be worth a try if you haven't already done it. I think the SAMBA gurus need to respond here.... :) that way us newbies can continue to learn and seek the higher level of knowledge.... :)) HTH James ----- Original Message ----- From: "Larry James" To: Sent: Wednesday, November 01, 2000 6:55 AM Subject: RE: Can Samba Provide a User List for Win98 Sharing > Thanks, James, for all the help. Looking at the web resource you > gave me was the key to getting things up and running. > > There's a strange problem that's happening with the configuration. > I used the default pdc.smb.conf making a few changes as posible so as > not to break the setup, and to actually see it work. Now when I try to > set the domain to something other than the "LARS" which was in the > default file, I it won't allow me to use the resources. My passwords > don't work. > > This is the error that comes in the log.smb: > > LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND > SMB LM/NT Password did not match! > Rejecting user 'ljames': authentication failed > > Is there some place where the workgroup/domain information is > stored and some way I can change it? I deleted the /usr/local/samba > directory and started over fresh. However, still, the "LARS" works, > while any other name for the workgroup will always produce the same > error. > > Thanks in adance for anyone who has any suggestions or comments. > > -- L. James > > > > > Message: 6 > > From: "James W. Beauchamp" > > To: "Larry James" , > > Subject: Re: Can Samba Provide a User List for Win98 Sharing > > Date: Tue, 31 Oct 2000 12:26:11 -0800 > > > > Larry: > > Take a look at http://www.kneschke.de/projekte/samba_tng/index.php3 > > > > and also www.samba-tng.org > > for thorough discussions of these issues. > > > > > -- > ______________________________________________________________________ > Apollo III Communications One of the World's First ISP's > Larry James http://www.apollo3.com/~ljames ljames@apollo3.com > > From jbcurry at hline.localhealth.net Wed Nov 1 20:16:49 2000 From: jbcurry at hline.localhealth.net (James B Curry) Date: Tue Dec 2 02:32:12 2003 Subject: wierd logon problems (An explanation?) References: <200010241412750.SM00212@brian> <39F6CBA9.EDA09CCF@valinux.com> <3A003B3E.1B22725@hline.localhealth.net> Message-ID: <3A007A31.3DCA380C@hline.localhealth.net> The following are log.username files from two different Samba server logs. One is from my network, one is from Brian's. We both are receiving the message "domain password not correct or access to domain server has been denied" when our users attempt to logon, and see the following entries in our log.username files: [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket_data(537) write_socket_data: write failure. Error = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket(563) write_socket: Error writing 4 bytes to socket 6: ERRNO = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:send_smb(751) Error writing 4 bytes to client. -1. Exiting [2000/10/24 13:03:22, 0] lib/util_sock.c:write_socket_data(570) write_socket_data: write failure. Error = Broken pipe [2000/10/24 13:03:22, 0] lib/util_sock.c:write_socket(596) write_socket: Error writing 4 bytes to socket 7: ERRNO = Broken pipe [2000/10/24 13:03:22, 0] lib/util_sock.c:send_smb(784) Error writing 4 bytes to client. -1. Exiting Can anyone decipher what these error messages mean? What is failing and what would cause it to fail? In both cases, the users that have already logged on have no problems using the Samba shares. The users that experience these logon errors are eventually able to logon successfully. In my case, this has only happened once for 30 minutes. In Brian's case, it happened daily. He decided to quit logging on to the domain and just map the drives like a workgroup. Since he doesn't have them log on, his users are now able to use the Samba shares without any problems, but he still gets the broken pipe errors in his log.username files. We are both suspecting network errors (collisions?) are the cause, but why does it only affect the domain logon and no other network services? Is there a low timeout threshold for domain logons that could be affected by packet collisions or other network problems? I should note that I originally believed this to be a corrupt smbpasswd file, as the problem disappeared seconds after I changed a user's password. Coincidental, or is it possibly related? From carsten.neufend at muenster.de Wed Nov 1 22:27:01 2000 From: carsten.neufend at muenster.de (carsten) Date: Tue Dec 2 02:32:12 2003 Subject: samba-ntdom -- confirmation of subscription -- request 552125 References: <20001101215200.C945F7E66@lists.samba.org> Message-ID: <3A0098B4.2D1384B5@muenster.de> confirm 552125 From D.Bannon at latrobe.edu.au Wed Nov 1 22:35:03 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:12 2003 Subject: Samba 2_2 Source Tarball In-Reply-To: <8625698A.00531C6B.00@amoa.org> Message-ID: <3.0.6.32.20001102093503.008a5290@bioserve.latrobe.edu.au> At 09:12 AM 01/11/2000 -0600, you wrote: > > >Does anyone have a source base that they have confirmed use of Windows 2000 >Domain logins on. If so, could you please tar it up and let me try to use your I really don't think that is necessary. I have been pulling down cvs every couple of days and each and every on has worked with w2k (within the limits imposed by the bugs documented in the FAQ) Have you read the FAQ and Howto ? I just did another test now and its fine. Please follow the instructions in the HowTo. Let me know if its not clear/accurate. david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From HLieng at kleinisd.net Wed Nov 1 22:46:58 2000 From: HLieng at kleinisd.net (Lieng, Hung) Date: Tue Dec 2 02:32:12 2003 Subject: Un-subscribe Message-ID: <452675208398D31199F700508B55AB60014269EC@EXCHCO1> Please remove my email from the mailing list. Thanks! Regards, Hung Lieng From dkrovich at slackworks.com Wed Nov 1 23:31:28 2000 From: dkrovich at slackworks.com (David Krovich) Date: Tue Dec 2 02:32:12 2003 Subject: Samba 2_2 Source Tarball In-Reply-To: <3.0.6.32.20001102093503.008a5290@bioserve.latrobe.edu.au> Message-ID: I just got win2k logins working with the head branch. The 2 things that had me stuck for awhile were. 1. I didn't uncomment the netlogon share in the smb.conf 2. I had to add the user root to the smbpasswd file. After that, things worked fine for me. On Thu, 2 Nov 2000, David Bannon wrote: > At 09:12 AM 01/11/2000 -0600, you wrote: > > > > > >Does anyone have a source base that they have confirmed use of Windows 2000 > >Domain logins on. If so, could you please tar it up and let me try to use > your > > I really don't think that is necessary. I have been pulling down cvs every > couple of days and each and every on has worked with w2k (within the limits > imposed by the bugs documented in the FAQ) > > Have you read the FAQ and Howto ? I just did another test now and its fine. > Please follow the instructions in the HowTo. Let me know if its not > clear/accurate. > > david > > > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! > From boehm at nortelnetworks.com Wed Nov 1 23:41:10 2000 From: boehm at nortelnetworks.com (Eric Boehm) Date: Tue Dec 2 02:32:12 2003 Subject: W2K dropping final character of Samba 2.0.7 service name Message-ID: <20001101184110.A8821@brtpsfac.nortelnetworks.com> We're having an interesting problems with a Windows 2000 machine trying to connect to Samba 2.0.7 on Solaris 7. We see the following in log.smb [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 1] smbd/service.c:make_connection(550) zdasic-1 (47.147.70.163) connect to service ccaserls as user zdasic (uid=7189, gid=4323) (pid 15679) [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) and the same for /vobs zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 1] smbd/service.c:make_connection(550) zdasic-1 (47.147.70.163) connect to service vobs as user zdasic (uid=7189, gid=4323) (pid 156 79) For some reason, it is leaving off the final character in the service name. Has anyone seen this problem before. I've included smb.conf below smb.conf: # Global parameters workgroup = GBRES01 security = domain password server = * # workgroup = AMERICASE # security = server encrypt passwords = yes # password server = ZBVWD008 # password server = ZBVWD008, 47.147.64.91 #password server = NRTPDE10, NRTPDE11, NRTPDE12, PCNTRTP01, PCNTRTP02 client code page = 437 # Samba requests 10000 but Solaris has only 1014 to spare max open files = 1014 wins server = 47.156.160.179 comment = "Samba %v server" share modes = yes getwd cache = yes browseable = yes load printers = no local master = no username map = /opt/samba/lib/username.map #debug level = 10 socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=32768 SO_RCVBUF=32768 include = /opt/samba/lib/smb.conf.global.%h include = /opt/samba/lib/smb.conf.shares.%h smb.conf.global.nbvws011: server string = "BVW SFE ClearCase VOB Server %h (%L), Samba" interfaces = "47.147.64.11/20" netbios aliases = NBVWS011 smb.conf.shares.nbvws011: [vobs] comment = BVW-SFE Vob Storage path = /vobs # admin users = hosts allow = @ip_services_hosts, prtpd32u.us.nortel.com, 47.147.64.11 valid users = @ip_services_users, dfisico oplocks = No guest ok = no directory mask = 0775 map archive = No writeable = yes [ccaserls] comment = BVW-ClearCase Release Area path = /opt/ccase_rls # admin users = vobadmis hosts allow = @ip_services_hosts, prtpd32u.us.nortel.com, 47.147.64.11 valid users = @ip_services_users, dfisico oplocks = No guest ok = no directory mask = 0775 map archive = No writeable = yes -- Eric M. Boehm boehm@nortelnetworks.com From Glen.Barwick at utas.edu.au Thu Nov 2 02:05:42 2000 From: Glen.Barwick at utas.edu.au (Glen Barwick) Date: Tue Dec 2 02:32:12 2003 Subject: Samba and subnets Message-ID: <200011020200.NAA11936@corinna.its.utas.edu.au> Dear All, I am using samba 2.0.5a, recently our network was split into two subnets. Before that everyone could see the samba shares using Windows NT on our network, but now only the people in the subnet with the server can see it in Network Neighborhood. I have managed to add the server in question to an NT (PDC) and now can access it from the "find computer" in Windows NT, but still no Network Neighborhood. If someone could help me I would be most grateful. Thanks, Glen. From swright at mail.sls.bc.ca Thu Nov 2 03:25:26 2000 From: swright at mail.sls.bc.ca (Shawn Wright) Date: Tue Dec 2 02:32:12 2003 Subject: Honouring eXecute permissions on NT? Message-ID: <3A006E26.11116.26B97F97@localhost> Hello, I am testing a RH 6.2 box running Samba 2.06 for the purposes of migrating about 400 user shares from an existing NT 4 box. These are student accounts, so we currently have very stringent permissions for each user share based on group memberships, etc, and set using NT xcacls. In most cases, uses have ONLY the following file/dir permissions: rwd/rwxd, ie: they cannot execute any programs stored in these locations. All PCs are NT 4 also, so similar restrictions are used to lock down the local files. The problem I've found is that I cannot get Samba shares to behave in the same way - removing the execute permissions from a file still allows NT to run the program. Is there any way to accomplish this? tia. Shawn Wright, I.T. Manager Shawnigan Lake School swright@SLS.bc.ca http://Zuiko.sls.bc.ca/swright http://www.sls.bc.ca From blas.castro at netgiro.com Thu Nov 2 10:00:37 2000 From: blas.castro at netgiro.com (Blas Castro) Date: Tue Dec 2 02:32:12 2003 Subject: Printing on SAMBA_2_2 ... References: Message-ID: <001e01c044b3$c0028800$0f00a8c0@blasilandia> Hi, I had the same problem, How are spool directory permissions? Enable write permissions to your spool directory. Blas. ----- Original Message ----- From: "Eoin Verling" To: Sent: Tuesday, October 31, 2000 5:31 PM Subject: Printing on SAMBA_2_2 ... > Hi, > > I've just got the cvs update to SAMBA_2_2, and am trying to print. I can add the printer, and see it from Win2k ... but I get an error when I try to actually print. (the error is attached) > > All I'm looking to find out is, is there a problem with printing and SAMBA_2_2 ? Or is it a problem I have myself with my smb.conf file ... if it's my smb.conf (which I'm upgrading from 2.0.7 to 2.2) then I need to go find out what's wrong. > > cheers > E > > - -- _ > Eoin Verling _/ \_ 2200 Cork Airport Business Park, > SysAdmin / \_/ \ Kinsale Rd., Cork, Ireland. > Comnitel Technologies \_/ \_/ Ph: +353 21 7305608 > everling@comnitel.com \_/ Fax: +353 21 7305624 > From GRyle at maf.org Thu Nov 2 17:03:52 2000 From: GRyle at maf.org (Greg Ryle) Date: Tue Dec 2 02:32:12 2003 Subject: Login Troubles Message-ID: <00035CEB.C21317@maf.org> I am running RedHat 6.2 with Samba 2.0.6 setup as a PDC doing domain logins. Users are experiencing difficulties logging in first thing in the morning after their machine has been shut down for the night. If I change the Win98 machines so that they don't log into a NT domain, then they go in normally and can access the samba shares. After they start accessing the shares, I can change the properties back to logging into an NT domain and it will log in. When the machines can't log in, the error I receive is that the password is not correct or access has been denied to the server. I tried redoing the passwords but that didn't work. Any suggestions, Greg From vampy at gmx.de Thu Nov 2 09:28:43 2000 From: vampy at gmx.de (Milo Mittag) Date: Tue Dec 2 02:32:12 2003 Subject: configure problem Message-ID: hello, i have a problem using the configure script. i checked out the samba_2_2 source via cvs. but after starting ./configure in the source directory it throws the following error: ./configure: line 10672: syntax error near unexpected token `<<<<<' ./configure: line 10672: `<<<<<<< configure' i took a look at the script and encountered that this combination of < and > and = can be found more than one time... i really cant imagine what these '<', '>' and '=' are for... thanks for help milo (mailto: vampy AT gmx.de) From cosullivan at hss.co.uk Thu Nov 2 10:11:59 2000 From: cosullivan at hss.co.uk (Cherry O'Sullivan) Date: Tue Dec 2 02:32:12 2003 Subject: Windows 2000 Password handling Message-ID: <2AE37C2A8E26D41198FD0000F81A494D29DDBF@EXCHANGE.HSS.CO.UK> Hello. Is there any way of getting around the Windows 2000 password handling? I can find instructions to add a value to the registry in '95 and NT, tried following the NT instructions, but I don't have the 'Rdr' folder in my registry. Regards Cherry O'Sullivan HSS Hire Service Group PLC IT - Service Support Tel: 020 8260 3711 Fax: 020 8687 5017 Visit our web sites: **************************************************************************** ********************************** HSS Hire Service Group PLC Group Office: 25 Willow Lane, Mitcham, Surrey, CR4 4TS (telephone no. +44 20 8260 3100) Registered Office: 4 Grosvenor Place, London, SW1X 7DL Registered in England Number 644490 This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual to whom it is addressed. Any views or opinions presented are solely those of the author and do not necessarily represent those of HSS. If you are not the intended recipient, please be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. **************************************************************************** ********************************** -------------- next part -------------- HTML attachment scrubbed and removed From Daniel.Moeller at de.bosch.com Thu Nov 2 10:30:28 2000 From: Daniel.Moeller at de.bosch.com (Moeller Daniel (QI/AST10) *) Date: Tue Dec 2 02:32:12 2003 Subject: AW: W2K dropping final character of Samba 2.0.7 service name Message-ID: <9015FB0BD980D411BFBC00508BAE6AF74E0D9F@simail5.server.bosch.com> Hi Eric, we have a similar Samba setup, but on Solaris 2.6 and with NT4 clients. I've never seen such problems. Regards, Danny -----Urspr?ngliche Nachricht----- Von: Eric Boehm [mailto:boehm@nortelnetworks.com] Gesendet: Donnerstag, 2. November 2000 00:41 An: samba@samba.org; samba-ntdom@samba.org Betreff: W2K dropping final character of Samba 2.0.7 service name We're having an interesting problems with a Windows 2000 machine trying to connect to Samba 2.0.7 on Solaris 7. We see the following in log.smb [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 1] smbd/service.c:make_connection(550) zdasic-1 (47.147.70.163) connect to service ccaserls as user zdasic (uid=7189, gid=4323) (pid 15679) [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service ccaserl [2000/10/31 15:57:27, 0] smbd/service.c:make_connection(214) and the same for /vobs zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 0] smbd/service.c:make_connection(214) zdasic-1 (47.147.70.163) couldn't find service vob [2000/10/31 15:19:33, 1] smbd/service.c:make_connection(550) zdasic-1 (47.147.70.163) connect to service vobs as user zdasic (uid=7189, gid=4323) (pid 156 79) From noelk at bc.edu Thu Nov 2 12:04:30 2000 From: noelk at bc.edu (Kenneth Noel) Date: Tue Dec 2 02:32:13 2003 Subject: Samba and subnets References: <200011020200.NAA11936@corinna.its.utas.edu.au> Message-ID: <3A01584E.2A0BF30@bc.edu> Network neighborhood uses broadcasts, the packets won't cross the router. I don't know much about setting up routers but ports 137 138 and 139 need to be open on the router for network neighborhood to work. Find comput is the better way to have your users access the resources. Ken Glen Barwick wrote: > Dear All, > > I am using samba 2.0.5a, recently our network was split into two subnets. > Before that everyone could see the samba shares using Windows NT on our > network, but now only the people in the subnet with the server can see it > in Network Neighborhood. > > I have managed to add the server in question to an NT (PDC) and now can > access it from the "find computer" in Windows NT, but still no Network > Neighborhood. > > If someone could help me I would be most grateful. > > Thanks, > Glen. -------------- next part -------------- A non-text attachment was scrubbed... Name: noelk.vcf Type: text/x-vcard Size: 290 bytes Desc: Card for Kenneth Noel Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001102/1a93ba7c/noelk.vcf From gcarter at valinux.com Thu Nov 2 12:54:25 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:13 2003 Subject: configure problem References: Message-ID: <3A016401.BF326EEC@valinux.com> Milo Mittag wrote: > > hello, > > i have a problem using the configure script. i checked > out the samba_2_2 source via cvs. but after starting > ./configure in the source directory it throws the > following error: > > ./configure: line 10672: syntax error near unexpected token `<<<<<' > ./configure: line 10672: `<<<<<<< configure' Look at the configure script an dyou'll see a conflict in your last CVS checkout probably. rm configure and get a fresh copy. That should fix it. (or possible just run autoconf and recreate it from configure.in). CHeers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From lee.taylor at aeroton.scania.co.za Thu Nov 2 13:28:55 2000 From: lee.taylor at aeroton.scania.co.za (C.Lee Taylor) Date: Tue Dec 2 02:32:13 2003 Subject: Samba and subnets References: <200011020200.NAA11936@corinna.its.utas.edu.au> <3A01584E.2A0BF30@bc.edu> Message-ID: <015801c044d0$da929620$6201010a@LeeTaylor> I am not sure, but from what I have read does ... remote browse sync not do this? Maybe somebody can explain this better. Taken from the SWAT help ... remote announce (G) This option allows you to setup nmbd to periodically announce itself to arbitrary IP addresses with an arbitrary workgroup name. This is useful if you want your Samba server to appear in a remote workgroup for which the normal browse propagation rules don't work. The remote workgroup can be anywhere that you can send IP packets to. For example: remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF the above line would cause nmbd to announce itself to the two given IP addresses using the given workgroup names. If you leave out the workgroup name then the one given in the "workgroup" parameter is used instead. The IP addresses you choose would normally be the broadcast addresses of the remote networks, but can also be the IP addresses of known browse masters if your network config is that stable. See the documentation file BROWSING.txt in the docs/ directory. Default: remote announce = Example: remote announce = 192.168.2.255/SERVERS 192.168.4.255/STAFF remote browse sync (G) This option allows you to setup nmbd to periodically request synchronization of browse lists with the master browser of a samba server that is on a remote segment. This option will allow you to gain browse lists for multiple workgroups across routed networks. This is done in a manner that does not work with any non-samba servers. This is useful if you want your Samba server and all local clients to appear in a remote workgroup for which the normal browse propagation rules don't work. The remote workgroup can be anywhere that you can send IP packets to. For example: remote browse sync = 192.168.2.255 192.168.4.255 the above line would cause nmbd to request the master browser on the specified subnets or addresses to synchronize their browse lists with the local server. The IP addresses you choose would normally be the broadcast addresses of the remote networks, but can also be the IP addresses of known browse masters if your network config is that stable. If a machine IP address is given Samba makes NO attempt to validate that the remote machine is available, is listening, nor that it is in fact the browse master on it's segment. Default: remote browse sync = Example: remote browse sync = 192.168.2.255 192.168.4.255 > Network neighborhood uses broadcasts, the packets won't cross the router. I don't know much > about setting up routers but ports 137 138 and 139 need to be open on the router for network > neighborhood to work. > > Find comput is the better way to have your users access the resources. > > Ken > > Glen Barwick wrote: > > > Dear All, > > > > I am using samba 2.0.5a, recently our network was split into two subnets. > > Before that everyone could see the samba shares using Windows NT on our > > network, but now only the people in the subnet with the server can see it > > in Network Neighborhood. > > > > I have managed to add the server in question to an NT (PDC) and now can > > access it from the "find computer" in Windows NT, but still no Network > > Neighborhood. > > > > If someone could help me I would be most grateful. > > > > Thanks, > > Glen. > From ljames at hera.apollo3.com Thu Nov 2 14:24:58 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:13 2003 Subject: Can't set Workgroup name / samba-tng-alpha-2.6 Message-ID: <200011021424.JAA10439@hera.apollo3.com> I have a problem with the workgroup name. If I name my workgroup anything other than "LARS", I'll get the following error for any user that tries to access samba. --------- LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND SMB LM/NT Password did not match! Rejecting user 'ljames': authentication failed --------- If I add "workgroup = lars" to my smb.conf file, any user can access samba without problems. I'm using samba-tng-alpha-2.6. Thanks in advance for anyone that has any suggestions or comments. -- L. James -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From ivy at icebergmedia.com Thu Nov 2 17:59:07 2000 From: ivy at icebergmedia.com (Ivy) Date: Tue Dec 2 02:32:13 2003 Subject: PDC In-Reply-To: <39F9B70F.1CABE406@uchicago.edu> Message-ID: By many efforts, I can add users and trust accounts into my smbpasswd file now. I can also use domain login from my w2k and access shares. Here comes my question: when I don't user domain login (w2k has the same workgroup as samba server), I can't access the share after I give a username and passwd in smbpasswd file, and it showed username and passwd error. Is it normal, or w2k must be a member of domain to access samba server? Before when I use samba2.0.6, I can access samba server from NT to be a member of domain or a member of workgroup. Thx, Ivy -----Original Message----- From: samba-ntdom-admin@lists.samba.org [mailto:samba-ntdom-admin@lists.samba.org]On Behalf Of Simon Allaway Sent: October 27, 2000 10:11 AM To: samba Subject: Re: PDC Ivy wrote: > [root.$]createuser machine1$ MYDOMIAN > SAM Create Domain User > Domain MYDOMIAN name: machine1$ ACB: [w ] > 1st session setup ok > 2nd session setup ok > Create Domain User ok > Join machine1 to Domain MYDOMIAN > LSA_OPENSECRET: NT_STATUS_ACCESS_DENIED > LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND > SET $MACHINE.ALL: FAILED Ok, when you did this part did you have a local unix account for machine1$ ? I use NIS centrally, so my test tng server adopted all the machine accounts from my 2.0.7 server. All I had to do was add the actual trust accounts in samedit. Simon From mami at arena.sci.univr.it Thu Nov 2 15:49:50 2000 From: mami at arena.sci.univr.it (Manea Mirko) Date: Tue Dec 2 02:32:13 2003 Subject: adding a w2k machine account to samba 2.2.0 Message-ID: <20001102164950.F23582@arena.sci.univr.it> Hi, I am trying to join a w2k machine to a samba 2.2.0 domain (from cvs on oct 31). Using the 'add user script' option an account in /etc/passwd is created correctly, but not in smbpasswd. I use the unix root account as an Admin Account. Is this a known problem ? Thanks in advance, Mirko Here is the log: -- log.smbd -- get_md4pw: Workstation SATURNO$: no account in domain prs_grow: Buffer overflow - unable to expand buffer by 2 bytes. chat_with_program: newpass contains control characters (disallowed). -- smbpasswd -- saturno$:504:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDW ]:LCT-3A01881C: -- smb.conf -- [global] security = domain status = yes workgroup = VLSI05_DOM wins server = xxx.yyy.zzz.ttt encrypt passwords = yes domain logons =yes logon script = scripts\%U.bat domain admin users = root mami guest account = ftp share modes=no os level=65 ; sync samba with unix password unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:* all*authentication*tokens*updated*successfully* ; to add a nt/w2k machine to the domain add user script = /usr/sbin/adduser -g machines -c NTMachine -d /dev/null -s /bin/false -n '%m$' ; delete user delete user script = /usr/sbin/userdel %u [homes] guest ok = no read only = no create mask = 0700 directory mask = 0700 oplocks = false level 2 oplocks = false locking = no [netlogon] path = /usr/local/samba/netlogon writeable = no guest ok = no From p.mayers at ic.ac.uk Thu Nov 2 15:55:22 2000 From: p.mayers at ic.ac.uk (Mayers, Philip J) Date: Tue Dec 2 02:32:13 2003 Subject: Honouring eXecute permissions on NT? Message-ID: You're going about it the wrong way - "execute" permissions don't make sense in NT. If you don't want them to execute the file, deny them read permission, not execute. Ideally, put them in a seperate directory and deny them read permission on the directory (and execute, which equates to traverse). Regards, Phil +----------------------------------+ | Phil Mayers, Network Support | | Centre for Computing Services | | Imperial College | +----------------------------------+ -----Original Message----- From: Shawn Wright [mailto:swright@mail.sls.bc.ca] Sent: 02 November 2000 03:25 To: samba-ntdom@us5.samba.org Subject: Honouring eXecute permissions on NT? Hello, From swright at sls.bc.ca Thu Nov 2 16:53:39 2000 From: swright at sls.bc.ca (swright@sls.bc.ca) Date: Tue Dec 2 02:32:13 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: Message-ID: <3A012B93.28178.2CD25AC0@localhost> On 2 Nov 2000, at 15:55, Mayers, Philip J wrote: > You're going about it the wrong way - "execute" permissions don't make sense > in NT. If you don't want them to execute the file, deny them read > permission, not execute. Ideally, put them in a seperate directory and deny > them read permission on the directory (and execute, which equates to > traverse). > We don't have this option. The network shares are for personal file storage. The idea is to prevent students from executing programs they download and store on the network. I'm aware that removing R permissions will work where required, but it won't work in this situation. It works fine with NT, and I'm hoping to get the same function with Samba if possible. ======================== Shawn Wright Computer Systems Manager Shawnigan Lake School http://www.sls.bc.ca swright@sls.bc.ca From kevinc at grainsystems.com Thu Nov 2 17:43:00 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:13 2003 Subject: Honouring eXecute permissions on NT? References: <3A012B93.28178.2CD25AC0@localhost> Message-ID: <3A01A7A4.5E02B1B6@grainsystems.com> swright@sls.bc.ca wrote: > On 2 Nov 2000, at 15:55, Mayers, Philip J wrote: > > > You're going about it the wrong way - "execute" permissions don't make sense > > in NT. If you don't want them to execute the file, deny them read > > permission, not execute. Ideally, put them in a seperate directory and deny > > them read permission on the directory (and execute, which equates to > > traverse). > > We don't have this option. The network shares are for personal file storage. > The idea is to prevent students from executing programs they download and > store on the network. I'm aware that removing R permissions will work where > required, but it won't work in this situation. It works fine with NT, and I'm > hoping to get the same function with Samba if possible. I believe what you are looking for is the extended NT ACL support, which is only available on certain OSes that support ACLs. If you are running Samba on Linux, your options may be limited, as the current stable Linux kernels do not support ACLs. There are, however, some patches that may work for you. Of course, other OSes may have varying levels of ACL support. - Kevin Colby kevinc@grainsystems.com From jbeauchamp at gesinc.com Thu Nov 2 21:23:57 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:13 2003 Subject: problems connecting win 2000 users to samba 2.0.7 References: <8td4cs$1s0s$1@FreeBSD.csie.NCTU.edu.tw> <3a01a2b1.26325609@imssp.sp.trw.com> Message-ID: <001c01c04513$39947660$1d01a8c0@internal.net> I don't have Win2K here yet, so I can't say what may be causing the RPC errors you are seeing. Check David Bannons page (if you haven't already - here is the link - http://bioserver.latrobe.edu.au/samba/) It may help explain the situation for you more clearly than I can. James ----- Original Message ----- From: To: Sent: Thursday, November 02, 2000 9:24 AM Subject: Re: problems connecting win 2000 users to samba 2.0.7 > James, > > Could you elaborate on your below statement? I currently work in > an area that is beginning W2K deployments and I was messing around > with a box and noticed that when I 2x-click most Samba volumes, I get > an RPC error and it won't let me connect (a few do let me in; I don't > know why). > > I was reading the 2.0.7 documentation and it specifically had fixes > for W2K so I was going to check it out. Are you saying that not even > 2.0.7 will fix this? > > [I can do a "net use" and mount the share; I just can't browse.] > > Thanks. > > > Scott > > On 28 Oct 2000 07:50:52 +0800, in mailing.unix.samba-ntdom you wrote: > > >Do you have Samba set up for Domain logons? If so, then that is your > >problem. The 2.0.x series will not support domain logons from Win2K > >machines. It will serve files to them fine, but no logins. > > > >James > > > > > >----- Original Message ----- > >From: "Marcus Brown" > >To: > >Sent: Friday, October 27, 2000 6:08 PM > >Subject: problems connecting win 2000 users to samba 2.0.7 > > > > > >> i setup samba ver 2.0.7 to use with win 2000 and getting error message > >when > >> trying to access smb files "your are not authorize to logon to the server" > >> or " access denied" i check permissions should right my win98 boxes > >connect > >> to samba just fine. i tried a reg hack for 2000 but still no luck...please > >> help!! > >> > >> > >> > >> > >> Marcus Brown > >> NT Administrator > >> Accesslease.com > >> 1355 Sutter st > >> San Francisco, CA 94109 > >> 415-946-6334 > >> (pager)1-877-796-6851 > >> www.accesslease.com > >> > >> > >> > >> > > > > > From jbcurry at hline.localhealth.net Thu Nov 2 19:24:59 2000 From: jbcurry at hline.localhealth.net (James B Curry) Date: Tue Dec 2 02:32:13 2003 Subject: Login Troubles References: <00035CEB.C21317@maf.org> Message-ID: <3A01BF8B.94681B59@hline.localhealth.net> We've had quite a bout of this of late. If you look back over the past week or so, you'll see that 5 other people have expressed this same problem. We have not yet arrived at a solid answer. The thread "wierd logon problems" has more details. Summary: Users report sporadic "Domain password not correct or access to domain server has been denied" messages at logon. This problem may or may not go away after xx minutes. This problem may go away after repeated attempts at logging on. This problem happens for both Win9x and WinNTWS users. For some sites, this problem always goes away immediately after changing any user password in smbpasswd. The following error message appears in the log files of users that have attempted to log on and were denied access: [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket_data(537) write_socket_data: write failure. Error = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:write_socket(563) write_socket: Error writing 4 bytes to socket 6: ERRNO = Broken pipe [2000/11/01 08:45:07, 0] lib/util_sock.c:send_smb(751) Error writing 4 bytes to client. -1. Exiting As you mentioned, no other services are affected when the problem is occurring - those logged in already experience no problem with access to the Samba shares, and all other server and network services appear to be just fine. This problem is specific to domain logons. CAN SOMEBODY PLEASE HELP US FIGURE THIS PUPPY OUT??? Greg Ryle wrote: > > I am running RedHat 6.2 with Samba 2.0.6 setup as a PDC doing domain logins. > Users are experiencing difficulties logging in first thing in the morning after > their machine has been shut down for the night. If I change the Win98 machines > so that they don't log into a NT domain, then they go in normally and can access > the samba shares. After they start accessing the shares, I can change the > properties back to logging into an NT domain and it will log in. > > When the machines can't log in, the error I receive is that the password is not > correct or access has been denied to the server. > > I tried redoing the passwords but that didn't work. > > Any suggestions, > > Greg From dobos_s at IBCnet.hu Thu Nov 2 20:04:20 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:13 2003 Subject: duplicated users in userlist Message-ID: Hi! I find some users duplicated in NTwsSP5 "Permissions" dialog box. Why? From jbeauchamp at gesinc.com Fri Nov 3 00:08:31 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:13 2003 Subject: problems connecting win 2000 users to samba 2.0.7 References: <8907AA9E1A84D2119CCD0000D11BAF1C068FCEC9@mbsp01.sp.TRW.COM> Message-ID: <008f01c0452a$36c07760$1d01a8c0@internal.net> > James, > > When the page says > > "Samba 2.0.7 will not accept Domain Logons from > Win2000 although it will offer file shares to > it. It will not do trust relationships." > > I'm assuming this means when using the Samba box > as the PDC, correct? If so, I guess I'm OK as I > do not use Samba as a PDC, only as a member of > the domain. Roger that. You are correct. It is only when the Win2K box is trying to authenticate against the Samba box as a PDC. > > Thanks. > > > Scott > > > -----Original Message----- > > From: James W. Beauchamp [mailto:jbeauchamp@gesinc.com] > > Sent: Thursday, November 02, 2000 1:24 PM > > To: Nishimura, Scott; samba-ntdom@samba.org > > Subject: Re: problems connecting win 2000 users to samba 2.0.7 > > > > > > I don't have Win2K here yet, so I can't say what may be > > causing the RPC > > errors you are seeing. Check David Bannons page (if you > > haven't already - > > here is the link - http://bioserver.latrobe.edu.au/samba/) It may help > > explain the situation for you more clearly than I can. > > > > James > > > > ----- Original Message ----- > > From: > > To: > > Sent: Thursday, November 02, 2000 9:24 AM > > Subject: Re: problems connecting win 2000 users to samba 2.0.7 > > > > > > > James, > > > > > > Could you elaborate on your below statement? I currently work in > > > an area that is beginning W2K deployments and I was messing around > > > with a box and noticed that when I 2x-click most Samba > > volumes, I get > > > an RPC error and it won't let me connect (a few do let me > > in; I don't > > > know why). > > > > > > I was reading the 2.0.7 documentation and it specifically had fixes > > > for W2K so I was going to check it out. Are you saying > > that not even > > > 2.0.7 will fix this? > > > > > > [I can do a "net use" and mount the share; I just can't browse.] > > > > > > Thanks. > > > > > > > > > Scott > > > > > > On 28 Oct 2000 07:50:52 +0800, in mailing.unix.samba-ntdom > > you wrote: > > > > > > >Do you have Samba set up for Domain logons? If so, then > > that is your > > > >problem. The 2.0.x series will not support domain logons > > from Win2K > > > >machines. It will serve files to them fine, but no logins. > > > > > > > >James > > > > > > > > > > > >----- Original Message ----- > > > >From: "Marcus Brown" > > > >To: > > > >Sent: Friday, October 27, 2000 6:08 PM > > > >Subject: problems connecting win 2000 users to samba 2.0.7 > > > > > > > > > > > >> i setup samba ver 2.0.7 to use with win 2000 and getting > > error message > > > >when > > > >> trying to access smb files "your are not authorize to > > logon to the > > server" > > > >> or " access denied" i check permissions should right my > > win98 boxes > > > >connect > > > >> to samba just fine. i tried a reg hack for 2000 but still no > > luck...please > > > >> help!! > > > >> > > > >> > > > >> > > > >> > > > >> Marcus Brown > > > >> NT Administrator > > > >> Accesslease.com > > > >> 1355 Sutter st > > > >> San Francisco, CA 94109 > > > >> 415-946-6334 > > > >> (pager)1-877-796-6851 > > > >> www.accesslease.com > > > >> > > > >> > > > >> > > > >> > > > > > > > > > > > > > > > > From mbwilkin at cedarfreshscoop.com Thu Nov 2 21:23:34 2000 From: mbwilkin at cedarfreshscoop.com (Mike Wilkinson) Date: Tue Dec 2 02:32:13 2003 Subject: NT and Samba probs. In-Reply-To: Message-ID: I have setup samba to connect to my pdc. It joins the domain correctly, but I can still connect as users that do not exist on the domain, or as users with passwords that are different on the domain. (The users that were setup before connecting to the pdc). Here is my smb.conf file: [global] workgroup = mfm password server = atlanta server string = mfmserv netbios name = mfmserv printcap name = /etc/printcap log file = /var/log/samba/log.%m max log size = 50 security = domain [shared] comment = Shared Working Directory writeable = yes browseable = yes path = /home/files/shared public = yes Any ideas? Thanks, Mike From ctooley at amoa.org Thu Nov 2 22:04:57 2000 From: ctooley at amoa.org (ctooley@amoa.org) Date: Tue Dec 2 02:32:13 2003 Subject: Samba 2.2 Message-ID: <8625698B.0078D9D7.00@amoa.org> Which cvs branch should I be getting for Samba 2.2? And after speaking to someone on the list I'm confused as to whether I'm supposed to use 2.2 or HEAD? Thanks for all the work, Chris From gerrym at futuremetals.com Fri Nov 3 10:26:34 2000 From: gerrym at futuremetals.com (Gerry Maddock) Date: Tue Dec 2 02:32:13 2003 Subject: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! Message-ID: <3A0292DA.BBD3D6DE@futuremetals.com> OK, I have Samba running as a PDC, I have a working batch file in the netlogon share. I was editing my batch file, to automatically add a new program to all users desktops, but I can't seem to get one line to work right. If I copy the file to C:\windows\desktop, it works, but my problem is that all of the users info for their desktop is stored in C:\windows\profiles\THEIR USER NAME\desktop. Ok this is the line of the batch file I'm having all the problems with: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\%username%\desktop I thought the %username% would do the trick, but no luck. Next I tried: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\*\desktop Still no luck!! Does anybody know what I can put there to get this line to work???!!! From gerrym at futuremetals.com Fri Nov 3 10:43:29 2000 From: gerrym at futuremetals.com (Gerry Maddock) Date: Tue Dec 2 02:32:13 2003 Subject: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! References: <3A0292DA.BBD3D6DE@futuremetals.com> Message-ID: <3A0296D1.33720205@futuremetals.com> Never mind, we used: net config | find "User name" > %temp%.\temp.bat echo > User.bat set USERNAME=%%2 for %%A in (call del) do %%A %TEMP%.\temp.bat Gerry Maddock wrote: > OK, I have Samba running as a PDC, I have a working batch file in > the netlogon share. I was editing my batch file, to automatically add a > new program to all users desktops, but I can't seem to get one line to > work right. If I copy the file to C:\windows\desktop, it works, but my > problem is that all of the users info for their desktop is stored in > C:\windows\profiles\THEIR USER NAME\desktop. Ok this is the line of the > batch file I'm having all the problems with: > > copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe > c:\windows\profiles\%username%\desktop > > I thought the %username% would do the trick, but no luck. Next I tried: > > copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe > c:\windows\profiles\*\desktop > > Still no luck!! Does anybody know what I can put there to get this line > to work???!!! From kris.ozzy at lineone.net Thu Nov 2 22:58:04 2000 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:32:13 2003 Subject: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! Message-ID: <01C04520.68B7F450.kris.ozzy@lineone.net> Hi, If you are using NT this should work... copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\winnt\profiles\%USERNAME%\desktop check on the client that the variable USERNAME has been set. Use the SET command. It should look like TEMP=C:\TEMP TMP=C:\TEMP USERDOMAIN=KIME USERNAME=kristyan USERPROFILE=C:\WINNT\Profiles\kristyan windir=C:\WINNT Kris ------------- Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. -----Original Message----- From: Gerry Maddock [SMTP:gerrym@futuremetals.com] Sent: 03 November 2000 10:27 To: NTSAMBA Subject: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! OK, I have Samba running as a PDC, I have a working batch file in the netlogon share. I was editing my batch file, to automatically add a new program to all users desktops, but I can't seem to get one line to work right. If I copy the file to C:\windows\desktop, it works, but my problem is that all of the users info for their desktop is stored in C:\windows\profiles\THEIR USER NAME\desktop. Ok this is the line of the batch file I'm having all the problems with: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\%username%\desktop I thought the %username% would do the trick, but no luck. Next I tried: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\*\desktop Still no luck!! Does anybody know what I can put there to get this line to work???!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/ms-tnef Size: 2951 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001102/f7495fad/attachment.bin From marsaro at suse.com Fri Nov 3 03:14:22 2000 From: marsaro at suse.com (Jon Doyle) Date: Tue Dec 2 02:32:13 2003 Subject: NT and Samba probs. In-Reply-To: Message-ID: Public= yes This means it is public.... On Thu, 2 Nov 2000, Mike Wilkinson wrote: > I have setup samba to connect to my pdc. It joins the domain correctly, but > I can still connect as users that do not exist on the domain, or as users > with passwords that are different on the domain. (The users that were setup > before connecting to the pdc). Here is my smb.conf file: > > [global] > workgroup = mfm > password server = atlanta > server string = mfmserv > netbios name = mfmserv > printcap name = /etc/printcap > log file = /var/log/samba/log.%m > max log size = 50 > security = domain > > [shared] > comment = Shared Working Directory > writeable = yes > browseable = yes > path = /home/files/shared > public = yes > > Any ideas? > > Thanks, > Mike > > > Regards, Jon ______________________ Jon R. Doyle SuSE Linux Inc. Director of Professional Services 580 Second Street, Suite 210 Oakland, Ca. 94607 + 510 - 628 - 3380 ext. 5068 www.suse.com ______________________ That which does not appear to exist is to be regarded as if it did not exist. California Civil Code, "Maxims of Jurisprudence" From dobos_s at IBCnet.hu Fri Nov 3 06:58:57 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:13 2003 Subject: duplicated users in userlist II. Message-ID: I'm sorry, it was too late. So there are more information: Samba 2.0.7 on linux with kernel 2.2.17, samba and nt pdc-ed domains in the network, samba as wins for all. If I somewhere get the userlist on domain-member ntws(sp5) (e.g. file permissions dialog), I find some of the usernames duplicated or tripled. There are 29 users, each created with useradd xyz, smbpasswd -a xyz algorithm. After I restart (SIGTERM and start) samba or restart the ntws nothing changes. (Embedded image moved to file: pic28652.pcx) -------------- next part -------------- A non-text attachment was scrubbed... Name: pic28652.pcx Type: application/octet-stream Size: 3452 bytes Desc: Paintbrush Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001103/93d3dd93/pic28652.obj From dobos_s at IBCnet.hu Fri Nov 3 07:01:02 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:13 2003 Subject: why the ... map parameters are missing from 2.0.7? Message-ID: Hi! How can I map linux groups to nt groups in 2.0.7? I looked at the sources and found the map parts (maybe not the whole) commented out. Why? (Embedded image moved to file: pic22119.pcx) -------------- next part -------------- A non-text attachment was scrubbed... Name: pic22119.pcx Type: application/octet-stream Size: 3452 bytes Desc: Paintbrush Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001103/72c7d66c/pic22119.obj From joerg.ettrich at numeca.de Fri Nov 3 08:23:21 2000 From: joerg.ettrich at numeca.de (Joerg Ettrich) Date: Tue Dec 2 02:32:13 2003 Subject: How to manage the NT "all users" profile ? Message-ID: <3A0275F9.64ACBD8D@numeca.de> Dear All, I have 2.0.5a running on a LINUX Server and some NT clients. I succeed in setting up SAMBA as file, print, time an logon server (I'm doing the system admin. only as a small part of my daily work!) and now I want to manage the NT "all users" profiles of the clients only once on the server. How can I tell my clients to get the "all users" information from the SAMBA server, and how to set up NT machines for that approach ? (Additionaly it would be nice if anyone knows how to realize something like a link (! in a UNIX manner!) on a NT machine ?) Thank you for your efforts, Kind Regards, Joerg _____________________________________________________________________ Joerg Ettrich, M.Sc. mailto:joerg.ettrich@numeca.de NUMECA - INGENIEURBUERO Phone : ++49-(0)9129-287631 Nibelungenstr. 26 Fax : ++49-(0)9129-287632 D-90530 Wendelstein, Germany Web : http://www.numeca.de _____________________________________________________________________ From p.mayers at ic.ac.uk Fri Nov 3 09:55:55 2000 From: p.mayers at ic.ac.uk (Mayers, Philip J) Date: Tue Dec 2 02:32:13 2003 Subject: Honouring eXecute permissions on NT? Message-ID: But it's not hard for them to store the binaries on the network, and copy them to the local machine TEMP directory at login, and run them from there. I did just that very thing as a (naughty) undergraduate here at Imperial, to get around the execute permissions thing... I've just tried using Samba's "Security" support (network permission setting) and NT doesn't seem to honour the execute ACL bit on that share. Even if it did, the user will be listed as the file's owner, and can change the permissions back at will. I understand what you're trying to do, but I can't see a way of doing it. That said - why doesn't NT honour the execute permission bit on 2.0.7 Samba shares? Regards, Phil +----------------------------------+ | Phil Mayers, Network Support | | Centre for Computing Services | | Imperial College | +----------------------------------+ -----Original Message----- From: swright@sls.bc.ca [mailto:swright@sls.bc.ca] Sent: 02 November 2000 16:54 To: 'samba-ntdom@samba.org' Subject: RE: Honouring eXecute permissions on NT? On 2 Nov 2000, at 15:55, Mayers, Philip J wrote: > You're going about it the wrong way - "execute" permissions don't make sense > in NT. If you don't want them to execute the file, deny them read > permission, not execute. Ideally, put them in a seperate directory and deny > them read permission on the directory (and execute, which equates to > traverse). > We don't have this option. The network shares are for personal file storage. The idea is to prevent students from executing programs they download and store on the network. I'm aware that removing R permissions will work where required, but it won't work in this situation. It works fine with NT, and I'm hoping to get the same function with Samba if possible. ======================== Shawn Wright Computer Systems Manager Shawnigan Lake School http://www.sls.bc.ca swright@sls.bc.ca From Sjakob at mail.tele.dk Fri Nov 3 09:49:14 2000 From: Sjakob at mail.tele.dk (Steen Jakobsen) Date: Tue Dec 2 02:32:13 2003 Subject: log on problem Message-ID: <000c01c0457b$536696a0$0100a8c0@intranet> Hi I had some difficulties with a win95 machine loggin on -- it seems like the machine couldn't find the pdc -- do you think it would help to define the adress i lmhost ? and one more question: the win95 was the old version so I installed service pack one, will it use encrypted password now ? regards steen -------------- next part -------------- HTML attachment scrubbed and removed From tcurdt at dff.st Fri Nov 3 11:04:24 2000 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:32:13 2003 Subject: cvs branch 2.2 Message-ID: Sorry, for this... I'm trying to get a current cvs snapshop from the 2.2 branch and tried this: cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co -jSAMBA_2_2 samba But there are these <<<<<<< configure ... ======= .. >>>>>>> 1.125.4.4 everywhere in the files. What am I doing wrong? -- Torsten From Dave.Devine at uunet.be Fri Nov 3 13:57:19 2000 From: Dave.Devine at uunet.be (Devine Dave) Date: Tue Dec 2 02:32:13 2003 Subject: NT Account Lockout Message-ID: Hope you can help, We have the above problem. It occurs randomly i.e. an account works fine mapping shares for a week or two then will lock out consecutively for a couple of mornings when the user first logs on and tries to map the shares. I would be really grateful for any help on this. Regards, Dave Devine NT Systems Engineer UUNET - a WorldCom Company Culliganlaan 2, H B-1831 Diegem Belgium Tel: +32 (0)2 404 66 23 Fax: +32 (0)2 404 68 17 Email: dave.devine@be.uu.net http://www.be.uu.net/ From Michael.Scheinost at sinnerschrader.de Fri Nov 3 15:13:10 2000 From: Michael.Scheinost at sinnerschrader.de (Michael.Scheinost@sinnerschrader.de) Date: Tue Dec 2 02:32:13 2003 Subject: samba-tng and access problems Message-ID: Hi, we want to use Samba on Linux as PDC for our NT machines. I installed samba-tng 2.6 on Debian/GNU (kernel 2.2.17). I did it the way it is described in various installation descriptions, http://www.sambahq.de/hilfe.php3/tng0.html, http://www.kneschke.de/projekte/samba_tng/faq/index.php3. I added the machine and user accounts I want to use to the Linux users and additionally added the NT users with samedit. When I try to join the domain wit WinNt4.0, I always get the messege that there is no machine account for this computer or that it is not accessible. The log file log.samr writes: >> startfileent: unable to open file /usr/local/samba-tng/private/smbpasswd unable to open sam password database. startfileent: unable to open file /usr/local/samba-tng/private/smbpasswd unable to open smb password database. startfileent: unable to open file /usr/local/samba-tng/private/smbpasswd add_smbfilepwd_entry: unable to open file. Failed to add entry for user agnar$. << Of course smbpasswd exists and is set to 600. Could there be a dependency with the .map files? Who can help? TIA and greetings, michael From joerg.ettrich at numeca.de Fri Nov 3 15:42:07 2000 From: joerg.ettrich at numeca.de (Joerg Ettrich) Date: Tue Dec 2 02:32:13 2003 Subject: How to manage the NT "all users" profile ? References: <3A0275F9.64ACBD8D@numeca.de> Message-ID: <3A02DCCF.E0B2F715@numeca.de> Dear All, I have 2.0.5a running on a LINUX Server and some NT clients. I succeed in setting up SAMBA as file, print, time an logon server (I'm doing the system admin. only as a small part of my daily work!) and now I want to manage the NT "all users" profiles of the clients only once on the server. How can I tell my clients to get the "all users" information from the SAMBA server, and how to set up NT machines for that approach ? (Additionaly it would be nice if anyone knows how to realize something like a link (! in a UNIX manner!) on a NT machine ?) Thank you for your efforts, Kind Regards, Joerg _____________________________________________________________________ Joerg Ettrich, M.Sc. mailto:joerg.ettrich@numeca.de NUMECA - INGENIEURBUERO Phone : ++49-(0)9129-287631 Nibelungenstr. 26 Fax : ++49-(0)9129-287632 D-90530 Wendelstein, Germany Web : http://www.numeca.de _____________________________________________________________________ From carsten.neufend at muenster.de Fri Nov 3 16:45:00 2000 From: carsten.neufend at muenster.de (carsten) Date: Tue Dec 2 02:32:13 2003 Subject: Change PWD Message-ID: <3A02EB8C.5AEAAE62@muenster.de> Hello together, can anyone of you tell me what i have to do when i want to change samba PWD when i change the windows PWD (95/NT) Thanks for your help Carsten From RSzczesniak at mis.com.pl Fri Nov 3 17:30:50 2000 From: RSzczesniak at mis.com.pl (RSzczesniak@mis.com.pl) Date: Tue Dec 2 02:32:13 2003 Subject: NT and Samba probs. Message-ID: Can you, in addition, send your [netlogon] and [profiles] section ? rafal "Mike Wilkinson" Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-02 22:23 Do: DW: Temat: NT and Samba probs. I have setup samba to connect to my pdc. It joins the domain correctly, but I can still connect as users that do not exist on the domain, or as users with passwords that are different on the domain. (The users that were setup before connecting to the pdc). Here is my smb.conf file: [global] workgroup = mfm password server = atlanta server string = mfmserv netbios name = mfmserv printcap name = /etc/printcap log file = /var/log/samba/log.%m max log size = 50 security = domain [shared] comment = Shared Working Directory writeable = yes browseable = yes path = /home/files/shared public = yes Any ideas? Thanks, Mike From RSzczesniak at mis.com.pl Fri Nov 3 17:38:49 2000 From: RSzczesniak at mis.com.pl (RSzczesniak@mis.com.pl) Date: Tue Dec 2 02:32:13 2003 Subject: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! Message-ID: Are you sure that using path like \\SERVER\SHARE\directory\file in "copy" program works properly ? Maybe you should try to mount (ie. map) the share via "net use ...", first. Give me notice if it works. regards, rafal Gerry Maddock Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-03 11:26 Do: NTSAMBA DW: Temat: SAMBA--WINDOWS NETLOGON/ batchfile blues!!! OK, I have Samba running as a PDC, I have a working batch file in the netlogon share. I was editing my batch file, to automatically add a new program to all users desktops, but I can't seem to get one line to work right. If I copy the file to C:\windows\desktop, it works, but my problem is that all of the users info for their desktop is stored in C:\windows\profiles\THEIR USER NAME\desktop. Ok this is the line of the batch file I'm having all the problems with: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\%username%\desktop I thought the %username% would do the trick, but no luck. Next I tried: copy \\smbsvr\disk_img\tr9032ins\TR9032win386ra7.exe c:\windows\profiles\*\desktop Still no luck!! Does anybody know what I can put there to get this line to work???!!! From RSzczesniak at mis.com.pl Fri Nov 3 17:53:09 2000 From: RSzczesniak at mis.com.pl (RSzczesniak@mis.com.pl) Date: Tue Dec 2 02:32:13 2003 Subject: cvs branch 2.2 Message-ID: I don't know cvs client so good, but I use: cvs -d :pserver:cvs@pserver.samba.org:/cvsroot co -r samba and it works without any wierd things. rafal "Torsten Curdt" Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-03 12:04 Do: DW: Temat: cvs branch 2.2 Sorry, for this... I'm trying to get a current cvs snapshop from the 2.2 branch and tried this: cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co -jSAMBA_2_2 samba But there are these <<<<<<< configure ... ======= .. >>>>>>> 1.125.4.4 everywhere in the files. What am I doing wrong? -- Torsten From swright at sls.bc.ca Fri Nov 3 18:53:46 2000 From: swright at sls.bc.ca (swright@sls.bc.ca) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: Message-ID: <3A02993A.13142.583F6E4@localhost> On 3 Nov 2000, at 9:55, Mayers, Philip J wrote: > But it's not hard for them to store the binaries on the network, and copy > them to the local machine TEMP directory at login, and run them from there. > I did just that very thing as a (naughty) undergraduate here at Imperial, to > get around the execute permissions thing... That just means your NT admins haven't sufficiently secured the machine. I assure you this will not work here. There is nowhere on the local drive that a user can create a file with eXecute permissions under on our locked down NT install. > I've just tried using Samba's "Security" support (network permission > setting) and NT doesn't seem to honour the execute ACL bit on that share. > Even if it did, the user will be listed as the file's owner, and can change > the permissions back at will. I understand what you're trying to do, but I > can't see a way of doing it. Under NT, this appears to be a loophole - you can remove the Set Permissions flag for a file owner, but the owner can still change the permissions. However, removing access to the security dialog makes this a bit tougher to work around. > That said - why doesn't NT honour the execute permission bit on 2.0.7 Samba > shares? Not sure what you mean here - I'm running 2.06. ======================== Shawn Wright Computer Systems Manager Shawnigan Lake School http://www.sls.bc.ca swright@sls.bc.ca From martin at zamenhof.demon.co.uk Thu Nov 2 20:04:28 2000 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: <3A01A7A4.5E02B1B6@grainsystems.com> from "Kevin Colby" at Nov 02, 2000 11:43:00 AM Message-ID: <200011022004.UAA22986@zamenhof.demon.co.uk> > > We don't have this option. The network shares are for personal file storage. > > The idea is to prevent students from executing programs they download and > > store on the network. I'm aware that removing R permissions will work where > > required, but it won't work in this situation. It works fine with NT, and I'm > > hoping to get the same function with Samba if possible. > > I believe what you are looking for is the extended NT ACL support, > which is only available on certain OSes that support ACLs. > If you are running Samba on Linux, your options may be limited, > as the current stable Linux kernels do not support ACLs. There > are, however, some patches that may work for you. Of course, other > OSes may have varying levels of ACL support. I'd prefer there to be a Samba option to deny execute access to files as a per-share setting, without the necessity of needing ACL support in the OS. I'm in the same situation of wanting to disallow execute access for a server for student labs. For me, it doesn't need to be any more granular than that. Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From martin at zamenhof.demon.co.uk Fri Nov 3 19:09:03 2000 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: from "Mayers, Philip J" at Nov 03, 2000 09:55:55 AM Message-ID: <200011031909.TAA26092@zamenhof.demon.co.uk> > > But it's not hard for them to store the binaries on the network, and copy > them to the local machine TEMP directory at login, and run them from there. > I did just that very thing as a (naughty) undergraduate here at Imperial, to > get around the execute permissions thing... That's true, unless you can remove execute permissions from anything writable. That still leaves the floppy disk, though. I imagine the intent is to make it difficult, or at least time-consuming, for the users to run unauthorised executables because they're having to work around the administrator's settings all the time. And at least some users won't find out what they need to do. > I've just tried using Samba's "Security" support (network permission > setting) and NT doesn't seem to honour the execute ACL bit on that share. > Even if it did, the user will be listed as the file's owner, and can change > the permissions back at will. I understand what you're trying to do, but I > can't see a way of doing it. Perhaps of the gurus could at least point us mortals to the place in the source where the changes need to be made? Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From ljames at hera.apollo3.com Fri Nov 3 19:37:57 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:14 2003 Subject: Password for Swat fails Message-ID: <200011031937.OAA22258@hera.apollo3.com> Can someone advise me on how to configure Swat (samba-tng-alpha.2.6) so that I can log in. Logging in wasn't a problem before switching from version 2.0.7 to TNG. I get a password prompt and not of the passwords work. I try to log in as root, as well as other accounts that are listed in both the /etc/passwd (linux) and the /etc/local/samba/private/smbpasswd accounts. It won't even allow me to go to the http://home.com:901/globals. I believe the over versions allow access to some of the areas but would not allow you to make changes unless you were the root account. I checked the configuration by adding the -a to the inetd.conf file, where in this case it will come up okay. However, of course for security purposes, this can't remain. Thanks in advance for any suggestions or comments. -- L. James -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From kudos at telusplanet.net Fri Nov 3 23:02:14 2000 From: kudos at telusplanet.net (Dave Woods) Date: Tue Dec 2 02:32:14 2003 Subject: wierd connectivity issues Message-ID: <3A0343F6.1DA67ACF@telusplanet.net> We recently upgraded one of our clients from FreeBSD 3.4 to 4.0 and now we are having wierd connectivity issues. We have one share on the Unix box that the NT server checks on a regualr basis for new files to process but it seems aproxx every two hours it can not connect and the software dies (As it is some crappy proprietary software) but once the software is restarted it can check again. I instantly thought that this is an issue with the software and then I realized that before the upgrade it worked fine. DOes anyone have any ideas at all? anything is appreciated as strangely enough my admin has convienintly dissappeared. Woods From zbrown at linuxcare.com Fri Nov 3 23:32:54 2000 From: zbrown at linuxcare.com (zbrown@linuxcare.com) Date: Tue Dec 2 02:32:14 2003 Subject: Samba FAQ In-Reply-To: <20001019214219.A3301@aae.wisc.edu>; from Anders C . Thorsen on Thu, Oct 19, 2000 at 09:42:19PM -0500 References: <20001019161226.A1574@aae.wisc.edu> <3.0.6.32.20001020123057.0089a740@bioserve.latrobe.edu.au> <20001019214219.A3301@aae.wisc.edu> Message-ID: <20001103153254.A3402@leocadia> On Thu, Oct 19, 2000 at 09:42:19PM -0500, Anders C . Thorsen wrote: > > >
number="1" > id="general" > title="General Samba questions" > maintainer="Anders C. Thorsen" > email="anders@aae.wisc.edu" > rev="0" > date="2000-10-19" > lang="en" > > > > Genereal questions related to samba and samba developement should go here. >
This looks good, but I have a couple suggestions. First, I'd get rid of the "number" attribute. Let the compilation process take care of that. If you need inter-section references, use another XML tag keyed to the "id" attribute. That way it would be easy to reshuffle information, and all inter-section references would automatically point to their proper locations. Also, XML allows nesting of tags, so it should be easy to create a tree structure, with something like
etc. Hope this helps, Zack -- -- Zack Brown, Linuxcare, Inc. tel: 1-415-354-4878x284, fax: 1-415-701-7457 zbrown@linuxcare.com, http://www.linuxcare.com/ Linuxcare. Support for the revolution. From chris at chrullrich.de Sat Nov 4 07:57:09 2000 From: chris at chrullrich.de (Christian Ullrich) Date: Tue Dec 2 02:32:14 2003 Subject: Win2000 joing 2.2.0 snapshot domain In-Reply-To: <8625697F.00705684.00@amoa.org>; from ctooley@amoa.org on Sat, Oct 21, 2000 at 03:30:40PM -0500 References: <8625697F.00705684.00@amoa.org> Message-ID: <20001104085709.A17011@christian.chrullrich.de> * ctooley@amoa.org wrote on Saturday, 21.10.2000: > and password. When I do I get the following error: > > "The following error occured when attempting to join the domain "SAMBANET":" > "The credentials supplied conflict with an existing set of credentials." NT/2000 are unable to log onto the same computer _name_ with two different username/password pairs at the same time. Probably you connected to that server before, using some other user name. One way to get at least a second login is to use the IP instead of the name, as in: net use * \\192.168.0.34\admin$ /user:administrator -- Christian Ullrich Registrierter Linux-User #125183 "Sie k?nnen nach R'ed'mond fliegen -- aber Sie werden sterben" From virgo at azcher.kharkov.ua Sat Nov 4 13:05:32 2000 From: virgo at azcher.kharkov.ua (Dolgopolov Sergey) Date: Tue Dec 2 02:32:14 2003 Subject: Samba & Roaming Profiles Message-ID: <3A04099C.E8F4B107@azcher.kharkov.ua> Hi! Is customized Samba-2.0.7 as PDC. All works perfectly. Has made that Samba stored profiles. There are clients (NT4 WS). So a problem to transfer already existing profiles on Samba. As they are correct for transferring. Beforehand is grateful, Sergey. -- Registered Linux User #186627 From k.blin at gmx.net Sat Nov 4 12:56:30 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:14 2003 Subject: Samba & Roaming Profiles In-Reply-To: <3A04099C.E8F4B107@azcher.kharkov.ua>; from virgo@azcher.kharkov.ua on Sat, Nov 04, 2000 at 03:05:32PM +0200 References: <3A04099C.E8F4B107@azcher.kharkov.ua> Message-ID: <20001104135630.B6583@molgen-6.iah.medizin.uni-tuebingen.de> * Dolgopolov Sergey [04/11/00, 15:05:32]: > Hi! > Is customized Samba-2.0.7 as PDC. All works perfectly. Has made that > Samba stored profiles. > There are clients (NT4 WS). So a problem to transfer already existing > profiles on Samba. > As they are correct for transferring. Does anything speak against using smbclient to connect/copy theese? Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- The trouble with heart disease is that the first symptom is often hard to deal with: death. -- Michael Phelps From ljames at hera.apollo3.com Sat Nov 4 13:41:28 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:14 2003 Subject: Swat with Samba-TNG Fails? Message-ID: <200011041341.IAA24085@hera.apollo3.com> There's some element differnt with swat from version samba-2.0.7 and samba-tng. In my effort to find the element, I renamed my /usr/local/samba directory to a /usr/local/samba.tng. Then I reinstalled 2.0.7. Then I logged into swat with a browser using any name that's included in my /etc/passwd file. It worked every time. The only difference was that only root could make changes to the smb.conf file. Now I ran make uninstall on the version 2.0.7. Then I ran make install on the version TNG. Then I replaced my original /usr/local/samba directory. Now when I try to log into swat using a browser, any username/password fails. I'm sure this happened to some of the others when they moved from samba to samba-tng. What was some of the things you had to do to be able to use swat after the move? Thanks in advance for any suggestions or comments. -- L. James -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From sharpe at ns.aus.com Sat Nov 4 14:03:08 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:14 2003 Subject: Samba & Roaming Profiles In-Reply-To: <20001104135630.B6583@molgen-6.iah.medizin.uni-tuebingen.de > References: <3A04099C.E8F4B107@azcher.kharkov.ua> <3A04099C.E8F4B107@azcher.kharkov.ua> Message-ID: <3.0.6.32.20001105000308.00aba9e0@203.16.214.248> At 01:56 PM 11/4/00 +0100, Kai Blin wrote: >* Dolgopolov Sergey [04/11/00, 15:05:32]: >> Hi! >> Is customized Samba-2.0.7 as PDC. All works perfectly. Has made that >> Samba stored profiles. >> There are clients (NT4 WS). So a problem to transfer already existing >> profiles on Samba. >> As they are correct for transferring. > >Does anything speak against using smbclient to connect/copy theese? >Kai As I understand things, there are problems with doing this. There are, I am lead to believe, SIDs embedded in some of the files, and, Samba does not allocate RIDs the same way NT does, so the SIDs in the profile can be invalid. However, perhaps I am wrong. OTOH, all it might take is a tool that can find the SIDS and remap them? >-- >Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen >--- >The trouble with heart disease is that the first symptom is often hard to >deal with: death. > -- Michael Phelps > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From p.mayers at ic.ac.uk Sat Nov 4 13:55:25 2000 From: p.mayers at ic.ac.uk (Mayers, Philip J) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? Message-ID: I think the point it, it's not that easy. Regards, Phil +----------------------------------+ | Phil Mayers, Network Support | | Centre for Computing Services | | Imperial College | +----------------------------------+ -----Original Message----- From: Martin Radford [mailto:martin@zamenhof.demon.co.uk] Sent: 03 November 2000 19:09 To: p.mayers@ic.ac.uk Cc: samba-ntdom@samba.org Subject: Re: Honouring eXecute permissions on NT? Perhaps of the gurus could at least point us mortals to the place in the source where the changes need to be made? Martin From k.blin at gmx.net Sat Nov 4 13:32:35 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:14 2003 Subject: Samba & Roaming Profiles In-Reply-To: <3.0.6.32.20001105000308.00aba9e0@203.16.214.248>; from sharpe@ns.aus.com on Sun, Nov 05, 2000 at 12:03:08AM +1000 References: <3A04099C.E8F4B107@azcher.kharkov.ua> <3A04099C.E8F4B107@azcher.kharkov.ua> <20001104135630.B6583@molgen-6.iah.medizin.uni-tuebingen.de > <3.0.6.32.20001105000308.00aba9e0@203.16.214.248> Message-ID: <20001104143235.C6583@molgen-6.iah.medizin.uni-tuebingen.de> * Richard Sharpe [05/11/00, 00:03:08]: > >Does anything speak against using smbclient to connect/copy theese? > > As I understand things, there are problems with doing this. There are, I am > lead to believe, SIDs embedded in some of the files, and, Samba does not > allocate RIDs the same way NT does, so the SIDs in the profile can be invalid. Hm.. I never tried.. :) Might as well be. > However, perhaps I am wrong. OTOH, all it might take is a tool that can > find the SIDS and remap them? I have a (windows) tool named secure copy. Unless Unix flavor scp it doesn't encrypt anything :), but it copies all the stuff with it. I checked. We used it to migrate profiles from our old to our new PDC... You can find it at www.smallwonders.com I think. It's not freeware, though... HTH Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- The trouble with heart disease is that the first symptom is often hard to deal with: death. -- Michael Phelps From jeff at arcon.co.uk Sat Nov 4 19:51:02 2000 From: jeff at arcon.co.uk (Jeff Armstrong) Date: Tue Dec 2 02:32:14 2003 Subject: tng daemons not starting: create_pipe_socket error Message-ID: I downloaded the latest CVS version today from pserver:anoncvs@anoncvs.dcerpc.org:/home/vhosts/samba-tng.org/cvsroot The 'config' and 'make all install' went without error. Everything ended up in /usr/local/samba including some things that I would have expected in var and etc! I have two questions: 1) What daemons need starting, and in what order 2) I get the following error when I start the various daemons such as lsarpcd and samrd: create_pipe_socket: /usr/local/samba/var/locks/.msrpc 448 /usr/local/samba/var/locks/.msrpc/lsarpc 448 remove on /usr/local/samba/var/locks/.msrpc/lsarpc failed The daemons then seem to freeze - they don't die. They respond to a kill -TERM, but don't log their shutdown message. This seems to lead to problems with samedit not being able to reach samrd. The smbd and nmbd daemons seem to be running ok, but I can't create any users to test further. I am running SuSE Linux 6.4 with the latest patches. I was previously running Samba 2.0.7 and NT4. Help! and thank in advance, Jeff From martin at zamenhof.demon.co.uk Sat Nov 4 20:03:14 2000 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: from "Mayers, Philip J" at Nov 04, 2000 01:55:25 PM Message-ID: <200011042003.UAA29495@zamenhof.demon.co.uk> I wrote: > Perhaps of the gurus could at least point us mortals to the place in > the source where the changes need to be made? in reply to which, Phil Mayers wrote: > I think the point it, it's not that easy. Neither was implementing an open-source SMB server, but the Samba team did it. Seriously, though, this functionality is implemented by NT systems, presumably through one or more SMB calls which return the permissions set on a file or directory. Armed with this knowledge, it should be fairly straightforward (although possibly time-consuming, depending on the number of calls involved) to add this functionality to Samba. If the Samba team feel this is important, they may well implement it themselves; if they don't, then someone who does want it will need to do it. I'm willing to at least take a look at it, but with little knowledge of how the code fits together it won't be easy for me. If someone can suggest where I need to look, then it'll be easier. Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From lars at kneschke.de Sat Nov 4 21:41:05 2000 From: lars at kneschke.de (Lars Kneschke) Date: Tue Dec 2 02:32:14 2003 Subject: Swat with Samba-TNG Fails? References: <200011041341.IAA24085@hera.apollo3.com> Message-ID: <3A048271.9354FE6E@kneschke.de> Larry James wrote: > > There's some element differnt with swat from version samba-2.0.7 > and samba-tng. In my effort to find the element, I renamed my > /usr/local/samba directory to a /usr/local/samba.tng. Then I reinstalled > 2.0.7. Then I logged into swat with a browser using any name that's > included in my /etc/passwd file. It worked every time. The only > difference was that only root could make changes to the smb.conf file. > Now I ran make uninstall on the version 2.0.7. Then I ran make > install on the version TNG. Then I replaced my original > /usr/local/samba directory. Now when I try to log into swat using a > browser, any username/password fails. I'm sure this happened to some of > the others when they moved from samba to samba-tng. What was some of > the things you had to do to be able to use swat after the move? > Thanks in advance for any suggestions or comments. Samba TNG and SWAT are not working. Cu From jeremy at valinux.com Sat Nov 4 21:07:55 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:14 2003 Subject: Honouring eXecute permissions on NT? In-Reply-To: <200011042003.UAA29495@zamenhof.demon.co.uk>; from martin@zamenhof.demon.co.uk on Sat, Nov 04, 2000 at 08:03:14PM +0000 References: <200011042003.UAA29495@zamenhof.demon.co.uk> Message-ID: <20001104130755.A21399@valinux.com> On Sat, Nov 04, 2000 at 08:03:14PM +0000, Martin Radford wrote: > > Neither was implementing an open-source SMB server, but the Samba team > did it. Seriously, though, this functionality is implemented by NT > systems, presumably through one or more SMB calls which return the > permissions set on a file or directory. Armed with this knowledge, it > should be fairly straightforward (although possibly time-consuming, > depending on the number of calls involved) to add this functionality > to Samba. If the Samba team feel this is important, they may well > implement it themselves; if they don't, then someone who does want it > will need to do it. I'm willing to at least take a look at it, but > with little knowledge of how the code fits together it won't be easy > for me. If someone can suggest where I need to look, then it'll be > easier. Ok - the key to this should be that NT will open the file with an NTCreate call - this is handled in smbd/nttrans.c. If opening for execute, check that the "desired_access" mode includes the flag "FILE_EXECUTE". If so, in the NTcreate code do a check on the current UNIX permissions to see if the 'x' bit is set for the requisite account (user/group/other) that the incoming user would use and then deny the open if the 'x' bit is not set. The code you need to modify should be fairly simple and should be commented well enough for you to do this. If it isn't that's a bug and please tell me about it. That should do it - it's an interesting problem but not one I can concentrate on right now as I'm still working on 2.2.0alpha showstopper issues. Hope this helps, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From jeremy at valinux.com Sat Nov 4 21:45:04 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.0.7 SWAT vulnerabilities (fwd) Message-ID: <20001104134504.B22381@valinux.com> Ok - here is the patch against 2.0.7 that fixes the problem that SWAT distinguishes between users that exist and those that don't. This patch has been tested by the original reporter of the problem and confirmed to be a fix. Let me know if this is a suitable responce, I'm hoping not to have to release a 2.0.7a with this fix as it doesn't seem to be such a critical problem (plus I'm spending all my time trying to get 2.2.0 out of the door), but if user pressure demands it we will of course release a new version. Cheers, Jeremy Allison, Samba Team. Index: web/cgi.c =================================================================== RCS file: /data/cvs/samba/source/web/cgi.c,v retrieving revision 1.30.2.2.2.6 diff -u -r1.30.2.2.2.6 cgi.c --- web/cgi.c 2000/04/11 17:36:36 1.30.2.2.2.6 +++ web/cgi.c 2000/11/04 21:14:51 @@ -26,8 +26,6 @@ /* set the expiry on fixed pages */ #define EXPIRY_TIME (60*60*24*7) -#define CGI_LOGGING 0 - #ifdef DEBUG_COMMENTS extern void print_title(char *fmt, ...); #endif @@ -198,7 +196,7 @@ } fclose(stdin); - (void)open("/dev/null", O_RDWR); + open("/dev/null", O_RDWR); if ((s=query_string) || (s=getenv("QUERY_STRING"))) { for (tok=strtok(s,"&;");tok;tok=strtok(NULL,"&;")) { @@ -327,7 +325,6 @@ d[n] = 0; } - /*************************************************************************** handle a http authentication line ***************************************************************************/ @@ -336,11 +333,17 @@ char *p, *user, *user_pass; struct passwd *pass = NULL; BOOL ret = False; + BOOL got_name = False; + BOOL tested_pass = False; + fstring default_user_lookup; + fstring default_user_pass; + + /* Dummy user lookup to take the same time as a valid user. */ + fstrcpy(default_user_lookup, "zzzz bibble"); + fstrcpy(default_user_pass, "123456789"); if (strncasecmp(line,"Basic ", 6)) { - cgi_setup_error("401 Bad Authorization", "", - "Only basic authorization is understood"); - return False; + goto err; } line += 6; while (line[0] == ' ') line++; @@ -350,9 +353,7 @@ * Always give the same error so a cracker * cannot tell why we fail. */ - cgi_setup_error("401 Bad Authorization", "", - "username/password must be supplied"); - return False; + goto err; } *p = 0; user = line; @@ -367,15 +368,16 @@ * Always give the same error so a cracker * cannot tell why we fail. */ - cgi_setup_error("401 Bad Authorization", "", - "username/password must be supplied"); - return False; + got_name = True; + goto err; } /* * Validate the password they have given. */ + tested_pass = True; + if((ret = pass_check(user, user_pass, strlen(user_pass), NULL, NULL)) == True) { /* @@ -394,7 +396,20 @@ C_user = strdup(user); } - return ret; + err: + + /* Always take the same time. */ + if (!got_name) + Get_Pwnam(default_user_lookup,False); + + if (!tested_pass) + pass_check(default_user_lookup, default_user_pass, + strlen(default_user_pass), NULL, NULL); + + cgi_setup_error("401 Bad Authorization", "", + "username or password incorrect"); + + return False; } /*************************************************************************** @@ -451,6 +466,8 @@ printf("Content-Type: image/gif\r\n"); } else if (strcmp(p,".jpg")==0) { printf("Content-Type: image/jpeg\r\n"); + } else if (strcmp(p,".txt")==0) { + printf("Content-Type: text/plain\r\n"); } else { printf("Content-Type: text/html\r\n"); } @@ -476,9 +493,6 @@ char line[1024]; char *url=NULL; char *p; -#if CGI_LOGGING - FILE *f; -#endif if (chdir(rootdir)) { cgi_setup_error("400 Server Error", "", @@ -500,19 +514,9 @@ "Samba is configured to deny access from this client\n
Check your \"hosts allow\" and \"hosts deny\" options in smb.conf "); } -#if CGI_LOGGING - f = sys_fopen("/tmp/cgi.log", "a"); - if (f) fprintf(f,"\n[Date: %s %s (%s)]\n", - http_timestring(time(NULL)), - client_name(1), client_addr(1)); -#endif - /* we are a mini-web server. We need to read the request from stdin and handle authentication etc */ while (fgets(line, sizeof(line)-1, stdin)) { -#if CGI_LOGGING - if (f) fputs(line, f); -#endif if (line[0] == '\r' || line[0] == '\n') break; if (strncasecmp(line,"GET ", 4)==0) { got_request = True; @@ -532,9 +536,6 @@ } /* ignore all other requests! */ } -#if CGI_LOGGING - if (f) fclose(f); -#endif if (auth_required && !authenticated) { cgi_auth_error(); -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From sharpe at ns.aus.com Sun Nov 5 10:22:33 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain Message-ID: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> Hi, With the attached patch, my reasonably recent version of Samba 2.2.0 allows Win2K to join the domain. I cannot see who applied the changes as I can't figure out how to get CVS to tell me the differences or history ... As you can see, if you look at the patch, the changes are reasonably minor. -------------- next part -------------- --- srv_lsa.c.orig Sun Oct 29 07:38:13 2000 +++ srv_lsa.c Sun Nov 5 18:48:20 2000 @@ -88,7 +88,7 @@ static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid) { - int domlen = (dom_name != NULL) ? strlen(dom_name) : 0; + int domlen = (dom_name != NULL) ? strlen(dom_name)+1 : 0; d_q->uni_dom_max_len = domlen * 2; d_q->uni_dom_str_len = domlen * 2; @@ -183,7 +183,7 @@ ref->max_entries = MAX_REF_DOMAINS; ref->num_ref_doms_2 = num+1; - len = (dom_name != NULL) ? strlen(dom_name) : 0; + len = (dom_name != NULL) ? strlen(dom_name)+1 : 0; if(dom_name != NULL && len == 0) len = 1; -------------- next part -------------- Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From tcurdt at dff.st Sun Nov 5 14:11:01 2000 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:32:14 2003 Subject: samba 2.2.0 (cvs) + profiles + LDAP Message-ID: I just checked out samba 2.2.0. Even using it as PDC worked like charm with W2k! Great! But still there are some questions left: 1) samba stores the profiles in the users homedir although I put... [Profiles] path = /PDC/profiles browseable = no writeable = yes create mask = 700 directory mask = 700 public = no ...in the config. This worked with 2.0.6. How can I change this behaviour? 2) Is are way of calling a script when some machines tries to join the domain? (Even before the machine account exists?) 3) Who is working on the LDAP stuff? I'd like to see if I can help... ...I don't want to have a smbpasswd file since all my user come from a LDAP server. Cheers -- Torsten From edmundo at moscow.com Sun Nov 5 18:10:56 2000 From: edmundo at moscow.com (Stokes) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain References: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> Message-ID: <006701c04753$bed2d640$010aa8c0@shitepie> I applied this patch and still I recieve the message "The following error occured attempting to join the domain "mydomain": The credentials supplied conflict with an existing set of credentials" when trying to add a w2k machine to the domain. This is right after w2k machine asks for the name and password of an account "with permission to join the domain". I have added the root account to smbpasswd file but I noticed that I recieve this error even if I enter a non-existent account name when windows asks for a domain admin account name. Also I have reset the password for the machine account using smbpasswd -a -m machine$ (note: the entry does not appear to change after using this command, but the machine still can't join even if I use the -n optino for no password). Perhaps samba is not reading the smbpasswd file correctly? Or maybe I need to define "add user script" in my smb.conf? The only problem with that setting is that I am running freeBSD, and the adduser utility seems to demand interaction... any suggestions? every other feature of 2.2.0 seems to work flawlessly. Stokes ----- Original Message ----- From: "Richard Sharpe" To: Sent: Sunday, November 05, 2000 2:22 AM Subject: Samba 2.2.0 with this patch allows Win2K to join domain > Hi, > > With the attached patch, my reasonably recent version of Samba 2.2.0 allows > Win2K to join the domain. > > I cannot see who applied the changes as I can't figure out how to get CVS > to tell me the differences or history ... > > As you can see, if you look at the patch, the changes are reasonably minor. > > ---------------------------------------------------------------------------- ---- > > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > From D.Bannon at latrobe.edu.au Sun Nov 5 22:41:03 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:14 2003 Subject: Change PWD In-Reply-To: <3A02EB8C.5AEAAE62@muenster.de> Message-ID: <3.0.6.32.20001106094103.008aa320@bioserve.latrobe.edu.au> At 05:45 PM 03/11/2000 +0100, carsten wrote: >Hello together, > >can anyone of you tell me what i have to do when i want to change samba >PWD when i change the windows PWD (95/NT) > Carsten, please read the ntdom FAQ and HowTo, this issue is deal with there. See bioserve.latrobe.edu.au/samba and make sure you look at the right pages for the version of samba you are using. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From smoky at secsi.net Sun Nov 5 23:15:26 2000 From: smoky at secsi.net (q) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain In-Reply-To: <006701c04753$bed2d640$010aa8c0@shitepie> Message-ID: for freebsd, to add a user without using 'adduser', use 'pw'. that'll eliminate that problem. From sharpe at ns.aus.com Mon Nov 6 02:07:53 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 and Win2K joining the domain Message-ID: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Hi, I have seen some conflicting reports of people being able to join a Samba 2.2.0 domain from Win2K. Can people tell me the date they pulled down the version please so I can see if this is a problem with the latest CVS tree or a problem with what I have got. Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From dyaya_2000 at yahoo.com Mon Nov 6 02:54:05 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:14 2003 Subject: Trust Relationship still not work References: <20001105200113.7257E7E31@lists.samba.org> Message-ID: <00e101c0479c$d419ba20$8d030201@smutu1> I use samba-TNG 2.2.6. I have two domains here. One is the Samba Domain and the other is NT Domain. Samba Domain = SAMBA Samba PDC = SMBSERVER NT Domain = AIPL NT PDC = NTSERVER In my smb.conf .... just a part of that: [global] workgroup = SAMBA security = domain trusted domains = AIPL=NTSERVER trusting domains = AIPL I tried to make trust relationship between these two domains where the Samba Domain is the trusting or the trusted of the NT Domain. In Samba I run the comment, after samedit or the rpcclient comment, 'createuser AIPL$ -i -p [password]' 'createuser NTSERVER$ -p [password]' In NT, I establish Trust Relationship with User Manager for Domain, it looks worrk cause I get the message "Trust relationship established...." (Sorry I forgot the details message). But after all ... I couldn't access the NT Resources from Samba and I couldn't I access Samba Resources from NT. Is there something I miss? Should I need to add password in 'createuser AIPL$ -i -p [password]' and 'createuser NTSERVER$ -p [password]'? Sorry for my bad English. Thanks yaya From dyaya_2000 at yahoo.com Mon Nov 6 03:03:43 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:14 2003 Subject: Swat with Samba-TNG Fails? References: <20001104200114.EDFA97EA1@lists.samba.org> Message-ID: <010401c0479e$2c92d8c0$8d030201@smutu1> > From: Larry James > Subject: Swat with Samba-TNG Fails? > To: samba-ntdom@us5.samba.org > Date: Sat, 4 Nov 2000 08:41:28 -0500 (EST) > > There's some element differnt with swat from version samba-2.0.7 > and samba-tng. In my effort to find the element, I renamed my > /usr/local/samba directory to a /usr/local/samba.tng. Then I reinstalled > 2.0.7. Then I logged into swat with a browser using any name that's > included in my /etc/passwd file. It worked every time. The only > difference was that only root could make changes to the smb.conf file. > Now I ran make uninstall on the version 2.0.7. Then I ran make > install on the version TNG. Then I replaced my original > /usr/local/samba directory. Now when I try to log into swat using a > browser, any username/password fails. I'm sure this happened to some of > the others when they moved from samba to samba-tng. What was some of > the things you had to do to be able to use swat after the move? > Thanks in advance for any suggestions or comments. > > -- L. James > Well, try to install Samba-TNG in other directory, eg. /opt/samba-tng or something you like. I have the some problem in the first intall, then I reinstall Samba-TNG, the SWAT is working, off course you must edit the /etc/services and the /etc/inetd.conf (in RedHat). thx yaya From PCalkins at OEMSupport.com Mon Nov 6 02:56:02 2000 From: PCalkins at OEMSupport.com (Patrick Calkins) Date: Tue Dec 2 02:32:14 2003 Subject: Win2k Domain Message-ID: <20DD62956F435141ACDA69B2989B446B309CD3@orion.oem.oemsupport.com> Hello All, Does anyone know if any of the development releases allow a Win2k machine to join a samba pdc? Does either the HEAD or SAMBA_2_2 have this functionality implemented yet? I am currently using a 2 week old HEAD release and have not heard on the status of this yet... thanks! --Patrick From ljames at hera.apollo3.com Mon Nov 6 03:08:35 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:14 2003 Subject: Swat with Samba-TNG Fails? Message-ID: <200011060308.WAA12953@hera.apollo3.com> > Samba TNG and SWAT are not working. > > Cu Thanks, Lars. Sorry to have been such a pest about it. I didn't know that. I had studied the docs and faq's for weeks before finally posting the question. I was becoming almost obsessed with trying to find what I was missing. By the way, I guest it's you that had provided the smb.conf file that I'm using. It had me thrown for a loop for a while. The only way my sharing would work was to us "lars" as the workgroup name for a while. This Windows NT networking seems to be quiet complicated at times. I figured out how to setup Novel Networking in one day when I really didn't know anything about networking. I was surprised that people were paying thousands of dollars for certification when it seemed so easy. I know there are a lot of management and security details that is important that I soon learned. But just getting up a private and friendly network to share resources (drives and printers) were quiet cut and dry. There's a chance something might soon click with this environment also. For instance I believe I'm just learning that most of my problems were coming from the fact that my client machines were not logged into the network. It seems that with Windows 98 you have to log into the network by setting the option in the network properties for the domain name under the network client. This seems to be an important key to attaching to the network. Some of my machines had, had this switch and some of them didn't. I didn't know that there was a way to log into the domain except to set a check in the box for the domain log-ons. I didn't want that because I didn't want Windows to pause every time it's booted up. I wanted the machine to go directly to the task they are set for, for instance one is set to do fax services, which is locked out if the machine is rebooted and a person doesn't know the domain name password. Another key I'm just learning is, it seems that they need to be of the same workgroup also. Now I have a question for the group. Is there some sequence or procedure that can provide for Windows 98 to joining the domain name for access later, when the Windows 98 user is different, as well as the windows machine belonging to a different workgroup? From my reading there seems to be some applications in WindowsNT that allows a person to run some executables to join the domain. In Novel you have the option of right clicking on the Server and you get a login menu option. The purpose is that there are utilities on the Samba servers that I would like to make accessible for certain maintenance people, but for the Windows 98 stations to in general have a certain restricted access for the task they are setup for. I hope I'm not including to much details to blur the objective. At the same time I hope I'm including enough to be clear. Thanks in advance for any input. -- L. James ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From D.Bannon at latrobe.edu.au Mon Nov 6 03:25:58 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Message-ID: <3.0.6.32.20001106142558.008b42d0@bioserve.latrobe.edu.au> At 12:07 PM 06/11/2000 +1000, Richard Sharpe wrote: >Hi, > >I have seen some conflicting reports of people being able to join a Samba >2.2.0 domain from Win2K. > >Can people tell me the date they pulled down the version please so I can >see if this is a problem with the latest CVS tree or a problem with what I >have got. Richard, I have been able to put W2K on the domain on each of 3 versions I pulled down over the last 2 of weeks. The current one was cvs'ed on early Nov 2 (melbourne time). There are some issues (ref the FAQ) but it certainly works for me. I'll get a completely fresh copy and confirm it. Should we start comparing operating systems etc ? David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Mon Nov 6 03:29:05 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:14 2003 Subject: Trust Relationship still not work In-Reply-To: <00e101c0479c$d419ba20$8d030201@smutu1> References: <20001105200113.7257E7E31@lists.samba.org> Message-ID: <3.0.6.32.20001106142905.008b6d60@bioserve.latrobe.edu.au> Hi, as this is a samba-tng question, you might do better sending it to the samba-tng lists. Have a look at www.samba-tng.org David At 09:54 AM 06/11/2000 +0700, yaya wrote: >I use samba-TNG 2.2.6. >I have two domains here. One is the Samba Domain and the other is NT Domain. >Samba Domain = SAMBA >Samba PDC = SMBSERVER >NT Domain = AIPL >NT PDC = NTSERVER > >In my smb.conf .... just a part of that: > >[global] > workgroup = SAMBA > security = domain > trusted domains = AIPL=NTSERVER > trusting domains = AIPL > >I tried to make trust relationship between these two domains where the Samba >Domain is the trusting or the trusted of the NT Domain. >In Samba I run the comment, after samedit or the rpcclient comment, >'createuser AIPL$ -i -p [password]' >'createuser NTSERVER$ -p [password]' > >In NT, I establish Trust Relationship with User Manager for Domain, it looks >worrk cause I get the message "Trust relationship established...." (Sorry I >forgot the details message). > >But after all ... I couldn't access the NT Resources from Samba and I >couldn't I access Samba Resources from NT. >Is there something I miss? >Should I need to add password in 'createuser AIPL$ -i -p [password]' and >'createuser NTSERVER$ -p [password]'? > >Sorry for my bad English. > >Thanks >yaya > > > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Mon Nov 6 03:35:26 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:14 2003 Subject: Win2k Domain In-Reply-To: <20DD62956F435141ACDA69B2989B446B309CD3@orion.oem.oemsuppor t.com> Message-ID: <3.0.6.32.20001106143526.008a3770@bioserve.latrobe.edu.au> At 06:56 PM 05/11/2000 -0800, Patrick Calkins wrote: >Hello All, > Does anyone know if any of the development releases allow a Win2k machine >to join a samba pdc? Does either the HEAD or SAMBA_2_2 have this >functionality implemented yet? I am currently using a 2 week old HEAD >release and have not heard on the status of this yet... thanks! > PLEASE - read the FAQ of the Samba->Documentation web pages. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From sharpe at ns.aus.com Mon Nov 6 03:10:24 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: <3.0.6.32.20001106142558.008b42d0@bioserve.latrobe.edu.au> References: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Message-ID: <3.0.6.32.20001106131024.00a8b570@203.16.214.248> At 02:25 PM 11/6/00 +1100, David Bannon wrote: >At 12:07 PM 06/11/2000 +1000, Richard Sharpe wrote: >>Hi, >> >>I have seen some conflicting reports of people being able to join a Samba >>2.2.0 domain from Win2K. >> >>Can people tell me the date they pulled down the version please so I can >>see if this is a problem with the latest CVS tree or a problem with what I >>have got. > >Richard, > I have been able to put W2K on the domain on each of 3 versions I pulled >down over the last 2 of weeks. The current one was cvs'ed on early Nov 2 >(melbourne time). > >There are some issues (ref the FAQ) but it certainly works for me. > >I'll get a completely fresh copy and confirm it. Should we start comparing >operating systems etc ? I have RedHat 6.2 on two machines, and had the same problems with a download circa 2-Nov-2000. The patch I sent around fixes things, but I know that a moderately complex smb.conf file causes problems as well. >David >------------------------------------------------------------ >David Bannon D.Bannon@latrobe.edu.au >School of Biochemistry Phone 61 03 9479 2197 >La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >------------------------------------------------------------ >..... Humpty Dumpty was pushed ! > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From torne at i.am Mon Nov 6 08:42:28 2000 From: torne at i.am (Torne Wuff) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Message-ID: > I have seen some conflicting reports of people being able to join a Samba > 2.2.0 domain from Win2K. > > Can people tell me the date they pulled down the version please so I can > see if this is a problem with the latest CVS tree or a problem with what I > have got. I have SAMBA_2_2 pulled down on 3 Nov and I can't get it to work. My machine says 'Cannot join domain, the credentials supplied conflict with an existing set'. Any clues? =) Thanks, Torne From Jean-Francois.Micouleau at dalalu.fr Mon Nov 6 08:56:37 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:32:14 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: Message-ID: On Mon, 6 Nov 2000, Torne Wuff wrote: > I have SAMBA_2_2 pulled down on 3 Nov and I can't get it to work. My machine > says 'Cannot join domain, the credentials supplied conflict with an existing > set'. Any clues? =) this has nothing to do with richard's problem. The creds conflit is due to you already have a connection with the PDC. Either your wks is in a workgroup with the same name as the domain or you have a network connection to the PDC. Move your wks to a different workgroup, reboot and try again to join the domain. J.F. From akopps at CSUA.Berkeley.EDU Mon Nov 6 09:32:54 2000 From: akopps at CSUA.Berkeley.EDU (Akop Pogosian) Date: Tue Dec 2 02:32:14 2003 Subject: samba 2.2.0 (cvs) + profiles + LDAP In-Reply-To: Message-ID: On Sun, 5 Nov 2000, Torsten Curdt wrote: > I just checked out samba 2.2.0. > Even using it as PDC worked like > charm with W2k! Great! > > But still there are some questions left: > > 1) samba stores the profiles in > the users homedir although I put... > [Profiles] > path = /PDC/profiles > browseable = no > writeable = yes > create mask = 700 > directory mask = 700 > public = no > > ...in the config. This worked with 2.0.6. > How can I change this behaviour? You need to use the "logon path" keyword in smb.conf on your PDC to specify where to store the profiles. For example, if you want to use the profile share above: logon path = \\machinename\profiles\%U (%U for username) -Akop From f.w.j.wiegerinck at student.utwente.nl Mon Nov 6 10:52:44 2000 From: f.w.j.wiegerinck at student.utwente.nl (F.W.J.Wiegerinck) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain References: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> <006701c04753$bed2d640$010aa8c0@shitepie> Message-ID: <006201c047df$b4683060$2000a8c0@student.utwente.nl> In my opinion this suggests that you already have an active session to your server. The same error will occure when you're trying to access 2 shares with 2 different usernames on the same server. Maybe it helps when you have a clean boot from your workstation with no open sessions to any station in the network. Good luck, Frank Wiegerinck P.S. Sorry for my poor english ----- Original Message ----- From: Stokes To: Sent: Sunday, November 05, 2000 6:10 PM Subject: Re: Samba 2.2.0 with this patch allows Win2K to join domain > I applied this patch and still I recieve the message "The following error > occured attempting to join the domain "mydomain": The credentials supplied > conflict with an existing set of credentials" when trying to add a w2k > machine to the domain. This is right after w2k machine asks for the name > and password of an account "with permission to join the domain". I have > added the root account to smbpasswd file but I noticed that I recieve this > error even if I enter a non-existent account name when windows asks for a > domain admin account name. Also I have reset the password for the machine > account using smbpasswd -a -m machine$ (note: the entry does not appear to > change after using this command, but the machine still can't join even if I > use the -n optino for no password). > > Perhaps samba is not reading the smbpasswd file correctly? Or maybe I need > to define "add user script" in my smb.conf? The only problem with that > setting is that I am running freeBSD, and the adduser utility seems to > demand interaction... > > any suggestions? every other feature of 2.2.0 seems to work flawlessly. > > Stokes > > ----- Original Message ----- > From: "Richard Sharpe" > To: > Sent: Sunday, November 05, 2000 2:22 AM > Subject: Samba 2.2.0 with this patch allows Win2K to join domain > > > > Hi, > > > > With the attached patch, my reasonably recent version of Samba 2.2.0 > allows > > Win2K to join the domain. > > > > I cannot see who applied the changes as I can't figure out how to get CVS > > to tell me the differences or history ... > > > > As you can see, if you look at the patch, the changes are reasonably > minor. > > > > > > > -------------------------------------------------------------------------- -- > ---- > > > > > > > > Regards > > ------- > > Richard Sharpe, sharpe@ns.aus.com > > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > > Contributing author, SAMS Teach Yourself Samba in 24 Hours > > Author, Special Edition, Using Samba > > > > > > From inge at cc.uit.no Mon Nov 6 10:43:10 2000 From: inge at cc.uit.no (=?iso-8859-1?Q?Inge=2DH=E5vard?= Hunstad) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain References: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> <006701c04753$bed2d640$010aa8c0@shitepie> <006201c047df$b4683060$2000a8c0@student.utwente.nl> Message-ID: <3A068B3E.56FE217C@cc.uit.no> "F.W.J.Wiegerinck" wrote: > > In my opinion this suggests that you already have an active session to > your server. The same error will occure when you're trying to access > 2 shares with 2 different usernames on the same server. > Maybe it helps when you have a clean boot from your workstation with > no open sessions to any station in the network. > > Good luck, > > Frank Wiegerinck > > P.S. Sorry for my poor english To see connections to other computers type "net use" in a cmd shell. Then you can do a "net use \\computername\sharename[\volume] /delete" to remove the connection. I have to say that usualy this works but not always...:) inge From tcurdt at dff.st Mon Nov 6 10:51:18 2000 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:32:15 2003 Subject: samba 2.2.0 (cvs) + profiles + LDAP In-Reply-To: Message-ID: > > 1) samba stores the profiles in > > the users homedir although I put... .. > > ...in the config. This worked with 2.0.6. > > How can I change this behaviour? > You need to use the "logon path" keyword in smb.conf on your PDC to > specify where to store the profiles. > > For example, if you want to use the profile share above: > logon path = \\machinename\profiles\%U > > (%U for username) Doh! Thanks! ;) -- Torsten From paul.bowen at analog.com Mon Nov 6 10:55:14 2000 From: paul.bowen at analog.com (Paul Bowen) Date: Tue Dec 2 02:32:15 2003 Subject: Citrix Terminal Server intermittently asks for and won't accept password while connecting to samba References: <3A02B68D.DA1FDAE9@adbvdesign.analog.com> Message-ID: <3A068E12.E0D99E4B@adbvdesign.analog.com> > Problem: Citrix Terminal Server intermittently won't connect to unix > home directory via Samba. It asks for a password and won't accept the > password. > We are using Samba release 2.0.6 11 with Solaris 2.6 on a Sun Ultra. > > We are also using MetaFrame 1.8 on a Windows Terminal Server 4.0 SP5 > > We are using Tektronix WinDD NIS Support version 3.5, so people > can log onto the Terminal Server Automatically from their Sun > machines with their unix logon & password > > We have an intermittent problem when a user logs onto the Terminal > Server via the Sun and it won't allow them to connect (using net use) > to their mounted unix home directory. > Once this starts to happen,we have to kill and start the smbd -D & > nmbd -D processes to allow all users when logging on to connect to > their unix home directory. > > We made than the following adjustment which seemed to fix things for a > while:- > Run regedt32.exe and locate the hive key entry: > HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Rdr\Parameters\ > > Add the following value: > EnablePlainTextPassword:REG_DWORD=1 > > > We get the following message in the samba log file when this happens:- > > [2000/10/27 17:03:54, 1] smbd/service.c:(535) > dests1 (137.71.42.140) connect to service jmagifu as user jmagifu > (uid=*****, > gid=&&&&) (pid 21610) > [2000/10/27 17:03:55, 1] smbd/service.c:(568) > dests1 (137.71.42.140) closed connection to service jmagifu > [2000/10/27 17:03:58, 1] smbd/service.c:(535) > dests1 (137.71.42.140) connect to service jmagifu as user jmagifu > (uid=*****, > gid=&&&&) (pid 21610) > [2000/10/27 17:08:23, 1] smbd/password.c:(1105) > password server DESTS1 rejected the password > [2000/10/27 17:08:23, 1] smbd/password.c:(505) > Couldn't find user 'russell' in smb_passwd file. > > > Below is section from our smb.conf > ========================= > [global] > > # workgroup = NT-Domain-Name or Workgroup-Name > workgroup = SPANIEL > > # server string is the equivalent of the NT Description field > server string = Chamel1 Samba Server > > # This option is important for security. It allows you to restrict > # connections to machines which are on your local network. The > # following example restricts access to two C class networks and > # the "loopback" interface. For more examples of the syntax see > # the smb.conf man page > ; hosts allow = 192.168.1. 192.168.2. 127. > > # If you want to automatically load your printer list rather > # than setting them up individually then you'll need this > load printers = yes > > # you may wish to override the location of the printcap file > ; printcap name = /etc/printcap > > # on SystemV system setting printcap name to lpstat should allow > # you to automatically obtain a printer list from the SystemV spool > # system > printcap name = lpstat > > # It should not be necessary to specify the print system type unless > # it is non-standard. Currently supported print systems include: > # bsd, sysv, plp, lprng, aix, hpux, qnx > ; printing = bsd > > # Uncomment this if you want a guest account, you must add this to > /etc/passwd > # otherwise the user "nobody" is used > ; guest account = pcguest > > # this tells Samba to use a separate log file for each machine > # that connects > log file = /usr/local/samba/var/log.%m > > # Put a capping on the size of the log files (in Kb). > max log size = 5000 > > # Security mode. Most people will want user level security. See > # security_level.txt for details. > ; security = user > security = server > # Use password server option only with security = server > ; password server = > password server = boa1 > > # Password Level allows matching of _n_ characters of the password for > > # all combinations of upper and lower case. > ; password level = 8 > > # You may wish to use password encryption. Please read > # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. > # Do not enable this option unless you have read those documents > ; encrypt passwords = yes > > # Unix users can map to different SMB User names > ; username map = /etc/smbusers > > # Using the following line enables you to customise your configuration > > # on a per machine basis. The %m gets replaced with the netbios name > # of the machine that is connecting > ; include = /usr/local/samba/lib/smb.conf.%m > > # Most people will find that this option gives better performance. > # See speed.txt and the manual pages for details > socket options = TCP_NODELAY > > # Configure Samba to use multiple interfaces > # If you have multiple network interfaces then you must list them > # here. See the man page for details. > ; interfaces = 192.168.12.2/24 192.168.13.2/24 > > # Configure remote browse list synchronisation here > # request announcement to, or browse list sync from: > # a specific host or from / to a whole subnet (see below) > ; remote browse sync = 192.168.3.25 192.168.5.255 > # Cause this host to announce itself to local subnets here > ; remote announce = 192.168.1.255 192.168.2.44 > > # Browser Control Options: > # set local master to no if you don't want Samba to become a master > # browser on your network. Otherwise the normal election rules apply > ; local master = no > > # OS Level determines the precedence of this server in master browser > # elections. The default value should be reasonable > ; os level = 33 > > # Domain Master specifies Samba to be the Domain Master Browser. This > # allows Samba to collate browse lists between subnets. Don't use this > > # if you already have a Windows NT domain controller doing this job > ; domain master = yes > > # Preferred Master causes Samba to force a local browser election on > startup > # and gives it a slightly higher chance of winning the election > ; preferred master = yes > > # Use only if you have an NT server on your network that has been > # configured at install time to be a primary domain controller. > ; domain controller = > > # Enable this if you want Samba to be a domain logon server for > # Windows95 workstations. > ; domain logons = yes > > # if you enable domain logons then you may want a per-machine or > # per user logon script > # run a specific logon batch file per workstation (machine) > ; logon script = %m.bat > # run a specific logon batch file per username > ; logon script = %U.bat > > # Where to store roving profiles (only for Win95 and WinNT) > # %L substitutes for this servers netbios name, %U is username > # You must uncomment the [Profiles] share below > ; logon path = \\%L\Profiles\%U > > # Windows Internet Name Serving Support Section: > # WINS Support - Tells the NMBD component of Samba to enable it's WINS > Server > ; wins support = yes > > # WINS Server - Tells the NMBD components of Samba to be a WINS Client > > # Note: Samba can be either a WINS Server, or a WINS Client, but > NOT both > ; wins server = w.x.y.z > > # WINS Proxy - Tells Samba to answer name resolution queries on > # behalf of a non WINS capable client, for this to work there must be > # at least one WINS Server on the network. The default is NO. > ; wins proxy = yes > > # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS > names > # via DNS nslookups. The built-in default for versions 1.9.17 is yes, > # this has been changed in version 1.9.18 to no. > dns proxy = no > > # Case Preservation can be handy - system default is _no_ > # NOTE: These can be set on a per share basis > ; preserve case = no > ; short preserve case = no > # Default case is normally upper case for all DOS files > ; default case = lower > # Be very careful with case sensitivity - it can break things! > ; case sensitive = no > > -------------- next part -------------- HTML attachment scrubbed and removed From blas.castro at netgiro.com Mon Nov 6 12:23:54 2000 From: blas.castro at netgiro.com (Blas Castro) Date: Tue Dec 2 02:32:15 2003 Subject: Samba-TNG Printing Server In-Reply-To: References: Message-ID: <00110613262301.01050@BLASILANDIA> =09Hi Samba-TNG folks, =09Does anybody knows which version of Samba-TNG works as a Printing server to Win2K machines? =09I guess it doesn't work so far. =09Best Regards. =09Blas Castro. =09Netgiro Spain =09blas.castro@midware.es From gcarter at valinux.com Mon Nov 6 14:02:19 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:15 2003 Subject: Citrix Terminal Server intermittently asks for and won't accept password while connecting to samba References: <3A02B68D.DA1FDAE9@adbvdesign.analog.com> <3A068E12.E0D99E4B@adbvdesign.analog.com> Message-ID: <3A06B9EB.28FC5606@valinux.com> Paul Bowen wrote: > > > Problem: Citrix Terminal Server intermittently won't connect to > > unix home directory via Samba. It asks for a password and won't > > accept the password. ... > > # Security mode. Most people will want user level security. See > > # security_level.txt for details. > > ; security = user > > security = server > > # Use password server option only with security = server > > ; password server = > > password server = boa1 I would recommend using security = domain instead. That should help. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pragyan at cs.iitm.ernet.in Mon Nov 6 20:59:05 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:15 2003 Subject: Does Samba support Win2K as clients? Message-ID: Hello, I would like to know if Samba ver.2.0.7 support Windows 2000 Professional as clients? And if not, is there any work going on in this direction? I have got an environment of Windows Professional (i.e, Windows 2000 clients) and Linux systems, and I would like to use them such that each user has just one account and they are able to use their file system no matter where they login. And the login information should be maintained at only one place, so that each user has to remember just one login and one password. We plan to use a Linux system as Domain Controller. The Linux clients can authenticate themselves by using NIS and using NFS to mount the system. We want to use Samba to authenticate and mount the file system for Windows Professional clients from Linux. Can anybody tell if this is possible and if yes, can you suggest any source of information which can help us do it? Thanks in advance, Have a nice day, Pragyan. From p.mayers at ic.ac.uk Mon Nov 6 17:03:16 2000 From: p.mayers at ic.ac.uk (Mayers, Philip J) Date: Tue Dec 2 02:32:15 2003 Subject: For the record... Message-ID: All, 27bf6a5d095845f8ccd243bf22b26bb6 I'd like to make this MD5 available on the public record. Please don't ask my why or what it's for. I'll let you all know in a short period of time. Apologies for the off-topic note. Regards, Phil +----------------------------------+ | Phil Mayers, Network Support | | Centre for Computing Services | | Imperial College | +----------------------------------+ From btarver at vention.com Mon Nov 6 17:15:53 2000 From: btarver at vention.com (Brad Tarver) Date: Tue Dec 2 02:32:15 2003 Subject: add user script Message-ID: does this file that this directive refers to have to have windows cf/lf in it like a logon script? or can i just create it in vi? -- Brad Tarver Network Engineer btarver@vention.com "Security is not a product, but a process." -- Bruce Schneier, author of "Applied Cryptography" From edmundo at moscow.com Mon Nov 6 17:38:00 2000 From: edmundo at moscow.com (Stokes) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain References: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> <006701c04753$bed2d640$010aa8c0@shitepie> <006201c047df$b4683060$2000a8c0@student.utwente.nl> Message-ID: <007c01c04818$4f53a270$010aa8c0@shitepie> Thanks Frank. Richard Sharpe pointed out eariler that logging out and logging back in solves this problem, as long as no connections are made to the samba server before attempting to join the domain. Next error message to deal with while adding a win2k machine to the domain: "The procedure number is out of range" this is fun! stokes ----- Original Message ----- From: "F.W.J.Wiegerinck" To: "Stokes" ; Sent: Monday, November 06, 2000 2:52 AM Subject: Re: Samba 2.2.0 with this patch allows Win2K to join domain > In my opinion this suggests that you already have an active session to > your server. The same error will occure when you're trying to access > 2 shares with 2 different usernames on the same server. > Maybe it helps when you have a clean boot from your workstation with > no open sessions to any station in the network. > > Good luck, > > Frank Wiegerinck > > P.S. Sorry for my poor english > > ----- Original Message ----- > From: Stokes > To: > Sent: Sunday, November 05, 2000 6:10 PM > Subject: Re: Samba 2.2.0 with this patch allows Win2K to join domain > > > > I applied this patch and still I recieve the message "The following error > > occured attempting to join the domain "mydomain": The credentials supplied > > conflict with an existing set of credentials" when trying to add a w2k > > machine to the domain. This is right after w2k machine asks for the name > > and password of an account "with permission to join the domain". I have > > added the root account to smbpasswd file but I noticed that I recieve this > > error even if I enter a non-existent account name when windows asks for a > > domain admin account name. Also I have reset the password for the machine > > account using smbpasswd -a -m machine$ (note: the entry does not appear to > > change after using this command, but the machine still can't join even if > I > > use the -n optino for no password). > > > > Perhaps samba is not reading the smbpasswd file correctly? Or maybe I > need > > to define "add user script" in my smb.conf? The only problem with that > > setting is that I am running freeBSD, and the adduser utility seems to > > demand interaction... > > > > any suggestions? every other feature of 2.2.0 seems to work flawlessly. > > > > Stokes > > > > ----- Original Message ----- > > From: "Richard Sharpe" > > To: > > Sent: Sunday, November 05, 2000 2:22 AM > > Subject: Samba 2.2.0 with this patch allows Win2K to join domain > > > > > > > Hi, > > > > > > With the attached patch, my reasonably recent version of Samba 2.2.0 > > allows > > > Win2K to join the domain. > > > > > > I cannot see who applied the changes as I can't figure out how to get > CVS > > > to tell me the differences or history ... > > > > > > As you can see, if you look at the patch, the changes are reasonably > > minor. > > > > > > > > > > > > -------------------------------------------------------------------------- > -- > > ---- > > > > > > > > > > > > > Regards > > > ------- > > > Richard Sharpe, sharpe@ns.aus.com > > > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > > > Contributing author, SAMS Teach Yourself Samba in 24 Hours > > > Author, Special Edition, Using Samba > > > > > > > > > > > From ljames at hera.apollo3.com Mon Nov 6 18:10:46 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:15 2003 Subject: add user script Message-ID: <200011061810.NAA18342@hera.apollo3.com> > Subject: add user script > Date: Mon, 6 Nov 2000 11:15:53 -0600 > > does this file that this directive refers to have to have windows > cf/lf in > it like a logon script? or can i just create it in vi? No. The logon script is run by a Windows machine. The add user script is run by your samba (linux/unix) machine. -- L. James -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From jean.desrochers at medisolution.com Mon Nov 6 17:53:49 2000 From: jean.desrochers at medisolution.com (Desrochers, Jean (Laval)) Date: Tue Dec 2 02:32:15 2003 Subject: FW: remove my name Message-ID: Take out my email name from your mail send messages. -------------- next part -------------- A non-text attachment was scrubbed... Name: Desrochers, Jean (Laval).vcf Type: application/octet-stream Size: 425 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001106/d65663c2/DesrochersJeanLaval.obj From rcalex at home.com Mon Nov 6 17:57:19 2000 From: rcalex at home.com (Ron Alexander) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.0.7 SWAT vulnerabilities (fwd) In-Reply-To: <20001104134504.B22381@valinux.com> Message-ID: Am I missing something, or should the patch be ammended to: /* Save the users name */ C_user = strdup(user); return True; <<<<<<<<<<< if it is a correct name/passwd } err: The other way would be to init ret to False and change the return False to return ret. Ron Alexander -----Original Message----- From: samba-technical-admin@us5.samba.org [mailto:samba-technical-admin@us5.samba.org]On Behalf Of Jeremy Allison Sent: November 4, 2000 4:45 PM To: samba@samba.org Cc: samba-technical@samba.org; samba-ntdom@samba.org Subject: Re: Samba 2.0.7 SWAT vulnerabilities (fwd) Ok - here is the patch against 2.0.7 that fixes the problem that SWAT distinguishes between users that exist and those that don't. This patch has been tested by the original reporter of the problem and confirmed to be a fix. Let me know if this is a suitable responce, I'm hoping not to have to release a 2.0.7a with this fix as it doesn't seem to be such a critical problem (plus I'm spending all my time trying to get 2.2.0 out of the door), but if user pressure demands it we will of course release a new version. Cheers, Jeremy Allison, Samba Team. Index: web/cgi.c =================================================================== RCS file: /data/cvs/samba/source/web/cgi.c,v retrieving revision 1.30.2.2.2.6 diff -u -r1.30.2.2.2.6 cgi.c --- web/cgi.c 2000/04/11 17:36:36 1.30.2.2.2.6 +++ web/cgi.c 2000/11/04 21:14:51 @@ -26,8 +26,6 @@ /* set the expiry on fixed pages */ #define EXPIRY_TIME (60*60*24*7) -#define CGI_LOGGING 0 - #ifdef DEBUG_COMMENTS extern void print_title(char *fmt, ...); #endif @@ -198,7 +196,7 @@ } fclose(stdin); - (void)open("/dev/null", O_RDWR); + open("/dev/null", O_RDWR); if ((s=query_string) || (s=getenv("QUERY_STRING"))) { for (tok=strtok(s,"&;");tok;tok=strtok(NULL,"&;")) { @@ -327,7 +325,6 @@ d[n] = 0; } - /*************************************************************************** handle a http authentication line ***************************************************************************/ @@ -336,11 +333,17 @@ char *p, *user, *user_pass; struct passwd *pass = NULL; BOOL ret = False; + BOOL got_name = False; + BOOL tested_pass = False; + fstring default_user_lookup; + fstring default_user_pass; + + /* Dummy user lookup to take the same time as a valid user. */ + fstrcpy(default_user_lookup, "zzzz bibble"); + fstrcpy(default_user_pass, "123456789"); if (strncasecmp(line,"Basic ", 6)) { - cgi_setup_error("401 Bad Authorization", "", - "Only basic authorization is understood"); - return False; + goto err; } line += 6; while (line[0] == ' ') line++; @@ -350,9 +353,7 @@ * Always give the same error so a cracker * cannot tell why we fail. */ - cgi_setup_error("401 Bad Authorization", "", - "username/password must be supplied"); - return False; + goto err; } *p = 0; user = line; @@ -367,15 +368,16 @@ * Always give the same error so a cracker * cannot tell why we fail. */ - cgi_setup_error("401 Bad Authorization", "", - "username/password must be supplied"); - return False; + got_name = True; + goto err; } /* * Validate the password they have given. */ + tested_pass = True; + if((ret = pass_check(user, user_pass, strlen(user_pass), NULL, NULL)) == True) { /* @@ -394,7 +396,20 @@ C_user = strdup(user); } - return ret; + err: + + /* Always take the same time. */ + if (!got_name) + Get_Pwnam(default_user_lookup,False); + + if (!tested_pass) + pass_check(default_user_lookup, default_user_pass, + strlen(default_user_pass), NULL, NULL); + + cgi_setup_error("401 Bad Authorization", "", + "username or password incorrect"); + + return False; } /*************************************************************************** @@ -451,6 +466,8 @@ printf("Content-Type: image/gif\r\n"); } else if (strcmp(p,".jpg")==0) { printf("Content-Type: image/jpeg\r\n"); + } else if (strcmp(p,".txt")==0) { + printf("Content-Type: text/plain\r\n"); } else { printf("Content-Type: text/html\r\n"); } @@ -476,9 +493,6 @@ char line[1024]; char *url=NULL; char *p; -#if CGI_LOGGING - FILE *f; -#endif if (chdir(rootdir)) { cgi_setup_error("400 Server Error", "", @@ -500,19 +514,9 @@ "Samba is configured to deny access from this client\n
Check your \"hosts allow\" and \"hosts deny\" options in smb.conf "); } -#if CGI_LOGGING - f = sys_fopen("/tmp/cgi.log", "a"); - if (f) fprintf(f,"\n[Date: %s %s (%s)]\n", - http_timestring(time(NULL)), - client_name(1), client_addr(1)); -#endif - /* we are a mini-web server. We need to read the request from stdin and handle authentication etc */ while (fgets(line, sizeof(line)-1, stdin)) { -#if CGI_LOGGING - if (f) fputs(line, f); -#endif if (line[0] == '\r' || line[0] == '\n') break; if (strncasecmp(line,"GET ", 4)==0) { got_request = True; @@ -532,9 +536,6 @@ } /* ignore all other requests! */ } -#if CGI_LOGGING - if (f) fclose(f); -#endif if (auth_required && !authenticated) { cgi_auth_error(); -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From torne at i.am Mon Nov 6 18:46:33 2000 From: torne at i.am (Torne Wuff) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: Message-ID: > > I have SAMBA_2_2 pulled down on 3 Nov and I can't get it to > work. My machine > > says 'Cannot join domain, the credentials supplied conflict > with an existing > > set'. Any clues? =) > > this has nothing to do with richard's problem. > > The creds conflit is due to you already have a connection with the PDC. > Either your wks is in a workgroup with the same name as the domain or you > have a network connection to the PDC. > > Move your wks to a different workgroup, reboot and try again to join the > domain. It was in a workgroup with the same name - I changed it and now it fails differently. The Network Identifiation dialog always prompts for a user name and password, whether I create a machine account in /etc/passwd and in smbpasswd or not. It accepts my credentials now when I log in as root, and creates the accounts successfully if I have not already created one, even changing the password (since when I look in smbpasswd the hash has changed) - then just locks up for about 2-3 minutes before reporting 'cannot join domain, GBD000CD (the domain name) could not be contacted or is not responding'. Looking in the Samba log files, even set on loglevel 3 doesn't seem to show anything as failing.. Torne From mg at sambahq.de Mon Nov 6 18:50:12 2000 From: mg at sambahq.de (Michael Glauche) Date: Tue Dec 2 02:32:15 2003 Subject: Does Samba support Win2K as clients? In-Reply-To: Message-ID: <2877603370.973540212@[10.1.1.2]> --On Dienstag, 7. November 2000 02:29 +0530 Pragyansmita Paul wrote: > Hello, > > I would like to know if Samba ver.2.0.7 support Windows 2000 Professional > as clients? And if not, is there any work going on in this direction? > > I have got an environment of Windows Professional (i.e, Windows 2000 > clients) and Linux systems, and I would like to use them such that each > user has just one account and they are able to use their file system no > matter where they login. And the login information should be maintained at > only one place, so that each user has to remember just one login and one > password. > > We plan to use a Linux system as Domain Controller. The Linux clients can > authenticate themselves by using NIS and using NFS to mount the system. We > want to use Samba to authenticate and mount the file system for Windows > Professional clients from Linux. Can anybody tell if this is possible and > if yes, can you suggest any source of information which can help us do it? 2.0.7 will work with win2k as clients, but not as PDC. The upcoming 2.2.0 release will allow win2k prof clients to logon to a samba PDC. regards, Michael From ed at schernau.com Mon Nov 6 20:36:27 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:32:15 2003 Subject: Samba-TNG Printing Server References: <00110613262301.01050@BLASILANDIA> Message-ID: <3A07164B.BB62E71C@schernau.com> Blas Castro wrote: > > Hi Samba-TNG folks, > > Does anybody knows which version of Samba-TNG works as a Printing > server to Win2K machines? > > I guess it doesn't work so far. > > Best Regards. > > Blas Castro. > Netgiro Spain > blas.castro@midware.es If you're running Win2K, I'd set up TCP/IP printing. -- Edward Schernau, mailto:ed@schernau.com Network Architect http://www.schernau.com RC5-64#: 243249 e-gold acct #:131897 From jude.kean at ps.ge.com Mon Nov 6 21:17:28 2000 From: jude.kean at ps.ge.com (jude.kean@ps.ge.com) Date: Tue Dec 2 02:32:15 2003 Subject: authentication errors - Unix Samba server, NT authentication Message-ID: We are periodically having authorization errors from both Citrix Terminal Servers and PC's to get to Unix home dirs. Samba lives on an HP-UX 10.20 box. The quick view of parameters are listed below. The errors are as follows: [2000/11/06 12:56:30, 1] smbd/password.c:server_validate(1131) password server AUTHORIZER rejected the password [2000/11/06 12:56:30, 0] passdb/smbpass.c:startsmbfilepwent(50) startsmbfilepwent: unable to open file /opt/samba_2.0.5a/private/smbpasswd [2000/11/06 12:56:30, 0] passdb/passdb.c:iterate_getsmbpwnam(149) unable to open smb password database. [2000/11/06 12:56:30, 1] smbd/password.c:pass_check_smb(504) Couldn't find user 'user1' in smb_passwd file. This is intermittent, but pretty consistent. Enterprise environment supporting ~100+ users per Samba server. Our HelpDesk keeps re-setting the smbd, but this seems to be a pretty kludgy approach. I tried to change to security=DOMAIN, but can't get smbpasswd to run without change_trust_account_passwd error. Any help greatly appreciated. # Global parameters [global] workgroup = WORKGROUP netbios name = SAMBA1 server string = Samba File Server security = SERVER password server = AUTHORIZER username map = /opt/samba_2.0.5a/private/usermap log file = /opt/samba_2.0.5a/var/log.%m max log size = 50 change notify timeout = 300 deadtime = 15 shared mem size = 5242880 socket options = TCP_NODELAY IPTOS_LOWDELAY load printers = No [homes] comment = Home Directories read only = No browseable = No Jude Kean Software Administration Group Logic Technology @ GEPS From jean.desrochers at medisolution.com Mon Nov 6 18:56:23 2000 From: jean.desrochers at medisolution.com (Desrochers, Jean (Laval)) Date: Tue Dec 2 02:32:15 2003 Subject: FW: remove my name Message-ID: Take out my email name from your mail send messages. -------------- next part -------------- A non-text attachment was scrubbed... Name: Desrochers, Jean (Laval).vcf Type: application/octet-stream Size: 425 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001106/ab929b9d/DesrochersJeanLaval.obj From jbeauchamp at gesinc.com Tue Nov 7 00:55:20 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:15 2003 Subject: remove my name References: Message-ID: <00df01c04855$6a914820$1d01a8c0@internal.net> http://lists.samba.org/listinfo/samba-ntdom ----- Original Message ----- From: "Desrochers, Jean (Laval)" To: Sent: Monday, November 06, 2000 10:56 AM Subject: FW: remove my name > > > Take out my email name from your mail send messages. > > > > From D.Bannon at latrobe.edu.au Mon Nov 6 22:09:22 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Message-ID: <3.0.6.32.20001107090922.008a8660@bioserve.latrobe.edu.au> At 12:07 PM 06/11/2000 +1000, Richard Sharpe wrote: >Hi, > >I have seen some conflicting reports of people being able to join a Samba >2.2.0 domain from Win2K. > >Can people tell me the date they pulled down the version please so I can >see if this is a problem with the latest CVS tree or a problem with what I >have got. OK, I pulled down a completely new copy, it works just as well as the others. I get a 15 second delay after entering the root user name and password before the 'Welcome to XXX domain' message and then we are in, no problems. Now, that is set up in a very basic config, as specified in the ntdom howto of the samba-documentation pages. This is on a RH6.2, kernel 2.2.16-3, on an old P150 with only 32 meg ram. Connecting with W2K (release 2 ?) on a PIII-400 with 128 meg ram. (Actually the dimorphism with memory is interesting, don't you think ?). David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From jeremy at valinux.com Mon Nov 6 23:08:03 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.0.7 SWAT vulnerabilities (fwd) References: Message-ID: <3A0739D3.71B9DD88@valinux.com> Ron Alexander wrote: > > Am I missing something, or should the patch be ammended to: > > /* Save the users name */ > C_user = strdup(user); > return True; <<<<<<<<<<< if it is a correct name/passwd > } > > err: > Yes you're correct, thanks. I'll fix it in the CVS. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From ljames at hera.apollo3.com Tue Nov 7 05:34:17 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:15 2003 Subject: Tool/Utility or Procedure to Logon to Domain without Restarting Win98 Message-ID: <200011070534.AAA28288@hera.apollo3.com> On my Novell side, I can log into the Novel network from any of the clients by right using the guest access to get to a public resource that has the login tools, run Login and have access. Is there a way to do this under samba? It would seem that the first thing needed is for a guest user to be able to log without having a password. I've already attempted this by setting up a guest account with "no password". On the Linux machine, if I type this name in on the login prompt, it will go into the system (of course without privileges). Now I'm trying to make this guest account do the same thing under samba. However, the log indicates: ---------------------- domain_client_validate: unable to validate password for user guest in domain OLYMPUS t o Domain controller \\. (status=0xc0000064). SMB LM/NT Password did not match! Rejecting user 'guest': authentication failed ---------------------- The authentication fails. There isn't a password, just a name. I've given access to a public area to get to basic tools (to start with). Can someone tell me if there is a way to allow a guest account into the system? Also, is there some type of command or set of tools that could be gotten for the Win98 client machine to execute a domain login without rebooting or shutting down the applications. At present, you have a menu option to log off the current user from Windows 98. This will close all the open applications. It would be ideal if the "net logon" command would work. However, it error's "You cannot do this from within an MS-DOS window. Is there any other version of this application that could be run? or any other tools? Thanks in advance for any suggestions or comments. -- L. James -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From sharpe at ns.aus.com Mon Nov 6 18:15:25 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:15 2003 Subject: Samba 2.2.0 with this patch allows Win2K to join domain In-Reply-To: <007c01c04818$4f53a270$010aa8c0@shitepie> References: <3.0.6.32.20001105202233.00b3c570@203.16.214.248> <006701c04753$bed2d640$010aa8c0@shitepie> <006201c047df$b4683060$2000a8c0@student.utwente.nl> Message-ID: <3.0.6.32.20001107041525.00a92100@203.16.214.248> At 09:38 AM 11/6/00 -0800, Stokes wrote: >Thanks Frank. Richard Sharpe pointed out eariler that logging out and >logging back in solves this problem, as long as no connections are made to >the samba server before attempting to join the domain. I did? Someone else, I think. >Next error message to deal with while adding a win2k machine to the domain: >"The procedure number is out of range" OK, that was the original problem I got, and applying the patch to srv_lsa.c solved that problem and allowed me to join the domain. I did it infront of 150 people at LinuxWorld in Malaysia today, so it must work! >this is fun! >stokes >----- Original Message ----- >From: "F.W.J.Wiegerinck" >To: "Stokes" ; >Sent: Monday, November 06, 2000 2:52 AM >Subject: Re: Samba 2.2.0 with this patch allows Win2K to join domain > > >> In my opinion this suggests that you already have an active session to >> your server. The same error will occure when you're trying to access >> 2 shares with 2 different usernames on the same server. >> Maybe it helps when you have a clean boot from your workstation with >> no open sessions to any station in the network. >> >> Good luck, >> >> Frank Wiegerinck >> >> P.S. Sorry for my poor english >> >> ----- Original Message ----- >> From: Stokes >> To: >> Sent: Sunday, November 05, 2000 6:10 PM >> Subject: Re: Samba 2.2.0 with this patch allows Win2K to join domain >> >> >> > I applied this patch and still I recieve the message "The following >error >> > occured attempting to join the domain "mydomain": The credentials >supplied >> > conflict with an existing set of credentials" when trying to add a w2k >> > machine to the domain. This is right after w2k machine asks for the >name >> > and password of an account "with permission to join the domain". I have >> > added the root account to smbpasswd file but I noticed that I recieve >this >> > error even if I enter a non-existent account name when windows asks for >a >> > domain admin account name. Also I have reset the password for the >machine >> > account using smbpasswd -a -m machine$ (note: the entry does not appear >to >> > change after using this command, but the machine still can't join even >if >> I >> > use the -n optino for no password). >> > >> > Perhaps samba is not reading the smbpasswd file correctly? Or maybe I >> need >> > to define "add user script" in my smb.conf? The only problem with that >> > setting is that I am running freeBSD, and the adduser utility seems to >> > demand interaction... >> > >> > any suggestions? every other feature of 2.2.0 seems to work flawlessly. >> > >> > Stokes >> > >> > ----- Original Message ----- >> > From: "Richard Sharpe" >> > To: >> > Sent: Sunday, November 05, 2000 2:22 AM >> > Subject: Samba 2.2.0 with this patch allows Win2K to join domain >> > >> > >> > > Hi, >> > > >> > > With the attached patch, my reasonably recent version of Samba 2.2.0 >> > allows >> > > Win2K to join the domain. >> > > >> > > I cannot see who applied the changes as I can't figure out how to get >> CVS >> > > to tell me the differences or history ... >> > > >> > > As you can see, if you look at the patch, the changes are reasonably >> > minor. >> > > >> > > >> > >> > >> >> -------------------------------------------------------------------------- >> -- >> > ---- >> > >> > >> > > >> > > >> > > Regards >> > > ------- >> > > Richard Sharpe, sharpe@ns.aus.com >> > > Samba (Team member, www.samba.org), Ethereal (Team member, >www.zing.org) >> > > Contributing author, SAMS Teach Yourself Samba in 24 Hours >> > > Author, Special Edition, Using Samba >> > > >> > > >> > >> > >> > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From pragyan at cs.iitm.ernet.in Tue Nov 7 20:43:42 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:15 2003 Subject: Problem with samedit Message-ID: Hello, We have compiled and installed Samba TNG in one Linux machine as PDC. Though the Windows 2000 Professional client machines are able to see the PDC, when we try to access the machine, it does not accept the login name and password. We assume it is because we have not updated the SAM Database. Will anybody tell us if it is a correct guess? Now when we try to update the SAM Database using the following commands, we get the following response. Will somebody please help us? [root@xyz] /usr/local/samba/man/man8# samedit -S . -U root%abc added interface ip=a.b.c.d bcast=a.b.c.255 nmask=255.255.255.0 [root@.]$ createuser test TESTING -p abc createuser test TESTING -p abc SAM Create Domain User Domain: TESTING Name: test ACB: [U ] Create Domain User: FAILED Thanks in advance, Cheers, Pragyan. From Markus.Mertinat at Physik.Uni-Augsburg.DE Tue Nov 7 15:29:22 2000 From: Markus.Mertinat at Physik.Uni-Augsburg.DE (Markus Mertinat) Date: Tue Dec 2 02:32:15 2003 Subject: 2.0.7 and unknown account Message-ID: <3A081FD2.FABB7FC6@physik.uni-augsburg.de> Hello all, I'm using samba 2.0.7 at our chair with several NT boxes as clients. The account mapping from samba/Linux to NT does not work properly: 1. If I add user rights for a file via explorer, everything is fine "domain/user", but if I reenter the dialog there is noted "domain/unknown account" (Konto unbekannt in german). (Same for local and domain admin) 2. Shares exported from one NT box cannot be used in another unless the share is Vollzugriff (full access?) for everyone! *ups* As I learned from the mailing archive, this seem to be problems one has to live with, which I can hardly understand! What solution should I try? Is something wrong with my config? (Included as attachment, swat produced) Or should I use 2.2alpha or TNG, both not recommended for production environments? Thank you very much in advance for your help. And yeah, I nearly forgot: I like samba very much, nice piece of software, thank you, guys! -- Dipl.-Phys. Markus Mertinat Institut fuer Physik, Universitaet Augsburg eMail and postal address under http://www.physik.uni-augsburg.de/~markus/ -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 2694 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001107/d8751a29/smb.obj From ctooley at amoa.org Tue Nov 7 16:34:18 2000 From: ctooley at amoa.org (ctooley@amoa.org) Date: Tue Dec 2 02:32:16 2003 Subject: Samba 2.2.0 and Win2K joining the domain Message-ID: <86256990.005A88A2.00@amoa.org> I'm beginning to think that there are some very different behaviours amoung the different "flavors?" of Windows 2000 Pro out there. I am running a machine that had Release Candidate 2 upgraded to Final, with Service Pack 1 on it. I'm running RedHat 6.2 with the stock kernel, and have tried many different cvs and snapshot versions of 2.2.0, with no success in the Windows 2000 area. Something about my configuration is definitely very different than David Bannon's and at this point, I'm less worried about just making it work and more interested in figuring out what the differences are. Hopefully that will help the developers be able to deal with the different Win2k installations. If someone could shoot a smb.conf my way that they know works, I'd love to give it a shot. Chris Tooley David Bannon on 11/06/2000 04:09:22 PM To: Richard Sharpe , samba-ntdom@us5.samba.org cc: (bcc: Chris Tooley/AMOA) Subject: Re: Samba 2.2.0 and Win2K joining the domain At 12:07 PM 06/11/2000 +1000, Richard Sharpe wrote: >Hi, > >I have seen some conflicting reports of people being able to join a Samba >2.2.0 domain from Win2K. > >Can people tell me the date they pulled down the version please so I can >see if this is a problem with the latest CVS tree or a problem with what I >have got. OK, I pulled down a completely new copy, it works just as well as the others. I get a 15 second delay after entering the root user name and password before the 'Welcome to XXX domain' message and then we are in, no problems. Now, that is set up in a very basic config, as specified in the ntdom howto of the samba-documentation pages. This is on a RH6.2, kernel 2.2.16-3, on an old P150 with only 32 meg ram. Connecting with W2K (release 2 ?) on a PIII-400 with 128 meg ram. (Actually the dimorphism with memory is interesting, don't you think ?). David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From M.Leinweber at sh.cvut.cz Tue Nov 7 17:34:34 2000 From: M.Leinweber at sh.cvut.cz (Michal Leinweber) Date: Tue Dec 2 02:32:16 2003 Subject: Roaming profiles In-Reply-To: <398FA2AD.3E2C4883@usa.net> Message-ID: How can I disable using of roaming profiles? I don't want to copy profile to and from server .... But with Samba 2.2.0 it goes automaticaly .... Thanx McLEI From upalty at interia.pl Tue Nov 7 17:48:07 2000 From: upalty at interia.pl (BMW) Date: Tue Dec 2 02:32:16 2003 Subject: : FW: remove my name Message-ID: <000a01c048e2$e35ff7a0$16921399@ds.pg.gda.pl> Subject: FW: remove my name > > > Take out my email name from your mail send messages. > > > > --__--__-- -------------- next part -------------- HTML attachment scrubbed and removed From mami at arena.sci.univr.it Tue Nov 7 17:49:59 2000 From: mami at arena.sci.univr.it (Manea Mirko) Date: Tue Dec 2 02:32:16 2003 Subject: w2k joined samba 2.2.0 domain Message-ID: <20001107184959.H601@arena.sci.univr.it> Hi, I succeeded in joining a w2k pro (build 2195 + SP1) to a samba 2.2.0 domain. I grabbed a cvs snapshot (7-Nov-00) and applied the patch from Richard Sharpe posted on this list (editing srv_lsa.c, not using patch command). I use the following steps: # /usr/local/samba-cvs/bin/smbpasswd -a root [...] # /usr/sbin/adduser -g machines -c NTMachine -d /dev/null -s /bin/false -n w2k$ # /usr/local/samba-cvs/bin/smbpasswd -a -m w2k$ where w2k is the name of the windows 2000 machine. Join the domain through the windows applet and reboot. Domain logons do work well! I am using Linux Red Hat 7.0 with the latest updates. I compiled samba with egcs-2.91.66 (ie kgcc in rh7), because gcc 2.96 is broken, with the following: # CC=kgcc ./configure --prefix=/usr/local/samba-cvs --with-pam --with-utmp --with-quotas I attach my smb.conf. I hope this helps. I also would like to thank the samba team for their great work ! Mirko -------------- next part -------------- [global] security = user status = yes workgroup = VLSI05_DOM wins server = 157.27.xxx.yyy encrypt passwords = yes domain logons = yes logon script = scripts\%U.bat domain admin users = root guest account = ftp share modes=no os level=65 ; sync samba with unix password ;unix password sync = Yes ;passwd program = /usr/bin/passwd %u ;passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* ; to add a nt/w2k machine to the domain ;add user script = /usr/sbin/adduser -g machines -c NTMachine -d /dev/null -s /bin/false -n '%m$' ; delete user ;delete user script = /usr/sbin/userdel %m$ [homes] guest ok = no read only = no create mask = 0700 directory mask = 0700 oplocks = false level 2 oplocks = false locking = no [netlogon] path = /usr/local/samba/netlogon writeable = no guest ok = no From lynn at tsunami.cis.usouthal.edu Tue Nov 7 17:56:21 2000 From: lynn at tsunami.cis.usouthal.edu (Keith Lynn) Date: Tue Dec 2 02:32:16 2003 Subject: Roaming profile In-Reply-To: Message-ID: I think if you change the permissions on the NT dat files it won't allow the profile to be overwritten. Keith Lynn Systems Administrator School of Computer and Information Sciences University of South Alabama Mobile, AL 36608 Phone: (334) 460-6390 Fax: (334) 460-7274 Alternative E-mail: lynn@gateway.cis.usouthal.edu On Tue, 7 Nov 2000, Michal Leinweber wrote: > How can I disable using of roaming profiles? I don't want to copy profile to > and from server .... But with Samba 2.2.0 it goes automaticaly .... > > Thanx > McLEI > > > From Jordanna_Williams-EJW025 at email.mot.com Tue Nov 7 17:59:58 2000 From: Jordanna_Williams-EJW025 at email.mot.com (Williams Jordanna-EJW025) Date: Tue Dec 2 02:32:16 2003 Subject: remove my name Message-ID: <92BE5DF97775D411BD01009027E7734FBAADB3@plnt052.comm.mot.com> Please remove me from your list. -------------- next part -------------- HTML attachment scrubbed and removed From high at negacsbs.org Tue Nov 7 14:13:15 2000 From: high at negacsbs.org (High Mobley) Date: Tue Dec 2 02:32:16 2003 Subject: WINS References: <39F97FF2.1169046@polimi.it> Message-ID: <3A080DFB.D86D6682@negacsbs.org> Simo Sorce wrote: > John Doe wrote: > > > > If i had a machine with ... lets say 5 network cards on it. If i were to > > set up a WINS server on the Samba machine... would it handle all Netbios > > lookups and act as a WINS server on all of the interfaces? > > If you bind all the interface it should! > Remember every client must be setup to contact the WINS server > -- > Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano > E-mail: simo.sorce@polimi.it > Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 > ----------------------------------------------------------------- > Be happy, use Linux! Actually, if the Samba box is the master browser for all 5 of the networks that it's connected to, I believe you won't even have to specify it as the primary WINS server on your Windows clients! -High Mobley From jbeauchamp at gesinc.com Wed Nov 8 00:19:31 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:16 2003 Subject: FW: remove my name References: <000a01c048e2$e35ff7a0$16921399@ds.pg.gda.pl> Message-ID: <001001c04919$94fd1d40$1d01a8c0@internal.net> http://lists.samba.org/listinfo/samba-ntdom ----- Original Message ----- From: BMW To: samba-ntdom@us4.samba.org Sent: Tuesday, November 07, 2000 9:48 AM Subject: : FW: remove my name Subject: FW: remove my name > > > Take out my email name from your mail send messages. > > > > --__--__-- From jbeauchamp at gesinc.com Wed Nov 8 00:23:44 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:16 2003 Subject: remove my name References: <92BE5DF97775D411BD01009027E7734FBAADB3@plnt052.comm.mot.com> Message-ID: <002c01c0491a$2ac36640$1d01a8c0@internal.net> http://lists.samba.org/listinfo/samba-ntdom ----- Original Message ----- From: Williams Jordanna-EJW025 To: samba-ntdom@us4.samba.org Sent: Tuesday, November 07, 2000 9:59 AM Subject: remove my name Please remove me from your list. From kevin_myer at iu13.k12.pa.us Tue Nov 7 21:26:17 2000 From: kevin_myer at iu13.k12.pa.us (Kevin M. Myer) Date: Tue Dec 2 02:32:16 2003 Subject: Which branch has working (or can be made to work with) LDAP support? Message-ID: Hi, I've been trying to get any of the Samba branches to compile with LDAP support but they all seem to be broken somewhere. I know LDAP support is and has been in a state of flux for the past two and a half years I have been using Samba but hopefully the LDAP support is stabilizing, rather than destabilizing. I say that because a year and a half ago, I could run an NT domain with Samba HEAD-2.1.0-pre-alpha with working LDAP support - now I can't seem to do that unless I go back to that year old code. I've tried both with RedHat 6.2 w/ OpenLDAP 2.0.6 and OpenLDAP 1.2.11 as well as with Solaris 8 with Netscape LDAP libraries. The errors don't seem to be related to the included LDAP libraries. With the samba-tng code, I get: Linking bin/smbd bin/.libs/libsurs.so: undefined reference to `ldapdb_lookup_by_sid' bin/.libs/libsurs.so: undefined reference to `ldapdb_get_uint32' bin/.libs/libsurs.so: undefined reference to `ldapdb_search' bin/.libs/libsurs.so: undefined reference to `ldapdb_get_sid' collect2: ld returned 1 exit status make: *** [bin/smbd] Error 1 With the SAMBA_2_2 code (after modifying the configure script to enable LDAP): Linking bin/smbd passdb/passdb.o: In function `initialize_password_db': passdb/passdb.o(.text+0xd): undefined reference to `ldap_initialize_password_db' collect2: ld returned 1 exit status make: *** [bin/smbd] Error 1 With the HEAD code (Samba 3.0, also after modifying the configure script to enable LDAP): (Same error as with SAMBA_2_2 code) So I'm wondering how to make any branch work with LDAP, if its possible. Are there patches floating around? Is there any active development going on with respect to LDAP in Samba? Samba is a great piece of software but it would be even greater and more enterprise friendly if LDAP support was a part of the base. I wish I was a better coder.... Thanks, Kevin -- Kevin M. Myer Systems Administrator Lancaster-Lebanon Intermediate Unit 13 (717)-560-6140 From sharpe at ns.aus.com Tue Nov 7 02:09:28 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:16 2003 Subject: Samba 2.2.0 and Win2K joining the domain In-Reply-To: <3.0.6.32.20001107090922.008a8660@bioserve.latrobe.edu.au> References: <3.0.6.32.20001106120753.00aa6d70@203.16.214.248> Message-ID: <3.0.6.32.20001107120928.00ae1c20@203.16.214.248> At 09:09 AM 11/7/00 +1100, David Bannon wrote: >At 12:07 PM 06/11/2000 +1000, Richard Sharpe wrote: >>Hi, >> >>I have seen some conflicting reports of people being able to join a Samba >>2.2.0 domain from Win2K. >> >>Can people tell me the date they pulled down the version please so I can >>see if this is a problem with the latest CVS tree or a problem with what I >>have got. > >OK, I pulled down a completely new copy, it works just as well as the >others. I get a 15 second delay after entering the root user name and >password before the 'Welcome to XXX domain' message and then we are in, no >problems. OK, when I get back from Malaysia, I will have to pull down the latest version and check it. I do have printing problems, however, with Samba 2.2.0! >Now, that is set up in a very basic config, as specified in the ntdom howto >of the samba-documentation pages. > >This is on a RH6.2, kernel 2.2.16-3, on an old P150 with only 32 meg ram. >Connecting with W2K (release 2 ?) on a PIII-400 with 128 meg ram. (Actually >the dimorphism with memory is interesting, don't you think ?). > > >David >------------------------------------------------------------ >David Bannon D.Bannon@latrobe.edu.au >School of Biochemistry Phone 61 03 9479 2197 >La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >------------------------------------------------------------ >..... Humpty Dumpty was pushed ! > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From gcarter at valinux.com Tue Nov 7 22:09:56 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:16 2003 Subject: Which branch has working (or can be made to work with) LDAP support? References: Message-ID: <3A087DB4.64DBD565@valinux.com> "Kevin M. Myer" wrote: > > Hi, > > I've been trying to get any of the Samba branches > to compile with LDAP support but they all seem to > be broken somewhere. ... > With the HEAD code (Samba 3.0, also after modifying > the configure script to enable LDAP): > (Same error as with SAMBA_2_2 code) > LDAP in HEAD is completely broken. We are working on it currently. Will not be in the initial 2.2 release, but will hopefully follow soon thereafter. I would recommend waiting for an stable support release. As the schema will change from the experiemental code which exists in CVS. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From torne at i.am Tue Nov 7 22:51:22 2000 From: torne at i.am (Torne Wuff) Date: Tue Dec 2 02:32:16 2003 Subject: Win2k joined the domain - but I can't log on Message-ID: Okay, I looked in the list archives and added the patch, and now my machine will join the domain happily. But.. when I try ot log on to the domain, it says 'cannot log on as the netlogon service is not running on this machine'. Help? I have attached my smb.conf Torne Wuff (torne@i.am) Wolf cub, programmer, and too much to list Visit me at http://come.to/torne or track me down on ICQ as 10345149 -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 643 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001107/bf346d65/smb.obj From alistair_moir at yahoo.com Wed Nov 8 01:17:30 2000 From: alistair_moir at yahoo.com (Alistair Moir) Date: Tue Dec 2 02:32:16 2003 Subject: Linux as a client on a NT domain. Message-ID: <20001108011730.14333.qmail@web3106.mail.yahoo.com> I seem to be having a small problem any help would be appreciated :-) I'm running RedHat 6.1 and Samba 2.0.7 I can register my machine on the domain, this being shown by my machine appearing in the network neighbourhood. So far so good.. I cannot, however, seem to allow other machines to view or use my shares. When they double click on my machine in the network neighbourhood they are asked for a profile and password. No profile/password combination seems to work :-( Other worrying issues I have noticed :- My machine is only registered with the DNS when it joins the domain. testparm reports Error in 'security=domain' mode the 'encrypt passwords' must also be set to true. I seem unable to do this? Setting it to yes or true still gives the same error in testparm. Uncommenting the 'Domain controller' line in smb.conf results in smbd & smbn giving errors on startup? ===== +-----------------------------------------------+ | /\ |\/| | | /--\LISTAIR | |OIR. Alistair_Moir@Yahoo.Com | +-----------------------------------------------+ __________________________________________________ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one Place. http://shopping.yahoo.com/ -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/x-unknown Size: 8737 bytes Desc: smb.conf Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001107/740cf4a8/smb.bin From dyaya_2000 at yahoo.com Wed Nov 8 01:43:08 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:16 2003 Subject: Problem with samedit References: <20001107163402.1EA087FC1@lists.samba.org> Message-ID: <002f01c04925$3f9f5c80$8d030201@smutu1> > Date: Wed, 8 Nov 2000 02:13:42 +0530 (IST) > From: Pragyansmita Paul > To: samba-ntdom@us5.samba.org > Subject: Problem with samedit > > Hello, > > We have compiled and installed Samba TNG in one Linux machine as PDC. > Though the Windows 2000 Professional client machines are able to see the > PDC, when we try to access the machine, it does not accept the login > name and password. We assume it is because we have not updated the SAM > Database. Will anybody tell us if it is a correct guess? > No, you just enter the username with 'Your_TNG_Domain[TESTING]\username_of_your_TNG and the password with 'his/your password' What do you want really to do? You want to make your Win2K to be a member of your TESTING domain, so you can login fron Win2K to your your TESTING domain? > Now when we try to update the SAM Database using the following commands, > we get the following response. Will somebody please help us? > > [root@xyz] /usr/local/samba/man/man8# samedit -S . -U root%abc > added interface ip=a.b.c.d bcast=a.b.c.255 nmask=255.255.255.0 > [root@.]$ createuser test TESTING -p abc > createuser test TESTING -p abc > SAM Create Domain User > Domain: TESTING Name: test ACB: [U ] > Create Domain User: FAILED > What kind of user is test? The user account (common user) or the machine trust account? But anyway, you must add the username in the /etc/passwd (RH). If still failed, perhaps you must do rpcclient for the LSA query, 'rpcclient -S [your_PDC_name] -U % -c 'lsaq' Cheers, yaya btw, I got this message from David when posting about Samba-TNG: ----- Hi, as this is a samba-tng question, you might do better sending it to the samba-tng lists. Have a look at www.samba-tng.org David ----- From jbeauchamp7 at mindspring.com Wed Nov 8 01:30:23 2000 From: jbeauchamp7 at mindspring.com (James W. Beauchamp) Date: Tue Dec 2 02:32:16 2003 Subject: Linux as a client on a NT domain. References: <20001108011730.14333.qmail@web3106.mail.yahoo.com> Message-ID: <006301c04923$77be0a00$4970fea9@mle> ----- Original Message ----- From: "Alistair Moir" To: Sent: Tuesday, November 07, 2000 8:17 PM Subject: Linux as a client on a NT domain. > I seem to be having a small problem any help would be appreciated :-) > > I'm running RedHat 6.1 and Samba 2.0.7 > > I can register my machine on the domain, this being shown by my machine > appearing in the network neighbourhood. > > So far so good.. > > I cannot, however, seem to allow other machines to view or use my > shares. When they double click on my machine in the network > neighbourhood they are asked for a profile and password. No > profile/password combination seems to work :-( > You don't specify which version of Windows you are running so I will assume Win9x as a starting place. for starters I'm not sure that samba can authenticate a user to a share that it does not know about. i.e. I think you need to create a share in your smb.conf for the directories you are sharing from your Win9x machine. You would then need to smbmount them prior to starting samba. Now the share will be presented to the user upon either logging into the domain [via a mapped drive set through a logon.bat] (you didn't indicate whether you were using domain logons or not) or when they click on your Win9x machine they will see the share. Gurus - correct me here If I am wrong... :) > > Other worrying issues I have noticed :- > > My machine is only registered with the DNS when it joins the > domain. > > testparm reports Error in 'security=domain' mode the 'encrypt > passwords' must also be set to true. I seem unable to do this? > Setting it to yes or true still gives the same error in testparm. Security=Domain should only be used when samba is part of a domain where another domain controller is providing authentication. You should be using Security = server or security=user. Also, unless you apply the registry hack to your WinNT and Win 9x machines, you will have to use encrypted passwords. I don't know much about DNS so I can't help you with that.... Provide a little more information so others more knowledgeable than I on the list can help you. HTH James > > > ===== > +-----------------------------------------------+ > | /\ |\/| | > | /--\LISTAIR | |OIR. Alistair_Moir@Yahoo.Com | > +-----------------------------------------------+ > > __________________________________________________ > Do You Yahoo!? > Thousands of Stores. Millions of Products. All in one Place. > http://shopping.yahoo.com/ From D.Bannon at latrobe.edu.au Wed Nov 8 01:56:14 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:16 2003 Subject: Linux as a client on a NT domain. In-Reply-To: <20001108011730.14333.qmail@web3106.mail.yahoo.com> Message-ID: <3.0.6.32.20001108125614.008c72f0@bioserve.latrobe.edu.au> At 05:17 PM 07/11/2000 -0800, Alistair Moir wrote: >I'm running RedHat 6.1 and Samba 2.0.7 > Alistair, have a look at the NTDom FAQ for 2.2, most of what it says applies to 2.0.7 (about domain membership) although you will find you must create machine accounts manually. Look for "How do I get my samba server to become a member ( not PDC ) of an NT domain?". There is a link off the main samba page that is labeled 'Documentation', then go to the Samba NTDom FAQ. (Its really at bioserve.latrobe.edu.au/samba but we are working on that). David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From dlowenstein at kefta.com Wed Nov 8 02:01:49 2000 From: dlowenstein at kefta.com (Dave Lowenstein) Date: Tue Dec 2 02:32:16 2003 Subject: Problems with nmbd on Solaris 8 with Samba 2.2.0? In-Reply-To: <20001108014702.23EC5821D@lists.samba.org> Message-ID: I can't keep nmbd running for more than a minute without crashing on solaris 8 with samba 2.2.0 . Anyone else have the same problem? Dave Lowenstein MIS Manager Kefta.com dlowenstein@kefta.com From mgeddes at xavier.sa.edu.au Wed Nov 8 01:35:37 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:32:16 2003 Subject: Problem with samedit References: <20001107163402.1EA087FC1@lists.samba.org> <002f01c04925$3f9f5c80$8d030201@smutu1> Message-ID: <3A08ADE9.30B47A18@xavier.sa.edu.au> yaya wrote: > > btw, I got this message from David when posting about Samba-TNG: > ----- > Hi, as this is a samba-tng question, you might do better sending it to the > samba-tng lists. Have a look at www.samba-tng.org > > David > ----- Also, there are links from that site to Lars Kneschke's Samba TNG HOWTO/FAQ. I believe the documentation is still reasonably up to date. Also check the samedit man page. Matt From dyaya_2000 at yahoo.com Wed Nov 8 02:35:45 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:16 2003 Subject: Problem with samedit References: <20001107163402.1EA087FC1@lists.samba.org> <002f01c04925$3f9f5c80$8d030201@smutu1> <3A08ADE9.30B47A18@xavier.sa.edu.au> Message-ID: <00a401c0492c$997a6d60$8d030201@smutu1> From: Matthew Geddes To: yaya Cc: Sent: Wednesday, November 08, 2000 8:35 AM Subject: Re: Problem with samedit > Also, there are links from that site to Lars Kneschke's Samba TNG > HOWTO/FAQ. I believe the documentation is still reasonably up to date. > Also check the samedit man page. > > Matt Thanks, I'm there now. But I mean, did he (Pragyansmita Paul ) who have posted this subject got the same message from David, 'cause he asking about TNG. yaya From mscw at cablelan.net Wed Nov 8 03:48:22 2000 From: mscw at cablelan.net (Ross Davis) Date: Tue Dec 2 02:32:16 2003 Subject: remove my name as well Message-ID: <003601c04936$bd939000$93528e8b@cablelan> thank you. -------------- next part -------------- HTML attachment scrubbed and removed From dyaya_2000 at yahoo.com Wed Nov 8 04:08:24 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:16 2003 Subject: Linux as a client on a NT domain. References: <20001108014702.23EC5821D@lists.samba.org> Message-ID: <002101c04939$8ad740a0$8d030201@smutu1> > Date: Tue, 7 Nov 2000 17:17:30 -0800 (PST) > From: Alistair Moir > Subject: Linux as a client on a NT domain. > To: samba-ntdom@lists.samba.org > I seem to be having a small problem any help would be appreciated :-) > I'm running RedHat 6.1 and Samba 2.0.7 > I can register my machine on the domain, this being shown by my machine > appearing in the network neighbourhood. > How you did that? Adding via NT box with user manager or something else? > So far so good.. > Yup > I cannot, however, seem to allow other machines to view or use my > shares. When they double click on my machine in the network > neighbourhood they are asked for a profile and password. No > profile/password combination seems to work :-( > Try set security = share > > Other worrying issues I have noticed :- > > My machine is only registered with the DNS when it joins the > domain. > > testparm reports Error in 'security=domain' mode the 'encrypt > passwords' must also be set to true. I seem unable to do this? > Setting it to yes or true still gives the same error in testparm. > Perhaps you don't join the domain yet. If you set security = domain, that mean you should join the domain. > Uncommenting the 'Domain controller' line in smb.conf results in > smbd & smbn giving errors on startup? > This is not work. So do not uncomment this line. yaya From serg at tv2.tomsk.su Wed Nov 8 04:39:52 2000 From: serg at tv2.tomsk.su (Sergey Alexandrov) Date: Tue Dec 2 02:32:16 2003 Subject: WfW troubles Message-ID: <200011080439.LAA30391@tv2.tomsk.su> Hi, All !!! Long time I use samba-2.1.0-prealpha (Dec 1999)as company's file server & PDC. All working good. I can join W2k WS to this PDC. OS - FreeBSD 3.2 I have alone WfW workstation. This thing work well too. Now I try use latest samba-2.1, samba-2.2, samba-tng-alpha-2.6. All work well - I can join W9x, WNT4, W2k to all this sambas, but have only one problem - with WfW workstation. Problem: WfW can see ONLY files with EXACTLY 8.3 format, i.e. when name is 8 chars length and ext. is 3 chars. What's happened ? I install latest ICP/IP for WfW. Problem not away. smb.conf files not change from one samba to another. Repeat: ALL work well for me but WfW WS... Help me, please. -- Best, Serg From D.Bannon at latrobe.edu.au Wed Nov 8 05:10:18 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:16 2003 Subject: WfW troubles In-Reply-To: <200011080439.LAA30391@tv2.tomsk.su> Message-ID: <3.0.6.32.20001108161018.008ccbe0@bioserve.latrobe.edu.au> At 04:39 AM 08/11/2000 -0000, Sergey Alexandrov wrote: >Hi, All !!! > >only one problem - with WfW workstation. Problem: WfW can see ONLY files >with EXACTLY 8.3 format, i.e. when name is 8 chars length and ext. is 3 chars. Serg, what do you mean, it fails on a file name that is less than 8.3 ? ie thisname.txt is ok but notthis.txt ? If you mean that names longer than 8.3, then that was a WFW limitation ! Do you really need to use WFW ?? david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From serg at tv2.tomsk.su Wed Nov 8 05:45:59 2000 From: serg at tv2.tomsk.su (Sergey Alexandrov) Date: Tue Dec 2 02:32:16 2003 Subject: WfW troubles Message-ID: <200011080546.MAA32673@tv2.tomsk.su> David Bannon said: > At 04:39 AM 08/11/2000 -0000, Sergey Alexandrov wrote: > >Hi, All !!! > > > >only one problem - with WfW workstation. Problem: WfW can see ONLY files > >with EXACTLY 8.3 format, i.e. when name is 8 chars length and ext. is 3 > chars. > > Serg, what do you mean, it fails on a file name that is less than 8.3 ? > > ie thisname.txt is ok but notthis.txt ? > Yep. > If you mean that names longer than 8.3, then that was a WFW limitation ! But some long names mangled correctly... > Do you really need to use WFW ?? Yes, I's my big trouble, but I can't get away this station. :(( Anyway, with Dec 1999 samba-2.1.0-prealpha this WS work correctly !!!! -- Best, Serg From BSriniva2 at CHN.CTS-CORP.COM Wed Nov 8 05:58:31 2000 From: BSriniva2 at CHN.CTS-CORP.COM (Bhaskar, Srinivasan (CTS)) Date: Tue Dec 2 02:32:16 2003 Subject: remove my name Message-ID: <0B9BF5AE8A3ED21196980060B0B54551020BA983@ctsinentsxua> Take out my email name from your mail send messages This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Any unauthorised review, use, disclosure, dissemination, forwarding, printing or copying of this email or any action taken in reliance on this e-mail is strictly prohibited and may be unlawful. Visit us at http://www.cognizant.com From Michael.Keightley at quadstone.com Wed Nov 8 09:29:17 2000 From: Michael.Keightley at quadstone.com (Michael.Keightley@quadstone.com) Date: Tue Dec 2 02:32:16 2003 Subject: error messages in log.smb Message-ID: <200011080929.eA89THT02305@gromit.quadstone.co.uk> I'm getting lots of there error messages in our log.smb file: [2000/11/08 09:11:02, 0] smbd/nttrans.c:(443) map_share_mode: Incorrect value 0 for desired_access to file \ [2000/11/08 09:11:02, 0] smbd/nttrans.c:(443) map_share_mode: Incorrect value 0 for desired_access to file \ [2000/11/08 09:11:02, 0] smbd/nttrans.c:(443) map_share_mode: Incorrect value 0 for desired_access to file \ [2000/11/08 09:11:02, 0] smbd/nttrans.c:(443) map_share_mode: Incorrect value 0 for desired_access to file \ [2000/11/08 09:11:03, 0] smbd/nttrans.c:(443) Should I be worried? I'm running Samba 2.07 on a Solaris 7 machine (domain controller). Michael -- Michael Keightley Tel: +44 131 220 4491 Systems Manager, Quadstone Limited, Fax: +44 131 220 4492 16 Chester Street, Edinburgh EH3 7RA, Scotland http://www.quadstone.com From pragyan at cs.iitm.ernet.in Wed Nov 8 16:18:32 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:16 2003 Subject: Problem with samedit In-Reply-To: <002f01c04925$3f9f5c80$8d030201@smutu1> Message-ID: On Wed, 8 Nov 2000, yaya wrote: > > Date: Wed, 8 Nov 2000 02:13:42 +0530 (IST) > > From: Pragyansmita Paul > > To: samba-ntdom@us5.samba.org > > Subject: Problem with samedit > > > > Hello, Hello, thanks a lot for your help, but it still does not work. > > We have compiled and installed Samba TNG in one Linux machine as PDC. > > Though the Windows 2000 Professional client machines are able to see the > > PDC, when we try to access the machine, it does not accept the login > > name and password. We assume it is because we have not updated the SAM > > Database. Will anybody tell us if it is a correct guess? > > > No, you just enter the username with > 'Your_TNG_Domain[TESTING]\username_of_your_TNG and the password with > 'his/your password' > What do you want really to do? > You want to make your Win2K to be a member of your TESTING domain, so you > can login fron Win2K to your your TESTING domain? Yes, this is what we want to do, but even after creating user and machine account as given in the Samba TNG FAQ, werae not able to sue it to access the shares in the PDC. > > Now when we try to update the SAM Database using the following commands, > > we get the following response. Will somebody please help us? > > > > [root@xyz] /usr/local/samba/man/man8# samedit -S . -U root%abc > > added interface ip=a.b.c.d bcast=a.b.c.255 nmask=255.255.255.0 > > [root@.]$ createuser test TESTING -p abc > > createuser test TESTING -p abc > > SAM Create Domain User > > Domain: TESTING Name: test ACB: [U ] > > Create Domain User: FAILED > > > > What kind of user is test? The user account (common user) or the machine > trust account? > But anyway, you must add the username in the /etc/passwd (RH). > If still failed, perhaps you must do rpcclient for the LSA query, > 'rpcclient -S [your_PDC_name] -U % -c 'lsaq' Test is a username and it is present in both smbpasswd and etc/passwd. But still we are not able to use it to access the PDC using it in the Win 2K client. Whereas on the PDC, we can access the shares without nay problem using smbclient. We are still not sure why this is happening? > btw, I got this message from David when posting about Samba-TNG: > ----- > Hi, as this is a samba-tng question, you might do better sending it to the > samba-tng lists. Have a look at www.samba-tng.org > > David > ----- Thanks..but since I wanted information on using Samba as PDC , I had mailed there. From henceforth, I will use tng-users mailing list. Cheers, Pragyan From jbeauchamp at gesinc.com Wed Nov 8 15:55:59 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:16 2003 Subject: WfW troubles References: <200011080546.MAA32673@tv2.tomsk.su> Message-ID: <000b01c0499c$66ccd680$1d01a8c0@internal.net> Sergey: It sounds like you just need to tune the smb.conf parameters that pertain to name mangling. My two cents worth.. James ----- Original Message ----- From: "Sergey Alexandrov" To: "David Bannon" Cc: Sent: Tuesday, November 07, 2000 9:45 PM Subject: Re: WfW troubles > David Bannon said: > > > At 04:39 AM 08/11/2000 -0000, Sergey Alexandrov wrote: > > >Hi, All !!! > > > > > >only one problem - with WfW workstation. Problem: WfW can see ONLY files > > >with EXACTLY 8.3 format, i.e. when name is 8 chars length and ext. is 3 > > chars. > > > > Serg, what do you mean, it fails on a file name that is less than 8.3 ? > > > > ie thisname.txt is ok but notthis.txt ? > > > > Yep. > > > If you mean that names longer than 8.3, then that was a WFW limitation ! > > But some long names mangled correctly... > > > Do you really need to use WFW ?? > > Yes, I's my big trouble, but I can't get away this station. :(( > > Anyway, with Dec 1999 samba-2.1.0-prealpha this WS work correctly !!!! > > -- > Best, Serg > > > > From dyaya_2000 at yahoo.com Wed Nov 8 14:16:30 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:17 2003 Subject: Problem with samedit References: Message-ID: <006f01c0498e$b4d649a0$8d030201@smutu1> From: Pragyansmita Paul To: yaya Cc: Sent: Wednesday, November 08, 2000 11:18 PM Subject: Re: Problem with samedit > On Wed, 8 Nov 2000, yaya wrote: > > > > Date: Wed, 8 Nov 2000 02:13:42 +0530 (IST) > > > From: Pragyansmita Paul > > > To: samba-ntdom@us5.samba.org > > > Subject: Problem with samedit > > > > > > Hello, > Hello, thanks a lot for your help, but it still does not work. > > > > > We have compiled and installed Samba TNG in one Linux machine as PDC. > > > Though the Windows 2000 Professional client machines are able to see the > > > PDC, when we try to access the machine, it does not accept the login > > > name and password. We assume it is because we have not updated the SAM > > > Database. Will anybody tell us if it is a correct guess? > > > > > No, you just enter the username with > > 'Your_TNG_Domain[TESTING]\username_of_your_TNG and the password with > > 'his/your password' > > What do you want really to do? > > You want to make your Win2K to be a member of your TESTING domain, so you > > can login fron Win2K to your your TESTING domain? > Yes, this is what we want to do, but even after creating user and > machine account as given in the Samba TNG FAQ, werae not able to sue it to > access the shares in the PDC. > To make Win2K joined the Samba Domain, you must have Win2K Domain the same as Samba PDC-Domain. In Win2K, it's different between Workgroup and Domain, so set it to Domain Samba. You don't need to add Win2K box in smbpasswd, except in /etc/passwd. Set the Win2K Domain to Samba Domain, Win2K asking for the user has right to add Win2K box to the domain, just enter the 'root' and his password. You will get the message 'Welcome to TESTING [SAMBA-whatever] Domain.' Now you must restart Win2K and see in login menu the domain of Samba. > > What kind of user is test? The user account (common user) or the machine > > trust account? > > But anyway, you must add the username in the /etc/passwd (RH). > > If still failed, perhaps you must do rpcclient for the LSA query, > > 'rpcclient -S [your_PDC_name] -U % -c 'lsaq' > Test is a username and it is present in both smbpasswd and etc/passwd. > But still we are not able to use it to access the PDC using it in the Win > 2K client. Whereas on the PDC, we can access the shares without nay > problem using smbclient. We are still not sure why this is happening? > I got what you think is that Win2K acts the same as Win9x client when login to the domain. If that, you miss here. Win2K acts the same as WinNT when login to the Domain. It's must have the same domain [not workgroup] with the PDC Domain. > > > > btw, I got this message from David when posting about Samba-TNG: > > ----- > > Hi, as this is a samba-tng question, you might do better sending it to the > > samba-tng lists. Have a look at www.samba-tng.org > > > > David > > ----- > Thanks..but since I wanted information on using Samba as PDC , I had > mailed there. From henceforth, I will use tng-users mailing list. > See you there. > Cheers, > Pragyan yaya From gonzo at eng.lsu.edu Wed Nov 8 14:25:12 2000 From: gonzo at eng.lsu.edu (Steve Gonzales) Date: Tue Dec 2 02:32:17 2003 Subject: Take my name... please In-Reply-To: <0B9BF5AE8A3ED21196980060B0B54551020BA983@ctsinentsxua> Message-ID: <000701c0498f$b56acc00$ca192782@desgo1> Recently, there has been a rash of messages requesting that people's names be dropped from the list. For those of you who are thinking about retracting your name from this list, please read the initial welcome message which is automatically sent to you when you are added to this list. For those of you who no longer have it, here is the pertinent excerpt: "If you ever want to unsubscribe or change your options (eg, switch to or from digest mode, change your password, etc.), visit your subscription page at: http://lists.samba.org/options/samba-ntdom/." Please refer to this site. HIH! Steve From dobos_s at IBCnet.hu Wed Nov 8 14:42:36 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:17 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) Message-ID: Hi! There was no valuable reactions from list, so I repeat. Enviroment: linux 2.2.17, samba 2.0.7 pdc, NTws4sp5. In NT permissions dialog I see duplicated (tripled) usernames, when I choose one of them (no meaning which one) and give it some rights and open the dialog again I dont see the given user, but there is a new line: XYZDOMAIN\Account unknown. The situation dont changes If I stop and start samba again, or if I restart the ntws. This is the problem. Somebody will help me? ps1: Is there a samba version which is as stable as 207, but has more functionality? (e.g. a cvs tarball?) ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write to samba-ntdom? (Embedded image moved to file: pic14440.pcx) -------------- next part -------------- A non-text attachment was scrubbed... Name: pic14440.pcx Type: application/octet-stream Size: 3452 bytes Desc: Paintbrush Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001108/5f464f84/pic14440.obj From chuck.fisher at stl.rural.usda.gov Wed Nov 8 15:07:40 2000 From: chuck.fisher at stl.rural.usda.gov (Chuck R. Fisher) Date: Tue Dec 2 02:32:17 2003 Subject: Remove me: Message-ID: <3A096C3C.5561CFFA@stl.rural.usda.gov> Please remove my name or unsubscribe me from your emailing list(s). -------------- next part -------------- A non-text attachment was scrubbed... Name: chuck.fisher.vcf Type: text/x-vcard Size: 280 bytes Desc: Card for Chuck R. Fisher Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001108/667b520c/chuck.fisher.vcf From chuck.fisher at stl.rural.usda.gov Wed Nov 8 15:08:51 2000 From: chuck.fisher at stl.rural.usda.gov (Chuck R. Fisher) Date: Tue Dec 2 02:32:17 2003 Subject: Remove Me: Message-ID: <3A096C83.8C34CBD3@stl.rural.usda.gov> Please remove or unsubscribe me from your emailing list(s). -------------- next part -------------- A non-text attachment was scrubbed... Name: chuck.fisher.vcf Type: text/x-vcard Size: 280 bytes Desc: Card for Chuck R. Fisher Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001108/d1dc65ee/chuck.fisher.vcf From chuck.fisher at stl.rural.usda.gov Wed Nov 8 15:09:41 2000 From: chuck.fisher at stl.rural.usda.gov (Chuck R. Fisher) Date: Tue Dec 2 02:32:17 2003 Subject: Remove me: Message-ID: <3A096CB5.760203E6@stl.rural.usda.gov> Please remove or unsubscribe me from your mailing list(s). -------------- next part -------------- A non-text attachment was scrubbed... Name: chuck.fisher.vcf Type: text/x-vcard Size: 280 bytes Desc: Card for Chuck R. Fisher Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001108/047cd4b8/chuck.fisher.vcf From stan at power.eng.McMaster.CA Wed Nov 8 15:20:13 2000 From: stan at power.eng.McMaster.CA (Stan Zolinski) Date: Tue Dec 2 02:32:17 2003 Subject: (no subject) Message-ID: <002201c04997$64304bf0$0cb87182@pct13zolinski> Could someone tell me why when I do a smbstatus it says connections.tdb not initilised. I am running 2.2.0 alpha on Mandrake 7 Thanks -------------- next part -------------- HTML attachment scrubbed and removed From hwimmer at bakerref.com Wed Nov 8 15:38:02 2000 From: hwimmer at bakerref.com (Hayden Wimmer) Date: Tue Dec 2 02:32:17 2003 Subject: active directory References: <3A096C83.8C34CBD3@stl.rural.usda.gov> Message-ID: <00b801c04999$e14f2be0$9f01a8c0@zeus> can samba validate from a ms domain controller running active directory??? active directory is supposed to be ldap compliant... ----- Original Message ----- From: "Chuck R. Fisher" To: Sent: Wednesday, November 08, 2000 10:08 AM Subject: Remove Me: > Please remove or unsubscribe me from your emailing list(s). > From simona at uchicago.edu Wed Nov 8 15:57:53 2000 From: simona at uchicago.edu (Simon Allaway) Date: Tue Dec 2 02:32:17 2003 Subject: Remove me: References: <3A096C3C.5561CFFA@stl.rural.usda.gov> Message-ID: <3A097801.AEA0009F@uchicago.edu> "Chuck R. Fisher" wrote: > > Please remove my name or unsubscribe me from your emailing list(s). It's no use asking us to do it. We can't. As Steve Gonzales just said: For those of you who no longer have it, here is the pertinent excerpt: "If you ever want to unsubscribe or change your options (eg, switch to or from digest mode, change your password, etc.), visit your subscription page at: http://lists.samba.org/options/samba-ntdom/." -- Simon Allaway | "It's not a firewall, University of Chicago | it's a leather pouch." 5-4390 Haskell Hall | - Anon. From pragyan at cs.iitm.ernet.in Wed Nov 8 21:49:32 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:17 2003 Subject: Problem with samedit In-Reply-To: <006f01c0498e$b4d649a0$8d030201@smutu1> Message-ID: > To make Win2K joined the Samba Domain, you must have Win2K Domain the same > as Samba PDC-Domain. > In Win2K, it's different between Workgroup and Domain, so set it to Domain > Samba. > You don't need to add Win2K box in smbpasswd, except in /etc/passwd. > Set the Win2K Domain to Samba Domain, Win2K asking for the user has right to > add Win2K box to the domain, just enter the 'root' and his password. > You will get the message 'Welcome to TESTING [SAMBA-whatever] Domain.' > Now you must restart Win2K and see in login menu the domain of Samba. I did the above mentioned steps also, but it tells after I give it the "root" and password (this means the root and password of the Linux machien which has been configured as PDC, I hope?) that "The following error occured attempting to join the domain "TESTING": The credentials supplied conflict with an existing set of credentials." Now what could that be for? > I got what you think is that Win2K acts the same as Win9x client when login > to the domain. > If that, you miss here. > Win2K acts the same as WinNT when login to the Domain. > It's must have the same domain [not workgroup] with the PDC Domain. No we have been trying to set the domain as TESTING but it does not allow us to..so we are still in the same place? > > Thanks..but since I wanted information on using Samba as PDC , I had > > mailed there. From henceforth, I will use tng-users mailing list. > > > See you there. Oh sure...I have become one major fan pf Samba...I feel it is one software of its kind. Hats off to the Samba team. Cheers, Pragyan. From Jim.Wilson at merant.com Wed Nov 8 22:17:27 2000 From: Jim.Wilson at merant.com (Jim Wilson) Date: Tue Dec 2 02:32:17 2003 Subject: File Timestamp Set to Current Date Message-ID: When copying files from 95/98 to a Samba mount, files keep their date and time. When copying files from NTFS formatted drive on NT, files also keep their date and time. However, copying from FAT formatted drive sets date and time to current date and time. Having said this, we also have run into customers that can't even copy from an NTFS formatted drive on NT to a samba mount without the datetime getting set to the current datetime. Does anyone know what controls the file timestamp setting? Does it have to do with the client network software? A samba option? A bug in our release of Samba? Thanks, Jim Wilson MERANT -------------- next part -------------- HTML attachment scrubbed and removed From manuel at varxec.de Wed Nov 8 22:49:48 2000 From: manuel at varxec.de (Manuel Bessler) Date: Tue Dec 2 02:32:17 2003 Subject: Take my name... please In-Reply-To: ; from gonzo@eng.lsu.edu on Wed, Nov 08, 2000 at 08:25:12AM -0600 Message-ID: <20001108234947.A533@varxec.de> On Wed, Nov 08, 2000 at 08:25:12AM -0600, Steve Gonzales wrote: > Recently, there has been a rash of messages requesting that people's names > be dropped from the list. > > For those of you who are thinking about retracting your name from this list, > please read the initial welcome message which is automatically sent to you > when you are added to this list. > > For those of you who no longer have it, here is the pertinent excerpt: > "If you ever want to unsubscribe or change your options (eg, switch to or > from digest mode, change your password, etc.), visit your subscription page > at: > > http://lists.samba.org/options/samba-ntdom/." > > Please refer to this site. i tried to unsubscribe several times from samba-ntdom, but it seems (at least for me, and only for samba-tng) that the "Send me my password" doesn't work. If do not use the subscription page to subscribe, you never have to submit a password, so mailman creates one. Now, when i want to unsubscribe later, i go to the subscription pagem and let mailman send me the password. This worked with samba, but samba-ntdom never sent me one. I tried several times over the last 3 weeks. Also, the digest format is somehow broken. Maybe we should make the old way of (un)subscribing available: mail to listname-request@domain or listprocessor@domain with "subscribe" or "unsubscribe" in Subject or Body ??? regards Manuel -- .-. | Manuel Bessler /v\ L I N U X | , // \\ >Phear the Penguin< | /( )\ | Debian/GNU Linux user ^^-^^ GPG Fingerprint: 278D 2DC2 8A3E 9AEE 98F1 71D2 B224 68D1 1240 28BC From D.Bannon at latrobe.edu.au Wed Nov 8 23:13:08 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:17 2003 Subject: 2.2 and auto machine account creation with NT4 In-Reply-To: Message-ID: <3.0.6.32.20001109101308.008ae570@bioserve.latrobe.edu.au> Hi folks, Now, I know that a number of people have been testing W2K with the 2.2 cvs ability to create machine accounts 'on the fly' (with varying degrees of success). But has anyone bothered to do the same with NT4 recently ? I just found that the current cvs fails to do join when using the 'auto system'. That is, using 'add user script' to make an entry in /etc/passwd and then having samba make an entry in ~/smbpasswd, all with a domain admin's (who is root) authority. I found that the setup that works fine with W2K fails for NT4 : The entry is created in /etc/passwd correctly. The entry is created in ~/smbpasswd and the encrypted passwd string includes the text 'NO PASSWORD'. Then we receive the dreaded message on the client 'The account for this computer either does not exist or is inaccessable'. The old method of running smbpasswd -a -m {machine} works fine. Its interesting that the encrypted passwd string after doing appears to be just random characters. Looks like samba is setting it incorrectly after creating the entry in the auto mode. Anyone else found these results ? David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Thu Nov 9 00:30:20 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:17 2003 Subject: Sharing profiles between NT4 and W2K on Samba 2.2 In-Reply-To: <3A087DB4.64DBD565@valinux.com> References: Message-ID: <3.0.6.32.20001109113020.008a8d80@bioserve.latrobe.edu.au> Hmm... This one might be a bit scary. I just noticed that if you have a profile that was 'seen' by W2K, that is, you logged into a domain via W2K, there is a problem when next you logon to a NT4ws. The network icon disappears from the control panel !! Nothing more (that I have found yet) but why on earth would that happen ?? Its not a permission thing, if you where clever enough to make a short cut to the network icon before playing with W2K you can run with it after. I have been back and forwards a couple of times, there is no doubt that the problem is coming in via the profile, what does anyone think ?? Does this mean that profiles may not be 'shareable' between NT and W2K ? If it does this what other things will we find it doing.... I guess I'll have a look with regedit and try and see what its doing. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Thu Nov 9 01:05:29 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:17 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) In-Reply-To: Message-ID: <3.0.6.32.20001109120529.00895390@bioserve.latrobe.edu.au> At 03:42 PM 08/11/2000 +0100, dobos_s@IBCnet.hu wrote: >choose one of them (no meaning which one) and give it some rights and open >the dialog again I dont see the given user, but there is a new line: >XYZDOMAIN\Account unknown. Actually there is a samba that will do that, the old head 2.1pre-alpha does all that sort of thing quite well. I don't know if it is still available from the cvs and even if it was it was always a bit of 'pot luck' whether it worked or not. I can post you a tarball of a know working one if you like. (I've been using it for a couple of years...) That being the case, I assume TNG will do it too. www.samba-tng.org Or just wait around a bit and see if this functionality appears in 2.2 which will, most likely be a more stable product. David > >The situation dont changes If I stop and start samba again, or if I restart >the ntws. > >This is the problem. Somebody will help me? > >ps1: Is there a samba version which is as stable as 207, but has more >functionality? (e.g. a cvs tarball?) > >ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected >message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write >to samba-ntdom? >(Embedded image moved to file: pic14440.pcx) >Attachment Converted: "c:\Desktop\Attach\pic144401.pcx" > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From schapiro at clerk.pi.huji.ac.il Thu Nov 9 06:25:15 2000 From: schapiro at clerk.pi.huji.ac.il (Schlomo Schapiro) Date: Tue Dec 2 02:32:17 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) In-Reply-To: <3.0.6.32.20001109120529.00895390@bioserve.latrobe.edu.au> Message-ID: Hi, this is quite interesting, can you with this head 2.1pre-alpha also give users admin rights over THEIR computers only (each on his own) ? I never met a samba that was able to do this, all only give this "Account Unknown" stuff :-(. Or do you have a clue when (and wether) this will appear in the 2.2 branch ? This is actually the biggest problem since everybody wants to be boss on his own computer and still be able to log on to all others and till now this has prevented me from using Samba as PDC here :-( Sincerely, Schlomo On Thu, 9 Nov 2000, David Bannon wrote: > At 03:42 PM 08/11/2000 +0100, dobos_s@IBCnet.hu wrote: > > >choose one of them (no meaning which one) and give it some rights and open > >the dialog again I dont see the given user, but there is a new line: > >XYZDOMAIN\Account unknown. > > Actually there isa samba that will do that, the old head 2.1pre-alpha does > all that sort of thing quite well. I don't know if it is still available > from the cvs and even if it was it was always a bit of 'pot luck' whether > it worked or not. I can post you a tarball of a know working one if you > like. (I've been using it for a couple of years...) > > That being the case, I assume TNG will do it too. www.samba-tng.org > > Or just wait around a bit and see if this functionality appears in 2.2 > which will, most likely be a more stable product. > > David > > > > > >The situation dont changes If I stop and start samba again, or if I restart > >the ntws. > > > >This is the problem. Somebody will help me? > > > >ps1: Is there a samba version which is as stable as 207, but has more > >functionality? (e.g. a cvs tarball?) > > > >ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected > >message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write > >to samba-ntdom? > >(Embedded image moved to file: pic14440.pcx) > >Attachment Converted: "c:\Desktop\Attach\pic144401.pcx" > > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! > -- Schlomo Schapiro Computation Authority Hebrew University of Jerusalem Tel: ++972 / 2 / 65-84404 Fax: 65-27349 email: schapiro@clerk.pi.huji.ac.il WWW: http://shum.cc.huji.ac.il/~schapiro From teilo at cdt.luth.se Thu Nov 9 10:49:53 2000 From: teilo at cdt.luth.se (James Nord) Date: Tue Dec 2 02:32:17 2003 Subject: Take my name... please References: <20001108234947.A533@varxec.de> Message-ID: <3A0A8151.3B44D1A3@cdt.luth.se> Take a look at your E-Mail headers List-Unsubscribe: , /James Manuel Bessler wrote: > > On Wed, Nov 08, 2000 at 08:25:12AM -0600, Steve Gonzales wrote: > > Recently, there has been a rash of messages requesting that people's names > > be dropped from the list. > > > > For those of you who are thinking about retracting your name from this list, > > please read the initial welcome message which is automatically sent to you > > when you are added to this list. > > > > For those of you who no longer have it, here is the pertinent excerpt: > > "If you ever want to unsubscribe or change your options (eg, switch to or > > from digest mode, change your password, etc.), visit your subscription page > > at: > > > > http://lists.samba.org/options/samba-ntdom/." > > > > Please refer to this site. > > i tried to unsubscribe several times from samba-ntdom, but it seems > (at least for me, and only for samba-tng) that the "Send me my password" > doesn't work. If do not use the subscription page to subscribe, you never > have to submit a password, so mailman creates one. Now, when i want to > unsubscribe later, i go to the subscription pagem and let mailman send > me the password. This worked with samba, but samba-ntdom never sent me one. > I tried several times over the last 3 weeks. > > Also, the digest format is somehow broken. > > Maybe we should make the old way of (un)subscribing available: > mail to listname-request@domain or listprocessor@domain > with "subscribe" or "unsubscribe" in Subject or Body ??? > > regards > Manuel > -- > .-. | Manuel Bessler > /v\ L I N U X | , > // \\ >Phear the Penguin< | > /( )\ | Debian/GNU Linux user > ^^-^^ > GPG Fingerprint: 278D 2DC2 8A3E 9AEE 98F1 71D2 B224 68D1 1240 28BC -- Technology is a word that describes something that doesn't work yet. Douglas Adams From greg at discreet.com Thu Nov 9 12:11:00 2000 From: greg at discreet.com (Greg Dickie) Date: Tue Dec 2 02:32:17 2003 Subject: Sharing profiles between NT4 and W2K on Samba 2.2 In-Reply-To: <3.0.6.32.20001109113020.008a8d80@bioserve.latrobe.edu.au> Message-ID: Uh ya, profiles do seem to get hosed once you login on a Win2K machine, mine now has these really fancy icons and a bunch of stuff no longer works the way it did. Good thing I don't really care about it that much. It's kind of what you'd expect though, the registry "trees" to change and all... Greg On 09-Nov-00 David Bannon wrote: > > Hmm... This one might be a bit scary. I just noticed that if you have a > profile that was 'seen' by W2K, that is, you logged into a domain via W2K, > there is a problem when next you logon to a NT4ws. > > The network icon disappears from the control panel !! Nothing more (that I > have found yet) but why on earth would that happen ?? Its not a permission > thing, if you where clever enough to make a short cut to the network icon > before playing with W2K you can run with it after. > > I have been back and forwards a couple of times, there is no doubt that the > problem is coming in via the profile, what does anyone think ?? > > Does this mean that profiles may not be 'shareable' between NT and W2K ? If > it does this what other things will we find it doing.... > > I guess I'll have a look with regedit and try and see what its doing. > > David > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! --------------------------------------------------------------------- Greg Dickie just a guy greg@discreet.com From rszczesniak at mis.com.pl Thu Nov 9 12:31:31 2000 From: rszczesniak at mis.com.pl (=?iso-8859-2?q?Rafa=B3_Szcze=B6niak?=) Date: Tue Dec 2 02:32:17 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) Message-ID: ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write to samba-ntdom? so do I. Also don't understand why this occurs. rafal dobos_s@IBCnet.hu Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-08 15:42 Do: samba-technical@us5.samba.org, samba-ntdom@us5.samba.org DW: Temat: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) Hi! There was no valuable reactions from list, so I repeat. Enviroment: linux 2.2.17, samba 2.0.7 pdc, NTws4sp5. In NT permissions dialog I see duplicated (tripled) usernames, when I choose one of them (no meaning which one) and give it some rights and open the dialog again I dont see the given user, but there is a new line: XYZDOMAIN\Account unknown. The situation dont changes If I stop and start samba again, or if I restart the ntws. This is the problem. Somebody will help me? ps1: Is there a samba version which is as stable as 207, but has more functionality? (e.g. a cvs tarball?) ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write to samba-ntdom? (Embedded image moved to file: pic14440.pcx) (See attached file: pic14440.pcx) -------------- next part -------------- A non-text attachment was scrubbed... Name: =?iso-8859-2?Q?pic14440.pcx?= Type: application/octet-stream Size: 3452 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001109/848e2437/iso-8859-2Qpic14440.obj From pragyan at cs.iitm.ernet.in Thu Nov 9 18:33:14 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:17 2003 Subject: Samba as PDC .. W2K Clients (URGENT) Message-ID: Hello, Our environment : Samba as PDC, Win2K Professional Clients What is working? Compiled Samba latest version Installed Samba on Linux m/c FOO as PDC for domain TESTING Created smbpasswd and smb.conf file which has been inlcuded as an attachment in this mail. We have not done any policy changes in the Win2k coz we dont know how to do and if it is necessary? Please let us know about this also. /************ THIS WORKS !! ******************************/ [root@foo]# smbclient -L FOO -U root Unknown parameter encountered: "domain admin users" Ignoring unknown parameter "domain admin users" added interface ip=x.y.z.a bcast=x.y.z.255 nmask=255.255.255.0 Password: session setup ok Domain=[TESTING] OS=[Unix] Server=[Samba TNG-alpha] Sharename Type Comment --------- ---- ------- public Disk Public share IPC$ IPC IPC Service (Samba TNG-alpha) root Disk Users' home directories Server Comment --------- ------- FOO Samba TNG-alpha Workgroup Master --------- ------- TESTING FOO /************************************************************/ /************ THIS DOES NOT WORK !! *************************/ On another machine BAR, the same command does not work (where BAR is a Linux Machine) [root@BAR /root]# smbclient -L FOO -U root SSL: Error error setting CA cert locations: error:00000000::lib(0) :func(0) :reason(0) trying default locations. added interface ip=x.y.z.a bcast=x.y.z.255 nmask=255.255.255.0 Password: session setup failed: ERRSRV - ERRbadpw (Bad password - name/password pair in a Tree Connect or Session Setup are invalid.) /************************************************************************/ /******************* THIS ALSO DOES NOT WORK :-(( **********************/ On Windows 2K professional Machine when we try to join the domain, we get the following error,a text box pops up saying "The following error occured attempting to join the domain TESTING The credentials supplied conflict the with an existing set of credentials" /***********************************************************************/ Please help us out of this. Free pizza for whoever helps us configure Samba successfully ;-) Thanks in advance, Cheers, Pragyan. -------------- next part -------------- [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = FOO workgroup = TESTING #flat files that map Unix groups to NT type groups. #these files take the form unix_group = `Windows NT group'' domain group map = /usr/local/samba/lib/domaingroup.map domain alias map = /usr/local/samba/lib/domainalias.map domain user map = /usr/local/samba/lib/domainuser.map #Domain controllers use user security and we need encrypted #passwords (see ENCRYPTION.txt) #security = user security = server domain logons = yes encrypt passwords = yes #And in order for us to be *sure* to win browser elections os level = 65 domain master = yes preferred master = yes local master = yes client code page = 850 #WINS is the equivalent of DNS for NetBIOS. wins support = yes time server = no #the next lines are equivalent to the various profile details #found in NT's User Manager logon script = login.bat logon drive = U: logon home = \\%L\home\%U logon path = \\%L\profile\%U #share all home directories [homes] browseable = no writable = yes comment = Users' home directories #set up netlogon share for system policies and login scripts [netlogon] path = /opt/samba-tng/netlogon writable = no guest ok = no comment = PDC netlogon share #the profiles share #to create automatic subdirs for the different users #chmod 1777 /opt/samba-tng/profile [profile] path = /opt/samba-tng/profile writeable = yes #a public share [public] path = /opt/samba-tng/public browseable = yes Public = yes comment = Public share From dobos_s at IBCnet.hu Thu Nov 9 12:59:40 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:17 2003 Subject: A solution for novell client and samba pdc bluescreen. Message-ID: After installing Novell Client, but before reboot start registry editor, find and change GinaDLL key from NWGINA.DLL to MSGINA.DLL. There will be some functionality loss (e.g. novell printer), but there will be no STOP screens. After examining coredump with drwatson I saw the deadly MS function (cant remember name) which are for retrieving additional user info, but dont checking the result. Unfortunatelly samba cant give such and informations, so the function crashes. Anybody working on implementation of this? Cly From simo.sorce at polimi.it Thu Nov 9 14:32:17 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:32:17 2003 Subject: Samba as PDC .. W2K Clients (URGENT) References: Message-ID: <3A0AB571.BE2ADC36@polimi.it> Pragyansmita Paul wrote: > > Hello, > > Our environment : > Samba as PDC, Win2K Professional Clients > > What is working? > Compiled Samba latest version What you mean with latest version? Are you speaking of latest stable or latest development branch? 2.0.7, 2.2.0pre, CVS-HEAD(3.0?) ? 2.0.7 is not able to be a PDC for W2k joining a samba 2.2.0 domain with w2k will work but the 2.2.0 is still under beta testing. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From pragyan at cs.iitm.ernet.in Thu Nov 9 19:35:20 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:17 2003 Subject: Samba as PDC .. W2K Clients (URGENT) In-Reply-To: <3A0AB571.BE2ADC36@polimi.it> Message-ID: > > Our environment : > > Samba as PDC, Win2K Professional Clients > > > > What is working? > > Compiled Samba latest version > What you mean with latest version? > Are you speaking of latest stable or latest development branch? > 2.0.7, 2.2.0pre, CVS-HEAD(3.0?) ? > > 2.0.7 is not able to be a PDC for W2k > joining a samba 2.2.0 domain with w2k will work but the 2.2.0 is still > under beta testing. We had downloaded the latest version of Samba TNG. Sorry about this lapse in providing information. Regards, Pragyan From chuck.fisher at stl.rural.usda.gov Thu Nov 9 15:04:16 2000 From: chuck.fisher at stl.rural.usda.gov (Chuck R. Fisher) Date: Tue Dec 2 02:32:17 2003 Subject: Take my name... please References: <000701c0498f$b56acc00$ca192782@desgo1> Message-ID: <3A0ABCF0.BDB9A07F@stl.rural.usda.gov> That has also proven ineffective. Steve Gonzales wrote: > Recently, there has been a rash of messages requesting that people's names > be dropped from the list. > > For those of you who are thinking about retracting your name from this list, > please read the initial welcome message which is automatically sent to you > when you are added to this list. > > For those of you who no longer have it, here is the pertinent excerpt: > "If you ever want to unsubscribe or change your options (eg, switch to or > from digest mode, change your password, etc.), visit your subscription page > at: > > http://lists.samba.org/options/samba-ntdom/." > > Please refer to this site. > HIH! > Steve -------------- next part -------------- A non-text attachment was scrubbed... Name: chuck.fisher.vcf Type: text/x-vcard Size: 280 bytes Desc: Card for Chuck R. Fisher Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001109/dd8a99e2/chuck.fisher.vcf From stan at power.eng.McMaster.CA Thu Nov 9 15:09:43 2000 From: stan at power.eng.McMaster.CA (Stan Zolinski) Date: Tue Dec 2 02:32:17 2003 Subject: (no subject) Message-ID: <001f01c04a5f$1799d540$0cb87182@pct13zolinski> I have Samba alpha 2.5 installed as a PDC for w2k and I have two error msg's that I hope someone could help me with. 1. when I run smbstatus it says connections.tdb is not initalised 2. in the log files it also says that codepage 000 doesn't exist if someone could get back to me I would appreciate it. Stan Zolinski Mcmaster University -------------- next part -------------- HTML attachment scrubbed and removed From gcarter at valinux.com Thu Nov 9 15:27:48 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:17 2003 Subject: active directory References: <3A096C83.8C34CBD3@stl.rural.usda.gov> <00b801c04999$e14f2be0$9f01a8c0@zeus> Message-ID: <3A0AC274.BD4F060A@valinux.com> Hayden Wimmer wrote: > > can samba validate from a ms domain controller > running active directory??? active directory is supposed > to be ldap compliant... Samba requires a mixed mode domain controller to participate in a Windows 2000 domain ( as do WIndows NT 4 domain members). Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From pragyan at cs.iitm.ernet.in Thu Nov 9 21:15:06 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:17 2003 Subject: Thanks for the help!! Message-ID: Hello, We were just now able to use Samba TNG properly as PDC with Win 2K Professional as clients. It is working fine. Only one poor Win 2K machine refuses to join the other of its kind in the domain meant for them. We feel it is because we had added it by using samedit. Is there soem thing like if we use samedit and add a machine to SAM database other than etc/passwd, then it will not join the domain? We are trying to delete that machien from the SAM database using samedit, but it is not getting deleted :-( I would like to take this opportunity to thank everybody who helped us through this set-up. Hope one day, I will be able to help somebody in the same manner. Have a nice day, Cheers, Pragyan. From eckehard.wegner at e-plex.de Thu Nov 9 15:38:24 2000 From: eckehard.wegner at e-plex.de (Eckehard Wegner) Date: Tue Dec 2 02:32:18 2003 Subject: AW: Take my name... please Message-ID: Chuck, you seem to have a mail client that sends cards so chances are it also supports filter rules. just autodelete all incomain mails from the list and please stop sending those cards, they are not safe best regards eckehard -----Urspr?ngliche Nachricht----- Von: Chuck R. Fisher [mailto:chuck.fisher@stl.rural.usda.gov] Gesendet: Donnerstag, 9. November 2000 16:04 An: Steve Gonzales Cc: samba-ntdom@us4.samba.org Betreff: Re: Take my name... please That has also proven ineffective. Steve Gonzales wrote: > Recently, there has been a rash of messages requesting that people's names > be dropped from the list. > > For those of you who are thinking about retracting your name from this list, > please read the initial welcome message which is automatically sent to you > when you are added to this list. > > For those of you who no longer have it, here is the pertinent excerpt: > "If you ever want to unsubscribe or change your options (eg, switch to or > from digest mode, change your password, etc.), visit your subscription page > at: > > http://lists.samba.org/options/samba-ntdom/." > > Please refer to this site. > HIH! > Steve From pragyan at cs.iitm.ernet.in Thu Nov 9 21:30:09 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:18 2003 Subject: (no subject) In-Reply-To: <001f01c04a5f$1799d540$0cb87182@pct13zolinski> Message-ID: On Thu, 9 Nov 2000, Stan Zolinski wrote: > I have Samba alpha 2.5 installed as a PDC for w2k and I have two error msg's that I hope someone could help me with. > 1. when I run smbstatus it says connections.tdb is not initalised I am not aware of this..sorry!! > 2. in the log files it also says that codepage 000 doesn't exist > if someone could get back to me I would appreciate it. Please go into /usr/local/samba/lib/codepages , you might not be having any codepage.000, U cna do things to get away from this error.. 1) Create a link codepage.000 to codepage.850 OR 2) Write in smb.conf client code page = 850 We solved this problem like this, there might be neater way out, but you can use this till some expert solution comes your way. Have a nice day, Cheers, Pragyan > Stan Zolinski > Mcmaster University > From pragyan at cs.iitm.ernet.in Thu Nov 9 21:32:22 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:18 2003 Subject: active directory In-Reply-To: <3A0AC274.BD4F060A@valinux.com> Message-ID: On Thu, 9 Nov 2000, Gerald Carter wrote: > Hayden Wimmer wrote: > > > > can samba validate from a ms domain controller > > running active directory??? active directory is supposed > > to be ldap compliant... > > Samba requires a mixed mode domain controller to > participate in a Windows 2000 domain ( as do WIndows NT 4 > domain members). What is a mixed domain controller? Is it some other software and where should it be placed and how does it operate with the MS Active Directory and Samba? :-/ Thanks in advance, Cheers, Pragyan. From gcarter at valinux.com Thu Nov 9 16:01:56 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:18 2003 Subject: active directory References: Message-ID: <3A0ACA74.5581BAB@valinux.com> Pragyansmita Paul wrote: > > On Thu, 9 Nov 2000, Gerald Carter wrote: > > > Hayden Wimmer wrote: > > > > > > can samba validate from a ms domain controller > > > running active directory??? active directory is supposed > > > to be ldap compliant... > > > > Samba requires a mixed mode domain controller to > > participate in a Windows 2000 domain ( as do WIndows NT 4 > > domain members). > > What is a mixed domain controller? Is it some other > software and where should it be placed and how does it > operate with the MS Active Directory and Samba? :-/ A mixed mode DC is a Windows 2000 DC which is operating in leagacy mode (supporting the SAM API to the ESS housing AD). It is required for Windows NT 4 compatible clients to be domain members. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From koen at wijnstok.com Thu Nov 9 16:49:01 2000 From: koen at wijnstok.com (Koen Wijnstok) Date: Tue Dec 2 02:32:18 2003 Subject: active directory (how) Message-ID: to get to the previous question... How can someone get an active directory with linux and win2000pro? (in combination with samba-tng) koen From noelk at bc.edu Thu Nov 9 16:56:45 2000 From: noelk at bc.edu (Kenneth Noel) Date: Tue Dec 2 02:32:18 2003 Subject: active directory References: Message-ID: <3A0AD74D.D671FD68@bc.edu> When you create a windows 2000 domain you have the choice of running your domain as a mixed mode domain or native mode. Native mode makes the domain totally campatible for windows 2000 servers and clients, it is not compatible with win98 or samba. If you run win98 there is a windows 2000 client you can install to be able to access native mode servers. Mixed mode is running your windows 2000 domain so that your win98, NT 4.0 and Samba servers are able to access the domain. Also you should note that if you run your server in native mode you cannot change back to native mode. Becarefull with that. Native mode has many changes in the way MS networking works. Ken Pragyansmita Paul wrote: > On Thu, 9 Nov 2000, Gerald Carter wrote: > > > Hayden Wimmer wrote: > > > > > > can samba validate from a ms domain controller > > > running active directory??? active directory is supposed > > > to be ldap compliant... > > > > Samba requires a mixed mode domain controller to > > participate in a Windows 2000 domain ( as do WIndows NT 4 > > domain members). > > What is a mixed domain controller? Is it some other software and where > should it be placed and how does it operate with the MS Active Directory > and Samba? :-/ > > Thanks in advance, > Cheers, > Pragyan. -------------- next part -------------- A non-text attachment was scrubbed... Name: noelk.vcf Type: text/x-vcard Size: 290 bytes Desc: Card for Kenneth Noel Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001109/70d53117/noelk.vcf From simo.sorce at polimi.it Thu Nov 9 17:59:04 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:32:18 2003 Subject: active directory References: Message-ID: <3A0AE5E8.6C4C8C8B@polimi.it> Pragyansmita Paul wrote: > > On Thu, 9 Nov 2000, Gerald Carter wrote: > > > Hayden Wimmer wrote: > > > > > > can samba validate from a ms domain controller > > > running active directory??? active directory is supposed > > > to be ldap compliant... > > > > Samba requires a mixed mode domain controller to > > participate in a Windows 2000 domain ( as do WIndows NT 4 > > domain members). > > What is a mixed domain controller? Is it some other software and where > should it be placed and how does it operate with the MS Active Directory > and Samba? :-/ > > Thanks in advance, > Cheers, > Pragyan. It is only a way to configure w2k domains. Windows 2000 Domain Controllers may be set up in two ways: Pure 2k controller = supports only w2k clients or Mixed Mode Domain Controller = support w2k AND NT4 clients -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From martin at zamenhof.demon.co.uk Thu Nov 9 20:29:31 2000 From: martin at zamenhof.demon.co.uk (Martin Radford) Date: Tue Dec 2 02:32:18 2003 Subject: active directory In-Reply-To: <3A0AC274.BD4F060A@valinux.com> from "Gerald Carter" at Nov 09, 2000 09:27:48 AM Message-ID: <200011092029.UAA15781@zamenhof.demon.co.uk> > > Hayden Wimmer wrote: > > > > can samba validate from a ms domain controller > > running active directory??? active directory is supposed > > to be ldap compliant... > > Samba requires a mixed mode domain controller to > participate in a Windows 2000 domain ( as do WIndows NT 4 > domain members). Is this another case of MS documenting something as working, when it actually doesn't? I'm looking at an MS document (which I've just downloaded off their site), that states: "Windows 2000 Active Directory provides excellent backwards compatibility with your existing Windows NT-based environment. For example, you can continue to run Windows NT member servers. You can even add new Windows NT member servers to your environment after you've switched it to native mode." (Document from: http://www.microsoft.com/windows2000/library/planning/incremental/upgradent.asp - note that I've retyped this, not cut-and-pasted) So - has anyone here tried adding an NT4 server to a native-mode Win2k domain? Or a Samba server? Martin -- Martin Radford | "Only wimps use tape backup: _real_ martin@zamenhof.demon.co.uk | men just upload their important stuff -o) Registered Linux user #9257 | on ftp and let the rest of the world /\\ - see http://counter.li.org | mirror it ;)" - Linus Torvalds _\_V From jbcurry at hline.localhealth.net Thu Nov 9 20:52:56 2000 From: jbcurry at hline.localhealth.net (James B Curry) Date: Tue Dec 2 02:32:18 2003 Subject: AW: Take my name... please References: Message-ID: <3A0B0EA8.462CD80B@hline.localhealth.net> Eckehard Wegner wrote: > > Chuck, you seem to have a mail client that sends cards so chances are it > also supports filter rules. just autodelete all incomain mails from the list > and please stop sending those cards, they are not safe > best regards > eckehard I'm just curious - what is unsafe with vCards? From btarver at vention.com Thu Nov 9 21:10:03 2000 From: btarver at vention.com (Brad Tarver) Date: Tue Dec 2 02:32:18 2003 Subject: srvmgr & network neighborhood Message-ID: i can't see my samba boxes from network neighborhood and in NT server manager the icons in the list are greyed out instead of colored (blue and grey or blue and green) like the other boxes. suggestions? -- Brad Tarver Network Engineer btarver@vention.com "Security is not a product, but a process." -- Bruce Schneier, author of "Applied Cryptography" From aarjona at banistmo.com Thu Nov 9 21:28:55 2000 From: aarjona at banistmo.com (Arjona, Ariel) Date: Tue Dec 2 02:32:18 2003 Subject: Take my name... please Message-ID: <9B6B824220DBD311BF5A1000974B43B32B5A93@EXCH05001> This is interesting. Can people include lines of executable script code in them or something? if not, I don't see how they're unsafe for anything except for someone's bandwith, but I doubt we have many 300 bps modem users ;P > -----Original Message----- > From: Eckehard Wegner [mailto:eckehard.wegner@e-plex.de] > Sent: Thursday, November 09, 2000 10:38 AM > To: 'Chuck R. Fisher'; Steve Gonzales > Cc: samba-ntdom@us4.samba.org > Subject: AW: Take my name... please > > > Chuck, you seem to have a mail client that sends cards so > chances are it > also supports filter rules. just autodelete all incomain > mails from the list > and please stop sending those cards, they are not safe > best regards > eckehard > > -----Urspr?ngliche Nachricht----- > Von: Chuck R. Fisher [mailto:chuck.fisher@stl.rural.usda.gov] > Gesendet: Donnerstag, 9. November 2000 16:04 > An: Steve Gonzales > Cc: samba-ntdom@us4.samba.org > Betreff: Re: Take my name... please > > > That has also proven ineffective. > > Steve Gonzales wrote: > > > Recently, there has been a rash of messages requesting that > people's names > > be dropped from the list. > > > > For those of you who are thinking about retracting your > name from this > list, > > please read the initial welcome message which is > automatically sent to you > > when you are added to this list. > > > > For those of you who no longer have it, here is the > pertinent excerpt: > > "If you ever want to unsubscribe or change your options > (eg, switch to or > > from digest mode, change your password, etc.), visit your > subscription > page > > at: > > > > http://lists.samba.org/options/samba-ntdom/." > > > > Please refer to this site. > > HIH! > > Steve > From rszczesniak at mis.com.pl Thu Nov 9 21:46:25 2000 From: rszczesniak at mis.com.pl (=?iso-8859-2?q?Rafa=B3_Szcze=B6niak?=) Date: Tue Dec 2 02:32:18 2003 Subject: Odp: (no subject) Message-ID: "Stan Zolinski" Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-09 16:09 Do: DW: Temat: (no subject) I have Samba alpha 2.5 installed as a PDC for w2k and I have two error msg's that I hope someone could help me with. 1. when I run smbstatus it says connections.tdb is not initalised 2. in the log files it also says that codepage 000 doesn't exist I have the same problem. rafal if someone could get back to me I would appreciate it. Stan Zolinski Mcmaster University From D.Bannon at latrobe.edu.au Thu Nov 9 22:08:53 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:18 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) In-Reply-To: References: <3.0.6.32.20001109120529.00895390@bioserve.latrobe.edu.au> Message-ID: <3.0.6.32.20001110090853.008baec0@bioserve.latrobe.edu.au> At 08:25 AM 09/11/2000 +0200, Schlomo Schapiro wrote: >Hi, > >this is quite interesting, can you with this head 2.1pre-alpha also give >users admin rights over THEIR computers only (each on his own) ? No, cannot give blanket rights. But I wonder if you could set up a seperate smb.conf file for each machine, specifing a specific user as admin on that machine. The smb.conf file supports a 'include' type of statement (cannot remember the syntax) and you would have a thing like 'include %m.conf' and for machine1 you would have machine1.conf that would have a statement saying 'admin user = jack' assuming Jack uses machine1. really, get them out of this idea that should be admin of their own machine, much easier ... david >Or do you have a clue when (and wether) this will appear in the 2.2 branch >? No, nothing sure. Its something we would all really like though. I never >met a samba that was able to do this, all only give this "Account >Unknown" stuff :-(. > > >This is actually the biggest problem since everybody wants to be boss on >his own computer and still be able to log on to all others and till now >this has prevented me from using Samba as PDC here :-( > >Sincerely, >Schlomo > >On Thu, 9 Nov 2000, David Bannon wrote: > >> At 03:42 PM 08/11/2000 +0100, dobos_s@IBCnet.hu wrote: >> >> >choose one of them (no meaning which one) and give it some rights and open >> >the dialog again I dont see the given user, but there is a new line: >> >XYZDOMAIN\Account unknown. >> >> Actually there isa samba that will do that, the old head 2.1pre-alpha does >> all that sort of thing quite well. I don't know if it is still available >> from the cvs and even if it was it was always a bit of 'pot luck' whether >> it worked or not. I can post you a tarball of a know working one if you >> like. (I've been using it for a couple of years...) >> >> That being the case, I assume TNG will do it too. www.samba-tng.org >> >> Or just wait around a bit and see if this functionality appears in 2.2 >> which will, most likely be a more stable product. >> >> David >> >> >> > >> >The situation dont changes If I stop and start samba again, or if I restart >> >the ntws. >> > >> >This is the problem. Somebody will help me? >> > >> >ps1: Is there a samba version which is as stable as 207, but has more >> >functionality? (e.g. a cvs tarball?) >> > >> >ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected >> >message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I write >> >to samba-ntdom? >> >(Embedded image moved to file: pic14440.pcx) >> >Attachment Converted: "c:\Desktop\Attach\pic144401.pcx" >> > >> ------------------------------------------------------------ >> David Bannon D.Bannon@latrobe.edu.au >> School of Biochemistry Phone 61 03 9479 2197 >> La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >> Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >> ------------------------------------------------------------ >> ..... Humpty Dumpty was pushed ! >> > >-- >Schlomo Schapiro >Computation Authority >Hebrew University of Jerusalem > >Tel: ++972 / 2 / 65-84404 >Fax: 65-27349 >email: schapiro@clerk.pi.huji.ac.il >WWW: http://shum.cc.huji.ac.il/~schapiro > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Thu Nov 9 22:28:11 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:18 2003 Subject: Sharing profiles between NT4 and W2K on Samba 2.2 In-Reply-To: References: <3.0.6.32.20001109113020.008a8d80@bioserve.latrobe.edu.au> Message-ID: <3.0.6.32.20001110092811.008d7df0@bioserve.latrobe.edu.au> At 07:11 AM 09/11/2000 -0500, Greg Dickie wrote: > > >Uh ya, profiles do seem to get hosed once you login on a Win2K machine, mine >now has these really fancy icons and a bunch of stuff no longer works the way >it did. Good thing I don't really care about it that much. It's kind of what >you'd expect though, the registry "trees" to change and all... > Sure, and if its only the pretty things, I don't really mind. But why remove the 'Network' applet from the control panal ? The key by the way is "HK_C_U\Control Panel\don't load", easy enough to find and easy enough to reverse but you will need to do it every time you go from W2K to NT. Better look at doing it in a policy... David >Greg > >On 09-Nov-00 David Bannon wrote: >> >> Hmm... This one might be a bit scary. I just noticed that if you have a >> profile that was 'seen' by W2K, that is, you logged into a domain via W2K, >> there is a problem when next you logon to a NT4ws. >> >> The network icon disappears from the control panel !! Nothing more (that I >> have found yet) but why on earth would that happen ?? Its not a permission >> thing, if you where clever enough to make a short cut to the network icon >> before playing with W2K you can run with it after. >> >> I have been back and forwards a couple of times, there is no doubt that the >> problem is coming in via the profile, what does anyone think ?? >> >> Does this mean that profiles may not be 'shareable' between NT and W2K ? If >> it does this what other things will we find it doing.... >> >> I guess I'll have a look with regedit and try and see what its doing. >> >Greg Dickie >just a guy >greg@discreet.com > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From dyaya_2000 at yahoo.com Fri Nov 10 01:08:44 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:18 2003 Subject: Thanks for the help!! References: <20001109170003.664518435@lists.samba.org> Message-ID: <005f01c04ab2$fa1220a0$8d030201@smutu1> > Date: Fri, 10 Nov 2000 02:45:06 +0530 (IST) > From: Pragyansmita Paul > To: samba-ntdom@us5.samba.org, tng-users@samba-tng.org > Subject: Thanks for the help!! > > Hello, > > We were just now able to use Samba TNG properly as PDC with Win 2K > Professional as clients. It is working fine. Congratulation!! > Only one poor Win 2K machine > refuses to join the other of its kind in the domain meant for them. We > feel it is because we had added it by using samedit. Is there soem thing > like if we use samedit and add a machine to SAM database other than > etc/passwd, then it will not join the domain? Yup. > We are trying to delete that > machien from the SAM database using samedit, but it is not getting deleted > :-( > Did you try to delete the line contains the machine's name (Win2K) in the smbpasswd file? I mean, you open the smbpasswd file, and delete the line contains the machine's name (Win2K). > I would like to take this opportunity to thank everybody who helped us > through this set-up. Hope one day, I will be able to help somebody in the > same manner. > That's OK. yaya From jeremy at valinux.com Fri Nov 10 01:43:38 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:18 2003 Subject: Problems with nmbd on Solaris 8 with Samba 2.2.0? References: Message-ID: <3A0B52CA.1DDD2062@valinux.com> Dave Lowenstein wrote: > > I can't keep nmbd running for more than a minute without crashing on solaris > 8 with samba 2.2.0 . Anyone else have the same problem? Core dump ? Stack backtrace ? More info please.... Thanks, Jeremy Allison, Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From serg at tv2.tomsk.su Fri Nov 10 03:28:22 2000 From: serg at tv2.tomsk.su (Sergey Alexandrov) Date: Tue Dec 2 02:32:18 2003 Subject: W2k & sambas Message-ID: <200011100328.KAA18014@tv2.tomsk.su> Hi, All ! That's my story about joining to samba PDC. I tested 3 sambas - samba-2.1, samba-2.2, samba-tng-2.6 OS - FreeBSD 3.2 My steps: 1. Install samba. (for example named it TV2) 2. Run it :)) 3. Install W2k (named TEACHER) 4. Logon as LOCAL admin W2k 5. Join to WORKGROUP TV2 6. Do not reboot 7. telnet to samba box 8. samedit -S. -U root 9. createuser TEACHER$ 10. From within W2k - change membership to domain TV2 11. See message "Wellcome to domain TV2" 12. Enjoy it !!! 14. That's all !!! smb.conf attached. Any questions ? -- Best, Serg -------------- next part -------------- [global] workgroup = tv2 netbios name = Samba server string = Samba Server encrypt passwords = yes password level = 20 # domain admin group = @wheel domain logons = yes security = user local master = yes domain master = yes # interfaces = 192.168.13.0/24 logon script = logon.bat logon path = \\%L\%U\prof\%m logon drive = h: # local group map = /usr/local/samba/lib/localgroup.map domain group map = /usr/local/samba/lib/domaingroup.map domain user map = /usr/local/samba/lib/domainuser.map log file = /.1/Logs/samba/smb.%m # include = /usr/local/samba/lib/smb.conf.%m max log size = 300 # debug level = 10 wins proxy = no wins support = yes time server = True dns proxy = yes printing = bsd socket options = TCP_NODELAY load printers = no client code page = 866 case sensitive = no preserve case = yes short preserve case = no read raw = no [homes] comment = %U Home Dir browseable = no create mode = 600 writable = yes directory mode = 700 [netlogon] path = /usr/local/samba/netlogon [printers] comment = All Printers path = /usr/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes [WWW] printable = no delete readonly = yes valid users = serg,andy comment = Our WWW browseable = no write list = serg, andy force create mode = 644 force directory mode = 755 create mode = 644 writable = yes admin users = serg Administrator force group = wheel path = /.1/Data/www force user = root [Usr] allow hosts = 192.168.13.60 only user = yes delete readonly = yes valid users = serg comment = /usr browseable = no write list = serg writable = yes path = /usr force user = root user = serg [var] delete readonly = yes valid users = serg comment = Var hide dot files = no browseable = no create mode = 750 writable = yes path = /var force user = root [vote] only user = yes delete readonly = yes browseable = no write list = lll,andy,anton,serg create mode = 666 directory mode = 777 wide links = no path = /.1/Data/vote/data user = lll,andy,anton,serg,q,utro [Shared] create mode = 664 directory mode = 775 writable = yes comment = For all users (readonly) path = /.1/Data/Shared write list = @wheel [garant] create mode = 644 writable = yes path = /home/garant write list = garant [BIG_MIKE] delete readonly = yes valid users = @Makers,@usrA locking = no create mode = 666 force directory mode = 777 directory mode = 777 writable = yes oplocks = no force group = Makers path = /.1/Data/BIG_MIKE [Hole] delete readonly = yes valid users = @Makers,@wheel create mode = 660 force directory mode = 770 writable = yes directory mode = 770 path = /.1/Data/Hole [veda] comment = Veda write list = garant,@wheel create mode = 664 directory mode = 775 writable = yes wide links = no path = /.1/Data/Veda [Main_PR] delete readonly = yes valid users = mike create mode = 600 force directory mode = 700 writable = yes directory mode = 700 path = /.1/Data/BIG_MIKE/MAIN_PR.XP [forme] allow hosts = 192.168.13.15 delete readonly = yes valid users = serg,@wheel comment = Users home dirs browseable = no write list = serg,@wheel locking = no force create mode = 600 create mode = 600 force directory mode = 700 directory mode = 700 force group = wheel path = /.1/HOME force user = root [bat] delete readonly = yes valid users = batman browseable = no locking = no write list = batman create mode = 644 wide links = no writable = yes path = /.1/Data/www/batman From pragyan at cs.iitm.ernet.in Fri Nov 10 09:35:25 2000 From: pragyan at cs.iitm.ernet.in (Pragyansmita Paul) Date: Tue Dec 2 02:32:18 2003 Subject: Thanks for the help!! In-Reply-To: <005f01c04ab2$fa1220a0$8d030201@smutu1> Message-ID: On Fri, 10 Nov 2000, yaya wrote: > > Date: Fri, 10 Nov 2000 02:45:06 +0530 (IST) > > From: Pragyansmita Paul > > To: samba-ntdom@us5.samba.org, tng-users@samba-tng.org > > Subject: Thanks for the help!! > > > We are trying to delete that > > machien from the SAM database using samedit, but it is not getting deleted > > :-( > > > Did you try to delete the line contains the machine's name (Win2K) in the > smbpasswd file? > I mean, you open the smbpasswd file, and delete the line contains the > machine's name (Win2K). Yes, this worked. The moment I deleted the machines entry manually form etc/passwd, I was able to delete the entry that machines information from the SAM database Thanks and regards, Pragyan. From zitz at mindless.com Fri Nov 10 04:20:15 2000 From: zitz at mindless.com (zitz@mindless.com) Date: Tue Dec 2 02:32:18 2003 Subject: Procedure number out of range Message-ID: <001109232015FX.18388@weba1.iname.net> I have samba 2.2 setup as PDC with the sample smb.conf as shown in the faq. When i try to get W2K pro to join the domain, I get an error box saying Procedure number is out of range. Has anybody had this problem? zitz@mindless.com --------------------------------------------------- Get free personalized email at http://www.iname.com From D.Bannon at latrobe.edu.au Fri Nov 10 04:51:32 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:18 2003 Subject: W2k & sambas In-Reply-To: <200011100328.KAA18014@tv2.tomsk.su> Message-ID: <3.0.6.32.20001110155132.0089ea60@bioserve.latrobe.edu.au> At 03:28 AM 10/11/2000 -0000, Sergey Alexandrov wrote: >Hi, All ! > >That's my story about joining to samba PDC. >I tested 3 sambas - samba-2.1, samba-2.2, samba-tng-2.6 I take it you are saying that you tested samba-tng. Samba-2.1 was the old 'head' version, never formally released and does not even know about W2K. Samba-2.2 is the current 'pre-release' and it does not include samedit that you mention using. Just so people don't get confused .... ... >8. samedit -S. -U root >... Thats a TNG command. > domain group map = /usr/local/samba/lib/domaingroup.map > domain user map = /usr/local/samba/lib/domainuser.map >.... Those are TNG parameters. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From serg at tv2.tomsk.su Fri Nov 10 08:06:36 2000 From: serg at tv2.tomsk.su (Sergey Alexandrov) Date: Tue Dec 2 02:32:18 2003 Subject: W2k & sambas Message-ID: <200011100806.PAA27068@tv2.tomsk.su> David Bannon said: > At 03:28 AM 10/11/2000 -0000, Sergey Alexandrov wrote: > >Hi, All ! > > > >That's my story about joining to samba PDC. > >I tested 3 sambas - samba-2.1, samba-2.2, samba-tng-2.6 > > I take it you are saying that you tested samba-tng. Samba-2.1 was the old > 'head' version, never formally released and does not even know about W2K. > Samba-2.2 is the current 'pre-release' and it does not include samedit that > you mention using. > > Just so people don't get confused .... > > ... > >8. samedit -S. -U root > >... > Thats a TNG command. > > > domain group map = /usr/local/samba/lib/domaingroup.map > > domain user > map = /usr/local/samba/lib/domainuser.map > >.... > Those are TNG parameters. > > David > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! > > Ok. Sorry for my bad english and memory... For samba-2.1 and samba-2.2 I use command smbpasswd -a -m TEACHER$ And I know about 2.1. But W2K JOINING TO this sambas !!!!!! I don't know why but now 3 W2k WS working good enough for me as PDC and fileserver. Look at this: (smbstatus) Samba version 2.1.0-prealpha Service uid gid pid machine ---------------------------------------------- arsh arsh Sounders 20191 europaplus2 (192.168. Main_PR mike Makers 15423 matrox (192.168.13. arnold arnold usr 26008 13 (192.168.13. Shared arsh Sounders 20191 europaplus2 (192.168. serg serg usrA 20583 nt-server (192.168.13 sterh sterh Makers 21635 kvv (192.168.13. sam sam Makers 22759 samovsky (192.168.13. BIG_MIKE serg Makers 20583 nt-server (192.168.13 utro utro usr 73241 utro (192.168.13. forme toor wheel 20583 nt-server (192.168.13 q q usr 20832 europaarchive (192.16 Shared serg usrA 20583 nt-server (192.168.13 sterh sterh Makers 17647 torohovsky (192.168.1 andy andy Makers 18085 graphics (192.168.13. BIG_MIKE sterh Makers 17647 torohovsky (192.168.1 q q usr 26707 montage2 (192.168.13. WS torohovsky is the W2k workstation !!! I can send you smb.torohovsky log file if you not believe me. I can use rpcclient, smbclient from my FreeBSD box... -- Best, Serg From barth at cck.uni-kl.de Fri Nov 10 10:30:17 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:18 2003 Subject: samba2.2.0aplha0 PDC and W2k server ? Message-ID: <3A0BDC49.20369.406345@localhost> Hello! According to the good Samba 2.2 PDC HowTo/FAQ from David Bannon we tried to add a w2k-server, german edition, to a samba2.2.0alpha0 PCD controlled domain. Any body got this working? For w2k-server, not w2k- workstation. This is how far we got: Keeping to the Howto, joining the domain the w2k-server aborts with an error: The used account is a workstation account, use a normal user account (german orginal, etwa: Das benutze Konto ist ein Arbeitsstationenkonto. Benutzen sie ihr normale Benutzerkonto ...") Adding the w2k-server to /etc/passwd and setting the add user skript to "/bin/echo > /dev/null 2&>1", a disabled workstation account is created in the smbpasswd and the w2k-server aborts with: the number of procedures is out of range (german orginal: Die Prozeduranzahl ist au?erhalb des erlaubten Bereichs). Treating the w2k-server like a NT4.0-server we get the last error message as well. Is it worth trying the current cvs? By the way, with samba_tng_2.5_good joining a w2k-server to a samba-PCD works. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From sharpe at ns.aus.com Wed Nov 8 03:42:22 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:18 2003 Subject: Procedure number out of range In-Reply-To: <001109232015FX.18388@weba1.iname.net> Message-ID: <3.0.6.32.20001108134222.00b5ce20@203.16.214.248> At 11:20 PM 11/9/00 -0500, zitz@mindless.com wrote: >I have samba 2.2 setup as PDC with the sample smb.conf as shown in the faq. >When >i try to get W2K pro to join the domain, I get an error box saying Procedure >number is out of range. Has anybody had this problem? Yes, I have ... I posted a patch a while back, but it is only a stop-gap until we figure out the real problem. I will try again next week. >zitz@mindless.com > >--------------------------------------------------- >Get free personalized email at http://www.iname.com > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From Jean-Francois.Micouleau at dalalu.fr Fri Nov 10 11:35:09 2000 From: Jean-Francois.Micouleau at dalalu.fr (Jean Francois Micouleau) Date: Tue Dec 2 02:32:18 2003 Subject: samba2.2.0aplha0 PDC and W2k server ? In-Reply-To: <3A0BDC49.20369.406345@localhost> Message-ID: On Fri, 10 Nov 2000, Christian Barth wrote: > According to the good Samba 2.2 PDC HowTo/FAQ from David Bannon we > tried to add a w2k-server, german edition, to a samba2.2.0alpha0 PCD > controlled domain. Any body got this working? For w2k-server, not w2k- > workstation. it doesn't work with samba 2.2.0alpha0 This feature (as documented in David's faq) was added to samba AFTER alpha0 was released. So until an alpha1 is released you have to pull samba from the cvs tree. David B. can you add a sentence in your FAQ to make it clear ? Thanks. J.F. From gonzo at eng.lsu.edu Fri Nov 10 13:43:58 2000 From: gonzo at eng.lsu.edu (Steve Gonzales) Date: Tue Dec 2 02:32:18 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) In-Reply-To: <3.0.6.32.20001110090853.008baec0@bioserve.latrobe.edu.au> Message-ID: <002101c04b1c$4860e110$ca192782@desgo1> I have to agree. Do NOT let everyone be a local Administrator. This is asking for much trouble. If you must give a little to the users, place the global Domain Users group into each local Power Users group. This will allow people to at least add printers, etc. BUT it will not let them administer the workstation. HIH! Steve -----Original Message----- From: samba-ntdom-admin@us5.samba.org [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of David Bannon Sent: Thursday, November 09, 2000 4:09 PM To: Schlomo Schapiro Cc: Multiple recipients of list SAMBA-NTDOM Subject: Re: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) At 08:25 AM 09/11/2000 +0200, Schlomo Schapiro wrote: >Hi, > >this is quite interesting, can you with this head 2.1pre-alpha also give >users admin rights over THEIR computers only (each on his own) ? really, get them out of this idea that should be admin of their own machine, much easier ... From RSzczesniak at mis.com.pl Fri Nov 10 16:43:07 2000 From: RSzczesniak at mis.com.pl (RSzczesniak@mis.com.pl) Date: Tue Dec 2 02:32:18 2003 Subject: srvmgr & network neighborhood Message-ID: What version of Samba do you use ? It might be caused by limited support of msrpc calls in all sambas except of tng branch. rafal Brad Tarver Wys?ane przez: samba-ntdom-admin@us5.samba.org 00-11-09 22:10 Do: "'samba-ntdom@samba.org'" DW: Temat: srvmgr & network neighborhood i can't see my samba boxes from network neighborhood and in NT server manager the icons in the list are greyed out instead of colored (blue and grey or blue and green) like the other boxes. suggestions? -- Brad Tarver Network Engineer btarver@vention.com "Security is not a product, but a process." -- Bruce Schneier, author of "Applied Cryptography" From jordi2242 at hotmail.com Fri Nov 10 20:17:46 2000 From: jordi2242 at hotmail.com (Jordi M) Date: Tue Dec 2 02:32:18 2003 Subject: SMB LM/NT Password did not match! Message-ID: Hello. I have installed Samba-TNG 2.6 and after configure it it's impossible to see the shared resources from an NT wks 4.0 nor any windows 9x machine, nor the samba box itself using sbmclient. In log.smb I get: LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND SMB LM/NT Password did not match! Rejecting user 'jordi': authentication failed I know this problem has happened to a more than one person, and I have seen some replies with (unuseful) solutions, for example: - In the NT user/password prompt: \\SAMBAMACHINE\user as user. It does not work. - Reset machine account in samba box. It doesn't work. I have reset the machine, the user account and everything I have around me (the only thing I have not reset yet is my patience, but I will soon reset it and give up this thing.) The user account exists in passwd and smbpasswd, and both passwords are equal. Although I think it is not necessary, I have created also an account for the machine I try to connect from. Here, we don't have a PDC. I'm only trying to configure samba-tng to act as a stand alone box member of our group. You can ask why, in this case, don't use samba-2.0.7? The reason is because my purpouse is to configure samba-tng as our PDC, but before doing that I have to resolve this problem with the user/password validation. Regards, Jordi. Here you have a copy of my smb.conf: [global] workgroup = GRUPO log file = /usr/local/samba/var/log.%m max log size = 50 security = user encrypt passwords = yes after that, the [homes] section as usual and some other resources. _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. From canfield at uindy.edu Fri Nov 10 20:16:52 2000 From: canfield at uindy.edu (Dana Canfield) Date: Tue Dec 2 02:32:18 2003 Subject: CVS Complie on RH7.0? Message-ID: <3A0C57B4.4060104@uindy.edu> I've not seen this fixed, nor seen anyone complain about it, but under the SAMBA_2_2 branch, when I try to compile, I get the error: tdb/tdbutil.c: In function `tdb_pack': `short unsigned int' is promoted to `int' when passed through `...' (so you should pass `int' not `short unsigned int' to `va_arg') This has been this way for a couple weeks, so I'm wondering if it's specific to RH 7.0 or something like that, as I can't imagine a problem that prevents compilation would have been left in the branch for so long. Anyone have any ideas? Also, is there a better way to report things like this? DC From kevinko at mail.ece.umn.edu Fri Nov 10 20:26:19 2000 From: kevinko at mail.ece.umn.edu (Kevin KleinOsowski) Date: Tue Dec 2 02:32:18 2003 Subject: codepage 000 not found Message-ID: Anyone know how to fix this? I saw the previous email about it, stating that you can add a line in the smb.conf file client code page = 850 and that should fix it, but it is not fixing it for me. Kevin From PCalkins at OEMSupport.com Fri Nov 10 20:53:41 2000 From: PCalkins at OEMSupport.com (Patrick Calkins) Date: Tue Dec 2 02:32:18 2003 Subject: Samba_2_2 and Win2K Message-ID: <20DD62956F435141ACDA69B2989B446B309CDB@orion.oem.oemsupport.com> Hello all, I am having trouble joining a Win2K SPI client to a samba_2_2 domain. I did apply the code patch to the srv_lsa.c file and re-compile, but the same problem still exists: When joining the Win2k client to the domain, it reports that it cannot find an account for the machine (which I have manually added to /etc/passwd & smbpasswd -a -m machine_name$). So it askes for an admin user, which I give it root, then it comes back with 'The procedure number is out of range' error. I thought the patch fixed this (??). Thanks! --Patrick From gcarter at valinux.com Fri Nov 10 21:37:35 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:18 2003 Subject: CVS Complie on RH7.0? References: <3A0C57B4.4060104@uindy.edu> Message-ID: <3A0C6A9F.6C5D8952@valinux.com> Dana Canfield wrote: > > I've not seen this fixed, nor seen anyone complain about > it, but under the SAMBA_2_2 branch, when I try to compile, I > get the error: > > tdb/tdbutil.c: In function `tdb_pack': > `short unsigned int' is promoted to `int' when passed through `...' > (so you should pass `int' not `short unsigned int' to `va_arg') > > This has been this way for a couple weeks, so I'm wondering > if it's specific to RH 7.0 or something like that, as > I can't imagine a problem that prevents compilation would > have been left in the branch for so long. > > Anyone have any ideas? RedHat 7.0 problem I think (off the top of my head). I cannot reproduce this on RedHat 6.2 $ gcc --version egcs-2.91.66 Jeremy just fixed it though (i saw a check into CVS go by really fast). :-) > Also, is there a better way to report things like this? Compile problems with SAMBA_2_2 and HEAD should be reported on samba-technical probably. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From kevinc at grainsystems.com Fri Nov 10 21:59:54 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:18 2003 Subject: CVS Complie on RH7.0? References: <3A0C57B4.4060104@uindy.edu> <3A0C6A9F.6C5D8952@valinux.com> Message-ID: <3A0C6FDA.5B42AF33@grainsystems.com> If using RH 7, you may want to use kgcc and/or at least make sure you installed kgcc before compiling anything. RH 7's default gcc (2.96) is not considered stable. - Kevin Colby kevinc@grainsystems.com From manuel at varxec.de Fri Nov 10 22:53:09 2000 From: manuel at varxec.de (Manuel Bessler) Date: Tue Dec 2 02:32:19 2003 Subject: Take my name... please In-Reply-To: ; from teilo@cdt.luth.se on Thu, Nov 09, 2000 at 11:49:53AM +0100 Message-ID: <20001110235309.A1762@varxec.de> On Thu, Nov 09, 2000 at 11:49:53AM +0100, James Nord wrote: > Take a look at your E-Mail headers > > List-Unsubscribe: > , > > > > /James just to be sure i retried it. with both variants. Nothing happened. i didn't even get a error-response or something. just like a black hole... As we've seen i'm not the only one with these problems. we will see more "remove me from this list" messages in the next time if the unsubscribe mechanism cannot be restored. As samba-tng split up with their own site, even more people will leave this list. > > i tried to unsubscribe several times from samba-ntdom, but it seems > > (at least for me, and only for samba-tng) that the "Send me my password" > > doesn't work. If do not use the subscription page to subscribe, you never > > have to submit a password, so mailman creates one. Now, when i want to > > unsubscribe later, i go to the subscription pagem and let mailman send > > me the password. This worked with samba, but samba-ntdom never sent me one. > > I tried several times over the last 3 weeks. > > > > Also, the digest format is somehow broken. > > > > Maybe we should make the old way of (un)subscribing available: > > mail to listname-request@domain or listprocessor@domain > > with "subscribe" or "unsubscribe" in Subject or Body ??? > > > > regards > > Manuel > Technology is a word that describes something that doesn't work yet. > Douglas Adams ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Maybe thats the case with the samba-ntdom unsubscribe mechanism ?? :-/ -- .-. | Manuel Bessler /v\ L I N U X | , // \\ >Phear the Penguin< | /( )\ | Debian/GNU Linux user ^^-^^ GPG Fingerprint: 278D 2DC2 8A3E 9AEE 98F1 71D2 B224 68D1 1240 28BC From sharpe at ns.aus.com Wed Nov 8 16:26:22 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:19 2003 Subject: Samba_2_2 and Win2K In-Reply-To: <20DD62956F435141ACDA69B2989B446B309CDB@orion.oem.oemsuppor t.com> Message-ID: <3.0.6.32.20001109022622.00b2f200@203.16.214.248> At 12:53 PM 11/10/00 -0800, Patrick Calkins wrote: >Hello all, > I am having trouble joining a Win2K SPI client to a samba_2_2 >domain. I did apply the code patch to the srv_lsa.c file and re-compile, but >the same problem still exists: > >When joining the Win2k client to the domain, it reports that it cannot find >an account for the machine (which I have manually added to /etc/passwd & >smbpasswd -a -m machine_name$). So it askes for an admin user, which I give >it root, then it comes back with 'The procedure number is out of range' >error. I thought the patch fixed this (??). OK, what I have found is that with a simple smb.conf, there are no problems, but as my smb.conf file gets more complex, problems like the one you mention above occur. This week I will start investigating when the problems occur, and then maybe we can have a fix. Also, the patch I supplied is a stop-gap. I have asked JF for more info on this so I can apply a real fix. >Thanks! >--Patrick > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From georg.lutz at erc.de Sat Nov 11 17:19:50 2000 From: georg.lutz at erc.de (Georg Lutz) Date: Tue Dec 2 02:32:19 2003 Subject: W2K and Profiles (Under Samba 2.2) References: <3.0.6.32.20001030090956.0079dbc0@bioserve.latrobe.edu.au> Message-ID: <3A0D7FB6.F363F13E@erc.de> Hi David, did you tested it meanwhile? Under NT4-PDC and NT4-Workstation we use a lot of policies. Next year we want to migrate to Samba-PDC and all (new) computers will be W2K-Workstations. So its definitely shure that W2K will not accept ntconfig.pol any more? Do you know of any other possibility to get policies work with w2k without AD ? Bye Georg David Bannon schrieb: > > Manea has sent me a message (see below) saying, quite authoritivly, that > W2K is not going to honour NTCONFIG.POL after build 2128 (I'm using 2195). > It will use Group Policies Objects under Active Directory. This seems to > mean that a Samba PDC will not be able to do policies. > > Has anyone actually done some work on this ? Does it perhaps not apply when > the W2K box is connecting to the domain in legacy mode ? If somebody has > tried it, please let me know to save me having to make a policy file on my > test system. > -- Georg Lutz | http://www.erc.de ERC - Euro Regio Consult AG | Tel: +49 7854 9696-0 Im Buehl 10 | Fax: +49 7854 9696-20 D-77694 Kehl From benoit.geslot at bde.espci.fr Sat Nov 11 16:59:02 2000 From: benoit.geslot at bde.espci.fr (ben) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k login problem Message-ID: <3A0D7AD6.1AA84FC3@bde.espci.fr> Hi there, I'm trying to connect a Win2k client to a Samba TNG 2.5 server (compiled with '--with-ldap'), running on the latest Debian version, in order to export roaming profiles to the client. I have followed the instructions given by the Samba TNG - LDAP Howto (written by Ignacio Coupeau) to set up the ldap database. Presently: The Win2k can see the server in the network neighbourhood and access any public share. A connection to server with 'smbclient' works fine. The 'createuser' command works as well and I created a trust account for my Win2k client and a few user accounts. But when I authenticate from the client to enter the domain, I get the following error: "The account used is a computer account. Use your global account or local user account to access this server". Is it a known problem ? What kind of account must I create on the server to authenticate the client ? Thanks a lot Benoit Geslot -- El?ve ing?nieur ? l'Ecole Sup?rieure de Physique et de Chimie Industrielles benoit.geslot@bde.espci.fr -- PS: although it seems to be a LDAP problem, this is my smb.conf: [global] ldap suffix = "my_suffix" ldap bind as = "cn=ldapadmin, my_suffix" ldap passwd file = /etc/samba/private/ldappasswd ldap server = localhost workgroup = my_domain netbios name = my_name client code page = 437 server string = %h server (Samba %v) wins support = yes local master = yes os level = 255 domain logons = yes domain master = yes logfile = /var/log/samba/%m max log size = 1000 loglevel = 5 lock directory = /var/lock/samba syslog = 0 interfaces = xxx.xx.xx.xxx allow hosts = xxx.xx.xx.xxx xxx.xx.xx.xxx xxx.xx.xx.xxx security = user invalid users = root null passwords = yes encrypt passwords = yes [homes] guest ok = no read only = no browseable = no create mask = 0750 directory mask = 700 [netlogon] path = /home/interne/netlogon writeable = no browseable = no locking = no guest ok = no [profiles] path = /home/interne/profiles browseable = yes guest ok = yes writeable = no create mode = 0777 [tmp] comment = Espace disque Temporaire path = /home/tmp public = yes writeable = yes printable = no read only = no [printers] browseable = no path = /tmp printable = yes public = no writable = no create mode = 0700 From ljames at hera.apollo3.com Sat Nov 11 20:40:00 2000 From: ljames at hera.apollo3.com (Larry James) Date: Tue Dec 2 02:32:19 2003 Subject: SMB LM/NT Password did not match! Message-ID: <200011112040.PAA24406@hera.apollo3.com> When I was having the problem it seemed that my Windows 98 machine was not set as the same domain and workgroup as the Samba PDC. I'm not sure if the workgroup matters so much, but I believe the domain option for your Windows machine is a must to be the same. I don't know how to set this in WinNT but in Win98 you go into network properties and set the properties of the Client for Microsoft Network for the appropriate domain. -- L. James > From: "Jordi M" > To: samba-ntdom@lists.samba.org > Subject: SMB LM/NT Password did not match! > Date: Fri, 10 Nov 2000 20:17:46 GMT > > Hello. > > I have installed Samba-TNG 2.6 and after configure it it's impossible to > see > the shared resources from an NT wks 4.0 nor any windows 9x machine, nor > the > samba box itself using sbmclient. In log.smb I get: > > LSA_OPENSECRET: NT_STATUS_OBJECT_NAME_NOT_FOUND > SMB LM/NT Password did not match! > Rejecting user 'jordi': authentication failed > > I know this problem has happened to a more than one person, and I have > seen > some replies with (unuseful) solutions, for example: > > - In the NT user/password prompt: \\SAMBAMACHINE\user as user. It does > not > work. > - Reset machine account in samba box. It doesn't work. I have reset the > machine, the user account and everything I have around me (the only > thing I > have not reset yet is my patience, but I will soon reset it and give up > this > thing.) > > The user account exists in passwd and smbpasswd, and both passwords are > equal. Although I think it is not necessary, I have created also an > account > for the machine I try to connect from. > > Here, we don't have a PDC. I'm only trying to configure samba-tng to act > as > a stand alone box member of our group. You can ask why, in this case, > don't > use samba-2.0.7? The reason is because my purpouse is to configure > samba-tng > as our PDC, but before doing that I have to resolve this problem with > the > user/password validation. -- ______________________________________________________________________ Apollo III Communications One of the World's First ISP's Larry James http://www.apollo3.com/~ljames ljames@apollo3.com From sdrummon at twohonkies.com Sat Nov 11 21:30:50 2000 From: sdrummon at twohonkies.com (Scott Brady Drummonds) Date: Tue Dec 2 02:32:19 2003 Subject: Cannot Open smbpasswd Message-ID: <002401c04c26$a9bda460$0700a8c0@twohonkies.com> Hello, all, I've been playing with the NTDOM code and have run into a problem that I can't resolve. My samba server, a Sun Sparc 5 running Sol 7, reports a permission error when I use a client to attempt to join the domain. The file log.client is appended with: startsmbfilepwent_internal: unable to open file /usr/local/samba/private/smbpasswd. Error was Permission denied unable to open sam password database. However, # ls -al /usr/local/samba/private/smbpasswd -rw------- 1 root root 212 Nov 2 14:32 /usr/local/samba/private/smbpasswd And, # ps -aef |grep nmb root 13123 1 0 13:09:11 ? 0:01 /usr/local/samba/bin/nmbd -D -l /var/adm/samba/log -d10 I've added some print statements to the nmbd process that verify the sys_fopen() args are correct and that the gid is 0 (the egid is not 0, but since I've never really understood what egid's are for, I don't know if this is a problem or not.) Can anyone explain why nmbd can't open this file for reading? This is causing my attempt to join the domain to fail... Thanks, Scott -------------- next part -------------- HTML attachment scrubbed and removed From schapiro at clerk.pi.huji.ac.il Sun Nov 12 09:22:50 2000 From: schapiro at clerk.pi.huji.ac.il (Schlomo Schapiro) Date: Tue Dec 2 02:32:19 2003 Subject: duplicated usernames, unknown account in NT "permissions" dialog (2.0.7) In-Reply-To: <3.0.6.32.20001110090853.008baec0@bioserve.latrobe.edu.au> Message-ID: Hi, I see the point, seems like a good idea. Problem is that if I don't give people admin rights they have to re-logon all the time for installations (and I can't take it from them on the Windows comps). On the other hand they want to be able to log on everywhere too... Schlomo On Fri, 10 Nov 2000, David Bannon wrote: > At 08:25 AM 09/11/2000 +0200, Schlomo Schapiro wrote: > >Hi, > > > >this is quite interesting, can you with this head 2.1pre-alpha also give > >users admin rights over THEIR computers only (each on his own) ? > > No, cannot give blanket rights. But I wonder if you could set up a seperate > smb.conf file for each machine, specifing a specific user as admin on that > machine. The smb.conf file supports a 'include' type of statement (cannot > remember the syntax) and you would have a thing like 'include %m.conf' and > for machine1 you would have machine1.conf that would have a statement > saying 'admin user = jack' assuming Jack uses machine1. > > really, get them out of this idea that should be admin of their own > machine, much easier ... > > david > > >Or do you havea clue when (and wether) this will appear in the 2.2 branch > >? > > No, nothing sure. Its something we would all really like though. > > I never > >met a samba that was able to do this, all only give this "Account > >Unknown" stuff :-(. > > > > > >This is actually the biggest problem since everybody wants to be boss on > >his own computer and still be able to log on to all others and till now > >this has prevented me from using Samba as PDC here :-( > > > >Sincerely, > >Schlomo > > > >On Thu, 9 Nov 2000, David Bannonwrote: > > > >> At 03:42 PM 08/11/2000 +0100, dobos_s@IBCnet.hu wrote: > >> > >> >choose one of them (no meaning which one) and give it some rights and open > >> >the dialog again I dont see the given user, but there is a new line: > >> >XYZDOMAIN\Account unknown. > >> > >> Actually there isa samba that will do that, the old head 2.1pre-alpha does > >> all that sort of thing quite well. I don't know if it is still available > >> from the cvs and even if it was it was always a bit of 'pot luck' whether > >> it worked or not. I can post you a tarball of a know working one if you > >> like. (I've been using it for a couple of years...) > >> > >> That being the case, I assume TNG will do it too. www.samba-tng.org > >> > >> Or just wait around a bit and see if this functionality appears in 2.2 > >> which will, most likely be a more stable product. > >> > >> David > >> > >> > >> > > >> >The situation dont changes If I stop and start samba again, or if I > restart > >> >the ntws. > >> > > >> >This is the problem. Somebody will help me? > >> > > >> >ps1: Is there a samba version which is as stable as 207, but has more > >> >functionality? (e.g. a cvs tarball?) > >> > > >> >ps2: Off-topic: Why got I a "Prohibited gate subscription" subjected > >> >message from Mail.Delivery.System@f30.n451.z2.fidonet.org each time I > write > >> >to samba-ntdom? > >> >(Embedded image moved to file: pic14440.pcx) > >> >Attachment Converted: "c:\Desktop\Attach\pic144401.pcx" > >> > > >> ------------------------------------------------------------ > >> David Bannon D.Bannon@latrobe.edu.au > >> School of Biochemistry Phone 61 03 9479 2197 > >> La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > >> Bundoora, Vic, Australia, 3083http://bioserve.latrobe.edu.au > >> ------------------------------------------------------------ > >> ..... Humpty Dumpty was pushed ! > >> > > > >-- > >Schlomo Schapiro > >Computation Authority > >Hebrew University of Jerusalem > > > >Tel: ++972 / 2 / 65-84404 > >Fax: 65-27349 > >email: schapiro@clerk.pi.huji.ac.il > >WWW: http://shum.cc.huji.ac.il/~schapiro > > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! > -- Schlomo Schapiro Computation Authority Hebrew University of Jerusalem Tel: ++972 / 2 / 65-84404 Fax: 65-27349 email: schapiro@clerk.pi.huji.ac.il WWW: http://shum.cc.huji.ac.il/~schapiro From torne at i.am Sun Nov 12 10:34:15 2000 From: torne at i.am (Torne Wuff) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k domain logon problem (repost) Message-ID: I got my Win2k machine to join the domain with no problems, by usignt he patch posted to this list and authenticating as root - but when I try to log on to the domain (from the win2k logon prompt) I get 'The netlogon service is not running on the machine'. What does this mean? I have a netlogon share that contains a dummy logon script. smb.conf attached below. Thanks, Torne Wuff (torne@i.am) Wolf cub, programmer, and too much to list Visit me at http://come.to/torne or track me down on ICQ as 10345149 [global] workgroup = GBD000CD netbios name = FOXIE interfaces = 192.168.10.4/24 127.0.0.1/32 bind interfaces only = Yes encrypt passwords = Yes map to guest = Bad User username map = /usr/local/samba/private/users.map name resolve order = lmhosts wins host bcast time server = Yes load printers = No domain admin users = torne logon script = logon.bat logon drive = h: domain logons = Yes os level = 65 preferred master = True domain master = True wins support = Yes socket address = 192.168.10.4 127.0.0.1 invalid users = tinydns dnslog root dnscache admin users = torne hosts allow = 192.168.10. 127.0.0.1 [netlogon] comment = Domain logon service path = /usr/local/samba/public/netlogon browseable = No [homes] read only = No browseable = No From dobos_s at IBCnet.hu Sun Nov 12 13:10:57 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:19 2003 Subject: netbios aliases and %L config not working on cvs version Message-ID: Hi! I created tng pdc with name pdc and some aliases (e.g. sv-itgroup). I wrote only global section in smb.conf and and "include ... smb.conf.%L" In smb.conf.pdc I added shares netlogon, homes,... in smb.conf.sv-itgroup I added installs and drivers shares. I network neighbourhood I see each servers, but they have the same shares; the same as pdc has. I logs I see the loading of smb.conf.sv-itgroup, but the result isnt appearing. Somebody can help me? Cly From jseymour at LinxNet.com Sun Nov 12 16:05:14 2000 From: jseymour at LinxNet.com (James S.Seymour) Date: Tue Dec 2 02:32:19 2003 Subject: NTW 4.0 Workstation Admin Rights In-Reply-To: <20000911233519.E02BC4301@jimsun.LinxNet.com> Message-ID: <20001112160515.4CA9C4301@jimsun.LinxNet.com> jseymour@linxnet.com (Jim Seymour) wrote: > "Roman, James (J.D.)" wrote: > > > > As best as I can tell, 2.0.7 only provides you with one option for > this type > > of administration. If you set the > > > > domain admin group = @unixgroupname > > (make sure you have the @ sign) > > > > This will allow everyone who logs in to the workstations to have > local admin > > rights. ... > [remainder snipped] > > Just to close-up this thread (maybe), here's what I found works: 1. Logged on as the *workstation* Admin account, gave the user workstation Admin rights. 2. Logged on to the NT Domain account as the user, gave the user's *domain* account workstation Admin rights. This gives the user, whether logged on under the workstation "domain" or the NT Domain, workstation Admin rights. Thus, server-based scripts that set time, setup routing, etc. will work. A down-side to this is that you have to do it for each user on each workstation. I suppose the other option might be to go the "domain admin group" route, create an "administrator" user, and somehow get this stuff to execute on boot as a service, or whatever. I've done things like that before, but don't recall exactly how I accomplished it. Anyway, method #1 worked for me. Of course, there are workstation security implications. Regards, Jim -- Jim Seymour | PGP Public Key available at: jseymour@jimsun.LinxNet.com | http://www.cam.ac.uk.pgp.net/pgpnet/wwwkeys.html http://jimsun.LinxNet.com | http://www.trustcenter.de/cgi-bin/SearchCert.cgi From anders at aae.wisc.edu Sun Nov 12 14:27:21 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k domain logon problem (repost) In-Reply-To: ; from torne@i.am on Sun, Nov 12, 2000 at 10:34:15AM -0000 References: Message-ID: <20001112202721.A13536@anders-ibm.dyn.dhs.org> Did you make sure that the netologon service is enabled on your Windows 2000 machine.? --Anders On Sun, Nov 12, 2000 at 10:34:15AM -0000, Torne Wuff wrote: > I got my Win2k machine to join the domain with no problems, by usignt he > patch posted to this list and authenticating as root - but when I try to log > on to the domain (from the win2k logon prompt) I get 'The netlogon service > is not running on the machine'. What does this mean? I have a netlogon share > that contains a dummy logon script. > > smb.conf attached below. > > Thanks, > > Torne Wuff (torne@i.am) > Wolf cub, programmer, and too much to list > Visit me at http://come.to/torne > or track me down on ICQ as 10345149 > > [global] > workgroup = GBD000CD > netbios name = FOXIE > interfaces = 192.168.10.4/24 127.0.0.1/32 > bind interfaces only = Yes > encrypt passwords = Yes > map to guest = Bad User > username map = /usr/local/samba/private/users.map > name resolve order = lmhosts wins host bcast > time server = Yes > load printers = No > domain admin users = torne > logon script = logon.bat > logon drive = h: > domain logons = Yes > os level = 65 > preferred master = True > domain master = True > wins support = Yes > socket address = 192.168.10.4 127.0.0.1 > invalid users = tinydns dnslog root dnscache > admin users = torne > hosts allow = 192.168.10. 127.0.0.1 > > [netlogon] > comment = Domain logon service > path = /usr/local/samba/public/netlogon > browseable = No > > [homes] > read only = No > browseable = No > From D.Bannon at latrobe.edu.au Mon Nov 13 04:34:36 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:19 2003 Subject: W2K and Profiles (Under Samba 2.2) In-Reply-To: <3A0D7FB6.F363F13E@erc.de> References: <3.0.6.32.20001030090956.0079dbc0@bioserve.latrobe.edu.au> Message-ID: <3.0.6.32.20001113153436.008aaea0@bioserve.latrobe.edu.au> At 06:19 PM 11/11/2000 +0100, Georg Lutz wrote: >Hi David, > >> W2K is not going to honour NTCONFIG.POL after build 2128 (I'm using 2195). >did you tested it meanwhile? George, I have not, sorry. I got caught up in a bit of a fuss here (nothing to do with samba). I do hope to test it in a day or so. However JFM has indicated to me that he thinks it does work. And that's because W2K is running in legasy mode, it runs like an NT therefore must honour NT policies. Lets hope ! I'll post a message as soon as I know (or hear from someone else). David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Mon Nov 13 04:56:14 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k domain logon problem (repost) In-Reply-To: Message-ID: <3.0.6.32.20001113155614.008fda50@bioserve.latrobe.edu.au> At 10:34 AM 12/11/2000 -0000, Torne Wuff wrote: >I got my Win2k machine to join the domain with no problems, by usignt he >patch posted to this list and authenticating as root - but when I try to log >on to the domain (from the win2k logon prompt) I get 'The netlogon service >is not running on the machine'. What does this mean? I have a netlogon share >that contains a dummy logon script. As a matter of interest, what version of samba are you using ? ie if 2.2 then is it the 'snapshot' samba2.2alpha0 or is it a cvs download ? Such information is very important when posting questions. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From dyaya_2000 at yahoo.com Mon Nov 13 06:59:59 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k login problem References: <20001111200114.799F27EB9@lists.samba.org> Message-ID: <00a201c04d3f$5746a5a0$8d030201@smutu1> > Date: Sat, 11 Nov 2000 17:59:02 +0100 > From: ben > To: samba-ntdom@us5.samba.org > Subject: Win2k login problem > > The Win2k can see the server in the network neighbourhood and access any > public share. > A connection to server with 'smbclient' works fine. > The 'createuser' command works as well and I created a trust account for > my Win2k client and a few user accounts. I don't know what your OS is. I am using Linux RH6.1. You don't need to createuser as trust account in smbpasswd file, but you must add machine trust account in /etc/passwd. > But when I authenticate from the client to enter the domain, I get the > following error: > "The account used is a computer account. Use your global account or > local user account to access this server". > Is it a known problem ? Yup, that mean you must use user in smbpasswd file [Domain-Samba Users]. > What kind of account must I create on the server to authenticate the > client ? > Domain-Samba Users. If you want to login from Win2K to Samba Domain, you must setting Domain of Win2K to Samba Domain. In this case you must joining Samba Domain. Then you can loging from Win2K to Samba domain using Domain Users. Tng users, please see: http://www.samba-tng.or/ yaya From anders at aae.wisc.edu Sun Nov 12 21:40:22 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:19 2003 Subject: Win2k domain logon problem (repost) In-Reply-To: ; from torne@i.am on Mon, Nov 13, 2000 at 08:40:32AM -0000 References: <20001112202721.A13536@anders-ibm.dyn.dhs.org> Message-ID: <20001113034021.A14289@anders-ibm.dyn.dhs.org> Well, I'd strongly suggest increase your debug leve to about 10 and see what's happening. I'd also suggest that you temporarily remove some stuff from your smb.conf to debug (like interfaces, allowed hosts, admin user =, invalid user=, domain map =... etc..) Just to see if that helps... i.e. the logic of samba might be deny root access, but yourself _beeing_ admin user= (i.e. giving you uid 0) Try first removing root from the "invalid users" list. I poked around in the source to see if this could be true and I found a few places where it "possibly" could get the username based on uid. --Anders On Mon, Nov 13, 2000 at 08:40:32AM -0000, Torne Wuff wrote: > Yes, it runs automatically on startup. > I don't know whether it means the win2k machine or the samba system - it > just says 'the' machine, another triumph of MS human interfacing =) > > I'm using SAMBA_2_2 from CVS, dated November 3, and the patch from this list > that allows win2k machines to join the domain successfully. Would CVSing a > new version help? > > Torne > > > > Did you make sure that the netologon service is enabled on your > > Windows 2000 machine.? > > > > --Anders > > > > On Sun, Nov 12, 2000 at 10:34:15AM -0000, Torne Wuff wrote: > > > I got my Win2k machine to join the domain with no problems, by usignt he > > > patch posted to this list and authenticating as root - but when > > I try to log > > > on to the domain (from the win2k logon prompt) I get 'The > > netlogon service > > > is not running on the machine'. What does this mean? I have a > > netlogon share > > > that contains a dummy logon script. > > > > > > smb.conf attached below. > > > > > > Thanks, > > > > > > Torne Wuff (torne@i.am) > > > Wolf cub, programmer, and too much to list > > > Visit me at http://come.to/torne > > > or track me down on ICQ as 10345149 > > > > > > [global] > > > workgroup = GBD000CD > > > netbios name = FOXIE > > > interfaces = 192.168.10.4/24 127.0.0.1/32 > > > bind interfaces only = Yes > > > encrypt passwords = Yes > > > map to guest = Bad User > > > username map = /usr/local/samba/private/users.map > > > name resolve order = lmhosts wins host bcast > > > time server = Yes > > > load printers = No > > > domain admin users = torne > > > logon script = logon.bat > > > logon drive = h: > > > domain logons = Yes > > > os level = 65 > > > preferred master = True > > > domain master = True > > > wins support = Yes > > > socket address = 192.168.10.4 127.0.0.1 > > > invalid users = tinydns dnslog root dnscache > > > admin users = torne > > > hosts allow = 192.168.10. 127.0.0.1 > > > > > > [netlogon] > > > comment = Domain logon service > > > path = /usr/local/samba/public/netlogon > > > browseable = No > > > > > > [homes] > > > read only = No > > > browseable = No > > > > > > > From laage at ulm.temic-semi.de Mon Nov 13 13:22:33 2000 From: laage at ulm.temic-semi.de (Mattias Laage) Date: Tue Dec 2 02:32:19 2003 Subject: spool directory Message-ID: <3A0FEB19.6D328376@ulm.temic-semi.de> hi *, in my configuration, all printfiles sent to samba printers are temporarily stored in /tmp . Is there any way to determine an other spooling directory ? thank you Mattias Laage ATMEL Wireless & Microcontrollers, CAD Services Lise-Meitner-Str. 15, D 89081 ULM Phone: +49 731 5094 210, Fax: +49 731 5094 288 mailto:mattias.laage@ulm.temic-semi.de http://www.atmel-wm.com From marcus at hamburg.de Mon Nov 13 14:38:29 2000 From: marcus at hamburg.de (Marcus Henschel) Date: Tue Dec 2 02:32:19 2003 Subject: samba2.0.7 Message-ID: hi all, i am using samba 2.0.7 on my hp9000 (hpux10.20) and i want this machine to work as a primary domain controller for my nt-workstations (winnt4.0 service pack 5). Is it possible to use my running samba configuration to run samba as a pdc or do i need to install (via cvs) samba2.2 ? regards marcus -- Marcus Henschel marcus [at] hamburg.de 20357 Hamburg From smoky at secsi.net Mon Nov 13 14:38:33 2000 From: smoky at secsi.net (q) Date: Tue Dec 2 02:32:19 2003 Subject: spool directory In-Reply-To: <3A0FEB19.6D328376@ulm.temic-semi.de> Message-ID: determine, or specify? determine: the only other place printer spool directories are defined is in /etc/printcap specify: in smb.conf, in the section where you're defining your printer, the parameter 'path = ' will define where the temp files will go. remember that this directory must have proper permissions set. On Mon, 13 Nov 2000, Mattias Laage wrote: > hi *, > > in my configuration, all printfiles sent to > samba printers are temporarily stored in /tmp . > > Is there any way to determine an other spooling directory ? > > thank you > > > Mattias Laage > > ATMEL Wireless & Microcontrollers, CAD Services > Lise-Meitner-Str. 15, D 89081 ULM > Phone: +49 731 5094 210, Fax: +49 731 5094 288 > mailto:mattias.laage@ulm.temic-semi.de > http://www.atmel-wm.com > > > From stan at power.eng.McMaster.CA Mon Nov 13 14:46:29 2000 From: stan at power.eng.McMaster.CA (Stan Zolinski) Date: Tue Dec 2 02:32:19 2003 Subject: Unable to recieve administrator priv. Message-ID: <001001c04d80$821598e0$0cb87182@pct13zolinski> I am finally running Samba 3.0 (HEAD) as a PDC for win2000. Unfortunately I can't seem to give myself administrative privileges. Can someone please help?? Thank you Stan Zolinski McMaster University -------------- next part -------------- HTML attachment scrubbed and removed From marcus at hamburg.de Mon Nov 13 15:33:14 2000 From: marcus at hamburg.de (Marcus Henschel) Date: Tue Dec 2 02:32:19 2003 Subject: AW: samba2.0.7 In-Reply-To: <3A100391.793CC57D@grainsystems.com> Message-ID: i already tried that out, but without success. the book "using samba" (o'reilly) said that pdc functionality for winnt clients is present only by using samba 2.1. marcus -----Urspr?ngliche Nachricht----- Von: Kevin Colby [mailto:kevinc@grainsystems.com] Gesendet: Montag, 13. November 2000 16:07 An: Marcus Henschel Betreff: Re: samba2.0.7 For NT4, 2.0.7 should work for basic functionality. The real push for 2.2 is due to Win2000 clients (which many people now have, like it or not). - Kevin Colby kevinc@grainsystems.com Marcus Henschel wrote: > > hi all, > > i am using samba 2.0.7 on my hp9000 (hpux10.20) and i want this machine to > work as a primary domain controller for my nt-workstations (winnt4.0 service > pack 5). Is it possible to use my running samba configuration to run samba > as a pdc or do i need to install (via cvs) samba2.2 ? > > regards marcus > > -- > Marcus Henschel marcus [at] hamburg.de > 20357 Hamburg From Eddie.Wimberly at robins.af.mil Mon Nov 13 15:36:24 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:19 2003 Subject: win2k logins - which branch? Message-ID: Question 1: Which branch contains working win2k login code? Question 2: Is there a place to download the latest code in tar format? I can't use cvs from my site. And going thru cvsweb is quite tedious. Eddie From jbeauchamp at gesinc.com Mon Nov 13 19:36:30 2000 From: jbeauchamp at gesinc.com (James W. Beauchamp) Date: Tue Dec 2 02:32:19 2003 Subject: samba2.0.7 References: Message-ID: <003101c04da9$09e099a0$1d01a8c0@internal.net> Marcus: 2.0.7 will work as a PDC (with some limitations) check out David Bannon's web page for more info on the proper setup., etc. http://bioserver.latrobe.edu.au/samba/ James ----- Original Message ----- From: "Marcus Henschel" To: Sent: Monday, November 13, 2000 6:38 AM Subject: samba2.0.7 > hi all, > > i am using samba 2.0.7 on my hp9000 (hpux10.20) and i want this machine to > work as a primary domain controller for my nt-workstations (winnt4.0 service > pack 5). Is it possible to use my running samba configuration to run samba > as a pdc or do i need to install (via cvs) samba2.2 ? > > regards marcus > > -- > Marcus Henschel marcus [at] hamburg.de > 20357 Hamburg > > > From gary.leydon at yale.edu Mon Nov 13 16:39:41 2000 From: gary.leydon at yale.edu (Gary Leydon) Date: Tue Dec 2 02:32:19 2003 Subject: security=user vs security=share and browsing, printers guests..etc Message-ID: <4.1.20001113113923.00b78c20@kafka.med.yale.edu> I've got samba v2.0.6 running on mandrake v7.0, kernel 2.2.14. What I want to do is set up all my printers in /etc/printcap to be accessible to any Win user without needing a password. This only seems to work if I use security = share and then specify guest ok in the [printers] section. When I have security = user and then go to a win nt v4.0 post sp5 and try to find the computer via start find/computer it doesn't find the server. It also fails if I just try to create a printer via \\SAMBA\myprinter. If I go look at log.smb ( i've got log level set to 3) I can see that there is a negotiation occuring and ultimately the server says can't find password for user x and it fails. I thought that guest ok and or guest account = x would let anyone connect to or browse shares and indeed this does work but ONLY if I've got user=share. Is this just the way it works or is there something I'm missing. I've got use encrypted passwords on. If you set security = users then you have to create a unix and smbpasswd account for every user on any machine you want to allow to user and or browse printers ( or shares with guest ok?) thanks for any insight gary.leydon@yale.edu Gary Leydon Gary.Leydon@Yale.Edu Section Of Neurobiology Yale University School of Medicine From jordi2242 at hotmail.com Mon Nov 13 16:53:59 2000 From: jordi2242 at hotmail.com (Jordi M) Date: Tue Dec 2 02:32:19 2003 Subject: samba2.0.7 Message-ID: Yes, it is, but it is not perfect. Check this: http://bioserve.biochem.latrobe.edu.au/samba/ >From: "Marcus Henschel" >To: >Subject: samba2.0.7 >Date: Mon, 13 Nov 2000 15:38:29 +0100 > >hi all, > >i am using samba 2.0.7 on my hp9000 (hpux10.20) and i want this machine to >work as a primary domain controller for my nt-workstations (winnt4.0 >service >pack 5). Is it possible to use my running samba configuration to run samba >as a pdc or do i need to install (via cvs) samba2.2 ? > >regards marcus > >-- >Marcus Henschel marcus [at] hamburg.de >20357 Hamburg > > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. From barth at cck.uni-kl.de Mon Nov 13 17:39:19 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:19 2003 Subject: security=user vs security=share and browsing, printers guests..etc In-Reply-To: <4.1.20001113113923.00b78c20@kafka.med.yale.edu> Message-ID: <3A103557.17184.23F3940@localhost> > for user x and it fails. I thought that guest ok and or guest account = x > would let anyone connect to or browse shares and indeed this does work but > ONLY if I've got user=share. Did you have a look at the "map to guest" parameter? Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From reiniger at sun03.promatis.de Mon Nov 13 18:39:45 2000 From: reiniger at sun03.promatis.de (Oliver Reiniger) Date: Tue Dec 2 02:32:19 2003 Subject: rpc_parse Buffer overflow Message-ID: <3A103571.A4EC323E@promatis.de> Hi there i have a SuSE 6.4 Server set up as PDC (Samba 2.0.6) and Domain Logins are working fine. I have now added a NT Server to the Domain which was ok too. But on this machine there is an ORACLE product called "Express" running. This one need to have some local users with special rights on NT like "replace a Token on process level". After I added this Server to the domain the Express service won't start any more (Error 58). I've found out, that - although the initialization-users a defined localy - this server performs a RPC request to the PDC (Samba) which results in a log error: rpc_parse/parse_rpc.c:prs_grow(126) prs_grow: Buffer overflow - unable to expand buffer by 2 bytes. I've found out that switching the nmb-protocol to COREPLUS this RPC-Lookup succeeds but then I'm not longer able to mount my shares nor do I have a domain-login anymore. How can get both of the Protocols work together or is there any other workaround? Regards Oliver -- --------------------------------------- Oliver Reiniger -- Berater PROMATIS AG Badhausweg 5 76307 Karlsbad, Deutschland Tel.: +49 (7248) 926 300 -- Fax: +49 (7248) 926 119 mailto:oliver.reiniger@PROMATIS.de http://www.promatis.de From anders at aae.wisc.edu Mon Nov 13 07:26:38 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:19 2003 Subject: Unable to recieve administrator priv. In-Reply-To: <001001c04d80$821598e0$0cb87182@pct13zolinski>; from stan@power.eng.McMaster.CA on Mon, Nov 13, 2000 at 09:46:29AM -0500 References: <001001c04d80$821598e0$0cb87182@pct13zolinski> Message-ID: <20001113132637.A27163@anders-ibm.dyn.dhs.org> HEAD is _far_ from beeing a stable release. the only suggestion i have is the "admin users =" parameter. Did you look at David Bannons FAQs? Also, I'd recommend using the SAMBA_2_2 Branch, as it's functionality does not differ a lot from HEAD, and it's on it's way to become the stable branc. --Anders On Mon, Nov 13, 2000 at 09:46:29AM -0500, Stan Zolinski wrote: > I am finally running Samba 3.0 (HEAD) as a PDC for win2000. Unfortunately I can't seem to give myself administrative privileges. Can someone please help?? > Thank you > > Stan Zolinski > McMaster University From ccouple1 at swarthmore.edu Mon Nov 13 20:44:25 2000 From: ccouple1 at swarthmore.edu (ccouple1@swarthmore.edu) Date: Tue Dec 2 02:32:19 2003 Subject: explorer craps out... Message-ID: <20001113154425.B27069@swarthmore.edu> I have samba 2.0.7 running on a va/redhat-6.1 system, using domain authentication. When logging into the samba server from an NT4 session (via citrix), I am able to add/drop/adjust access permissions for objects on the samba server, by right-clicking the object, selecting the properties window, selecting the security tab, and then clicking the Add or Remove buttons, or double-clicking the username. When trying to reprise these actions from my Win2000 box, clicking the Add or Remove buttons from within the security page of the properties window sends explorer.exe into paralysis. I've seen reports of this elsewhere on the net, but haven't run across any solutions. Has anyone else? thanks, chris From glatt at srl.caltech.edu Mon Nov 13 22:07:49 2000 From: glatt at srl.caltech.edu (Chuck Glatt) Date: Tue Dec 2 02:32:20 2003 Subject: NIS/NT encrypted authentication Message-ID: <4.2.2.20001113140133.00af0790@lodur.srl.caltech.edu> NIS runs here mainly. We need to extract Windows users' plain-text password from the NT Hash and convert it to the Samba server's UNIX password hash. What's going on to make this happen? From D.Bannon at latrobe.edu.au Mon Nov 13 22:38:27 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:20 2003 Subject: win2k logins - which branch? In-Reply-To: Message-ID: <3.0.6.32.20001114093827.008a6af0@bioserve.latrobe.edu.au> At 10:36 AM 13/11/2000 -0500, Wimberly Eddie Contr WRALC/LYSFR wrote: >Question 1: Which branch contains working win2k login code? Only the cvs one. >Question 2: Is there a place to download the latest code in tar format? No, if you cannot do a cvs then maybe I'll have to mail you a tar. But if you are going to follow the fun you will really need cvs. Whats the problem, a firewall ? > I can't use cvs from my site. And going thru cvsweb is >quite tedious. Yes, I can imagine. ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From anders at aae.wisc.edu Mon Nov 13 10:48:14 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:20 2003 Subject: NIS/NT encrypted authentication In-Reply-To: <4.2.2.20001113140133.00af0790@lodur.srl.caltech.edu>; from glatt@srl.caltech.edu on Mon, Nov 13, 2000 at 02:07:49PM -0800 References: <4.2.2.20001113140133.00af0790@lodur.srl.caltech.edu> Message-ID: <20001113164814.B28161@anders-ibm.dyn.dhs.org> On Mon, Nov 13, 2000 at 02:07:49PM -0800, Chuck Glatt wrote: > NIS runs here mainly. We need to extract Windows users' plain-text > password from the NT Hash and convert it to the Samba server's UNIX > password hash. What's going on to make this happen? > Not going to happend (except for possibly a dictionary cracker) Easiest to do is to have Samba update the passwords (look at smb.conf manpage and David Bannons FAQs at www.samba.org look under documentation BTW: samba stores encrypted passwords in the NT Hash for encrypted authentification and cannot use /etc/passwd encryption. (unless encrypted passwords = no, which gives you more problems. again: The FAQs) --Anders From anders at aae.wisc.edu Mon Nov 13 11:59:23 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:20 2003 Subject: NIS/NT encrypted authentication In-Reply-To: <4.2.2.20001113150322.00b3c440@lodur.srl.caltech.edu>; from glatt@srl.caltech.edu on Mon, Nov 13, 2000 at 03:23:37PM -0800 References: <4.2.2.20001113140133.00af0790@lodur.srl.caltech.edu> <4.2.2.20001113140133.00af0790@lodur.srl.caltech.edu> <20001113164814.B28161@anders-ibm.dyn.dhs.org> <4.2.2.20001113150322.00b3c440@lodur.srl.caltech.edu> Message-ID: <20001113175923.A547@anders-ibm.dyn.dhs.org> Samba will then authenticate against the smbpasswd (with user entiries in your passwd file required.) The update option does it so that next time you users change their samba password, samba will attempt to update the password in NIS as well. Again, the FAQs should have some info in this topic. --Anders On Mon, Nov 13, 2000 at 03:23:37PM -0800, Chuck Glatt wrote: > Thank you Anders for your answer. It looks like you're instructing to > generate smbpasswd with "pwdump2 [lsass.exe pid] > smbpasswd" and copy that > smbpasswd to the Linux machine. If we do this and have Samba update the > passwords, then can we automate NIS authentication encryption with Samba as > the NT Domain controller? > > Chuck > > -=-= > At 04:48 PM 11/13/00 +0600, Anders C. Thorsen wrote: From PCalkins at OEMSupport.com Tue Nov 14 00:48:44 2000 From: PCalkins at OEMSupport.com (Patrick Calkins) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? Message-ID: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> Sorry for the off topic, but does anyone know of a good text editor for use in windows for editing files residing on unix that does not put the dos EOL chars in, but uses the unix EOL chars instead?? Its a real pain changing the smb.conf file from within windows, only to have it mangled up when I edit it later with FreeBSD's ee program :o) thanks!! --Patrick From wilsong at sergievsky.cpmc.columbia.edu Tue Nov 14 01:51:25 2000 From: wilsong at sergievsky.cpmc.columbia.edu (Gary Wilson) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? References: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> Message-ID: <01a901c04ddd$678ed920$0a00a8c0@linux> I use UltraEdit. Try it. Get a copy at www.ultraedit.com Cheers, Gary ----- Original Message ----- From: "Patrick Calkins" To: "Samba-Ntdom (E-mail)" Sent: Monday, November 13, 2000 7:48 PM Subject: OT: Text Editor?? Sorry for the off topic, but does anyone know of a good text editor for use in windows for editing files residing on unix that does not put the dos EOL chars in, but uses the unix EOL chars instead?? Its a real pain changing the smb.conf file from within windows, only to have it mangled up when I edit it later with FreeBSD's ee program :o) thanks!! --Patrick From mgeddes at xavier.sa.edu.au Tue Nov 14 11:51:18 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? References: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> Message-ID: <3A112736.71D2CD17@xavier.sa.edu.au> Patrick Calkins wrote: > Sorry for the off topic, but does anyone know of a good text editor for use > in windows for editing files residing on unix that does not put the dos EOL > chars in, but uses the unix EOL chars instead?? Its a real pain changing the > smb.conf file from within windows, only to have it mangled up when I edit it > later with FreeBSD's ee program :o) > thanks!! > > --Patrick Try any windows port of vi. Something like gvim might be what you're after. Hope it helps, Matt From georgeh at mail.3ciusa.com Tue Nov 14 02:31:13 2000 From: georgeh at mail.3ciusa.com (George Homme) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? References: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> <3A112736.71D2CD17@xavier.sa.edu.au> Message-ID: <000c01c04de2$f61828e0$de7084ac@hppav> Great VI editor for windows is at: http://home.snafu.de/ramo/WinViEn.htm Try it, you'll love it! george ----- Original Message ----- From: "Matthew Geddes" To: "Patrick Calkins" Cc: "Samba-Ntdom (E-mail)" Sent: Tuesday, November 14, 2000 6:51 AM Subject: Re: OT: Text Editor?? > Patrick Calkins wrote: > > > Sorry for the off topic, but does anyone know of a good text editor for use > > in windows for editing files residing on unix that does not put the dos EOL > > chars in, but uses the unix EOL chars instead?? Its a real pain changing the > > smb.conf file from within windows, only to have it mangled up when I edit it > > later with FreeBSD's ee program :o) > > thanks!! > > > > --Patrick > > Try any windows port of vi. Something like gvim might be what you're after. > > Hope it helps, > Matt > From marcus at hamburg.de Tue Nov 14 10:21:22 2000 From: marcus at hamburg.de (Marcus Henschel) Date: Tue Dec 2 02:32:20 2003 Subject: runnig samba 2.0.7 as pdc on hpux 10.20 Message-ID: hi out there, can someone tell me how to run samba 2.0.7 as pdc on hpux 10.20 for winnt workstations (sp5)? i am using a hp9000 715/50 and already looked up the "Samba 2.0.x as a Primary Domain Controller" howto, but i always get the error message " Unable to connect to the domain controller for this domain. Have your administrator check your computer account on the domain". to my mind the main problem is to creat the right entries in the /etc/passwd. on hpux there is no "adduser" that creats the entries needed to run a pdc. i already tried "useradd", without success. regards Marcus Henschel -- Marcus Henschel marcus [at] hamburg.de 20357 Hamburg From MelonJ at SJHS.com Tue Nov 14 12:55:26 2000 From: MelonJ at SJHS.com (Melon, Jack) Date: Tue Dec 2 02:32:20 2003 Subject: From NO_SAM to NT_STATUS_ACCESS_DENIED Message-ID: <33C8D06369B7D11181A3006008C65E190159EAFD@VLDEXCHANGE> Thank you all for your help. The NT Admin got back to me because even though he had deleted my account, Server Manager wouldn't allow him to add me back in because he was still seeing the Linux box. I had to stop smb and a couple of hours later, my old account went away. He added me back in and I was able to join the domain. But... 20 minutes later, I'm getting: cli_net_auth2: Error NT_STATUS_ACCESS_DENIED cli_nt_setup_creds: auth2 challenge failed modify_trust_password: unable to setup the PDC credentials 2000/11/13 15:11:26 : change_trust_account_password: Failed to change password for domain Unable to join domain CORPORATE (different than the No Trust Sam Account error, but I'm back on the outside). He swears he didn't change anything and I know I didn't. Any ideas.? >Your NT Administrator needs to delete the reference to your machine, re-add it, >and then let you know. Once he does that, then you can perform the >Smbpasswd -j corporate -r vldpdc1. You can explain to him that the current >machine listed in the Server Manager has a different SID (Security ID) than >your current Linux machine. >> -----Original Message----- >> Subject: NT_STATUS_NO_TRUST_SAM_ACCOUNT >> I'm using samba-2.0.4b-19990519 and am trying to become a member of an NT >> domain. I've read the Samba, smbpasswd, & smb.conf man pages, NTDomain FAQ >> and the documents that accompany Samba-2 (i.e. DOMAIN_MEMBER.txt, Win95.txt, >> WinNT.txt). >> When I try to Log-on the CORPORATE domain by: >> # /etc/rc.d/init.d/smb stop >> Shutting down SMB services: smbd nmbd >> # smbpasswd -j CORPORATE [or smbpasswd -j CORPORATE -r VLDPDC1] >> I get: >>cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT >>cli_nt_setup_creds: auth2 challenge failed >>modify_trust_password: unable to setup the PDC credentials to machine >>VLDPDC1. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT. >>2000/10/25 13:31:28 : change_trust_account_password: Failed to change >>password for domain CORPORATE >>Unable to join domain CORPORATE >>When I asked the NT Admin to add "Linux" to the NT domain on the PDC using >>Server Manager for Domains, his response was, "Linux is already in my Server >>Manager list as a Windows NT 4.2 Server with a description of Linux smb >>Server in Engineering." He has also made a reference to the older MS Lan >>Manager Client and that he's had problems in some cases where he had to have >>IPX installed (802.3 frame type) in addition to TCP/IP before domain logon >>was successful. >>My smb.conf includes: >>workgroup = CORPORATE >>server string = Linux smb Server in Engineering >>printing = bsd >>printcap name = /etc/printcap >>load printers = yes >>guest account = nobody >>log file = /var/log/samba-log%m >>max log size = 50 >>short preserve case = yes >>preserve case = yes >>lock directory = /var/lock/samba >>locking = yes >>strict locking = yes >>share modes = yes >>security = domain >>password server = VLDPDC1 >>socket options = TCP_NODELAY >>wins server = 10.102.7.71 Any help is appreciated. Jack From don.kibbey at finnegan.com Tue Nov 14 13:06:08 2000 From: don.kibbey at finnegan.com (Donald Kibbey) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? Message-ID: CodeWright 6.5 is smart enough to "know" when it's working with a unix file or a pc file. I use it to do all my editing on both HP-UX, Linux and NT systems. It only runs on Windoze though. Don Kibbey >>> Patrick Calkins 11/13/00 07:48PM >>> Sorry for the off topic, but does anyone know of a good text editor for use in windows for editing files residing on unix that does not put the dos EOL chars in, but uses the unix EOL chars instead?? Its a real pain changing the smb.conf file from within windows, only to have it mangled up when I edit it later with FreeBSD's ee program :o) thanks!! --Patrick From gcarter at valinux.com Mon Nov 13 23:37:17 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:20 2003 Subject: rpc_parse Buffer overflow References: <3A103571.A4EC323E@promatis.de> Message-ID: <3A107B2D.96C4A167@valinux.com> Oliver Reiniger wrote: > > After I added this Server to the domain the Express service > won't start any more (Error 58). I've found out, that - > although the initialization-users a defined localy - this > server performs a RPC request to the PDC (Samba) which > results in a log error: > rpc_parse/parse_rpc.c:prs_grow(126) > prs_grow: Buffer overflow - unable to expand buffer by 2 > bytes. Bad or incomplete RPC implementations in Samba 2.0 > I've found out that switching the nmb-protocol to COREPLUS > this RPC-Lookup succeeds but then I'm not longer able to > mount my shares nor do I have a domain-login anymore. MS-RPC requires NT1 for MS-RPC IIRC. While NT SMB may not be required, I've never seen it oevr anything by a negotiated NT1 session. CHeers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From aarjona at banistmo.com Tue Nov 14 13:58:13 2000 From: aarjona at banistmo.com (Arjona, Ariel) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? Message-ID: <9B6B824220DBD311BF5A1000974B43B32B61A9@EXCH05001> Try Editpad. Its freeware and is pretty nice. http://www.jgsoft.com There is a shareware version now with more features, but Editpad Classic is still available. -- Ariel Arjona Webmaster http://www.banistmo.com (aarjona@banistmo.com) ~ ~ :wq > -----Original Message----- > From: Patrick Calkins [mailto:PCalkins@OEMSupport.com] > Sent: Monday, November 13, 2000 7:49 PM > To: Samba-Ntdom (E-mail) > Subject: OT: Text Editor?? > > > Sorry for the off topic, but does anyone know of a good text > editor for use > in windows for editing files residing on unix that does not > put the dos EOL > chars in, but uses the unix EOL chars instead?? Its a real > pain changing the > smb.conf file from within windows, only to have it mangled up > when I edit it > later with FreeBSD's ee program :o) > thanks!! > > --Patrick > From ghvetter at state.nd.us Tue Nov 14 14:46:15 2000 From: ghvetter at state.nd.us (Vetter, Gary H.) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? Message-ID: EditPad Lite ( http://www.EditPadLite.com/ ) works OK. I haven't used it for directly editing files on a Unix box, but it does have options to convert a file to Unix, Macintosh, ROT-13, and a few others. -----Original Message----- From: Patrick Calkins [mailto:PCalkins@OEMSupport.com] Sent: Monday, November 13, 2000 6:49 PM To: Samba-Ntdom (E-mail) Subject: OT: Text Editor?? Sorry for the off topic, but does anyone know of a good text editor for use in windows for editing files residing on unix that does not put the dos EOL chars in, but uses the unix EOL chars instead?? Its a real pain changing the smb.conf file from within windows, only to have it mangled up when I edit it later with FreeBSD's ee program :o) thanks!! --Patrick From tschweikle at FIDUCIA.de Tue Nov 14 14:50:08 2000 From: tschweikle at FIDUCIA.de (tschweikle@FIDUCIA.de) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? Message-ID: <0057540007652131000002L412*@MHS> > Sorry for the off topic, but does anyone know of a good text > editor for use in windows for editing files residing on unix > that does not put the dos EOL chars in, but uses the unix EOL > chars instead?? [...] WinEdt will work for you, or, if you can miss a bit of comfort -- vim is available for Windows too. If you can't miss any comfort at all -- try the Windows port of emacs ;-) WinEdt: http://www.winedt.com/ vim: http://www.vim.org/ emacs: http://www.delorie.com/djgpp/ or http://www.gnu.org/software/emacs/windows/ntemacs.html -- Thomas From Jfig at mota-ca.pt Tue Nov 14 15:10:26 2000 From: Jfig at mota-ca.pt (Joao Figueiredo) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? Message-ID: Postcardware ;-) Jo?o Figueiredo jfig@mota-ca.pt -----Original Message----- From: Arjona, Ariel [SMTP:aarjona@banistmo.com] Sent: Ter?a-feira, 14 de Novembro de 2000 13:58 To: Samba-Ntdom2 (E-mail) Cc: Patrick Calkins Subject: RE: Text Editor?? Try Editpad. Its freeware and is pretty nice. http://www.jgsoft.com There is a shareware version now with more features, but Editpad Classic is still available. -- Ariel Arjona Webmaster http://www.banistmo.com (aarjona@banistmo.com) ~ ~ :wq > -----Original Message----- > From: Patrick Calkins [mailto:PCalkins@OEMSupport.com] > Sent: Monday, November 13, 2000 7:49 PM > To: Samba-Ntdom (E-mail) > Subject: OT: Text Editor?? > > > Sorry for the off topic, but does anyone know of a good text > editor for use > in windows for editing files residing on unix that does not > put the dos EOL > chars in, but uses the unix EOL chars instead?? Its a real > pain changing the > smb.conf file from within windows, only to have it mangled up > when I edit it > later with FreeBSD's ee program :o) > thanks!! > > --Patrick > From aarjona at banistmo.com Tue Nov 14 15:29:33 2000 From: aarjona at banistmo.com (Arjona, Ariel) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? Message-ID: <9B6B824220DBD311BF5A1000974B43B32B623A@EXCH05001> Yeah, Editpad Classic is still Postcardware. Now that you reminded me, I'll send Jan a couple used phone cards for his sister. :) Editpad Pro costs US$ 29.95 tho, but the feature list (http://www.editpadpro.com/editpadpro.html) is worth them. I'd have upgraded to Editpad Pro, but now I am an incurable Vim (http://www.vim.org) user, both in linux and windows :) BTW Vim hadles DOS/Unix files very well and has hundreds of features. > -----Original Message----- > From: Joao Figueiredo [mailto:Jfig@mota-ca.pt] > Sent: Tuesday, November 14, 2000 10:10 AM > To: 'Arjona, Ariel'; Samba-Ntdom2 (E-mail) > Cc: Patrick Calkins > Subject: RE: Text Editor?? > > > Postcardware ;-) > Jo?o Figueiredo > jfig@mota-ca.pt > > > > -----Original Message----- > From: Arjona, Ariel [SMTP:aarjona@banistmo.com] > Sent: Ter?a-feira, 14 de Novembro de 2000 13:58 > To: Samba-Ntdom2 (E-mail) > Cc: Patrick Calkins > Subject: RE: Text Editor?? > > Try Editpad. Its freeware and is pretty nice. > http://www.jgsoft.com > > There is a shareware version now with more features, but Editpad > Classic is > still available. > > -- > Ariel Arjona > Webmaster > http://www.banistmo.com (aarjona@banistmo.com) > ~ > ~ > :wq > > > > > -----Original Message----- > > From: Patrick Calkins [mailto:PCalkins@OEMSupport.com] > > Sent: Monday, November 13, 2000 7:49 PM > > To: Samba-Ntdom (E-mail) > > Subject: OT: Text Editor?? > > > > > > Sorry for the off topic, but does anyone know of a good text > > editor for use > > in windows for editing files residing on unix that does not > > put the dos EOL > > chars in, but uses the unix EOL chars instead?? Its a real > > pain changing the > > smb.conf file from within windows, only to have it mangled up > > when I edit it > > later with FreeBSD's ee program :o) > > thanks!! > > > > --Patrick > > > From larry at ptcoupling.com Tue Nov 14 15:40:38 2000 From: larry at ptcoupling.com (Larry McElderry) Date: Tue Dec 2 02:32:20 2003 Subject: Text Editor?? In-Reply-To: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> Message-ID: <000a01c04e51$3cbfbc90$01f4dd80@ptcoupling.com> If you don't mind a commercial product SlickEdit's a pretty good choice. Mainly intended as a programmer's editor, it works quite well with plain text. Also offers some great diff and comparison features as well as color syntax highlighting, templates, expansion, etc. Handles EOL automatically, though you must specify when creating new files. Available in Windows and X. > -----Original Message----- > From: samba-ntdom-admin@us5.samba.org > [mailto:samba-ntdom-admin@us5.samba.org]On Behalf Of Patrick Calkins > Sent: Monday, November 13, 2000 6:49 PM > To: Samba-Ntdom (E-mail) > Subject: OT: Text Editor?? > > > Sorry for the off topic, but does anyone know of a good text > editor for use > in windows for editing files residing on unix that does not > put the dos EOL > chars in, but uses the unix EOL chars instead?? Its a real > pain changing the > smb.conf file from within windows, only to have it mangled up > when I edit it > later with FreeBSD's ee program :o) > thanks!! > > --Patrick > From Prasad_Tangella at satyam.com Tue Nov 14 15:35:05 2000 From: Prasad_Tangella at satyam.com (Prasad_Tangella) Date: Tue Dec 2 02:32:20 2003 Subject: Connecting to Windows 2000 machines Message-ID: Hello, We have installed Samba server on a machine running SunOS. We are able to connect to it from Network Neighbourhood of the Windows NT machines. But, we are not able to connect to it from Windows 2000 machines. Could you please give us any suggestions? Thanks, Prasad. -------------- next part -------------- HTML attachment scrubbed and removed From gonzo at eng.lsu.edu Tue Nov 14 15:55:28 2000 From: gonzo at eng.lsu.edu (Steve Gonzales) Date: Tue Dec 2 02:32:20 2003 Subject: Locked NT Shares Message-ID: <000201c04e53$507411d0$ca192782@desgo1> I am trying to connect from a Win98 laptop dialing into a Linux dial in server which is a member of an NT Domain. I then attempt to net use into a Windows NT share. Dialing in works fine. PPP generates the PPP handshake stuff and I can continue. I do NOT get a Windows login screen; however, I can see the workstations and servers within the NT Domain. I can even see the shares associated with these boxes. When I try to go into one of these shares, the laptop locks up. Same thing in a Command Prompt if I try to Net Use * \\server\share. It looks like there is no SAM token given to the laptop; therefore, no NT authentication checks will succeed. Any ideas? TIA! Attached is my smb.conf without the comments. Steven C. Gonzales, MCSE, MCP+I Louisiana State University gonzo@eng.lsu.edu Division of Engineering Services 225.578.6069 (v) 3216G CEBA 225.578.5990 (f) Baton Rouge, LA 70803 -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 679 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001114/72d6e9df/smb.obj From Eddie.Wimberly at robins.af.mil Tue Nov 14 15:58:25 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? Message-ID: Textpad is also a good choice. http://www.textpad.com From read_a at univerahealthcare.org Tue Nov 14 16:33:13 2000 From: read_a at univerahealthcare.org (Adam Read) Date: Tue Dec 2 02:32:20 2003 Subject: createuser and samedit problems Message-ID: I am installing the newest build of the appliance and trying to get the samba box to authenticate to the PDC(NT box). Everything seems to install OK, but when I go to add the machine using createuser within samedit , i get: could not locate server for domain MYDOMAIN Does anyone have a man page or some documentation as to what the command line options for createuser mean. There is nothing I can find that helps. I also need to get winbindd working, but that depends on this. Do I just use smbpasswd to add it after adding it from server manager? Many thanks from a desperate man, Adam From kevinc at grainsystems.com Tue Nov 14 16:55:57 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? References: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> Message-ID: <3A116E9D.9DFC819C@grainsystems.com> It isn't vi-styled or even free, but a decent general editor for Win32 with custom syntax, tab->space, and Unix format options is EditPlus: http://www.editplus.com/ - Kevin Colby kevinc@grainsystems.com From jlmedina at mad-co.es.dhl.com Tue Nov 14 17:25:01 2000 From: jlmedina at mad-co.es.dhl.com (Jose Luis Medina) Date: Tue Dec 2 02:32:20 2003 Subject: (no subject) Message-ID: <3A11756D.EBB1D90E@mad-co.es.dhl.com> suscribe Jose Luis Medina -------------- next part -------------- A non-text attachment was scrubbed... Name: jlmedina.vcf Type: text/x-vcard Size: 586 bytes Desc: Card for Jose Luis Medina Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001114/a30ea29e/jlmedina.vcf From joseph at wigwamlab.com Tue Nov 14 20:31:30 2000 From: joseph at wigwamlab.com (Joseph Crawley) Date: Tue Dec 2 02:32:20 2003 Subject: remote samedit password change Message-ID: <3A11A122.83868FA1@wigwamlab.com> HEy, I'm running samba-tng alpha 2.6. I havwe established a domain and added users. When I try to run samedit remotely as anyone but root and update the connecting users password with samuserset it fails. This works on the samba server but not on any other machine. I set up a trust account for the connecting machine but this made no diffrence. Does anyone have any ideas? thanks Joseph -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2484 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001114/a46d18b0/smime.bin From IJamison at iss-asvc.com Tue Nov 14 21:38:10 2000 From: IJamison at iss-asvc.com (Ian Jamison) Date: Tue Dec 2 02:32:20 2003 Subject: OT: Text Editor?? References: <20DD62956F435141ACDA69B2989B446B309CDF@orion.oem.oemsupport.com> <3A116E9D.9DFC819C@grainsystems.com> Message-ID: <3A11B0C2.A0DD1D3@iss-asvc.com> Hi All, I'm a little surprised that noone's mentioned Vile (or more specifically Winvile or XVile). This is Vi (Like Emacs) - Emacs multibuffer and macro smarts but Vi finger feel. I've been using it daily for more years than I'd care to remember and think it's basically the dog's grundies [i.e. v.good]. It's free and available on a plethora of platforms, including NT console and native Windows variants. See http://dickey.his.com/vile/vile.html for a starter. 'Bye, IanJ. From D.Bannon at latrobe.edu.au Tue Nov 14 22:15:45 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:20 2003 Subject: Connecting to Windows 2000 machines In-Reply-To: Message-ID: <3.0.6.32.20001115091545.008cd100@bioserve.latrobe.edu.au> At 09:05 PM 14/11/2000 +0530, Prasad_Tangella wrote: > Hello, We have installed Samba server on a machine running SunOS. We >are able to connect to it from Network Neighbourhood of the Windows NT >machines. But, we are not able to connect to it from Windows 2000 >machines. Could you please give us any suggestions? Thanks, >Prasad. Please read the PDC FAQ and HowTo. It will tell you what versions will do what you want, how to get it, how to do it and make a few suggestions about what information you should include when posting a question to this list. Go to a Samba mirror near you, click on 'Documentation' and then on one of the links on the right hand side. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From ringram at acpl.lib.wy.us Wed Nov 15 01:39:15 2000 From: ringram at acpl.lib.wy.us (Russel Ingram) Date: Tue Dec 2 02:32:21 2003 Subject: process_logon_packet(70) message ? Message-ID: Can somebody tell me what this message in my logs means: [2000/11/14 18:21:23, 1] nmbd/nmbd_processlogon.c:process_logon_packet(70) process_logon_packet: Logon from XXX.XXX.XXX.XXX: code = 0x7 this is from the logs of a samba 2.0.7 server that is running as a (somewhat limited) PDC. I'm having a lot of strangeness in dealing with profiles and privileges and am trying to track down what the problem is. I'm wondering if this is related. Thanx, Russ Russel Ingram Albany County Public Library Laramie, WY 82070 http://acpl.lib.wy.us From mike.j.johnston at worldnet.att.net Tue Nov 14 19:11:30 2000 From: mike.j.johnston at worldnet.att.net (Michael Johnston) Date: Tue Dec 2 02:32:21 2003 Subject: I can't get Samba 2.07 to work in RD 7.0 Message-ID: <009001c04e6e$b2cf6800$020a0a0a@warewolf> Can someone help find out why I can't get samba to work? It seems like RedHat changes everything around when a new version is released. For some reason when I do a "/etc/rc.d/init.d/smb start", both smbd and nmbd start, but they only stay stared for about 30 seconds. When I try to start the daemons in SWAT under services it takes about 2 minutes to refresh and then it tells me that they are still not started. What am I doing wrong?? I'm going to kill myself if it's something easy. Below is a copy of my smb.conf file (That is now in /etc/samba/ because Redhat decided to move it so no samba document would be easy to follow) and my xinetd.conf (Because Redhat thought inetd.conf was to easy to find). Thanks again! Mike Johnston # Samba config file created using SWAT # from 10.10.10.2 (10.10.10.2) # Date: 2000/11/14 03:56:15 # Global parameters [global] workgroup = PROFALT netbios name = LIN_SMB server string = Linux Samba encrypt passwords = Yes map to guest = Bad User username map = /etc/samba/smbusers log file = /var/log/samba/%m.log max log size = 0 preferred master = Yes domain master = Yes dns proxy = No wins server = 10.10.10.1 remote announce = 10.10.10.255 remote browse sync = 10.10.10.255 printing = lprng [printers] comment = All Printers path = /var/spool/samba printable = Yes browseable = No [public] comment = Shared files path = /johnston/stuff writeable = Yes create mask = 0777 guest only = Yes guest ok = Yes _____________________________________________________ # Simple configuration file for xinetd # # Some defaults, and include /etc/xinetd.d/ defaults { instances = 60 log_type = SYSLOG authpriv log_on_success = HOST PID log_on_failure = HOST RECORD } includedir /etc/xinetd.d -------------- next part -------------- HTML attachment scrubbed and removed From ralf.luettgens at rheinland-versicherungen.de Wed Nov 15 06:59:08 2000 From: ralf.luettgens at rheinland-versicherungen.de (ralf.luettgens@rheinland-versicherungen.de) Date: Tue Dec 2 02:32:21 2003 Subject: Connection problems from NT4.0 to Samba with password protect share Message-ID: Hello together, we are running Samba version 1.9.16p9 on Dynix/PTX. I've create the following share : [cc_web] comment = Directory-Austausch von NT nach UNIX path = /transfer/call_center/webdata user = dummy read only = no Then i create a user "dummy" on the unix system. On the NT 4.0 SP5 Client i create the Reg-Key "EnablePlainTextPassword" with the value 1 under HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Rdr. Then i try to connect to the share via explorer and i get the error message: Wrong User or Password. Then i click ok and the Client System ask me again for User and password, i shut down and restart the samba server and click then ok on the client, the connection works. Have somebody a suggestion how can i solve this problem. Thanks Ralf L?ttgens IT/ST DBA-TEAM --------------------------------------------------------------------------- fon: ++49 2131/290-483 fax: ++49 2131/290-419 E-Mail: ralf.luettgens@rheinland-versicherungen.de --------------------------------------------------------------------------- From k.blin at gmx.net Wed Nov 15 07:40:56 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:21 2003 Subject: Connection problems from NT4.0 to Samba with password protect share In-Reply-To: ; from ralf.luettgens@rheinland-versicherungen.de on Wed, Nov 15, 2000 at 07:59:08AM +0100 References: Message-ID: <20001115084056.A23017@molgen-6.iah.medizin.uni-tuebingen.de> * ralf.luettgens@rheinland-versicherungen.de [15/11/00, 07:59:08]: > Hello together, Uh, Germany, right? > we are running Samba version 1.9.16p9 on Dynix/PTX. I've create the > following share : [...] > Have somebody a suggestion how can i solve this problem. Well, I think I don't have the ultimate answer for you (ok, it's 42, but never mind) but perhaps you should try upgrading to a newer version of samba, since NT support really improved? HTH Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- This here's the wattle, The emblem of our land. You can stick it in a bottle; You can hold it in your hand. Amen! -- Monty Python From k.blin at gmx.net Wed Nov 15 07:49:29 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:21 2003 Subject: PDC AND SAMBA In-Reply-To: ; from mallik@scatech.com on Tue, Oct 31, 2000 at 05:16:05PM -0600 References: Message-ID: <20001115084929.B23017@molgen-6.iah.medizin.uni-tuebingen.de> * Mallik [31/10/00, 17:16:05]: > Hi , > I have my LAN setup with 2 NT servers as PDC and BDC. My linux box > is a member of the PDC with DHCP ip address. I ran samba in the hope that > usernames in my linuxbox can use the same password as the PDC password > list on the password server(pdc). when samba ran it had become the pdc > automatically . All i added was the password server address to the pdc > intranet ip in smb.conf and ran a smbpasswd on my local users. Hm.. I don't know what the os level option does to the DC functionality, but there is an option for samba becoming domain master browser, and in smb, this has the same machine code (or whatever this is called) as the PDC. IIRC it's <1B>. So you should set all the preferred master, domain master options to no and set os level to 0. > My question is > why did'nt the PDC on NT Server let my linux box take over as PDC > especially when i didnt supply any network-admin username/password in my > smb.conf If my way of thining is right, you just had your samba set up to win all browser elections. So it would just have the same code (this <1B> thing) as the PDC of yours.. Perhaps one of the gurus has a better idea, though.. HTH Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- This here's the wattle, The emblem of our land. You can stick it in a bottle; You can hold it in your hand. Amen! -- Monty Python From Florent.Boucher at cnrs-imn.fr Wed Nov 15 08:26:52 2000 From: Florent.Boucher at cnrs-imn.fr (Florent Boucher) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? Message-ID: <3A1248CC.F53EF635@cnrs-imn.fr> Dear colleges, we are planning to use sambe in place of our NT PDC. So we have define samba to be a logon server for windows and it works. The security option is user in order to use the UNIX/NIS password file. The only problem we have for the moment is to change the password from the windows tool box. This option works only if we define the user in the smbpassword file located in /usr/local/samba/private. We do not like this option as we would like to have only one password file, the file coming with the NIS. So is it possible to tell samba to change only the NIS password file only when a request is made from windows. We don not want that samba look for the file smbpassword as we are not planning to maintain this file. Thank you for a precise answer. Florent -- -------------------------------------------------------------------------- | Florent BOUCHER | | | Institut des Mat?riaux Jean Rouxel | Mailto:Florent.Boucher@cnrs-imn.fr | | 2, rue de la Houssini?re | Phone: (33) 2 40 37 39 24 | | BP 32229 | Fax: (33) 2 40 37 39 95 | | 44322 NANTES CEDEX 3 (FRANCE) | http://www.cnrs-imn.fr | -------------------------------------------------------------------------- -------------- next part -------------- A non-text attachment was scrubbed... Name: Florent.Boucher.vcf Type: text/x-vcard Size: 399 bytes Desc: Card for Florent Boucher Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001115/45ddb019/Florent.Boucher.vcf From awilliam at whitemice.org Wed Nov 15 11:33:13 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? In-Reply-To: <3A1248CC.F53EF635@cnrs-imn.fr> References: <3A1248CC.F53EF635@cnrs-imn.fr> Message-ID: <20001115.11331300@estate1.whitemice.org> >we are planning to use sambe in place of our NT PDC. You don't have a choice, PDC requires encrypted passwords, and that requires smbpasswd file. >So we have define samba to be a logon server for windows and it works. The >security option is user in order to use the UNIX/NIS password file. The only >problem we have for the moment is to change the password from the windows tool You want to setup "unix passwd sync", see the smb.conf man page. >box. This option works only if we define the user in the smbpassword file >located in /usr/local/samba/private. >We do not like this option as we would like to have only one password file, the >file coming with the NIS. Keeping the two file in sync is quite simple. WIndows user's change their passwords with the windows passwd tool, Samba set's BOTH passwords. Local *NIX users (if any) change their password with the smb password tool, so that Samba still handles the password change, and sets both passwords. >So is it possible to tell samba to change only the NIS password file only when a >request is made from windows. We don not want that samba look for the file >smbpassword as we are not planning to maintain this file. Yes, but then the system won't work as a PDC. From eirvine at tpgi.com.au Wed Nov 15 11:42:58 2000 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? References: <3A1248CC.F53EF635@cnrs-imn.fr> Message-ID: <3A1276C2.224A525E@tpgi.com.au> Hi Florent, Florent Boucher wrote: > > Dear colleges, > we are planning to use sambe in place of our NT PDC. > So we have define samba to be a logon server for windows and it works. The > security option is user in order to use the UNIX/NIS password file. The only > problem we have for the moment is to change the password from the windows tool > box. > This option works only if we define the user in the smbpassword file located in > /usr/local/samba/private. > We do not like this option as we would like to have only one password file, the > file coming with the NIS. > So is it possible to tell samba to change only the NIS password file only when a > request is made from windows. We don not want that samba look for the file > smbpassword as we are not planning to maintain this file. > Thank you for a precise answer. > Florent If you want your SAMBA server to be the PDC (which is what you want, as far as I can make out), and if you are using NT SP3 or above, then you HAVE to use the smbpasswd file and you have to use encrypted passwords. I was very reluctant to go down this path myself. However, in practice is not as big a deal as I expected. I have also made up a web/cgi interface for users to change their password. Using expect, it changes both their unix and smb passwords. Eddie. From shaun.lipscombe at gasops.co.uk Wed Nov 15 12:01:18 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? In-Reply-To: Adam Williams's message of "Wed, 15 Nov 2000 11:33:13 GMT" References: <3A1248CC.F53EF635@cnrs-imn.fr> <20001115.11331300@estate1.whitemice.org> Message-ID: * "Adam" == Adam Williams writes: > You want to setup "unix passwd sync", see the smb.conf man page. Does this work with shadow passwords? -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From awilliam at whitemice.org Wed Nov 15 12:40:08 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? In-Reply-To: References: <3A1248CC.F53EF635@cnrs-imn.fr> <20001115.11331300@estate1.whitemice.org> Message-ID: <20001115.12400800@estate1.whitemice.org> >>You want to setup "unix passwd sync", see the smb.conf man page. >Does this work with shadow passwords? It should work with anything. It actually calls the password change command that you specify (ex. /usr/bin/passwd) and communicates with it via an "expect"-ish script. If the expect script is a go it then proceeds to change the SMB password, else it returns a failure to change the passwd. From shaun.lipscombe at gasops.co.uk Wed Nov 15 12:46:54 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? In-Reply-To: Adam Williams's message of "Wed, 15 Nov 2000 12:40:08 GMT" References: <3A1248CC.F53EF635@cnrs-imn.fr> <20001115.11331300@estate1.whitemice.org> <20001115.12400800@estate1.whitemice.org> Message-ID: * "Adam" == Adam Williams writes: >>> You want to setup "unix passwd sync", see the smb.conf man page. >> Does this work with shadow passwords? > It should work with anything. It actually calls the password > change command that you specify (ex. /usr/bin/passwd) and > communicates with it via an "expect"-ish script. If the expect > script is a go it then proceeds to change the SMB password, else it > returns a failure to change the passwd. OK. When you create the smbpasswd file should you cat the shadow file to the smbpasswd.sh script? In the encryption.txt it says to use /etc/passwd and of course /etc/shadow is in a different format.... Hopefully I haven't asked a dumb question :-/ Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From shaun.lipscombe at gasops.co.uk Wed Nov 15 12:48:28 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:21 2003 Subject: Samba 2 Message-ID: Apparently you can optimise performace by modifying the write cache if you are using raid-5 to that of the stripe size. 1) is this true (can't remember where I read it now!) 2) how do I find the stripe size easily ( I am using hardware raid-5 because software raid-5 was alpha when I put the box up 2 yrs ago) Regards, Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From miksa at lysya.kajaani.fi Wed Nov 15 14:01:42 2000 From: miksa at lysya.kajaani.fi (Mikko Hurskainen) Date: Tue Dec 2 02:32:21 2003 Subject: SAmba and web password changing Message-ID: Sombody in this list said, that he has written cgi to change sambapassword in web, I'll have use for that kind of program, so if (who you ever are) can share it, i'd be pleased. -- - Miksa Root of lysya.kajaani.fi From simo.sorce at polimi.it Wed Nov 15 14:48:40 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:32:21 2003 Subject: SAmba and web password changing References: Message-ID: <3A12A248.E97C4467@polimi.it> Mikko Hurskainen wrote: > > Sombody in this list said, that he has written cgi to change sambapassword > in web, I'll have use for that kind of program, so if (who you ever > are) can share it, i'd be pleased. > -- > - Miksa > Root of lysya.kajaani.fi Here is an outdated but still functional interface I've made with a coworker to update both samba and NIS through https+php3(4): http://www.geocities.com/SiliconValley/9757/samba.html -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From vorlon at netexpress.net Wed Nov 15 15:12:39 2000 From: vorlon at netexpress.net (Steve Langasek) Date: Tue Dec 2 02:32:21 2003 Subject: How to use only the UNIX password file with samba ? In-Reply-To: <3A1276C2.224A525E@tpgi.com.au> Message-ID: On Wed, 15 Nov 2000, eirvine wrote: > Hi Florent, > Florent Boucher wrote: > > Dear colleges, > > we are planning to use sambe in place of our NT PDC. > > So we have define samba to be a logon server for windows and it works. The > > security option is user in order to use the UNIX/NIS password file. The only > > problem we have for the moment is to change the password from the windows tool > > box. > > This option works only if we define the user in the smbpassword file located in > > /usr/local/samba/private. > > We do not like this option as we would like to have only one password file, the > > file coming with the NIS. > > So is it possible to tell samba to change only the NIS password file only when a > > request is made from windows. We don not want that samba look for the file > > smbpassword as we are not planning to maintain this file. > > Thank you for a precise answer. > > Florent > If you want your SAMBA server to be the PDC (which is what you want, as > far as I can make out), and if you are using NT SP3 or above, then you HAVE ^^^ > to use the smbpasswd file and you have to use encrypted passwords. This 'and' above should be an or. *Any* time you want Samba to act as a PDC, you have to use encrypted passwords. This is fundamental to how NT domain trust relationships work, and even NT4 <= SP2 will require this of a PDC. If you're not going to be using Samba as a PDC, then you can hobble your NT4 SP3 machines to use plaintext passwords, however. Steve Langasek postmodern programmer From tcurdt at dff.st Wed Nov 15 15:41:28 2000 From: tcurdt at dff.st (Torsten Curdt) Date: Tue Dec 2 02:32:21 2003 Subject: machine accounts (was: SAmba and web password changing) In-Reply-To: <3A12A248.E97C4467@polimi.it> Message-ID: > Here is an outdated but still functional interface I've made with a > coworker to update both samba and NIS through https+php3(4): > http://www.geocities.com/SiliconValley/9757/samba.html > I followed this URL and found something even more interesting... ...a patch that avoids the need for machine accounts in the /etc/passwd (still in smbpasswd) Why is this patch not included in the usual samba version? Having these accounts in /etc/passwd is quite annoing! -- Torsten From vorlon at netexpress.net Wed Nov 15 15:58:43 2000 From: vorlon at netexpress.net (Steve Langasek) Date: Tue Dec 2 02:32:21 2003 Subject: PDC AND SAMBA In-Reply-To: <20001115084929.B23017@molgen-6.iah.medizin.uni-tuebingen.de> Message-ID: Hello Kai, > > I have my LAN setup with 2 NT servers as PDC and BDC. My linux box > > is a member of the PDC with DHCP ip address. I ran samba in the hope that > > usernames in my linuxbox can use the same password as the PDC password > > list on the password server(pdc). when samba ran it had become the pdc > > automatically . All i added was the password server address to the pdc > > intranet ip in smb.conf and ran a smbpasswd on my local users. > Hm.. I don't know what the os level option does to the DC functionality, but > there is an option for samba becoming domain master browser, and in smb, > this has the same machine code (or whatever this is called) as the PDC. IIRC > it's <1B>. So you should set all the preferred master, domain master options > to no and set os level to 0. > > My question is > > why did'nt the PDC on NT Server let my linux box take over as PDC > > especially when i didnt supply any network-admin username/password in my > > smb.conf > If my way of thining is right, you just had your samba set up to win all > browser elections. So it would just have the same code (this <1B> thing) as > the PDC of yours.. > Perhaps one of the gurus has a better idea, though.. Actually, netbios id <1B> is not determined by election: this is a netbios name that is registered with the WINS server. There is no reason for this to be elected, since the domain master browser / PDC should be a stable, centrally-administered machine. You must configure an NT server to be a PDC. When it boots up, it will check to see if domain<1B> is registered with the wins server. If it's registered, NT spits out an error message and doesn't become a PDC. If it isn't registered, it registers the name with its own IP. If Samba has 'domain master = yes' set in smb.conf, it will register domain<1B> with *its* IP -- /regardless/ of whether or not there's another PDC on the network already. Setting 'domain master = no' is enough to fix the problem. Steve Langasek postmodern programmer From boguhn at entelos.com Wed Nov 15 16:32:43 2000 From: boguhn at entelos.com (Brian Boguhn) Date: Tue Dec 2 02:32:21 2003 Subject: Problems accessing a previously working Samba system Message-ID: I had not checked Samba running on my system, , in a few weeks. When I went to access the other day, I was unable to via Windows Explorer; I got that familiar window where it prompts for a username and password, and keeps doing that no matter what is entered. As I had not accessed it in quite some time, the only thing I could figure was that it wasn't working because I had changed passwords on my domain account. However, my username on , which is the same as my domain username, had its password changed at the same time to the same thing. What I then did yesterday was to remove from , and remove ..mac, machine.sid, and smbpasswd from /usr/local/samba/private. I then, after putting back into the domain via server manager, re-added using ./smbpasswd -j -r (same command I've used to add all systems I've configured with Samba to the domain) at its own console, as the instructions say and as I have done before. I did this several times yesterday, and each time after I did it and rebooted , I got the same issue of being prompted for a username and password. Finally, I let it sit overnight. This morning I went through the same steps of removing it from the domain, re-adding it, and then putting it in (successfully, I might add - no error messages) with smbpasswd. When I try to access it from Windows Explorer this morning, I get this: is not accessible. The remote procedure call failed. I rebooted the system, and the error still occurs. Suggestions and help appreciated. Thanks. ___________________________________ Brian Boguhn Server Administrator Entelos, Inc. Menlo Park, CA (650) 330-5235 (voice) (650) 330-5201 (fax) http://www.entelos.com ___________________________________ From gcarter at valinux.com Wed Nov 15 15:42:13 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:21 2003 Subject: process_logon_packet(70) message ? References: Message-ID: <3A12AED5.F65A4741@valinux.com> Russel Ingram wrote: > > Can somebody tell me what this message in my logs means: > > [2000/11/14 18:21:23, 1] > nmbd/nmbd_processlogon.c:process_logon_packet(70) > process_logon_packet: Logon from XXX.XXX.XXX.XXX: code = 0x7 > include/nameserv.h: #define QUERYFORPDC 7 /* Query for PDC. */ > this is from the logs of a samba 2.0.7 server that is > running as a (somewhat limited) PDC. I'm having a lot > of strangeness in dealing with profiles and privileges and > am trying to track down what the problem is. I'm wondering > if this is related. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From m.brodbelt at acu.ac.uk Wed Nov 15 18:17:52 2000 From: m.brodbelt at acu.ac.uk (Mike Brodbelt) Date: Tue Dec 2 02:32:21 2003 Subject: Samba 2 References: Message-ID: <3A12D350.5BB1E16B@acu.ac.uk> Shaun Lipscombe wrote: > > Apparently you can optimise performace by modifying the write cache if > you are using raid-5 to that of the stripe size. > > 1) is this true (can't remember where I read it now!) In theory, it can help, as your cache flush requests will then write an entire stripe evenly. In practice, I wouldn't bother - any decent hardware RAID card will have on card cache RAM, and will buffer requests in that cache until it can write a stripe anyway, so I'd be very surprised to see any difference at all. > 2) how do I find the stripe size easily ( I am using hardware raid-5 > because software raid-5 was alpha when I put the box up 2 yrs ago) SW RAID on Linux is actually pretty reliable - RAID 0.90 will be in the shipping 2.4 kernel, and the "alpha" patches are actually very stable. It's also faster on a decent CPU. Nevertheless, I prefer HW RAID where possible - you get lots of nice features like hot-swap with a good raid card, and power outages aren't necessarily as disastrous, as most decent cards have battery backed cache. HTH, Mike. From gcarter at valinux.com Wed Nov 15 18:20:26 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:21 2003 Subject: machine accounts (was: SAmba and web password changing) References: Message-ID: <3A12D3EA.A7E5145F@valinux.com> Torsten Curdt wrote: > > I followed this URL and found something even more interesting... > ...a patch that avoids the need for machine accounts in the > /etc/passwd (still in smbpasswd) > > Why is this patch not included in the usual samba version? > Having these accounts in /etc/passwd is quite annoing! Because I am reworking the account storage interface currently. Part of the redesign will correct this. CHeers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From kevinc at grainsystems.com Wed Nov 15 18:55:27 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:21 2003 Subject: machine accounts (was: SAmba and web password changing) References: Message-ID: <3A12DC1F.749AD431@grainsystems.com> Torsten Curdt wrote: > > > Here is an outdated but still functional interface I've made with a > > coworker to update both samba and NIS through https+php3(4): > > http://www.geocities.com/SiliconValley/9757/samba.html > > I followed this URL and found something even more interesting... > ...a patch that avoids the need for machine accounts in the > /etc/passwd (still in smbpasswd) > > Why is this patch not included in the usual samba version? > Having these accounts in /etc/passwd is quite annoing! I agree, but the new passdb will (as I understand it) eliminate this problem along with the other things it does. Exactly how to deal with this issue has been the subject of some debate in the past. - Kevin Colby kevinc@grainsystems.com From read_a at univerahealthcare.org Wed Nov 15 19:21:04 2000 From: read_a at univerahealthcare.org (Adam Read) Date: Tue Dec 2 02:32:21 2003 Subject: createuser and samedit problems Message-ID: Now it finds the server(added it to the hosts file), though it should have found it via DNS, but I digress. It seems to create the account, but not fully, and then itsays it fails. In NT server manager, it lists the account, but I cannot view any properties on it due to incorrect password? I have moved to try and get this to work on Red Hat7(guiness), so amy comments are appreciated. What OS, etc are you running that you got it to work, and BTW, where did you get the information? Thanks, Adam >>> chuckg@lexmark.com 11/14 1:29 PM >>> Make sure you have updated the smb.conf file in /usr/local/samba/lib with your domain name and name of the PDC for that domain. Also be sure that your box that Samba is installed on can reach the PDC defined in the config file via DNS or /etc/hosts. Also you will need to create the directory /usr/local/samba/private before you run the createuser command (where the password database will exist). Be sure to have the administrator id and password for the domain you are joining then use the commands: "samedit -S pdcname -W domainname -U adminuseridonpdc" then "createuser linixboxname$ -j domainname -L". You should get a message to the effect "Welcome linixboxname$ to domain domainname". Hope this helps (it did work for me in this way...) Regards, Chuck Grieshaber chuckg@lexmark.com read_a%univerahealthcare.org@interlock.lexmark.com on 11/14/2000 11:33:13 AM To: samba-ntdom%us5.samba.org@interlock.lexmark.com cc: (bcc: Chuck Grieshaber/Lex/Lexmark) Subject: createuser and samedit problems I am installing the newest build of the appliance and trying to get the samba box to authenticate to the PDC(NT box). Everything seems to install OK, but when I go to add the machine using createuser within samedit , i get: could not locate server for domain MYDOMAIN Does anyone have a man page or some documentation as to what the command line options for createuser mean. There is nothing I can find that helps. I also need to get winbindd working, but that depends on this. Do I just use smbpasswd to add it after adding it from server manager? Many thanks from a desperate man, Adam From dan at xif.com Wed Nov 15 19:59:04 2000 From: dan at xif.com (Dan Boger) Date: Tue Dec 2 02:32:21 2003 Subject: 2.2 as PDC with Exchange Message-ID: <20001115145904.W975@xif.com> Did anyone get a Samba 2.2a0 PDC to work with setting up a new exchange server? I keep getting the following error when I tell exchange what domain user to run as: No mapping between account names and security IDs was done. Microsoft Windows NT ID no: 0xc0020534 help? :) -- Dan Boger System Administrator dan@xif.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 240 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001115/9babc1bd/attachment.bin From alan at woodyweb.co.uk Wed Nov 15 20:26:29 2000 From: alan at woodyweb.co.uk (Alan Woodland) Date: Tue Dec 2 02:32:21 2003 Subject: RPC References: <20001114200114.230A18408@lists.samba.org> Message-ID: <3A12F174.6B35B458@woodyweb.co.uk> I downloaded the microsoft pack for administering a domain from win 95, which i belive would work with samba as a domain controler, but the (MS) software says RPC error, unable to continue... Does anyone know why/have it working? Alan -- Warning to commercial entities: Unsolicited commercial communications may be subject to a fee of ?50 per hour of my time consumed (My opinion of the length of time consumed is final (minimum resolution of 1 hour)). Sending me mail implies acceptance of these terms. From read_a at univerahealthcare.org Wed Nov 15 21:16:16 2000 From: read_a at univerahealthcare.org (Adam Read) Date: Tue Dec 2 02:32:21 2003 Subject: createuser and samedit problems Message-ID: I can see all of the users from within samedit, but it fails on adding the machine to the domain. Winbind complains that it cannot find a file, but then sees the domain correctly(debug @ 3). I am a little confused as to what I should modify in the /etc/pam.d/ directory also. I will grab a copy of Redhat 6.2 to mirror your setup and maybe I can get this darn thing to work. Thanks, Adam >>> chuckg@lexmark.com 11/15 3:57 PM >>> I have made this work on both RH 6.1 and 6.2 ( I have not tried 7.0 yet due to the problems with GCC 2.96, but I too digress...). Most of the information was gleaned (if I remember correctly) from http://www.kneschke.de/projekte/samba_tng/index.php3 and various links off of this one, or tracing through the code (very interesting!!!). What I was looking for was a way to authenticate to an NT Domain using PAM from a program I was writing , which I was able to do using samba-appliance (which, as you know is a mix of TNG and Samba HEAD) and more specifically the winbindd daemon. Now to your problem, not knowing the error messages you are receiving I'm not sure if I can help other than to mention that you can add the following lines in the SMB.CONF file to get more information in your log files "debuglevel=x" and "loglevel=x", I have used as high as 100 (this creates mb of data in the log files!!!) when I really wanted to see what was going on but I normally set this to 3 (this is the basic debug level if you ask me..) Logs are located in /usr/local/samba/var, one for each daemon running (i.e. log.smbd and log.winbindd). This may give you enough information to determine what is wrong with the password (I'm assuming the machine password), although this is set to a known value at first to join the domain. The other thing that you can do is that when you are at the "samedit " prompt is to list the domain users (I forget the command name, just type "h" to get the list of commands) to see if you get the correct information back (i.e. a list of users defined to the domain). Hope this helps, let me know what you find. Regards, Chuck Grieshaber chuckg@lexmark.com read_a%univerahealthcare.org@interlock.lexmark.com on 11/15/2000 02:21:04 PM To: samba-ntdom%us5.samba.org@interlock.lexmark.com cc: (bcc: Chuck Grieshaber/Lex/Lexmark) Subject: Re: createuser and samedit problems Now it finds the server(added it to the hosts file), though it should have found it via DNS, but I digress. It seems to create the account, but not fully, and then itsays it fails. In NT server manager, it lists the account, but I cannot view any properties on it due to incorrect password? I have moved to try and get this to work on Red Hat7(guiness), so amy comments are appreciated. What OS, etc are you running that you got it to work, and BTW, where did you get the information? Thanks, Adam >>> chuckg@lexmark.com 11/14 1:29 PM >>> Make sure you have updated the smb.conf file in /usr/local/samba/lib with your domain name and name of the PDC for that domain. Also be sure that your box that Samba is installed on can reach the PDC defined in the config file via DNS or /etc/hosts. Also you will need to create the directory /usr/local/samba/private before you run the createuser command (where the password database will exist). Be sure to have the administrator id and password for the domain you are joining then use the commands: "samedit -S pdcname -W domainname -U adminuseridonpdc" then "createuser linixboxname$ -j domainname -L". You should get a message to the effect "Welcome linixboxname$ to domain domainname". Hope this helps (it did work for me in this way...) Regards, Chuck Grieshaber chuckg@lexmark.com read_a%univerahealthcare.org@interlock.lexmark.com on 11/14/2000 11:33:13 AM To: samba-ntdom%us5.samba.org@interlock.lexmark.com cc: (bcc: Chuck Grieshaber/Lex/Lexmark) Subject: createuser and samedit problems I am installing the newest build of the appliance and trying to get the samba box to authenticate to the PDC(NT box). Everything seems to install OK, but when I go to add the machine using createuser within samedit , i get: could not locate server for domain MYDOMAIN Does anyone have a man page or some documentation as to what the command line options for createuser mean. There is nothing I can find that helps. I also need to get winbindd working, but that depends on this. Do I just use smbpasswd to add it after adding it from server manager? Many thanks from a desperate man, Adam From chada at integware.com Wed Nov 15 22:33:21 2000 From: chada at integware.com (Chad Atchison) Date: Tue Dec 2 02:32:21 2003 Subject: Samba and unix password sync Message-ID: <3A130F31.CAEF7359@integware.com> I'm using the latest cvs version of Samba 2.0 as of Monday, and I'm running into a problem with the password sync. In my smb.conf file, if i have: passwd chat = *enter*old*password* \n *enter*new*password* %n\n *retype*new*password* %n\n *NIS*password*has*been*changed* it works fine, until i change my password. But if I use this: passwd chat = *enter*old*password* %o\n *enter*new*password* %n\n *retype*new*password* %n\n *NIS*password*has*been*changed* it doesn't send the old password at all. I've looked at the logs, and this is what is has in log.mymachine [2000/11/15 15:18:56, 100] smbd/chgpasswd.c:expect(233) expect: sending [ ] Nothing's getting sent across. Anyone know what the problem is? Thanks ahead of time, Chad From ringram at acpl.lib.wy.us Thu Nov 16 00:17:36 2000 From: ringram at acpl.lib.wy.us (Russel Ingram) Date: Tue Dec 2 02:32:21 2003 Subject: Problems accessing a previously working Samba system Message-ID: > Finally, I let it sit overnight. This morning I went through the same > steps of removing it from the domain, re-adding it, and then putting > it in (successfully, I might add - no error messages) with smbpasswd. > When I try to access it from Windows Explorer this morning, I get > this: > > is not accessible. The remote procedure call failed. I've had this same problem for around a year now and have posted it here before but found no solutions. Just some additional info on the symptoms that I get -- the problem does not go away with upgrades. When I started having this problem I was running 2.0.5a, I am now running 2.0.7 and still have the problem. Does someone have any idea what might be causing this. Thanx, Russ From kevinc at grainsystems.com Wed Nov 15 23:48:50 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:22 2003 Subject: 2.2 as PDC with Exchange References: <20001115145904.W975@xif.com> Message-ID: <3A1320E2.18A3540@grainsystems.com> Dan Boger wrote: > > Did anyone get a Samba 2.2a0 PDC to work with setting up a new exchange > server? I keep getting the following error when I tell exchange what > domain user to run as: While it is certainly nice to test Exchange interoperability, it was not a planned goal for this release, so I'm not too surprised. - Kevin Colby kevinc@grainsystems.com From simo.sorce at polimi.it Thu Nov 16 08:39:33 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:32:22 2003 Subject: RPC References: <20001114200114.230A18408@lists.samba.org> <3A12F174.6B35B458@woodyweb.co.uk> Message-ID: <3A139D45.11367A6A@polimi.it> Alan Woodland wrote: > > I downloaded the microsoft pack for administering a domain from win 95, which i belive > would work with samba as a domain controler, but the (MS) software says RPC error, > unable to continue... Does anyone know why/have it working? > > Alan > > -- > Warning to commercial entities: Unsolicited commercial communications may be subject > to a fee of ?50 per hour of my time consumed (My opinion of the length of time > consumed is final (minimum resolution of 1 hour)). Sending me mail implies acceptance > of these terms. Alan, I assume you are testing samba 2.0.x Samba 2.0.x has limited RPC support and will fail on many queries. Samba 2.2.0 is in alpha stage and will be released soon; thi version has a much improved RPC support and will probably be able to behave correctly with MS tools. Stay tuned (for testing purposes there is a snapshot of samba 2.2.0 on samba.org) Simo. -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From Jouni.Heiskanen at Karttakeskus.fi Thu Nov 16 12:53:24 2000 From: Jouni.Heiskanen at Karttakeskus.fi (Heiskanen, Jouni) Date: Tue Dec 2 02:32:22 2003 Subject: Samba authentication on PDC Message-ID: I've managed to join samba server to nt domain. I want that samba server use PDC password database when it authenticate user so that I don't have to maintain two different user/password databases. Is it possible to configure samba to this? ---------------------------------------------------------- Jouni Heiskanen Jouni.Heiskanen@Karttakeskus.fi Karttakeskus Oy puh. 0204 45 5832 S?hk?tie 1 matkapuh. 040 527 8600 PL 40 fax 0204 45 5929 01511 Vantaa From gcarter at valinux.com Thu Nov 16 02:02:46 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:22 2003 Subject: RPC References: <20001114200114.230A18408@lists.samba.org> <3A12F174.6B35B458@woodyweb.co.uk> Message-ID: <3A134046.C309609C@valinux.com> Alan Woodland wrote: > > I downloaded the microsoft pack for administering a domain > from win 95, which i belive would work with samba as a > domain controler, but the (MS) software says RPC error, > unable to continue... Does anyone know why/have it working? We will look into it again, but it is lower on the list of priorities in all honesty. Many more pieces to come first. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From wolf.bergenheim at adcore.com Thu Nov 16 14:01:00 2000 From: wolf.bergenheim at adcore.com (Wolf Bergenheim) Date: Tue Dec 2 02:32:22 2003 Subject: Samba authentication on PDC In-Reply-To: Message-ID: On Thu, 16 Nov 2000, Heiskanen, Jouni wrote: >I've managed to join samba server to nt domain. I want that samba server use >PDC password database when it authenticate user so that I don't have to >maintain two different user/password databases. Is it possible to configure >samba to this? > Yes it is possible, just use the following settings in your smb.conf security = DOMAIN encrypt passwords = Yes password server = yourPDC regards, Wolf Bergenheim -- Systems Specialist Adcore wolf.bergenheim@adcore.com http://www.adcore.com/ From shaun.lipscombe at gasops.co.uk Thu Nov 16 15:15:43 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:22 2003 Subject: Plain Text AND Encrypted Message-ID: Is it possible for a nmbd deamon to authenticate plain text as well as hashed smb passwords? All my winX machines have plaintextpasswords enabled and I would like to move them over to encrypted but not all in one go. Thanks, Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From bgmilne at ing.sun.ac.za Thu Nov 16 15:41:42 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:22 2003 Subject: Which Microsoft servers will authenticate off samba 2.x PDC ? Message-ID: <3A140036.AD4E8C7A@ing.sun.ac.za> Hi, We have a samba 2.0.7 PDC currently with about 40 mainly NT4.0 clients. Management as decided to evaluate some ERP software (which is more expensive than the rest of our IT budget) which requires MS SQL. Initially we will be borrowing someone else's SQL server, but if we decide to keep the software, we will need to set up our own one. So, would it be possible to: -have SQL server running on a member server of our samba-controlled domain -have the SQL server authenticate users off the samba-controlled domain Of course, management would also like to have Exchange, but I gather from other posts that samba 2.2.0 won't do this. Any idea when this will be possible (samba 3.0 ?) Regards, Buchan -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From Thomas_K_Powell at Uniloy.com Thu Nov 16 16:13:40 2000 From: Thomas_K_Powell at Uniloy.com (Powell, Tom K.) Date: Tue Dec 2 02:32:22 2003 Subject: Windows 2000 and Samba Message-ID: <646E05C18804A74EA085A4EA60E0FBE4135B40@umman01.uniloy.milacron.com> I currently have Samba 2.0.4b installed on a HP-UX 10.20 system. I am using Samba only for file sharing. We were doing just fine with Windows NT, but now we're tring to map drives using windows 2000. It appears that our 2000 work station does not handle Samba maps, every time I click on the server to map a drive nothing happens. On NT I get a list fo the shares for the Samba Server. Can anyone help me. Thanks From simo.sorce at polimi.it Thu Nov 16 17:01:54 2000 From: simo.sorce at polimi.it (Simo Sorce) Date: Tue Dec 2 02:32:22 2003 Subject: Windows 2000 and Samba References: <646E05C18804A74EA085A4EA60E0FBE4135B40@umman01.uniloy.milacron.com> Message-ID: <3A141302.F08D8FF6@polimi.it> "Powell, Tom K." wrote: > > I currently have Samba 2.0.4b installed on a HP-UX 10.20 system. I am using > Samba only for file sharing. We were doing > just fine with Windows NT, but now we're tring to map drives using windows > 2000. It appears that our 2000 work station does > not handle Samba maps, every time I click on the server to map a drive > nothing happens. On NT I get a list fo the > shares for the Samba Server. Can anyone help me. > > Thanks 2.0.4b is outdated, you need samba 2.0.7 to be able to share files towards win2000 clients! -- Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano E-mail: simo.sorce@polimi.it Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451 ----------------------------------------------------------------- Be happy, use Linux! From D.Bannon at latrobe.edu.au Thu Nov 16 22:19:44 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:22 2003 Subject: Which Microsoft servers will authenticate off samba 2.x PDC ? In-Reply-To: <3A140036.AD4E8C7A@ing.sun.ac.za> Message-ID: <3.0.6.32.20001117091944.008ab590@bioserve.latrobe.edu.au> At 05:41 PM 16/11/2000 +0200, Buchan Milne wrote: >Hi, > >We have a samba 2.0.7 PDC currently with about 40 mainly NT4.0 clients. >.... >So, would it be possible to: >-have SQL (NT) server running on a member server of our samba-controlled >domain >-have the SQL server authenticate users off the samba-controlled domain Yep, just a case of having the NT join the samba domain. See the FAQ. ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Thu Nov 16 22:23:44 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:22 2003 Subject: RPC In-Reply-To: <3A139D45.11367A6A@polimi.it> References: <20001114200114.230A18408@lists.samba.org> <3A12F174.6B35B458@woodyweb.co.uk> Message-ID: <3.0.6.32.20001117092344.008b0440@bioserve.latrobe.edu.au> At 09:39 AM 16/11/2000 +0100, Simo Sorce wrote: >.... >RPC support and will probably be able to behave correctly with MS tools. >Stay tuned (for testing purposes there is a snapshot of samba 2.2.0 on >samba.org) Might be better to use the cvs rather than the snapshot. Its getting a bit out of date, does not have any of the w2k domain controller stuff that Jean Francis is working on for example. david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From tschweikle at FIDUCIA.de Thu Nov 16 22:28:56 2000 From: tschweikle at FIDUCIA.de (tschweikle@FIDUCIA.de) Date: Tue Dec 2 02:32:22 2003 Subject: Error 400 with swat Message-ID: <0057540007760869000002L492*@MHS> Hi! Running samba on a machine with two network interfaces swat tells me Samba is configured to deny access from this client Check your "hosts allow" and "hosts deny" options in smb.conf The interfaces configured are: tr0: 10.40.240.2 eth0: 192.168.15.33 hosts allow = localhost,10.40.240.,192.168. interfaces = eth0 lo tr0 The host I try to connect from has 10.20.240.4 Any idea why this doesn't work? If I comment out 'hosts allow' altogether there is no problem connecting to swat. -- Thomas From awilliam at whitemice.org Thu Nov 16 22:58:07 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:22 2003 Subject: Plain Text AND Encrypted In-Reply-To: References: Message-ID: <20001116.22580700@estate1.whitemice.org> >Is it possible for a nmbd deamon to authenticate plain text as >well as hashed smb passwords? All my winX machines have >plaintextpasswords enabled and I would like to move them over to >encrypted but not all in one go. Samba provides a wonderful feature to handle this migration. set "update encrypted" and while you still use the plain text passwords it hashes them and stores them in the smbpasswd file, then when your ready to make the switch you have a complete smbpasswd database. From jeremy at valinux.com Fri Nov 17 01:06:57 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:22 2003 Subject: RPC References: <20001114200114.230A18408@lists.samba.org> <3A12F174.6B35B458@woodyweb.co.uk> <3.0.6.32.20001117092344.008b0440@bioserve.latrobe.edu.au> Message-ID: <3A1484B1.770FFDF1@valinux.com> David Bannon wrote: > > At 09:39 AM 16/11/2000 +0100, Simo Sorce wrote: > >.... > >RPC support and will probably be able to behave correctly with MS tools. > >Stay tuned (for testing purposes there is a snapshot of samba 2.2.0 on > >samba.org) > > Might be better to use the cvs rather than the snapshot. Its getting a bit > out of date, does not have any of the w2k domain controller stuff that Jean > Francis is working on for example. I'm getting ready to issue an alpha1 - I'm working with Andrew on some printer & tdb related bugs first. Jeremy. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From hergen.lange at olb.de Fri Nov 17 07:43:31 2000 From: hergen.lange at olb.de (Hergen Lange) Date: Tue Dec 2 02:32:22 2003 Subject: Windows 2000 and Samba References: <646E05C18804A74EA085A4EA60E0FBE4135B40@umman01.uniloy.milacron.com> Message-ID: <3A14E1A3.A89BD984@olb.de> Please firts try Samba 2.0.7 "Powell, Tom K." schrieb: > I currently have Samba 2.0.4b installed on a HP-UX 10.20 system. I am using > Samba only for file sharing. We were doing > just fine with Windows NT, but now we're tring to map drives using windows > 2000. It appears that our 2000 work station does > not handle Samba maps, every time I click on the server to map a drive > nothing happens. On NT I get a list fo the > shares for the Samba Server. Can anyone help me. > > Thanks -------------- next part -------------- A non-text attachment was scrubbed... Name: hergen.lange.vcf Type: text/x-vcard Size: 303 bytes Desc: Visitenkarte für Hergen Lange Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001117/d3355341/hergen.lange.vcf From shaun.lipscombe at gasops.co.uk Fri Nov 17 10:49:11 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:22 2003 Subject: NT logon's for Win PC's Message-ID: Folks, I have had this working since day one for 95/98 machines but I have never thought much about this functionality for NT basically because we only ever had NT servers that were independent (not domain model in place). However times changes and slowly the NT workstations have been creeping onto the corporate desktop (resistance is futile etc). Don't worry the backbone to the network is and always will be (for as long as I have a say in it) linux considering we have never had ANY network downtime (and our samba box was up for 2 years only going down to install a cd-burner recently making the netware box it replaced look silly - although linux IPX/SPX bridging worked nicely back in the days!). The question I here you ask? Well I don't know an awful lot about NT (well I do actually but not from a networking point of view) and so I was wondering how to get NT workstations to logon to my samba box and have login scripts run. I guess I *have* to setup a PDC? Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From lepape at shom.fr Fri Nov 17 11:29:07 2000 From: lepape at shom.fr (Jean-Marc Le Pape) Date: Tue Dec 2 02:32:22 2003 Subject: user's profiles Message-ID: <3A151683.4070709@shom.fr> Hi, I've got 2.2 on Solaris 2.6 with NT 4.0 (In French). Domain Admin's profiles are ok but Domain Users' profiles are not modified when users log out. They find all their icons but they can't move them on the wokspace, They have "Welcome on NT" at each logging, Word ask them who they are, etc .... The workstations and the server have the same time. Users can Read and write in there \\PDC\profiles share. I can't find from where is the problem... Thanks. JM From noelk at bc.edu Fri Nov 17 13:09:12 2000 From: noelk at bc.edu (Kenneth Noel) Date: Tue Dec 2 02:32:22 2003 Subject: mv from NT to samba domains Message-ID: <3A152DF8.1EC7E4EC@bc.edu> Hi, I have a question. I currently maintain a large NT network. I'd like to change our three domain structure to have all the users on one damain, possibly a samba server. The problem, to moving/adding all those users to one domain their sids will be different making it so we have to change the permissions on all the NT servers. There are products out there for hundreds of thousands of dollars to make the mover easier. They will go out and re-ACL all your servers. I have to believe there is a simpler way to do it using Samba. If I could run a script against the users that are on my domains now, to get their sids. Would it be possible to create another script to copy their sid to the smbpasswd file? The problem I think is with the RID. If someone would come up with a resolution for this I'm sure more people would move their NT domain structure to Linux. I have seen one person that has made it possible not to use the passwd file and putting part of the sid in the smbpasswd file, that lookds close to what I need. I think some how I have to have three rids running on my samba server using the old domains sids.?? Keep up the good work. Thanks, Ken -------------- next part -------------- A non-text attachment was scrubbed... Name: noelk.vcf Type: text/x-vcard Size: 290 bytes Desc: Card for Kenneth Noel Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001117/38ca36cb/noelk.vcf From k.blin at gmx.net Fri Nov 17 12:48:46 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:22 2003 Subject: PDC AND SAMBA In-Reply-To: ; from vorlon@netexpress.net on Wed, Nov 15, 2000 at 09:58:43AM -0600 References: <20001115084929.B23017@molgen-6.iah.medizin.uni-tuebingen.de> Message-ID: <20001117134846.A26440@molgen-6.iah.medizin.uni-tuebingen.de> * Steve Langasek [15/11/00, 09:58:43]: > Hello Kai, Hi Steeve, > If Samba has 'domain master = yes' set in smb.conf, it will register > domain<1B> with *its* IP -- /regardless/ of whether or not there's another PDC > on the network already. > > Setting 'domain master = no' is enough to fix the problem. That's all I wanted to say, basically :) You way is better, of course :) Thanks Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- Frankfort, Kentucky, makes it against the law to shoot off a policeman's tie. From jak at orbita.don.sitek.net Fri Nov 17 13:21:37 2000 From: jak at orbita.don.sitek.net (,,,) Date: Tue Dec 2 02:32:22 2003 Subject: WinNT clients can't see groups on Samba PDC Message-ID: <20001117162137.A10192@debian> Hi all, We have Samba 2.0.7 installed on Debinan/GNU Linux as PDC for Win9x and WinNT clients. Clients can login to Samba controlled domain. WinNT can see all user's defined on Samba PDC, but can't use group from /etc/group. Man page for smb.conf doesn't describe related parameters (like "domain group map"). How can I solve this problem ? Best regards, Jakov Lurie From Lars.Roesch at living-systems.de Fri Nov 17 13:48:04 2000 From: Lars.Roesch at living-systems.de (Lars.Roesch@living-systems.de) Date: Tue Dec 2 02:32:22 2003 Subject: (no subject) Message-ID: Hi. I know that a Win2000 client can't join a Samba (2.0.7) domain. But how is it on the other hand. Can a samba (2.0.7) Fileserver join a Win2000 domain. Has someone experience in doing that kind of way?? Thanks for your answer Lars R?sch From lebec at im3.inserm.fr Fri Nov 17 14:04:04 2000 From: lebec at im3.inserm.fr (Martial LEBEC) Date: Tue Dec 2 02:32:22 2003 Subject: NT logon's for Win PC's References: Message-ID: <3A153AD4.5C55D237@im3.inserm.fr> Shaun Lipscombe a ?crit : > > Folks, > > I have had this working since day one for 95/98 machines but I have > never thought much about this functionality for NT basically because > we only ever had NT servers that were independent (not domain model in > place). However times changes and slowly the NT workstations have > been creeping onto the corporate desktop (resistance is futile etc). > Don't worry the backbone to the network is and always will be (for as > long as I have a say in it) linux considering we have never had ANY > network downtime (and our samba box was up for 2 years only going down > to install a cd-burner recently making the netware box it replaced > look silly - although linux IPX/SPX bridging worked nicely back in the > days!). The question I here you ask? > > Well I don't know an awful lot about NT (well I do actually but not > from a networking point of view) and so I was wondering how to get NT > workstations to logon to my samba box and have login scripts run. > > I guess I *have* to setup a PDC? > > Shaun > > -- > (o_ > (o_ (o_ //\ > (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk Yes you have to setup a PDC. I think you will find all you want to knwo bout PDC looking at the following links : http://bioserve.biochem.latrobe.edu.au/samba/ http://www.oreilly.com/catalog/samba/ -> Online Book !! Martial Inserm U.468 CHU Henri Mondor 94010 CRETEIL FRANCE From Stefan.Textor at DSI-Project.de Fri Nov 17 11:09:00 2000 From: Stefan.Textor at DSI-Project.de (Stefan Textor) Date: Tue Dec 2 02:32:22 2003 Subject: unix password sync - samba 2.07 Message-ID: how do i catch the ?password will be truncated...?-stuff. if it occurrs, samba- and unixpassword looses sysncronisation. how to solve? BTW, on SuSE 7.0 i get always does anybody has a clue for me? regards stefan From kevinc at grainsystems.com Fri Nov 17 15:17:38 2000 From: kevinc at grainsystems.com (Kevin Colby) Date: Tue Dec 2 02:32:22 2003 Subject: (no subject) References: Message-ID: <3A154C12.D8A19713@grainsystems.com> Lars.Roesch@living-systems.de wrote: > > I know that a Win2000 client can't join a Samba (2.0.7) domain. But how > is it on the other hand. Can a samba (2.0.7) Fileserver join a Win2000 > domain. Has someone experience in doing that kind of way?? As a domain member, if the Win2000 PDC is running in mixed mode, yes. I have no personal experience with it, but it has been reported to work. - Kevin Colby kevinc@grainsystems.com From ccouple1 at swarthmore.edu Fri Nov 17 15:37:17 2000 From: ccouple1 at swarthmore.edu (ccouple1@swarthmore.edu) Date: Tue Dec 2 02:32:22 2003 Subject: (no subject) In-Reply-To: <3A154C12.D8A19713@grainsystems.com>; from kevinc@grainsystems.com on Fri, Nov 17, 2000 at 09:17:38AM -0600 References: <3A154C12.D8A19713@grainsystems.com> Message-ID: <20001117103717.E950@swarthmore.edu> On Fri, Nov 17, 2000 at 09:17:38AM -0600, Kevin Colby wrote: > Lars.Roesch@living-systems.de wrote: > > > > I know that a Win2000 client can't join a Samba (2.0.7) domain. But how > > is it on the other hand. Can a samba (2.0.7) Fileserver join a Win2000 > > domain. Has someone experience in doing that kind of way?? > > As a domain member, if the Win2000 PDC is running in mixed mode, yes. > I have no personal experience with it, but it has been reported to work. > > - Kevin Colby > kevinc@grainsystems.com > joining a mixed-mode domain works, but we've seen flakiness with setting access permissions on the samba fileserver from win2k clients (as well as NT clients) under this setup. chris couples From Eddie.Wimberly at robins.af.mil Fri Nov 17 19:02:55 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:22 2003 Subject: Win2k joined the domain - but I can't log on Message-ID: I have experienced the same exact problem. I have tried several different options and none seem to resolve this problem. Has anyone else seen this and fixed it? I am running the 2_2 branch downloaded Nov 16. I can join the domain but can't login using a username from smbpasswd. I can login to the Win2k box as local admin and browse to the samba box thru Network places. It then asks for a username/password, which I can enter one from the smbpasswd file and it lets me in and I can then see the shares on the samba box. But the goal is to be able to login using these accounts. Help please!!! I've read the archives, How-to docs, etc. Eddie From sharpe at ns.aus.com Fri Nov 17 21:33:34 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:23 2003 Subject: Win2k joined the domain - but I can't log on In-Reply-To: Message-ID: <3.0.6.32.20001118073334.00b1bd90@203.16.214.248> At 07:02 PM 11/17/00 +0000, Wimberly Eddie Contr WRALC/LYSFR wrote: >I have experienced the same exact problem. > >I have tried several different options and none seem to resolve this >problem. > >Has anyone else seen this and fixed it? > >I am running the 2_2 branch downloaded Nov 16. I can join the domain but >can't login using a username from smbpasswd. I can login to the Win2k box >as local admin and browse to the samba box thru Network places. It then >asks >for a username/password, which I can enter one from the smbpasswd file and >it >lets me in and I can then see the shares on the samba box. But the goal is >to >be able to login using these accounts. Well, I have been able to join a domain and logon and have my profiles used, etc. This was from Win2K professional to Samba 2.2.0, with a little patch. >Help please!!! I've read the archives, How-to docs, etc. > >Eddie > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From bob at meeker.urban.csuohio.edu Fri Nov 17 21:45:11 2000 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:32:23 2003 Subject: Finding my Samba PDC on a different subnet Message-ID: <200011172145.QAA26177@meeker.urban.csuohio.edu> Greetings all, We've recently moved to a new building and rolled out about 100 PCs now accessing our Suns using samba rather than Solstice Network Client and it has been great. I have a lab of NT 4.0 machines that had been using one of my Sun's as their PDC. In this building the labs are on a different subnet and have been unable to locate the PDC. I have the Lab machines configured to access the university WINS server and my samba machines also access the same WINS server. I have added a line to the LMHOSTS file on the NT 4.0 machines that looks like: xxx.xxx.xxx.xxx meeker #PRE #DOM:mydomain I have added the "domain master = yes" to the smb.conf file on my PDC. I found a line in "Special Edition Using Samba" which states "...and all SAMBA servers are configured to register with this WINS server..." But my best guess at how to "register" with the WINS server is by using the "domain master = yes" line in SMB.conf. So far nothing I have tried will allow my client machines to locate their PDC. What have I missed? It is possible for samba to act as a PDC for machines on a different subnet, is it not? Thanks, Bob Martel ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From Eddie.Wimberly at robins.af.mil Fri Nov 17 16:37:57 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:23 2003 Subject: pserver.samba.org/pub/unpacked/samba/source??? Message-ID: which branch is reflected in this directory tree? From Eddie.Wimberly at robins.af.mil Fri Nov 17 21:38:35 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:23 2003 Subject: Win2k joined the domain - but I can't log on Message-ID: > > >At 07:02 PM 11/17/00 +0000, Wimberly Eddie Contr WRALC/LYSFR wrote: >>I have experienced the same exact problem. >> >>I have tried several different options and none seem to resolve this >>problem. >> >>Has anyone else seen this and fixed it? >> >>I am running the 2_2 branch downloaded Nov 16. I can join the domain but >>can't login using a username from smbpasswd. I can login to the Win2k box >>as local admin and browse to the samba box thru Network places. It then >>asks >>for a username/password, which I can enter one from the smbpasswd file and >>it >>lets me in and I can then see the shares on the samba box. But the goal is >>to >>be able to login using these accounts. > >Well, I have been able to join a domain and logon and have my profiles >used, etc. This was from Win2K professional to Samba 2.2.0, with a little >patch. > I'm glad you have your configuration working. I would have thought that the 'little patch' would be checked into CVS. When did you download from cvs? I downloaded yesterday. If the patch is not in cvs, would you please post it and/or email it. BTW, I am trying to login using Win2k server, if that makes a difference. Thanks, Eddie >>Help please!!! I've read the archives, How-to docs, etc. >> >>Eddie >> >> > >Regards >------- >Richard Sharpe, sharpe@ns.aus.com >Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) >Contributing author, SAMS Teach Yourself Samba in 24 Hours >Author, Special Edition, Using Samba From gonzo at eng.lsu.edu Fri Nov 17 22:41:26 2000 From: gonzo at eng.lsu.edu (Steve Gonzales) Date: Tue Dec 2 02:32:23 2003 Subject: Win98 and Dialin Linux Message-ID: <004b01c050e7$86042560$ca192782@desgo1> Hello, all. I am attempting to use a RedHat 7.0 server as a dialin server for my NT network. I have the most current version of Mgetty, PPPD, and Samba installed from RPM's. I can connect and authenticate all the way into the network and view the servers and workstations inside the Network Neighborhood from the client. The trouble is that I am not able to open a server to see its shares. The client locks up. I am able to view shares on the Linux server from my NT PDC. I am also able to send smbclient messages from the Linux server to the NT PDC. I am also able to ping all of my servers and some Internet addresses from the client once I am "attached" to the NT network. I believe that PPP is working fine, but I could be wrong. That leaves Samba. Attached in my smb.conf. I address this message to both the Samba_NTDom and the Linux_Server lists so some of this message may apply to only one group or the other. My apologies if I am doing wrong. DIALIN SERVER I have taken the following steps for PPPD: /etc/ppp/Options is the following: asyncmap 0 netmask 255.255.248.0 ms-wins 130.39.3.2 ms-dns 130.39.3.5 proxyarp noauth lock crtscts modem Since I am using ttyS1 for the modem I have also edited the /etc/ppp/options.ttyS1 file to provide dynamic IP number allocation for my dial up users. I have run the command chmod u+s /usr/sbin/pppd. In /etc/bashrc I have added the alias: alias ppp="exec /usr/sbin/pppd -detach" WINDOWS 95 CLIENT I have set up a PPP DUN and have taken all the defaults, except that it uses pure TCP/IP and not NetBEUI. I also have the DUN client stopping and showing a terminal screen once connection is established so that I can log into the Samba server using a Linux userid as additional security to the NT authentication. TIA! Steven C. Gonzales (soon to be RHCE if I can survive this learning curve (-: ) Louisiana State University gonzo@eng.lsu.edu Division of Engineering Services 225.578.6069 (v) 3216G CEBA 225.578.5990 (f) Baton Rouge, LA 70803 -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 1397 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001117/5769d4e5/smb.obj From sharpe at ns.aus.com Fri Nov 17 23:42:31 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:23 2003 Subject: Win98 and Dialin Linux In-Reply-To: <004b01c050e7$86042560$ca192782@desgo1> Message-ID: <3.0.6.32.20001118094231.00b2d430@203.16.214.248> At 04:41 PM 11/17/00 -0600, Steve Gonzales wrote: >Hello, all. > >I am attempting to use a RedHat 7.0 server as a dialin server for my NT >network. I have the most current version of Mgetty, PPPD, and Samba >installed from RPM's. I can connect and authenticate all the way into the >network and view the servers and workstations inside the Network >Neighborhood from the client. The trouble is that I am not able to open a >server to see its shares. The client locks up. > >I am able to view shares on the Linux server from my NT PDC. I am also able >to send smbclient messages from the Linux server to the NT PDC. I am also >able to ping all of my servers and some Internet addresses from the client >once I am "attached" to the NT network. I believe that PPP is working fine, >but I could be wrong. That leaves Samba. Attached in my smb.conf. > >I address this message to both the Samba_NTDom and the Linux_Server lists so >some of this message may apply to only one group or the other. My apologies >if I am doing wrong. OK, it seems like you have done the right things, and WINS is defined ... Just to be sure, run up winipcfg/all and check that the WINS server is defined, but if you have authenticated, the WINS is probably defined. To sort this out now, we may need a packet trace ... grab one on the Linux box from ppp0 or wherever ... with tcpdump -i ppp0 -s 1500 -w ppp.cap Then uuencode it and send it to me. BTW, grab the trace when you are trying to browse a server from the Win98 box or access a server, etc. >DIALIN SERVER >I have taken the following steps for PPPD: > > >/etc/ppp/Options is the following: >asyncmap 0 >netmask 255.255.248.0 >ms-wins 130.39.3.2 >ms-dns 130.39.3.5 >proxyarp >noauth >lock >crtscts >modem > >Since I am using ttyS1 for the modem I have also edited the >/etc/ppp/options.ttyS1 file to provide dynamic IP number allocation for my >dial up users. > >I have run the command chmod u+s /usr/sbin/pppd. >In /etc/bashrc I have added the alias: alias ppp="exec >/usr/sbin/pppd -detach" > > > >WINDOWS 95 CLIENT >I have set up a PPP DUN and have taken all the defaults, except that it uses >pure TCP/IP and not NetBEUI. I also have the DUN client stopping and >showing a terminal screen once connection is established so that I can log >into the Samba server using a Linux userid as additional security to the NT >authentication. > >TIA! >Steven C. Gonzales (soon to be RHCE if I can survive this learning curve >(-: ) >Louisiana State University gonzo@eng.lsu.edu >Division of Engineering Services 225.578.6069 (v) >3216G CEBA 225.578.5990 (f) >Baton Rouge, LA 70803 > > >Attachment Converted: "c:\eudora\attach\smb1.con" > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From dyaya_2000 at yahoo.com Sat Nov 18 02:58:06 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:23 2003 Subject: Problems accessing a previously working Samba system References: <20001115200120.072D18423@lists.samba.org> Message-ID: <008701c0510b$61a0eb80$8d030201@smutu1> > From: Brian Boguhn > To: "'samba-ntdom@samba.org'" > Subject: Problems accessing a previously working Samba system > Date: Wed, 15 Nov 2000 08:32:43 -0800 > > I had not checked Samba running on my system, , in a few weeks. > When I went to access the other day, I was unable to via Windows > Explorer; I got that familiar window where it prompts for a username and > password, and keeps doing that no matter what is entered. > > As I had not accessed it in quite some time, the only thing I could figure > was that it wasn't working because I had changed passwords on my > domain account. However, my username on , which is the same as my > domain username, had its password changed at the same time to the same > thing. > > What I then did yesterday was to remove from , and > remove ..mac, machine.sid, and smbpasswd from > /usr/local/samba/private. I then, after putting back into the > domain via server manager, re-added using ./smbpasswd -j > -r (same command I've used to add all systems I've > configured with Samba to the domain) at its own console, as the instructions > say and as I have done before. I did this several times yesterday, and each > time after I did it and rebooted , I got the same issue of being > prompted for a username and password. > > Finally, I let it sit overnight. This morning I went through the same steps > of removing it from the domain, re-adding it, and then putting it in > (successfully, I might add - no error messages) with smbpasswd. When I try > to access it from Windows Explorer this morning, I get this: > > is not accessible. The remote procedure call failed. > > I rebooted the system, and the error still occurs. > Did you set "security = domain"? password server = NTPDC workgroup = NTPDC_Domain os level = 20 See the log file, some messages over there? yaya From albert_b at pacbell.net Sun Nov 19 20:52:07 2000 From: albert_b at pacbell.net (albert braun) Date: Tue Dec 2 02:32:23 2003 Subject: ideas for avoiding 'remote procedure call failed and did not execute' error Message-ID: <3A183D77.AB4889F4@pacbell.net> Hi I'm posting this because it took me a long time to find the solution to my problem of making W2K professional and Samba 2.0.5 to talk to each other nicely. I kept getting a 'remote procedure call failed and did not execute' error even though I had set 'encrypt passwords' = 'Yes'. It took a while to discover that I needed to set two additional parameters to 'no' in order to really make it work. In short, the three settings below worked for me, and may also be useful to you if you're trying to make a new W2k box talk to an existing samba server. Set these three parameters in smb.conf: encrypt passwords = Yes nt smb support = No nt pipe support = No I hope this saves someone some time. Best Regards, Albert Braun albert_b@pacbell.net From trunks at libero.it Sun Nov 19 20:31:32 2000 From: trunks at libero.it (trunks@libero.it) Date: Tue Dec 2 02:32:23 2003 Subject: Close a remote user session Message-ID: Hi to everybody. I need to close a user session from the server. All my client are Windows NT 4.0 sp6a and the server run SaMBa 2.2.0-alpha0. I had another problem win IE5: few days after installation there's no way to run IE5 correctly, it crash even if I try to close it with the X button. Any ideas? Thanks to everyone. From D.Bannon at latrobe.edu.au Sun Nov 19 22:57:55 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:23 2003 Subject: ideas for avoiding 'remote procedure call failed and did not execute' error In-Reply-To: <3A183D77.AB4889F4@pacbell.net> Message-ID: <3.0.6.32.20001120095755.008b9100@bioserve.latrobe.edu.au> At 12:52 PM 19/11/2000 -0800, albert braun wrote: >Hi > >I'm posting this because it took me a long time to find the solution to >my problem of making W2K professional and Samba 2.0.5 to talk to each >other nicely. I kept getting a 'remote procedure call failed and did not >execute' error even though I had set 'encrypt passwords' = 'Yes'. Albert, thanks for you efforts but if you are going to use W2K then you would be better looking at upgrading to a newer version of samba. 2.0.7 will share with W2K and the pre-release will let it join the domain (with some issues...). 2.0.5 was around before W2K was thought of (by samba anyway). david > >It took a while to discover that I needed to set two additional >parameters to 'no' in order to really make it work. > >In short, the three settings below worked for me, and may also be useful >to you if you're trying to make a new W2k box talk to an existing samba >server. > >Set these three parameters in smb.conf: > > encrypt passwords = Yes > nt smb support = No > nt pipe support = No > >I hope this saves someone some time. > >Best Regards, >Albert Braun >albert_b@pacbell.net > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Sun Nov 19 23:04:12 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:23 2003 Subject: NT logon's for Win PC's In-Reply-To: Message-ID: <3.0.6.32.20001120100412.008afa50@bioserve.latrobe.edu.au> At 10:49 AM 17/11/2000 +0000, Shaun Lipscombe wrote: > >Folks, > > >I guess I *have* to setup a PDC? hey, its not that bad. Have a look at the howto, piece of cake ! ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From albert_b at pacbell.net Mon Nov 20 00:47:34 2000 From: albert_b at pacbell.net (albert braun) Date: Tue Dec 2 02:32:23 2003 Subject: ideas for avoiding 'remote procedure call failed and did notexecute' error References: <3.0.6.32.20001120095755.008b9100@bioserve.latrobe.edu.au> Message-ID: <3A1874A6.CC289BD7@pacbell.net> David, Thanks for the advice. Anyway, I don't use my linux host as a PDC. Just wanted to share files across machines on my home network. That said, if you have any words of wisdom on installing Samba 2.0.7 on a SuSE 6.1 box, please let me know. The thought of upgrading Samba crossed my mind, but I wasn't able to find a nice binary rpm for installing 2.0.7 on my SuSE 6.1 box. Further guidance appreciated. Best Regards Albert David Bannon wrote: > > At 12:52 PM 19/11/2000 -0800, albert braun wrote: > >Hi > > > >I'm posting this because it took me a long time to find the solution to > >my problem of making W2K professional and Samba 2.0.5 to talk to each > >other nicely. I kept getting a 'remote procedure call failed and did not > >execute' error even though I had set 'encrypt passwords' = 'Yes'. > > Albert, thanks for you efforts but if you are going to use W2K then you > would be better looking at upgrading to a newer version of samba. 2.0.7 > will share with W2K and the pre-release will let it join the domain (with > some issues...). > > 2.0.5 was around before W2K was thought of (by samba anyway). > > david > > > > >It took a while to discover that I needed to set two additional > >parameters to 'no' in order to really make it work. > > > >In short, the three settings below worked for me, and may also be useful > >to you if you're trying to make a new W2k box talk to an existing samba > >server. > > > >Set these three parameters in smb.conf: > > > > encrypt passwords = Yes > > nt smb support = No > > nt pipe support = No > > > >I hope this saves someone some time. > > > >Best Regards, > >Albert Braun > >albert_b@pacbell.net > > > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! From nkoss at dr.com Mon Nov 20 07:21:31 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:23 2003 Subject: profiles and policies Message-ID: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Each time I log into the Samba network, The system seems to be copying a large number of files from the Server to the client computer. I would prefer that this not occur. My setup is just a small network and I do not require roaming profiles, but I would like to see more rapid logons and logoffs. I use Windows 98 for my clients and FreeBSD 4.1.1 on the gateway computer running Samba. Thank you From hergen.lange at olb.de Mon Nov 20 08:40:23 2000 From: hergen.lange at olb.de (Hergen Lange) Date: Tue Dec 2 02:32:23 2003 Subject: profiles and policies References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <3A18E377.2D4DB76A@olb.de> I remeber we just took following two parameters to smb.conf global section LOGON DRIVE =E: LOGON PATH = Yes it's empty. We have no profile directories on our server drive. We are using WIN-NT and Samba 2.0.7 Neal Koss schrieb: > Each time I log into the Samba network, The system seems to be copying a > large number of files from the Server to the client computer. I would > prefer that this not occur. > > My setup is just a small network and I do not require roaming profiles, but > I would like to see more rapid logons and logoffs. I use Windows 98 for my > clients and FreeBSD 4.1.1 on the gateway computer running Samba. > > Thank you -------------- next part -------------- A non-text attachment was scrubbed... Name: hergen.lange.vcf Type: text/x-vcard Size: 303 bytes Desc: Visitenkarte für Hergen Lange Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001120/c74474d4/hergen.lange.vcf From eirvine at tpgi.com.au Mon Nov 20 09:50:59 2000 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:32:23 2003 Subject: profiles and policies References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <3A18F403.62FDFFE@tpgi.com.au> Hi Neal, I have always used roaming profiles, so I've never tried to turn it off. However, If your users are saving their files to either the My Documents folder or on to their Desktop, then they are by default saving to their own profile, thus increasing its size, thus increasing the logon time. Perhaps you could convince your users to save somewhere better? Hope this helps. Eddie. Neal Koss wrote: > > Each time I log into the Samba network, The system seems to be copying a > large number of files from the Server to the client computer. I would > prefer that this not occur. > > My setup is just a small network and I do not require roaming profiles, but > I would like to see more rapid logons and logoffs. I use Windows 98 for my > clients and FreeBSD 4.1.1 on the gateway computer running Samba. > > Thank you From Christian.Duclou at eeigm.inpl-nancy.fr Mon Nov 20 10:10:08 2000 From: Christian.Duclou at eeigm.inpl-nancy.fr (Christian Duclou) Date: Tue Dec 2 02:32:23 2003 Subject: profiles and policies References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <3A18F880.D70654EE@eeigm.inpl-nancy.fr> Hi, Did you try to change mode on profile directory, something like that: Neal Koss wrote: > Each time I log into the Samba network, The system seems to be copying a > large number of files from the Server to the client computer. I would > prefer that this not occur. > > My setup is just a small network and I do not require roaming profiles, but > I would like to see more rapid logons and logoffs. I use Windows 98 for my > clients and FreeBSD 4.1.1 on the gateway computer running Samba. > > Thank you -- _____________ EEIGM - Service Informatique _____________ 6, rue Bastien LEPAGE / F-54010 NANCY - CEDEX - France Phone: +33 383.3683.27 / Fax: +33 383.3683.36 _______________ http://eeigm.inpl-nancy.fr _____________ From shaun.lipscombe at gasops.co.uk Mon Nov 20 09:48:59 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:23 2003 Subject: ideas for avoiding 'remote procedure call failed and did notexecute' error In-Reply-To: albert braun's message of "Sun, 19 Nov 2000 16:47:34 -0800" References: <3.0.6.32.20001120095755.008b9100@bioserve.latrobe.edu.au> <3A1874A6.CC289BD7@pacbell.net> Message-ID: * "albert" == albert braun writes: > That said, if you have any words of wisdom on installing Samba > 2.0.7 on a SuSE 6.1 box, please let me know. The thought of > upgrading Samba crossed my mind, but I wasn't able to find a nice > binary rpm for installing 2.0.7 on my SuSE 6.1 box. Further > guidance appreciated. You could always make your own rpm. I would offer advice but I use debian so the process is different I guess. Failing that you can always install from source under /usr/local here the bin files will go under /usr/local/bin so if you are using inetd to start the nmbd/smbd daemons you can just modify the path to the bin files in the inetd.conf Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From trunks at dei.unipd.it Mon Nov 20 10:55:36 2000 From: trunks at dei.unipd.it (Garbellotto Vittorio 412371/IF) Date: Tue Dec 2 02:32:23 2003 Subject: Remote user disconnect Message-ID: Hi to everyone, I need to disconnect a user working on a WinNT Workstation 4.0 sp6a PC from my Linux SaMBa server (2.2.0-alpha0). There'a any way? Do I need to install al ssh server on every PC and then run a some program in that machine? Goodbye From shaun.lipscombe at gasops.co.uk Mon Nov 20 11:45:55 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:23 2003 Subject: Sending popup messages Message-ID: Is there anyway at all to send a message to a win95 machine (smbclient -M) without them running winpopup? A friend of mine has had this working before but he cannot remember how he did it. Something to do with msgsvr32.... I think.. Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From shaun.lipscombe at gasops.co.uk Mon Nov 20 12:43:55 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:23 2003 Subject: Changing passwords from a win machine Message-ID: The update encrypted option is working nicely (thanks to who ever suggested that!). How do users change their passwords if they have no shell access? Can you use any windows tool that the users will find easy to use? I have found that net password is not supported but using a DOS command scares the users enough anyway so surely there must be some windowy way of doing it? Sorry if this a silly question. Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From gcarter at valinux.com Mon Nov 20 14:44:02 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:23 2003 Subject: pserver.samba.org/pub/unpacked/samba/source??? References: Message-ID: <3A1938B2.1E4DEBDF@valinux.com> Wimberly Eddie Contr WRALC/LYSFR wrote: > > which branch is reflected in this directory tree? Looks like HEAD. Never knew it was there to be honest. ftp://pserver.samba.org/pub/unpacked/samba/source/include/version.h #define VERSION "pre-3.0.0" Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From ivan at uma.at Mon Nov 20 15:48:46 2000 From: ivan at uma.at (Ivan Iliev) Date: Tue Dec 2 02:32:23 2003 Subject: Samba/Explorer Problems References: <3A183D77.AB4889F4@pacbell.net> Message-ID: <3A1947DE.DE685417@uma.at> Hi, Some days ago, someone posted here, that he had a problem with samba and explorer shell that get killed. There were no replies to the list on this topic. I have the same problem with TNG 2.6 PDC and W2K Workstation (actually two of them). Every time, a user clicks on the right mouse button, the explorer (shell) restarts, because of error. Is there any solution to the problem, or a clue, why this happens? And once more question: I have tried to move the domain from TNG 2.6 to Samba 2.2.0. After renaming DOMAIN.SID to MACHINE.SID, cleaning the smb.conf from the TNG-params and moving the old smbpasswd to the private_dir of the 2.2.0, I have succeeded with logging into the domain. The problem I had were the profiles. The users couldn't save or customize anything. Is it possible to move to 2.2.0 from TNG, using the old domain, users, machines settings? best regards Ivan From ppakorn at hotmail.com Mon Nov 20 16:29:43 2000 From: ppakorn at hotmail.com (Pakorn Pan-ajchariya) Date: Tue Dec 2 02:32:23 2003 Subject: The procedure number is out of range Message-ID: Hi Everybody I got the follow error message: "The procedure number is out of range" When tried to log into samba PDC from Win2K box. I'm pretty sure that the samba box was configured correctly, because I can log in from NT4 boxes. No problem at all. Anyone have ever seen this error? Please suggest me how to solve it. Thank you Pak _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. From shaun.lipscombe at gasops.co.uk Mon Nov 20 16:52:28 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:23 2003 Subject: How to make changes and not disrupt users.. Message-ID: How do I modify the $LIB/smb.conf without disrupting users when I do a killall -HUP smbd; killall -HUP nmbd. Cheers, Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From ak at dkp.com Mon Nov 20 17:47:10 2000 From: ak at dkp.com (Andrew Klaassen) Date: Tue Dec 2 02:32:23 2003 Subject: Samba/Explorer Problems In-Reply-To: <3A1947DE.DE685417@uma.at>; from ivan@uma.at on Mon, Nov 20, 2000 at 04:48:46PM +0100 References: <3A183D77.AB4889F4@pacbell.net> <3A1947DE.DE685417@uma.at> Message-ID: <20001120124708.A20021@key.dkp.com> On Mon, Nov 20, 2000 at 04:48:46PM +0100, Ivan Iliev wrote: > Hi, > > Some days ago, someone posted here, that he had a problem with > samba and explorer shell that get killed. > > There were no replies to the list on this topic. I have the > same problem with TNG 2.6 PDC and W2K Workstation (actually > two of them). Every time, a user clicks on the right mouse > button, the explorer (shell) restarts, because of error. I have had something somewhat similar happen with NT and TNG. In my case it was the result of some odd problem with the local versions of the users' profiles. I just deleted the local copy of the roaming profile (in c:\winnt\profiles\username) and everything would be fine again - until someone decided to "use local copy of profile" rather than downloading their profile when the NT login asked them what they wanted to do. Specifically, here's what would happen in our case: Explorer would die, generating a "Dr Watson" thingy, then restart, whenever the user tried to close a window or access an item in the Start menu. (This led to an interesting logout problem for inexperienced users; they'd try to log out, but NT would generate the exception and bump them right back into Explorer. The only way to break the cycle was with Ctrl-Alt-Del.) Andrew Klaassen From dobos_s at IBCnet.hu Mon Nov 20 17:43:07 2000 From: dobos_s at IBCnet.hu (dobos_s@IBCnet.hu) Date: Tue Dec 2 02:32:23 2003 Subject: netbios aliases and %L not working in TNG cvs Message-ID: I tried the cvs version of tng and found, that the netbios aliases and %L config parameter are not working. I see only pdc's shares, but under pdc and under sv-itgroup server too. Any ideas? smb.conf: *************************************** [global] workgroup = mydomain netbios name = pdc netbios aliases = sv-office server string = Samba NT emulation %v passwd program = /usr/local/samba-tng/bin/pwchanger %u passwd chat = password: %n\n *OK* unix password sync = yes encrypt passwords = yes update encrypted = yes smb passwd file = /usr/local/samba-tng/private/smbpasswd min password length = 1 message command = /usr/bin/logger -is -p kern.err Message from %f on %m; /usr/bin/logger -is -p kern.err -f %s; rm %s & load printers = no socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE max log size = 5000 log level = 10 debug timestamp = no debug pid = yes debug uid = yes name resolve order = wins lmhosts host bcast preserve case = yes short preserve case = yes guest account = nobody unix realname = yes map hidden = no map system = no map archive = no os level = 65 local master = yes domain master = yes preferred master = yes time server = yes wins support = yes wins hook = /usr/local/samba-tng/bin/dns_update security = user domain logons = yes logon script = scripts/%U.bat logon path = \\pdc\profiles\%U logon drive = X: logon home = \\pdc\%U browseable = no domain group map = /usr/local/samba-tng/private/domaingroup.map domain user map = /usr/local/samba-tng/private/domainuser.map local group map = /usr/local/samba-tng/private/localgroup.map include = /usr/local/samba-tng/lib/smb.conf.%L smb.conf.pdc: *************************************** [netlogon] comment = Directory for NETLOGON service and login scripts volume = NETLOGON service path = /home/pdc/shares/pdc/netlogon locking = no guest ok = yes writable = no write list = +dadmins browseable = no [profiles] comment = Directory for user profiles volume = User profiles path = /home/pdc/users/profiles browseable = no writable = yes create mask = 0700 directory mask = 0700 [homes] comment = User home directories volume = %U's home browseable = no writable = yes public = no create mask = 0700 directory mask = 0700 [install] comment = install volume = "install" path = /home/pdc/shares/pdc/install browseable = yes writable = yes public = no create mask = 0664 directory mask = 0775 smb.conf.sv-office: ******************************* [minoseg] comment = ISO team's share volume = "iso documents" path = /home/pdc/shares/sv-office/minoseg browseable = yes writable = yes public = no create mask = 0660 directory mask = 0770 From pilger at kahana.higp.hawaii.edu Mon Nov 20 19:01:13 2000 From: pilger at kahana.higp.hawaii.edu (Eric Pilger) Date: Tue Dec 2 02:32:23 2003 Subject: Procedure number out of range Message-ID: <3A1974F9.48746000@higp.hawaii.edu> Just something to add to the pot that may or may not be a clue. I try to join the domain. First attempt, with root, I always get "Procedure number out of range". Second attempt, I get something like "Account you are using is a UNIX account. Try a local or global account" and then it disables the root entry in smbpasswd (sets it to DW). I have applied the patch. My smb.conf follows. # Global parameters [global] security = user status = yes workgroup = HIGPTEST domain admin users = root pilger encrypt passwords = Yes domain logons = yes password level = 1 debug level = 3 log file = /var/log/sambalog announce version = 4.0 name resolve order = wins host bcast os level = 65 local master = Yes wins server = 128.171.4.175 NIS homedir = Yes create mask = 0775 force create mode = 0775 force directory mode = 02000 hosts allow = 128.171.4. 127. [aux0] path = /aux0 writeable = Yes [aux1] path = /aux1 writeable = Yes [aux2] path = /aux2 writeable = Yes [users] path = /home writeable = Yes [homes] writeable = Yes [shared] path = /local/shared writeable = Yes [netlogon] path = /etc/samba_2_2/netlogon writeable = no guest ok = no -- Eric J. Pilger Systems Administrator Hawaii Institute of Geophysics and Planetology/SOEST pilger@pgd.hawaii.edu (808)956-6321 From a_sharanin at mail.ru Mon Nov 20 19:16:16 2000 From: a_sharanin at mail.ru (Alex Sharanin) Date: Tue Dec 2 02:32:23 2003 Subject: Installing Samba 2.2.0-alpha0 Message-ID: <002701c05326$eeb5ac00$362222d4@alexhome> Just downloading This Samba, run script confugure- Got error(linux RH6.2) ERROR : no locking available Running Samba would be unsafe.... What does it mean? try to compile it on other host - All OK, make install- OK, try to run SWAT - it prompts me for username-password, I enter root & root's password - authentication fail(or something like) - SWAT don't accept any user/password pair, which exists on this host, try 'swat -a' - Nothing changed to the end - I made Samba to be logon server; Win98 workstation succesfully entered domain but- when I tryed to share it's drive with user-level security I was unable to get userlist from Samba server(there was only 'everyone' in this list). I have read documentation, and wrote 'domain user map' and 'domain group map' files-but got message "User list is not avalaible now" Will anybody help me? Thanks in advance for any suggestions Alex Sharanin, Nizhniy Novgorod, Ru Sorry for bad English From kris.ozzy at lineone.net Mon Nov 20 19:21:43 2000 From: kris.ozzy at lineone.net (Kristyan Osborne) Date: Tue Dec 2 02:32:23 2003 Subject: Sending popup messages Message-ID: <01C05327.1F8AE480.kris.ozzy@lineone.net> Hi, Try some of these: I use this one out of prefrence. http://www.andtechnologies.com/apopup.html or try http://www.sci.fi/~anhakkar/justpopup/home.html Kris ------------- Computers are like airconditioners: They stop working properly if you open windows. Win95: A 32-bit patch for a 16-bit GUI shell running on top of an 8-bit operating system written for a 4-bit processor by a 2-bit company who cannot stand 1 bit of competition. -----Original Message----- From: Shaun Lipscombe [SMTP:shaun.lipscombe@gasops.co.uk] Sent: 20 November 2000 11:46 To: samba-ntdom@us5.samba.org Subject: Sending popup messages Is there anyway at all to send a message to a win95 machine (smbclient -M) without them running winpopup? A friend of mine has had this working before but he cannot remember how he did it. Something to do with msgsvr32.... I think.. Shaun -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From k.blin at gmx.net Mon Nov 20 18:54:29 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:23 2003 Subject: samba_2_2 cvs download Message-ID: <20001120195429.A13912@molgen-6.iah.medizin.uni-tuebingen.de> Hi, folks Maybe I'm just too stupid, but I don't manage to get samba 2.2 via cvs. I do a cvs -d :pserver:cvs@pserver.samba.org:/cvsroot login log in. so far so good Then I do a cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co samba_2_2 And I get cvs server: cannot find module amba_2_2' - ignored cvs [checkout aborted]: cannot expand modules I do get samba and sambaweb, though. I'm shure it's something simple and I'm too stupid, but could anybody give me a hint? %) Thanks in advance Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- We really don't have any enemies. It's just that some of our best friends are trying to kill us. From gcarter at valinux.com Mon Nov 20 20:12:20 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:23 2003 Subject: samba_2_2 cvs download References: <20001120195429.A13912@molgen-6.iah.medizin.uni-tuebingen.de> Message-ID: <3A1985A4.7853B1C7@valinux.com> Kai Blin wrote: > > Hi, folks > > Maybe I'm just too stupid, but I don't manage to get samba 2.2 via cvs. > I do a > cvs -d :pserver:cvs@pserver.samba.org:/cvsroot login > log in. so far so good > Then I do a > cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co samba_2_2 .... co -r SAMBA_2_2 samba Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From kevinko at mail.ece.umn.edu Mon Nov 20 22:25:32 2000 From: kevinko at mail.ece.umn.edu (Kevin KleinOsowski) Date: Tue Dec 2 02:32:23 2003 Subject: code page does not exist Message-ID: I have inquired about this before, but got no response. I am using the TNG-alpha version of samba right out of cvs. I get the error message [2000/11/20 16:20:05, 0] lib/charset.c:load_client_codepage(215) load_client_codepage: filename /usr/local/samba-tng/lib/codepages/codepage.000 does not exist. in the log.samedit file. I heard solutions to this might be to list a code page in smb.conf like client code page = 850 However that does not work for me. Anyone have a fix? Kevin From anders at aae.wisc.edu Mon Nov 20 10:02:51 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:24 2003 Subject: netbios aliases and %L not working in TNG cvs In-Reply-To: ; from dobos_s@IBCnet.hu on Mon, Nov 20, 2000 at 06:43:07PM +0100 References: Message-ID: <20001120160251.B11850@anders-ibm.dyn.dhs.org> Samba-TNG is no longer a part of samba, but a separate project. see samba-tng.org --Anders On Mon, Nov 20, 2000 at 06:43:07PM +0100, dobos_s@IBCnet.hu wrote: > I tried the cvs version of tng and found, that the netbios aliases and %L > config parameter are not working. > I see only pdc's shares, but under pdc and under sv-itgroup server too. > Any ideas? > > smb.conf: > *************************************** > [global] > workgroup = mydomain > netbios name = pdc > netbios aliases = sv-office > server string = Samba NT emulation %v > > passwd program = /usr/local/samba-tng/bin/pwchanger %u > passwd chat = password: %n\n *OK* > unix password sync = yes > encrypt passwords = yes > update encrypted = yes > smb passwd file = /usr/local/samba-tng/private/smbpasswd > min password length = 1 > > message command = /usr/bin/logger -is -p kern.err Message from %f on > %m; /usr/bin/logger -is -p kern.err -f %s; rm %s & > load printers = no > socket options = IPTOS_LOWDELAY TCP_NODELAY SO_KEEPALIVE > max log size = 5000 > log level = 10 > debug timestamp = no > debug pid = yes > debug uid = yes > name resolve order = wins lmhosts host bcast > preserve case = yes > short preserve case = yes > guest account = nobody > unix realname = yes > map hidden = no > map system = no > map archive = no > > os level = 65 > local master = yes > domain master = yes > preferred master = yes > time server = yes > wins support = yes > wins hook = /usr/local/samba-tng/bin/dns_update > security = user > > domain logons = yes > logon script = scripts/%U.bat > logon path = \\pdc\profiles\%U > logon drive = X: > logon home = \\pdc\%U > browseable = no > > domain group map = /usr/local/samba-tng/private/domaingroup.map > domain user map = /usr/local/samba-tng/private/domainuser.map > local group map = /usr/local/samba-tng/private/localgroup.map > > include = /usr/local/samba-tng/lib/smb.conf.%L > > > > smb.conf.pdc: > *************************************** > [netlogon] > comment = Directory for NETLOGON service and login scripts > volume = NETLOGON service > path = /home/pdc/shares/pdc/netlogon > locking = no > guest ok = yes > writable = no > write list = +dadmins > browseable = no > > [profiles] > comment = Directory for user profiles > volume = User profiles > path = /home/pdc/users/profiles > browseable = no > writable = yes > create mask = 0700 > directory mask = 0700 > > [homes] > comment = User home directories > volume = %U's home > browseable = no > writable = yes > public = no > create mask = 0700 > directory mask = 0700 > > [install] > comment = install > volume = "install" > path = /home/pdc/shares/pdc/install > browseable = yes > writable = yes > public = no > create mask = 0664 > directory mask = 0775 > > > > smb.conf.sv-office: > ******************************* > > > [minoseg] > comment = ISO team's share > volume = "iso documents" > path = /home/pdc/shares/sv-office/minoseg > browseable = yes > writable = yes > public = no > create mask = 0660 > directory mask = 0770 > > > > > > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From bob at meeker.urban.csuohio.edu Mon Nov 20 22:08:02 2000 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:32:24 2003 Subject: PDC cannot be found - different subnet Message-ID: <200011202208.RAA00810@meeker.urban.csuohio.edu> Greetings all, have a lab of NT 4.0 machines on a different subnet from the smaba server acting as PDC. We rely on the university for WINS service. My lab machines are unable to find the PDC for their domain now that they are on a different subnet from the server. The server is configured to use WINS as are the NT 4.0 clients. It looks as if the samba server is NOT registering itself with the WINS server. An "nbtstat -a sambaserver" yields a result of name not found. I can see entries for other NT servers, but not for *any* of our SAMBA servers. What do I have to do to get SAMBA to register with the WINS server so that the clients can find their PDC? The SAMBA servers are configured to use WINS, the PDC -acting machine is also configured to be the domain master browser. The NT machines are configured via DHCP, but even when I plug numbers into the settings by hand I get the same results. Samba *can* be the PDC for clients on another subnet, right? What have I missed? Everything worked like a charm when everything was on the same subnet. Why won't the Samba servers register themselves with the WINS server? Thanks, Bob ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From jacek at mer.chemia.polsl.gliwice.pl Mon Nov 20 22:34:40 2000 From: jacek at mer.chemia.polsl.gliwice.pl (Jacek Stolarczyk) Date: Tue Dec 2 02:32:24 2003 Subject: Plea for advice: 2.0.7 or 2.2cvs? Message-ID: <00112023344000.00816@calthe> Hi, I will be in the next two days installing a server in a new lab (server will be running RH7.0 Linux, custom install or patched RH 6.2) which will be supposed to run as a PDC for about 20 stations running NT4.0 SP6 (actually these will be dual boot stations running Linux and NT). Neither Win2000 nor Win98 will be running in the environment in the near future though some may appear in by the end of the year. Now, coming to my question: what samba version should I use? a) 2.0.7 b) SAMBA_2_2 cvs branch c) wait (probably just a few days) for 2.2alpha1 This is a scientific and students' lab so the stability is needed but no critical equipment is there. Server data are to be backed up regularly. I have read instructions on David Bannon's great site but I'm still not sure which one too choose. I have been successfully running samba 2.0.5a as a PDC in a smaller lab in mixed Win98 & WinNT4.0 & Linux environment so I know that basic functionality is there (in 2.0.x versions). Do the additional features in 2.2 version balance the (presumably) worse stability of an alpha version? Regards, Jacek Stolarczyk -- jstolarz@kde.org Coordinator of Polish translations of KDE netadmin of Faculty of Chemistry, Silesian Univ. of Techn. From joseph at wigwamlab.com Mon Nov 20 22:44:30 2000 From: joseph at wigwamlab.com (Joseph Crawley) Date: Tue Dec 2 02:32:24 2003 Subject: samedit script -c problems Message-ID: <3A19A94E.CA753C9D@wigwamlab.com> Hey, I'm trying to use samedit to change passwords through a script. The script look like this. samedit -S$SAMBASERVER -Uroot%xxxxxx -c $com where com='samuserset '$username' -p'$newpassword In this case samedit thinks the -p is meant for it and not for samuserset and fails. Samedit claims that the commnad should be ` surrounded not '. But of course shell doesn't like `. And escapeing them doesn't seem to work. Has anyone gotten this to work properly. thanks Joseph -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 2484 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001120/bf8019d5/smime.bin From PCalkins at OEMSupport.com Mon Nov 20 23:33:13 2000 From: PCalkins at OEMSupport.com (Patrick Calkins) Date: Tue Dec 2 02:32:24 2003 Subject: Samba vs NFS with SFU Message-ID: <20DD62956F435141ACDA69B2989B446B309CEB@orion.oem.oemsupport.com> I have been using Samba for a few months, and have several Win2K clients. As Samba does not officially support domain logons for Win2K clients yet, what would I loose/gain from going to the native unix way of networking filesystems with NFS and installing the Services For Unix on each of the Win2K clients? Would this be a better solution for the time, until Samba fully supports acting as a PDC for Win2K clients ??? Thanks --Patrick From nkoss at dr.com Mon Nov 20 23:58:51 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:24 2003 Subject: profiles and policies In-Reply-To: <3A18E377.2D4DB76A@olb.de> References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <5.0.0.25.2.20001120155541.00aa50d0@mail.pv1.ca.home.com> Sorry, this is not clear. Do you mean just to add 2 statements to my [global] section? These refer to my Win98 computer of course. What disk do I put in place of your 'E:'? And what did you mean that you have no 'profile directories on our server drive'? Sorry for the dumb questions... At 09:40 AM 11/20/00 +0100, Hergen Lange wrote: >I remeber we just took following two parameters to smb.conf global section >LOGON DRIVE =E: >LOGON PATH = >Yes it's empty. We have no profile directories on our server drive. >We are using WIN-NT and Samba 2.0.7 > > > >Neal Koss schrieb: > >> Each time I log into the Samba network, The system seems to be copying a >> large number of files from the Server to the client computer. I would >> prefer that this not occur. >> >> My setup is just a small network and I do not require roaming profiles, but >> I would like to see more rapid logons and logoffs. I use Windows 98 for my >> clients and FreeBSD 4.1.1 on the gateway computer running Samba. >> >> Thank you > From nkoss at dr.com Tue Nov 21 00:07:24 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:24 2003 Subject: profiles and policies In-Reply-To: <3A18F403.62FDFFE@tpgi.com.au> References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <5.0.0.25.2.20001120155920.00aa8950@mail.pv1.ca.home.com> It's not the use of the roaming profiles that is the problem. I just don't need them. My network is just the 2 computers in my home and I always logon from my machine. But I'm sorry, I just don't understand what you meant by the users saving their files.... I thought (for example, in Eudora) that I was saving to a subdirectory of my main Eudora directory, but I find that somehow Win98 and Samba have changed that to C:\windows\profiles\neal\application data\qualcomm\eudora. I never set that up! Similarly, some other programs have ended up with their data directories there too. Are these being refreshed with each logon also? This is what I am trying to avoid since it just adds time to the logon. Thanks.... At 08:50 PM 11/20/00 +1100, eirvine wrote: >Hi Neal, > >I have always used roaming profiles, >so I've never tried to turn it >off. However, If your users are >saving their files to either the >My Documents folder or on to their >Desktop, then they are by default >saving to their own profile, thus >increasing its size, thus increasing >the logon time. > >Perhaps you could convince your users >to save somewhere better? > >Hope this helps. > >Eddie. > >Neal Koss wrote: >> >> Each time I log into the Samba network, The system seems to be copying a >> large number of files from the Server to the client computer. I would >> prefer that this not occur. >> >> My setup is just a small network and I do not require roaming profiles, but >> I would like to see more rapid logons and logoffs. I use Windows 98 for my >> clients and FreeBSD 4.1.1 on the gateway computer running Samba. >> >> Thank you From nkoss at dr.com Tue Nov 21 00:14:27 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:24 2003 Subject: profiles and policies In-Reply-To: <3A18FA81.228E7F0A@eeigm.inpl-nancy.fr> References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> Message-ID: <5.0.0.25.2.20001120161326.00aab0b0@mail.pv1.ca.home.com> Sorry, I don't understand. What mode are you referring to? At 11:18 AM 11/20/00 +0100, Christian Duclou wrote: >Hi, >Did you try to change mode of the users's profile directory on the server? >Maybe, something like that should help you: > >[root@m0061 lpd]# ls -l /home/eleves/2000cnama0/wimbeec/ >drwxr-x--- 16 root info 1024 oct 25 08:23 profile > >Christian. > >Neal Koss wrote: > >> Each time I log into the Samba network, The system seems to be copying a >> large number of files from the Server to the client computer. I would >> prefer that this not occur. >> >> My setup is just a small network and I do not require roaming profiles, but >> I would like to see more rapid logons and logoffs. I use Windows 98 for my >> clients and FreeBSD 4.1.1 on the gateway computer running Samba. >> >> Thank you > >-- >_____________ EEIGM - Service Informatique _____________ > 6, rue Bastien LEPAGE / F-54010 NANCY - CEDEX - France > Phone: +33 383.3683.27 / Fax: +33 383.3683.36 >_______________ http://eeigm.inpl-nancy.fr _____________ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Neal Koss, MD nkoss@dr.com Eudora Pro 5.0 3655 Lomita Blvd, #215 310-375-7574 Torrance, CA 90505-1916 FAX: 375-6685 http://www.checkthegrid.com Before you go to the movies...Check The Grid! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From D.Bannon at latrobe.edu.au Tue Nov 21 00:22:38 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:24 2003 Subject: The procedure number is out of range In-Reply-To: Message-ID: <3.0.6.32.20001121112238.008a98a0@bioserve.latrobe.edu.au> At 04:29 PM 20/11/2000 GMT, Pakorn Pan-ajchariya wrote: >"The procedure number is out of range" Unfortuantly you have not mentioned what version of samba you are using. There has been a suggestion that this problem crops up with Samba2.2prealpha0 snapshot downloaded via http or ftp but not if you get the newer version via CVS. Can you please indicate how you obtained the version of samba you are using ?? David > >When tried to log into samba PDC from Win2K box. >I'm pretty sure that the samba box was configured correctly, >because I can log in from NT4 boxes. No problem at all. >Anyone have ever seen this error? > >Please suggest me how to solve it. > > > >Thank you >Pak >_________________________________________________________________________ >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > >Share information about yourself, create your own public profile at >http://profiles.msn.com. > > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Tue Nov 21 00:24:49 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:24 2003 Subject: Changing passwords from a win machine In-Reply-To: Message-ID: <3.0.6.32.20001121112449.008d4c00@bioserve.latrobe.edu.au> At 12:43 PM 20/11/2000 +0000, Shaun Lipscombe wrote: > >The update encrypted option is working nicely (thanks to who ever >suggested that!). How do users change their passwords if they have no >shell access? Can you use any windows tool that the users will find >easy to use? I have found that net password is not supported but >using a DOS command scares the users enough anyway so surely there >must be some windowy way of doing it? On WinNT, Crtl-Alt-Del -> A number of people have custom web based systems to cater for W95 users. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From anders at aae.wisc.edu Mon Nov 20 12:46:56 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:24 2003 Subject: How to make changes and not disrupt users.. In-Reply-To: ; from shaun.lipscombe@gasops.co.uk on Mon, Nov 20, 2000 at 04:52:28PM +0000 References: Message-ID: <20001120184656.A12439@anders-ibm.dyn.dhs.org> Modify the file, run testparm to check that the configuration is ok, and wait :) All new smbd processes will read the new smb.conf. This means that some user who needs the changes should disconnect (or maybe even log out) and the changes should appear. --Anders On Mon, Nov 20, 2000 at 04:52:28PM +0000, Shaun Lipscombe wrote: > > How do I modify the $LIB/smb.conf without disrupting users when I do a > killall -HUP smbd; killall -HUP nmbd. > > Cheers, > > Shaun > > -- > (o_ > (o_ (o_ //\ > (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From ed at schernau.com Tue Nov 21 01:03:18 2000 From: ed at schernau.com (Edward Schernau) Date: Tue Dec 2 02:32:24 2003 Subject: Samba vs NFS with SFU References: <20DD62956F435141ACDA69B2989B446B309CEB@orion.oem.oemsupport.com> Message-ID: <3A19C9D6.2D604819@schernau.com> From D.Bannon at latrobe.edu.au Tue Nov 21 01:10:07 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:24 2003 Subject: Samba vs NFS with SFU In-Reply-To: <20DD62956F435141ACDA69B2989B446B309CEB@orion.oem.oemsuppor t.com> Message-ID: <3.0.6.32.20001121121007.008d26a0@bioserve.latrobe.edu.au> At 03:33 PM 20/11/2000 -0800, Patrick Calkins wrote: >I have been using Samba for a few months, and have several Win2K clients. As >Samba does not officially support domain logons for Win2K clients yet, what >would I loose/gain from going to the native unix way of networking >filesystems with NFS and installing the Services For Unix on each of the >Win2K clients? Would this be a better solution for the time, until Samba >fully supports acting as a PDC for Win2K clients ??? Thanks > The 2.2 alpha release does (unofficially) support W2K, some people are having problems but as its going to be the future, I'd certainly not dismiss it at this stage. See the FAQ on the cod page. David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From anders at aae.wisc.edu Mon Nov 20 14:15:41 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:24 2003 Subject: profiles and policies In-Reply-To: <5.0.0.25.2.20001120155920.00aa8950@mail.pv1.ca.home.com>; from nkoss@dr.com on Mon, Nov 20, 2000 at 04:07:24PM -0800 References: <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> <3A18F403.62FDFFE@tpgi.com.au> <5.0.0.25.2.20001120155920.00aa8950@mail.pv1.ca.home.com> Message-ID: <20001120201540.B12509@anders-ibm.dyn.dhs.org> On Mon, Nov 20, 2000 at 04:07:24PM -0800, Neal Koss wrote: > It's not the use of the roaming profiles that is the problem. I just don't > need them. My network is just the 2 computers in my home and I always logon > from my machine. But I'm sorry, I just don't understand what you meant by > the users saving their files.... I thought (for example, in Eudora) that I > was saving to a subdirectory of my main Eudora directory, but I find that > somehow Win98 and Samba have changed that to > C:\windows\profiles\neal\application data\qualcomm\eudora. I never set that This is a "feature" in Eudora... Windows/Samba did not actively change that, altough Eudora did due to the presence of user Profiles on Windows I believe that someone suggested LOGON PATH = E: PROFILE PATH = in smb.conf LOGON PATH describes where the netlogon share is to be, and where the logon scripts should be run from. PROFILE PATH = will tell WINDOWS not to copy the profiles. > up! Similarly, some other programs have ended up with their data > directories there too. Are these being refreshed with each logon also? This > is what I am trying to avoid since it just adds time to the logon. Thanks.... > > At 08:50 PM 11/20/00 +1100, eirvine wrote: > >Hi Neal, > > > >I have always used roaming profiles, > >so I've never tried to turn it > >off. However, If your users are > >saving their files to either the > >My Documents folder or on to their > >Desktop, then they are by default > >saving to their own profile, thus > >increasing its size, thus increasing > >the logon time. > > > >Perhaps you could convince your users > >to save somewhere better? > > > >Hope this helps. > > > >Eddie. > > > >Neal Koss wrote: > >> > >> Each time I log into the Samba network, The system seems to be copying a > >> large number of files from the Server to the client computer. I would > >> prefer that this not occur. > >> > >> My setup is just a small network and I do not require roaming profiles, but > >> I would like to see more rapid logons and logoffs. I use Windows 98 for my > >> clients and FreeBSD 4.1.1 on the gateway computer running Samba. > >> > >> Thank you > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From barth at cck.uni-kl.de Tue Nov 21 07:24:19 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:24 2003 Subject: PDC cannot be found - different subnet In-Reply-To: <200011202208.RAA00810@meeker.urban.csuohio.edu> Message-ID: <3A1A3133.20020.14BD78@localhost> Hello! We habe a samba 2.0.7 PDC which can be accessed form remote subnets. To achive this we haven't tried to use our University-WINS, but set up the samba-Box as WINS whicht is staticly configured in all NT- clients. Additionaly the NT-Clients have an %WINNT%\system32\drivers\etc\lmhosts entry like: 131.246.123.123 fkb #PRE #DOM:fkb57 but I don't know if this is nessesary. Futhermore we use the "remote anounce" Parameter of samba with the broadcast address of the remote subnet Hope this helps, Christian > Greetings all, > > have a lab of NT 4.0 machines on a different subnet from the smaba > server acting as PDC. We rely on the university for WINS service. My > lab machines are unable to find the PDC for their domain now that they > are on a different subnet from the server. The server is configured > to use WINS as are the NT 4.0 clients. > > It looks as if the samba server is NOT registering itself with the > WINS server. An "nbtstat -a sambaserver" yields a result of name not found. > I can see entries for other NT servers, but not for *any* of our SAMBA > servers. > > What do I have to do to get SAMBA to register with the WINS server > so that the clients can find their PDC? > > The SAMBA servers are configured to use WINS, the PDC -acting > machine is also configured to be the domain master browser. > > The NT machines are configured via DHCP, but even when I plug numbers > into the settings by hand I get the same results. > > Samba *can* be the PDC for clients on another subnet, right? What have > I missed? Everything worked like a charm when everything was on the same > subnet. Why won't the Samba servers register themselves with the WINS > server? > > Thanks, > Bob > ****************************************************************************** > Bob Martel - System Administrator | I met someone who looks a lot like you > Levin College of Urban Affairs | She does the things you do > Cleveland State University | But she is an IBM > (216) 687-2214 | > bob@meeker.csuohio.edu | -Jeff Lynne > ****************************************************************************** > > > _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From bgmilne at ing.sun.ac.za Tue Nov 21 07:40:45 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:24 2003 Subject: Samba/Explorer Problems References: <3A183D77.AB4889F4@pacbell.net> <3A1947DE.DE685417@uma.at> <20001120124708.A20021@key.dkp.com> Message-ID: <3A1A26FD.29E5946F@ing.sun.ac.za> Andrew Klaassen wrote: > > On Mon, Nov 20, 2000 at 04:48:46PM +0100, > Ivan Iliev wrote: > > I have had something somewhat similar happen with NT and TNG. > In my case it was the result of some odd problem with the local > versions of the users' profiles. I just deleted the local copy > of the roaming profile (in c:\winnt\profiles\username) and > everything would be fine again - until someone decided to "use > local copy of profile" rather than downloading their profile > when the NT login asked them what they wanted to do. There doesn't by any chance happen to be a registry entry controlling this "use locally stored profile" message, does there? A number of users have large profiles, and sometimes end up with the message. User education seldom helps ! -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From hergen.lange at olb.de Tue Nov 21 08:00:47 2000 From: hergen.lange at olb.de (Hergen Lange) Date: Tue Dec 2 02:32:24 2003 Subject: samba_2_2 cvs download References: <20001120195429.A13912@molgen-6.iah.medizin.uni-tuebingen.de> Message-ID: <3A1A2BAF.D328933D@olb.de> I thinks its cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co -r samba_2_2 samba Kai Blin schrieb: > Hi, folks > > Maybe I'm just too stupid, but I don't manage to get samba 2.2 via cvs. > I do a > cvs -d :pserver:cvs@pserver.samba.org:/cvsroot login > log in. so far so good > Then I do a > cvs -z5 -d :pserver:cvs@pserver.samba.org:/cvsroot co samba_2_2 > > And I get > cvs server: cannot find module amba_2_2' - ignored > cvs [checkout aborted]: cannot expand modules > > I do get samba and sambaweb, though. I'm shure it's something simple and I'm > too stupid, but could anybody give me a hint? %) > > Thanks in advance > > Kai > -- > Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen > --- > We really don't have any enemies. It's just that some of our best > friends are trying to kill us. -------------- next part -------------- A non-text attachment was scrubbed... Name: hergen.lange.vcf Type: text/x-vcard Size: 303 bytes Desc: Visitenkarte für Hergen Lange Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001121/26f6f8f9/hergen.lange.vcf From inge at cc.uit.no Tue Nov 21 08:31:14 2000 From: inge at cc.uit.no (=?iso-8859-1?Q?Inge=2DH=E5vard?= Hunstad) Date: Tue Dec 2 02:32:24 2003 Subject: Samba/Explorer Problems References: <3A183D77.AB4889F4@pacbell.net> <3A1947DE.DE685417@uma.at> <20001120124708.A20021@key.dkp.com> <3A1A26FD.29E5946F@ing.sun.ac.za> Message-ID: <3A1A32D2.66077847@cc.uit.no> Buchan Milne wrote: > > There doesn't by any chance happen to be a registry entry controlling > this "use locally stored profile" message, does there? A number of users > have large profiles, and sometimes end up with the message. User > education seldom helps ! > I got this from Martin Kuppinger(Samba-NTDOM mailing list): I believe this one turns off the slow link connection: ---> CUT HERE <--- REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon] "SlowLinkDetectEnabled"=dword:00000000 ---> END CUT <--- [>] It turns off the message displayed. There is another parameter SlowLinkTimeOut which you could use to set the time in milliseconds. Default is 2000, maximum in system policy is 20000, in registry i've read about 120.000 inge From bgmilne at ing.sun.ac.za Tue Nov 21 08:36:13 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:24 2003 Subject: Solution for pop-up message for mail Message-ID: <3A1A33FD.757DE26C@ing.sun.ac.za> Hi, We are a company that grew out of commercial activities at a University. We are currently completing our move off the use of their Netware server, and some users are using our linux (postfix) mail server. We have a samba 2.0.7 pdc (different to the mailserver), and one feature that I haven't managed to replace from the Netware server are the pop-up messages when mail arrives. I hacked a short shell script to send a message saying that the user had received mail, but this generated errors when the user was not logged in. So I was wondering if someone had a good solution for this. What I would like is a pop-up when the user is logged in, and when not logged in, messages should either not generate errors, or should be logged to a file to be included with the login script. At some stage I might also want to send people SMS if they are not logged in. Any ideas ? (postfix uses procmail for delivery, and my previous attemt used an entry in the ~/.forward file) Buchan -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From vincent.bellenger at bretagne.iufm.fr Tue Nov 21 09:15:45 2000 From: vincent.bellenger at bretagne.iufm.fr (Vincent Bellenger) Date: Tue Dec 2 02:32:24 2003 Subject: unsubscribe samba-ntdom@samba.org Message-ID: <026e01c0539b$a198dd00$1697d6c2@bretagne.iufm.fr> unsubscribe samba-ntdom@samba.org -------------- next part -------------- HTML attachment scrubbed and removed From eirvine at tpgi.com.au Tue Nov 21 10:02:30 2000 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:32:24 2003 Subject: How to make changes and not disrupt users.. References: Message-ID: <3A1A4836.199DD1AD@tpgi.com.au> Hi Shaun, Shaun Lipscombe wrote: > > How do I modify the $LIB/smb.conf without disrupting users when I do a > killall -HUP smbd; killall -HUP nmbd. > > Cheers, > > Shaun You do know that smb.conf is also read each time a user logs in, don't you? In many cases it is not necessary to restart the daemons after making a change. Eddie. From mg at plum.de Tue Nov 21 10:53:06 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:32:24 2003 Subject: Solution for pop-up message for mail In-Reply-To: <3A1A33FD.757DE26C@ing.sun.ac.za> Message-ID: <4144977784.974807586@[10.1.1.2]> --On Dienstag, 21. November 2000 10:36 +0200 Buchan Milne wrote: > Hi, > > We are a company that grew out of commercial activities at a University. > We are currently completing our move off the use of their Netware > server, and some users are using our linux (postfix) mail server. We > have a samba 2.0.7 pdc (different to the mailserver), and one feature > that I haven't managed to replace from the Netware server are the pop-up > messages when mail arrives. I hacked a short shell script to send a > message saying that the user had received mail, but this generated > errors when the user was not logged in. > > So I was wondering if someone had a good solution for this. What I would > like is a pop-up when the user is logged in, and when not logged in, > messages should either not generate errors, or should be logged to a > file to be included with the login script. At some stage I might also > want to send people SMS if they are not logged in. > > Any ideas ? > (postfix uses procmail for delivery, and my previous attemt used an > entry in the ~/.forward file) There are quite a number of programs out there: a) mail clients like mulberry or netscape messanger b) there are MANY biff clones out there for win*, look on the free/shareware archive sites c) you can write a little daemon that checks the e-mail folders of all users, and tries to send smbclient -M messages to them (then you could use the sms_client program, too) regards, Michael From PerKjetil.Grotnes at pbe.oslo.kommune.no Tue Nov 21 12:13:53 2000 From: PerKjetil.Grotnes at pbe.oslo.kommune.no (Grotnes Per Kjetil PBE-SIT) Date: Tue Dec 2 02:32:24 2003 Subject: Samba write cache (was: Samba 2) In-Reply-To: <3A12D350.5BB1E16B@acu.ac.uk> Message-ID: <"6260 00/11/21 13:13*/G=PerKjetil/S=Grotnes/O=pbe/PRMD=okpost/ADMD=telemax/C=no/"@MHS> > In theory, it can help, as your cache flush requests will then write an > entire stripe evenly. In practice, I wouldn't bother - any decent > hardware RAID card will have on card cache RAM, and will buffer requests > in that cache until it can write a stripe anyway, so I'd be very > surprised to see any difference at all. Would it not reduce the serverload regardless of RAID card cache? The samba write cache would fill up until enough data to send to the RAID. This could reduce the amount of write-calls for the server? Am I way off here? > > 2) how do I find the stripe size easily ( I am using hardware raid-5 > > because software raid-5 was alpha when I put the box up 2 yrs ago) We have a configuration diskette which contains the setup of our raid. I think you have to use a RAID configuration program to read it. You could take a look at that file in an editor mayhap. If this does not work I would be happy to hear any other way to find out the stripe size. Regards Per Kjetil Grotnes --- IT-Seksjonen, Plan- og bygningsetaten, Oslo Kommune Tlf: 22 66 26 61, Fax: 22 66 26 65 From jana at earth.inf.elte.hu Tue Nov 21 12:33:32 2000 From: jana at earth.inf.elte.hu (Sziliczi Janos) Date: Tue Dec 2 02:32:24 2003 Subject: Which daemons shall I start in Samba-TNG Message-ID: Hi, I made a PDC with Samba TNG 2.6. It works if I start all of the daemons in directory .../samba-tng/sbin (except of swat). I'd like to run just those daemons which are certainly necessary. The daemons are: nmbd - NetBIOS name server (required) smbd - SMB services to clients (req.) browserd netlogond samrd spoolssd svcctld winregd lsarpcd srvsvcd wkssvcd Which daemons are required from list above for PDC? And what is those functionality? (I haven't got any documentation.) -- Thanks in advance: Jana From scglista at bol.com.br Tue Nov 21 13:16:37 2000 From: scglista at bol.com.br (SCG) Date: Tue Dec 2 02:32:24 2003 Subject: Samba in NT Domain Message-ID: <007f01c053bd$479befa0$2f02018c@m081072> I?m now in a project to integrate Samba in a NT Domain. I need to get NT users and groups to give samba share?s permissions, its like a Samba-BDC (I know it?s not possible yet). I was reading about winbind and Samba-TNG projects. Anybody here tried any of these solutions?! Is there any solution with pure samba code?! Thanks for any help! SCG From jbcurry at hline.localhealth.net Tue Nov 21 15:11:41 2000 From: jbcurry at hline.localhealth.net (JBCurry) Date: Tue Dec 2 02:32:24 2003 Subject: Changing passwords from a win machine In-Reply-To: Message-ID: Ooooops!!! I should've looked at the size of those bitmaps before I attached them. Just in case I was successful in stopping the message from being sent, here it is again, with examples in a GIF format this time, not bitmaps!!! (If I didn't successfully stop it, my apologies for those that received an unwieldy 622Kb file!!) > > At 12:43 PM 20/11/2000 +0000, Shaun Lipscombe wrote: > > > > > >The update encrypted option is working nicely (thanks to who ever > > >suggested that!). How do users change their passwords if they have no > > >shell access? Can you use any windows tool that the users will find > > >easy to use? I have found that net password is not supported but > > >using a DOS command scares the users enough anyway so surely there > > >must be some windowy way of doing it? > > > > On WinNT, Crtl-Alt-Del -> > > > > A number of people have custom web based systems to cater for W95 users. > > > > David For our Win9x users, we copy the "Passwords" control panel icon to the desktop, and instruct our users how to use this tool. Specifically, we have them use "Change Other Passwords" and only have the "Microsoft Network" option available. (While the "Change Windows Password" may also work, it does not work for all circumstances and it has been reported by Microsoft to be flaky.) Two important notes that may or may not be relevant to this method: we have disabled password caching, and we do not use roaming profiles. I've been looking for a method that doesn't require the extra two steps (selecting "Change Other Passwords" and then selecting "Microsoft Network") but haven't been successful as of yet. See the attached GIFs for an example. -------------- next part -------------- A non-text attachment was scrubbed... Name: pwd1.gif Type: image/gif Size: 6872 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001121/614cd591/pwd1.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: pwd2.gif Type: image/gif Size: 3782 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001121/614cd591/pwd2.gif From gcarter at valinux.com Tue Nov 21 14:11:42 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:25 2003 Subject: Plea for advice: 2.0.7 or 2.2cvs? References: <00112023344000.00816@calthe> Message-ID: <3A1A829E.2D782383@valinux.com> Jacek Stolarczyk wrote: > > Now, coming to my question: what samba version should I use? > a) 2.0.7 > b) SAMBA_2_2 cvs branch > c) wait (probably just a few days) for 2.2alpha1 For production environments, stick with a stable release is my opinion. Less likely to get burned that way. 2.2 is coming along nicely, but the next alpha will probably not make it to you in the next few days. > Do the additional features in 2.2 version balance > the (presumably) worse stability of an alpha version? 2.2 is a major leap in Samba's like IMO. While I really am proud of what is in there, i would still recommend sticking to a stable release, unless there is a specific feature that you need. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From nkoss at dr.com Tue Nov 21 17:41:30 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:25 2003 Subject: profiles and policies In-Reply-To: <20001120201540.B12509@anders-ibm.dyn.dhs.org> References: <5.0.0.25.2.20001120155920.00aa8950@mail.pv1.ca.home.com> <5.0.0.25.2.20001119231538.00a77de0@mail.pv1.ca.home.com> <3A18F403.62FDFFE@tpgi.com.au> <5.0.0.25.2.20001120155920.00aa8950@mail.pv1.ca.home.com> Message-ID: <5.0.0.25.2.20001121093749.00a50140@mail.pv1.ca.home.com> At 08:15 PM 11/20/00 +0600, Anders C. Thorsen wrote: >On Mon, Nov 20, 2000 at 04:07:24PM -0800, Neal Koss wrote: >> It's not the use of the roaming profiles that is the problem. I just don't >> need them. My network is just the 2 computers in my home and I always logon >> from my machine. But I'm sorry, I just don't understand what you meant by >> the users saving their files.... I thought (for example, in Eudora) that I >> was saving to a subdirectory of my main Eudora directory, but I find that >> somehow Win98 and Samba have changed that to >> C:\windows\profiles\neal\application data\qualcomm\eudora. I never set that > >This is a "feature" in Eudora... Windows/Samba did not actively change that, >altough Eudora did due to the presence of user Profiles on Windows > >I believe that someone suggested >LOGON PATH = E: >PROFILE PATH = >in smb.conf >LOGON PATH describes where the netlogon share is to be, and >where the logon scripts should be run from. > >PROFILE PATH = >will tell WINDOWS not to copy the profiles. > I believe I get it now! I put those 2 statements into the [global] section (using my own logon path) and the logon procedure as wellas the logout went MUCH faster and did not show the window with files being copied. Thank you to all.... Now I just have to figure out how to tell Eudora and the other programs how to find the files if I move them out of my 'profiles' directories :-) > >--Anders > >Anders C. Thorsen >PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc > >---------------------------------------- >Only two things are infinite. >The universe and human stupidity. >Although, I am unsure of the former. > >Albert Einstein ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Neal Koss, MD nkoss@dr.com Eudora Pro 5.0 3655 Lomita Blvd, #215 310-375-7574 Torrance, CA 90505-1916 FAX: 375-6685 http://www.checkthegrid.com Before you go to the movies...Check The Grid! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From nkoss at dr.com Tue Nov 21 18:50:04 2000 From: nkoss at dr.com (Neal Koss) Date: Tue Dec 2 02:32:25 2003 Subject: profiles and policies Message-ID: <5.0.0.25.2.20001121104515.00a4eb30@mail.pv1.ca.home.com> I reviewed the documentation for smb.conf http://us1.samba.org/samba/docs/man/smb.conf.5.html and could find no entry for 'profile path =', so I decided to leave it out and it doesn't seem to make a difference. The smb.conf doc just shows a [global], [homes] and [printers] sections. Can you elaborate a bit more on just what happens at logon time and how these profiles interact, etc.....thanks.... ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Neal Koss, MD nkoss@dr.com Eudora Pro 5.0 3655 Lomita Blvd, #215 310-375-7574 Torrance, CA 90505-1916 FAX: 375-6685 http://www.checkthegrid.com Before you go to the movies...Check The Grid! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From barth at cck.uni-kl.de Tue Nov 21 19:54:27 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:25 2003 Subject: Only selective people can log in to a Win2K-Server, part of samba-2.2.0_cvs controlled domain Message-ID: <3A1AE103.966.2C34B3C@localhost> Hi, we are currently doning some tests with a Win2K-Server in a domain which is contorlled by a samba-2.2.0 (cvs of about 10 Days ago) PCD (on Redhat 6.2). We noticed a "funny" thing: Only two of about 20 users can log in to the Win2K-server, the other immedialy recieve "The domain controller for FBKTEST cound not be found" (well, this meaning, it's the german message). All users can log into NT4WK. I have no ideas what's the difference between the successfull and the unsuccessfull users, exept that they have been the first 2 to try. Any ideas? An other thing: Are policies known to work with Win2K-Server? We didn't get them working. Christian _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From chucky at sortes.com Tue Nov 21 19:17:09 2000 From: chucky at sortes.com (Pablo) Date: Tue Dec 2 02:32:25 2003 Subject: Can't ping names in the WINS server Message-ID: <004401c053ef$a4b9c0e0$050000c0@sortes.com> Hello all. I have a NT PDC running WINS server and DHCP server. I have installed Samba 2.0 in a Linux box. I have configured this computer like a DHCP client and it is working nice. When I use Samba I can view this machine in the network, becouse this machine registers itself in the WINS server. This is all good, but the problem is that a can't acces like a client to the WINS server. When I try to ping to a computer that is registered in the WINS server the Linux box don't seem to connect to this server. I have configured the nmbd daemon with the WINS options like this: dns proxy = No Wins proxy = Yes wins server = 'WINS server of my network' wins support = No wins hook = I have set also this option: name resolve order = wins host lmhosts bcast Tahnks in advance. -------------- next part -------------- HTML attachment scrubbed and removed From ak at dkp.com Tue Nov 21 21:56:00 2000 From: ak at dkp.com (Andrew Klaassen) Date: Tue Dec 2 02:32:25 2003 Subject: Samba/Explorer Problems In-Reply-To: <3A1A26FD.29E5946F@ing.sun.ac.za>; from bgmilne@ing.sun.ac.za on Tue, Nov 21, 2000 at 09:40:45AM +0200 References: <3A183D77.AB4889F4@pacbell.net> <3A1947DE.DE685417@uma.at> <20001120124708.A20021@key.dkp.com> <3A1A26FD.29E5946F@ing.sun.ac.za> Message-ID: <20001121165559.B31169@key.dkp.com> On Tue, Nov 21, 2000 at 09:40:45AM +0200, Buchan Milne wrote: > There doesn't by any chance happen to be a registry entry > controlling this "use locally stored profile" message, does > there? Hmm. I don't know. It certainly would be a handy thing, though. > A number of users have large profiles, and sometimes end up > with the message. User education seldom helps ! Heh. Amen. Andrew Klaassen From xcuse at DSI-Project.de Tue Nov 21 22:00:53 2000 From: xcuse at DSI-Project.de (xcuse@DSI-Project.de) Date: Tue Dec 2 02:32:25 2003 Subject: domain user rights on shares? Message-ID: <001a01c05406$846ac2a0$0a9aa8c0@starfleet.net> hi folks, ok, i got an samba PDC 2.07 running on SuSE 7.0. So far everything is all right. I mean time sync, home shares, logon scripts, NTWKS logins and all the stuff. Surly no 2KWKS logins, but now I am confused about how to apply domain-user-rights on samba-shares. BTW, did anybody fiddled out the ?password will truncated to 8 chars?-stuff when using unix password sync. It always results in an asyncronity between unix and smbpasswd. Any hints? cheers xcuse -------------- next part -------------- HTML attachment scrubbed and removed From gree3776 at rowan.edu Tue Nov 21 22:28:53 2000 From: gree3776 at rowan.edu (Samuel Greenfeld) Date: Tue Dec 2 02:32:25 2003 Subject: PDC cannot be found - different subnet Message-ID: Not to beat a dead horse, but we have basically the exact same problem, also using Samba 2.0.7. Our Samba controlled domain is set up to register itself with the campus WINS server, which happens to be another Samba box. But Network Neighborhood normally doesn't see anything on another subnets. Mapping \\SERVER\SHARE by hand works. Of further note is that samba systems have no problems with this at all - they can see all the domains on campus (at last check, 93 due to all the student ones). Unfortunately, Novell is our official platform (except for engineering), so every getting every last LAN administrator to add LMHOSTS entries for our servers is not likely to happen. I suspect that many MS systems do not use WINS when they should, but I have no clue who is at fault. --- SJG >>> "Robert M. Martel" 11/20/00 05:08PM >>> Greetings all, have a lab of NT 4.0 machines on a different subnet from the smaba server acting as PDC. We rely on the university for WINS service. My lab machines are unable to find the PDC for their domain now that they are on a different subnet from the server. The server is configured to use WINS as are the NT 4.0 clients. It looks as if the samba server is NOT registering itself with the WINS server. An "nbtstat -a sambaserver" yields a result of name not found. I can see entries for other NT servers, but not for *any* of our SAMBA servers. What do I have to do to get SAMBA to register with the WINS server so that the clients can find their PDC? The SAMBA servers are configured to use WINS, the PDC -acting machine is also configured to be the domain master browser. The NT machines are configured via DHCP, but even when I plug numbers into the settings by hand I get the same results. Samba *can* be the PDC for clients on another subnet, right? What have I missed? Everything worked like a charm when everything was on the same subnet. Why won't the Samba servers register themselves with the WINS server? Thanks, Bob From xcuse at DSI-Project.de Tue Nov 21 23:06:08 2000 From: xcuse at DSI-Project.de (xcuse@DSI-Project.de) Date: Tue Dec 2 02:32:25 2003 Subject: Broadcast Winpopup -HOWTO Message-ID: <002201c0540f$a1e5abc0$0a9aa8c0@starfleet.net> i can only do a popup to a single host, but how to do it the workgroup or the domain? smbclient -M Workgroup did not work. So what? -------------- next part -------------- HTML attachment scrubbed and removed From D.Bannon at latrobe.edu.au Tue Nov 21 23:34:46 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:25 2003 Subject: Can't ping names in the WINS server In-Reply-To: <004401c053ef$a4b9c0e0$050000c0@sortes.com> Message-ID: <3.0.6.32.20001122103446.008ab100@bioserve.latrobe.edu.au> At 08:17 PM 21/11/2000 +0100, Pablo wrote: Not sure what you are asking (and your html formatted post does not return well). But : DHCP and ping refer to the tcp/ip . WINS and Samba refer to the smb protocol. Are you getting these confused ? You cannot ping a name that appears in the wins list unless you have used the same names. We do, for example, bcdb1.biochem.latrobe.au has a machine name of bcdb1 but it does not _have to_ be that way. If you are allocating machine ip address via dhcp then it pretty hard to ensure that they have the same machine name.... > Hello all. I have a NT PDC running WINS server and DHCP server. I >have installed Samba 2.0 in a Linux box. I have configured this computer >like a DHCP client and it is working nice. When I use Samba I can view >this machine in the network, becouse this machine registers itself in the >WINS server. This is all good, but the problem is that a can't acces like >a client to the WINS server. When I try to ping to a computer that is >registered in the WINS server the Linux box don't seem to connect to this >server. I have configured the nmbd daemon with the WINS options like >this: dns proxy = No Wins proxy = Yes wins server = 'WINS server of my >network' wins support = No wins hook = I have set also this option: >name resolve order = wins host lmhosts bcast Tahnks in advance. ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From anders at anders-ibm.dyn.dhs.org Tue Nov 21 12:48:36 2000 From: anders at anders-ibm.dyn.dhs.org (Anders C. Thorsen) Date: Tue Dec 2 02:32:25 2003 Subject: Can't ping names in the WINS server In-Reply-To: <3.0.6.32.20001122103446.008ab100@bioserve.latrobe.edu.au>; from D.Bannon@latrobe.edu.au on Wed, Nov 22, 2000 at 10:34:46AM +1100 References: <004401c053ef$a4b9c0e0$050000c0@sortes.com> <3.0.6.32.20001122103446.008ab100@bioserve.latrobe.edu.au> Message-ID: <20001121184836.A15247@anders-ibm.dyn.dhs.org> I believe that one of the goals of the winbind module is to achieve this. (Don't quote me on that) I'd reccomend looking into the winbind module if you _really_ need this. I know it's in HEAD (the unstable of the unstable) branch, and it's recommended that anyone who uses this branch in a production to have his computer-license removed. :) It might be present in 2.2. I it is, I'd reccomend to wait using 2.2 till it becomes stable. --Anders On Wed, Nov 22, 2000 at 10:34:46AM +1100, David Bannon wrote: > At 08:17 PM 21/11/2000 +0100, Pablo wrote: > > Not sure what you are asking (and your html formatted post does not return > well). But : > > DHCP and ping refer to the tcp/ip . > WINS and Samba refer to the smb protocol. > > Are you getting these confused ? You cannot ping a name that appears in the > wins list unless you have used the same names. We do, for example, > bcdb1.biochem.latrobe.au has a machine name of bcdb1 but it does not _have > to_ be that way. If you are allocating machine ip address via dhcp then it > pretty hard to ensure that they have the same machine name.... > > > > Hello all. I have a NT PDC running WINS server and DHCP server. I > >have installed Samba 2.0 in a Linux box. I have configured this computer > >like a DHCP client and it is working nice. When I use Samba I can view > >this machine in the network, becouse this machine registers itself in the > >WINS server. This is all good, but the problem is that a can't acces like > >a client to the WINS server. When I try to ping to a computer that is > >registered in the WINS server the Linux box don't seem to connect to this > >server. I have configured the nmbd daemon with the WINS options like > >this: dns proxy = No Wins proxy = Yes wins server = 'WINS server of my > >network' wins support = No wins hook = I have set also this option: > >name resolve order = wins host lmhosts bcast Tahnks in advance. > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From mgeddes at xavier.sa.edu.au Wed Nov 22 00:19:27 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:32:25 2003 Subject: Can't ping names in the WINS server References: <3.0.6.32.20001122103446.008ab100@bioserve.latrobe.edu.au> Message-ID: <3A1B110F.45403188@xavier.sa.edu.au> Pablo, Have a look here: http://www.kneschke.de/projekte/samba_tng/faq/index.php3?show=file009 It may clear things up From irvinee at fhs.midcoast.com.au Wed Nov 22 03:36:08 2000 From: irvinee at fhs.midcoast.com.au (E Irvine) Date: Tue Dec 2 02:32:25 2003 Subject: CGI script to change passwords alpha release. Message-ID: <20001122143608.A6500@ajax.fhs.domain> Howdy all, Here is a set of scripts to chnage unix+smbpasswords using a cgi interface. This seems to work OK on my system (FreeBSD 3.5) but it is pretty raw - we'll call it an alpha release. It is probably full of security holes, but I guess it is a start - I'm a school teacher, not a unix guru. Any great perl+expect hackers out there? It could do with a cool name, too. Eddie. -------------- next part -------------- A non-text attachment was scrubbed... Name: password_changer.tgz Type: application/octet-stream Size: 11669 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001122/9f4835de/password_changer.obj From barth at cck.uni-kl.de Wed Nov 22 06:40:40 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:25 2003 Subject: Broadcast Winpopup -HOWTO Message-ID: <200011220640.HAA04535@fbk.mv.uni-kl.de> I have written a (buggy) skript to do so: Give the username as argument and the Message is dilivert to all PC's he/she is using. Give "alle" as username and everybody gets the message: #!/bin/sh if [ "$1" = "alle" ]; then pc=`smbstatus -b | grep -v PID | grep -v Samba | grep -v "\-\-" | awk '{print $3}' | sort -u` else pc=`smbstatus -Su $1 | grep $1 | awk '{print $5}' | sort -u` fi # echo $pc if [ $# != 2 ] ; then echo Meldung eingeben und mit Crtl+D beenden ! meldung=`cat - | unix2dos` else meldung=$2 fi for p in $pc do echo $meldung | smbclient -M $p done Christian From barth at cck.uni-kl.de Wed Nov 22 10:15:49 2000 From: barth at cck.uni-kl.de (Christian Barth) Date: Tue Dec 2 02:32:25 2003 Subject: Only selective people can log in to a Win2K-Server, part of samba-2.2.0_cvs controlled domain (Solution ?) Message-ID: <3A1BAAE5.25399.D186B0@localhost> Hi, answering my own mail: We sleept a night over the problem, removed the Win2K-Server from the domain, deleted the enteries in /etc/passwd and smbpasswd, restarted samba, joined the Win2K-Server to the domain again. And now everything seems to work: logins, profiles, polices, logon-skripts, ... The only thing knowen to be changed: This time we entered the domain name in small letters. It's in capitel letters in smb.conf. Is the domain name case sensetive? Christian > we are currently doning some tests with a Win2K-Server in a domain > which is contorlled by a samba-2.2.0 (cvs of about 10 Days ago) PCD > (on Redhat 6.2). We noticed a "funny" thing: > > Only two of about 20 users can log in to the Win2K-server, the other > immedialy recieve "The domain controller for FBKTEST cound not be > found" (well, this meaning, it's the german message). All users can > log into NT4WK. I have no ideas what's the difference between the > successfull and the unsuccessfull users, exept that they have been > the first 2 to try. > > Any ideas? > > An other thing: > Are policies known to work with Win2K-Server? We didn't get them > working. > > Christian > > > _______________________________________________________________________ In a world without walls and fences, who needs windows and gates? (SUN) From funrighd at netcourrier.com Wed Nov 22 11:49:50 2000 From: funrighd at netcourrier.com (funrighd@netcourrier.com) Date: Tue Dec 2 02:32:25 2003 Subject: Apache Server with Samba Message-ID: Hi, I'm trying to create an Intranet site on a Mandrake 7.2 linux server with Apache and Samba. I wanna limit access to some parts of this site to Windows NT 4 Clients. Does someone have information for doing this ? Fred ----- La messagerie itin?rante sans abonnement NetCourrier ----- Web : www.netcourrier.com Minitel : 3615 et 3623 NETCOURRIER T?l : 08 36 69 00 21 From bgmilne at ing.sun.ac.za Wed Nov 22 13:25:39 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:25 2003 Subject: Apache Server with Samba References: Message-ID: <3A1BC953.5CE0D3@ing.sun.ac.za> You can use variable substitution in your smb.conf. Check out %a in "man smb.conf". For example, you could do: include = /etc/smb.conf.%a and define the share for apache in the file /etc/smb.conf.WinNT Variable substitution is quite powerful, but it is not always totally reliable. I have shares defined with the %G variable, with domain admins seeing all of the shares. The domain admins sometimes lose the shares defined for the other groups. I am conisdering using hidden share, but I think it works well enough. Buchan PDC=Linux Mandrake 7.1 + samba 2.0.7, webserver = Linux Mandrake 7.1 + apache 1.3.12. funrighd@netcourrier.com wrote: > > Hi, > I'm trying to create an Intranet site on a Mandrake 7.2 linux server with Apache and Samba. I wanna limit access to some parts of this site to Windows NT 4 Clients. Does someone have information for doing this ? > > Fred > > ----- La messagerie itin?rante sans abonnement NetCourrier ----- > Web : www.netcourrier.com Minitel : 3615 et 3623 NETCOURRIER > T?l : 08 36 69 00 21 -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From eirvine at tpgi.com.au Wed Nov 22 13:56:13 2000 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:32:25 2003 Subject: Here's a cgi script for changing passwords. Message-ID: <3A1BD07D.30848452@tpgi.com.au> Hi, This set of scripts is for presenting a web interface for changing the unix passwords and smbpasswords via a web interface. You will need to print out all of the scripts and customize to suit your system. These scripts are no doubt full of security holes and, ahh, "subceptible to improvement". Any perl-expect exprerts out there? You will need expect installed. It works for me on my FreeBSD 3.5 system. Eddie (who is a school teacher, not a computer scientist - be warned!) From Eddie.Wimberly at robins.af.mil Thu Nov 16 18:25:38 2000 From: Eddie.Wimberly at robins.af.mil (Wimberly Eddie Contr WRALC/LYSFR) Date: Tue Dec 2 02:32:25 2003 Subject: pserver.samba.org/pub/unpacked/samba/source??? Message-ID: which branch is reflected in this directory tree? From luetz at serv.bibl.fh-koeln.de Wed Nov 22 15:26:00 2000 From: luetz at serv.bibl.fh-koeln.de (Stefan Luetz) Date: Tue Dec 2 02:32:25 2003 Subject: accessing default share Message-ID: <3A1BF396.16888.1BA22C7@localhost> Hi there, I am running Samba 2.0.7 as PDC on a linux box. Everything works fine, all NT machines can join the domain. The Problem: I can't access the default shares (c$ and admin$) of the NT clients which joined the domain, neither with the local admin account nor with a domain admin account. Other hidden shares (e.g. temp$) are accessible. Perhaps someone could help me. Thanks Stefan From M.Puchta at fscodes.cz Wed Nov 22 17:02:19 2000 From: M.Puchta at fscodes.cz (Puchta, Milos) Date: Tue Dec 2 02:32:25 2003 Subject: SMB failes to start Message-ID: <41ED6A8C8BE7D21194610008C724FD0A0987F8@ANNA> Though the smb servis is stated to start in boot list, there is problem when starting anything in smb environment. here is a message when testing "smbstatus". Couldn't open staus file /var/lock/samba/STATUS..LCK Any idea? Tnx Milos From shaun.lipscombe at gasops.co.uk Wed Nov 22 17:25:49 2000 From: shaun.lipscombe at gasops.co.uk (Shaun Lipscombe) Date: Tue Dec 2 02:32:25 2003 Subject: SMB failes to start In-Reply-To: "Puchta, Milos"'s message of "Wed, 22 Nov 2000 18:02:19 +0100" References: <41ED6A8C8BE7D21194610008C724FD0A0987F8@ANNA> Message-ID: * "Puchta," == Puchta, Milos writes: > Though the smb servis is stated to start in boot list, there is > problem when starting anything in smb environment. here is a > message when testing "smbstatus". What does tail /var/log/samba/log.nmb give? -- (o_ (o_ (o_ //\ (/)_ (/)_ V_/_ shaun.lipscombe@gasops.co.uk From ssousa at isg.pt Wed Nov 22 18:56:56 2000 From: ssousa at isg.pt (=?iso-8859-1?Q?S=E9rgio_Sousa?=) Date: Tue Dec 2 02:32:25 2003 Subject: Samba-TNG BDC and NT4 PDC Message-ID: <001801c054b5$fcd316c0$45de89c1@blacksun> Hi there, I've done many searches ... but couldn't find some kind of HOWTO for setting up a SambaTNG BDC on a Domain where the PDC is a Windows NT4. Could anyone give me an hand on this? I've found the FAQ and a config file on http://www.kneschke.de/projekte/samba_tng but there explanation is not very complete! Does anyone have a Samba BDC working with a NT PDC? What steps did you take? Thanks in advance, Sergio Sousa From jelmer at nl.linux.org Wed Nov 22 19:15:17 2000 From: jelmer at nl.linux.org (Jelmer Vernooij) Date: Tue Dec 2 02:32:25 2003 Subject: Samba 2.0.7 (--with-smbmount) crashes while logging in Message-ID: <20001122201517.A10462@nl.linux.org> Hi there, I have been busy writing support for validating passwords using a MySQL database in Samba. Compiling and all the rest worked fine, but when trying to log in from a Windows '95 client, the samba server went down. (PANIC: internal error) So I re-extracted the samba sources, reconfigured, recompiled and re-installed the files (without the patches) but the problem stays. The binary RPM works fine. The versions I am using: [root@charis /lib]# ldd /usr/local/samba/bin/smbd libdl.so.2 => /lib/libdl.so.2 (0x40027000) libcrypt.so.1 => /lib/libcrypt.so.1 (0x4002a000) libc.so.6 => /lib/libc.so.6 (0x40058000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) I am running GNU's Lib C version 2.2. TIA, Jelmer From gcarter at valinux.com Wed Nov 22 19:40:28 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:25 2003 Subject: Samba 2.0.7 (--with-smbmount) crashes while logging in References: <20001122201517.A10462@nl.linux.org> Message-ID: <3A1C212C.E433C164@valinux.com> Jelmer Vernooij wrote: > > Hi there, > > I have been busy writing support for validating passwords > using a MySQL database in Samba. Compiling and all the > rest worked fine, but when trying to log in from a > Windows '95 client, the samba server went down. > (PANIC: internal error) > > So I re-extracted the samba sources, reconfigured, > recompiled and re-installed the files (without the patches) > but the problem stays. The binary RPM works fine. set panic action = /usr/bin/X11/xterm -display :0 -e \ gdb /usr/local/samba/bin/smbd %d in your smb.conf to catch the fault in a gdb session. btw...if you are working on developing a DB backend for accounts, you should look at the samba-technical recent archives on the passdb redesign. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From todd.4 at wright.edu Wed Nov 22 21:08:38 2000 From: todd.4 at wright.edu (Jason Todd) Date: Tue Dec 2 02:32:25 2003 Subject: Roaming profiles, permissions Message-ID: Hi, here are 3 questions I've been fighting with... Background: I'm running Samba 2.0.7 on RedHat 7.0 (kernel 2.2.16-22smp). This machine is set up as a "PDC" managing domain logons. All client machines are NT 4, varying service packs but I think all are at least SP4, and the problems below even occur on SP6. 1) Problem: Certain users get the message "could not find your profile, contact your network administrator" or something like that, and they are kicked right out after trying to log in. I check the Samba logs, and they are showing connections to the appropriate shares (including the home share). I peeked around in the registry, comparing the users' "profile location" key with that of users experiencing no problems, and couldn't find any discrepancies. However, in C:\WINNT\Profiles, for one problem user in particular (and a few others), there are several "username.###" and "username.###.bak" entries, with ### ranging from 000 upward. Maybe that is a clue to the solution or cause. 2) Problem: I suspect this might be related to #1 above. My own personal account on the domain will not let me change any HKLU registry settings. I think other users are experiencing this one, too. In the domain "logon.bat" file, I have "NET USE x: \\MACHINENAME\SHARE /PERSISTENT:NO" to map a few network drives. The /PERSISTENT:NO causes the command to return an error about not being able to save a profile registry setting (about saving drive connections). Other peculiarities: 2a) Logging in, I always get the stupid "Welcome to NT" window. 2b) I set a new wallpaper and click OK, it doesn't take. 2c) I set a new desktop color and click OK, it DOES take. In addition, each client machine keeps listing an "DOMAIN\Account unknown" in its user manager, permissions boxes, etc. I think it believes that "Account Unknown" owns the registry, or at least the HKLU branch. 3) How-to: This one is much simpler, how do I map NT groups to UNIX groups? I've heard rumors of a "domain group map" or similar parameter, but seen no documentation on it or the format of the map file. I simply want to create a UNIX group, such as "power" and then specify that each user in that UNIX group will be a Power User on the NT domain. If this can be done, I'd like to know how, or if it can't yet, that's fine (I suppose :). I know this is a lengthy message, but I've been trying to research those questions for a while with no luck. Thanks to anyone who can provide good info to me. Jason Todd From irvinee at fhs.midcoast.com.au Wed Nov 22 23:13:07 2000 From: irvinee at fhs.midcoast.com.au (E Irvine) Date: Tue Dec 2 02:32:25 2003 Subject: password changer - a link. Message-ID: <20001123101307.A8650@ajax.fhs.domain> Hi, I can't seem to send an attatchment to the list, so here is a url: http://www1.tpg.com.au/users/eirvine/password_changer.tgz Eddie. From D.Bannon at latrobe.edu.au Wed Nov 22 23:40:15 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:25 2003 Subject: Roaming profiles, permissions In-Reply-To: Message-ID: <3.0.6.32.20001123104015.008bb4c0@bioserve.latrobe.edu.au> At 04:08 PM 22/11/2000 -0500, Jason Todd wrote: >Hi, here are 3 questions I've been fighting with... > >Background: I'm running Samba 2.0.7 on RedHat 7.0 (kernel 2.2.16-22smp). >This machine is set up as a "PDC" managing domain logons. > >1) Problem: Certain users get the message "could not find your profile, >contact your network administrator" or something like that, and they are >kicked right out after trying to log in. A trivial suggestion but : if the local pc is short on diskspace you get this effect. Just a suggestion... >user in particular (and a few others), there are several "username.###" >and "username.###.bak" entries, with ### ranging from 000 upward. Maybe >that is a clue to the solution or cause. Again, I've seen this in relation to diskspace shortages, starts when the domain profile area is short of space and user profiles cannot be copied to the server. Each logon makes a new entry and then the client soon fills up. Especially if you have lots of users per machine. david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From jeremy at valinux.com Thu Nov 23 01:36:36 2000 From: jeremy at valinux.com (Jeremy Allison) Date: Tue Dec 2 02:32:25 2003 Subject: Samba 2.2.0alpha1 snapshot released Message-ID: <3A1C74A4.E9E7F9B6@valinux.com> Hi all, I have just released the second alpha snapshot of what will become Samba 2.2.0. It's available from the usual ftp sites, in the alpha directory as : :/pub/samba/alpha/samba-2.2.0-alpha1.tar.gz If people could test this snapshot out and provide feedback about what is broken (probably lots at the moment :-) and let the lists know that would help. The Team will be monitoring the feedback and this will help for the next alpha. Please note that the documentation is not currently up to date, and the POSIX ACL mapping feature is still missing, but most of the other improvements are all there, and this code has been running under memory overrun/leak detectors for weeks now without problems. Having said that - *please* don't use this on a production system :-) :-). I believe that most of the patches people requested have been added to this release, and that the NT point and print code is much more robust than alpha0. Jean-Francois patches for Win2K PDC support have also been included. Please kick the tires and let us know what you think ! The release notes follow : Regards, Jeremy Allison, Samba Team. WHATS NEW IN Samba 2.2.0alpha1 ============================== This is the second alpha release of the new 2.2.0 codebase for Samba. This version must not be run in production. This code will almost certainly have some bugs and is intended to help the Samba Team prepare an official 2.2.0 release. The documentation in this alpha snapshot is not up to date, there are many new parameters since 2.0.7. This will be corrected in a later alpha release. Several significant bugs have been fixed between alpha0 and alpha1, these include : Fix for level II oplock bug. Support for detecting version 2/3 printer drivers (from HP). Samba profiling support (from SGI). Winbind integration fixes. Preliminary Win2K PDC support in compatibility mode for Win2K clients (from JF). VFS interface updates. Failover finding of BDC's now works again. lpq race condition fixes. utmp fixes. SWAT username detection fix. Bugfix for WinNT and Win2K point and print feature. The upcoming 2.2.0 Samba release will include the following new features: Integration with the winbind daemon that provides a single sign on facility for UNIX servers in Windows NT4/2000 networks driven by a Windows NT4/2000 PDC. Support for native Windows NT4/2000 printing RPCs. This includes support for automatic printer driver download. This functionality should be complete in alpha1. Rewritten internal locking semantics for more robustness. This alpha supports full 64 bit locking semantics on all (even 32 bit) platforms. SMB locks are mapped onto POSIX locks (32 bit or 64 bit) as the underlying system allows. Conversion of various internal flat data structures to use database records for increased performance and flexibility. Support for acting as a MS-DFS server Compile time option for enabling a VFS layer Support for server supported Access Control Lists (ACLs). This support will require a specific pluggable backend to be written for each filesystem ACL implementation to be supported. The stable 2.2.0 release should contain support for the following filesystems: Solaris 2.6+ HPUX SGI Irix Linux Kernel 2.2 with German ACL patch Currently in this alpha snapshot (alpha1) this feature is not enabled - the VFS layer has been modified to allow it, but the code is still under development and should be in a later alpha snapshot. Other platforms will be supported as resources are available to test and implement the encessary modules. If you are interested in writing the support for a particular ACL filesystem, please join the samba-technical mailing list and coordinate your efforts. Support for collection of profile information. A shared memory area has been created which contains counters for the number of calls to and the amount of time spent in various system calls and smb transactions. See the file profile.h for a complete listing of the information collected. Sample code for a samba pmda (collection agent for Performance Co-Pilot) has been included in the pcp directory. To enable the profile data collection code in samba, you must compile samba with profile support (run configure with the --with-profile option). On startup, collection of data is disabled. To begin collecting data use the smbcontrol program to turn on profiling (see the smbcontrol man page). Profile information collection can be enabled for all smbd processes or one or more selected processes. The profiling data collected is the aggragate for all processes that have profiling enabled. With samba compiled for profile data collection, you may see a very slight degradation in performance even with profiling collection turned off. On initial tests with NetBench on an SGI Origin 200 server, this degradation was not measureable with profile collection off compared to no profile collection compiled into samba. With count profile collection enabled on all clients, the degradation was less than 2%. With full profile collection enabled on all clients, the degradation was about 8.5%. ===================================================================== If you think you have found a bug please email a report to : samba@samba.org As always, all bugs are our responsibility. Regards, The Samba Team. -- -------------------------------------------------------- Buying an operating system without source is like buying a self-assembly Space Shuttle with no instructions. -------------------------------------------------------- From D.Bannon at latrobe.edu.au Thu Nov 23 02:16:35 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:25 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <3A1C74A4.E9E7F9B6@valinux.com> Message-ID: <3.0.6.32.20001123131635.008c1100@bioserve.latrobe.edu.au> At 05:36 PM 22/11/2000 -0800, Jeremy Allison wrote: >Hi all, > > I have just released the second alpha snapshot >.... >is much more robust than alpha0. Jean-Francois patches for >Win2K PDC support have also been included. The ones of several weeks ago or has JF fixed the problems with creating machine accounts on the fly ?? Cannot see anything about the latter in cvs.... david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From mlueck at lueckdatasystems.com Thu Nov 23 03:13:45 2000 From: mlueck at lueckdatasystems.com (Michael Lueck) Date: Tue Dec 2 02:32:25 2003 Subject: Are there two PDC projects going / which one to use? Message-ID: <200011230313.WAA28863@sphmraaa.compuserve.com> As far as I can tell from reading the pages at samba.org, there is the fork in the source - a new team working on the PDC code. So, what code does my new Samba Unleashed book deal with - I would assume this chunk of the code from samba.org. As for people interested in either including Samba servers into networks with an NT domain, or to replace all NT servers with Samba servers (or in my case never install one in the first place... coming from WarpServer domains) - and allowing the PDC to live on for security reasons with the NT/Win2K workstations.... which way "should" one pick when it comes to this fork in the tree? I want to: 1) Look like there is a NTDOM is running to fool windows software, vendors of the software as well when it comes to the fooling 2) Get back to having a server side logon script for Win2K clients, since IBM does not have a WSeB client for Win2K, I'm stuck with putting things in the startup folder TIA Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ From gcarter at valinux.com Thu Nov 23 04:14:15 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:25 2003 Subject: Samba 2.2.0alpha1 snapshot released References: <3.0.6.32.20001123131635.008c1100@bioserve.latrobe.edu.au> Message-ID: <3A1C9997.C6D69A3E@valinux.com> David Bannon wrote: > > At 05:36 PM 22/11/2000 -0800, Jeremy Allison wrote: > >Hi all, > > > > I have just released the second alpha snapshot > >.... > >is much more robust than alpha0. Jean-Francois patches for > >Win2K PDC support have also been included. > > The ones of several weeks ago or has JF fixed the > problems with creating machine accounts on the fly ?? > Cannot see anything about the latter in cvs.... I don't think so. Was basically a snapshot of SAMBA_2_2 Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From hergen.lange at olb.de Thu Nov 23 07:14:16 2000 From: hergen.lange at olb.de (Hergen Lange) Date: Tue Dec 2 02:32:26 2003 Subject: accessing default share References: <3A1BF396.16888.1BA22C7@localhost> Message-ID: <3A1CC3C8.9FF7A450@olb.de> I have the same prblem. Here is a little workaround that works. net use * \\192.168.10.10\C$ /user:WKNAME\Administrator Password Stefan Luetz schrieb: > Hi there, > > I am running Samba 2.0.7 as PDC on a linux box. Everything > works fine, all NT machines can join the domain. > > The Problem: I can't access the default shares (c$ and admin$) of > the NT clients which joined the domain, neither with the local > admin account nor with a domain admin account. Other hidden > shares (e.g. temp$) are accessible. > > Perhaps someone could help me. > > Thanks > Stefan -------------- next part -------------- A non-text attachment was scrubbed... Name: hergen.lange.vcf Type: text/x-vcard Size: 303 bytes Desc: Visitenkarte für Hergen Lange Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001123/f52388bb/hergen.lange.vcf From eirvine at tpgi.com.au Thu Nov 23 07:27:40 2000 From: eirvine at tpgi.com.au (eirvine) Date: Tue Dec 2 02:32:26 2003 Subject: Roaming profiles, permissions References: Message-ID: <3A1CC6EC.F037E454@tpgi.com.au> Hi Jason, Jason Todd wrote: > > Hi, here are 3 questions I've been fighting with... > > Background: I'm running Samba 2.0.7 on RedHat 7.0 (kernel 2.2.16-22smp). > This machine is set up as a "PDC" managing domain logons. All client > machines are NT 4, varying service packs but I think all are at least SP4, > and the problems below even occur on SP6. > > 1) Problem: Certain users get the message "could not find your profile, > contact your network administrator" or something like that, and they are > kicked right out after trying to log in. I check the Samba logs, and they > are showing connections to the appropriate shares (including the home > share). I peeked around in the registry, comparing the users' "profile > location" key with that of users experiencing no problems, and couldn't > find any discrepancies. However, in C:\WINNT\Profiles, for one problem > user in particular (and a few others), there are several "username.###" > and "username.###.bak" entries, with ### ranging from 000 upward. Maybe > that is a clue to the solution or cause. > > 2) Problem: I suspect this might be related to #1 above. My own > personal account on the domain will not let me change any HKLU registry > settings. I think other users are experiencing this one, too. In the > domain "logon.bat" file, I have > "NET USE x: \\MACHINENAME\SHARE /PERSISTENT:NO" > to map a few network drives. The /PERSISTENT:NO causes the command to > return an error about not being able to save a profile registry setting > (about saving drive connections). Other peculiarities: > 2a) Logging in, I always get the stupid "Welcome to NT" window. > 2b) I set a new wallpaper and click OK, it doesn't take. > 2c) I set a new desktop color and click OK, it DOES take. > In addition, each client machine keeps listing an "DOMAIN\Account unknown" > in its user manager, permissions boxes, etc. I think it believes that > "Account Unknown" owns the registry, or at least the HKLU branch. > > 3) How-to: This one is much simpler, how do I map NT groups to UNIX > groups? I've heard rumors of a "domain group map" or similar parameter, > but seen no documentation on it or the format of the map file. I simply > want to create a UNIX group, such as "power" and then specify that each > user in that UNIX group will be a Power User on the NT domain. If this > can be done, I'd like to know how, or if it can't yet, that's fine (I > suppose :). > > I know this is a lengthy message, but I've been trying to research those > questions for a while with no luck. Thanks to anyone who can provide good > info to me. > > Jason Todd I'd just like to add a big "me too" to your questions. (but I have roaming profiles working just dandy with win98 - its NT that's causing me the problems). Eddie From thzeiser at lstm.uni-erlangen.de Thu Nov 23 09:44:36 2000 From: thzeiser at lstm.uni-erlangen.de (thzeiser@lstm.uni-erlangen.de) Date: Tue Dec 2 02:32:26 2003 Subject: No substitution of %U in logon path Message-ID: <200011230944.KAA01671@enskog.lstm.uni-erlangen.de> Hi, in the current alpha1 as well as the cvs version, %U is not replaced in the logon path setting. The same problem was already discussed in the thread "BUG - SAMBA_2_2 Win9X profiles are broken", 29-30 Oct. The (2nd) fix which was suggested and implemented there seems not to work. I use something like [global] ... logon path = \\%L\Profiles\%U ... [Profiles] ... path = /home/profiles ... The NT profiles are not stored in /home/profiles/USERNAME but in /home/profiles/%U. Regards Thomas Zeiser From chucky at sortes.com Thu Nov 23 12:35:43 2000 From: chucky at sortes.com (Pablo) Date: Tue Dec 2 02:32:26 2003 Subject: Winbind installation Message-ID: <010601c05549$e5b630f0$050000c0@sortes.com> Hello all: I am trying to install winbind. I have dowloaded the rpm file samba-appliance-0.5-1.i386.rpm and I have installed samba-2.0.6-9. When I tray to install Winbind with: rpm -hiv samba-appliance-0.5-1.i386.rpm the messages are: file /etc/logrotate.d/samba from install of samba-appliance-0.5-1 conflicts with file from package samba-2.0.6-9 file /etc/rc.d/init.d/smb from install of samba-appliance-0.5-1 conflicts with file from package samba-2.0.6-9 Have I to install first samba appliance? What have I do? Thanks. From b.drijver at nyenrode.nl Thu Nov 23 16:16:56 2000 From: b.drijver at nyenrode.nl (Bart Drijver) Date: Tue Dec 2 02:32:26 2003 Subject: Win2K and 2.06 or 2.07 Message-ID: <200011231619.RAA29145@bordeaux.nyenrode.nl> This is an answer you gave to someone who wanted to know about Win2k connectivity with SAMBA 2.07: "2.0.7 will work with win2k as clients, but not as PDC. The upcoming 2.2.0 release will allow win2k prof clients to logon to a samba PDC. regards, Michael " What I like to know (I'm hoping you know al lot about this) if there are any known problems with connecting a Win2k Server to samba shares. I'm currently running a pilot-project at the Nyenrode University in Holland, where I've got a Win2K Citrix Metaframe Server (in Workgroup NETWORK) connected to a SAMBA 2.06 running on LINUX (PDC of domain NETWORK). In the initial tests al went well, but some testusers are complaining about missing mappings at random. Sometimes when working they get disconnected drives. The setup: 15 testusers are created localy on the Win2K/Citrix Server with the same usernames ans password as on the SAMBA PDC. A logon.bat script is activated when someone connects to the Win2K/Citrix Server and the mappings are made (at least they should!) like this: net use g: \\Merlot\homes (Merlot is a SAMBA server) net use h: \\Merlot\apps when in a Citrix-session al mappings by hand are made correctly. Only when mappings are made automaticly things tent to go wrong. After loggon, and starting the Explorer it's waiting up to 1,5 minutes before al drive mappings are shown (about 6) Important questions: 1. Is there an explaination/solution to this behaviour? 2. Is the 2.07 version a better version than the 2.06 regarding to Win2k Server connectivity? Hope you or anyone else can help, Bart Drijver, Nyenrode Computer Centre the Netherlands From jelmer at nl.linux.org Thu Nov 23 10:14:57 2000 From: jelmer at nl.linux.org (Jelmer Vernooij) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.0.7 (--with-smbmount) crashes while logging in Message-ID: <20001123111457.A1142@nl.linux.org> An embedded message was scrubbed... From: Jelmer Vernooij Subject: Re: Samba 2.0.7 (--with-smbmount) crashes while logging in Date: Thu, 23 Nov 2000 11:12:13 +0100 Size: 1657 Url: http://lists.samba.org/archive/samba-ntdom/attachments/20001123/ee345c47/attachment.eml From nospam.aaa082914 at mental.com Thu Nov 23 21:21:18 2000 From: nospam.aaa082914 at mental.com (Alexander Lobodzinski) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: Jeremy Allison's message of Wed, 22 Nov 2000 17:36:36 PST <3A1C74A4.E9E7F9B6@valinux.com> Message-ID: <7719.975014478@mental.com> Hi Jeremy & gang, () If people could test this snapshot out and provide feedback () about what is broken (probably lots at the moment :-) and () let the lists know that would help. OK, you asked for it: cc: Error: ../rpc_server/srv_samr.c, line 806: Invalid statement. (badstmt) } --------^ When compiling on DEC Unix 4.0x - adding a semicolon after the "done:" label above fixed that. If you are interested in compiler warnings about uninitialized variables and stuff just let me know. Regarding functionality: when trying to join the domain with a W2K server I get after a few seconds: The following error occurred attempting to join the domain "foo": No mapping between account names and security IDs was done. However this is better than the CVS snapshot a few days before which just showed the hourglass for one or two minutes and then produced another error message which I unfortunately forgot. I created machine accounts in smbpasswd and /etc/passwd and a root account in smbpasswd by hand; if I do not use the correct "root" password for joining, I'm told so immediately. I did everything according to David's ntdom{,faq}.html files as far as I can tell... Ciao, Lobo From anders at aae.wisc.edu Thu Nov 23 09:46:17 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.0.7 (--with-smbmount) crashes while logging in In-Reply-To: <20001123111457.A1142@nl.linux.org>; from jelmer@nl.linux.org on Thu, Nov 23, 2000 at 11:14:57AM +0100 References: <20001123111457.A1142@nl.linux.org> Message-ID: <20001123154617.A1026@anders-ibm.dyn.dhs.org> On Thu, Nov 23, 2000 at 11:14:57AM +0100, Jelmer Vernooij wrote: > Date: Thu, 23 Nov 2000 11:12:13 +0100 > From: Jelmer Vernooij > Subject: Re: Samba 2.0.7 (--with-smbmount) crashes while logging in > To: Gerald Carter > > > > I have been busy writing support for validating passwords > > > using a MySQL database in Samba. Compiling and all the > > > rest worked fine, but when trying to log in from a > > > Windows '95 client, the samba server went down. > > > (PANIC: internal error) > > > > > > So I re-extracted the samba sources, reconfigured, > > > recompiled and re-installed the files (without the patches) > > > but the problem stays. The binary RPM works fine. > > > > > > set > > panic action = /usr/bin/X11/xterm -display :0 -e \ > > gdb /usr/local/samba/bin/smbd %d > > > > in your smb.conf to catch the fault in a gdb session. > > Here's the output: > > /home/jelmer/1119: No such file or directory. > Attaching to program: /usr/local/samba/bin/smbd, Pid 1119 > Reading symbols from /lib/libdl.so.2...done. > Reading symbols from /lib/libcrypt.so.1...done. > Reading symbols from /lib/libc.so.6...done. > Reading symbols from /lib/ld-linux.so.2...done. > Reading symbols from /lib/libnss_files.so.2...done. > 0x401101c9 in wait4 () from /lib/libc.so.6 > > It seems to be in glibc... But how should I solve this? > > Jelmer run the "bt" command in gdb, which backtraces the stack. That will tell us where in samba the libc function was called. -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From Jason.Haar at trimble.co.nz Thu Nov 23 22:41:04 2000 From: Jason.Haar at trimble.co.nz (Jason Haar) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <3A1C74A4.E9E7F9B6@valinux.com>; from jeremy@valinux.com on Wed, Nov 22, 2000 at 05:36:36PM -0800 References: <3A1C74A4.E9E7F9B6@valinux.com> Message-ID: <20001124114104.S24489@trimble.co.nz> I'm still seeing a problem that I've had with the CVS releases in general. Under 2.07, I'm running Samba as a domain member of a NT 4 domain. When somone connects, it looks like Samba checks their creds against the domain controller only. Under 2.2.0, with same /etc/smb.conf, it immediately goes to /etc/smbpasswd - which I have never had! So auth fails, yada, yada, yada... If I put a valid smbpasswd file there, then it works - but the whole point is to auth off existing NT domain controllers... This is under RedHat 6.2 [global] workgroup = TNZ server string = Samba Server %v security = DOMAIN encrypt passwords = Yes update encrypted = Yes password server = PDC BDC unix password sync = Yes log level = 9 log file = /var/log/samba/log.%m max log size = 0 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 lm announce = False local master = No dns proxy = No wins server = PDC guest account = smbguest -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 From herb at sgi.com Thu Nov 23 23:27:21 2000 From: herb at sgi.com (Herbert Lewis) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released References: <3A1C74A4.E9E7F9B6@valinux.com> Message-ID: <3A1DA7D9.99E68D0F@sgi.com> IRIX 6.x inst packages available on main samba site (and mirrors soon). From D.Bannon at latrobe.edu.au Thu Nov 23 23:50:53 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <20001124114104.S24489@trimble.co.nz> References: <3A1C74A4.E9E7F9B6@valinux.com> <3A1C74A4.E9E7F9B6@valinux.com> Message-ID: <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> At 11:41 AM 24/11/2000 +1300, Jason Haar wrote: >I'm still seeing a problem that I've had with the CVS releases in general. > > >Under 2.2.0, with same /etc/smb.conf, it immediately goes to /etc/smbpasswd >- which I have never had! So auth fails, yada, yada, yada... > OK, that sounds like the sort of place that RedHat like to configure their rpms to put their config files. Are you sure your not running some old (rpm installed) binary or config file somewhere ? Have you used the samba default (and very sensible) file locations /usr/local/samba/* ? david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From Jason.Haar at trimble.co.nz Thu Nov 23 23:59:42 2000 From: Jason.Haar at trimble.co.nz (Jason Haar) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au>; from D.Bannon@latrobe.edu.au on Fri, Nov 24, 2000 at 10:50:53AM +1100 References: <3A1C74A4.E9E7F9B6@valinux.com> <3A1C74A4.E9E7F9B6@valinux.com> <20001124114104.S24489@trimble.co.nz> <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> Message-ID: <20001124125942.V24489@trimble.co.nz> On Fri, Nov 24, 2000 at 10:50:53AM +1100, David Bannon wrote: > At 11:41 AM 24/11/2000 +1300, Jason Haar wrote: > >I'm still seeing a problem that I've had with the CVS releases in general. > > > > > >Under 2.2.0, with same /etc/smb.conf, it immediately goes to /etc/smbpasswd > >- which I have never had! So auth fails, yada, yada, yada... > > > > OK, that sounds like the sort of place that RedHat like to configure their > rpms to put their config files. Are you sure your not running some old (rpm I compiled it using the makerpms.sh supplied with Samba-2.2.0 That compiles it as: --with-quotas \ --with-smbmount \ --with-pam \ --with-profile \ --with-syslog \ --with-utmp \ --with-vfs \ --with-msdfs \ --with-netatalk -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 From D.Bannon at latrobe.edu.au Fri Nov 24 01:17:55 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <20001124125942.V24489@trimble.co.nz> References: <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> <3A1C74A4.E9E7F9B6@valinux.com> <3A1C74A4.E9E7F9B6@valinux.com> <20001124114104.S24489@trimble.co.nz> <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> Message-ID: <3.0.6.32.20001124121755.008be4b0@bioserve.latrobe.edu.au> At 12:59 PM 24/11/2000 +1300, Jason Haar wrote: >I compiled it using the makerpms.sh supplied with Samba-2.2.0 Sorry to sound dumb but are you doing this specificly to create an rpm ? Does not sound like a good idea with alpha software ?? If its just for local use, don't make an rpm, do make, make install > >That compiles it as: > >--with-quotas \ >--with-smbmount \ >--with-pam \ >--with-profile \ >--with-syslog \ >--with-utmp \ >--with-vfs \ >--with-msdfs \ >--with-netatalk > > >-- >Cheers > >Jason Haar > >Unix/Special Projects, Trimble NZ >Phone: +64 3 9635 377 Fax: +64 3 9635 417 > ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From Jason.Haar at trimble.co.nz Fri Nov 24 01:27:51 2000 From: Jason.Haar at trimble.co.nz (Jason Haar) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2.0alpha1 snapshot released In-Reply-To: <3.0.6.32.20001124121755.008be4b0@bioserve.latrobe.edu.au>; from D.Bannon@latrobe.edu.au on Fri, Nov 24, 2000 at 12:17:55PM +1100 References: <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> <3A1C74A4.E9E7F9B6@valinux.com> <3A1C74A4.E9E7F9B6@valinux.com> <20001124114104.S24489@trimble.co.nz> <3.0.6.32.20001124105053.0089f760@bioserve.latrobe.edu.au> <20001124125942.V24489@trimble.co.nz> <3.0.6.32.20001124121755.008be4b0@bioserve.latrobe.edu.au> Message-ID: <20001124142751.X24489@trimble.co.nz> On Fri, Nov 24, 2000 at 12:17:55PM +1100, David Bannon wrote: > At 12:59 PM 24/11/2000 +1300, Jason Haar wrote: > >I compiled it using the makerpms.sh supplied with Samba-2.2.0 > > Sorry to sound dumb but are you doing this specificly to create an rpm ? > Does not sound like a good idea with alpha software ?? > > If its just for local use, don't make an rpm, do make, make install Don't give Redhat that much credit - all the rpm is is a wrapper around make commands :-) The RPM generated is IDENTICAL to that I can do by hand - it's the same commands. The configure options used are basically identical to those in the 2.0.7 builds - so the question remains: why does 2.20 run differently that 2.07 WRT the **REQUIREMENT** of smbpasswd? I mean - is no-one else seeing this??? Or does everyone else use smbpasswd and don't bother talking to NT domain controllers? (I think not). -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 From dyaya_2000 at yahoo.com Fri Nov 24 03:01:34 2000 From: dyaya_2000 at yahoo.com (yaya) Date: Tue Dec 2 02:32:26 2003 Subject: Winbind installation References: <20001123200115.279177E44@lists.samba.org> Message-ID: <004101c055c2$dd00afc0$8d030201@smutu1> > From: "Pablo" > To: "Samba-ntdom" > Subject: Winbind installation > Date: Thu, 23 Nov 2000 13:35:43 +0100 > > Hello all: > > I am trying to install winbind. I have dowloaded the rpm file > samba-appliance-0.5-1.i386.rpm and I have installed samba-2.0.6-9. When I > tray to install Winbind with: > > rpm -hiv samba-appliance-0.5-1.i386.rpm > > the messages are: > > file /etc/logrotate.d/samba from install of samba-appliance-0.5-1 conflicts > with file from package samba-2.0.6-9 > file /etc/rc.d/init.d/smb from install of samba-appliance-0.5-1 conflicts > with file from package samba-2.0.6-9 > As what I've experienced, that's because you've installed samba-2.0.6-9 [rpm, I think] and then you install samba-appliance-0.5-1.i386.rpm samba-2.0.6-9 and samba-appliance-0.5-1.i386.rpm using the same directory/file /etc/logrotate.d/samba and /etc/rc.d/init.d/smb > Have I to install first samba appliance? What have I do? > Event you install samba-appliance first, I believe the messages will show. What do you really want to install? Samba-206 or Samba-appliance? Or both of them? So, just ignore the messages. I think it doesn't matter what you must install first. btw, winbind is supported by samba-appliance. CMIIW. So perhaps you must install samba-206 first. I'm using RedHat Linux6.1. Cheers, yaya From D.Bannon at latrobe.edu.au Fri Nov 24 05:47:26 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:26 2003 Subject: Samba 2.2 W2K joining appears to be broken... Message-ID: <3.0.6.32.20001124164726.008be570@bioserve.latrobe.edu.au> Sometime between now and November 15 the Samba 2.2 cvs has stopped allowing W2K to logon. My last check (Nov 15) works fine, todays does not. Speaking to some else, it appears that the same problem exists in the alpha1 snapshot too. When we try and join a W2K in we get told : No Mapping between account names and security IDs was done This is not a 'create machine account problem, the machine accounts already exist. I can go back to my 15 Nov copy and all works well, problem is repeatable. Now, I'm going to be away over the weekend so I cannot start tracing it until Monday Morning Australian time ..... David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From alex at fatal.cz Fri Nov 24 13:50:23 2000 From: alex at fatal.cz (Alexandr Falta) Date: Tue Dec 2 02:32:26 2003 Subject: concurrent login Message-ID: <3A1E721F.AE996B18@fatal.cz> Could anybody hint me if is possible to disable concurrent logins under same username? I need to make "unique" users on the samba server. In other words - to disable possibility to login more then once under same username. thanks alex From f-thaon at ti.com Fri Nov 24 16:02:30 2000 From: f-thaon at ti.com (Thaon, Francis) Date: Tue Dec 2 02:32:26 2003 Subject: Long names with Samba Message-ID: <3942626D021BD311B6440000F8C1BFFD063CCC5B@dnce1.itg.ti.com> Questions regarding long names If i am using a W2K machine to connect to NFS ressources through samba, no problem to access long names ressources. If i am using Windows NT4 SP6 to connect to NFS ressources through samba, i do not see the long names resources nor map them. It is probably an SMB issue but ? Why and is there a fix ? thanks Francis -------------- next part -------------- HTML attachment scrubbed and removed From jelmer at nl.linux.org Fri Nov 24 17:15:38 2000 From: jelmer at nl.linux.org (Jelmer Vernooij) Date: Tue Dec 2 02:32:26 2003 Subject: [jelmer@nl.linux.org: Re: Samba 2.0.7 (--with-smbmount) crashes while logging in] Message-ID: <20001124181538.A3770@nl.linux.org> An embedded message was scrubbed... From: Jelmer Vernooij Subject: Re: Samba 2.0.7 (--with-smbmount) crashes while logging in Date: Fri, 24 Nov 2000 18:13:06 +0100 Size: 1659 Url: http://lists.samba.org/archive/samba-ntdom/attachments/20001124/da5dfb32/attachment.eml From duehr at id-pro.net Fri Nov 24 19:10:05 2000 From: duehr at id-pro.net (Stephan Duehr) Date: Tue Dec 2 02:32:26 2003 Subject: Winbind installation In-Reply-To: <004101c055c2$dd00afc0$8d030201@smutu1>; from dyaya_2000@yahoo.com on Fre, Nov 24, 2000 at 10:01:34 +0700 References: <20001123200115.279177E44@lists.samba.org> <004101c055c2$dd00afc0$8d030201@smutu1> Message-ID: <20001124201005.F9966@id-pro.net> On Fre, Nov 24, 2000 at 10:01:34 +0700, yaya wrote: > > From: "Pablo" > > To: "Samba-ntdom" > > Subject: Winbind installation > > Date: Thu, 23 Nov 2000 13:35:43 +0100 > > > > Hello all: > > > > I am trying to install winbind. I have dowloaded the rpm file > > samba-appliance-0.5-1.i386.rpm and I have installed samba-2.0.6-9. When I > > tray to install Winbind with: > > > > rpm -hiv samba-appliance-0.5-1.i386.rpm > > > > the messages are: > > > > file /etc/logrotate.d/samba from install of samba-appliance-0.5-1 > conflicts > > with file from package samba-2.0.6-9 > > file /etc/rc.d/init.d/smb from install of samba-appliance-0.5-1 conflicts > > with file from package samba-2.0.6-9 > > > As what I've experienced, that's because you've installed samba-2.0.6-9 > [rpm, I think] > and then you install samba-appliance-0.5-1.i386.rpm > samba-2.0.6-9 and samba-appliance-0.5-1.i386.rpm using the same > directory/file /etc/logrotate.d/samba and /etc/rc.d/init.d/smb > > > Have I to install first samba appliance? What have I do? > > > Event you install samba-appliance first, I believe the messages will show. > What do you really want to install? > Samba-206 or Samba-appliance? > Or both of them? So, just ignore the messages. > I think it doesn't matter what you must install first. > > btw, winbind is supported by samba-appliance. CMIIW. > So perhaps you must install samba-206 first. I think, you have to decide. If you look at the ouput of rpm -qpl samba-appliance-0.5-1.i386.rpm | grep bin then you will see that it already contains all the binaries needed, like smbd, nmbd etc. -- Stephan D?hr (Support) * ID-PRO Deutschland GmbH * Am Hofgarten 20 * D-53113 Bonn * Tel +49 228 4 21 54 0 * Fax +49 228 4 21 54 359 * http://open-for-the-better.com/ From duehr at id-pro.net Fri Nov 24 19:22:06 2000 From: duehr at id-pro.net (Stephan Duehr) Date: Tue Dec 2 02:32:26 2003 Subject: samba-appliance Message-ID: <20001124202206.G9966@id-pro.net> I just read the fine paper about winbind. On page 5 it says: "You may also wish to update the main Samba daemons (smbd and nmbd) with a more recent development release, such as the recently announced Samba 2.2 alpha release." Is it recommended to use Samba 2.2 alpha with winbind? Is it possible to use winbind with Samba 2.0.7? The samba-appliance-0.5-1.i386.rpm already contains samba binaries. From which Samba-version do they come from? Is there experience about the stability of that package? -- Stephan D?hr (Support) * ID-PRO Deutschland GmbH * Am Hofgarten 20 * D-53113 Bonn * Tel +49 228 4 21 54 0 * Fax +49 228 4 21 54 359 * http://open-for-the-better.com/ From jelmer at nl.linux.org Fri Nov 24 21:58:55 2000 From: jelmer at nl.linux.org (Jelmer Vernooij) Date: Tue Dec 2 02:32:26 2003 Subject: PAM, Encrypted passwords and samba Message-ID: <20001124165855.A3228@nl.linux.org> Hello, I've been busy with building support for MySQL in samba, but why isn't it possible to use samba, encrypted passwords and PAM? I know PAM doesn't return an encrypted password, but can't we encrypt the password we get from PAM ? It would solve many things if we could use these three easy things together, since all PAM modules would become available then(under Linux and Solaris). TIA, Jelmer From awilliam at whitemice.org Fri Nov 24 22:29:09 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:26 2003 Subject: PAM, Encrypted passwords and samba In-Reply-To: <20001124165855.A3228@nl.linux.org> References: <20001124165855.A3228@nl.linux.org> Message-ID: <20001124.22290900@estate1.whitemice.org> >I've been busy with building support for MySQL in samba, but why >isn't it possible to use samba, encrypted passwords and PAM? I >know PAM doesn't return an encrypted password, but can't we >encrypt the password we get from PAM ? Because you don't get a password from PAM, you pass a word to PAM and it return success or failure of the auth static with the given word. >It would solve many things if we could use these three easy >things together, since all PAM modules would become available >then(under Linux and Solaris). There really isn't a problem. There is a PAM module for smb that can be used against a samba server. Samba can sync any password changes to any data source you can dream up. From jelmer at nl.linux.org Fri Nov 24 23:20:12 2000 From: jelmer at nl.linux.org (Jelmer Vernooij) Date: Tue Dec 2 02:32:26 2003 Subject: [jelmer@nl.linux.org: Re: PAM, Encrypted passwords and samba] Message-ID: <20001124182012.A4017@nl.linux.org> An embedded message was scrubbed... From: Jelmer Vernooij Subject: Re: PAM, Encrypted passwords and samba Date: Fri, 24 Nov 2000 18:09:32 -0500 Size: 1627 Url: http://lists.samba.org/archive/samba-ntdom/attachments/20001124/e21d97d4/attachment.eml From Staerk-Berlin at t-online.de Sun Nov 26 17:01:46 2000 From: Staerk-Berlin at t-online.de (=?iso-8859-1?Q?Ulrich_St=E4rk?=) Date: Tue Dec 2 02:32:26 2003 Subject: (no subject) Message-ID: <000a01c057ca$901269b0$fe78a8c0@embryo> -------------- next part -------------- HTML attachment scrubbed and removed From Staerk-Berlin at t-online.de Sun Nov 26 17:05:14 2000 From: Staerk-Berlin at t-online.de (=?iso-8859-1?Q?Ulrich_St=E4rk?=) Date: Tue Dec 2 02:32:26 2003 Subject: Subsribe Message-ID: <002201c057cb$0b39aa40$fe78a8c0@embryo> subscribe -------------- next part -------------- HTML attachment scrubbed and removed From Staerk-Berlin at t-online.de Sun Nov 26 18:06:29 2000 From: Staerk-Berlin at t-online.de (=?iso-8859-1?Q?Ulrich_St=E4rk?=) Date: Tue Dec 2 02:32:27 2003 Subject: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client Message-ID: <002a01c057d3$99a383c0$fe78a8c0@embryo> I just (Nov. 26 6pm MET) donwloaded the samba 2.2alpha1 CVS source, compiled and installed it. This is my smb.conf: [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ I did not add share or anything else for I first wanted to make sure the PDC is working correctly. My OS is SuSE Linux 7.0 so i had to use /usr/sbin/useradd. I also added user root via smbpasswd -a root and another non-root user to the smbpasswd file. When I now want to connect to the domain from any of my six Win2K machines it prompts me for a username and password to do so. I enter root and my root pasword and after a while it tells me "Welcome to the domain HALLO." and asks me to reboot my machine. I do as asked and reboot my machine. When I reach the logon screen I try to logon as root with my root pasword I set and choose the domain HALLO from the dropdown list. I then tells me "The system could not connect to the specified domain because the machine account is missing or the password for this machine account is wrong.". One of my client's name is "embryo". This is what was generated in the /etc/passwd, /etc/shadow and the smbpasswd files: /etc/passwd: embryo$:x:601:102:W2KMachine:/dev/null:/bin/false /etc/shadow: embryo$:!:11287:0:99999:7:0:: smbpasswd: embryo$:601:BC855AD328D492734FBF85F44FAB3902:A9D7D2C05281B7CFD265EC6EB91815F7:[W]:LCT-3A213EF0: I would be glad if someone could help me, for I tried about three days to find a solution to this problem. Creating user and smb user account manually did not help either. Thanks in advance Uli St?rk P.S.: I also tried this smb.conf file which is a modification of my samba 2.07 smb.conf file but it didn't work either. [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ local master = yes preferred master = yes domain master = yes wins support = yes -------------- next part -------------- HTML attachment scrubbed and removed From f.w.j.wiegerinck at student.utwente.nl Sun Nov 26 20:05:12 2000 From: f.w.j.wiegerinck at student.utwente.nl (F.W.J.Wiegerinck) Date: Tue Dec 2 02:32:27 2003 Subject: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client References: <002a01c057d3$99a383c0$fe78a8c0@embryo> Message-ID: <000901c057e4$303d5620$2000a8c0@student.utwente.nl> I think you need a entry in the smbpasswd for your machine. Only adding an account to your linux-userdatabase is not enough, also add one to your samba-userdatabase. You can use a script like this: #!/bin/sh # path: /usr/local/samba/bin/addmachineaccount accname=$1'$' /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false $accname /usr/local/samba/bin/smbpasswd -m $accname -n (I'm not sure if it will handle the $-char correct) And in smb.conf: add user script = /usr/local/samba/bin/addmachineaccount %m Good Luck! Frank Wiegerinck ----- Original Message ----- From: Ulrich St?rk To: samba-ntdom@samba.org Sent: Sunday, November 26, 2000 6:06 PM Subject: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client I just (Nov. 26 6pm MET) donwloaded the samba 2.2alpha1 CVS source, compiled and installed it. This is my smb.conf: [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ I did not add share or anything else for I first wanted to make sure the PDC is working correctly. My OS is SuSE Linux 7.0 so i had to use /usr/sbin/useradd. I also added user root via smbpasswd -a root and another non-root user to the smbpasswd file. When I now want to connect to the domain from any of my six Win2K machines it prompts me for a username and password to do so. I enter root and my root pasword and after a while it tells me "Welcome to the domain HALLO." and asks me to reboot my machine. I do as asked and reboot my machine. When I reach the logon screen I try to logon as root with my root pasword I set and choose the domain HALLO from the dropdown list. I then tells me "The system could not connect to the specified domain because the machine account is missing or the password for this machine account is wrong.". One of my client's name is "embryo". This is what was generated in the /etc/passwd, /etc/shadow and the smbpasswd files: /etc/passwd: embryo$:x:601:102:W2KMachine:/dev/null:/bin/false /etc/shadow: embryo$:!:11287:0:99999:7:0:: smbpasswd: embryo$:601:BC855AD328D492734FBF85F44FAB3902:A9D7D2C05281B7CFD265EC6EB91815F7:[W]:LCT-3A213EF0: I would be glad if someone could help me, for I tried about three days to find a solution to this problem. Creating user and smb user account manually did not help either. Thanks in advance Uli St?rk P.S.: I also tried this smb.conf file which is a modification of my samba 2.07 smb.conf file but it didn't work either. [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ local master = yes preferred master = yes domain master = yes wins support = yes -------------- next part -------------- HTML attachment scrubbed and removed From Staerk-Berlin at t-online.de Sun Nov 26 20:03:53 2000 From: Staerk-Berlin at t-online.de (=?iso-8859-1?Q?Ulrich_St=E4rk?=) Date: Tue Dec 2 02:32:27 2003 Subject: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client References: <002a01c057d3$99a383c0$fe78a8c0@embryo> <000901c057e4$303d5620$2000a8c0@student.utwente.nl> Message-ID: <000d01c057e4$00edd340$fe78a8c0@embryo> Thanks. But as you may have seen I gave an excerpt of my smbpasswd file where the machine name is correctly added. This is done automatically by samba I think. Thanks anyway but this will not solve the problem. Uli P.S.: I tried setting the password for this machine to NO PASSWORD, but then it tells me that the domain is not avaiable. ----- Original Message ----- From: F.W.J.Wiegerinck To: Ulrich St?rk Cc: samba-ntdom@us5.samba.org Sent: Sunday, November 26, 2000 9:05 PM Subject: Re: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client I think you need a entry in the smbpasswd for your machine. Only adding an account to your linux-userdatabase is not enough, also add one to your samba-userdatabase. You can use a script like this: #!/bin/sh # path: /usr/local/samba/bin/addmachineaccount accname=$1'$' /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false $accname /usr/local/samba/bin/smbpasswd -m $accname -n (I'm not sure if it will handle the $-char correct) And in smb.conf: add user script = /usr/local/samba/bin/addmachineaccount %m Good Luck! Frank Wiegerinck ----- Original Message ----- From: Ulrich St?rk To: samba-ntdom@samba.org Sent: Sunday, November 26, 2000 6:06 PM Subject: Samba 2.2 alpha 1 CVS unable to log into domain from W2K client I just (Nov. 26 6pm MET) donwloaded the samba 2.2alpha1 CVS source, compiled and installed it. This is my smb.conf: [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ I did not add share or anything else for I first wanted to make sure the PDC is working correctly. My OS is SuSE Linux 7.0 so i had to use /usr/sbin/useradd. I also added user root via smbpasswd -a root and another non-root user to the smbpasswd file. When I now want to connect to the domain from any of my six Win2K machines it prompts me for a username and password to do so. I enter root and my root pasword and after a while it tells me "Welcome to the domain HALLO." and asks me to reboot my machine. I do as asked and reboot my machine. When I reach the logon screen I try to logon as root with my root pasword I set and choose the domain HALLO from the dropdown list. I then tells me "The system could not connect to the specified domain because the machine account is missing or the password for this machine account is wrong.". One of my client's name is "embryo". This is what was generated in the /etc/passwd, /etc/shadow and the smbpasswd files: /etc/passwd: embryo$:x:601:102:W2KMachine:/dev/null:/bin/false /etc/shadow: embryo$:!:11287:0:99999:7:0:: smbpasswd: embryo$:601:BC855AD328D492734FBF85F44FAB3902:A9D7D2C05281B7CFD265EC6EB91815F7:[W]:LCT-3A213EF0: I would be glad if someone could help me, for I tried about three days to find a solution to this problem. Creating user and smb user account manually did not help either. Thanks in advance Uli St?rk P.S.: I also tried this smb.conf file which is a modification of my samba 2.07 smb.conf file but it didn't work either. [global] netbios name = SERVER security = user status = yes workgroup = HALLO encrypt passwords = yes domain logons = yes domain admin users = root share modes = no os level = 65 add user script = /usr/sbin/useradd -g trust -c W2KMachine -d /dev/null -s /bin/false %m$ local master = yes preferred master = yes domain master = yes wins support = yes -------------- next part -------------- HTML attachment scrubbed and removed From sharpe at ns.aus.com Sun Nov 26 05:53:17 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain Message-ID: <3.0.6.32.20001126155317.00b04d00@203.16.214.248> Hi, Like David Bannon and others, I am getting "No mapping between account names and security IDs was done." Am investigating ... Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From chrisleavoy at home.com Mon Nov 27 00:34:25 2000 From: chrisleavoy at home.com (Chris Leavoy) Date: Tue Dec 2 02:32:27 2003 Subject: Domain login for win2k broken in latest CVS Message-ID: <000701c05809$cb5d6760$1401a8c0@cyberpir8.vpn> Im absolutely positive i have everything setup as i should according to the documentaion. The user and machine records are added, both in passwd and smbpasswd. I get the following error message when trying to login to the samba controlled domain: With the alph0 and alph1 builds: The procedure number is out of range. With the latest CVS build: No mapping between account names and security ids was done Could anyone offer any reasons for these error messages? Thanks, Chris Leavoy From D.Bannon at latrobe.edu.au Mon Nov 27 01:09:58 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain In-Reply-To: <3.0.6.32.20001126155317.00b04d00@203.16.214.248> Message-ID: <3.0.6.32.20001127120958.008b8b80@bioserve.latrobe.edu.au> At 03:53 PM 26/11/2000 +1000, Richard Sharpe wrote: >Hi, > >Like David Bannon and others, I am getting "No mapping between account >names and security IDs was done." > >Am investigating ... Yeah, hi Richard. The problem seems to have come in late 22 / early 23 November melbourne time. If I can get a couple of hours to myself I try .... david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Mon Nov 27 01:10:57 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:27 2003 Subject: Domain login for win2k broken in latest CVS In-Reply-To: <000701c05809$cb5d6760$1401a8c0@cyberpir8.vpn> Message-ID: <3.0.6.32.20001127121057.008bb370@bioserve.latrobe.edu.au> At 07:34 PM 26/11/2000 -0500, Chris Leavoy wrote: >Im absolutely positive i have everything setup as i should according to the >.... >With the latest CVS build: >No mapping between account names and security ids was done > yes, Its a problem we know about, trying ... david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From sharpe at ns.aus.com Sun Nov 26 06:39:57 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain In-Reply-To: <3.0.6.32.20001127120958.008b8b80@bioserve.latrobe.edu.au> References: <3.0.6.32.20001126155317.00b04d00@203.16.214.248> Message-ID: <3.0.6.32.20001126163957.00afda10@203.16.214.248> At 12:09 PM 11/27/00 +1100, David Bannon wrote: >At 03:53 PM 26/11/2000 +1000, Richard Sharpe wrote: >>Hi, >> >>Like David Bannon and others, I am getting "No mapping between account >>names and security IDs was done." >> >>Am investigating ... > >Yeah, hi Richard. The problem seems to have come in late 22 / early 23 >November melbourne time. If I can get a couple of hours to myself I try .... OK, well the problem seems to be that samr_reply_lookup_names is returning NT_STATUS_NONE_MAPPED ... Trying to figure out why now :-) >david >------------------------------------------------------------ >David Bannon D.Bannon@latrobe.edu.au >School of Biochemistry Phone 61 03 9479 2197 >La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >------------------------------------------------------------ >..... Humpty Dumpty was pushed ! > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sharpe at ns.aus.com Sun Nov 26 07:13:03 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain In-Reply-To: <3.0.6.32.20001127120958.008b8b80@bioserve.latrobe.edu.au> References: <3.0.6.32.20001126155317.00b04d00@203.16.214.248> Message-ID: <3.0.6.32.20001126171303.00afbb10@203.16.214.248> At 12:09 PM 11/27/00 +1100, David Bannon wrote: >At 03:53 PM 26/11/2000 +1000, Richard Sharpe wrote: >>Hi, >> >>Like David Bannon and others, I am getting "No mapping between account >>names and security IDs was done." >> >>Am investigating ... > >Yeah, hi Richard. The problem seems to have come in late 22 / early 23 >November melbourne time. If I can get a couple of hours to myself I try .... Seems like local_lookup_name in passdb.c is returning something funky when asked to lookup the name of the client workstation ... >david >------------------------------------------------------------ >David Bannon D.Bannon@latrobe.edu.au >School of Biochemistry Phone 61 03 9479 2197 >La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >------------------------------------------------------------ >..... Humpty Dumpty was pushed ! > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sharpe at ns.aus.com Sun Nov 26 07:48:06 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain In-Reply-To: <3.0.6.32.20001126163957.00afda10@203.16.214.248> References: <3.0.6.32.20001127120958.008b8b80@bioserve.latrobe.edu.au> <3.0.6.32.20001126155317.00b04d00@203.16.214.248> Message-ID: <3.0.6.32.20001126174806.00affa20@203.16.214.248> At 04:39 PM 11/26/00 +1000, Richard Sharpe wrote: >At 12:09 PM 11/27/00 +1100, David Bannon wrote: >>At 03:53 PM 26/11/2000 +1000, Richard Sharpe wrote: >>>Hi, >>> >>>Like David Bannon and others, I am getting "No mapping between account >>>names and security IDs was done." >>> >>>Am investigating ... >> >>Yeah, hi Richard. The problem seems to have come in late 22 / early 23 >>November melbourne time. If I can get a couple of hours to myself I try .... > >OK, well the problem seems to be that samr_reply_lookup_names is returning >NT_STATUS_NONE_MAPPED ... > >Trying to figure out why now :-) Arrrrrgh, SHIT! sys_getpwnam called with WIN2K$! Who did that! Usernames have to be mapped to lowercase before calling sys_getpwnam, or we must have the correct username in /etc/passwd! >>david >>------------------------------------------------------------ >>David Bannon D.Bannon@latrobe.edu.au >>School of Biochemistry Phone 61 03 9479 2197 >>La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >>Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >>------------------------------------------------------------ >>..... Humpty Dumpty was pushed ! >> > >Regards >------- >Richard Sharpe, sharpe@ns.aus.com >Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) >Contributing author, SAMS Teach Yourself Samba in 24 Hours >Author, Special Edition, Using Samba > > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From sharpe at ns.aus.com Sun Nov 26 08:02:07 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain Message-ID: <3.0.6.32.20001126180207.00afed60@203.16.214.248> At 04:39 PM 11/26/00 +1000, Richard Sharpe wrote: >At 12:09 PM 11/27/00 +1100, David Bannon wrote: >>At 03:53 PM 26/11/2000 +1000, Richard Sharpe wrote: >>>Hi, >>> >>>Like David Bannon and others, I am getting "No mapping between account >>>names and security IDs was done." >>> >>>Am investigating ... >> >>Yeah, hi Richard. The problem seems to have come in late 22 / early 23 >>November melbourne time. If I can get a couple of hours to myself I try .... > >OK, well the problem seems to be that samr_reply_lookup_names is returning >NT_STATUS_NONE_MAPPED ... > >Trying to figure out why now :-) Well, some progress ... Changed a call to sys_getpwnam back to Get_Pwnam and I now get a different error :-) The specified domain either does not exist or could not be contacted! Onward ho! >>david >>------------------------------------------------------------ >>David Bannon D.Bannon@latrobe.edu.au >>School of Biochemistry Phone 61 03 9479 2197 >>La Trobe University, Plenty Rd, Fax 61 03 9479 2467 >>Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au >>------------------------------------------------------------ >>..... Humpty Dumpty was pushed ! >> > >Regards >------- >Richard Sharpe, sharpe@ns.aus.com >Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) >Contributing author, SAMS Teach Yourself Samba in 24 Hours >Author, Special Edition, Using Samba > > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From awilliam at whitemice.org Mon Nov 27 02:42:38 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:27 2003 Subject: "Domain Admin Users" with alpha1 In-Reply-To: <20001124201005.F9966@id-pro.net> References: <20001123200115.279177E44@lists.samba.org> <004101c055c2$dd00afc0$8d030201@smutu1> <20001124201005.F9966@id-pro.net> Message-ID: <20001127.2423800@estate1.whitemice.org> I am running a Samba PDC with a CVS checkout from 11-23-2000 (alpha1) controlling a Citrix Winframe 1.7 server. The server joins the domain happily, and I can login. 1. It does however claim that I do not have domain admin privilages, even though I am listed in "domain admin users=", which prevents me from running "Application Configuration" and giving other users the right to connect. 2. Another interesting note is that user names show up in triplicate in the file manager when you go to grant rights to a local file (I found one post about this, but it was very old.) security = user status = yes workgroup = BACKBONE netbios name = FINFOOT wins server = 192.168.1.9 encrypt passwords = yes smb passwd file = /usr/local/samba-head/private/smbpasswd domain logons = yes logon script = %G.bat domain admin users = root adam domain admin group = @cis guest account = pcnet share modes=no os level=165 bind interfaces only = yes interfaces = 192.168.1.16 127.0.0.1 preferred master = Yes domain master = Yes This is 2.2 running bound to 192.168.1.16 (eth0:1) and the loopback interface. A samba 2.0.7 is running bound to 192.168.1.9 (eth0:0) for providing file/print services, it authenticates to the samba 2.2 process just fine. Win9x logons work, etc... From D.Bannon at latrobe.edu.au Mon Nov 27 03:11:39 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain In-Reply-To: <3.0.6.32.20001126180207.00afed60@203.16.214.248> Message-ID: <3.0.6.32.20001127141139.008d2d50@bioserve.latrobe.edu.au> At 06:02 PM 26/11/2000 +1000, Richard Sharpe wrote: >>OK, well the problem seems to be that samr_reply_lookup_names is returning >>NT_STATUS_NONE_MAPPED ... > >Changed a call to sys_getpwnam back to Get_Pwnam and I now get a different >error :-) > > The specified domain either does not exist or could not be contacted! > Hmm... I did the same change and it worked fine ... david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From gcarter at valinux.com Mon Nov 27 04:39:45 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining a Samba 2.2.0 Alpha1 domain References: <3.0.6.32.20001126155317.00b04d00@203.16.214.248> <3.0.6.32.20001126171303.00afbb10@203.16.214.248> Message-ID: <3A21E591.7EF78445@valinux.com> Richard Sharpe wrote: > > > Seems like local_lookup_name in passdb.c is returning > something funky when asked to lookup the name of > the client workstation ... That'll teach everyone to answer me when I ask a question. :-) I made that change. Richard, I sent a separate note to you an Tim about this just now. We need a broader fix than reverting to Get_Pwnam() btw... sorry for breaking the domain logon. Could have sworn I tested it. Oh well... Cheers, jerry -- ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From sharpe at ns.aus.com Sun Nov 26 13:35:12 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: Problems with Win2K joining Samba-2.2.0-Alpha1 domain Message-ID: <3.0.6.32.20001126233512.00b22750@203.16.214.248> Hi, Well, after changing a call to sys_getpwnam(user) to Get_Pwnam(user, False) in source/passdb/passdb.c:local_lookup_name, I got further on this, but am now stuck with a message: The following error occurred attempting to join the domain "SAMBANET": The specified domain either does not exist or could not be contacted. This message takes a long time to come up, and I see little network activity for a long period, and then the message. However, the annoying thing is that David Bannon says that joining the domain from Win2K now works for him ... Anyone else seeing either case? Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From parvezhussain at operamail.com Mon Nov 27 08:13:34 2000 From: parvezhussain at operamail.com (Parvez Hussain) Date: Tue Dec 2 02:32:27 2003 Subject: Network Inaccessible (Linux) Message-ID: <3A2F9301@operamail.com> Hi, I have cofigured Samba in my linux m/c to be accessed from my NTdomain. When I click on the NN I get the following error: \\linux_netsol was inaccessible. Path not found. 'testparm | less' gives no error. My network is 192.168.10.0/24 I want the linux users to access their home directory from their windows client. Can anyone help me. Pointers to "Configuring samba for NT domain" will also do. Thanks Parvez I am sending my smb.conf file. SMB.CONF #======================= Global Settings ===================================== [global] workgroup = MANTRADOM server string = Samba Server ; hosts allow = 192.168.1. 192.168.2. 127. printcap name = /etc/printcap load printers = yes ; printing = bsd ; guest account = pcguest log file = /var/log/samba/log.%m max log size = 50 security = domain password server = MANTRA_SERVER SINDHU ; password level = 8 ; username level = 8 encrypt passwords = true smb passwd file = /etc/smbpasswd unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* username map = /etc/smbusers ; include = /etc/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; remote browse sync = 192.168.3.25 192.168.5.25 ; remote announce = 192.168.1.255 192.168.2.44 ; local master = no ; os level = 33 ; domain master = yes ; preferred master = yes ; domain controller = ; domain logons = yes ; logon script = %m.bat ; logon script = %U.bat ; logon path = \\%L\Profiles\%U ; name resolve order = wins lmhosts bcast ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes dns proxy = no unix password sync = no netbios name = linux_netsol encrypt passwords = yes password level = 0 null passwords = no os level = 0 preferred master = no domain master = no wins support = no dead time = 0 debug level = 0 map to guest = never ; preserve case = no ; short preserve case = no ; default case = lower ; case sensitive = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no ; writable = yes read only = no create mode = 750 # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writable = no share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes ------------------------------------------------------------ This e-mail has been sent to you courtesy of OperaMail, as a free service from Opera Software, makers of the award-winning Web Browser, Opera. Visit us at http://www.opera.com/ or our portal at: http://www.myopera.com/ Your free e-mail account is waiting at: http://www.operamail.com/ ------------------------------------------------------------ From parvezhussain at operamail.com Mon Nov 27 09:01:24 2000 From: parvezhussain at operamail.com (Parvez Hussain) Date: Tue Dec 2 02:32:27 2003 Subject: Network Inaccessible (Linux) Message-ID: <3A2FF958@operamail.com> Hi, I have cofigured Samba in my linux m/c to be accessed from my NTdomain. When I click on the NN I get the following error: \\linux_netsol was inaccessible. Path not found. 'testparm | less' gives no error. My network is 192.168.10.0/24 I want the linux users to access their home directory from their windows client. Can anyone help me. Pointers to "Configuring samba for NT domain" will also do. Thanks Parvez I am sending my smb.conf file. SMB.CONF #======================= Global Settings ===================================== [global] workgroup = MANTRADOM server string = Samba Server ; hosts allow = 192.168.1. 192.168.2. 127. printcap name = /etc/printcap load printers = yes ; printing = bsd ; guest account = pcguest log file = /var/log/samba/log.%m max log size = 50 security = domain password server = MANTRA_SERVER SINDHU ; password level = 8 ; username level = 8 encrypt passwords = true smb passwd file = /etc/smbpasswd unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* username map = /etc/smbusers ; include = /etc/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; remote browse sync = 192.168.3.25 192.168.5.25 ; remote announce = 192.168.1.255 192.168.2.44 ; local master = no ; os level = 33 ; domain master = yes ; preferred master = yes ; domain controller = ; domain logons = yes ; logon script = %m.bat ; logon script = %U.bat ; logon path = \\%L\Profiles\%U ; name resolve order = wins lmhosts bcast ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes dns proxy = no unix password sync = no netbios name = linux_netsol encrypt passwords = yes password level = 0 null passwords = no os level = 0 preferred master = no domain master = no wins support = no dead time = 0 debug level = 0 map to guest = never ; preserve case = no ; short preserve case = no ; default case = lower ; case sensitive = no #============================ Share Definitions ============================== [homes] comment = Home Directories browseable = no ; writable = yes read only = no create mode = 750 # Un-comment the following and create the netlogon directory for Domain Logons [netlogon] comment = Network Logon Service path = /home/netlogon guest ok = yes writable = no share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes [tmp] comment = Temporary file space path = /tmp read only = no public = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer [printers] comment = All Printers path = /var/spool/samba browseable = no # Set public = yes to allow user 'guest account' to print guest ok = no writable = no printable = yes ------------------------------------------------------------ This e-mail has been sent to you courtesy of OperaMail, as a free service from Opera Software, makers of the award-winning Web Browser, Opera. Visit us at http://www.opera.com/ or our portal at: http://www.myopera.com/ Your free e-mail account is waiting at: http://www.operamail.com/ ------------------------------------------------------------ From i.dobbie at icrf.icnet.uk Mon Nov 27 10:54:47 2000 From: i.dobbie at icrf.icnet.uk (Ian Dobbie) Date: Tue Dec 2 02:32:27 2003 Subject: minor bug in samba 2.2 checkout 27-11-00 In-Reply-To: David Bannon's message of "Mon, 27 Nov 2000 12:10:57 +1100" Message-ID: <4wr93xu1l4.fsf@cello2.lif.icnet.uk> A silly typo in the cvs checkout this morning (UK time). passdb.c has one line with false rather than False. Heres a diff *** passdb.c Mon Nov 27 10:53:36 2000 --- passdb.c-old Mon Nov 27 10:53:04 2000 *************** *** 1416,1422 **** * when needed! */ ! if(!(pass = Get_Pwnam(user,False))) { /* * Maybe it was a group ? */ --- 1416,1422 ---- * when needed! */ ! if(!(pass = Get_Pwnam(user,false))) { /* * Maybe it was a group ? */ Ian From sharpe at ns.aus.com Sun Nov 26 16:41:05 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:27 2003 Subject: minor bug in samba 2.2 checkout 27-11-00 In-Reply-To: <4wr93xu1l4.fsf@cello2.lif.icnet.uk> References: Message-ID: <3.0.6.32.20001127024105.00ae1960@203.16.214.248> Fixed ... At 10:54 AM 11/27/00 +0000, Ian Dobbie wrote: >A silly typo in the cvs checkout this morning (UK time). passdb.c has >one line with false rather than False. Heres a diff > >*** passdb.c Mon Nov 27 10:53:36 2000 >--- passdb.c-old Mon Nov 27 10:53:04 2000 >*************** >*** 1416,1422 **** > * when needed! > */ > >! if(!(pass = Get_Pwnam(user,False))) { > /* > * Maybe it was a group ? > */ >--- 1416,1422 ---- > * when needed! > */ > >! if(!(pass = Get_Pwnam(user,false))) { > /* > * Maybe it was a group ? > */ > > >Ian > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From k.blin at gmx.net Mon Nov 27 12:50:12 2000 From: k.blin at gmx.net (Kai Blin) Date: Tue Dec 2 02:32:27 2003 Subject: Network Inaccessible (Linux) In-Reply-To: <3A2F9301@operamail.com>; from parvezhussain@operamail.com on Mon, Nov 27, 2000 at 03:13:34AM -0500 References: <3A2F9301@operamail.com> Message-ID: <20001127135012.B6417@molgen-6.iah.medizin.uni-tuebingen.de> * Parvez Hussain [27/11/00, 03:13:34]: > Hi, > > I have cofigured Samba in my linux m/c to be accessed from my NTdomain. When I > click on the NN I get the following error: > > \\linux_netsol was inaccessible. > Path not found. > > 'testparm | less' gives no error. Is the TCP/IP working on the linux box, on the windows clients? Are the demons up or do they run via inetd? what's the output of a smbclient -L //linux_netsol or smbclient -L \\\\linux_netsol (if you like it that way) > I am sending my smb.conf file. Please don't send lines beginning with ; next time. Cheers, Kai -- Kai Blin, Sysop of the Dep. of Imunology of the University of Tuebingen --- Slous' Contention: If you do a job too well, you'll get stuck with it. From gandalf at mail.rss.cz Mon Nov 27 13:54:39 2000 From: gandalf at mail.rss.cz (gandalf@mail.rss.cz) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with Win2K joining Samba-2.2.0-Alpha1 domain In-Reply-To: <3.0.6.32.20001126233512.00b22750@203.16.214.248> Message-ID: This is just to confirm the same problem. I am not able to join the samba domain with the w2k wkst. I have got the same error message as you and the delay is also really long. s.p. On Sun, 26 Nov 2000, Richard Sharpe wrote: > Hi, > > Well, after changing a call to sys_getpwnam(user) to Get_Pwnam(user, False) > in source/passdb/passdb.c:local_lookup_name, I got further on this, but am > now stuck with a message: > > The following error occurred attempting to join the domain "SAMBANET": > The specified domain either does not exist or could not be contacted. > > This message takes a long time to come up, and I see little network > activity for a long period, and then the message. > > However, the annoying thing is that David Bannon says that joining the > domain from Win2K now works for him ... > > Anyone else seeing either case? > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > > From datk at albury.net.au Mon Nov 27 06:20:28 2000 From: datk at albury.net.au (David Atkinson) Date: Tue Dec 2 02:32:28 2003 Subject: PDC cannot be found - different subnet Message-ID: <01C05896.5761A690@dhcp18.atkinsontech.com.au> Have you checked that there are no routing problems. Can you ping between the hosts ? In my experience it is possible for a wins server to manage multiple subnets and multiple domains. I have a Samba 2.0.7 server setup as a Wins server and it serves two subnets quite well. You may want to try adding multiple virtual interfaces (or physical interfaces) to the samba box so that it can be on each subnet. This may help your problem.... Hope this helps Cheers David -----Original Message----- From: Samuel Greenfeld [SMTP:gree3776@rowan.edu] Sent: Wednesday, November 22, 2000 9:29 AM To: bob@meeker.urban.csuohio.edu; samba-ntdom@samba.org Subject: Re: PDC cannot be found - different subnet Not to beat a dead horse, but we have basically the exact same problem, also using Samba 2.0.7. Our Samba controlled domain is set up to register itself with the campus WINS server, which happens to be another Samba box. But Network Neighborhood normally doesn't see anything on another subnets. Mapping \\SERVER\SHARE by hand works. Of further note is that samba systems have no problems with this at all - they can see all the domains on campus (at last check, 93 due to all the student ones). Unfortunately, Novell is our official platform (except for engineering), so every getting every last LAN administrator to add LMHOSTS entries for our servers is not likely to happen. I suspect that many MS systems do not use WINS when they should, but I have no clue who is at fault. --- SJG >>> "Robert M. Martel" 11/20/00 05:08PM >>> Greetings all, have a lab of NT 4.0 machines on a different subnet from the smaba server acting as PDC. We rely on the university for WINS service. My lab machines are unable to find the PDC for their domain now that they are on a different subnet from the server. The server is configured to use WINS as are the NT 4.0 clients. It looks as if the samba server is NOT registering itself with the WINS server. An "nbtstat -a sambaserver" yields a result of name not found. I can see entries for other NT servers, but not for *any* of our SAMBA servers. What do I have to do to get SAMBA to register with the WINS server so that the clients can find their PDC? The SAMBA servers are configured to use WINS, the PDC -acting machine is also configured to be the domain master browser. The NT machines are configured via DHCP, but even when I plug numbers into the settings by hand I get the same results. Samba *can* be the PDC for clients on another subnet, right? What have I missed? Everything worked like a charm when everything was on the same subnet. Why won't the Samba servers register themselves with the WINS server? Thanks, Bob From hazen at potentia.ca Mon Nov 27 15:51:38 2000 From: hazen at potentia.ca (Hazen Valliant-Saunders) Date: Tue Dec 2 02:32:28 2003 Subject: TEST Message-ID: TEST Thank you for your time. Hazen Valliant-Saunders Potentia Telecom Power (613) 592-0027 x107 (613) 592-1686 (facimile) "Peace can only come as a natural consequence of universal enlightenment...'' --Nikola Tesla, "My Inventions: the autobiography of Nikola Tesla", Hart Bros., 1982-- From simona at uchicago.edu Mon Nov 27 16:15:43 2000 From: simona at uchicago.edu (Simon Allaway) Date: Tue Dec 2 02:32:28 2003 Subject: TEST References: Message-ID: <3A2288AF.7AF3BF63@uchicago.edu> Hazen Valliant-Saunders wrote: > > TEST failed -- Simon Allaway | "It's not a firewall, University of Chicago | it's a leather pouch." 5-4390 Haskell Hall | - Anon. From proberts at dubois-king.com Mon Nov 27 16:14:54 2000 From: proberts at dubois-king.com (Phillip C Roberts) Date: Tue Dec 2 02:32:28 2003 Subject: Redhat 7.0 and Samba 2.2 In-Reply-To: <3A1E721F.AE996B18@fatal.cz> Message-ID: I am preparing to make my first attempt at a Samba PDC. Is Redhat 7.0 a workable base or is 6.2 a better option? Any other hints or suggestions at my first attempt at a PDC would be greatly appreciated. Thanks!!!! Phillip C. Roberts CADD Manager DuBois & King, Inc. VM: 802.728.4113 ext 322 EM: proberts@dubois-king.com From hazen at potentia.ca Mon Nov 27 16:19:12 2000 From: hazen at potentia.ca (Hazen Valliant-Saunders) Date: Tue Dec 2 02:32:28 2003 Subject: OK here she goes Message-ID: Well now that i've tested and RT2FM. Ok Heres a brief story. 1. Decided to try to use Samba as a PDC for My current place of employment. (Figured i'd save my work the 5,000 windoze PDC costs for a network of our size.) So i started with 2.0.7, however we have Win2k Professionel (Egh Gaad it sucks!) and figured i'd need either HEAD, TNG, or 2.2.0prealpha, Dloaded and compiled each one respectively (RH 6.2 2.2.14 i586) 2.2.0prealpha works the best (Past the 48 over the week end test of remaining up!!) Now on this network we have one linux box, 8NT4SP5Dell Workstations, and 3 Laptops (one Toshiba Win98 and two Dell W2kPro Lattitudes), not to mention the Hewlett Packard PIII W98 Front desk system. So this is a homogenous networking environment that does not always function beacuse of problems with Windowze (more specificly NT4 and W2KPro, or Lan MGR4 and LanMGR5 or active directory.) So i have two machienes on the domain they have been on the domain for 48hours straigt and i have a couple scripts transferring files to test reliablility. and It works beautifully (TNG crashed with a Daemon Spawning Problem!) and HEAD is simply "too Bleeding edge" for my tastes. So 2.2.0prealpha work on the first try (AHHH i feel good about that one!) and even accepts logons (both remote and local domains ie WORKGROUP or LocalMachine. Now What i need to do is: 1. Figure out how to Migrate all of the locally stored profiles to the PDC! (Yes i know i have to copy all of the profile files to the home directory of the user (Set up in SMB.Conf see below) 2. Figure out how the heck to modify the profiles so that OUTLOOK *.PST files will remain local on the users home machiene. The HD on the Linux box is a 1.6GB Western-Digital (yes i know very old but it works beautifully) Now Most of the pst files are huge here (ie: 200 to 500MB in size) I kid you not! I need to figure out how to modify profile admin settings so that i do not run out of space on that drive! 3. Need to figure out how to copy the Profiles (More Specificly the ntuser.dat and ntuser.da0 to the new dirve. I know i shall half to get those files by booting into safe mode dos only and coping then) however I am not sure how to get the proper home directory or am I to extract the local profile directoy to the the remote profile dir (chmod and chown permessions anyone!) In summation I need a PDC migration how-to or guide, i've seen many questions but very few relevant awnsers. and i need to know how to do this withing the next week. ---------------------------------------------------------------------------- ------------------------------------------------- [global] # The Preformance options for improving throughput socket options = TCP_NODELAY IPTOS_LOWDELAY [global] #NetBIOS name isn't needed if it's the same as the hostname netbios name = XPDC workgroup = WORKGROUP socket options = TCP_NODELAY IPTOS_LOWDELAY Domain Admin Group = @users security = user status = yes wins support = yes encrypt passwords = yes domain logons =yes logon script = scripts\%U.bat domain admin users = root dbannon andrew add user script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %m$ guest account = ftp share modes=no os level=65 oplocks = no veto oplock files = yes level2 oplocks= No [homes] guest ok = no read only = no create mask = 0700 directory mask = 0700 oplocks = false locking = no [netlogon] path = /usr/local/samba/netlogon writeable = no guest ok = no #Please Keep in mind that the home directories are where the profiles are stored# so make sure no one but root has acess to home ---------EOF---------------------------------------------------------------- ------------------------------------------------- Thank you for your time. Hazen Valliant-Saunders Potentia Telecom Power (613) 592-0027 x107 (613) 592-1686 (facimile) "Peace can only come as a natural consequence of universal enlightenment...'' --Nikola Tesla, "My Inventions: the autobiography of Nikola Tesla", Hart Bros., 1982-- From antonio.dasilva at mors.fr Mon Nov 27 16:35:37 2000 From: antonio.dasilva at mors.fr (Antonio DA SILVA) Date: Tue Dec 2 02:32:28 2003 Subject: Problem accessing a Samba server from W2K Message-ID: <006c01c05890$1321efe0$23c809c0@mors.fr> Hi all, I'm a newbie with Samba, I've just dowloaded Samba 2.0.6 and I'd like to share files from a Solaris 2.5.1 station on W2K clients. The smb.conf file I set up works fine with W95 clients, but not with W2K (message "Account not authorized to connect from this station" when I select the Solaris station on the Explorer). Has anyone a clue ? Thanks --------------------------------------------------------------------- Antonio DA SILVA MORS - FRANCE -------------------------------------------------------------------- -------------- next part -------------- HTML attachment scrubbed and removed From aarjona at banistmo.com Mon Nov 27 16:47:27 2000 From: aarjona at banistmo.com (Arjona, Ariel) Date: Tue Dec 2 02:32:28 2003 Subject: TEST Message-ID: <9B6B824220DBD311BF5A1000974B43B32EDCCE@EXCH05001> E-mailtation Fault: Signature Dumped. > -----Original Message----- > From: Simon Allaway [mailto:simona@uchicago.edu] > Sent: Monday, November 27, 2000 11:16 AM > To: samba-ntdom@samba.org > Subject: Re: TEST > > > Hazen Valliant-Saunders wrote: > > > > TEST > failed > > -- > Simon Allaway | "It's not a firewall, > University of Chicago | it's a leather pouch." > 5-4390 Haskell Hall | - Anon. > From soeren.grimm at d2mail.de Mon Nov 27 16:50:13 2000 From: soeren.grimm at d2mail.de (=?iso-8859-1?Q?S=F6ren?= Grimm) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with NT 4.0 and Samba -> Power User Message-ID: <3A2290C5.4535AE93@gmx.de> Hi, i have the following problem. I want to set up Samba as PDC. I am running Samba 2.0.7 and Win NT 4.0 Servicepack 6.1. Until now i have set up Samba as PDC and i am able to join the Samba Domain. Additional it is possible to log on as user at the Domain. But all the users have only "users" not "Power Users" privileges. Now i want to change this. I have read the mailing lists and found out, that the Maps are not implemented in 2.0.7. So, what other options do i have ? I don't want to change to Samba TNG or equal. May be it is possible to use the usrmgr (Server Utils) from Windows NT, but how can i create an Domian Administrator ? So please help me. Thanks in advance regards, Soeren From soeren.grimm at d2mail.de Mon Nov 27 17:46:48 2000 From: soeren.grimm at d2mail.de (=?iso-8859-1?Q?S=F6ren?= Grimm) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with NT 4.0 and Samba -> Power User Message-ID: <3A229E08.861EA73C@d2mail.de> Hi, i have the following problem. I want to set up Samba as PDC. I am running Samba 2.0.7 and Win NT 4.0 Servicepack 6.1. Until now i have set up Samba as PDC and i am able to join the Samba Domain. Additional it is possible to log on as user at the Domain. But all the users have only "users" not "Power Users" privileges. Now i want to change this. I have read the mailing lists and found out, that the Maps are not implemented in 2.0.7. So, what other options do i have ? I don't want to change to Samba TNG or equal. May be it is possible to use the usrmgr (Server Utils) from Windows NT, but how can i create an Domian Administrator ? So please help me. Thanks in advance regards, Soeren From Staerk-Berlin at t-online.de Mon Nov 27 17:55:27 2000 From: Staerk-Berlin at t-online.de (=?iso-8859-1?Q?Ulrich_St=E4rk?=) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with Win2K joining Samba-2.2.0-Alpha1 domain References: <3.0.6.32.20001126233512.00b22750@203.16.214.248> Message-ID: <006201c0589b$3a631100$fe78a8c0@embryo> Not really. As I posted before adding a Win2k wkst. machine to the samba PDC worked just fine with the release from Nov. 26. The problem I encounter is that I can not log on the domain after reboot with an error message like "Either the machine account does not exist or the password for this machine account is wrong." See also me post from Nov.26 "Samba 2.2 alpha 1 CVS unable to log into domain from W2K client" cheers Uli ----- Original Message ----- From: "Richard Sharpe" To: Sent: Sunday, November 26, 2000 2:35 PM Subject: Problems with Win2K joining Samba-2.2.0-Alpha1 domain > Hi, > > Well, after changing a call to sys_getpwnam(user) to Get_Pwnam(user, False) > in source/passdb/passdb.c:local_lookup_name, I got further on this, but am > now stuck with a message: > > The following error occurred attempting to join the domain "SAMBANET": > The specified domain either does not exist or could not be contacted. > > This message takes a long time to come up, and I see little network > activity for a long period, and then the message. > > However, the annoying thing is that David Bannon says that joining the > domain from Win2K now works for him ... > > Anyone else seeing either case? > > Regards > ------- > Richard Sharpe, sharpe@ns.aus.com > Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) > Contributing author, SAMS Teach Yourself Samba in 24 Hours > Author, Special Edition, Using Samba > > > From anders at aae.wisc.edu Mon Nov 27 06:35:24 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:28 2003 Subject: Redhat 7.0 and Samba 2.2 In-Reply-To: ; from proberts@dubois-king.com on Mon, Nov 27, 2000 at 11:14:54AM -0500 References: <3A1E721F.AE996B18@fatal.cz> Message-ID: <20001127123524.A1238@anders-ibm.dyn.dhs.org> On Mon, Nov 27, 2000 at 11:14:54AM -0500, Phillip C Roberts wrote: > I am preparing to make my first attempt at a Samba PDC. Is Redhat 7.0 a > workable base or is 6.2 a better option? Any other hints or suggestions at > my first attempt at a PDC would be greatly appreciated. I'd recommend Redhat 6.2 My hint: look at David Bannons FAQs/HOWTOs www.samba.org -> pick your mirror -> Documentation > > Thanks!!!! > > Phillip C. Roberts > CADD Manager > DuBois & King, Inc. > VM: 802.728.4113 ext 322 > EM: proberts@dubois-king.com > > > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From hazen at potentia.ca Mon Nov 27 18:45:53 2000 From: hazen at potentia.ca (Hazen Valliant-Saunders) Date: Tue Dec 2 02:32:28 2003 Subject: Hi Evereybody I am doctor NICK!!!!! :) Message-ID: Ok so now that matt goering (god bless his twisted soul:) can sue me for plagerizam <-me cannot spell! Alrightey. For those of you who don't know or havent read enough already. When using samba as a PDC the home directorys of the users of that Domain have what is called a profile the profile itself is a set of files that define your Mail settings, News settings, Network Settings , Administrative Rights, Rights, Favroites (IE) History (IE) and many other things most notealby your preffered Registry Entries. and other things like your Backround for your desktop and any applications/documents you may have on your account. Under WIN NT 4.0 they are stored under the path "C:\WINNT\PROFILES" Said directory contains all of the above configuration information about the user accounts ie: User Bob will have a dir named Bob under the profiles dir with all of his prefrences stored neatley, if Bob was part of a domain, then the dir C:\WINNT\PROFILES would be mapped at startup form the remote or PDC's profile directory for Bob. ie: Bob really has two profiles, a local and a remote, however when bob logs onto his domain, his dir is mapped at logon form the PDC to his local drive and then the Mapped registry and all of it's preferential settings are loaded. That is why pdc's are nice. you can have 500 computers on a cube farm with 24/7 operation and each individual will have their own account. I've actually experenced work in a place like that it was quite detremental to my health. However points aside a Private Domain Controller is the God of a windows network. If you are setting up a PDC please use 2.2.0-alpha or the CVS HEAD version (3.0) or at least TNG. And if anyone has TNG working stabley please tell me how you kept it form consumeing all of your memory. So all that aside, My new and small company (www.potentia.ca) needed a PDC however both the owner, business manager, myself and two of the other 8 employees use linux at home for fun and decided that we could not justify $3,500 expense of buying a copy of W2KAS, And bieng of sound morals all of the mentioned people decided against piracy (Hey i program and i need the income form my IP, Heck this company is an IP firm pretty much specialzeing is telco power design, like very specific power and power integration for incredably new and strict hardware. ) So i informed my boss we could use samba as a pdc, and now 2.2.0-alpha1 is working beautifully (knock on wood) and we are in the inital testing phases. Now what i am having trouble with is this, we all have local profiles, and now due to the domain we have roveing profiles as well, I need to map all of the local Profiles to the roaming ones. so this way no information is lost and when people logon to the work doamain form home they will not have any trouble checking their mail and having acess to their tools form work. BUT I NEED TO FIGURE OUT HOW TO MAP PROFILES FORM HERE TO THE PDC!!!! and that mapping issue is my problem. I have read all the archives and faq's for every kind of samba, TNG HEAD 2.2.0 1.9.7 et-cetera, ad-nosium. AND I STILL HAVE NO AWNSER!! so if anyone could help me i would much appreciate it. Thank you for your time. Hazen Valliant-Saunders Potentia Telecom Power (613) 592-0027 x107 (613) 592-1686 (facimile) "Peace can only come as a natural consequence of universal enlightenment...'' --Nikola Tesla, "My Inventions: the autobiography of Nikola Tesla", Hart Bros., 1982-- From bgmilne at cae.co.za Mon Nov 27 19:08:24 2000 From: bgmilne at cae.co.za (Buchan Milne) Date: Tue Dec 2 02:32:28 2003 Subject: Problem accessing a Samba server from W2K Message-ID: <3A22B128.B4877C74@cae.co.za> It's probably that you are not using encrypted passwords (this is the error NT gives in this situatuion). Read docs/TEXTDOCS/ENCRYPTION.TXT: basically: 1)Enable encrypted passwords encrypt passwords = yes smb passwd file = /etc/smbpasswd #(or other location) 2)make smbpasswd for all users who will need access to samba: smbpasswd -a You can also reg-hack the windows boxes if you need plain-test, but you can not do this if you need domain support. Also, you should upgrade to 2.0.7 (it fixes some problems with w2k) Buchan > Antonio DA SILVA wrote: > > Hi all, > > I'm a newbie with Samba, I've just dowloaded Samba 2.0.6 and I'd like > to share files from a Solaris 2.5.1 station on W2K clients. The > smb.conf file I set up works fine with W95 clients, but not with W2K > (message "Account not authorized to connect from this station" when I > select the Solaris station on the Explorer). > > Has anyone a clue ? > Thanks > --------------------------------------------------------------------- > Antonio DA SILVA > MORS - FRANCE > -------------------------------------------------------------------- > > From bgmilne at cae.co.za Mon Nov 27 19:06:46 2000 From: bgmilne at cae.co.za (Buchan Milne) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with NT 4.0 and Samba -> Power User References: <3A229E08.861EA73C@d2mail.de> Message-ID: <3A22B0C6.143F1256@cae.co.za> smb.conf: domain admin users = @ S?ren Grimm wrote: > > Hi, > > i have the following problem. I want to set up Samba as PDC. > I am running Samba 2.0.7 and Win NT 4.0 Servicepack 6.1. > Until now i have set up Samba as PDC and i am able to > join the Samba Domain. Additional it is possible to log on > as user at the Domain. But all the users have only "users" not > "Power Users" privileges. Now i want to change this. I have > read the mailing lists and found out, that the Maps are not > implemented in 2.0.7. So, what other options do i have ? > I don't want to change to Samba TNG or equal. > May be it is possible to use the usrmgr (Server Utils) > from Windows NT, but how can i create an Domian > Administrator ? > > So please help me. > > Thanks in advance > > regards, > Soeren From bgmilne at cae.co.za Mon Nov 27 19:08:58 2000 From: bgmilne at cae.co.za (Buchan Milne) Date: Tue Dec 2 02:32:28 2003 Subject: OK here she goes Message-ID: <3A22B14A.AC58D4D4@cae.co.za> Hazen Valliant-Saunders wrote: > > Well now that i've tested and RT2FM. > Ok Heres a brief story. > 1. Decided to try to use Samba as a PDC for My current place of employment. > (Figured i'd save my work the 5,000 windoze PDC costs for a network of our > size.) > > So i started with 2.0.7, however we have Win2k Professionel (Egh Gaad it > sucks!) and figured i'd need either HEAD, TNG, or 2.2.0prealpha, Dloaded > and compiled each one respectively (RH 6.2 2.2.14 i586) 2.2.0prealpha works > the best (Past the 48 over the week end test of remaining up!!) We run 2.0.7 here at the moment. I guess the NT print driver functionality in 2.2.0 may be enough to offset running alpha .... > > Now on this network we have one linux box, 8NT4SP5Dell Workstations, and 3 > Laptops (one Toshiba Win98 and two Dell W2kPro Lattitudes), not to mention > the Hewlett Packard PIII W98 Front desk system. So this is a homogenous > networking environment that does not always function beacuse of problems > with Windowze (more specificly NT4 and W2KPro, or Lan MGR4 and LanMGR5 or > active directory.) > [snip] > Now What i need to do is: > 1. Figure out how to Migrate all of the locally stored profiles to the PDC! > (Yes i know i have to copy all of the profile files to the home directory of > the user (Set up in SMB.Conf see below) NT: Log in as a user with admin proveleges on the NT on which the user profile lives currently: Connect to \\pdc\profiles Start -> Settings -> COntrol Panel -> System -> Profiles. Select a profile, choose copy, remember to set "Who is auth'ed to use this profile" to either "Everyone" or the domain account of the user. Both of these options have advantages and disadvantages. > 2. Figure out how the heck to modify the profiles so that OUTLOOK *.PST > files will remain local on the users home machiene. The HD on the Linux box > is a 1.6GB Western-Digital (yes i know very old but it works beautifully) > Now Most of the pst files are huge here (ie: 200 to 500MB in size) I kid > you not! I need to figure out how to modify profile admin settings so that > i do not run out of space on that drive! Move the outlook.pst out of the profile first to a better place, restart outlook, when it complains, show it where the original is. > > 3. Need to figure out how to copy the Profiles (More Specificly the > ntuser.dat and ntuser.da0 to the new dirve. I know i shall half to get > those files by booting into safe mode dos only and coping then) however I > am not sure how to get the proper home directory or am I to extract the > local profile directoy to the the remote profile dir (chmod and chown > permessions anyone!) > This is hanled by the above prcedure. > In summation I need a PDC migration how-to or guide, i've seen many > questions but very few relevant awnsers. and i need to know how to do this > withing the next week. > [snip smb.conf - I assume since it mostly works, it's more or less ok] On closer inspection I think you need a profiles share: This is what I use in samba 2.0.7 [profiles] path =/path/to/profiles browseable=no guest ok = yes writeable = yes and you need to set the profile options in general: logon path = \\%L\profiles\%U #NT logon home = \\%L\%U\.profiles #win9x #see the docs n domains for the reasons (good) for this. Buchan From bob at meeker.urban.csuohio.edu Mon Nov 27 20:33:02 2000 From: bob at meeker.urban.csuohio.edu (Robert M. Martel) Date: Tue Dec 2 02:32:28 2003 Subject: registering with WINS server (was: finding samba PDC on different subnet) Message-ID: <200011272033.PAA20843@meeker.urban.csuohio.edu> What must I do to FORCE my Smaba server(s) to register with a WINS server. I am unable to use my Samba servers as WINS servers, I need to use the university provided WINS server. So far my Samba machines have been unwilling or unable to register with the WINS server. I have the "win server = IP addr of WINS server" in my smb.conf but every time I use nbtstat -a sambaserver on a windows client machine I get back "Host not found". The books don't say all that much about WINS, other than it should magically work. Seems to me that this is why my client machines cannot find their (samba) PDC on a different subnet (as I have posted in the past) which is why I am posting this question to this list. Anyone have any thoughts as to why the communication with WINS is not working as advertised? I am using Samba 2.0.7. Thanks, Bob Martel ****************************************************************************** Bob Martel - System Administrator | I met someone who looks a lot like you Levin College of Urban Affairs | She does the things you do Cleveland State University | But she is an IBM (216) 687-2214 | bob@meeker.csuohio.edu | -Jeff Lynne ****************************************************************************** From edmundo at moscow.com Mon Nov 27 20:53:26 2000 From: edmundo at moscow.com (Stokes) Date: Tue Dec 2 02:32:28 2003 Subject: OK here she goes References: <3A22B14A.AC58D4D4@cae.co.za> Message-ID: <001501c058b4$17820b50$010aa8c0@shitepie> > Hazen Valliant-Saunders wrote: > > > [snip] > > 2. Figure out how the heck to modify the profiles so that OUTLOOK *.PST > > files will remain local on the users home machiene. The HD on the Linux box > > is a 1.6GB Western-Digital (yes i know very old but it works beautifully) > > Now Most of the pst files are huge here (ie: 200 to 500MB in size) I kid > > you not! I need to figure out how to modify profile admin settings so that > > i do not run out of space on that drive! > Hazen, I suggest you buy a new hard drive simply because it is such a splendid solution to this problem, not to mention a sound investment. Also, they are cheaper than dirt these days. Here is a link that I found through pricewatch.com in 5 seconds to buy a 30 gig ide Western Digital (sounds like you like that company--personally, I only use IBM drives due to past drive failures with other companies) for $106: http://123cdc.com/cdc_pdetails.asp?id=009780-C M Stokes From todd.4 at wright.edu Mon Nov 27 21:18:43 2000 From: todd.4 at wright.edu (Jason Todd) Date: Tue Dec 2 02:32:28 2003 Subject: Roaming profiles, permissions In-Reply-To: <3.0.6.32.20001123104015.008bb4c0@bioserve.latrobe.edu.au> Message-ID: Thanks to those who supplied feedback to my previous questions. All is well now (mostly). It turns out that it was a disk usage problem after all. I didn't think to check the quotas of the problem users. I set each quota to 200 MB for the /home partition but [explicative] IE 5 ate up all of the space with its cache. I'm a Netscape guy myself... Anyways, I'm playing around with the registry permissions stuff and I think I found a cheap solution. I noticed that for some reason, most users have "NTUSER.DAT" and "ntuser.dat.LOG" in their ~/profile directory, and other users (myself included) have "ntuser.dat" and "ntuser.dat.LOG" instead (notice the case). I removed the lowercase "ntuser.dat" off my ~/profile directory as well as my "locally" stored profile on one of the client machines then logged into NT. Previously there was just "username" in the WINNT\Profiles directory but now there is "username.000" which seems to be storing ALL of my correct profile information, Desktop, registry, etc. I'm not too concerned by the extra profile directories hanging around. BTW, there are no local accounts on the machine in question, except for the usual (Administrator, Guest, etc.). Maybe this info can help others with similar problems, or maybe some of you know of better approaches. Jason From mgeddes at xavier.sa.edu.au Mon Nov 27 22:08:08 2000 From: mgeddes at xavier.sa.edu.au (Matthew Geddes) Date: Tue Dec 2 02:32:28 2003 Subject: registering with WINS server References: <200011272033.PAA20843@meeker.urban.csuohio.edu> Message-ID: <3A22DB48.B6D61463@xavier.sa.edu.au> "Robert M. Martel" wrote: > > What must I do to FORCE my Smaba server(s) to register with > a WINS server. I am unable to use my Samba servers as WINS servers, I need > to use the university provided WINS server. So far my Samba machines > have been unwilling or unable to register with the WINS server. > > I have the "win server = IP addr of WINS server" in my smb.conf > but every time I use nbtstat -a sambaserver on a windows client machine > I get back "Host not found". The books don't say all that much > about WINS, other than it should magically work. > > Seems to me that this is why my client machines cannot find their > (samba) PDC on a different subnet (as I have posted in the past) which is why > I am posting this question to this list. > I have the same problems with our NT servers (the nbtstat -a thing). Try checking the WINS database using the WINS manager on your WINS server. If your Samba server doesn't appear there, try using static WINS entries. If this doesn't suit your needs, you can try telling Samba that it's the Domain Master, Local Master and Preferred Master, but give it an os level of 1. This will at least make the samba server well known on the network ;-). Hope it helps, Matt From mg at plum.de Mon Nov 27 23:01:38 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:32:28 2003 Subject: Redhat 7.0 and Samba 2.2 In-Reply-To: <20001127123524.A1238@anders-ibm.dyn.dhs.org> Message-ID: <412122398.975369698@[10.1.1.2]> --On Montag, 27. November 2000 12:35 +0600 "Anders C. Thorsen" wrote: > On Mon, Nov 27, 2000 at 11:14:54AM -0500, Phillip C Roberts wrote: >> I am preparing to make my first attempt at a Samba PDC. Is Redhat 7.0 a >> workable base or is 6.2 a better option? Any other hints or suggestions >> at my first attempt at a PDC would be greatly appreciated. > > I'd recommend Redhat 6.2 > > My hint: look at David Bannons FAQs/HOWTOs > www.samba.org -> pick your mirror -> Documentation 7.0 should be fine. (altough my main servers still run 6.2) If you run into trouble when compiling use: export CC=kgcc (this works for most packages ... redhat 7.0 ships with an *different* compiler ;) regards, Michael From D.Bannon at latrobe.edu.au Mon Nov 27 23:16:40 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:28 2003 Subject: Problems with NT 4.0 and Samba -> Power User In-Reply-To: <3A229E08.861EA73C@d2mail.de> Message-ID: <3.0.6.32.20001128101640.008bf3a0@bioserve.latrobe.edu.au> At 06:46 PM 27/11/2000 +0100, S?ren Grimm wrote: >Hi, > >i have the following problem. I want to set up Samba as PDC. >I am running Samba 2.0.7 and Win NT 4.0 Servicepack 6.1. >... >"Power Users" privileges. Now i want to change this. I have Please see the 207 as a PDC link from the samba pages (its actually at bioserve.latrobe.edu.au/samba). David ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From sharpe at ns.aus.com Mon Nov 27 04:48:19 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:28 2003 Subject: registering with WINS server (was: finding samba PDC on different subnet) In-Reply-To: <200011272033.PAA20843@meeker.urban.csuohio.edu> Message-ID: <3.0.6.32.20001127144819.00b4e8b0@203.16.214.248> At 03:33 PM 11/27/00 -0500, Robert M. Martel wrote: > > What must I do to FORCE my Smaba server(s) to register with >a WINS server. I am unable to use my Samba servers as WINS servers, I need >to use the university provided WINS server. So far my Samba machines >have been unwilling or unable to register with the WINS server. > > I have the "win server = IP addr of WINS server" in my smb.conf >but every time I use nbtstat -a sambaserver on a windows client machine >I get back "Host not found". The books don't say all that much >about WINS, other than it should magically work. > > Seems to me that this is why my client machines cannot find their >(samba) PDC on a different subnet (as I have posted in the past) which is why >I am posting this question to this list. > > Anyone have any thoughts as to why the communication with WINS is >not working as advertised? I am using Samba 2.0.7. Ummm, seems like standard debugging. Are the packets getting through. Use tcpdump or Ethereal to capture the outgoing WINS packets and look for responses of any sort (even ICMP dest unreachables). The packets will be sent to port 137 on the WINS server. > Thanks, > Bob Martel >*************************************************************************** *** > Bob Martel - System Administrator | I met someone who looks a lot like you > Levin College of Urban Affairs | She does the things you do > Cleveland State University | But she is an IBM > (216) 687-2214 | > bob@meeker.csuohio.edu | -Jeff Lynne >*************************************************************************** *** > > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From D.Bannon at latrobe.edu.au Mon Nov 27 23:18:59 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:28 2003 Subject: Problem accessing a Samba server from W2K In-Reply-To: <006c01c05890$1321efe0$23c809c0@mors.fr> Message-ID: <3.0.6.32.20001128101859.008b4ea0@bioserve.latrobe.edu.au> At 05:35 PM 27/11/2000 +0100, Antonio DA SILVA wrote: > Hi all, I'm a newbie with Samba, I've just dowloaded Samba 2.0.6 and >I'd like to share files from a Solaris 2.5.1 station on W2K clients. The >smb.conf file I set up works fine with W95 clients, but not with W2K >(message "Account not authorized to connect from this station" when I >select the Solaris station on the Explorer). Has anyone a clue ? Thanks You really need at least 2.0.7 to co-operate well with W2K. Please check out the links on the 'Documentation' page at the samba web site. david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From D.Bannon at latrobe.edu.au Mon Nov 27 23:25:17 2000 From: D.Bannon at latrobe.edu.au (David Bannon) Date: Tue Dec 2 02:32:28 2003 Subject: Redhat 7.0 and Samba 2.2 In-Reply-To: References: <3A1E721F.AE996B18@fatal.cz> Message-ID: <3.0.6.32.20001128102517.008b19d0@bioserve.latrobe.edu.au> At 11:14 AM 27/11/2000 -0500, Phillip C Roberts wrote: >I am preparing to make my first attempt at a Samba PDC. Is Redhat 7.0 a >workable base or is 6.2 a better option? Any other hints or suggestions at >my first attempt at a PDC would be greatly appreciated. > I believe that RedHat jumped the gun a bit with gcc on 7.0 and included a 'alpha release' that does a few things differently. See the gcc site for details. I would stick to 6.2 and stick all the (appropriate) patches on including the kernel one. The standard 6.2 kernel has some security bug and further does not allow the current ssh to work. As a general rule, I find it better to wait for x.1 or x.2 with redhat... david ------------------------------------------------------------ David Bannon D.Bannon@latrobe.edu.au School of Biochemistry Phone 61 03 9479 2197 La Trobe University, Plenty Rd, Fax 61 03 9479 2467 Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au ------------------------------------------------------------ ..... Humpty Dumpty was pushed ! From vorlon at netexpress.net Mon Nov 27 23:26:44 2000 From: vorlon at netexpress.net (Steve Langasek) Date: Tue Dec 2 02:32:28 2003 Subject: registering with WINS server (was: finding samba PDC on different subnet) In-Reply-To: <200011272033.PAA20843@meeker.urban.csuohio.edu> Message-ID: On Mon, 27 Nov 2000, Robert M. Martel wrote: > > What must I do to FORCE my Smaba server(s) to register with > a WINS server. I am unable to use my Samba servers as WINS servers, I need > to use the university provided WINS server. So far my Samba machines > have been unwilling or unable to register with the WINS server. > I have the "win server = IP addr of WINS server" in my smb.conf > but every time I use nbtstat -a sambaserver on a windows client machine > I get back "Host not found". The books don't say all that much > about WINS, other than it should magically work. Please check the spelling of your smb.conf directive. If you do indeed have 'win server = ' in your config file, it certainly will not work, because the name of the directive is 'wins server'. Running 'testparm' would quickly show this error if this is the case. Beyond that, I can only say that I have never had trouble getting Samba working with a WINS server, whether Unix or NT... Regards, Steve Langasek postmodern programmer From jbrown at hlmc.com Tue Nov 28 00:55:24 2000 From: jbrown at hlmc.com (jbrown@hlmc.com) Date: Tue Dec 2 02:32:28 2003 Subject: NIS, Trust Relationships, Home Drives, and Password Changing Message-ID: I was wondering if NIS was the best solution for system security structure (sharing out smbpasswd and /etc/passwd, /etc/groups), or if I should setup an add user script and use 1 server as the authentication server. My network is setup as follows. 1 NT Terminal Server setup as PDC for domain HLMC, two samba servers v2.0.7 (Home (Caldera v2.3) and Home2 (RedHat v6.2)) working for domain WORKGROUP, 70 or so Windows 95/98 clients. HOME is the domain logon server for the W9x clients and HOME2 authenticated against HOME. I am going to have to use the setgid bit on the filesystem to control access (due to 1 generic share per machine with all applications located on them), and I do not see how an adduser script will assign the proper group permissions. I am also having a problem with home drives. The home drive settings are in the smb.conf (all three of them), but when I execute a net use * /HOME it says invalid path specified. When browsing, I do see the (username) share that is the home drive (a subdirectory of the unix home drive). Also, I cannot change the password from a user level. If I execute smbpasswd (username) from root, I have no problem. But, when I execute smbpasswd from the user level, it says that my previous password was invalid (maybe there needs to be a certain file permission on the smbpasswd file, or setuid on the smbpasswd executable?). When trying to change the password from a windows client, I get the same results. And finally, with samba-tng, is it possible to setup a domain trust relationship. This relationship would be established so that all users of the Terminal Server would have group access on the Samba servers (ie - a user map to force the user to a generic account named tsuser on the Unix Machine), or better yet, to control access by Global Groups on the Terminal Server Domain. Thanks for your help, Justin L. Brown MCSE (Don't laugh) - I need to cough up the $750.00 for RHCE. :P PS - I would like to thank all the developers out there that work hard on samba. It's a great application, and I'm sure most unix nutz appreciate having it. From sharpe at ns.aus.com Tue Nov 28 01:25:10 2000 From: sharpe at ns.aus.com (Richard Sharpe) Date: Tue Dec 2 02:32:28 2003 Subject: registering with WINS server In-Reply-To: <3A22DB48.B6D61463@xavier.sa.edu.au> References: <200011272033.PAA20843@meeker.urban.csuohio.edu> Message-ID: <3.0.6.32.20001128112510.00ab5c20@203.16.214.248> At 08:38 AM 11/28/00 +1030, Matthew Geddes wrote: >"Robert M. Martel" wrote: >> >> What must I do to FORCE my Smaba server(s) to register with >> a WINS server. I am unable to use my Samba servers as WINS servers, I need >> to use the university provided WINS server. So far my Samba machines >> have been unwilling or unable to register with the WINS server. >> >> I have the "win server = IP addr of WINS server" in my smb.conf >> but every time I use nbtstat -a sambaserver on a windows client machine >> I get back "Host not found". The books don't say all that much >> about WINS, other than it should magically work. >> >> Seems to me that this is why my client machines cannot find their >> (samba) PDC on a different subnet (as I have posted in the past) which is why >> I am posting this question to this list. >> > >I have the same problems with our NT servers (the nbtstat -a thing). Try >checking the WINS database using the WINS manager on your WINS server. >If your Samba server doesn't appear there, try using static WINS >entries. If this doesn't suit your needs, you can try telling Samba that >it's the Domain Master, Local Master and Preferred Master, but give it >an os level of 1. This will at least make the samba server well known on >the network ;-). This will only make it show up in the browse lists. Because the server is not registered with a WINS server, unless the network is set up with everyone as H-nodes or M-nodes, when a client goes to browse the server, things will not work. Browsing is a two step process. Retrieve the browse list, which is a list of NetBIOS names, and then translate the name to an IP address (or MAC address). See, for example, Special Edition, Using Samba :-) >Hope it helps, >Matt > > Regards ------- Richard Sharpe, sharpe@ns.aus.com Samba (Team member, www.samba.org), Ethereal (Team member, www.zing.org) Contributing author, SAMS Teach Yourself Samba in 24 Hours Author, Special Edition, Using Samba From ccchan at my.ncs-i.com Tue Nov 28 05:20:25 2000 From: ccchan at my.ncs-i.com (CHAN Chow Chin, David) Date: Tue Dec 2 02:32:28 2003 Subject: Samba in NT Domain. Message-ID: Sorry if this sounds like a very popular question, but I still have to ask for help as I don't have the leisure of reading all of the HOWTOs and the FAQs. I am using RedHat 6.2 Professional running Samba-2.0.6-9 in an NT Domain. I wish to setup the Linux machine as a member of that domain with file-sharing capabilities. Is it possible for the Linux machine to share it's files without password authentication? (wish to make it access files like a Windows machine) Also, is there any way for me to see other machines in the domain as I don't know how to see their files using the command line or X. Please help. David. From mg at plum.de Tue Nov 28 05:52:05 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:32:28 2003 Subject: Roaming profiles, permissions In-Reply-To: Message-ID: <436749448.975394325@[10.1.1.2]> --On Montag, 27. November 2000 16:18 -0500 Jason Todd wrote: > Thanks to those who supplied feedback to my previous questions. All is > well now (mostly). It turns out that it was a disk usage problem after > all. I didn't think to check the quotas of the problem users. I set each > quota to 200 MB for the /home partition but [explicative] IE 5 ate up all > of the space with its cache. I'm a Netscape guy myself... > turn on "delete cache on exit" in the ie preferences. helps a lot. ;) regards, Michael From mg at plum.de Tue Nov 28 05:52:05 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:32:28 2003 Subject: Roaming profiles, permissions In-Reply-To: Message-ID: <436749448.975394325@[10.1.1.2]> --On Montag, 27. November 2000 16:18 -0500 Jason Todd wrote: > Thanks to those who supplied feedback to my previous questions. All is > well now (mostly). It turns out that it was a disk usage problem after > all. I didn't think to check the quotas of the problem users. I set each > quota to 200 MB for the /home partition but [explicative] IE 5 ate up all > of the space with its cache. I'm a Netscape guy myself... > turn on "delete cache on exit" in the ie preferences. helps a lot. ;) regards, Michael From soeren.grimm at d2mail.de Tue Nov 28 10:45:03 2000 From: soeren.grimm at d2mail.de (=?iso-8859-1?Q?S=F6ren?= Grimm) Date: Tue Dec 2 02:32:28 2003 Subject: How to change user privileges to "Power User" Message-ID: <3A238CAF.6E2B0917@d2mail.de> Hi, Thanks to those who supplied feedback to my previous questions. Systems: Samba 2.0.7 & WinNTws (SP 6a). I have read "bioserve.latrobe.edu.au/samba", now i have a Domain Admin :-) But i have still the question, how can i change the privileges from a user to "Power User", because it's not good if everybody has Administrator privileges and it is also bad if the users only have "User" privileges. The user manger from Windows NT and Windows 9x is not working. I allways get the following error-message: "The procedure number is out of the permitted range" (Translation from german to english ;-)) Is it possible to change the user privileges directly on the Samba Server, if yes, how can i do this ? Please help again Thanks in advance regards, Soeren From bgmilne at ing.sun.ac.za Tue Nov 28 11:17:08 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:28 2003 Subject: Samba in NT Domain. References: Message-ID: <3A239434.8F64D663@ing.sun.ac.za> "CHAN Chow Chin, David" wrote: > > Sorry if this sounds like a very popular question, > but I still have to ask for help as I don't have the > leisure of reading all of the HOWTOs and the FAQs. > > I am using RedHat 6.2 Professional running Samba-2.0.6-9 in an NT Domain. > I wish to setup the Linux machine as a member of that domain with > file-sharing capabilities. Is it possible for the Linux machine to share > it's files without password authentication? (wish to make it access files > like a Windows machine) Samba can join an NT Domain, in which case it passes all authentication to the PDC (much better than not having password authentication). Please look at the documentation available (in the samba docs directory there is quite a bit, although some is outdated). You should consider upgrading to samba 2.0.7 for two reasons - better win2k support, and the book "Using Samba" that is now included. Basically, to join the domain, you need ...: 1) ... the following in your /etc/smb.conf: security = domain password server = CAEPDC encrypt passwords = yes smb passwd file = /etc/smbpasswd 2)... to have a machine account made in your domain. Ask a Domain Admin to do this for you. 3)... to join the domain: smbpasswd -j [-r ] Buchan > Also, is there any way for me to see other machines in the domain as I don't > know how to see their files using the command line or X. There are quite a few packages that can let you browse Network Neighbourhood in X: -kruiser (aka KDE Explorer) -LinNeighborhood -gnomba (also check the samba pages for more) (you should be able to find most of these on either freshmeat.net, rpmfind.net or linuxberg) Buchan > Please help. > > David. -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From bgmilne at ing.sun.ac.za Tue Nov 28 11:19:53 2000 From: bgmilne at ing.sun.ac.za (Buchan Milne) Date: Tue Dec 2 02:32:28 2003 Subject: How to change user privileges to "Power User" References: <3A238CAF.6E2B0917@d2mail.de> Message-ID: <3A2394D9.20915793@ing.sun.ac.za> This is not possible in 2.0.x, and probably won't be possible in 2.2.x either, but should be possible in samba 3.0 In the meantime, you can make domain members local power users using User Manager for each machine they need these rights on. Buchan S?ren Grimm wrote: > > Hi, > > Thanks to those who supplied feedback to my previous questions. > Systems: Samba 2.0.7 & WinNTws (SP 6a). > I have read "bioserve.latrobe.edu.au/samba", now i have a Domain Admin > :-) > But i have still the question, how can i change the privileges from a > user > to "Power User", because it's not good if everybody has Administrator > privileges and > it is also bad if the users only have "User" privileges. > The user manger from Windows NT and Windows 9x is not working. I allways > > get the following error-message: > "The procedure number is out of the permitted range" (Translation from > german to english ;-)) > Is it possible to change the user privileges directly on the Samba > Server, if > yes, how can i do this ? > > Please help again > > Thanks in advance > > regards, > Soeren -- |--------------------------------------------------------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone +27824722231 email mailto:bgmilne@ing.sun.ac.za Centre for Automotive Engineering http://www.cae.co.za South Africas first satellite: http://sunsat.ee.sun.ac.za Control Models http://www.control.co.za |----------------Registered Linux User #182071-----------------| From mharding at ecwebworks.com Tue Nov 28 16:20:25 2000 From: mharding at ecwebworks.com (Marc Harding) Date: Tue Dec 2 02:32:28 2003 Subject: Win2k joining 2.2 cvs from last night Nov 27, 2000 Message-ID: <20001128.16202500@ec-101-001.ecwebworks.com> I am working on getting a win2k pro machine to join a samba domain. I have followed the FAQ, and been reading the list. I am unable to join with various errors and problems. I am using RedHat 6.2 (all required patches) with the pam support. I was wondering if I was using some incorrect configure options and this was causing the errors. Can someone give me an example of a working configure line? During the join process I see the workstation added to /etc/passwd and a new line in the /etc/smbpasswd file as follows - ec001$:502:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDW ]:LCT-3A230E1A: If anyone can help me, I would greatly appreciate it. I can also send any other info required. Thanks in advance, Marc Harding mharding@ecwebworks.com www.ecwebworks.com From CShoell at frk.com Tue Nov 28 16:35:58 2000 From: CShoell at frk.com (Shoell, Courtney) Date: Tue Dec 2 02:32:28 2003 Subject: samba joining win2k share on nt4 domain Message-ID: Okay here is a great find. It seems Microsoft has a bug in win2k where if you have a share on a win2k server and it sits in a nt4 domain and the user has log off times set you may or may not be able to access the share during valid times of the day. Check out Q263006 on MS Knowledge base. Microsoft says it will be included in SP2. From gerry at mccb.org Tue Nov 28 15:58:25 2000 From: gerry at mccb.org (Gerry Kirk) Date: Tue Dec 2 02:32:28 2003 Subject: Creating a share on a Windows 9x machine Message-ID: <4.3.1.1.20001128215555.00b0eb30@mail> Before resorting to posting, I searched endlessly for an answer to this question. My question is what type of sharing is possible from a Win 9x machine with Samba 2.0.7 as the network PDC? I am able to create Share-level shares, but not User-level shares. Is this what I should expect? Thanks, Gerry Information System Specialist, Mennonite Central Committee Bangladesh Registered Linux User # 193916 From gerry at mccb.org Wed Nov 29 02:56:53 2000 From: gerry at mccb.org (Gerry Kirk) Date: Tue Dec 2 02:32:29 2003 Subject: Creating a share on a Windows 9x machine In-Reply-To: References: <4.3.1.1.20001128215555.00b0eb30@mail> Message-ID: <4.3.1.1.20001129085504.00affb70@mail> Thanks for your response. Can you clarify group level for me? Do you mean I can assign permissions to a group of users? The only way I know of is to create a "share-level" share and assign a password to the share. Gerry At 11/28/00 11:57 AM, you wrote: >OK > 2.0.7 does not support user level permissions only group level. >so you cannot create user level shares because your PDC does not recognise >users as such. Information System Specialist, Mennonite Central Committee Bangladesh Registered Linux User # 193916 From read_a at univerahealthcare.org Tue Nov 28 18:34:49 2000 From: read_a at univerahealthcare.org (Adam Read) Date: Tue Dec 2 02:32:29 2003 Subject: Winbind Message-ID: Ok, despirate times call for.. a helping hand: I am trying to get a samba server off the ground. I want winbind to work, so I don't have to make local accounts for the ~1000 users we currently have. It will be a print server only. I like what I hear about the newest alpha about NT printing, but I would be happy to get winbind working on anything. I am running mandrake corporate server 1.0. Which is(I believe) based on RH 6.2. If someone could give me step-by-step info I would appreciate it, or at least step-by-step installs of Winbind. Thanks, Adam From boehm at nortelnetworks.com Wed Nov 29 13:33:18 2000 From: boehm at nortelnetworks.com (Eric Boehm) Date: Tue Dec 2 02:32:29 2003 Subject: What is the real meaning of ERRpipebusy? Message-ID: <20001129083318.A17785@brtpsfac.nortelnetworks.com> I am seeing the following errors in my samba logs. [2000/11/29 07:44:20, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/rpc_client/cli_netlogon.c:cli_net_auth2(159) cli_net_auth2: Error NT_STATUS_ACCESS_DENIED [2000/11/29 07:44:20, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/rpc_client/cli_login.c:cli_nt_setup_creds(72) cli_nt_setup_creds: auth2 challenge failed [2000/11/29 07:44:20, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/smbd/password.c:connect_to_domain_password_server(1262) connect_to_domain_password_server: unable to setup the PDC credentials to machine PCNTRTP01. Error was : NT_STATUS_ACCESS_DENIED. [2000/11/29 07:44:21, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/rpc_client/cli_pipe.c:cli_nt_session_open(1174) cli_nt_session_open: cli_nt_create failed on pipe \NETLOGON to machine PCNTRTP01. Error was ERRDOS - ERRpipebusy (All instances of the requested pipe are busy.) [2000/11/29 07:44:21, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/smbd/password.c:connect_to_domain_password_server(1253) connect_to_domain_password_server: unable to open the domain client session to machine PCNTRTP01. Error was : ERRDOS - ERRpipebusy (All instances of the requested pipe are busy.). [2000/11/29 07:45:11, 0, pid=5019] /usr/local2/software/source/common/samba-2.0.7/source/smbd/password.c:domain_client_validate(1454) domain_client_validate: Domain password server not available. I am trying to figure out if this is a problem with Samba or with the NT domain. I searched the mail archives at http://marc.theaimsgroup.com/. All I turned up was a previous problem with long user lists that was fixed. The share in question (export) contains ClearCase VOBs. The user experiences the problems if he tries to mount all the VOBs at once. He doesn't have any problems if he tries to mount them one at a time. There are 28 VOBs contained in this share. I am running Samba 2.0.7 on Solaris 7. My smb.conf is: Samba config file created using SWAT # from brtpsfac (47.111.65.76) # Date: 2000/11/29 08:30:30 # Global parameters [global] client code page = 437 workgroup = PCNTRTP netbios aliases = UAS_PTM_SNM01 server string = "UAS/PTM/SNM ClearCase VOB Server %h (%L), Samba" interfaces = "47.111.70.81/20 47.140.7.212/20 47.202.34.210/20" security = DOMAIN encrypt passwords = Yes password server = * username map = /usr/local/samba/lib/username.map log file = /usr/local/samba/var/log.%m debug pid = Yes max open files = 1014 socket options = TCP_NODELAY SO_KEEPALIVE SO_SNDBUF=32768 SO_RCVBUF=32768 load printers = No local master = No wins server = 47.156.160.179 comment = "Samba %v server" include = /usr/local/samba/lib/smb.conf.shares.zrtps075 [export] comment = UAS/PTM/SNM VOB Storage path = /export valid users = @SPM_ADM_USERS, @IP_SERVICES_USERS, @UAS_PTM_SNM_USERS, @SCTP_USERS writeable = Yes directory mask = 0775 hosts allow = @SPM_ADM_HOSTS, @IP_SERVICES_HOSTS, @UAS_PTM_SNM_HOSTS, @SCTP_HOSTS, @UAS_PTM_SNM_VOB map archive = No oplocks = No [snm_npm_sircc] comment = SNM NPM sirCC software path = /export/vobstore/uas_ptm_snm01/SNM_NPM/snm_npm_SIRCC valid users = @SPM_ADM_USERS, @IP_SERVICES_USERS, @UAS_PTM_SNM_USERS, @SCTP_USERS writeable = Yes directory mask = 0775 hosts allow = @SPM_ADM_HOSTS, @IP_SERVICES_HOSTS, @UAS_PTM_SNM_HOSTS, @SCTP_HOSTS, @UAS_PTM_SNM_VOB map archive = No oplocks = No [perl_sircc] comment = ActiveState Perl for Windows NT/sirCC software path = /export/vobstore/uas_ptm_snm01/ntsw/Perl valid users = @SPM_ADM_USERS, @IP_SERVICES_USERS, @UAS_PTM_SNM_USERS, @SCTP_USERS writeable = Yes directory mask = 0775 hosts allow = @SPM_ADM_HOSTS, @IP_SERVICES_HOSTS, @UAS_PTM_SNM_HOSTS, @SCTP_HOSTS, @UAS_PTM_SNM_VOB map archive = No oplocks = No -- Eric M. Boehm boehm@nortelnetworks.com From gcarter at valinux.com Wed Nov 29 15:11:47 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:29 2003 Subject: Are there two PDC projects going / which one to use? References: <200011230313.WAA28863@sphmraaa.compuserve.com> Message-ID: <3A251CB3.F2CFDA49@valinux.com> Michael Lueck wrote: > > As far as I can tell from reading the pages at > samba.org, there is the fork in the source - a new > team working on the PDC code. So, what code does my new > Samba Unleashed book deal with - I would assume this > chunk of the code from samba.org. Who knows? That's Steve Litt's book right? (Hey Steve :) ) > As for people interested in either including Samba > servers into networks with an NT domain, or to replace > all NT servers with Samba servers (or in my case > never install one in the first place... coming from > WarpServer domains) - and allowing the PDC to live > on for security reasons with the NT/Win2K workstations.... > which way "should" one pick when it comes to this fork > in the tree? You can try wither project you like. Samba TNG is in development phases. Samba 2.2. is in alpha testing and we hope to have it out by the first of the year. My gut is to go with Samba unless you really want to spend time with TNG. Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From SavacoWB at Cobleskill.edu Wed Nov 29 15:40:07 2000 From: SavacoWB at Cobleskill.edu (Savacool, William B) Date: Tue Dec 2 02:32:29 2003 Subject: samba not starting (NT Domain) Message-ID: here is a copy of my smb.conf smamba loads, but won't let me putmyself on the NT domain What do i do? -------------- next part -------------- A non-text attachment was scrubbed... Name: smb.conf Type: application/octet-stream Size: 1520 bytes Desc: not available Url : http://lists.samba.org/archive/samba-ntdom/attachments/20001129/b19d83b0/smb.obj From gerry at mccb.org Wed Nov 29 05:29:06 2000 From: gerry at mccb.org (Gerry Kirk) Date: Tue Dec 2 02:32:29 2003 Subject: Samba server periodically missing from Network Neighbourhood Message-ID: <4.3.1.1.20001129112558.00afaa70@mail> Using 2.0.7 Yesterday, I removed our NT server and switched over to Samba as a PDC. It's been mostly a smooth transition, but I have noticed two things: 1. The Samba server periodically disappears from the list in Network Neighbourhood. I'll refresh the list and watch it pop in and out. 2. The logon script is not always executed. I wonder if this is related to the first problem. Has anyone else experienced this? Thanks, Gerry Information System Specialist, Mennonite Central Committee Bangladesh Registered Linux User # 193916 From mg at plum.de Tue Nov 28 20:00:54 2000 From: mg at plum.de (Michael Glauche) Date: Tue Dec 2 02:32:29 2003 Subject: Win2k joining 2.2 cvs from last night Nov 27, 2000 In-Reply-To: <20001128.16202500@ec-101-001.ecwebworks.com> Message-ID: <487678448.975445254@[10.1.1.2]> --On Dienstag, 28. November 2000 16:20 +0000 Marc Harding wrote: > I am working on getting a win2k pro machine to join a samba domain. I > have followed the FAQ, and been reading the list. I am unable to join > with various errors and problems. > > I am using RedHat 6.2 (all required patches) with the pam support. I was > wondering if I was using some incorrect configure options and this was > causing the errors. Can someone give me an example of a working > configure line? > > During the join process I see the workstation added to /etc/passwd and a > new line in the /etc/smbpasswd file as follows - > > > ec001$:502:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO > PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDW ]:LCT-3A230E1A: > > If anyone can help me, I would greatly appreciate it. I can also send > any other info required. [*D*} means the account is disabled. How did you add the machine account ? regards, Michael From mharding at ecwebworks.com Tue Nov 28 20:14:37 2000 From: mharding at ecwebworks.com (Marc Harding) Date: Tue Dec 2 02:32:29 2003 Subject: Win2k joining 2.2 cvs from last night Nov 27, 2000 In-Reply-To: <487678448.975445254@[10.1.1.2]> References: <487678448.975445254@[10.1.1.2]> Message-ID: <20001128.20143700@ec-101-001.ecwebworks.com> Exactly the same way as posted in the pre-release samba 2.2 PDC Howto, at http://www.samba.org/samba/docs/samba-pdc-howto.html. Marc Harding >>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<< On 11/28/00, 3:00:54 PM, Michael Glauche wrote regarding Re: Win2k joining 2.2 cvs from last night Nov 27, 2000 : > --On Dienstag, 28. November 2000 16:20 +0000 Marc Harding > wrote: > > I am working on getting a win2k pro machine to join a samba domain. I > > have followed the FAQ, and been reading the list. I am unable to join > > with various errors and problems. > > > > I am using RedHat 6.2 (all required patches) with the pam support. I was > > wondering if I was using some incorrect configure options and this was > > causing the errors. Can someone give me an example of a working > > configure line? > > > > During the join process I see the workstation added to /etc/passwd and a > > new line in the /etc/smbpasswd file as follows - > > > > > > ec001$:502:NO PASSWORDXXXXXXXXXXXXXXXXXXXXX:NO > > PASSWORDXXXXXXXXXXXXXXXXXXXXX:[NDW ]:LCT-3A230E1A: > > > > If anyone can help me, I would greatly appreciate it. I can also send > > any other info required. > [*D*} means the account is disabled. How did you add the machine > account ? > regards, > Michael From Bielenberg at t-online.de Wed Nov 29 23:29:45 2000 From: Bielenberg at t-online.de (=?iso-8859-1?Q?G=FCnter?= Bielenberg) Date: Tue Dec 2 02:32:29 2003 Subject: profile permission Message-ID: <3A259169.5C863577@t-online.de> hi all, I'm administering a NT-domain at a school of about 10 NT4-WSs with a Samba 2.07-Server running on Linux. We have a standard user named win, who has a server-stored mandatory profile. Everything worked (almost) fine until I saw that every user had full access to the profiles-directory. I changed it by setting the Unix-permissions as follows: drwx------ 10 root root 1024 Sep 26 21:39 . (home/profile) drwxrwxrwx 7 root root 1024 Jul 17 23:34 .. (home) drwx------ 14 root root 1024 Jul 17 23:35 root drwx------ 13 win ntuser 1024 Sep 14 23:49 win (home/profile/win) -rwx------ 1 win ntuser ntuser.man (home/profile/win/ntuser.man) in smb.conf [profile] I put browseable = no writeable = yes and now the most logins start with 'unable to find the server-stored profile, use the locally stored profile' (translated from german). In samba.log I find the following lines for one login: [2000/11/28 14:43:59, 0] smbd/service.c:make_connection(502) Can't change directory to /home/profile (Permission denied) [2000/11/28 14:43:59, 0] smbd/service.c:make_connection(502) Can't change directory to /home/profile (Permission denied) [2000/11/28 14:44:02, 0] smbd/service.c:make_connection(502) Can't change directory to /home/profile/win/scripts (Permission denied) [2000/11/28 14:44:04, 1] smbd/service.c:make_connection(550) snoopy-7 (192.168.11.7) connect to service win as user win (uid=504, gid=101) (pid 15414) [2000/11/28 14:44:05, 0] smbd/nttrans.c:call_nt_transact_ioctl(2516) call_nt_transact_ioctl: Currently not implemented. the user gets access to his home directory, but does not find my prepared mandatory profile but one by former pupils twisted local profile. What's going wrong here? regards G?nter Bielenberg From anders at aae.wisc.edu Wed Nov 29 12:17:11 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:29 2003 Subject: samba not starting (NT Domain) In-Reply-To: ; from SavacoWB@Cobleskill.edu on Wed, Nov 29, 2000 at 10:40:07AM -0500 References: Message-ID: <20001129181711.A3195@anders-ibm.dyn.dhs.org> More info please. what do you mean with put yourself in the NT domain? did you look at the FAQs/HOWTOs at samba.org? secondly, did you look at the samba log files? (stop samba, delete logfiles, see if samba fails, look at logfiles. If you can't see anything increase to debug level 5 or 10) If you then can't find the problem, attach the log-files, as it's impossible to tell where you'r problem is w/o them. --Anders On Wed, Nov 29, 2000 at 10:40:07AM -0500, Savacool, William B wrote: > > here is a copy of my smb.conf > smamba loads, but won't let me > putmyself on the NT domain > > What do i do? > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From rwilson at isd.co.san-bernardino.ca.us Thu Nov 30 00:34:59 2000 From: rwilson at isd.co.san-bernardino.ca.us (Wilson, Robert) Date: Tue Dec 2 02:32:29 2003 Subject: winbind Message-ID: <33A1752F02AED311AA70009027145CEC01E2CF75@sbc-msg-002.co.san-bernardino.ca.us> Has anyone run into this problem (hopefully I am emailing the correct list). I am using SuSE LINUX 7.0 Pro. and can see all my NT accounts and groups when I do a getent passwd or getent group. According to the documentation I should be able to login to LINUX using domain+username. When I try this I get the following error. Nov 29 14:39:06 isdfree2 pam_winbind[20885]: user 'NS+w1802' granted acces Nov 29 14:39:06 isdfree2 login[20885]: User not known to the underlying authenti cation module Any ideas? Also should I not be able to setup user access to share points based on the domain+username thing. I setup a share point and put NS+w1802 as the valid user and it just prompts for a user name and password. Thanks for anyhelp you can give. From longle at verisity.com Thu Nov 30 02:37:12 2000 From: longle at verisity.com (Long Le) Date: Tue Dec 2 02:32:29 2003 Subject: joining the list Message-ID: <3A25BD58.D3B7AA2E@verisity.com> Please give me the infomation about Samba and NT. How can I map between NT and unix machines Thanks Long Le From awilliam at whitemice.org Thu Nov 30 02:58:35 2000 From: awilliam at whitemice.org (Adam Williams) Date: Tue Dec 2 02:32:29 2003 Subject: "Domain Admin Users" with alpha1 In-Reply-To: <20001127.2423800@estate1.whitemice.org> References: <20001123200115.279177E44@lists.samba.org> <004101c055c2$dd00afc0$8d030201@smutu1> <20001124201005.F9966@id-pro.net> <20001127.2423800@estate1.whitemice.org> Message-ID: <20001130.2583500@estate1.whitemice.org> >I am running a Samba PDC with a CVS checkout from 11-23-2000 (alpha1) >controlling a Citrix Winframe 1.7 server. The server joins the domain >happily, and I can login. >1. It does however claim that I do not have domain admin privilages, even >though I am listed in "domain admin users=", which prevents me from >running "Application Configuration" and giving other users the right to >connect. >2. Another interesting note is that user names show up in triplicate in >the file manager when you go to grant rights to a local file (I found one >post about this, but it was very old.) > security = user > status = yes > workgroup = BACKBONE > netbios name = FINFOOT > wins server = 192.168.1.9 > encrypt passwords = yes > smb passwd file = /usr/local/samba-head/private/smbpasswd > domain logons = yes > logon script = %G.bat > domain admin users = root adam > domain admin group = @cis > guest account = pcnet > share modes=no > os level=165 > bind interfaces only = yes > interfaces = 192.168.1.16 127.0.0.1 > preferred master = Yes > domain master = Yes >This is 2.2 running bound to 192.168.1.16 (eth0:1) and the loopback >interface. A samba 2.0.7 is running bound to 192.168.1.9 (eth0:0) for >providing file/print services, it authenticates to the samba 2.2 process >just fine. Win9x logons work, etc... It would also appear that groups don't appear . . . is this normal? From marsaro at suse.com Tue Nov 28 20:26:46 2000 From: marsaro at suse.com (Jon Doyle) Date: Tue Dec 2 02:32:29 2003 Subject: Redhat 7.0 and Samba 2.2 In-Reply-To: <3.0.6.32.20001128102517.008b19d0@bioserve.latrobe.edu.au> Message-ID: On Tue, 28 Nov 2000, David Bannon wrote: > At 11:14 AM 27/11/2000 -0500, Phillip C Roberts wrote: > >I am preparing to make my first attempt at a Samba PDC. Is Redhat 7.0 a > >workable base or is 6.2 a better option? Any other hints or suggestions at > >my first attempt at a PDC would be greatly appreciated. This is quite true and the market response has indicated that all of the distributions really must pay particular attention to quality and engineering to push Linux in the Enterprise market for the US. There is really no time for gimics and marketing ploys, this is why SuSE has put linux in the Enterprise in Europe and here in the US. Have a look at this months Linux Magazine and read carfully what Linus has said. > > > I believe that RedHat jumped the gun a bit with gcc on 7.0 and included a > 'alpha release' that does a few things differently. See the gcc site for > details. I would stick to 6.2 and stick all the (appropriate) patches on > including the kernel one. The standard 6.2 kernel has some security bug and > further does not allow the current ssh to work. > > As a general rule, I find it better to wait for x.1 or x.2 with redhat... > > david > ------------------------------------------------------------ > David Bannon D.Bannon@latrobe.edu.au > School of Biochemistry Phone 61 03 9479 2197 > La Trobe University, Plenty Rd, Fax 61 03 9479 2467 > Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au > ------------------------------------------------------------ > ..... Humpty Dumpty was pushed ! > > Regards, Jon ______________________ Jon R. Doyle SuSE Linux Inc. Director of Professional Services 580 Second Street, Suite 210 Oakland, Ca. 94607 + 510 - 628 - 3380 ext. 5068 www.suse.com ______________________ That which does not appear to exist is to be regarded as if it did not exist. California Civil Code, "Maxims of Jurisprudence" From anders at aae.wisc.edu Tue Nov 28 08:55:32 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:29 2003 Subject: Creating a share on a Windows 9x machine In-Reply-To: <4.3.1.1.20001128215555.00b0eb30@mail>; from gerry@mccb.org on Tue, Nov 28, 2000 at 09:58:25PM +0600 References: <4.3.1.1.20001128215555.00b0eb30@mail> Message-ID: <20001128145532.B2918@anders-ibm.dyn.dhs.org> On Tue, Nov 28, 2000 at 09:58:25PM +0600, Gerry Kirk wrote: > Before resorting to posting, I searched endlessly for an answer to this > question. > > My question is what type of sharing is possible from a Win 9x machine with > Samba 2.0.7 as the network PDC? > > I am able to create Share-level shares, but not User-level shares. > > Is this what I should expect? Yes. > Thanks, > Gerry > > Information System Specialist, > Mennonite Central Committee > Bangladesh > Registered Linux User # 193916 > -- --Anders From David.M.Bertenthal at LRP02.USACE.ARMY.MIL Tue Nov 28 21:27:59 2000 From: David.M.Bertenthal at LRP02.USACE.ARMY.MIL (Bertenthal, David M LRP Contractor) Date: Tue Dec 2 02:32:29 2003 Subject: sharing resources on local mahines Message-ID: <5FE2915EBB99D21188B300805FA7B91702E5EBC7@lrpmail02.lrp.usace.army.mil> Can samba any version, keep a list of users so that other local machines can add users to there shared list and share there local resources, eg, harddrive or cdrom? David M. Bertenthal US Army Corps of Engineers [USACE Help Desk Pittsburgh District] David.m.bertenthal@usace.amry.mil Phone: (412) 395-7484 Fax: (412) 644-2811 -------------- next part -------------- HTML attachment scrubbed and removed From C.Ehrke at allweiler.de Thu Nov 30 10:39:00 2000 From: C.Ehrke at allweiler.de (Ehrke, Christian) Date: Tue Dec 2 02:32:29 2003 Subject: smb_panic(2381) Message-ID: Hello, we have some problems with Samba (2.0.7) running on HP-UX 10.20 at runtime and have to solve them urgent. During runtime I can see problems in logfiles (/usr/local/samba/var/log.*) of many (not all) of our Windows clients. It seems that some clients loose their connection to a shared disk, but get it back later and so on. Anyway, users be able work if they want to access to the shared disk. Sample logfile: -------------------- [2000/11/30 07:36:52, 0] lib/util_sec.c:assert_gid(72) Failed to set gid privileges to (-1,-24) now set to (0,0) uid=(0,0) [2000/11/30 07:36:52, 0] lib/util.c:smb_panic(2381) PANIC: failed to set gid [2000/11/30 07:37:02, 0] lib/util_sec.c:assert_gid(72) Failed to set gid privileges to (-1,-24) now set to (0,0) uid=(0,0) [2000/11/30 07:37:02, 0] lib/util.c:smb_panic(2381) PANIC: failed to set gid [2000/11/30 07:40:39, 1] smbd/service.c:make_connection(550) oexle (10.1.1.181) connect to service disk3 as user pcunix (uid=125, gid=20) (pid 7640) [2000/11/30 08:29:38, 0] lib/util_sec.c:assert_gid(72) Failed to set gid privileges to (-1,-24) now set to (0,0) uid=(0,0) [2000/11/30 08:29:38, 0] lib/util.c:smb_panic(2381) PANIC: failed to set gid [2000/11/30 08:29:40, 1] smbd/service.c:make_connection(550) oexle (10.1.1.181) connect to service disk3 as user pcunix (uid=125, gid=20) (pid 9262) [2000/11/30 08:29:40, 0] smbd/nttrans.c:call_nt_transact_ioctl(2516) call_nt_transact_ioctl: Currently not implemented. smb.conf: ------------- [global] workgroup = OurDomain server string = SmbServer Samba Server log file = /usr/local/samba/var/log.%m max log size = 50 security = domain password server = PwSvr1 PwSvr2 encrypt passwords = yes socket options = TCP_NODELAY local master = no domain master = no domain logons = no username map = /usr/local/samba/private/domainuser.mapping wins support = no wins server = 10.1.2.60 dns proxy = no [disk3] comment = Shared disk for Unix and Windows users path = /disk3 read only = no writable = yes public = yes security mask = 0777 force security mask = 0 directory mask = 0777 force directory mask = 0 create mode = 0775 Runtime environment: ------------------------------ PDC: Windows NT 4 Server Clients: Windows NT 4.0 Workstations Samba Server: HP Workstation, HP-UX 10.20 Samba Version: 2.0.7; compiled on that Server with gcc Mit freundlichem Gru? / Kind regards Christian Ehrke, Abt./Dept. ZOS Organisation/Informationsystems ALLWEILER AG A Member of the COLFAX PUMP GROUP Postfach 1140 . 78301 Radolfzell Allweilerstra?e 1 . 78315 Radolfzell Germany Tel. +49 (0)7732 86-509 Fax +49 ((0)7732 86-552, 86-99509 E-mail: C.Ehrke@allweiler.de http://www.allweiler.com From milo at vision.eye.medizin.uni-tuebingen.de Thu Nov 30 12:43:15 2000 From: milo at vision.eye.medizin.uni-tuebingen.de (Milo Mittag) Date: Tue Dec 2 02:32:29 2003 Subject: Samba 2.2 and Domain Admins Message-ID: <4.1.20001130133329.00a18e68@vision.eye.medizin.uni-tuebingen.de> hi all, i have cvs'ed a version of samba 2.2.0alpha1 and wanted to add me to the Domain Admins in the smb.conf, but i cant see any administrative privileges then. (i cant change network-setting, i cant unlock a locked session and so on) so i wanted to ask, if this feature is not yet implemented, because as i read the samba 2.2 as a pdc faq it was in the "things we can do" section... thanks a lot for your help milo PS i use samba 2.2.0alpha1 from Nov-28-2000 and W2K with SP1 From David.M.Bertenthal at LRP02.USACE.ARMY.MIL Tue Nov 28 21:27:59 2000 From: David.M.Bertenthal at LRP02.USACE.ARMY.MIL (Bertenthal, David M LRP Contractor) Date: Tue Dec 2 02:32:29 2003 Subject: sharing resources on local mahines Message-ID: <5FE2915EBB99D21188B300805FA7B91702E5EBC7@lrpmail02.lrp.usace.army.mil> Can samba any version, keep a list of users so that other local machines can add users to there shared list and share there local resources, eg, harddrive or cdrom? David M. Bertenthal US Army Corps of Engineers [USACE Help Desk Pittsburgh District] David.m.bertenthal@usace.amry.mil Phone: (412) 395-7484 Fax: (412) 644-2811 -------------- next part -------------- HTML attachment scrubbed and removed From ecosta at wamnet.com Wed Nov 29 09:10:40 2000 From: ecosta at wamnet.com (Edoardo Costa) Date: Tue Dec 2 02:32:29 2003 Subject: Sync passwords for NT/Linux/SMB Message-ID: <005201c059e4$3f82b4c0$c7011fac@wamnet.com> Hi all, I'm running samba-2.0.7 as a file/print server. The PDC is an NT4 box (for now) and my workstation is also NT4 (for now as well). I might be pushing it a bit 'cause I found no trace of this over the net. I'm looking for a tool/script that would synchronise the changes I make to my NT password to the Linux/smb password files so that I don't have to telnet into my Linux box to reflect the changes I made. Any info would be greatly appreciated :) Ed. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= It was quiet... too quiet. Then it was loud... too loud. Quiet again... too quiet. And once more, loud... way too loud. "Damn snooze button," I mumbled to myself as I got out of bed and checked the time: late... too late. -------------- next part -------------- HTML attachment scrubbed and removed From bgmilne at cae.co.za Wed Nov 29 09:43:06 2000 From: bgmilne at cae.co.za (Buchan Milne) Date: Tue Dec 2 02:32:29 2003 Subject: Creating a share on a Windows 9x machine References: <4.3.1.1.20001128215555.00b0eb30@mail> Message-ID: <3A24CFAA.9030903@cae.co.za> This is mentioned in some of the documentation. Apparently this will be working in samba 2.2.0 (although this might just be a rumour) Buchan Gerry Kirk wrote: > Before resorting to posting, I searched endlessly for an answer to > this question. > > My question is what type of sharing is possible from a Win 9x machine > with Samba 2.0.7 as the network PDC? > > I am able to create Share-level shares, but not User-level shares. > > Is this what I should expect? > > Thanks, > Gerry > > Information System Specialist, > Mennonite Central Committee > Bangladesh > Registered Linux User # 193916 > > From benoit.geslot at bde.espci.fr Wed Nov 29 21:58:24 2000 From: benoit.geslot at bde.espci.fr (Benoit Geslot) Date: Tue Dec 2 02:32:29 2003 Subject: domain admin users Message-ID: <3A257C00.FCBB8D17@bde.espci.fr> Hello, I would like to know where I can find some information about the following EXPERIMENTAL smb.conf options: - domain admin users - domain admin group which are not described in the samba TNG 2.5 documentation. Thanks Benoit Geslot From dqpr10 at canal-plus.fr Thu Nov 30 08:24:57 2000 From: dqpr10 at canal-plus.fr (dqpr10@canal-plus.fr) Date: Tue Dec 2 02:32:29 2003 Subject: samba not starting (NT Domain) References: Message-ID: <3A260ED9.1C50FAF6@canal-plus.fr> You need to create a computer account for your Samba machine into your domain (using server manager for domains). Then, your Samba machine needs to join the domain: smbpasswd -j -m Ben. SavacoWB@cobleskill.edu wrote: > > here is a copy of my smb.conf > smamba loads, but won't let me > putmyself on the NT domain > > What do i do? > > ------------------------------------------------------------------------ > Name: smb.conf > smb.conf Type: unspecified type (application/octet-stream) > Encoding: quoted-printable -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =- Benoit Boudeville | CANAL+ Technologies -= -= Computer System Engineer | 34, place Raoul Dautry =- =- mailto:bboudev@canal-plus.fr | 75516 Paris Cedex 15 -= -= Tel: 01.71.71.55.83 | Fax: 01.71.71.55.77 =- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- From gcarter at valinux.com Thu Nov 30 14:07:49 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:29 2003 Subject: winbind References: <33A1752F02AED311AA70009027145CEC01E2CF75@sbc-msg-002.co.san-bernardino.ca.us> Message-ID: <3A265F35.44BA5D32@valinux.com> "Wilson, Robert" wrote: > > Nov 29 14:39:06 isdfree2 pam_winbind[20885]: > user 'NS+w1802' granted access > Nov 29 14:39:06 isdfree2 login[20885]: User not known > to the underlying authentication module Check the permmissions on nss_winbind (that they allow read by world). Send your /etc/pam.d/login file (and any other relavant files). Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Thu Nov 30 15:11:08 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:30 2003 Subject: NIS, Trust Relationships, Home Drives, and Password Changing References: Message-ID: <3A266E0C.FD897B0@valinux.com> jbrown@hlmc.com wrote: > > I was wondering if NIS was the best solution for > system security structure (sharing out smbpasswd > and /etc/passwd, /etc/groups), Use NIS (or another directory service such as LDAP) to distribute /etc/passwd. Do not put smbpasswd in NIS. Bad idea. :-) Use rsync over ssh to distribute smbpasswd files. > I am also having a problem with home drives. The > home drive settings are in the smb.conf (all three of them), > but when I execute a net use * /HOME it says invalid > path specified. When browsing, I do see the (username) > share that is the home drive (a subdirectory of the > unix home drive). Send me you [homes] section from smb.conf > Also, I cannot change the password from a user level. If > I execute smbpasswd (username) from root, I have no > problem. But, when I execute smbpasswd from the user > level, it says that my previous password was invalid > (maybe there needs to be a certain file permission on > the smbpasswd file, or setuid on the smbpasswd > executable?). When trying to change the password from > a windows client, I get the same results. try upping the debug level (on the smbpasswd command line and on the server to track this one down). > And finally, with samba-tng, is it possible to setup > a domain trust relationship. This relationship would > be established so that all users of the Terminal Server > would have group access on the Samba servers (ie - a > user map to force the user to a generic account named > tsuser on the Unix Machine), or better yet, to control > access by Global Groups on the Terminal Server Domain. SAMBA_TNG is now run by the TNG (i like the name TaNGo) project. The software is in development stages. I think Luke had some initial musings of trust relationships, but I have not idea how stable it was. > PS - I would like to thank all the developers out > there that work hard on samba. It's a great application, > and I'm sure most unix nutz appreciate having it. You're quite welcome :-) -- Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From gcarter at valinux.com Thu Nov 30 15:12:16 2000 From: gcarter at valinux.com (Gerald Carter) Date: Tue Dec 2 02:32:30 2003 Subject: Winbind References: Message-ID: <3A266E50.215E0CF3@valinux.com> Adam Read wrote: > > Ok, despirate times call for.. a helping hand: > I am trying to get a samba server off the ground. I > want winbind to work, so I don't have to make local accounts > for the ~1000 users we currently have. It will be a > print server only. I like what I hear about the newest > alpha about NT printing, but I would be happy to get > winbind working on anything. I am running mandrake > corporate server 1.0. Which is(I believe) based on RH > 6.2. If someone could give me step-by-step info I > would appreciate it, or at least step-by-step installs of > Winbind. Have you read the winbind man page? I think there are some examples in there. btw...you can grab the winbind appliance source tarball from ftp://ftp.samba.org/pub/samba/appliance Cheers, jerry ---------------------------------------------------------------------- /\ Gerald (Jerry) Carter Professional Services \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com http://www.samba.org/ SAMBA Team jerry@samba.org http://www.plainjoe.org/ jerry@plainjoe.org "...a hundred billion castaways looking for a home." - Sting "Message in a Bottle" ( 1979 ) From anders at aae.wisc.edu Thu Nov 30 18:41:09 2000 From: anders at aae.wisc.edu (Anders C. Thorsen) Date: Tue Dec 2 02:32:30 2003 Subject: Trusted domains support in 2.2? In-Reply-To: <001301c059ee$88e2b020$21c9ca95@mow.siemens.ru>; from Andrej.Borsenkow@mow.siemens.ru on Wed, Nov 29, 2000 at 01:24:19PM +0300 References: <001301c059ee$88e2b020$21c9ca95@mow.siemens.ru> Message-ID: <20001201004109.A732@anders-ibm.dyn.dhs.org> No. Samba 2.2 does not support that. (see the "Developement/Roadmap" Pages on samba.org) Altough samba 2.2 can be tricked into creating a trust reation account, it won't work wery well. domain1\user doamin2\user here user in both domains would be interpeted as the same user.. To make it short: don't try it :) --Anders On Wed, Nov 29, 2000 at 01:24:19PM +0300, Andrej Borsenkow wrote: > Will 2.2 support trusted domains? What I mean is - mapping domain1\user and > domnain2\user to different Unix user names. > > Casual stidy of smbd/reply.c indicates, that code has not changed since 2.0. > Is it planned? > > -andrej > > Have a nice DOS! > B >> > -- --Anders Anders C. Thorsen PGP Key: http://www.aae.wisc.edu/~anders/anders-pgp.asc ---------------------------------------- Only two things are infinite. The universe and human stupidity. Although, I am unsure of the former. Albert Einstein From b.drijver at nyenrode.nl Tue Nov 14 11:11:59 2000 From: b.drijver at nyenrode.nl (Bart Drijver) Date: Tue Dec 2 02:32:44 2003 Subject: W2K-Terminal Server vs Samba 2.0.7 In-Reply-To: <3A37F04D.56391347@valinux.com> Message-ID: <200012141115.MAA11489@bordeaux.nyenrode.nl> On 13 Dec 00, at 15:55, Gerald Carter wrote: > Fixed. Thanks for pointing this out > What exactly do you mean by 'Fixed': do you mean you fixed the W2K-TS vs Samba problem?, because this suggested Reg-key didn't work for me! Is there anyone who knows how to make this Reg-key which works on NT4-TS but NOT on W2K with TS????????????????????????? Bart Drijver > > > Andrew Cherry wrote: > > > > As another data point, it appears as if the REG file > > WindowsTerminalServer.reg included in the docs subdirectory of the > > Samba dist is incorrect. It reads: > > > > ----------------- > > REGEDIT4 > > > > ;Subject: Registry file to force multiple NT terminal server > > users to have > > their own connections. > > > > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Rdr\Parameters > > ] "MultipleUsersOnConnection"=dword:00000001 ----------------- > > > > This really should be "dword:00000000" -- otherwise, it has the > > opposite of the desired effect! The default value is 0x1, which > > multiplexes all of the WTS users across a single SMB connection. > > > > I don't know if this registry key applies to Win2K Terminal > > Services, though.. my only experience is with the NT 4.0 Windows > > Terminal Server. > > > > -Andrew Cherry > > -- > ---------------------------------------------------------------------- > /\ Gerald (Jerry) Carter Professional Services > \/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com > http://www.samba.org/ SAMBA Team jerry@samba.org > http://www.plainjoe.org/ jerry@plainjoe.org > > "...a hundred billion castaways looking for a home." > - Sting "Message in a Bottle" ( 1979 )